compaux.thy

chapter {* Generated by Lem from compile.lem. *}

theory "compaux" 

imports 
 	 Main "~~/src/HOL/Library/Code_Target_Numeral"
	 "Lem_pervasives" 
	 "Evm" 
	 "Word8" 
	 "Rlp" 
	 "Compile" 

begin 


(****************************************************)
(*                                                  *)
(* Termination Proofs                               *)
(*                                                  *)
(****************************************************)

(*
termination big_step by lexicographic_order
*)

termination get_expr by lexicographic_order

termination compile_expr by lexicographic_order


(****************************************************)
(*                                                  *)
(* Lemmata                                          *)
(*                                                  *)
(****************************************************)

declare respond_to_call_correctly_def [simp]
declare respond_to_return_correctly_def [simp]
declare respond_to_fail_correctly_def [simp]
declare build_cenv_def [simp]
declare program_of_lst_def [simp]
declare build_venv_called.simps [simp]
declare eval_annotation_def [simp]

text {* The following lemma is just for controlling the Isabelle/HOL simplifier. *}

value "program_content_of_lst 0 always_fail_code"



(*
declare program_annotation_of_lst_def [simp]
*)


(*
declare store_byte_list_in_program.simps [simp]
*)

lemma foo  [cong] : "100 = Suc 99"
apply(auto)
done


declare program_sem.psimps [simp]
(*
declare program_sem.simps [simp]
*)
declare program_iter.simps [simp]
declare program_step.simps [simp]

theorem iter_return [simp] :
   "program_iter c (Return st) steps = Return st"
apply(induction steps)
apply(auto)
done

theorem iter_tinystep [simp] :
 " program_iter c (Continue v 0 (Suc k)) (Suc steps) =
  Return (program_sem v c 0 (Suc k))"
apply(subst program_sem.simps)
apply(auto)
done

theorem iter_annot [simp] :
 " \<not> check_annotations v c \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
done

theorem iter_no_next [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = None \<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
done

theorem iter_inst_annotation [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionAnnotationFailure \<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
done

theorem iter_inst_to_world [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionToWorld a st bal pushed_v \<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
done

theorem iter_inst_continue1 [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionContinue new_v;
    venv_pc v < venv_pc new_v;
    \<forall>vv xx. (program_iter c (Continue vv n (Suc k)) steps =
         Return xx \<longrightarrow>
         program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k)));
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
    Return x \<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
apply(simp add: strict_if_def)
done

theorem iter_inst_continue2 [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionContinue new_v;
    venv_pc v \<ge> venv_pc new_v;
    \<forall>nn vv xx. (
         program_iter c (Continue vv nn k) steps = Return xx \<longrightarrow>
         program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k));
   program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) = Return x
   \<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
apply(simp add: strict_if_def)
done

theorem iter_runout [simp] :
  "program_iter c (Continue v n 0) (Suc steps) =
   Return (program_sem v c n 0)"
apply(auto simp:program_sem.simps)
done

theorem step_foo : "\<exists>steps.
       program_iter c s1 (Suc steps) = s2 \<Longrightarrow>
\<exists>steps. program_iter c s1 steps = s2"
apply(blast)
done

theorem iter2_inst_continue1 [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionContinue new_v;
    venv_pc v < venv_pc new_v;
    \<forall>vv. \<exists>steps. program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k))\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
apply(simp add: strict_if_def)
done

theorem iter2_inst_continue2 [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionContinue new_v;
    venv_pc v \<ge> venv_pc new_v;
    \<forall>vv nn. \<exists>steps. program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k)\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(subst program_sem.simps)
apply(auto)
apply(simp add: strict_if_def)
done

theorem iter2_inst_continue [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionContinue new_v;
    \<forall>vv. \<exists>steps. program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k));
    \<forall>vv nn. \<exists>steps. program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k)\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases " venv_pc v < venv_pc new_v")
apply(rule iter2_inst_continue1)
apply(clarify)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(rule iter2_inst_continue2)
apply(blast)
apply(blast)
apply(blast)
apply(arith)
apply(blast)
done

declare program_iter.simps [simp del]
declare program_step.simps [simp del]

theorem iter_inst_continue :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    instruction_sem v c i = InstructionContinue new_v;
    \<forall>vv xx. (program_iter c (Continue vv n (Suc k)) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv n (Suc k)) steps =
          Return (program_sem vv c n (Suc k)));
    \<forall>vv nn xx.
        ( program_iter c (Continue vv nn k) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k) );
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) = Return x\<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases " venv_pc v < venv_pc new_v")
apply(rule iter_inst_continue1)
apply(clarify)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(rule iter_inst_continue2)
apply(blast)
apply(blast)
apply(blast)
apply(arith)
apply(blast)
apply(blast)
done

theorem iter_aux1 :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    \<forall>vv xx. (program_iter c (Continue vv n (Suc k)) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv n (Suc k)) steps =
          Return (program_sem vv c n (Suc k)));
    \<forall>vv nn xx.
        ( program_iter c (Continue vv nn k) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k) );
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) = Return x\<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases "instruction_sem v c i")
apply(rule iter_inst_continue)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(auto)
done

theorem iter2_aux1 [simp] :
 "\<lbrakk> check_annotations v c;  venv_next_instruction v c = Some i;
    \<forall>vv. \<exists>steps. program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k));
    \<forall>vv nn. \<exists>steps. program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k)\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases "instruction_sem v c i")
apply(rule iter2_inst_continue)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(blast)
apply(auto)
done

theorem iter_aux2 :
 "\<lbrakk> check_annotations v c;
    \<forall>vv xx. (program_iter c (Continue vv n (Suc k)) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv n (Suc k)) steps =
          Return (program_sem vv c n (Suc k)));
    \<forall>vv nn xx.
        ( program_iter c (Continue vv nn k) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k) );
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) = Return x\<rbrakk> \<Longrightarrow>
  
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases "venv_next_instruction v c")
defer
apply(rule iter_aux1)
apply(auto)
done

theorem iter2_aux2 [simp] :
 "\<lbrakk> check_annotations v c;
    \<forall>vv. \<exists>steps. program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k));
    \<forall>vv nn. \<exists>steps. program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k)\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases "venv_next_instruction v c")
defer
apply(rule iter2_aux1)
apply(auto)
done

theorem iter_aux3 :
 "\<lbrakk> \<forall>vv xx. (program_iter c (Continue vv n (Suc k)) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv n (Suc k)) steps =
          Return (program_sem vv c n (Suc k)));
    \<forall>vv nn xx.
        ( program_iter c (Continue vv nn k) steps = Return xx \<longrightarrow>
          program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k) );
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) = Return x\<rbrakk> \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases "check_annotations v c")
apply(rule iter_aux2)
apply(auto)
done

theorem iter2_aux3 [simp] :
 "\<lbrakk> \<forall>vv. \<exists>steps. program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k));
    \<forall>vv nn. \<exists>steps. program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k)\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k))"
apply(cases "check_annotations v c")
apply(rule iter2_aux2)
apply(auto)
done

theorem iter2_aux4 [simp] :
 "\<lbrakk> \<forall>vv. \<exists>steps. program_iter c (Continue vv n (Suc k)) steps =
         Return (program_sem vv c n (Suc k));
    \<forall>vv nn. \<exists>steps. program_iter c (Continue vv nn k) steps =
         Return (program_sem vv c nn k)\<rbrakk> \<Longrightarrow>
  \<exists>steps. program_iter c (Continue v (Suc n) (Suc k)) steps =
  Return (program_sem v c (Suc n) (Suc k))"
apply(rule step_foo)
apply(rule iter2_aux3)
apply(auto)
done

definition iter_correct ::
   "variable_env \<Rightarrow> constant_env \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> bool" where
"iter_correct v c n k steps = (
   \<forall> x. Return x = program_iter c (Continue v n k) steps \<longrightarrow> 
        x = program_sem v c n k)"

definition iter_correct2 ::
   "variable_env \<Rightarrow> constant_env \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> bool" where
"iter_correct2 v c n k steps = (
   \<forall> x. program_iter c (Continue v n k) steps = Return x \<longrightarrow> 
        program_iter c (Continue v n k) steps =
        Return (program_sem v c n k))"

theorem correct_same : "iter_correct v c n k steps = iter_correct2 v c n k steps"
apply(auto simp:iter_correct_def simp:iter_correct2_def)
done

theorem ummm :
"\<forall>vv. iter_correct2 vv c n (Suc k) steps \<Longrightarrow>
    \<forall>vv nn. iter_correct2 vv c nn k steps \<Longrightarrow>
    \<forall>x. program_iter c
         (Continue v (Suc n) (Suc k))
         (Suc steps) =
        Return x \<Longrightarrow>
        program_iter c
         (Continue v (Suc n) (Suc k))
         (Suc steps) =
        Return (program_sem v c (Suc n) (Suc k))"
apply(rule iter_aux3)
apply(auto)
done

theorem lame : "Return x = Return y \<Longrightarrow> x = y"
apply(auto)
done

theorem lame2 :
 "program_iter c
          (Continue v (Suc n) (Suc k))
          (Suc steps) =
         Return x \<Longrightarrow>
  program_iter c (Continue v (Suc n) (Suc k)) (Suc steps) =
  Return (program_sem v c (Suc n) (Suc k)) \<Longrightarrow>
  x = program_sem v c (Suc n) (Suc k)"
apply(auto)
done

theorem iter_aux4 :
 "\<lbrakk> \<forall>vv. iter_correct vv c n (Suc k) steps;
    \<forall>vv nn. iter_correct vv c nn k steps \<rbrakk> \<Longrightarrow>
  iter_correct v c (Suc n) (Suc k) (Suc steps)"
apply(auto simp:correct_same)
apply(auto simp:iter_correct2_def)
apply(rule_tac steps = "steps" in lame2)
apply(blast)
apply(rule iter_aux3)
apply(auto)
done

theorem iter_nothing [simp] : "program_iter c st 0 = st"
apply(auto simp:program_iter.simps)
done

theorem blah1 [simp] : "Return x =
       program_iter c (Continue v n 0) steps \<Longrightarrow>
       program_sem v c n 0 = x"
apply(induction steps)
apply(auto)
done

theorem blah3 [simp] :
"(\<And>v n.
           iter_correct v c n (Suc k) steps) \<Longrightarrow>
       (\<And>v n x. iter_correct v c n k x) \<Longrightarrow>
       iter_correct v c n (Suc k) (Suc steps)"
apply(induction n arbitrary: v)
apply(subst iter_correct_def)
apply(auto)
apply(rule iter_aux4)
apply(auto)
done

theorem blah2 [simp] :
"(\<And>v n x. iter_correct v c n k x) \<Longrightarrow>
 iter_correct v c n (Suc k) steps"
apply(induction steps arbitrary: v n)
apply(subst iter_correct_def)
apply(auto)
done

theorem program_iter_bigstep :
"iter_correct v c n k steps"
(* Theorem: program_iter_bigstep*)(* try *)
apply(induction k arbitrary: v n steps)
apply(subst iter_correct_def)
apply(auto)
done

theorem iter_exists_aux [simp] :
"(\<And>v n.
           \<exists>steps.
              program_iter c (Continue v n k) steps =
              Return (program_sem v c n k)) \<Longrightarrow>
       \<exists>steps.
          program_iter c (Continue v n (Suc k)) steps =
          Return (program_sem v c n (Suc k))"
apply(induction n arbitrary:v k)
apply(rule_tac x = 1 in exI)
apply(simp add:program_iter.simps program_sem.simps program_step.simps)
apply(rule iter2_aux4)
defer
apply(blast)
apply(auto)
done

theorem iter_exists :
   "\<exists>steps. program_iter c (Continue v n k) steps = Return (program_sem v c n k)"
apply(induction k arbitrary:v n)
apply(rule_tac x = 1 in exI)
apply(auto)
done
(*
value "size (0::256 word)"

definition zurp :: "256 word \<Rightarrow> 256 word" where
"zurp k = k"

theorem foo3 [simp] : "size (w::256 word) = 256"
apply (auto simp:word_size)
done
*)

lemma strict_if_True [simp] :
"strict_if True a b = a True"
apply(simp add: strict_if_def)
done

text {* When the if-condition is known to be False, the simplifier
can proceed into the else-clause. *}

lemma strict_if_False [simp] :
"strict_if False a b = b True"
apply(simp add: strict_if_def)
done

text {* When the if-condition is not known to be either True or False,
the simplifier is allowed to perform computation on the if-condition. *}

lemma strict_if_cong [cong] :
"b0 = b1 \<Longrightarrow> strict_if b0 x y = strict_if b1 x y"
apply(auto)
done

lemma unblock_program_sem [simp] : "blocked_program_sem v c l p True = program_sem v c l p"
apply(simp add: blocked_program_sem.psimps)
done

lemma program_sem_unblock :
"program_sem_blocked v c internal external True = program_sem v c internal external"
apply(simp add: program_sem_blocked_def)
done


theorem foo2 : "length ((word_rsplit (w::256 word)) :: 8 word list) = 32"
apply(rule length_word_rsplit_even_size)
apply(auto simp:word_size)
done

theorem list_elems : "length lst = Suc x \<Longrightarrow>
 \<exists>b1 tl. lst = Cons b1 tl"
apply(induction lst)
apply(auto)
done

theorem list_elems1 : "length lst = 1 \<Longrightarrow> \<exists>b1. lst = [b1]"
apply(rule exE)
apply(rule list_elems)
apply(auto)
done

theorem list_elems2 : "length lst = 2 \<Longrightarrow> \<exists>b1 b2. lst = [b1,b2]"
apply(insert list_elems [of lst 1])
apply(auto)
apply(rule exE)
apply(rule list_elems)
apply(auto)
done

theorem list_elems3 : "length lst = 3 \<Longrightarrow> \<exists>b1 b2 b3. lst = [b1,b2,b3]"
apply(insert list_elems [of lst 2])
apply(auto)
apply(insert list_elems [of "drop 1 lst" 1])
apply(auto)
apply(insert list_elems [of "drop 2 lst" 0])
apply(auto)
done

theorem list_elems32 : "length lst = 32 \<Longrightarrow>
 \<exists>b1 b2 b3 b4 b5 b6 b7 b8 b9 b10
b11 b12 b13 b14 b15 b16 b17 b18 b19 b20
b21 b22 b23 b24 b25 b26 b27 b28 b29 b30 b31 b32.
 lst = [b1,b2,b3,b4,b5,b6,b7,b8,b9,b10,
b11,b12,b13,b14,b15,b16,b17,b18,b19,b20,
b21,b22,b23,b24,b25,b26,b27,b28,b29,b30,b31,b32]"

apply(insert list_elems [of lst 31])
apply(auto)
apply(insert list_elems [of "drop 1 lst" 30])
apply(auto)
apply(insert list_elems [of "drop 2 lst" 29])
apply(auto)
apply(insert list_elems [of "drop 3 lst" 28])
apply(auto)
apply(insert list_elems [of "drop 4 lst" 27])
apply(auto)
apply(insert list_elems [of "drop 5 lst" 26])
apply(auto)
apply(insert list_elems [of "drop 6 lst" 25])
apply(auto)
apply(insert list_elems [of "drop 7 lst" 24])
apply(auto)
apply(insert list_elems [of "drop 8 lst" 23])
apply(auto)
apply(insert list_elems [of "drop 9 lst" 22])
apply(auto)
apply(insert list_elems [of "drop 10 lst" 21])
apply(auto)
apply(insert list_elems [of "drop 11 lst" 20])
apply(auto)
apply(insert list_elems [of "drop 12 lst" 19])
apply(auto)
apply(insert list_elems [of "drop 13 lst" 18])
apply(auto)
apply(insert list_elems [of "drop 14 lst" 17])
apply(auto)
apply(insert list_elems [of "drop 15 lst" 16])
apply(auto)
apply(insert list_elems [of "drop 16 lst" 15])
apply(auto)
apply(insert list_elems [of "drop 17 lst" 14])
apply(auto)
apply(insert list_elems [of "drop 18 lst" 13])
apply(auto)
apply(insert list_elems [of "drop 19 lst" 12])
apply(auto)
apply(insert list_elems [of "drop 20 lst" 11])
apply(auto)
apply(insert list_elems [of "drop 21 lst" 10])
apply(auto)
apply(insert list_elems [of "drop 22 lst" 9])
apply(auto)
apply(insert list_elems [of "drop 23 lst" 8])
apply(auto)
apply(insert list_elems [of "drop 24 lst" 7])
apply(auto)
apply(insert list_elems [of "drop 25 lst" 6])
apply(auto)
apply(insert list_elems [of "drop 26 lst" 5])
apply(auto)
apply(insert list_elems [of "drop 27 lst" 4])
apply(auto)
apply(insert list_elems [of "drop 28 lst" 3])
apply(auto)
apply(insert list_elems [of "drop 29 lst" 2])
apply(auto)
apply(insert list_elems [of "drop 30 lst" 1])
apply(auto)
apply(insert list_elems [of "drop 31 lst" 0])
apply(auto)
done

theorem word_elems32 : "\<exists>b1 b2 b3 b4 b5 b6 b7 b8 b9 b10
b11 b12 b13 b14 b15 b16 b17 b18 b19 b20
b21 b22 b23 b24 b25 b26 b27 b28 b29 b30 b31 b32.
 (word_rsplit (w::256 word) :: 8 word list) =
 [b1,b2,b3,b4,b5,b6,b7,b8,b9,b10,
b11,b12,b13,b14,b15,b16,b17,b18,b19,b20,
b21,b22,b23,b24,b25,b26,b27,b28,b29,b30,b31,b32]"
apply(rule list_elems32)
apply(rule foo2)
done

fun get_foo :: "simple \<Rightarrow> 256 word" where
  "get_foo (Compile.ImmedV x) = x"
| "get_foo (Compile.MemoryV x) = x"
| "get_foo (Compile.StorageV x) = x"

declare check_annotations_def [simp]

declare program_content_of_lst.simps [simp]
declare store_byte_list_in_program.simps [simp]
declare program_annotation_of_lst.simps [simp]
declare prepend_annotation_def [simp]
declare inst_size_def [simp]
declare inst_code.simps [simp]
declare stack_inst_code.simps [simp]
declare venv_next_instruction_def [simp]
declare instruction_sem.simps [simp]
declare stack_0_1_op_def [simp]
declare venv_advance_pc_def [simp]
declare build_aenv_def [simp]
declare jump_def [simp]
(* declare word_of_bytes_def [simp] *)
declare instruction_failure_result_def [simp]
declare build_venv_returned.simps [simp]
declare build_venv_failed_def [simp]
declare compile_simple.simps [simp]
declare get_simple.simps [simp]
declare get_stack_top.simps [simp]

declare eval_expr_def [simp]
declare stop_def [simp]
declare mload_def [simp]
declare general_dup_def [simp]
declare stack_1_1_op_def [simp]

theorem simple_correct :
"( eval_expr v addr (compile_simple expr) = get_simple v expr)"
(* Theorem: simple_correct*)(* try *)
apply(insert word_elems32 [of "get_foo expr"])
apply(induction expr)
apply(auto)
apply(subst foo)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply (metis word_rcat_rsplit)

apply(subst foo)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply (metis word_rcat_rsplit)

apply(subst foo)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply(subst foo)
apply(subst program_sem.simps)
apply(auto simp:foo2)
apply (metis word_rcat_rsplit)
done

fun get_stack_top2  :: " program_state \<Rightarrow>( 256 word)option "  where 
  " get_stack_top2 (Continue s _ _) = ( None )"
| " get_stack_top2 (Return a) = get_stack_top a"

definition make_prog :: "inst list \<Rightarrow> address \<Rightarrow> constant_env" where
"make_prog prog addr = (|
   cenv_program = (program_of_lst (prog @ [Misc STOP])),
   cenv_this = addr |)"

definition iter_expr  :: "nat \<Rightarrow> variable_env \<Rightarrow> 160 word \<Rightarrow>(inst)list \<Rightarrow>( 256 word)option "  where 
"iter_expr x v addr prog =
  get_stack_top2 (program_iter
      (make_prog prog addr)
      (Continue ( v (| venv_pc :=(( 0 :: nat)) |)) 0 0)
      x)"

theorem iter_add : 
  "program_iter c (program_iter c st y) x = program_iter c st (x+y)"
apply(induction y arbitrary: st x)
apply(auto simp:program_iter.simps)
done

theorem iter_suc :
 "program_iter c st (Suc x) = program_step c (program_iter c st x)"
apply(induction x arbitrary: st)
apply(auto simp:program_iter.simps)
done

theorem iter_return_stable :
  "program_iter c st x = Return rt \<Longrightarrow>
   program_iter c st (Suc x) = Return rt"
apply(induction x arbitrary:st)
apply(auto simp:program_iter.simps program_step.simps)
done

theorem last_iter_aux :
"(\<And>v a1 a2.
           program_iter c (Continue v a1 a2) x =
           Return rt \<Longrightarrow>
           \<exists>y nv e1 e2.
              program_iter c (Continue v a1 a2)
               y =
              Continue nv e1 e2 \<and>
              program_step c
               (Continue nv e1 e2) =
              Return rt) \<Longrightarrow>
       program_iter c (Continue v a1 a2)
        (Suc x) =
       Return rt \<Longrightarrow>
       \<exists>y nv e1 e2.
          program_iter c (Continue v a1 a2) y =
          Continue nv e1 e2 \<and>
          program_step c (Continue nv e1 e2) =
          Return rt"
apply(cases " program_iter c (Continue v a1 a2) x")
apply(simp add:iter_suc)
apply(blast)
apply(simp add:iter_return_stable)
done

theorem last_iter :
  "program_iter c (Continue v a1 a2) x = Return rt \<Longrightarrow>
  \<exists>y nv e1 e2. program_iter c (Continue v a1 a2) y = Continue nv e1 e2 \<and>
     program_step c (Continue nv e1 e2) = Return rt"
apply(induction x arbitrary: v a1 a2 )
apply(auto)
apply(rule last_iter_aux)
apply(auto)
done

fun maybe_eq :: "'a option \<Rightarrow> 'a option \<Rightarrow> bool" where
  "maybe_eq (Some a) (Some b) = (a = b)"
| "maybe_eq _ _ = True"

theorem expr_stop_aux2 :
   "program_sem (v\<lparr>venv_pc:=0\<rparr>) c 100 100 =
    ProgramStepRunOut \<Longrightarrow>
   get_stack_top (program_sem (v\<lparr>venv_pc:=0\<rparr>) c 100 100) = None"
apply(auto simp:make_prog_def)
done

declare program_sem.psimps [simp del]

theorem expr_stop_foo :
  "\<lbrakk> program_sem (v\<lparr>venv_pc:=0\<rparr>) c 100 100 =
    ProgramStepRunOut;
   get_stack_top (program_sem (v\<lparr>venv_pc:=0\<rparr>) c 100 100) = Some x
  \<rbrakk> \<Longrightarrow>
  False"
apply(auto)
done

theorem expr_stop_aux3 : 
  "get_stack_top (ProgramToWorld x21 x22 x23 t) = Some x \<Longrightarrow>
  \<exists>nv n k. t = Some (nv,n,k)"
apply(cases t)
apply(auto)
done

theorem expr_stop_aux :
  "eval_expr v addr code = Some res  \<Longrightarrow>
   \<exists>act stor bal nv n k. program_sem (v\<lparr> venv_pc := 0\<rparr>) (make_prog code addr) 100 100 =
    ProgramToWorld act stor bal (Some (nv, n, k))"
apply(simp add:make_prog_def)
apply(cases " program_sem (v\<lparr> venv_pc := 0\<rparr>)  \<lparr>cenv_program =
          \<lparr>program_content =
             program_content_of_lst 0
              (code @ [Misc STOP]),
             program_length = Suc (length code),
             program_annotation =
               program_annotation_of_lst 0
                (code @ [Misc STOP])\<rparr>,
          cenv_this = addr\<rparr> 100 100")
apply(auto)
apply(auto simp:expr_stop_aux3)
done

theorem expr_stop_aux11 :
  "\<exists>act stor bal nv n k. (eval_expr v addr code = Some res \<longrightarrow>
   program_sem (v\<lparr> venv_pc := 0\<rparr>) (make_prog code addr) 100 100 =
    ProgramToWorld act stor bal (Some (nv, n, k)))"
apply(auto simp:expr_stop_aux)
done

theorem iter_exists_foo :
 "program_sem v c n k = rt \<Longrightarrow>
  \<exists>x. program_iter c (Continue v n k) x = Return rt"
apply(auto simp:iter_exists)
done

theorem iter_exists_foo2 :
 "program_sem v c n k =
  ProgramToWorld act stor bal (Some (nv, n2, k2)) \<Longrightarrow>
  \<exists>x. program_iter c (Continue v n k) x =
      Return (ProgramToWorld act stor bal (Some (nv, n2, k2)))"
apply(auto simp:iter_exists_foo)
done

theorem iter_exists_foo3 :
  "\<exists>x. program_iter c (Continue v n k) x =
      Return (ProgramToWorld act stor bal (Some (nv, n2, k2)))
\<Longrightarrow> \<exists>act stor bal nv n2 k2 x. program_iter c (Continue v n k) x =
      Return (ProgramToWorld act stor bal (Some (nv, n2, k2)))"
apply(blast)
done

theorem iter_exists_foo4 :
"program_sem v c n k =
  ProgramToWorld act stor bal (Some (nv, n2, k2)) \<Longrightarrow>
 \<exists>act stor bal nv n2 k2 x. program_iter c (Continue v n k) x =
      Return (ProgramToWorld act stor bal (Some (nv, n2, k2)))"
apply(rule iter_exists_foo3)
apply(rule iter_exists_foo2)
apply(blast)
done

theorem iter_exists_foo5 :
"(\<exists>act stor bal nv n2 k2 x. program_sem v c n k =
  ProgramToWorld act stor bal (Some (nv, n2, k2))) \<longrightarrow>
 (\<exists>act stor bal nv n2 k2 x. program_iter c (Continue v n k) x =
      Return (ProgramToWorld act stor bal (Some (nv, n2, k2))))"
apply(auto simp:iter_exists_foo4)
done

declare expr_stop_aux [simp]

theorem expr_stop_aux4 :
  "eval_expr v addr (compile_expr expr) = Some res  \<Longrightarrow>
  \<exists>act stor bal nv n k x.
    program_iter (make_prog (compile_expr expr) addr)
      (Continue (v\<lparr>venv_pc:=0\<rparr>) 100 100) x =
    Return (ProgramToWorld act stor bal (Some (nv, n, k)))"
apply(auto simp:iter_exists_foo5)
done

fun simple_inst :: "inst \<Rightarrow> bool" where
  "simple_inst (Misc STOP) = False"
| "simple_inst (Misc RETURN) = False"
| "simple_inst (Misc CALL) = False"
| "simple_inst (Misc CREATE) = False"
| "simple_inst (Misc CALLCODE) = False"
| "simple_inst (Misc SUICIDE) = False"
| "simple_inst (Misc DELEGATECALL) = False"
| "simple_inst _ = True"

theorem compiled_simple_aux1 :
"xa \<in> set (compile_simple x) \<Longrightarrow> simple_inst xa"
apply(cases x)
apply(auto)
done

theorem compiled_simple_aux2 :
"x \<in> set (binop_inst x1a) \<Longrightarrow> simple_inst x"
apply(cases x1a)
apply(auto simp:binop_inst.simps)
done

theorem compiled_simple_aux3 :
"x \<in> set (unop_inst x1a) \<Longrightarrow> simple_inst x"
apply(cases x1a)
apply(auto simp:unop_inst.simps)
done

(* Compiled instructions are simple *)
theorem compiled_simple :
   "x \<in> set (compile_expr expr) \<Longrightarrow> simple_inst x"
apply(induction expr arbitrary:x)
apply(auto simp: compiled_simple_aux1 compiled_simple_aux2 compiled_simple_aux3)
done

(* Simple instructions do not return normally *)

fun will_return :: "inst option \<Rightarrow> bool" where
  "will_return (Some x) = (\<not> simple_inst x)"
| "will_return None = False"

theorem no_inst_error : "venv_next_instruction v c = None \<Longrightarrow>
  program_step c (Continue v n k) \<noteq>
   Return (ProgramToWorld act stor bal (Some (nv, e1, e2)))"
apply(auto simp:program_step.simps)
apply(cases k)
apply(auto)
apply(cases n)
apply(simp)
apply(cases "\<not> check_annotations v c")
apply(simp)
apply(cases "check_annotations v c")
defer
apply(blast)
apply (metis lame nat.distinct(1) option.simps(4) program_result.distinct(1) venv_next_instruction_def)
done

theorem name_1 :
   "check_annotations v c \<Longrightarrow> (\<not> check_annotations v c) = False"
apply(blast)
done

declare check_annotations_def [simp del]

theorem blahblah [simp] :
"stack_2_1_op v c x  \<noteq>
    InstructionToWorld act stor bal (Some (nv, n, k))"
apply(auto simp:stack_2_1_op_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
done

theorem blahblah2 [simp] :
"stack_1_1_op v c x  \<noteq>
    InstructionToWorld act stor bal (Some (nv, n, k))"
apply(auto simp:stack_2_1_op_def)
apply(cases "venv_stack v")
apply(auto)
done

theorem blahblah3 [simp] :
"stack_3_1_op v c x  \<noteq>
    InstructionToWorld act stor bal (Some (nv, n, k))"
apply(auto simp:stack_3_1_op_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "tl (tl (venv_stack v))")
apply(auto)
done

theorem no_return_bits :
  "instruction_sem v c (Bits x2) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases x2)
apply(auto)
apply(cases "venv_stack v")
apply(auto)
done

theorem no_return_sarith :
  "instruction_sem v c (Sarith x2) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases x2)
apply(auto)
done

theorem no_return_arith :
  "instruction_sem v c (Arith x2) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases x2)
apply(auto simp:sha3_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
done

theorem no_return_info :
  "instruction_sem v c (Info x2) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases x2)
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
done

theorem no_return_dup :
  "general_dup (unat x2) v c \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(auto)
apply(cases "index (venv_stack v) (unat x2 - Suc 0)")
apply(auto)
done


declare general_dup_def [simp del]

theorem no_return_memory :
  "instruction_sem v c (Memory i) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(auto)
apply(cases i)
apply(auto simp:mstore_def mstore8_def calldatacopy_def
  codecopy_def extcodecopy_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "tl (tl (venv_stack v))")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "tl (tl (venv_stack v))")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "tl (tl (venv_stack v))")
apply(auto)
apply(cases "tl (tl (tl (venv_stack v)))")
apply(auto)
done

theorem no_return_storage :
  "instruction_sem v c (Storage i) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases i)
apply(auto simp:sstore_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
done

fun get_some :: "'a option \<Rightarrow> 'a" where
"get_some (Some x) = x"

fun get_some_pc :: "inst option \<Rightarrow> pc_inst" where
"get_some_pc (Some (Pc x)) = x"


theorem no_return_blocked [simp] :
  "blockedInstructionContinue x z \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(auto simp:blockedInstructionContinue_def)
done


theorem no_return_blocked_jump [simp] :
  "blocked_jump v c z \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(auto simp:blocked_jump_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "program_content (cenv_program c)
                (unat (hd (venv_stack v)))")
apply(auto)
apply(cases "get_some (program_content (cenv_program c)
                (unat (hd (venv_stack v))))")
apply(auto)
apply(cases "get_some_pc (program_content (cenv_program c)
                (unat (hd (venv_stack v))))")
apply(auto)
done

theorem no_return_pc :
  "instruction_sem v c (Pc i) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases i)
apply(auto simp:jumpi_def pc_def  stack_0_0_op_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(cases "program_content (cenv_program c)
                (unat (hd (venv_stack v)))")
apply(auto)
apply(cases "get_some (program_content (cenv_program c)
                (unat (hd (venv_stack v))))")
apply(auto)
apply(cases "get_some_pc (program_content (cenv_program c)
                (unat (hd (venv_stack v))))")
apply(auto)
apply(cases "program_content (cenv_program c)
                (unat (hd (venv_stack v)))")
apply(auto)
apply(cases "get_some (program_content (cenv_program c)
                (unat (hd (venv_stack v))))")
apply(auto)
apply(cases "get_some_pc (program_content (cenv_program c)
                (unat (hd (venv_stack v))))")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
apply(cases "tl (venv_stack v)")
apply(auto)
apply(simp add:strict_if_def)
apply (metis blockedInstructionContinue_def instruction_result.simps(6) no_return_blocked_jump)
done

theorem no_return_stack :
  "instruction_sem v c (Stack i) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases i)
apply(auto simp:pop_def)
apply(cases "venv_stack v")
apply(auto)
apply(cases "venv_stack v")
apply(auto)
done

theorem no_return_swap :
"swap x11 v c \<noteq>
       InstructionToWorld act stor bal
        (Some (nv, nata, nt))"
apply(auto simp:swap_def)
apply(cases "list_swap x11 (venv_stack v)")
apply(auto)
done

theorem no_return_misc :
  "simple_inst (Misc i) \<Longrightarrow>
   instruction_sem v c (Misc i) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases i)
apply(auto simp:log_def)
done


theorem no_return_log :
  "instruction_sem v c (Log i) \<noteq>
   InstructionToWorld act stor bal (Some (nv,n,k))"
apply(cases i)
apply(auto simp:log_def)
done

theorem no_return_anno :
  "(if x then InstructionContinue (venv_advance_pc c v)
        else InstructionAnnotationFailure) \<noteq>
       InstructionToWorld act stor bal
        (Some (nv, nata, nt))"
apply(auto)
done

theorem umpi_foo :
 "(if t then Continue x1 y1 z2 else Continue x2 y2 z2) =
       Return res
   \<Longrightarrow> False"
apply(cases t)
apply(auto)
done

theorem umpi_umpi : "(if venv_pc v < venv_pc x1
        then Continue x1 (Suc (nata::nat) - 1) (nt + 1)
        else Continue x1
              (program_length (cenv_program c)) nt) =
       Return
        (ProgramToWorld act stor bal
          (Some (nv, e1, e2))) \<Longrightarrow> False"
apply(cases "venv_pc v < venv_pc x1")
apply(auto)
done

theorem no_simple_return :
 "\<lbrakk> venv_next_instruction v c = Some inst;
    simple_inst inst \<rbrakk>\<Longrightarrow>
  program_step c (Continue v n k) \<noteq>
   Return (ProgramToWorld act stor bal (Some (nv, e1, e2)))"
apply(auto simp:program_step.simps)
apply(cases k)
apply(auto)
apply(cases n)
apply(simp)
apply(cases "\<not> check_annotations v c")
apply(simp)
apply(simp)
apply(auto)
apply(cases "instruction_sem v c inst")
apply(auto)
apply(rule umpi_umpi)
apply(blast)

apply(cases inst)
apply(auto simp:no_return_bits no_return_sarith
  no_return_arith no_return_info no_return_dup
  no_return_memory no_return_storage no_return_pc
  no_return_stack no_return_swap no_return_log
  no_return_anno no_return_misc)
done

theorem simple_doesnt_return :
  "program_step c (Continue v n k) =
   Return (ProgramToWorld act stor bal (Some (nv, e1, e2))) \<Longrightarrow>
   will_return (venv_next_instruction v c)"
apply(cases "venv_next_instruction v c")
apply(auto simp:no_simple_return no_inst_error)
done

fun is_unknown :: "inst option \<Rightarrow> bool" where
  "is_unknown (Some (Unknown x)) = True"
| "is_unknown _ = False"
 
fun is_in_list :: "inst option \<Rightarrow> inst list \<Rightarrow> bool" where
  "is_in_list (Some (Unknown x)) _ = True"
| "is_in_list (Some inst) lst = (inst \<in> set lst)"
| "is_in_list None _ = True"

theorem adding_to_list [simp] :
  "is_in_list x lst \<Longrightarrow>
   is_in_list x (i#lst)"
apply(induction lst)
apply(cases x)
apply(auto)
apply(cases "get_some x")
apply(auto)
apply(cases x)
apply(auto)
apply(cases "get_some x")
apply(auto)
done

(* doesnt work for annotations
theorem content_aux :
  "program_content_of_lst t (a # lst) t = Some a"
apply(induction t arbitrary: a lst)
apply(auto)
*)

(* Instead of map, make a list first *)
fun  program_list_of_lst  :: "inst list \<Rightarrow> inst list"  where 
 " program_list_of_lst [] = []"
|" program_list_of_lst (Stack (PUSH_N bytes) # rest) =
    [Stack (PUSH_N bytes)] @
    map(\<lambda>x. Unknown x) bytes @ 
   program_list_of_lst rest"
|" program_list_of_lst (Annotation _  # rest) = program_list_of_lst rest"
|" program_list_of_lst (i # rest) = i # program_list_of_lst rest" 

theorem program_list_append :
  "program_list_of_lst (a@b) =
   program_list_of_lst a @ program_list_of_lst b"
apply(induction a rule:program_list_of_lst.induct)
apply(auto)
done

theorem program_list_length :
  "length (program_list_of_lst [a]) = program_size [a]"
apply(auto simp:program_size.simps)
apply(induction a rule:inst_code.induct)
apply(auto)

theorem content_small_aux_bytes [simp] :
  "k < pos \<Longrightarrow>
   m k = None \<Longrightarrow>
   store_byte_list_in_program (Suc pos) lst m k = None"
apply(induction lst arbitrary:pos k m)
apply(auto)
done

theorem content_small_aux_stack [simp] :
 "(\<And>pos k.
           k < pos \<Longrightarrow>
           program_content_of_lst pos lst k = None) \<Longrightarrow>
       k < pos \<Longrightarrow>
       a = Stack x10 \<Longrightarrow>
       program_content_of_lst pos (Stack x10 # lst) k =
       None"
apply(cases x10)
apply(auto)
done

theorem content_small_aux [simp] :
"(\<And>pos k.
           k < pos \<Longrightarrow>
           program_content_of_lst pos lst k = None) \<Longrightarrow>
       k < pos \<Longrightarrow>
       program_content_of_lst pos (a # lst) k = None"
apply(cases a)
apply(auto)
done

theorem content_small [simp] :
   "k < pos \<Longrightarrow> program_content_of_lst pos lst k = None"
apply(induction lst arbitrary:pos k)
apply(auto)
done

theorem update_add :
   "m k = None \<Longrightarrow>
    insert x (ran m) = ran (map_update k x m)"
apply(auto)
done

theorem ran_blargh :
  "m1 = m2 \<Longrightarrow> ran m1 = ran m2"
apply(auto)
done

theorem update_add2 :
   "m k = None \<Longrightarrow>
    insert x (ran m) =
    ran (\<lambda>a. if a = k then Some x else m a)"
apply(subst update_add)
apply(blast)
apply(rule ran_blargh)
apply(auto)
done

fun make_unknown :: "nat \<Rightarrow> byte list \<Rightarrow> (nat,inst) map" where
 "make_unknown pos [] = empty"
|"make_unknown pos (a#t) =
    map_update pos (Unknown a) (make_unknown (pos+1) t)"

theorem make_small [simp] :
  "k < pos \<Longrightarrow> make_unknown pos bytes k = None"
apply(induction bytes arbitrary:pos k)
apply(auto)
done

theorem unfold_update :
   "(m(pos \<mapsto> a)) x = (if x = pos then Some a else m x)"
apply(auto)
done

theorem make_unknown_lemma :
  "m2 pos = None \<Longrightarrow>
   m1(pos \<mapsto> a) ++ m2 = (m1 ++ m2)(pos \<mapsto> a)"
apply(subst map_add_def)
apply(subst map_add_def)
apply(subst unfold_update)
apply(auto)
done

theorem combine_some : "m2 n = Some x \<Longrightarrow> Some x = (m1 ++ m2) n"
apply(auto)
done

theorem combine_none :
   "m2 x = None \<Longrightarrow> m3 x = m1 x \<Longrightarrow> m3 x = (m1 ++ m2) x"
apply(auto)
by (simp add: map_add_def)

theorem program_list_bytes [simp] :
  "store_byte_list_in_program pos bytes m =
   m ++ make_unknown pos bytes"
apply(induction bytes arbitrary: pos m)
apply(auto simp:make_unknown_lemma)
done

theorem unknown_union :
  "(\<forall>k. k < pos + length bytes \<longrightarrow>  m k = None) \<Longrightarrow>
    ran (m ++ make_unknown pos bytes) =
    ran m \<union> Unknown ` set bytes"
apply(induction bytes arbitrary: pos m)
apply(auto)
done

theorem more_lemmas :
"insert x
        (Unknown ` set bytes \<union>
         ran
          (program_content_of_lst
            (Suc (pos + length bytes)) rest)) =
       ran
        (program_content_of_lst
          (Suc (pos + length bytes)) rest
         (pos \<mapsto> x) ++
         make_unknown (Suc pos) bytes)"
apply(subst make_unknown_lemma)
apply(auto simp:unknown_union)
done

theorem index_one [simp] :
  "0 < n \<Longrightarrow> index (x # lst) n = index lst (n-1)"
apply(cases n)
apply(auto)
done

theorem lemma_2 [simp] :
  "0 < n \<Longrightarrow>
   (\<And>t n. index (program_list_of_lst lst) n =
   program_content_of_lst t lst (n + t)) \<Longrightarrow>
   index (program_list_of_lst lst) (n-1) =
   program_content_of_lst (Suc t) lst (n + t)"
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
done

theorem index_append_small [simp] :
  "n < length a \<Longrightarrow> index (a @ b) n = index a n"
apply(auto)
by (simp add: nth_append)

theorem index_append_large1 [simp] :
  "index (a @ b) (n+length a) = index b n"
apply(induction a arbitrary:n b)
apply(auto)
done

theorem index_append_large [simp] :
  "n \<ge> length a \<Longrightarrow> index (a @ b) n = index b (n-length a)"
by (metis index_append_large1 ordered_cancel_comm_monoid_diff_class.diff_add)

fun get_stack :: "inst \<Rightarrow> stack_inst" where
"get_stack (Stack s) = s"

fun get_push_bytes :: "inst \<Rightarrow> byte list" where
"get_push_bytes (Stack (PUSH_N s)) = s"

theorem get_unknown [simp] :
  "n < length lst \<Longrightarrow>
   make_unknown t lst (n+t) = Some (Unknown (lst!n))"
apply(induction lst arbitrary:n t)
apply(simp)
apply(auto)
proof -
  fix lsta :: "8 word list" and na :: nat and ta :: nat
  assume a1: "na < Suc (length lsta)"
  assume a2: "0 < na"
  assume a3: "\<And>n t. n < length lsta \<Longrightarrow> make_unknown t lsta (n + t) = Some (Unknown (lsta ! n))"
  obtain nn :: "nat \<Rightarrow> nat \<Rightarrow> nat" where
    "\<forall>x0 x1. (\<exists>v2. x1 = Suc v2 \<and> v2 < x0) = (x1 = Suc (nn x0 x1) \<and> nn x0 x1 < x0)"
    by moura
  then have f4: "na = Suc (nn (length lsta) na) \<and> nn (length lsta) na < length lsta"
    using a2 a1 less_Suc_eq_0_disj by auto
  then have f5: "na + ta = nn (length lsta) na + Suc ta"
    by (metis add_Suc_shift)
  have "nn (length lsta) na = na - Suc 0"
    using f4 diff_Suc_1 by presburger
  then show "make_unknown (Suc ta) lsta (na + ta) = Some (Unknown (lsta ! (na - Suc 0)))"
    using f5 f4 a3 by presburger
qed

theorem get_unknown2 [simp] :
  "n \<ge> length lst \<Longrightarrow>
   make_unknown t lst (n+t) = None"
apply(induction lst arbitrary:n t)
apply(simp)
apply(auto)
by (metis (mono_tags, lifting) Suc_leD Suc_le_D add_Suc_shift le_SucE)

theorem lemma_3 :
    "(\<And>t n.
           index (program_list_of_lst lst) n =
           program_content_of_lst t lst (n + t)) \<Longrightarrow>
       n \<ge> x2 + 1 \<Longrightarrow>
       index (program_list_of_lst lst) (n - Suc x2) =
       program_content_of_lst (t + Suc x2) lst (n+t)"
apply(auto)
by (smt ab_semigroup_add_class.add_ac(1) add.commute add_Suc_right le_add_diff_inverse2)

theorem lemma_1 :
   "(\<And>t n.
           index (program_list_of_lst lst) n =
           program_content_of_lst t lst (n + t)) \<Longrightarrow>
       index (program_list_of_lst (a # lst)) n =
       program_content_of_lst t (a # lst) (n + t)"
apply(cases a)
apply(auto)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
defer
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply(cases "get_stack a")
apply(auto)
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
defer
apply (metis One_nat_def add_Suc_shift diff_Suc_1 less_imp_Suc_add)
apply(cases "n = 0")
apply(simp add:nth_append make_unknown_lemma)
apply(simp add:nth_append make_unknown_lemma)
apply(cases "n-1 < length (get_push_bytes a)")
apply(simp add:nth_append make_unknown_lemma)
apply(rule combine_some)
apply (metis Suc_pred add_Suc_shift get_unknown)
apply(simp add:nth_append make_unknown_lemma) (* n-1 \<ge> length x2 *)
apply(rule combine_none)
apply (metis Suc_pred add_Suc_shift get_unknown2 linorder_not_less)
using lemma_3
apply (fastforce)
done

theorem program_list_content_eq :
  "index (program_list_of_lst lst) n =
    program_content_of_lst t lst (n+t)"
apply(induction lst arbitrary:t n)
apply(auto simp:lemma_1)
done

theorem program_list_content :
  "set (program_list_of_lst lst) = ran (program_content_of_lst 0 lst)"
apply(induction lst rule:program_content_of_lst.induct)
apply(simp)
defer
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(simp)
apply(simp)
apply(rule update_add2)
apply(auto simp:more_lemmas)
done

theorem content_unknown_aux :
  "inst \<in> set (program_list_of_lst lst) \<Longrightarrow>
   is_in_list (Some inst) lst"
apply(induction lst arbitrary:inst rule:program_list_of_lst.induct)
apply(auto simp:program_list_content)
done

theorem content_unknown_aux2 :
  "inst \<in> ran (program_content_of_lst 0 lst) \<Longrightarrow>
   is_in_list (Some inst) lst"
apply(rule content_unknown_aux)
apply(auto simp:program_list_content)
done

theorem content_unknown :
  "is_in_list (program_content_of_lst 0 lst n) lst"
apply(cases "program_content_of_lst 0 lst n")
apply(auto)
apply(rule content_unknown_aux2)
apply(auto simp:Map.ranI)
done

theorem content_unknown_some :
  "program_content_of_lst 0 lst n = Some inst \<Longrightarrow>
   is_in_list (Some inst) lst"
apply(auto simp:content_unknown_aux2 Map.ranI)
done

theorem in_list_unknown :
 "(is_unknown (Some inst) \<or> inst \<in> set lst) = 
  is_in_list (Some inst) lst"
apply(cases inst)
apply(auto)
done

theorem content_unknown_some2 :
  "program_content_of_lst 0 lst n = Some inst \<Longrightarrow>
   is_unknown (Some inst) \<or> inst \<in> set lst"
apply(subst in_list_unknown)
apply(rule content_unknown_some)
apply(blast)
done

theorem inst_or_unknown1_aux :
  "\<not> is_unknown (Some inst) \<Longrightarrow>
   program_content_of_lst 0 lst n = Some inst \<Longrightarrow>
   inst \<in> set lst"
apply(metis content_unknown_some2)
done

theorem inst_or_unknown1 :
  "\<not> is_unknown (Some a) \<Longrightarrow>
  venv_next_instruction v (|
   cenv_program = program_of_lst prog,
   cenv_this = addr |) = Some a \<Longrightarrow>
   a \<in> set prog"
apply(cases a)
apply(auto simp:inst_or_unknown1_aux)
done

theorem inst_or_unknown :
  "venv_next_instruction v (|
   cenv_program = program_of_lst prog,
   cenv_this = addr |) \<noteq> None \<Longrightarrow>
  \<not>is_unknown (venv_next_instruction v \<lparr>
    cenv_program = program_of_lst prog,
    cenv_this = addr \<rparr>) \<Longrightarrow>
  get_some (venv_next_instruction v \<lparr>
    cenv_program = program_of_lst prog,
    cenv_this = addr \<rparr>) \<in> set prog"
apply(cases "venv_next_instruction v \<lparr>
    cenv_program = program_of_lst prog,
    cenv_this = addr \<rparr>")
apply(auto)
apply(rule inst_or_unknown1)
apply(auto)
done

theorem expr_stop_aux7 :
  "\<not> simple_inst a \<Longrightarrow>
   a \<in> set (compile_expr expr @ [Misc STOP]) \<Longrightarrow>
   a = Misc STOP"
apply(auto simp:compiled_simple)
done

theorem expr_stop_aux8 :
  "\<not> simple_inst a \<Longrightarrow>
   program_content_of_lst 0 lst x = Some a \<Longrightarrow>
   a \<in> set lst"
by (metis content_unknown is_in_list.simps(13) simple_inst.elims(3))

theorem expr_stop_aux6 :
  "will_return (venv_next_instruction v (make_prog (compile_expr expr) addr)) \<Longrightarrow>
  venv_next_instruction v (make_prog (compile_expr expr) addr) =
     Some (Misc STOP)"
apply(cases "venv_next_instruction v (make_prog (compile_expr expr) addr)")
apply(auto simp:make_prog_def content_unknown_some2)
apply(rule_tac  expr = expr in expr_stop_aux7)
apply(blast)
apply(rule expr_stop_aux8)
apply(blast)
apply(blast)
done

theorem expr_stop_aux5 :
  "program_step (make_prog (compile_expr expr) addr)
       (Continue v n k) =
   Return (ProgramToWorld act stor bal (Some (nv, e1, e2))) \<Longrightarrow>
   venv_next_instruction v (make_prog (compile_expr expr) addr) =
     Some (Misc STOP)"
apply(rule expr_stop_aux6)
using simple_doesnt_return by blast

theorem inst_expr_stop1 :
"eval_expr v addr (compile_expr expr) = Some res  \<longrightarrow>
  (\<exists>steps act stor bal nv n k. program_iter
       (make_prog (compile_expr expr) addr)
           (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100)
       steps = Return (ProgramToWorld act stor bal (Some (nv, n, k))))"
using expr_stop_aux4 by blast

theorem inst_expr_stop2 :
"program_iter
       (make_prog (compile_expr expr) addr) (Continue v 100 100)
       steps = Return st \<Longrightarrow>
(\<exists> nv x e1 e2. program_iter
       (make_prog (compile_expr expr) addr) (Continue v 100 100) x =
       Continue nv e1 e2 \<and>
       program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return st)"
using last_iter by blast

theorem inst_expr_stop2b :
"program_iter
       (make_prog (compile_expr expr) addr) (Continue v 100 100)
       steps = Return (ProgramToWorld act stor bal (Some (nv2, n, k))) \<longrightarrow>
(\<exists>nv x e1 e2. program_iter
       (make_prog (compile_expr expr) addr) (Continue v 100 100) x =
       Continue nv e1 e2 \<and>
       program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return (ProgramToWorld act stor bal (Some (nv2, n, k))))"
using inst_expr_stop2
apply(blast)
done

theorem inst_expr_stop2c :
"program_iter
       (make_prog (compile_expr expr) addr) (Continue v 100 100)
       steps = Return (ProgramToWorld act stor bal (Some (nv2, n, k))) \<Longrightarrow>
(\<exists>act stor bal nv2 n k nv x e1 e2. program_iter
       (make_prog (compile_expr expr) addr) (Continue v 100 100) x =
       Continue nv e1 e2 \<and>
       program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return (ProgramToWorld act stor bal (Some (nv2, n, k))))"
by (metis inst_expr_stop2)

theorem inst_expr_stop_1_2 :
"eval_expr v addr (compile_expr expr) = Some res \<longrightarrow>
(\<exists>act stor bal nv2 n k nv x e1 e2 . program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and>
       program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return (ProgramToWorld act stor bal (Some (nv2, n, k))))"
using inst_expr_stop2c
using inst_expr_stop1
apply(fastforce)
done

declare venv_next_instruction_def [simp del]

theorem inst_expr_stop3 :
  "program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<Longrightarrow>
   program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return (ProgramToWorld act stor bal (Some (nv2, n, k))) \<Longrightarrow>
   program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and> 
       venv_next_instruction nv (make_prog (compile_expr expr) addr) = Some (Misc STOP)"
apply(auto)
apply(auto simp:expr_stop_aux5)
done

theorem inst_expr_stop3b :
  "program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and>
   program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return (ProgramToWorld act stor bal (Some (nv2, n, k))) \<Longrightarrow>
   \<exists> nv x e1 e2. program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and> 
       venv_next_instruction nv (make_prog (compile_expr expr) addr) = Some (Misc STOP)"
using inst_expr_stop3
apply(blast)
done

declare eval_expr_def [simp del]

theorem inst_expr_stop3c :
  "\<exists>act stor bal nv2 n k nv x e1 e2 . (program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and>
   program_step (make_prog (compile_expr expr) addr) (Continue nv e1 e2) =
        Return (ProgramToWorld act stor bal (Some (nv2, n, k)))) \<Longrightarrow>
   \<exists> nv x e1 e2. program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and> 
       venv_next_instruction nv (make_prog (compile_expr expr) addr) = Some (Misc STOP)"
using inst_expr_stop3b
apply(blast)
done

theorem inst_expr_stop4 :
  "eval_expr v addr (compile_expr expr) = Some res \<Longrightarrow>
   \<exists>nv e1 e2 x. program_iter (make_prog (compile_expr expr) addr)
     (Continue (v\<lparr>venv_pc := 0\<rparr>) 100 100) x =
    Continue nv e1 e2"
using inst_expr_stop_1_2
apply(blast)
done

theorem expr_stop :
  "eval_expr v addr (compile_expr expr) = Some res  \<Longrightarrow>
  \<exists> nv x e1 e2. program_iter
       (make_prog (compile_expr expr) addr) (Continue (v\<lparr> venv_pc := 0 \<rparr>) 100 100) x =
       Continue nv e1 e2 \<and> 
       venv_next_instruction nv (make_prog (compile_expr expr) addr) = Some (Misc STOP)"
apply(rule inst_expr_stop3c)
using inst_expr_stop_1_2
apply(blast)
done


theorem expr_correct :
"maybe_eq (eval_expr v addr (compile_expr expr)) (get_expr v expr)"
(* Theorem: expr_correct*)(* try *)
apply(induction expr)
apply(subst compile_expr.simps)
apply(subst get_expr.simps)
apply(rule simple_correct)
apply(subst compile_expr.simps)
apply(subst get_expr.simps)

end