Up to index of Isabelle/HOL/jsr
theory WellType = Term + WellForm:(* Title: HOL/MicroJava/J/WellType.thy
ID: $Id: WellType.html,v 1.1 2002/11/28 14:17:20 kleing Exp $
Author: David von Oheimb
Copyright 1999 Technische Universitaet Muenchen
*)
header {* \isaheader{Well-typedness Constraints} *}
theory WellType = Term + WellForm:
text {*
the formulation of well-typedness of method calls given below (as well as
the Java Specification 1.0) is a little too restrictive: Is does not allow
methods of class Object to be called upon references of interface type.
\begin{description}
\item[simplifications:]\ \\
\begin{itemize}
\item the type rules include all static checks on expressions and statements,
e.g.\ definedness of names (of parameters, locals, fields, methods)
\end{itemize}
\end{description}
*}
text "local variables, including method parameters and This:"
types
lenv = "vname \<leadsto> ty"
'c env = "'c prog × lenv"
syntax
prg :: "'c env => 'c prog"
localT :: "'c env => (vname \<leadsto> ty)"
translations
"prg" => "fst"
"localT" => "snd"
consts
more_spec :: "'c prog => (ty × 'x) × ty list =>
(ty × 'x) × ty list => bool"
appl_methds :: "'c prog => cname => sig => ((ty × ty) × ty list) set"
max_spec :: "'c prog => cname => sig => ((ty × ty) × ty list) set"
defs
more_spec_def: "more_spec G == \<lambda>((d,h),pTs). \<lambda>((d',h'),pTs'). G\<turnstile>d\<preceq>d' \<and>
list_all2 (\<lambda>T T'. G\<turnstile>T\<preceq>T') pTs pTs'"
-- "applicable methods, cf. 15.11.2.1"
appl_methds_def: "appl_methds G C == \<lambda>(mn, pTs).
{((Class md,rT),pTs') |md rT mb pTs'.
method (G,C) (mn, pTs') = Some (md,rT,mb) \<and>
list_all2 (\<lambda>T T'. G\<turnstile>T\<preceq>T') pTs pTs'}"
-- "maximally specific methods, cf. 15.11.2.2"
max_spec_def: "max_spec G C sig == {m. m \<in>appl_methds G C sig \<and>
(\<forall>m'\<in>appl_methds G C sig.
more_spec G m' m --> m' = m)}"
lemma max_spec2appl_meths:
"x \<in> max_spec G C sig ==> x \<in> appl_methds G C sig"
apply (unfold max_spec_def)
apply (fast)
done
lemma appl_methsD:
"((md,rT),pTs')\<in>appl_methds G C (mn, pTs) ==>
\<exists>D b. md = Class D \<and> method (G,C) (mn, pTs') = Some (D,rT,b)
\<and> list_all2 (\<lambda>T T'. G\<turnstile>T\<preceq>T') pTs pTs'"
apply (unfold appl_methds_def)
apply (fast)
done
lemmas max_spec2mheads = insertI1 [THEN [2] equalityD2 [THEN subsetD],
THEN max_spec2appl_meths, THEN appl_methsD]
consts
typeof :: "(loc => ty option) => val => ty option"
primrec
"typeof dt Unit = Some (PrimT Void)"
"typeof dt Null = Some NT"
"typeof dt (Bool b) = Some (PrimT Boolean)"
"typeof dt (Intg i) = Some (PrimT Integer)"
"typeof dt (Addr a) = dt a"
"typeof dt (RetAddr pc) = Some (RA pc)"
lemma is_type_typeof [rule_format (no_asm), simp]:
"(\<forall>a. v \<noteq> Addr a) --> (\<exists>T. typeof t v = Some T \<and> is_type G T)"
apply (rule val.induct)
apply auto
done
lemma typeof_empty_is_type [rule_format (no_asm)]:
"typeof (\<lambda>a. None) v = Some T \<longrightarrow> is_type G T"
apply (rule val.induct)
apply auto
done
types
java_mb = "vname list × (vname × ty) list × stmt × expr"
-- "method body with parameter names, local variables, block, result expression."
-- "local variables might include This, which is hidden anyway"
consts
ty_expr :: "java_mb env => (expr × ty ) set"
ty_exprs:: "java_mb env => (expr list × ty list) set"
wt_stmt :: "java_mb env => stmt set"
syntax (xsymbols)
ty_expr :: "java_mb env => [expr , ty ] => bool" ("_ \<turnstile> _ :: _" [51,51,51]50)
ty_exprs:: "java_mb env => [expr list, ty list] => bool" ("_ \<turnstile> _ [::] _" [51,51,51]50)
wt_stmt :: "java_mb env => stmt => bool" ("_ \<turnstile> _ \<surd>" [51,51 ]50)
syntax
ty_expr :: "java_mb env => [expr , ty ] => bool" ("_ |- _ :: _" [51,51,51]50)
ty_exprs:: "java_mb env => [expr list, ty list] => bool" ("_ |- _ [::] _" [51,51,51]50)
wt_stmt :: "java_mb env => stmt => bool" ("_ |- _ [ok]" [51,51 ]50)
translations
"E\<turnstile>e :: T" == "(e,T) \<in> ty_expr E"
"E\<turnstile>e[::]T" == "(e,T) \<in> ty_exprs E"
"E\<turnstile>c \<surd>" == "c \<in> wt_stmt E"
inductive "ty_expr E" "ty_exprs E" "wt_stmt E" intros
NewC: "[| is_class (prg E) C |] ==>
E\<turnstile>NewC C::Class C" -- "cf. 15.8"
-- "cf. 15.15"
Cast: "[| E\<turnstile>e::Class C; is_class (prg E) D;
prg E\<turnstile>C\<preceq>? D |] ==>
E\<turnstile>Cast D e::Class D"
-- "cf. 15.7.1"
Lit: "[| typeof (\<lambda>v. None) x = Some T |] ==>
E\<turnstile>Lit x::T"
-- "cf. 15.13.1"
LAcc: "[| localT E v = Some T; is_type (prg E) T |] ==>
E\<turnstile>LAcc v::T"
BinOp:"[| E\<turnstile>e1::T;
E\<turnstile>e2::T;
if bop = Eq then T' = PrimT Boolean
else T' = T \<and> T = PrimT Integer|] ==>
E\<turnstile>BinOp bop e1 e2::T'"
-- "cf. 15.25, 15.25.1"
LAss: "[| v ~= This;
E\<turnstile>LAcc v::T;
E\<turnstile>e::T';
prg E\<turnstile>T'\<preceq>T |] ==>
E\<turnstile>v::=e::T'"
-- "cf. 15.10.1"
FAcc: "[| E\<turnstile>a::Class C;
field (prg E,C) fn = Some (fd,fT) |] ==>
E\<turnstile>{fd}a..fn::fT"
-- "cf. 15.25, 15.25.1"
FAss: "[| E\<turnstile>{fd}a..fn::T;
E\<turnstile>v ::T';
prg E\<turnstile>T'\<preceq>T |] ==>
E\<turnstile>{fd}a..fn:=v::T'"
-- "cf. 15.11.1, 15.11.2, 15.11.3"
Call: "[| E\<turnstile>a::Class C;
E\<turnstile>ps[::]pTs;
max_spec (prg E) C (mn, pTs) = {((md,rT),pTs')} |] ==>
E\<turnstile>{C}a..mn({pTs'}ps)::rT"
-- "well-typed expression lists"
-- "cf. 15.11.???"
Nil: "E\<turnstile>[][::][]"
-- "cf. 15.11.???"
Cons:"[| E\<turnstile>e::T;
E\<turnstile>es[::]Ts |] ==>
E\<turnstile>e#es[::]T#Ts"
-- "well-typed statements"
Skip:"E\<turnstile>Skip\<surd>"
Expr:"[| E\<turnstile>e::T |] ==>
E\<turnstile>Expr e\<surd>"
Comp:"[| E\<turnstile>s1\<surd>;
E\<turnstile>s2\<surd> |] ==>
E\<turnstile>s1;; s2\<surd>"
-- "cf. 14.8"
Cond:"[| E\<turnstile>e::PrimT Boolean;
E\<turnstile>s1\<surd>;
E\<turnstile>s2\<surd> |] ==>
E\<turnstile>If(e) s1 Else s2\<surd>"
-- "cf. 14.10"
Loop:"[| E\<turnstile>e::PrimT Boolean;
E\<turnstile>s\<surd> |] ==>
E\<turnstile>While(e) s\<surd>"
constdefs
wf_java_mdecl :: "java_mb prog => cname => java_mb mdecl => bool"
"wf_java_mdecl G C == \<lambda>((mn,pTs),rT,(pns,lvars,blk,res)).
length pTs = length pns \<and>
distinct pns \<and>
unique lvars \<and>
This \<notin> set pns \<and> This \<notin> set (map fst lvars) \<and>
(\<forall>pn\<in>set pns. map_of lvars pn = None) \<and>
(\<forall>(vn,T)\<in>set lvars. is_type G T) &
(let E = (G,map_of lvars(pns[\<mapsto>]pTs)(This\<mapsto>Class C)) in
E\<turnstile>blk\<surd> \<and> (\<exists>T. E\<turnstile>res::T \<and> G\<turnstile>T\<preceq>rT))"
syntax
wf_java_prog :: "java_mb prog => bool"
translations
"wf_java_prog" == "wf_prog wf_java_mdecl"
lemma wt_is_type: "wf_prog wf_mb G \<Longrightarrow> ((G,L)\<turnstile>e::T \<longrightarrow> is_type G T) \<and>
((G,L)\<turnstile>es[::]Ts \<longrightarrow> Ball (set Ts) (is_type G)) \<and> ((G,L)\<turnstile>c \<surd> \<longrightarrow> True)"
apply (rule ty_expr_ty_exprs_wt_stmt.induct)
apply auto
apply ( erule typeof_empty_is_type)
apply ( simp split add: split_if_asm)
apply ( drule field_fields)
apply ( drule (1) fields_is_type)
apply ( simp (no_asm_simp))
apply (assumption)
apply (auto dest!: max_spec2mheads method_wf_mdecl is_type_rTI
simp add: wf_mdecl_def)
done
lemmas ty_expr_is_type = wt_is_type [THEN conjunct1,THEN mp, COMP swap_prems_rl]
end
lemma max_spec2appl_meths:
x : max_spec G C sig ==> x : appl_methds G C sig
lemma appl_methsD:
((md, rT), pTs') : appl_methds G C (mn, pTs)
==> EX D b.
md = Class D &
method (G, C) (mn, pTs') = Some (D, rT, b) &
list_all2 (%T T'. G |- T <= T') pTs pTs'
lemmas max_spec2mheads:
max_spec G C (mn, pTs) = insert ((md, rT), pTs') B_4
==> EX D b.
md = Class D &
method (G, C) (mn, pTs') = Some (D, rT, b) &
list_all2 (%T T'. G |- T <= T') pTs pTs'
lemma is_type_typeof:
ALL a. v ~= Addr a ==> EX T. typeof t v = Some T & is_type G T
lemma typeof_empty_is_type:
typeof (%a. None) v = Some T ==> is_type G T
lemma wt_is_type:
wf_prog wf_mb G
==> ((G, L) |- e :: T --> is_type G T) &
((G, L) |- es [::] Ts --> Ball (set Ts) (is_type G)) &
((G, L) |- c [ok] --> True)
lemmas ty_expr_is_type:
[| (G_2, L_2) |- e_2 :: T_2; wf_prog wf_mb_2 G_2 |] ==> is_type G_2 T_2