unsymbolized
authorkleing
Thu Sep 21 10:42:49 2000 +0200 (2000-09-21)
changeset 100427164dc0d24d8
parent 10041 30693ebd16ae
child 10043 a0364652e115
unsymbolized
src/HOL/MicroJava/BV/BVSpec.thy
src/HOL/MicroJava/BV/BVSpecTypeSafe.thy
src/HOL/MicroJava/BV/Convert.thy
src/HOL/MicroJava/BV/Correct.thy
src/HOL/MicroJava/BV/LBVComplete.thy
src/HOL/MicroJava/BV/LBVCorrect.thy
src/HOL/MicroJava/BV/LBVSpec.thy
src/HOL/MicroJava/BV/Step.thy
src/HOL/MicroJava/BV/StepMono.thy
src/HOL/MicroJava/J/Conform.ML
src/HOL/MicroJava/J/Conform.thy
src/HOL/MicroJava/J/Decl.ML
src/HOL/MicroJava/J/Decl.thy
src/HOL/MicroJava/J/Eval.ML
src/HOL/MicroJava/J/Eval.thy
src/HOL/MicroJava/J/Example.ML
src/HOL/MicroJava/J/Example.thy
src/HOL/MicroJava/J/JBasis.ML
src/HOL/MicroJava/J/JBasis.thy
src/HOL/MicroJava/J/JTypeSafe.ML
src/HOL/MicroJava/J/State.ML
src/HOL/MicroJava/J/State.thy
src/HOL/MicroJava/J/Term.thy
src/HOL/MicroJava/J/Type.thy
src/HOL/MicroJava/J/TypeRel.ML
src/HOL/MicroJava/J/TypeRel.thy
src/HOL/MicroJava/J/Value.thy
src/HOL/MicroJava/J/WellForm.ML
src/HOL/MicroJava/J/WellForm.thy
src/HOL/MicroJava/J/WellType.ML
src/HOL/MicroJava/J/WellType.thy
src/HOL/MicroJava/JVM/JVMExec.thy
src/HOL/MicroJava/JVM/JVMExecInstr.thy
src/HOL/MicroJava/JVM/JVMState.thy
src/HOL/MicroJava/JVM/Store.ML
src/HOL/MicroJava/JVM/Store.thy
     1.1 --- a/src/HOL/MicroJava/BV/BVSpec.thy	Wed Sep 20 21:20:41 2000 +0200
     1.2 +++ b/src/HOL/MicroJava/BV/BVSpec.thy	Thu Sep 21 10:42:49 2000 +0200
     1.3 @@ -11,53 +11,53 @@
     1.4  
     1.5  types
     1.6   method_type = "state_type option list"
     1.7 - class_type	 = "sig \<Rightarrow> method_type"
     1.8 - prog_type	 = "cname \<Rightarrow> class_type"
     1.9 + class_type	 = "sig => method_type"
    1.10 + prog_type	 = "cname => class_type"
    1.11  
    1.12  constdefs
    1.13 -wt_instr :: "[instr,jvm_prog,ty,method_type,p_count,p_count] \<Rightarrow> bool"
    1.14 -"wt_instr i G rT phi max_pc pc \<equiv> 
    1.15 +wt_instr :: "[instr,jvm_prog,ty,method_type,p_count,p_count] => bool"
    1.16 +"wt_instr i G rT phi max_pc pc == 
    1.17      app i G rT (phi!pc) \<and>
    1.18     (\<forall> pc' \<in> set (succs i pc). pc' < max_pc \<and> (G \<turnstile> step i G (phi!pc) <=' phi!pc'))"
    1.19  
    1.20 -wt_start :: "[jvm_prog,cname,ty list,nat,method_type] \<Rightarrow> bool"
    1.21 -"wt_start G C pTs mxl phi \<equiv> 
    1.22 +wt_start :: "[jvm_prog,cname,ty list,nat,method_type] => bool"
    1.23 +"wt_start G C pTs mxl phi == 
    1.24      G \<turnstile> Some ([],(Ok (Class C))#((map Ok pTs))@(replicate mxl Err)) <=' phi!0"
    1.25  
    1.26  
    1.27 -wt_method :: "[jvm_prog,cname,ty list,ty,nat,instr list,method_type] \<Rightarrow> bool"
    1.28 -"wt_method G C pTs rT mxl ins phi \<equiv>
    1.29 +wt_method :: "[jvm_prog,cname,ty list,ty,nat,instr list,method_type] => bool"
    1.30 +"wt_method G C pTs rT mxl ins phi ==
    1.31  	let max_pc = length ins
    1.32          in
    1.33  	0 < max_pc \<and> wt_start G C pTs mxl phi \<and> 
    1.34 -	(\<forall>pc. pc<max_pc \<longrightarrow> wt_instr (ins ! pc) G rT phi max_pc pc)"
    1.35 +	(\<forall>pc. pc<max_pc --> wt_instr (ins ! pc) G rT phi max_pc pc)"
    1.36  
    1.37 -wt_jvm_prog :: "[jvm_prog,prog_type] \<Rightarrow> bool"
    1.38 -"wt_jvm_prog G phi \<equiv>
    1.39 +wt_jvm_prog :: "[jvm_prog,prog_type] => bool"
    1.40 +"wt_jvm_prog G phi ==
    1.41     wf_prog (\<lambda>G C (sig,rT,maxl,b).
    1.42                wt_method G C (snd sig) rT maxl b (phi C sig)) G"
    1.43  
    1.44  
    1.45  
    1.46  lemma wt_jvm_progD:
    1.47 -"wt_jvm_prog G phi \<Longrightarrow> (\<exists>wt. wf_prog wt G)"
    1.48 +"wt_jvm_prog G phi ==> (\<exists>wt. wf_prog wt G)"
    1.49  by (unfold wt_jvm_prog_def, blast)
    1.50  
    1.51  lemma wt_jvm_prog_impl_wt_instr:
    1.52 -"\<lbrakk> wt_jvm_prog G phi; method (G,C) sig = Some (C,rT,maxl,ins); pc < length ins \<rbrakk> 
    1.53 - \<Longrightarrow> wt_instr (ins!pc) G rT (phi C sig) (length ins) pc";
    1.54 +"[| wt_jvm_prog G phi; method (G,C) sig = Some (C,rT,maxl,ins); pc < length ins |] 
    1.55 + ==> wt_instr (ins!pc) G rT (phi C sig) (length ins) pc";
    1.56  by (unfold wt_jvm_prog_def, drule method_wf_mdecl, 
    1.57      simp, simp add: wf_mdecl_def wt_method_def)
    1.58  
    1.59  lemma wt_jvm_prog_impl_wt_start:
    1.60 -"\<lbrakk> wt_jvm_prog G phi; method (G,C) sig = Some (C,rT,maxl,ins) \<rbrakk> \<Longrightarrow> 
    1.61 +"[| wt_jvm_prog G phi; method (G,C) sig = Some (C,rT,maxl,ins) |] ==> 
    1.62   0 < (length ins) \<and> wt_start G C (snd sig) maxl (phi C sig)"
    1.63  by (unfold wt_jvm_prog_def, drule method_wf_mdecl, 
    1.64      simp, simp add: wf_mdecl_def wt_method_def)
    1.65  
    1.66  (* for most instructions wt_instr collapses: *)
    1.67  lemma  
    1.68 -"succs i pc = [pc+1] \<Longrightarrow> wt_instr i G rT phi max_pc pc = 
    1.69 +"succs i pc = [pc+1] ==> wt_instr i G rT phi max_pc pc = 
    1.70   (app i G rT (phi!pc) \<and> pc+1 < max_pc \<and> (G \<turnstile> step i G (phi!pc) <=' phi!(pc+1)))"
    1.71  by (simp add: wt_instr_def) 
    1.72  
     2.1 --- a/src/HOL/MicroJava/BV/BVSpecTypeSafe.thy	Wed Sep 20 21:20:41 2000 +0200
     2.2 +++ b/src/HOL/MicroJava/BV/BVSpecTypeSafe.thy	Thu Sep 21 10:42:49 2000 +0200
     2.3 @@ -24,13 +24,13 @@
     2.4  done
     2.5  
     2.6  lemma Load_correct:
     2.7 -"\<lbrakk> wf_prog wt G;
     2.8 +"[| wf_prog wt G;
     2.9     method (G,C) sig = Some (C,rT,maxl,ins); 
    2.10     ins!pc = Load idx; 
    2.11     wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
    2.12     Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs); 
    2.13 -   G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
    2.14 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
    2.15 +   G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
    2.16 +==> G,phi \<turnstile>JVM state'\<surd>"
    2.17  apply (clarsimp simp add: defs1 map_eq_Cons)
    2.18  apply (rule conjI)
    2.19   apply (rule approx_loc_imp_approx_val_sup)
    2.20 @@ -39,13 +39,13 @@
    2.21  done
    2.22  
    2.23  lemma Store_correct:
    2.24 -"\<lbrakk> wf_prog wt G;
    2.25 +"[| wf_prog wt G;
    2.26    method (G,C) sig = Some (C,rT,maxl,ins);
    2.27    ins!pc = Store idx;
    2.28    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc;
    2.29    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs);
    2.30 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk>
    2.31 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
    2.32 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |]
    2.33 +==> G,phi \<turnstile>JVM state'\<surd>"
    2.34  apply (clarsimp simp add: defs1 map_eq_Cons)
    2.35  apply (rule conjI)
    2.36   apply (blast intro: approx_stk_imp_approx_stk_sup)
    2.37 @@ -54,18 +54,18 @@
    2.38  
    2.39  
    2.40  lemma conf_Intg_Integer [iff]:
    2.41 -  "G,h \<turnstile> Intg i \<Colon>\<preceq> PrimT Integer"
    2.42 +  "G,h \<turnstile> Intg i ::\<preceq> PrimT Integer"
    2.43  by (simp add: conf_def)
    2.44  
    2.45  
    2.46  lemma Bipush_correct:
    2.47 -"\<lbrakk> wf_prog wt G;
    2.48 +"[| wf_prog wt G;
    2.49    method (G,C) sig = Some (C,rT,maxl,ins); 
    2.50    ins!pc = Bipush i; 
    2.51    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
    2.52    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs);
    2.53 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk>
    2.54 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
    2.55 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |]
    2.56 +==> G,phi \<turnstile>JVM state'\<surd>"
    2.57  apply (clarsimp simp add: defs1 approx_val_def sup_PTS_eq map_eq_Cons)
    2.58  apply (blast intro: approx_stk_imp_approx_stk_sup approx_loc_imp_approx_loc_sup)
    2.59  done
    2.60 @@ -73,7 +73,7 @@
    2.61  lemma NT_subtype_conv:
    2.62    "G \<turnstile> NT \<preceq> T = (T=NT \<or> (\<exists>C. T = Class C))"
    2.63  proof -
    2.64 -  have "\<And>T T'. G \<turnstile> T' \<preceq> T \<Longrightarrow> T' = NT \<longrightarrow> (T=NT | (\<exists>C. T = Class C))"
    2.65 +  have "!!T T'. G \<turnstile> T' \<preceq> T ==> T' = NT --> (T=NT | (\<exists>C. T = Class C))"
    2.66      apply (erule widen.induct)
    2.67      apply auto
    2.68      apply (case_tac R)
    2.69 @@ -86,13 +86,13 @@
    2.70  qed
    2.71  
    2.72  lemma Aconst_null_correct:
    2.73 -"\<lbrakk> wf_prog wt G;
    2.74 +"[| wf_prog wt G;
    2.75    method (G,C) sig = Some (C,rT,maxl,ins); 
    2.76    ins!pc =  Aconst_null; 
    2.77    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
    2.78    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs); 
    2.79 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
    2.80 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
    2.81 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
    2.82 +==> G,phi \<turnstile>JVM state'\<surd>"
    2.83  apply (clarsimp simp add: defs1 map_eq_Cons)
    2.84  apply (rule conjI)
    2.85   apply (force simp add: approx_val_Null NT_subtype_conv)
    2.86 @@ -101,8 +101,8 @@
    2.87  
    2.88  
    2.89  lemma Cast_conf2:
    2.90 -  "\<lbrakk>wf_prog ok G; G,h\<turnstile>v\<Colon>\<preceq>RefT rt; cast_ok G C h v; G\<turnstile>Class C\<preceq>T; is_class G C\<rbrakk> 
    2.91 -  \<Longrightarrow> G,h\<turnstile>v\<Colon>\<preceq>T"
    2.92 +  "[|wf_prog ok G; G,h\<turnstile>v::\<preceq>RefT rt; cast_ok G C h v; G\<turnstile>Class C\<preceq>T; is_class G C|] 
    2.93 +  ==> G,h\<turnstile>v::\<preceq>T"
    2.94  apply (unfold cast_ok_def)
    2.95  apply (frule widen_Class)
    2.96  apply (elim exE disjE)
    2.97 @@ -114,26 +114,26 @@
    2.98  
    2.99  
   2.100  lemma Checkcast_correct:
   2.101 -"\<lbrakk> wf_prog wt G;
   2.102 +"[| wf_prog wt G;
   2.103    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.104    ins!pc = Checkcast D; 
   2.105    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.106    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.107 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.108 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.109 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.110 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.111  apply (clarsimp simp add: defs1 map_eq_Cons raise_xcpt_def approx_val_def)
   2.112  apply (blast intro: approx_stk_imp_approx_stk_sup approx_loc_imp_approx_loc_sup Cast_conf2)
   2.113  done
   2.114  
   2.115  
   2.116  lemma Getfield_correct:
   2.117 -"\<lbrakk> wf_prog wt G;
   2.118 +"[| wf_prog wt G;
   2.119    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.120    ins!pc = Getfield F D; 
   2.121    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.122    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.123 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.124 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.125 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.126 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.127  apply (clarsimp simp add: defs1 raise_xcpt_def map_eq_Cons approx_val_def split: option.split)
   2.128  apply (frule conf_widen)
   2.129  apply assumption+
   2.130 @@ -147,13 +147,13 @@
   2.131  done
   2.132  
   2.133  lemma Putfield_correct:
   2.134 -"\<lbrakk> wf_prog wt G;
   2.135 +"[| wf_prog wt G;
   2.136    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.137    ins!pc = Putfield F D; 
   2.138    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.139    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.140 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.141 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.142 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.143 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.144  apply (clarsimp simp add: defs1 raise_xcpt_def split: option.split List.split)
   2.145  apply (clarsimp simp add: approx_val_def)
   2.146  apply (frule conf_widen)
   2.147 @@ -174,13 +174,13 @@
   2.148    by fast
   2.149  
   2.150  lemma New_correct:
   2.151 -"\<lbrakk> wf_prog wt G;
   2.152 +"[| wf_prog wt G;
   2.153    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.154    ins!pc = New cl_idx; 
   2.155    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.156    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.157 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.158 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.159 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.160 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.161  apply (clarsimp simp add: NT_subtype_conv approx_val_def conf_def
   2.162  		   fun_upd_apply map_eq_Cons is_class_def raise_xcpt_def init_vars_def defs1 
   2.163         split: option.split)
   2.164 @@ -199,13 +199,13 @@
   2.165  lemmas [simp del] = split_paired_Ex
   2.166  
   2.167  lemma Invoke_correct:
   2.168 -"\<lbrakk> wt_jvm_prog G phi; 
   2.169 +"[| wt_jvm_prog G phi; 
   2.170    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.171    ins ! pc = Invoke C' mn pTs; 
   2.172    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.173    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.174 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.175 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>" 
   2.176 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.177 +==> G,phi \<turnstile>JVM state'\<surd>" 
   2.178  proof -
   2.179    assume wtprog: "wt_jvm_prog G phi"
   2.180    assume method: "method (G,C) sig = Some (C,rT,maxl,ins)"
   2.181 @@ -282,7 +282,7 @@
   2.182      by simp
   2.183  
   2.184    with state' method ins 
   2.185 -  have Null_ok: "oX = Null \<Longrightarrow> ?thesis"
   2.186 +  have Null_ok: "oX = Null ==> ?thesis"
   2.187      by (simp add: correct_state_def raise_xcpt_def)
   2.188    
   2.189    { fix ref
   2.190 @@ -434,13 +434,13 @@
   2.191  lemmas [simp del] = map_append
   2.192  
   2.193  lemma Return_correct:
   2.194 -"\<lbrakk> wt_jvm_prog G phi;  
   2.195 +"[| wt_jvm_prog G phi;  
   2.196    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.197    ins ! pc = Return; 
   2.198    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.199    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.200 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.201 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.202 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.203 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.204  apply (clarsimp simp add: neq_Nil_conv defs1 split: split_if_asm)
   2.205  apply (frule wt_jvm_prog_impl_wt_instr)
   2.206  apply (assumption, erule Suc_lessD)
   2.207 @@ -455,102 +455,102 @@
   2.208  lemmas [simp] = map_append
   2.209  
   2.210  lemma Goto_correct:
   2.211 -"\<lbrakk> wf_prog wt G; 
   2.212 +"[| wf_prog wt G; 
   2.213    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.214    ins ! pc = Goto branch; 
   2.215    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.216    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.217 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.218 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.219 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.220 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.221  apply (clarsimp simp add: defs1)
   2.222  apply (fast intro: approx_loc_imp_approx_loc_sup approx_stk_imp_approx_stk_sup)
   2.223  done
   2.224  
   2.225  
   2.226  lemma Ifcmpeq_correct:
   2.227 -"\<lbrakk> wf_prog wt G; 
   2.228 +"[| wf_prog wt G; 
   2.229    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.230    ins ! pc = Ifcmpeq branch; 
   2.231    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.232    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.233 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.234 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.235 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.236 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.237  apply (clarsimp simp add: defs1)
   2.238  apply (fast intro: approx_loc_imp_approx_loc_sup approx_stk_imp_approx_stk_sup)
   2.239  done
   2.240  
   2.241  lemma Pop_correct:
   2.242 -"\<lbrakk> wf_prog wt G; 
   2.243 +"[| wf_prog wt G; 
   2.244    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.245    ins ! pc = Pop;
   2.246    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.247    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.248 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.249 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.250 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.251 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.252  apply (clarsimp simp add: defs1)
   2.253  apply (fast intro: approx_loc_imp_approx_loc_sup approx_stk_imp_approx_stk_sup)
   2.254  done
   2.255  
   2.256  lemma Dup_correct:
   2.257 -"\<lbrakk> wf_prog wt G; 
   2.258 +"[| wf_prog wt G; 
   2.259    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.260    ins ! pc = Dup;
   2.261    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.262    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.263 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.264 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.265 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.266 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.267  apply (clarsimp simp add: defs1 map_eq_Cons)
   2.268  apply (force intro: approx_stk_imp_approx_stk_sup approx_val_imp_approx_val_sup approx_loc_imp_approx_loc_sup
   2.269               simp add: defs1 map_eq_Cons)
   2.270  done
   2.271  
   2.272  lemma Dup_x1_correct:
   2.273 -"\<lbrakk> wf_prog wt G; 
   2.274 +"[| wf_prog wt G; 
   2.275    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.276    ins ! pc = Dup_x1;
   2.277    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.278    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.279 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.280 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.281 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.282 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.283  apply (clarsimp simp add: defs1 map_eq_Cons)
   2.284  apply (force intro: approx_stk_imp_approx_stk_sup approx_val_imp_approx_val_sup approx_loc_imp_approx_loc_sup
   2.285               simp add: defs1 map_eq_Cons)
   2.286  done
   2.287  
   2.288  lemma Dup_x2_correct:
   2.289 -"\<lbrakk> wf_prog wt G; 
   2.290 +"[| wf_prog wt G; 
   2.291    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.292    ins ! pc = Dup_x2;
   2.293    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.294    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.295 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.296 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.297 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.298 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.299  apply (clarsimp simp add: defs1 map_eq_Cons)
   2.300  apply (force intro: approx_stk_imp_approx_stk_sup approx_val_imp_approx_val_sup approx_loc_imp_approx_loc_sup
   2.301               simp add: defs1 map_eq_Cons)
   2.302  done
   2.303  
   2.304  lemma Swap_correct:
   2.305 -"\<lbrakk> wf_prog wt G; 
   2.306 +"[| wf_prog wt G; 
   2.307    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.308    ins ! pc = Swap;
   2.309    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.310    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.311 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.312 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.313 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.314 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.315  apply (clarsimp simp add: defs1 map_eq_Cons)
   2.316  apply (force intro: approx_stk_imp_approx_stk_sup approx_val_imp_approx_val_sup approx_loc_imp_approx_loc_sup
   2.317               simp add: defs1 map_eq_Cons)
   2.318  done
   2.319  
   2.320  lemma IAdd_correct:
   2.321 -"\<lbrakk> wf_prog wt G; 
   2.322 +"[| wf_prog wt G; 
   2.323    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.324    ins ! pc = IAdd; 
   2.325    wt_instr (ins!pc) G rT (phi C sig) (length ins) pc; 
   2.326    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs) ; 
   2.327 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.328 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.329 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.330 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.331  apply (clarsimp simp add: defs1 map_eq_Cons approx_val_def conf_def)
   2.332  apply (blast intro: approx_stk_imp_approx_stk_sup approx_val_imp_approx_val_sup approx_loc_imp_approx_loc_sup)
   2.333  done
   2.334 @@ -559,11 +559,11 @@
   2.335  (** instr correct **)
   2.336  
   2.337  lemma instr_correct:
   2.338 -"\<lbrakk> wt_jvm_prog G phi; 
   2.339 +"[| wt_jvm_prog G phi; 
   2.340    method (G,C) sig = Some (C,rT,maxl,ins); 
   2.341    Some state' = exec (G, None, hp, (stk,loc,C,sig,pc)#frs); 
   2.342 -  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> \<rbrakk> 
   2.343 -\<Longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.344 +  G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> |] 
   2.345 +==> G,phi \<turnstile>JVM state'\<surd>"
   2.346  apply (frule wt_jvm_prog_impl_wt_instr_cor)
   2.347  apply assumption+
   2.348  apply (cases "ins!pc")
   2.349 @@ -583,13 +583,13 @@
   2.350  
   2.351  lemma correct_state_impl_Some_method:
   2.352    "G,phi \<turnstile>JVM (None, hp, (stk,loc,C,sig,pc)#frs)\<surd> 
   2.353 -  \<Longrightarrow> \<exists>meth. method (G,C) sig = Some(C,meth)"
   2.354 +  ==> \<exists>meth. method (G,C) sig = Some(C,meth)"
   2.355  by (auto simp add: correct_state_def Let_def)
   2.356  
   2.357  
   2.358  lemma BV_correct_1 [rule_format]:
   2.359 -"\<And>state. \<lbrakk> wt_jvm_prog G phi; G,phi \<turnstile>JVM state\<surd>\<rbrakk> 
   2.360 - \<Longrightarrow> exec (G,state) = Some state' \<longrightarrow> G,phi \<turnstile>JVM state'\<surd>"
   2.361 +"!!state. [| wt_jvm_prog G phi; G,phi \<turnstile>JVM state\<surd>|] 
   2.362 + ==> exec (G,state) = Some state' --> G,phi \<turnstile>JVM state'\<surd>"
   2.363  apply (simp only: split_tupled_all)
   2.364  apply (rename_tac xp hp frs)
   2.365  apply (case_tac xp)
   2.366 @@ -605,12 +605,12 @@
   2.367  
   2.368  
   2.369  lemma L0:
   2.370 -  "\<lbrakk> xp=None; frs\<noteq>[] \<rbrakk> \<Longrightarrow> (\<exists>state'. exec (G,xp,hp,frs) = Some state')"
   2.371 +  "[| xp=None; frs\<noteq>[] |] ==> (\<exists>state'. exec (G,xp,hp,frs) = Some state')"
   2.372  by (clarsimp simp add: neq_Nil_conv simp del: split_paired_Ex)
   2.373  
   2.374  lemma L1:
   2.375 -  "\<lbrakk>wt_jvm_prog G phi; G,phi \<turnstile>JVM (xp,hp,frs)\<surd>; xp=None; frs\<noteq>[]\<rbrakk> 
   2.376 -  \<Longrightarrow> \<exists>state'. exec(G,xp,hp,frs) = Some state' \<and> G,phi \<turnstile>JVM state'\<surd>"
   2.377 +  "[|wt_jvm_prog G phi; G,phi \<turnstile>JVM (xp,hp,frs)\<surd>; xp=None; frs\<noteq>[]|] 
   2.378 +  ==> \<exists>state'. exec(G,xp,hp,frs) = Some state' \<and> G,phi \<turnstile>JVM state'\<surd>"
   2.379  apply (drule L0)
   2.380  apply assumption
   2.381  apply (fast intro: BV_correct_1)
   2.382 @@ -618,7 +618,7 @@
   2.383  
   2.384  
   2.385  theorem BV_correct [rule_format]:
   2.386 -"\<lbrakk> wt_jvm_prog G phi; G \<turnstile> s -jvm\<rightarrow> t \<rbrakk> \<Longrightarrow> G,phi \<turnstile>JVM s\<surd> \<longrightarrow> G,phi \<turnstile>JVM t\<surd>"
   2.387 +"[| wt_jvm_prog G phi; G \<turnstile> s -jvm-> t |] ==> G,phi \<turnstile>JVM s\<surd> --> G,phi \<turnstile>JVM t\<surd>"
   2.388  apply (unfold exec_all_def)
   2.389  apply (erule rtrancl_induct)
   2.390   apply simp
   2.391 @@ -627,8 +627,8 @@
   2.392  
   2.393  
   2.394  theorem BV_correct_initial:
   2.395 -"\<lbrakk> wt_jvm_prog G phi; G \<turnstile> s0 -jvm\<rightarrow> (None,hp,(stk,loc,C,sig,pc)#frs); G,phi \<turnstile>JVM s0 \<surd>\<rbrakk> 
   2.396 - \<Longrightarrow>  approx_stk G hp stk (fst (the (((phi  C)  sig) ! pc))) \<and> approx_loc G hp loc (snd (the (((phi  C)  sig) ! pc)))"
   2.397 +"[| wt_jvm_prog G phi; G \<turnstile> s0 -jvm-> (None,hp,(stk,loc,C,sig,pc)#frs); G,phi \<turnstile>JVM s0 \<surd>|] 
   2.398 + ==>  approx_stk G hp stk (fst (the (((phi  C)  sig) ! pc))) \<and> approx_loc G hp loc (snd (the (((phi  C)  sig) ! pc)))"
   2.399  apply (drule BV_correct)
   2.400  apply assumption+
   2.401  apply (simp add: correct_state_def correct_frame_def split_def split: option.splits)
     3.1 --- a/src/HOL/MicroJava/BV/Convert.thy	Wed Sep 20 21:20:41 2000 +0200
     3.2 +++ b/src/HOL/MicroJava/BV/Convert.thy	Thu Sep 21 10:42:49 2000 +0200
     3.3 @@ -19,51 +19,52 @@
     3.4  
     3.5  
     3.6  consts
     3.7 -  strict  :: "('a \<Rightarrow> 'b err) \<Rightarrow> ('a err \<Rightarrow> 'b err)"
     3.8 +  strict  :: "('a => 'b err) => ('a err => 'b err)"
     3.9  primrec
    3.10    "strict f Err    = Err"
    3.11    "strict f (Ok x) = f x"
    3.12  
    3.13 -consts
    3.14 -  opt_map :: "('a \<Rightarrow> 'b) \<Rightarrow> ('a option \<Rightarrow> 'b option)"
    3.15 -primrec
    3.16 -  "opt_map f None     = None"
    3.17 -  "opt_map f (Some x) = Some (f x)"
    3.18  
    3.19  consts
    3.20 -  val :: "'a err \<Rightarrow> 'a"
    3.21 +  val :: "'a err => 'a"
    3.22  primrec
    3.23    "val (Ok s) = s"
    3.24  
    3.25    
    3.26  constdefs
    3.27    (* lifts a relation to err with Err as top element *)
    3.28 -  lift_top :: "('a \<Rightarrow> 'b \<Rightarrow> bool) \<Rightarrow> ('a err \<Rightarrow> 'b err \<Rightarrow> bool)"
    3.29 -  "lift_top P a' a \<equiv> case a of 
    3.30 -                       Err  \<Rightarrow> True
    3.31 -                     | Ok t \<Rightarrow> (case a' of Err \<Rightarrow> False | Ok t' \<Rightarrow> P t' t)"
    3.32 +  lift_top :: "('a => 'b => bool) => ('a err => 'b err => bool)"
    3.33 +  "lift_top P a' a == case a of 
    3.34 +                       Err  => True
    3.35 +                     | Ok t => (case a' of Err => False | Ok t' => P t' t)"
    3.36  
    3.37    (* lifts a relation to option with None as bottom element *)
    3.38 -  lift_bottom :: "('a \<Rightarrow> 'b \<Rightarrow> bool) \<Rightarrow> ('a option \<Rightarrow> 'b option \<Rightarrow> bool)"
    3.39 -  "lift_bottom P a' a \<equiv> case a' of 
    3.40 -                          None    \<Rightarrow> True 
    3.41 -                        | Some t' \<Rightarrow> (case a of None \<Rightarrow> False | Some t \<Rightarrow> P t' t)"
    3.42 +  lift_bottom :: "('a => 'b => bool) => ('a option => 'b option => bool)"
    3.43 +  "lift_bottom P a' a == case a' of 
    3.44 +                          None    => True 
    3.45 +                        | Some t' => (case a of None => False | Some t => P t' t)"
    3.46  
    3.47 -  sup_ty_opt :: "['code prog,ty err,ty err] \<Rightarrow> bool" ("_ \<turnstile>_ <=o _")
    3.48 -  "sup_ty_opt G \<equiv> lift_top (\<lambda>t t'. G \<turnstile> t \<preceq> t')"
    3.49 +  sup_ty_opt :: "['code prog,ty err,ty err] => bool" ("_ \<turnstile> _ <=o _" [71,71] 70)
    3.50 +  "sup_ty_opt G == lift_top (\<lambda>t t'. G \<turnstile> t \<preceq> t')"
    3.51 +
    3.52 +  sup_loc :: "['code prog,locvars_type,locvars_type] => bool" 
    3.53 +              ("_ \<turnstile> _ <=l _"  [71,71] 70)
    3.54 +  "G \<turnstile> LT <=l LT' == list_all2 (\<lambda>t t'. (G \<turnstile> t <=o t')) LT LT'"
    3.55  
    3.56 -  sup_loc :: "['code prog,locvars_type,locvars_type] \<Rightarrow> bool" 
    3.57 -             ("_ \<turnstile> _ <=l _"  [71,71] 70)
    3.58 -  "G \<turnstile> LT <=l LT' \<equiv> list_all2 (\<lambda>t t'. (G \<turnstile> t <=o t')) LT LT'"
    3.59 -
    3.60 -  sup_state :: "['code prog,state_type,state_type] \<Rightarrow> bool"	  
    3.61 +  sup_state :: "['code prog,state_type,state_type] => bool"	  
    3.62                 ("_ \<turnstile> _ <=s _"  [71,71] 70)
    3.63 -  "G \<turnstile> s <=s s' \<equiv> (G \<turnstile> map Ok (fst s) <=l map Ok (fst s')) \<and> G \<turnstile> snd s <=l snd s'"
    3.64 +  "G \<turnstile> s <=s s' == (G \<turnstile> map Ok (fst s) <=l map Ok (fst s')) \<and> G \<turnstile> snd s <=l snd s'"
    3.65 +
    3.66 +  sup_state_opt :: "['code prog,state_type option,state_type option] => bool" 
    3.67 +                   ("_ \<turnstile> _ <=' _"  [71,71] 70)
    3.68 +  "sup_state_opt G == lift_bottom (\<lambda>t t'. G \<turnstile> t <=s t')"
    3.69  
    3.70 -  sup_state_opt :: "['code prog,state_type option,state_type option] \<Rightarrow> bool" 
    3.71 -                   ("_ \<turnstile> _ <=' _"  [71,71] 70)
    3.72 -  "sup_state_opt G \<equiv> lift_bottom (\<lambda>t t'. G \<turnstile> t <=s t')"
    3.73 -
    3.74 +syntax (HTML output) 
    3.75 +  sup_ty_opt :: "['code prog,ty err,ty err] => bool" ("_ |- _ <=o _")
    3.76 +  sup_loc :: "['code prog,locvars_type,locvars_type] => bool" ("_ |- _ <=l _"  [71,71] 70)
    3.77 +  sup_state :: "['code prog,state_type,state_type] => bool"	("_ |- _ <=s _"  [71,71] 70)
    3.78 +  sup_state_opt :: "['code prog,state_type option,state_type option] => bool" ("_ |- _ <=' _"  [71,71] 70)
    3.79 +                   
    3.80  
    3.81  lemma not_Err_eq [iff]:
    3.82    "(x \<noteq> Err) = (\<exists>a. x = Ok a)" 
    3.83 @@ -223,7 +224,7 @@
    3.84    by (simp add: sup_ty_opt_def)
    3.85  
    3.86  theorem sup_ty_opt_Ok:
    3.87 -  "G \<turnstile> a <=o (Ok b) \<Longrightarrow> \<exists> x. a = Ok x"
    3.88 +  "G \<turnstile> a <=o (Ok b) ==> \<exists> x. a = Ok x"
    3.89    by (clarsimp simp add: sup_ty_opt_def)
    3.90  
    3.91  lemma widen_PrimT_conv1 [simp]:
    3.92 @@ -250,10 +251,10 @@
    3.93  
    3.94  
    3.95  theorem sup_loc_length:
    3.96 -  "G \<turnstile> a <=l b \<Longrightarrow> length a = length b"
    3.97 +  "G \<turnstile> a <=l b ==> length a = length b"
    3.98  proof -
    3.99    assume G: "G \<turnstile> a <=l b"
   3.100 -  have "\<forall> b. (G \<turnstile> a <=l b) \<longrightarrow> length a = length b"
   3.101 +  have "\<forall> b. (G \<turnstile> a <=l b) --> length a = length b"
   3.102      by (induct a, auto)
   3.103    with G
   3.104    show ?thesis by blast
   3.105 @@ -263,7 +264,7 @@
   3.106    "[| G \<turnstile> a <=l b; n < length a |] ==> G \<turnstile> (a!n) <=o (b!n)"
   3.107  proof -
   3.108    assume a: "G \<turnstile> a <=l b" "n < length a"
   3.109 -  have "\<forall> n b. (G \<turnstile> a <=l b) \<longrightarrow> n < length a \<longrightarrow> (G \<turnstile> (a!n) <=o (b!n))"
   3.110 +  have "\<forall> n b. (G \<turnstile> a <=l b) --> n < length a --> (G \<turnstile> (a!n) <=o (b!n))"
   3.111      (is "?P a")
   3.112    proof (induct a)
   3.113      show "?P []" by simp
   3.114 @@ -285,7 +286,7 @@
   3.115  
   3.116  
   3.117  theorem all_nth_sup_loc:
   3.118 -  "\<forall>b. length a = length b \<longrightarrow> (\<forall> n. n < length a \<longrightarrow> (G \<turnstile> (a!n) <=o (b!n))) \<longrightarrow> 
   3.119 +  "\<forall>b. length a = length b --> (\<forall> n. n < length a --> (G \<turnstile> (a!n) <=o (b!n))) --> 
   3.120         (G \<turnstile> a <=l b)" (is "?P a")
   3.121  proof (induct a)
   3.122    show "?P []" by simp
   3.123 @@ -295,14 +296,14 @@
   3.124    show "?P (l#ls)"
   3.125    proof (intro strip)
   3.126      fix b
   3.127 -    assume f: "\<forall>n. n < length (l # ls) \<longrightarrow> (G \<turnstile> ((l # ls) ! n) <=o (b ! n))"
   3.128 +    assume f: "\<forall>n. n < length (l # ls) --> (G \<turnstile> ((l # ls) ! n) <=o (b ! n))"
   3.129      assume l: "length (l#ls) = length b"
   3.130      
   3.131      then obtain b' bs where b: "b = b'#bs"
   3.132        by - (cases b, simp, simp add: neq_Nil_conv, rule that)
   3.133  
   3.134      with f
   3.135 -    have "\<forall>n. n < length ls \<longrightarrow> (G \<turnstile> (ls!n) <=o (bs!n))"
   3.136 +    have "\<forall>n. n < length ls --> (G \<turnstile> (ls!n) <=o (bs!n))"
   3.137        by auto
   3.138  
   3.139      with f b l IH
   3.140 @@ -318,7 +319,7 @@
   3.141  proof -
   3.142    assume l: "length a = length b"
   3.143  
   3.144 -  have "\<forall>b. length a = length b \<longrightarrow> (G \<turnstile> (a@x) <=l (b@y)) = ((G \<turnstile> a <=l b) \<and> 
   3.145 +  have "\<forall>b. length a = length b --> (G \<turnstile> (a@x) <=l (b@y)) = ((G \<turnstile> a <=l b) \<and> 
   3.146              (G \<turnstile> x <=l y))" (is "?P a") 
   3.147    proof (induct a)
   3.148      show "?P []" by simp
   3.149 @@ -384,7 +385,7 @@
   3.150  
   3.151  
   3.152  theorem sup_loc_update [rule_format]:
   3.153 -  "\<forall> n y. (G \<turnstile> a <=o b) \<longrightarrow> n < length y \<longrightarrow> (G \<turnstile> x <=l y) \<longrightarrow> 
   3.154 +  "\<forall> n y. (G \<turnstile> a <=o b) --> n < length y --> (G \<turnstile> x <=l y) --> 
   3.155            (G \<turnstile> x[n := a] <=l y[n := b])" (is "?P x")
   3.156  proof (induct x)
   3.157    show "?P []" by simp
   3.158 @@ -427,7 +428,7 @@
   3.159    by (auto simp add: sup_state_def map_eq_Cons sup_loc_Cons2)
   3.160  
   3.161  theorem sup_state_ignore_fst:  
   3.162 -  "G \<turnstile> (a, x) <=s (b, y) \<Longrightarrow> G \<turnstile> (c, x) <=s (c, y)"
   3.163 +  "G \<turnstile> (a, x) <=s (b, y) ==> G \<turnstile> (c, x) <=s (c, y)"
   3.164    by (simp add: sup_state_def)
   3.165  
   3.166  theorem sup_state_rev_fst:
   3.167 @@ -460,15 +461,15 @@
   3.168  
   3.169  
   3.170  theorem sup_ty_opt_trans [trans]:
   3.171 -  "\<lbrakk>G \<turnstile> a <=o b; G \<turnstile> b <=o c\<rbrakk> \<Longrightarrow> G \<turnstile> a <=o c"
   3.172 +  "[|G \<turnstile> a <=o b; G \<turnstile> b <=o c|] ==> G \<turnstile> a <=o c"
   3.173    by (auto intro: lift_top_trans widen_trans simp add: sup_ty_opt_def)
   3.174  
   3.175  theorem sup_loc_trans [trans]:
   3.176 -  "\<lbrakk>G \<turnstile> a <=l b; G \<turnstile> b <=l c\<rbrakk> \<Longrightarrow> G \<turnstile> a <=l c"
   3.177 +  "[|G \<turnstile> a <=l b; G \<turnstile> b <=l c|] ==> G \<turnstile> a <=l c"
   3.178  proof -
   3.179    assume G: "G \<turnstile> a <=l b" "G \<turnstile> b <=l c"
   3.180   
   3.181 -  hence "\<forall> n. n < length a \<longrightarrow> (G \<turnstile> (a!n) <=o (c!n))"
   3.182 +  hence "\<forall> n. n < length a --> (G \<turnstile> (a!n) <=o (c!n))"
   3.183    proof (intro strip)
   3.184      fix n 
   3.185      assume n: "n < length a"
   3.186 @@ -490,11 +491,11 @@
   3.187    
   3.188  
   3.189  theorem sup_state_trans [trans]:
   3.190 -  "\<lbrakk>G \<turnstile> a <=s b; G \<turnstile> b <=s c\<rbrakk> \<Longrightarrow> G \<turnstile> a <=s c"
   3.191 +  "[|G \<turnstile> a <=s b; G \<turnstile> b <=s c|] ==> G \<turnstile> a <=s c"
   3.192    by (auto intro: sup_loc_trans simp add: sup_state_def)
   3.193  
   3.194  theorem sup_state_opt_trans [trans]:
   3.195 -  "\<lbrakk>G \<turnstile> a <=' b; G \<turnstile> b <=' c\<rbrakk> \<Longrightarrow> G \<turnstile> a <=' c"
   3.196 +  "[|G \<turnstile> a <=' b; G \<turnstile> b <=' c|] ==> G \<turnstile> a <=' c"
   3.197    by (auto intro: lift_bottom_trans sup_state_trans simp add: sup_state_opt_def)
   3.198  
   3.199  
     4.1 --- a/src/HOL/MicroJava/BV/Correct.thy	Wed Sep 20 21:20:41 2000 +0200
     4.2 +++ b/src/HOL/MicroJava/BV/Correct.thy	Thu Sep 21 10:42:49 2000 +0200
     4.3 @@ -11,26 +11,26 @@
     4.4  theory Correct = BVSpec:
     4.5  
     4.6  constdefs
     4.7 - approx_val :: "[jvm_prog,aheap,val,ty err] \<Rightarrow> bool"
     4.8 -"approx_val G h v any \<equiv> case any of Err \<Rightarrow> True | Ok T \<Rightarrow> G,h\<turnstile>v\<Colon>\<preceq>T"
     4.9 + approx_val :: "[jvm_prog,aheap,val,ty err] => bool"
    4.10 +"approx_val G h v any == case any of Err => True | Ok T => G,h\<turnstile>v::\<preceq>T"
    4.11  
    4.12 - approx_loc :: "[jvm_prog,aheap,val list,locvars_type] \<Rightarrow> bool"
    4.13 -"approx_loc G hp loc LT \<equiv> list_all2 (approx_val G hp) loc LT"
    4.14 + approx_loc :: "[jvm_prog,aheap,val list,locvars_type] => bool"
    4.15 +"approx_loc G hp loc LT == list_all2 (approx_val G hp) loc LT"
    4.16  
    4.17 - approx_stk :: "[jvm_prog,aheap,opstack,opstack_type] \<Rightarrow> bool"
    4.18 -"approx_stk G hp stk ST \<equiv> approx_loc G hp stk (map Ok ST)"
    4.19 + approx_stk :: "[jvm_prog,aheap,opstack,opstack_type] => bool"
    4.20 +"approx_stk G hp stk ST == approx_loc G hp stk (map Ok ST)"
    4.21  
    4.22 - correct_frame  :: "[jvm_prog,aheap,state_type,nat,bytecode] \<Rightarrow> frame \<Rightarrow> bool"
    4.23 -"correct_frame G hp \<equiv> \<lambda>(ST,LT) maxl ins (stk,loc,C,sig,pc).
    4.24 + correct_frame  :: "[jvm_prog,aheap,state_type,nat,bytecode] => frame => bool"
    4.25 +"correct_frame G hp == \<lambda>(ST,LT) maxl ins (stk,loc,C,sig,pc).
    4.26     approx_stk G hp stk ST  \<and> approx_loc G hp loc LT \<and> 
    4.27     pc < length ins \<and> length loc=length(snd sig)+maxl+1"
    4.28  
    4.29 - correct_frame_opt :: "[jvm_prog,aheap,state_type option,nat,bytecode] \<Rightarrow> frame \<Rightarrow> bool"
    4.30 -"correct_frame_opt G hp s \<equiv> case s of None \<Rightarrow> \<lambda>maxl ins f. False | Some t \<Rightarrow> correct_frame G hp t"
    4.31 + correct_frame_opt :: "[jvm_prog,aheap,state_type option,nat,bytecode] => frame => bool"
    4.32 +"correct_frame_opt G hp s == case s of None => \<lambda>maxl ins f. False | Some t => correct_frame G hp t"
    4.33  
    4.34  
    4.35  consts
    4.36 - correct_frames  :: "[jvm_prog,aheap,prog_type,ty,sig,frame list] \<Rightarrow> bool"
    4.37 + correct_frames  :: "[jvm_prog,aheap,prog_type,ty,sig,frame list] => bool"
    4.38  primrec
    4.39  "correct_frames G hp phi rT0 sig0 [] = True"
    4.40  
    4.41 @@ -52,13 +52,13 @@
    4.42  
    4.43  
    4.44  constdefs
    4.45 - correct_state :: "[jvm_prog,prog_type,jvm_state] \<Rightarrow> bool"
    4.46 + correct_state :: "[jvm_prog,prog_type,jvm_state] => bool"
    4.47                    ("_,_\<turnstile>JVM _\<surd>"  [51,51] 50)
    4.48 -"correct_state G phi \<equiv> \<lambda>(xp,hp,frs).
    4.49 +"correct_state G phi == \<lambda>(xp,hp,frs).
    4.50     case xp of
    4.51 -     None \<Rightarrow> (case frs of
    4.52 -	           [] \<Rightarrow> True
    4.53 -             | (f#fs) \<Rightarrow> G\<turnstile>h hp\<surd> \<and>
    4.54 +     None => (case frs of
    4.55 +	           [] => True
    4.56 +             | (f#fs) => G\<turnstile>h hp\<surd> \<and>
    4.57  			(let (stk,loc,C,sig,pc) = f
    4.58  		         in
    4.59                           \<exists>rT maxl ins s.
    4.60 @@ -66,11 +66,11 @@
    4.61                           phi C sig ! pc = Some s \<and>
    4.62  			 correct_frame G hp s maxl ins f \<and> 
    4.63  		         correct_frames G hp phi rT sig fs))
    4.64 -   | Some x \<Rightarrow> True" 
    4.65 +   | Some x => True" 
    4.66  
    4.67  
    4.68  lemma sup_heap_newref:
    4.69 -  "hp x = None \<Longrightarrow> hp \<le>| hp(newref hp \<mapsto> obj)"
    4.70 +  "hp x = None ==> hp \<le>| hp(newref hp \<mapsto> obj)"
    4.71  apply (unfold hext_def)
    4.72  apply clarsimp
    4.73  apply (drule newref_None 1) back
    4.74 @@ -78,7 +78,7 @@
    4.75  .
    4.76  
    4.77  lemma sup_heap_update_value:
    4.78 -  "hp a = Some (C,od') \<Longrightarrow> hp \<le>| hp (a \<mapsto> (C,od))"
    4.79 +  "hp a = Some (C,od') ==> hp \<le>| hp (a \<mapsto> (C,od))"
    4.80  by (simp add: hext_def)
    4.81  
    4.82  
    4.83 @@ -93,29 +93,29 @@
    4.84  by (auto intro: null simp add: approx_val_def)
    4.85  
    4.86  lemma approx_val_imp_approx_val_assConvertible [rule_format]: 
    4.87 -  "wf_prog wt G \<Longrightarrow> approx_val G hp v (Ok T) \<longrightarrow> G\<turnstile> T\<preceq>T' \<longrightarrow> approx_val G hp v (Ok T')"
    4.88 +  "wf_prog wt G ==> approx_val G hp v (Ok T) --> G\<turnstile> T\<preceq>T' --> approx_val G hp v (Ok T')"
    4.89  by (cases T) (auto intro: conf_widen simp add: approx_val_def)
    4.90  
    4.91  lemma approx_val_imp_approx_val_sup_heap [rule_format]:
    4.92 -  "approx_val G hp v at \<longrightarrow> hp \<le>| hp' \<longrightarrow> approx_val G hp' v at"
    4.93 +  "approx_val G hp v at --> hp \<le>| hp' --> approx_val G hp' v at"
    4.94  apply (simp add: approx_val_def split: err.split)
    4.95  apply (blast intro: conf_hext)
    4.96  .
    4.97  
    4.98  lemma approx_val_imp_approx_val_heap_update:
    4.99 -  "\<lbrakk>hp a = Some obj'; G,hp\<turnstile> v\<Colon>\<preceq>T; obj_ty obj = obj_ty obj'\<rbrakk> 
   4.100 -  \<Longrightarrow> G,hp(a\<mapsto>obj)\<turnstile> v\<Colon>\<preceq>T"
   4.101 +  "[|hp a = Some obj'; G,hp\<turnstile> v::\<preceq>T; obj_ty obj = obj_ty obj'|] 
   4.102 +  ==> G,hp(a\<mapsto>obj)\<turnstile> v::\<preceq>T"
   4.103  by (cases v, auto simp add: obj_ty_def conf_def)
   4.104  
   4.105  lemma approx_val_imp_approx_val_sup [rule_format]:
   4.106 -  "wf_prog wt G \<Longrightarrow> (approx_val G h v us) \<longrightarrow> (G \<turnstile> us <=o us') \<longrightarrow> (approx_val G h v us')"
   4.107 +  "wf_prog wt G ==> (approx_val G h v us) --> (G \<turnstile> us <=o us') --> (approx_val G h v us')"
   4.108  apply (simp add: sup_PTS_eq approx_val_def split: err.split)
   4.109  apply (blast intro: conf_widen)
   4.110  .
   4.111  
   4.112  lemma approx_loc_imp_approx_val_sup:
   4.113 -  "\<lbrakk>wf_prog wt G; approx_loc G hp loc LT; idx < length LT; v = loc!idx; G \<turnstile> LT!idx <=o at\<rbrakk>
   4.114 -  \<Longrightarrow> approx_val G hp v at"
   4.115 +  "[|wf_prog wt G; approx_loc G hp loc LT; idx < length LT; v = loc!idx; G \<turnstile> LT!idx <=o at|]
   4.116 +  ==> approx_val G hp v at"
   4.117  apply (unfold approx_loc_def)
   4.118  apply (unfold list_all2_def)
   4.119  apply (auto intro: approx_val_imp_approx_val_sup simp add: split_def all_set_conv_all_nth)
   4.120 @@ -129,8 +129,8 @@
   4.121  by (simp add: approx_loc_def)
   4.122  
   4.123  lemma assConv_approx_stk_imp_approx_loc [rule_format]:
   4.124 -  "wf_prog wt G \<Longrightarrow> (\<forall>tt'\<in>set (zip tys_n ts). tt' \<in> widen G) 
   4.125 -  \<longrightarrow> length tys_n = length ts \<longrightarrow> approx_stk G hp s tys_n \<longrightarrow> 
   4.126 +  "wf_prog wt G ==> (\<forall>tt'\<in>set (zip tys_n ts). tt' \<in> widen G) 
   4.127 +  --> length tys_n = length ts --> approx_stk G hp s tys_n --> 
   4.128    approx_loc G hp s (map Ok ts)"
   4.129  apply (unfold approx_stk_def approx_loc_def list_all2_def)
   4.130  apply (clarsimp simp add: all_set_conv_all_nth)
   4.131 @@ -140,7 +140,7 @@
   4.132  
   4.133  
   4.134  lemma approx_loc_imp_approx_loc_sup_heap [rule_format]:
   4.135 -  "\<forall>lvars. approx_loc G hp lvars lt \<longrightarrow> hp \<le>| hp' \<longrightarrow> approx_loc G hp' lvars lt"
   4.136 +  "\<forall>lvars. approx_loc G hp lvars lt --> hp \<le>| hp' --> approx_loc G hp' lvars lt"
   4.137  apply (unfold approx_loc_def list_all2_def)
   4.138  apply (cases lt)
   4.139   apply simp
   4.140 @@ -150,7 +150,7 @@
   4.141  .
   4.142  
   4.143  lemma approx_loc_imp_approx_loc_sup [rule_format]:
   4.144 -  "wf_prog wt G \<Longrightarrow> approx_loc G hp lvars lt \<longrightarrow> G \<turnstile> lt <=l lt' \<longrightarrow> approx_loc G hp lvars lt'"
   4.145 +  "wf_prog wt G ==> approx_loc G hp lvars lt --> G \<turnstile> lt <=l lt' --> approx_loc G hp lvars lt'"
   4.146  apply (unfold sup_loc_def approx_loc_def list_all2_def)
   4.147  apply (auto simp add: all_set_conv_all_nth)
   4.148  apply (auto elim: approx_val_imp_approx_val_sup)
   4.149 @@ -158,8 +158,8 @@
   4.150  
   4.151  
   4.152  lemma approx_loc_imp_approx_loc_subst [rule_format]:
   4.153 -  "\<forall>loc idx x X. (approx_loc G hp loc LT) \<longrightarrow> (approx_val G hp x X) 
   4.154 -  \<longrightarrow> (approx_loc G hp (loc[idx:=x]) (LT[idx:=X]))"
   4.155 +  "\<forall>loc idx x X. (approx_loc G hp loc LT) --> (approx_val G hp x X) 
   4.156 +  --> (approx_loc G hp (loc[idx:=x]) (LT[idx:=X]))"
   4.157  apply (unfold approx_loc_def list_all2_def)
   4.158  apply (auto dest: subsetD [OF set_update_subset_insert] simp add: zip_update)
   4.159  .
   4.160 @@ -168,7 +168,7 @@
   4.161  lemmas [cong] = conj_cong 
   4.162  
   4.163  lemma approx_loc_append [rule_format]:
   4.164 -  "\<forall>L1 l2 L2. length l1=length L1 \<longrightarrow> 
   4.165 +  "\<forall>L1 l2 L2. length l1=length L1 --> 
   4.166    approx_loc G hp (l1@l2) (L1@L2) = (approx_loc G hp l1 L1 \<and> approx_loc G hp l2 L2)"
   4.167  apply (unfold approx_loc_def list_all2_def)
   4.168  apply simp
   4.169 @@ -192,12 +192,12 @@
   4.170  
   4.171  
   4.172  lemma approx_stk_imp_approx_stk_sup_heap [rule_format]:
   4.173 -  "\<forall>lvars. approx_stk G hp lvars lt \<longrightarrow> hp \<le>| hp' \<longrightarrow> approx_stk G hp' lvars lt"
   4.174 +  "\<forall>lvars. approx_stk G hp lvars lt --> hp \<le>| hp' --> approx_stk G hp' lvars lt"
   4.175  by (auto intro: approx_loc_imp_approx_loc_sup_heap simp add: approx_stk_def)
   4.176  
   4.177  lemma approx_stk_imp_approx_stk_sup [rule_format]:
   4.178 -  "wf_prog wt G \<Longrightarrow> approx_stk G hp lvars st \<longrightarrow> (G \<turnstile> map Ok st <=l (map Ok st')) 
   4.179 -  \<longrightarrow> approx_stk G hp lvars st'" 
   4.180 +  "wf_prog wt G ==> approx_stk G hp lvars st --> (G \<turnstile> map Ok st <=l (map Ok st')) 
   4.181 +  --> approx_stk G hp lvars st'" 
   4.182  by (auto intro: approx_loc_imp_approx_loc_sup simp add: approx_stk_def)
   4.183  
   4.184  lemma approx_stk_Nil [iff]:
   4.185 @@ -215,7 +215,7 @@
   4.186  by (simp add: list_all2_Cons2 approx_stk_def approx_loc_def)
   4.187  
   4.188  lemma approx_stk_append_lemma:
   4.189 -  "approx_stk G hp stk (S@ST') \<Longrightarrow>
   4.190 +  "approx_stk G hp stk (S@ST') ==>
   4.191     (\<exists>s stk'. stk = s@stk' \<and> length s = length S \<and> length stk' = length ST' \<and> 
   4.192               approx_stk G hp s S \<and> approx_stk G hp stk' ST')"
   4.193  by (simp add: list_all2_append2 approx_stk_def approx_loc_def)
   4.194 @@ -224,7 +224,7 @@
   4.195  (** oconf **)
   4.196  
   4.197  lemma correct_init_obj:
   4.198 -  "\<lbrakk>is_class G C; wf_prog wt G\<rbrakk> \<Longrightarrow> 
   4.199 +  "[|is_class G C; wf_prog wt G|] ==> 
   4.200    G,h \<turnstile> (C, map_of (map (\<lambda>(f,fT).(f,default_val fT)) (fields(G,C)))) \<surd>"
   4.201  apply (unfold oconf_def lconf_def)
   4.202  apply (simp add: map_of_map)
   4.203 @@ -233,13 +233,13 @@
   4.204  
   4.205  
   4.206  lemma oconf_imp_oconf_field_update [rule_format]:
   4.207 -  "\<lbrakk>map_of (fields (G, oT)) FD = Some T; G,hp\<turnstile>v\<Colon>\<preceq>T; G,hp\<turnstile>(oT,fs)\<surd> \<rbrakk>
   4.208 -  \<Longrightarrow> G,hp\<turnstile>(oT, fs(FD\<mapsto>v))\<surd>"
   4.209 +  "[|map_of (fields (G, oT)) FD = Some T; G,hp\<turnstile>v::\<preceq>T; G,hp\<turnstile>(oT,fs)\<surd> |]
   4.210 +  ==> G,hp\<turnstile>(oT, fs(FD\<mapsto>v))\<surd>"
   4.211  by (simp add: oconf_def lconf_def)
   4.212  
   4.213  
   4.214  lemma oconf_imp_oconf_heap_newref [rule_format]:
   4.215 -"hp x = None \<longrightarrow> G,hp\<turnstile>obj\<surd> \<longrightarrow> G,hp\<turnstile>obj'\<surd> \<longrightarrow> G,(hp(newref hp\<mapsto>obj'))\<turnstile>obj\<surd>"
   4.216 +"hp x = None --> G,hp\<turnstile>obj\<surd> --> G,hp\<turnstile>obj'\<surd> --> G,(hp(newref hp\<mapsto>obj'))\<turnstile>obj\<surd>"
   4.217  apply (unfold oconf_def lconf_def)
   4.218  apply simp
   4.219  apply (fast intro: conf_hext sup_heap_newref)
   4.220 @@ -247,8 +247,8 @@
   4.221  
   4.222  
   4.223  lemma oconf_imp_oconf_heap_update [rule_format]:
   4.224 -  "hp a = Some obj' \<longrightarrow> obj_ty obj' = obj_ty obj'' \<longrightarrow> G,hp\<turnstile>obj\<surd> 
   4.225 -  \<longrightarrow> G,hp(a\<mapsto>obj'')\<turnstile>obj\<surd>"
   4.226 +  "hp a = Some obj' --> obj_ty obj' = obj_ty obj'' --> G,hp\<turnstile>obj\<surd> 
   4.227 +  --> G,hp(a\<mapsto>obj'')\<turnstile>obj\<surd>"
   4.228  apply (unfold oconf_def lconf_def)
   4.229  apply simp
   4.230  apply (force intro: approx_val_imp_approx_val_heap_update)
   4.231 @@ -259,14 +259,14 @@
   4.232  
   4.233  
   4.234  lemma hconf_imp_hconf_newref [rule_format]:
   4.235 -  "hp x = None \<longrightarrow> G\<turnstile>h hp\<surd> \<longrightarrow> G,hp\<turnstile>obj\<surd> \<longrightarrow> G\<turnstile>h hp(newref hp\<mapsto>obj)\<surd>"
   4.236 +  "hp x = None --> G\<turnstile>h hp\<surd> --> G,hp\<turnstile>obj\<surd> --> G\<turnstile>h hp(newref hp\<mapsto>obj)\<surd>"
   4.237  apply (simp add: hconf_def)
   4.238  apply (fast intro: oconf_imp_oconf_heap_newref)
   4.239  .
   4.240  
   4.241  lemma hconf_imp_hconf_field_update [rule_format]:
   4.242    "map_of (fields (G, oT)) (F, D) = Some T \<and> hp oloc = Some(oT,fs) \<and> 
   4.243 -  G,hp\<turnstile>v\<Colon>\<preceq>T \<and> G\<turnstile>h hp\<surd> \<longrightarrow> G\<turnstile>h hp(oloc \<mapsto> (oT, fs((F,D)\<mapsto>v)))\<surd>"
   4.244 +  G,hp\<turnstile>v::\<preceq>T \<and> G\<turnstile>h hp\<surd> --> G\<turnstile>h hp(oloc \<mapsto> (oT, fs((F,D)\<mapsto>v)))\<surd>"
   4.245  apply (simp add: hconf_def)
   4.246  apply (force intro: oconf_imp_oconf_heap_update oconf_imp_oconf_field_update 
   4.247               simp add: obj_ty_def)
   4.248 @@ -277,10 +277,10 @@
   4.249  lemmas [simp del] = fun_upd_apply
   4.250  
   4.251  lemma correct_frames_imp_correct_frames_field_update [rule_format]:
   4.252 -  "\<forall>rT C sig. correct_frames G hp phi rT sig frs \<longrightarrow> 
   4.253 -  hp a = Some (C,od) \<longrightarrow> map_of (fields (G, C)) fl = Some fd \<longrightarrow> 
   4.254 -  G,hp\<turnstile>v\<Colon>\<preceq>fd 
   4.255 -  \<longrightarrow> correct_frames G (hp(a \<mapsto> (C, od(fl\<mapsto>v)))) phi rT sig frs";
   4.256 +  "\<forall>rT C sig. correct_frames G hp phi rT sig frs --> 
   4.257 +  hp a = Some (C,od) --> map_of (fields (G, C)) fl = Some fd --> 
   4.258 +  G,hp\<turnstile>v::\<preceq>fd 
   4.259 +  --> correct_frames G (hp(a \<mapsto> (C, od(fl\<mapsto>v)))) phi rT sig frs";
   4.260  apply (induct frs)
   4.261   apply simp
   4.262  apply (clarsimp simp add: correct_frame_def) (*takes long*)
   4.263 @@ -300,8 +300,8 @@
   4.264  .
   4.265  
   4.266  lemma correct_frames_imp_correct_frames_newref [rule_format]:
   4.267 -  "\<forall>rT C sig. hp x = None \<longrightarrow> correct_frames G hp phi rT sig frs \<and> oconf G hp obj 
   4.268 -  \<longrightarrow> correct_frames G (hp(newref hp \<mapsto> obj)) phi rT sig frs"
   4.269 +  "\<forall>rT C sig. hp x = None --> correct_frames G hp phi rT sig frs \<and> oconf G hp obj 
   4.270 +  --> correct_frames G (hp(newref hp \<mapsto> obj)) phi rT sig frs"
   4.271  apply (induct frs)
   4.272   apply simp
   4.273  apply (clarsimp simp add: correct_frame_def)
     5.1 --- a/src/HOL/MicroJava/BV/LBVComplete.thy	Wed Sep 20 21:20:41 2000 +0200
     5.2 +++ b/src/HOL/MicroJava/BV/LBVComplete.thy	Thu Sep 21 10:42:49 2000 +0200
     5.3 @@ -9,30 +9,30 @@
     5.4  theory LBVComplete = BVSpec + LBVSpec + StepMono:
     5.5  
     5.6  constdefs
     5.7 -  contains_targets :: "[instr list, certificate, method_type, p_count] \<Rightarrow> bool"
     5.8 -  "contains_targets ins cert phi pc \<equiv> 
     5.9 +  contains_targets :: "[instr list, certificate, method_type, p_count] => bool"
    5.10 +  "contains_targets ins cert phi pc == 
    5.11       \<forall>pc' \<in> set (succs (ins!pc) pc). 
    5.12 -      pc' \<noteq> pc+1 \<and> pc' < length ins \<longrightarrow> cert!pc' = phi!pc'"
    5.13 +      pc' \<noteq> pc+1 \<and> pc' < length ins --> cert!pc' = phi!pc'"
    5.14  
    5.15 -  fits :: "[instr list, certificate, method_type] \<Rightarrow> bool"
    5.16 -  "fits ins cert phi \<equiv> \<forall>pc. pc < length ins \<longrightarrow> 
    5.17 +  fits :: "[instr list, certificate, method_type] => bool"
    5.18 +  "fits ins cert phi == \<forall>pc. pc < length ins --> 
    5.19                         contains_targets ins cert phi pc \<and>
    5.20                         (cert!pc = None \<or> cert!pc = phi!pc)"
    5.21  
    5.22 -  is_target :: "[instr list, p_count] \<Rightarrow> bool" 
    5.23 -  "is_target ins pc \<equiv> 
    5.24 +  is_target :: "[instr list, p_count] => bool" 
    5.25 +  "is_target ins pc == 
    5.26       \<exists>pc'. pc \<noteq> pc'+1 \<and> pc' < length ins \<and> pc \<in> set (succs (ins!pc') pc')"
    5.27  
    5.28  
    5.29  constdefs 
    5.30 -  make_cert :: "[instr list, method_type] \<Rightarrow> certificate"
    5.31 -  "make_cert ins phi \<equiv> 
    5.32 +  make_cert :: "[instr list, method_type] => certificate"
    5.33 +  "make_cert ins phi == 
    5.34       map (\<lambda>pc. if is_target ins pc then phi!pc else None) [0..length ins(]"
    5.35  
    5.36 -  make_Cert :: "[jvm_prog, prog_type] \<Rightarrow> prog_certificate"
    5.37 -  "make_Cert G Phi \<equiv>  \<lambda> C sig.
    5.38 -     let (C,x,y,mdecls)  = \<epsilon> (Cl,x,y,mdecls). (Cl,x,y,mdecls) \<in> set G \<and> Cl = C;
    5.39 -         (sig,rT,maxl,b) = \<epsilon> (sg,rT,maxl,b). (sg,rT,maxl,b) \<in> set mdecls \<and> sg = sig
    5.40 +  make_Cert :: "[jvm_prog, prog_type] => prog_certificate"
    5.41 +  "make_Cert G Phi ==  \<lambda> C sig.
    5.42 +     let (C,x,y,mdecls)  = SOME (Cl,x,y,mdecls). (Cl,x,y,mdecls) \<in> set G \<and> Cl = C;
    5.43 +         (sig,rT,maxl,b) = SOME (sg,rT,maxl,b). (sg,rT,maxl,b) \<in> set mdecls \<and> sg = sig
    5.44       in make_cert b (Phi C sig)"
    5.45    
    5.46  
    5.47 @@ -197,14 +197,14 @@
    5.48    have app: "app (ins!pc) G rT (phi!pc)" by (simp add: wt_instr_def)
    5.49  
    5.50    from wt pc
    5.51 -  have pc': "\<And>pc'. pc' \<in> set (succs (ins!pc) pc) ==> pc' < length ins"
    5.52 +  have pc': "!!pc'. pc' \<in> set (succs (ins!pc) pc) ==> pc' < length ins"
    5.53      by (simp add: wt_instr_def)
    5.54  
    5.55    let ?s' = "step (ins!pc) G (phi!pc)"
    5.56  
    5.57    from wt fits pc
    5.58 -  have cert: "!!pc'. \<lbrakk>pc' \<in> set (succs (ins!pc) pc); pc' < max_pc; pc' \<noteq> pc+1\<rbrakk> 
    5.59 -    \<Longrightarrow> G \<turnstile> ?s' <=' cert!pc'"
    5.60 +  have cert: "!!pc'. [|pc' \<in> set (succs (ins!pc) pc); pc' < max_pc; pc' \<noteq> pc+1|] 
    5.61 +    ==> G \<turnstile> ?s' <=' cert!pc'"
    5.62      by (auto dest: fitsD simp add: wt_instr_def)     
    5.63  
    5.64    from app pc cert pc'
    5.65 @@ -324,14 +324,14 @@
    5.66  *}
    5.67  
    5.68  theorem wt_imp_wtl_inst_list:
    5.69 -"\<forall> pc. (\<forall>pc'. pc' < length all_ins \<longrightarrow> 
    5.70 -        wt_instr (all_ins ! pc') G rT phi (length all_ins) pc') \<longrightarrow>
    5.71 -       fits all_ins cert phi \<longrightarrow> 
    5.72 -       (\<exists>l. pc = length l \<and> all_ins = l@ins) \<longrightarrow>  
    5.73 -       pc < length all_ins \<longrightarrow>      
    5.74 -       (\<forall> s. (G \<turnstile> s <=' (phi!pc)) \<longrightarrow> 
    5.75 +"\<forall> pc. (\<forall>pc'. pc' < length all_ins --> 
    5.76 +        wt_instr (all_ins ! pc') G rT phi (length all_ins) pc') -->
    5.77 +       fits all_ins cert phi --> 
    5.78 +       (\<exists>l. pc = length l \<and> all_ins = l@ins) -->  
    5.79 +       pc < length all_ins -->      
    5.80 +       (\<forall> s. (G \<turnstile> s <=' (phi!pc)) --> 
    5.81               wtl_inst_list ins G rT cert (length all_ins) pc s \<noteq> Err)" 
    5.82 -(is "\<forall>pc. ?wt \<longrightarrow> ?fits \<longrightarrow> ?l pc ins \<longrightarrow> ?len pc \<longrightarrow> ?wtl pc ins"  
    5.83 +(is "\<forall>pc. ?wt --> ?fits --> ?l pc ins --> ?len pc --> ?wtl pc ins"  
    5.84   is "\<forall>pc. ?C pc ins" is "?P ins") 
    5.85  proof (induct "?P" "ins")
    5.86    case Nil
    5.87 @@ -343,7 +343,7 @@
    5.88    show "?P (i#ins')" 
    5.89    proof (intro allI impI, elim exE conjE)
    5.90      fix pc s l
    5.91 -    assume wt  : "\<forall>pc'. pc' < length all_ins \<longrightarrow> 
    5.92 +    assume wt  : "\<forall>pc'. pc' < length all_ins --> 
    5.93                          wt_instr (all_ins ! pc') G rT phi (length all_ins) pc'"
    5.94      assume fits: "fits all_ins cert phi"
    5.95      assume l   : "pc < length all_ins"
    5.96 @@ -362,7 +362,7 @@
    5.97      from Cons
    5.98      have "?C (Suc pc) ins'" by blast
    5.99      with wt fits pc
   5.100 -    have IH: "?len (Suc pc) \<longrightarrow> ?wtl (Suc pc) ins'" by auto
   5.101 +    have IH: "?len (Suc pc) --> ?wtl (Suc pc) ins'" by auto
   5.102  
   5.103      show "wtl_inst_list (i#ins') G rT cert (length all_ins) pc s \<noteq> Err" 
   5.104      proof (cases "?len (Suc pc)")
   5.105 @@ -422,20 +422,10 @@
   5.106      by (rule fits_imp_wtl_method_complete)
   5.107  qed
   5.108  
   5.109 -lemma unique_set:
   5.110 -"(a,b,c,d)\<in>set l \<longrightarrow> unique l \<longrightarrow> (a',b',c',d') \<in> set l \<longrightarrow> 
   5.111 -  a = a' \<longrightarrow> b=b' \<and> c=c' \<and> d=d'"
   5.112 -  by (induct "l") auto
   5.113 -
   5.114 -lemma unique_epsilon:
   5.115 -  "(a,b,c,d)\<in>set l \<longrightarrow> unique l \<longrightarrow> 
   5.116 -  (\<epsilon> (a',b',c',d'). (a',b',c',d') \<in> set l \<and> a'=a) = (a,b,c,d)"
   5.117 -  by (auto simp add: unique_set)
   5.118 -
   5.119  
   5.120  theorem wtl_complete: 
   5.121    "wt_jvm_prog G Phi ==> wtl_jvm_prog G (make_Cert G Phi)"
   5.122 -proof (simp only: wt_jvm_prog_def)
   5.123 +proof (unfold wt_jvm_prog_def)
   5.124  
   5.125    assume wfprog: 
   5.126      "wf_prog (\<lambda>G C (sig,rT,maxl,b). wt_method G C (snd sig) rT maxl b (Phi C sig)) G"
   5.127 @@ -449,12 +439,12 @@
   5.128               (\<forall>(sig,rT,mb)\<in>set ms. wf_mhead G sig rT \<and> 
   5.129                 (\<lambda>(maxl,b). wt_method G C (snd sig) rT maxl b (Phi C sig)) mb) \<and>
   5.130               unique ms \<and>
   5.131 -             (case sc of None \<Rightarrow> C = Object
   5.132 -              | Some D \<Rightarrow>
   5.133 +             (case sc of None => C = Object
   5.134 +              | Some D =>
   5.135                    is_class G D \<and>
   5.136                    (D, C) \<notin> (subcls1 G)^* \<and>
   5.137                    (\<forall>(sig,rT,b)\<in>set ms. 
   5.138 -                   \<forall>D' rT' b'. method (G, D) sig = Some (D', rT', b') \<longrightarrow> G\<turnstile>rT\<preceq>rT'))"
   5.139 +                   \<forall>D' rT' b'. method (G, D) sig = Some (D', rT', b') --> G\<turnstile>rT\<preceq>rT'))"
   5.140               "(a, aa, ab, b) \<in> set G"
   5.141    
   5.142      assume uG : "unique G" 
     6.1 --- a/src/HOL/MicroJava/BV/LBVCorrect.thy	Wed Sep 20 21:20:41 2000 +0200
     6.2 +++ b/src/HOL/MicroJava/BV/LBVCorrect.thy	Thu Sep 21 10:42:49 2000 +0200
     6.3 @@ -11,31 +11,31 @@
     6.4  lemmas [simp del] = split_paired_Ex split_paired_All
     6.5  
     6.6  constdefs
     6.7 -fits :: "[method_type,instr list,jvm_prog,ty,state_type option,certificate] \<Rightarrow> bool"
     6.8 -"fits phi is G rT s0 cert \<equiv> 
     6.9 -  (\<forall>pc s1. pc < length is \<longrightarrow>
    6.10 -    (wtl_inst_list (take pc is) G rT cert (length is) 0 s0 = Ok s1 \<longrightarrow>
    6.11 -    (case cert!pc of None   \<Rightarrow> phi!pc = s1
    6.12 -                   | Some t \<Rightarrow> phi!pc = Some t)))"
    6.13 +fits :: "[method_type,instr list,jvm_prog,ty,state_type option,certificate] => bool"
    6.14 +"fits phi is G rT s0 cert == 
    6.15 +  (\<forall>pc s1. pc < length is -->
    6.16 +    (wtl_inst_list (take pc is) G rT cert (length is) 0 s0 = Ok s1 -->
    6.17 +    (case cert!pc of None   => phi!pc = s1
    6.18 +                   | Some t => phi!pc = Some t)))"
    6.19  
    6.20  constdefs
    6.21 -make_phi :: "[instr list,jvm_prog,ty,state_type option,certificate] \<Rightarrow> method_type"
    6.22 -"make_phi is G rT s0 cert \<equiv> 
    6.23 +make_phi :: "[instr list,jvm_prog,ty,state_type option,certificate] => method_type"
    6.24 +"make_phi is G rT s0 cert == 
    6.25     map (\<lambda>pc. case cert!pc of 
    6.26 -               None   \<Rightarrow> val (wtl_inst_list (take pc is) G rT cert (length is) 0 s0) 
    6.27 -             | Some t \<Rightarrow> Some t) [0..length is(]"
    6.28 +               None   => val (wtl_inst_list (take pc is) G rT cert (length is) 0 s0) 
    6.29 +             | Some t => Some t) [0..length is(]"
    6.30  
    6.31  
    6.32  lemma fitsD_None:
    6.33 -  "\<lbrakk>fits phi is G rT s0 cert; pc < length is;
    6.34 +  "[|fits phi is G rT s0 cert; pc < length is;
    6.35      wtl_inst_list (take pc is) G rT cert (length is) 0 s0 = Ok s1; 
    6.36 -    cert ! pc = None\<rbrakk> \<Longrightarrow> phi!pc = s1"
    6.37 +    cert ! pc = None|] ==> phi!pc = s1"
    6.38    by (auto simp add: fits_def)
    6.39  
    6.40  lemma fitsD_Some:
    6.41 -  "\<lbrakk>fits phi is G rT s0 cert; pc < length is;
    6.42 +  "[|fits phi is G rT s0 cert; pc < length is;
    6.43      wtl_inst_list (take pc is) G rT cert (length is) 0 s0 = Ok s1; 
    6.44 -    cert ! pc = Some t\<rbrakk> \<Longrightarrow> phi!pc = Some t"
    6.45 +    cert ! pc = Some t|] ==> phi!pc = Some t"
    6.46    by (auto simp add: fits_def)
    6.47  
    6.48  lemma make_phi_Some:
    6.49 @@ -62,7 +62,7 @@
    6.50    
    6.51  lemma fits_lemma1:
    6.52    "[| wtl_inst_list is G rT cert (length is) 0 s = Ok s'; fits phi is G rT s cert |]
    6.53 -  ==> \<forall>pc t. pc < length is \<longrightarrow> cert!pc = Some t \<longrightarrow> phi!pc = Some t"
    6.54 +  ==> \<forall>pc t. pc < length is --> cert!pc = Some t --> phi!pc = Some t"
    6.55  proof (intro strip)
    6.56    fix pc t 
    6.57    assume "wtl_inst_list is G rT cert (length is) 0 s = Ok s'"
    6.58 @@ -114,11 +114,11 @@
    6.59      "wtl_cert l G rT s'' cert (length is) (Suc pc) = Ok x"
    6.60      by (auto simp add: wtl_append min_def simp del: append_take_drop_id)
    6.61  
    6.62 -  hence c1: "\<And>t. cert!Suc pc = Some t ==> G \<turnstile> s'' <=' cert!Suc pc"
    6.63 +  hence c1: "!!t. cert!Suc pc = Some t ==> G \<turnstile> s'' <=' cert!Suc pc"
    6.64      by (simp add: wtl_cert_def split: if_splits)
    6.65    moreover
    6.66    from fits pc wts
    6.67 -  have c2: "\<And>t. cert!Suc pc = Some t ==> phi!Suc pc = cert!Suc pc"
    6.68 +  have c2: "!!t. cert!Suc pc = Some t ==> phi!Suc pc = cert!Suc pc"
    6.69      by - (drule fitsD_Some, auto)
    6.70    moreover
    6.71    from fits pc wts
    6.72 @@ -150,7 +150,7 @@
    6.73  
    6.74    from fits wtl pc
    6.75    have cert_Some: 
    6.76 -    "\<And>t pc. [| pc < length is; cert!pc = Some t |] ==> phi!pc = Some t"
    6.77 +    "!!t pc. [| pc < length is; cert!pc = Some t |] ==> phi!pc = Some t"
    6.78      by (auto dest: fits_lemma1)
    6.79    
    6.80    from fits wtl pc
    6.81 @@ -236,7 +236,7 @@
    6.82      by (rule fitsD_None)
    6.83    moreover    
    6.84    from fits pc wt0
    6.85 -  have "\<And>t. cert!0 = Some t ==> phi!0 = cert!0"
    6.86 +  have "!!t. cert!0 = Some t ==> phi!0 = cert!0"
    6.87      by - (drule fitsD_Some, auto)
    6.88    moreover
    6.89    from pc
    6.90 @@ -247,7 +247,7 @@
    6.91      "wtl_cert x G rT s cert (length is) 0 = Ok s'"
    6.92      by simp (elim, rule that, simp)
    6.93    hence 
    6.94 -    "\<And>t. cert!0 = Some t ==> G \<turnstile> s <=' cert!0"
    6.95 +    "!!t. cert!0 = Some t ==> G \<turnstile> s <=' cert!0"
    6.96      by (simp add: wtl_cert_def split: if_splits)
    6.97  
    6.98    ultimately
    6.99 @@ -268,7 +268,7 @@
   6.100  
   6.101    with wtl
   6.102    have allpc:
   6.103 -    "\<forall>pc. pc < length ins \<longrightarrow> wt_instr (ins ! pc) G rT phi (length ins) pc"
   6.104 +    "\<forall>pc. pc < length ins --> wt_instr (ins ! pc) G rT phi (length ins) pc"
   6.105      by (blast intro: wtl_fits_wt)
   6.106  
   6.107    from pc wtl fits
   6.108 @@ -279,15 +279,6 @@
   6.109    show ?thesis by (auto simp add: wt_method_def)
   6.110  qed
   6.111  
   6.112 -lemma unique_set:
   6.113 -  "(a,b,c,d)\<in>set l \<longrightarrow> unique l \<longrightarrow> (a',b',c',d') \<in> set l \<longrightarrow> 
   6.114 -   a = a' \<longrightarrow> b=b' \<and> c=c' \<and> d=d'"
   6.115 -  by (induct "l") auto
   6.116 -
   6.117 -lemma unique_epsilon:
   6.118 -  "(a,b,c,d)\<in>set l \<longrightarrow> unique l \<longrightarrow> 
   6.119 -   (\<epsilon> (a',b',c',d'). (a',b',c',d') \<in> set l \<and> a'=a) = (a,b,c,d)"
   6.120 -  by (auto simp add: unique_set)
   6.121  
   6.122  theorem wtl_correct:
   6.123  "wtl_jvm_prog G cert ==> \<exists> Phi. wt_jvm_prog G Phi"
   6.124 @@ -304,9 +295,9 @@
   6.125      (is "\<exists>Phi. ?Q Phi")
   6.126    proof (intro exI)
   6.127      let "?Phi" = "\<lambda> C sig. 
   6.128 -      let (C,x,y,mdecls) = \<epsilon> (Cl,x,y,mdecls). (Cl,x,y,mdecls) \<in> set G \<and> Cl = C;
   6.129 -          (sig,rT,maxl,b) = \<epsilon> (sg,rT,maxl,b). (sg,rT,maxl,b) \<in> set mdecls \<and> sg = sig
   6.130 -      in \<epsilon> phi. wt_method G C (snd sig) rT maxl b phi"
   6.131 +      let (C,x,y,mdecls) = SOME (Cl,x,y,mdecls). (Cl,x,y,mdecls) \<in> set G \<and> Cl = C;
   6.132 +          (sig,rT,maxl,b) = SOME (sg,rT,maxl,b). (sg,rT,maxl,b) \<in> set mdecls \<and> sg = sig
   6.133 +      in SOME phi. wt_method G C (snd sig) rT maxl b phi"
   6.134      from wtl_prog
   6.135      show "?Q ?Phi"
   6.136      proof (unfold wf_cdecl_def, intro)
   6.137 @@ -328,8 +319,8 @@
   6.138                wt_method G a (snd sig) rT maxl b 
   6.139                 ((\<lambda>(C,x,y,mdecls).
   6.140                      (\<lambda>(sig,rT,maxl,b). Eps (wt_method G C (snd sig) rT maxl b))
   6.141 -                     (\<epsilon>(sg,rT,maxl,b). (sg, rT, maxl, b) \<in> set mdecls \<and> sg = sig))
   6.142 -                 (\<epsilon>(Cl,x,y,mdecls). (Cl, x, y, mdecls) \<in> set G \<and> Cl = a))) mb) m"
   6.143 +                     (SOME (sg,rT,maxl,b). (sg, rT, maxl, b) \<in> set mdecls \<and> sg = sig))
   6.144 +                 (SOME (Cl,x,y,mdecls). (Cl, x, y, mdecls) \<in> set G \<and> Cl = a))) mb) m"
   6.145            by - (drule bspec, assumption, 
   6.146                  clarsimp dest!: wtl_method_correct,
   6.147                  clarsimp intro!: someI simp add: unique_epsilon) 
     7.1 --- a/src/HOL/MicroJava/BV/LBVSpec.thy	Wed Sep 20 21:20:41 2000 +0200
     7.2 +++ b/src/HOL/MicroJava/BV/LBVSpec.thy	Thu Sep 21 10:42:49 2000 +0200
     7.3 @@ -11,44 +11,36 @@
     7.4  
     7.5  types
     7.6    certificate       = "state_type option list" 
     7.7 -  class_certificate = "sig \<Rightarrow> certificate"
     7.8 -  prog_certificate  = "cname \<Rightarrow> class_certificate"
     7.9 +  class_certificate = "sig => certificate"
    7.10 +  prog_certificate  = "cname => class_certificate"
    7.11  
    7.12  
    7.13  constdefs
    7.14    check_cert :: "[instr, jvm_prog, state_type option, certificate, p_count, p_count]
    7.15 -                 \<Rightarrow> bool"
    7.16 -  "check_cert i G s cert pc max_pc \<equiv> \<forall>pc' \<in> set (succs i pc). pc' < max_pc \<and>  
    7.17 -                                     (pc' \<noteq> pc+1 \<longrightarrow> G \<turnstile> step i G s <=' cert!pc')"
    7.18 +                 => bool"
    7.19 +  "check_cert i G s cert pc max_pc == \<forall>pc' \<in> set (succs i pc). pc' < max_pc \<and>  
    7.20 +                                     (pc' \<noteq> pc+1 --> G \<turnstile> step i G s <=' cert!pc')"
    7.21  
    7.22    wtl_inst :: "[instr,jvm_prog,ty,state_type option,certificate,p_count,p_count] 
    7.23 -               \<Rightarrow> state_type option err" 
    7.24 -  "wtl_inst i G rT s cert max_pc pc \<equiv> 
    7.25 +               => state_type option err" 
    7.26 +  "wtl_inst i G rT s cert max_pc pc == 
    7.27       if app i G rT s \<and> check_cert i G s cert pc max_pc then 
    7.28         if pc+1 mem (succs i pc) then Ok (step i G s) else Ok (cert!(pc+1))
    7.29       else Err";
    7.30  
    7.31 -lemma wtl_inst_Ok:
    7.32 -"(wtl_inst i G rT s cert max_pc pc = Ok s') =
    7.33 - (app i G rT s \<and> (\<forall>pc' \<in> set (succs i pc). 
    7.34 -                   pc' < max_pc \<and> (pc' \<noteq> pc+1 \<longrightarrow> G \<turnstile> step i G s <=' cert!pc')) \<and> 
    7.35 - (if pc+1 \<in> set (succs i pc) then s' = step i G s else s' = cert!(pc+1)))"
    7.36 -  by (auto simp add: wtl_inst_def check_cert_def set_mem_eq);
    7.37 -
    7.38 -
    7.39  constdefs
    7.40    wtl_cert :: "[instr,jvm_prog,ty,state_type option,certificate,p_count,p_count] 
    7.41 -               \<Rightarrow> state_type option err"  
    7.42 -  "wtl_cert i G rT s cert max_pc pc \<equiv>
    7.43 +               => state_type option err"  
    7.44 +  "wtl_cert i G rT s cert max_pc pc ==
    7.45       case cert!pc of
    7.46 -        None    \<Rightarrow> wtl_inst i G rT s cert max_pc pc
    7.47 -      | Some s' \<Rightarrow> if G \<turnstile> s <=' (Some s') then 
    7.48 +        None    => wtl_inst i G rT s cert max_pc pc
    7.49 +      | Some s' => if G \<turnstile> s <=' (Some s') then 
    7.50                      wtl_inst i G rT (Some s') cert max_pc pc 
    7.51                    else Err"
    7.52  
    7.53  consts 
    7.54    wtl_inst_list :: "[instr list,jvm_prog,ty,certificate,p_count,p_count, 
    7.55 -                     state_type option] \<Rightarrow> state_type option err"
    7.56 +                     state_type option] => state_type option err"
    7.57  primrec
    7.58    "wtl_inst_list []     G rT cert max_pc pc s = Ok s"
    7.59    "wtl_inst_list (i#is) G rT cert max_pc pc s = 
    7.60 @@ -57,19 +49,26 @@
    7.61                
    7.62  
    7.63  constdefs
    7.64 - wtl_method :: "[jvm_prog,cname,ty list,ty,nat,instr list,certificate] \<Rightarrow> bool"  
    7.65 - "wtl_method G C pTs rT mxl ins cert \<equiv>  
    7.66 + wtl_method :: "[jvm_prog,cname,ty list,ty,nat,instr list,certificate] => bool"  
    7.67 + "wtl_method G C pTs rT mxl ins cert ==  
    7.68  	let max_pc = length ins  
    7.69    in 
    7.70    0 < max_pc \<and>   
    7.71    wtl_inst_list ins G rT cert max_pc 0 
    7.72                  (Some ([],(Ok (Class C))#((map Ok pTs))@(replicate mxl Err))) \<noteq> Err"
    7.73  
    7.74 - wtl_jvm_prog :: "[jvm_prog,prog_certificate] \<Rightarrow> bool" 
    7.75 - "wtl_jvm_prog G cert \<equiv>  
    7.76 + wtl_jvm_prog :: "[jvm_prog,prog_certificate] => bool" 
    7.77 + "wtl_jvm_prog G cert ==  
    7.78    wf_prog (\<lambda>G C (sig,rT,maxl,b). wtl_method G C (snd sig) rT maxl b (cert C sig)) G"
    7.79  
    7.80 -text {* \medskip *} 
    7.81 +
    7.82 +
    7.83 +lemma wtl_inst_Ok:
    7.84 +"(wtl_inst i G rT s cert max_pc pc = Ok s') =
    7.85 + (app i G rT s \<and> (\<forall>pc' \<in> set (succs i pc). 
    7.86 +                   pc' < max_pc \<and> (pc' \<noteq> pc+1 --> G \<turnstile> step i G s <=' cert!pc')) \<and> 
    7.87 + (if pc+1 \<in> set (succs i pc) then s' = step i G s else s' = cert!(pc+1)))"
    7.88 +  by (auto simp add: wtl_inst_def check_cert_def set_mem_eq);
    7.89  
    7.90  lemma strict_Some [simp]: 
    7.91  "(strict f x = Ok y) = (\<exists> z. x = Ok z \<and> f z = Ok y)"
    7.92 @@ -127,7 +126,7 @@
    7.93  qed
    7.94  
    7.95  lemma take_Suc:
    7.96 -  "\<forall>n. n < length l \<longrightarrow> take (Suc n) l = (take n l)@[l!n]" (is "?P l")
    7.97 +  "\<forall>n. n < length l --> take (Suc n) l = (take n l)@[l!n]" (is "?P l")
    7.98  proof (induct l)
    7.99    show "?P []" by simp
   7.100  
   7.101 @@ -191,4 +190,14 @@
   7.102      by (auto simp add: wtl_append min_def)
   7.103  qed
   7.104  
   7.105 +lemma unique_set:
   7.106 +"(a,b,c,d)\<in>set l --> unique l --> (a',b',c',d') \<in> set l --> 
   7.107 +  a = a' --> b=b' \<and> c=c' \<and> d=d'"
   7.108 +  by (induct "l") auto
   7.109 +
   7.110 +lemma unique_epsilon:
   7.111 +  "(a,b,c,d)\<in>set l --> unique l --> 
   7.112 +  (SOME (a',b',c',d'). (a',b',c',d') \<in> set l \<and> a'=a) = (a,b,c,d)"
   7.113 +  by (auto simp add: unique_set)
   7.114 +
   7.115  end
     8.1 --- a/src/HOL/MicroJava/BV/Step.thy	Wed Sep 20 21:20:41 2000 +0200
     8.2 +++ b/src/HOL/MicroJava/BV/Step.thy	Thu Sep 21 10:42:49 2000 +0200
     8.3 @@ -12,7 +12,7 @@
     8.4  
     8.5  text "Effect of instruction on the state type:"
     8.6  consts 
     8.7 -step' :: "instr \<times> jvm_prog \<times> state_type \<Rightarrow> state_type"
     8.8 +step' :: "instr \<times> jvm_prog \<times> state_type => state_type"
     8.9  
    8.10  recdef step' "{}"
    8.11  "step' (Load idx,  G, (ST, LT))          = (val (LT ! idx) # ST, LT)"
    8.12 @@ -40,13 +40,13 @@
    8.13  (* "step' (i,G,s)                           = None" *)
    8.14  
    8.15  constdefs
    8.16 -  step :: "instr \<Rightarrow> jvm_prog \<Rightarrow> state_type option \<Rightarrow> state_type option"
    8.17 -  "step i G \<equiv> opt_map (\<lambda>s. step' (i,G,s))"
    8.18 +  step :: "instr => jvm_prog => state_type option => state_type option"
    8.19 +  "step i G == option_map (\<lambda>s. step' (i,G,s))"
    8.20  
    8.21  
    8.22  text "Conditions under which step is applicable:"
    8.23  consts
    8.24 -app' :: "instr \<times> jvm_prog \<times> ty \<times> state_type \<Rightarrow> bool"
    8.25 +app' :: "instr \<times> jvm_prog \<times> ty \<times> state_type => bool"
    8.26  
    8.27  recdef app' "{}"
    8.28  "app' (Load idx, G, rT, s)                  = (idx < length (snd s) \<and> 
    8.29 @@ -88,13 +88,13 @@
    8.30  
    8.31  
    8.32  constdefs
    8.33 -  app :: "instr \<Rightarrow> jvm_prog \<Rightarrow> ty \<Rightarrow> state_type option \<Rightarrow> bool"
    8.34 -  "app i G rT s \<equiv> case s of None \<Rightarrow> True | Some t \<Rightarrow> app' (i,G,rT,t)"
    8.35 +  app :: "instr => jvm_prog => ty => state_type option => bool"
    8.36 +  "app i G rT s == case s of None => True | Some t => app' (i,G,rT,t)"
    8.37  
    8.38  text {* program counter of successor instructions: *}
    8.39  
    8.40  consts
    8.41 -succs :: "instr \<Rightarrow> p_count \<Rightarrow> p_count list"
    8.42 +succs :: "instr => p_count => p_count list"
    8.43  
    8.44  primrec 
    8.45  "succs (Load idx) pc         = [pc+1]"
    8.46 @@ -117,13 +117,13 @@
    8.47  "succs (Invoke C mn fpTs) pc = [pc+1]"
    8.48  
    8.49  
    8.50 -lemma 1: "2 < length a \<Longrightarrow> (\<exists>l l' l'' ls. a = l#l'#l''#ls)"
    8.51 +lemma 1: "2 < length a ==> (\<exists>l l' l'' ls. a = l#l'#l''#ls)"
    8.52  proof (cases a)
    8.53    fix x xs assume "a = x#xs" "2 < length a"
    8.54    thus ?thesis by - (cases xs, simp, cases "tl xs", auto)
    8.55  qed auto
    8.56  
    8.57 -lemma 2: "\<not>(2 < length a) \<Longrightarrow> a = [] \<or> (\<exists> l. a = [l]) \<or> (\<exists> l l'. a = [l,l'])"
    8.58 +lemma 2: "\<not>(2 < length a) ==> a = [] \<or> (\<exists> l. a = [l]) \<or> (\<exists> l l'. a = [l,l'])"
    8.59  proof -;
    8.60    assume "\<not>(2 < length a)"
    8.61    hence "length a < (Suc 2)" by simp
    8.62 @@ -136,7 +136,7 @@
    8.63      hence "\<exists> l. x = [l]"  by - (cases x, auto)
    8.64    } note 0 = this
    8.65  
    8.66 -  have "length a = 2 \<Longrightarrow> \<exists>l l'. a = [l,l']" by (cases a, auto dest: 0)
    8.67 +  have "length a = 2 ==> \<exists>l l'. a = [l,l']" by (cases a, auto dest: 0)
    8.68    with * show ?thesis by (auto dest: 0)
    8.69  qed
    8.70  
    8.71 @@ -149,7 +149,6 @@
    8.72    by (simp add: app_def)
    8.73  
    8.74  
    8.75 -
    8.76  lemma appLoad[simp]:
    8.77  "(app (Load idx) G rT (Some s)) = (idx < length (snd s) \<and> (snd s) ! idx \<noteq> Err)"
    8.78    by (simp add: app_def)
    8.79 @@ -264,7 +263,7 @@
    8.80    method (G,C) (mn,fpTs) = Some (mD', rT', b'))" (is "?app s = ?P s")
    8.81  proof (cases (open) s)
    8.82    case Pair
    8.83 -  have "?app (a,b) \<Longrightarrow> ?P (a,b)"
    8.84 +  have "?app (a,b) ==> ?P (a,b)"
    8.85    proof -
    8.86      assume app: "?app (a,b)"
    8.87      hence "a = (rev (rev (take (length fpTs) a))) @ (drop (length fpTs) a) \<and> 
    8.88 @@ -286,7 +285,7 @@
    8.89      with app
    8.90      show ?thesis by (auto simp add: app_def) blast
    8.91    qed
    8.92 -  with Pair have "?app s \<Longrightarrow> ?P s" by simp
    8.93 +  with Pair have "?app s ==> ?P s" by simp
    8.94    thus ?thesis by (auto simp add: app_def)
    8.95  qed 
    8.96  
     9.1 --- a/src/HOL/MicroJava/BV/StepMono.thy	Wed Sep 20 21:20:41 2000 +0200
     9.2 +++ b/src/HOL/MicroJava/BV/StepMono.thy	Thu Sep 21 10:42:49 2000 +0200
     9.3 @@ -14,7 +14,7 @@
     9.4  
     9.5  
     9.6  lemma sup_loc_some [rule_format]:
     9.7 -"\<forall> y n. (G \<turnstile> b <=l y) \<longrightarrow> n < length y \<longrightarrow> y!n = Ok t \<longrightarrow> 
     9.8 +"\<forall> y n. (G \<turnstile> b <=l y) --> n < length y --> y!n = Ok t --> 
     9.9    (\<exists>t. b!n = Ok t \<and> (G \<turnstile> (b!n) <=o (y!n)))" (is "?P b")
    9.10  proof (induct (open) ?P b)
    9.11    show "?P []" by simp
    9.12 @@ -41,9 +41,9 @@
    9.13     
    9.14  
    9.15  lemma all_widen_is_sup_loc:
    9.16 -"\<forall>b. length a = length b \<longrightarrow> 
    9.17 +"\<forall>b. length a = length b --> 
    9.18       (\<forall>x\<in>set (zip a b). x \<in> widen G) = (G \<turnstile> (map Ok a) <=l (map Ok b))" 
    9.19 - (is "\<forall>b. length a = length b \<longrightarrow> ?Q a b" is "?P a")
    9.20 + (is "\<forall>b. length a = length b --> ?Q a b" is "?P a")
    9.21  proof (induct "a")
    9.22    show "?P []" by simp
    9.23  
    9.24 @@ -60,7 +60,7 @@
    9.25   
    9.26  
    9.27  lemma append_length_n [rule_format]: 
    9.28 -"\<forall>n. n \<le> length x \<longrightarrow> (\<exists>a b. x = a@b \<and> length a = n)" (is "?P x")
    9.29 +"\<forall>n. n \<le> length x --> (\<exists>a b. x = a@b \<and> length a = n)" (is "?P x")
    9.30  proof (induct (open) ?P x)
    9.31    show "?P []" by simp
    9.32  
    9.33 @@ -94,7 +94,7 @@
    9.34  
    9.35  
    9.36  lemma rev_append_cons:
    9.37 -"\<lbrakk>n < length x\<rbrakk> \<Longrightarrow> \<exists>a b c. x = (rev a) @ b # c \<and> length a = n"
    9.38 +"[|n < length x|] ==> \<exists>a b c. x = (rev a) @ b # c \<and> length a = n"
    9.39  proof -
    9.40    assume n: "n < length x"
    9.41    hence "n \<le> length x" by simp
    9.42 @@ -118,7 +118,7 @@
    9.43  
    9.44  
    9.45  lemma app_mono: 
    9.46 -"\<lbrakk>G \<turnstile> s <=' s'; app i G rT s'\<rbrakk> \<Longrightarrow> app i G rT s";
    9.47 +"[|G \<turnstile> s <=' s'; app i G rT s'|] ==> app i G rT s";
    9.48  proof -
    9.49  
    9.50    { fix s1 s2
    10.1 --- a/src/HOL/MicroJava/J/Conform.ML	Wed Sep 20 21:20:41 2000 +0200
    10.2 +++ b/src/HOL/MicroJava/J/Conform.ML	Thu Sep 21 10:42:49 2000 +0200
    10.3 @@ -6,25 +6,25 @@
    10.4  
    10.5  section "hext";
    10.6  
    10.7 -val hextI = prove_goalw thy [hext_def] "\\<And>h. \
    10.8 -\ \\<forall>a C fs . h  a = Some (C,fs) \\<longrightarrow>  \
    10.9 -\     (\\<exists>fs'. h' a = Some (C,fs')) \\<Longrightarrow> h\\<le>|h'" (K [Auto_tac ]);
   10.10 +val hextI = prove_goalw thy [hext_def] "!!h. \
   10.11 +\ \\<forall>a C fs . h  a = Some (C,fs) -->  \
   10.12 +\     (\\<exists>fs'. h' a = Some (C,fs')) ==> h\\<le>|h'" (K [Auto_tac ]);
   10.13  
   10.14  val hext_objD = prove_goalw thy [hext_def] 
   10.15 -"\\<And>h. \\<lbrakk>h\\<le>|h'; h a = Some (C,fs) \\<rbrakk> \\<Longrightarrow> \\<exists>fs'. h' a = Some (C,fs')" 
   10.16 +"!!h. [|h\\<le>|h'; h a = Some (C,fs) |] ==> \\<exists>fs'. h' a = Some (C,fs')" 
   10.17  	(K [Force_tac 1]);
   10.18  
   10.19  val hext_refl = prove_goal thy "h\\<le>|h" (K [
   10.20  	rtac hextI 1,
   10.21  	Fast_tac 1]);
   10.22  
   10.23 -val hext_new = prove_goal thy "\\<And>h. h a = None \\<Longrightarrow> h\\<le>|h(a\\<mapsto>x)" (K [
   10.24 +val hext_new = prove_goal thy "!!h. h a = None ==> h\\<le>|h(a\\<mapsto>x)" (K [
   10.25  	rtac hextI 1,
   10.26  	safe_tac HOL_cs,
   10.27  	 ALLGOALS (case_tac "aa = a"),
   10.28  	   Auto_tac]);
   10.29  
   10.30 -val hext_trans = prove_goal thy "\\<And>h. \\<lbrakk>h\\<le>|h'; h'\\<le>|h''\\<rbrakk> \\<Longrightarrow> h\\<le>|h''" (K [
   10.31 +val hext_trans = prove_goal thy "!!h. [|h\\<le>|h'; h'\\<le>|h''|] ==> h\\<le>|h''" (K [
   10.32  	rtac hextI 1,
   10.33  	safe_tac HOL_cs,
   10.34  	 fast_tac (HOL_cs addDs [hext_objD]) 1]);
   10.35 @@ -32,7 +32,7 @@
   10.36  Addsimps [hext_refl, hext_new];
   10.37  
   10.38  val hext_upd_obj = prove_goal thy 
   10.39 -"\\<And>h. h a = Some (C,fs) \\<Longrightarrow> h\\<le>|h(a\\<mapsto>(C,fs'))" (K [
   10.40 +"!!h. h a = Some (C,fs) ==> h\\<le>|h(a\\<mapsto>(C,fs'))" (K [
   10.41  	rtac hextI 1,
   10.42  	safe_tac HOL_cs,
   10.43  	 ALLGOALS (case_tac "aa = a"),
   10.44 @@ -42,37 +42,37 @@
   10.45  section "conf";
   10.46  
   10.47  val conf_Null = prove_goalw thy [conf_def] 
   10.48 -"G,h\\<turnstile>Null\\<Colon>\\<preceq>T = G\\<turnstile>RefT NullT\\<preceq>T" (K [Simp_tac 1]);
   10.49 +"G,h\\<turnstile>Null::\\<preceq>T = G\\<turnstile>RefT NullT\\<preceq>T" (K [Simp_tac 1]);
   10.50  Addsimps [conf_Null];
   10.51  
   10.52  val conf_litval = prove_goalw thy [conf_def] 
   10.53 -"typeof (\\<lambda>v. None) v = Some T \\<longrightarrow> G,h\\<turnstile>v\\<Colon>\\<preceq>T" (K [
   10.54 +"typeof (\\<lambda>v. None) v = Some T --> G,h\\<turnstile>v::\\<preceq>T" (K [
   10.55  	rtac val_.induct 1,
   10.56  	    Auto_tac]) RS mp;
   10.57  
   10.58 -Goalw [conf_def] "G,s\\<turnstile>Unit\\<Colon>\\<preceq>PrimT Void";
   10.59 +Goalw [conf_def] "G,s\\<turnstile>Unit::\\<preceq>PrimT Void";
   10.60  by( Simp_tac 1);
   10.61  qed "conf_VoidI";
   10.62  
   10.63 -Goalw [conf_def] "G,s\\<turnstile>Bool b\\<Colon>\\<preceq>PrimT Boolean";
   10.64 +Goalw [conf_def] "G,s\\<turnstile>Bool b::\\<preceq>PrimT Boolean";
   10.65  by( Simp_tac 1);
   10.66  qed "conf_BooleanI";
   10.67  
   10.68 -Goalw [conf_def] "G,s\\<turnstile>Intg i\\<Colon>\\<preceq>PrimT Integer";
   10.69 +Goalw [conf_def] "G,s\\<turnstile>Intg i::\\<preceq>PrimT Integer";
   10.70  by( Simp_tac 1);
   10.71  qed "conf_IntegerI";
   10.72  
   10.73  Addsimps [conf_VoidI, conf_BooleanI, conf_IntegerI];
   10.74  
   10.75  val conf_AddrI = prove_goalw thy [conf_def] 
   10.76 -"\\<And>G. \\<lbrakk>h a = Some obj; G\\<turnstile>obj_ty obj\\<preceq>T\\<rbrakk> \\<Longrightarrow> G,h\\<turnstile>Addr a\\<Colon>\\<preceq>T"
   10.77 +"!!G. [|h a = Some obj; G\\<turnstile>obj_ty obj\\<preceq>T|] ==> G,h\\<turnstile>Addr a::\\<preceq>T"
   10.78  (K [Asm_full_simp_tac 1]);
   10.79  
   10.80  val conf_obj_AddrI = prove_goalw thy [conf_def]
   10.81 - "\\<And>G. \\<lbrakk>h a = Some (C,fs); G\\<turnstile>C\\<preceq>C D\\<rbrakk> \\<Longrightarrow> G,h\\<turnstile>Addr a\\<Colon>\\<preceq> Class D" 
   10.82 + "!!G. [|h a = Some (C,fs); G\\<turnstile>C\\<preceq>C D|] ==> G,h\\<turnstile>Addr a::\\<preceq> Class D" 
   10.83  (K [Asm_full_simp_tac 1]);
   10.84  
   10.85 -Goalw [conf_def] "is_type G T \\<longrightarrow> G,h\\<turnstile>default_val T\\<Colon>\\<preceq>T";
   10.86 +Goalw [conf_def] "is_type G T --> G,h\\<turnstile>default_val T::\\<preceq>T";
   10.87  by (res_inst_tac [("y","T")] ty.exhaust 1);
   10.88  by  (etac ssubst 1);
   10.89  by  (res_inst_tac [("y","prim_ty")] prim_ty.exhaust 1);
   10.90 @@ -80,7 +80,7 @@
   10.91  qed_spec_mp "defval_conf";
   10.92  
   10.93  val conf_upd_obj = prove_goalw thy [conf_def] 
   10.94 -"h a = Some (C,fs) \\<longrightarrow> (G,h(a\\<mapsto>(C,fs'))\\<turnstile>x\\<Colon>\\<preceq>T) = (G,h\\<turnstile>x\\<Colon>\\<preceq>T)" (fn _ => [
   10.95 +"h a = Some (C,fs) --> (G,h(a\\<mapsto>(C,fs'))\\<turnstile>x::\\<preceq>T) = (G,h\\<turnstile>x::\\<preceq>T)" (fn _ => [
   10.96  	rtac impI 1,
   10.97  	rtac val_.induct 1,
   10.98  	 ALLGOALS Simp_tac,
   10.99 @@ -88,14 +88,14 @@
  10.100  	 ALLGOALS Asm_simp_tac]) RS mp;
  10.101  
  10.102  val conf_widen = prove_goalw thy [conf_def] 
  10.103 -"\\<And>G. wf_prog wf_mb G \\<Longrightarrow> G,h\\<turnstile>x\\<Colon>\\<preceq>T \\<longrightarrow> G\\<turnstile>T\\<preceq>T' \\<longrightarrow> G,h\\<turnstile>x\\<Colon>\\<preceq>T'" (K [
  10.104 +"!!G. wf_prog wf_mb G ==> G,h\\<turnstile>x::\\<preceq>T --> G\\<turnstile>T\\<preceq>T' --> G,h\\<turnstile>x::\\<preceq>T'" (K [
  10.105  	rtac val_.induct 1,
  10.106  	    ALLGOALS Simp_tac,
  10.107  	    ALLGOALS (fast_tac (HOL_cs addIs [widen_trans]))]) RS mp RS mp;
  10.108  bind_thm ("conf_widen", conf_widen);
  10.109  
  10.110  val conf_hext' = prove_goalw thy [conf_def] 
  10.111 -	"\\<And>h. h\\<le>|h' \\<Longrightarrow> (\\<forall>v T. G,h\\<turnstile>v\\<Colon>\\<preceq>T \\<longrightarrow> G,h'\\<turnstile>v\\<Colon>\\<preceq>T)" (K [
  10.112 +	"!!h. h\\<le>|h' ==> (\\<forall>v T. G,h\\<turnstile>v::\\<preceq>T --> G,h'\\<turnstile>v::\\<preceq>T)" (K [
  10.113  	REPEAT (rtac allI 1),
  10.114  	rtac val_.induct 1,
  10.115  	 ALLGOALS Simp_tac,
  10.116 @@ -107,36 +107,36 @@
  10.117  bind_thm ("conf_hext", conf_hext);
  10.118  
  10.119  val new_locD = prove_goalw thy [conf_def] 
  10.120 -	"\\<lbrakk>h a = None; G,h\\<turnstile>Addr t\\<Colon>\\<preceq>T\\<rbrakk> \\<Longrightarrow> t\\<noteq>a" (fn prems => [
  10.121 +	"[|h a = None; G,h\\<turnstile>Addr t::\\<preceq>T|] ==> t\\<noteq>a" (fn prems => [
  10.122  	cut_facts_tac prems 1,
  10.123  	Full_simp_tac 1,
  10.124  	safe_tac HOL_cs,
  10.125  	Asm_full_simp_tac 1]);
  10.126  
  10.127  Goalw [conf_def]
  10.128 - "G,h\\<turnstile>a'\\<Colon>\\<preceq>RefT T \\<longrightarrow> a' = Null |  \
  10.129 + "G,h\\<turnstile>a'::\\<preceq>RefT T --> a' = Null |  \
  10.130  \ (\\<exists>a obj T'. a' = Addr a \\<and>  h a = Some obj \\<and>  obj_ty obj = T' \\<and>  G\\<turnstile>T'\\<preceq>RefT T)";
  10.131  by(induct_tac "a'" 1);
  10.132  by(Auto_tac);
  10.133  qed_spec_mp "conf_RefTD";
  10.134  
  10.135 -val conf_NullTD = prove_goal thy "\\<And>G. G,h\\<turnstile>a'\\<Colon>\\<preceq>RefT NullT \\<Longrightarrow> a' = Null" (K [
  10.136 +val conf_NullTD = prove_goal thy "!!G. G,h\\<turnstile>a'::\\<preceq>RefT NullT ==> a' = Null" (K [
  10.137  	dtac conf_RefTD 1,
  10.138  	Step_tac 1,
  10.139  	 Auto_tac]);
  10.140  
  10.141 -val non_npD = prove_goal thy "\\<And>G. \\<lbrakk>a' \\<noteq> Null; G,h\\<turnstile>a'\\<Colon>\\<preceq>RefT t\\<rbrakk> \\<Longrightarrow> \
  10.142 +val non_npD = prove_goal thy "!!G. [|a' \\<noteq> Null; G,h\\<turnstile>a'::\\<preceq>RefT t|] ==> \
  10.143  \ \\<exists>a C fs. a' = Addr a \\<and>  h a = Some (C,fs) \\<and>  G\\<turnstile>Class C\\<preceq>RefT t" (K [
  10.144  	dtac conf_RefTD 1,
  10.145  	Step_tac 1,
  10.146  	 Auto_tac]);
  10.147  
  10.148 -val non_np_objD = prove_goal thy "\\<And>G. \\<lbrakk>a' \\<noteq> Null; G,h\\<turnstile>a'\\<Colon>\\<preceq> Class C; C \\<noteq> Object\\<rbrakk> \\<Longrightarrow> \
  10.149 +val non_np_objD = prove_goal thy "!!G. [|a' \\<noteq> Null; G,h\\<turnstile>a'::\\<preceq> Class C; C \\<noteq> Object|] ==> \
  10.150  \ (\\<exists>a C' fs. a' = Addr a \\<and>  h a = Some (C',fs) \\<and>  G\\<turnstile>C'\\<preceq>C C)" 
  10.151  	(K[fast_tac (claset() addDs [non_npD]) 1]);
  10.152  
  10.153 -Goal "a' \\<noteq> Null \\<longrightarrow> wf_prog wf_mb G \\<longrightarrow> G,h\\<turnstile>a'\\<Colon>\\<preceq>RefT t \\<longrightarrow>\
  10.154 -\ (\\<forall>C. t = ClassT C \\<longrightarrow> C \\<noteq> Object) \\<longrightarrow> \
  10.155 +Goal "a' \\<noteq> Null --> wf_prog wf_mb G --> G,h\\<turnstile>a'::\\<preceq>RefT t -->\
  10.156 +\ (\\<forall>C. t = ClassT C --> C \\<noteq> Object) --> \
  10.157  \ (\\<exists>a C fs. a' = Addr a \\<and>  h a = Some (C,fs) \\<and>  G\\<turnstile>Class C\\<preceq>RefT t)";
  10.158  by(rtac impI 1);
  10.159  by(rtac impI 1);
  10.160 @@ -150,7 +150,7 @@
  10.161  by(Fast_tac 1);
  10.162  qed_spec_mp "non_np_objD'";
  10.163  
  10.164 -Goal "wf_prog wf_mb G \\<Longrightarrow> \\<forall>Ts Ts'. list_all2 (conf G h) vs Ts \\<longrightarrow> list_all2 (\\<lambda>T T'. G\\<turnstile>T\\<preceq>T') Ts Ts' \\<longrightarrow>  list_all2 (conf G h) vs Ts'";
  10.165 +Goal "wf_prog wf_mb G ==> \\<forall>Ts Ts'. list_all2 (conf G h) vs Ts --> list_all2 (\\<lambda>T T'. G\\<turnstile>T\\<preceq>T') Ts Ts' -->  list_all2 (conf G h) vs Ts'";
  10.166  by(induct_tac "vs" 1);
  10.167   by(ALLGOALS Clarsimp_tac);
  10.168  by(forward_tac [list_all2_lengthD RS sym] 1);
  10.169 @@ -166,30 +166,30 @@
  10.170  section "lconf";
  10.171  
  10.172  val lconfD = prove_goalw thy [lconf_def] 
  10.173 -   "\\<And>X. \\<lbrakk> G,h\\<turnstile>vs[\\<Colon>\\<preceq>]Ts; Ts n = Some T \\<rbrakk> \\<Longrightarrow> G,h\\<turnstile>(the (vs n))\\<Colon>\\<preceq>T"
  10.174 +   "!!X. [| G,h\\<turnstile>vs[::\\<preceq>]Ts; Ts n = Some T |] ==> G,h\\<turnstile>(the (vs n))::\\<preceq>T"
  10.175   (K [Force_tac 1]);
  10.176  
  10.177  val lconf_hext = prove_goalw thy [lconf_def] 
  10.178 -	"\\<And>X. \\<lbrakk> G,h\\<turnstile>l[\\<Colon>\\<preceq>]L; h\\<le>|h' \\<rbrakk> \\<Longrightarrow> G,h'\\<turnstile>l[\\<Colon>\\<preceq>]L" (K [
  10.179 +	"!!X. [| G,h\\<turnstile>l[::\\<preceq>]L; h\\<le>|h' |] ==> G,h'\\<turnstile>l[::\\<preceq>]L" (K [
  10.180  		fast_tac (claset() addEs [conf_hext]) 1]);
  10.181  AddEs [lconf_hext];
  10.182  
  10.183 -Goalw [lconf_def] "\\<And>X. \\<lbrakk> G,h\\<turnstile>l[\\<Colon>\\<preceq>]lT; \
  10.184 -\ G,h\\<turnstile>v\\<Colon>\\<preceq>T; lT va = Some T \\<rbrakk> \\<Longrightarrow> G,h\\<turnstile>l(va\\<mapsto>v)[\\<Colon>\\<preceq>]lT";
  10.185 +Goalw [lconf_def] "!!X. [| G,h\\<turnstile>l[::\\<preceq>]lT; \
  10.186 +\ G,h\\<turnstile>v::\\<preceq>T; lT va = Some T |] ==> G,h\\<turnstile>l(va\\<mapsto>v)[::\\<preceq>]lT";
  10.187  by( Clarify_tac 1);
  10.188  by( case_tac "n = va" 1);
  10.189   by Auto_tac;
  10.190  qed "lconf_upd";
  10.191  
  10.192 -Goal "\\<forall>x. P x \\<longrightarrow> R (dv x) x \\<Longrightarrow> (\\<forall>x. map_of fs f = Some x \\<longrightarrow> P x) \\<longrightarrow> \
  10.193 -\ (\\<forall>T. map_of fs f = Some T \\<longrightarrow> \
  10.194 +Goal "\\<forall>x. P x --> R (dv x) x ==> (\\<forall>x. map_of fs f = Some x --> P x) --> \
  10.195 +\ (\\<forall>T. map_of fs f = Some T --> \
  10.196  \ (\\<exists>v. map_of (map (\\<lambda>(f,ft). (f, dv ft)) fs) f = Some v \\<and>  R v T))";
  10.197  by( induct_tac "fs" 1);
  10.198  by Auto_tac;
  10.199  qed_spec_mp "lconf_init_vars_lemma";
  10.200  
  10.201  Goalw [lconf_def, init_vars_def] 
  10.202 -"\\<forall>n. \\<forall>T. map_of fs n = Some T \\<longrightarrow> is_type G T \\<Longrightarrow> G,h\\<turnstile>init_vars fs[\\<Colon>\\<preceq>]map_of fs";
  10.203 +"\\<forall>n. \\<forall>T. map_of fs n = Some T --> is_type G T ==> G,h\\<turnstile>init_vars fs[::\\<preceq>]map_of fs";
  10.204  by Auto_tac;
  10.205  by( rtac lconf_init_vars_lemma 1);
  10.206  by(   atac 3);
  10.207 @@ -200,10 +200,10 @@
  10.208  AddSIs [lconf_init_vars];
  10.209  
  10.210  val lconf_ext = prove_goalw thy [lconf_def] 
  10.211 -"\\<And>X. \\<lbrakk>G,s\\<turnstile>l[\\<Colon>\\<preceq>]L; G,s\\<turnstile>v\\<Colon>\\<preceq>T\\<rbrakk> \\<Longrightarrow> G,s\\<turnstile>l(vn\\<mapsto>v)[\\<Colon>\\<preceq>]L(vn\\<mapsto>T)" 
  10.212 +"!!X. [|G,s\\<turnstile>l[::\\<preceq>]L; G,s\\<turnstile>v::\\<preceq>T|] ==> G,s\\<turnstile>l(vn\\<mapsto>v)[::\\<preceq>]L(vn\\<mapsto>T)" 
  10.213  	(K [Auto_tac]);
  10.214  
  10.215 -Goalw [lconf_def] "G,h\\<turnstile>l[\\<Colon>\\<preceq>]L \\<Longrightarrow> \\<forall>vs Ts. nodups vns \\<longrightarrow> length Ts = length vns \\<longrightarrow> list_all2 (\\<lambda>v T. G,h\\<turnstile>v\\<Colon>\\<preceq>T) vs Ts \\<longrightarrow> G,h\\<turnstile>l(vns[\\<mapsto>]vs)[\\<Colon>\\<preceq>]L(vns[\\<mapsto>]Ts)";
  10.216 +Goalw [lconf_def] "G,h\\<turnstile>l[::\\<preceq>]L ==> \\<forall>vs Ts. nodups vns --> length Ts = length vns --> list_all2 (\\<lambda>v T. G,h\\<turnstile>v::\\<preceq>T) vs Ts --> G,h\\<turnstile>l(vns[\\<mapsto>]vs)[::\\<preceq>]L(vns[\\<mapsto>]Ts)";
  10.217  by( induct_tac "vns" 1);
  10.218  by(  ALLGOALS Clarsimp_tac);
  10.219  by( forward_tac [list_all2_lengthD] 1);
  10.220 @@ -214,10 +214,10 @@
  10.221  section "oconf";
  10.222  
  10.223  val oconf_hext = prove_goalw thy [oconf_def] 
  10.224 -"\\<And>X. G,h\\<turnstile>obj\\<surd> \\<Longrightarrow> h\\<le>|h' \\<Longrightarrow> G,h'\\<turnstile>obj\\<surd>" (K [Fast_tac 1]);
  10.225 +"!!X. G,h\\<turnstile>obj\\<surd> ==> h\\<le>|h' ==> G,h'\\<turnstile>obj\\<surd>" (K [Fast_tac 1]);
  10.226  
  10.227  val oconf_obj = prove_goalw thy [oconf_def,lconf_def] "G,h\\<turnstile>(C,fs)\\<surd> = \
  10.228 -\ (\\<forall>T f. map_of(fields (G,C)) f = Some T \\<longrightarrow> (\\<exists>v. fs f = Some v \\<and>  G,h\\<turnstile>v\\<Colon>\\<preceq>T))"(K [
  10.229 +\ (\\<forall>T f. map_of(fields (G,C)) f = Some T --> (\\<exists>v. fs f = Some v \\<and>  G,h\\<turnstile>v::\\<preceq>T))"(K [
  10.230  	Auto_tac]);
  10.231  
  10.232  val oconf_objD = oconf_obj RS iffD1 RS spec RS spec RS mp;
  10.233 @@ -225,11 +225,11 @@
  10.234  
  10.235  section "hconf";
  10.236  
  10.237 -Goalw [hconf_def] "\\<lbrakk>G\\<turnstile>h h\\<surd>; h a = Some obj\\<rbrakk> \\<Longrightarrow> G,h\\<turnstile>obj\\<surd>";
  10.238 +Goalw [hconf_def] "[|G\\<turnstile>h h\\<surd>; h a = Some obj|] ==> G,h\\<turnstile>obj\\<surd>";
  10.239  by (Fast_tac 1);
  10.240  qed "hconfD";
  10.241  
  10.242 -Goalw [hconf_def] "\\<forall>a obj. h a=Some obj \\<longrightarrow> G,h\\<turnstile>obj\\<surd> \\<Longrightarrow> G\\<turnstile>h h\\<surd>";
  10.243 +Goalw [hconf_def] "\\<forall>a obj. h a=Some obj --> G,h\\<turnstile>obj\\<surd> ==> G\\<turnstile>h h\\<surd>";
  10.244  by (Fast_tac 1);
  10.245  qed "hconfI";
  10.246  
  10.247 @@ -237,25 +237,25 @@
  10.248  section "conforms";
  10.249  
  10.250  val conforms_heapD = prove_goalw thy [conforms_def]
  10.251 -	"(h, l)\\<Colon>\\<preceq>(G, lT) \\<Longrightarrow> G\\<turnstile>h h\\<surd>"
  10.252 +	"(h, l)::\\<preceq>(G, lT) ==> G\\<turnstile>h h\\<surd>"
  10.253  	(fn prems => [cut_facts_tac prems 1, Asm_full_simp_tac 1]);
  10.254  
  10.255  val conforms_localD = prove_goalw thy [conforms_def]
  10.256 -	 "(h, l)\\<Colon>\\<preceq>(G, lT) \\<Longrightarrow> G,h\\<turnstile>l[\\<Colon>\\<preceq>]lT" (fn prems => [
  10.257 +	 "(h, l)::\\<preceq>(G, lT) ==> G,h\\<turnstile>l[::\\<preceq>]lT" (fn prems => [
  10.258  	cut_facts_tac prems 1, Asm_full_simp_tac 1]);
  10.259  
  10.260  val conformsI = prove_goalw thy [conforms_def] 
  10.261 -"\\<lbrakk>G\\<turnstile>h h\\<surd>; G,h\\<turnstile>l[\\<Colon>\\<preceq>]lT\\<rbrakk> \\<Longrightarrow> (h, l)\\<Colon>\\<preceq>(G, lT)" (fn prems => [
  10.262 +"[|G\\<turnstile>h h\\<surd>; G,h\\<turnstile>l[::\\<preceq>]lT|] ==> (h, l)::\\<preceq>(G, lT)" (fn prems => [
  10.263  	cut_facts_tac prems 1,
  10.264  	Simp_tac 1,
  10.265  	Auto_tac]);
  10.266  
  10.267 -Goal "\\<lbrakk>(h,l)\\<Colon>\\<preceq>(G,lT); h\\<le>|h'; G\\<turnstile>h h'\\<surd> \\<rbrakk> \\<Longrightarrow> (h',l)\\<Colon>\\<preceq>(G,lT)";
  10.268 +Goal "[|(h,l)::\\<preceq>(G,lT); h\\<le>|h'; G\\<turnstile>h h'\\<surd> |] ==> (h',l)::\\<preceq>(G,lT)";
  10.269  by( fast_tac (HOL_cs addDs [conforms_localD] 
  10.270    addSEs [conformsI, lconf_hext]) 1);
  10.271  qed "conforms_hext";
  10.272  
  10.273 -Goal "\\<lbrakk>(h,l)\\<Colon>\\<preceq>(G, lT); G,h(a\\<mapsto>obj)\\<turnstile>obj\\<surd>; h\\<le>|h(a\\<mapsto>obj)\\<rbrakk> \\<Longrightarrow> (h(a\\<mapsto>obj),l)\\<Colon>\\<preceq>(G, lT)";
  10.274 +Goal "[|(h,l)::\\<preceq>(G, lT); G,h(a\\<mapsto>obj)\\<turnstile>obj\\<surd>; h\\<le>|h(a\\<mapsto>obj)|] ==> (h(a\\<mapsto>obj),l)::\\<preceq>(G, lT)";
  10.275  by( rtac conforms_hext 1);
  10.276  by   Auto_tac;
  10.277  by( rtac hconfI 1);
  10.278 @@ -265,7 +265,7 @@
  10.279  qed "conforms_upd_obj";
  10.280  
  10.281  Goalw [conforms_def] 
  10.282 -"\\<lbrakk>(h, l)\\<Colon>\\<preceq>(G, lT); G,h\\<turnstile>v\\<Colon>\\<preceq>T; lT va = Some T\\<rbrakk> \\<Longrightarrow> \
  10.283 -\ (h, l(va\\<mapsto>v))\\<Colon>\\<preceq>(G, lT)";
  10.284 +"[|(h, l)::\\<preceq>(G, lT); G,h\\<turnstile>v::\\<preceq>T; lT va = Some T|] ==> \
  10.285 +\ (h, l(va\\<mapsto>v))::\\<preceq>(G, lT)";
  10.286  by( auto_tac (claset() addEs [lconf_upd], simpset()));
  10.287  qed "conforms_upd_local";
    11.1 --- a/src/HOL/MicroJava/J/Conform.thy	Wed Sep 20 21:20:41 2000 +0200
    11.2 +++ b/src/HOL/MicroJava/J/Conform.thy	Thu Sep 21 10:42:49 2000 +0200
    11.3 @@ -12,23 +12,23 @@
    11.4  
    11.5  constdefs
    11.6  
    11.7 -  hext :: "aheap \\<Rightarrow> aheap \\<Rightarrow> bool"		 (     "_\\<le>|_"  [51,51] 50)
    11.8 - "h\\<le>|h' \\<equiv> \\<forall>a C fs. h a = Some(C,fs) \\<longrightarrow> (\\<exists>fs'. h' a = Some(C,fs'))"
    11.9 +  hext :: "aheap => aheap => bool"		 (     "_\\<le>|_"  [51,51] 50)
   11.10 + "h\\<le>|h' == \\<forall>a C fs. h a = Some(C,fs) --> (\\<exists>fs'. h' a = Some(C,fs'))"
   11.11  
   11.12 -  conf :: "'c prog \\<Rightarrow> aheap \\<Rightarrow> val \\<Rightarrow> ty \\<Rightarrow> bool"	 ( "_,_\\<turnstile>_\\<Colon>\\<preceq>_"  [51,51,51,51] 50)
   11.13 - "G,h\\<turnstile>v\\<Colon>\\<preceq>T \\<equiv> \\<exists>T'. typeof (option_map obj_ty o h) v = Some T' \\<and> G\\<turnstile>T'\\<preceq>T"
   11.14 +  conf :: "'c prog => aheap => val => ty => bool"	 ( "_,_\\<turnstile>_::\\<preceq>_"  [51,51,51,51] 50)
   11.15 + "G,h\\<turnstile>v::\\<preceq>T == \\<exists>T'. typeof (option_map obj_ty o h) v = Some T' \\<and> G\\<turnstile>T'\\<preceq>T"
   11.16  
   11.17 -  lconf :: "'c prog \\<Rightarrow> aheap \\<Rightarrow> ('a \\<leadsto> val) \\<Rightarrow> ('a \\<leadsto> ty) \\<Rightarrow> bool"
   11.18 -                                                 ("_,_\\<turnstile>_[\\<Colon>\\<preceq>]_" [51,51,51,51] 50)
   11.19 - "G,h\\<turnstile>vs[\\<Colon>\\<preceq>]Ts \\<equiv> \\<forall>n T. Ts n = Some T \\<longrightarrow> (\\<exists>v. vs n = Some v \\<and> G,h\\<turnstile>v\\<Colon>\\<preceq>T)"
   11.20 +  lconf :: "'c prog => aheap => ('a \\<leadsto> val) => ('a \\<leadsto> ty) => bool"
   11.21 +                                                 ("_,_\\<turnstile>_[::\\<preceq>]_" [51,51,51,51] 50)
   11.22 + "G,h\\<turnstile>vs[::\\<preceq>]Ts == \\<forall>n T. Ts n = Some T --> (\\<exists>v. vs n = Some v \\<and> G,h\\<turnstile>v::\\<preceq>T)"
   11.23  
   11.24 -  oconf :: "'c prog \\<Rightarrow> aheap \\<Rightarrow> obj \\<Rightarrow> bool"      ("_,_\\<turnstile>_\\<surd>"     [51,51,51]    50)
   11.25 - "G,h\\<turnstile>obj\\<surd> \\<equiv> G,h\\<turnstile>snd obj[\\<Colon>\\<preceq>]map_of (fields (G,fst obj))"
   11.26 +  oconf :: "'c prog => aheap => obj => bool"      ("_,_\\<turnstile>_\\<surd>"     [51,51,51]    50)
   11.27 + "G,h\\<turnstile>obj\\<surd> == G,h\\<turnstile>snd obj[::\\<preceq>]map_of (fields (G,fst obj))"
   11.28  
   11.29 -  hconf :: "'c prog \\<Rightarrow> aheap \\<Rightarrow> bool"             ("_\\<turnstile>h _\\<surd>"      [51,51]       50)
   11.30 - "G\\<turnstile>h h\\<surd>    \\<equiv> \\<forall>a obj. h a = Some obj \\<longrightarrow> G,h\\<turnstile>obj\\<surd>"
   11.31 +  hconf :: "'c prog => aheap => bool"             ("_\\<turnstile>h _\\<surd>"      [51,51]       50)
   11.32 + "G\\<turnstile>h h\\<surd>    == \\<forall>a obj. h a = Some obj --> G,h\\<turnstile>obj\\<surd>"
   11.33  
   11.34 -  conforms :: "state \\<Rightarrow> java_mb env_ \\<Rightarrow> bool"	 ("_\\<Colon>\\<preceq>_"       [51,51]       50)
   11.35 - "s\\<Colon>\\<preceq>E \\<equiv> prg E\\<turnstile>h heap s\\<surd> \\<and> prg E,heap s\\<turnstile>locals s[\\<Colon>\\<preceq>]localT E"
   11.36 +  conforms :: "state => java_mb env_ => bool"	 ("_::\\<preceq>_"       [51,51]       50)
   11.37 + "s::\\<preceq>E == prg E\\<turnstile>h heap s\\<surd> \\<and> prg E,heap s\\<turnstile>locals s[::\\<preceq>]localT E"
   11.38  
   11.39  end
    12.1 --- a/src/HOL/MicroJava/J/Decl.ML	Wed Sep 20 21:20:41 2000 +0200
    12.2 +++ b/src/HOL/MicroJava/J/Decl.ML	Thu Sep 21 10:42:49 2000 +0200
    12.3 @@ -8,8 +8,8 @@
    12.4  	rtac finite_map_of 1]);
    12.5  
    12.6  val is_classI = prove_goalw thy [is_class_def]
    12.7 -"\\<And>G. class G C = Some c \\<Longrightarrow> is_class G C" (K [Auto_tac]);
    12.8 +"!!G. class G C = Some c ==> is_class G C" (K [Auto_tac]);
    12.9  
   12.10  val is_classD = prove_goalw thy [is_class_def]
   12.11 -"\\<And>G. is_class G C \\<Longrightarrow> \\<exists>sc fs ms. class G C = Some (sc,fs,ms)" (K [
   12.12 +"!!G. is_class G C ==> \\<exists>sc fs ms. class G C = Some (sc,fs,ms)" (K [
   12.13  	not_None_tac 1, pair_tac "y" 1, pair_tac "ya" 1, Auto_tac]);
    13.1 --- a/src/HOL/MicroJava/J/Decl.thy	Wed Sep 20 21:20:41 2000 +0200
    13.2 +++ b/src/HOL/MicroJava/J/Decl.thy	Thu Sep 21 10:42:49 2000 +0200
    13.3 @@ -32,26 +32,26 @@
    13.4  
    13.5  defs 
    13.6  
    13.7 - ObjectC_def "ObjectC \\<equiv> (Object, (None, [], []))"
    13.8 + ObjectC_def "ObjectC == (Object, (None, [], []))"
    13.9  
   13.10  
   13.11  types 'c prog = "'c cdecl list"
   13.12  
   13.13  consts
   13.14  
   13.15 -  class		:: "'c prog \\<Rightarrow> (cname \\<leadsto> 'c class)"
   13.16 +  class		:: "'c prog => (cname \\<leadsto> 'c class)"
   13.17  
   13.18 -  is_class	:: "'c prog \\<Rightarrow> cname \\<Rightarrow> bool"
   13.19 -  is_type	:: "'c prog \\<Rightarrow> ty    \\<Rightarrow> bool"
   13.20 +  is_class	:: "'c prog => cname => bool"
   13.21 +  is_type	:: "'c prog => ty    => bool"
   13.22  
   13.23  defs
   13.24  
   13.25 -  class_def	"class        \\<equiv> map_of"
   13.26 +  class_def	"class        == map_of"
   13.27  
   13.28 -  is_class_def	"is_class G C \\<equiv> class G C \\<noteq> None"
   13.29 +  is_class_def	"is_class G C == class G C \\<noteq> None"
   13.30  
   13.31  primrec
   13.32  "is_type G (PrimT pt) = True"
   13.33 -"is_type G (RefT t) = (case t of NullT \\<Rightarrow> True | ClassT C \\<Rightarrow> is_class G C)"
   13.34 +"is_type G (RefT t) = (case t of NullT => True | ClassT C => is_class G C)"
   13.35  
   13.36  end
    14.1 --- a/src/HOL/MicroJava/J/Eval.ML	Wed Sep 20 21:20:41 2000 +0200
    14.2 +++ b/src/HOL/MicroJava/J/Eval.ML	Thu Sep 21 10:42:49 2000 +0200
    14.3 @@ -4,44 +4,44 @@
    14.4      Copyright   1999 Technische Universitaet Muenchen
    14.5  *)
    14.6  
    14.7 -Goal "\\<lbrakk>new_Addr (heap s) = (a,x); \
    14.8 -\      s' = c_hupd (heap s(a\\<mapsto>(C,init_vars (fields (G,C))))) (x,s)\\<rbrakk> \\<Longrightarrow> \
    14.9 -\      G\\<turnstile>Norm s -NewC C\\<succ>Addr a\\<rightarrow> s'";
   14.10 +Goal "[|new_Addr (heap s) = (a,x); \
   14.11 +\      s' = c_hupd (heap s(a\\<mapsto>(C,init_vars (fields (G,C))))) (x,s)|] ==> \
   14.12 +\      G\\<turnstile>Norm s -NewC C\\<succ>Addr a-> s'";
   14.13  by (hyp_subst_tac 1);
   14.14  br eval_evals_exec.NewC 1;
   14.15  by Auto_tac;
   14.16  qed "NewCI";
   14.17  
   14.18 -Goal "\\<And>s s'. (G\\<turnstile>(x,s) -e \\<succ>  v \\<rightarrow> (x',s') \\<longrightarrow> x'=None \\<longrightarrow> x=None) \\<and> \
   14.19 -\             (G\\<turnstile>(x,s) -es[\\<succ>]vs\\<rightarrow> (x',s') \\<longrightarrow> x'=None \\<longrightarrow> x=None) \\<and> \
   14.20 -\             (G\\<turnstile>(x,s) -c       \\<rightarrow> (x',s') \\<longrightarrow> x'=None \\<longrightarrow> x=None)";
   14.21 +Goal "!!s s'. (G\\<turnstile>(x,s) -e \\<succ>  v -> (x',s') --> x'=None --> x=None) \\<and> \
   14.22 +\             (G\\<turnstile>(x,s) -es[\\<succ>]vs-> (x',s') --> x'=None --> x=None) \\<and> \
   14.23 +\             (G\\<turnstile>(x,s) -c       -> (x',s') --> x'=None --> x=None)";
   14.24  by(split_all_tac 1);
   14.25  by(rtac eval_evals_exec.induct 1);
   14.26  by(rewtac c_hupd_def);
   14.27  by(ALLGOALS Asm_full_simp_tac);
   14.28  qed "eval_evals_exec_no_xcpt";
   14.29  
   14.30 -val eval_no_xcpt = prove_goal thy "\\<And>X. G\\<turnstile>(x,s) -e\\<succ>v\\<rightarrow> (None,s') \\<Longrightarrow> x=None" (K [
   14.31 +val eval_no_xcpt = prove_goal thy "!!X. G\\<turnstile>(x,s) -e\\<succ>v-> (None,s') ==> x=None" (K [
   14.32  	dtac (eval_evals_exec_no_xcpt RS conjunct1 RS mp) 1,
   14.33  	Fast_tac 1]);
   14.34 -val evals_no_xcpt = prove_goal thy "\\<And>X. G\\<turnstile>(x,s) -e[\\<succ>]v\\<rightarrow> (None,s') \\<Longrightarrow> x=None" (K [
   14.35 +val evals_no_xcpt = prove_goal thy "!!X. G\\<turnstile>(x,s) -e[\\<succ>]v-> (None,s') ==> x=None" (K [
   14.36  	dtac (eval_evals_exec_no_xcpt RS conjunct2 RS conjunct1 RS mp) 1,
   14.37  	Fast_tac 1]);
   14.38  
   14.39  val eval_evals_exec_xcpt = prove_goal thy 
   14.40 -"\\<And>s s'. (G\\<turnstile>(x,s) -e \\<succ>  v \\<rightarrow> (x',s') \\<longrightarrow> x=Some xc \\<longrightarrow> x'=Some xc \\<and> s'=s) \\<and> \
   14.41 -\        (G\\<turnstile>(x,s) -es[\\<succ>]vs\\<rightarrow> (x',s') \\<longrightarrow> x=Some xc \\<longrightarrow> x'=Some xc \\<and> s'=s) \\<and> \
   14.42 -\        (G\\<turnstile>(x,s) -c       \\<rightarrow> (x',s') \\<longrightarrow> x=Some xc \\<longrightarrow> x'=Some xc \\<and> s'=s)"
   14.43 +"!!s s'. (G\\<turnstile>(x,s) -e \\<succ>  v -> (x',s') --> x=Some xc --> x'=Some xc \\<and> s'=s) \\<and> \
   14.44 +\        (G\\<turnstile>(x,s) -es[\\<succ>]vs-> (x',s') --> x=Some xc --> x'=Some xc \\<and> s'=s) \\<and> \
   14.45 +\        (G\\<turnstile>(x,s) -c       -> (x',s') --> x=Some xc --> x'=Some xc \\<and> s'=s)"
   14.46   (K [
   14.47  	split_all_tac 1,
   14.48  	rtac eval_evals_exec.induct 1,
   14.49  	rewtac c_hupd_def,
   14.50  	ALLGOALS Asm_full_simp_tac]);
   14.51  val eval_xcpt = prove_goal thy 
   14.52 -"\\<And>X. G\\<turnstile>(Some xc,s) -e\\<succ>v\\<rightarrow> (x',s') \\<Longrightarrow> x'=Some xc \\<and>  s'=s" (K [
   14.53 +"!!X. G\\<turnstile>(Some xc,s) -e\\<succ>v-> (x',s') ==> x'=Some xc \\<and>  s'=s" (K [
   14.54  	dtac (eval_evals_exec_xcpt RS conjunct1 RS mp) 1,
   14.55  	Fast_tac 1]);
   14.56  val exec_xcpt = prove_goal thy 
   14.57 -"\\<And>X. G\\<turnstile>(Some xc,s) -s0\\<rightarrow> (x',s') \\<Longrightarrow> x'=Some xc \\<and>  s'=s" (K [
   14.58 +"!!X. G\\<turnstile>(Some xc,s) -s0-> (x',s') ==> x'=Some xc \\<and>  s'=s" (K [
   14.59  	dtac (eval_evals_exec_xcpt RS conjunct2 RS conjunct2 RS mp) 1,
   14.60  	Fast_tac 1]);
    15.1 --- a/src/HOL/MicroJava/J/Eval.thy	Wed Sep 20 21:20:41 2000 +0200
    15.2 +++ b/src/HOL/MicroJava/J/Eval.thy	Thu Sep 21 10:42:49 2000 +0200
    15.3 @@ -10,118 +10,118 @@
    15.4  Eval = State + WellType +
    15.5  
    15.6  consts
    15.7 -  eval  :: "java_mb prog \\<Rightarrow> (xstate \\<times> expr      \\<times> val      \\<times> xstate) set"
    15.8 -  evals :: "java_mb prog \\<Rightarrow> (xstate \\<times> expr list \\<times> val list \\<times> xstate) set"
    15.9 -  exec  :: "java_mb prog \\<Rightarrow> (xstate \\<times> stmt                 \\<times> xstate) set"
   15.10 +  eval  :: "java_mb prog => (xstate \\<times> expr      \\<times> val      \\<times> xstate) set"
   15.11 +  evals :: "java_mb prog => (xstate \\<times> expr list \\<times> val list \\<times> xstate) set"
   15.12 +  exec  :: "java_mb prog => (xstate \\<times> stmt                 \\<times> xstate) set"
   15.13  
   15.14  syntax
   15.15 -  eval :: "[java_mb prog,xstate,expr,val,xstate] \\<Rightarrow> bool "("_\\<turnstile>_ -_\\<succ>_\\<rightarrow> _"[51,82,82,82,82]81)
   15.16 +  eval :: "[java_mb prog,xstate,expr,val,xstate] => bool "("_\\<turnstile>_ -_\\<succ>_-> _"[51,82,82,82,82]81)
   15.17    evals:: "[java_mb prog,xstate,expr list,
   15.18 -	                      val list,xstate] \\<Rightarrow> bool "("_\\<turnstile>_ -_[\\<succ>]_\\<rightarrow> _"[51,82,51,51,82]81)
   15.19 -  exec :: "[java_mb prog,xstate,stmt,    xstate] \\<Rightarrow> bool "("_\\<turnstile>_ -_\\<rightarrow> _"  [51,82,82,   82]81)
   15.20 +	                      val list,xstate] => bool "("_\\<turnstile>_ -_[\\<succ>]_-> _"[51,82,51,51,82]81)
   15.21 +  exec :: "[java_mb prog,xstate,stmt,    xstate] => bool "("_\\<turnstile>_ -_-> _"  [51,82,82,   82]81)
   15.22  
   15.23  translations
   15.24 -  "G\\<turnstile>s -e \\<succ> v\\<rightarrow> (x,s')" <= "(s, e, v, x, s') \\<in> eval  G"
   15.25 -  "G\\<turnstile>s -e \\<succ> v\\<rightarrow>    s' " == "(s, e, v,    s' ) \\<in> eval  G"
   15.26 -  "G\\<turnstile>s -e[\\<succ>]v\\<rightarrow> (x,s')" <= "(s, e, v, x, s') \\<in> evals G"
   15.27 -  "G\\<turnstile>s -e[\\<succ>]v\\<rightarrow>    s' " == "(s, e, v,    s' ) \\<in> evals G"
   15.28 -  "G\\<turnstile>s -c    \\<rightarrow> (x,s')" <= "(s, c, x, s') \\<in> exec  G"
   15.29 -  "G\\<turnstile>s -c    \\<rightarrow>    s' " == "(s, c,    s') \\<in> exec  G"
   15.30 +  "G\\<turnstile>s -e \\<succ> v-> (x,s')" <= "(s, e, v, x, s') \\<in> eval  G"
   15.31 +  "G\\<turnstile>s -e \\<succ> v->    s' " == "(s, e, v,    s' ) \\<in> eval  G"
   15.32 +  "G\\<turnstile>s -e[\\<succ>]v-> (x,s')" <= "(s, e, v, x, s') \\<in> evals G"
   15.33 +  "G\\<turnstile>s -e[\\<succ>]v->    s' " == "(s, e, v,    s' ) \\<in> evals G"
   15.34 +  "G\\<turnstile>s -c    -> (x,s')" <= "(s, c, x, s') \\<in> exec  G"
   15.35 +  "G\\<turnstile>s -c    ->    s' " == "(s, c,    s') \\<in> exec  G"
   15.36  
   15.37  inductive "eval G" "evals G" "exec G" intrs
   15.38  
   15.39  (* evaluation of expressions *)
   15.40  
   15.41    (* cf. 15.5 *)
   15.42 -  XcptE				  "G\\<turnstile>(Some xc,s) -e\\<succ>arbitrary\\<rightarrow> (Some xc,s)"
   15.43 +  XcptE				  "G\\<turnstile>(Some xc,s) -e\\<succ>arbitrary-> (Some xc,s)"
   15.44  
   15.45    (* cf. 15.8.1 *)
   15.46 -  NewC	"\\<lbrakk>h = heap s; (a,x) = new_Addr h;
   15.47 -	  h'= h(a\\<mapsto>(C,init_vars (fields (G,C))))\\<rbrakk> \\<Longrightarrow>
   15.48 -				   G\\<turnstile>Norm s -NewC C\\<succ>Addr a\\<rightarrow> c_hupd h' (x,s)"
   15.49 +  NewC	"[|h = heap s; (a,x) = new_Addr h;
   15.50 +	  h'= h(a\\<mapsto>(C,init_vars (fields (G,C))))|] ==>
   15.51 +				   G\\<turnstile>Norm s -NewC C\\<succ>Addr a-> c_hupd h' (x,s)"
   15.52  
   15.53    (* cf. 15.15 *)
   15.54 -  Cast	"\\<lbrakk>G\\<turnstile>Norm s0 -e\\<succ>v\\<rightarrow> (x1,s1);
   15.55 -	  x2=raise_if (\\<not> cast_ok G C (heap s1) v) ClassCast x1\\<rbrakk> \\<Longrightarrow>
   15.56 -			        G\\<turnstile>Norm s0 -Cast C e\\<succ>v\\<rightarrow> (x2,s1)"
   15.57 +  Cast	"[|G\\<turnstile>Norm s0 -e\\<succ>v-> (x1,s1);
   15.58 +	  x2=raise_if (\\<not> cast_ok G C (heap s1) v) ClassCast x1|] ==>
   15.59 +			        G\\<turnstile>Norm s0 -Cast C e\\<succ>v-> (x2,s1)"
   15.60  
   15.61    (* cf. 15.7.1 *)
   15.62 -  Lit				   "G\\<turnstile>Norm s -Lit v\\<succ>v\\<rightarrow> Norm s"
   15.63 +  Lit				   "G\\<turnstile>Norm s -Lit v\\<succ>v-> Norm s"
   15.64  
   15.65 -  BinOp "\\<lbrakk>G\\<turnstile>Norm s -e1\\<succ>v1\\<rightarrow> s1;
   15.66 -	  G\\<turnstile>s1     -e2\\<succ>v2\\<rightarrow> s2;
   15.67 -	  v = (case bop of Eq  \\<Rightarrow> Bool (v1 = v2)
   15.68 -	                 | Add \\<Rightarrow> Intg (the_Intg v1 + the_Intg v2))\\<rbrakk> \\<Longrightarrow>
   15.69 -				   G\\<turnstile>Norm s -BinOp bop e1 e2\\<succ>v\\<rightarrow> s2"
   15.70 +  BinOp "[|G\\<turnstile>Norm s -e1\\<succ>v1-> s1;
   15.71 +	  G\\<turnstile>s1     -e2\\<succ>v2-> s2;
   15.72 +	  v = (case bop of Eq  => Bool (v1 = v2)
   15.73 +	                 | Add => Intg (the_Intg v1 + the_Intg v2))|] ==>
   15.74 +				   G\\<turnstile>Norm s -BinOp bop e1 e2\\<succ>v-> s2"
   15.75  
   15.76    (* cf. 15.13.1, 15.2 *)
   15.77 -  LAcc				  "G\\<turnstile>Norm s -LAcc v\\<succ>the (locals s v)\\<rightarrow> Norm s"
   15.78 +  LAcc				  "G\\<turnstile>Norm s -LAcc v\\<succ>the (locals s v)-> Norm s"
   15.79  
   15.80    (* cf. 15.25.1 *)
   15.81 -  LAss  "\\<lbrakk>G\\<turnstile>Norm s -e\\<succ>v\\<rightarrow>  (x,(h,l));
   15.82 -	  l' = (if x = None then l(va\\<mapsto>v) else l)\\<rbrakk> \\<Longrightarrow>
   15.83 -				   G\\<turnstile>Norm s -va\\<Colon>=e\\<succ>v\\<rightarrow> (x,(h,l'))"
   15.84 +  LAss  "[|G\\<turnstile>Norm s -e\\<succ>v->  (x,(h,l));
   15.85 +	  l' = (if x = None then l(va\\<mapsto>v) else l)|] ==>
   15.86 +				   G\\<turnstile>Norm s -va::=e\\<succ>v-> (x,(h,l'))"
   15.87  
   15.88  
   15.89    (* cf. 15.10.1, 15.2 *)
   15.90 -  FAcc	"\\<lbrakk>G\\<turnstile>Norm s0 -e\\<succ>a'\\<rightarrow> (x1,s1); 
   15.91 -	  v = the (snd (the (heap s1 (the_Addr a'))) (fn,T))\\<rbrakk> \\<Longrightarrow>
   15.92 -				 G\\<turnstile>Norm s0 -{T}e..fn\\<succ>v\\<rightarrow> (np a' x1,s1)"
   15.93 +  FAcc	"[|G\\<turnstile>Norm s0 -e\\<succ>a'-> (x1,s1); 
   15.94 +	  v = the (snd (the (heap s1 (the_Addr a'))) (fn,T))|] ==>
   15.95 +				 G\\<turnstile>Norm s0 -{T}e..fn\\<succ>v-> (np a' x1,s1)"
   15.96  
   15.97    (* cf. 15.25.1 *)
   15.98 -  FAss  "\\<lbrakk>G\\<turnstile>     Norm s0  -e1\\<succ>a'\\<rightarrow> (x1,s1); a = the_Addr a';
   15.99 -	  G\\<turnstile>(np a' x1,s1) -e2\\<succ>v \\<rightarrow> (x2,s2);
  15.100 +  FAss  "[|G\\<turnstile>     Norm s0  -e1\\<succ>a'-> (x1,s1); a = the_Addr a';
  15.101 +	  G\\<turnstile>(np a' x1,s1) -e2\\<succ>v -> (x2,s2);
  15.102  	  h = heap s2; (c,fs) = the (h a);
  15.103 -	  h' = h(a\\<mapsto>(c,(fs((fn,T)\\<mapsto>v))))\\<rbrakk> \\<Longrightarrow>
  15.104 -			  G\\<turnstile>Norm s0 -{T}e1..fn:=e2\\<succ>v\\<rightarrow> c_hupd h' (x2,s2)"
  15.105 +	  h' = h(a\\<mapsto>(c,(fs((fn,T)\\<mapsto>v))))|] ==>
  15.106 +			  G\\<turnstile>Norm s0 -{T}e1..fn:=e2\\<succ>v-> c_hupd h' (x2,s2)"
  15.107  
  15.108    (* cf. 15.11.4.1, 15.11.4.2, 15.11.4.4, 15.11.4.5, 14.15 *)
  15.109 -  Call	"\\<lbrakk>G\\<turnstile>Norm s0 -e\\<succ>a'\\<rightarrow> s1; a = the_Addr a';
  15.110 -	   G\\<turnstile>s1 -ps[\\<succ>]pvs\\<rightarrow> (x,(h,l)); dynT = fst (the (h a));
  15.111 +  Call	"[|G\\<turnstile>Norm s0 -e\\<succ>a'-> s1; a = the_Addr a';
  15.112 +	   G\\<turnstile>s1 -ps[\\<succ>]pvs-> (x,(h,l)); dynT = fst (the (h a));
  15.113  	   (md,rT,pns,lvars,blk,res) = the (method (G,dynT) (mn,pTs));
  15.114 -	   G\\<turnstile>(np a' x,(h,(init_vars lvars)(pns[\\<mapsto>]pvs)(This\\<mapsto>a'))) -blk\\<rightarrow> s3;
  15.115 -	   G\\<turnstile>     s3 -res\\<succ>v \\<rightarrow> (x4,s4)\\<rbrakk> \\<Longrightarrow>
  15.116 -			    G\\<turnstile>Norm s0 -e..mn({pTs}ps)\\<succ>v\\<rightarrow> (x4,(heap s4,l))"
  15.117 +	   G\\<turnstile>(np a' x,(h,(init_vars lvars)(pns[\\<mapsto>]pvs)(This\\<mapsto>a'))) -blk-> s3;
  15.118 +	   G\\<turnstile>     s3 -res\\<succ>v -> (x4,s4)|] ==>
  15.119 +			    G\\<turnstile>Norm s0 -e..mn({pTs}ps)\\<succ>v-> (x4,(heap s4,l))"
  15.120  
  15.121  
  15.122  (* evaluation of expression lists *)
  15.123  
  15.124    (* cf. 15.5 *)
  15.125 -  XcptEs			  "G\\<turnstile>(Some xc,s) -e[\\<succ>]arbitrary\\<rightarrow> (Some xc,s)"
  15.126 +  XcptEs			  "G\\<turnstile>(Some xc,s) -e[\\<succ>]arbitrary-> (Some xc,s)"
  15.127  
  15.128    (* cf. 15.11.??? *)
  15.129    Nil
  15.130 -				    "G\\<turnstile>Norm s0 -[][\\<succ>][]\\<rightarrow> Norm s0"
  15.131 +				    "G\\<turnstile>Norm s0 -[][\\<succ>][]-> Norm s0"
  15.132  
  15.133    (* cf. 15.6.4 *)
  15.134 -  Cons	"\\<lbrakk>G\\<turnstile>Norm s0 -e  \\<succ> v \\<rightarrow> s1;
  15.135 -           G\\<turnstile>     s1 -es[\\<succ>]vs\\<rightarrow> s2\\<rbrakk> \\<Longrightarrow>
  15.136 -				   G\\<turnstile>Norm s0 -e#es[\\<succ>]v#vs\\<rightarrow> s2"
  15.137 +  Cons	"[|G\\<turnstile>Norm s0 -e  \\<succ> v -> s1;
  15.138 +           G\\<turnstile>     s1 -es[\\<succ>]vs-> s2|] ==>
  15.139 +				   G\\<turnstile>Norm s0 -e#es[\\<succ>]v#vs-> s2"
  15.140  
  15.141  (* execution of statements *)
  15.142  
  15.143    (* cf. 14.1 *)
  15.144 -  XcptS				 "G\\<turnstile>(Some xc,s) -s0\\<rightarrow> (Some xc,s)"
  15.145 +  XcptS				 "G\\<turnstile>(Some xc,s) -s0-> (Some xc,s)"
  15.146  
  15.147    (* cf. 14.5 *)
  15.148 -  Skip	 			    "G\\<turnstile>Norm s -Skip\\<rightarrow> Norm s"
  15.149 +  Skip	 			    "G\\<turnstile>Norm s -Skip-> Norm s"
  15.150  
  15.151    (* cf. 14.7 *)
  15.152 -  Expr	"\\<lbrakk>G\\<turnstile>Norm s0 -e\\<succ>v\\<rightarrow> s1\\<rbrakk> \\<Longrightarrow>
  15.153 -				  G\\<turnstile>Norm s0 -Expr e\\<rightarrow> s1"
  15.154 +  Expr	"[|G\\<turnstile>Norm s0 -e\\<succ>v-> s1|] ==>
  15.155 +				  G\\<turnstile>Norm s0 -Expr e-> s1"
  15.156  
  15.157    (* cf. 14.2 *)
  15.158 -  Comp	"\\<lbrakk>G\\<turnstile>Norm s0 -s \\<rightarrow> s1;
  15.159 -	  G\\<turnstile>     s1 -t \\<rightarrow> s2\\<rbrakk> \\<Longrightarrow>
  15.160 -				 G\\<turnstile>Norm s0 -(s;; t)\\<rightarrow> s2"
  15.161 +  Comp	"[|G\\<turnstile>Norm s0 -s -> s1;
  15.162 +	  G\\<turnstile>     s1 -t -> s2|] ==>
  15.163 +				 G\\<turnstile>Norm s0 -(s;; t)-> s2"
  15.164  
  15.165    (* cf. 14.8.2 *)
  15.166 -  Cond	"\\<lbrakk>G\\<turnstile>Norm s0  -e \\<succ>v\\<rightarrow> s1;
  15.167 -	  G\\<turnstile>     s1 -(if  the_Bool v then s else t)\\<rightarrow> s2\\<rbrakk> \\<Longrightarrow>
  15.168 -		        G\\<turnstile>Norm s0 -(If(e) s Else t)\\<rightarrow> s2"
  15.169 +  Cond	"[|G\\<turnstile>Norm s0  -e \\<succ>v-> s1;
  15.170 +	  G\\<turnstile>     s1 -(if  the_Bool v then s else t)-> s2|] ==>
  15.171 +		        G\\<turnstile>Norm s0 -(If(e) s Else t)-> s2"
  15.172  
  15.173    (* cf. 14.10, 14.10.1 *)
  15.174 -  Loop	"\\<lbrakk>G\\<turnstile>Norm s0 -(If(e) (s;; While(e) s) Else Skip)\\<rightarrow> s1\\<rbrakk> \\<Longrightarrow>
  15.175 -			    G\\<turnstile>Norm s0 -(While(e) s)\\<rightarrow> s1"
  15.176 +  Loop	"[|G\\<turnstile>Norm s0 -(If(e) (s;; While(e) s) Else Skip)-> s1|] ==>
  15.177 +			    G\\<turnstile>Norm s0 -(While(e) s)-> s1"
  15.178  
  15.179  end
    16.1 --- a/src/HOL/MicroJava/J/Example.ML	Wed Sep 20 21:20:41 2000 +0200
    16.2 +++ b/src/HOL/MicroJava/J/Example.ML	Thu Sep 21 10:42:49 2000 +0200
    16.3 @@ -11,7 +11,7 @@
    16.4  val map_of_Cons1 = prove_goalw Map.thy [get_def thy "map_of_list"] 
    16.5  "map_of ((x,y)#ps) x = Some y" (K [Simp_tac 1]);
    16.6  val map_of_Cons2 = prove_goalw Map.thy [get_def thy "map_of_list"] 
    16.7 -"\\<And>X. x\\<noteq>k \\<Longrightarrow> map_of ((k,y)#ps) x = map_of ps x" (K [Asm_simp_tac 1]);
    16.8 +"!!X. x\\<noteq>k ==> map_of ((k,y)#ps) x = map_of ps x" (K [Asm_simp_tac 1]);
    16.9  Delsimps[map_of_Cons]; (* sic! *)
   16.10  Addsimps[map_of_Cons1, map_of_Cons2];
   16.11  
   16.12 @@ -30,12 +30,12 @@
   16.13  	Simp_tac 1]);
   16.14  Addsimps [class_tprg_Object, class_tprg_Base, class_tprg_Ext];
   16.15  
   16.16 -Goal "\\<And>X. (Object,C) \\<in> (subcls1 tprg)^+ \\<Longrightarrow> R";
   16.17 +Goal "!!X. (Object,C) \\<in> (subcls1 tprg)^+ ==> R";
   16.18  by (auto_tac (claset() addSDs [tranclD,subcls1D],simpset()));
   16.19  qed "not_Object_subcls";
   16.20  AddSEs [not_Object_subcls];
   16.21  
   16.22 -Goal "tprg\\<turnstile>Object\\<preceq>C C \\<Longrightarrow> C = Object";
   16.23 +Goal "tprg\\<turnstile>Object\\<preceq>C C ==> C = Object";
   16.24  be rtrancl_induct 1;
   16.25  by  Auto_tac;
   16.26  bd subcls1D 1;
   16.27 @@ -43,16 +43,16 @@
   16.28  qed "subcls_ObjectD";
   16.29  AddSDs[subcls_ObjectD];
   16.30  
   16.31 -Goal "\\<And>X. (Base, Ext) \\<in> (subcls1 tprg)^+ \\<Longrightarrow> R";
   16.32 +Goal "!!X. (Base, Ext) \\<in> (subcls1 tprg)^+ ==> R";
   16.33  by (auto_tac (claset() addSDs [tranclD,subcls1D],simpset()));
   16.34  qed "not_Base_subcls_Ext";
   16.35  AddSEs [not_Base_subcls_Ext];
   16.36  
   16.37 -Goalw [class_def, ObjectC_def, BaseC_def, ExtC_def] "class tprg C = Some z \\<Longrightarrow> C=Object \\<or> C=Base \\<or> C=Ext";
   16.38 +Goalw [class_def, ObjectC_def, BaseC_def, ExtC_def] "class tprg C = Some z ==> C=Object \\<or> C=Base \\<or> C=Ext";
   16.39  by (auto_tac (claset(),simpset()addsimps[]addsplits[split_if_asm]));
   16.40  qed "class_tprgD";
   16.41  
   16.42 -Goal "(C,C) \\<in> (subcls1 tprg)^+ \\<Longrightarrow> R";
   16.43 +Goal "(C,C) \\<in> (subcls1 tprg)^+ ==> R";
   16.44  by (auto_tac (claset() addSDs [tranclD,subcls1D],simpset()));
   16.45  by (ftac class_tprgD 1);
   16.46  by (auto_tac (claset() addSDs [],simpset()));
   16.47 @@ -196,7 +196,7 @@
   16.48  
   16.49  fun t thm = resolve_tac ty_expr_ty_exprs_wt_stmt.intrs 1 thm;
   16.50  Goalw [test_def] "(tprg, empty(e\\<mapsto>Class Base))\\<turnstile>\ 
   16.51 -\ Expr(e\\<Colon>=NewC Ext);; Expr(LAcc e..foo({?pTs'}[Lit Null]))\\<surd>";
   16.52 +\ Expr(e::=NewC Ext);; Expr(LAcc e..foo({?pTs'}[Lit Null]))\\<surd>";
   16.53  (* ?pTs' = [Class Base] *)
   16.54  by t;		(* ;; *)
   16.55  by  t;		(* Expr *)
   16.56 @@ -225,8 +225,8 @@
   16.57  Delsplits[split_if];
   16.58  Addsimps[init_vars_def,c_hupd_def,cast_ok_def];
   16.59  Goalw [test_def] 
   16.60 -" \\<lbrakk>new_Addr (heap (snd s0)) = (a, None)\\<rbrakk> \\<Longrightarrow> \
   16.61 -\ tprg\\<turnstile>s0 -test\\<rightarrow> ?s";
   16.62 +" [|new_Addr (heap (snd s0)) = (a, None)|] ==> \
   16.63 +\ tprg\\<turnstile>s0 -test-> ?s";
   16.64  (* ?s = s3 *)
   16.65  by e;		(* ;; *)
   16.66  by  e;		(* Expr *)
    17.1 --- a/src/HOL/MicroJava/J/Example.thy	Wed Sep 20 21:20:41 2000 +0200
    17.2 +++ b/src/HOL/MicroJava/J/Example.thy	Thu Sep 21 10:42:49 2000 +0200
    17.3 @@ -35,8 +35,8 @@
    17.4  
    17.5  consts
    17.6  
    17.7 -  cnam_ :: "cnam_ \\<Rightarrow> cname"
    17.8 -  vnam_ :: "vnam_ \\<Rightarrow> vnam"
    17.9 +  cnam_ :: "cnam_ => cname"
   17.10 +  vnam_ :: "vnam_ => vnam"
   17.11  
   17.12  rules (* cnam_ and vnam_ are intended to be isomorphic to cnam and vnam *)
   17.13  
   17.14 @@ -74,18 +74,18 @@
   17.15  
   17.16  defs
   17.17  
   17.18 -  foo_Base_def "foo_Base \\<equiv> ([x],[],Skip,LAcc x)"
   17.19 -  BaseC_def "BaseC \\<equiv> (Base, (Some Object, 
   17.20 +  foo_Base_def "foo_Base == ([x],[],Skip,LAcc x)"
   17.21 +  BaseC_def "BaseC == (Base, (Some Object, 
   17.22  			     [(vee, PrimT Boolean)], 
   17.23  			     [((foo,[Class Base]),Class Base,foo_Base)]))"
   17.24 -  foo_Ext_def "foo_Ext \\<equiv> ([x],[],Expr( {Ext}Cast Ext
   17.25 +  foo_Ext_def "foo_Ext == ([x],[],Expr( {Ext}Cast Ext
   17.26  				       (LAcc x)..vee:=Lit (Intg #1)),
   17.27  				   Lit Null)"
   17.28 -  ExtC_def  "ExtC  \\<equiv> (Ext,  (Some Base  , 
   17.29 +  ExtC_def  "ExtC  == (Ext,  (Some Base  , 
   17.30  			     [(vee, PrimT Integer)], 
   17.31  			     [((foo,[Class Base]),Class Ext,foo_Ext)]))"
   17.32  
   17.33 -  test_def "test \\<equiv> Expr(e\\<Colon>=NewC Ext);; 
   17.34 +  test_def "test == Expr(e::=NewC Ext);; 
   17.35                      Expr(LAcc e..foo({[Class Base]}[Lit Null]))"
   17.36  
   17.37  
    18.1 --- a/src/HOL/MicroJava/J/JBasis.ML	Wed Sep 20 21:20:41 2000 +0200
    18.2 +++ b/src/HOL/MicroJava/J/JBasis.ML	Thu Sep 21 10:42:49 2000 +0200
    18.3 @@ -7,25 +7,25 @@
    18.4  val strip_tac1 = SELECT_GOAL (safe_tac (HOL_cs delrules [conjI, disjE, impCE]));
    18.5  
    18.6  Goalw [image_def]
    18.7 -	"x \\<in> f``A \\<Longrightarrow> \\<exists>y. y \\<in> A \\<and>  x = f y";
    18.8 +	"x \\<in> f``A ==> \\<exists>y. y \\<in> A \\<and>  x = f y";
    18.9  by(Auto_tac);
   18.10  qed "image_rev";
   18.11  
   18.12  fun case_tac1 s i = EVERY [case_tac s i, rotate_tac ~1 i, rotate_tac ~1 (i+1)];
   18.13  
   18.14  val select_split = prove_goalw Prod.thy [split_def] 
   18.15 -	"(\\<epsilon>(x,y). P x y) = (\\<epsilon>xy. P (fst xy) (snd xy))" (K [rtac refl 1]);
   18.16 +	"(SOME (x,y). P x y) = (SOME xy. P (fst xy) (snd xy))" (K [rtac refl 1]);
   18.17  	 
   18.18  
   18.19  val split_beta = prove_goal Prod.thy "(\\<lambda>(x,y). P x y) z = P (fst z) (snd z)"
   18.20  	(fn _ => [stac surjective_pairing 1, stac split 1, rtac refl 1]);
   18.21  val split_beta2 = prove_goal Prod.thy "(\\<lambda>(x,y). P x y) (w,z) = P w z"
   18.22  	(fn _ => [Auto_tac]);
   18.23 -val splitE2 = prove_goal Prod.thy "\\<lbrakk>Q (split P z); \\<And>x y. \\<lbrakk>z = (x, y); Q (P x y)\\<rbrakk> \\<Longrightarrow> R\\<rbrakk> \\<Longrightarrow> R" (fn prems => [
   18.24 +val splitE2 = prove_goal Prod.thy "[|Q (split P z); !!x y. [|z = (x, y); Q (P x y)|] ==> R|] ==> R" (fn prems => [
   18.25  	REPEAT (resolve_tac (prems@[surjective_pairing]) 1),
   18.26  	rtac (split_beta RS subst) 1,
   18.27  	rtac (hd prems) 1]);
   18.28 -val splitE2' = prove_goal Prod.thy "\\<lbrakk>((\\<lambda>(x,y). P x y) z) w; \\<And>x y. \\<lbrakk>z = (x, y); (P x y) w\\<rbrakk> \\<Longrightarrow> R\\<rbrakk> \\<Longrightarrow> R" (fn prems => [
   18.29 +val splitE2' = prove_goal Prod.thy "[|((\\<lambda>(x,y). P x y) z) w; !!x y. [|z = (x, y); (P x y) w|] ==> R|] ==> R" (fn prems => [
   18.30  	REPEAT (resolve_tac (prems@[surjective_pairing]) 1),
   18.31  	res_inst_tac [("P1","P")] (split_beta RS subst) 1,
   18.32  	rtac (hd prems) 1]);
   18.33 @@ -33,7 +33,7 @@
   18.34  
   18.35  fun pair_tac s = res_inst_tac [("p",s)] PairE THEN' hyp_subst_tac;
   18.36  
   18.37 -val BallE = prove_goal thy "\\<lbrakk>Ball A P; x \\<notin> A \\<Longrightarrow> Q; P x \\<Longrightarrow> Q \\<rbrakk> \\<Longrightarrow> Q"
   18.38 +val BallE = prove_goal thy "[|Ball A P; x \\<notin> A ==> Q; P x ==> Q |] ==> Q"
   18.39  	(fn prems => [rtac ballE 1, resolve_tac prems 1, 
   18.40  			eresolve_tac prems 1, eresolve_tac prems 1]);
   18.41  
   18.42 @@ -43,7 +43,7 @@
   18.43  
   18.44  (* To HOL.ML *)
   18.45  
   18.46 -val ex1_some_eq_trivial = prove_goal HOL.thy "\\<lbrakk> \\<exists>!x. P x; P y \\<rbrakk> \\<Longrightarrow> Eps P = y" 
   18.47 +val ex1_some_eq_trivial = prove_goal HOL.thy "[| \\<exists>!x. P x; P y |] ==> Eps P = y" 
   18.48  	(fn prems => [
   18.49  	cut_facts_tac prems 1,
   18.50  	rtac some_equality 1,
   18.51 @@ -74,7 +74,7 @@
   18.52    asm_full_simp_tac (simpset() delsimps [split_paired_All,split_paired_Ex])];
   18.53  
   18.54  val optionE = prove_goal thy 
   18.55 -       "\\<lbrakk> opt = None \\<Longrightarrow> P;  \\<And>x. opt = Some x \\<Longrightarrow> P \\<rbrakk> \\<Longrightarrow> P" 
   18.56 +       "[| opt = None ==> P;  !!x. opt = Some x ==> P |] ==> P" 
   18.57     (fn prems => [
   18.58  	case_tac "opt = None" 1,
   18.59  	 eresolve_tac prems 1,
   18.60 @@ -87,7 +87,7 @@
   18.61  	 rotate_tac ~1  i   , asm_full_simp_tac HOL_basic_ss i];
   18.62  
   18.63  val option_map_SomeD = prove_goalw thy [option_map_def]
   18.64 -	"\\<And>x. option_map f x = Some y \\<Longrightarrow> \\<exists>z. x = Some z \\<and> f z = y" (K [
   18.65 +	"!!x. option_map f x = Some y ==> \\<exists>z. x = Some z \\<and> f z = y" (K [
   18.66  	option_case_tac2 "x" 1,
   18.67  	 Auto_tac]);
   18.68  
   18.69 @@ -120,19 +120,19 @@
   18.70  by  (auto_tac (claset() addDs [fst_in_set_lemma],simpset()addsimps[inj_eq]));
   18.71  qed_spec_mp "unique_map_inj";
   18.72  
   18.73 -Goal "\\<And>l. unique l \\<Longrightarrow> unique (map (split (\\<lambda>k. Pair (k, C))) l)";
   18.74 +Goal "!!l. unique l ==> unique (map (split (\\<lambda>k. Pair (k, C))) l)";
   18.75  by(etac unique_map_inj 1);
   18.76  by(rtac injI 1);
   18.77  by Auto_tac;
   18.78  qed "unique_map_Pair";
   18.79  
   18.80 -Goal "\\<lbrakk>M = N; \\<And>x. x\\<in>N \\<Longrightarrow> f x = g x\\<rbrakk> \\<Longrightarrow> f``M = g``N";
   18.81 +Goal "[|M = N; !!x. x\\<in>N ==> f x = g x|] ==> f``M = g``N";
   18.82  by(rtac set_ext 1);
   18.83  by(simp_tac (simpset() addsimps image_def::premises()) 1);
   18.84  qed "image_cong";
   18.85  
   18.86  val split_Pair_eq = prove_goal Prod.thy 
   18.87 -"\\<And>X. ((x, y), z) \\<in> split (\\<lambda>x. Pair (x, Y)) `` A \\<Longrightarrow> y = Y" (K [
   18.88 +"!!X. ((x, y), z) \\<in> split (\\<lambda>x. Pair (x, Y)) `` A ==> y = Y" (K [
   18.89  	etac imageE 1,
   18.90  	split_all_tac 1,
   18.91  	auto_tac(claset_of Prod.thy,simpset_of Prod.thy)]);
   18.92 @@ -140,7 +140,7 @@
   18.93  
   18.94  (* More about Maps *)
   18.95  
   18.96 -val override_SomeD = prove_goalw thy [override_def] "(s \\<oplus> t) k = Some x \\<Longrightarrow> \
   18.97 +val override_SomeD = prove_goalw thy [override_def] "(s \\<oplus> t) k = Some x ==> \
   18.98  \ t k = Some x |  t k = None \\<and>  s k = Some x" (fn prems => [
   18.99  	cut_facts_tac prems 1,
  18.100  	case_tac "\\<exists>x. t k = Some x" 1,
  18.101 @@ -153,7 +153,7 @@
  18.102  
  18.103  Addsimps [fun_upd_same, fun_upd_other];
  18.104  
  18.105 -Goal "unique xys \\<longrightarrow> (map_of xys x = Some y) = ((x,y) \\<in> set xys)";
  18.106 +Goal "unique xys --> (map_of xys x = Some y) = ((x,y) \\<in> set xys)";
  18.107  by(induct_tac "xys" 1);
  18.108   by(Simp_tac 1);
  18.109  by(force_tac (claset(), simpset() addsimps [unique_Cons]) 1);
  18.110 @@ -162,7 +162,7 @@
  18.111  val in_set_get = unique_map_of_Some_conv RS iffD2;
  18.112  val get_in_set = unique_map_of_Some_conv RS iffD1;
  18.113  
  18.114 -Goal "(\\<forall>(x,y)\\<in>set l. P x y) \\<longrightarrow> (\\<forall>x. \\<forall>y. map_of l x = Some y \\<longrightarrow> P x y)";
  18.115 +Goal "(\\<forall>(x,y)\\<in>set l. P x y) --> (\\<forall>x. \\<forall>y. map_of l x = Some y --> P x y)";
  18.116  by(induct_tac "l" 1);
  18.117  by(ALLGOALS Simp_tac);
  18.118  by Safe_tac;
  18.119 @@ -170,37 +170,37 @@
  18.120  bind_thm("Ball_set_table",result() RS mp);
  18.121  
  18.122  val table_mono = prove_goal thy 
  18.123 -"unique l' \\<longrightarrow> (\\<forall>xy. (xy)\\<in>set l \\<longrightarrow> (xy)\\<in>set l') \\<longrightarrow>\
  18.124 -\ (\\<forall>k y. map_of l k = Some y \\<longrightarrow> map_of l' k = Some y)" (fn _ => [
  18.125 +"unique l' --> (\\<forall>xy. (xy)\\<in>set l --> (xy)\\<in>set l') -->\
  18.126 +\ (\\<forall>k y. map_of l k = Some y --> map_of l' k = Some y)" (fn _ => [
  18.127  	induct_tac "l" 1,
  18.128  	 Auto_tac,
  18.129   	 fast_tac (HOL_cs addSIs [in_set_get]) 1])
  18.130   RS mp RS mp RS spec RS spec RS mp;
  18.131  
  18.132 -val table_map_Some' = prove_goal thy "map_of t k = Some (k', x) \\<longrightarrow> \
  18.133 +val table_map_Some' = prove_goal thy "map_of t k = Some (k', x) --> \
  18.134  \ map_of (map (\\<lambda>u. ((fst u, fst (snd u)), snd (snd u))) t) (k, k') = Some x" (K [
  18.135  	induct_tac "t" 1,	
  18.136  	 ALLGOALS Simp_tac,
  18.137  	case_tac1 "k = fst a" 1,
  18.138  	 Auto_tac]) RS mp;
  18.139  val table_map_Some = prove_goal thy 
  18.140 -"map_of (map (\\<lambda>((k,k'),x). (k,(k',x))) t) k = Some (k',x) \\<longrightarrow> \
  18.141 +"map_of (map (\\<lambda>((k,k'),x). (k,(k',x))) t) k = Some (k',x) --> \
  18.142  \map_of t (k, k') = Some x" (K [
  18.143  	induct_tac "t" 1,	
  18.144  	Auto_tac]) RS mp;
  18.145  
  18.146  
  18.147 -val table_mapf_Some = prove_goal thy "\\<And>f. \\<forall>x y. f x = f y \\<longrightarrow> x = y \\<Longrightarrow> \
  18.148 -\ map_of (map (\\<lambda>(k,x). (k,f x)) t) k = Some (f x) \\<longrightarrow> map_of t k = Some x" (K [
  18.149 +val table_mapf_Some = prove_goal thy "!!f. \\<forall>x y. f x = f y --> x = y ==> \
  18.150 +\ map_of (map (\\<lambda>(k,x). (k,f x)) t) k = Some (f x) --> map_of t k = Some x" (K [
  18.151  	induct_tac "t" 1,	
  18.152  	Auto_tac]) RS mp;
  18.153  val table_mapf_SomeD = prove_goal thy 
  18.154 -"map_of (map (\\<lambda>(k,x). (k, f x)) t) k = Some z \\<longrightarrow> (\\<exists>y. (k,y)\\<in>set t \\<and>  z = f y)"(K [
  18.155 +"map_of (map (\\<lambda>(k,x). (k, f x)) t) k = Some z --> (\\<exists>y. (k,y)\\<in>set t \\<and>  z = f y)"(K [
  18.156  	induct_tac "t" 1,	
  18.157  	Auto_tac]) RS mp;
  18.158  
  18.159  val table_mapf_Some2 = prove_goal thy 
  18.160 -"\\<And>k. map_of (map (\\<lambda>(k,x). (k,C,x)) t) k = Some (D,x) \\<Longrightarrow> C = D \\<and> map_of t k = Some x" (K [
  18.161 +"!!k. map_of (map (\\<lambda>(k,x). (k,C,x)) t) k = Some (D,x) ==> C = D \\<and> map_of t k = Some x" (K [
  18.162  	forward_tac [table_mapf_SomeD] 1,
  18.163  	Auto_tac,
  18.164  	rtac table_mapf_Some 1,
    19.1 --- a/src/HOL/MicroJava/J/JBasis.thy	Wed Sep 20 21:20:41 2000 +0200
    19.2 +++ b/src/HOL/MicroJava/J/JBasis.thy	Thu Sep 21 10:42:49 2000 +0200
    19.3 @@ -10,7 +10,7 @@
    19.4  
    19.5  constdefs
    19.6  
    19.7 -  unique  :: "('a \\<times> 'b) list \\<Rightarrow> bool"
    19.8 - "unique  \\<equiv> nodups \\<circ> map fst"
    19.9 +  unique  :: "('a \\<times> 'b) list => bool"
   19.10 + "unique  == nodups \\<circ> map fst"
   19.11  
   19.12  end
    20.1 --- a/src/HOL/MicroJava/J/JTypeSafe.ML	Wed Sep 20 21:20:41 2000 +0200
    20.2 +++ b/src/HOL/MicroJava/J/JTypeSafe.ML	Thu Sep 21 10:42:49 2000 +0200
    20.3 @@ -9,16 +9,16 @@
    20.4  
    20.5  Addsimps [split_beta];
    20.6  
    20.7 -Goal "\\<lbrakk>h a = None; (h, l)\\<Colon>\\<preceq>(G, lT); wf_prog wf_mb G; is_class G C\\<rbrakk> \\<Longrightarrow> \
    20.8 -\ (h(a\\<mapsto>(C,(init_vars (fields (G,C))))), l)\\<Colon>\\<preceq>(G, lT)";
    20.9 +Goal "[|h a = None; (h, l)::\\<preceq>(G, lT); wf_prog wf_mb G; is_class G C|] ==> \
   20.10 +\ (h(a\\<mapsto>(C,(init_vars (fields (G,C))))), l)::\\<preceq>(G, lT)";
   20.11  by( etac conforms_upd_obj 1);
   20.12  by(  rewtac oconf_def);
   20.13  by(  auto_tac (claset() addSDs [is_type_fields, map_of_SomeD], simpset()));
   20.14  qed "NewC_conforms";
   20.15  
   20.16  Goalw [cast_ok_def]
   20.17 - "\\<lbrakk> wf_prog wf_mb G; G,h\\<turnstile>v\\<Colon>\\<preceq>Class C; G\\<turnstile>C\\<preceq>? D; cast_ok G D h v\\<rbrakk> \
   20.18 -\ \\<Longrightarrow> G,h\\<turnstile>v\\<Colon>\\<preceq>Class D";
   20.19 + "[| wf_prog wf_mb G; G,h\\<turnstile>v::\\<preceq>Class C; G\\<turnstile>C\\<preceq>? D; cast_ok G D h v|] \
   20.20 +\ ==> G,h\\<turnstile>v::\\<preceq>Class D";
   20.21  by( case_tac1 "v = Null" 1);
   20.22  by(  Asm_full_simp_tac 1);
   20.23  by(  dtac widen_RefT 1);
   20.24 @@ -28,9 +28,9 @@
   20.25  by( auto_tac (claset() addSIs [conf_AddrI], simpset() addsimps [obj_ty_def]));
   20.26  qed "Cast_conf";
   20.27  
   20.28 -Goal "\\<lbrakk> wf_prog wf_mb G; field (G,C) fn = Some (fd, ft); (h,l)\\<Colon>\\<preceq>(G,lT); \
   20.29 -\    x' = None \\<longrightarrow> G,h\\<turnstile>a'\\<Colon>\\<preceq> Class C; np a' x' = None \\<rbrakk> \\<Longrightarrow> \
   20.30 -\ G,h\\<turnstile>the (snd (the (h (the_Addr a'))) (fn, fd))\\<Colon>\\<preceq>ft";
   20.31 +Goal "[| wf_prog wf_mb G; field (G,C) fn = Some (fd, ft); (h,l)::\\<preceq>(G,lT); \
   20.32 +\    x' = None --> G,h\\<turnstile>a'::\\<preceq> Class C; np a' x' = None |] ==> \
   20.33 +\ G,h\\<turnstile>the (snd (the (h (the_Addr a'))) (fn, fd))::\\<preceq>ft";
   20.34  by( dtac np_NoneD 1);
   20.35  by( etac conjE 1);
   20.36  by( mp_tac 1);
   20.37 @@ -47,15 +47,15 @@
   20.38  qed "FAcc_type_sound";
   20.39  
   20.40  Goal
   20.41 - "\\<lbrakk> wf_prog wf_mb G; a = the_Addr a'; (c, fs) = the (h a); \
   20.42 -\   (G, lT)\\<turnstile>v\\<Colon>T'; G\\<turnstile>T'\\<preceq>ft; \
   20.43 -\   (G, lT)\\<turnstile>aa\\<Colon>Class C; \
   20.44 + "[| wf_prog wf_mb G; a = the_Addr a'; (c, fs) = the (h a); \
   20.45 +\   (G, lT)\\<turnstile>v::T'; G\\<turnstile>T'\\<preceq>ft; \
   20.46 +\   (G, lT)\\<turnstile>aa::Class C; \
   20.47  \   field (G,C) fn = Some (fd, ft); h''\\<le>|h'; \
   20.48 -\   x' = None \\<longrightarrow> G,h'\\<turnstile>a'\\<Colon>\\<preceq> Class C; h'\\<le>|h; \
   20.49 -\   (h, l)\\<Colon>\\<preceq>(G, lT); G,h\\<turnstile>x\\<Colon>\\<preceq>T'; np a' x' = None\\<rbrakk> \\<Longrightarrow> \
   20.50 +\   x' = None --> G,h'\\<turnstile>a'::\\<preceq> Class C; h'\\<le>|h; \
   20.51 +\   (h, l)::\\<preceq>(G, lT); G,h\\<turnstile>x::\\<preceq>T'; np a' x' = None|] ==> \
   20.52  \ h''\\<le>|h(a\\<mapsto>(c,(fs((fn,fd)\\<mapsto>x)))) \\<and>  \
   20.53 -\ (h(a\\<mapsto>(c,(fs((fn,fd)\\<mapsto>x)))), l)\\<Colon>\\<preceq>(G, lT) \\<and>  \
   20.54 -\ G,h(a\\<mapsto>(c,(fs((fn,fd)\\<mapsto>x))))\\<turnstile>x\\<Colon>\\<preceq>T'";
   20.55 +\ (h(a\\<mapsto>(c,(fs((fn,fd)\\<mapsto>x)))), l)::\\<preceq>(G, lT) \\<and>  \
   20.56 +\ G,h(a\\<mapsto>(c,(fs((fn,fd)\\<mapsto>x))))\\<turnstile>x::\\<preceq>T'";
   20.57  by( dtac np_NoneD 1);
   20.58  by( etac conjE 1);
   20.59  by( Asm_full_simp_tac 1);
   20.60 @@ -91,11 +91,11 @@
   20.61  by( fast_tac (HOL_cs addDs [conforms_heapD RS hconfD, oconf_objD]) 1);
   20.62  qed "FAss_type_sound";
   20.63  
   20.64 -Goalw [wf_mhead_def] "\\<lbrakk> wf_prog wf_mb G; list_all2 (conf G h) pvs pTs; \
   20.65 +Goalw [wf_mhead_def] "[| wf_prog wf_mb G; list_all2 (conf G h) pvs pTs; \
   20.66   \ list_all2 (\\<lambda>T T'. G\\<turnstile>T\\<preceq>T') pTs pTs'; wf_mhead G (mn,pTs') rT; \
   20.67  \ length pTs' = length pns; nodups pns; \
   20.68  \ Ball (set lvars) (split (\\<lambda>vn. is_type G)) \
   20.69 -\ \\<rbrakk> \\<Longrightarrow> G,h\\<turnstile>init_vars lvars(pns[\\<mapsto>]pvs)[\\<Colon>\\<preceq>]map_of lvars(pns[\\<mapsto>]pTs')";
   20.70 +\ |] ==> G,h\\<turnstile>init_vars lvars(pns[\\<mapsto>]pvs)[::\\<preceq>]map_of lvars(pns[\\<mapsto>]pTs')";
   20.71  by( Clarsimp_tac 1);
   20.72  by( rtac lconf_ext_list 1);
   20.73  by(    rtac (Ball_set_table RS lconf_init_vars) 1);
   20.74 @@ -106,17 +106,17 @@
   20.75  qed "Call_lemma2";
   20.76  
   20.77  Goalw [wf_java_prog_def]
   20.78 - "\\<lbrakk> wf_java_prog G; a' \\<noteq> Null; (h, l)\\<Colon>\\<preceq>(G, lT); \
   20.79 + "[| wf_java_prog G; a' \\<noteq> Null; (h, l)::\\<preceq>(G, lT); \
   20.80  \    max_spec G C (mn,pTsa) = {((mda,rTa),pTs')}; xc\\<le>|xh; xh\\<le>|h; \
   20.81  \    list_all2 (conf G h) pvs pTsa;\
   20.82  \    (md, rT, pns, lvars, blk, res) = \
   20.83  \              the (method (G,fst (the (h (the_Addr a')))) (mn, pTs'));\
   20.84 -\ \\<forall>lT. (h, init_vars lvars(pns[\\<mapsto>]pvs)(This\\<mapsto>a'))\\<Colon>\\<preceq>(G, lT) \\<longrightarrow> \
   20.85 -\ (G, lT)\\<turnstile>blk\\<surd> \\<longrightarrow>  h\\<le>|xi \\<and>  (xi, xl)\\<Colon>\\<preceq>(G, lT); \
   20.86 -\ \\<forall>lT. (xi, xl)\\<Colon>\\<preceq>(G, lT) \\<longrightarrow> (\\<forall>T. (G, lT)\\<turnstile>res\\<Colon>T \\<longrightarrow> \
   20.87 -\         xi\\<le>|h' \\<and> (h', xj)\\<Colon>\\<preceq>(G, lT) \\<and> (x' = None \\<longrightarrow> G,h'\\<turnstile>v\\<Colon>\\<preceq>T)); \
   20.88 -\ G,xh\\<turnstile>a'\\<Colon>\\<preceq> Class C \\<rbrakk> \\<Longrightarrow> \
   20.89 -\ xc\\<le>|h' \\<and> (h', l)\\<Colon>\\<preceq>(G, lT) \\<and>  (x' = None \\<longrightarrow> G,h'\\<turnstile>v\\<Colon>\\<preceq>rTa)";
   20.90 +\ \\<forall>lT. (h, init_vars lvars(pns[\\<mapsto>]pvs)(This\\<mapsto>a'))::\\<preceq>(G, lT) --> \
   20.91 +\ (G, lT)\\<turnstile>blk\\<surd> -->  h\\<le>|xi \\<and>  (xi, xl)::\\<preceq>(G, lT); \
   20.92 +\ \\<forall>lT. (xi, xl)::\\<preceq>(G, lT) --> (\\<forall>T. (G, lT)\\<turnstile>res::T --> \
   20.93 +\         xi\\<le>|h' \\<and> (h', xj)::\\<preceq>(G, lT) \\<and> (x' = None --> G,h'\\<turnstile>v::\\<preceq>T)); \
   20.94 +\ G,xh\\<turnstile>a'::\\<preceq> Class C |] ==> \
   20.95 +\ xc\\<le>|h' \\<and> (h', l)::\\<preceq>(G, lT) \\<and>  (x' = None --> G,h'\\<turnstile>v::\\<preceq>rTa)";
   20.96  by( dtac (insertI1 RSN (2,(equalityD2 RS subsetD))) 1);
   20.97  by( dtac (max_spec2appl_meths RS appl_methsD) 1);
   20.98  by( Clarify_tac 1);
   20.99 @@ -139,9 +139,9 @@
  20.100  by( thin_tac "?E\\<turnstile>?blk\\<surd>" 1);
  20.101  by( etac conjE 1);
  20.102  by( EVERY'[dtac spec, mp_tac] 1);
  20.103 -(*by( thin_tac "?E\\<Colon>\\<preceq>(G, pT')" 1);*)
  20.104 +(*by( thin_tac "?E::\\<preceq>(G, pT')" 1);*)
  20.105  by( EVERY'[dtac spec, mp_tac] 1);
  20.106 -by( thin_tac "?E\\<turnstile>res\\<Colon>?rT" 1);
  20.107 +by( thin_tac "?E\\<turnstile>res::?rT" 1);
  20.108  by( strip_tac1 1);
  20.109  by( rtac conjI 1);
  20.110  by(  fast_tac (HOL_cs addIs [hext_trans]) 1);
  20.111 @@ -167,16 +167,16 @@
  20.112  val forward_hyp_tac = ALLGOALS (TRY o (EVERY' [dtac spec, mp_tac,
  20.113  	(mp_tac ORELSE' (dtac spec THEN' mp_tac)), REPEAT o (etac conjE)]));
  20.114  Goal
  20.115 -"wf_java_prog G \\<Longrightarrow> \
  20.116 -\ (G\\<turnstile>(x,(h,l)) -e  \\<succ>v  \\<rightarrow> (x', (h',l')) \\<longrightarrow> \
  20.117 -\     (\\<forall>lT.    (h ,l )\\<Colon>\\<preceq>(G,lT) \\<longrightarrow> (\\<forall>T . (G,lT)\\<turnstile>e  \\<Colon> T \\<longrightarrow> \
  20.118 -\     h\\<le>|h' \\<and> (h',l')\\<Colon>\\<preceq>(G,lT) \\<and> (x'=None \\<longrightarrow> G,h'\\<turnstile>v  \\<Colon>\\<preceq> T )))) \\<and> \
  20.119 -\ (G\\<turnstile>(x,(h,l)) -es[\\<succ>]vs\\<rightarrow> (x', (h',l')) \\<longrightarrow> \
  20.120 -\     (\\<forall>lT.    (h ,l )\\<Colon>\\<preceq>(G,lT) \\<longrightarrow> (\\<forall>Ts. (G,lT)\\<turnstile>es[\\<Colon>]Ts \\<longrightarrow> \
  20.121 -\     h\\<le>|h' \\<and> (h',l')\\<Colon>\\<preceq>(G,lT) \\<and> (x'=None \\<longrightarrow> list_all2 (\\<lambda>v T. G,h'\\<turnstile>v\\<Colon>\\<preceq>T) vs Ts)))) \\<and> \
  20.122 -\ (G\\<turnstile>(x,(h,l)) -c       \\<rightarrow> (x', (h',l')) \\<longrightarrow> \
  20.123 -\     (\\<forall>lT.    (h ,l )\\<Colon>\\<preceq>(G,lT) \\<longrightarrow>       (G,lT)\\<turnstile>c  \\<surd> \\<longrightarrow> \
  20.124 -\     h\\<le>|h' \\<and> (h',l')\\<Colon>\\<preceq>(G,lT)))";
  20.125 +"wf_java_prog G ==> \
  20.126 +\ (G\\<turnstile>(x,(h,l)) -e  \\<succ>v  -> (x', (h',l')) --> \
  20.127 +\     (\\<forall>lT.    (h ,l )::\\<preceq>(G,lT) --> (\\<forall>T . (G,lT)\\<turnstile>e  :: T --> \
  20.128 +\     h\\<le>|h' \\<and> (h',l')::\\<preceq>(G,lT) \\<and> (x'=None --> G,h'\\<turnstile>v  ::\\<preceq> T )))) \\<and> \
  20.129 +\ (G\\<turnstile>(x,(h,l)) -es[\\<succ>]vs-> (x', (h',l')) --> \
  20.130 +\     (\\<forall>lT.    (h ,l )::\\<preceq>(G,lT) --> (\\<forall>Ts. (G,lT)\\<turnstile>es[::]Ts --> \
  20.131 +\     h\\<le>|h' \\<and> (h',l')::\\<preceq>(G,lT) \\<and> (x'=None --> list_all2 (\\<lambda>v T. G,h'\\<turnstile>v::\\<preceq>T) vs Ts)))) \\<and> \
  20.132 +\ (G\\<turnstile>(x,(h,l)) -c       -> (x', (h',l')) --> \
  20.133 +\     (\\<forall>lT.    (h ,l )::\\<preceq>(G,lT) -->       (G,lT)\\<turnstile>c  \\<surd> --> \
  20.134 +\     h\\<le>|h' \\<and> (h',l')::\\<preceq>(G,lT)))";
  20.135  by( rtac eval_evals_exec.induct 1);
  20.136  by( rewtac c_hupd_def);
  20.137  
  20.138 @@ -298,24 +298,24 @@
  20.139      THEN_ALL_NEW Asm_simp_tac) 1);
  20.140  qed "eval_evals_exec_type_sound";
  20.141  
  20.142 -Goal "\\<And>E s s'. \
  20.143 -\ \\<lbrakk> G=prg E; wf_java_prog G; G\\<turnstile>(x,s) -e\\<succ>v \\<rightarrow> (x',s'); s\\<Colon>\\<preceq>E; E\\<turnstile>e\\<Colon>T \\<rbrakk> \
  20.144 -\ \\<Longrightarrow> s'\\<Colon>\\<preceq>E \\<and> (x'=None \\<longrightarrow> G,heap s'\\<turnstile>v\\<Colon>\\<preceq>T)";
  20.145 +Goal "!!E s s'. \
  20.146 +\ [| G=prg E; wf_java_prog G; G\\<turnstile>(x,s) -e\\<succ>v -> (x',s'); s::\\<preceq>E; E\\<turnstile>e::T |] \
  20.147 +\ ==> s'::\\<preceq>E \\<and> (x'=None --> G,heap s'\\<turnstile>v::\\<preceq>T)";
  20.148  by( split_all_tac 1);
  20.149  bd (eval_evals_exec_type_sound RS conjunct1 RS mp RS spec RS mp) 1;
  20.150  by Auto_tac;
  20.151  qed "eval_type_sound";
  20.152  
  20.153 -Goal "\\<And>E s s'. \
  20.154 -\ \\<lbrakk> G=prg E; wf_java_prog G; G\\<turnstile>(x,s) -s0\\<rightarrow> (x',s'); s\\<Colon>\\<preceq>E; E\\<turnstile>s0\\<surd> \\<rbrakk> \
  20.155 -\ \\<Longrightarrow> s'\\<Colon>\\<preceq>E";
  20.156 +Goal "!!E s s'. \
  20.157 +\ [| G=prg E; wf_java_prog G; G\\<turnstile>(x,s) -s0-> (x',s'); s::\\<preceq>E; E\\<turnstile>s0\\<surd> |] \
  20.158 +\ ==> s'::\\<preceq>E";
  20.159  by( split_all_tac 1);
  20.160  bd (eval_evals_exec_type_sound RS conjunct2 RS conjunct2 RS mp RS spec RS mp) 1;
  20.161  by   Auto_tac;
  20.162  qed "exec_type_sound";
  20.163  
  20.164 -Goal "\\<lbrakk>G=prg E; wf_java_prog G; G\\<turnstile>(x,s) -e\\<succ>a'\\<rightarrow> Norm s'; a' \\<noteq> Null;\
  20.165 -\         s\\<Colon>\\<preceq>E; E\\<turnstile>e\\<Colon>Class C; method (G,C) sig \\<noteq> None\\<rbrakk> \\<Longrightarrow> \
  20.166 +Goal "[|G=prg E; wf_java_prog G; G\\<turnstile>(x,s) -e\\<succ>a'-> Norm s'; a' \\<noteq> Null;\
  20.167 +\         s::\\<preceq>E; E\\<turnstile>e::Class C; method (G,C) sig \\<noteq> None|] ==> \
  20.168  \ method (G,fst (the (heap s' (the_Addr a')))) sig \\<noteq> None";
  20.169  by( datac eval_type_sound 4 1);
  20.170  by( not_None_tac 1);
    21.1 --- a/src/HOL/MicroJava/J/State.ML	Wed Sep 20 21:20:41 2000 +0200
    21.2 +++ b/src/HOL/MicroJava/J/State.ML	Thu Sep 21 10:42:49 2000 +0200
    21.3 @@ -10,7 +10,7 @@
    21.4  Addsimps [obj_ty_def2];
    21.5  
    21.6  val new_AddrD = prove_goalw thy [new_Addr_def] 
    21.7 -"\\<And>X. (a,x) = new_Addr h \\<Longrightarrow> h a = None \\<and>  x = None |  x = Some OutOfMemory" (K[
    21.8 +"!!X. (a,x) = new_Addr h ==> h a = None \\<and>  x = None |  x = Some OutOfMemory" (K[
    21.9  	asm_full_simp_tac (simpset() addsimps [Pair_fst_snd_eq,select_split]) 1,
   21.10  	rtac someI 1,
   21.11  	rtac disjI2 1,
   21.12 @@ -40,20 +40,20 @@
   21.13  Addsimps [raise_if_True,raise_if_False,raise_if_Some,raise_if_Some2,if_None_eq];
   21.14  
   21.15  val raise_if_SomeD = prove_goalw thy [raise_if_def] 
   21.16 -	"raise_if c x y = Some z \\<longrightarrow> c \\<and>  Some z = Some x |  y = Some z" 
   21.17 +	"raise_if c x y = Some z --> c \\<and>  Some z = Some x |  y = Some z" 
   21.18  (K [split_tac [split_if] 1,Auto_tac]) RS mp;
   21.19  
   21.20  val raise_if_NoneD = prove_goalw thy [raise_if_def] 
   21.21 -	"raise_if c x y = None \\<longrightarrow> \\<not> c \\<and>  y = None"
   21.22 +	"raise_if c x y = None --> \\<not> c \\<and>  y = None"
   21.23  (K [split_tac [split_if] 1,Auto_tac]) RS mp;
   21.24  
   21.25  
   21.26  val np_NoneD = (prove_goalw thy [np_def, raise_if_def] 
   21.27 -	"np a' x' = None \\<longrightarrow> x' = None \\<and>  a' \\<noteq> Null" (fn _ => [
   21.28 +	"np a' x' = None --> x' = None \\<and>  a' \\<noteq> Null" (fn _ => [
   21.29  	split_tac [split_if] 1,
   21.30  	Auto_tac ])) RS mp;
   21.31  val np_None = (prove_goalw thy [np_def, raise_if_def] 
   21.32 -	"a' \\<noteq> Null \\<longrightarrow> np a' x' = x'" (fn _ => [
   21.33 +	"a' \\<noteq> Null --> np a' x' = x'" (fn _ => [
   21.34  	split_tac [split_if] 1,
   21.35  	Auto_tac ])) RS mp;
   21.36  val np_Some = prove_goalw thy [np_def, raise_if_def] "np a' (Some xc) = Some xc"
    22.1 --- a/src/HOL/MicroJava/J/State.thy	Wed Sep 20 21:20:41 2000 +0200
    22.2 +++ b/src/HOL/MicroJava/J/State.thy	Thu Sep 21 10:42:49 2000 +0200
    22.3 @@ -15,11 +15,11 @@
    22.4  
    22.5  constdefs
    22.6  
    22.7 -  obj_ty	:: "obj \\<Rightarrow> ty"
    22.8 - "obj_ty obj  \\<equiv> Class (fst obj)"
    22.9 +  obj_ty	:: "obj => ty"
   22.10 + "obj_ty obj  == Class (fst obj)"
   22.11  
   22.12 -  init_vars	:: "('a \\<times> ty) list \\<Rightarrow> ('a \\<leadsto> val)"
   22.13 - "init_vars	\\<equiv> map_of o map (\\<lambda>(n,T). (n,default_val T))"
   22.14 +  init_vars	:: "('a \\<times> ty) list => ('a \\<leadsto> val)"
   22.15 + "init_vars	== map_of o map (\\<lambda>(n,T). (n,default_val T))"
   22.16    
   22.17  datatype xcpt		(* exceptions *)
   22.18  	= NullPointer
   22.19 @@ -37,9 +37,9 @@
   22.20  	 = "xcpt option \\<times> state"
   22.21  
   22.22  syntax
   22.23 -  heap		:: "state \\<Rightarrow> aheap"
   22.24 -  locals	:: "state \\<Rightarrow> locals"
   22.25 -  Norm		:: "state \\<Rightarrow> xstate"
   22.26 +  heap		:: "state => aheap"
   22.27 +  locals	:: "state => locals"
   22.28 +  Norm		:: "state => xstate"
   22.29  
   22.30  translations
   22.31    "heap"	=> "fst"
   22.32 @@ -48,19 +48,19 @@
   22.33  
   22.34  constdefs
   22.35  
   22.36 -  new_Addr	:: "aheap \\<Rightarrow> loc \\<times> xcpt option"
   22.37 - "new_Addr h \\<equiv> \\<epsilon>(a,x). (h a = None \\<and>  x = None) |  x = Some OutOfMemory"
   22.38 +  new_Addr	:: "aheap => loc \\<times> xcpt option"
   22.39 + "new_Addr h == SOME (a,x). (h a = None \\<and>  x = None) |  x = Some OutOfMemory"
   22.40  
   22.41 -  raise_if	:: "bool \\<Rightarrow> xcpt \\<Rightarrow> xcpt option \\<Rightarrow> xcpt option"
   22.42 - "raise_if c x xo \\<equiv> if c \\<and>  (xo = None) then Some x else xo"
   22.43 +  raise_if	:: "bool => xcpt => xcpt option => xcpt option"
   22.44 + "raise_if c x xo == if c \\<and>  (xo = None) then Some x else xo"
   22.45  
   22.46 -  np		:: "val \\<Rightarrow> xcpt option \\<Rightarrow> xcpt option"
   22.47 - "np v \\<equiv> raise_if (v = Null) NullPointer"
   22.48 +  np		:: "val => xcpt option => xcpt option"
   22.49 + "np v == raise_if (v = Null) NullPointer"
   22.50  
   22.51 -  c_hupd	:: "aheap \\<Rightarrow> xstate \\<Rightarrow> xstate"
   22.52 - "c_hupd h'\\<equiv> \\<lambda>(xo,(h,l)). if xo = None then (None,(h',l)) else (xo,(h,l))"
   22.53 +  c_hupd	:: "aheap => xstate => xstate"
   22.54 + "c_hupd h'== \\<lambda>(xo,(h,l)). if xo = None then (None,(h',l)) else (xo,(h,l))"
   22.55  
   22.56 -  cast_ok	:: "'c prog \\<Rightarrow> cname \\<Rightarrow> aheap \\<Rightarrow> val \\<Rightarrow> bool"
   22.57 - "cast_ok G C h v \\<equiv> v = Null \\<or> G\\<turnstile>obj_ty (the (h (the_Addr v)))\\<preceq> Class C"
   22.58 +  cast_ok	:: "'c prog => cname => aheap => val => bool"
   22.59 + "cast_ok G C h v == v = Null \\<or> G\\<turnstile>obj_ty (the (h (the_Addr v)))\\<preceq> Class C"
   22.60  
   22.61  end
    23.1 --- a/src/HOL/MicroJava/J/Term.thy	Wed Sep 20 21:20:41 2000 +0200
    23.2 +++ b/src/HOL/MicroJava/J/Term.thy	Thu Sep 21 10:42:49 2000 +0200
    23.3 @@ -16,7 +16,7 @@
    23.4  	| Lit	val		   (* literal value, also references *)
    23.5          | BinOp binop  expr expr   (* binary operation *)
    23.6  	| LAcc vname		   (* local (incl. parameter) access *)
    23.7 -	| LAss vname expr          (* local assign *) ("_\\<Colon>=_"  [      90,90]90)
    23.8 +	| LAss vname expr          (* local assign *) ("_::=_"  [      90,90]90)
    23.9  	| FAcc cname expr vname    (* field access *) ("{_}_.._"[10,90,99   ]90)
   23.10  	| FAss cname expr vname 
   23.11  	                  expr     (* field ass. *)("{_}_.._:=_"[10,90,99,90]90)
    24.1 --- a/src/HOL/MicroJava/J/Type.thy	Wed Sep 20 21:20:41 2000 +0200
    24.2 +++ b/src/HOL/MicroJava/J/Type.thy	Thu Sep 21 10:42:49 2000 +0200
    24.3 @@ -31,7 +31,7 @@
    24.4  
    24.5  syntax
    24.6           NT     :: "          ty"
    24.7 -	 Class	:: "cname  \\<Rightarrow> ty"
    24.8 +	 Class	:: "cname  => ty"
    24.9  translations
   24.10  	"NT"      == "RefT   NullT"
   24.11  	"Class C" == "RefT (ClassT C)"
    25.1 --- a/src/HOL/MicroJava/J/TypeRel.ML	Wed Sep 20 21:20:41 2000 +0200
    25.2 +++ b/src/HOL/MicroJava/J/TypeRel.ML	Thu Sep 21 10:42:49 2000 +0200
    25.3 @@ -4,11 +4,11 @@
    25.4      Copyright   1999 Technische Universitaet Muenchen
    25.5  *)
    25.6  
    25.7 -val subcls1D = prove_goalw thy [subcls1_def] "\\<And>G. G\\<turnstile>C\\<prec>C1D \\<Longrightarrow> \
    25.8 +val subcls1D = prove_goalw thy [subcls1_def] "!!G. G\\<turnstile>C\\<prec>C1D ==> \
    25.9  \ \\<exists>fs ms. class G C = Some (Some D,fs,ms)" (K [Auto_tac]);
   25.10  
   25.11  val subcls1I = prove_goalw  thy [subcls1_def] 
   25.12 -"\\<And>G. \\<lbrakk> class G C = Some (Some D,rest) \\<rbrakk> \\<Longrightarrow> G\\<turnstile>C\\<prec>C1D" (K [Auto_tac]);
   25.13 +"!!G. [| class G C = Some (Some D,rest) |] ==> G\\<turnstile>C\\<prec>C1D" (K [Auto_tac]);
   25.14  
   25.15  val subcls1_def2 = prove_goalw thy [subcls1_def,is_class_def]  "subcls1 G = \
   25.16  \ (SIGMA C:{C. is_class G C} . {D. fst (the (class G C)) = Some D})"
   25.17 @@ -32,7 +32,7 @@
   25.18  	auto_tac (claset() addDs lemmata, simpset())]);
   25.19  
   25.20  
   25.21 -Goalw [is_class_def] "(C,D) \\<in> (subcls1 G)^+ \\<Longrightarrow> is_class G C";
   25.22 +Goalw [is_class_def] "(C,D) \\<in> (subcls1 G)^+ ==> is_class G C";
   25.23  by(etac trancl_trans_induct 1);
   25.24  by (auto_tac (HOL_cs addSDs [subcls1D],simpset()));
   25.25  qed "subcls_is_class";
   25.26 @@ -81,16 +81,16 @@
   25.27  qed "widen_PrimT_RefT";
   25.28  AddIffs [widen_PrimT_RefT];
   25.29  
   25.30 -val widen_RefT = prove_typerel "G\\<turnstile>RefT R\\<preceq>T \\<Longrightarrow> \\<exists>t. T=RefT t" 
   25.31 -	[prove_widen_lemma "G\\<turnstile>S\\<preceq>T \\<Longrightarrow> S=RefT R \\<longrightarrow> (\\<exists>t. T=RefT t)"];
   25.32 +val widen_RefT = prove_typerel "G\\<turnstile>RefT R\\<preceq>T ==> \\<exists>t. T=RefT t" 
   25.33 +	[prove_widen_lemma "G\\<turnstile>S\\<preceq>T ==> S=RefT R --> (\\<exists>t. T=RefT t)"];
   25.34  bind_thm ("widen_RefT", widen_RefT);
   25.35  
   25.36 -val widen_RefT2 = prove_typerel "G\\<turnstile>S\\<preceq>RefT R \\<Longrightarrow> \\<exists>t. S=RefT t" 
   25.37 -	[prove_widen_lemma "G\\<turnstile>S\\<preceq>T \\<Longrightarrow> T=RefT R \\<longrightarrow> (\\<exists>t. S=RefT t)"];
   25.38 +val widen_RefT2 = prove_typerel "G\\<turnstile>S\\<preceq>RefT R ==> \\<exists>t. S=RefT t" 
   25.39 +	[prove_widen_lemma "G\\<turnstile>S\\<preceq>T ==> T=RefT R --> (\\<exists>t. S=RefT t)"];
   25.40  bind_thm ("widen_RefT2", widen_RefT2);
   25.41  
   25.42 -val widen_Class = prove_typerel "G\\<turnstile>Class C\\<preceq>T \\<Longrightarrow> \\<exists>D. T=Class D"
   25.43 - [ prove_widen_lemma "G\\<turnstile>S\\<preceq>T \\<Longrightarrow> S = Class C \\<longrightarrow> (\\<exists>D. T=Class D)"];
   25.44 +val widen_Class = prove_typerel "G\\<turnstile>Class C\\<preceq>T ==> \\<exists>D. T=Class D"
   25.45 + [ prove_widen_lemma "G\\<turnstile>S\\<preceq>T ==> S = Class C --> (\\<exists>D. T=Class D)"];
   25.46  bind_thm ("widen_Class", widen_Class);
   25.47  
   25.48  Goal "(G\\<turnstile>Class C\\<preceq>RefT NullT) = False"; 
   25.49 @@ -108,7 +108,7 @@
   25.50  qed "widen_Class_Class";
   25.51  AddIffs [widen_Class_Class];
   25.52  
   25.53 -Goal "G\\<turnstile>S\\<preceq>U \\<Longrightarrow> \\<forall>T. G\\<turnstile>U\\<preceq>T \\<longrightarrow> G\\<turnstile>S\\<preceq>T";
   25.54 +Goal "G\\<turnstile>S\\<preceq>U ==> \\<forall>T. G\\<turnstile>U\\<preceq>T --> G\\<turnstile>S\\<preceq>T";
   25.55  by( etac widen.induct 1);
   25.56  by   Safe_tac;
   25.57  by(  ALLGOALS (forward_tac [widen_Class, widen_RefT]));
    26.1 --- a/src/HOL/MicroJava/J/TypeRel.thy	Wed Sep 20 21:20:41 2000 +0200
    26.2 +++ b/src/HOL/MicroJava/J/TypeRel.thy	Thu Sep 21 10:42:49 2000 +0200
    26.3 @@ -9,15 +9,15 @@
    26.4  TypeRel = Decl +
    26.5  
    26.6  consts
    26.7 -  subcls1	:: "'c prog \\<Rightarrow> (cname \\<times> cname) set"  (* subclass *)
    26.8 -  widen 	:: "'c prog \\<Rightarrow> (ty    \\<times> ty   ) set"  (* widening *)
    26.9 -  cast		:: "'c prog \\<Rightarrow> (cname \\<times> cname) set"  (* casting *)
   26.10 +  subcls1	:: "'c prog => (cname \\<times> cname) set"  (* subclass *)
   26.11 +  widen 	:: "'c prog => (ty    \\<times> ty   ) set"  (* widening *)
   26.12 +  cast		:: "'c prog => (cname \\<times> cname) set"  (* casting *)
   26.13  
   26.14  syntax
   26.15 -  subcls1	:: "'c prog \\<Rightarrow> [cname, cname] \\<Rightarrow> bool" ("_\\<turnstile>_\\<prec>C1_"	 [71,71,71] 70)
   26.16 -  subcls	:: "'c prog \\<Rightarrow> [cname, cname] \\<Rightarrow> bool" ("_\\<turnstile>_\\<preceq>C _"	 [71,71,71] 70)
   26.17 -  widen		:: "'c prog \\<Rightarrow> [ty   , ty   ] \\<Rightarrow> bool" ("_\\<turnstile>_\\<preceq>_"  [71,71,71] 70)
   26.18 -  cast		:: "'c prog \\<Rightarrow> [cname, cname] \\<Rightarrow> bool" ("_\\<turnstile>_\\<preceq>? _"[71,71,71] 70)
   26.19 +  subcls1	:: "'c prog => [cname, cname] => bool" ("_\\<turnstile>_\\<prec>C1_"	 [71,71,71] 70)
   26.20 +  subcls	:: "'c prog => [cname, cname] => bool" ("_\\<turnstile>_\\<preceq>C _"	 [71,71,71] 70)
   26.21 +  widen		:: "'c prog => [ty   , ty   ] => bool" ("_\\<turnstile>_\\<preceq>_"  [71,71,71] 70)
   26.22 +  cast		:: "'c prog => [cname, cname] => bool" ("_\\<turnstile>_\\<preceq>? _"[71,71,71] 70)
   26.23  
   26.24  translations
   26.25    	"G\\<turnstile>C \\<prec>C1 D" == "(C,D) \\<in> subcls1 G"
   26.26 @@ -28,23 +28,23 @@
   26.27  defs
   26.28  
   26.29    (* direct subclass, cf. 8.1.3 *)
   26.30 -  subcls1_def	"subcls1 G \\<equiv> {(C,D). \\<exists>c. class G C = Some c \\<and> fst c = Some D}"
   26.31 +  subcls1_def	"subcls1 G == {(C,D). \\<exists>c. class G C = Some c \\<and> fst c = Some D}"
   26.32    
   26.33  consts
   26.34  
   26.35 -  method	:: "'c prog \\<times> cname \\<Rightarrow> ( sig   \\<leadsto> cname \\<times> ty \\<times> 'c)"
   26.36 -  field	:: "'c prog \\<times> cname \\<Rightarrow> ( vname \\<leadsto> cname \\<times> ty)"
   26.37 -  fields	:: "'c prog \\<times> cname \\<Rightarrow> ((vname \\<times> cname) \\<times>  ty) list"
   26.38 +  method	:: "'c prog \\<times> cname => ( sig   \\<leadsto> cname \\<times> ty \\<times> 'c)"
   26.39 +  field	:: "'c prog \\<times> cname => ( vname \\<leadsto> cname \\<times> ty)"
   26.40 +  fields	:: "'c prog \\<times> cname => ((vname \\<times> cname) \\<times>  ty) list"
   26.41  
   26.42  constdefs       (* auxiliary relations for recursive definitions below *)
   26.43  
   26.44    subcls1_rel	:: "(('c prog \\<times> cname) \\<times> ('c prog \\<times> cname)) set"
   26.45 - "subcls1_rel \\<equiv> {((G,C),(G',C')). G = G' \\<and>  wf ((subcls1 G)^-1) \\<and>  G\\<turnstile>C'\\<prec>C1C}"
   26.46 + "subcls1_rel == {((G,C),(G',C')). G = G' \\<and>  wf ((subcls1 G)^-1) \\<and>  G\\<turnstile>C'\\<prec>C1C}"
   26.47  
   26.48  (* methods of a class, with inheritance, overriding and hiding, cf. 8.4.6 *)
   26.49  recdef method "subcls1_rel"
   26.50 - "method (G,C) = (if wf((subcls1 G)^-1) then (case class G C of None \\<Rightarrow> empty
   26.51 -                   | Some (sc,fs,ms) \\<Rightarrow> (case sc of None \\<Rightarrow> empty | Some D \\<Rightarrow> 
   26.52 + "method (G,C) = (if wf((subcls1 G)^-1) then (case class G C of None => empty
   26.53 +                   | Some (sc,fs,ms) => (case sc of None => empty | Some D => 
   26.54                                             if is_class G D then method (G,D) 
   26.55                                                             else arbitrary) \\<oplus>
   26.56                                             map_of (map (\\<lambda>(s,  m ). 
   26.57 @@ -53,25 +53,25 @@
   26.58  
   26.59  (* list of fields of a class, including inherited and hidden ones *)
   26.60  recdef fields  "subcls1_rel"
   26.61 - "fields (G,C) = (if wf((subcls1 G)^-1) then (case class G C of None \\<Rightarrow> arbitrary
   26.62 -                   | Some (sc,fs,ms) \\<Rightarrow> map (\\<lambda>(fn,ft). ((fn,C),ft)) fs@
   26.63 -                                           (case sc of None \\<Rightarrow> [] | Some D \\<Rightarrow> 
   26.64 + "fields (G,C) = (if wf((subcls1 G)^-1) then (case class G C of None => arbitrary
   26.65 +                   | Some (sc,fs,ms) => map (\\<lambda>(fn,ft). ((fn,C),ft)) fs@
   26.66 +                                           (case sc of None => [] | Some D => 
   26.67                                             if is_class G D then fields (G,D) 
   26.68                                                             else arbitrary))
   26.69                    else arbitrary)"
   26.70  defs
   26.71  
   26.72 -  field_def "field \\<equiv> map_of o (map (\\<lambda>((fn,fd),ft). (fn,(fd,ft)))) o fields"
   26.73 +  field_def "field == map_of o (map (\\<lambda>((fn,fd),ft). (fn,(fd,ft)))) o fields"
   26.74  
   26.75  inductive "widen G" intrs (*widening, viz. method invocation conversion, cf. 5.3
   26.76  			     i.e. sort of syntactic subtyping *)
   26.77    refl	             "G\\<turnstile>      T \\<preceq> T" 	 (* identity conv., cf. 5.1.1 *)
   26.78 -  subcls "G\\<turnstile>C\\<preceq>C D \\<Longrightarrow> G\\<turnstile>Class C \\<preceq> Class D"
   26.79 +  subcls "G\\<turnstile>C\\<preceq>C D ==> G\\<turnstile>Class C \\<preceq> Class D"
   26.80    null	             "G\\<turnstile>     NT \\<preceq> RefT R"
   26.81  
   26.82  inductive "cast G" intrs (* casting conversion, cf. 5.5 / 5.1.5 *)
   26.83                           (* left out casts on primitve types    *)
   26.84 -  widen	 "G\\<turnstile>C\\<preceq>C D \\<Longrightarrow> G\\<turnstile>C \\<preceq>? D"
   26.85 -  subcls "G\\<turnstile>D\\<preceq>C C \\<Longrightarrow> G\\<turnstile>C \\<preceq>? D"
   26.86 +  widen	 "G\\<turnstile>C\\<preceq>C D ==> G\\<turnstile>C \\<preceq>? D"
   26.87 +  subcls "G\\<turnstile>D\\<preceq>C C ==> G\\<turnstile>C \\<preceq>? D"
   26.88  
   26.89  end
    27.1 --- a/src/HOL/MicroJava/J/Value.thy	Wed Sep 20 21:20:41 2000 +0200
    27.2 +++ b/src/HOL/MicroJava/J/Value.thy	Thu Sep 21 10:42:49 2000 +0200
    27.3 @@ -22,9 +22,9 @@
    27.4  translations "val" <= (type) "val_"
    27.5  
    27.6  consts
    27.7 -  the_Bool	:: "val \\<Rightarrow> bool"
    27.8 -  the_Intg	:: "val \\<Rightarrow> int"
    27.9 -  the_Addr	:: "val \\<Rightarrow> loc"
   27.10 +  the_Bool	:: "val => bool"
   27.11 +  the_Intg	:: "val => int"
   27.12 +  the_Addr	:: "val => loc"
   27.13  
   27.14  primrec
   27.15   "the_Bool (Bool b) = b"
   27.16 @@ -36,8 +36,8 @@
   27.17   "the_Addr (Addr a) = a"
   27.18  
   27.19  consts
   27.20 -  defpval	:: "prim_ty \\<Rightarrow> val"	(* default value for primitive types *)
   27.21 -  default_val	:: "ty \\<Rightarrow> val"		(* default value for all types *)
   27.22 +  defpval	:: "prim_ty => val"	(* default value for primitive types *)
   27.23 +  default_val	:: "ty => val"		(* default value for all types *)
   27.24  
   27.25  primrec
   27.26  	"defpval Void    = Unit"
    28.1 --- a/src/HOL/MicroJava/J/WellForm.ML	Wed Sep 20 21:20:41 2000 +0200
    28.2 +++ b/src/HOL/MicroJava/J/WellForm.ML	Thu Sep 21 10:42:49 2000 +0200
    28.3 @@ -5,22 +5,22 @@
    28.4  *)
    28.5  
    28.6  val class_wf = prove_goalw thy [wf_prog_def, Let_def, class_def]
    28.7 - "\\<And>X. \\<lbrakk>class G C = Some c; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> wf_cdecl wf_mb G (C,c)" (K [
    28.8 + "!!X. [|class G C = Some c; wf_prog wf_mb G|] ==> wf_cdecl wf_mb G (C,c)" (K [
    28.9  	Asm_full_simp_tac 1,
   28.10  	fast_tac (set_cs addDs [get_in_set]) 1]);
   28.11  
   28.12  val class_Object = prove_goalw thy [wf_prog_def, Let_def, ObjectC_def,class_def]
   28.13 -	"\\<And>X. wf_prog wf_mb G \\<Longrightarrow> class G Object = Some (None, [], [])" (K [
   28.14 +	"!!X. wf_prog wf_mb G ==> class G Object = Some (None, [], [])" (K [
   28.15  	safe_tac set_cs,
   28.16  	dtac in_set_get 1,
   28.17  	 Auto_tac]);
   28.18  Addsimps [class_Object];
   28.19  
   28.20  val is_class_Object = prove_goalw thy [is_class_def] 
   28.21 -	"\\<And>X. wf_prog wf_mb G \\<Longrightarrow> is_class G Object" (K [Asm_simp_tac 1]);
   28.22 +	"!!X. wf_prog wf_mb G ==> is_class G Object" (K [Asm_simp_tac 1]);
   28.23  Addsimps [is_class_Object];
   28.24  
   28.25 -Goal "\\<lbrakk>G\\<turnstile>C\\<prec>C1D; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> D \\<noteq> C \\<and> \\<not>(D,C)\\<in>(subcls1 G)^+";
   28.26 +Goal "[|G\\<turnstile>C\\<prec>C1D; wf_prog wf_mb G|] ==> D \\<noteq> C \\<and> \\<not>(D,C)\\<in>(subcls1 G)^+";
   28.27  by( forward_tac [r_into_trancl] 1);
   28.28  by( dtac subcls1D 1);
   28.29  by( strip_tac1 1);
   28.30 @@ -31,26 +31,26 @@
   28.31  qed "subcls1_wfD";
   28.32  
   28.33  val wf_cdecl_supD = prove_goalw thy [wf_cdecl_def] 
   28.34 -"\\<And>X. \\<lbrakk>wf_cdecl wf_mb G (C, sc, r); C \\<noteq> Object\\<rbrakk> \\<Longrightarrow> \\<exists>D. sc = Some D \\<and> is_class G D" (K [
   28.35 +"!!X. [|wf_cdecl wf_mb G (C, sc, r); C \\<noteq> Object|] ==> \\<exists>D. sc = Some D \\<and> is_class G D" (K [
   28.36  	pair_tac "r" 1,
   28.37  	asm_full_simp_tac (simpset() addsplits [option.split_asm]) 1]);
   28.38  
   28.39 -Goal "\\<lbrakk>wf_prog wf_mb G; (C,D)\\<in>(subcls1 G)^+\\<rbrakk> \\<Longrightarrow> \\<not>(D,C)\\<in>(subcls1 G)^+";
   28.40 +Goal "[|wf_prog wf_mb G; (C,D)\\<in>(subcls1 G)^+|] ==> \\<not>(D,C)\\<in>(subcls1 G)^+";
   28.41  by(etac tranclE 1);
   28.42  by(TRYALL(fast_tac (HOL_cs addSDs [subcls1_wfD] addIs [trancl_trans])));
   28.43  qed "subcls_asym";
   28.44  
   28.45 -val subcls_irrefl = prove_goal thy "\\<And>X. \\<lbrakk>wf_prog wf_mb G; (C,D)\\<in>(subcls1 G)^+\\<rbrakk> \\<Longrightarrow> C \\<noteq> D" (K [
   28.46 +val subcls_irrefl = prove_goal thy "!!X. [|wf_prog wf_mb G; (C,D)\\<in>(subcls1 G)^+|] ==> C \\<noteq> D" (K [
   28.47  	etac trancl_trans_induct 1,
   28.48  	 fast_tac (HOL_cs addDs [subcls1_wfD]) 1,
   28.49  	fast_tac (HOL_cs addDs [subcls_asym]) 1]);
   28.50  
   28.51  val acyclic_subcls1 = prove_goalw thy [acyclic_def] 
   28.52 -	"\\<And>X. wf_prog wf_mb G \\<Longrightarrow> acyclic (subcls1 G)" (K [
   28.53 +	"!!X. wf_prog wf_mb G ==> acyclic (subcls1 G)" (K [
   28.54  	strip_tac1 1,
   28.55  	fast_tac (HOL_cs addDs [subcls_irrefl]) 1]);
   28.56  
   28.57 -val wf_subcls1 = prove_goal thy "\\<And>X. wf_prog wf_mb G \\<Longrightarrow> wf ((subcls1 G)^-1)" (K [
   28.58 +val wf_subcls1 = prove_goal thy "!!X. wf_prog wf_mb G ==> wf ((subcls1 G)^-1)" (K [
   28.59  	rtac finite_acyclic_wf 1,
   28.60  	 stac finite_converse 1,
   28.61  	 rtac finite_subcls1 1,
   28.62 @@ -58,7 +58,7 @@
   28.63  	etac acyclic_subcls1 1]);
   28.64  
   28.65  val major::prems = goal thy
   28.66 -  "\\<lbrakk>wf_prog wf_mb G; \\<And>C. \\<forall>D. (C,D)\\<in>(subcls1 G)^+ \\<longrightarrow> P D \\<Longrightarrow> P C\\<rbrakk> \\<Longrightarrow> P C";
   28.67 +  "[|wf_prog wf_mb G; !!C. \\<forall>D. (C,D)\\<in>(subcls1 G)^+ --> P D ==> P C|] ==> P C";
   28.68  by(cut_facts_tac [major RS wf_subcls1] 1);
   28.69  by(dtac wf_trancl 1);
   28.70  by(asm_full_simp_tac (HOL_ss addsimps [trancl_converse]) 1);
   28.71 @@ -67,10 +67,10 @@
   28.72  by(Auto_tac);
   28.73  qed "subcls_induct";
   28.74  
   28.75 -val prems = goal thy "\\<lbrakk>is_class G C; wf_prog wf_mb G; P Object; \
   28.76 -\\\<And>C D fs ms. \\<lbrakk>C \\<noteq> Object; is_class G C; class G C = Some (Some D,fs,ms) \\<and> \
   28.77 -\   wf_cdecl wf_mb G (C, Some D,fs,ms) \\<and> G\\<turnstile>C\\<prec>C1D \\<and> is_class G D \\<and> P D\\<rbrakk> \\<Longrightarrow> P C\
   28.78 -\ \\<rbrakk> \\<Longrightarrow> P C";
   28.79 +val prems = goal thy "[|is_class G C; wf_prog wf_mb G; P Object; \
   28.80 +\!!C D fs ms. [|C \\<noteq> Object; is_class G C; class G C = Some (Some D,fs,ms) \\<and> \
   28.81 +\   wf_cdecl wf_mb G (C, Some D,fs,ms) \\<and> G\\<turnstile>C\\<prec>C1D \\<and> is_class G D \\<and> P D|] ==> P C\
   28.82 +\ |] ==> P C";
   28.83  by( cut_facts_tac prems 1);
   28.84  by( rtac impE 1);
   28.85  by(   atac 2);
   28.86 @@ -95,18 +95,18 @@
   28.87  by( etac subcls1I 1);
   28.88  qed "subcls1_induct";
   28.89  
   28.90 -Goal "\\<lbrakk>wf ((subcls1 G)^-1); \\<forall>D fs ms. class G C = Some (Some D,fs,ms) \\<longrightarrow> is_class G D\\<rbrakk> \\<Longrightarrow> method (G,C) = \
   28.91 -\ (case class G C of None \\<Rightarrow> empty | Some (sc,fs,ms) \\<Rightarrow> \
   28.92 -\ (case sc of None \\<Rightarrow> empty | Some D \\<Rightarrow> method (G,D)) \\<oplus> \
   28.93 +Goal "[|wf ((subcls1 G)^-1); \\<forall>D fs ms. class G C = Some (Some D,fs,ms) --> is_class G D|] ==> method (G,C) = \
   28.94 +\ (case class G C of None => empty | Some (sc,fs,ms) => \
   28.95 +\ (case sc of None => empty | Some D => method (G,D)) \\<oplus> \
   28.96  \ map_of (map (\\<lambda>(s,m). (s,(C,m))) ms))";
   28.97  by( stac (method_TC RS (wf_subcls1_rel RS (hd method.simps))) 1);
   28.98  by( asm_simp_tac (simpset() addsplits[option.split]) 1);
   28.99  auto();
  28.100  qed "method_rec_lemma";
  28.101  
  28.102 -Goal "wf_prog wf_mb G \\<Longrightarrow> method (G,C) = \
  28.103 -\ (case class G C of None \\<Rightarrow> empty | Some (sc,fs,ms) \\<Rightarrow> \
  28.104 -\ (case sc of None \\<Rightarrow> empty | Some D \\<Rightarrow> method (G,D)) \\<oplus> \
  28.105 +Goal "wf_prog wf_mb G ==> method (G,C) = \
  28.106 +\ (case class G C of None => empty | Some (sc,fs,ms) => \
  28.107 +\ (case sc of None => empty | Some D => method (G,D)) \\<oplus> \
  28.108  \ map_of (map (\\<lambda>(s,m). (s,(C,m))) ms))";
  28.109  by(rtac method_rec_lemma 1);
  28.110  by( clarsimp_tac (claset(), simpset() addsimps [wf_subcls1,empty_def] 
  28.111 @@ -119,16 +119,16 @@
  28.112  by( Asm_full_simp_tac 1);
  28.113  qed "method_rec";
  28.114  
  28.115 -Goal "\\<lbrakk>wf ((subcls1 G)^-1); class G C = Some (sc,fs,ms); \\<forall>C. sc = Some C \\<longrightarrow> is_class G C\\<rbrakk> \\<Longrightarrow> fields (G,C) = \
  28.116 +Goal "[|wf ((subcls1 G)^-1); class G C = Some (sc,fs,ms); \\<forall>C. sc = Some C --> is_class G C|] ==> fields (G,C) = \
  28.117  \ map (\\<lambda>(fn,ft). ((fn,C),ft)) fs @ \
  28.118 -\ (case sc of None \\<Rightarrow> [] | Some D \\<Rightarrow> fields (G,D))";
  28.119 +\ (case sc of None => [] | Some D => fields (G,D))";
  28.120  by( stac (fields_TC RS (wf_subcls1_rel RS (hd fields.simps))) 1);
  28.121  by( asm_simp_tac (simpset() addsplits[option.split]) 1);
  28.122  qed "fields_rec_lemma";
  28.123  
  28.124 -Goal "\\<lbrakk>class G C = Some (sc,fs,ms); wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> fields (G,C) = \
  28.125 +Goal "[|class G C = Some (sc,fs,ms); wf_prog wf_mb G|] ==> fields (G,C) = \
  28.126  \ map (\\<lambda>(fn,ft). ((fn,C),ft)) fs @ \
  28.127 -\ (case sc of None \\<Rightarrow> [] | Some D \\<Rightarrow> fields (G,D))";
  28.128 +\ (case sc of None => [] | Some D => fields (G,D))";
  28.129  by(rtac fields_rec_lemma 1);
  28.130  by(   asm_simp_tac (simpset() addsimps [wf_subcls1,empty_def]) 1);
  28.131  ba  1;
  28.132 @@ -142,16 +142,16 @@
  28.133  by( Asm_full_simp_tac 1);
  28.134  qed "fields_rec";
  28.135  
  28.136 -val method_Object = prove_goal thy "\\<And>X. wf_prog wf_mb G \\<Longrightarrow> method (G,Object) = empty"
  28.137 +val method_Object = prove_goal thy "!!X. wf_prog wf_mb G ==> method (G,Object) = empty"
  28.138  	(K [stac method_rec 1,Auto_tac]);
  28.139 -val fields_Object = prove_goal thy "\\<And>X. wf_prog wf_mb G \\<Longrightarrow> fields (G,Object) = []"(K [
  28.140 +val fields_Object = prove_goal thy "!!X. wf_prog wf_mb G ==> fields (G,Object) = []"(K [
  28.141  	stac fields_rec 1,Auto_tac]);
  28.142  Addsimps [method_Object, fields_Object];
  28.143  val field_Object = prove_goalw thy [field_def]
  28.144 - "\\<And>X. wf_prog wf_mb G \\<Longrightarrow> field (G,Object) = empty" (K [Asm_simp_tac 1]);
  28.145 + "!!X. wf_prog wf_mb G ==> field (G,Object) = empty" (K [Asm_simp_tac 1]);
  28.146  Addsimps [field_Object];
  28.147  
  28.148 -Goal "\\<lbrakk>is_class G C; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> G\\<turnstile>C\\<preceq>C Object";
  28.149 +Goal "[|is_class G C; wf_prog wf_mb G|] ==> G\\<turnstile>C\\<preceq>C Object";
  28.150  by(etac subcls1_induct 1);
  28.151  by(  atac 1);
  28.152  by( Fast_tac 1);
  28.153 @@ -160,18 +160,18 @@
  28.154  qed "subcls_C_Object";
  28.155  
  28.156  val is_type_rTI = prove_goalw thy [wf_mhead_def]
  28.157 -	"\\<And>sig. wf_mhead G sig rT \\<Longrightarrow> is_type G rT"
  28.158 +	"!!sig. wf_mhead G sig rT ==> is_type G rT"
  28.159  	(K [split_all_tac 1, Auto_tac]);
  28.160  
  28.161 -Goal "\\<lbrakk>(C',C)\\<in>(subcls1 G)^+; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> \
  28.162 -\ x \\<in> set (fields (G,C)) \\<longrightarrow> x \\<in> set (fields (G,C'))";
  28.163 +Goal "[|(C',C)\\<in>(subcls1 G)^+; wf_prog wf_mb G|] ==> \
  28.164 +\ x \\<in> set (fields (G,C)) --> x \\<in> set (fields (G,C'))";
  28.165  by(etac trancl_trans_induct 1);
  28.166  by( safe_tac (HOL_cs addSDs [subcls1D]));
  28.167  by(stac fields_rec 1);
  28.168  by(  Auto_tac);
  28.169  qed_spec_mp "fields_mono";
  28.170  
  28.171 -Goal "\\<lbrakk>is_class G C; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> \
  28.172 +Goal "[|is_class G C; wf_prog wf_mb G|] ==> \
  28.173  \ \\<forall>((fn,fd),fT)\\<in>set (fields (G,C)). G\\<turnstile>C\\<preceq>C fd";
  28.174  by( etac subcls1_induct 1);
  28.175  by(   atac 1);
  28.176 @@ -193,7 +193,7 @@
  28.177  by( Asm_full_simp_tac 1);
  28.178  qed "widen_fields_defpl'";
  28.179  
  28.180 -Goal "\\<lbrakk>is_class G C; wf_prog wf_mb G; ((fn,fd),fT) \\<in> set (fields (G,C))\\<rbrakk> \\<Longrightarrow> \
  28.181 +Goal "[|is_class G C; wf_prog wf_mb G; ((fn,fd),fT) \\<in> set (fields (G,C))|] ==> \
  28.182  \ G\\<turnstile>C\\<preceq>C fd";
  28.183  by( datac widen_fields_defpl' 1 1);
  28.184  (*###################*)
  28.185 @@ -202,7 +202,7 @@
  28.186  qed "widen_fields_defpl";
  28.187  
  28.188  
  28.189 -Goal "\\<lbrakk>is_class G C; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> unique (fields (G,C))";
  28.190 +Goal "[|is_class G C; wf_prog wf_mb G|] ==> unique (fields (G,C))";
  28.191  by( etac subcls1_induct 1);
  28.192  by(   atac 1);
  28.193  by(  safe_tac (HOL_cs addSDs [wf_cdecl_supD]));
  28.194 @@ -226,7 +226,7 @@
  28.195  qed "unique_fields";
  28.196  
  28.197  Goal
  28.198 -"\\<lbrakk>wf_prog wf_mb G; G\\<turnstile>C'\\<preceq>C C; map_of(fields (G,C )) f = Some ft\\<rbrakk> \\<Longrightarrow> \
  28.199 +"[|wf_prog wf_mb G; G\\<turnstile>C'\\<preceq>C C; map_of(fields (G,C )) f = Some ft|] ==> \
  28.200  \                          map_of (fields (G,C')) f = Some ft";
  28.201  by( dtac rtranclD 1);
  28.202  by( Auto_tac);
  28.203 @@ -240,17 +240,17 @@
  28.204  
  28.205  
  28.206  val cfs_fields_lemma = prove_goalw thy [field_def] 
  28.207 -"\\<And>X. field (G,C) fn = Some (fd, fT) \\<Longrightarrow> map_of(fields (G,C)) (fn, fd) = Some fT"
  28.208 +"!!X. field (G,C) fn = Some (fd, fT) ==> map_of(fields (G,C)) (fn, fd) = Some fT"
  28.209  (K [rtac table_map_Some 1, Asm_full_simp_tac 1]);
  28.210  
  28.211 -val widen_cfs_fields = prove_goal thy "\\<And>X. \\<lbrakk>field (G,C) fn = Some (fd, fT);\
  28.212 -\  G\\<turnstile>C'\\<preceq>C C; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> map_of (fields (G,C')) (fn, fd) = Some fT" (K[
  28.213 +val widen_cfs_fields = prove_goal thy "!!X. [|field (G,C) fn = Some (fd, fT);\
  28.214 +\  G\\<turnstile>C'\\<preceq>C C; wf_prog wf_mb G|] ==> map_of (fields (G,C')) (fn, fd) = Some fT" (K[
  28.215  fast_tac (HOL_cs addIs [widen_fields_mono, cfs_fields_lemma]) 1]);
  28.216  bind_thm ("widen_cfs_fields",widen_cfs_fields);
  28.217  
  28.218  
  28.219 -Goal "wf_prog wf_mb G \\<Longrightarrow> method (G,C) sig = Some (md,mh,m)\
  28.220 -\  \\<longrightarrow> G\\<turnstile>C\\<preceq>C md \\<and> wf_mdecl wf_mb G md (sig,(mh,m))";
  28.221 +Goal "wf_prog wf_mb G ==> method (G,C) sig = Some (md,mh,m)\
  28.222 +\  --> G\\<turnstile>C\\<preceq>C md \\<and> wf_mdecl wf_mb G md (sig,(mh,m))";
  28.223  by( case_tac "is_class G C" 1);
  28.224  by(  forw_inst_tac [("C","C")] method_rec 2);
  28.225  by(    asm_full_simp_tac (simpset() addsimps [is_class_def] 
  28.226 @@ -264,7 +264,7 @@
  28.227  by( Asm_full_simp_tac 1);
  28.228  by( dtac override_SomeD 1);
  28.229  by( etac disjE 1);
  28.230 -by(  thin_tac "?P \\<longrightarrow> ?Q" 1);
  28.231 +by(  thin_tac "?P --> ?Q" 1);
  28.232  by(  Clarify_tac 2);
  28.233  by(  rtac rtrancl_trans 2);
  28.234  by(   atac 3);
  28.235 @@ -277,8 +277,8 @@
  28.236  by( Asm_full_simp_tac 1);
  28.237  qed_spec_mp "method_wf_mdecl";
  28.238  
  28.239 -Goal "\\<lbrakk>G\\<turnstile>T\\<preceq>C T'; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> \
  28.240 -\  \\<forall>D rT b. method (G,T') sig = Some (D,rT ,b) \\<longrightarrow>\
  28.241 +Goal "[|G\\<turnstile>T\\<preceq>C T'; wf_prog wf_mb G|] ==> \
  28.242 +\  \\<forall>D rT b. method (G,T') sig = Some (D,rT ,b) -->\
  28.243  \ (\\<exists>D' rT' b'. method (G,T) sig = Some (D',rT',b') \\<and> G\\<turnstile>rT'\\<preceq>rT)";
  28.244  by( dtac rtranclD 1);
  28.245  by( etac disjE 1);
  28.246 @@ -312,15 +312,15 @@
  28.247  
  28.248  
  28.249  Goal
  28.250 - "\\<lbrakk> G\\<turnstile> C\\<preceq>C D; wf_prog wf_mb G; \
  28.251 -\    method (G,D) sig = Some (md, rT, b) \\<rbrakk> \
  28.252 -\ \\<Longrightarrow> \\<exists>mD' rT' b'. method (G,C) sig= Some(mD',rT',b') \\<and> G\\<turnstile>rT'\\<preceq>rT";
  28.253 + "[| G\\<turnstile> C\\<preceq>C D; wf_prog wf_mb G; \
  28.254 +\    method (G,D) sig = Some (md, rT, b) |] \
  28.255 +\ ==> \\<exists>mD' rT' b'. method (G,C) sig= Some(mD',rT',b') \\<and> G\\<turnstile>rT'\\<preceq>rT";
  28.256  by(auto_tac (claset() addDs [subcls_widen_methd,method_wf_mdecl],
  28.257               simpset() addsimps [wf_mdecl_def,wf_mhead_def,split_def]));
  28.258  qed "subtype_widen_methd";
  28.259  
  28.260  
  28.261 -Goal "wf_prog wf_mb G \\<Longrightarrow> \\<forall>D. method (G,C) sig = Some(D,mh,code) \\<longrightarrow> is_class G D \\<and> method (G,D) sig = Some(D,mh,code)";
  28.262 +Goal "wf_prog wf_mb G ==> \\<forall>D. method (G,C) sig = Some(D,mh,code) --> is_class G D \\<and> method (G,D) sig = Some(D,mh,code)";
  28.263  by( case_tac "is_class G C" 1);
  28.264  by(  forw_inst_tac [("C","C")] method_rec 2);
  28.265  by(    asm_full_simp_tac (simpset() addsimps [is_class_def] 
  28.266 @@ -341,7 +341,7 @@
  28.267  qed_spec_mp "method_in_md";
  28.268  
  28.269  
  28.270 -Goal "\\<lbrakk>is_class G C; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> \
  28.271 +Goal "[|is_class G C; wf_prog wf_mb G|] ==> \
  28.272  \ \\<forall>f\\<in>set (fields (G,C)). is_type G (snd f)";
  28.273  by( etac subcls1_induct 1);
  28.274  by(   atac 1);
    29.1 --- a/src/HOL/MicroJava/J/WellForm.thy	Wed Sep 20 21:20:41 2000 +0200
    29.2 +++ b/src/HOL/MicroJava/J/WellForm.thy	Thu Sep 21 10:42:49 2000 +0200
    29.3 @@ -20,28 +20,28 @@
    29.4  
    29.5  constdefs
    29.6  
    29.7 - wf_fdecl	:: "'c prog \\<Rightarrow>          fdecl \\<Rightarrow> bool"
    29.8 -"wf_fdecl G \\<equiv> \\<lambda>(fn,ft). is_type G ft"
    29.9 + wf_fdecl	:: "'c prog =>          fdecl => bool"
   29.10 +"wf_fdecl G == \\<lambda>(fn,ft). is_type G ft"
   29.11  
   29.12 - wf_mhead	:: "'c prog \\<Rightarrow> sig   \\<Rightarrow> ty \\<Rightarrow> bool"
   29.13 -"wf_mhead G \\<equiv> \\<lambda>(mn,pTs) rT. (\\<forall>T\\<in>set pTs. is_type G T) \\<and> is_type G rT"
   29.14 + wf_mhead	:: "'c prog => sig   => ty => bool"
   29.15 +"wf_mhead G == \\<lambda>(mn,pTs) rT. (\\<forall>T\\<in>set pTs. is_type G T) \\<and> is_type G rT"
   29.16  
   29.17 - wf_mdecl	:: "'c wf_mb \\<Rightarrow> 'c wf_mb"
   29.18 -"wf_mdecl wf_mb G C \\<equiv> \\<lambda>(sig,rT,mb). wf_mhead G sig rT \\<and> wf_mb G C (sig,rT,mb)"
   29.19 + wf_mdecl	:: "'c wf_mb => 'c wf_mb"
   29.20 +"wf_mdecl wf_mb G C == \\<lambda>(sig,rT,mb). wf_mhead G sig rT \\<and> wf_mb G C (sig,rT,mb)"
   29.21  
   29.22 -  wf_cdecl	:: "'c wf_mb \\<Rightarrow> 'c prog \\<Rightarrow> 'c cdecl \\<Rightarrow> bool"
   29.23 -"wf_cdecl wf_mb G \\<equiv>
   29.24 +  wf_cdecl	:: "'c wf_mb => 'c prog => 'c cdecl => bool"
   29.25 +"wf_cdecl wf_mb G ==
   29.26     \\<lambda>(C,(sc,fs,ms)).
   29.27  	(\\<forall>f\\<in>set fs. wf_fdecl G   f    ) \\<and>  unique fs \\<and>
   29.28  	(\\<forall>m\\<in>set ms. wf_mdecl wf_mb G C m) \\<and>  unique ms \\<and>
   29.29 -	(case sc of None \\<Rightarrow> C = Object
   29.30 -         | Some D \\<Rightarrow>
   29.31 +	(case sc of None => C = Object
   29.32 +         | Some D =>
   29.33               is_class G D \\<and>  \\<not>  G\\<turnstile>D\\<preceq>C C \\<and>
   29.34               (\\<forall>(sig,rT,b)\\<in>set ms. \\<forall>D' rT' b'.
   29.35 -                 method(G,D) sig = Some(D',rT',b') \\<longrightarrow> G\\<turnstile>rT\\<preceq>rT'))"
   29.36 +                 method(G,D) sig = Some(D',rT',b') --> G\\<turnstile>rT\\<preceq>rT'))"
   29.37  
   29.38 - wf_prog	:: "'c wf_mb \\<Rightarrow> 'c prog \\<Rightarrow> bool"
   29.39 -"wf_prog wf_mb G \\<equiv>
   29.40 + wf_prog	:: "'c wf_mb => 'c prog => bool"
   29.41 +"wf_prog wf_mb G ==
   29.42     let cs = set G in ObjectC \\<in> cs \\<and> (\\<forall>c\\<in>cs. wf_cdecl wf_mb G c) \\<and> unique G"
   29.43  
   29.44  end
    30.1 --- a/src/HOL/MicroJava/J/WellType.ML	Wed Sep 20 21:20:41 2000 +0200
    30.2 +++ b/src/HOL/MicroJava/J/WellType.ML	Thu Sep 21 10:42:49 2000 +0200
    30.3 @@ -5,15 +5,15 @@
    30.4  *)
    30.5  
    30.6  Goal
    30.7 -"\\<lbrakk> method (G,C) sig = Some (md,rT,b); wf_prog wf_mb G; G\\<turnstile>T''\\<preceq>C C\\<rbrakk>\
    30.8 -\ \\<Longrightarrow> \\<exists>md' rT' b'. method (G,T'') sig = Some (md',rT',b') \\<and> G\\<turnstile>rT'\\<preceq>rT";
    30.9 +"[| method (G,C) sig = Some (md,rT,b); wf_prog wf_mb G; G\\<turnstile>T''\\<preceq>C C|]\
   30.10 +\ ==> \\<exists>md' rT' b'. method (G,T'') sig = Some (md',rT',b') \\<and> G\\<turnstile>rT'\\<preceq>rT";
   30.11  by( dtac subcls_widen_methd 1);
   30.12  by   Auto_tac;
   30.13  qed "widen_methd";
   30.14  
   30.15  
   30.16  Goal
   30.17 -"\\<lbrakk>method (G,C) sig = Some (md,rT,b); G\\<turnstile>T''\\<preceq>C C; wf_prog wf_mb G\\<rbrakk> \\<Longrightarrow> \
   30.18 +"[|method (G,C) sig = Some (md,rT,b); G\\<turnstile>T''\\<preceq>C C; wf_prog wf_mb G|] ==> \
   30.19  \ \\<exists>T' rT' b. method (G,T'') sig = Some (T',rT',b) \\<and> \
   30.20  \ G\\<turnstile>rT'\\<preceq>rT \\<and> G\\<turnstile>T''\\<preceq>C T' \\<and> wf_mhead G sig rT' \\<and> wf_mb G T' (sig,rT',b)";
   30.21  by( datac widen_methd 2 1);
   30.22 @@ -25,25 +25,25 @@
   30.23  qed "Call_lemma";
   30.24  
   30.25  
   30.26 -Goal "wf_prog wf_mb G \\<Longrightarrow> method (G,Object) sig = None";
   30.27 +Goal "wf_prog wf_mb G ==> method (G,Object) sig = None";
   30.28  by (Asm_simp_tac 1);
   30.29  qed "method_Object";
   30.30  Addsimps [method_Object];
   30.31  
   30.32  Goalw [max_spec_def] 
   30.33 -  "x \\<in> max_spec G C sig \\<Longrightarrow> x \\<in> appl_methds G C sig";
   30.34 +  "x \\<in> max_spec G C sig ==> x \\<in> appl_methds G C sig";
   30.35  by (Fast_tac 1);
   30.36  qed"max_spec2appl_meths";
   30.37  
   30.38  Goalw [appl_methds_def] 
   30.39 -"((md,rT),pTs')\\<in>appl_methds G C (mn, pTs) \\<Longrightarrow> \
   30.40 +"((md,rT),pTs')\\<in>appl_methds G C (mn, pTs) ==> \
   30.41  \ \\<exists>D b. md = Class D \\<and> method (G,C) (mn, pTs') = Some (D,rT,b) \
   30.42  \ \\<and> list_all2 (\\<lambda>T T'. G\\<turnstile>T\\<preceq>T') pTs pTs'";
   30.43  by (Fast_tac 1);
   30.44  qed "appl_methsD";
   30.45  
   30.46  val is_type_typeof = prove_goal thy 
   30.47 -	"(\\<forall>a. v \\<noteq> Addr a) \\<longrightarrow> (\\<exists>T. typeof t v = Some T \\<and>  is_type G T)" (K [
   30.48 +	"(\\<forall>a. v \\<noteq> Addr a) --> (\\<exists>T. typeof t v = Some T \\<and>  is_type G T)" (K [
   30.49  	rtac val_.induct 1,
   30.50  	    Fast_tac 5,
   30.51  	   ALLGOALS Simp_tac]) RS mp;
    31.1 --- a/src/HOL/MicroJava/J/WellType.thy	Wed Sep 20 21:20:41 2000 +0200
    31.2 +++ b/src/HOL/MicroJava/J/WellType.thy	Thu Sep 21 10:42:49 2000 +0200
    31.3 @@ -24,8 +24,8 @@
    31.4  
    31.5  syntax
    31.6  
    31.7 -  prg		:: "'c env \\<Rightarrow> 'c prog"
    31.8 -  localT	:: "'c env \\<Rightarrow> (vname \\<leadsto> ty)"
    31.9 +  prg		:: "'c env => 'c prog"
   31.10 +  localT	:: "'c env => (vname \\<leadsto> ty)"
   31.11  
   31.12  translations	
   31.13  
   31.14 @@ -34,29 +34,29 @@
   31.15  
   31.16  consts
   31.17  
   31.18 -  more_spec	:: "'c prog \\<Rightarrow> (ty \\<times> 'x) \\<times> ty list \\<Rightarrow>
   31.19 -		               (ty \\<times> 'x) \\<times> ty list \\<Rightarrow> bool"
   31.20 -  appl_methds	:: "'c prog \\<Rightarrow>  cname \\<Rightarrow> sig \\<Rightarrow> ((ty \\<times> ty) \\<times> ty list) set"
   31.21 -  max_spec	:: "'c prog \\<Rightarrow>  cname \\<Rightarrow> sig \\<Rightarrow> ((ty \\<times> ty) \\<times> ty list) set"
   31.22 +  more_spec	:: "'c prog => (ty \\<times> 'x) \\<times> ty list =>
   31.23 +		               (ty \\<times> 'x) \\<times> ty list => bool"
   31.24 +  appl_methds	:: "'c prog =>  cname => sig => ((ty \\<times> ty) \\<times> ty list) set"
   31.25 +  max_spec	:: "'c prog =>  cname => sig => ((ty \\<times> ty) \\<times> ty list) set"
   31.26  
   31.27  defs
   31.28  
   31.29 -  more_spec_def	  "more_spec G \\<equiv> \\<lambda>((d,h),pTs). \\<lambda>((d',h'),pTs'). G\\<turnstile>d\\<preceq>d' \\<and>
   31.30 +  more_spec_def	  "more_spec G == \\<lambda>((d,h),pTs). \\<lambda>((d',h'),pTs'). G\\<turnstile>d\\<preceq>d' \\<and>
   31.31  		                  list_all2 (\\<lambda>T T'. G\\<turnstile>T\\<preceq>T') pTs pTs'"
   31.32    
   31.33    (* applicable methods, cf. 15.11.2.1 *)
   31.34 -  appl_methds_def "appl_methds G C \\<equiv> \\<lambda>(mn, pTs).
   31.35 +  appl_methds_def "appl_methds G C == \\<lambda>(mn, pTs).
   31.36  		                 {((Class md,rT),pTs') |md rT mb pTs'.
   31.37  		                  method (G,C)  (mn, pTs') = Some (md,rT,mb) \\<and>
   31.38  		                  list_all2 (\\<lambda>T T'. G\\<turnstile>T\\<preceq>T') pTs pTs'}"
   31.39  
   31.40    (* maximally specific methods, cf. 15.11.2.2 *)
   31.41 -   max_spec_def	  "max_spec G C sig \\<equiv> {m. m \\<in>appl_methds G C sig \\<and> 
   31.42 +   max_spec_def	  "max_spec G C sig == {m. m \\<in>appl_methds G C sig \\<and> 
   31.43  				          (\\<forall>m'\\<in>appl_methds G C sig.
   31.44 -				                   more_spec G m' m \\<longrightarrow> m' = m)}"
   31.45 +				                   more_spec G m' m --> m' = m)}"
   31.46  consts
   31.47  
   31.48 -  typeof :: "(loc \\<Rightarrow> ty option) \\<Rightarrow> val \\<Rightarrow> ty option"
   31.49 +  typeof :: "(loc => ty option) => val => ty option"
   31.50  
   31.51  primrec
   31.52  	"typeof dt  Unit    = Some (PrimT Void)"
   31.53 @@ -71,19 +71,19 @@
   31.54  
   31.55  consts
   31.56  
   31.57 -  ty_expr :: "java_mb env \\<Rightarrow> (expr      \\<times> ty     ) set"
   31.58 -  ty_exprs:: "java_mb env \\<Rightarrow> (expr list \\<times> ty list) set"
   31.59 -  wt_stmt :: "java_mb env \\<Rightarrow>  stmt                 set"
   31.60 +  ty_expr :: "java_mb env => (expr      \\<times> ty     ) set"
   31.61 +  ty_exprs:: "java_mb env => (expr list \\<times> ty list) set"
   31.62 +  wt_stmt :: "java_mb env =>  stmt                 set"
   31.63  
   31.64  syntax
   31.65  
   31.66 -ty_expr :: "java_mb env \\<Rightarrow> [expr     , ty     ] \\<Rightarrow> bool" ("_\\<turnstile>_\\<Colon>_"  [51,51,51]50)
   31.67 -ty_exprs:: "java_mb env \\<Rightarrow> [expr list, ty list] \\<Rightarrow> bool" ("_\\<turnstile>_[\\<Colon>]_"[51,51,51]50)
   31.68 -wt_stmt :: "java_mb env \\<Rightarrow>  stmt                \\<Rightarrow> bool" ("_\\<turnstile>_ \\<surd>" [51,51   ]50)
   31.69 +ty_expr :: "java_mb env => [expr     , ty     ] => bool" ("_\\<turnstile>_::_"  [51,51,51]50)
   31.70 +ty_exprs:: "java_mb env => [expr list, ty list] => bool" ("_\\<turnstile>_[::]_"[51,51,51]50)
   31.71 +wt_stmt :: "java_mb env =>  stmt                => bool" ("_\\<turnstile>_ \\<surd>" [51,51   ]50)
   31.72  
   31.73  translations
   31.74 -	"E\\<turnstile>e \\<Colon> T" == "(e,T) \\<in> ty_expr  E"
   31.75 -	"E\\<turnstile>e[\\<Colon>]T" == "(e,T) \\<in> ty_exprs E"
   31.76 +	"E\\<turnstile>e :: T" == "(e,T) \\<in> ty_expr  E"
   31.77 +	"E\\<turnstile>e[::]T" == "(e,T) \\<in> ty_exprs E"
   31.78  	"E\\<turnstile>c \\<surd>"    == "c     \\<in> wt_stmt  E"
   31.79    
   31.80  inductive "ty_expr E" "ty_exprs E" "wt_stmt E" intrs
   31.81 @@ -91,98 +91,98 @@
   31.82  (* well-typed expressions *)
   31.83  
   31.84    (* cf. 15.8 *)
   31.85 -  NewC	"\\<lbrakk>is_class (prg E) C\\<rbrakk> \\<Longrightarrow>
   31.86 -						 E\\<turnstile>NewC C\\<Colon>Class C"
   31.87 +  NewC	"[|is_class (prg E) C|] ==>
   31.88 +						 E\\<turnstile>NewC C::Class C"
   31.89  
   31.90    (* cf. 15.15 *)
   31.91 -  Cast	"\\<lbrakk>E\\<turnstile>e\\<Colon>Class C;
   31.92 -	  prg E\\<turnstile>C\\<preceq>? D\\<rbrakk> \\<Longrightarrow>
   31.93 -						 E\\<turnstile>Cast D e\\<Colon>Class D"
   31.94 +  Cast	"[|E\\<turnstile>e::Class C;
   31.95 +	  prg E\\<turnstile>C\\<preceq>? D|] ==>
   31.96 +						 E\\<turnstile>Cast D e::Class D"
   31.97  
   31.98    (* cf. 15.7.1 *)
   31.99 -  Lit	"\\<lbrakk>typeof (\\<lambda>v. None) x = Some T\\<rbrakk> \\<Longrightarrow>
  31.100 -						 E\\<turnstile>Lit x\\<Colon>T"
  31.101 +  Lit	"[|typeof (\\<lambda>v. None) x = Some T|] ==>
  31.102 +						 E\\<turnstile>Lit x::T"
  31.103  
  31.104    
  31.105    (* cf. 15.13.1 *)
  31.106 -  LAcc	"\\<lbrakk>localT E v = Some T; is_type (prg E) T\\<rbrakk> \\<Longrightarrow>
  31.107 -						 E\\<turnstile>LAcc v\\<Colon>T"
  31.108 +  LAcc	"[|localT E v = Some T; is_type (prg E) T|] ==>
  31.109 +						 E\\<turnstile>LAcc v::T"
  31.110  
  31.111 -  BinOp "\\<lbrakk>E\\<turnstile>e1\\<Colon>T;
  31.112 -	  E\\<turnstile>e2\\<Colon>T;
  31.113 +  BinOp "[|E\\<turnstile>e1::T;
  31.114 +	  E\\<turnstile>e2::T;
  31.115  	  if bop = Eq then T' = PrimT Boolean
  31.116 -	              else T' = T \\<and> T = PrimT Integer\\<rbrakk> \\<Longrightarrow>
  31.117 -						 E\\<turnstile>BinOp bop e1 e2\\<Colon>T'"
  31.118 +	              else T' = T \\<and> T = PrimT Integer|] ==>
  31.119 +						 E\\<turnstile>BinOp bop e1 e2::T'"
  31.120  
  31.121    (* cf. 15.25, 15.25.1 *)
  31.122 -  LAss  "\\<lbrakk>E\\<turnstile>LAcc v\\<Colon>T;
  31.123 -	  E\\<turnstile>e\\<Colon>T';
  31.124 -	  prg E\\<turnstile>T'\\<preceq>T\\<rbrakk> \\<Longrightarrow>
  31.125 -						 E\\<turnstile>v\\<Colon>=e\\<Colon>T'"
  31.126 +  LAss  "[|E\\<turnstile>LAcc v::T;
  31.127 +	  E\\<turnstile>e::T';
  31.128 +	  prg E\\<turnstile>T'\\<preceq>T|] ==>
  31.129 +						 E\\<turnstile>v::=e::T'"
  31.130  
  31.131    (* cf. 15.10.1 *)
  31.132 -  FAcc	"\\<lbrakk>E\\<turnstile>a\\<Colon>Class C; 
  31.133 -	  field (prg E,C) fn = Some (fd,fT)\\<rbrakk> \\<Longrightarrow>
  31.134 -						 E\\<turnstile>{fd}a..fn\\<Colon>fT"
  31.135 +  FAcc	"[|E\\<turnstile>a::Class C; 
  31.136 +	  field (prg E,C) fn = Some (fd,fT)|] ==>
  31.137 +						 E\\<turnstile>{fd}a..fn::fT"
  31.138  
  31.139    (* cf. 15.25, 15.25.1 *)
  31.140 -  FAss  "\\<lbrakk>E\\<turnstile>{fd}a..fn\\<Colon>T;
  31.141 -	  E\\<turnstile>v       \\<Colon>T';
  31.142 -	  prg E\\<turnstile>T'\\<preceq>T\\<rbrakk> \\<Longrightarrow>
  31.143 -					 	 E\\<turnstile>{fd}a..fn:=v\\<Colon>T'"
  31.144 +  FAss  "[|E\\<turnstile>{fd}a..fn::T;
  31.145 +	  E\\<turnstile>v       ::T';
  31.146 +	  prg E\\<turnstile>T'\\<preceq>T|] ==>
  31.147 +					 	 E\\<turnstile>{fd}a..fn:=v::T'"
  31.148  
  31.149  
  31.150    (* cf. 15.11.1, 15.11.2, 15.11.3 *)
  31.151 -  Call	"\\<lbrakk>E\\<turnstile>a\\<Colon>Class C;
  31.152 -	  E\\<turnstile>ps[\\<Colon>]pTs;
  31.153 -	  max_spec (prg E) C (mn, pTs) = {((md,rT),pTs')}\\<rbrakk> \\<Longrightarrow>
  31.154 -						 E\\<turnstile>a..mn({pTs'}ps)\\<Colon>rT"
  31.155 +  Call	"[|E\\<turnstile>a::Class C;
  31.156 +	  E\\<turnstile>ps[::]pTs;
  31.157 +	  max_spec (prg E) C (mn, pTs) = {((md,rT),pTs')}|] ==>
  31.158 +						 E\\<turnstile>a..mn({pTs'}ps)::rT"
  31.159  
  31.160  (* well-typed expression lists *)
  31.161  
  31.162    (* cf. 15.11.??? *)
  31.163 -  Nil						"E\\<turnstile>[][\\<Colon>][]"
  31.164 +  Nil						"E\\<turnstile>[][::][]"
  31.165  
  31.166    (* cf. 15.11.??? *)
  31.167 -  Cons	"\\<lbrakk>E\\<turnstile>e\\<Colon>T;
  31.168 -	   E\\<turnstile>es[\\<Colon>]Ts\\<rbrakk> \\<Longrightarrow>
  31.169 -						 E\\<turnstile>e#es[\\<Colon>]T#Ts"
  31.170 +  Cons	"[|E\\<turnstile>e::T;
  31.171 +	   E\\<turnstile>es[::]Ts|] ==>
  31.172 +						 E\\<turnstile>e#es[::]T#Ts"
  31.173  
  31.174  (* well-typed statements *)
  31.175  
  31.176    Skip					"E\\<turnstile>Skip\\<surd>"
  31.177  
  31.178 -  Expr	"\\<lbrakk>E\\<turnstile>e\\<Colon>T\\<rbrakk> \\<Longrightarrow>
  31.179 +  Expr	"[|E\\<turnstile>e::T|] ==>
  31.180  					 E\\<turnstile>Expr e\\<surd>"
  31.181  
  31.182 -  Comp	"\\<lbrakk>E\\<turnstile>s1\\<surd>; 
  31.183 -	  E\\<turnstile>s2\\<surd>\\<rbrakk> \\<Longrightarrow>
  31.184 +  Comp	"[|E\\<turnstile>s1\\<surd>; 
  31.185 +	  E\\<turnstile>s2\\<surd>|] ==>
  31.186  					 E\\<turnstile>s1;; s2\\<surd>"
  31.187  
  31.188    (* cf. 14.8 *)
  31.189 -  Cond	"\\<lbrakk>E\\<turnstile>e\\<Colon>PrimT Boolean;
  31.190 +  Cond	"[|E\\<turnstile>e::PrimT Boolean;
  31.191  	  E\\<turnstile>s1\\<surd>;
  31.192 -	  E\\<turnstile>s2\\<surd>\\<rbrakk> \\<Longrightarrow>
  31.193 +	  E\\<turnstile>s2\\<surd>|] ==>
  31.194  					 E\\<turnstile>If(e) s1 Else s2\\<surd>"
  31.195  
  31.196    (* cf. 14.10 *)
  31.197 -  Loop "\\<lbrakk>E\\<turnstile>e\\<Colon>PrimT Boolean;
  31.198 -	 E\\<turnstile>s\\<surd>\\<rbrakk> \\<Longrightarrow>
  31.199 +  Loop "[|E\\<turnstile>e::PrimT Boolean;
  31.200 +	 E\\<turnstile>s\\<surd>|] ==>
  31.201  					 E\\<turnstile>While(e) s\\<surd>"
  31.202  
  31.203  constdefs
  31.204  
  31.205   wf_java_mdecl :: java_mb prog => cname => java_mb mdecl => bool
  31.206 -"wf_java_mdecl G C \\<equiv> \\<lambda>((mn,pTs),rT,(pns,lvars,blk,res)).
  31.207 +"wf_java_mdecl G C == \\<lambda>((mn,pTs),rT,(pns,lvars,blk,res)).
  31.208  	length pTs = length pns \\<and>
  31.209  	nodups pns \\<and>
  31.210  	unique lvars \\<and>
  31.211  	(\\<forall>pn\\<in>set pns. map_of lvars pn = None) \\<and>
  31.212  	(\\<forall>(vn,T)\\<in>set lvars. is_type G T) &
  31.213  	(let E = (G,map_of lvars(pns[\\<mapsto>]pTs)(This\\<mapsto>Class C)) in
  31.214 -	 E\\<turnstile>blk\\<surd> \\<and> (\\<exists>T. E\\<turnstile>res\\<Colon>T \\<and> G\\<turnstile>T\\<preceq>rT))"
  31.215 +	 E\\<turnstile>blk\\<surd> \\<and> (\\<exists>T. E\\<turnstile>res::T \\<and> G\\<turnstile>T\\<preceq>rT))"
  31.216  
  31.217   wf_java_prog :: java_mb prog => bool
  31.218 -"wf_java_prog G \\<equiv> wf_prog wf_java_mdecl G"
  31.219 +"wf_java_prog G == wf_prog wf_java_mdecl G"
  31.220  
  31.221  end
    32.1 --- a/src/HOL/MicroJava/JVM/JVMExec.thy	Wed Sep 20 21:20:41 2000 +0200
    32.2 +++ b/src/HOL/MicroJava/JVM/JVMExec.thy	Thu Sep 21 10:42:49 2000 +0200
    32.3 @@ -9,7 +9,7 @@
    32.4  JVMExec = JVMExecInstr + 
    32.5  
    32.6  consts
    32.7 - exec :: "jvm_prog \\<times> jvm_state \\<Rightarrow> jvm_state option"
    32.8 + exec :: "jvm_prog \\<times> jvm_state => jvm_state option"
    32.9  
   32.10  (** exec is not recursive. recdef is just used for pattern matching **)
   32.11  recdef exec "{}"
   32.12 @@ -25,7 +25,7 @@
   32.13  
   32.14  
   32.15  constdefs
   32.16 - exec_all :: "[jvm_prog,jvm_state,jvm_state] \\<Rightarrow> bool"  ("_ \\<turnstile> _ -jvm\\<rightarrow> _" [61,61,61]60)
   32.17 - "G \\<turnstile> s -jvm\\<rightarrow> t \\<equiv> (s,t) \\<in> {(s,t). exec(G,s) = Some t}^*"
   32.18 + exec_all :: "[jvm_prog,jvm_state,jvm_state] => bool"  ("_ \\<turnstile> _ -jvm-> _" [61,61,61]60)
   32.19 + "G \\<turnstile> s -jvm-> t == (s,t) \\<in> {(s,t). exec(G,s) = Some t}^*"
   32.20  
   32.21  end
    33.1 --- a/src/HOL/MicroJava/JVM/JVMExecInstr.thy	Wed Sep 20 21:20:41 2000 +0200
    33.2 +++ b/src/HOL/MicroJava/JVM/JVMExecInstr.thy	Thu Sep 21 10:42:49 2000 +0200
    33.3 @@ -9,7 +9,7 @@
    33.4  JVMExecInstr = JVMInstructions + JVMState +
    33.5  
    33.6  consts
    33.7 -exec_instr :: "[instr, jvm_prog, aheap, opstack, locvars, cname, sig, p_count, frame list] \\<Rightarrow> jvm_state"
    33.8 +exec_instr :: "[instr, jvm_prog, aheap, opstack, locvars, cname, sig, p_count, frame list] => jvm_state"
    33.9  primrec
   33.10   "exec_instr (Load idx) G hp stk vars Cl sig pc frs = 
   33.11        (None, hp, ((vars ! idx) # stk, vars, Cl, sig, pc+1)#frs)"
    34.1 --- a/src/HOL/MicroJava/JVM/JVMState.thy	Wed Sep 20 21:20:41 2000 +0200
    34.2 +++ b/src/HOL/MicroJava/JVM/JVMState.thy	Thu Sep 21 10:42:49 2000 +0200
    34.3 @@ -32,8 +32,8 @@
    34.4  (** exceptions **)
    34.5  
    34.6  constdefs
    34.7 - raise_xcpt :: "bool \\<Rightarrow> xcpt \\<Rightarrow> xcpt option"
    34.8 -"raise_xcpt c x \\<equiv> (if c then Some x else None)"
    34.9 + raise_xcpt :: "bool => xcpt => xcpt option"
   34.10 +"raise_xcpt c x == (if c then Some x else None)"
   34.11  
   34.12  (** runtime state **)
   34.13  
   34.14 @@ -45,6 +45,6 @@
   34.15  (** dynamic method lookup **)
   34.16  
   34.17  constdefs
   34.18 - dyn_class	:: "'code prog \\<times> sig \\<times> cname \\<Rightarrow> cname"
   34.19 -"dyn_class \\<equiv> \\<lambda>(G,sig,C). fst(the(method(G,C) sig))"
   34.20 + dyn_class	:: "'code prog \\<times> sig \\<times> cname => cname"
   34.21 +"dyn_class == \\<lambda>(G,sig,C). fst(the(method(G,C) sig))"
   34.22  end
    35.1 --- a/src/HOL/MicroJava/JVM/Store.ML	Wed Sep 20 21:20:41 2000 +0200
    35.2 +++ b/src/HOL/MicroJava/JVM/Store.ML	Thu Sep 21 10:42:49 2000 +0200
    35.3 @@ -5,6 +5,6 @@
    35.4  *)
    35.5  
    35.6  Goalw [newref_def]
    35.7 - "hp x = None \\<longrightarrow> hp (newref hp) = None";
    35.8 + "hp x = None --> hp (newref hp) = None";
    35.9  by (fast_tac (claset() addIs [someI2_ex] addss (simpset())) 1);
   35.10  qed_spec_mp "newref_None";
    36.1 --- a/src/HOL/MicroJava/JVM/Store.thy	Wed Sep 20 21:20:41 2000 +0200
    36.2 +++ b/src/HOL/MicroJava/JVM/Store.thy	Thu Sep 21 10:42:49 2000 +0200
    36.3 @@ -12,7 +12,7 @@
    36.4  Store = Conform +  
    36.5  
    36.6  constdefs
    36.7 - newref :: "('a \\<leadsto> 'b) \\<Rightarrow> 'a"
    36.8 - "newref s \\<equiv> \\<epsilon>v. s v = None"
    36.9 + newref :: "('a \\<leadsto> 'b) => 'a"
   36.10 + "newref s == SOME v. s v = None"
   36.11  
   36.12  end