| author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
| Sun, 20 Jan 2013 05:04:19 +0000 (2013-01-20) | |
| changeset 59 | 30950dadd09f |
| parent 56 | 0838b0ac52ab |
| child 61 | 7edbd5657702 |
| permissions | -rw-r--r-- |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
1 |
theory turing_hoare |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
2 |
imports turing_basic |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
3 |
begin |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
4 |
|
|
59
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
5 |
declare step.simps[simp del] |
|
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
6 |
declare steps.simps[simp del] |
|
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
7 |
declare tm_comp.simps [simp del] adjust.simps[simp del] shift.simps[simp del] |
|
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
8 |
declare tm_wf.simps[simp del] |
|
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
9 |
|
|
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
10 |
|
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
11 |
type_synonym assert = "tape \<Rightarrow> bool" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
12 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
13 |
definition |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
14 |
assert_imp :: "assert \<Rightarrow> assert \<Rightarrow> bool" ("_ \<mapsto> _" [0, 0] 100)
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
15 |
where |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
16 |
"P \<mapsto> Q \<equiv> \<forall>l r. P (l, r) \<longrightarrow> Q (l, r)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
17 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
18 |
fun |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
19 |
holds_for :: "(tape \<Rightarrow> bool) \<Rightarrow> config \<Rightarrow> bool" ("_ holds'_for _" [100, 99] 100)
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
20 |
where |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
21 |
"P holds_for (s, l, r) = P (l, r)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
22 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
23 |
lemma is_final_holds[simp]: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
24 |
assumes "is_final c" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
25 |
shows "Q holds_for (steps c (p, off) n) = Q holds_for c" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
26 |
using assms |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
27 |
apply(induct n) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
28 |
apply(auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
29 |
apply(case_tac [!] c) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
30 |
apply(auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
31 |
done |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
32 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
33 |
lemma holds_for_imp: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
34 |
assumes "P holds_for c" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
35 |
and "P \<mapsto> Q" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
36 |
shows "Q holds_for c" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
37 |
using assms unfolding assert_imp_def |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
38 |
by (case_tac c) (auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
39 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
40 |
definition |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
41 |
Hoare :: "assert \<Rightarrow> tprog0 \<Rightarrow> assert \<Rightarrow> bool" ("({(1_)}/ (_)/ {(1_)})" 50)
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
42 |
where |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
43 |
"{P} p {Q} \<equiv>
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
44 |
(\<forall>l r. P (l, r) \<longrightarrow> (\<exists>n. is_final (steps0 (1, (l, r)) p n) \<and> Q holds_for (steps0 (1, (l, r)) p n)))" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
45 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
46 |
lemma HoareI: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
47 |
assumes "\<And>l r. P (l, r) \<Longrightarrow> \<exists>n. is_final (steps0 (1, (l, r)) p n) \<and> Q holds_for (steps0 (1, (l, r)) p n)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
48 |
shows "{P} p {Q}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
49 |
unfolding Hoare_def using assms by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
50 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
51 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
52 |
text {*
|
|
56
0838b0ac52ab
some small changes to turing and uncomputable
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
55
diff
changeset
|
53 |
{P1} A {Q1} {P2} B {Q2} Q1 \<mapsto> P2 A, B well-formed
|
|
0838b0ac52ab
some small changes to turing and uncomputable
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
55
diff
changeset
|
54 |
------------------------------------------------------ |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
55 |
{P1} A |+| B {Q2}
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
56 |
*} |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
57 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
58 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
59 |
lemma Hoare_plus_halt: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
60 |
assumes aimpb: "Q1 \<mapsto> P2" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
61 |
and A_wf : "tm_wf (A, 0)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
62 |
and B_wf : "tm_wf (B, 0)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
63 |
and A_halt : "{P1} A {Q1}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
64 |
and B_halt : "{P2} B {Q2}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
65 |
shows "{P1} A |+| B {Q2}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
66 |
proof(rule HoareI) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
67 |
fix l r |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
68 |
assume h: "P1 (l, r)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
69 |
then obtain n1 |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
70 |
where "is_final (steps0 (1, l, r) A n1)" and "Q1 holds_for (steps0 (1, l, r) A n1)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
71 |
using A_halt unfolding Hoare_def by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
72 |
then obtain l' r' where "steps0 (1, l, r) A n1 = (0, l', r')" and c: "Q1 holds_for (0, l', r')" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
73 |
by(case_tac "steps0 (1, l, r) A n1") (auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
74 |
then obtain stpa where d: "steps0 (1, l, r) (A |+| B) stpa = (Suc (length A div 2), l', r')" |
|
59
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
75 |
using A_wf by(rule_tac tm_comp_pre_halt_same) (auto) |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
76 |
moreover |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
77 |
from c aimpb have "P2 holds_for (0, l', r')" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
78 |
by (rule holds_for_imp) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
79 |
then have "P2 (l', r')" by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
80 |
then obtain n2 |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
81 |
where "is_final (steps0 (1, l', r') B n2)" and "Q2 holds_for (steps0 (1, l', r') B n2)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
82 |
using B_halt unfolding Hoare_def by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
83 |
then obtain l'' r'' where "steps0 (1, l', r') B n2 = (0, l'', r'')" and g: "Q2 holds_for (0, l'', r'')" |
|
56
0838b0ac52ab
some small changes to turing and uncomputable
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
55
diff
changeset
|
84 |
by (case_tac "steps0 (1, l', r') B n2") (auto) |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
85 |
then have "steps0 (Suc (length A div 2), l', r') (A |+| B) n2 = (0, l'', r'')" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
86 |
by (rule_tac t_merge_second_halt_same) (auto simp: A_wf B_wf) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
87 |
ultimately show |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
88 |
"\<exists>n. is_final (steps0 (1, l, r) (A |+| B) n) \<and> Q2 holds_for (steps0 (1, l, r) (A |+| B) n)" |
|
56
0838b0ac52ab
some small changes to turing and uncomputable
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
55
diff
changeset
|
89 |
using g |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
90 |
apply(rule_tac x = "stpa + n2" in exI) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
91 |
apply(simp add: steps_add) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
92 |
done |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
93 |
qed |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
94 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
95 |
definition |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
96 |
Hoare_unhalt :: "assert \<Rightarrow> tprog0 \<Rightarrow> bool" ("({(1_)}/ (_))" 50)
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
97 |
where |
|
56
0838b0ac52ab
some small changes to turing and uncomputable
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
55
diff
changeset
|
98 |
"{P} p \<equiv> (\<forall>l r. P (l, r) \<longrightarrow> (\<forall> n . \<not> (is_final (steps0 (1, (l, r)) p n))))"
|
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
99 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
100 |
lemma Hoare_unhalt_I: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
101 |
assumes "\<And>l r. P (l, r) \<Longrightarrow> \<forall> n. \<not> is_final (steps0 (1, (l, r)) p n)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
102 |
shows "{P} p"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
103 |
unfolding Hoare_unhalt_def using assms by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
104 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
105 |
lemma Hoare_plus_unhalt: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
106 |
fixes A B :: tprog0 |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
107 |
assumes aimpb: "Q1 \<mapsto> P2" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
108 |
and A_wf : "tm_wf (A, 0)" |
|
59
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
109 |
and B_wf : "tm_wf (B, 0)" (* probably not needed *) |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
110 |
and A_halt : "{P1} A {Q1}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
111 |
and B_uhalt : "{P2} B"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
112 |
shows "{P1} (A |+| B)"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
113 |
proof(rule_tac Hoare_unhalt_I) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
114 |
fix l r |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
115 |
assume h: "P1 (l, r)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
116 |
then obtain n1 where a: "is_final (steps0 (1, l, r) A n1)" and b: "Q1 holds_for (steps0 (1, l, r) A n1)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
117 |
using A_halt unfolding Hoare_def by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
118 |
then obtain l' r' where "steps0 (1, l, r) A n1 = (0, l', r')" and c: "Q1 holds_for (0, l', r')" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
119 |
by(case_tac "steps0 (1, l, r) A n1", auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
120 |
then obtain stpa where d: "steps0 (1, l, r) (A |+| B) stpa = (Suc (length A div 2), l', r')" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
121 |
using A_wf |
|
59
30950dadd09f
polished turing_basic
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
56
diff
changeset
|
122 |
by(rule_tac tm_comp_pre_halt_same, auto) |
|
55
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
123 |
from c aimpb have "P2 holds_for (0, l', r')" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
124 |
by(rule holds_for_imp) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
125 |
from this have "P2 (l', r')" by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
126 |
from this have e: "\<forall> n. \<not> is_final (steps0 (Suc 0, l', r') B n) " |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
127 |
using B_uhalt unfolding Hoare_unhalt_def |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
128 |
by auto |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
129 |
from e show "\<forall>n. \<not> is_final (steps0 (1, l, r) (A |+| B) n)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
130 |
proof(rule_tac allI, case_tac "n > stpa") |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
131 |
fix n |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
132 |
assume h2: "stpa < n" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
133 |
hence "\<not> is_final (steps0 (Suc 0, l', r') B (n - stpa))" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
134 |
using e |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
135 |
apply(erule_tac x = "n - stpa" in allE) by simp |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
136 |
then obtain s'' l'' r'' where f: "steps0 (Suc 0, l', r') B (n - stpa) = (s'', l'', r'')" and g: "s'' \<noteq> 0" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
137 |
apply(case_tac "steps0 (Suc 0, l', r') B (n - stpa)", auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
138 |
done |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
139 |
have k: "steps0 (Suc (length A div 2), l', r') (A |+| B) (n - stpa) = (s''+ length A div 2, l'', r'') " |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
140 |
using A_wf B_wf f g |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
141 |
apply(drule_tac t_merge_second_same, auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
142 |
done |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
143 |
show "\<not> is_final (steps0 (1, l, r) (A |+| B) n)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
144 |
proof - |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
145 |
have "\<not> is_final (steps0 (1, l, r) (A |+| B) (stpa + (n - stpa)))" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
146 |
using d k A_wf |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
147 |
apply(simp only: steps_add d, simp add: tm_wf.simps) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
148 |
done |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
149 |
thus "\<not> is_final (steps0 (1, l, r) (A |+| B) n)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
150 |
using h2 by simp |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
151 |
qed |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
152 |
next |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
153 |
fix n |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
154 |
assume h2: "\<not> stpa < n" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
155 |
with d show "\<not> is_final (steps0 (1, l, r) (A |+| B) n)" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
156 |
apply(auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
157 |
apply(subgoal_tac "\<exists> d. stpa = n + d", auto) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
158 |
apply(case_tac "(steps0 (Suc 0, l, r) (A |+| B) n)", simp) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
159 |
apply(rule_tac x = "stpa - n" in exI, simp) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
160 |
done |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
161 |
qed |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
162 |
qed |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
163 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
164 |
lemma Hoare_weak: |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
165 |
fixes p::tprog0 |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
166 |
assumes a: "{P} p {Q}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
167 |
and b: "P' \<mapsto> P" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
168 |
and c: "Q \<mapsto> Q'" |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
169 |
shows "{P'} p {Q'}"
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
170 |
using assms |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
171 |
unfolding Hoare_def assert_imp_def |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
172 |
by (blast intro: holds_for_imp[simplified assert_imp_def]) |
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
173 |
|
|
cd4ef33c8fb1
added turing_hoare
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
diff
changeset
|
174 |
end |