diff -r c8283b7f0791 -r 1263d1143bab src/HOL/Bali/TypeSafe.thy --- a/src/HOL/Bali/TypeSafe.thy Fri Nov 15 21:43:22 2024 +0100 +++ b/src/HOL/Bali/TypeSafe.thy Fri Nov 15 23:20:24 2024 +0100 @@ -1614,87 +1614,73 @@ from eval_e1 have s0_s1:"dom (locals (store s0)) \ dom (locals (store s1))" by (rule dom_locals_eval_mono_elim) - { - assume condAnd: "binop=CondAnd" - have ?thesis - proof - - from da obtain E2' where - "\prg=G,cls=accC,lcl=L\ + consider (condAnd) "binop=CondAnd" | (condOr) "binop=CondOr" | (notAndOr) "binop\CondAnd" "binop\CondOr" + by (cases binop) auto + then show ?thesis + proof cases + case condAnd + from da obtain E2' where + "\prg=G,cls=accC,lcl=L\ \ dom (locals (store s0)) \ assigns_if True e1 \\e2\\<^sub>e\ E2'" - by cases (simp add: condAnd)+ - moreover - have "dom (locals (store s0)) + by cases (simp add: condAnd)+ + moreover + have "dom (locals (store s0)) \ assigns_if True e1 \ dom (locals (store s1))" - proof - - from condAnd wt_binop have e1T: "e1T=PrimT Boolean" - by simp - with normal_s1 conf_v1 obtain b where "v1=Bool b" - by (auto dest: conf_Boolean) - with True condAnd - have v1: "v1=Bool True" - by simp - from eval_e1 normal_s1 - have "assigns_if True e1 \ dom (locals (store s1))" - by (rule assigns_if_good_approx' [elim_format]) - (insert wt_e1, simp_all add: e1T v1) - with s0_s1 show ?thesis by (rule Un_least) - qed - ultimately - show ?thesis - using that by (cases rule: da_weakenE) (simp add: True) + proof - + from condAnd wt_binop have e1T: "e1T=PrimT Boolean" + by simp + with normal_s1 conf_v1 obtain b where "v1=Bool b" + by (auto dest: conf_Boolean) + with True condAnd + have v1: "v1=Bool True" + by simp + from eval_e1 normal_s1 + have "assigns_if True e1 \ dom (locals (store s1))" + by (rule assigns_if_good_approx' [elim_format]) + (insert wt_e1, simp_all add: e1T v1) + with s0_s1 show ?thesis by (rule Un_least) qed - } - moreover - { - assume condOr: "binop=CondOr" - have ?thesis + ultimately show ?thesis + using that by (cases rule: da_weakenE) (simp add: True) + next + case condOr (* Beweis durch Analogie/Example/Pattern?, True\False; And\Or *) - proof - - from da obtain E2' where - "\prg=G,cls=accC,lcl=L\ + from da obtain E2' where + "\prg=G,cls=accC,lcl=L\ \ dom (locals (store s0)) \ assigns_if False e1 \\e2\\<^sub>e\ E2'" - by cases (simp add: condOr)+ - moreover - have "dom (locals (store s0)) + by cases (simp add: condOr)+ + moreover + have "dom (locals (store s0)) \ assigns_if False e1 \ dom (locals (store s1))" - proof - - from condOr wt_binop have e1T: "e1T=PrimT Boolean" - by simp - with normal_s1 conf_v1 obtain b where "v1=Bool b" - by (auto dest: conf_Boolean) - with True condOr - have v1: "v1=Bool False" - by simp - from eval_e1 normal_s1 - have "assigns_if False e1 \ dom (locals (store s1))" - by (rule assigns_if_good_approx' [elim_format]) - (insert wt_e1, simp_all add: e1T v1) - with s0_s1 show ?thesis by (rule Un_least) - qed - ultimately - show ?thesis - using that by (rule da_weakenE) (simp add: True) + proof - + from condOr wt_binop have e1T: "e1T=PrimT Boolean" + by simp + with normal_s1 conf_v1 obtain b where "v1=Bool b" + by (auto dest: conf_Boolean) + with True condOr + have v1: "v1=Bool False" + by simp + from eval_e1 normal_s1 + have "assigns_if False e1 \ dom (locals (store s1))" + by (rule assigns_if_good_approx' [elim_format]) + (insert wt_e1, simp_all add: e1T v1) + with s0_s1 show ?thesis by (rule Un_least) qed - } - moreover - { - assume notAndOr: "binop\CondAnd" "binop\CondOr" - have ?thesis - proof - - from da notAndOr obtain E1' where - da_e1: "\prg=G,cls=accC,lcl=L\ + ultimately show ?thesis + using that by (rule da_weakenE) (simp add: True) + next + case notAndOr + from da notAndOr obtain E1' where + da_e1: "\prg=G,cls=accC,lcl=L\ \ dom (locals (store s0)) \\e1\\<^sub>e\ E1'" - and da_e2: "\prg=G,cls=accC,lcl=L\\ nrm E1' \In1l e2\ A" - by cases simp+ - from eval_e1 wt_e1 da_e1 wf normal_s1 - have "nrm E1' \ dom (locals (store s1))" - by (cases rule: da_good_approxE') iprover - with da_e2 show ?thesis - using that by (rule da_weakenE) (simp add: True) - qed - } - ultimately show ?thesis - by (cases binop) auto + and da_e2: "\prg=G,cls=accC,lcl=L\\ nrm E1' \In1l e2\ A" + by cases simp+ + from eval_e1 wt_e1 da_e1 wf normal_s1 + have "nrm E1' \ dom (locals (store s1))" + by (cases rule: da_good_approxE') iprover + with da_e2 show ?thesis + using that by (rule da_weakenE) (simp add: True) + qed qed thus ?thesis .. qed @@ -2503,20 +2489,18 @@ from error_free_s1 s2 have error_free_s2: "error_free s2" by simp - { - assume norm_s2: "normal s2" - have "G,L,store s2\In1l (Cast castT e)\In1 v\\T" - proof - - from s2 norm_s2 have "normal s1" - by (cases s1) simp - with v_ok - have "G,store s1\v\\eT" - by simp - with eT wf s2 T norm_s2 - show ?thesis - by (cases s1) (auto dest: fits_conf) - qed - } + have "G,L,store s2\In1l (Cast castT e)\In1 v\\T" + if norm_s2: "normal s2" + proof - + from s2 norm_s2 have "normal s1" + by (cases s1) simp + with v_ok + have "G,store s1\v\\eT" + by simp + with eT wf s2 T norm_s2 + show ?thesis + by (cases s1) (auto dest: fits_conf) + qed with conf_s2 error_free_s2 show "s2\\(G, L) \ (normal s2 \ G,L,store s2\In1l (Cast castT e)\In1 v\\T) \ @@ -2700,24 +2684,22 @@ da_v: "\prg=G,cls=accC,lcl=L\ \ dom (locals (store ((Norm s0)::state))) \In2 v\ V" by (cases "\ n. v=LVar n") (insert da.LVar, auto elim!: da_elim_cases) - { - fix n assume lvar: "v=LVar n" - have "locals (store s1) n \ None" + have lvar_in_locals: "locals (store s1) n \ None" + if lvar: "v=LVar n" for n + proof - + from Acc.prems lvar have + "n \ dom (locals s0)" + by (cases "\ n. v=LVar n") (auto elim!: da_elim_cases) + also + have "dom (locals s0) \ dom (locals (store s1))" proof - - from Acc.prems lvar have - "n \ dom (locals s0)" - by (cases "\ n. v=LVar n") (auto elim!: da_elim_cases) - also - have "dom (locals s0) \ dom (locals (store s1))" - proof - - from \G\Norm s0 \v=\(w, upd)\ s1\ - show ?thesis - by (rule dom_locals_eval_mono_elim) simp - qed - finally show ?thesis - by blast + from \G\Norm s0 \v=\(w, upd)\ s1\ + show ?thesis + by (rule dom_locals_eval_mono_elim) simp qed - } note lvar_in_locals = this + finally show ?thesis + by blast + qed from conf_s0 wt_v da_v obtain conf_s1: "s1\\(G, L)" and conf_var: "(normal s1 \ G,L,store s1\In2 v\In2 (w, upd)\\Inl vT)" @@ -3018,28 +3000,26 @@ conf_a: "normal s1 \ G, store s1\a\\RefT statT" and error_free_s1: "error_free s1" by (rule hyp_e [elim_format]) simp - { - assume abnormal_s2: "\ normal s2" - have "set_lvars (locals (store s2)) s4 = s2" - proof - - from abnormal_s2 init_lvars - obtain keep_abrupt: "abrupt s3 = abrupt s2" and - "store s3 = store (init_lvars G invDeclC \name = mn, parTs = pTs'\ + have propagate_abnormal_s2: "set_lvars (locals (store s2)) s4 = s2" + if abnormal_s2: "\ normal s2" + proof - + from abnormal_s2 init_lvars + obtain keep_abrupt: "abrupt s3 = abrupt s2" and + "store s3 = store (init_lvars G invDeclC \name = mn, parTs = pTs'\ mode a vs s2)" - by (auto simp add: init_lvars_def2) - moreover - from keep_abrupt abnormal_s2 check - have eq_s3'_s3: "s3'=s3" - by (auto simp add: check_method_access_def Let_def) - moreover - from eq_s3'_s3 abnormal_s2 keep_abrupt eval_methd - have "s4=s3'" - by auto - ultimately show - "set_lvars (locals (store s2)) s4 = s2" - by (cases s2,cases s3) (simp add: init_lvars_def2) - qed - } note propagate_abnormal_s2 = this + by (auto simp add: init_lvars_def2) + moreover + from keep_abrupt abnormal_s2 check + have eq_s3'_s3: "s3'=s3" + by (auto simp add: check_method_access_def Let_def) + moreover + from eq_s3'_s3 abnormal_s2 keep_abrupt eval_methd + have "s4=s3'" + by auto + ultimately show + "set_lvars (locals (store s2)) s4 = s2" + by (cases s2,cases s3) (simp add: init_lvars_def2) + qed show "(set_lvars (locals (store s2))) s4\\(G, L) \ (normal ((set_lvars (locals (store s2))) s4) \ G,L,store ((set_lvars (locals (store s2))) s4) @@ -3419,26 +3399,24 @@ by force qed moreover - { - assume normal_upd_s2: "normal (abupd (absorb Ret) s2)" - have "Result \ dom (locals (store s2))" - proof - - from normal_upd_s2 - have "normal s2 \ abrupt s2 = Some (Jump Ret)" - by (cases s2) (simp add: absorb_def) - thus ?thesis - proof - assume "normal s2" - with eval_c wt_c da_C' wf res nrm_C' - show ?thesis - by (cases rule: da_good_approxE') blast - next - assume "abrupt s2 = Some (Jump Ret)" - with conf_s2 show ?thesis - by (cases s2) (auto dest: conforms_RetD simp add: dom_def) - qed - qed - } + have "Result \ dom (locals (store s2))" + if normal_upd_s2: "normal (abupd (absorb Ret) s2)" + proof - + from normal_upd_s2 + have "normal s2 \ abrupt s2 = Some (Jump Ret)" + by (cases s2) (simp add: absorb_def) + thus ?thesis + proof + assume "normal s2" + with eval_c wt_c da_C' wf res nrm_C' + show ?thesis + by (cases rule: da_good_approxE') blast + next + assume "abrupt s2 = Some (Jump Ret)" + with conf_s2 show ?thesis + by (cases s2) (auto dest: conforms_RetD simp add: dom_def) + qed + qed moreover note T resultT ultimately show "abupd (absorb Ret) s3\\(G, L) \ @@ -3939,29 +3917,27 @@ from wt_c1 da_c1 have P_c1: "P L accC (Norm s0) \c1\\<^sub>s \ s1" by (rule Comp.hyps) - { - fix Q - assume normal_s1: "normal s1" - assume elim: "\ C2'. + have thesis + if normal_s1: "normal s1" + and elim: "\ C2'. \\prg=G,cls=accC,lcl=L\\dom (locals (store s1))\\c2\\<^sub>s\C2'; - P L accC s1 \c2\\<^sub>s \ s2\ \ Q" - have Q + P L accC s1 \c2\\<^sub>s \ s2\ \ thesis" + for thesis + proof - + obtain C2' where + da: "\prg=G, cls=accC, lcl=L\\ dom (locals (store s1)) \\c2\\<^sub>s\ C2'" proof - - obtain C2' where - da: "\prg=G, cls=accC, lcl=L\\ dom (locals (store s1)) \\c2\\<^sub>s\ C2'" - proof - - from eval_c1 wt_c1 da_c1 wf normal_s1 - have "nrm C1 \ dom (locals (store s1))" - by (cases rule: da_good_approxE') iprover - with da_c2 show thesis - by (rule da_weakenE) (rule that) - qed - with wt_c2 have "P L accC s1 \c2\\<^sub>s \ s2" - by (rule Comp.hyps) - with da show ?thesis - using elim by iprover + from eval_c1 wt_c1 da_c1 wf normal_s1 + have "nrm C1 \ dom (locals (store s1))" + by (cases rule: da_good_approxE') iprover + with da_c2 show thesis + by (rule da_weakenE) (rule that) qed - } + with wt_c2 have "P L accC s1 \c2\\<^sub>s \ s2" + by (rule Comp.hyps) + with da show ?thesis + using elim by iprover + qed with eval_c1 eval_c2 wt_c1 wt_c2 da_c1 P_c1 show ?case by (rule comp) iprover+ @@ -3985,39 +3961,37 @@ from wt_e da_e have P_e: "P L accC (Norm s0) \e\\<^sub>e \b\\<^sub>e s1" by (rule If.hyps) - { - fix Q - assume normal_s1: "normal s1" - assume elim: "\ C. \\prg=G,cls=accC,lcl=L\\ (dom (locals (store s1))) - \\if the_Bool b then c1 else c2\\<^sub>s\ C; - P L accC s1 \if the_Bool b then c1 else c2\\<^sub>s \ s2 - \ \ Q" - have Q - proof - - obtain C' where - da: "\prg=G,cls=accC,lcl=L\\ + have thesis + if normal_s1: "normal s1" + and elim: "\ C. \\prg=G,cls=accC,lcl=L\\ (dom (locals (store s1))) + \\if the_Bool b then c1 else c2\\<^sub>s\ C; + P L accC s1 \if the_Bool b then c1 else c2\\<^sub>s \ s2 + \ \ thesis" + for thesis + proof - + obtain C' where + da: "\prg=G,cls=accC,lcl=L\\ (dom (locals (store s1)))\\if the_Bool b then c1 else c2\\<^sub>s \ C'" - proof - - from eval_e have - "dom (locals (store ((Norm s0)::state))) \ dom (locals (store s1))" - by (rule dom_locals_eval_mono_elim) - moreover - from eval_e normal_s1 wt_e - have "assigns_if (the_Bool b) e \ dom (locals (store s1))" - by (rule assigns_if_good_approx') - ultimately - have "dom (locals (store ((Norm s0)::state))) + proof - + from eval_e have + "dom (locals (store ((Norm s0)::state))) \ dom (locals (store s1))" + by (rule dom_locals_eval_mono_elim) + moreover + from eval_e normal_s1 wt_e + have "assigns_if (the_Bool b) e \ dom (locals (store s1))" + by (rule assigns_if_good_approx') + ultimately + have "dom (locals (store ((Norm s0)::state))) \ assigns_if (the_Bool b) e \ dom (locals (store s1))" - by (rule Un_least) - with da_then_else show thesis - by (rule da_weakenE) (rule that) - qed - with wt_then_else - have "P L accC s1 \if the_Bool b then c1 else c2\\<^sub>s \ s2" - by (rule If.hyps) - with da show ?thesis using elim by iprover + by (rule Un_least) + with da_then_else show thesis + by (rule da_weakenE) (rule that) qed - } + with wt_then_else + have "P L accC s1 \if the_Bool b then c1 else c2\\<^sub>s \ s2" + by (rule If.hyps) + with da show ?thesis using elim by iprover + qed with eval_e eval_then_else wt_e wt_then_else da_e P_e show ?case by (rule "if") iprover+