tm: comparison thys/turing

equal deleted inserted replaced

-:25b1633a278d
+:e7d845acb0a7
 type_synonym state = nat
 type_synonym instr = "action \<times> state"
 type_synonym tprog = "instr list \<times> nat"
+type_synonym tprog0 = "instr list"
 type_synonym config = "state \<times> tape"
 fun nth_of where
 "nth_of xs i = (if i \<ge> length xs then None
 fun steps :: "config \<Rightarrow> tprog \<Rightarrow> nat \<Rightarrow> config"
 where
 "steps c p 0 = c" |
 "steps c p (Suc n) = steps (step c p) p n"
+abbreviation
+"step0 c p \<equiv> step c (p, 0)"
+abbreviation
+"steps0 c p n \<equiv> steps c (p, 0) n"
 lemma step_red [simp]:
 shows "steps c p (Suc n) = step (steps c p n) p"
 by (induct n arbitrary: c) (auto)
 lemma steps_add [simp]:
 fun
 tm_wf :: "tprog \<Rightarrow> bool"
 where
 "tm_wf (p, off) = (length p \<ge> 2 \<and> length p mod 2 = 0 \<and>
-(\<forall>(a, s) \<in> set p. s \<le> length p div 2
+(\<forall>(a, s) \<in> set p. s \<le> length p div 2 + off \<and> s \<ge> off))"
-+ off \<and> s \<ge> off))"
 lemma halt_lemma:
 "\<lbrakk>wf LE; \<forall>n. (\<not> P (f n) \<longrightarrow> (f (Suc n), (f n)) \<in> LE)\<rbrakk> \<Longrightarrow> \<exists>n. P (f n)"
 by (metis wf_iff_no_infinite_down_chain)
 fun
 shift :: "instr list \<Rightarrow> nat \<Rightarrow> instr list"
 where
 "shift p n = (map (\<lambda> (a, s). (a, (if s = 0 then 0 else s + n))) p)"
+fun
+adjust :: "instr list \<Rightarrow> instr list"
+where
+"adjust p = map (\<lambda> (a, s). (a, if s = 0 then (Suc (length p div 2)) else s)) p"
 lemma length_shift [simp]:
 "length (shift p n) = length p"
-by (simp)
+by simp
-fun
-adjust :: "instr list \<Rightarrow> instr list"
-where
-"adjust p = map (\<lambda> (a, s). (a, if s = 0 then (Suc (length p div 2)) else s)) p"
 lemma length_adjust[simp]:
 shows "length (adjust p) = length p"
 by (induct p) (auto)
 fun
 tm_comp :: "instr list \<Rightarrow> instr list \<Rightarrow> instr list" ("_ |+| _" [0, 0] 100)
 where
-"tm_comp p1 p2 = ((adjust p1) @ (shift p2 ((length p1) div 2)))"
+"tm_comp p1 p2 = ((adjust p1) @ (shift p2 (length p1 div 2)))"
 fun
 is_final :: "config \<Rightarrow> bool"
 where
 "is_final (s, l, r) = (s = 0)"
 fun
 holds_for :: "(tape \<Rightarrow> bool) \<Rightarrow> config \<Rightarrow> bool" ("_ holds'_for _" [100, 99] 100)
 where
 "P holds_for (s, l, r) = P (l, r)"
-(*
-lemma step_0 [simp]:
-shows "step (0, (l, r)) p = (0, (l, r))"
-by simp
-lemma steps_0 [simp]:
-shows "steps (0, (l, r)) p n = (0, (l, r))"
-by (induct n) (simp_all)
-*)
 lemma is_final_holds[simp]:
 assumes "is_final c"
 shows "Q holds_for (steps c (p, off) n) = Q holds_for c"
 using assms
 apply(induct n)
+apply(auto)
 apply(case_tac [!] c)
 apply(auto)
 done
 type_synonym assert = "tape \<Rightarrow> bool"
 definition
 assert_imp :: "assert \<Rightarrow> assert \<Rightarrow> bool" ("_ \<mapsto> _" [0, 0] 100)
 where
-"P \<mapsto> Q = (\<forall>l r. P (l, r) \<longrightarrow> Q (l, r))"
+"P \<mapsto> Q \<equiv> \<forall>l r. P (l, r) \<longrightarrow> Q (l, r)"
 lemma holds_for_imp:
 assumes "P holds_for c"
 and "P \<mapsto> Q"
 shows "Q holds_for c"
-using assms unfolding assert_imp_def by (case_tac c, auto)
+using assms unfolding assert_imp_def
+by (case_tac c) (auto)
 definition
-Hoare :: "assert \<Rightarrow> tprog \<Rightarrow> assert \<Rightarrow> bool" ("({(1_)}/ (_)/ {(1_)})" 50)
+Hoare :: "assert \<Rightarrow> tprog0 \<Rightarrow> assert \<Rightarrow> bool" ("({(1_)}/ (_)/ {(1_)})" 50)
 where
 "{P} p {Q} \<equiv>
-(\<forall>l r. P (l, r) \<longrightarrow> (\<exists>n. is_final (steps (1, (l, r)) p n) \<and> Q holds_for (steps (1, (l, r)) p n)))"
+(\<forall>l r. P (l, r) \<longrightarrow> (\<exists>n. is_final (steps0 (1, (l, r)) p n) \<and> Q holds_for (steps0 (1, (l, r)) p n)))"
 lemma HoareI:
-assumes "\<And>l r. P (l, r) \<Longrightarrow> \<exists>n. is_final (steps (1, (l, r)) p n) \<and> Q holds_for (steps (1, (l, r)) p n)"
+assumes "\<And>l r. P (l, r) \<Longrightarrow> \<exists>n. is_final (steps0 (1, (l, r)) p n) \<and> Q holds_for (steps0 (1, (l, r)) p n)"
 shows "{P} p {Q}"
 unfolding Hoare_def using assms by auto
 lemma step_0 [simp]:
 lemma steps_0 [simp]:
 shows "steps (0, (l, r)) p n = (0, (l, r))"
 by (induct n) (simp_all)
-declare steps.simps[simp del]
+(* if the machine is in the halting state, there must have
+been a state just before the halting state *)
-lemma before_final_old:
-assumes "steps (1, tp) A n = (0, tp')"
-obtains n' where "\<not> is_final (steps (1, tp) A n')"
-and "steps (1, tp) A (Suc n') = (0, tp')"
-proof -
-from assms have "\<exists> n'. \<not> is_final (steps (1, tp) A n') \<and>
-steps (1, tp) A (Suc n') = (0, tp')"
-proof(induct n arbitrary: tp', simp add: steps.simps)
-fix n tp'
-assume ind:
-"\<And>tp'. steps (1, tp) A n = (0, tp') \<Longrightarrow>
-\<exists>n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')"
-and h: " steps (1, tp) A (Suc n) = (0, tp')"
-from h show  "\<exists>n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')"
-proof(simp add: step_red del: steps.simps,
-case_tac "(steps (Suc 0, tp) A n)", case_tac "a = 0", simp)
-fix a b c
-assume " steps (Suc 0, tp) A n = (0, tp')"
-hence "\<exists>n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')"
-apply(rule_tac ind, simp)
-done
-thus "\<exists>n'. \<not> is_final (steps (Suc 0, tp) A n') \<and> step (steps (Suc 0, tp) A n') A = (0, tp')"
-apply(simp)
-done
-next
-fix a b c
-assume "steps (Suc 0, tp) A n = (a, b, c)"
-"step (steps (Suc 0, tp) A n) A = (0, tp')"
-"a \<noteq> 0"
-thus "\<exists>n'. \<not> is_final (steps (Suc 0, tp) A n') \<and>
-step (steps (Suc 0, tp) A n') A = (0, tp')"
-apply(rule_tac x = n in exI)
-apply(simp)
-done
-qed
-qed
-thus "(\<And>n'. \<lbrakk>\<not> is_final (steps (1, tp) A n');
-steps (1, tp) A (Suc n') = (0, tp')\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis"
-by auto
-qed
 lemma before_final:
-assumes "steps (1, tp) A n = (0, tp')"
+assumes "steps0 (1, tp) A n = (0, tp')"
-shows "\<exists> n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')"
+shows "\<exists> n'. \<not> is_final (steps0 (1, tp) A n') \<and> steps0 (1, tp) A (Suc n') = (0, tp')"
 using assms
 proof(induct n arbitrary: tp')
 case (0 tp')
-have asm: "steps (1, tp) A 0 = (0, tp')" by fact
+have asm: "steps0 (1, tp) A 0 = (0, tp')" by fact
-then show "\<exists>n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')"
+then show "\<exists>n'. \<not> is_final (steps0 (1, tp) A n') \<and> steps0 (1, tp) A (Suc n') = (0, tp')"
-by (simp add: steps.simps)
+by simp
 next
 case (Suc n tp')
-have ih: "\<And>tp'. steps (1, tp) A n = (0, tp') \<Longrightarrow>
+have ih: "\<And>tp'. steps0 (1, tp) A n = (0, tp') \<Longrightarrow>
-\<exists>n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')" by fact
+\<exists>n'. \<not> is_final (steps0 (1, tp) A n') \<and> steps0 (1, tp) A (Suc n') = (0, tp')" by fact
-have asm: "steps (1, tp) A (Suc n) = (0, tp')" by fact
+have asm: "steps0 (1, tp) A (Suc n) = (0, tp')" by fact
-obtain s l r where cases: "steps (1, tp) A n = (s, l, r)"
+obtain s l r where cases: "steps0 (1, tp) A n = (s, l, r)"
 by (auto intro: is_final.cases)
-then show "\<exists>n'. \<not> is_final (steps (1, tp) A n') \<and> steps (1, tp) A (Suc n') = (0, tp')"
+then show "\<exists>n'. \<not> is_final (steps0 (1, tp) A n') \<and> steps0 (1, tp) A (Suc n') = (0, tp')"
 proof (cases "s = 0")
 case True (* in halting state *)
-then have "steps (1, tp) A n = (0, tp')"
+then have "steps0 (1, tp) A n = (0, tp')"
-using asm cases by simp
+using asm cases by (simp del: steps.simps)
 then show ?thesis using ih by simp
 next
 case False (* not in halting state *)
-then have "\<not> is_final (steps (1, tp) A n) \<and> steps (1, tp) A (Suc n) = (0, tp')"
+then have "\<not> is_final (steps0 (1, tp) A n) \<and> steps0 (1, tp) A (Suc n) = (0, tp')"
 using asm cases by simp
 then show ?thesis by auto
 qed
 qed
+lemma length_comp:
+shows "length (A |+| B) = length A + length B"
+by auto
+declare steps.simps[simp del]
 declare tm_comp.simps [simp del] adjust.simps[simp del] shift.simps[simp del]
-lemma length_comp:
-"length (A |+| B) = length A + length B"
-apply(auto simp: tm_comp.simps)
-done
 lemma tmcomp_fetch_in_first:
 assumes "case (fetch A a x) of (ac, ns) \<Rightarrow> ns \<noteq> 0"
 shows "fetch (A |+| B) a x = fetch A a x"
 using assms
 lemma Hoare_plus_halt:
 assumes aimpb: "Q1 \<mapsto> P2"
 and A_wf : "tm_wf (A, 0)"
 and B_wf : "tm_wf (B, 0)"
-and A_halt : "{P1} (A, 0) {Q1}"
+and A_halt : "{P1} A {Q1}"
-and B_halt : "{P2} (B, 0) {Q2}"
+and B_halt : "{P2} B {Q2}"
-shows "{P1} (A |+| B, 0) {Q2}"
+shows "{P1} A |+| B {Q2}"
 proof(rule HoareI)
 fix l r
 assume h: "P1 (l, r)"
 then obtain n1
-where "is_final (steps (1, l, r) (A, 0) n1)" and "Q1 holds_for (steps (1, l, r) (A, 0) n1)"
+where "is_final (steps0 (1, l, r) A n1)" and "Q1 holds_for (steps0 (1, l, r) A n1)"
 using A_halt unfolding Hoare_def by auto
-then obtain l' r' where "steps (1, l, r) (A, 0) n1 = (0, l', r')" and c: "Q1 holds_for (0, l', r')"
+then obtain l' r' where "steps0 (1, l, r) A n1 = (0, l', r')" and c: "Q1 holds_for (0, l', r')"
-by(case_tac "steps (1, l, r) (A, 0) n1") (auto)
+by(case_tac "steps0 (1, l, r) A n1") (auto)
-then obtain stpa where d: "steps (1, l, r) (A |+| B, 0) stpa = (Suc (length A div 2), l', r')"
+then obtain stpa where d: "steps0 (1, l, r) (A |+| B) stpa = (Suc (length A div 2), l', r')"
 using A_wf by(rule_tac t_merge_pre_halt_same) (auto)
 moreover
 from c aimpb have "P2 holds_for (0, l', r')"
 by (rule holds_for_imp)
 then have "P2 (l', r')" by auto
 then obtain n2
-where "is_final (steps (1, l', r') (B, 0) n2)" and "Q2 holds_for (steps (1, l', r') (B, 0) n2)"
+where "is_final (steps0 (1, l', r') B n2)" and "Q2 holds_for (steps0 (1, l', r') B n2)"
 using B_halt unfolding Hoare_def by auto
-then obtain l'' r'' where "steps (1, l', r') (B, 0) n2 = (0, l'', r'')" and g: "Q2 holds_for (0, l'', r'')"
+then obtain l'' r'' where "steps0 (1, l', r') B n2 = (0, l'', r'')" and g: "Q2 holds_for (0, l'', r'')"
-by (case_tac "steps (1, l', r') (B, 0) n2", auto)
+by (case_tac "steps0 (1, l', r') B n2", auto)
-then have "steps (Suc (length A div 2), l', r')  (A |+| B, 0) n2 = (0, l'', r'')"
+then have "steps0 (Suc (length A div 2), l', r')  (A |+| B) n2 = (0, l'', r'')"
 by (rule_tac t_merge_second_halt_same) (auto simp: A_wf B_wf)
 ultimately show
-"\<exists>n. is_final (steps (1, l, r) (A |+| B, 0) n) \<and> Q2 holds_for (steps (1, l, r) (A |+| B, 0) n)"
+"\<exists>n. is_final (steps0 (1, l, r) (A |+| B) n) \<and> Q2 holds_for (steps0 (1, l, r) (A |+| B) n)"
 using g
 apply(rule_tac x = "stpa + n2" in exI)
 apply(simp add: steps_add)
 done
 qed
 definition
-Hoare_unhalt :: "assert \<Rightarrow> tprog \<Rightarrow> bool" ("({(1_)}/ (_))" 50)
+Hoare_unhalt :: "assert \<Rightarrow> tprog0 \<Rightarrow> bool" ("({(1_)}/ (_))" 50)
 where
 "{P} p \<equiv>
-(\<forall>l r. P (l, r) \<longrightarrow> (\<forall> n . \<not> (is_final (steps (1, (l, r)) p n))))"
+(\<forall>l r. P (l, r) \<longrightarrow> (\<forall> n . \<not> (is_final (steps0 (1, (l, r)) p n))))"
 lemma Hoare_unhalt_I:
-assumes "\<And>l r. P (l, r) \<Longrightarrow> \<forall> n. \<not> is_final (steps (1, (l, r)) p n)"
+assumes "\<And>l r. P (l, r) \<Longrightarrow> \<forall> n. \<not> is_final (steps0 (1, (l, r)) p n)"
 shows "{P} p"
 unfolding Hoare_unhalt_def using assms by auto
 lemma Hoare_plus_unhalt:
+fixes A B :: tprog0
 assumes aimpb: "Q1 \<mapsto> P2"
 and A_wf : "tm_wf (A, 0)"
 and B_wf : "tm_wf (B, 0)"
-and A_halt : "{P1} (A, 0) {Q1}"
+and A_halt : "{P1} A {Q1}"
-and B_uhalt : "{P2} (B, 0)"
+and B_uhalt : "{P2} B"
-shows "{P1} (A |+| B, 0)"
+shows "{P1} (A |+| B)"
 proof(rule_tac Hoare_unhalt_I)
 fix l r
 assume h: "P1 (l, r)"
-then obtain n1 where a: "is_final (steps (1, l, r) (A, 0) n1)" and b: "Q1 holds_for (steps (1, l, r) (A, 0) n1)"
+then obtain n1 where a: "is_final (steps0 (1, l, r) A n1)" and b: "Q1 holds_for (steps0 (1, l, r) A n1)"
 using A_halt unfolding Hoare_def by auto
-then obtain l' r' where "steps (1, l, r) (A, 0) n1 = (0, l', r')" and c: "Q1 holds_for (0, l', r')"
+then obtain l' r' where "steps0 (1, l, r) A n1 = (0, l', r')" and c: "Q1 holds_for (0, l', r')"
-by(case_tac "steps (1, l, r) (A, 0) n1", auto)
+by(case_tac "steps0 (1, l, r) A n1", auto)
-then obtain stpa where d: "steps (1, l, r) (A |+| B, 0) stpa = (Suc (length A div 2), l', r')"
+then obtain stpa where d: "steps0 (1, l, r) (A |+| B) stpa = (Suc (length A div 2), l', r')"
 using A_wf
 by(rule_tac t_merge_pre_halt_same, auto)
 from c aimpb have "P2 holds_for (0, l', r')"
 by(rule holds_for_imp)
 from this have "P2 (l', r')" by auto
-from this have e: "\<forall> n. \<not> is_final (steps (Suc 0, l', r') (B, 0) n)  "
+from this have e: "\<forall> n. \<not> is_final (steps0 (Suc 0, l', r') B n)  "
 using B_uhalt unfolding Hoare_unhalt_def
 by auto
-from e show "\<forall>n. \<not> is_final (steps (1, l, r) (A |+| B, 0) n)"
+from e show "\<forall>n. \<not> is_final (steps0 (1, l, r) (A |+| B) n)"
 proof(rule_tac allI, case_tac "n > stpa")
 fix n
 assume h2: "stpa < n"
-hence "\<not> is_final (steps (Suc 0, l', r') (B, 0) (n - stpa))"
+hence "\<not> is_final (steps0 (Suc 0, l', r') B (n - stpa))"
 using e
 apply(erule_tac x = "n - stpa" in allE) by simp
-then obtain s'' l'' r'' where f: "steps (Suc 0, l', r') (B, 0) (n - stpa) = (s'', l'', r'')" and g: "s'' \<noteq> 0"
+then obtain s'' l'' r'' where f: "steps0 (Suc 0, l', r') B (n - stpa) = (s'', l'', r'')" and g: "s'' \<noteq> 0"
-apply(case_tac "steps (Suc 0, l', r') (B, 0) (n - stpa)", auto)
+apply(case_tac "steps0 (Suc 0, l', r') B (n - stpa)", auto)
 done
-have k: "steps (Suc (length A div 2), l', r') (A |+| B, 0) (n - stpa) = (s''+ length A div 2, l'', r'') "
+have k: "steps0 (Suc (length A div 2), l', r') (A |+| B) (n - stpa) = (s''+ length A div 2, l'', r'') "
 using A_wf B_wf f g
 apply(drule_tac t_merge_second_same, auto)
 done
-show "\<not> is_final (steps (1, l, r) (A |+| B, 0) n)"
+show "\<not> is_final (steps0 (1, l, r) (A |+| B) n)"
 proof -
-have "\<not> is_final (steps (1, l, r) (A |+| B, 0) (stpa + (n  - stpa)))"
+have "\<not> is_final (steps0 (1, l, r) (A |+| B) (stpa + (n  - stpa)))"
 using d k A_wf
 apply(simp only: steps_add d, simp add: tm_wf.simps)
 done
-thus "\<not> is_final (steps (1, l, r) (A |+| B, 0) n)"
+thus "\<not> is_final (steps0 (1, l, r) (A |+| B) n)"
 using h2 by simp
 qed
 next
 fix n
 assume h2: "\<not> stpa < n"
-with d show "\<not> is_final (steps (1, l, r) (A |+| B, 0) n)"
+with d show "\<not> is_final (steps0 (1, l, r) (A |+| B) n)"
 apply(auto)
 apply(subgoal_tac "\<exists> d. stpa = n + d", auto)
-apply(case_tac "(steps (Suc 0, l, r) (A |+| B, 0) n)", simp)
+apply(case_tac "(steps0 (Suc 0, l, r) (A |+| B) n)", simp)
 apply(rule_tac x = "stpa - n" in exI, simp)
 done
 qed
 qed

changeset 54	e7d845acb0a7
parent 53	25b1633a278d
child 55	cd4ef33c8fb1