tm: comparison thys/uncomputable.thy

equal deleted inserted replaced

-:25b1633a278d
+:e7d845acb0a7
 qed
 qed
 qed
 lemma init_correct:
-"x > 0 \<Longrightarrow>
+"x > 0 \<Longrightarrow> {inv_init1 x} tcopy_init {inv_init0 x}"
-{inv_init1 x} (tcopy_init, 0) {inv_init0 x}"
 proof(rule_tac HoareI)
 fix l r
 assume h: "0 < x"
 "inv_init1 x (l, r)"
 hence "\<exists> stp. is_final (steps (Suc 0, [], Oc\<up>x) (tcopy_init, 0) stp)"
 done
 qed
 qed
 lemma loop_correct:
-"x > 0 \<Longrightarrow>
+"x > 0 \<Longrightarrow> {inv_loop1 x} tcopy_loop {inv_loop0 x}"
-{inv_loop1 x} (tcopy_loop, 0) {inv_loop0 x}"
 proof(rule_tac HoareI)
 fix l r
 assume h: "0 < x"
 "inv_loop1 x (l, r)"
 hence "\<exists> stp. is_final (steps (Suc 0, l, r) (tcopy_loop, 0) stp)"
 by simp
 qed
 qed
 lemma end_correct:
-"x > 0 \<Longrightarrow>
+"x > 0 \<Longrightarrow> {inv_end1 x} tcopy_end {inv_end0 x}"
-{inv_end1 x} (tcopy_end, 0) {inv_end0 x}"
 proof(rule_tac HoareI)
 fix l r
 assume h: "0 < x"
 "inv_end1 x (l, r)"
 hence "\<exists> stp. is_final (steps (Suc 0, l, r) (tcopy_end, 0) stp)"
 apply(auto simp: tm_wf.simps shift.simps adjust.simps length_comp
 tm_comp.simps)
 done
 lemma tcopy_correct1:
-"\<lbrakk>x > 0\<rbrakk> \<Longrightarrow> {inv_init1 x} (tcopy, 0) {inv_end0 x}"
+"\<lbrakk>x > 0\<rbrakk> \<Longrightarrow> {inv_init1 x} tcopy {inv_end0 x}"
 proof(simp add: tcopy_def, rule_tac Hoare_plus_halt)
 show "inv_loop0 x \<mapsto> inv_end1 x"
 by(auto simp: inv_end1.simps inv_loop1.simps assert_imp_def)
 next
 show "tm_wf (tcopy_init |+| tcopy_loop, 0)" by auto
 next
 show "tm_wf (tcopy_end, 0)" by auto
 next
 assume "0 < x"
-thus "{inv_init1 x} (tcopy_init |+| tcopy_loop, 0) {inv_loop0 x}"
+thus "{inv_init1 x} (tcopy_init |+| tcopy_loop) {inv_loop0 x}"
 proof(rule_tac Hoare_plus_halt)
 show "inv_init0 x \<mapsto> inv_loop1 x"
 apply(auto simp: inv_init0.simps inv_loop1.simps assert_imp_def)
 apply(rule_tac x = "Suc 0" in exI, auto)
 done
 show "tm_wf (tcopy_init, 0)" by auto
 next
 show "tm_wf (tcopy_loop, 0)" by auto
 next
 assume "0 < x"
-thus "{inv_init1 x} (tcopy_init, 0) {inv_init0 x}"
+thus "{inv_init1 x} tcopy_init {inv_init0 x}"
 by(erule_tac init_correct)
 next
 assume "0 < x"
-thus "{inv_loop1 x} (tcopy_loop, 0) {inv_loop0 x}"
+thus "{inv_loop1 x} tcopy_loop {inv_loop0 x}"
 by(erule_tac loop_correct)
 qed
 next
 assume "0 < x"
-thus "{inv_end1 x} (tcopy_end, 0) {inv_end0 x}"
+thus "{inv_end1 x} tcopy_end {inv_end0 x}"
 by(erule_tac end_correct)
 qed
 section {*
 The {\em Dithering} Turing Machine
 apply arith
 apply(drule_tac length_eq, simp)
 done
 lemma Hoare_weak:
-"\<lbrakk>{P} (p, off) {Q}; P'\<mapsto>P; Q\<mapsto>Q'\<rbrakk> \<Longrightarrow> {P'} (p, off) {Q'}"
+fixes p::tprog0
-using Hoare_def
+assumes a: "{P} p {Q}"
-proof(auto simp: assert_imp_def)
+and b: "P' \<mapsto> P"
-fix l r
+and c: "Q \<mapsto> Q'"
-assume
+shows "{P'} p {Q'}"
-ho1: "\<forall>l r. P (l, r) \<longrightarrow> (\<exists>n. is_final (steps (Suc 0, l, r) (p, off) n)
+using assms
-\<and> Q holds_for steps (Suc 0, l, r) (p, off) n)"
+unfolding Hoare_def assert_imp_def
-and imp1: "\<forall>l r. P' (l, r) \<longrightarrow> P (l, r)"
+by (blast intro: holds_for_imp[simplified assert_imp_def])
-and imp2: "\<forall>l r. Q (l, r) \<longrightarrow> Q' (l, r)"
-and cond: "P' (l, r)"
-and ho2: "\<And>P a b Q. {P} (a, b) {Q} \<equiv> \<forall>l r. P (l, r) \<longrightarrow>
-(\<exists>n. is_final (steps (Suc 0, l, r) (a, b) n) \<and> Q holds_for steps (Suc 0, l, r) (a, b) n)"
-have "P (l, r)"
-using cond imp1 by auto
-hence "(\<exists>n. is_final (steps (Suc 0, l, r) (p, off) n)
-\<and> Q holds_for steps (Suc 0, l, r) (p, off) n)"
-using ho1 by auto
-from this obtain n where "is_final (steps (Suc 0, l, r) (p, off) n)
-\<and> Q holds_for steps (Suc 0, l, r) (p, off) n" ..
-thus "\<exists>n. is_final (steps (Suc 0, l, r) (p, off) n) \<and>
-Q' holds_for steps (Suc 0, l, r) (p, off) n"
-apply(rule_tac x = n in exI, auto)
-apply(case_tac "steps (Suc 0, l, r) (p, off) n", simp)
-using imp2
-by simp
-qed
 text {*
 The following locale specifies that TM @{text "H"} can be used to solve
 the {\em Halting Problem} and @{text "False"} is going to be derived
 under this locale. Therefore, the undecidability of {\em Halting Problem}
 let ?P2 = "\<lambda> (l, r). (l = [Bk] \<and> r = Oc\<up>?cn @ Bk # Oc\<up>?cn)"
 let ?Q2 = "\<lambda>(l, r). (\<exists>nd. l = Bk \<up> nd) \<and> r = [Oc, Oc]"
 let ?P3 = ?Q2
 let ?Q3 = ?P3
 assume h: "\<not> haltP (?tcontr, 0) [code ?tcontr]"
-have "{?P1} (?tcontr, 0) {?Q3}"
+have "{?P1} ?tcontr {?Q3}"
 proof(rule_tac Hoare_plus_halt, auto)
 show "?Q2 \<mapsto> ?P3"
 apply(simp add: assert_imp_def)
 done
 next
-show "{?P1} (tcopy|+|H, 0) {?Q2}"
+show "{?P1} (tcopy|+|H) {?Q2}"
 proof(rule_tac Hoare_plus_halt, auto)
 show "?Q1 \<mapsto> ?P2"
 apply(simp add: assert_imp_def)
 done
 next
-show "{?P1} (tcopy, 0) {?Q1}"
+show "{?P1} tcopy {?Q1}"
 proof -
-have g: "{inv_init1 ?cn} (tcopy, 0) {inv_end0 ?cn}"
+have g: "{inv_init1 ?cn} tcopy {inv_end0 ?cn}"
 by(rule_tac tcopy_correct1, simp)
 thus "?thesis"
 proof(rule_tac Hoare_weak)
-show "{inv_init1 ?cn} (tcopy, 0)
+show "{inv_init1 ?cn} tcopy
 {inv_end0 ?cn} " using g by simp
 next
 show "?P1 \<mapsto> inv_init1 (?cn)"
 apply(simp add: inv_init1.simps assert_imp_def)
 done
 apply(simp add: assert_imp_def inv_end0.simps)
 done
 qed
 qed
 next
-show "{?P2} (H, 0) {?Q2}"
+show "{?P2} H {?Q2}"
 using Hoare_def nh_newcase[of ?tcontr "[code ?tcontr]" 1] h
 apply(auto)
 apply(rule_tac x = na in exI)
 apply(simp add: replicate_Suc tape_of_nl_abv)
 done
 qed
 next
-show "{?P3}(dither, 0){?Q3}"
+show "{?P3} dither {?Q3}"
 using Hoare_def
 proof(auto)
 fix nd
 show "\<exists>n. is_final (steps (Suc 0, Bk \<up> nd, [Oc, Oc]) (dither, 0) n) \<and>
 (\<lambda>(l, r). (\<exists>nd. l = Bk \<up> nd) \<and> r = [Oc, Oc])
 let ?Q1 = "\<lambda> (l, r). (l = [Bk] \<and> r = Oc\<up>?cn @ Bk # Oc\<up>?cn)"
 let ?P2 = "\<lambda> (l, r). (l = [Bk] \<and> r = Oc\<up>?cn @ Bk # Oc\<up>?cn)"
 let ?Q2 = "\<lambda>(l, r). (\<exists>nd. l = Bk \<up> nd) \<and> r = [Oc]"
 let ?P3 = ?Q2
 assume h: "haltP (?tcontr, 0) [code ?tcontr]"
-have "{?P1} (?tcontr, 0)"
+have "{?P1} ?tcontr"
 proof(rule_tac Hoare_plus_unhalt, auto)
 show "?Q2 \<mapsto> ?P3"
 apply(simp add: assert_imp_def)
 done
 next
-show "{?P1} (tcopy|+|H, 0) {?Q2}"
+show "{?P1} (tcopy |+| H) {?Q2}"
 proof(rule_tac Hoare_plus_halt, auto)
 show "?Q1 \<mapsto> ?P2"
 apply(simp add: assert_imp_def)
 done
 next
-show "{?P1} (tcopy, 0) {?Q1}"
+show "{?P1} tcopy {?Q1}"
 proof -
-have g: "{inv_init1 ?cn} (tcopy, 0) {inv_end0 ?cn}"
+have g: "{inv_init1 ?cn} tcopy {inv_end0 ?cn}"
 by(rule_tac tcopy_correct1, simp)
 thus "?thesis"
 proof(rule_tac Hoare_weak)
-show "{inv_init1 ?cn} (tcopy, 0)
+show "{inv_init1 ?cn} tcopy
 {inv_end0 ?cn} " using g by simp
 next
 show "?P1 \<mapsto> inv_init1 (?cn)"
 apply(simp add: inv_init1.simps assert_imp_def)
 done
 apply(simp add: assert_imp_def inv_end0.simps)
 done
 qed
 qed
 next
-show "{?P2} (H, 0) {?Q2}"
+show "{?P2} H {?Q2}"
 using Hoare_def h_newcase[of ?tcontr "[code ?tcontr]" 1] h
 apply(auto)
 apply(rule_tac x = na in exI)
 apply(simp add: replicate_Suc tape_of_nl_abv)
 done
 qed
 next
-show "{?P3}(dither, 0)"
+show "{?P3} dither"
 using Hoare_unhalt_def
 proof(auto)
 fix nd n
 assume "is_final (steps (Suc 0, Bk \<up> nd, [Oc]) (dither, 0) n)"
 thus "False"

changeset 54	e7d845acb0a7
parent 47	251e192339b7
child 55	cd4ef33c8fb1