isabelle: comparison src/HOL/MicroJava/BV/Correct.thy

equal deleted inserted replaced

-:4dc65845eab3
+:d8d7d1b785af
 theory Correct
 imports BVSpec "../JVM/JVMExec"
 begin
-constdefs
+definition approx_val :: "[jvm_prog,aheap,val,ty err] \<Rightarrow> bool" where
-approx_val :: "[jvm_prog,aheap,val,ty err] \<Rightarrow> bool"
 "approx_val G h v any == case any of Err \<Rightarrow> True | OK T \<Rightarrow> G,h\<turnstile>v::\<preceq>T"
-approx_loc :: "[jvm_prog,aheap,val list,locvars_type] \<Rightarrow> bool"
+definition approx_loc :: "[jvm_prog,aheap,val list,locvars_type] \<Rightarrow> bool" where
 "approx_loc G hp loc LT == list_all2 (approx_val G hp) loc LT"
-approx_stk :: "[jvm_prog,aheap,opstack,opstack_type] \<Rightarrow> bool"
+definition approx_stk :: "[jvm_prog,aheap,opstack,opstack_type] \<Rightarrow> bool" where
 "approx_stk G hp stk ST == approx_loc G hp stk (map OK ST)"
-correct_frame  :: "[jvm_prog,aheap,state_type,nat,bytecode] \<Rightarrow> frame \<Rightarrow> bool"
+definition correct_frame  :: "[jvm_prog,aheap,state_type,nat,bytecode] \<Rightarrow> frame \<Rightarrow> bool" where
 "correct_frame G hp == \<lambda>(ST,LT) maxl ins (stk,loc,C,sig,pc).
 approx_stk G hp stk ST  \<and> approx_loc G hp loc LT \<and>
 pc < length ins \<and> length loc=length(snd sig)+maxl+1"
+primrec correct_frames  :: "[jvm_prog,aheap,prog_type,ty,sig,frame list] \<Rightarrow> bool" where
-consts
+"correct_frames G hp phi rT0 sig0 [] = True"
-correct_frames  :: "[jvm_prog,aheap,prog_type,ty,sig,frame list] \<Rightarrow> bool"
+| "correct_frames G hp phi rT0 sig0 (f#frs) =
-primrec
+(let (stk,loc,C,sig,pc) = f in
-"correct_frames G hp phi rT0 sig0 [] = True"
+(\<exists>ST LT rT maxs maxl ins et.
+phi C sig ! pc = Some (ST,LT) \<and> is_class G C \<and>
-"correct_frames G hp phi rT0 sig0 (f#frs) =
+method (G,C) sig = Some(C,rT,(maxs,maxl,ins,et)) \<and>
-(let (stk,loc,C,sig,pc) = f in
+(\<exists>C' mn pTs. ins!pc = (Invoke C' mn pTs) \<and>
-(\<exists>ST LT rT maxs maxl ins et.
+(mn,pTs) = sig0 \<and>
-phi C sig ! pc = Some (ST,LT) \<and> is_class G C \<and>
+(\<exists>apTs D ST' LT'.
-method (G,C) sig = Some(C,rT,(maxs,maxl,ins,et)) \<and>
+(phi C sig)!pc = Some ((rev apTs) @ (Class D) # ST', LT') \<and>
-(\<exists>C' mn pTs. ins!pc = (Invoke C' mn pTs) \<and>
+length apTs = length pTs \<and>
-(mn,pTs) = sig0 \<and>
+(\<exists>D' rT' maxs' maxl' ins' et'.
-(\<exists>apTs D ST' LT'.
+method (G,D) sig0 = Some(D',rT',(maxs',maxl',ins',et')) \<and>
-(phi C sig)!pc = Some ((rev apTs) @ (Class D) # ST', LT') \<and>
+G \<turnstile> rT0 \<preceq> rT') \<and>
-length apTs = length pTs \<and>
+correct_frame G hp (ST, LT) maxl ins f \<and>
-(\<exists>D' rT' maxs' maxl' ins' et'.
+correct_frames G hp phi rT sig frs))))"
-method (G,D) sig0 = Some(D',rT',(maxs',maxl',ins',et')) \<and>
-G \<turnstile> rT0 \<preceq> rT') \<and>
+definition correct_state :: "[jvm_prog,prog_type,jvm_state] \<Rightarrow> bool"
-correct_frame G hp (ST, LT) maxl ins f \<and>
+("_,_ |-JVM _ [ok]"  [51,51] 50) where
-correct_frames G hp phi rT sig frs))))"
-constdefs
-correct_state :: "[jvm_prog,prog_type,jvm_state] \<Rightarrow> bool"
-("_,_ |-JVM _ [ok]"  [51,51] 50)
 "correct_state G phi == \<lambda>(xp,hp,frs).
 case xp of
 None \<Rightarrow> (case frs of
 [] \<Rightarrow> True
 | (f#fs) \<Rightarrow> G\<turnstile>h hp\<surd> \<and> preallocated hp \<and>

changeset 35416	d8d7d1b785af
parent 33954	1bc3b688548c
child 35417	47ee18b6ae32