tm: comparison Paper/Paper.thy

equal deleted inserted replaced

-:2cae8a39803e
+:c3155e9e4f63
 @{thm (lhs) inv_end1.simps} & @{text "\<equiv>"} & @{thm (rhs) inv_end1.simps} & (starting state)\\
 @{thm (lhs) inv_end0.simps} & @{text "\<equiv>"} & @{thm (rhs) inv_end0.simps} & (halting state)\smallskip\\
 \hline
 \end{tabular}
 \end{center}
-\caption{The invariants @{term inv_begin0},\ldots,@{term inv_begin4} for the states of
+\caption{The invariants @{term inv_begin0},\ldots,@{term inv_begin4} are for the states of
-@{term tcopy_begin}. Below, the invariants for the starting and halting states of
+@{term tcopy_begin}. Below, the invariants only for the starting and halting states of
-@{term tcopy_loop} and @{term tcopy_end}. In each invariant the parameter @{term n} stands for the number
+@{term tcopy_loop} and @{term tcopy_end} are shown. In each invariant the parameter
+@{term n} stands for the number
 of @{term Oc}s with which the Turing machine is started.}\label{invbegin}
 \end{figure}
 \begin{center}
 \begin{tabular}{rcl}
 @{term step} and @{term steps}. This gives us partial correctness
 for @{term "tcopy_begin"}.
 We next need to show that @{term "tcopy_begin"} terminates. For this
 we introduce lexicographically ordered pairs @{term "(n, m)"}
-derived from configurations @{text "(s, (l, r))"}: @{text n} stands
+derived from configurations @{text "(s, (l, r))"}: @{text n} is
-for the state ordered according to how @{term tcopy_begin} executes
+the state @{text s}, but ordered according to how @{term tcopy_begin} executes
-them, that is @{text "1 > 2 > 3 > 4 > 0"}; @{term m} is calculated
+them, that is @{text "1 > 2 > 3 > 4 > 0"}; in order to have
-according to the measure function:
+a strictly decreasing meansure, @{term m} takes the data on the tape into
+account and is calculated according to the measure function:
 \begin{center}
 \begin{tabular}{rcl}
 @{term measure_begin_step}@{text "(s, (l, r))"} & @{text "\<equiv>"} &
 @{text "if"} @{thm (prem 1) measure_begin_print(1)} @{text then} @{thm (rhs) measure_begin_print(1)}\\
-& & @{text else} @{text "if"} @{thm (prem 1) measure_begin_print(2)} @{text then} @{thm (rhs) measure_begin_print(2)} \\
+& & @{text else} @{text "if"} @{thm (prem 1) measure_begin_print(2)} @{text then}
+@{text "("}@{thm (rhs) measure_begin_print(2)}@{text ")"} \\
 & & @{text else} @{text "if"} @{thm (prem 1) measure_begin_print(3)} @{text then} @{thm (rhs) measure_begin_print(3)}\\
 & & @{text else} @{thm (rhs) measure_begin_print(4)}\\
 \end{tabular}
 \end{center}
 \noindent
 With this in place, we can show that for every starting tape of the
 form @{term "([], Oc \<up> n)"} with @{term "n > (0::nat)"}, the Turing
-machine @{term "tcopy_begin"} will halt. Taking this and the partial
+machine @{term "tcopy_begin"} will eventually halt. Taking this and the partial
-correctness proof together we obtain for @{term tcopy_begin} (similar
+correctness proof together, we obtain for @{term tcopy_begin} the Hoare-triple
-resoning is needed for @{term tcopy_loop} and @{term tcopy_end}):
+(similar resoning is needed for @{term tcopy_loop} and @{term tcopy_end}):
 \begin{center}
 @{thm (concl) begin_correct}\hspace{6mm}
 @{thm (concl) loop_correct}\hspace{6mm}
 @{thm (concl) end_correct}
 \end{center}
 \noindent
-where we assume @{text "0 < n"}. Since @{term "inv_begin0 n \<mapsto> inv_loop1 n"} holds
+where we assume @{text "0 < n"}. Since the invariant of the halting
-and @{term "inv_loop0 n = inv_end1 n"}, we can derive using our Hoare-rules
+state of @{term tcopy_begin} implies the invariant of the starting
-the correctness of @{term tcopy}
+state of @{term tcopy_loop}, that is @{term "inv_begin0 n \<mapsto>
+inv_loop1 n"} holds, and also @{term "inv_loop0 n = inv_end1 n"}, we
+can derive using our Hoare-rules for sequentially composed Turing programs
+the correctness of @{term tcopy}:
 \begin{center}
 @{thm tcopy_correct}
 \end{center}
 \begin{center}
 @{thm haltP_def}
 \end{center}
 \noindent
-This means we considering only Turing machine programs representing functions that take
+This means we considering only Turing machine programs representing
-some numbers as input and produce a single number as output. There is no Turing
+functions that take some numbers as input and produce a single
-machine that can decide the halting problem (answer @{text 0} for halting and
+number as output. The undecidability problem states that there is no
-@{text 1} for looping). Given our correctness proofs for @{term dither} and @{term tcopy}
+Turing machine that can decide the halting problem (answer eith
-this non-existence is relatively straightforward to establish. We first assume there is a coding
+@{text 0} for halting and @{text 1} for looping). Given our
-function, written @{term code}, from Turing machine programs to natural numbers.
+correctness proofs for @{term dither} and @{term tcopy} shown above,
-Suppose a Turing machine @{term H} exists such that if started with the standard
+this non-existence is relatively straightforward to establish. We
-tape @{term "([Bk], <(code M, ns)>)"} returns @{text 0} or @{text 1} depending
+first assume there is a coding function, written @{term "code M"}, which
-on whether @{text M} halts when started with the input tape containing @{term "<ns>"}.
+represents a Turing machine @{term "M"} as a natural number.  No further
-This is formalised as follows
+assumptions are made about this coding function. Suppose a Turing
+machine @{term H} exists such that if started with the standard tape
+@{term "([Bk], <(code M, ns)>)"} returns @{text 0}, respectively @{text 1},
+depending on whether @{text M} halts when started with the input
+tape containing @{term "<ns>"}.  This assumption is formalised as
+follows---for all @{term M} and natural numbers @{term ns}:
 \begin{center}
 \begin{tabular}{r}
 @{thm (prem 2) uncomputable.h_case} implies
 @{thm (concl) uncomputable.h_case}\\

changeset 106	c3155e9e4f63
parent 105	2cae8a39803e
child 107	c2a7a99bf554