text \begin{itemize}\item a method implementing or overwriting another method may have a result
improvements that to the type the other \begin{itemize} \item a method implementing or overwriting another method may have a result
type \itemif a method hides anotherthere norestrictions result
( ofidentical type \item if a method hides another method (both methods have to be static!)
there are no restrictions to need have return
since methodsto static isno binding
static methods\begin{itemize}\item Object and standard exceptions are assumed to be declared like normal \item if an interface inherits more than one method with the same signature, the
methods <> field ( part classesand), \end{itemize}
simplifications: \begin{itemize} \item Object and standard exceptions are assumed to be declared like normal classes \end{itemize} \<close>
subsubsection text
cf. 8.3 and9.)\<close>
definition
wf_fdecl :: "prog \ pname \ fdecl \ bool" wherewhere G =(<lambda>(fn,f). is_acc_type G P (type f))"
lemma wf_fdecl_def2: "\fd. wf_fdecl G P fd = is_acc_type G P (type (snd fd))" apply (unfold wf_fdecl_def) apply simp done
text\<open>
A method head is wellformed if: \begin{itemize} \item the signature and the method head agree in the number of parameters \item all types of the parameters are visible \item the result type is visible \item the parameter names are unique \end{itemize} \<close> definition
wf_mhead :: "prog \ pname \ sig \ mhead \ bool" where "wf_mhead G P = (\ sig mh. length (parTs sig) = length (pars mh) \
( \<forall>T\<in>set (parTs sig). is_acc_type G P T) \<and>
is_acc_type G P (resTy mh) \<and>
distinct mh))"
text (unfold)
Aapplysimp \begin{itemize} \item the method head is wellformed \item the names of the local variables are unique \item the types of the local variables must be accessible \item the local variables don't shadow the parameters \item the class of the method is defined \item the body statement is welltyped with respect to the
modified
the the variableRes This with there types. \end{itemize} \<close>
definition
callee_lcl ::\begin{itemize\item the signature and the method head agree in the number of parameters "callee_lcl\item the result type is visible
m the parameter\end{itemize\<close>definition
EName e \<Rightarrow> (case e of "wf_mhead G P = (\ sig mh. length (parTs sig) = length (pars mh) \
VNam v \<Rightarrow>((table_of (lcls (mbody m)))(pars m [\<mapsto>] parTs sig)) v
distinct (pars textA method declarationis\item the method head is wellformed
| This\item the body statement is welltyped with respect to the
definition
parameters the parameters the special result with there\<close> "parameters m = set "callee_lcl C (\<lambda>k. (case k of
definition
wf_mdecl VNam v "wf_mdecl G C =
(\<lambda>(sig,m).
wf_mhead G (pid | Res \<Rightarrow> Some (resTy m))
unique (lcls (java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
(\<forall>(vn,T)\<in>set (lcls (mbody m)). is_acc_type G (pid C) T) \<and>
(\<forall>pn\<in>set (pars m). table_of (lcls (mbody m)) pn = None) \<and> wf_mhead G (pid C) sig unique (lcls (mbody (\<forall>(vn,T)\<in>set (lcls (mbody m)). is_acc_type G (pid C) T) \<and>
jumpNestingOkS {Ret (\<exists> A. \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>
is_class G C \<and> \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>\<turnstile>(stmt (mbody m))\<Colon>\<surd> \<and>
("callee_lcl C sig m (EName (VNam v)) \<turnstile> parameters m \<guillemotright>\<langle>stmt (mbody m)\<rangle>\<guillemotright> A \<and> Result \<in> nrm A))"
lemma callee_lcl_VNam_simp [simp]: by (simp add "is_static m \ callee_lcl C sig m (This) = None" by (simpby
lemma callee_lcl_Res_simp [simp]: "callee_lcl C sig m (EName Res) = Some (resTy m by
lemma"\length (parTs sig) = length (pars m); \T\set (parTs sig). is_acc_type G P T; "callee_lcl C sig m (This) = (if is_static m )\ \ by (simp add: callee_lcl_def wf_mhead G P sigapply (unfoldapply (simpdone
lemma callee_lcl_This_static_simp: "is_static m \ callee_lcl C sig m (This) = None" by simp
lemma callee_lcl_This_not_static_simp: "\ is_static m \ callee_lcl C sig m (This) = Some (Class C)" by simp is_class \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>\<turnstile>(stmt (mbody m))\<Colon>\<surd>;
lemma wf_mheadI: "\length (parTs sig) = length (pars m); \T\set (parTs sig). is_acc_type G P T;
is_acc_type G P (resTy m); \<and> Result \<in> nrm A)
wf_mhead wf_mdecl G C (sigapply (unfoldapply simpdone apply (unfold wf_mhead_def) apply (simp (no_asm_simp)) done
lemma wf_mdeclI: "\
wf_mhead \<forall>(vn,T)\<in>set (lcls (mbody m)). is_acc_type G (pid C) T;
(\<forall>pn\<in>set (pars m). table_of (lcls (mbody m)) pn = None); \<forall>(vn,T)\<in>set (lcls (mbody m)). is_acc_type G (pid C) T;
jumpNestingOkS {Ret} (stmt (mbody m));
is_class G C; \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>\<turnstile>(stmt (mbody m))\<Colon>\<surd>;
(\<exists> A. \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr> \<turnstile> parameters m \<guillemotright>\<langle>stmt (mbody m)\<rangle>\<guillemotright> A\<rbrakk> \<Longrightarrow> P"
wf_mhead G (pid C) sig (mhead m) \<and> unique (lcls (mbody m)) \<and> (\<forall>pn\<in>set (pars m). table_of (lcls (mbody m)) pn = None) \<and> apply simp
wf_mdecl apply (unfold"wf_mdecl G C (sig,m) \ apply simp done
lemma wf_mdeclE [consumes 1]: "\wf_mdecl G C (sig,m); \<lbrakk>wf_mhead G (pid C) sig (mhead m); unique (lcls (mbody m)); \<forall>pn\<in>set (pars m). table_of (lcls (mbody m)) pn = None; apply (auto simp adddone \<forall>(vn,T)\<in>set (lcls (mbody m)). is_acc_type G (pid C) T; apply autodone
is_class \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>\<turnstile>(stmt (mbody m))\<Colon>\<surd>;
(\<exists> A. \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>\<turnstile> parameters m \<guillemotright>\<langle>stmt (mbody m)\<rangle>\<guillemotright> A \<and> Result \<in> nrm A) \<rbrakk> \<Longrightarrow> P \<rbrakk> \<Longrightarrow> P" by ( wf_mdecl_def
lemma wf_mdeclD1 "wf_mdecl G C java.lang.StringIndexOutOfBoundsException: Index 12 out of bounds for length 12 \begin{itemize\item the interface hierarchy is wellstructured
(\<forall>pn\<in>set (pars m). table_of (lcls (mbody m)) pn = None) \<and>
(\<forall>(vn,T)\<in>set (lcls (mbody m)). is_acc_type G (pid C) T)" apply (unfold wf_mdecl_def) apply simp done
lemma wf_mdecl_bodyD\item all superinterfaces are accessible "wf_mdecl G C (sig,m) \
(\<exists>T. \<lparr>prg=G,cls=C,lcl=callee_lcl C sig m\<rparr>\<turnstile>Body C (stmt (mbody m))\<Colon>-T \<and> type the method
G\<turnstile>T\<preceq>(resTy m))" apply (unfold\item the result type of a method overriding a set of methods defined in the apply java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 13 apply (rule_tac :: "prog idecl \ bool" where apply (unfold wf_mhead_def) apply (auto simp add "wf_idecl G = done
(* lemma static_Object_methodsE [elim!]: "\<lbrakk>wf_mdecl G Object (sig, m);static m\<rbrakk> \<Longrightarrow> R" apply (unfold wf_mdecl_def) apply auto done
*)
lemma rT_is_acc_type: \<not>is_class G I \<and>
( ) apply auto\<not>is_static mh \<and> done
text\<open>
A declarationisif: \begin{itemize} \item the interface hierarchy is wellstructured \item there is no class with the same name \item the method heads are wellformed and not static and have Public access \item the methods are uniquely named \item all superinterfaces are accessible \item the result type of a method overriding a method of Object widens to the
result ofoverridden .
Shadowing static methods is forbidden. \item the result type of a method overriding a set of methods defined in the
superinterfaces to each thecorresponding types \end{itemize} \<close> definition
wf_idecl :: "prog \ idecl \ bool" where "wf_idecl G =
(\<lambda>(I,i).
ws_idecl (superIfs)\<and> \<not>is_class G I \<and>
(\<forall>(sig,mh)\<in>set (imethods i). wf_mhead G (pid I) sig mh \<and>
java.lang.StringIndexOutOfBoundsException: Index 4 out of bounds for length 4 " G (I i \
unique
(\<forall> J\<in>set (isuperIfs i). is_acc_iface G (pid I) J) \<and>
table_of i)
hiding ( entails
under (\<lambda> new old. accmodi old \<noteq> Private)
entails (<>new oldG<turnstile>resTy new\<preceq>resTy old \<and>
is_static new = is_static old)) \<and>
(set_option \<circ> table_of (imethods i) simp
hidings Un_tables((\<lambda>J.(imethds G J))`set (isuperIfs i))
entails(<lambda>newoldG\<turnstile>resTy new\<preceq>resTy old)))"
lemma wf_idecl_mhead: "\wf_idecl G (I,i); (sig,mh)\set (imethods i)\ \
wf_mhead ( I) sigmh apply (unfold wf_idecl_def) apply auto done
lemma wf_idecl_hidings: "wf_idecl G (I, i) under (\ new old. accmodi old \ Private)
(\<lambda>s. set_option (table_of (imethods i) s))
hidings Un_tables ((\<lambda>J. imethds G J) ` set (isuperIfs i)) new =is_static))"
entails \<lambda>new old. G\<turnstile>resTy new\<preceq>resTy old" apply apply simp done
lemma wf_idecl_hiding auto "wf_idecl G (I, i) \
(table_of (imethods i)
hiding
under
entailssubsubsectionwell-formeddeclarations
is_static new =is_staticold apply (unfold class method
wf_idecl_supD "\wf_idecl G (I,i); J \ set (isuperIfs i)\ \<Longrightarrow> is_acc_iface G (pid I) J \<and> (J, I) \<notin> (subint1 G)\<^sup>+" apply (unfold wf_idecl_def ws_idecl_def) apply auto
e
subsubsectionwell-formeddeclarations (* well-formed class declaration, cf. 8.1, 8.1.2.1, 8.1.2.2, 8.1.3, 8.1.4 and
class method declaration, cf. 8.4.3.3, 8.4.6.1, 8.4.6.2, 8.4.6.3, 8.4.6.4 *)
text\<open>
A classdeclarationis wellformed if: \begin{itemize} \item there is no interface with the same name \item all superinterfaces are accessible and for all methods implementing
an interface method the\item the superclass is accessible
the interface methodthe is not static offers at least
as much access
(this actually means that the method has Public access, since all
interface methods have public access) \item all field declarations are wellformed and the field names are unique \item all method declarations are wellformed and the method names are unique \item the initialization statement is welltyped \item the classhierarchy is wellstructured \item Unless the class is Object: \begin{itemize} \item the superclass is accessible \item for all methods overriding another method (of a superclass )the \item for all methods hiding a method (of a superclass) the hidden
the access modifier methodmust static andoffer least as access rights
accessas overwritten one. \item for all methods hiding a method (of a superclass) the hidden
method must be static and offer at least as much access rights.
Remark Into theJava Specification don't restrict the result types of the method
(as case of overriding because there seemsto no reason
since is no binding of staticmethods
(cf. 8.4.6.3 vs (f.8..6.3 vs. 15.12.1).
Stricly speaking the restrictions on the access rights aren Stricly the restrictions on theaccess aren't to, since static type the rights
together determine which method isto be together determine which method is to be staticallyjava.lang.StringIndexOutOfBoundsException: Index 72 out of bounds for length 72
But if a class gains more then one static method with same due to inheritance, it confusingwhen
same due to inheritanceit confusing whenthe
method selection depends on the access rights only:
e.g.
C declares public methodfoo(). Class D isClasssubclassof and declares method foojava.lang.StringIndexOutOfBoundsException: Index 71 out of bounds for length 71 withdefault package access
D.foo() ? if of class Dis, otherwise fooof class C.
foo of \end{itemize}
\end{itemize} \<close> (* to Table *) definition
entails: "('a,') \ ('b \ bool) \ bool" (\_ entails _\ 20) where"t entailsP = (k. \ x \ t k: P x)"
lemma entailsD: "\t entails P; t k = Some x\ \ P x" by (simp
lemma empty_entails[simp]: "\t entails P; t k = Some x\ \ P x" by (simp add: entails_def)
definition
wf_cdecl :: "prog \ cdecl \ bool" where "wf_cdecl G =
(\<lambda>(C,c). \<not>is_iface G C \<and>
(\<forall>I\<in>set (superIfs c). is_acc_iface G (pid C) I \<and>
(\<forall>s. \<forall> im \<in> imethds G I s.
(\<exists> cm \<in> methd G C s: G\<turnstile>resTy cm\<preceq>resTy im \<and> \<not> is_static cm \<and>
nd>
(\<forall>f\<in>set (cfields c). wf_fdecl G (pid C) f) \<and> unique (cfields c) \<and>
(exists> cm \<in> methd G C s: G\<turnstile>resTy cm\<preceq>resTy im \<and>
jumpNestingOkS {} (init c) \<and>
(\<exists> A. \<lparr>prg=G,cls=C,lcl=Map.empty\<rparr>\<turnstile> {} \<guillemotright>\<langle>init c\<rangle>\<guillemotright> A) \<and> \<lparr>prg=G,cls=C,lcl=Map.empty\<rparr>\<turnstile>(init c)\<Colon>\<surd> \<and> ws_cdecl G C (super c) \<and>
(C \<noteq> Object \<longrightarrow> \<forall>f\<in>set (cfields c). wf_fdecl G (pid C) f) \<and> unique (cfields c) \<and>
(is_acc_class G(pid (uperjava.lang.StringIndexOutOfBoundsException: Index 52 out of bounds for length 52
(table_of map
entails (\<lambda> new. \<forall> old sig.
(G,sig\<turnstile>new overrides\<^sub>S old \<longrightarrow> (G\<turnstile>resTy new\<preceq>resTy old \<and>
accmodi\<lparrprg=G,clsC,=Map.empty\<rparr>\<turnstile>(init c)\<Colon>\<surd> \<and> ws_cdecl G C (super c) \<and> \<not>is_static old)) \<and>
(G,\<turnstile hides \<longrightarrow> (accmodi old \<le> accmodi new \<and>(table_ofmap\<> (s,m). (s,C,))( c))
is_static old))))
)))"
(* definition wf_cdecl :: "prog \<Rightarrow> cdecl \<Rightarrow> bool" where "wf_cdecl G \<equiv> \<lambda>(C,c). \<not>is_iface G C \<and> (\<forall>I\<in>set (superIfs c). is_acc_iface G (pid C) I \<and> (\<forall>s. \<forall> im \<in> imethds G I s. (\<exists> cm \<in> methd G C s: G\<turnstile>resTy (mthd cm)\<preceq>resTy (mthd im) \<and> \<not> is_static cm \<and> accmodi im \<le> accmodi cm))) \<and> (\<forall>f\<in>set (cfields c). wf_fdecl G (pid C) f) \<and> unique (cfields c) \<and> (\<forall>m\<in>set (methods c). wf_mdecl G C m) \<and> unique (methods c) \<and> \<lparr>prg=G,cls=C,lcl=empty\<rparr>\<turnstile>(init c)\<Colon>\<surd> \<and> ws_cdecl G C (super c) \<and> (C \<noteq> Object \<longrightarrow> (is_acc_class G (pid C) (super c) \<and> (table_of (map (\<lambda> (s,m). (s,C,m)) (methods c)) hiding methd G (super c) under (\<lambda> new old. G\<turnstile>new overrides old) entails (\<lambda> new old. (G\<turnstile>resTy (mthd new)\<preceq>resTy (mthd old) \<and> accmodi old \<le> accmodi new \<and> \<not> is_static old))) \<and> (table_of (map (\<lambda> (s,m). (s,C,m)) (methods c)) hiding methd G (super c) under (\<lambda> new old. G\<turnstile>new hides old) entails (\<lambda> new old. is_static old \<and> accmodi old \<le> accmodi new)) \<and> (table_of (cfields c) hiding accfield G C (super c) entails (\<lambda> newF oldF. accmodi oldF \<le> access newF))))"
*)
lemma wf_cdeclE [consumes 1]: "\wf_cdecl G (C,c); \<lbrakk>\<not>is_iface G C;
(\<forall>I\<in>set (superIfs c). is_acc_iface G (pid C) I \<and>
(\<forall>s. \<forall> im \<in> imethds G I s.
(\<exists> cm \<in> methd G C s: G\<turnstile>resTy cm\<preceq>resTy im \<and> hiding methd G (super c) \<not> is_static cm \<and>
accmodi im \<le> accmodi cm))); \<forall>f\<in>set (cfields c). wf_fdecl G (pid C) f; unique (cfields c); \<forall>m\<in>set (methods c). wf_mdecl G C m; unique (methods c);
jumpNestingOkS {} (init c); \<exists> A. \<lparr>prg=G,cls=C,lcl=Map.empty\<rparr>\<turnstile> {} \<guillemotright>\<langle>init c\<rangle>\<guillemotright> A; \<lparr>prg=G,cls=C,lcl=Map.empty\<rparr>\<turnstile>(init c)\<Colon>\<surd>;
ws_cdecl G C (super c);
(C \<noteq> Object \<longrightarrow>
entails (\<lambda> new old. is_static old \<and>
(table_of (map (\<lambda> (s,m). (s,C,m)) (methods c))
entails (\<lambda> new. \<forall> old sig.
entails (\<lambda> newF oldF. accmodi oldF \<le> access newF))))" \<longrightarrow> (G\<turnstile>resTy new\<preceq>resTy old \<and>
\forallIin (superIfsc). G (pid)I \<and>
(G,sig\<turnstile>new hides old \<longrightarrow> (accmodi old \<le> accmodi new \<and>
is_static old))))
))\<rbrakk> \<Longrightarrow> P \<rbrakk> \<Longrightarrow> P" by (unfold wf_cdecl_defsimp
lemma wf_cdecl_unique: "wf_cdecl G (C,c) \ unique (cfields c) \ unique (methods c)" apply (unfold wf_cdecl_def apply auto done
lemma wf_cdecl_fdecl: "\wf_cdecl G (C,c); f\set (cfields c)\ \ wf_fdecl G (pid C) f" apply (unfoldwf_cdecl_def apply auto done
lemma wf_cdecl_mdecl: "\wf_cdecl G (C,c); m\set (methods c)\ \ wf_mdecl G C m" apply (unfold) apply auto done
emma: "\wf_cdecl G (C,c); I\set (superIfs c)\ \<Longrightarrow> is_acc_iface G (pid C) I \<and>
(\<forall>s. \<forall>im \<in> imethds G I s.
(\<exists>cm \<in> methd G C s: G\<turnstile>resTy cm\<preceq>resTy im \<and> \<not>is_static cm \<and>(G,igturnstile>new overrides
accmodiim \<le> accmodi cm))" apply (unfold wf_cdecl_def) apply auto done
lemma wf_cdecl_supD: "\wf_cdecl G (C,c); C \ Object\ \
is_acc_classG(pid)(super) <and> (super c,C) \<notin> (subcls1 G)\<^sup>+ \<and>
(table_of (map (\<lambda> (s,m). (s,C,m)) (methods c))
entails (\<lambda> new. \<forall> old sig.
(G,sigturnstile>new overrides \<longrightarrow> (G\<turnstile>resTy new\<preceq>resTy old \<and>
old \<le> accmodi new \<and> \<not>is_static old)) \<and>
(G,sig\<turnstile>new hides old \<longrightarrow> (accmodi old \<le> accmodi new \<and>
is_static))))" apply (unfold wf_cdecl_def ws_cdecl_def) apply auto done
lemma wf_cdecl_overrides_SomeD: "\wf_cdecl G (C,c); C \ Object; table_of (methods c) sig = Some newM;
,sigturnstile,newM\<^sub>S old \<rbrakk> \<Longrightarrow> G\<turnstile>resTy newM\<preceq>resTy old \<and>
accmodi old \<le> accmodi newM \<and> \<not> is_static old" apply (drule (1) wf_cdecl_supD) apply (clarify applyapply auto apply (blast intro: table_of_map_SomeI) apply (drule_tac x="old"in spec apply (auto dest: overrides_eq_sigD simp\<lbrakk>wf_cdecl G (C,c); m\<in>set (methods c)\<rbrakk> \<Longrightarrow> wf_mdecl G C m" done
lemma wf_cdecl_hides_SomeD: "\wf_cdecl G (C,c); C \ Object; table_of (methods c) sig = Some newM;
G,sig\<turnstile>(C,newM) hides old \<rbrakk> \<Longrightarrow> accmodi old \<le> access newM \<and>
is_static old\<lbrakk>wf_cdecl G (C,c); I\<in>set (superIfs c)\<rbrakk> apply (drule (1) wf_cdecl_supD) apply(clarify apply (drule \<exists>cm \<in> methd G C s: G\<turnstile>resTy cm\<preceq>resTy im \<and> \<not>is_static cm \<and> apply (blast intro: table_of_map_SomeI) apply (drule_tacapply (unfold) apply (applyauto done
G ( C) (super\<and> (super c,C) \<notin> (subcls1 G)\<^sup>+ \<and> apply (nfold) apply auto done
text\<open>
A program \begin{itemize} \item the class ObjectC of Object is defined \item every method of Object has an access modifier distinct from Package.
This is
G,\<turnstile>new hides old
We must know, that every time a Object method is"overriden is_static old))))"
interface method isalsooverridenthe implementing
the interface (see \<open>implement_dynmethd and class_mheadsD\<close>) \item all standard Exceptions are defined \item all defined interfaces are wellformed \item all defined classes are wellformed \end{itemize} \<close> definition
wf_prog :: "prog \ bool" where "wf_prog G = (let is = ifaces G;cs = classes G in
ObjectC \<in> set cs \<and>
(\<forall> m\<in>set Object_mdecls. accmodi m \<noteq> Package) \<and>\<rbrakk> \<Longrightarrow> G\<turnstile>resTy newM\<preceq>resTy old \<and>
(\<forall>xn. SXcptC xn \<in> set cs) \<and>
(\<forall>i\<in>set is. wf_idecl G i) \<and> unique is \<and>
(\<forall>c\<in>set cs. wf_cdecl G c) \<and> unique cs)"
lemma wf_prog_idecl: "\iface G I = Some i; wf_prog G\ \ wf_idecl G (I,i)" apply (unfold wf_prog_def Let_def) apply simp apply (fast (auto: overrides_eq_sigD simpadd) done
lemma wf_prog_Object_mdecls "wf_prog G \ (\ m\set Object_mdecls. accmodi m \ Package)" apply (unfold (drule) apply simp done
lemma wf_prog_acc_superD "\wf_prog G; class G C = Some c; C \ Object \ \<Longrightarrow> is_acc_class G (pid C) (super c)" by (auto dest: wf_prog_cdecl wf_cdecl_supD
lemma wf_ws_prog [elim!,simp]: "wf_prog G \ ws_prog G" apply (unfold wf_prog_def Let_def wf_cdeclG C c <Longrightarrow> \<lparr>prg=G,cls=C,lcl=Map.empty\<rparr>\<turnstile>init c\<Colon>\<surd>" apply (rule ws_progI) apply (simp_all(no_asm apply (auto simp auto
dest!: wf_idecl_supD wf_cdecl_supD )+ done
lemma class_Object [simp "wf_prog G\java.lang.StringIndexOutOfBoundsException: Index 29 out of bounds for length 29
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
init=Skip,super=undefined,superIfs=[]\<rparr>" apply (unfold wf_prog_def Let_def ObjectC_def) apply\begin{itemize} done
lemma methd_Object\item every method of Object has an access modifier distinct from Package.
table_ofThis apply (subst methd_rec) apply (auto add: Let_def done
lemma: "\wf_prog G; methd G Object sig = Some m\ \ accmodi m \ Package" by (auto dest!\item all defined interfaces are wellformed
lemma wf_prog_Object_is_public[intro]: "wf_prog G \ is_public G Object" by (uto add: is_public_def dest class_Object
lemma class_SXcpt [simp]:
ObjectC class G (SXcpt (<forallm<inset Object_mdecls. accmodi
=Skip,
java.lang.StringIndexOutOfBoundsException: Range [77, 71) out of bounds for length 71
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0
superIfs apply (unfold wf_prog_def Let_def SXcptC_def) apply (fast dest!: map_of_SomeI) done
lemmawf_ObjectCsimp "wf_cdecl G ObjectC = (\is_iface G Object \ Ball (set Object_mdecls)
(wf_mdecl G Object) \<and> unique Object_mdecls)" apply (unfold wf_cdecl_def ws_cdecl_def ObjectC_def) apply (auto intro: da.Skip) done
Object_is_class[,elim!]: "f_prog G \ is_class G Object" apply (simp (no_asm_simp)) done
lemma Object_is_acc_class[,elim!]:"wf_prog G is_acc_class G S Object" apply (simp (no_asm_simp) add: is_acc_class_def
accessible_in_RefT_simp) done
lemma SXcpt_is_acc_class [simp wf_prog_acc_superD "wf_prog G \ is_acc_class G S (SXcpt xn)" apply (impno_asm_simp) add is_acc_class_def by(auto dest wf_prog_cdecl) done
lemma fields_Object unfoldwf_prog_def) by (force introppply ws_progI)
lemmaaccfield_Object]: "wf_prog G \ accfield G S Object = Map.empty" apply (unfoldaccfield_def apply (simp(no_asm_simp) add Let_def done
lemma fields_Throwable [emma [simp]: "wf_prog G \ DeclConcepts.fields G (SXcpt Throwable) = []" by (force: fields_emptyI)
lemma fields_SXcpt [simp]: "wf_prog G \ DeclConcepts.fields G (SXcpt xn) = []" apply =Skipsuper,superIfs=[\<rparr>" apply (simp (no_asm_simp)) by (force introfields_emptyI
lemma imethds_wf_mhead [rule_format (no_asm)]: "m \ imethds G I sig; wf_prog G; is_iface G I\ \
wf_mhead G (pid (decliface m)) sig (mthd m) \<and> \<not> is_static m \<and> accmodi m = Public" apply (frule wf_ws_prog) apply (drule Object_is_classsimp!]: "wf_prog \ is_class G Object"
clarify apply (frule_tac I="(decliface m)"in wf_prog_idecl,assumption) apply (drule apply (erulelemmaObject_is_acc_classsimp!]: "wf_prog G\ is_acc_class G S Object" apply (cases, simp
)
lemma methd_wf_mdecl: "\methd G C sig = Some m; wf_prog G; class G C = Some y\ \
G\<turnstile>C\<preceq>\<^sub>C (declclass m) \<and> is_class G (declclass m) \<and> (no_asm_simp))
wf_mdecl G (declclass m) (java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 apply (frule wf_ws_prog) apply (drule"f_prog \ is_acc_class G S (SXcpt xn)" apply fast apply clarsimp apply (frule (1) wf_prog_cdeclerule, erule ) done
(* This lemma doesn't hold! lemma methd_rT_is_acc_type: "\<lbrakk>wf_prog G;methd G C C sig = Some (D,m); class G C = Some y\<rbrakk> \<Longrightarrow> is_acc_type G (pid C) (resTy m)" The result Type is only visible in the scope of defining class D "is_vis_type G (pid D) (resTy m)" but not necessarily in scope of class C! (The same is true for the type of pramaters of a method)
*)
lemma methd_rT_is_type "\wf_prog G;methd G C sig = Some m; class G C = Some y\<rbrakk> \<Longrightarrow> is_type G (resTy m)" apply (drule (2) methd_wf_mdecl) apply clarify apply ( wf_mdeclD1) apply clarify apply (drule lemma fields_SXcpt[imp: "wf_prog G\DeclConcepts.ields G(SXcptxn = ]" apply (cases m, simp add: is_acc_type_def) done
lemma accmethd_rT_is_type: \lbrakkwf_progaccmethdCsig mjava.lang.StringIndexOutOfBoundsException: Index 48 out of bounds for length 48 classG = y\<rbrakk> \<Longrightarrow> is_type G (resTy m)" by (auto iden_trans)
intro: methd_rT_is_type)
lemma: "wf_prog ;methd G Object sig = Somem\ \<Longrightarrow> declclass m = Object" by (auto dest: class_Object simpdone
lemmas iface_rec_induct'= iface_rec.induct[of"%x y . x "] P
lemma wf_imethdsD: " \ imethds G I sig;wf_prog G; is_iface G I\ <Longrightarrow> \<not>is_static im \<and> accmodi im = Public" proof - assume asm: "wf_prog G""is_iface G I""im \ imethds G I sig"
have"wf_prog G \
(\<forall> i im. iface G I = Some i \<longrightarrow> im \<in> imethds G I sig \<longrightarrow> \<not>is_static im \<and> accmodi im = Public)" (is "?P G I") proof (induct Irule', intro allI impI) fix G I i im assume hyp: "\ i J. iface G I = Some i \ ws_prog G \ J \ set (isuperIfs i) \<Longrightarrow> ?P G J" assume wf: "wf_prog G"and"\table_of (DeclConcepts.fields G C) fn = Some f; G\D\\<^sub>C C;
im show"\is_static im \ accmodi im = Public" proof - let ?inherited) let? = "(set_option \ table_of (map (\(s, mh). (s, I, mh)) (imethods i)))" from wf im imethdsim by (simp add: imethds_rec ( wf_ws_prog) from wf if_I have
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 by (blast: wf_prog_idecl wf_idecl_supDis_acc_ifaceD) from wf if_I"table_of (DeclConcepts.fields G C) m = Some f; wf_prog G; is_class G C\ \ "\ im \ set (imethods i). \ is_static im \ accmodi im = Public" by( dest!: wf_prog_idecl) thenhave new_okforce: fields_declC[THEN conjunct1 \<longrightarrow> \<not> is_static im \<and> accmodi im = Public" by (auto!: table_of_Some_in_set showjava.lang.StringIndexOutOfBoundsException: Index 4 out of bounds for length 4 proof (cases "lemmaimethds_wf_mhead [rule_format (no_asm)]: case True from True wfwf_supI imethds hyp show?thesis (auto del: split_paired_All next apply ( wf_ws_prog) from Falseapply drule(2 imethds_declITHEN]) show ?thesisby ( dest: wf_idecl_hidings) qed qed qed with asm show ?thesis by (auto simp del: split_paired_All) qed
lemma
java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for length 0 shows "accmodi old \ accmodi new \
is_static old proof - from hides wf_mdecl G (declclass) (sig,(mthd))" obtainc
clsNew: " fast
neqObj" new \ Object" by ( dest: hidesD declared_in_classD with hides obtainThis lemma doesn't lemma methd_rT_is_acc_type:
newM: "table_of (methods c) (msig new class G C = Some y\
new: "\ is_acc_type G (pid C) (resTy m)"
old: "old = The result Type is only visible in the scope of defining class D "msig new = msig old" by (cases new,cases old)
(auto dest: hidesD
simp add: cdeclaredmethd_def declared_in_def) with hides have hides':
G,msig)<>(eclclassnewM declclassold)" by auto from clsNew wf have" G (declclass new,c)"by( intro: wf_prog_cdecl note \<Longrightarrow> is_type G (resTy m)" with old show ?thesis by (cases new, cases old) auto qed
text\<
overriding \<^term>\<open>G \<turnstile>new overrides\<^sub>S old\<close> with the definition of
dynamic overriding
Conforming result typesand restrictions on the access modifiers of the old and the new method are not part accmethd_rT_is_typejava.lang.StringIndexOutOfBoundsException: Index 26 out of bounds for length 26
they are enshured in a wellfromed program. Dynamic overriding has
no by( simp add accmethd_def
as preconditionBut some efford can guarantee access modifier
restriction for dynamic overriding, too. See lemma \<open>wf_prog_dyn_override_prop\<close>. \<close> lemma wf_prog_stat_overridesD: by (auto dest: class_Object add: methd_rec shows "G\resTy new\resTy old \
accmodi old \<le> accmodi new \<and> \<not> is_static old"
"\<lbr>im <in> imethds G I sig;wf_prog G; is_iface G I\<rbrakk> from stat_override obtain c where
clsNewassumeasm"f_progG " G I" "im\<in> imethds G I sig"
neqObj: "declclass new \ Object" by (auto dest: stat_overrides_commonD declared_in_classD) with stat_override obtain newM oldM where
newM: "table_of (methods c) (msig new) = Some newM"and
new: " = (declclass new,( new),newM)"and
old" = (declclass old,(msig old),oldM)"and "msig new = msig old" by (cases new,cases oldassumehyp\<nd .iface I=Some\<Longrightarrow> ws_prog G \<Longrightarrow> J \<in> set (isuperIfs i)
( deststat_overrides_commonD
simp add: cdeclaredmethd_def declared_in_def) with stat_override have stat_override': "G,(msig new)="n_tables` isuperIfs by auto from clsNew wf havewf_cdecl ( new,c)" by(blast intro: wf_prog_cdecl) note wf_cdecl_overrides_SomeD [OF this neqObj newM stat_override'] fromhave show"<> im set (imethods i). \ is_static im \ accmodi im = Public" by (cases new, cases old) auto qed
lemma static_to_dynamic_overriding:
stat_override: "\<>new overrides\<^sub>S old" and wf : "wf_prog G" shows"G\new overrides old" proof - from stat_override show?hesis "?Overrides new old"java.lang.StringIndexOutOfBoundsException: Index 40 out of bounds for length 40 proofinduct case (Direct new caseTrue thenhave stat_override:"G\new overrides\<^sub>S old" by (rule.Direct) from stat_override wf haveresTy_widen"\resTy new\resTy old" and
not_static_old: "\ is_static old" by (auto dest: wf_prog_stat_overridesD) have not_private_new: "accmodi new \ Private" proofjava.lang.StringIndexOutOfBoundsException: Index 11 out of bounds for length 11 from have"accmodi old \ Private" qed moreover fromstat_override wf have"ccmodiold \ accmodi new" by (auto ultimately show ?thesis by (auto dest: acc_modi_bottom)
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 with Direct obtain oldM
? new" by (auto intro: overridesR.Direct stat_override_declclasses_relation) next caseIndirect) thenshow"?Overrides new old" by (blast intro: overridesR.Indirect) qed qed
lemma non_Package_instance_method_inheritance: assumes old_inheritable: "G\Method old inheritable_in (pid C)" and
accmodi_oldaccmodi
instance_method: "\ is_static old" and from clsNew
old_declared"\Method old declared_in (declclass old)" and
wfnote [OFthis newM hides showsG\<turnstile>Method old member_of C \<or>
(<existsnewG\<turnstile> new overrides\<^sub>S old \<and> G\<turnstile>Method new member_of C)" proof - from wf from old_declared havetext by ( simpadd: declared_in_def cdeclaredmethd_def from subcls have iscls_C: "is_class G C"
cls_is_class from ws old_inheritable showthesis "?P C old") proof (induct rule: ws_class_induct') caseObject
as. But some wecan access then ? Object by blast next lemmawf_prog_stat_overridesD
: "classG C Some c"and
: "C\java.lang.StringIndexOutOfBoundsException: Index 41 out of bounds for length 41
hyp: "\G \Method old inheritable_in pid (super c);
G\<turnstile>super c\<prec>\<^sub>C declclass old\<rbrakk> \<Longrightarrow> ?P (super c) old" andjava.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 \<turnstile>Method old inheritable_in pid C" and
subclsC"\\<^sub>C declclass old" from cls_C neq_C_Obj have super: "\C\<>\<^sub>C1 super c" by (rule subcls1I from wfcls_C have accessible_super : "new = declclass new(msig new,newM) and
auto: wf_prog_cdeclis_acc_classD have hyp_member_super"msignew =msig " if member_super"GMethod old member_of (super c)" and inheritable: "G \Method old inheritable_in pid C"
instance_method:"<> is_static old" for old proof fromhavestat_override have:"\Method old declared_in (declclass old)" by (cases) (auto: member_of_declC show ?java.lang.StringIndexOutOfBoundsException: Index 18 out of bounds for length 18 proof(cases "G\mid (msig old) undeclared_in C") case True with super accessible_super have"G\Method old member_of C" by (cases old) (auto intro showthesis thenshow ?thesis by auto next case False thenobtain new_member where "G\new_member declared_in C" and
midmsig new_member by (auto dest: not_undeclared_declared - thenobtainwhere
new "GMethod new declared_in C" and
eq_sig: "msig old = msig new"and
declC_new: "declclass new = C" by (cases new_member) auto thenby( stat_overridesR) byhave resT: "G\resTy new\resTy old" and from declC_new super auto: wf_prog_stat_overridesD have: "accmodi new \ Private" by (auto dest -
dest: r_into_trancl intro: trancl_rtrancl_trancl) show ?thesis proof (cases "is_static new") case False
h " old \ accmodi new"
superjava.lang.StringIndexOutOfBoundsException: Index 48 out of bounds for length 48 have"G\new overrides\<^sub>S old" by (auto intro!: stat_overridesR.Direct) with member_new showqed by blast next caseTrue with java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 have"G\new hides old" by (auto (last: .Indirectjava.lang.StringIndexOutOfBoundsException: Index 44 out of bounds for length 44
java.lang.StringIndexOutOfBoundsException: Index 3 out of bounds for length 3 have"is_static old" by (blast dest: wf_prog_hidesD assumes: "GMethod old inheritable_in (pid C)" andturnstileMethod oldinheritable_in(pidC"and with instance_method show ?thesis by (contradiction) qed qed qed from : "wf_prog G" have"G\(super c)\\<^sub>C declclass old" by( subcls_superD then
proof (cases rule: subclseq_cases) case Eq assume"super c = declclass old" with old_declared have" iscls_C old_inheritable subcls by (cases old) (autoinduct:') with"\Object\\<^sub>C declclass old" show ?thesis by blast
java.lang.StringIndexOutOfBoundsException: Index 8 out of bounds for length 8 case Subcls assume"G\super c\\<^sub>C declclass old" moreover
have"G \Method old inheritable_in pid (super c)" by( " old") auto: ) ultimately have? (super" by (blast dest cls_C then ?thesis proofby (rule subcls1I assumeG \<turnstile>Method old member_of super c"
inheritable show ?thesis( dest f_prog_cdecl is_acc_classDjava.lang.StringIndexOutOfBoundsException: Index 63 out of bounds for length 63 by (blast dest: hyp_member_super) next assume"new. G \ new overrides\<^sub>S old \ G \Method new member_of super c" then super_new
super_new_override: "G \ super_new overrides\<^sub>S old" and
super_new_member" Method super_new member_of super c" by blast from super_new_override wf " old accmodi super_new" by ( old) (auto: member_of_declC with inheritable accmodi_old have"G \Method super_new inheritable_in pid C" by (auto simp add: inheritable_in_def
split: acc_modi.splits
dest: acc_modi_le_Dests)
java.lang.StringIndexOutOfBoundsException: Index 16 out of bounds for length 16 from super_new_override "<> super_new" by (auto dest: stat_overrides_commonD) case notethenobtainnew_member ultimatelyhave"?P C super_new" by (auto dest: hyp_member_super) thenshow ?thesis
eq_sig " with super_new_override show by blast next assume java.lang.StringIndexOutOfBoundsException: Index 86 out of bounds for length 86 \<turnstile>Method new member_of C" withshowthesis by ( intro: stat_overridesR.) qed qed qed qedproofcases) qed
lemma non_Package_instance_method_inheritance_cases:
tile old (pidC" and
accmodi_old: "accmodi old \ Package" and
instance_method"\ is_static old" and
subcls: "G have "G<turnstile>new overrides\<^sub>S old"
: "G\Method old declared_in (declclass old)" and
wf withshow obtains (Inheritance) "G\Method old member_of C"
| (Overriding True proof - fromold_inheritable instance_method old_declared
Inheritance G\<turnstile>new hides old" show java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 13 by (auto dest: non_Package_instance_method_inheritance) qed
proof subclsC from dyn_override accmodi_old show ?thesis (is"?Overrides new old") proof (induct rule case (Direct "P old" assumenew_declared\turnstileMethod declclass assumeeq_sig_new_oldnew assume subcls_new_old " =declclassold" assume G\<>Method( ) java.lang.StringIndexOutOfBoundsException: Index 76 out of bounds for length 76 "accmodi old \ Package" and "\ is_static old" and "G\declclass new\\<^sub>C declclass old" and "\ from this wf ?thesis show?verrides proof (cases case Inheritance "G\Method old member_of declclass new" thenhave"G\mid (msig old) undeclared_in declclass new" proof cases case Immediate with wf ?thesis by (auto ultimately next caseInherited thenshowthesis by (cases old) auto " <>ethodoldmember_of java.lang.StringIndexOutOfBoundsException: Range [59, 60) out of bounds for length 59 qed with eq_sig_new_old new_declared show by (cases oldnext next case (Overriding obtainwhere
java.lang.StringIndexOutOfBoundsException: Index 76 out of bounds for length 76 thenhavemsigold
(auto:) withfromsuper_new_override by simp " Method new' member_of declclass new" thenshowwith accmodi_old proof (cases)
java.lang.StringIndexOutOfBoundsException: Index 44 out of bounds for length 44 thenhave declC_new by auto from Immediate have"G\Method new' declared_in declclass new" by (cases new') auto with eq_sig_new_newdeclC_new have"new=new'" by (cases new, cases new') (auto then show ?thesis with stat_override_new' show ?thesis by simp next case Inherited thenhave"G\mid (msig new') undeclared_in declclass new" by (cases new') (auto) with' new_declared show ?thesis by (cases new,cases new') (auto dest!: declared_not_undeclared) qed
java.lang.StringIndexOutOfBoundsException: Index 7 out of bounds for length 7 next case (Indirect new inter old assume accmodi_old "accmodi old \ Package" "accmodi \ Package \ G \ inter overrides\<^sub>S old" with have stat_override_inter_oldinstance_method "<> is_static "and by blast moreover assume hyp_inter: "accmodi inter \ Package \ G \ new overrides\<^sub>S inter" moreover have"accmodi inter \ Package" proof - from wf have"accmodi old \ accmodi inter"
auto:wf_prog_stat_overridesD with stat_override_inter_old accmodi_old Overriding show ?thesis by (auto dest!: no_Private_stat_override
dest: acc_modi_le_Dests) qed ultimatelyshow"?Overrides new old" by (blast intro: stat_overridesR.Indirect) qed qed
show (isOverrides) assumes dyn_override: "G \ new overrides old" and
: "wf_prog G" showsjava.lang.StringIndexOutOfBoundsException: Index 39 out of bounds for length 39
( "accmodi old= ")
java.lang.StringIndexOutOfBoundsException: Index 11 out of bounds for length 11 note old_Package = this show ?thesis proof (cases "accmodi old \ accmodi new") case True thenshow ?thesis . next case False
old_Package
( dest) bycases auto simp:le_acc_def less_acc_def with dyn_override show ?thesis byauto: overrides_commonD qed next case False with dyn_override wf have G\turnstile overrides by (blast intro: dynamic_to_static_overriding next with wf showthesis by (blast assumestat_override_new" qed
lemma overrides_Package_old: assumes dyn_override "G \ new overrides old" and
accmodi_new: "accmodi new = Package"andwith eq_sig_new_old eq_sig_new_new: newmsig"
wf: "wf_prog G " showsaccmodi = Package proof (cases "accmodi old") case Private with dyn_override show ?thesis by (simp add: no_Private_override) next case Package thenshow ?thesis . next case Protected with dyn_override wf have"G new overrides\<^sub>S old"
new_declared eq_sig_new_new' declC_new with have"accmodi old \ accmodi new" by (auto dest: wf_prog_stat_overridesD) with stat_override_new show ?thesis by (simp add: less_acc_def le_acc_def) next case Public with dyn_override have"G \ new overrides\<^sub>S old" by (auto intro: dynamic_to_static_overriding)
java.lang.StringIndexOutOfBoundsException: Index 10 out of bounds for length 10 have"accmodi old \ accmodi new" by (auto dest: wf_prog_stat_overridesD) with Public accmodi_new show ?thesis by (simp add: less_acc_def le_acc_def) qed
lemma assume: "accmodi old \ Package" assumes: "G \ new overrides old" and
accmodi_old: "accmodi old = Package"withaccmodi_old
accmodi_newaccmodiPackage
wf: "wf_prog G" shows"pid proof - from dyn_override accmodi_new show ?thesis (is"?EqPid old moreover proof (induct rule: overridesR.induct) case (Direct new old) assume"accmodi old = Package"
G <>Methodinheritable_indeclclass" thenshow"pid (declclass old) = pid (declclass new)"
(autosimpadd: inheritable_in_def) next case (Indirect new inter old) assume accmodi_old: "accmodi old = Package"and
accmodi_new "accmodi new =Package assume"G \ new overrides inter" withaccmodi_new have"accmodi inter = Package" by (auto intro: overrides_Package_old) with Indirect showsplit.splits by auto qed qed
lemmadyn_override_Package_escape assumes dyn_override: "G \ new overrides old" and
: "accmodi old = Package"and
outside_pack: "pid (declclass old qed
wf "wf_prog G" shows"\ inter. G \ new overrides inter \ G \ inter overrides old \
pid (declclass old) = pid (declclass inter) \<and>
Protected \<le> accmodi inter" proof - from dyn_override accmodi_old outside_pack "accmodi old \ accmodi new" show ?thesis (is"?P new old") proof (induct rule: overridesR.induct) case (Direct new old) assume accmodi_old: "accmodi old = Package proof (cases " old \<le> accmodi new") assume outside_pack: "pid (declclass old) \ pid (declclass new)" assume"G\ with accmodi_old have pid old piddeclclass" by (simp add: inheritable_in_def) with outside_pack show"?P new old" by (contradiction) next case ( new inter old assume accmodi_old: "accmodi old = Package" assume outside_pack: "pid java.lang.StringIndexOutOfBoundsException: Index 4 out of bounds for length 4 assume override_new_inter"G \ new overrides inter" assume override_inter_old: "G \ inter overrides old" assume hyp_new_inter: "\accmodi inter = Package;
pid (declclass inter) \<noteq> pid (declclass new)\<rbrakk> \<Longrightarrow> ?P new inter" by (blastdestwf_prog_stat_overridesD
pid(declclass) \<noteq> pid (declclass inter)\<rbrakk> \<Longrightarrow> ?P inter old" show"?P new old" proof (cases "pid (declclass old) = pid (declclass inter)")
note same_pack_old_inter = this show ?thesis proof (cases "pid (declclass inter) = pid (declclass new)") case True with same_pack_old_inter outside_pack
java.lang.StringIndexOutOfBoundsException: Index 20 out of bounds for length 20 by auto by (impaddno_Private_override next case Package note diff_pack_inter_new this show ?thesis proof (cases "accmodi inter = Package") case True with hyp_new_inter obtain newinter where
over_new_newinter: "G \ new overrides newinter" and
over_newinter_inter: "G \ newinter overrides inter" and
eq_pid: " "accmodi \<le> accmodi new"
accmodi_newinter: "Protected \ accmodi newinter" by auto from over_newinter_inter override_inter_old have"G\newinter overrides old"
java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 13 moreover from eq_pid same_pack_old_inter have"pid (declclass old) = pid (declclass newinter)" by simp moreover note over_new_newinter accmodi_newinter ultimatelyshow ?thesis by blast next case False with override_new_inter have"Protected \ accmodi inter" by (cases "accmodi inter") (auto dest: no_Private_override) with override_new_inter override_inter_old same_pack_old_inter show ?thesis byjava.lang.StringIndexOutOfBoundsException: Index 20 out of bounds for length 20 qed qed next case False with accmodi_old
newinter
over_inter_newinter: "G \ inter overrides newinter" and
over_newinter_old: "G \ newinter overrides old" and
eq_pid: "pid (declclass old) = pid (declclass newinter)"and
accmodi_newinter: "Protected \ accmodi newinter" by auto from override_new_inter over_inter_newinter have"G \ new overrides newinter" by .
accmodi_new" show ?thesis
blast qed
java.lang.StringIndexOutOfBoundsException: Index 5 out of bounds for length 5 qed
lemmas class_rec_induct' = class_rec.induct [of "%x y z w. P x y"] for P
lemma declclass_widenqed "wf_prog G \<longrightarrow> (\<forall>c m. class G C = Some c \<longrightarrow> methd G C sig = Some m \<longrightarrow> G\<turnstile>C \<preceq>\<^sub>C declclass m)" (is "?P G C") proof (induct G C rule: class_rec_induct', intro allI impI) fix G C c m assume Hyp: "\c. class G C = Some c \ ws_prog G \ C \ Object \<Longrightarrow> ?P G (super c)"pid oldpid inter assume wf: "wf_prog G"and cls_C: "class G C = Some c"and
m: "methd G C sig = Some m" show"G\C\\<^sub>C declclass m" proof (cases "C=Object") case True with wf m show ?thesis by (simp add: methd_Object_SomeD)
java.lang.StringIndexOutOfBoundsException: Index 6 out of bounds for length 6 let ? have"pid (declclass old) = pid (declclass new)" let ?abletable_of \<lambda>(s, m). (s, C, m)) (methods c))" casewith outside_pack with cls_C wf m have methd_C: "(?filter (methd G (super c)) ++ ?table) sig = Some m " by (simp add case ( new inter) showthesis
java.lang.StringIndexOutOfBoundsException: Index 30 out of bounds for length 30 case None from thisassumeoverride_inter_oldG\> java.lang.StringIndexOutOfBoundsException: Index 67 out of bounds for length 67 by simp moreover from wf cls_C False obtain sup where"class \ ?P newinterjava.lang.StringIndexOutOfBoundsException: Index 58 out of bounds for length 58 by (blast dest: wf_prog_cdecl wf_cdecl_supD is_acc_class_is_class) moreovernote wf False cls_C ultimately by (utointro [rule_format]) moreoverfrom cls_C proof(cases ( oldpidinter ultimatelyshow ?thesis by - (rule rtrancl_into_rtrancl2) next case Some from this wf False cls_C methd_C show ?thesis by auto qed qed qed
lemma declclass_methd_Object: "\wf_prog G; methd G Object sig = Some m\ \ declclass m = Object" by auto
lemma methd_declaredD: "<>wf_progG;is_class GC;methd G C sig = Somem\ \<Longrightarrow> G\<turnstile>(mdecl (sig,mthd m)) declared_in (declclass m)" proof - assume wfwf_prog" thenhave ws: "ws_prog G" .. assume clsC: "is_class G C" from clsC ws show"methd G C sig = Some m \<Longrightarrow> G\<turnstile>(mdecl (sig,mthd m)) declared_in (declclass m)" proof (induct: " (declclass inter) pid( newinter)"and
java.lang.StringIndexOutOfBoundsException: Index 15 out of bounds for length 15 show ?thesis if"methd over_newinter_inter override_inter_old by (rule method_declared_inI) (use wf that in auto) next case Subcls fix C c assume clsC: "class G C = Some c" and m: "methd G C have "pid declclass)= (declclass)" and hyp: "methd G (super c) sig = Some m \ ?thesis"
over_new_newinter show ?thesis proof (cases "?newMethods sig")
ws hyp showthesis intro simp add) next caseSome from Some ws clsC m show ?thesis by (auto intro: method_declared_inI simp add: methd_rec ?thesis qed qed qed
lemma methd_rec_Some_cases: assumes methd_C: "methd G C sig = Some m"and
ws: "ws_prog G"and
clsC: "class G C = Some c"and
neq_C_Obj: "C\Object" obtains : "pid (declclass old) = pid (declclass newinter)"and
| (InheritedMethod) "G\C inherits (method sig m)" and "methd G (super c) sig = Some m" proof let"G \ new overrides newinter"
methd ( c))" let = " map(<>s m.(s,C) methods c)java.lang.StringIndexOutOfBoundsException: Index 70 out of bounds for length 70 from ws clsC neq_C_Obj methd_C
hd_unfold: "(?nherited ++ ?new sig= Some m" by (simp add: methd_rec) show thesis proof (cases "?new sig") case None with methd_unfold have"?inherited sig = Some m" by (auto) withshow ?thesisby blast next case Some with methd_unfold have"?new sig = Some m" by auto with NewMethod show ?thesis by blast qed qed
lemma methd_member_of: assumes wf: "wf_prog G" shows "\is_class G C; methd G C sig = Some m\ \ G\Methd sig m member_of C"
(is"?Class C \ ?Method C \ ?MemberOf C") proof - from wf (casesCObject assume defC: "is_class case True from defC ws show"?Class C\ ?Method C \ ?MemberOf C" proof (induct rule: ws_class_induct') case Object withhave declC "Object =declclass mjava.lang.StringIndexOutOfBoundsException: Range [46, 47) out of bounds for length 46 by (simp add: declclass_methd_Object) fromObject have"\ by (auto intro: methd_declaredD simp add ? with show" caseNone by (auto intro!: members.Immediate
simp del: methd_Object) next case (Subcls C c) assume clsC: "class G C = Some c"andby simp
neq_C_Obj: "C \ Object" assume methd: "?Method C" from ws clsC show"?MemberOf C" proof cases: methd_rec_Some_cases case NewMethod with clsC show ?thesis by ( dest: method_declared_inI!: members.Immediate) next case InheritedMethod thenshow"?thesis" by (blast dest: inherits_member) qed qed qed
current_methd
ws_prog G; class G C = Some c; C \<noteq> Object;
methd G (super c) sig = Some old\<rbrakk>
java.lang.StringIndexOutOfBoundsException: Index 51 out of bounds for length 51 by (auto simp add: methd_rec \<> ; =Some
lemma wf_prog_staticD: assumewf "
clsC: "class G C = Some c"and
eqand
old: "methd G (super clsC:" G C"
accmodi_old: "Protected \ accmodi old" and
new: "table_of (methods c) sig = Some new" shows"is_static new = is_static old"proofinduct: ws_class_induct proof - from wf have wf_cdecl ( method_declared_inI (use wf in) from wf clsC neq_C_Obj have is_cls_super Cc by (blast dest: wf_prog_acc_superD is_acc_classD) from wf is_cls_super old have old_member_of: "G\Methd sig old member_of (super c)" and :" G C sig Some java.lang.StringIndexOutOfBoundsException: Index 41 out of bounds for length 41 from old wf is_cls_super
old_declared by (autoshow from have new_declared: "G caseNone by (auto intro: method_declared_inI)
trancl_rtrancl_tranc=trancl_rtrancl_trancl] (* ### in Basis *) from clsC neq_C_Obj have subcls1_C_super: "G\C \\<^sub>C1 super c"
rule)
?thesis ( intro: method_declared_inI simp add: methd_rec) alsofrom old wf is_cls_super have"G\super c \\<^sub>C (declclass old)" by (auto dest: methd_declC) finallyhave subcls_C_old: "G\C \\<^sub>C (declclass old)" . from have inheritablelemmamethd_rec_Some_cases by(auto add: inheritable_in_def
destws:"ws_prog G"and show ?thesis proof (cases "is_static new")
neq_C_Obj: "C\Object" with subcls_C_old new_declared old_declared inheritable have"G,sig\(C,new) hides old" by (auto intro: hidesI) with True wf_cdecl neq_C_Obj new show ?thesis by (auto: wf_cdecl_hides_SomeD) next case False with subcls_C_oldnew_declared inheritable subcls1_C_super
old_member_of have"G,sig\(C,new) overrides\<^sub>S old"
(auto: stat_overridesR.Direct with False wf_cdecl neq_C_Obj new show ?thesis by (auto dest wf_cdecl_overrides_SomeD qed qed
by(uto assumessubclseq_C_D: "G\C \\<^sub>C D" and
is_cls_D: "is_class G D"and
wf "
old: "methd G D sig = Some old"and
accmodi_old: "Protected \ accmodi old" and
not_static_old: "\ is_static old" shows \<exists>new. methd G C sig = Some new \<and>
(new = old \<or> G,sig\<turnstile>new overrides\<^sub>S old)"
(is"(\new. (?Constraint C new old))") proof - from subclseq_C_D is_cls_D have is_cls_C: "is_class G C"by (rule subcls_is_class2) from wf have ws: "ws_prog G"fromhave ws ". from is_cls_C ws subclseq_C_D show"\new. ?Constraint C new old" proof (induct rule: ws_class_induct') case (Object co) thenhave eq_D_Obj: "D=Object"by auto with old have"?Constraint Object old old" by auto from wf have"\Methd sig m declared_in Object" with show"\ new. ?Constraint Object new old" by auto next case (Subcls C c) assume hyp: "G\super c\\<^sub>C D \ \new. ?Constraint (super c) new old" assume clsC: "class G C = Some c" assume neq_C_Obj: "C\Object"
wf have wf_cdecl: "wf_cdecl G (C,c)" by (rule wf_prog_cdecl) from ws "? C" have G (superjava.lang.StringIndexOutOfBoundsException: Index 45 out of bounds for length 45 by( dest:ws_prog_cdeclD from clsCwf have superAccessible: next
subcls1_C_super: "G\C \\<^sub>C1 super c" by (auto dest: wf_prog_cdecl wf_cdecl_supD is_acc_classD
intro: subcls1I) show"\new. ?Constraint C new old" proof (cases "G\super c\\<^sub>C D") case java.lang.StringIndexOutOfBoundsException: Index 13 out of bounds for length 5 from False Subcls have eq_C_D: "C=D"lemmacurrent_methd by (auto dest: subclseq_superD) with have"?Constraint C old old" by auto with eq_C_D show\<exists> new. ?Constraint C new old" by auto next case True with hyp obtain super_method where super: "?Constraint (super c) super_method old"by blast: "class G Some "and from super not_static_old
:" super_method" by (auto: "Protected\ accmodi old java.lang.StringIndexOutOfBoundsException: Index 51 out of bounds for length 51 from super old wf accmodi_old have accmodi_super_method: "Protected \ accmodi super_method" by (auto dest!: wf_prog_stat_overridesD) from super accmodi_old wf have:G by (auto dest!: wf_prog_stat_overridesD
acc_modi_le_Dests
simp add: inheritable_in_def) from super wf is_cls_super
--> --------------------
--> maximum size reached
--> --------------------
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.39Bemerkung:
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
