118 general fiddliness, Turing machines are an even more |
118 general fiddliness, Turing machines are an even more |
119 daunting prospect.'' |
119 daunting prospect.'' |
120 \end{quote} |
120 \end{quote} |
121 |
121 |
122 \noindent |
122 \noindent |
123 In this paper we took on this daunting prospect and provide a |
123 In this paper we take on this daunting prospect and provide a |
124 formalisation of Turing machines, as well as abacus machines (a kind |
124 formalisation of Turing machines, as well as abacus machines (a kind |
125 of register machines) and recursive functions. To see the difficulties |
125 of register machines) and recursive functions. To see the difficulties |
126 involved with this work, one has to understand that interactive |
126 involved with this work, one has to understand that interactive |
127 theorem provers, like Isabelle/HOL, are at their best when the |
127 theorem provers, like Isabelle/HOL, are at their best when the |
128 data-structures at hand are ``structurally'' defined, like lists, |
128 data-structures at hand are ``structurally'' defined, like lists, |
211 or occupied, which we represent by a datatype having two |
211 or occupied, which we represent by a datatype having two |
212 constructors, namely @{text Bk} and @{text Oc}. One way to |
212 constructors, namely @{text Bk} and @{text Oc}. One way to |
213 represent such tapes is to use a pair of lists, written @{term "(l, |
213 represent such tapes is to use a pair of lists, written @{term "(l, |
214 r)"}, where @{term l} stands for the tape on the left-hand side of the |
214 r)"}, where @{term l} stands for the tape on the left-hand side of the |
215 head and @{term r} for the tape on the right-hand side. We have the |
215 head and @{term r} for the tape on the right-hand side. We have the |
216 convention that the head, written @{term hd}, of the right-list is |
216 convention that the head, abbreviated @{term hd}, of the right-list is |
217 the cell on which the head of the Turing machine currently operates. This can |
217 the cell on which the head of the Turing machine currently operates. This can |
218 be pictured as follows: |
218 be pictured as follows: |
219 |
219 |
220 \begin{center} |
220 \begin{center} |
221 \begin{tikzpicture} |
221 \begin{tikzpicture} |
294 leaves the the tape unchanged. |
294 leaves the the tape unchanged. |
295 |
295 |
296 Note that our treatment of the tape is rather ``unsymmetric''---we |
296 Note that our treatment of the tape is rather ``unsymmetric''---we |
297 have the convention that the head of the right-list is where the |
297 have the convention that the head of the right-list is where the |
298 head is currently positioned. Asperti and Ricciotti |
298 head is currently positioned. Asperti and Ricciotti |
299 \cite{AspertiRicciotti12} also consider such a representation, but |
299 \cite{AspertiRicciotti12} also considered such a representation, but |
300 dismiss it as it complicates their definition for \emph{tape |
300 dismiss it as it complicates their definition for \emph{tape |
301 equality}. The reason is that moving the head one step to |
301 equality}. The reason is that moving the head one step to |
302 the left and then back to the right might change the tape (in case |
302 the left and then back to the right might change the tape (in case |
303 of going over the ``edge''). Therefore they distinguish four types |
303 of going over the ``edge''). Therefore they distinguish four types |
304 of tapes: one where the tape is empty; another where the head |
304 of tapes: one where the tape is empty; another where the head |
321 renaming states apart whenever both machines share |
321 renaming states apart whenever both machines share |
322 states.\footnote{The usual disjoint union operation does not preserve types, unfortunately.} This |
322 states.\footnote{The usual disjoint union operation does not preserve types, unfortunately.} This |
323 renaming can be quite cumbersome to reason about. Therefore we made |
323 renaming can be quite cumbersome to reason about. Therefore we made |
324 the choice of representing a state by a natural number and the states |
324 the choice of representing a state by a natural number and the states |
325 of a Turing machine will always consist of the initial segment |
325 of a Turing machine will always consist of the initial segment |
326 of natural numbers starting from @{text 0} up to number of states |
326 of natural numbers starting from @{text 0} up to the number of states |
327 of the machine. In doing so we can compose |
327 of the machine. In doing so we can compose |
328 two Turing machine by ``shifting'' the states of one by an appropriate |
328 two Turing machine by ``shifting'' the states of one by an appropriate |
329 amount to a higher segment and adjust some ``next states''. |
329 amount to a higher segment and adjust some ``next states'' in the other. |
330 |
330 |
331 An \emph{instruction} @{term i} of a Turing machine is a pair consisting of |
331 An \emph{instruction} @{term i} of a Turing machine is a pair consisting of |
332 an action and a natural number (the next state). A \emph{program} @{term p} of a Turing |
332 an action and a natural number (the next state). A \emph{program} @{term p} of a Turing |
333 machine is then a list of such pairs. Using the following Turing machine |
333 machine is then a list of such pairs. Using the following Turing machine |
334 program (consisting of four instructions) as an example |
334 program (consisting of four instructions) as an example |
352 case of reading @{term Oc}. We have the convention that the |
352 case of reading @{term Oc}. We have the convention that the |
353 first state is always the \emph{starting state} of the Turing machine. |
353 first state is always the \emph{starting state} of the Turing machine. |
354 The 0-state is special in that it will be used as the \emph{halting state}. |
354 The 0-state is special in that it will be used as the \emph{halting state}. |
355 There are no instructions for the 0-state, but it will always |
355 There are no instructions for the 0-state, but it will always |
356 perform a @{term Nop}-operation and remain in the 0-state. |
356 perform a @{term Nop}-operation and remain in the 0-state. |
357 A \emph{well-formed} Turing machine program @{term p} is one that satisfies |
|
358 the following three properties |
|
359 |
|
360 \begin{center} |
|
361 \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}l} |
|
362 @{term "t_correct p"} & @{text "\<equiv>"} & @{term "2 <= length p"}\\ |
|
363 & @{text "\<and>"} & @{term "iseven (length p)"}\\ |
|
364 & @{text "\<and>"} & @{term "\<forall> (a, s) \<in> set p. s <= length p div 2"} |
|
365 \end{tabular} |
|
366 \end{center} |
|
367 |
|
368 \noindent |
|
369 The first says that @{text p} must have at least an instruction for the starting |
|
370 state; the second that @{text p} has a @{term Bk} and @{term Oc} instruction for every |
|
371 state, and the third that every next-state is one of the states mentioned in |
|
372 the program or being the 0-state. |
|
373 |
357 |
374 Given a program @{term p}, a state |
358 Given a program @{term p}, a state |
375 and the cell being read by the head, we need to fetch |
359 and the cell being read by the head, we need to fetch |
376 the corresponding instruction from the program. For this we define |
360 the corresponding instruction from the program. For this we define |
377 the function @{term fetch} |
361 the function @{term fetch} |
395 from a list, if it exists (@{term Some}-case), or if it does not, it |
379 from a list, if it exists (@{term Some}-case), or if it does not, it |
396 returns the default action @{term Nop} and the default state 0 |
380 returns the default action @{term Nop} and the default state 0 |
397 (@{term None}-case). In doing so we slightly deviate from the description |
381 (@{term None}-case). In doing so we slightly deviate from the description |
398 in \cite{Boolos87}: if their Turing machines transition to a non-existing |
382 in \cite{Boolos87}: if their Turing machines transition to a non-existing |
399 state, then the computation is halted. We will transition in such cases |
383 state, then the computation is halted. We will transition in such cases |
400 to the 0th state with the @{term Nop}-action. |
384 to the 0th state with the @{term Nop}-action. However, with introducing the |
|
385 notion of \emph{well-formed} Turing machine programs we will exclude such |
|
386 cases. A program @{term p} is said to be well-formed if it satisfies |
|
387 the following three properties |
|
388 |
|
389 \begin{center} |
|
390 \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}l} |
|
391 @{term "t_correct p"} & @{text "\<equiv>"} & @{term "2 <= length p"}\\ |
|
392 & @{text "\<and>"} & @{term "iseven (length p)"}\\ |
|
393 & @{text "\<and>"} & @{term "\<forall> (a, s) \<in> set p. s <= length p div 2"} |
|
394 \end{tabular} |
|
395 \end{center} |
|
396 |
|
397 \noindent |
|
398 The first says that @{text p} must have at least an instruction for the starting |
|
399 state; the second that @{text p} has a @{term Bk} and @{term Oc} instruction for every |
|
400 state, and the third that every next-state is one of the states mentioned in |
|
401 the program or being the 0-state. |
401 |
402 |
402 A \emph{configuration} @{term c} of a Turing machine is a state together with |
403 A \emph{configuration} @{term c} of a Turing machine is a state together with |
403 a tape. This is written as @{text "(s, (l, r))"}. If we have a |
404 a tape. This is written as @{text "(s, (l, r))"}. If we have a |
404 configuration and a program, we can calculate |
405 configuration and a program, we can calculate |
405 what the next configuration is by fetching the appropriate next state |
406 what the next configuration is by fetching the appropriate next state |
413 \hspace{10mm}@{text "in (s', update (l, r) a)"} |
414 \hspace{10mm}@{text "in (s', update (l, r) a)"} |
414 \end{tabular} |
415 \end{tabular} |
415 \end{center} |
416 \end{center} |
416 |
417 |
417 \noindent |
418 \noindent |
418 It is impossible in Isabelle/HOL to lift this function in order to realise |
419 It is impossible in Isabelle/HOL to lift this function realising |
419 a general evaluation function for Turing machines. The reason is that functions in HOL-based |
420 a general evaluation function for Turing machines. The reason is that functions in HOL-based |
420 provers need to be terminating, and clearly there are Turing machine |
421 provers need to be terminating, and clearly there are Turing machine |
421 programs for which this does not hold. We can however define an evaluation |
422 programs which are not. We can however define an evaluation |
422 function so that it performs exactly @{text n}: |
423 function so that it performs exactly @{text n} steps: |
423 |
424 |
424 \begin{center} |
425 \begin{center} |
425 \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}l} |
426 \begin{tabular}{l@ {\hspace{1mm}}c@ {\hspace{1mm}}l} |
426 @{thm (lhs) steps.simps(1)} & @{text "\<equiv>"} & @{thm (rhs) steps.simps(1)}\\ |
427 @{thm (lhs) steps.simps(1)} & @{text "\<equiv>"} & @{thm (rhs) steps.simps(1)}\\ |
427 @{thm (lhs) steps.simps(2)} & @{text "\<equiv>"} & @{thm (rhs) steps.simps(2)}\\ |
428 @{thm (lhs) steps.simps(2)} & @{text "\<equiv>"} & @{thm (rhs) steps.simps(2)}\\ |
439 @{term p} halts generating an output tape @{text "(l\<^isub>o,r\<^isub>o)"}: |
440 @{term p} halts generating an output tape @{text "(l\<^isub>o,r\<^isub>o)"}: |
440 |
441 |
441 \begin{center} |
442 \begin{center} |
442 \begin{tabular}{l} |
443 \begin{tabular}{l} |
443 @{term "halt p (l\<^isub>i,r\<^isub>i) (l\<^isub>o,r\<^isub>o)"} @{text "\<equiv>"}\\ |
444 @{term "halt p (l\<^isub>i,r\<^isub>i) (l\<^isub>o,r\<^isub>o)"} @{text "\<equiv>"}\\ |
444 \hspace{6mm}@{text "\<exists> n. nsteps (1, (l\<^isub>i,r\<^isub>i)) p n= (0, (l\<^isub>o,r\<^isub>o))"} |
445 \hspace{6mm}@{text "\<exists>n. nsteps (1, (l\<^isub>i,r\<^isub>i)) p n = (0, (l\<^isub>o,r\<^isub>o))"} |
445 \end{tabular} |
446 \end{tabular} |
446 \end{center} |
447 \end{center} |
447 |
448 |
448 \noindent |
449 \noindent |
|
450 where 1 stands for the starting state and 0 for the halting state, or |
|
451 in our settin it should better be called the final state. |
449 Later on we need to consider specific Turing machines that |
452 Later on we need to consider specific Turing machines that |
450 start with a tape in standard form and halt the computation |
453 start with a tape in standard form and halt the computation |
451 in standard form. By this we mean |
454 in standard form. By this we mean |
452 |
455 |
453 \begin{center} |
456 \begin{center} |
454 @{thm haltP_def2[where p="p" and n="n", THEN eq_reflection]} |
457 @{thm haltP_def2[where p="p" and n="n", THEN eq_reflection]} |
455 \end{center} |
458 \end{center} |
456 |
459 |
457 \noindent |
460 \noindent |
458 the Turing machine starts with a tape containg @{text n} @{term Oc}s |
461 This means the Turing machine starts with a tape containg @{text n} @{term Oc}s |
459 and the head pointing to the first one; the Turing machine |
462 and the head pointing to the first one; the Turing machine |
460 halts with a tape consisting of some @{term Bk}s, followed by a |
463 halts with a tape consisting of some @{term Bk}s, followed by a |
461 ``cluster'' of @{term Oc}s and after that by some @{term Bk}s. |
464 ``cluster'' of @{term Oc}s and after that by some @{term Bk}s. |
462 The head in the output is at the first @{term Oc}. |
465 The head in the output is pointing again at the first @{term Oc}. |
463 The intuitive meaning of this definition is to start Turing machine with a |
466 The intuitive meaning of this definition is to start the Turing machine with a |
464 tape corresponding to a value @{term n} and producing |
467 tape corresponding to a value @{term n} and producing |
465 a new tape corresponding to the value @{term l} (the number of @{term Oc}s |
468 a new tape corresponding to the value @{term l} (the number of @{term Oc}s |
466 clustered on the tape). |
469 clustered on the output tape). |
|
470 |
|
471 Before we can prove the undecidability of the halting problem for Turing machines, |
|
472 we have to define how to compose them. Given our setup, this is relatively straightforward, |
|
473 if slightly fiddly. |
467 |
474 |
468 shift and change of a p |
475 shift and change of a p |
469 |
476 |
470 composition of two ps |
477 composition of two ps |
471 |
478 |