X-Git-Url: http://matita.cs.unibo.it/gitweb/?a=blobdiff_plain;f=matita%2Fmatita%2Flib%2Fturing%2Fwhile_machine.ma;h=d5782464400c710ef4dd7ac30ba04e068834aa7a;hb=5fc2b08d86038360e588b8fff333a623964efabe;hp=7cea9ed35976ebba536bc17919ea9da44d35abc1;hpb=f464217340074c5a81e4bda91814abb0611a02e0;p=helm.git diff --git a/matita/matita/lib/turing/while_machine.ma b/matita/matita/lib/turing/while_machine.ma index 7cea9ed35..d57824644 100644 --- a/matita/matita/lib/turing/while_machine.ma +++ b/matita/matita/lib/turing/while_machine.ma @@ -61,6 +61,12 @@ lemma halt_while_acc : cases (halt sig M acc) % qed. +lemma halt_while_not_acc : + ∀sig,M,acc,s.s == acc = false → halt sig (whileTM sig M acc) s = halt sig M s. +#sig #M #acc #s #neqs normalize >neqs +cases (halt sig M s) % +qed. + lemma step_while_acc : ∀sig,M,acc,c.cstate ?? c = acc → step sig (whileTM sig M acc) c = initc … (ctape ?? c). @@ -123,204 +129,50 @@ cases (loop_split ?? (λc. halt sig M (cstate ?? c)) ????? Hloop) ] qed. -(* inductive move_states : Type[0] ≝ -| start : move_states -| q1 : move_states -| q2 : move_states -| q3 : move_states -| qacc : move_states -| qfail : move_states. - -definition -*) - -definition mystates : FinSet → FinSet ≝ λalpha:FinSet.FinProd (initN 5) alpha. - -definition move_char ≝ - λalpha:FinSet.λsep:alpha. - mk_TM alpha (mystates alpha) - (λp.let 〈q,a〉 ≝ p in - let 〈q',b〉 ≝ q in - match a with - [ None ⇒ 〈〈4,sep〉,None ?〉 - | Some a' ⇒ - match q' with - [ O ⇒ (* qinit *) - match a' == sep with - [ true ⇒ 〈〈4,sep〉,None ?〉 - | false ⇒ 〈〈1,a'〉,Some ? 〈a',L〉〉 ] - | S q' ⇒ match q' with - [ O ⇒ (* q1 *) - 〈〈2,a'〉,Some ? 〈b,R〉〉 - | S q' ⇒ match q' with - [ O ⇒ (* q2 *) - 〈〈3,sep〉,Some ? 〈b,R〉〉 - | S q' ⇒ match q' with - [ O ⇒ (* qacc *) - 〈〈3,sep〉,None ?〉 - | S q' ⇒ (* qfail *) - 〈〈4,sep〉,None ?〉 ] ] ] ] ]) - 〈0,sep〉 - (λq.let 〈q',a〉 ≝ q in q' == 3 ∨ q' == 4). - -definition mk_tape : - ∀sig:FinSet.list sig → option sig → list sig → tape sig ≝ - λsig,lt,c,rt.match c with - [ Some c' ⇒ midtape sig lt c' rt - | None ⇒ match lt with - [ nil ⇒ match rt with - [ nil ⇒ niltape ? - | cons r0 rs0 ⇒ leftof ? r0 rs0 ] - | cons l0 ls0 ⇒ rightof ? l0 ls0 ] ]. - -lemma cmove_q0_q1 : - ∀alpha:FinSet.∀sep,a,ls,a0,rs. - a0 == sep = false → - step alpha (move_char alpha sep) - (mk_config ?? 〈0,a〉 (mk_tape … ls (Some ? a0) rs)) = - mk_config alpha (states ? (move_char alpha sep)) 〈1,a0〉 - (tape_move_left alpha ls a0 rs). -#alpha #sep #a * -[ #a0 #rs #Ha0 whd in ⊢ (??%?); - normalize in match (trans ???); >Ha0 % -| #a1 #ls #a0 #rs #Ha0 whd in ⊢ (??%?); - normalize in match (trans ???); >Ha0 % -] -qed. - -lemma cmove_q1_q2 : - ∀alpha:FinSet.∀sep,a,ls,a0,rs. - step alpha (move_char alpha sep) - (mk_config ?? 〈1,a〉 (mk_tape … ls (Some ? a0) rs)) = - mk_config alpha (states ? (move_char alpha sep)) 〈2,a0〉 - (tape_move_right alpha ls a rs). -#alpha #sep #a #ls #a0 * // -qed. - -lemma cmove_q2_q3 : - ∀alpha:FinSet.∀sep,a,ls,a0,rs. - step alpha (move_char alpha sep) - (mk_config ?? 〈2,a〉 (mk_tape … ls (Some ? a0) rs)) = - mk_config alpha (states ? (move_char alpha sep)) 〈3,sep〉 - (tape_move_right alpha ls a rs). -#alpha #sep #a #ls #a0 * // -qed. - -definition option_hd ≝ - λA.λl:list A. match l with - [ nil ⇒ None ? - | cons a _ ⇒ Some ? a ]. - -definition Rmove_char_true ≝ - λalpha,sep,t1,t2. - ∀a,b,ls,rs. b ≠ sep → - t1 = midtape alpha (a::ls) b rs → - t2 = mk_tape alpha (a::b::ls) (option_hd ? rs) (tail ? rs). - -definition Rmove_char_false ≝ - λalpha,sep,t1,t2. - (current alpha t1 = None alpha → t2 = t1) ∧ - (current alpha t1 = Some alpha sep → t2 = t1). - -lemma loop_S_true : - ∀A,n,f,p,a. p a = true → - loop A (S n) f p a = Some ? a. /2/ -qed. - -lemma loop_S_false : - ∀A,n,f,p,a. p a = false → - loop A (S n) f p a = loop A n f p (f a). -normalize #A #n #f #p #a #Hpa >Hpa % -qed. - -notation < "𝐅" non associative with precedence 90 - for @{'bigF}. -notation < "𝐃" non associative with precedence 90 - for @{'bigD}. - -interpretation "FinSet" 'bigF = (mk_FinSet ???). -interpretation "DeqSet" 'bigD = (mk_DeqSet ???). - -lemma trans_init_sep: - ∀alpha,sep,x. - trans ? (move_char alpha sep) 〈〈0,x〉,Some ? sep〉 = 〈〈4,sep〉,None ?〉. -#alpha #sep #x normalize >(\b ?) // -qed. - -lemma trans_init_not_sep: - ∀alpha,sep,x,y.y == sep = false → - trans ? (move_char alpha sep) 〈〈0,x〉,Some ? y〉 = 〈〈1,y〉,Some ? 〈y,L〉〉. -#alpha #sep #x #y #H1 normalize >H1 // -qed. - -lemma sem_move_char : - ∀alpha,sep. - accRealize alpha (move_char alpha sep) - 〈3,sep〉 (Rmove_char_true alpha sep) (Rmove_char_false alpha sep). -#alpha #sep * -[@(ex_intro ?? 2) - @(ex_intro … (mk_config ?? 〈4,sep〉 (niltape ?))) - % [% [whd in ⊢ (??%?);% |#Hfalse destruct ] |#H1 whd % #_ % ] -|#l0 #lt0 @(ex_intro ?? 2) - @(ex_intro … (mk_config ?? 〈4,sep〉 (leftof ? l0 lt0))) - % [% [whd in ⊢ (??%?);% |#Hfalse destruct ] |#H1 whd % #_ % ] -|#r0 #rt0 @(ex_intro ?? 2) - @(ex_intro … (mk_config ?? 〈4,sep〉 (rightof ? r0 rt0))) - % [% [whd in ⊢ (??%?);% |#Hfalse destruct ] |#H1 whd % #_ % ] -| #lt #c #rt cases (true_or_false (c == sep)) #Hc - [ @(ex_intro ?? 2) - @(ex_intro ?? (mk_config ?? 〈4,sep〉 (midtape ? lt c rt))) - % - [% - [ >(\P Hc) >loop_S_false // - >loop_S_true - [ @eq_f whd in ⊢ (??%?); >trans_init_sep % - |>(\P Hc) whd in ⊢(??(???(???%))?); - >trans_init_sep % ] - | #Hfalse destruct +theorem terminate_while: ∀sig,M,acc,Rtrue,Rfalse,t. + halt sig M acc = true → + accRealize sig M acc Rtrue Rfalse → + WF ? (inv … Rtrue) t → Terminate sig (whileTM sig M acc) t. +#sig #M #acc #Rtrue #Rfalse #t #Hacctrue #HM #HWF elim HWF +#t1 #H #Hind cases (HM … t1) #i * #outc * * #Hloop +#Htrue #Hfalse cases (true_or_false (cstate … outc == acc)) #Hcase + [cases (Hind ? (Htrue … (\P Hcase))) #iwhile * #outcfinal + #Hloopwhile @(ex_intro … (i+iwhile)) + @(ex_intro … outcfinal) @(loop_merge … outc … Hloopwhile) + [@(λc.halt sig M (cstate … c)) + |* #s0 #t0 normalize cases (s0 == acc) normalize + [ cases (halt sig M s0) // + | cases (halt sig M s0) normalize // ] - |#_ % #_ % ] - | @(ex_intro ?? 4) - cases lt - [ @ex_intro - [|% - [ % - [ >loop_S_false // - >cmove_q0_q1 // - | normalize in ⊢ (%→?); #Hfalse destruct (Hfalse) - ] - | normalize in ⊢ (%→?); #_ % - [ normalize in ⊢ (%→?); #Hfalse destruct (Hfalse) - | normalize in ⊢ (%→?); #Hfalse destruct (Hfalse) - @False_ind @(absurd ?? (\Pf Hc)) % - ] - ] - ] - | #l0 #lt @ex_intro - [| % - [ % - [ >loop_S_false // - >cmove_q0_q1 // - | #_ #a #b #ls #rs #Hb #Htape - destruct (Htape) - >cmove_q1_q2 - >cmove_q2_q3 - cases rs normalize // - ] - | normalize in ⊢ (% → ?); * #Hfalse - @False_ind /2/ - ] + |@(loop_lift ?? i (λc.c) ? + (step ? (whileTM ? M acc)) ? + (λc.halt sig M (cstate ?? c)) ?? + ?? Hloop) + [ #x % + | * #s #t #Hx whd in ⊢ (??%%); >while_trans_false + [% + |% #Hfalse Hx #H0 destruct ] ] + |@step_while_acc @(\P Hcase) + |>(\P Hcase) @halt_while_acc + ] + |@(ex_intro … i) @(ex_intro … outc) + @(loop_lift_acc ?? i (λc.c) ?????? (λc.cstate ?? c == acc) ???? Hloop) + [#x #Hx >(\P Hx) // + |#x @halt_while_not_acc + |#x #H whd in ⊢ (??%%); >while_trans_false [%] + % #eqx >eqx in H; >Hacctrue #H destruct + |@Hcase ] ] -] qed. -definition R_while_cmove : - λalpha,sep,t1,t2. - ∀a,b,ls,rs. b ≠ sep → memb ? sep rs = false → - t1 = midtape alpha (a::ls) b (rs@sep::rs') → - t2 = midtape alpha (a::rev ? rs@b::ls) sep rs'. +(* +axiom terminate_while: ∀sig,M,acc,Rtrue,Rfalse,t. + halt sig M acc = true → + accRealize sig M acc Rtrue Rfalse → + ∃t1. Rfalse t t1 → Terminate sig (whileTM sig M acc) t. +*) (* (*