isabelle: src/HOL/MicroJava/BV/EffectMono.thy@6bccb1dc9bc3 (annotated)

42150 b0c0638c4aad tuned headers; wenzelm parents: 34915 diff changeset	1	(* Title: HOL/MicroJava/BV/EffectMono.thy
12516 d09d0f160888 exceptions kleing parents: diff changeset	2	Author: Gerwin Klein
d09d0f160888 exceptions kleing parents: diff changeset	3	Copyright 2000 Technische Universitaet Muenchen
d09d0f160888 exceptions kleing parents: diff changeset	4	*)
d09d0f160888 exceptions kleing parents: diff changeset	5
12911 704713ca07ea new document kleing parents: 12516 diff changeset	6	header {* \isaheader{Monotonicity of eff and app} *}
12516 d09d0f160888 exceptions kleing parents: diff changeset	7
33954 1bc3b688548c backported parts of abstract byte code verifier from AFP/Jinja haftmann parents: 25362 diff changeset	8	theory EffectMono
1bc3b688548c backported parts of abstract byte code verifier from AFP/Jinja haftmann parents: 25362 diff changeset	9	imports Effect
1bc3b688548c backported parts of abstract byte code verifier from AFP/Jinja haftmann parents: 25362 diff changeset	10	begin
12516 d09d0f160888 exceptions kleing parents: diff changeset	11
d09d0f160888 exceptions kleing parents: diff changeset	12	lemma PrimT_PrimT: "(G \<turnstile> xb \<preceq> PrimT p) = (xb = PrimT p)"
22271 51a80e238b29 Adapted to new inductive definition package. berghofe parents: 17589 diff changeset	13	by (auto elim: widen.cases)
12516 d09d0f160888 exceptions kleing parents: diff changeset	14
d09d0f160888 exceptions kleing parents: diff changeset	15
d09d0f160888 exceptions kleing parents: diff changeset	16	lemma sup_loc_some [rule_format]:
13006 51c5f3f11d16 symbolized kleing parents: 12951 diff changeset	17	"\<forall>y n. (G \<turnstile> b <=l y) \<longrightarrow> n < length y \<longrightarrow> y!n = OK t \<longrightarrow>
34915 7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	18	(\<exists>t. b!n = OK t \<and> (G \<turnstile> (b!n) <=o (y!n)))"
7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	19	proof (induct b)
7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	20	case Nil
7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	21	show ?case by simp
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	22	next
8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	23	case (Cons a list)
34915 7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	24	show ?case
12516 d09d0f160888 exceptions kleing parents: diff changeset	25	proof (clarsimp simp add: list_all2_Cons1 sup_loc_def Listn.le_def lesub_def)
d09d0f160888 exceptions kleing parents: diff changeset	26	fix z zs n
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	27	assume *:
12516 d09d0f160888 exceptions kleing parents: diff changeset	28	"G \<turnstile> a <=o z" "list_all2 (sup_ty_opt G) list zs"
d09d0f160888 exceptions kleing parents: diff changeset	29	"n < Suc (length list)" "(z # zs) ! n = OK t"
d09d0f160888 exceptions kleing parents: diff changeset	30
d09d0f160888 exceptions kleing parents: diff changeset	31	show "(\<exists>t. (a # list) ! n = OK t) \<and> G \<turnstile>(a # list) ! n <=o OK t"
d09d0f160888 exceptions kleing parents: diff changeset	32	proof (cases n)
d09d0f160888 exceptions kleing parents: diff changeset	33	case 0
d09d0f160888 exceptions kleing parents: diff changeset	34	with * show ?thesis by (simp add: sup_ty_opt_OK)
d09d0f160888 exceptions kleing parents: diff changeset	35	next
d09d0f160888 exceptions kleing parents: diff changeset	36	case Suc
d09d0f160888 exceptions kleing parents: diff changeset	37	with Cons *
d09d0f160888 exceptions kleing parents: diff changeset	38	show ?thesis by (simp add: sup_loc_def Listn.le_def lesub_def)
d09d0f160888 exceptions kleing parents: diff changeset	39	qed
d09d0f160888 exceptions kleing parents: diff changeset	40	qed
d09d0f160888 exceptions kleing parents: diff changeset	41	qed
d09d0f160888 exceptions kleing parents: diff changeset	42
d09d0f160888 exceptions kleing parents: diff changeset	43
d09d0f160888 exceptions kleing parents: diff changeset	44	lemma all_widen_is_sup_loc:
13006 51c5f3f11d16 symbolized kleing parents: 12951 diff changeset	45	"\<forall>b. length a = length b \<longrightarrow>
22271 51a80e238b29 Adapted to new inductive definition package. berghofe parents: 17589 diff changeset	46	(\<forall>(x, y)\<in>set (zip a b). G \<turnstile> x \<preceq> y) = (G \<turnstile> (map OK a) <=l (map OK b))"
13006 51c5f3f11d16 symbolized kleing parents: 12951 diff changeset	47	(is "\<forall>b. length a = length b \<longrightarrow> ?Q a b" is "?P a")
12516 d09d0f160888 exceptions kleing parents: diff changeset	48	proof (induct "a")
d09d0f160888 exceptions kleing parents: diff changeset	49	show "?P []" by simp
d09d0f160888 exceptions kleing parents: diff changeset	50
d09d0f160888 exceptions kleing parents: diff changeset	51	fix l ls assume Cons: "?P ls"
d09d0f160888 exceptions kleing parents: diff changeset	52
d09d0f160888 exceptions kleing parents: diff changeset	53	show "?P (l#ls)"
d09d0f160888 exceptions kleing parents: diff changeset	54	proof (intro allI impI)
d09d0f160888 exceptions kleing parents: diff changeset	55	fix b
d09d0f160888 exceptions kleing parents: diff changeset	56	assume "length (l # ls) = length (b::ty list)"
d09d0f160888 exceptions kleing parents: diff changeset	57	with Cons
d09d0f160888 exceptions kleing parents: diff changeset	58	show "?Q (l # ls) b" by - (cases b, auto)
d09d0f160888 exceptions kleing parents: diff changeset	59	qed
d09d0f160888 exceptions kleing parents: diff changeset	60	qed
d09d0f160888 exceptions kleing parents: diff changeset	61
d09d0f160888 exceptions kleing parents: diff changeset	62
d09d0f160888 exceptions kleing parents: diff changeset	63	lemma append_length_n [rule_format]:
34915 7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	64	"\<forall>n. n \<le> length x \<longrightarrow> (\<exists>a b. x = a@b \<and> length a = n)"
7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	65	proof (induct x)
7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	66	case Nil
7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	67	show ?case by simp
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	68	next
34915 7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	69	case (Cons l ls)
12516 d09d0f160888 exceptions kleing parents: diff changeset	70
34915 7894c7dab132 Adapted to changes in induct method. berghofe parents: 33954 diff changeset	71	show ?case
12516 d09d0f160888 exceptions kleing parents: diff changeset	72	proof (intro allI impI)
d09d0f160888 exceptions kleing parents: diff changeset	73	fix n
d09d0f160888 exceptions kleing parents: diff changeset	74	assume l: "n \<le> length (l # ls)"
d09d0f160888 exceptions kleing parents: diff changeset	75
d09d0f160888 exceptions kleing parents: diff changeset	76	show "\<exists>a b. l # ls = a @ b \<and> length a = n"
d09d0f160888 exceptions kleing parents: diff changeset	77	proof (cases n)
d09d0f160888 exceptions kleing parents: diff changeset	78	assume "n=0" thus ?thesis by simp
d09d0f160888 exceptions kleing parents: diff changeset	79	next
d09d0f160888 exceptions kleing parents: diff changeset	80	fix n' assume s: "n = Suc n'"
d09d0f160888 exceptions kleing parents: diff changeset	81	with l have "n' \<le> length ls" by simp
d09d0f160888 exceptions kleing parents: diff changeset	82	hence "\<exists>a b. ls = a @ b \<and> length a = n'" by (rule Cons [rule_format])
17589 58eeffd73be1 renamed rules to iprover nipkow parents: 16417 diff changeset	83	then obtain a b where "ls = a @ b" "length a = n'" by iprover
12516 d09d0f160888 exceptions kleing parents: diff changeset	84	with s have "l # ls = (l#a) @ b \<and> length (l#a) = n" by simp
d09d0f160888 exceptions kleing parents: diff changeset	85	thus ?thesis by blast
d09d0f160888 exceptions kleing parents: diff changeset	86	qed
d09d0f160888 exceptions kleing parents: diff changeset	87	qed
d09d0f160888 exceptions kleing parents: diff changeset	88	qed
d09d0f160888 exceptions kleing parents: diff changeset	89
d09d0f160888 exceptions kleing parents: diff changeset	90	lemma rev_append_cons:
13006 51c5f3f11d16 symbolized kleing parents: 12951 diff changeset	91	"n < length x \<Longrightarrow> \<exists>a b c. x = (rev a) @ b # c \<and> length a = n"
12516 d09d0f160888 exceptions kleing parents: diff changeset	92	proof -
d09d0f160888 exceptions kleing parents: diff changeset	93	assume n: "n < length x"
d09d0f160888 exceptions kleing parents: diff changeset	94	hence "n \<le> length x" by simp
d09d0f160888 exceptions kleing parents: diff changeset	95	hence "\<exists>a b. x = a @ b \<and> length a = n" by (rule append_length_n)
17589 58eeffd73be1 renamed rules to iprover nipkow parents: 16417 diff changeset	96	then obtain r d where x: "x = r@d" "length r = n" by iprover
12516 d09d0f160888 exceptions kleing parents: diff changeset	97	with n have "\<exists>b c. d = b#c" by (simp add: neq_Nil_conv)
17589 58eeffd73be1 renamed rules to iprover nipkow parents: 16417 diff changeset	98	then obtain b c where "d = b#c" by iprover
12516 d09d0f160888 exceptions kleing parents: diff changeset	99	with x have "x = (rev (rev r)) @ b # c \<and> length (rev r) = n" by simp
d09d0f160888 exceptions kleing parents: diff changeset	100	thus ?thesis by blast
d09d0f160888 exceptions kleing parents: diff changeset	101	qed
d09d0f160888 exceptions kleing parents: diff changeset	102
d09d0f160888 exceptions kleing parents: diff changeset	103	lemma sup_loc_length_map:
d09d0f160888 exceptions kleing parents: diff changeset	104	"G \<turnstile> map f a <=l map g b \<Longrightarrow> length a = length b"
d09d0f160888 exceptions kleing parents: diff changeset	105	proof -
d09d0f160888 exceptions kleing parents: diff changeset	106	assume "G \<turnstile> map f a <=l map g b"
d09d0f160888 exceptions kleing parents: diff changeset	107	hence "length (map f a) = length (map g b)" by (rule sup_loc_length)
d09d0f160888 exceptions kleing parents: diff changeset	108	thus ?thesis by simp
d09d0f160888 exceptions kleing parents: diff changeset	109	qed
d09d0f160888 exceptions kleing parents: diff changeset	110
d09d0f160888 exceptions kleing parents: diff changeset	111	lemmas [iff] = not_Err_eq
d09d0f160888 exceptions kleing parents: diff changeset	112
d09d0f160888 exceptions kleing parents: diff changeset	113	lemma app_mono:
13006 51c5f3f11d16 symbolized kleing parents: 12951 diff changeset	114	"\<lbrakk>G \<turnstile> s <=' s'; app i G m rT pc et s'\<rbrakk> \<Longrightarrow> app i G m rT pc et s"
12516 d09d0f160888 exceptions kleing parents: diff changeset	115	proof -
d09d0f160888 exceptions kleing parents: diff changeset	116
d09d0f160888 exceptions kleing parents: diff changeset	117	{ fix s1 s2
d09d0f160888 exceptions kleing parents: diff changeset	118	assume G: "G \<turnstile> s2 <=s s1"
d09d0f160888 exceptions kleing parents: diff changeset	119	assume app: "app i G m rT pc et (Some s1)"
d09d0f160888 exceptions kleing parents: diff changeset	120
d09d0f160888 exceptions kleing parents: diff changeset	121	note [simp] = sup_loc_length sup_loc_length_map
d09d0f160888 exceptions kleing parents: diff changeset	122
d09d0f160888 exceptions kleing parents: diff changeset	123	have "app i G m rT pc et (Some s2)"
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	124	proof (cases i)
12516 d09d0f160888 exceptions kleing parents: diff changeset	125	case Load
d09d0f160888 exceptions kleing parents: diff changeset	126
d09d0f160888 exceptions kleing parents: diff changeset	127	from G Load app
d09d0f160888 exceptions kleing parents: diff changeset	128	have "G \<turnstile> snd s2 <=l snd s1" by (auto simp add: sup_state_conv)
d09d0f160888 exceptions kleing parents: diff changeset	129
d09d0f160888 exceptions kleing parents: diff changeset	130	with G Load app show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	131	by (cases s2) (auto simp add: sup_state_conv dest: sup_loc_some)
d09d0f160888 exceptions kleing parents: diff changeset	132	next
d09d0f160888 exceptions kleing parents: diff changeset	133	case Store
d09d0f160888 exceptions kleing parents: diff changeset	134	with G app show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	135	by (cases s2) (auto simp add: sup_loc_Cons2 sup_state_conv)
12516 d09d0f160888 exceptions kleing parents: diff changeset	136	next
d09d0f160888 exceptions kleing parents: diff changeset	137	case LitPush
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	138	with G app show ?thesis by (cases s2) (auto simp add: sup_state_conv)
12516 d09d0f160888 exceptions kleing parents: diff changeset	139	next
d09d0f160888 exceptions kleing parents: diff changeset	140	case New
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	141	with G app show ?thesis by (cases s2) (auto simp add: sup_state_conv)
12516 d09d0f160888 exceptions kleing parents: diff changeset	142	next
d09d0f160888 exceptions kleing parents: diff changeset	143	case Getfield
d09d0f160888 exceptions kleing parents: diff changeset	144	with app G show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	145	by (cases s2) (clarsimp simp add: sup_state_Cons2, rule widen_trans)
d09d0f160888 exceptions kleing parents: diff changeset	146	next
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	147	case (Putfield vname cname)
12516 d09d0f160888 exceptions kleing parents: diff changeset	148
d09d0f160888 exceptions kleing parents: diff changeset	149	with app
d09d0f160888 exceptions kleing parents: diff changeset	150	obtain vT oT ST LT b
d09d0f160888 exceptions kleing parents: diff changeset	151	where s1: "s1 = (vT # oT # ST, LT)" and
d09d0f160888 exceptions kleing parents: diff changeset	152	"field (G, cname) vname = Some (cname, b)"
d09d0f160888 exceptions kleing parents: diff changeset	153	"is_class G cname" and
d09d0f160888 exceptions kleing parents: diff changeset	154	oT: "G\<turnstile> oT\<preceq> (Class cname)" and
d09d0f160888 exceptions kleing parents: diff changeset	155	vT: "G\<turnstile> vT\<preceq> b" and
13718 9f94248d2f5a beautified "match" kleing parents: 13601 diff changeset	156	xc: "Ball (set (match G NullPointer pc et)) (is_class G)"
12516 d09d0f160888 exceptions kleing parents: diff changeset	157	by force
d09d0f160888 exceptions kleing parents: diff changeset	158	moreover
d09d0f160888 exceptions kleing parents: diff changeset	159	from s1 G
d09d0f160888 exceptions kleing parents: diff changeset	160	obtain vT' oT' ST' LT'
d09d0f160888 exceptions kleing parents: diff changeset	161	where s2: "s2 = (vT' # oT' # ST', LT')" and
d09d0f160888 exceptions kleing parents: diff changeset	162	oT': "G\<turnstile> oT' \<preceq> oT" and
d09d0f160888 exceptions kleing parents: diff changeset	163	vT': "G\<turnstile> vT' \<preceq> vT"
d09d0f160888 exceptions kleing parents: diff changeset	164	by - (cases s2, simp add: sup_state_Cons2, elim exE conjE, simp, rule that)
d09d0f160888 exceptions kleing parents: diff changeset	165	moreover
d09d0f160888 exceptions kleing parents: diff changeset	166	from vT' vT
d09d0f160888 exceptions kleing parents: diff changeset	167	have "G \<turnstile> vT' \<preceq> b" by (rule widen_trans)
d09d0f160888 exceptions kleing parents: diff changeset	168	moreover
d09d0f160888 exceptions kleing parents: diff changeset	169	from oT' oT
d09d0f160888 exceptions kleing parents: diff changeset	170	have "G\<turnstile> oT' \<preceq> (Class cname)" by (rule widen_trans)
d09d0f160888 exceptions kleing parents: diff changeset	171	ultimately
d09d0f160888 exceptions kleing parents: diff changeset	172	show ?thesis by (auto simp add: Putfield xc)
d09d0f160888 exceptions kleing parents: diff changeset	173	next
d09d0f160888 exceptions kleing parents: diff changeset	174	case Checkcast
d09d0f160888 exceptions kleing parents: diff changeset	175	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	176	by (cases s2) (auto intro!: widen_RefT2 simp add: sup_state_Cons2)
12516 d09d0f160888 exceptions kleing parents: diff changeset	177	next
d09d0f160888 exceptions kleing parents: diff changeset	178	case Return
d09d0f160888 exceptions kleing parents: diff changeset	179	with app G show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	180	by (cases s2) (auto simp add: sup_state_Cons2, rule widen_trans)
d09d0f160888 exceptions kleing parents: diff changeset	181	next
d09d0f160888 exceptions kleing parents: diff changeset	182	case Pop
d09d0f160888 exceptions kleing parents: diff changeset	183	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	184	by (cases s2) (clarsimp simp add: sup_state_Cons2)
12516 d09d0f160888 exceptions kleing parents: diff changeset	185	next
d09d0f160888 exceptions kleing parents: diff changeset	186	case Dup
d09d0f160888 exceptions kleing parents: diff changeset	187	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	188	by (cases s2) (clarsimp simp add: sup_state_Cons2,
12516 d09d0f160888 exceptions kleing parents: diff changeset	189	auto dest: sup_state_length)
d09d0f160888 exceptions kleing parents: diff changeset	190	next
d09d0f160888 exceptions kleing parents: diff changeset	191	case Dup_x1
d09d0f160888 exceptions kleing parents: diff changeset	192	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	193	by (cases s2) (clarsimp simp add: sup_state_Cons2,
12516 d09d0f160888 exceptions kleing parents: diff changeset	194	auto dest: sup_state_length)
d09d0f160888 exceptions kleing parents: diff changeset	195	next
d09d0f160888 exceptions kleing parents: diff changeset	196	case Dup_x2
d09d0f160888 exceptions kleing parents: diff changeset	197	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	198	by (cases s2) (clarsimp simp add: sup_state_Cons2,
12516 d09d0f160888 exceptions kleing parents: diff changeset	199	auto dest: sup_state_length)
d09d0f160888 exceptions kleing parents: diff changeset	200	next
d09d0f160888 exceptions kleing parents: diff changeset	201	case Swap
d09d0f160888 exceptions kleing parents: diff changeset	202	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	203	by (cases s2) (auto simp add: sup_state_Cons2)
12516 d09d0f160888 exceptions kleing parents: diff changeset	204	next
d09d0f160888 exceptions kleing parents: diff changeset	205	case IAdd
d09d0f160888 exceptions kleing parents: diff changeset	206	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	207	by (cases s2) (auto simp add: sup_state_Cons2 PrimT_PrimT)
12516 d09d0f160888 exceptions kleing parents: diff changeset	208	next
d09d0f160888 exceptions kleing parents: diff changeset	209	case Goto
d09d0f160888 exceptions kleing parents: diff changeset	210	with app show ?thesis by simp
d09d0f160888 exceptions kleing parents: diff changeset	211	next
d09d0f160888 exceptions kleing parents: diff changeset	212	case Ifcmpeq
d09d0f160888 exceptions kleing parents: diff changeset	213	with app G show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	214	by (cases s2) (auto simp add: sup_state_Cons2 PrimT_PrimT widen_RefT2)
12516 d09d0f160888 exceptions kleing parents: diff changeset	215	next
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	216	case (Invoke cname mname list)
12516 d09d0f160888 exceptions kleing parents: diff changeset	217
d09d0f160888 exceptions kleing parents: diff changeset	218	with app
d09d0f160888 exceptions kleing parents: diff changeset	219	obtain apTs X ST LT mD' rT' b' where
d09d0f160888 exceptions kleing parents: diff changeset	220	s1: "s1 = (rev apTs @ X # ST, LT)" and
d09d0f160888 exceptions kleing parents: diff changeset	221	l: "length apTs = length list" and
d09d0f160888 exceptions kleing parents: diff changeset	222	c: "is_class G cname" and
d09d0f160888 exceptions kleing parents: diff changeset	223	C: "G \<turnstile> X \<preceq> Class cname" and
22271 51a80e238b29 Adapted to new inductive definition package. berghofe parents: 17589 diff changeset	224	w: "\<forall>(x, y) \<in> set (zip apTs list). G \<turnstile> x \<preceq> y" and
12516 d09d0f160888 exceptions kleing parents: diff changeset	225	m: "method (G, cname) (mname, list) = Some (mD', rT', b')" and
d09d0f160888 exceptions kleing parents: diff changeset	226	x: "\<forall>C \<in> set (match_any G pc et). is_class G C"
d09d0f160888 exceptions kleing parents: diff changeset	227	by (simp del: not_None_eq, elim exE conjE) (rule that)
d09d0f160888 exceptions kleing parents: diff changeset	228
d09d0f160888 exceptions kleing parents: diff changeset	229	obtain apTs' X' ST' LT' where
d09d0f160888 exceptions kleing parents: diff changeset	230	s2: "s2 = (rev apTs' @ X' # ST', LT')" and
d09d0f160888 exceptions kleing parents: diff changeset	231	l': "length apTs' = length list"
d09d0f160888 exceptions kleing parents: diff changeset	232	proof -
d09d0f160888 exceptions kleing parents: diff changeset	233	from l s1 G
d09d0f160888 exceptions kleing parents: diff changeset	234	have "length list < length (fst s2)"
d09d0f160888 exceptions kleing parents: diff changeset	235	by simp
d09d0f160888 exceptions kleing parents: diff changeset	236	hence "\<exists>a b c. (fst s2) = rev a @ b # c \<and> length a = length list"
d09d0f160888 exceptions kleing parents: diff changeset	237	by (rule rev_append_cons [rule_format])
d09d0f160888 exceptions kleing parents: diff changeset	238	thus ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	239	by (cases s2) (elim exE conjE, simp, rule that)
12516 d09d0f160888 exceptions kleing parents: diff changeset	240	qed
d09d0f160888 exceptions kleing parents: diff changeset	241
d09d0f160888 exceptions kleing parents: diff changeset	242	from l l'
d09d0f160888 exceptions kleing parents: diff changeset	243	have "length (rev apTs') = length (rev apTs)" by simp
d09d0f160888 exceptions kleing parents: diff changeset	244
d09d0f160888 exceptions kleing parents: diff changeset	245	from this s1 s2 G
d09d0f160888 exceptions kleing parents: diff changeset	246	obtain
d09d0f160888 exceptions kleing parents: diff changeset	247	G': "G \<turnstile> (apTs',LT') <=s (apTs,LT)" and
d09d0f160888 exceptions kleing parents: diff changeset	248	X : "G \<turnstile> X' \<preceq> X" and "G \<turnstile> (ST',LT') <=s (ST,LT)"
d09d0f160888 exceptions kleing parents: diff changeset	249	by (simp add: sup_state_rev_fst sup_state_append_fst sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	250
d09d0f160888 exceptions kleing parents: diff changeset	251	with C
d09d0f160888 exceptions kleing parents: diff changeset	252	have C': "G \<turnstile> X' \<preceq> Class cname"
d09d0f160888 exceptions kleing parents: diff changeset	253	by - (rule widen_trans, auto)
d09d0f160888 exceptions kleing parents: diff changeset	254
d09d0f160888 exceptions kleing parents: diff changeset	255	from G'
d09d0f160888 exceptions kleing parents: diff changeset	256	have "G \<turnstile> map OK apTs' <=l map OK apTs"
d09d0f160888 exceptions kleing parents: diff changeset	257	by (simp add: sup_state_conv)
d09d0f160888 exceptions kleing parents: diff changeset	258	also
d09d0f160888 exceptions kleing parents: diff changeset	259	from l w
d09d0f160888 exceptions kleing parents: diff changeset	260	have "G \<turnstile> map OK apTs <=l map OK list"
d09d0f160888 exceptions kleing parents: diff changeset	261	by (simp add: all_widen_is_sup_loc)
d09d0f160888 exceptions kleing parents: diff changeset	262	finally
d09d0f160888 exceptions kleing parents: diff changeset	263	have "G \<turnstile> map OK apTs' <=l map OK list" .
d09d0f160888 exceptions kleing parents: diff changeset	264
d09d0f160888 exceptions kleing parents: diff changeset	265	with l'
22271 51a80e238b29 Adapted to new inductive definition package. berghofe parents: 17589 diff changeset	266	have w': "\<forall>(x, y) \<in> set (zip apTs' list). G \<turnstile> x \<preceq> y"
12516 d09d0f160888 exceptions kleing parents: diff changeset	267	by (simp add: all_widen_is_sup_loc)
d09d0f160888 exceptions kleing parents: diff changeset	268
d09d0f160888 exceptions kleing parents: diff changeset	269	from Invoke s2 l' w' C' m c x
d09d0f160888 exceptions kleing parents: diff changeset	270	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	271	by (simp del: split_paired_Ex) blast
d09d0f160888 exceptions kleing parents: diff changeset	272	next
d09d0f160888 exceptions kleing parents: diff changeset	273	case Throw
d09d0f160888 exceptions kleing parents: diff changeset	274	with app G show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	275	by (cases s2, clarsimp simp add: sup_state_Cons2 widen_RefT2)
d09d0f160888 exceptions kleing parents: diff changeset	276	qed
d09d0f160888 exceptions kleing parents: diff changeset	277	} note this [simp]
d09d0f160888 exceptions kleing parents: diff changeset	278
d09d0f160888 exceptions kleing parents: diff changeset	279	assume "G \<turnstile> s <=' s'" "app i G m rT pc et s'"
d09d0f160888 exceptions kleing parents: diff changeset	280	thus ?thesis by (cases s, cases s', auto)
d09d0f160888 exceptions kleing parents: diff changeset	281	qed
d09d0f160888 exceptions kleing parents: diff changeset	282
d09d0f160888 exceptions kleing parents: diff changeset	283	lemmas [simp del] = split_paired_Ex
d09d0f160888 exceptions kleing parents: diff changeset	284
d09d0f160888 exceptions kleing parents: diff changeset	285	lemma eff'_mono:
13006 51c5f3f11d16 symbolized kleing parents: 12951 diff changeset	286	"\<lbrakk> app i G m rT pc et (Some s2); G \<turnstile> s1 <=s s2 \<rbrakk> \<Longrightarrow>
12516 d09d0f160888 exceptions kleing parents: diff changeset	287	G \<turnstile> eff' (i,G,s1) <=s eff' (i,G,s2)"
d09d0f160888 exceptions kleing parents: diff changeset	288	proof (cases s1, cases s2)
d09d0f160888 exceptions kleing parents: diff changeset	289	fix a1 b1 a2 b2
d09d0f160888 exceptions kleing parents: diff changeset	290	assume s: "s1 = (a1,b1)" "s2 = (a2,b2)"
d09d0f160888 exceptions kleing parents: diff changeset	291	assume app2: "app i G m rT pc et (Some s2)"
d09d0f160888 exceptions kleing parents: diff changeset	292	assume G: "G \<turnstile> s1 <=s s2"
d09d0f160888 exceptions kleing parents: diff changeset	293
d09d0f160888 exceptions kleing parents: diff changeset	294	note [simp] = eff_def
d09d0f160888 exceptions kleing parents: diff changeset	295
23467 d1b97708d5eb tuned proofs -- avoid implicit prems; wenzelm parents: 22271 diff changeset	296	with G have "G \<turnstile> (Some s1) <=' (Some s2)" by simp
12516 d09d0f160888 exceptions kleing parents: diff changeset	297	from this app2
d09d0f160888 exceptions kleing parents: diff changeset	298	have app1: "app i G m rT pc et (Some s1)" by (rule app_mono)
d09d0f160888 exceptions kleing parents: diff changeset	299
d09d0f160888 exceptions kleing parents: diff changeset	300	show ?thesis
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	301	proof (cases i)
8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	302	case (Load n)
12516 d09d0f160888 exceptions kleing parents: diff changeset	303
d09d0f160888 exceptions kleing parents: diff changeset	304	with s app1
d09d0f160888 exceptions kleing parents: diff changeset	305	obtain y where
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	306	y: "n < length b1" "b1 ! n = OK y" by clarsimp
12516 d09d0f160888 exceptions kleing parents: diff changeset	307
d09d0f160888 exceptions kleing parents: diff changeset	308	from Load s app2
d09d0f160888 exceptions kleing parents: diff changeset	309	obtain y' where
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	310	y': "n < length b2" "b2 ! n = OK y'" by clarsimp
12516 d09d0f160888 exceptions kleing parents: diff changeset	311
d09d0f160888 exceptions kleing parents: diff changeset	312	from G s
d09d0f160888 exceptions kleing parents: diff changeset	313	have "G \<turnstile> b1 <=l b2" by (simp add: sup_state_conv)
d09d0f160888 exceptions kleing parents: diff changeset	314
d09d0f160888 exceptions kleing parents: diff changeset	315	with y y'
d09d0f160888 exceptions kleing parents: diff changeset	316	have "G \<turnstile> y \<preceq> y'"
d09d0f160888 exceptions kleing parents: diff changeset	317	by - (drule sup_loc_some, simp+)
d09d0f160888 exceptions kleing parents: diff changeset	318
d09d0f160888 exceptions kleing parents: diff changeset	319	with Load G y y' s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	320	show ?thesis by (clarsimp simp add: sup_state_conv)
d09d0f160888 exceptions kleing parents: diff changeset	321	next
d09d0f160888 exceptions kleing parents: diff changeset	322	case Store
d09d0f160888 exceptions kleing parents: diff changeset	323	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	324	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	325	by (clarsimp simp add: sup_state_conv sup_loc_update)
d09d0f160888 exceptions kleing parents: diff changeset	326	next
d09d0f160888 exceptions kleing parents: diff changeset	327	case LitPush
d09d0f160888 exceptions kleing parents: diff changeset	328	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	329	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	330	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	331	next
d09d0f160888 exceptions kleing parents: diff changeset	332	case New
d09d0f160888 exceptions kleing parents: diff changeset	333	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	334	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	335	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	336	next
d09d0f160888 exceptions kleing parents: diff changeset	337	case Getfield
d09d0f160888 exceptions kleing parents: diff changeset	338	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	339	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	340	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	341	next
d09d0f160888 exceptions kleing parents: diff changeset	342	case Putfield
d09d0f160888 exceptions kleing parents: diff changeset	343	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	344	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	345	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	346	next
d09d0f160888 exceptions kleing parents: diff changeset	347	case Checkcast
d09d0f160888 exceptions kleing parents: diff changeset	348	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	349	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	350	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	351	next
25362 8d06e11a01d1 tuned proofs -- avoid open cases; wenzelm parents: 23467 diff changeset	352	case (Invoke cname mname list)
12516 d09d0f160888 exceptions kleing parents: diff changeset	353
d09d0f160888 exceptions kleing parents: diff changeset	354	with s app1
d09d0f160888 exceptions kleing parents: diff changeset	355	obtain a X ST where
d09d0f160888 exceptions kleing parents: diff changeset	356	s1: "s1 = (a @ X # ST, b1)" and
d09d0f160888 exceptions kleing parents: diff changeset	357	l: "length a = length list"
13601 fd3e3d6b37b2 Adapted to new simplifier. berghofe parents: 13006 diff changeset	358	by (simp, elim exE conjE, simp (no_asm_simp))
12516 d09d0f160888 exceptions kleing parents: diff changeset	359
d09d0f160888 exceptions kleing parents: diff changeset	360	from Invoke s app2
d09d0f160888 exceptions kleing parents: diff changeset	361	obtain a' X' ST' where
d09d0f160888 exceptions kleing parents: diff changeset	362	s2: "s2 = (a' @ X' # ST', b2)" and
d09d0f160888 exceptions kleing parents: diff changeset	363	l': "length a' = length list"
13601 fd3e3d6b37b2 Adapted to new simplifier. berghofe parents: 13006 diff changeset	364	by (simp, elim exE conjE, simp (no_asm_simp))
12516 d09d0f160888 exceptions kleing parents: diff changeset	365
d09d0f160888 exceptions kleing parents: diff changeset	366	from l l'
d09d0f160888 exceptions kleing parents: diff changeset	367	have lr: "length a = length a'" by simp
d09d0f160888 exceptions kleing parents: diff changeset	368
13601 fd3e3d6b37b2 Adapted to new simplifier. berghofe parents: 13006 diff changeset	369	from lr G s1 s2
12516 d09d0f160888 exceptions kleing parents: diff changeset	370	have "G \<turnstile> (ST, b1) <=s (ST', b2)"
d09d0f160888 exceptions kleing parents: diff changeset	371	by (simp add: sup_state_append_fst sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	372
d09d0f160888 exceptions kleing parents: diff changeset	373	moreover
d09d0f160888 exceptions kleing parents: diff changeset	374
d09d0f160888 exceptions kleing parents: diff changeset	375	obtain b1' b2' where eff':
d09d0f160888 exceptions kleing parents: diff changeset	376	"b1' = snd (eff' (i,G,s1))"
d09d0f160888 exceptions kleing parents: diff changeset	377	"b2' = snd (eff' (i,G,s2))" by simp
d09d0f160888 exceptions kleing parents: diff changeset	378
d09d0f160888 exceptions kleing parents: diff changeset	379	from Invoke G s eff' app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	380	obtain "b1 = b1'" "b2 = b2'" by simp
d09d0f160888 exceptions kleing parents: diff changeset	381
d09d0f160888 exceptions kleing parents: diff changeset	382	ultimately
d09d0f160888 exceptions kleing parents: diff changeset	383
d09d0f160888 exceptions kleing parents: diff changeset	384	have "G \<turnstile> (ST, b1') <=s (ST', b2')" by simp
d09d0f160888 exceptions kleing parents: diff changeset	385
d09d0f160888 exceptions kleing parents: diff changeset	386	with Invoke G s app1 app2 eff' s1 s2 l l'
d09d0f160888 exceptions kleing parents: diff changeset	387	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	388	by (clarsimp simp add: sup_state_conv)
d09d0f160888 exceptions kleing parents: diff changeset	389	next
d09d0f160888 exceptions kleing parents: diff changeset	390	case Return
d09d0f160888 exceptions kleing parents: diff changeset	391	with G
d09d0f160888 exceptions kleing parents: diff changeset	392	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	393	by simp
d09d0f160888 exceptions kleing parents: diff changeset	394	next
d09d0f160888 exceptions kleing parents: diff changeset	395	case Pop
d09d0f160888 exceptions kleing parents: diff changeset	396	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	397	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	398	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	399	next
d09d0f160888 exceptions kleing parents: diff changeset	400	case Dup
d09d0f160888 exceptions kleing parents: diff changeset	401	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	402	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	403	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	404	next
d09d0f160888 exceptions kleing parents: diff changeset	405	case Dup_x1
d09d0f160888 exceptions kleing parents: diff changeset	406	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	407	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	408	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	409	next
d09d0f160888 exceptions kleing parents: diff changeset	410	case Dup_x2
d09d0f160888 exceptions kleing parents: diff changeset	411	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	412	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	413	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	414	next
d09d0f160888 exceptions kleing parents: diff changeset	415	case Swap
d09d0f160888 exceptions kleing parents: diff changeset	416	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	417	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	418	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	419	next
d09d0f160888 exceptions kleing parents: diff changeset	420	case IAdd
d09d0f160888 exceptions kleing parents: diff changeset	421	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	422	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	423	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	424	next
d09d0f160888 exceptions kleing parents: diff changeset	425	case Goto
d09d0f160888 exceptions kleing parents: diff changeset	426	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	427	show ?thesis by simp
d09d0f160888 exceptions kleing parents: diff changeset	428	next
d09d0f160888 exceptions kleing parents: diff changeset	429	case Ifcmpeq
d09d0f160888 exceptions kleing parents: diff changeset	430	with G s app1 app2
d09d0f160888 exceptions kleing parents: diff changeset	431	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	432	by (clarsimp simp add: sup_state_Cons1)
d09d0f160888 exceptions kleing parents: diff changeset	433	next
d09d0f160888 exceptions kleing parents: diff changeset	434	case Throw
d09d0f160888 exceptions kleing parents: diff changeset	435	with G
d09d0f160888 exceptions kleing parents: diff changeset	436	show ?thesis
d09d0f160888 exceptions kleing parents: diff changeset	437	by simp
d09d0f160888 exceptions kleing parents: diff changeset	438	qed
d09d0f160888 exceptions kleing parents: diff changeset	439	qed
d09d0f160888 exceptions kleing parents: diff changeset	440
d09d0f160888 exceptions kleing parents: diff changeset	441	lemmas [iff del] = not_Err_eq
d09d0f160888 exceptions kleing parents: diff changeset	442
d09d0f160888 exceptions kleing parents: diff changeset	443	end

author	wenzelm
	Sun, 04 Mar 2012 19:24:05 +0100
changeset 46815	6bccb1dc9bc3
parent 42150	b0c0638c4aad
child 56073	29e308b56d23
permissions	-rw-r--r--