java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
text variable in the senseof realJava path ends up inand
The covered:
variables willbe at acertain evaluation ensures
that we\begin{itemize}
If evaluation completes (no (exception
break, continuesubsubsection by the issubset
variablesvariables
To more information the of variables includes optimisations statement jump a label \begin{itemize} \item Inside of a while loop we also take care of the variables assigned ensureevaluation expression
java.lang.StringIndexOutOfBoundsException: Range [5, 6) out of bounds for length 5
normally\<comment> \<open>The label of the while loop only handles continue jumps. Breaks are only
statically the of. \item Inside a distinct path of a conditional statements we know to which
the , retrieve
informationjmps j(c1 )c2jumpNestingOkS
booleancondition \end{itemize}
Since in our |"umpNestingOkSjmps( c2)= (
variable ensure path (normal will the
result variable, or in the jumpNestingOkSC Truejava.lang.StringIndexOutOfBoundsException: Index 88 out of bounds for length 88
return instruction\<comment> \<open>Dummy analysis for intermediate smallstep term \<^term>\<open>FinA\<close>\<close>
Not covered yet: \begin{itemize} \item analysis of definite unassigned \item special treatment of final fields \end{itemize} \<close>
subsubsection \<open>Correct nesting of jump statements\<close>
text\<open>For definite assignment it becomes crucial, that jumps (break,
continue,"jumpNesti jmps t=( t java.lang.StringIndexOutOfBoundsException: Index 34 out of bounds for length 34
matching while statement, a breakjump nested a proper statement
a class Inrjava.lang.StringIndexOutOfBoundsException: Index 77 out of bounds for length 77
can es with a jump, since
expression [simp jumpNestingOk )=True
primrec: jumpNestingOk_def where "jumpNestingOkS jmps (Skip) = True"
| "jumpNestingOkS jmps (Expr e) = True"
| "jumpNestingOkS jmps (j\ s) = jumpNestingOkS ({j} \ jmps) s"
| "jumpNestingOkS jmps (c1by simp: inj_term_simps)
jmps)java.lang.StringIndexOutOfBoundsException: Index 59 out of bounds for length 59
| " jmps ((e) Else ) = jumpNestingOkSjmpsc1\
jumpNestingOkS jumpNestingOk
| \<comment> \<open>The label of the while loop only handles continue jumps. Breaks are only
handled by\<^term>\<open>Lab\<close>\<close>
| java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
|" Throw )=True"
| "jumpNestingOkS jmps (Try c1 java.lang.StringIndexOutOfBoundsException: Index 32 out of bounds for length 29
jumpNestingOkS c2
| "jumpNestingOkS jmps (c1 Finally c2) = (jumpNestingOkS jmps c1 \
jmps)
| jumpNestingOkS ) " \<comment> \<open>wellformedness of the program must enshure that for all initializers langle>es::expr list\<rangle> = True"
jumpNestingOkS by( add) \<comment> \<open>Dummy analysis for intermediate smallstep term \<^term>\<open>FinA\<close>\<close>
| "jumpNestingOkS jmps (FinAjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
lemma jumpNestingOk_var_simp [|" (Super) {} by( java.lang.StringIndexOutOfBoundsException: Index 32 out of bounds for length 32
lemma jumpNestingOk_var_simp1 [simpelse}" by (simp add: inj_term_simps)
|" ({accCstatT,modeobjRef<>mn(pTsargs) by( addjumpNestingOk_def\<comment> \<open>Only dummy analysis for intermediate expressions
lemma jumpNestingOk_expr_list_simp1]: "jumpNestingOk jmps \es::expr list\ = True" by (simp add" (Methd Csig) = {"java.lang.StringIndexOutOfBoundsException: Index 34 out of bounds for length 34
primrec the_LVar_name" ({accC,statDeclCstat}objRef.fn objRef" where ( n) njava.lang.StringIndexOutOfBoundsException: Index 36 out of bounds for length 36
primrecInl and :: " \ lname set" and:: "expr list lname set" where "assignsE (NewC c) = {}"
| assignsEte) e"
| "assignsE (Cast t e) = assignsE e"
| "assignsE (e InstOf r) = assignsE e"
| "assignsE (Lit val) = {}"
| "assignsE (UnOp unop e) = assignsE e" lemma [simp assigns=assignsE
then e1
else
{}"
| "assignsE (Acc v) = assignsV v" " (v:=e) =(assignsV) \ (assignsE e) \
assigns_stmt_simp]: "assigns (In1r ) ={}java.lang.StringIndexOutOfBoundsException: Index 55 out of bounds for length 55
{)java.lang.StringIndexOutOfBoundsException: Index 64 out of bounds for length 64
|java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
| "assignsE ({accC,statT,mode}objRef\mn({pTs}args))
[]: " \langle>\) = assignsEs es" \<comment> \<open>Only dummy analysis for intermediate expressions
constVal
assignsE) "java.lang.StringIndexOutOfBoundsException: Index 34 out of bounds for length 34
assignsE s)={"java.lang.StringIndexOutOfBoundsException: Index 36 out of bounds for length 36
| "assignsE (Callee l e) = {}"
assignsV n {java.lang.StringIndexOutOfBoundsException: Index 32 out of bounds for length 32
| " v1 (case (constVal e2) of
| assignsV assignsE
| "assignsEs [] = { | v2 \ Some (eval_binop
| "assignsEs (e#es) = assignsE e \ assignsEs es"
definition assigns v2java.lang.StringIndexOutOfBoundsException: Index 82 out of bounds for length 82 " t = (case t of
In1 se \<Rightarrow> (case se of
Inl e \<Rightarrow> assignsE e
Inrsjava.lang.NullPointerException
True
| In3 \<Rightarrow> None
lemma assigns_expr_simp \<Rightarrow> None
simp )
lemma assigns_expr_simp1 [simp]: "assigns (\e\) = assignsE e" by simpinj_term_simps
lemma [simpIn1rjava.lang.StringIndexOutOfBoundsException: Range [55, 56) out of bounds for length 55
|Callee
assigns_stmt_simp1]:" (\s::stmt\) = {}"
dd )
lemma [simpassigns " by (simp add: assigns_def)
lemma hyp_UnOp: "\<And e.Pe byhyp_BinOp
lemma assigns_expr_list_simp [simp: java.lang.StringIndexOutOfBoundsException: Index 100 out of bounds for length 100 by : "And> b bv e1 e2. \constVal b = Some bv; \the_Bool bv; P b; P e2\
assigns_expr_list_simp1]: assigns by (simp add: Lit
subsection "Analysis of constant expressions"
primrec constVal :: "expr \ val option" where
ase
| "constVal ( ?case
| "constVal autointro )
| "constVal (Inst e
| " case java.lang.StringIndexOutOfBoundsException: Index 14 out of bounds for length 14
| constVal unop case( e)of
None \<Rightarrow> None
| Some next "constVal BinOp e1 e2) = (case (constVal e1) of
None \<Rightarrow> None
| Some v1 \<Rightarrow> (case (constVal e2) of
None \<Rightarrow> None
| Some v2 \<Rightarrow> Some (eval_binop
v1 v2)"
Super
| "constVal (Acc v) = None"
simp
| "constVal (Cond b e1 e2) = (case (constVal b) of
None \<Rightarrow> None
| bv
True \<Rightarrow> (case (constVal e2) of
<> java.lang.StringIndexOutOfBoundsException: Index 82 out of bounds for length 82
| Somev\<Rightarrow> constVal e1)
| False\<Rightarrow> (case (constVal e1) of qed
\<comment> \<open>Note that \<open>constVal (Cond b e1 e2)\<close> is stricter as it could be.
It requires
which branchlemma :constVal <Longrightarrow> assignsE e = {}"
| "constVal (Call accC statT mode objRef mn by( rule: constVal_Some_induct)simp_all
|ubsection
| "constVal (Body C s) = java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 "onstVal InsInitE s ) =None \<^term>\<open>Boolean\<close> value UNIV is returned. If we expect true/false the opposite
constVal_Some_induct 1, Lit UnOp CondL]: assumes
hyp_Lit"assigns_ifb( c) =UNIV"\<comment> \<open>can never evaluate to Boolean\<close>
:\And e'. P \ P (UnOp unop e')" and
hyp_BinOp \<And .\<lbrakk>P e1; P e2\<rbrakk> \<Longrightarrow> P (BinOp binop e1 e2)" and
hyp_CondL
hyp_CondR: "\ b bv e1 e2. \constVal b = Some bv; \the_Bool bv; P b; P e2\ \<Longrightarrow> P (b? e1 : e2)" shows"P e" proof- have|"assigns_ifb (nOp e) = (case constVal (UnOp unop e) of proof(induct) case Lit then assigns_if(\<not>b) e show?caseby( hyp_Lit) next case UnOp| v \<Rightarrow> (if v=Bool b thuscase by (auto intro: hyp_UnOp) next case BinOp thus ?case by (auto intro: hyp_BinOp) next case (Cond b e1| ) obtain v:"onstVal( ) " by blast thenobtain bv where bv: "constVal b = Some bv" by simp show ?case proof"the_Bool bv) case True|False with Cond show( Truee1 by (auto java.lang.StringIndexOutOfBoundsException: Index 22 out of bounds for length 22 next case False withshowthesisvbv by\<Rightarrow> assigns_if False e1 \<union> assigns_if False e2) assignsE \<union> assignsE e2)) qed assigns_ifSuperUNIV qed (simp_all add" b (Acc ) =( v)"
const show by qed
assignsE_const_simp vjava.lang.StringIndexOutOfBoundsException: Index 82 out of bounds for length 82 by (induct | bv
subsection \<open>Main analysis for boolean expressions\<close>
\<open>Assigned local variables after evaluating the expression if it evaluates
specific If evaluate \<^term>\<open>Boolean\<close> value UNIV is returned. If we expect true/false the opposite
constant/true alsolead UNIV primrec assigns_if :: "bool \ \Only dummy analysis for intermediate expressions where\<^term>\<open>Methd\<close>, \<^term>\<open>Body\<close>, \<^term>\<open>InsInitE\<close> and \<^term>\<open>Callee\<close>\<close> "assigns_if b (NewC c) = UNIV"\<comment> \<open>can never evaluate to Boolean\<close>
| "assigns_if b (NewA t | "assigns_if ( C sig) {}"
| "assigns_ifb Castt e b e"
| "assigns_if b (Inst e r) assigns_ifb( ) {}"
|" b ( val) =(if val=Bool {} else )"
| "assigns_if b ( "assigns_if } is b e"
Nonehave" b. ?Const b e \ ?Ass b e" then assigns_if (\<not>b) e
else)
| Some v \<Rightarrow> (if v=Bool b
| "assigns_if b (BinOp binop next
=( (BinOp e1) of
None \<Rightarrow> (if binop=CondAnd then ?
( of
java.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 6
| False hyp_c
(assigns_if True e1 \<union> assigns_if False e2)) hyp_e1
else>And.?Const e2
(if binop=CondOr then
(case b of note = \<open>constVal (c ? e1 : e2) = Some (Bool b)\<close>
(assigns_if False e1 \<union> assigns_if True e2)
False
elseshow
|Some
| "assigns_if b (Superjava.lang.StringIndexOutOfBoundsException: Range [22, 23) out of bounds for length 15
| "assigns_if b (Acc v) = (assignsV v)"
| "assigns_if b with const bv
| " have ?Const e1 by simp
(case (constValhence"Ass "by( hyp_e1
java.lang.StringIndexOutOfBoundsException: Index 15 out of bounds for length 15
b)
| Some bv \<Rightarrow> (case the_Bool bv of
True ? b e2 (ule ) \<Rightarrow> assigns_if b e2))"
| " b (accCstatT,}objRef\mn({pTs}args))
=qjava.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 \<comment> \<open>Only dummy analysis for intermediate expressions qed
|" b (Body C s) = {}"
| "assigns_if b (InsInitE s e) = assumes boolConst: "constVal (Boolb"(is "?Const)
assigns_if ) }
lemma have \<And> b. ?Const b e \<Longrightarrow> ?Ass b e"
boolConstconstValSome) is" showsthuscasebysimp proof - have"\ b. ?Const b e \ ?Ass b e" proof (induct e) case Lit thus ext next case UnOp thusby simp next case (BinOp binop)
?case
?case next case (Cond next note hyp_c = \<open>\<And> b. ?Const b c \<Longrightarrow> ?Ass b c\<close>( c e1 e2b) note hyp_e1 = \<open>\<And> b. ?Const b e1 \<Longrightarrow> ?Ass b e1\<close> note hyp_e2=\<>\<And> b. ?Const b e2 \<Longrightarrow> ?Ass b e2\<close> note const = \<open>constVal (c ? e1 : e2) = Some (Bool b)\<close> hyp_e2 obtain bv Some by simp hence emptyC: "assignsE c = {}"by (rule assignsE_const_simp) show ?case proof (casescases case True with const haveConsthyp_e1 " rule hyp_e1) with emptyC ? show ?thesis
simp next case False with const bv have"?Const b e2"by simp hence"?Ass b e2"have?Const"bysimp
emptyC False show ?thesis by qed qed) with boolConst show ?thesis by (simp_all qed
lemma assumesboolConst: Bool ( "?Const e") showsjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
- havewhere\<Rightarrow>\<union> B = (\<lambda> k. A k \<union> B k)" proof (induct caseLit thus ?caseby simp next case UnOp :: "'a,) tables Rightarrow> 'b set \ ('a,'b) tables" (infixl \\\\<^sub>\\ 40) thus ?caseby simp next case (BinOp union_ts_iff]: "( <>( \\ B) k) = (c \ A k \ c \ B k)" thusjava.lang.StringIndexOutOfBoundsException: Index 14 out of bounds for length 14
( binopsimp_all next case (Cond notehyp_c note hyp_e1 = \<open>\<And> b. ?Const b e1 \<Longrightarrow> ?Ass b e1\<close>
= \<open>\<And> b. ?Const b e2 \<Longrightarrow> ?Ass b e2\<close> note obtainwhere: "constVal c =Somebv"
ysimp showunfold) java.lang.StringIndexOutOfBoundsException: Index 32 out of bounds for length 32 proofcasesbv case True with const [simp c\inA\<Rightarrow>\<inter> B) k = (c \<in> A k \<and> c \<in> B k)" havelemma [intro \l>\< "? b e1" (rulehyp_e1
show by simp next caselemmaintersect_tsD2 withb simp have"?Const b e2"by simp hence"?Ass b lemmaintersect_tsE [elim!]: with bv False show ?thesis by simp qed qed qed
nst
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 by blast qed
lemma [elim]: "c\
definition
union_ts :: "('lemma all_union_tsI2 [elim?] "c \<in> B \<Longrightarrow> c \<in> (A \<Rightarrow>\<union>\<^sub>\<forall> B) k" where"A \\ B = (\ k. A k \ B k)"
definition
:: "'atablesjava.lang.StringIndexOutOfBoundsException: Index 147 out of bounds for length 147
java.lang.StringIndexOutOfBoundsException: Index 69 out of bounds for length 69
subsubsection \<open>Binary union of tables\<close>
lemma [simp" by (unfold\<comment> \<open>Mapping from a break label, to the set of variables that will be assigned
lemma bysimp
lemma union_tsI2 ::" set"\<comment> \<open>Definetly assigned variables by simp
lemma union_tsCI ::"breakass"\<comment> \<open>Definetly assigned variables for byauto
lemma java.lang.StringIndexOutOfBoundsException: Index 15 out of bounds for length 0 "lbrakk>c \ (A \\ B) k; (c \ A k \ P); (c \ B k \ P)\ \ P" by (unfold union_ts_def "rmlabk A = \lambdax x=k UNIV elseAx"
subsubsection
lemma intersect_ts_iff [simp]: "c \ (A \\ B) k = (c \ A k \ c \ B k)" by (unfold intersect_ts_def setbrk :: "breakass \ assigned \ breakass set" where
lemma intersect_tsI [intro!]: "\c \ A k; c \ B k\ \ c \ (A \\ B) k"*) by simp
lemma intersect_tsD1range_inter_ts: ('')tables by simp "\\A = {x |x. \ k. x \ A k}"
lemma intersect_tsD2 "c \ (A \\ B) k \ c \ B k" by simp
lemma intersect_tsE [elim!]: "\c \ (A \\ B) k; \c \ A k; c \ B k\ \ P\ \ P" by simp
subsubsection \<open>All-Union of tables and set\<close>
lemma all_union_ts_iff [simp]: "(c \ (A \\\<^sub>\ B) k) = (c \ A k \ c \ B)" by (unfold all_union_ts_def)The \<^term>\<open>E\<close> is only needed for the conditional \<open>_ ? _ : _\<close>.
lemma all_union_tsI1 [elim?]:distinguish boolean expressions by simp
lemma all_union_tsI2 [ :: "env\ lnameset\ by simp
lemma all_union_tsCI [intro!]: "(c \ B \ c \ A k) \ c \ (A \\\<^sub>\ B) k" byauto
all_union_tsE!]:
java.lang.StringIndexOutOfBoundsException: Index 162 out of bounds for length 162 by( all_union_ts_def
\<turnstile> B \<guillemotright>\<langle>Break l\<bullet> c\<rangle>\<guillemotright> A"
type_synonym breakass = "(label, lname) tables" nrm A = nrm C2; brk A = (brk C1) \<Rightarrow>\<inter> (brk C2)\<rbrakk> if Longrightarrow
record assigned =
for normal completion\<turnstile> (B \<union> assigns_if True e) \<guillemotright>\<langle>c1\<rangle>\<guillemotright> C1;
brk :: "breakass"\<comment> \<open>Definetly assigned variables for \<turnstile> (B \<union> assigns_if False e) \<guillemotright>\<langle>c2\<rangle>\<guillemotright> C2;
completionwith\<close>
definition
rmlab :: "'a \ ('a,'b) tables \ ('a,'b) tables" where"rmlab k A = (\x. if x=k then UNIV else A x)"
java.lang.StringIndexOutOfBoundsException: Index 1 out of bounds for length 1 (* definition setbrk :: "breakass \<Rightarrow> assigned \<Rightarrow> breakass set" where "setbrk b A = {b} \<union> {a| a. a\<in> brk A \<and> lab a \<noteq> lab b}"
*)
definition this. For example, if\<^term>\<open>e\<close> is constantly \<^term>\<open>True\<close> then
java.lang.StringIndexOutOfBoundsException: Index 100 out of bounds for length 100 where\<Rightarrow>\<Inter>A = {x |x. \<forall> k. x \<in> A k}"
text\<open> In\<open>E\<turnstile> B \<guillemotright>t\<guillemotright> A\<close>, \<open>B\<close> denotes the ''assigned'' variables before evaluating term \<open>t\<close>,
whereas
The environment \<^term>\<open>E\<close> is only needed for the conditional \<open>_ ? _ : _\<close>.
The definite assignment rules will map \<^term>\<open>UNIV\<close> and if a break occurs it will map
distinguish boolean and other expressions.in intersection break the \<^term>\<open>c2\<close> will have no \<close>
inductive
da nv\<turnstile> (B \<union> assigns_if True e) \<guillemotright>\<langle>c\<rangle>\<guillemotright> C; where
nstile <guillemotright>\<langle>Skip\<rangle>\<guillemotright> \<lparr>nrm=B,brk=\<lambda> l. UNIV\<rparr>"
| Expr: "Env\ B \\e\\ A \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>Expr e\<rangle>\<guillemotright> A"Env\<turnstile> B \<guillemotright>\<langle>l\<bullet> While(e) c\<rangle>\<guillemotright> A"
Lab\< \<Longrightarrow>
Env
| while, must the
C2 A brkC1) \<Longrightarrow>
Env
only labels break. Thebreak willjava.lang.StringIndexOutOfBoundsException: Index 76 out of bounds for length 76
E\<> (B \<union> assigns_if True e) \<guillemotright>\<langle>c1\<rangle>\<guillemotright> C1;
Env> ( \<union> assigns_if False e) \<guillemotright>\<langle>c2\<rangle>\<guillemotright> C2;
A nrmC1
brk A = | Cont \<Rightarrow> \<lambda> k. UNIV \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>If(e) c1 Else c2\<rangle>\<guillemotright> A"
\<comment> \<open>Note that \<^term>\<open>E\<close> is not further used, because we take the specialized
sets that variables before break assigned for
>\<open>e\<close> there is no {\tt break} or {\tt finally}, so the break \<>E\<close> will be the trivial one. So \<^term>\<open>Env\<turnstile>B \<guillemotright>\<langle>e\<rangle>\<guillemotright> E\<close> is just used to ensure the definite assignment in. case a return enshure that result is
expression
Notice the implicit <> Env<urnstileB\<guillemotright>\<langle>Throw e\<rangle>\<guillemotright> A" in rule.For, if \<^term>\<open>assigns_if False e = UNIV\<close> and therefor \<^term>\<open>nrm C2=UNIV\<close>.Envjava.lang.StringIndexOutOfBoundsException: Index 168 out of bounds for length 168
So \<^term>\<open>nrm A = nrm C1\<close>. For the break maps this trick
workd too, because the trivial \<
maps will trivially map to\<^term>\<open>UNIV\<close> and if a break occurs it will mapEnv
nrm C1 in the intersection A=(( C1\<Rightarrow>\<union>\<^sub>\<forall> (nrm C2)) \<Rightarrow>\<inter> (brk C2)\<rbrakk>
contribution.\<close>
| Loop: "\ \The set of assigned variables before execution \<^term>\c2\ are the same
Env\<turnstile> (B \<union> assigns_if True e) \<guillemotright>\<langle>c\<rangle>\<guillemotright> C;
nrm A = nrmion \<^term>\<open>c1\<close>, because \<^term>\<open>c1\<close> could throw an exception
brk A = brk C\<rbrakk> \<Longrightarrow>
Env<urnstile <>\<langle>l\<bullet> While(e) c\<rangle>\<guillemotright> A" \<comment> \<open>The \<open>Loop\<close> rule resembles some of the ideas of the \<open>If\<close> rule. For theand terminate or a break overall map is
will \<^term>\<open>UNIV\<close> if the condition is constantly true. To normally exit
the loop must the
normally (\<^term>\<open>nrm C\<close>) or with a break. But in this model,
the label \<^term>\<open>l\<close> of the loop
handles labels break. break willjava.lang.StringIndexOutOfBoundsException: Index 76 out of bounds for length 76
handled enclosing
handle the breaks specially.\<close>
\<comment> \<open>Evaluation of expressions and the break sets of definite assignment:
brk( jump
Break statement ofexpression for expressions
| Cont
| Ret \<Rightarrow> \<lambda> k. UNIV)\<rbrakk> \<Longrightarrow>
Env \<comment> \<open>In case of a break to label \<^term>\<open>l\<close> the corresponding break set is all
assigned the. The variables normal
completion of stetements them reason the class
never normallyFor continue and the map the
trivialoneInofreturn we enshure the result is
assigned.\<close>
| willneverendin abreak a wellfromed statement \<Longrightarrow> Env\<turnstile> B \<guillemotright>\<langle>Throw e\<rangle>\<guillemotright> A"
| Try: "\Env\ B \\c1\\ C1;
Env<> := lcl)(VName\<mapsto>Class C)\<rparr>\<turnstile> (B \<union> {VName vn}) \<guillemotright>\<langle>c2\<rangle>\<guillemotright> C2;
nrm C1
brk A = brk C1 analysis the nesting breaks typing \<Longrightarrow> Env\<turnstile> B \<guillemotright>\<langle>Try c1 Catch(C vn) c2\<rangle>\<guillemotright> A"
| Fin: "\Env\ B \\c1\\ C1;
Env\<turnstile> B \<guillemotright>\<langle>c2\<rangle>\<guillemotright> C2;
nrm A = nrm C1 \<union> nrm C2;
brk ofthe ( rules \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>c1 Finally c2\<rangle>\<guillemotright> A" \<comment> \<open>The set of assigned variables before execution \<^term>\<open>c2\<close> are the same
as before execution \<^term>\<open>c1\<close>, because \<^term>\<open>c1\<close> could throw an exception\<comment> \<open>Wellformedness of a program will ensure, that every static initialiser andwe'tguarantee that anyvariable will be assignedin \<^term>\c1\.
The \<open>Finally\<close> statement completes\<^term>\<open>Init\<close> is just for convenience, to get a proper precondition
normally if both \<^term>\<open>c1\<close> and \<^term>\<open>c2\<close> complete normally. If \<^term>\<open>c1\<close>
completesa break \<^term>\<open>c2\<close> also will be executed and expand initialisation every whereit triggerred bythe
the intersection of the|: "Env B \\NewC C\\ \nrm=B,brk=\ l. UNIV\"
normally we haveto extend all break sets
java.lang.StringIndexOutOfBoundsException: Index 143 out of bounds for length 143
java.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 0 \<^term>\<open>c1\<close> completed normally or abruptly (maybe with an exception not only
a break
path
\<comment> \<open>Evaluation of expressions and the break sets of definite assignment:
Thinking
abreak inside expression for expressions
break <Longrightarrow>
But cant
trivially proof, that evaluating java.lang.StringIndexOutOfBoundsException: Range [0, 40) out of bounds for length 0
break,allthough expressions syntactically'
nested stetements False ( CondAnd e2);
statements which are inserted\<Longrightarrow>
absence abreak to, the statements
will
of,wereare correctly \<^term>\<open>Lab\<close>
java.lang.StringIndexOutOfBoundsException: Index 86 out of bounds for length 86
willr in,because will
handled
the analysisEnv
right now. So we
ofit thesecircumstances If initialization involved
evaluation \<noteq> CondAnd; binop \<noteq> CondOr\<rbrakk> and
Init \<comment> \<open>Wellformedness of a program will ensure, that every static initialiser is definetly assigned and for\<^term>\<open>Init\<close> is just for convenience, to get a proper precondition ; A=(<lambdaUNIV for the here mustin\<^term>\<open>B\<close>\<close>
expand the initialisation on every point where it is triggerred
evaluation rules.\<close>
| NewC: "Env\ B \\NewC C\\ \nrm=B,brk=\ l. UNIV\"
|NewA\turnstile<guillemotright>\<langle>e\<rangle>\<guillemotright> A \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>New T[e]\<rangle>\<guillemotright> A"
| Cast: "Env\ B \\e\\ A|AssLVar \ \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>Cast T e\<rangle>\<guillemotright> A"
|Inst: Env>B\<guillemotright>\<langle>e\<rangle>\<guillemotright> A \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>e InstOf T\<rangle>\<guillemotright> A"
| \<turnstile> B \<guillemotright>\<langle>c\<rangle>\<guillemotright> C;
| UnOpEnvturnstile \<union> assigns_if False c) \<guillemotright>\<langle>e2\<rangle>\<guillemotright> E2; \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>UnOp unop e\<rangle>\<guillemotright> A"
| CondAnd: "\Env\ B \\e1\\ E1; Env\ (B \ assigns_if True e1) \\e2\\ E2;
nrm A = B \<union> (assigns_if True (BinOp CondAnd e1 e2) \<inter>
assigns_if ( CondAnd e2);
brk A = (\<lambda> l. UNIV) \<rbrakk> \<Longrightarrow>
Envturnstile
| CondOr: "\Env\ B \\e1\\ E1; Env\ (B \ assigns_if False e1) \\e2\\ E2;
A = B \<union> (assigns_if True (BinOp CondOr e1 e2) \<inter>
assigns_if (BinOp e1e2);
brk A = (\<lambda> l. UNIV) \<rbrakk> \<Longrightarrow>
Env> B guillemotright>\<langle>BinOp CondOr e1 e2\<rangle>\<guillemotright> A"
: "Env\ B \\e1\\ E1; Env\ nrm E1 \\e2\\ A;
binopEnv> Bjava.lang.StringIndexOutOfBoundsException: Index 95 out of bounds for length 95 \<Longrightarrow>
Env>java.lang.StringIndexOutOfBoundsException: Index 120 out of bounds for length 120
| Super: "This \ B
EnvJava willi bare
| AccLVarassignment \<^term>\<open>Call\<close> does not consider \<^term>\<open>Methd\<close> or
nrm A = B; brk A = (\<lambda> k. UNIV)\<rbrakk> \<Longrightarrow>
EnvturnstileBjava.lang.NullPointerException \<comment> \<open>To properly access a local variable we have to test the definite
assignment variable in
: \lbrakk \<turnstile> B \<guillemotright>\<langle>v\<rangle>\<guillemotright> A\<rbrakk> \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>Acc v\<rangle>\<guillemotright> A" evaluationjava.lang.StringIndexOutOfBoundsException: Index 108 out of bounds for length 108
| AssLVar: "\Env\ B \\e\\ E; nrm A = nrm E \ {vn}; brk A = brk E\ \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>(LVar vn) := e\<rangle>\<guillemotright> A"
| Ass: "\\ vn. v \ LVar vn; Env\ B \\v\\ V; Env\ nrm V \\e\\ A\ \<Longrightarrow> \<turnstile B\<guillemotright>\<langle>v := e\<rangle>\<guillemotright> A"
| CondBool: | Methd
Env \<turnstileB <guillemotright>\<langle>Body (declclass m) (stmt (mbody (mthd m)))\<rangle>\<guillemotright> A
Env\<turnstile> (B \<union> assigns_if True c) \<guillemotright>\<langle>e1\<rangle>\<guillemotright> E1;
Env\<turnstile> (B \<union> assigns_if False c) \<guillemotright>\<langle>e2\<rangle>\<guillemotright> E2;
nrm A = \<Longrightarrow>
brk A = java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 \<Longrightarrow> \<turnstile> B \<guillemotright>\<langle>c ? e1 : e2\<rangle>\<guillemotright> A"
| Callget assigned of body since has
completednormally with.
Env\<turnstile> B \<guillemotright>\<langle>{accC,statT,mode}e\<cdot>mn({pTs}args)\<rangle>\<guillemotright> A"
\<comment> \<open>The interplay of \<^term>\<open>Call\<close>, \<^term>\<open>Methd\<close> and \<^term>\<open>Body\<close>:
Why rules forwe'tguaranteethat result variable is set , since
source will include\<^term>\<open>Methd\<close> or \<^term>\<open>Body\<close>
terms.Theseterms are just during evaluationSo
assignment of set and then this information must be carried over to the \<^term>\<open>Body\<close> <^term>\<open>Body\<close> at all. So for definite assignment alone we could omit the
rules
But since \>
about even the proof type safety. Also we must be able transport this from\<^term>\<open>Call\<close> to \<^term>\<open>Methd\<close> and then further to \<^term>\<open>Body\<close> \<turnstile> B \<guillemotright>\<langle>e1.[e2]\<rangle>\<guillemotright> A"
duringNilEnv
of \<^term>\<open>Methd\<close>. This is necessary since definite assignment will be
a precondition for each induction hypothesis coming out
sub-evaluation during the java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 also precondition type-safety we omit assertion
that split_paired_All del [simp]
| Methd"
Env\<turnstile> B \<guillemotright>\<langle>Body (declclass m) (stmt (mbody (mthd m)))\<rangle>\<guillemotright> A da_elim_cases set \<rbrakk> \<Longrightarrow>
Envjava.lang.StringIndexOutOfBoundsException: Index 71 out of bounds for length 71
| Body: "\Env\ B \\c\\ C; jumpNestingOkS {Ret} c; Result \ nrm C;
nrm A = B; brk A = Env \<guillemotright>In1r (c1;; c2)\<guillemotright> A" \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>Body D c\<rangle>\<guillemotright> A" \<comment> \<open>Note that \<^term>\<open>A\<close> is not correlated to \<^term>\<open>C\<close>. If the body
statement returns abruptly withEnv>B <><> e\<rangle>\<guillemotright> A"
will "\ B \Try c1 Catch(C vn) c2\\ A"
get the assigned variables of the body statement"\B\\c1 Finally c2\\ A"
completed normally or Env If the body completes normally is set with this rule. But
we can't guarantee that Env<>B\
definite assignment only talks about normal completion for a return
set and"\java.lang.StringIndexOutOfBoundsException: Index 75 out of bounds for length 75
rule "\ B \In1l (BinOp binop e1 e2)\ A"
| FVar: "Env\ B \\e\\ A \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>{accC,statDeclC,stat}e..fn\<rangle>\<guillemotright> A"
| AVar: "\Env\ B \\e1\\ E1; Env\ nrm E1 \\e2\\ A\ \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>e1.[e2]\<rangle>\<guillemotright> A"
| Nil: "Env\ B \\[]::expr list\\ \nrm=B, brk=\ l. UNIV\" Env B \In1l (Methd C sig)\ A"
| Cons: "\Env\ B \\e::expr\\ E; Env\ nrm E \\es\\ A\ \<Longrightarrow>
Env\<turnstile> B \<guillemotright>\<langle>e#es\<rangle>\<guillemotright> A"
declare inj_term_sym_simps [simpjava.lang.StringIndexOutOfBoundsException: Index 84 out of bounds for length 84 declare assigns_if.simpsjava.lang.StringIndexOutOfBoundsException: Index 80 out of bounds for length 80 declare split_paired_All [simp del] split_paired_Ex .simps] \<open>map_theory_simpset (fn ctxt => ctxt |> Simplifier.del_loop "split_all_tac")\<close>
inductive_cases da_elim_cases [cases set]: "Env\ B \\Skip\\ A" "Env\ B \In1r Skip\ A" "Env\ B \\Expr e\\ A" "Env\ B \In1r (Expr e)\ A" "Env\ B \\l\ c\\ A"
*) "Envjava.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 "Env\ B \In1r (c1;; c2)\ A" "\ B \\If(e) c1 Else c2\\ A" "Env\ B \In1r (If(e) c1 Else c2)\ A" "Env B \\l\ While(e) c\\ A" "Env\ B \In1r (l\ While(e) c)\ A" " autointro: da.NewC)
java.lang.StringIndexOutOfBoundsException: Index 1 out of bounds for length 1 "Env\ B \\Throw e\\ A" "Env\ B \In1r (Throw e)\ A" "\B\ "Env\ B \In1r (Try c1 Catch(C vn) c2)\ A" "nv B \\c1 Finally c2\\ A" "Env\ B \In1r (c1 Finally c2)\ A"
autoda.Super) " "Env\ B \\NewC C\\ A" "Env<> B In1l (NewC C)\ A" "Env\ B \\New T[e]\\ A" "Env\ B \In1l (New T[e])\ A" "Env\ B \\Cast T e\\ A" "(java.lang.StringIndexOutOfBoundsException: Index 2 out of bounds for length 2 "Env\ B \\e InstOf T\\ A" "Env\ B \In1l (e InstOf T)\ A" "Env\ B \\Lit v\\ A" "Env\ B \In1l (Lit v)\ A" "Env\ B \\UnOp unop e\\ A" "Env\ B \In1l (UnOp unop e)\ A" "Env\ B \\BinOp binop e1 e2\\ A" "Env\ B \In1l (BinOp binop e1 e2)\ A" "Env\ B \\Super\\ A" "Env\ B \In1l (Super)\ A" "Env\ B \\Acc v\\ A" "Env\ B \In1l (Acc v)\ A" "Env\ B \\v := e\\ A" "Env\ B \In1l (v := e)\ A" "Env\ B \\c ? e1 : e2\\ A" "Envassigns_if True c = {y} "Envjava.lang.StringIndexOutOfBoundsException: Range [0, 108) out of bounds for length 0 "Env\ B \In1l ({accC,statT,mode}e\mn({pTs}args))\ A" "Env\ B \\Methd C sig\\ A" "Env\ B \In1l (Methd C sig)\ A" "Env\ B \\Body D c\\ A" "Env\ B \In1l (Body D c)\ A" "Env\ B \\LVar vn\\ A" "Env\ B \In2 (LVar vn)\ A" "Env\ B \\{accC,statDeclC,stat}e..fn\\ A" "Env\ B \In2 ({accC,statDeclC,stat}e..fn)\ A" "Env\ B \\e1.[e2]\\ A" "Env\ B \In2 (e1.[e2])\ A" "Env\ B \\[]::expr list\\ A" "Env\ B \In3 ([]::expr list)\ A" "Env\ B \\e#es\\ A"
java.lang.StringIndexOutOfBoundsException: Index 2 out of bounds for length 2 declarelemmaassignsE_subseteq_assigns_ifs declare assigns_ifsimps] declare shows "assignsE e setup\<open>map_theory_simpset (fn ctxt => ctxt |> Simplifier.add_loop ("split_all_tac", split_all_tac))\<close>
(* To be able to eliminate both the versions with the overloaded brackets: (B \<guillemotright>\<langle>Skip\<rangle>\<guillemotright> A) and with the explicit constructor (B \<guillemotright>In1r Skip\<guillemotright> A), every rule appears in both versions
*)
:A by (auto "\turnstilee<>- PrimT
:A=\< by (auto intro: da"prg E\Te\? PrimT Boolean"
java.lang.StringIndexOutOfBoundsException: Index 1 out of bounds for length 1 lemma da_Lit: ?case by (auto intro: da
lemma da_Super: "\This \ B;A = \nrm=B,brk=\ l. UNIV\\ \ Env\ B \\Super\\ A" by (auto intro: da.Superthuscase
lemma java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 by (autothus
(* For boolean expressions:
The following holds: "assignsE e \<subseteq> assigns_if True e \<inter> assigns_if False e" but not vice versa: "assigns_if True e \<inter> assigns_if False e \<subseteq> assignsE e"
assigns_if True (a || b) = assigns_if True a \<inter> (assigns_if False a \<union> assigns_if True b) = {} \<inter> ({} \<union> {y}) = {} assigns_if False (a || b) = assigns_if False a \<union> assigns_if False b = {} \<union> {y} = {y}
assigns_ifE True e = assigns_if True (a || b) \<union> assigns_if True c = {} \<union> {y} = {y} assigns_ifE False e = assigns_if False (a || b) \<inter> (assigns_if True (a || b) \<union> assigns_if False c) = {y} \<inter> ({} \<union> {y}) = {y}
assignsE e = {}
*)
lemma: assumes boolEx hyp_e1 showsauto proof - obtain vv ( bvjava.lang.StringIndexOutOfBoundsException: Index 20 out of bounds for length 20 using typeof. proof (cases "the_Bool bv") have"?Boolean e \ ?Incl e" proof (induct e) case(ast have"E\e\- (PrimT Boolean)" proof from\<open>E\<turnstile>(Cast T e)\<Colon>- (PrimT Boolean)\<close> obtain Te where"E\e\-Te" "prg E\Te\? PrimT Boolean" by cases simp
java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 by - (drule q (simp_allex_lit qed ? with Cast.hyps show ?case by simp next case (Lit val) thus ?case by - you can convert the rule byif inj_term_simps isin
rmlab_same_label]:"rmlabl)l= UNIV" case (UnOp unop e) thus ?case by - (erule wt_elim_cases (imp: rmlab_def
(fastforcelemmarmlab_same_label1]: l='\ (rmlab l A) l' = UNIV" next case (BinOp java.lang.StringIndexOutOfBoundsException: Index 84 out of bounds for length 84 from BinOp.prems obtain by (auto simp add: range_inter_ts addrange_inter_ts_def where"E\e1\-e1T" and "E\e2\-e2T" and "wt_binop (prg E) binop e1T e2T" and"binop_type binop =Booleanjava.lang.StringIndexOutOfBoundsException: Index 46 out of bounds for length 46 by (elim wt_elim_cases da_monotone
BinOp show ?case by (cases':"\B t\ A'" next case (Cond c e1 e2) note hyp_c showsnrm\<subseteq> nrm A') \<and> (\<forall> l. (brk A l \<subseteq> brk A' l))" note hyp_e1 = \<open>?Boolean e1 \<Longrightarrow> ?Incl e1\<close> note hyp_e2 = \<open>?Boolean e2 \<Longrightarrow> ?Incl e2\<close> note wt is Hyp A)java.lang.StringIndexOutOfBoundsException: Index 35 out of bounds for length 35 thenobtain
boolean_c\<turnstile>c\<Colon>-PrimT Boolean" and
boolean_e1: "E\e1\-PrimT Boolean" and
boolean_e2 by (elim wt_elim_cases
?case proof (cases "constVal c") java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 case None with boolean_e1 boolean_e2 show ?thesisnote =\<>nrm A=nrm <inter> brk C l\<close> \<open>brk A = rmlab l (brk C)\<close> using hyp_e1 hyp_e2 by (auto next case (Some) show ?thesis \<open>B \<subseteq> B'\<close> proof (cases "the_Bool bv") case True with Some show ?thesis using hyp_e1 boolean_e1 by auto next case False withshow ? using boolean_e2auto qed qed next show by (rule cases qed add ) with boolEx " C \ nrm C'" and hyp_brk: "(\l. brk C l \ brk C' l)" by auto show ?thesis by blast qed
(* Trick: If you have a rule with the abstract term injections: e.g: da.Skip "B \<guillemotright>\<langle>Skip\<rangle>\<guillemotright> A" and the current goal state as an concrete injection: e.g: "B \<guillemotright>In1r Skip\<guillemotright> A" you can convert the rule by: da.Skip [simplified] if inj_term_simps is in the simpset
*)
lemma java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 bysimprmlab_def
rmlab_same_label1l'
simprmlab_def
lemma rmlab_other_label [simp]: "l\l'\ (rmlab l A) l' = A l'" by (auto simp 'nrm' A '\Rightarrow\ brk C2'"
mma [intro"<> . A \ B k \ \\A \ \\B" by( simp: range_inter_ts_def
range_inter_ts_subseteq by (auto simp add byauto
lemma:
da_c2 "java.lang.StringIndexOutOfBoundsException: Index 26 out of bounds for length 26
da': "Env\ B' \t\ A'" shows If eE C1 C2'' from da have"\ B' A'. \Env\ B' \t\ A'; B \ B'\ \<Longrightarrow> (nrm A \<subseteq> nrm A') \<and> (\<forall> l. (brk A l \<subseteq> brk A' l))" is" ?Hyp B t A") proof (induct) case Skip thenshow ?caseby cases simp next caseExpr
Exprprems Expr show ?caseby cases simp A: nrm = ' <> nrm '" " A' C1'\<Rightarrow>\<inter> brk C2'" next case (Lab Env B c C A l B' A') note A = \<open>nrm A = nrm C \<inter> brk C l\<close> \<open>brk A = rmlab l (brk C)\<close> note\<open>PROP ?Hyp Env B \<langle>c\<rangle> C\<close> moreover note\<open>B \<subseteq> B'\<close> moreover obtain C' where\<turnstile> B' \<guillemotright>\<langle>c\<rangle>\<guillemotright> C'" and A': "nrm A' = nrm C' \ brk C' l" "brk A' = rmlab l (brk C')" using Lab.prems ': nrmC2\ nrm C2'" "(\l. brk C2 l \ brk C2' l)" by cases simp ultimately have"nrm C \ nrm C'" and hyp_brk: "(\l. brk C l \ brk C' l)" by auto then have"nrm C \ brk C l \ nrm C' \ brk C' l" by auto moreover from hyp_brk have"rmlab l (brk C) l' \ rmlab l (brk C') l'" for l' by ( moreovernote A A' ultimatelyshow ?case by simp next case (Comp B c1 c2 A 'A) note A = \<open>nrm A = nrm C2\<close> \<open>brk A = brk C1 \<Rightarrow>\<inter> brk C2\<close> from\<open>Env\<turnstile> B' \<guillemotright>\<langle>c1;; c2\<rangle>\<guillemotright> A'\<close> obtain C1' C2' where da_c1: "Env\ B' \\c1\\ C1'" and
da_c2: "Env\ nrm C1' \\c2\\ C2'" and
A': "nrm A' = nrm C2'" "brk A' = brk C1' \\ brk C2'"
cases notenote'
m \<open>B \<subseteq> B'\<close> moreovernote da_c1 ultimatelyhave C1': "nrm C1 \ nrm C1'" "(\l. brk C1 l \ brk C1' l)" by auto note\<open>PROP ?Hyp Env (nrm C1) \<langle>c2\<rangle> C2\<close> with da_c2 have C2': "nrm C2 \ nrm C2'" "(\l. brk C2 l \ brk C2' l)" by auto with A A' C1' show ?case by auto next case (If Env B e E c1 C1 c2 C2 A B' A') note= from\<open>Env\<turnstile> B' \<guillemotright>\<langle>If(e) c1 Else c2\<rangle>\<guillemotright> A'\<close>showthesis obtain C1' C2' where da_c1: "Env\ B' \ assigns_if True e \\c1\\ C1'" and
da_c2:"\ ' assigns_if False e \\c2\\ C2'" and
A': "nrm A' = nrm C1' \ nrm C2'" "brk A' = brk C1' \\ brk C2'" by cases auto note\<open>PROP ?Hyp Env (B \<union> assigns_if True e) \<langle>c1\<rangle> C1\<close>'C' moreoverbycasesbv "l=l')auto moreovernote da_c1 ultimatelyqed by blast note\< with da_c2 B' obtain C2by java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 13 by blast with showcasethuscase ( da_elim_cases by auto next case (Loop Env B e E c C A l B' A') notejava.lang.NullPointerException \
java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 13
java.lang.StringIndexOutOfBoundsException: Range [22, 12) out of bounds for length 85
da_c': '=brk
A': "nrm A' = nrm C' \ (B' \ assigns_if False e)" "brk A' = brk C'"note = by cases auto note\<open>PROP ?Hyp Env (B \<union> assigns_if True e) \<langle>c\<rangle> C\<close> moreovernote\<open>PROP ?Hyp (Env\<lparr>lcl := (lcl Env)(VName vn\<mapsto>Class C)\<rparr>) moreovernote da_c' ultimatelyobtain C': "nrm C \ nrm C'" "(\l. brk C l \ brk C' l)" byblast withA'Bjava.lang.StringIndexOutOfBoundsException: Index 16 out of bounds for length 16 have"nrm A by blast moreover have"brk A l' \ brk A' l'" for l' proof (cases "constVal e") case Nonewhere':"\\c1\\ C1'" and with'C' show ?thesis by (cases "l=l'") auto next case(Some bv) with A A' C' show ?thesis by (cases "the_Bool bv", cases "l=l'") auto by cases auto ultimately ?case byauto next case (Jmp jump B A Env B' A') thus?caseby(elim da_elim_cases) (auto split jump) next case hyp_c2 \<open>PROP ?Hyp Env B \<langle>c2\<rangle> C2\<close> next case (Try Env B c1 C1 vn C c2 C2 A B' A') note A = obtainnrm <subseteq> nrm C2'" "(\<forall>l. brk C2 l \<subseteq> brk C2' l)" from\<open>Env\<turnstile> B' \<guillemotright>\<langle>Try c1 Catch(C vn) c2\<rangle>\<guillemotright> A'\<close>(drule hyp_c2)
C1' C2' where da_c1': "Env\ B' \\c1\\ C1'" and
da_c2': by auto \<guillemotright>\<langle>c2\<rangle>\<guillemotright> C2'" and
A': "nrm A' = nrm C1' \ nrm C2'" " A' = brk C1' \\ brk C2'" by cases autocaseNewC ?caseby ( da_elim_cases) auto note\<open>PROP ?Hyp Env B \<langle>c1\<rangle> C1\<close> noteB =\<open>B \<subseteq> B'\<close> moreovernote da_c1' ultimatelyobtain C1': "nrm C1 \ nrm C1'" "(\l. brk C1 l \ brk C1' l)" by blast note\<open>PROP ?Hyp (Env\<lparr>lcl := (lcl Env)(VName vn\<mapsto>Class C)\<rparr>)
(B \<union> {VName vn}) \<langle>c2\<rangle> C2\<close> with B' case Inst thus ?case by (elim da_elim_cases) auto obtain"nrm C2 \ nrm C2'" "(\l. brk C2 l \ brk C2' l)" by blast with C1' A A' show ?case by auto next case( Env B c1 c2 C2 'A) note A = \<open>nrm A = nrm C1 \<union> nrm C2\<close> \<open>brk A = (brk C1 \<Rightarrow>\<union>\<^sub>\<forall> nrm C2) \<Rightarrow>\<inter> (brk C2)\<close> from\<open>Env\<turnstile> B' \<guillemotright>\<langle>c1 Finally c2\<rangle>\<guillemotright> A'\<close> obtain C1' C2'
da_c1Env
da_c2': "Env\ B' \\c2\\ C2'" and
A' "nrm A nrmC1 \ nrm C2'" "brk A' = (brk C1' \\\<^sub>\ nrm C2') \\ (brk C2')" by cases auto note\<open>PROP ?Hyp Env B \<langle>c1\<rangle> C1\<close> moreover A': nrm A' =B \ moreovernoteda_c1 ultimatelyobtain C1': "nrm C1 assigns_if False (BinOp CondAnd e1 e2)" by blast note hyp_c2 = \<open>PROP ?Hyp Env B \<langle>c2\<rangle> C2\<close> from'B'java.lang.StringIndexOutOfBoundsException: Index 19 out of bounds for length 19 obtain"nrm C2 \ nrm C2'" "(\l. brk C2 l \ brk C2' l)" by - (drule hyp_c2,auto) with A A' C1' show ?java.lang.StringIndexOutOfBoundsException: Index 14 out of bounds for length 14 by auto next case Init thus ?casenext next case NewC thus ?caseby (elim da_elim_cases) auto next case NewA thus ?caseby (elim da_elim_casesnext next case Cast thus ?casecaseSuper ?case elim) auto next
Inst ?caseby ( da_elim_cases) auto nextjava.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 casethus ( da_elim_cases next case UnOp thus elim) java.lang.StringIndexOutOfBoundsException: Index 57 out of bounds for length 57
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7
(ondAnd Be1 e2 E2 A B'A'java.lang.StringIndexOutOfBoundsException: Index 45 out of bounds for length 45 note A = \<open>nrm A = B \<union>
True BinOp e1 e2 \<inter>
assigns_if False (BinOp CondAndassigns_if (c ? e1e2 \<open>brk A = (\<lambda>l. UNIV)\<close> from\<open>Env\<turnstile> B' \<guillemotright>\<langle>BinOp CondAnd e1 e2\<rangle>\<guillemotright> A'\<close> obtain' nrmA'= B
assigns_if True note\<open>Env\<turnstile> (c ? e1 : e2)\<Colon>- (PrimT Boolean)\<close>
False (BinOp e1 e2)java.lang.StringIndexOutOfBoundsException: Index 72 out of bounds for length 72 "brkA'=(\l. UNIV)" by cases auto note' =\<>B \ B'\ with A A' show ?case by auto next case CondOr thus ?caseby (elim (elim) (auto simp add inj_term_simps next case BinOp thus ?caseby (elim da_elim_cases B java.lang.NullPointerException next case Super thus ?caseby (elim next case AccLVar A=\<> A nrm \<inter> nrm E2\<close> \<open>brk A = (\<lambda>l. UNIV)\<close> next case Acc thus ?caseby (elim da_elim_cases) auto next case AssLVar thus ?caseby (elim da_elim_cases) auto next case Ass thus ?caseby (elim da_elim_cases) auto next case (CondBool Env c e1 e2 B C E1 E2 A B' A') note A = \<open>nrm A = B \<union>
assigns_if True (c ? e1 : e2) \<inter>
assigns_if False (c ? e1 : e2)\<close> \<open>brk A = (\<lambda>l. UNIV)\<close> note\<open>Env\<turnstile> (c ? e1 : e2)\<Colon>- (PrimT Boolean)\<close> moreover note\<open>Env\<turnstile> B' \<guillemotright>\<langle>c ? e1 : e2\<rangle>\<guillemotright> A'\<close> ultimately obtain A': "nrm A' = B' \
assigns_if True (c ? e1 : e2) \<inter>
assigns_if False (c ? e1 : e2)" "brk A' = (\l. UNIV)" by (elim da_elim_cases) (auto simp add: inj_term_simps) (* inj_term_simps needed to handle wt (defined without \<langle>\<rangle>) *) note B' = \B \ B'\ with A A' show ?case by auto next case (Cond Env c e1 e2 B C E1 E2 A B' A') note A = \<open>nrm A = nrm E1 \<inter> nrm E2\<close> \<open>brk A = (\<lambda>l. UNIV)\<close> note not_bool = \<open>\<not> Env\<turnstile> (c ? e1 : e2)\<Colon>- (PrimT Boolean)\<close>
--> --------------------
--> maximum size reached
--> --------------------
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.21Bemerkung:
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
