isabelle: src/HOL/Bali/TypeRel.thy@8b3f707a78a7 (annotated)

12857 a4386cc9b1c3 tuned header; wenzelm parents: 12854 diff changeset	1	(* Title: HOL/Bali/TypeRel.thy
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	2	ID: $Id$
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	3	Author: David von Oheimb
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	4	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	5	header {* The relations between Java types *}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	6
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	7	theory TypeRel = Decl:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	8
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	9	text {*
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	10	simplifications:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	11	\begin{itemize}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	12	\item subinterface, subclass and widening relation includes identity
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	13	\end{itemize}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	14	improvements over Java Specification 1.0:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	15	\begin{itemize}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	16	\item narrowing reference conversion also in cases where the return types of a
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	17	pair of methods common to both types are in widening (rather identity)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	18	relation
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	19	\item one could add similar constraints also for other cases
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	20	\end{itemize}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	21	design issues:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	22	\begin{itemize}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	23	\item the type relations do not require @{text is_type} for their arguments
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	24	\item the subint1 and subcls1 relations imply @{text is_iface}/@{text is_class}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	25	for their first arguments, which is required for their finiteness
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	26	\end{itemize}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	27	*}
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	28
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	29	consts
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	30
14674 3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	31	(subint1, in Decl.thy) (* direct subinterface *)
3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	32	(subint , by translation) (* subinterface (+ identity) *)
3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	33	(subcls1, in Decl.thy) (* direct subclass *)
3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	34	(subcls , by translation) (* subclass *)
3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	35	(subclseq, by translation) (* subclass + identity *)
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	36	implmt1 :: "prog \<Rightarrow> (qtname \<times> qtname) set" --{* direct implementation *}
14674 3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	37	implmt :: "prog \<Rightarrow> (qtname \<times> qtname) set" --{* implementation *}
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	38	widen :: "prog \<Rightarrow> (ty \<times> ty ) set" --{* widening *}
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	39	narrow :: "prog \<Rightarrow> (ty \<times> ty ) set" --{* narrowing *}
14674 3506a9af46fc * empty log message * wenzelm parents: 13688 diff changeset	40	cast :: "prog \<Rightarrow> (ty \<times> ty ) set" --{* casting *}
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	41
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	42	syntax
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	43
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	44	"@subint1" :: "prog => [qtname, qtname] => bool" ("_\|-_<:I1_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	45	"@subint" :: "prog => [qtname, qtname] => bool" ("_\|-_<=:I _"[71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	46	(* Defined in Decl.thy:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	47	"@subcls1" :: "prog => [qtname, qtname] => bool" ("_\|-_<:C1_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	48	"@subclseq":: "prog => [qtname, qtname] => bool" ("_\|-_<=:C _"[71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	49	"@subcls" :: "prog => [qtname, qtname] => bool" ("_\|-_<:C _"[71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	50	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	51	"@implmt1" :: "prog => [qtname, qtname] => bool" ("_\|-_~>1_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	52	"@implmt" :: "prog => [qtname, qtname] => bool" ("_\|-_~>_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	53	"@widen" :: "prog => [ty , ty ] => bool" ("_\|-_<=:_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	54	"@narrow" :: "prog => [ty , ty ] => bool" ("_\|-_:>_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	55	"@cast" :: "prog => [ty , ty ] => bool" ("_\|-_<=:? _"[71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	56
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	57	syntax (symbols)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	58
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	59	"@subint1" :: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<prec>I1_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	60	"@subint" :: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<preceq>I _" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	61	(* Defined in Decl.thy:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	62	\ "@subcls1" :: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<prec>\<^sub>C\<^sub>1_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	63	"@subclseq":: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<preceq>\<^sub>C _" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	64	"@subcls" :: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<prec>\<^sub>C _" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	65	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	66	"@implmt1" :: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<leadsto>1_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	67	"@implmt" :: "prog \<Rightarrow> [qtname, qtname] \<Rightarrow> bool" ("_\<turnstile>_\<leadsto>_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	68	"@widen" :: "prog \<Rightarrow> [ty , ty ] \<Rightarrow> bool" ("_\<turnstile>_\<preceq>_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	69	"@narrow" :: "prog \<Rightarrow> [ty , ty ] \<Rightarrow> bool" ("_\<turnstile>_\<succ>_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	70	"@cast" :: "prog \<Rightarrow> [ty , ty ] \<Rightarrow> bool" ("_\<turnstile>_\<preceq>? _" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	71
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	72	translations
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	73
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	74	"G\<turnstile>I \<prec>I1 J" == "(I,J) \<in> subint1 G"
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	75	"G\<turnstile>I \<preceq>I J" == "(I,J) \<in>(subint1 G)^" --{ cf. 9.1.3 *}
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	76	(* Defined in Decl.thy:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	77	"G\<turnstile>C \<prec>\<^sub>C\<^sub>1 D" == "(C,D) \<in> subcls1 G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	78	"G\<turnstile>C \<preceq>\<^sub>C D" == "(C,D) \<in>(subcls1 G)^*"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	79	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	80	"G\<turnstile>C \<leadsto>1 I" == "(C,I) \<in> implmt1 G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	81	"G\<turnstile>C \<leadsto> I" == "(C,I) \<in> implmt G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	82	"G\<turnstile>S \<preceq> T" == "(S,T) \<in> widen G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	83	"G\<turnstile>S \<succ> T" == "(S,T) \<in> narrow G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	84	"G\<turnstile>S \<preceq>? T" == "(S,T) \<in> cast G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	85
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	86
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	87	section "subclass and subinterface relations"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	88
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	89	(* direct subinterface in Decl.thy, cf. 9.1.3 *)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	90	(* direct subclass in Decl.thy, cf. 8.1.3 *)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	91
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	92	lemmas subcls_direct = subcls1I [THEN r_into_rtrancl, standard]
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	93
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	94	lemma subcls_direct1:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	95	"\<lbrakk>class G C = Some c; C \<noteq> Object;D=super c\<rbrakk> \<Longrightarrow> G\<turnstile>C\<preceq>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	96	apply (auto dest: subcls_direct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	97	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	98
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	99	lemma subcls1I1:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	100	"\<lbrakk>class G C = Some c; C \<noteq> Object;D=super c\<rbrakk> \<Longrightarrow> G\<turnstile>C\<prec>\<^sub>C\<^sub>1 D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	101	apply (auto dest: subcls1I)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	102	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	103
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	104	lemma subcls_direct2:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	105	"\<lbrakk>class G C = Some c; C \<noteq> Object;D=super c\<rbrakk> \<Longrightarrow> G\<turnstile>C\<prec>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	106	apply (auto dest: subcls1I1)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	107	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	108
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	109	lemma subclseq_trans: "\<lbrakk>G\<turnstile>A \<preceq>\<^sub>C B; G\<turnstile>B \<preceq>\<^sub>C C\<rbrakk> \<Longrightarrow> G\<turnstile>A \<preceq>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	110	by (blast intro: rtrancl_trans)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	111
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	112	lemma subcls_trans: "\<lbrakk>G\<turnstile>A \<prec>\<^sub>C B; G\<turnstile>B \<prec>\<^sub>C C\<rbrakk> \<Longrightarrow> G\<turnstile>A \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	113	by (blast intro: trancl_trans)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	114
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	115	lemma SXcpt_subcls_Throwable_lemma:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	116	"\<lbrakk>class G (SXcpt xn) = Some xc;
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	117	super xc = (if xn = Throwable then Object else SXcpt Throwable)\<rbrakk>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	118	\<Longrightarrow> G\<turnstile>SXcpt xn\<preceq>\<^sub>C SXcpt Throwable"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	119	apply (case_tac "xn = Throwable")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	120	apply simp_all
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	121	apply (drule subcls_direct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	122	apply (auto dest: sym)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	123	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	124
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	125	lemma subcls_ObjectI: "\<lbrakk>is_class G C; ws_prog G\<rbrakk> \<Longrightarrow> G\<turnstile>C\<preceq>\<^sub>C Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	126	apply (erule ws_subcls1_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	127	apply clarsimp
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	128	apply (case_tac "C = Object")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	129	apply (fast intro: r_into_rtrancl [THEN rtrancl_trans])+
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	130	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	131
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	132	lemma subclseq_ObjectD [dest!]: "G\<turnstile>Object\<preceq>\<^sub>C C \<Longrightarrow> C = Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	133	apply (erule rtrancl_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	134	apply (auto dest: subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	135	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	136
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	137	lemma subcls_ObjectD [dest!]: "G\<turnstile>Object\<prec>\<^sub>C C \<Longrightarrow> False"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	138	apply (erule trancl_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	139	apply (auto dest: subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	140	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	141
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	142	lemma subcls_ObjectI1 [intro!]:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	143	"\<lbrakk>C \<noteq> Object;is_class G C;ws_prog G\<rbrakk> \<Longrightarrow> G\<turnstile>C \<prec>\<^sub>C Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	144	apply (drule (1) subcls_ObjectI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	145	apply (auto intro: rtrancl_into_trancl3)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	146	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	147
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	148	lemma subcls_is_class: "(C,D) \<in> (subcls1 G)^+ \<Longrightarrow> is_class G C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	149	apply (erule trancl_trans_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	150	apply (auto dest!: subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	151	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	152
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	153	lemma subcls_is_class2 [rule_format (no_asm)]:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	154	"G\<turnstile>C\<preceq>\<^sub>C D \<Longrightarrow> is_class G D \<longrightarrow> is_class G C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	155	apply (erule rtrancl_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	156	apply (drule_tac [2] subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	157	apply auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	158	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	159
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	160	lemma single_inheritance:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	161	"\<lbrakk>G\<turnstile>A \<prec>\<^sub>C\<^sub>1 B; G\<turnstile>A \<prec>\<^sub>C\<^sub>1 C\<rbrakk> \<Longrightarrow> B = C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	162	by (auto simp add: subcls1_def)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	163
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	164	lemma subcls_compareable:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	165	"\<lbrakk>G\<turnstile>A \<preceq>\<^sub>C X; G\<turnstile>A \<preceq>\<^sub>C Y
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	166	\<rbrakk> \<Longrightarrow> G\<turnstile>X \<preceq>\<^sub>C Y \<or> G\<turnstile>Y \<preceq>\<^sub>C X"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	167	by (rule triangle_lemma) (auto intro: single_inheritance)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	168
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	169	lemma subcls1_irrefl: "\<lbrakk>G\<turnstile>C \<prec>\<^sub>C\<^sub>1 D; ws_prog G \<rbrakk>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	170	\<Longrightarrow> C \<noteq> D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	171	proof
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	172	assume ws: "ws_prog G" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	173	subcls1: "G\<turnstile>C \<prec>\<^sub>C\<^sub>1 D" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	174	eq_C_D: "C=D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	175	from subcls1 obtain c
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	176	where
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	177	neq_C_Object: "C\<noteq>Object" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	178	clsC: "class G C = Some c" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	179	super_c: "super c = D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	180	by (auto simp add: subcls1_def)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	181	with super_c subcls1 eq_C_D
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	182	have subcls_super_c_C: "G\<turnstile>super c \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	183	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	184	from ws clsC neq_C_Object
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	185	have "\<not> G\<turnstile>super c \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	186	by (auto dest: ws_prog_cdeclD)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	187	from this subcls_super_c_C
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	188	show "False"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	189	by (rule notE)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	190	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	191
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	192	lemma no_subcls_Object: "G\<turnstile>C \<prec>\<^sub>C D \<Longrightarrow> C \<noteq> Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	193	by (erule converse_trancl_induct) (auto dest: subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	194
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	195	lemma subcls_acyclic: "\<lbrakk>G\<turnstile>C \<prec>\<^sub>C D; ws_prog G\<rbrakk> \<Longrightarrow> \<not> G\<turnstile>D \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	196	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	197	assume ws: "ws_prog G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	198	assume subcls_C_D: "G\<turnstile>C \<prec>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	199	then show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	200	proof (induct rule: converse_trancl_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	201	fix C
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	202	assume subcls1_C_D: "G\<turnstile>C \<prec>\<^sub>C\<^sub>1 D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	203	then obtain c where
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	204	"C\<noteq>Object" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	205	"class G C = Some c" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	206	"super c = D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	207	by (auto simp add: subcls1_def)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	208	with ws
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	209	show "\<not> G\<turnstile>D \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	210	by (auto dest: ws_prog_cdeclD)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	211	next
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	212	fix C Z
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	213	assume subcls1_C_Z: "G\<turnstile>C \<prec>\<^sub>C\<^sub>1 Z" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	214	subcls_Z_D: "G\<turnstile>Z \<prec>\<^sub>C D" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	215	nsubcls_D_Z: "\<not> G\<turnstile>D \<prec>\<^sub>C Z"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	216	show "\<not> G\<turnstile>D \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	217	proof
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	218	assume subcls_D_C: "G\<turnstile>D \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	219	show "False"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	220	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	221	from subcls_D_C subcls1_C_Z
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	222	have "G\<turnstile>D \<prec>\<^sub>C Z"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	223	by (auto dest: r_into_trancl trancl_trans)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	224	with nsubcls_D_Z
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	225	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	226	by (rule notE)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	227	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	228	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	229	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	230	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	231
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	232	lemma subclseq_cases [consumes 1, case_names Eq Subcls]:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	233	"\<lbrakk>G\<turnstile>C \<preceq>\<^sub>C D; C = D \<Longrightarrow> P; G\<turnstile>C \<prec>\<^sub>C D \<Longrightarrow> P\<rbrakk> \<Longrightarrow> P"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	234	by (blast intro: rtrancl_cases)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	235
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	236	lemma subclseq_acyclic:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	237	"\<lbrakk>G\<turnstile>C \<preceq>\<^sub>C D; G\<turnstile>D \<preceq>\<^sub>C C; ws_prog G\<rbrakk> \<Longrightarrow> C=D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	238	by (auto elim: subclseq_cases dest: subcls_acyclic)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	239
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	240	lemma subcls_irrefl: "\<lbrakk>G\<turnstile>C \<prec>\<^sub>C D; ws_prog G\<rbrakk>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	241	\<Longrightarrow> C \<noteq> D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	242	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	243	assume ws: "ws_prog G"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	244	assume subcls: "G\<turnstile>C \<prec>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	245	then show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	246	proof (induct rule: converse_trancl_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	247	fix C
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	248	assume "G\<turnstile>C \<prec>\<^sub>C\<^sub>1 D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	249	with ws
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	250	show "C\<noteq>D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	251	by (blast dest: subcls1_irrefl)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	252	next
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	253	fix C Z
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	254	assume subcls1_C_Z: "G\<turnstile>C \<prec>\<^sub>C\<^sub>1 Z" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	255	subcls_Z_D: "G\<turnstile>Z \<prec>\<^sub>C D" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	256	neq_Z_D: "Z \<noteq> D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	257	show "C\<noteq>D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	258	proof
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	259	assume eq_C_D: "C=D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	260	show "False"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	261	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	262	from subcls1_C_Z eq_C_D
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	263	have "G\<turnstile>D \<prec>\<^sub>C Z"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	264	by (auto)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	265	also
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	266	from subcls_Z_D ws
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	267	have "\<not> G\<turnstile>D \<prec>\<^sub>C Z"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	268	by (rule subcls_acyclic)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	269	ultimately
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	270	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	271	by - (rule notE)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	272	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	273	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	274	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	275	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	276
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	277	lemma invert_subclseq:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	278	"\<lbrakk>G\<turnstile>C \<preceq>\<^sub>C D; ws_prog G\<rbrakk>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	279	\<Longrightarrow> \<not> G\<turnstile>D \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	280	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	281	assume ws: "ws_prog G" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	282	subclseq_C_D: "G\<turnstile>C \<preceq>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	283	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	284	proof (cases "D=C")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	285	case True
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	286	with ws
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	287	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	288	by (auto dest: subcls_irrefl)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	289	next
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	290	case False
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	291	with subclseq_C_D
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	292	have "G\<turnstile>C \<prec>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	293	by (blast intro: rtrancl_into_trancl3)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	294	with ws
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	295	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	296	by (blast dest: subcls_acyclic)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	297	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	298	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	299
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	300	lemma invert_subcls:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	301	"\<lbrakk>G\<turnstile>C \<prec>\<^sub>C D; ws_prog G\<rbrakk>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	302	\<Longrightarrow> \<not> G\<turnstile>D \<preceq>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	303	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	304	assume ws: "ws_prog G" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	305	subcls_C_D: "G\<turnstile>C \<prec>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	306	then
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	307	have nsubcls_D_C: "\<not> G\<turnstile>D \<prec>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	308	by (blast dest: subcls_acyclic)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	309	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	310	proof
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	311	assume "G\<turnstile>D \<preceq>\<^sub>C C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	312	then show "False"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	313	proof (cases rule: subclseq_cases)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	314	case Eq
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	315	with ws subcls_C_D
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	316	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	317	by (auto dest: subcls_irrefl)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	318	next
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	319	case Subcls
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	320	with nsubcls_D_C
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	321	show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	322	by blast
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	323	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	324	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	325	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	326
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	327	lemma subcls_superD:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	328	"\<lbrakk>G\<turnstile>C \<prec>\<^sub>C D; class G C = Some c\<rbrakk> \<Longrightarrow> G\<turnstile>(super c) \<preceq>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	329	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	330	assume clsC: "class G C = Some c"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	331	assume subcls_C_C: "G\<turnstile>C \<prec>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	332	then obtain S where
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	333	"G\<turnstile>C \<prec>\<^sub>C\<^sub>1 S" and
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	334	subclseq_S_D: "G\<turnstile>S \<preceq>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	335	by (blast dest: tranclD)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	336	with clsC
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	337	have "S=super c"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	338	by (auto dest: subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	339	with subclseq_S_D show ?thesis by simp
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	340	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	341
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	342
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	343	lemma subclseq_superD:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	344	"\<lbrakk>G\<turnstile>C \<preceq>\<^sub>C D; C\<noteq>D;class G C = Some c\<rbrakk> \<Longrightarrow> G\<turnstile>(super c) \<preceq>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	345	proof -
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	346	assume neq_C_D: "C\<noteq>D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	347	assume clsC: "class G C = Some c"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	348	assume subclseq_C_D: "G\<turnstile>C \<preceq>\<^sub>C D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	349	then show ?thesis
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	350	proof (cases rule: subclseq_cases)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	351	case Eq with neq_C_D show ?thesis by contradiction
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	352	next
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	353	case Subcls
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	354	with clsC show ?thesis by (blast dest: subcls_superD)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	355	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	356	qed
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	357
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	358	section "implementation relation"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	359
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	360	defs
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	361	--{* direct implementation, cf. 8.1.3 *}
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	362	implmt1_def:"implmt1 G\<equiv>{(C,I). C\<noteq>Object \<and> (\<exists>c\<in>class G C: I\<in>set (superIfs c))}"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	363
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	364	lemma implmt1D: "G\<turnstile>C\<leadsto>1I \<Longrightarrow> C\<noteq>Object \<and> (\<exists>c\<in>class G C: I\<in>set (superIfs c))"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	365	apply (unfold implmt1_def)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	366	apply auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	367	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	368
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	369
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	370	inductive "implmt G" intros --{* cf. 8.1.4 *}
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	371
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	372	direct: "G\<turnstile>C\<leadsto>1J \<spacespace>\<spacespace> \<Longrightarrow> G\<turnstile>C\<leadsto>J"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	373	subint: "\<lbrakk>G\<turnstile>C\<leadsto>1I; G\<turnstile>I\<preceq>I J\<rbrakk> \<Longrightarrow> G\<turnstile>C\<leadsto>J"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	374	subcls1: "\<lbrakk>G\<turnstile>C\<prec>\<^sub>C\<^sub>1D; G\<turnstile>D\<leadsto>J \<rbrakk> \<Longrightarrow> G\<turnstile>C\<leadsto>J"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	375
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	376	lemma implmtD: "G\<turnstile>C\<leadsto>J \<Longrightarrow> (\<exists>I. G\<turnstile>C\<leadsto>1I \<and> G\<turnstile>I\<preceq>I J) \<or> (\<exists>D. G\<turnstile>C\<prec>\<^sub>C\<^sub>1D \<and> G\<turnstile>D\<leadsto>J)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	377	apply (erule implmt.induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	378	apply fast+
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	379	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	380
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	381	lemma implmt_ObjectE [elim!]: "G\<turnstile>Object\<leadsto>I \<Longrightarrow> R"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	382	by (auto dest!: implmtD implmt1D subcls1D)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	383
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	384	lemma subcls_implmt [rule_format (no_asm)]: "G\<turnstile>A\<preceq>\<^sub>C B \<Longrightarrow> G\<turnstile>B\<leadsto>K \<longrightarrow> G\<turnstile>A\<leadsto>K"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	385	apply (erule rtrancl_induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	386	apply (auto intro: implmt.subcls1)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	387	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	388
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	389	lemma implmt_subint2: "\<lbrakk> G\<turnstile>A\<leadsto>J; G\<turnstile>J\<preceq>I K\<rbrakk> \<Longrightarrow> G\<turnstile>A\<leadsto>K"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	390	apply (erule make_imp, erule implmt.induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	391	apply (auto dest: implmt.subint rtrancl_trans implmt.subcls1)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	392	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	393
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	394	lemma implmt_is_class: "G\<turnstile>C\<leadsto>I \<Longrightarrow> is_class G C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	395	apply (erule implmt.induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	396	apply (blast dest: implmt1D subcls1D)+
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	397	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	398
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	399
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	400	section "widening relation"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	401
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	402	inductive "widen G" intros
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	403	--{*widening, viz. method invocation conversion, cf. 5.3
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	404	i.e. kind of syntactic subtyping *}
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	405	refl: "G\<turnstile>T\<preceq>T" --{identity conversion, cf. 5.1.1 }
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	406	subint: "G\<turnstile>I\<preceq>I J \<Longrightarrow> G\<turnstile>Iface I\<preceq> Iface J" --{wid.ref.conv.,cf. 5.1.4 }
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	407	int_obj: "G\<turnstile>Iface I\<preceq> Class Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	408	subcls: "G\<turnstile>C\<preceq>\<^sub>C D \<Longrightarrow> G\<turnstile>Class C\<preceq> Class D"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	409	implmt: "G\<turnstile>C\<leadsto>I \<Longrightarrow> G\<turnstile>Class C\<preceq> Iface I"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	410	null: "G\<turnstile>NT\<preceq> RefT R"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	411	arr_obj: "G\<turnstile>T.[]\<preceq> Class Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	412	array: "G\<turnstile>RefT S\<preceq>RefT T \<Longrightarrow> G\<turnstile>RefT S.[]\<preceq> RefT T.[]"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	413
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	414	declare widen.refl [intro!]
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	415	declare widen.intros [simp]
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	416
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	417	(* too strong in general:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	418	lemma widen_PrimT: "G\<turnstile>PrimT x\<preceq>T \<Longrightarrow> T = PrimT x"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	419	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	420	lemma widen_PrimT: "G\<turnstile>PrimT x\<preceq>T \<Longrightarrow> (\<exists>y. T = PrimT y)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	421	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	422	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	423
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	424	(* too strong in general:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	425	lemma widen_PrimT2: "G\<turnstile>S\<preceq>PrimT x \<Longrightarrow> S = PrimT x"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	426	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	427	lemma widen_PrimT2: "G\<turnstile>S\<preceq>PrimT x \<Longrightarrow> \<exists>y. S = PrimT y"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	428	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	429	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	430
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	431	text {*
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	432	These widening lemmata hold in Bali but are to strong for ordinary
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	433	Java. They would not work for real Java Integral Types, like short,
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	434	long, int. These lemmata are just for documentation and are not used.
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	435	*}
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	436
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	437	lemma widen_PrimT_strong: "G\<turnstile>PrimT x\<preceq>T \<Longrightarrow> T = PrimT x"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	438	by (ind_cases "G\<turnstile>S\<preceq>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	439
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	440	lemma widen_PrimT2_strong: "G\<turnstile>S\<preceq>PrimT x \<Longrightarrow> S = PrimT x"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	441	by (ind_cases "G\<turnstile>S\<preceq>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	442
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	443	text {* Specialized versions for booleans also would work for real Java *}
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	444
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	445	lemma widen_Boolean: "G\<turnstile>PrimT Boolean\<preceq>T \<Longrightarrow> T = PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	446	by (ind_cases "G\<turnstile>S\<preceq>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	447
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	448	lemma widen_Boolean2: "G\<turnstile>S\<preceq>PrimT Boolean \<Longrightarrow> S = PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	449	by (ind_cases "G\<turnstile>S\<preceq>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	450
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	451	lemma widen_RefT: "G\<turnstile>RefT R\<preceq>T \<Longrightarrow> \<exists>t. T=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	452	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	453	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	454
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	455	lemma widen_RefT2: "G\<turnstile>S\<preceq>RefT R \<Longrightarrow> \<exists>t. S=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	456	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	457	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	458
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	459	lemma widen_Iface: "G\<turnstile>Iface I\<preceq>T \<Longrightarrow> T=Class Object \<or> (\<exists>J. T=Iface J)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	460	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	461	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	462
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	463	lemma widen_Iface2: "G\<turnstile>S\<preceq> Iface J \<Longrightarrow> S = NT \<or> (\<exists>I. S = Iface I) \<or> (\<exists>D. S = Class D)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	464	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	465	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	466
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	467	lemma widen_Iface_Iface: "G\<turnstile>Iface I\<preceq> Iface J \<Longrightarrow> G\<turnstile>I\<preceq>I J"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	468	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	469	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	470
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	471	lemma widen_Iface_Iface_eq [simp]: "G\<turnstile>Iface I\<preceq> Iface J = G\<turnstile>I\<preceq>I J"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	472	apply (rule iffI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	473	apply (erule widen_Iface_Iface)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	474	apply (erule widen.subint)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	475	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	476
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	477	lemma widen_Class: "G\<turnstile>Class C\<preceq>T \<Longrightarrow> (\<exists>D. T=Class D) \<or> (\<exists>I. T=Iface I)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	478	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	479	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	480
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	481	lemma widen_Class2: "G\<turnstile>S\<preceq> Class C \<Longrightarrow> C = Object \<or> S = NT \<or> (\<exists>D. S = Class D)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	482	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	483	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	484
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	485	lemma widen_Class_Class: "G\<turnstile>Class C\<preceq> Class cm \<Longrightarrow> G\<turnstile>C\<preceq>\<^sub>C cm"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	486	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	487	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	488
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	489	lemma widen_Class_Class_eq [simp]: "G\<turnstile>Class C\<preceq> Class cm = G\<turnstile>C\<preceq>\<^sub>C cm"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	490	apply (rule iffI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	491	apply (erule widen_Class_Class)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	492	apply (erule widen.subcls)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	493	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	494
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	495	lemma widen_Class_Iface: "G\<turnstile>Class C\<preceq> Iface I \<Longrightarrow> G\<turnstile>C\<leadsto>I"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	496	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	497	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	498
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	499	lemma widen_Class_Iface_eq [simp]: "G\<turnstile>Class C\<preceq> Iface I = G\<turnstile>C\<leadsto>I"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	500	apply (rule iffI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	501	apply (erule widen_Class_Iface)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	502	apply (erule widen.implmt)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	503	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	504
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	505	lemma widen_Array: "G\<turnstile>S.[]\<preceq>T \<Longrightarrow> T=Class Object \<or> (\<exists>T'. T=T'.[] \<and> G\<turnstile>S\<preceq>T')"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	506	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	507	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	508
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	509	lemma widen_Array2: "G\<turnstile>S\<preceq>T.[] \<Longrightarrow> S = NT \<or> (\<exists>S'. S=S'.[] \<and> G\<turnstile>S'\<preceq>T)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	510	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	511	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	512
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	513
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	514	lemma widen_ArrayPrimT: "G\<turnstile>PrimT t.[]\<preceq>T \<Longrightarrow> T=Class Object \<or> T=PrimT t.[]"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	515	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	516	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	517
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	518	lemma widen_ArrayRefT:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	519	"G\<turnstile>RefT t.[]\<preceq>T \<Longrightarrow> T=Class Object \<or> (\<exists>s. T=RefT s.[] \<and> G\<turnstile>RefT t\<preceq>RefT s)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	520	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	521	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	522
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	523	lemma widen_ArrayRefT_ArrayRefT_eq [simp]:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	524	"G\<turnstile>RefT T.[]\<preceq>RefT T'.[] = G\<turnstile>RefT T\<preceq>RefT T'"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	525	apply (rule iffI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	526	apply (drule widen_ArrayRefT)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	527	apply simp
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	528	apply (erule widen.array)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	529	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	530
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	531	lemma widen_Array_Array: "G\<turnstile>T.[]\<preceq>T'.[] \<Longrightarrow> G\<turnstile>T\<preceq>T'"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	532	apply (drule widen_Array)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	533	apply auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	534	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	535
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	536	lemma widen_Array_Class: "G\<turnstile>S.[] \<preceq> Class C \<Longrightarrow> C=Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	537	by (auto dest: widen_Array)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	538
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	539
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	540	lemma widen_NT2: "G\<turnstile>S\<preceq>NT \<Longrightarrow> S = NT"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	541	apply (ind_cases "G\<turnstile>S\<preceq>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	542	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	543
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	544	lemma widen_Object:"\<lbrakk>isrtype G T;ws_prog G\<rbrakk> \<Longrightarrow> G\<turnstile>RefT T \<preceq> Class Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	545	apply (case_tac T)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	546	apply (auto)
14700 2f885b7e5ba7 reimplementation of HOL records; only one type is created for schirmer parents: 14674 diff changeset	547	apply (subgoal_tac "G\<turnstile>qtname_ext_type\<preceq>\<^sub>C Object")
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	548	apply (auto intro: subcls_ObjectI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	549	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	550
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	551	lemma widen_trans_lemma [rule_format (no_asm)]:
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	552	"\<lbrakk>G\<turnstile>S\<preceq>U; \<forall>C. is_class G C \<longrightarrow> G\<turnstile>C\<preceq>\<^sub>C Object\<rbrakk> \<Longrightarrow> \<forall>T. G\<turnstile>U\<preceq>T \<longrightarrow> G\<turnstile>S\<preceq>T"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	553	apply (erule widen.induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	554	apply safe
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	555	prefer 5 apply (drule widen_RefT) apply clarsimp
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	556	apply (frule_tac [1] widen_Iface)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	557	apply (frule_tac [2] widen_Class)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	558	apply (frule_tac [3] widen_Class)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	559	apply (frule_tac [4] widen_Iface)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	560	apply (frule_tac [5] widen_Class)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	561	apply (frule_tac [6] widen_Array)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	562	apply safe
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	563	apply (rule widen.int_obj)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	564	prefer 6 apply (drule implmt_is_class) apply simp
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	565	apply (tactic "ALLGOALS (etac thin_rl)")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	566	prefer 6 apply simp
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	567	apply (rule_tac [9] widen.arr_obj)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	568	apply (rotate_tac [9] -1)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	569	apply (frule_tac [9] widen_RefT)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	570	apply (auto elim!: rtrancl_trans subcls_implmt implmt_subint2)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	571	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	572
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	573	lemma ws_widen_trans: "\<lbrakk>G\<turnstile>S\<preceq>U; G\<turnstile>U\<preceq>T; ws_prog G\<rbrakk> \<Longrightarrow> G\<turnstile>S\<preceq>T"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	574	by (auto intro: widen_trans_lemma subcls_ObjectI)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	575
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	576	lemma widen_antisym_lemma [rule_format (no_asm)]: "\<lbrakk>G\<turnstile>S\<preceq>T;
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	577	\<forall>I J. G\<turnstile>I\<preceq>I J \<and> G\<turnstile>J\<preceq>I I \<longrightarrow> I = J;
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	578	\<forall>C D. G\<turnstile>C\<preceq>\<^sub>C D \<and> G\<turnstile>D\<preceq>\<^sub>C C \<longrightarrow> C = D;
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	579	\<forall>I . G\<turnstile>Object\<leadsto>I \<longrightarrow> False\<rbrakk> \<Longrightarrow> G\<turnstile>T\<preceq>S \<longrightarrow> S = T"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	580	apply (erule widen.induct)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	581	apply (auto dest: widen_Iface widen_NT2 widen_Class)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	582	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	583
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	584	lemmas subint_antisym =
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	585	subint1_acyclic [THEN acyclic_impl_antisym_rtrancl, standard]
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	586	lemmas subcls_antisym =
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	587	subcls1_acyclic [THEN acyclic_impl_antisym_rtrancl, standard]
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	588
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	589	lemma widen_antisym: "\<lbrakk>G\<turnstile>S\<preceq>T; G\<turnstile>T\<preceq>S; ws_prog G\<rbrakk> \<Longrightarrow> S=T"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	590	by (fast elim: widen_antisym_lemma subint_antisym [THEN antisymD]
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	591	subcls_antisym [THEN antisymD])
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	592
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	593	lemma widen_ObjectD [dest!]: "G\<turnstile>Class Object\<preceq>T \<Longrightarrow> T=Class Object"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	594	apply (frule widen_Class)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	595	apply (fast dest: widen_Class_Class widen_Class_Iface)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	596	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	597
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	598	constdefs
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	599	widens :: "prog \<Rightarrow> [ty list, ty list] \<Rightarrow> bool" ("_\<turnstile>_[\<preceq>]_" [71,71,71] 70)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	600	"G\<turnstile>Ts[\<preceq>]Ts' \<equiv> list_all2 (\<lambda>T T'. G\<turnstile>T\<preceq>T') Ts Ts'"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	601
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	602	lemma widens_Nil [simp]: "G\<turnstile>[][\<preceq>][]"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	603	apply (unfold widens_def)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	604	apply auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	605	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	606
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	607	lemma widens_Cons [simp]: "G\<turnstile>(S#Ss)[\<preceq>](T#Ts) = (G\<turnstile>S\<preceq>T \<and> G\<turnstile>Ss[\<preceq>]Ts)"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	608	apply (unfold widens_def)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	609	apply auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	610	done
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	611
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	612
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	613	section "narrowing relation"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	614
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	615	(* all properties of narrowing and casting conversions we actually need *)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	616	(* these can easily be proven from the definitions below *)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	617	(*
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	618	rules
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	619	cast_RefT2 "G\<turnstile>S\<preceq>? RefT R \<Longrightarrow> \<exists>t. S=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	620	cast_PrimT2 "G\<turnstile>S\<preceq>? PrimT pt \<Longrightarrow> \<exists>t. S=PrimT t \<and> G\<turnstile>PrimT t\<preceq>PrimT pt"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	621	*)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	622
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	623	(* more detailed than necessary for type-safety, see above rules. *)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	624	inductive "narrow G" intros (* narrowing reference conversion, cf. 5.1.5 *)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	625
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	626	subcls: "G\<turnstile>C\<preceq>\<^sub>C D \<Longrightarrow> G\<turnstile> Class D\<succ>Class C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	627	implmt: "\<not>G\<turnstile>C\<leadsto>I \<Longrightarrow> G\<turnstile> Class C\<succ>Iface I"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	628	obj_arr: "G\<turnstile>Class Object\<succ>T.[]"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	629	int_cls: "G\<turnstile> Iface I\<succ>Class C"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	630	subint: "imethds G I hidings imethds G J entails
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	631	(\<lambda>(md, mh ) (md',mh').\<spacespace>G\<turnstile>mrt mh\<preceq>mrt mh') \<Longrightarrow>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	632	\<not>G\<turnstile>I\<preceq>I J \<spacespace>\<spacespace>\<spacespace>\<Longrightarrow> G\<turnstile> Iface I\<succ>Iface J"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	633	array: "G\<turnstile>RefT S\<succ>RefT T \<spacespace>\<Longrightarrow> G\<turnstile> RefT S.[]\<succ>RefT T.[]"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	634
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	635	(unused)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	636	lemma narrow_RefT: "G\<turnstile>RefT R\<succ>T \<Longrightarrow> \<exists>t. T=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	637	apply (ind_cases "G\<turnstile>S\<succ>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	638	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	639
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	640	lemma narrow_RefT2: "G\<turnstile>S\<succ>RefT R \<Longrightarrow> \<exists>t. S=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	641	apply (ind_cases "G\<turnstile>S\<succ>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	642	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	643
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	644	(unused)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	645	lemma narrow_PrimT: "G\<turnstile>PrimT pt\<succ>T \<Longrightarrow> \<exists>t. T=PrimT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	646	apply (ind_cases "G\<turnstile>S\<succ>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	647	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	648
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	649	lemma narrow_PrimT2: "G\<turnstile>S\<succ>PrimT pt \<Longrightarrow>
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	650	\<exists>t. S=PrimT t \<and> G\<turnstile>PrimT t\<preceq>PrimT pt"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	651	apply (ind_cases "G\<turnstile>S\<succ>T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	652	by auto
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	653
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	654	text {*
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	655	These narrowing lemmata hold in Bali but are to strong for ordinary
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	656	Java. They would not work for real Java Integral Types, like short,
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	657	long, int. These lemmata are just for documentation and are not used.
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	658	*}
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	659	lemma narrow_PrimT_strong: "G\<turnstile>PrimT pt\<succ>T \<Longrightarrow> T=PrimT pt"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	660	by (ind_cases "G\<turnstile>S\<succ>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	661
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	662	lemma narrow_PrimT2_strong: "G\<turnstile>S\<succ>PrimT pt \<Longrightarrow> S=PrimT pt"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	663	by (ind_cases "G\<turnstile>S\<succ>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	664
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	665	text {* Specialized versions for booleans also would work for real Java *}
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	666
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	667	lemma narrow_Boolean: "G\<turnstile>PrimT Boolean\<succ>T \<Longrightarrow> T=PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	668	by (ind_cases "G\<turnstile>S\<succ>T") simp_all
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	669
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	670	lemma narrow_Boolean2: "G\<turnstile>S\<succ>PrimT Boolean \<Longrightarrow> S=PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	671	by (ind_cases "G\<turnstile>S\<succ>T") simp_all
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	672
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	673	section "casting relation"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	674
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	675	inductive "cast G" intros --{* casting conversion, cf. 5.5 *}
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	676
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	677	widen: "G\<turnstile>S\<preceq>T \<Longrightarrow> G\<turnstile>S\<preceq>? T"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	678	narrow: "G\<turnstile>S\<succ>T \<Longrightarrow> G\<turnstile>S\<preceq>? T"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	679
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	680	(unused)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	681	lemma cast_RefT: "G\<turnstile>RefT R\<preceq>? T \<Longrightarrow> \<exists>t. T=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	682	apply (ind_cases "G\<turnstile>S\<preceq>? T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	683	by (auto dest: widen_RefT narrow_RefT)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	684
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	685	lemma cast_RefT2: "G\<turnstile>S\<preceq>? RefT R \<Longrightarrow> \<exists>t. S=RefT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	686	apply (ind_cases "G\<turnstile>S\<preceq>? T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	687	by (auto dest: widen_RefT2 narrow_RefT2)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	688
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	689	(unused)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	690	lemma cast_PrimT: "G\<turnstile>PrimT pt\<preceq>? T \<Longrightarrow> \<exists>t. T=PrimT t"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	691	apply (ind_cases "G\<turnstile>S\<preceq>? T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	692	by (auto dest: widen_PrimT narrow_PrimT)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	693
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	694	lemma cast_PrimT2: "G\<turnstile>S\<preceq>? PrimT pt \<Longrightarrow> \<exists>t. S=PrimT t \<and> G\<turnstile>PrimT t\<preceq>PrimT pt"
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	695	apply (ind_cases "G\<turnstile>S\<preceq>? T")
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	696	by (auto dest: widen_PrimT2 narrow_PrimT2)
00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	697
13688 a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	698	lemma cast_Boolean:
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	699	assumes bool_cast: "G\<turnstile>PrimT Boolean\<preceq>? T"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	700	shows "T=PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	701	using bool_cast
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	702	proof (cases)
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	703	case widen
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	704	hence "G\<turnstile>PrimT Boolean\<preceq> T"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	705	by simp
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	706	thus ?thesis by (rule widen_Boolean)
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	707	next
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	708	case narrow
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	709	hence "G\<turnstile>PrimT Boolean\<succ>T"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	710	by simp
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	711	thus ?thesis by (rule narrow_Boolean)
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	712	qed
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	713
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	714	lemma cast_Boolean2:
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	715	assumes bool_cast: "G\<turnstile>S\<preceq>? PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	716	shows "S = PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	717	using bool_cast
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	718	proof (cases)
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	719	case widen
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	720	hence "G\<turnstile>S\<preceq> PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	721	by simp
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	722	thus ?thesis by (rule widen_Boolean2)
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	723	next
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	724	case narrow
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	725	hence "G\<turnstile>S\<succ>PrimT Boolean"
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	726	by simp
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	727	thus ?thesis by (rule narrow_Boolean2)
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	728	qed
a0b16d42d489 "Definite Assignment Analysis" included, with proof of correctness. Large adjustments of type safety proof and soundness proof of the axiomatic semantics were necessary. Completeness proof of the loop rule of the axiomatic semantic was altered. So the additional polymorphic variants of some rules could be removed. schirmer parents: 12858 diff changeset	729
12854 00d4a435777f Isabelle/Bali sources; schirmer parents: diff changeset	730	end

author	paulson
	Fri, 29 Oct 2004 15:16:02 +0200
changeset 15270	8b3f707a78a7
parent 14981	e73f8140af78
child 16417	9bc16273c2d4
permissions	-rw-r--r--