feat(Computability): add Unlimited Register Machines

[jessealama]

Summary

This PR introduces Unlimited Register Machines (URMs), a model of computation with instructions, programs, and registers. URMs are a standard topic in computability theory, introduced by Shepherdson and Sturgis and popularized by Cutland's textbook.

What's included

Core definitions (Defs.lean):

• Instr: The four instruction types (Z, S, T, J)
• Program: Lists of instructions, with shift_jumps, shift_registers, max_register
• State: Register contents as ℕ → ℕ
• Config: Machine configuration (program counter + state)

Basic lemmas (Basic.lean):

• State.write_read_self, State.write_read_of_ne: State read/write lemmas
• Config.is_halted_iff, Config.ext: Configuration lemmas
• isJump, IsJump: Jump instruction predicates
• jumps_bounded_by, JumpsBoundedBy: Bounded jump targets
• cap_jump: Cap jump targets to a given length

Execution semantics (Execution.lean):

• Step: Single-step execution relation
• Steps: Multi-step execution (reflexive-transitive closure)
• Halts, Diverges, HaltsWithResult: Halting predicates
• eval: Evaluation as a partial function
• ProgramEquiv: Program equivalence with Setoid instance (≈ notation)
• Standard notation: p ↓ inputs, p ↑ inputs, p ↓ inputs ≫ result
• Key theorems: Step.deterministic, Steps.eq_of_halts

Computability (Computable.lean):

• Computes: A program computes a given partial function
• Computable: A partial function is URM-computable (∃ program that computes it)
• Basic computable functions: successor, projection, identity

Straight-line programs (StraightLine.lean):

• IsStraightLine: Programs without jumps
• straight_line_halts: Straight-line programs always halt

Standard form (StandardForm.lean):

• IsStandardForm: Programs with bounded jump targets
• to_standard_form: Normalization function
• to_standard_form_equiv: Behavioral equivalence (p.to_standard_form ≈ p)
• to_standard_form_idempotent: Idempotence of normalization

Design decisions

• 0-indexed registers: Aligns with Lean/Mathlib conventions (differs from Cutland's 1-indexed presentation)
• Functional state representation: State := ℕ → ℕ works well with grind and simp
• Relational semantics: Step as an inductive relation rather than a function, following the style of Mathlib's Turing machine formalization

Feedback welcome

I'm happy to adjust naming conventions, reorganize the module structure, or refine the API based on reviewer preferences. This is my first contribution to CSLib, so guidance on project conventions is appreciated.

[BoltonBailey]

Representing states as functions from Nat to Nat is convenient here, but I worry that it would lead to problems down the road. The other choice I have in mind is to let the registers of a UTM be indexed by an arbitrary (or perhaps [Fintype]) type, and then have State be defined State (m : UTM) := u.RegisterIndex -> Nat as machine-dependent type. You would have to include this extra variable. But the benefit would be that if you want to define a composition of the functionalities of different UTMs (like I do for TMs in #269), you can do so by taking a direct product of the individual register indices, which would hopefully make functions on that register type easier to define. It would also have the benefit, if the register type were finite, of having the register state be printable data.

Perhaps this change is not necessary since the textbook defines it this way, but it's something to think about.

[fmontesi]

If this takes too long to figure out, I think it's fine to proceed with the current version. In general, we might wanna have a general 'RegisterMachine' concept and then apply it here, but it might be good to accumulate some experience first.

[jessealama]

I love the idea of a general register machine concept! What I might suggest is implementing another register machine model, say RASP machines (but that's just one possibility!).

[jessealama]

One challenge with the use of an arbitrary index type for the register indices, or [Fintype], would be to ensure the coherence of programs. Using natural numbers, one has the luxury of knowing that any program is coherent in the sense that any register index appearing in it refers to a register that actually exists. Programs and machines (or states) are sort of independent. But perhaps I'm overthinking this; making the definition of machine states and programs share an index type could work (and might have some nice theoretical benefits such as enabling a notion of product of machines).

[chenson2018]

This looks pretty good to me, and thank you for documenting things well. Here are some overarching thoughts:

• I think the duplication of API between Bool and Prop that happens in several places is unnecessary
• I made a lot of comments about how you can use grind. These are not all mandatory (I have a personal inclination to use it a lot) but I think worth it overall. Definitions/theorems I passed directly to grind often should have annotations for these.
• I wasn't completely comfortable with the use of choice in some type signatures, but I need to think more carefully about this

[ctchou]

If the jump instruction's semantics is changed to a relative jump (namely, the jump target is specified via an offset relative to the jump instruction's own position, rather than an absolute position), would shift_jumps and all related stuff still be needed? Of course this would require either q be an integer or the jump instruction be split into a jump_forward and a jump_backward instructions.

[jessealama]

Interesting idea! I think relative offsets would be fine (and shouldn't affect the class of computable functions). This change would indeed obviate the need for shift_jumps and similar bureaucratic details, but some details would just get shifted to other places. On balance, though, the net gain of a relative approach might be worth it. I'm not sure. I'd be happy to explore this idea.

[jessealama]

I thought about this some more, and I suggest exploring this in a follow-on PR. A syntactic conversion between programs is straightforward and an equivalence proof should also be pretty easy. In my opinion, this kind of exercise belongs in CSLib. What do you think?

[ctchou]

It's up to you, for you will have to do the proofs. PC-relative jump is in fact an old idea. Every modern instruction set architecture has it, precisely for the purpose of supporting position-independent code.

[ctchou]

A related idea is to add a base register and/or literal to each instruction, so that each address is relative to that base, rather than an absolute address. Here you can probably get away with using only Nat for address.

[chenson2018]

There's some spectrum of tradeoff here from staying minimal and abstract to mirroring a real instruction set. I'm fine if this stays simple at first, especially if that will make your future plans for connecting to SKI simpler.

[ctchou]

Come to think of it: you can have a special register (say, registter 0) which contains a "base PC". The real target of a jump instruction is the target + the value of the base PC. This will also give you position-independent code at the expense of changing the base PC value when switching between different blocks of code.

[ctchou]

I agree with Chris. Adding more "realistic" instruction features is easy. The hard part is to show that the fancier instructions can be implemented by a more primitive formalism like SKI.

[jessealama]

My first instinct here is to investigate the relative jump idea. That ought to simplify the proofs of closure of URM-computable functions under composition, primitive recursion, and minimization. And it should help with the SKI equivalence proof, too.

[jessealama]

• I wasn't completely comfortable with the use of choice in some type signatures, but I need to think more carefully about this

I've refactored the theorems that use choice to use the Part API, in particular Part.get. That pushes choice out of the URM API. (I think for this formalization we can't totally avoid choice.)

[fmontesi]

Really nice work! I've added some comments and questions myself.

[fmontesi]

@chenson2018, in LTS we have the class Deterministic to cover exactly this. Would it make sense to introduce a similar class for ReductionSystem and use it here?

[fmontesi]

As Chris mentioned, some of these things can come for free from ReductionSystem.

[fmontesi]

@chenson2018: if we don't/cannot generalise this to ReductionSystem now, I'd like a concurrent issue to be opened so that we remember.

In general, concepts like divergence and termination should probably be unified under general definitions for ReductionSystem and LTS.

[jessealama]

I really like that idea. I'll investigate using Deterministic. I tried building a bit on top of LTSs but I couldn't think of a good match with URM semantics, but it looks like I need to investigate LTSs some more.

[chenson2018]

I think ReuctionSystem is pretty straightforward in replacing Step/Steps. I'd say give it a try and if we hit any significant difficulties we open an issue as Fabrizio has suggested.

[jessealama]

I'll give that a try; I'd really like to align with existing infrastructure. Stay tuned!