src/HOL/Bali/Evaln.thy
author berghofe
Wed Jul 11 11:16:34 2007 +0200 (2007-07-11)
changeset 23747 b07cff284683
parent 23350 50c5b0912a0c
child 24019 67bde7cfcf10
permissions -rw-r--r--
Renamed inductive2 to inductive.
wenzelm@12857
     1
(*  Title:      HOL/Bali/Evaln.thy
schirmer@12854
     2
    ID:         $Id$
schirmer@12925
     3
    Author:     David von Oheimb and Norbert Schirmer
schirmer@12854
     4
*)
schirmer@12854
     5
header {* Operational evaluation (big-step) semantics of Java expressions and 
schirmer@12854
     6
          statements
schirmer@12854
     7
*}
schirmer@12854
     8
haftmann@16417
     9
theory Evaln imports TypeSafe begin
schirmer@13688
    10
schirmer@12854
    11
schirmer@12854
    12
text {*
schirmer@13688
    13
Variant of @{term eval} relation with counter for bounded recursive depth. 
schirmer@13688
    14
In principal @{term evaln} could replace @{term eval}.
schirmer@13688
    15
schirmer@13688
    16
Validity of the axiomatic semantics builds on @{term evaln}. 
schirmer@13688
    17
For recursive method calls the axiomatic semantics rule assumes the method ok 
schirmer@13688
    18
to derive a proof for the body. To prove the method rule sound we need to 
schirmer@13688
    19
perform induction on the recursion depth. 
schirmer@13688
    20
For the completeness proof of the axiomatic semantics the notion of the most
schirmer@13688
    21
general formula is used. The most general formula right now builds on the 
schirmer@13688
    22
ordinary evaluation relation @{term eval}. 
schirmer@13688
    23
So sometimes we have to switch between @{term evaln} and @{term eval} and vice 
schirmer@13688
    24
versa. To make
schirmer@13688
    25
this switch easy @{term evaln} also does all the technical accessibility tests 
schirmer@13688
    26
@{term check_field_access} and @{term check_method_access} like @{term eval}. 
schirmer@13688
    27
If it would omit them @{term evaln} and @{term eval} would only be equivalent 
schirmer@13688
    28
for welltyped, and definitely assigned terms.
schirmer@12854
    29
*}
schirmer@12854
    30
berghofe@23747
    31
inductive
berghofe@21765
    32
  evaln	:: "[prog, state, term, nat, vals, state] \<Rightarrow> bool"
berghofe@21765
    33
    ("_\<turnstile>_ \<midarrow>_\<succ>\<midarrow>_\<rightarrow> '(_, _')" [61,61,80,61,0,0] 60)
berghofe@21765
    34
  and evarn :: "[prog, state, var, vvar, nat, state] \<Rightarrow> bool"
berghofe@21765
    35
    ("_\<turnstile>_ \<midarrow>_=\<succ>_\<midarrow>_\<rightarrow> _" [61,61,90,61,61,61] 60)
berghofe@21765
    36
  and eval_n:: "[prog, state, expr, val, nat, state] \<Rightarrow> bool"
berghofe@21765
    37
    ("_\<turnstile>_ \<midarrow>_-\<succ>_\<midarrow>_\<rightarrow> _" [61,61,80,61,61,61] 60)
berghofe@21765
    38
  and evalsn :: "[prog, state, expr list, val  list, nat, state] \<Rightarrow> bool"
berghofe@21765
    39
    ("_\<turnstile>_ \<midarrow>_\<doteq>\<succ>_\<midarrow>_\<rightarrow> _" [61,61,61,61,61,61] 60)
berghofe@21765
    40
  and execn	:: "[prog, state, stmt, nat, state] \<Rightarrow> bool"
berghofe@21765
    41
    ("_\<turnstile>_ \<midarrow>_\<midarrow>_\<rightarrow> _"     [61,61,65,   61,61] 60)
berghofe@21765
    42
  for G :: prog
berghofe@21765
    43
where
schirmer@12854
    44
berghofe@21765
    45
  "G\<turnstile>s \<midarrow>c     \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In1r  c\<succ>\<midarrow>n\<rightarrow> (\<diamondsuit>    ,  s')"
berghofe@21765
    46
| "G\<turnstile>s \<midarrow>e-\<succ>v  \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In1l e\<succ>\<midarrow>n\<rightarrow> (In1 v ,  s')"
berghofe@21765
    47
| "G\<turnstile>s \<midarrow>e=\<succ>vf \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In2  e\<succ>\<midarrow>n\<rightarrow> (In2 vf,  s')"
berghofe@21765
    48
| "G\<turnstile>s \<midarrow>e\<doteq>\<succ>v  \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In3  e\<succ>\<midarrow>n\<rightarrow> (In3 v ,  s')"
schirmer@12854
    49
schirmer@13688
    50
--{* propagation of abrupt completion *}
schirmer@12854
    51
berghofe@21765
    52
| Abrupt:   "G\<turnstile>(Some xc,s) \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (arbitrary3 t,(Some xc,s))"
schirmer@12854
    53
schirmer@12854
    54
schirmer@13688
    55
--{* evaluation of variables *}
schirmer@12854
    56
berghofe@21765
    57
| LVar:	"G\<turnstile>Norm s \<midarrow>LVar vn=\<succ>lvar vn s\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    58
berghofe@21765
    59
| FVar:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>Init statDeclC\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>e-\<succ>a\<midarrow>n\<rightarrow> s2;
schirmer@13688
    60
	  (v,s2') = fvar statDeclC stat fn a s2;
schirmer@13688
    61
          s3 = check_field_access G accC statDeclC fn stat a s2'\<rbrakk> \<Longrightarrow>
schirmer@13688
    62
	  G\<turnstile>Norm s0 \<midarrow>{accC,statDeclC,stat}e..fn=\<succ>v\<midarrow>n\<rightarrow> s3"
schirmer@12854
    63
berghofe@21765
    64
| AVar:	"\<lbrakk>G\<turnstile> Norm s0 \<midarrow>e1-\<succ>a\<midarrow>n\<rightarrow> s1 ; G\<turnstile>s1 \<midarrow>e2-\<succ>i\<midarrow>n\<rightarrow> s2; 
schirmer@12854
    65
	  (v,s2') = avar G i a s2\<rbrakk> \<Longrightarrow>
schirmer@12854
    66
	              G\<turnstile>Norm s0 \<midarrow>e1.[e2]=\<succ>v\<midarrow>n\<rightarrow> s2'"
schirmer@12854
    67
schirmer@12854
    68
schirmer@12854
    69
schirmer@12854
    70
schirmer@13688
    71
--{* evaluation of expressions *}
schirmer@12854
    72
berghofe@21765
    73
| NewC:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s1;
schirmer@12854
    74
	  G\<turnstile>     s1 \<midarrow>halloc (CInst C)\<succ>a\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
    75
	                          G\<turnstile>Norm s0 \<midarrow>NewC C-\<succ>Addr a\<midarrow>n\<rightarrow> s2"
schirmer@12854
    76
berghofe@21765
    77
| NewA:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>init_comp_ty T\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>e-\<succ>i'\<midarrow>n\<rightarrow> s2; 
schirmer@12854
    78
	  G\<turnstile>abupd (check_neg i') s2 \<midarrow>halloc (Arr T (the_Intg i'))\<succ>a\<rightarrow> s3\<rbrakk> \<Longrightarrow>
schirmer@12854
    79
	                        G\<turnstile>Norm s0 \<midarrow>New T[e]-\<succ>Addr a\<midarrow>n\<rightarrow> s3"
schirmer@12854
    80
berghofe@21765
    81
| Cast:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1;
schirmer@12854
    82
	  s2 = abupd (raise_if (\<not>G,snd s1\<turnstile>v fits T) ClassCast) s1\<rbrakk> \<Longrightarrow>
schirmer@12854
    83
			        G\<turnstile>Norm s0 \<midarrow>Cast T e-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@12854
    84
berghofe@21765
    85
| Inst:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1;
schirmer@12854
    86
	  b = (v\<noteq>Null \<and> G,store s1\<turnstile>v fits RefT T)\<rbrakk> \<Longrightarrow>
schirmer@12854
    87
			      G\<turnstile>Norm s0 \<midarrow>e InstOf T-\<succ>Bool b\<midarrow>n\<rightarrow> s1"
schirmer@12854
    88
berghofe@21765
    89
| Lit:			   "G\<turnstile>Norm s \<midarrow>Lit v-\<succ>v\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    90
berghofe@21765
    91
| UnOp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> 
schirmer@13337
    92
         \<Longrightarrow> G\<turnstile>Norm s0 \<midarrow>UnOp unop e-\<succ>(eval_unop unop v)\<midarrow>n\<rightarrow> s1"
schirmer@13337
    93
berghofe@21765
    94
| BinOp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e1-\<succ>v1\<midarrow>n\<rightarrow> s1; 
schirmer@13384
    95
           G\<turnstile>s1 \<midarrow>(if need_second_arg binop v1 then (In1l e2) else (In1r Skip))
schirmer@13384
    96
            \<succ>\<midarrow>n\<rightarrow> (In1 v2,s2)\<rbrakk> 
schirmer@13337
    97
         \<Longrightarrow> G\<turnstile>Norm s0 \<midarrow>BinOp binop e1 e2-\<succ>(eval_binop binop v1 v2)\<midarrow>n\<rightarrow> s2"
schirmer@13337
    98
berghofe@21765
    99
| Super:		   "G\<turnstile>Norm s \<midarrow>Super-\<succ>val_this s\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
   100
berghofe@21765
   101
| Acc:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>va=\<succ>(v,f)\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   102
	                          G\<turnstile>Norm s0 \<midarrow>Acc va-\<succ>v\<midarrow>n\<rightarrow> s1"
schirmer@12854
   103
berghofe@21765
   104
| Ass:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>va=\<succ>(w,f)\<midarrow>n\<rightarrow> s1;
schirmer@12854
   105
          G\<turnstile>     s1 \<midarrow>e-\<succ>v     \<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   106
				   G\<turnstile>Norm s0 \<midarrow>va:=e-\<succ>v\<midarrow>n\<rightarrow> assign f v s2"
schirmer@12854
   107
berghofe@21765
   108
| Cond:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e0-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@12854
   109
          G\<turnstile>     s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   110
			    G\<turnstile>Norm s0 \<midarrow>e0 ? e1 : e2-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@12854
   111
berghofe@21765
   112
| Call:	
schirmer@12854
   113
  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>args\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s2;
schirmer@12854
   114
    D = invocation_declclass G mode (store s2) a' statT \<lparr>name=mn,parTs=pTs\<rparr>; 
schirmer@13688
   115
    s3=init_lvars G D \<lparr>name=mn,parTs=pTs\<rparr> mode a' vs s2;
schirmer@13688
   116
    s3' = check_method_access G accC statT mode \<lparr>name=mn,parTs=pTs\<rparr> a' s3;
schirmer@13688
   117
    G\<turnstile>s3'\<midarrow>Methd D \<lparr>name=mn,parTs=pTs\<rparr>-\<succ>v\<midarrow>n\<rightarrow> s4
schirmer@13688
   118
   \<rbrakk>
schirmer@12925
   119
   \<Longrightarrow> 
schirmer@13688
   120
    G\<turnstile>Norm s0 \<midarrow>{accC,statT,mode}e\<cdot>mn({pTs}args)-\<succ>v\<midarrow>n\<rightarrow> (restore_lvars s2 s4)"
schirmer@12854
   121
berghofe@21765
   122
| Methd:"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>body G D sig-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   123
				G\<turnstile>Norm s0 \<midarrow>Methd D sig-\<succ>v\<midarrow>Suc n\<rightarrow> s1"
schirmer@12854
   124
berghofe@21765
   125
| Body:	"\<lbrakk>G\<turnstile>Norm s0\<midarrow>Init D\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>c\<midarrow>n\<rightarrow> s2;
schirmer@13688
   126
          s3 = (if (\<exists> l. abrupt s2 = Some (Jump (Break l)) \<or>  
schirmer@13688
   127
                         abrupt s2 = Some (Jump (Cont l)))
schirmer@13688
   128
                  then abupd (\<lambda> x. Some (Error CrossMethodJump)) s2 
schirmer@13688
   129
                  else s2)\<rbrakk>\<Longrightarrow>
schirmer@13337
   130
         G\<turnstile>Norm s0 \<midarrow>Body D c
schirmer@13688
   131
          -\<succ>the (locals (store s2) Result)\<midarrow>n\<rightarrow>abupd (absorb Ret) s3"
schirmer@12854
   132
schirmer@13688
   133
--{* evaluation of expression lists *}
schirmer@12854
   134
berghofe@21765
   135
| Nil:
schirmer@12854
   136
				"G\<turnstile>Norm s0 \<midarrow>[]\<doteq>\<succ>[]\<midarrow>n\<rightarrow> Norm s0"
schirmer@12854
   137
berghofe@21765
   138
| Cons:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e -\<succ> v \<midarrow>n\<rightarrow> s1;
schirmer@12854
   139
          G\<turnstile>     s1 \<midarrow>es\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   140
			     G\<turnstile>Norm s0 \<midarrow>e#es\<doteq>\<succ>v#vs\<midarrow>n\<rightarrow> s2"
schirmer@12854
   141
schirmer@12854
   142
schirmer@13688
   143
--{* execution of statements *}
schirmer@12854
   144
berghofe@21765
   145
| Skip:	 			    "G\<turnstile>Norm s \<midarrow>Skip\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
   146
berghofe@21765
   147
| Expr:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   148
				  G\<turnstile>Norm s0 \<midarrow>Expr e\<midarrow>n\<rightarrow> s1"
schirmer@12854
   149
berghofe@21765
   150
| Lab:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c \<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@13337
   151
                             G\<turnstile>Norm s0 \<midarrow>l\<bullet> c\<midarrow>n\<rightarrow> abupd (absorb l) s1"
schirmer@12854
   152
berghofe@21765
   153
| Comp:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1 \<midarrow>n\<rightarrow> s1;
schirmer@12854
   154
	  G\<turnstile>     s1 \<midarrow>c2 \<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   155
				 G\<turnstile>Norm s0 \<midarrow>c1;; c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   156
berghofe@21765
   157
| If:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@12854
   158
	  G\<turnstile>     s1\<midarrow>(if the_Bool b then c1 else c2)\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   159
		       G\<turnstile>Norm s0 \<midarrow>If(e) c1 Else c2 \<midarrow>n\<rightarrow> s2"
schirmer@12854
   160
berghofe@21765
   161
| Loop:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@13688
   162
	  if the_Bool b 
schirmer@12854
   163
             then (G\<turnstile>s1 \<midarrow>c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12854
   164
                   G\<turnstile>(abupd (absorb (Cont l)) s2) \<midarrow>l\<bullet> While(e) c\<midarrow>n\<rightarrow> s3)
schirmer@12854
   165
	     else s3 = s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   166
			      G\<turnstile>Norm s0 \<midarrow>l\<bullet> While(e) c\<midarrow>n\<rightarrow> s3"
schirmer@12854
   167
  
berghofe@21765
   168
| Jmp: "G\<turnstile>Norm s \<midarrow>Jmp j\<midarrow>n\<rightarrow> (Some (Jump j), s)"
schirmer@12854
   169
  
berghofe@21765
   170
| Throw:"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   171
				 G\<turnstile>Norm s0 \<midarrow>Throw e\<midarrow>n\<rightarrow> abupd (throw a') s1"
schirmer@12854
   172
berghofe@21765
   173
| Try:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2;
schirmer@12854
   174
	  if G,s2\<turnstile>catch tn then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<midarrow>n\<rightarrow> s3 else s3 = s2\<rbrakk>
schirmer@12854
   175
          \<Longrightarrow>
schirmer@12854
   176
		  G\<turnstile>Norm s0 \<midarrow>Try c1 Catch(tn vn) c2\<midarrow>n\<rightarrow> s3"
schirmer@12854
   177
berghofe@21765
   178
| Fin:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n\<rightarrow> (x1,s1);
schirmer@13688
   179
	  G\<turnstile>Norm s1 \<midarrow>c2\<midarrow>n\<rightarrow> s2;
schirmer@13688
   180
          s3=(if (\<exists> err. x1=Some (Error err)) 
schirmer@13688
   181
              then (x1,s1) 
schirmer@13688
   182
              else abupd (abrupt_if (x1\<noteq>None) x1) s2)\<rbrakk> \<Longrightarrow>
schirmer@13688
   183
              G\<turnstile>Norm s0 \<midarrow>c1 Finally c2\<midarrow>n\<rightarrow> s3"
schirmer@12854
   184
  
berghofe@21765
   185
| Init:	"\<lbrakk>the (class G C) = c;
schirmer@12854
   186
	  if inited C (globs s0) then s3 = Norm s0
schirmer@12854
   187
	  else (G\<turnstile>Norm (init_class_obj G C s0)
schirmer@12854
   188
	          \<midarrow>(if C = Object then Skip else Init (super c))\<midarrow>n\<rightarrow> s1 \<and>
schirmer@12854
   189
	        G\<turnstile>set_lvars empty s1 \<midarrow>init c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12854
   190
                s3 = restore_lvars s1 s2)\<rbrakk>
schirmer@12854
   191
          \<Longrightarrow>
schirmer@12854
   192
		 G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s3"
schirmer@12854
   193
monos
haftmann@22218
   194
  if_bool_eq_conj
schirmer@12854
   195
schirmer@12854
   196
schirmer@12854
   197
declare split_if     [split del] split_if_asm     [split del]
schirmer@12854
   198
        option.split [split del] option.split_asm [split del]
schirmer@13688
   199
        not_None_eq [simp del] 
schirmer@13688
   200
        split_paired_All [simp del] split_paired_Ex [simp del]
schirmer@13688
   201
ML_setup {*
wenzelm@17876
   202
change_simpset (fn ss => ss delloop "split_all_tac");
schirmer@13688
   203
*}
berghofe@23747
   204
inductive_cases evaln_cases: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v, s')"
schirmer@12854
   205
berghofe@23747
   206
inductive_cases evaln_elim_cases:
berghofe@21765
   207
	"G\<turnstile>(Some xc, s) \<midarrow>t                        \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   208
	"G\<turnstile>Norm s \<midarrow>In1r Skip                      \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   209
        "G\<turnstile>Norm s \<midarrow>In1r (Jmp j)                   \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   210
        "G\<turnstile>Norm s \<midarrow>In1r (l\<bullet> c)                    \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   211
	"G\<turnstile>Norm s \<midarrow>In3  ([])                      \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   212
	"G\<turnstile>Norm s \<midarrow>In3  (e#es)                    \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   213
	"G\<turnstile>Norm s \<midarrow>In1l (Lit w)                   \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   214
        "G\<turnstile>Norm s \<midarrow>In1l (UnOp unop e)             \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   215
        "G\<turnstile>Norm s \<midarrow>In1l (BinOp binop e1 e2)       \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   216
	"G\<turnstile>Norm s \<midarrow>In2  (LVar vn)                 \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   217
	"G\<turnstile>Norm s \<midarrow>In1l (Cast T e)                \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   218
	"G\<turnstile>Norm s \<midarrow>In1l (e InstOf T)              \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   219
	"G\<turnstile>Norm s \<midarrow>In1l (Super)                   \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   220
	"G\<turnstile>Norm s \<midarrow>In1l (Acc va)                  \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   221
	"G\<turnstile>Norm s \<midarrow>In1r (Expr e)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   222
	"G\<turnstile>Norm s \<midarrow>In1r (c1;; c2)                 \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   223
	"G\<turnstile>Norm s \<midarrow>In1l (Methd C sig)             \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   224
	"G\<turnstile>Norm s \<midarrow>In1l (Body D c)                \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   225
	"G\<turnstile>Norm s \<midarrow>In1l (e0 ? e1 : e2)            \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   226
	"G\<turnstile>Norm s \<midarrow>In1r (If(e) c1 Else c2)        \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   227
	"G\<turnstile>Norm s \<midarrow>In1r (l\<bullet> While(e) c)           \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   228
	"G\<turnstile>Norm s \<midarrow>In1r (c1 Finally c2)           \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   229
	"G\<turnstile>Norm s \<midarrow>In1r (Throw e)                 \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   230
	"G\<turnstile>Norm s \<midarrow>In1l (NewC C)                  \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   231
	"G\<turnstile>Norm s \<midarrow>In1l (New T[e])                \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   232
	"G\<turnstile>Norm s \<midarrow>In1l (Ass va e)                \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   233
	"G\<turnstile>Norm s \<midarrow>In1r (Try c1 Catch(tn vn) c2)  \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   234
	"G\<turnstile>Norm s \<midarrow>In2  ({accC,statDeclC,stat}e..fn) \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   235
	"G\<turnstile>Norm s \<midarrow>In2  (e1.[e2])                 \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   236
	"G\<turnstile>Norm s \<midarrow>In1l ({accC,statT,mode}e\<cdot>mn({pT}p)) \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   237
	"G\<turnstile>Norm s \<midarrow>In1r (Init C)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   238
        "G\<turnstile>Norm s \<midarrow>In1r (Init C)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
schirmer@13688
   239
schirmer@12854
   240
declare split_if     [split] split_if_asm     [split] 
schirmer@12854
   241
        option.split [split] option.split_asm [split]
schirmer@13688
   242
        not_None_eq [simp] 
schirmer@13688
   243
        split_paired_All [simp] split_paired_Ex [simp]
schirmer@13688
   244
ML_setup {*
wenzelm@17876
   245
change_simpset (fn ss => ss addloop ("split_all_tac", split_all_tac));
schirmer@13688
   246
*}
schirmer@12854
   247
lemma evaln_Inj_elim: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (w,s') \<Longrightarrow> case t of In1 ec \<Rightarrow>  
schirmer@12854
   248
  (case ec of Inl e \<Rightarrow> (\<exists>v. w = In1 v) | Inr c \<Rightarrow> w = \<diamondsuit>)  
schirmer@12854
   249
  | In2 e \<Rightarrow> (\<exists>v. w = In2 v) | In3 e \<Rightarrow> (\<exists>v. w = In3 v)"
schirmer@12854
   250
apply (erule evaln_cases , auto)
schirmer@12854
   251
apply (induct_tac "t")
schirmer@12854
   252
apply   (induct_tac "a")
schirmer@12854
   253
apply auto
schirmer@12854
   254
done
schirmer@12854
   255
schirmer@13688
   256
text {* The following simplification procedures set up the proper injections of
schirmer@13688
   257
 terms and their corresponding values in the evaluation relation:
schirmer@13688
   258
 E.g. an expression 
schirmer@13688
   259
 (injection @{term In1l} into terms) always evaluates to ordinary values 
schirmer@13688
   260
 (injection @{term In1} into generalised values @{term vals}). 
schirmer@13688
   261
*}
schirmer@13688
   262
berghofe@21765
   263
lemma evaln_expr_eq: "G\<turnstile>s \<midarrow>In1l t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>v. w=In1 v \<and> G\<turnstile>s \<midarrow>t-\<succ>v \<midarrow>n\<rightarrow> s')"
berghofe@21765
   264
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   265
berghofe@21765
   266
lemma evaln_var_eq: "G\<turnstile>s \<midarrow>In2 t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>vf. w=In2 vf \<and> G\<turnstile>s \<midarrow>t=\<succ>vf\<midarrow>n\<rightarrow> s')"
berghofe@21765
   267
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   268
berghofe@21765
   269
lemma evaln_exprs_eq: "G\<turnstile>s \<midarrow>In3 t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>vs. w=In3 vs \<and> G\<turnstile>s \<midarrow>t\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s')"
berghofe@21765
   270
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   271
berghofe@21765
   272
lemma evaln_stmt_eq: "G\<turnstile>s \<midarrow>In1r t\<succ>\<midarrow>n\<rightarrow> (w, s') = (w=\<diamondsuit> \<and> G\<turnstile>s \<midarrow>t \<midarrow>n\<rightarrow> s')"
berghofe@21765
   273
  by (auto, frule evaln_Inj_elim, auto, frule evaln_Inj_elim, auto)
berghofe@21765
   274
schirmer@12854
   275
ML_setup {*
berghofe@21765
   276
fun enf name lhs =
schirmer@12854
   277
let
schirmer@12854
   278
  fun is_Inj (Const (inj,_) $ _) = true
schirmer@12854
   279
    | is_Inj _                   = false
berghofe@21765
   280
  fun pred (_ $ _ $ _ $ _ $ _ $ x $ _) = is_Inj x
schirmer@12854
   281
in
wenzelm@13462
   282
  cond_simproc name lhs pred (thm name)
schirmer@12854
   283
end;
schirmer@12854
   284
berghofe@21765
   285
val evaln_expr_proc  = enf "evaln_expr_eq"  "G\<turnstile>s \<midarrow>In1l t\<succ>\<midarrow>n\<rightarrow> (w, s')";
berghofe@21765
   286
val evaln_var_proc   = enf "evaln_var_eq"   "G\<turnstile>s \<midarrow>In2 t\<succ>\<midarrow>n\<rightarrow> (w, s')";
berghofe@21765
   287
val evaln_exprs_proc = enf "evaln_exprs_eq" "G\<turnstile>s \<midarrow>In3 t\<succ>\<midarrow>n\<rightarrow> (w, s')";
berghofe@21765
   288
val evaln_stmt_proc  = enf "evaln_stmt_eq"  "G\<turnstile>s \<midarrow>In1r t\<succ>\<midarrow>n\<rightarrow> (w, s')";
schirmer@12854
   289
Addsimprocs [evaln_expr_proc,evaln_var_proc,evaln_exprs_proc,evaln_stmt_proc];
schirmer@12854
   290
schirmer@12854
   291
bind_thms ("evaln_AbruptIs", sum3_instantiate (thm "evaln.Abrupt"))
schirmer@12854
   292
*}
schirmer@12854
   293
declare evaln_AbruptIs [intro!]
schirmer@12854
   294
schirmer@13337
   295
lemma evaln_Callee: "G\<turnstile>Norm s\<midarrow>In1l (Callee l e)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   296
proof -
schirmer@13337
   297
  { fix s t v s'
schirmer@13337
   298
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   299
         normal: "normal s" and
schirmer@13337
   300
         callee: "t=In1l (Callee l e)"
berghofe@21765
   301
    then have "False" by induct auto
schirmer@13337
   302
  }
schirmer@13337
   303
  then show ?thesis
schirmer@13337
   304
    by (cases s') fastsimp 
schirmer@13337
   305
qed
schirmer@13337
   306
schirmer@13337
   307
lemma evaln_InsInitE: "G\<turnstile>Norm s\<midarrow>In1l (InsInitE c e)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   308
proof -
schirmer@13337
   309
  { fix s t v s'
schirmer@13337
   310
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   311
         normal: "normal s" and
schirmer@13337
   312
         callee: "t=In1l (InsInitE c e)"
berghofe@21765
   313
    then have "False" by induct auto
schirmer@13337
   314
  }
schirmer@13337
   315
  then show ?thesis
schirmer@13337
   316
    by (cases s') fastsimp
schirmer@13337
   317
qed
schirmer@13337
   318
schirmer@13337
   319
lemma evaln_InsInitV: "G\<turnstile>Norm s\<midarrow>In2 (InsInitV c w)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   320
proof -
schirmer@13337
   321
  { fix s t v s'
schirmer@13337
   322
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   323
         normal: "normal s" and
schirmer@13337
   324
         callee: "t=In2 (InsInitV c w)"
berghofe@21765
   325
    then have "False" by induct auto
schirmer@13337
   326
  }  
schirmer@13337
   327
  then show ?thesis
schirmer@13337
   328
    by (cases s') fastsimp
schirmer@13337
   329
qed
schirmer@13337
   330
schirmer@13337
   331
lemma evaln_FinA: "G\<turnstile>Norm s\<midarrow>In1r (FinA a c)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   332
proof -
schirmer@13337
   333
  { fix s t v s'
schirmer@13337
   334
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   335
         normal: "normal s" and
schirmer@13337
   336
         callee: "t=In1r (FinA a c)"
berghofe@21765
   337
    then have "False" by induct auto
schirmer@13337
   338
  } 
schirmer@13337
   339
  then show ?thesis
schirmer@13337
   340
    by (cases s') fastsimp
schirmer@13337
   341
qed
schirmer@13337
   342
schirmer@12854
   343
lemma evaln_abrupt_lemma: "G\<turnstile>s \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (v,s') \<Longrightarrow> 
schirmer@12854
   344
 fst s = Some xc \<longrightarrow> s' = s \<and> v = arbitrary3 e"
schirmer@12854
   345
apply (erule evaln_cases , auto)
schirmer@12854
   346
done
schirmer@12854
   347
schirmer@12854
   348
lemma evaln_abrupt: 
schirmer@12854
   349
 "\<And>s'. G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (w,s') = (s' = (Some xc,s) \<and>  
schirmer@12854
   350
  w=arbitrary3 e \<and> G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (arbitrary3 e,(Some xc,s)))"
schirmer@12854
   351
apply auto
schirmer@12854
   352
apply (frule evaln_abrupt_lemma, auto)+
schirmer@12854
   353
done
schirmer@12854
   354
schirmer@12854
   355
ML {*
schirmer@12854
   356
local
wenzelm@12919
   357
  fun is_Some (Const ("Pair",_) $ (Const ("Datatype.option.Some",_) $ _)$ _) =true
schirmer@12854
   358
    | is_Some _ = false
berghofe@21765
   359
  fun pred (_ $ _ $ _ $ _ $ _ $ _ $ x) = is_Some x
schirmer@12854
   360
in
schirmer@12854
   361
  val evaln_abrupt_proc = 
wenzelm@13462
   362
 cond_simproc "evaln_abrupt" "G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (w,s')" pred (thm "evaln_abrupt")
schirmer@12854
   363
end;
schirmer@12854
   364
Addsimprocs [evaln_abrupt_proc]
schirmer@12854
   365
*}
schirmer@12854
   366
schirmer@12854
   367
lemma evaln_LitI: "G\<turnstile>s \<midarrow>Lit v-\<succ>(if normal s then v else arbitrary)\<midarrow>n\<rightarrow> s"
schirmer@12854
   368
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   369
by (auto intro!: evaln.Lit)
schirmer@12854
   370
schirmer@12854
   371
lemma CondI: 
schirmer@12854
   372
 "\<And>s1. \<lbrakk>G\<turnstile>s \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> 
schirmer@12854
   373
  G\<turnstile>s \<midarrow>e ? e1 : e2-\<succ>(if normal s1 then v else arbitrary)\<midarrow>n\<rightarrow> s2"
schirmer@12854
   374
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   375
by (auto intro!: evaln.Cond)
schirmer@12854
   376
schirmer@12854
   377
lemma evaln_SkipI [intro!]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s"
schirmer@12854
   378
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   379
by (auto intro!: evaln.Skip)
schirmer@12854
   380
schirmer@12854
   381
lemma evaln_ExprI: "G\<turnstile>s \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s' \<Longrightarrow> G\<turnstile>s \<midarrow>Expr e\<midarrow>n\<rightarrow> s'"
schirmer@12854
   382
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   383
by (auto intro!: evaln.Expr)
schirmer@12854
   384
schirmer@12854
   385
lemma evaln_CompI: "\<lbrakk>G\<turnstile>s \<midarrow>c1\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>c2\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> G\<turnstile>s \<midarrow>c1;; c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   386
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   387
by (auto intro!: evaln.Comp)
schirmer@12854
   388
schirmer@12854
   389
lemma evaln_IfI: 
schirmer@12854
   390
 "\<lbrakk>G\<turnstile>s \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>(if the_Bool v then c1 else c2)\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> 
schirmer@12854
   391
  G\<turnstile>s \<midarrow>If(e) c1 Else c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   392
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   393
by (auto intro!: evaln.If)
schirmer@12854
   394
schirmer@12854
   395
lemma evaln_SkipD [dest!]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s' \<Longrightarrow> s' = s" 
schirmer@12854
   396
by (erule evaln_cases, auto)
schirmer@12854
   397
schirmer@12854
   398
lemma evaln_Skip_eq [simp]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s' = (s = s')"
schirmer@12854
   399
apply auto
schirmer@12854
   400
done
schirmer@12854
   401
schirmer@13688
   402
schirmer@13688
   403
schirmer@13384
   404
schirmer@13384
   405
section {* evaln implies eval *}
schirmer@13688
   406
schirmer@12925
   407
lemma evaln_eval:  
schirmer@13688
   408
  assumes evaln: "G\<turnstile>s0 \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s1)" 
wenzelm@12937
   409
  shows "G\<turnstile>s0 \<midarrow>t\<succ>\<rightarrow> (v,s1)"
schirmer@13688
   410
using evaln 
schirmer@13688
   411
proof (induct)
berghofe@21765
   412
  case (Loop s0 e n b s1 c s2 l s3)
wenzelm@23350
   413
  note `G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<rightarrow> s1`
schirmer@13688
   414
  moreover
schirmer@13688
   415
  have "if the_Bool b
schirmer@13688
   416
        then (G\<turnstile>s1 \<midarrow>c\<rightarrow> s2) \<and> 
schirmer@13688
   417
             G\<turnstile>abupd (absorb (Cont l)) s2 \<midarrow>l\<bullet> While(e) c\<rightarrow> s3
schirmer@13688
   418
        else s3 = s1"
schirmer@13688
   419
    using Loop.hyps by simp
schirmer@13688
   420
  ultimately show ?case by (rule eval.Loop)
schirmer@13688
   421
next
berghofe@21765
   422
  case (Try s0 c1 n s1 s2 C vn c2 s3)
wenzelm@23350
   423
  note `G\<turnstile>Norm s0 \<midarrow>c1\<rightarrow> s1`
schirmer@13688
   424
  moreover
wenzelm@23350
   425
  note `G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2`
schirmer@13688
   426
  moreover
schirmer@13688
   427
  have "if G,s2\<turnstile>catch C then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<rightarrow> s3 else s3 = s2"
schirmer@13688
   428
    using Try.hyps by simp
schirmer@13688
   429
  ultimately show ?case by (rule eval.Try)
schirmer@13688
   430
next
berghofe@21765
   431
  case (Init C c s0 s3 n s1 s2)
wenzelm@23350
   432
  note `the (class G C) = c`
schirmer@13688
   433
  moreover
schirmer@13688
   434
  have "if inited C (globs s0) 
schirmer@13688
   435
           then s3 = Norm s0
schirmer@13688
   436
           else G\<turnstile>Norm ((init_class_obj G C) s0) 
schirmer@13688
   437
                  \<midarrow>(if C = Object then Skip else Init (super c))\<rightarrow> s1 \<and>
schirmer@13688
   438
                G\<turnstile>(set_lvars empty) s1 \<midarrow>init c\<rightarrow> s2 \<and>
schirmer@13688
   439
                s3 = (set_lvars (locals (store s1))) s2"
schirmer@13688
   440
    using Init.hyps by simp
schirmer@13688
   441
  ultimately show ?case by (rule eval.Init)
schirmer@13688
   442
qed (rule eval.intros,(assumption+ | assumption?))+
schirmer@12925
   443
schirmer@12925
   444
lemma Suc_le_D_lemma: "\<lbrakk>Suc n <= m'; (\<And>m. n <= m \<Longrightarrow> P (Suc m)) \<rbrakk> \<Longrightarrow> P m'"
schirmer@12925
   445
apply (frule Suc_le_D)
schirmer@12925
   446
apply fast
schirmer@12925
   447
done
schirmer@12925
   448
schirmer@12925
   449
lemma evaln_nonstrict [rule_format (no_asm), elim]: 
berghofe@21765
   450
  "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (w, s') \<Longrightarrow> \<forall>m. n\<le>m \<longrightarrow> G\<turnstile>s \<midarrow>t\<succ>\<midarrow>m\<rightarrow> (w, s')"
schirmer@12925
   451
apply (erule evaln.induct)
schirmer@12925
   452
apply (tactic {* ALLGOALS (EVERY'[strip_tac, TRY o etac (thm "Suc_le_D_lemma"),
schirmer@12925
   453
  REPEAT o smp_tac 1, 
schirmer@12925
   454
  resolve_tac (thms "evaln.intros") THEN_ALL_NEW TRY o atac]) *})
schirmer@12925
   455
(* 3 subgoals *)
schirmer@12925
   456
apply (auto split del: split_if)
schirmer@12925
   457
done
schirmer@12925
   458
schirmer@12925
   459
lemmas evaln_nonstrict_Suc = evaln_nonstrict [OF _ le_refl [THEN le_SucI]]
schirmer@12925
   460
berghofe@21765
   461
lemma evaln_max2: "\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2')\<rbrakk> \<Longrightarrow> 
berghofe@21765
   462
             G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max n1 n2\<rightarrow> (w1, s1') \<and> G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max n1 n2\<rightarrow> (w2, s2')"
schirmer@13688
   463
by (fast intro: le_maxI1 le_maxI2)
schirmer@13688
   464
schirmer@13688
   465
corollary evaln_max2E [consumes 2]:
berghofe@21765
   466
  "\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); 
berghofe@21765
   467
    \<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max n1 n2\<rightarrow> (w1, s1');G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max n1 n2\<rightarrow> (w2, s2') \<rbrakk> \<Longrightarrow> P \<rbrakk> \<Longrightarrow> P"
schirmer@13688
   468
by (drule (1) evaln_max2) simp
schirmer@13688
   469
schirmer@12925
   470
schirmer@12925
   471
lemma evaln_max3: 
berghofe@21765
   472
"\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>n3\<rightarrow> (w3, s3')\<rbrakk> \<Longrightarrow>
berghofe@21765
   473
 G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w1, s1') \<and>
berghofe@21765
   474
 G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w2, s2') \<and> 
berghofe@21765
   475
 G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w3, s3')"
schirmer@12925
   476
apply (drule (1) evaln_max2, erule thin_rl)
schirmer@12925
   477
apply (fast intro!: le_maxI1 le_maxI2)
schirmer@12925
   478
done
schirmer@12925
   479
schirmer@13688
   480
corollary evaln_max3E: 
berghofe@21765
   481
"\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>n3\<rightarrow> (w3, s3');
berghofe@21765
   482
   \<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w1, s1');
berghofe@21765
   483
    G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w2, s2'); 
berghofe@21765
   484
    G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w3, s3')
schirmer@13688
   485
   \<rbrakk> \<Longrightarrow> P
schirmer@13688
   486
  \<rbrakk> \<Longrightarrow> P"
schirmer@13688
   487
by (drule (2) evaln_max3) simp
schirmer@13688
   488
schirmer@13688
   489
schirmer@12925
   490
lemma le_max3I1: "(n2::nat) \<le> max n1 (max n2 n3)"
schirmer@12925
   491
proof -
schirmer@12925
   492
  have "n2 \<le> max n2 n3"
schirmer@12925
   493
    by (rule le_maxI1)
schirmer@12925
   494
  also
schirmer@12925
   495
  have "max n2 n3 \<le> max n1 (max n2 n3)"
schirmer@12925
   496
    by (rule le_maxI2)
schirmer@12925
   497
  finally
schirmer@12925
   498
  show ?thesis .
schirmer@12925
   499
qed
schirmer@12925
   500
schirmer@12925
   501
lemma le_max3I2: "(n3::nat) \<le> max n1 (max n2 n3)"
schirmer@12925
   502
proof -
schirmer@12925
   503
  have "n3 \<le> max n2 n3"
schirmer@12925
   504
    by (rule le_maxI2)
schirmer@12925
   505
  also
schirmer@12925
   506
  have "max n2 n3 \<le> max n1 (max n2 n3)"
schirmer@12925
   507
    by (rule le_maxI2)
schirmer@12925
   508
  finally
schirmer@12925
   509
  show ?thesis .
schirmer@12925
   510
qed
schirmer@12925
   511
schirmer@13688
   512
ML {*
schirmer@13688
   513
Delsimprocs [wt_expr_proc,wt_var_proc,wt_exprs_proc,wt_stmt_proc]
schirmer@13688
   514
*}
schirmer@13688
   515
schirmer@13384
   516
section {* eval implies evaln *}
schirmer@12925
   517
lemma eval_evaln: 
schirmer@13688
   518
  assumes eval: "G\<turnstile>s0 \<midarrow>t\<succ>\<rightarrow> (v,s1)"
wenzelm@12937
   519
  shows  "\<exists>n. G\<turnstile>s0 \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s1)"
schirmer@13688
   520
using eval 
schirmer@13688
   521
proof (induct)
berghofe@21765
   522
  case (Abrupt xc s t)
schirmer@13688
   523
  obtain n where
berghofe@21765
   524
    "G\<turnstile>(Some xc, s) \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (arbitrary3 t, (Some xc, s))"
nipkow@17589
   525
    by (iprover intro: evaln.Abrupt)
schirmer@13688
   526
  then show ?case ..
schirmer@13688
   527
next
schirmer@13688
   528
  case Skip
schirmer@13688
   529
  show ?case by (blast intro: evaln.Skip)
schirmer@13688
   530
next
berghofe@21765
   531
  case (Expr s0 e v s1)
schirmer@13688
   532
  then obtain n where
schirmer@13688
   533
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   534
    by (iprover)
schirmer@13688
   535
  then have "G\<turnstile>Norm s0 \<midarrow>Expr e\<midarrow>n\<rightarrow> s1"
schirmer@13688
   536
    by (rule evaln.Expr) 
schirmer@13688
   537
  then show ?case ..
schirmer@13688
   538
next
berghofe@21765
   539
  case (Lab s0 c s1 l)
schirmer@13688
   540
  then obtain n where
schirmer@13688
   541
    "G\<turnstile>Norm s0 \<midarrow>c\<midarrow>n\<rightarrow> s1"
nipkow@17589
   542
    by (iprover)
schirmer@13688
   543
  then have "G\<turnstile>Norm s0 \<midarrow>l\<bullet> c\<midarrow>n\<rightarrow> abupd (absorb l) s1"
schirmer@13688
   544
    by (rule evaln.Lab)
schirmer@13688
   545
  then show ?case ..
schirmer@13688
   546
next
berghofe@21765
   547
  case (Comp s0 c1 s1 c2 s2)
schirmer@13688
   548
  then obtain n1 n2 where
schirmer@13688
   549
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   550
    "G\<turnstile>s1 \<midarrow>c2\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   551
    by (iprover)
schirmer@13688
   552
  then have "G\<turnstile>Norm s0 \<midarrow>c1;; c2\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   553
    by (blast intro: evaln.Comp dest: evaln_max2 )
schirmer@13688
   554
  then show ?case ..
schirmer@13688
   555
next
berghofe@21765
   556
  case (If s0 e b s1 c1 c2 s2)
schirmer@13688
   557
  then obtain n1 n2 where
schirmer@13688
   558
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   559
    "G\<turnstile>s1 \<midarrow>(if the_Bool b then c1 else c2)\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   560
    by (iprover)
schirmer@13688
   561
  then have "G\<turnstile>Norm s0 \<midarrow>If(e) c1 Else c2\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   562
    by (blast intro: evaln.If dest: evaln_max2)
schirmer@13688
   563
  then show ?case ..
schirmer@13688
   564
next
berghofe@21765
   565
  case (Loop s0 e b s1 c s2 l s3)
schirmer@13688
   566
  from Loop.hyps obtain n1 where
schirmer@13688
   567
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n1\<rightarrow> s1"
nipkow@17589
   568
    by (iprover)
schirmer@13688
   569
  moreover from Loop.hyps obtain n2 where
schirmer@13688
   570
    "if the_Bool b 
schirmer@13688
   571
        then (G\<turnstile>s1 \<midarrow>c\<midarrow>n2\<rightarrow> s2 \<and> 
schirmer@13688
   572
              G\<turnstile>(abupd (absorb (Cont l)) s2)\<midarrow>l\<bullet> While(e) c\<midarrow>n2\<rightarrow> s3)
schirmer@13688
   573
	else s3 = s1"
nipkow@17589
   574
    by simp (iprover intro: evaln_nonstrict le_maxI1 le_maxI2)
schirmer@13688
   575
  ultimately
schirmer@13688
   576
  have "G\<turnstile>Norm s0 \<midarrow>l\<bullet> While(e) c\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   577
    apply -
schirmer@13688
   578
    apply (rule evaln.Loop)
nipkow@17589
   579
    apply   (iprover intro: evaln_nonstrict intro: le_maxI1)
schirmer@12925
   580
schirmer@13688
   581
    apply   (auto intro: evaln_nonstrict intro: le_maxI2)
schirmer@13688
   582
    done
schirmer@13688
   583
  then show ?case ..
schirmer@13688
   584
next
berghofe@21765
   585
  case (Jmp s j)
schirmer@13688
   586
  have "G\<turnstile>Norm s \<midarrow>Jmp j\<midarrow>n\<rightarrow> (Some (Jump j), s)"
schirmer@13688
   587
    by (rule evaln.Jmp)
schirmer@13688
   588
  then show ?case ..
schirmer@13688
   589
next
berghofe@21765
   590
  case (Throw s0 e a s1)
schirmer@13688
   591
  then obtain n where
schirmer@13688
   592
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>a\<midarrow>n\<rightarrow> s1"
nipkow@17589
   593
    by (iprover)
schirmer@13688
   594
  then have "G\<turnstile>Norm s0 \<midarrow>Throw e\<midarrow>n\<rightarrow> abupd (throw a) s1"
schirmer@13688
   595
    by (rule evaln.Throw)
schirmer@13688
   596
  then show ?case ..
schirmer@13688
   597
next 
berghofe@21765
   598
  case (Try s0 c1 s1 s2 catchC vn c2 s3)
schirmer@13688
   599
  from Try.hyps obtain n1 where
schirmer@13688
   600
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> s1"
nipkow@17589
   601
    by (iprover)
schirmer@13688
   602
  moreover 
wenzelm@23350
   603
  note sxalloc = `G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2`
schirmer@13688
   604
  moreover
schirmer@13688
   605
  from Try.hyps obtain n2 where
schirmer@13688
   606
    "if G,s2\<turnstile>catch catchC then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<midarrow>n2\<rightarrow> s3 else s3 = s2"
schirmer@13688
   607
    by fastsimp 
schirmer@13688
   608
  ultimately
schirmer@13688
   609
  have "G\<turnstile>Norm s0 \<midarrow>Try c1 Catch(catchC vn) c2\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   610
    by (auto intro!: evaln.Try le_maxI1 le_maxI2)
schirmer@13688
   611
  then show ?case ..
schirmer@13688
   612
next
berghofe@21765
   613
  case (Fin s0 c1 x1 s1 c2 s2 s3)
schirmer@13688
   614
  from Fin obtain n1 n2 where 
schirmer@13688
   615
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> (x1, s1)"
schirmer@13688
   616
    "G\<turnstile>Norm s1 \<midarrow>c2\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   617
    by iprover
schirmer@13688
   618
  moreover
wenzelm@23350
   619
  note s3 = `s3 = (if \<exists>err. x1 = Some (Error err) 
wenzelm@23350
   620
                   then (x1, s1)
wenzelm@23350
   621
                   else abupd (abrupt_if (x1 \<noteq> None) x1) s2)`
schirmer@13688
   622
  ultimately 
schirmer@13688
   623
  have 
schirmer@13688
   624
    "G\<turnstile>Norm s0 \<midarrow>c1 Finally c2\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   625
    by (blast intro: evaln.Fin dest: evaln_max2)
schirmer@13688
   626
  then show ?case ..
schirmer@13688
   627
next
berghofe@21765
   628
  case (Init C c s0 s3 s1 s2)
wenzelm@23350
   629
  note cls = `the (class G C) = c`
schirmer@13688
   630
  moreover from Init.hyps obtain n where
schirmer@12925
   631
      "if inited C (globs s0) then s3 = Norm s0
schirmer@12925
   632
       else (G\<turnstile>Norm (init_class_obj G C s0)
schirmer@12925
   633
	      \<midarrow>(if C = Object then Skip else Init (super c))\<midarrow>n\<rightarrow> s1 \<and>
schirmer@12925
   634
	           G\<turnstile>set_lvars empty s1 \<midarrow>init c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12925
   635
                   s3 = restore_lvars s1 s2)"
schirmer@13688
   636
    by (auto intro: evaln_nonstrict le_maxI1 le_maxI2)
schirmer@13688
   637
  ultimately have "G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s3"
schirmer@13688
   638
    by (rule evaln.Init)
schirmer@13688
   639
  then show ?case ..
schirmer@13688
   640
next
berghofe@21765
   641
  case (NewC s0 C s1 a s2)
schirmer@13688
   642
  then obtain n where 
schirmer@13688
   643
    "G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s1"
nipkow@17589
   644
    by (iprover)
schirmer@13688
   645
  with NewC 
schirmer@13688
   646
  have "G\<turnstile>Norm s0 \<midarrow>NewC C-\<succ>Addr a\<midarrow>n\<rightarrow> s2"
nipkow@17589
   647
    by (iprover intro: evaln.NewC)
schirmer@13688
   648
  then show ?case ..
schirmer@13688
   649
next
berghofe@21765
   650
  case (NewA s0 T s1 e i s2 a s3)
schirmer@13688
   651
  then obtain n1 n2 where 
schirmer@13688
   652
    "G\<turnstile>Norm s0 \<midarrow>init_comp_ty T\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   653
    "G\<turnstile>s1 \<midarrow>e-\<succ>i\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   654
    by (iprover)
schirmer@13688
   655
  moreover
wenzelm@23350
   656
  note `G\<turnstile>abupd (check_neg i) s2 \<midarrow>halloc Arr T (the_Intg i)\<succ>a\<rightarrow> s3`
schirmer@13688
   657
  ultimately
schirmer@13688
   658
  have "G\<turnstile>Norm s0 \<midarrow>New T[e]-\<succ>Addr a\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   659
    by (blast intro: evaln.NewA dest: evaln_max2)
schirmer@13688
   660
  then show ?case ..
schirmer@13688
   661
next
berghofe@21765
   662
  case (Cast s0 e v s1 s2 castT)
schirmer@13688
   663
  then obtain n where
schirmer@13688
   664
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   665
    by (iprover)
schirmer@13688
   666
  moreover 
wenzelm@23350
   667
  note `s2 = abupd (raise_if (\<not> G,snd s1\<turnstile>v fits castT) ClassCast) s1`
schirmer@13688
   668
  ultimately
schirmer@13688
   669
  have "G\<turnstile>Norm s0 \<midarrow>Cast castT e-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@13688
   670
    by (rule evaln.Cast)
schirmer@13688
   671
  then show ?case ..
schirmer@13688
   672
next
berghofe@21765
   673
  case (Inst s0 e v s1 b T)
schirmer@13688
   674
  then obtain n where
schirmer@13688
   675
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   676
    by (iprover)
schirmer@13688
   677
  moreover 
wenzelm@23350
   678
  note `b = (v \<noteq> Null \<and> G,snd s1\<turnstile>v fits RefT T)`
schirmer@13688
   679
  ultimately
schirmer@13688
   680
  have "G\<turnstile>Norm s0 \<midarrow>e InstOf T-\<succ>Bool b\<midarrow>n\<rightarrow> s1"
schirmer@13688
   681
    by (rule evaln.Inst)
schirmer@13688
   682
  then show ?case ..
schirmer@13688
   683
next
schirmer@13688
   684
  case (Lit s v)
schirmer@13688
   685
  have "G\<turnstile>Norm s \<midarrow>Lit v-\<succ>v\<midarrow>n\<rightarrow> Norm s"
schirmer@13688
   686
    by (rule evaln.Lit)
schirmer@13688
   687
  then show ?case ..
schirmer@13688
   688
next
berghofe@21765
   689
  case (UnOp s0 e v s1 unop)
schirmer@13688
   690
  then obtain n where
schirmer@13688
   691
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   692
    by (iprover)
schirmer@13688
   693
  hence "G\<turnstile>Norm s0 \<midarrow>UnOp unop e-\<succ>eval_unop unop v\<midarrow>n\<rightarrow> s1"
schirmer@13688
   694
    by (rule evaln.UnOp)
schirmer@13688
   695
  then show ?case ..
schirmer@13688
   696
next
berghofe@21765
   697
  case (BinOp s0 e1 v1 s1 binop e2 v2 s2)
schirmer@13688
   698
  then obtain n1 n2 where 
schirmer@13688
   699
    "G\<turnstile>Norm s0 \<midarrow>e1-\<succ>v1\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   700
    "G\<turnstile>s1 \<midarrow>(if need_second_arg binop v1 then In1l e2
schirmer@13384
   701
               else In1r Skip)\<succ>\<midarrow>n2\<rightarrow> (In1 v2, s2)"    
nipkow@17589
   702
    by (iprover)
schirmer@13688
   703
  hence "G\<turnstile>Norm s0 \<midarrow>BinOp binop e1 e2-\<succ>(eval_binop binop v1 v2)\<midarrow>max n1 n2
schirmer@13688
   704
          \<rightarrow> s2"
schirmer@13688
   705
    by (blast intro!: evaln.BinOp dest: evaln_max2)
schirmer@13688
   706
  then show ?case ..
schirmer@13688
   707
next
schirmer@13688
   708
  case (Super s )
schirmer@13688
   709
  have "G\<turnstile>Norm s \<midarrow>Super-\<succ>val_this s\<midarrow>n\<rightarrow> Norm s"
schirmer@13688
   710
    by (rule evaln.Super)
schirmer@13688
   711
  then show ?case ..
schirmer@13688
   712
next
berghofe@21765
   713
  case (Acc s0 va v f s1)
schirmer@13688
   714
  then obtain n where
schirmer@13688
   715
    "G\<turnstile>Norm s0 \<midarrow>va=\<succ>(v, f)\<midarrow>n\<rightarrow> s1"
nipkow@17589
   716
    by (iprover)
schirmer@13688
   717
  then
schirmer@13688
   718
  have "G\<turnstile>Norm s0 \<midarrow>Acc va-\<succ>v\<midarrow>n\<rightarrow> s1"
schirmer@13688
   719
    by (rule evaln.Acc)
schirmer@13688
   720
  then show ?case ..
schirmer@13688
   721
next
berghofe@21765
   722
  case (Ass s0 var w f s1 e v s2)
schirmer@13688
   723
  then obtain n1 n2 where 
schirmer@13688
   724
    "G\<turnstile>Norm s0 \<midarrow>var=\<succ>(w, f)\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   725
    "G\<turnstile>s1 \<midarrow>e-\<succ>v\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   726
    by (iprover)
schirmer@13688
   727
  then
schirmer@13688
   728
  have "G\<turnstile>Norm s0 \<midarrow>var:=e-\<succ>v\<midarrow>max n1 n2\<rightarrow> assign f v s2"
schirmer@13688
   729
    by (blast intro: evaln.Ass dest: evaln_max2)
schirmer@13688
   730
  then show ?case ..
schirmer@13688
   731
next
berghofe@21765
   732
  case (Cond s0 e0 b s1 e1 e2 v s2)
schirmer@13688
   733
  then obtain n1 n2 where 
schirmer@13688
   734
    "G\<turnstile>Norm s0 \<midarrow>e0-\<succ>b\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   735
    "G\<turnstile>s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   736
    by (iprover)
schirmer@13688
   737
  then
schirmer@13688
   738
  have "G\<turnstile>Norm s0 \<midarrow>e0 ? e1 : e2-\<succ>v\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   739
    by (blast intro: evaln.Cond dest: evaln_max2)
schirmer@13688
   740
  then show ?case ..
schirmer@13688
   741
next
berghofe@21765
   742
  case (Call s0 e a' s1 args vs s2 invDeclC mode statT mn pTs' s3 s3' accC' v s4)
schirmer@13688
   743
  then obtain n1 n2 where
schirmer@13688
   744
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   745
    "G\<turnstile>s1 \<midarrow>args\<doteq>\<succ>vs\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   746
    by iprover
schirmer@13688
   747
  moreover
wenzelm@23350
   748
  note `invDeclC = invocation_declclass G mode (store s2) a' statT 
wenzelm@23350
   749
                       \<lparr>name=mn,parTs=pTs'\<rparr>`
schirmer@13688
   750
  moreover
wenzelm@23350
   751
  note `s3 = init_lvars G invDeclC \<lparr>name=mn,parTs=pTs'\<rparr> mode a' vs s2`
schirmer@13688
   752
  moreover
wenzelm@23350
   753
  note `s3'=check_method_access G accC' statT mode \<lparr>name=mn,parTs=pTs'\<rparr> a' s3`
schirmer@13688
   754
  moreover 
schirmer@13688
   755
  from Call.hyps
schirmer@13688
   756
  obtain m where 
schirmer@13688
   757
    "G\<turnstile>s3' \<midarrow>Methd invDeclC \<lparr>name=mn, parTs=pTs'\<rparr>-\<succ>v\<midarrow>m\<rightarrow> s4"
nipkow@17589
   758
    by iprover
schirmer@13688
   759
  ultimately
schirmer@13688
   760
  have "G\<turnstile>Norm s0 \<midarrow>{accC',statT,mode}e\<cdot>mn( {pTs'}args)-\<succ>v\<midarrow>max n1 (max n2 m)\<rightarrow> 
schirmer@12925
   761
            (set_lvars (locals (store s2))) s4"
schirmer@13688
   762
    by (auto intro!: evaln.Call le_maxI1 le_max3I1 le_max3I2)
schirmer@13688
   763
  thus ?case ..
schirmer@13688
   764
next
berghofe@21765
   765
  case (Methd s0 D sig v s1)
schirmer@13688
   766
  then obtain n where
schirmer@13688
   767
    "G\<turnstile>Norm s0 \<midarrow>body G D sig-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   768
    by iprover
schirmer@13688
   769
  then have "G\<turnstile>Norm s0 \<midarrow>Methd D sig-\<succ>v\<midarrow>Suc n\<rightarrow> s1"
schirmer@13688
   770
    by (rule evaln.Methd)
schirmer@13688
   771
  then show ?case ..
schirmer@13688
   772
next
berghofe@21765
   773
  case (Body s0 D s1 c s2 s3)
schirmer@13688
   774
  from Body.hyps obtain n1 n2 where 
schirmer@13688
   775
    evaln_init: "G\<turnstile>Norm s0 \<midarrow>Init D\<midarrow>n1\<rightarrow> s1" and
schirmer@13688
   776
    evaln_c: "G\<turnstile>s1 \<midarrow>c\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   777
    by (iprover)
schirmer@13688
   778
  moreover
wenzelm@23350
   779
  note `s3 = (if \<exists>l. fst s2 = Some (Jump (Break l)) \<or> 
schirmer@13688
   780
                     fst s2 = Some (Jump (Cont l))
wenzelm@23350
   781
              then abupd (\<lambda>x. Some (Error CrossMethodJump)) s2 
wenzelm@23350
   782
              else s2)`
schirmer@13688
   783
  ultimately
schirmer@13688
   784
  have
schirmer@12925
   785
     "G\<turnstile>Norm s0 \<midarrow>Body D c-\<succ>the (locals (store s2) Result)\<midarrow>max n1 n2
schirmer@13688
   786
       \<rightarrow> abupd (absorb Ret) s3"
nipkow@17589
   787
    by (iprover intro: evaln.Body dest: evaln_max2)
schirmer@13688
   788
  then show ?case ..
schirmer@13688
   789
next
schirmer@13688
   790
  case (LVar s vn )
schirmer@13688
   791
  obtain n where
schirmer@13688
   792
    "G\<turnstile>Norm s \<midarrow>LVar vn=\<succ>lvar vn s\<midarrow>n\<rightarrow> Norm s"
nipkow@17589
   793
    by (iprover intro: evaln.LVar)
schirmer@13688
   794
  then show ?case ..
schirmer@13688
   795
next
berghofe@21765
   796
  case (FVar s0 statDeclC s1 e a s2 v s2' stat fn s3 accC)
schirmer@13688
   797
  then obtain n1 n2 where
schirmer@13688
   798
    "G\<turnstile>Norm s0 \<midarrow>Init statDeclC\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   799
    "G\<turnstile>s1 \<midarrow>e-\<succ>a\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   800
    by iprover
schirmer@13688
   801
  moreover
wenzelm@23350
   802
  note `s3 = check_field_access G accC statDeclC fn stat a s2'`
wenzelm@23350
   803
    and `(v, s2') = fvar statDeclC stat fn a s2`
schirmer@13688
   804
  ultimately
schirmer@13688
   805
  have "G\<turnstile>Norm s0 \<midarrow>{accC,statDeclC,stat}e..fn=\<succ>v\<midarrow>max n1 n2\<rightarrow> s3"
nipkow@17589
   806
    by (iprover intro: evaln.FVar dest: evaln_max2)
schirmer@13688
   807
  then show ?case ..
schirmer@13688
   808
next
berghofe@21765
   809
  case (AVar s0 e1 a s1 e2 i s2 v s2')
schirmer@13688
   810
  then obtain n1 n2 where 
schirmer@13688
   811
    "G\<turnstile>Norm s0 \<midarrow>e1-\<succ>a\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   812
    "G\<turnstile>s1 \<midarrow>e2-\<succ>i\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   813
    by iprover
schirmer@13688
   814
  moreover 
wenzelm@23350
   815
  note `(v, s2') = avar G i a s2`
schirmer@13688
   816
  ultimately 
schirmer@13688
   817
  have "G\<turnstile>Norm s0 \<midarrow>e1.[e2]=\<succ>v\<midarrow>max n1 n2\<rightarrow> s2'"
schirmer@13688
   818
    by (blast intro!: evaln.AVar dest: evaln_max2)
schirmer@13688
   819
  then show ?case ..
schirmer@13688
   820
next
schirmer@13688
   821
  case (Nil s0)
nipkow@17589
   822
  show ?case by (iprover intro: evaln.Nil)
schirmer@13688
   823
next
berghofe@21765
   824
  case (Cons s0 e v s1 es vs s2)
schirmer@13688
   825
  then obtain n1 n2 where 
schirmer@13688
   826
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   827
    "G\<turnstile>s1 \<midarrow>es\<doteq>\<succ>vs\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   828
    by iprover
schirmer@13688
   829
  then
schirmer@13688
   830
  have "G\<turnstile>Norm s0 \<midarrow>e # es\<doteq>\<succ>v # vs\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   831
    by (blast intro!: evaln.Cons dest: evaln_max2)
schirmer@13688
   832
  then show ?case ..
schirmer@12925
   833
qed
schirmer@13688
   834
       
schirmer@12854
   835
end