chapter‹Reducing $\NP$ languages to \SAT{}\label{s:Reducing}›
theory Reducing imports Satisfiability Oblivious begin
text‹
have already shown that \SAT{} is in $\NP$. It remains to show that \SAT{} is \NP$-hard, that is, that every language $L \in\NP$ can be polynomial-time
to \SAT{}. This, in turn, can be split in two parts. First, showing that
every $x$ there is a CNF formula $\Phi$ such that $x\in L$ iff.\ $\Phi$ is
. Second, that $\Phi$ can be computed from $x$ in polynomial time.
chapter is devoted to the first part, which is the core of the proof. In
subsequent two chapters we painstakingly construct a polynomial-time Turing
computing $\Phi$ from $x$ in order to show something that is usually
``obvious''.
proof corresponds to lemma~2.11 from the textbook~\cite{ccama}. Of course we
to be much more explicit than the textbook, and the first section describes
some detail how we derive the formula $\Phi$. ›
section‹Introduction›
text‹
$L \in\NP$. In order to reduce $L$ to \SAT{}, we need to construct for
string $x\in\bbOI^*$ a CNF formula $\Phi$ such that $x\in L$ iff.\ $\Phi$
satisfiable. In this section we describe how $\Phi$ looks like.
subsection{Preliminaries}
denote the length of a string $s\in\bbOI^*$ by $|s|$. We define
[
num(s) = \left\{\begin{array}{ll}
k & \text{if } s = \bbbI^k\bbbO^{|s|-k},\\
|s| + 1 & \text{otherwise.} \end{array}\right.
]
$num$ interprets some strings as unary codes of numbers. All other
are interpreted as an ``error value''.
a string $s$ and a sequence $w\in\nat^n$ of numbers we write $s(w)$ for
num(s_{w_0}\dots s_{w_{n-1}})$. Likewise for an assignment $\alpha\colon\nat
to \bbOI$ we write $\alpha(w) = num(\alpha(w_0)\dots\alpha(w_{n-1}))$.
define two families of CNF formulas. Variables are written $v_0, v_1, v_2,
dots$, and negated variables are written $\bar v_0, \bar v_1, \bar v_2, \dots$
$w\in\nat^n$ be a list of numbers. For $k \leq n$ define
[ \Psi(w, k) = \bigwedge_{i=0}^{k-1} v_{w_i} \land\bigwedge_{i=k}^{n - 1} \bar v_{w_i}.
]
formula is satisfied by an assignment $\alpha$ iff.\ $\alpha(w) = k$. In a
fashion we define for $n > 2$,
[ \Upsilon(w) = v_{w_0} \land v_{w_1} \land\bigwedge_{i=3}^{n - 1} \bar v_{w_i},
]
is satisfied by an assignment $\alpha$ iff.\ $\alpha(w) \in\{2, 3\} =
{\mathbf{0}, \mathbf{1}\}$, where as usual the boldface $\mathbf{0}$ and \mathbf{1}$ refer to the symbols represented by the numbers~2 and~3.
$a \leq b$ we write $[a:b]$ for the interval $[a, \dots, b - 1] \in\nat^{b
a}$. For intervals the CNF formulas become:
[ \Psi([a:b], k) = \bigwedge_{i=a}^{a+k-1} v_i \land\bigwedge_{i=a+k}^{b - 1} \bar v_i
qquad \text{and} \qquad \Upsilon([a:b]) = v_a \land v_{a+1} \land\bigwedge_{i=a+3}^{b - 1} \bar v_i.
]
$\phi$ be a CNF formula and let $\sigma\in\nat^*$ be a sequence of variable
java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because "macro" is null \sigma|$. Then we define the CNF formula $\sigma(\phi)$ as the formula
from replacing every variable $v_i$ in $\phi$ by the variable
v_{\sigma_i}$. This corresponds to our function @{const relabel}.
subsection{Construction of the CNF formula}
$M$ be the two-tape oblivious verifier Turing machine for $L$ from
~@{text NP_imp_oblivious_2tape}. Let $p$ be the polynomial function for the
of the certificates, and let $T\colon\nat\to\nat$ be the polynomial
-time bound. Let $G$ be $M$'s alphabet size.
$x\in\bbOI^n$ be fixed thoughout the rest of this section. We seek a CNF
$\Phi$ that is satisfiable iff.\ $x\in L$. We are going to transform
`$x\in L$'' via several equivalent statements to the statement ``$\Phi$ is
'' for a suitable $\Phi$ defined along the way. The Isabelle
later in this chapter does not prove these equivalences
. They are only meant to explain the shape of $\Phi$.
subsubsection{1st equivalence}
lemma~@{text NP_imp_oblivious_2tape} about $M$ we get the first equivalent
: There exists a certificate $u \in\bbOI^{p(n)}$
that $M$ on input $\langle x, u\rangle$ halts with the symbol \textbf{1}
its output tape head. The running time of $M$ is bounded by $T(|\langle
, u\rangle|) = T(2n+2+2p(n))$. We abbreviate $|\langle x, u\rangle| = 2n+2+2p(n)$
$m$.
subsubsection{2nd equivalence}
the second equivalent statement, we define what the textbook calls
`snapshots''. For every $u\in\{\bbbO,\bbbI\}^{p(n)}$ let $z_0^u(t)$ be the
under the input tape head of $M$ on input $\langle x, u\rangle$ at step
t$. Similarly we define $z_1^u(t)$ as the symbol under the output tape head of
M$ at step $t$ and $z_2^u(t)$ as the state $M$ is in at step $t$. A triple
z^u(t) = (z^u_0(t), z^u_1(t), z^u_2(t))$ is called a snapshot. For the initial
we have:
begin{equation}
z_0^u(0) = z_1^u(0) = \triangleright\qquad\text{and}\qquad z_2^u(0) = 0. \tag{Z0}
end{equation}
crucial idea is that the snapshots for $t > 0$ can be characterized
using two auxiliary functions $\inputpos$ and $\prev$.
$M$ is oblivious, the positions of the tape heads on input $\langle x, \rangle$ after $t$ steps are the same for all $u$ of length $p(n)$. We denote
input head positions by $\inputpos(t)$.
every $t$ we denote by $\prev(t)$ the last step before $t$ in which the
tape head of $M$ was in the same cell as in step $t$. Due to $M$'s
this is again the same for all $u$ of length $p(n)$. If there is
such previous step, because $t$ is the first time the cell is reached, we set \prev(t) = t$. (This deviates from the textbook, which sets $\prev(t) = 1$.) In
other case we have $\prev(t) < t$.
due to $M$'s obliviousness, the halting time on input $\langle x, u\rangle$
the same for all $u$ of length $p(n)$, and we denote it by $T' \le T(|\langle
, u\rangle|)$. Thus we have $\inputpos(t) \le T'$ for all $t$. If we define
symbol sequence $y(u) = \triangleright\langle x, u\rangle\Box^{T'}$, the
component of the snapshots is, for arbitrary $t$:
begin{equation}
z_0^u(t) = y(u)_{\inputpos(t)}. \tag{Z1}
end{equation}
we consider the snapshot components $z_1^u(t)$ for $t > 0$. First consider
case $\prev(t) < t$; that is, the last time before $t$ when $M$'s output
head was in the same cell as in step $t$ was in step $\prev(t)$. The
for step $\prev(t)$ has exactly the information needed to calculate the
of $M$ at step $t$: the symbols read from both tapes and the state which
M$ is in. In some sort of hybrid notation:
begin{equation}
z_1^u(t) = (M\ !\ z_2^u(\prev(t)))\ [z_0^u(\prev(t)), z_1^u(\prev(t))]\ [.]\ 1. \tag{Z2}
end{equation}
the other case, $\prev(t) = t$, the output tape head has not been in this
before and is thus reading a blank. It cannot be reading the start symbol
the output tape head was in cell zero at step $t = 0$ already. Formally:
begin{equation}
z_1^u(t) = \Box. \tag{Z3}
end{equation}
state $z_2^u(t)$ for $t > 0$ can be computed from the state $z_2^u(t-1)$ in
previous step and the symbols $z_0^u(t-1)$ and $z_1^u(t-1)$ read in the
step:
begin{equation}
z_2^u(t) = \mathit{fst}\ ((M\ !\ z_2^u(t - 1))\ [z_0^u(t - 1), z_1^u(t - 1)]). \tag{Z4}
end{equation}
a string $u\in\bbOI^{p(n)}$ the equations (Z0) -- (Z4) uniquely determine
the $z^u(0), \dots, z^u(T')$. Conversely, the snapshots for $u$ satisfy all
equations. Therefore the equations characterize the sequence of snapshots.
condition that $M$ halts with the output tape head on \textbf{1} can be
with snapshots:
begin{equation}
z_1^{u}(T') = \mathbf{1}. \tag{Z5}
end{equation}
yields our second equivalent statement: $x\in L$ iff.\ there is a
u\in\{\bbbO,\bbbI\}^{p(n)}$ and a sequence $z^u(0), \dots, z^u(T')$ satisfying
equations (Z0) -- (Z5).
subsubsection{3rd equivalence}
length of $y(u)$ is $m' := m + 1 + T' = 3 + 2n + 2p(n) + T'$ because
|\langle x, u\rangle| = m$ plus the start symbol plus the $T'$ blanks.
the next equivalence we observe that the strings $y(u)$ for
u\in\{\bbbO,\bbbI\}^{p(n)}$ can be characterized as follows. Consider
predicate on strings $y$:
begin{itemize} \item[(Y0)] $|y| = m'$; \item[(Y1)] $y_0 = \triangleright$ (the start symbol); \item[(Y2)] $y_{2n+1} = y_{2n+2} = \mathbf{1}$
(the separator in the pair encoding); \item[(Y3)] $y_{2i+1} = \mathbf{0}$ for $i=0,\dots,n-1$ (the zeros
before $x$); \item[(Y4)] $y_{2n+2+2i+1} = \mathbf{0}$ for $i=0, \dots, p(n)-1$ (the
zeros before $u$); \item[(Y5)] $y_{2n+2p(n)+3+i} = \Box$ for $i=0, \dots, T' - 1$ (the
blanks after the input proper); \item[(Y6)] $y_{2i+2} = \left\{\begin{array}{ll} \mathbf{0} & \text{if } x_i = \bbbO,\\ \mathbf{1} & \text{otherwise} \end{array}\right.$ for $i = 0, \dots, n - 1$ (the bits of $x$); \item[(Y7)] $y_{2n+4+2i} \in\{\mathbf{0}, \mathbf{1}\}$ for $i=0,\dots,p(n)-1$
(the bits of $u$).
end{itemize}
$y(u)$ for some $u$ of length $p(n)$ satisfies this predicate. Conversely,
a $y$ satisfying the predicate, a $u$ of length $p(n)$ can be extracted
that $y = y(u)$.
that we get the third equivalent statement: $x \in L$ iff.\ there is a $y
in \{0, \dots, G - 1\}^{m'}$ with (Y0) -- (Y7) and a sequence $z^u(0), \dots,
^u(T')$ with (Z0) -- (Z5).
subsubsection{4th equivalence}
element of $y$ is a symbol from $M$'s alphabet, that is, a number less than
G$. The same goes for the first two elements of each snapshot, $z_0^u(t)$ and
z_1^u(t)$. The third element, $z_2^u(t)$, is a number less than or equal to
number of states of $M$. Let $H$ be the maximum of $G$ and the number of
. Every element of $y$ and of the snapshots can then be represented by a
string of length $H$ using $num$ (the textbook uses binary, but unary is
for us). So we use $3H$ bits to represent one snapshot. There are $T' +
$ snapshots until $M$ halts. Thus all elements of all snapshots can be
by a string of length $3H\cdot(T'+1)$. Together with the string of
$N := H\cdot m'$ for the input tape contents $y$, we have a total length
$N + 3H\cdot(T'+1)$.
equivalence can thus be stated as $x \in L$ iff.\ there is a string $s\in
{\bbbO,\bbbI\}^{N + 3H\cdot(T'+1)}$ with certain properties. To write these
we introduce some intervals:
begin{itemize} \item $\gamma_i = [iH : (i+1)H]$ for $i < m'$, \item $\zeta_0(t) = [N + 3Ht : N+3Ht + H]$ for $t \leq T'$, \item $\zeta_1(t) = [N + 3Ht + H : N+3Ht + 2H]$ for $t \leq T'$, \item $\zeta_2(t) = [N + 3Ht + 2H : N+3H(t + 1)]$ for $t \leq T'$.
end{itemize}
intervals slice the string $s$ in intervals of length $H$. The string $s$
satisfy properties analogous to (Y0) -- (Y7), which we express using the
$\gamma_i$:
begin{itemize} \item[(Y0)] $|s| = N + 3H(T' + 1)$ \item[(Y1)] $s(\gamma_0) = \triangleright$ (the start symbol); \item[(Y2)] $s(\gamma_{2n+1}) = s(\gamma_{2n+2}) = \mathbf{1}$
(the separator in the pair encoding); \item[(Y3)] $s(\gamma_{2i+1}) = \mathbf{0}$ for $i=0,\dots,n-1$ (the zeros
before $x$); \item[(Y4)] $s(\gamma_{2n+2+2i+1}) = \mathbf{0}$ for $i=0,\dots,p(n)-1$ (the
zeros before $u$); \item[(Y5)] $s(\gamma_{2n+2p(n)+3+i}) = \Box$ for $i=0,\dots,T' - 1$ (the
blanks after the input proper); \item[(Y6)] $s(\gamma_{2i+2}) = \left\{\begin{array}{ll} \mathbf{0} & \text{if } x_i = \bbbO,\\ \mathbf{1} & \text{otherwise} \end{array}\right.$ for $i = 0, \dots, n - 1$ (the bits of $x$); \item[(Y7)] $s(\gamma_{2n+4+2i}) \in\{\mathbf{0}, \mathbf{1}\}$ for $i=0,\dots,p(n)-1$
(the bits of $u$).
end{itemize}
the string $s$ must satisfy (Z0) -- (Z5). For these properties we use
$\zeta$ intervals.
begin{itemize} \item[(Z0)] $s(\zeta_0(0)) = s(\zeta_1(0)) = \triangleright$ and $s(\zeta_2(0)) = 0$, \item[(Z1)] $s(\zeta_0(t)) = s(\gamma_{\inputpos(t)})$ for $t = 1, \dots, T'$, \item[(Z2)] $s(\zeta_1(t)) = (M\ !\ s(\zeta_2(\prev(t)))\ [s(\zeta_0(\prev(t))), s(\zeta_1(\prev(t)))]\ [.]\ 1$
for $t = 1, \dots, T'$ with $\prev(t) < t$, \item[(Z3)] $s(\zeta_1(t)) = \Box$ for $t = 1, \dots, T'$ with $\prev(t) = t$, \item[(Z4)] $s(\zeta_2(t)) = \mathit{fst}\ ((M\ !\ s(\zeta_2(t - 1))\ [s(\zeta_0(t - 1), s(\zeta_1(t - 1)])$
for $t = 1, \dots, T'$, \item[(Z5)] $s(\zeta_1(T')) = \mathbf{1}$.
end{itemize}
subsubsection{5th equivalence}
assignment is an infinite bit string. For formulas over variables with
in the interval $[0 : N+3H(T'+1)]$, only the initial $N+3H(T'+1)$ bits of
assignment are relevant. If we had a CNF formula $\Phi$ over these variables
is satisfied exactly by the assignments $\alpha$ for which there is an $s$
the above properties and $\alpha(i) = s_i$ for all $i < |s|$, then the
of such an $s$ would be equivalent to $\Phi$ being satisfiable.
we construct such a CNF formula.
properties are easy to translate using the formulas $\Psi$ and $\Upsilon$.
example, $s(\gamma_0) = \triangleright$ corresponds to $\alpha(\gamma_0) =
triangleright$. A formula that is satisfied exactly by assignments with this
is $\Psi(\gamma_0, 1)$. Likewise the property
s(\gamma_{2n+4+2i})\in\{\mathbf{0}, \mathbf{1}\}$ corresponds to the CNF
$\Upsilon(\gamma_{2n+4+2i})$.
~(Z0) and property~(Z5) become these formulas:
begin{itemize} \item[(Z0)] $\Phi_0 := \Psi(\zeta_0(0), 1) \land\Psi(\zeta_1(0), 1) \land\Psi(\zeta_2(0), 0)$, \item[(Z5)] $\Phi_8 := \Psi(\zeta_1(T'), 3)$.
end{itemize}
remaining properties (Z1) -- (Z4) are more complex. They apply to $t = 1,
dots T'$. Let us first consider the case $\prev(t) < t$. With $\alpha$ for $s$
properties become:
begin{itemize} \item[(Z1)] $\alpha(\zeta_0(t)) = \alpha(\gamma_{\inputpos(t)})$, \item[(Z2)] $\alpha(\zeta_1(t)) =
((M\ !\ \alpha(\zeta_2(\prev(t))))\ [\alpha(\zeta_0(\prev(t))), \alpha(\zeta_1(\prev(t)))])\ [.]\ 1$, \item[(Z4)] $\alpha(\zeta_2(t)) = \mathit{fst}\ ((M\ !\ \alpha(\zeta_2(t-1)))\ [\alpha(\zeta_0(t-1)), \alpha(\zeta_1(t-1))])$.
end{itemize}
any $t$ the properties (Z1), (Z2), (Z4) use at most $10H$ variable indices,
all the variable indices in the nine $\zeta$'s and in \gamma_{\inputpos(t)}$, each of which have $H$ indices.
if the set of all these variable indices was $\{0, \dots, 10H - 1\}$ we
apply lemma~@{thm [source] depon_ex_formula} to get a CNF formula $\psi$
these variables that ``captures the spirit'' of the properties. We would
merely have to relabel the formula with the actual variable indices we need
each $t$. More precisely, let $w_i = [iH : (i+1)H]$ for $i = 0, \dots, 9$
consider the following criterion for $\alpha$ on the variable indices $\{0,
dots 10H - 1\}$:
begin{itemize} \item[($\mathrm{F}_1$)] $\alpha(w_6) = \alpha(w_9)$, \item[($\mathrm{F}_2$)] $\alpha(w_7) =
((M\ !\ \alpha(w_5))\ [\alpha(w_3), \alpha(w_4)])\ [.]\ 1,$ \item[($\mathrm{F}_3$)] $\alpha(w_8) = \mathit{fst}\ ((M\ !\ \alpha(w_2))\ [\alpha(w_0), \alpha(w_1)]).$
end{itemize}
~@{thm [source] depon_ex_formula} gives us a formula $\psi$ satisfied
by those assignments $\alpha$ that meet the conditions ($\mathrm{F}_1$),
$\mathrm{F}_2$), ($\mathrm{F}_3$). From this $\psi$ we can create all the
we need for representing the properties~(Z1), (Z2), (Z4) by
(``relabeling'' in our terminology) the variables $[0,10H)$
. The substitution for step $t$ is
[ \rho_t = \zeta_0(t-1) \circ\zeta_1(t-1) \circ\zeta_2(t-1) \circ \zeta_0(\prev(t)) \circ\zeta_1(\prev(t)) \circ\zeta_2(\prev(t)) \circ\zeta_0(t) \circ\zeta_1(t) \circ\zeta_2(t) \circ\gamma_{\inputpos(t)},
]
$\circ$ denotes the concatenation of lists. Then $\rho_t(\psi)$ is CNF
satisfied exactly by the assignments $\alpha$ satisfying (Z1), (Z2),
Z4).
the case $\prev(t) = t$ we have a criterion on the variable indices \{0, \dots, 7H - 1\}$:
begin{itemize} \item[($\mathrm{F}_1'$)] $\alpha(w_3) = \alpha(w_6)$, \item[($\mathrm{F}_2'$)] $\alpha(w_4) = \Box$, \item[($\mathrm{F}_3'$)] $\alpha(w_5) = \mathit{fst}\ ((M\ !\ \alpha(w_2))\ [\alpha(w_0), \alpha(w_1)])$,
end{itemize}
lemma~@{thm [source] depon_ex_formula} supplies us with a formula \psi'$. With appropriate substitutions
[ \rho'_t = \zeta_0(t-1) \circ\zeta_1(t-1) \circ\zeta_2(t-1) \circ \zeta_0(t) \circ\zeta_1(t) \circ\zeta_2(t) \circ\gamma_{\inputpos(t)},
]
then define CNF formulas $\chi_t$ for all $t = 1, \dots, T'$:
[ \chi_t = \left\{\begin{array}{ll} \rho_t(\psi) &\text{if }\prev(t) < t,\\ \rho'_t(\psi') &\text{if }\prev(t) = t. \end{array}\right.
]
point of all that is that we can hard-code $\psi$ and $\psi'$ in the TM
the reduction (to be built in the final chapter) and for each $t$ the
only needs to construct the substitution $\rho_t$ or $\rho_t'$ and perform
relabeling. Turing machines that perform these operations will be
in the next chapter.
all $\chi_t$ are in CNF, so is the conjunction
[ \Phi_9 := \bigwedge_{t=1}^{T'}\chi_t\ .
]
the complete CNF formula is:
[ \Phi := \Phi_0\land\Phi_1\land \Phi_2\land\Phi_3\land \Phi_4\land\Phi_5\land \Phi_6\land\Phi_7\land \Phi_8\land\Phi_9\ .
] ›
section‹Auxiliary CNF formulas›
text‹
this section we define the CNF formula families $\Psi$ and $\Upsilon$. In
introduction both families were parameterized by intervals of natural
. Here we generalize the definition to allow arbitrary sequences of
although we will not need this generalization. ›
text‹
number of variables set to true in a list of variables: ›
definition numtrue :: "assignment ==> nat list ==> nat"where "numtrue α vs ≡ length (filter α vs)"
text‹
whether the list of bits assigned to a list @{term vs} of variables has
form $\bbbI\dots\bbbI\bbbO\dots\bbbO$: ›
definition blocky :: "assignment ==> nat list ==> nat ==> bool"where "blocky α vs k ≡∀i<length vs. α (vs ! i) ⟷ i < k"
text‹
next function represents the notation $\alpha(\gamma)$ from the
, albeit generalized to lists that are not intervals $\gamma$. ›
definition unary :: "assignment ==> nat list ==> nat"where "unary α vs ≡ if (∃k. blocky α vs k) then numtrue α vs else Suc (length vs)"
lemma numtrue_remap: assumes"∀s∈set seq. s < length σ" shows"numtrue (remap σ α) seq = numtrue α (reseq σ seq)" proof - have *: "length (filter f xs) = length (filter (f ∘ ((!) xs)) [0..<length xs])"for f and xs :: "'a list" using length_filter_map map_nth by metis
let ?s_alpha = "remap σ α" let ?s_seq = "reseq σ seq" have"numtrue ?s_alpha seq = length (filter ?s_alpha seq)" using numtrue_def by simp thenhave lhs: "numtrue ?s_alpha seq = length (filter (?s_alpha ∘ ((!) seq)) [0..<length seq])" using * by auto
have"numtrue α ?s_seq = length (filter α ?s_seq)" using numtrue_def by simp thenhave"numtrue α ?s_seq = length (filter (α ∘ ((!) ?s_seq)) [0..<length ?s_seq])" using * by metis thenhave rhs: "numtrue α ?s_seq = length (filter (α ∘ ((!) ?s_seq)) [0..<length seq])" using reseq_def by simp
have"(?s_alpha ∘ ((!) seq)) i = (α ∘ ((!) ?s_seq)) i"if"i < length seq"for i using assms remap_def reseq_def that by simp thenshow ?thesis using lhs rhs by (metis atLeastLessThan_iff filter_cong set_upt) qed
lemma unary_remap: assumes"∀s∈set seq. s < length σ" shows"unary (remap σ α) seq = unary α (reseq σ seq)" proof - have *: "blocky (remap σ α) seq k = blocky α (reseq σ seq) k"for k using blocky_def remap_def reseq_def assms by simp let ?alpha = "remap σ α"and ?seq = "reseq σ seq" show ?thesis proof (cases "∃k. blocky ?alpha seq k") case True thenshow ?thesis using * unary_def numtrue_remap assms by simp next case False thenhave"unary ?alpha seq = Suc (length seq)" using unary_def by simp moreoverhave"¬ (∃k. blocky α ?seq k)" using False * assms by simp ultimatelyshow ?thesis using unary_def by simp qed qed
text‹
we define the family $\Psi$ of CNF formulas. It is parameterized by a list
{term vs} of variable indices and a number $k \leq |\mathit{vs}|$. The formula
satisfied exactly by those assignments that set to true the first $k$
in $vs$ and to false the other variables. This is more general than we
, because for us $vs$ will always be an interval. ›
definition Psi :: "nat list ==> nat ==> formula" (‹Ψ›) where "Ψ vs k ≡ map (λs. [Pos s]) (take k vs) @ map (λs. [Neg s]) (drop k vs)"
lemma Psi_unary: assumes"k ≤ length vs"and"α ⊨ Ψ vs k" shows"unary α vs = k" proof - have"α ⊨ map (λs. [Pos s]) (take k vs)" using satisfies_def assms Psi_def by simp thenhave"satisfies_clause α [Pos v]"if"v ∈ set (take k vs)"for v using satisfies_def that by simp thenhave"satisfies_literal α (Pos v)"if"v ∈ set (take k vs)"for v using satisfies_clause_def that by simp thenhave pos: "α v"if"v ∈ set (take k vs)"for v using that by simp
have"α ⊨ map (λs. [Neg s]) (drop k vs)" using satisfies_def assms Psi_def by simp thenhave"satisfies_clause α [Neg v]"if"v ∈ set (drop k vs)"for v using satisfies_def that by simp thenhave"satisfies_literal α (Neg v)"if"v ∈ set (drop k vs)"for v using satisfies_clause_def that by simp thenhave neg: "¬ α v"if"v ∈ set (drop k vs)"for v using that by simp
have"blocky α vs k" proof - have"α (vs ! i)"if"i < k"for i using pos that assms(1) by (metis in_set_conv_nth length_take min_absorb2 nth_take) moreoverhave"¬ α (vs ! i)"if"i ≥ k""i < length vs"for i using that assms(1) neg by (metis Cons_nth_drop_Suc list.set_intros(1) set_drop_subset_set_drop subsetD) ultimatelyshow ?thesis using blocky_def by (metis linorder_not_le) qed moreoverhave"numtrue α vs = k" proof - have"filter α vs = take k vs" using pos neg by (metis (mono_tags, lifting) append.right_neutral append_take_drop_id filter_True filter_append filter_empty_conv) thenshow ?thesis using numtrue_def assms(1) by simp qed ultimatelyshow ?thesis using unary_def by auto qed
text‹
will only ever consider cases where $k \leq |vs|$. So we can use $blocky$ to
that an assignment satisfies a $\Psi$ formula. ›
lemma satisfies_Psi: assumes"k ≤ length vs"and"blocky α vs k" shows"α ⊨ Ψ vs k" proof - have"α ⊨ map (λs. [Pos s]) (take k vs)"
(is"α ⊨ ?phi") proof -
{ fix c :: clause assume c: "c ∈ set ?phi" thenobtain s where"c = [Pos s]"and"s ∈ set (take k vs)" by auto thenobtain i where"i < k"and"s = vs ! i" using assms(1) by (smt (verit, best) in_set_conv_nth le_antisym le_trans nat_le_linear nat_less_le nth_take nth_take_lemma take_all_iff) thenhave"c = [Pos (vs ! i)]" using `c = [Pos s]` by simp moreoverhave"i < length vs" using assms(1) `i < k` by simp ultimatelyhave"α (vs ! i)" using assms(2) blocky_def ‹i < k›by blast thenhave"satisfies_clause α c" using satisfies_clause_def by (simp add: ‹c = [Pos (vs ! i)]›)
} thenshow ?thesis using satisfies_def by simp qed moreoverhave"α ⊨ map (λs. [Neg s]) (drop k vs)"
(is"α ⊨ ?phi") proof -
{ fix c :: clause assume c: "c ∈ set ?phi" thenobtain s where"c = [Neg s]"and"s ∈ set (drop k vs)" by auto thenobtain j where"j < length vs - k"and"s = drop k vs ! j" by (metis in_set_conv_nth length_drop) define i where"i = j + k" thenhave"i ≥ k"and"s = vs ! i" by (auto simp add: ‹s = drop k vs ! j› add.commute assms(1) i_def) thenhave"c = [Neg (vs ! i)]" using `c = [Neg s]` by simp moreoverhave"i < length vs" using assms(1) using‹j < length vs - k› i_def by simp ultimatelyhave"¬ α (vs ! i)" using assms(2) blocky_def[of α vs k] i_def by simp thenhave"satisfies_clause α c" using satisfies_clause_def by (simp add: ‹c = [Neg (vs ! i)]›)
} thenshow ?thesis using satisfies_def by simp qed ultimatelyshow ?thesis using satisfies_def Psi_def by auto qed
lemma blocky_imp_unary: assumes"k ≤ length vs"and"blocky α vs k" shows"unary α vs = k" using assms satisfies_Psi Psi_unary by simp
text‹
family $\Upsilon$ of CNF formulas also takes as parameter a list of variable
. ›
definition Upsilon :: "nat list ==> formula" (‹Υ›) where "Υ vs ≡ map (λs. [Pos s]) (take 2 vs) @ map (λs. [Neg s]) (drop 3 vs)"
text‹
java.lang.NullPointerException
satisfies $\Psi(\mathit{vs}, 2)$ or $\Psi(\mathit{vs}, 3)$. ›
lemma Psi_2_imp_Upsilon: fixes α :: assignment assumes"α ⊨ Ψ vs 2"and"length vs > 2" shows"α ⊨ Υ vs" proof - have"α ⊨ map (λs. [Pos s]) (take 2 vs)" using assms Psi_def satisfies_def by simp moreoverhave"α ⊨ map (λs. [Neg s]) (drop 3 vs)" using assms Psi_def satisfies_def by (smt (verit) Cons_nth_drop_Suc One_nat_def Suc_1 Un_iff insert_iff list.set(2) list.simps(9)
numeral_3_eq_3 set_append) ultimatelyshow ?thesis using Upsilon_def satisfies_def by auto qed
lemma Psi_3_imp_Upsilon: assumes"α ⊨ Ψ vs 3"and"length vs > 2" shows"α ⊨ Υ vs" proof - have"α ⊨ map (λs. [Pos s]) (take 2 vs)" using assms Psi_def satisfies_def by (metis eval_nat_numeral(3) map_append satisfies_append(1) take_Suc_conv_app_nth) moreoverhave"α ⊨ map (λs. [Neg s]) (drop 3 vs)" using assms Psi_def satisfies_def by simp ultimatelyshow ?thesis using Upsilon_def satisfies_def by auto qed
lemma Upsilon_imp_Psi_2_or_3: assumes"α ⊨ Υ vs"and"length vs > 2" shows"α ⊨ Ψ vs 2 ∨ α ⊨ Ψ vs 3" proof - have"α ⊨ map (λs. [Pos s]) (take 2 vs)" using satisfies_def assms Upsilon_def by simp thenhave"satisfies_clause α [Pos v]"if"v ∈ set (take 2 vs)"for v using satisfies_def that by simp thenhave"satisfies_literal α (Pos v)"if"v ∈ set (take 2 vs)"for v using satisfies_clause_def that by simp thenhave1: "α v"if"v ∈ set (take 2 vs)"for v using that by simp thenhave2: "satisfies_clause α [Pos v]"if"v ∈ set (take 2 vs)"for v using that satisfies_clause_def by simp
have"α ⊨ map (λs. [Neg s]) (drop 3 vs)" using satisfies_def assms Upsilon_def by simp thenhave"satisfies_clause α [Neg v]"if"v ∈ set (drop 3 vs)"for v using satisfies_def that by simp thenhave"satisfies_literal α (Neg v)"if"v ∈ set (drop 3 vs)"for v using satisfies_clause_def that by simp thenhave3: "¬ α v"if"v ∈ set (drop 3 vs)"for v using that by simp thenhave4: "satisfies_clause α [Neg v]"if"v ∈ set (drop 3 vs)"for v using that satisfies_clause_def by simp
show ?thesis proof (cases "α (vs ! 2)") case True thenhave"α v"if"v ∈ set (take 3 vs)"for v using that 1 assms(2) by (metis (no_types, lifting) in_set_conv_nth le_simps(3) length_take less_imp_le_nat linorder_neqE_nat
min_absorb2 not_less_eq nth_take numeral_One numeral_plus_numeral plus_1_eq_Suc semiring_norm(3)) thenhave"satisfies_clause α [Pos v]"if"v ∈ set (take 3 vs)"for v using that satisfies_clause_def by simp thenhave"α ⊨ Ψ vs 3" using4 Psi_def satisfies_def by auto thenshow ?thesis by simp next case False thenhave"¬ α v"if"v ∈ set (drop 2 vs)"for v using that 3 assms(2) by (metis Cons_nth_drop_Suc numeral_plus_numeral numerals(1) plus_1_eq_Suc semiring_norm(3) set_ConsD) thenhave"satisfies_clause α [Neg v]"if"v ∈ set (drop 2 vs)"for v using that satisfies_clause_def by simp thenhave"α ⊨ Ψ vs 2" using2 Psi_def satisfies_def by auto thenshow ?thesis by simp qed qed
lemma Upsilon_unary: assumes"α ⊨ Υ vs"and"length vs > 2" shows"unary α vs = 2 ∨ unary α vs = 3" using assms Upsilon_imp_Psi_2_or_3 Psi_unary by fastforce
section‹The functions $\inputpos$ and $\prev$›
text‹
of the symbol~\textbf{0}: ›
definition zeros :: "nat ==> symbol list"where "zeros n ≡ string_to_symbols (replicate n 𝕆)"
lemma length_zeros [simp]: "length (zeros n) = n" using zeros_def by simp
lemma bit_symbols_zeros: "bit_symbols (zeros n)" using zeros_def by simp
lemma zeros: "zeros n = replicate n 0" using zeros_def by simp
text‹
assumptions in the following locale are the conditions that according to
~@{text NP_imp_oblivious_2tape} hold for all $\NP$ languages. The
of $\Phi$ will take place inside this locale, which in later
will be extended to contain the Turing machine outputting $\Phi$ and
correctness proof for this Turing machine. ›
locale reduction_sat = fixes L :: language fixes M :: machine and G :: nat and T p :: "nat ==> nat" assumes T: "big_oh_poly T" assumes p: "polynomial p" assumes tm_M: "turing_machine 2 G M" and oblivious_M: "oblivious M" and T_halt: "∧y. bit_symbols y ==> fst (execute M (start_config 2 y) (T (length y))) = length M" and cert: "∧x. x ∈ L ⟷ (∃u. length u = p (length x) ∧ execute M (start_config 2 ⟨x; u⟩) (T (length ⟨x; u⟩)) <.> 1 = 1)" begin
text‹
value $H$ is an upper bound for the number of states of $M$ and the alphabet
of $M$. ›
definition H :: nat where "H ≡ max G (length M)"
lemma H_ge_G: "H ≥ G" using H_def by simp
lemma H_gr_2: "H > 2" using H_def tm_M turing_machine_def by auto
lemma H_ge_3: "H ≥ 3" using H_gr_2 by simp
lemma H_ge_length_M: "H ≥ length M" using H_def by simp
text‹
number of symbols used for encoding one snapshot is $Z = 3H$: ›
definition Z :: nat where "Z ≡ 3 * H"
text‹
configuration after running $M$ on input $y$ for $t$ steps: ›
abbreviation exc :: "symbol list ==> nat ==> config"where "exc y t ≡ execute M (start_config 2 y) t"
text‹
function $T$ is just some polynomial upper bound for the running time. The
function, $TT$, is the actual running time. Since $M$ is oblivious, its
time depends only on the length of the input. The argument @{term "zeros
"} is thus merely a placeholder for an arbitrary symbol sequence of length $n$. ›
definition TT :: "nat ==> nat"where "TT n ≡ LEAST t. fst (exc (zeros n) t) = length M"
lemma TT: "fst (exc (zeros n) (TT n)) = length M" proof - let ?P = "λt. fst (exc (zeros n) t) = length M" have"?P (T n)" using T_halt bit_symbols_zeros length_zeros by metis thenshow ?thesis using wellorder_Least_lemma[of ?P] TT_def by simp qed
lemma TT_le: "TT n ≤ T n" using wellorder_Least_lemma length_zeros TT_def T_halt[OF bit_symbols_zeros[of n]] by fastforce
lemma less_TT: "t < TT n ==> fst (exc (zeros n) t) < length M" proof - assume"t < TT n" thenhave"fst (exc (zeros n) t) ≠ length M" using TT_def not_less_Least by auto moreoverhave"fst (exc (zeros n) t) ≤ length M"for t using tm_M start_config_def turing_machine_execute_states by auto ultimatelyshow"fst (exc (zeros n) t) < length M" using less_le by blast qed
lemma oblivious_halt_state: assumes"bit_symbols zs" shows"fst (exc zs t) < length M ⟷ fst (exc (zeros (length zs)) t) < length M" proof - obtain e where
e: "∀zs. bit_symbols zs ⟶ (∃tps. trace M (start_config 2 zs) (e (length zs)) (length M, tps))" using oblivious_M oblivious_def by auto let ?es = "e (length zs)" have"∀i<length ?es. fst (exc zs i) < length M" using trace_def e assms by simp moreoverhave"fst (exc zs (length ?es)) = length M" using trace_def e assms by auto moreoverhave"∀i<length ?es. fst (exc (zeros (length zs)) i) < length M" using length_zeros bit_symbols_zeros trace_def e by simp moreoverhave"fst (exc (zeros (length zs)) (length ?es)) = length M" using length_zeros bit_symbols_zeros trace_def e assms by (smt (verit, ccfv_SIG) fst_conv) ultimatelyshow ?thesis by (metis (no_types, lifting) execute_after_halting_ge le_less_linear) qed
text‹
position of the input tape head of $M$ depends only on the length $n$ of the
and the step $t$, at least as long as the input is over the alphabet \{\mathbf{0}, \mathbf{1}\}$. ›
definition inputpos :: "nat ==> nat ==> nat"where "inputpos n t ≡ exc (zeros n) t <#> 0"
lemma inputpos_oblivious: assumes"bit_symbols zs" shows"exc zs t <#> 0 = inputpos (length zs) t" proof - obtain e where
e: "(∀zs. bit_symbols zs ⟶ (∃tps. trace M (start_config 2 zs) (e (length zs)) (length M, tps)))" using oblivious_M oblivious_def by auto let ?es = "e (length zs)" obtain tps where t1: "trace M (start_config 2 zs) ?es (length M, tps)" using e assms by auto let ?zs = "(replicate (length zs) 2)" have"proper_symbols ?zs" by simp moreoverhave"length ?zs = length zs" by simp ultimatelyobtain tps0 where t0: "trace M (start_config 2 ?zs) ?es (length M, tps0)" using e by fastforce have le: "exc zs t <#> 0 = inputpos (length zs) t"if"t ≤ length ?es"for t proof (cases "t = 0") case True thenshow ?thesis by (simp add: start_config_def inputpos_def) next case False thenobtain i where i: "Suc i = t" using gr0_implies_Suc by auto thenhave"exc zs (Suc i) <#> 0 = fst (?es ! i)" using t1 False that Suc_le_lessD trace_def by auto moreoverhave"exc ?zs (Suc i) <#> 0 = fst (?es ! i)" using t0 False i that Suc_le_lessD trace_def by auto ultimatelyshow ?thesis using i inputpos_def zeros by simp qed moreoverhave"exc zs t <#> 0 = inputpos (length zs) t"if"t > length ?es" proof - have"exc ?zs (length ?es) = (length M, tps0)" using t0 trace_def by simp thenhave *: "exc ?zs t = exc ?zs (length ?es)" using that by (metis execute_after_halting_ge fst_eqD less_or_eq_imp_le) have"exc zs (length ?es) = (length M, tps)" using t1 trace_def by simp thenhave"exc zs t = exc zs (length ?es)" using that by (metis execute_after_halting_ge fst_eqD less_or_eq_imp_le) thenshow ?thesis using * le[of "length ?es"] by (simp add: inputpos_def zeros) qed ultimatelyshow ?thesis by fastforce qed
text‹
position of the tape head on the output tape of $M$ also depends only on the
$n$ of the input and the step $t$. ›
lemma oblivious_headpos_1: assumes"bit_symbols zs" shows"exc zs t <#> 1 = exc (zeros (length zs)) t <#> 1" proof - obtain e where
e: "(∀zs. bit_symbols zs ⟶ (∃tps. trace M (start_config 2 zs) (e (length zs)) (length M, tps)))" using oblivious_M oblivious_def by auto let ?es = "e (length zs)" obtain tps where t1: "trace M (start_config 2 zs) ?es (length M, tps)" using e assms by auto let ?zs = "(replicate (length zs) 2)" have"proper_symbols ?zs" by simp moreoverhave"length ?zs = length zs" by simp ultimatelyobtain tps0 where t0: "trace M (start_config 2 ?zs) ?es (length M, tps0)" using e by fastforce have le: "exc zs t <#> 1 = exc (zeros (length zs)) t <#> 1"if"t ≤ length ?es"for t proof (cases "t = 0") case True thenshow ?thesis by (simp add: start_config_def inputpos_def) next case False thenobtain i where i: "Suc i = t" using gr0_implies_Suc by auto thenhave"exc zs (Suc i) <#> 1 = snd (?es ! i)" using t1 False that Suc_le_lessD trace_def by auto moreoverhave"exc ?zs (Suc i) <#> 1 = snd (?es ! i)" using t0 False i that Suc_le_lessD trace_def by auto ultimatelyshow ?thesis using i inputpos_def zeros by simp qed moreoverhave"exc zs t <#> 1 = exc (zeros (length zs)) t <#> 1"if"t > length ?es" proof - have"exc ?zs (length ?es) = (length M, tps0)" using t0 trace_def by simp thenhave *: "exc ?zs t = exc ?zs (length ?es)" using that by (metis execute_after_halting_ge fst_eqD less_or_eq_imp_le) have"exc zs (length ?es) = (length M, tps)" using t1 trace_def by simp thenhave"exc zs t = exc zs (length ?es)" using that by (metis execute_after_halting_ge fst_eqD less_or_eq_imp_le) thenshow ?thesis using * le[of "length ?es"] by (simp add: inputpos_def zeros) qed ultimatelyshow ?thesis using le_less_linear by blast qed
text‹
value $\prev(t)$ is the most recent step in which $M$'s output tape head was
the same position as in step $t$. If no such step exists, $\prev(t)$ is set to
t$. Again due to $M$ being oblivious, $\prev$ depends only on the length $n$ of
input (and on $t$, of course). ›
definition prev :: "nat ==> nat ==> nat"where "prev n t ≡ if ∃t'<t. exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1 then GREATEST t'. t' < t ∧ exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1 else t"
lemma oblivious_prev: assumes"bit_symbols zs" shows"prev (length zs) t = (if ∃t'<t. exc zs t' <#> 1 = exc zs t <#> 1 then GREATEST t'. t' < t ∧ exc zs t' <#> 1 = exc zs t <#> 1 else t)" using prev_def assms oblivious_headpos_1 by auto
lemma prev_less: assumes"∃t'<t. exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1" shows"prev n t < t ∧ exc (zeros n) (prev n t) <#> 1 = exc (zeros n) t <#> 1" proof - let ?P = "λt'. t' < t ∧ exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1" have"prev n t = (GREATEST t'. t' < t ∧ exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1)" using assms prev_def by simp moreoverhave"∀y. ?P y ⟶ y ≤ t" by simp ultimatelyshow ?thesis using GreatestI_ex_nat[OF assms, of t] by simp qed
corollary prev_less': assumes"bit_symbols zs" assumes"∃t'<t. exc zs t' <#> 1 = exc zs t <#> 1" shows"prev (length zs) t < t ∧ exc zs (prev (length zs) t) <#> 1 = exc zs t <#> 1" using prev_less oblivious_headpos_1 assms by simp
lemma prev_greatest: assumes"t' < t"and"exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1" shows"t' ≤ prev n t" proof - let ?P = "λt'. t' < t ∧ exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1" have"prev n t = (GREATEST t'. t' < t ∧ exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1)" using assms prev_def by auto moreoverhave"?P t'" using assms by simp moreoverhave"∀y. ?P y ⟶ y ≤ t" by simp ultimatelyshow ?thesis using Greatest_le_nat[of ?P t' t] by simp qed
corollary prev_greatest': assumes"bit_symbols zs" assumes"t' < t"and"exc zs t' <#> 1 = exc zs t <#> 1" shows"t' ≤ prev (length zs) t" using prev_greatest oblivious_headpos_1 assms by simp
lemma prev_eq: "prev n t = t ⟷¬ (∃t'<t. exc (zeros n) t' <#> 1 = exc (zeros n) t <#> 1)" using prev_def nat_less_le prev_less by simp
lemma prev_le: "prev n t ≤ t" using prev_eq prev_less by (metis less_or_eq_imp_le)
corollary prev_eq': assumes"bit_symbols zs" shows"prev (length zs) t = t ⟷¬ (∃t'<t. exc zs t' <#> 1 = exc zs t <#> 1)" using prev_eq oblivious_headpos_1 assms by simp
lemma prev_between: assumes"prev n t < t'"and"t' < t" shows"exc (zeros n) t' <#> 1 ≠ exc (zeros n) (prev n t) <#> 1" using assms by (metis (no_types, lifting) leD prev_eq prev_greatest prev_less)
lemma prev_write_read: assumes"bit_symbols zs"and"n = length zs" and"prev n t < t"and"cfg = exc zs (prev n t)"and"t ≤ TT n" shows"exc zs t <.> 1 = (M ! (fst cfg)) [cfg <.> 0, cfg <.> 1] [.] 1" proof - let ?cfg = "exc zs (Suc (prev n t))" let ?sas = "(M ! (fst cfg)) [cfg <.> 0, cfg <.> 1]" let ?i = "cfg <#> 1" have1: "fst cfg < length M" using assms less_TT' by simp have2: "||cfg|| = 2" using assms execute_num_tapes start_config_length tm_M by auto thenhave3: "read (snd cfg) = [cfg <.> 0, cfg <.> 1]" using read_def by (smt (verit) Cons_eq_map_conv Suc_1 length_0_conv length_Suc_conv list.simps(8)
nth_Cons_0 nth_Cons_Suc numeral_1_eq_Suc_0 numeral_One)
have"(?cfg <:> 1) ?i = fst (?cfg <!> 1) ?i" by simp alsohave ***: "... = ((fst (cfg <!> 1))(?i := (?sas [.] 1))) ?i" using * act by simp alsohave"... = ?sas [.] 1" by simp finallyshow"(?cfg <:> 1) ?i = ?sas [.] 1" using *** by simp qed
have"((exc zs t') <:> 1) ?i = (M ! (fst cfg)) [cfg <.> 0, cfg <.> 1] [.] 1" if"Suc (prev n t) ≤ t'"and"t' ≤ t"for t' using that proof (induction t' rule: nat_induct_at_least) case base thenshow ?case using * by simp next case (Suc m) let ?cfg_m = "exc zs m" from Suc have between: "prev n t < m""m < t" by simp_all thenhave *: "?cfg_m <#> 1 ≠ ?i" using prev_between assms oblivious_headpos_1 by simp
have"m < TT n" using Suc assms by simp thenhave1: "fst ?cfg_m < length M" using assms less_TT' by simp have2: "||?cfg_m|| = 2" using execute_num_tapes start_config_length tm_M by auto
have"exc zs (Suc m) <!> 1 = exe M ?cfg_m <!> 1" by simp alsohave"... = sem (M ! (fst ?cfg_m)) ?cfg_m <!> 1" using1 exe_lt_length by simp alsohave"... = act (snd ((M ! (fst ?cfg_m)) (read (snd ?cfg_m))) ! 1) (snd ?cfg_m ! 1)" using sem_snd_tm tm_M 12by (metis Suc_1 lessI prod.collapse) finallyhave"exc zs (Suc m) <!> 1 = act (snd ((M ! (fst ?cfg_m)) (read (snd ?cfg_m))) ! 1) (snd ?cfg_m ! 1)" . thenhave"(exc zs (Suc m) <:> 1) ?i = fst (snd ?cfg_m ! 1) ?i" using * act_changes_at_most_pos' by simp thenshow ?case using Suc by simp qed thenhave"((exc zs t) <:> 1) ?i = (M ! (fst cfg)) [cfg <.> 0, cfg <.> 1] [.] 1" using Suc_leI assms by simp moreoverhave"?i = exc zs t <#> 1" using assms(1,2,4) oblivious_headpos_1 prev_eq prev_less by (smt (verit)) ultimatelyshow ?thesis by simp qed
lemma prev_no_write: assumes"bit_symbols zs"and"n = length zs" and"prev n t = t"and"t ≤ TT n"and"t > 0" shows"exc zs t <.> 1 = ◻" proof - let ?i = "exc zs t <#> 1"
have1: "¬ (∃t'<t. exc zs t' <#> 1 = ?i)" using prev_eq' assms(1,2,3) by simp
have2: "?i > 0" proof (rule ccontr) assume"¬ 0 < ?i" thenhave eq0: "?i = 0" by simp moreoverhave"exc zs 0 <#> 1 = 0" by (simp add: start_config_pos) ultimatelyshow False using1 assms(5) by auto qed
have3: "(exc zs (Suc t') <:> 1) i = (exc zs t' <:> 1) i"if"i ≠ exc zs t' <#> 1"for i t' proof (cases "fst (exc zs t') < length M") case True let ?cfg = "exc zs t'" have len2: "||?cfg|| = 2" using execute_num_tapes start_config_length tm_M by auto have"exc zs (Suc t') <!> 1 = exe M ?cfg <!> 1" by simp alsohave"... = sem (M ! (fst ?cfg)) ?cfg <!> 1" using True exe_lt_length by simp alsohave"... = act (snd ((M ! (fst ?cfg)) (read (snd ?cfg))) ! 1) (snd ?cfg ! 1)" using sem_snd_tm tm_M True len2 by (metis Suc_1 lessI prod.collapse) finallyhave"exc zs (Suc t') <!> 1 = act (snd ((M ! (fst ?cfg)) (read (snd ?cfg))) ! 1) (snd ?cfg ! 1)" . thenhave"(exc zs (Suc t') <:> 1) i = fst (snd ?cfg ! 1) i" using that act_changes_at_most_pos' by simp thenshow ?thesis by simp next case False thenshow ?thesis using that by (simp add: exe_def) qed
have"(exc zs t' <:> 1) ?i = (exc zs 0 <:> 1) ?i"if"t' ≤ t"for t' using that proof (induction t') case0 thenshow ?case by simp next case (Suc t') thenshow ?case by (metis 13 Suc_leD Suc_le_lessD) qed thenhave"exc zs t <.> 1 = (exc zs 0 <:> 1) ?i" by simp thenshow ?thesis using2 One_nat_def execute.simps(1) start_config1 less_2_cases_iff less_one by presburger qed
text‹
intervals $\gamma_i$ and $w_0, \dots, w_9$ do not depend on $x$, and so can
defined here already. ›
definition gamma :: "nat ==> nat list" (‹γ›) where "γ i ≡ [i * H..<Suc i * H]"
lemma length_gamma [simp]: "length (γ i) = H" using gamma_def by simp
lemma unary_upt_eq: fixes α1 α2 :: assignment and lower upper k :: nat assumes"∀i<k. α1 i = α2 i"and"upper ≤ k" shows"unary α1 [lower..<upper] = unary α2 [lower..<upper]" proof - have"numtrue α1 [lower..<upper] = numtrue α2 [lower..<upper]" proof - let ?vs = "[lower..<upper]" have"filter α1 ?vs = filter α2 ?vs" using assms by (metis atLeastLessThan_iff filter_cong less_le_trans set_upt) thenshow ?thesis using numtrue_def by simp qed moreoverhave"blocky α1 [lower..<upper] = blocky α2 [lower..<upper]" using blocky_def assms by auto ultimatelyshow ?thesis using assms unary_def by simp qed
text‹
the case @{term "prev m t < t"}, we have the following predicate on
, which corresponds to ($\mathrm{F}_1$), ($\mathrm{F}_2$),
$\mathrm{F}_3$) from the introduction: ›
lemma depon_F: "depon (3 * Z + H) F" using depon_def F_def Z_def unary_upt_eq by simp
text‹
is a CNF formula $\psi$ that contains the first $3Z + H$ variables and
satisfied by exactly the assignments specified by $F$. ›
definition psi :: formula (‹ψ›) where "ψ ≡ SOME φ. fsize φ ≤ (3 * Z + H) * 2 ^ (3 * Z + H) ∧ length φ ≤ 2 ^ (3 * Z + H) ∧ variables φ ⊆ {..<3 * Z + H} ∧ (∀α. F α = α ⊨ φ)"
lemma psi: "fsize ψ ≤ (3 * Z + H) * 2 ^ (3*Z + H) ∧ length ψ ≤ 2 ^ (3 * Z + H) ∧ variables ψ ⊆ {..<3 * Z + H} ∧ (∀α. F α = α ⊨ ψ)" using psi_def someI_ex[OF depon_ex_formula[OF depon_F]] by metis
lemma satisfies_psi: assumes"length σ = 3 * Z + H" shows"α ⊨ relabel σ ψ = remap σ α ⊨ ψ" using assms psi satisfies_sigma by simp
lemma psi_F: "remap σ α ⊨ ψ = F (remap σ α)" using psi by simp
corollary satisfies_F: assumes"length σ = 3 * Z + H" shows"α ⊨ relabel σ ψ = F (remap σ α)" using assms satisfies_psi psi_F by simp
text‹
the case @{term "prev m t = t"}, the following predicate corresponds to
$\mathrm{F}_1'$), ($\mathrm{F}_2'$), ($\mathrm{F}_3'$) from the introduction: ›
text‹
the verifier Turing machine $M$ we are only concerned with inputs of the
$\langle x, u\rangle$ for a string $u$ of length $p(n)$. The pair $\langle
, u\rangle$ has the length $m = 2n + 2p(n) + 2$. ›
definition m :: nat where "m ≡ 2 * n + 2 * p n + 2"
text‹
input $\langle x, u\rangle$ the Turing machine $M$ halts after $T' = TT(m)$
. ›
definition T' :: nat where "T' ≡ TT m"
text‹
positions of both of $M$'s tape heads are bounded by $T'$. ›
lemma inputpos_less: "inputpos m t ≤ T'" proof - define u :: string where"u = replicate (p n) False" let ?i = "inputpos m t" have y: "bit_symbols ⟨x; u⟩" by simp have len: "length ⟨x; u⟩ = m" using u_def m_def length_pair by simp thenhave"exc ⟨x; u⟩ t <#> 0 ≤ T'" using TT'[OF y] T'_def head_pos_le_halting_time[OF tm_M, of "⟨x; u⟩" T' 0] by simp thenshow ?thesis using inputpos_oblivious[OF y] len by simp qed
lemma headpos_1_less: "exc (zeros m) t <#> 1 ≤ T'" proof - define u :: string where"u = replicate (p n) False" let ?i = "inputpos m t" have y: "bit_symbols ⟨x; u⟩" by simp have len: "length ⟨x; u⟩ = m" using u_def m_def length_pair by simp thenhave"exc ⟨x; u⟩ t <#> 1 ≤ T'" using TT'[OF y] T'_def head_pos_le_halting_time[OF tm_M, of "⟨x; u⟩""T'"1] by simp thenshow ?thesis using oblivious_headpos_1[OF y] len by simp qed
text‹
formula $\Phi$ must contain a condition for every symbol that $M$ is reading
the input tape. While $T'$ is an upper bound for the input tape head
of $M$, it might be that $T'$ is less than the length of the input \langle x, u\rangle$. So the portion of the input read by $M$ might be a
of the input or it might be the input followed by some blanks afterwards.
would make for an awkward case distinction. We do not have to be very
here and can afford to bound the portion of the input tape read by $M$
the number $m' = 2n + 2p(n) + 3 + T'$, which is the length of the start
followed by the input $\langle x, u\rangle$ followed by $T'$ blanks.
symbol sequence was called $y(u)$ in the introduction. Here we will call it
{term "ysymbols u"}. ›
definition m' :: nat where "m' ≡ 2 * n + 2 * p n + 3 + T'"
definition ysymbols :: "string ==> symbol list"where "ysymbols u ≡ 1 # ⟨x; u⟩ @ replicate T' 0"
lemma length_ysymbols: "length u = p n ==> length (ysymbols u) = m'" using ysymbols_def m'_def m_def length_pair by simp
lemma ysymbols_init: assumes"i < length (ysymbols u)" shows"ysymbols u ! i = (start_config 2 ⟨x; u⟩ <:> 0) i" proof - let ?y = "⟨x; u⟩" have init: "start_config 2 ?y <:> 0 = (λi. if i = 0 then 1 else if i ≤ length ?y then ?y ! (i - 1) else 0)" using start_config_def by auto have"i < length ?y + 1 + T'" using assms ysymbols_def by simp then consider "i = 0" | "i > 0 ∧ i ≤ length ?y" | "i > length ?y ∧ i < length ?y + 1 + T'" by linarith thenshow"ysymbols u ! i = (start_config 2 ?y <:> 0) i" proof (cases) case1 thenshow ?thesis using ysymbols_def init by simp next case2 thenhave"ysymbols u ! i = ⟨x; u⟩ ! (i - 1)" using ysymbols_def by (smt (verit, del_insts) Nat.add_diff_assoc diff_is_0_eq gr_zeroI le_add_diff_inverse le_add_diff_inverse2 less_numeral_extra(1) nat_le_linear nth_Cons_pos nth_append zero_less_diff) thenshow ?thesis using init 2by simp next case3 thenhave"(start_config 2 ?y <:> 0) i = 0" using init by simp moreoverhave"ysymbols u ! i = 0" unfolding ysymbols_def using3 nth_append[of "1#⟨x; u⟩""replicate T' 0" i] by auto ultimatelyshow ?thesis by simp qed qed
lemma ysymbols_at_0: "ysymbols u ! 0 = 1" using ysymbols_def by simp
lemma ysymbols_first_at: assumes"j < length x" shows"ysymbols u ! (2*j+1) = 2" and"ysymbols u ! (2*j+2) = (if x ! j then 3 else 2)" proof - have *: "ysymbols u = (1 # ⟨x; u⟩) @ replicate T' 0" using ysymbols_def by simp
let ?i = "2 * j + 1" have len: "2*j < length ⟨x, u⟩" using assms length_string_pair by simp have"?i < length (1 # ⟨x; u⟩)" using assms length_pair by simp thenhave"ysymbols u ! ?i = (1 # ⟨x; u⟩) ! ?i" using * nth_append by metis alsohave"... = ⟨x; u⟩ ! (2*j)" by simp alsohave"... = 2" using string_pair_first_nth assms len by simp finallyshow"ysymbols u ! ?i = 2" .
let ?i = "2 * j + 2" have len2: "?i < length (1 # ⟨x; u⟩)" using assms length_pair by simp thenhave"ysymbols u ! ?i = (1 # ⟨x; u⟩) ! ?i" using * nth_append by metis alsohave"... = ⟨x; u⟩ ! (2*j+1)" by simp alsohave"... = (if x ! j then 3 else 2)" using string_pair_first_nth(2) assms len2 by simp finallyshow"ysymbols u ! ?i = (if x ! j then 3 else 2)" . qed
lemma ysymbols_at_2n1: "ysymbols u ! (2*n+1) = 3" proof - let ?i = "2 * n + 1" have"ysymbols u ! ?i = ⟨x; u⟩ ! (2*n)" using ysymbols_def by (metis (no_types, lifting) add.commute add_2_eq_Suc' le_add2 le_imp_less_Suc length_pair
less_SucI nth_Cons_Suc nth_append plus_1_eq_Suc) alsohave"... = (if ⟨x, u⟩ ! (2*n) then 3 else 2)" using length_pair by simp alsohave"... = 3" using string_pair_sep_nth by simp finallyshow ?thesis . qed
lemma ysymbols_at_2n2: "ysymbols u ! (2*n+2) = 3" proof - let ?i = "2 * n + 2" have"ysymbols u ! ?i = ⟨x; u⟩ ! (2*n+1)" by (simp add: ysymbols_def)
(smt (verit, del_insts) add.right_neutral add_2_eq_Suc' length_greater_0_conv length_pair
lessI less_add_same_cancel1 less_trans_Suc list.size(3) mult_0_right mult_pos_pos nth_append
zero_less_numeral) alsohave"... = (if ⟨x, u⟩ ! (2*n+1) then 3 else 2)" using length_pair by simp alsohave"... = 3" using string_pair_sep_nth by simp finallyshow ?thesis . qed
lemma ysymbols_second_at: assumes"j < length u" shows"ysymbols u ! (2*n+2+2*j+1) = 2" and"ysymbols u ! (2*n+2+2*j+2) = (if u ! j then 3 else 2)" proof - have *: "ysymbols u = (1 # ⟨x; u⟩) @ replicate T' 0" using ysymbols_def by simp
let ?i = "2 * n + 2 + 2 * j + 1" have len: "2 * n + 2 + 2*j < length ⟨x, u⟩" using assms length_string_pair by simp have"?i < length (1 # ⟨x; u⟩)" using assms length_pair by simp thenhave"ysymbols u ! ?i = (1 # ⟨x; u⟩) ! ?i" using * nth_append by metis alsohave"... = ⟨x; u⟩ ! (2*n+2+2*j)" by simp alsohave"... = 2" using string_pair_second_nth(1) assms len by simp finallyshow"ysymbols u ! ?i = 2" .
let ?i = "2*n+2+2 * j + 2" have len2: "?i < length (1 # ⟨x; u⟩)" using assms length_pair by simp thenhave"ysymbols u ! ?i = (1 # ⟨x; u⟩) ! ?i" using * nth_append by metis alsohave"... = ⟨x; u⟩ ! (2*n+2+2*j+1)" by simp alsohave"... = (if u ! j then 3 else 2)" using string_pair_second_nth(2) assms len2 by simp finallyshow"ysymbols u ! ?i = (if u ! j then 3 else 2)" . qed
lemma ysymbols_last: assumes"length u = p n"and"i > m"and"i < m + 1 + T'" shows"ysymbols u ! i = 0" using assms length_ysymbols m_def m'_def ysymbols_def nth_append[of "1#⟨x; u⟩""replicate T' 0" i] by simp
text‹
number of symbols used for unary encoding $m'$ symbols will be called $N$: ›
definition N :: nat where "N ≡ H * m'"
lemma N_eq: "N = H * (2 * n + 2 * p n + 3 + T')" using m'_def N_def by simp
lemma m': "m' * H = N " using m'_def N_def by simp
lemma inputpos_less': "inputpos m t < m'" using inputpos_less m_def m'_def by (metis Suc_1 add_less_mono1 le_neq_implies_less lessI linorder_neqE_nat
not_add_less2 numeral_plus_numeral semiring_norm(3) trans_less_add2)
lemma T'_less: "T' < N" proof - have"T' < 2 * n + 2 * p n + 3 + T'" by simp alsohave"... < H * (2 * n + 2 * p n + 3 + T')" using H_gr_2 by simp alsohave"... = N" using N_eq by simp finallyshow ?thesis . qed
text‹The three components of a snapshot:›
definition z0 :: "string ==> nat ==> symbol"where "z0 u t ≡ exc ⟨x; u⟩ t <.> 0"
definition z1 :: "string ==> nat ==> symbol"where "z1 u t ≡ exc ⟨x; u⟩ t <.> 1"
definition z2 :: "string ==> nat ==> state"where "z2 u t ≡ fst (exc ⟨x; u⟩ t)"
lemma z0_le: "z0 u t ≤ H" using z0_def H_ge_G tape_alphabet[OF tm_M, where ?j=0and ?zs="⟨x; u⟩"] symbols_lt_pair[of x u] tm_M turing_machine_def by (metis (no_types, lifting) dual_order.strict_trans1 less_or_eq_imp_le zero_less_numeral)
lemma z1_le: "z1 u t ≤ H" using z1_def H_ge_G tape_alphabet[OF tm_M, where ?j=1and ?zs="⟨x; u⟩"] symbols_lt_pair[of x u] tm_M turing_machine_def by (metis (no_types, lifting) dual_order.strict_trans1 less_or_eq_imp_le one_less_numeral_iff semiring_norm(76))
lemma z2_le: "z2 u t ≤ H" proof - have"z2 u t ≤ length M" using z2_def turing_machine_execute_states[OF tm_M] start_config_def by simp thenshow ?thesis using H_ge_length_M by simp qed
text‹
next lemma corresponds to (Z1) from the second equivalence mentioned in the
. It expresses the first element of a snapshot in terms of $y(u)$
$\inputpos$. ›
lemma z0: assumes"length u = p n" shows"z0 u t = ysymbols u ! (inputpos m t)" proof - let ?i = "inputpos m t" let ?y = "⟨x; u⟩" have"bit_symbols ?y" by simp have len: "length ?y = m" using assms m_def length_pair by simp
have"?i < length (ysymbols u)" using inputpos_less' assms length_ysymbols by simp thenhave *: "ysymbols u ! ?i = (start_config 2 ?y <:> 0) ?i" using ysymbols_init by simp
have"z0 u t = exc ?y t <.> 0" using z0_def by simp alsohave"... = (start_config 2 ?y <:> 0) (exc ?y t <#> 0)" using tm_M input_tape_constant start_config_length by simp alsohave"... = (start_config 2 ?y <:> 0) ?i" using inputpos_oblivious[OF `bit_symbols ?y`] len by simp alsohave"... = ysymbols u ! ?i" using * by simp finallyshow ?thesis . qed
text‹
next lemma corresponds to (Z2) from the second equivalence mentioned in the
. It shows how, in the case $\prev(t) < t$, the second component of
snapshot can be expressed recursively using snapshots for earlier steps. ›
lemma z1: assumes"length u = p n"and"prev m t < t"and"t ≤ T'" shows"z1 u t = (M ! (z2 u (prev m t))) [z0 u (prev m t), z1 u (prev m t)] [.] 1" proof - let ?y = "⟨x; u⟩" let ?cfg = "exc ?y (prev m t)" have"bit_symbols ?y" by simp moreoverhave len: "length ?y = m" using assms m_def length_pair by simp ultimatelyhave"exc ?y t <.> 1 = (M ! (fst ?cfg)) [?cfg <.> 0, ?cfg <.> 1] [.] 1" using prev_write_read[of ?y m t ?cfg] assms(2,3) T'_defby fastforce thenshow ?thesis using z0_def z1_def z2_def by simp qed
text‹
next lemma corresponds to (Z3) from the second equivalence mentioned in the
. It shows that in the case $\prev(t) = t$, the second component of
snapshot equals the blank symbol. ›
lemma z1': assumes"length u = p n"and"prev m t = t"and"0 < t"and"t ≤ T'" shows"z1 u t = ◻" proof - let ?y = "⟨x; u⟩" let ?cfg = "exc ?y (prev m t)" have"bit_symbols ?y" by simp moreoverhave len: "length ?y = m" using assms m_def length_pair by simp ultimatelyhave"exc ?y t <.> 1 = ◻" using prev_no_write[of ?y m t] assms T'_defby fastforce thenshow ?thesis using z0_def z1_def z2_def by simp qed
text‹
next lemma corresponds to (Z4) from the second equivalence mentioned in the
. It shows how the third component of a snapshot can be expressed
using snapshots for earlier steps. ›
lemma z2: assumes"length u = p n"and"t < T'" shows"z2 u (Suc t) = fst ((M ! (z2 u t)) [z0 u t, z1 u t])" proof - let ?y = "⟨x; u⟩" have"bit_symbols ?y" by simp moreoverhave len: "length ?y = m" using assms m_def length_pair by simp ultimatelyhave run: "fst (exc ?y t) < length M" using less_TT' assms(2) T'_defby simp
have"||exc ?y t|| = 2" using start_config_length execute_num_tapes tm_M by simp thenhave"snd (exc ?y t) = [exc ?y t <!> 0, exc ?y t <!> 1]" by auto (smt (verit) Suc_length_conv length_0_conv nth_Cons_0 nth_Cons_Suc numeral_2_eq_2) thenhave *: "read (snd (exc ?y t)) = [exc ?y t <.> 0, exc ?y t <.> 1]" using read_def by (metis (no_types, lifting) list.simps(8) list.simps(9))
have"z2 u (Suc t) = fst (exc ?y (Suc t))" using z2_def by simp alsohave"... = fst (exe M (exc ?y t))" by simp alsohave"... = fst (sem (M ! fst (exc ?y t)) (exc ?y t))" using exe_lt_length run by simp alsohave"... = fst (sem (M ! (z2 u t)) (exc ?y t))" using z2_def by simp alsohave"... = fst ((M ! (z2 u t)) (read (snd (exc ?y t))))" using sem_fst by simp alsohave"... = fst ((M ! (z2 u t)) [exc ?y t <.> 0, exc ?y t <.> 1])" using * by simp alsohave"... = fst ((M ! (z2 u t)) [z0 u t, z1 u t])" using z0_def z1_def by simp finallyshow ?thesis . qed
corollary z2': assumes"length u = p n"and"t > 0"and"t ≤ T'" shows"z2 u t = fst ((M ! (z2 u (t - 1))) [z0 u (t - 1), z1 u (t - 1)])" using assms z2 by (metis Suc_diff_1 Suc_less_eq le_imp_less_Suc)
text‹
intervals $\zeta_0$, $\zeta_1$, and $\zeta_2$ are long enough for a unary
of the three components of a snapshot: ›
definition zeta0 :: "nat ==> nat list" (‹ζ0›) where "ζ0 t ≡ [N + t * Z..<N + t * Z + H]"
definition zeta1 :: "nat ==> nat list" (‹ζ1›) where "ζ1 t ≡ [N + t * Z + H..<N + t * Z + 2 * H]"
definition zeta2 :: "nat ==> nat list" (‹ζ2›) where "ζ2 t ≡ [N + t * Z + 2 * H..<N + (Suc t) * Z]"
lemma length_zeta0 [simp]: "length (ζ0 t) = H" using zeta0_def by simp
lemma length_zeta1 [simp]: "length (ζ1 t) = H" using zeta1_def by simp
lemma length_zeta2 [simp]: "length (ζ2 t) = H" using zeta2_def Z_def by simp
text‹
substitutions $\rho_t$, which have to be applied to $\psi$ to get the CNF
$\chi_t$ for the case $\prev(t) < t$: ›
definition rho :: "nat ==> nat list" (‹ρ›) where "ρ t ≡ ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)"
lemma length_rho: "length (ρ t) = 3 * Z + H" using rho_def Z_def by simp
text‹
substitutions $\rho_t'$, which have to be applied to $\psi'$ to get
CNF formulas $\chi_t$ for the case $\prev(t) = t$: ›
definition rho' :: "nat ==> nat list" (‹ρ''›) where "ρ' t ≡ ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)"
lemma length_rho': "length (ρ' t) = 2 * Z + H" using rho'_def Z_def by simp
text‹
auxiliary lemma for accessing the $n$-th element of a list sandwiched between
lists. It will be applied to $xs = \rho_t$ or $xs = \rho'_t$: ›
text‹The formulas $\chi_t$ representing snapshots for $0 < t \leq T'$:›
definition chi :: "nat ==> formula" (‹χ›) where "χ t ≡ if prev m t < t then relabel (ρ t) ψ else relabel (ρ' t) ψ'"
text‹
crucial feature of the formulas $\chi_t$ for $t > 0$ is that they are
by exactly those assignments that represent in their bits $N$ to $N + \cdot(T' + 1)$ the $T' + 1$ snapshots of $M$ on input $\langle x, u\rangle$
the relevant portion of the input tape is encoded in the first $N$ bits of
assignment.
works because the $\chi_t$ constrain the assignment to meet the recursive
(Z1) --- (Z4) for the snapshots.
next two lemmas make this more precise. We first consider the case
java.lang.NullPointerException \alpha$ satisfies the properties (Z1), (Z2), and (Z4). ›
lemma satisfies_chi_less: fixes α :: assignment assumes"prev m t < t" shows"α ⊨ χ t ⟷ unary α (ζ0 t) = unary α (γ (inputpos m t)) ∧ unary α (ζ1 t) = (M ! (unary α (ζ2 (prev m t)))) [unary α (ζ0 (prev m t)), unary α (ζ1 (prev m t))] [.] 1 ∧ unary α (ζ2 t) = fst ((M ! (unary α (ζ2 (t - 1)))) [unary α (ζ0 (t - 1)), unary α (ζ1 (t - 1))])" proof - let ?sigma = "ρ t" have"α ⊨ χ t = α ⊨ relabel ?sigma psi" using assms chi_def by simp thenhave"α ⊨ χ t = F (remap ?sigma α)"
(is"_ = F ?alpha") by (simp add: length_rho satisfies_F) thenhave *: "α ⊨ χ t = (unary ?alpha w6 = unary ?alpha w9∧ unary ?alpha w7 = (M ! (unary ?alpha w5)) [unary ?alpha w3, unary ?alpha w4] [.] 1 ∧ unary ?alpha w8 = fst ((M ! (unary ?alpha w2)) [unary ?alpha w0, unary ?alpha w1]))" using F_def by simp
have w_less_len_rho: "∀s∈set w0. s < length (ρ t)" "∀s∈set w1. s < length (ρ t)" "∀s∈set w2. s < length (ρ t)" "∀s∈set w3. s < length (ρ t)" "∀s∈set w4. s < length (ρ t)" "∀s∈set w5. s < length (ρ t)" "∀s∈set w6. s < length (ρ t)" "∀s∈set w7. s < length (ρ t)" "∀s∈set w8. s < length (ρ t)" "∀s∈set w9. s < length (ρ t)" using length_rho Z_def by simp_all
have1: "reseq ?sigma w0 = ζ0 (t - 1)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta0_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = [] @ ζ0 (t - 1) @ (ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t))" using rho_def by simp have"?sigma ! i = ζ0 (t - 1) ! i" using nth_append3[OF 1, of i 0] Z_def that by simp thenshow ?thesis using reseq_def that by simp qed qed
have2: "reseq ?sigma w1 = ζ1 (t - 1)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta1_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (H+i) = ζ1 (t - 1) ! i" using that zeta0_def zeta1_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have3: "reseq ?sigma w2 = ζ2 (t - 1)" (is"?l = ?r") proof (rule nth_equalityI) show len: "length ?l = length ?r" using zeta2_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1)) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (2*H+i) = ζ2 (t - 1) ! i" using len that zeta0_def zeta1_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have4: "reseq ?sigma w3 = ζ0 (prev m t)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta0_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1)) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (Z+i) = ζ0 (prev m t) ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have5: "reseq ?sigma w4 = ζ1 (prev m t)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta1_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t)) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (Z+H+i) = ζ1 (prev m t) ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have6: "reseq ?sigma w5 = ζ2 (prev m t)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta2_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t)) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (Z+2*H+i) = ζ2 (prev m t) ! i" using that zeta0_def zeta1_def zeta2_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have7: "reseq ?sigma w6 = ζ0 t" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta0_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t)) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (2*Z+i) = ζ0 t ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have8: "reseq ?sigma w7 = ζ1 t" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta1_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t) @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (2*Z+H+i) = ζ1 t ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have9: "reseq ?sigma w8 = ζ2 t" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta2_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t) @ ζ2 t @ γ (inputpos m t)" using rho_def by simp have"?sigma ! (2*Z+2*H+i) = ζ2 t ! i" using that zeta2_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have10: "reseq ?sigma w9 = γ (inputpos m t)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using gamma_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 (prev m t) @ ζ1 (prev m t) @ ζ2 (prev m t) @ ζ0 t @ ζ1 t @ ζ2 t) @ γ (inputpos m t) @ []" using rho_def by simp have"?sigma ! (3*Z+i) = γ (inputpos m t) ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
show ?thesis using ** 12345678910by simp qed
text‹
we consider the case $\prev(t) = t$. The following lemma says $\alpha$
$\chi_t$ iff.\ $\alpha$ satisfies the properties (Z1), (Z2), and (Z3). ›
lemma satisfies_chi_eq: assumes"prev m t = t"and"t ≤ T'" shows"α ⊨ χ t ⟷ unary α (ζ0 t) = unary α (γ (inputpos m t)) ∧ unary α (ζ1 t) = 0 ∧ unary α (ζ2 t) = fst ((M ! (unary α (ζ2 (t - 1)))) [unary α (ζ0 (t - 1)), unary α (ζ1 (t - 1))])" proof - let ?sigma = "ρ' t" have"α ⊨ χ t = α ⊨ relabel ?sigma ψ'" using assms(1) chi_def by simp thenhave"α ⊨ χ t = F' (remap ?sigma α)"
(is"_ = F' ?alpha") by (simp add: length_rho' satisfies_F') thenhave *: "α ⊨ χ t = (unary ?alpha w3 = unary ?alpha w6∧ unary ?alpha w4 = 0 ∧ unary ?alpha w5 = fst ((M ! (unary ?alpha w2)) [unary ?alpha w0, unary ?alpha w1]))" using F'_defby simp
have w_less_len_rho': "∀s∈set w0. s < length (ρ' t)" "∀s∈set w1. s < length (ρ' t)" "∀s∈set w2. s < length (ρ' t)" "∀s∈set w3. s < length (ρ' t)" "∀s∈set w4. s < length (ρ' t)" "∀s∈set w5. s < length (ρ' t)" "∀s∈set w6. s < length (ρ' t)" using length_rho' Z_def by simp_all
have1: "reseq ?sigma w0 = ζ0 (t - 1)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta0_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = [] @ ζ0 (t - 1) @ (ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t))" using rho'_defby simp have"?sigma ! i = ζ0 (t - 1) ! i" using nth_append3[OF 1, of i 0] Z_def that by simp thenshow ?thesis using reseq_def that by simp qed qed
have2: "reseq ?sigma w1 = ζ1 (t - 1)" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta1_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho'_defby simp have"?sigma ! (H+i) = ζ1 (t - 1) ! i" using that zeta0_def zeta1_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have3: "reseq ?sigma w2 = ζ2 (t - 1)" (is"?l = ?r") proof (rule nth_equalityI) show len: "length ?l = length ?r" using zeta2_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1)) @ ζ2 (t - 1) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho'_defby simp have"?sigma ! (2*H+i) = ζ2 (t - 1) ! i" using len that zeta0_def zeta1_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have4: "reseq ?sigma w3 = ζ0 t" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta0_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1)) @ ζ0 t @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho'_defby simp have"?sigma ! (Z+i) = ζ0 t ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have5: "reseq ?sigma w4 = ζ1 t" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta1_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 t) @ ζ1 t @ ζ2 t @ γ (inputpos m t)" using rho'_defby simp have"?sigma ! (Z+H+i) = ζ1 t ! i" using that Z_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have6: "reseq ?sigma w5 = ζ2 t" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using zeta2_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 t @ ζ1 t) @ ζ2 t @ γ (inputpos m t)" using rho'_defby simp have"?sigma ! (Z+2*H+i) = ζ2 t ! i" using that zeta0_def zeta1_def zeta2_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
have7: "reseq ?sigma w6 = (γ (inputpos m t))" (is"?l = ?r") proof (rule nth_equalityI) show"length ?l = length ?r" using gamma_def by simp show"?l ! i = ?r ! i"if"i < length ?l"for i proof - have1: "?sigma = (ζ0 (t - 1) @ ζ1 (t - 1) @ ζ2 (t - 1) @ ζ0 t @ ζ1 t @ ζ2 t) @ γ (inputpos m t) @ []" using rho'_defby simp have"?sigma ! (2*Z+i) = γ (inputpos m t) ! i" using that Z_def gamma_def by (intro nth_append3[OF 1]) auto thenshow ?thesis using reseq_def that by simp qed qed
show ?thesis using ** 1234567by simp qed
section‹The CNF formula $\Phi$›
text‹
can now formulate all the parts $\Phi_0, \dots, \Phi_9$ of the complete
$\Phi$, and thus $\Phi$ itself.
text‹
have to show that the formula $\Phi$ is satisfiable if and only if $x \in L$.
is a subsection for both of the implications. Instead of $x \in L$ we will
the right-hand side of the following equivalence. ›
lemma L_iff_ex_u: "x ∈ L ⟷ (∃u. length u = p n ∧ exc ⟨x; u⟩ T' <.> 1 = 1)" proof - have"x ∈ L ⟷ (∃u. length u = p (length x) ∧ exc ⟨x; u⟩ (T (length ⟨x; u⟩)) <.> 1 = 1)" using cert by simp alsohave"... ⟷ (∃u. length u = p (length x) ∧ exc ⟨x; u⟩ (TT (length ⟨x; u⟩)) <.> 1 =1)" proof - have"bit_symbols ⟨x; u⟩"for u by simp thenhave"exc ⟨x; u⟩ (TT (length ⟨x; u⟩)) = exc ⟨x; u⟩ (T (length ⟨x; u⟩))"for u using exc_TT_eq_exc_T by blast thenshow ?thesis by simp qed alsohave"... ⟷ (∃u. length u = p n ∧ exc ⟨x; u⟩ T' <.> 1 = 1)" using T'_def length_pair m_def by auto finallyshow ?thesis . qed
subsection‹$\Phi$ satisfiable implies $x\in L$›
text‹
proof starts from an assignment $\alpha$ satisfying $\Phi$ and shows that
is a string $u$ of length $p(n)$ such that $M$, on input $\langle x, \rangle$, halts with the output tape head on the symbol \textbf{1}. The overarching
is that $\alpha$, by satisfying $\Phi$, encodes a string $u$ and a
of $M$ on $u$ that results in $M$ halting with the output tape head on
symbol~\textbf{1}.
assignment $\alpha$ is an infinite bit string, whose first $N = m'\cdot H$
are supposed to encode the first $m'$ symbols on $M$'s input tape, which
the pair $\langle x, u\rangle$. The first step of the proof is thus to
a $u$ of length $p(n)$ from the first $N$ bits of $\alpha$. The Formula \Phi_7$ ensures that the symbols representing $u$ are \textbf{0} or \textbf{1}
thus represent a bit string.
the proof shows that the first $N$ bits of $\alpha$ encode the relevant
$y(u)$ of the input tape for the $u$ just extracted, that is, $y(u)_i =
alpha(\gamma_i)$ for $i < m'$. The proof exploits the constraints set by \Phi_1$ to $\Phi_6$. In particular this implies that $y(u)_{\inputpos(t)} =
alpha(\gamma_{\inputpos(t)})$ for all $t$.
next $Z\cdot (T' + 1)$ bits of $\alpha$ encode $T' + 1$ snapshots. More
, we prove $z_0(u, t) = \alpha(\zeta_0^t)$ and $z_1(u, t) =
alpha(\zeta_1^t)$ and $z_2(u, t) = \alpha(\zeta_2^t)$ for all $t \leq T'$. This
by induction on $t$. The case $t = 0$ is covered by the formula $\Phi_0$.
$0 < t \leq T'$ the formulas $\chi_t$ are responsible, which make up \Phi_9$. Basically $\chi_t$ represents the recursive characterization of the
$z_t$ in terms of earlier snapshots (of $t-1$ and possibly $prev(t)$).
is the trickiest part and we need some preliminary lemmas for that.
that is done, we know that some bits of $\alpha$, namely \alpha(\zeta_1(T'))$, encode the symbol under the output tape head after $T'$ steps,
is, when $M$ has halted. Formula $\Phi_8$ ensures that this symbol is
textbf{1}, which concludes the proof.
null ›
lemma sat_PHI_imp_ex_u: assumes"satisfiable Φ" shows"∃u. length u = p n ∧ exc ⟨x; u⟩ T' <.> 1 = 1" proof - obtain α where α: "α ⊨ Φ" using assms satisfiable_def by auto
have len_us: "length us = p n" using us_def by simp
have us23: "us ! i = 2 ∨ us ! i = 3"if"i < p n"for i proof - have"α ⊨ Φ7" using PHI_def satisfies_def α by simp thenhave"α ⊨ Υ (γ (2*n+4+2*i))" using that PHI7_def satisfies_concat_map by auto thenhave"unary α (γ (2*n+4+2*i)) = 2 ∨ unary α (γ (2*n+4+2*i)) = 3" using Upsilon_unary length_gamma H_gr_2 by simp thenshow ?thesis using us_def that by simp qed
define u :: string where"u = symbols_to_string us"
have len_u: "length u = p n" using u_def len_us by simp
have"ysymbols u ! i = unary α (γ i)"if"i < m'"for i proof -
consider "i = 0"
| "1 ≤ i ∧ i < 2 * n + 1"
| "2 * n + 1 ≤ i ∧ i < 2 * n + 3"
| "2 * n + 3 ≤ i ∧ i < m + 1"
| "i ≥ m + 1 ∧ i < m + 1 + T'" using `i < m'` m'_def m_def by linarith thenshow ?thesis proof (cases) case1 thenhave"α ⊨ Ψ (γ i) 1" using PHI_def PHI1_def α satisfies_append by metis thenhave"unary α (γ i) = 1" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! i = 1" using1by (simp add: ysymbols_def) ultimatelyshow ?thesis by simp next case2 define j where"j = (i - 1) div 2" thenhave"j < n" using2by auto have"i = 2 * j + 1 ∨ i = 2 * j + 2" using2 j_def by auto thenshow ?thesis proof assume i: "i = 2 * j + 1" have"α ⊨ Φ3" using PHI_def satisfies_def α by simp thenhave"α ⊨ Ψ (γ (2*j+1)) 2" using PHI3_def satisfies_concat_map[OF _ `j < n`] by auto thenhave"unary α (γ (2*j+1)) = 2" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! (2*j+1) = 2" using ysymbols_first_at[OF `j < n`] by simp ultimatelyshow ?thesis using i by simp next assume i: "i = 2 * j + 2" have"α ⊨ Φ6" using PHI_def satisfies_def α by simp thenhave"α ⊨ Ψ (γ (2*j+2)) (if x ! j then 3 else 2)" using PHI6_def satisfies_concat_map[OF _ `j < n`] by fastforce thenhave"unary α (γ (2*j+2)) = (if x ! j then 3 else 2)" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! (2*j+2) = (if x ! j then 3 else 2)" using ysymbols_first_at[OF `j < n`] by simp ultimatelyshow ?thesis using i by simp qed next case3 thenhave"i = 2*n + 1 ∨ i = 2*n + 2" by auto thenshow ?thesis proof assume i: "i = 2 * n + 1" thenhave"α ⊨ Ψ (γ i) 3" using PHI_def PHI2_def α satisfies_append by metis thenhave"unary α (γ i) = 3" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! i = 3" using i ysymbols_at_2n1 by simp ultimatelyshow ?thesis by simp next assume i: "i = 2 * n + 2" thenhave"α ⊨ Ψ (γ i) 3" using PHI_def PHI2_def α satisfies_append by metis thenhave"unary α (γ i) = 3" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! i = 3" using i ysymbols_at_2n2 by simp ultimatelyshow ?thesis by simp qed next case4 moreoverdefine j where"j = (i - 2*n-3) div 2" ultimatelyhave j: "j < p n" using m_def by auto have"i = 2*n+2+2 * j + 1 ∨ i = 2*n+2+2 * j + 2" using4 j_def by auto thenshow ?thesis proof assume i: "i = 2 * n + 2 + 2 * j + 1" have"α ⊨ Φ4" using PHI_def satisfies_def α by simp thenhave"α ⊨ Ψ (γ (2*n+2+2*j+1)) 2" using PHI4_def satisfies_concat_map[OF _ `j < p n`] by auto thenhave"unary α (γ (2*n+2+2*j+1)) = 2" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! (2*n+2+2*j+1) = 2" using‹j < p n› ysymbols_second_at(1) len_u by presburger ultimatelyshow ?thesis using i by simp next assume i: "i = 2 * n + 2 + 2 * j + 2" have"us ! j = unary α (γ (2*n+4+2*j))" using us_def `j < p n` by simp thenhave"us ! j = unary α (γ (2*n+2+2*j+2))" by (simp add: numeral_Bit0) thenhave"unary α (γ (2*n+2+2*j+2)) = (if u ! j then 3 else 2)" using u_def us23 ‹j < p local.n› len_us by fastforce thenhave *: "unary α (γ i) = (if u ! j then 3 else 2)" using i by simp have"ysymbols u ! (2*n+2+2*j+2) = (if u ! j then 3 else 2)" using ysymbols_second_at(2) `j < p n` len_u by simp thenhave"ysymbols u ! i = (if u ! j then 3 else 2)" using i by simp thenshow ?thesis using * i by simp qed next case5 thenhave"α ⊨ Φ5" using PHI_def satisfies_def α by simp thenhave"α ⊨ Ψ (γ (2*n+2*p n + 3 + i')) 0"if"i' < T'"for i' unfolding PHI5_def using α satisfies_concat_map[OF _ that, of α] that by auto moreoverobtain i' where i': "i' < T'""i = m + 1 + i'" using5by (metis add_less_cancel_left le_Suc_ex) ultimatelyhave"α ⊨ Ψ (γ i) 0" using m_def numeral_3_eq_3 by simp thenhave"unary α (γ i) = 0" using Psi_unary H_gr_2 gamma_def by simp moreoverhave"ysymbols u ! i = 0" using5 ysymbols_last len_u by simp ultimatelyshow ?thesis by simp qed qed thenhave ysymbols: "ysymbols u ! (inputpos m t) = unary α (γ (inputpos m t))"for t using inputpos_less' len_u by simp
have"z0 u t = unary α (ζ0 t) ∧ z1 u t = unary α (ζ1 t) ∧ z2 u t = unary α (ζ2 t)" if"t ≤ T'"for t using that proof (induction t rule: nat_less_induct) case (1 t) show ?case proof (cases "t = 0") case True have"α ⊨ Φ0" using α PHI_def satisfies_def by simp thenhave 1: "α ⊨ Ψ (ζ0 0) 1"and 2: "α ⊨ Ψ (ζ1 0) 1"and 3: "α ⊨ Ψ (ζ2 0) 0" using PHI0_def by (metis satisfies_append(1), metis satisfies_append, metis satisfies_append(2)) have"unary α (ζ0 0) = 1" using Psi_unary[OF _ 1] H_gr_2 by simp moreoverhave"unary α (ζ1 0) = 1" using Psi_unary[OF _ 2] H_gr_2 by simp moreoverhave"unary α (ζ2 0) = 0" using Psi_unary[OF _ 3] by simp moreoverhave"z0 u 0 = ▹" using z0_def start_config2 by (simp add: start_config_pos) moreoverhave"z1 u 0 = ▹" using z1_def by (simp add: start_config2 start_config_pos) moreoverhave"z2 u 0 = ◻" using z2_def by (simp add: start_config_def) ultimatelyshow ?thesis using True by simp next case False thenhave"t > 0" by simp let ?t = "t - 1" have sat_chi: "α ⊨ χ t" proof - have"α ⊨ Φ9" using α PHI_def satisfies_def by simp moreoverhave"?t < T'" using1 `t > 0` by simp ultimatelyhave"α ⊨ χ (Suc ?t)" using satisfies_concat_map PHI9_def by auto thenshow ?thesis using‹t > 0›by simp qed show ?thesis proof (cases "prev m t < t") case True thenshow ?thesis using satisfies_chi_less z0 z1 z2' 1 len_u ysymbols sat_chi True `t ≤ T'` len_u by simp next case False thenhave eq: "prev m t = t" using prev_eq prev_less by blast show ?thesis using satisfies_chi_eq z0 z1' z2' ysymbols sat_chi eq `t > 0` `t ≤ T'` len_u 1 `t > 0` by simp qed qed qed thenhave"z1 u T' = unary α (ζ1 T')" by simp moreoverhave"unary α (ζ1 T') = 3" proof - have"α ⊨ Φ8" using α PHI_def satisfies_def by simp thenhave"α ⊨ Ψ (ζ1 T') 3" using PHI8_def by simp thenshow ?thesis using Psi_unary[of 3"ζ1 T'"] length_zeta1 H_gr_2 by simp qed ultimatelyhave"z1 u T' = 1" by simp thenhave"exc ⟨x; u⟩ T' <.> 1 = 1" using z1_def by simp thenshow ?thesis using len_u by auto qed
subsection‹$x\in L$ implies $\Phi$ satisfiable›
text‹
the other direction, we assume a string $x \in L$ and show that the formula \Phi$ derived from it is satisfiable. From $x \in L$ it follows that there is a
$u$ of length $p(n)$ such that $M$ on input $\langle x, u\rangle$
after $T'$ steps with the output tape head on the symbol~\textbf{1}.
assignment that satisfies $\Phi$ must have its first $N = m' \cdot H$ bits
in such a way that they encode the relevant portion $y(u)$ of the input
, that is, with $\langle x, u\rangle$ followed by $T'$ blanks. This will
care of satisfying $\Phi_1, \dots, \Phi_7$. The next $Z\cdot (T' + 1)$
of $\alpha$ must be set such that they encode the $T' + 1$ snapshots of $M$
started on $\langle x, u\rangle$. This way $\Phi_0$ and $\Phi_9$ will be
. Finally, $\Phi_8$ is satisfied because by the choice of $u$ the last
contains a \textbf{1} as the symbol under the output tape head.
following function maps a string $u$ to an assignment as just described. ›
definition beta :: "string ==> assignment" (‹β›) where "β u i ≡ if i < N then let j = i div H; k = i mod H in if j = 0 then k < 1 else if j = 2 * n + 1 ∨ j = 2 * n + 2 then k < 3 else if j ≥ 2 * n + 2 * p n + 3 then k < 0 else if odd j then k < 2 else if j ≤ 2 * n then k < (if x ! (j div 2 - 1) then 3 else 2) else k < (if u ! (j div 2 - n - 2) then 3 else 2) else if i < N + Z * (Suc T') then let t = (i - N) div Z; k = (i - N) mod Z in if k < H then k < z0 u t else if k < 2 * H then k - H < z1 u t else k - 2 * H < z2 u t else False"
text‹
order to show that $\beta(u)$ satisfies $\Phi$, we show that it satisfies all
of $\Phi$. These parts consist mostly of $\Psi$ formulas, whose
can be proved using lemma~@{thm [source] satisfies_Psi}. To apply
lemma, the following ones will be helpful. ›
lemma blocky_gammaI: assumes"∧k. k < H ==> α (j * H + k) = (k < l)" shows"blocky α (γ j) l" unfolding blocky_def gamma_def using assms by simp
lemma blocky_zeta0I: assumes"∧k. k < H ==> α (N + t * Z + k) = (k < l)" shows"blocky α (ζ0 t) l" unfolding blocky_def zeta0_def using assms by simp
lemma blocky_zeta1I: assumes"∧k. k < H ==> α (N + t * Z + H + k) = (k < l)" shows"blocky α (ζ1 t) l" unfolding blocky_def zeta1_def using assms by simp
lemma blocky_zeta2I: assumes"∧k. k < H ==> α (N + t * Z + 2 * H + k) = (k < l)" shows"blocky α (ζ2 t) l" unfolding blocky_def zeta2_def using Z_def assms by simp
lemma beta_1: "blocky (β u) (γ 0) 1" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "0 * H + k" have"?i < N" using N_eq add_mult_distrib2 k by auto thenshow"β u ?i = (k < 1)" using beta_def k by simp qed
lemma beta_2a: "blocky (β u) (γ (2*n+1)) 3" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "(2*n+1) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" using N_eq add_mult_distrib2 k by auto moreoverhave j: "?j = 2 * n + 1" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using j by linarith ultimatelyshow"β u ?i = (k < 3)" using beta_def by simp qed
lemma beta_2b: "blocky (β u) (γ (2*n+2)) 3" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "(2*n+2) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" using N_eq add_mult_distrib2 k by auto moreoverhave"?j = 2 * n + 2" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using calculation(2) by linarith ultimatelyshow"β u ?i = (k < 3)" using beta_def Let_def k by presburger qed
lemma beta_3: assumes"ii < n" shows"blocky (β u) (γ (2 * ii + 1)) 2" proof (intro blocky_gammaI) fix k ::nat assume k: "k < H" let ?i = "(2*ii+1) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" proof - have"?i < (2*n+1) * H + k" using assms k by simp alsohave"... < (2*n+1) * H + H" using k by simp alsohave"... = H * (2*n+2)" by simp alsohave"... ≤ H * (2*n+3)" by (metis add.commute add.left_commute add_2_eq_Suc le_add2 mult_le_mono2 numeral_3_eq_3) alsohave"... ≤ H * (2*n+2*p n+3)" by simp alsohave"... ≤ H * (2*n+2*p n+3 + T')" by simp finallyhave"?i < H * (2*n+2*p n+3 + T')" . thenshow ?thesis using N_eq by simp qed moreoverhave j: "?j = 2 * ii + 1" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using j by linarith moreoverhave"¬ (?j = 2*n+1 ∨ ?j = 2*n+2)" using j assms by simp moreoverhave"¬ ?j ≥ 2*n+2*p n + 3" using j assms by simp moreoverhave"odd ?j" using j by simp ultimatelyshow"β u ?i = (k < 2)" using beta_def by simp qed
lemma beta_4: assumes"ii < p n"and"length u = p n" shows"blocky (β u) (γ (2*n+2+2*ii+1)) 2" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "(2*n+2+2*ii+1) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" proof - have"?i = (2*n+2*ii+3) * H + k" by (simp add: numeral_3_eq_3) alsohave"... < (2*n+2*ii+3) * H + H" using k by simp alsohave"... = H * (2*n+2*ii+4)" by algebra alsohave"... ≤ H * (2*n+2*p n+3)" using assms(1) by simp alsohave"... ≤ H * (2*n+2*p n+3 + T')" by simp finallyhave"?i < H * (2*n+2*p n+3 + T')" . thenshow ?thesis using N_eq by simp qed moreoverhave j: "?j = 2 * n + 2 + 2 * ii + 1" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using j by linarith moreoverhave"¬ (?j = 2*n+1 ∨ ?j = 2*n+2)" using j assms by simp moreoverhave"¬ ?j ≥ 2*n+2*p n + 3" using j assms by simp moreoverhave"odd ?j" using j by simp ultimatelyshow"β u ?i = (k < 2)" using beta_def by simp qed
lemma beta_5: assumes"ii < T'" shows"blocky (β u) (γ (2*n+2*p n + 3 + ii)) 0" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "(2*n+2*p n + 3 + ii) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" proof - have"?i < (2*n+2*p n + 3 + ii) * H + H" using k by simp alsohave"... ≤ (2*n+2*p n + 3 + T' - 1) * H + H" proof - have"2*n+2*p n + 3 + ii ≤ 2*n+2*p n + 3 + T' - 1" using assms by simp thenshow ?thesis using add_le_mono1 mult_le_mono1 by presburger qed alsohave"... ≤ (2*n+2*p n + 2 + T') * H + H" by simp alsohave"... ≤ H * (2*n+2*p n + 3 + T')" by (simp add: numeral_3_eq_3) finallyhave"?i < H * (2*n+2*p n + 3 + T')" . thenshow ?thesis using N_eq by simp qed moreoverhave j: "?j = 2 * n + 2*p n + 3 + ii" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using j by linarith moreoverhave"¬ (?j = 2*n+1 ∨ ?j = 2*n+2)" using j by simp ultimatelyshow"β u ?i = (k < 0)" using beta_def Let_def k by simp qed
lemma beta_6: assumes"ii < n" shows"blocky (β u) (γ (2 * ii + 2)) (if x ! ii then 3 else 2)" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "(2*ii+2) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" proof - have"?i ≤ (2*n+2) * H + k" using assms by simp alsohave"... < (2*n+2) * H + H" using k by simp alsohave"... = (2*n+3) * H" by algebra alsohave"... ≤ (2*n + 2*p n + 3) * H" by simp alsohave"... ≤ (2*n + 2*p n + 3 + T') * H" by simp finallyhave"?i < (2*n + 2*p n + 3 + T') * H" . thenshow ?thesis using N_eq by (metis mult.commute) qed moreoverhave j: "?j = 2 * ii + 2" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using j by linarith moreoverhave"¬ (?j = 2*n+1 ∨ ?j = 2*n+2)" using j assms by simp moreoverhave"¬ ?j = 2*n+2*p n + 3" using j assms by simp moreoverhave"¬ odd ?j" using j by simp moreoverhave"?j ≤ 2 * n" using j assms by simp ultimatelyshow"β u ?i = (k < (if x ! ii then 3 else 2))" using beta_def by simp qed
lemma beta_7: assumes"ii < p n"and"length u = p n" shows"blocky (β u) (γ (2 * n + 4 + 2 * ii)) (if u ! ii then 3 else 2)" proof (intro blocky_gammaI) fix k :: nat assume k: "k < H" let ?i = "(2*n+4+2*ii) * H + k" let ?j = "?i div H" let ?k = "?i mod H" have"?i < N" proof - have1: "ii ≤ p n - 1" using assms(1) by simp have2: "p n > 0" using assms(1) by simp have"?i ≤ (2*n+4+2*(p n - 1)) * H + k" using1by simp alsohave"... = (2*n+4+2*p n-2) * H + k" using2 diff_mult_distrib2 by auto alsohave"... = (2*n+2+2*p n) * H + k" by simp alsohave"... < (2*n+2+2*p n) * H + H" using k by simp alsohave"... = (2*n+3+2*p n) * H" by algebra alsohave"... = H * (2*n + 2*p n + 3)" by simp alsohave"... ≤ H * (2*n + 2*p n + 3 + T')" by simp finallyhave"?i < H * (2*n + 2*p n + 3 + T')" . thenshow ?thesis using N_eq by simp qed moreoverhave j: "?j = 2 * n + 4 + 2 * ii" using k by (metis add_cancel_left_right div_less div_mult_self3 less_nat_zero_code) moreoverhave"?k = k" using k by (metis mod_if mod_mult_self3) moreoverhave"¬ ?j = 0" using j by linarith moreoverhave"¬ (?j = 2*n+1 ∨ ?j = 2*n+2)" using j assms by simp moreoverhave"¬ odd ?j" using j by simp moreoverhave"¬ ?j ≤ 2 * n" using j assms by simp moreoverhave"?j ≤ 2 * n + 2 * p n + 2" using j assms by simp ultimatelyshow"β u ?i = (k < (if u ! ii then 3 else 2))" using beta_def by simp qed
lemma beta_zeta0: assumes"t ≤ T'" shows"blocky (β u) (ζ0 t) (z0 u t)" proof (intro blocky_zeta0I) fix k ::nat assume k: "k < H" let ?i = "N + t * Z + k" let ?t = "(?i - N) div Z" let ?k = "(?i - N) mod Z" have"¬ ?i < N" by simp moreoverhave"?i < N + Z * (Suc T')" proof - have"?i ≤ N + T' * Z + k" using assms by simp alsohave"... < N + T' * Z + H" using k by simp alsohave"... ≤ N + T' * Z + Z" using Z_def by simp alsohave"... = N + Z * (Suc T')" by simp finallyshow ?thesis by simp qed moreoverhave kk: "?k = k" using k Z_def by simp moreoverhave"?t = t" using k Z_def by simp moreoverhave"?k < H" using kk k by simp ultimatelyshow"β u ?i = (k < z0 u t)" using beta_def by simp qed
lemma beta_zeta1: assumes"t ≤ T'" shows"blocky (β u) (ζ1 t) (z1 u t)" proof (intro blocky_zeta1I) fix k :: nat assume k: "k < H" let ?i = "N + t * Z + H + k" let ?t = "(?i - N) div Z" let ?k = "(?i - N) mod Z" have"¬ ?i < N" by simp moreoverhave"?i < N + Z * (Suc T')" proof - have"?i ≤ N + T' * Z + H + k" using assms by simp alsohave"... < N + T' * Z + H + H" using k by simp alsohave"... ≤ N + T' * Z + Z" using Z_def by simp alsohave"... = N + Z * (Suc T')" by simp finallyshow ?thesis by simp qed moreoverhave"?t = t" using k Z_def by simp moreoverhave kk: "?k = H + k" using k Z_def by simp moreoverhave"¬ ?k < H" using kk by simp moreoverhave"?k < 2 * H" using kk k by simp ultimatelyhave"β u ?i = (?k - H < z1 u t)" using beta_def by simp thenshow"β u ?i = (k < z1 u t)" using kk by simp qed
lemma beta_zeta2: assumes"t ≤ T'" shows"blocky (β u) (ζ2 t) (z2 u t)" proof (intro blocky_zeta2I) fix k :: nat assume k: "k < H" let ?i = "N + t * Z + 2 * H + k" let ?t = "(?i - N) div Z" let ?k = "(?i - N) mod Z" have1: "2 * H + k < Z" using k Z_def by simp have"¬ ?i < N" by simp moreoverhave"?i < N + Z * (Suc T')" proof - have"?i ≤ N + T' * Z + 2 * H + k" using assms by simp alsohave"... < N + T' * Z + 2 * H + H" using k by simp alsohave"... ≤ N + T' * Z + Z" using Z_def by simp alsohave"... = N + Z * (Suc T')" by simp finallyshow ?thesis by simp qed moreoverhave"?t = t" using1by simp moreoverhave kk: "?k = 2 * H + k" using k Z_def by simp moreoverhave"¬ ?k < H" using kk by simp moreoverhave"¬ ?k < 2 * H" using kk by simp ultimatelyhave"β u ?i = (?k - 2 * H < z2 u t)" using beta_def by simp thenshow"β u ?i = (k < z2 u t)" using kk by simp qed
text‹
can finally show that $\beta(u)$ satisfies $\Phi$ if $u$ is a certificate for
x$. ›
lemma satisfies_beta_PHI: assumes"length u = p n"and"exc ⟨x; u⟩ T' <.> 1 = 1" shows"β u ⊨ Φ" proof - have"β u ⊨ Φ0" proof - have"blocky (β u) (ζ0 0) (z0 u 0)" using beta_zeta0 by simp thenhave"blocky (β u) (ζ0 0) 1" using z0_def start_config2 start_config_pos by auto thenhave"β u ⊨ Ψ (ζ0 0) 1" using satisfies_Psi H_gr_2 by simp moreoverhave"β u ⊨ Ψ (ζ1 0) 1" proof - have"blocky (β u) (ζ1 0) (z1 u 0)" using beta_zeta1 by simp thenhave"blocky (β u) (ζ1 0) 1" using z1_def start_config2 start_config_pos by simp thenshow ?thesis using satisfies_Psi H_gr_2 by simp qed moreoverhave"β u ⊨ Ψ (ζ2 0) 0" proof - have"blocky (β u) (ζ2 0) (z2 u 0)" using beta_zeta2 by simp thenhave"blocky (β u) (ζ2 0) 0" using z2_def start_config_def by simp thenshow ?thesis using satisfies_Psi H_gr_2 by simp qed ultimatelyshow ?thesis using PHI0_def satisfies_def by auto qed moreoverhave"β u ⊨ Φ1" using PHI1_def H_gr_2 satisfies_Psi beta_1 by simp moreoverhave"β u ⊨ Φ2" proof - have"β u ⊨ Ψ (γ (2*n+1)) 3" using satisfies_Psi H_gr_2 beta_2a by simp moreoverhave"β u ⊨ Ψ (γ (2*n+2)) 3" using satisfies_Psi H_gr_2 beta_2b by simp ultimatelyshow ?thesis using PHI2_def satisfies_def by auto qed moreoverhave"β u ⊨ Φ3" proof - have"β u ⊨ Ψ (γ (2*i+1)) 2"if"i < n"for i using satisfies_Psi that H_gr_2 length_gamma less_imp_le_nat beta_3 by simp thenshow ?thesis using PHI3_def satisfies_concat_map' by simp qed moreoverhave"β u ⊨ Φ4" proof - have"β u ⊨ Ψ (γ (2*n+2+2*i+1)) 2"if"i < p n"for i using satisfies_Psi that H_gr_2 length_gamma less_imp_le_nat beta_4 assms(1) by simp thenshow ?thesis using PHI4_def satisfies_concat_map' by simp qed moreoverhave"β u ⊨ Φ5" proof - have"β u ⊨ Ψ (γ (2*n+2*p n+3+i)) 0"if"i < T'"for i using satisfies_Psi that H_gr_2 length_gamma less_imp_le_nat beta_5 assms(1) by simp thenshow ?thesis using PHI5_def satisfies_concat_map' by simp qed moreoverhave"β u ⊨ Φ6" proof - have"β u ⊨ Ψ (γ (2*i+2)) (if x ! i then 3 else 2)"if"i < n"for i using satisfies_Psi that H_gr_2 length_gamma less_imp_le_nat beta_6 by simp thenshow ?thesis using PHI6_def satisfies_concat_map' by simp qed moreoverhave"β u ⊨ Φ7" proof - have"β u ⊨ Υ (γ (2*n+4+2*i))"if"i < p n"for i proof - have"blocky (β u) (γ (2*n+4+2*i)) 2 ∨ blocky (β u) (γ (2*n+4+2*i)) 3" using assms that beta_7[of i u] by (metis (full_types)) thenhave"β u ⊨ Ψ (γ (2*n+4+2*i)) 2 ∨ β u ⊨ Ψ (γ (2*n+4+2*i)) 3" using satisfies_Psi H_gr_2 by auto thenshow ?thesis using Psi_2_imp_Upsilon Psi_3_imp_Upsilon H_gr_2 length_gamma by auto qed thenshow ?thesis using PHI7_def satisfies_concat_map' by simp qed moreoverhave"β u ⊨ Φ8" using PHI8_def H_gr_2 assms satisfies_Psi z1_def beta_zeta1 by (metis One_nat_def Suc_1 Suc_leI length_zeta1 nat_le_linear numeral_3_eq_3) moreoverhave"β u ⊨ Φ9" proof - have *: "unary (β u) (γ i) = ysymbols u ! i"if"i < length (ysymbols u)"for i proof - have"i < m'" using assms length_ysymbols that by simp then consider "i = 0"
| "1 ≤ i ∧ i < 2*n + 1"
| "2*n+1 ≤ i ∧ i < 2*n+3"
| "2*n+3 ≤ i ∧ i < m+1"
| "i ≥ m + 1 ∧ i < m + 1 + T'" using m'_def m_def by linarith thenshow ?thesis proof (cases) case1 thenshow ?thesis using ysymbols_at_0 blocky_imp_unary H_gr_2 beta_1 by simp next case2 moreoverdefine j where"j = (i - 1) div 2" ultimatelyhave j: "j < n""i = 2 * j + 1 ∨ i = 2 * j + 2" by auto show ?thesis proof (cases "i = 2 * j + 1") case True thenshow ?thesis using ysymbols_first_at(1) blocky_imp_unary H_gr_2 j(1) beta_3 by simp next case False thenhave"i = 2 * j + 2" using j(2) by simp thenshow ?thesis using ysymbols_first_at(2) blocky_imp_unary H_gr_2 j(1) beta_4 beta_6 by simp qed next case3 show ?thesis proof (cases "i = 2*n+1") case True thenshow ?thesis using ysymbols_at_2n1 blocky_imp_unary H_gr_2 beta_2a by simp next case False thenhave"i = 2*n+2" using3by simp thenshow ?thesis using ysymbols_at_2n2 blocky_imp_unary H_gr_2 beta_2b by simp qed next case4 moreoverdefine j where"j = (i - 2*n-3) div 2" ultimatelyhave j: "j < p n""i = 2*n+2+2 * j + 1 ∨ i = 2*n+2+2 * j + 2" using j_def m_def by auto show ?thesis proof (cases "i = 2*n+2+2 * j + 1") case True thenshow ?thesis using ysymbols_second_at(1) assms(1) blocky_imp_unary H_gr_2 j(1) beta_4 by simp next case False thenhave i: "i = 2*n+4+2 * j" using j(2) by simp thenhave"ysymbols u ! (2*n+2+2*j+2) = (if u ! j then 3 else 2)" using ysymbols_second_at(2) assms j(1) by simp thenhave"ysymbols u ! (2*n+4+2*j) = (if u ! j then 3 else 2)" by (metis False i j(2)) thenhave"ysymbols u ! i = (if u ! j then 3 else 2)" using i by simp thenshow ?thesis using beta_7[OF j(1)] blocky_imp_unary H_gr_2 length_gamma i assms(1) by simp qed next case5 thenobtain ii where ii: "ii < T'""i = m + 1 + ii" by (metis le_iff_add nat_add_left_cancel_less) have"blocky (β u) (γ (2*n+2*p n + 3 + ii)) 0" using beta_5[OF ii(1)] by simp thenhave"blocky (β u) (γ i) 0" using ii(2) m_def numeral_3_eq_3 by simp thenhave"unary (β u) (γ i) = 0" using blocky_imp_unary by simp moreoverhave"ysymbols u ! i = 0" using ysymbols_last[OF assms(1)] 5by simp ultimatelyshow ?thesis by simp qed qed have"β u ⊨ χ (Suc t)" (is"β u ⊨ χ ?t") if"t < T'"for t proof (cases "prev m ?t < ?t") case True have t: "?t ≤ T'" using that by simp thenhave"unary (β u) (ζ0 ?t) = z0 u ?t" using blocky_imp_unary z0_le beta_zeta0 by simp moreoverhave"ysymbols u ! (inputpos m ?t) = unary (β u) (γ (inputpos m ?t))" using * assms(1) inputpos_less' length_ysymbols by simp ultimatelyhave"unary (β u) (ζ0 ?t) = unary (β u) (γ (inputpos m ?t))" using assms(1) z0 by simp moreoverhave"unary (β u) (ζ1 ?t) = z1 u ?t" using beta_zeta1 blocky_imp_unary z1_le t by simp moreoverhave"unary (β u) (ζ2 ?t) = z2 u ?t" using beta_zeta2 blocky_imp_unary z2_le t by simp moreoverhave"unary (β u) (ζ0 (prev m ?t)) = z0 u (prev m ?t)" using beta_zeta0 blocky_imp_unary z0_le t True by simp moreoverhave"unary (β u) (ζ1 (prev m ?t)) = z1 u (prev m ?t)" using beta_zeta1 blocky_imp_unary z1_le t True by simp moreoverhave"unary (β u) (ζ2 (prev m ?t)) = z2 u (prev m ?t)" using beta_zeta2 blocky_imp_unary z2_le t True by simp moreoverhave"unary (β u) (ζ0 (?t - 1)) = z0 u (?t - 1)" using beta_zeta0 blocky_imp_unary z0_le t True by simp moreoverhave"unary (β u) (ζ1 (?t - 1)) = z1 u (?t - 1)" using beta_zeta1 blocky_imp_unary z1_le t True by simp moreoverhave"unary (β u) (ζ2 (?t - 1)) = z2 u (?t - 1)" using beta_zeta2 blocky_imp_unary z2_le t True by simp ultimatelyshow ?thesis using True assms(1) satisfies_chi_less[OF True] t z1 z2' by (metis bot_nat_0.extremum less_nat_zero_code nat_less_le) next case False thenhave prev: "prev m ?t = ?t" using prev_le by (meson le_neq_implies_less) have t: "?t ≤ T'" using that by simp thenhave"unary (β u) (ζ0 ?t) = z0 u ?t" using beta_zeta0 blocky_imp_unary z0_le by simp moreoverhave"ysymbols u ! (inputpos m ?t) = unary (β u) (γ (inputpos m ?t))" using * assms(1) inputpos_less' length_ysymbols by simp ultimatelyhave"unary (β u) (ζ0 ?t) = unary (β u) (γ (inputpos m ?t))" using assms(1) z0 by simp moreoverhave"unary (β u) (ζ1 ?t) = z1 u ?t" using beta_zeta1 blocky_imp_unary z1_le t by simp moreoverhave"z1 u ?t = ◻" using z1' beta_zeta1 assms(1) prev t by simp moreoverhave"unary (β u) (ζ2 ?t) = z2 u ?t" using beta_zeta2 blocky_imp_unary z2_le t by simp moreoverhave"unary (β u) (ζ0 (?t - 1)) = z0 u (?t - 1)" using beta_zeta0 blocky_imp_unary z0_le t by simp moreoverhave"unary (β u) (ζ1 (?t - 1)) = z1 u (?t - 1)" using beta_zeta1 blocky_imp_unary z1_le t by simp moreoverhave"unary (β u) (ζ2 (?t - 1)) = z2 u (?t - 1)" using beta_zeta2 blocky_imp_unary z2_le t by simp ultimatelyshow ?thesis using satisfies_chi_eq[OF prev] start_config2 start_config_pos t that z1_def z2 assms(1) by (metis (no_types, lifting) One_nat_def Suc_1 Suc_less_eq add_diff_inverse_nat
execute.simps(1) less_one n_not_Suc_n plus_1_eq_Suc) qed thenshow ?thesis using PHI9_def satisfies_concat_map' by presburger qed ultimatelyshow ?thesis using satisfies_append' PHI_def by simp qed
corollary ex_u_imp_sat_PHI: assumes"length u = p n"and"exc ⟨x; u⟩ T' <.> 1 = 1" shows"satisfiable Φ" using satisfies_beta_PHI assms satisfiable_def by auto
text‹
formula $\Phi$ has the desired property: ›
theorem L_iff_satisfiable: "x ∈ L ⟷ satisfiable Φ" using L_iff_ex_u ex_u_imp_sat_PHI sat_PHI_imp_ex_u by auto
end(* locale reduction_sat_x *)
end
Messung V0.5 in Prozent
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.119Bemerkung:
(vorverarbeitet am 2026-06-12)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
Suchen
