author  wenzelm 
Sun, 01 Mar 2009 23:36:12 +0100  
(* Title: HOL/Tools/sat_funcs.ML 
Author: Stephan Merz and Alwen Tiu, QSL Team, LORIA (http://qsl.loria.fr) 

Author: Tjark Weber, TU Muenchen 
Proof reconstruction from SAT solvers. 

Description: 

This file defines several tactics to invoke a proofproducing 

SAT solver on a propositional goal in clausal form. 

We use a sequent presentation of clauses to speed up resolution 

proof reconstruction. 
We call such clauses "raw clauses", which are of the form 

[x1, ..., xn, P]  False 
(note the use of  instead of ==>, i.e. of Isabelle's (meta)hyps here), 
where each xi is a literal (see also comments in cnf_funcs.ML). 
This does not work for goals containing schematic variables! 
The tactic produces a clause representation of the given goal 
in DIMACS format and invokes a SAT solver, which should return 
a proof consisting of a sequence of resolution steps, indicating 
the two input clauses, and resulting in new clauses, leading to 
the empty clause (i.e. "False"). The tactic replays this proof 
in Isabelle and thus solves the overall goal. 
There are three SAT tactics available. They differ in the CNF transformation 
used. "sat_tac" uses naive CNF transformation to transform the theorem to be 
proved before giving it to the SAT solver. The naive transformation in the 
worst case can lead to an exponential blow up in formula size. Another 
tactic, "satx_tac", uses "definitional CNF transformation" which attempts to 
produce a formula of linear size increase compared to the input formula, at 
the cost of possibly introducing new variables. See cnf_funcs.ML for more 
comments on the CNF transformation. "rawsat_tac" should be used with 
caution: no CNF transformation is performed, and the tactic's behavior is 
undefined if the subgoal is not already given as [ C1; ...; Cn ] ==> False, 
where each Ci is a disjunction. 
The SAT solver to be used can be set via the "solver" reference. See 
sat_solvers.ML for possible values, and etc/settings for required (solver 
dependent) configuration settings. To replay SAT proofs in Isabelle, you 
must of course use a proofproducing SAT solver in the first place. 
Proofs are replayed only if "!quick_and_dirty" is false. If 
"!quick_and_dirty" is true, the theorem (in case the SAT solver claims its 
negation to be unsatisfiable) is proved via an oracle. 
*) 
48 

49 
signature SAT = 

50 
sig 

val trace_sat : bool ref (* input: print trace messages *) 
52 
val solver : string ref (* input: name of SAT solver to be used *) 

53 
val counter : int ref (* output: number of resolution steps during last proof replay *) 

54 
val rawsat_tac : int > Tactical.tactic 
val sat_tac : int > Tactical.tactic 
val satx_tac : int > Tactical.tactic 
end 
59 

functor SATFunc (structure cnf : CNF) : SAT = 
struct 
17618  62 

val trace_sat = ref false; 
20170  65 
val solver = ref "zchaff_with_proofs"; (* see HOL/Tools/sat_solver.ML for possible values *) 
17622
val counter = ref 0; 
21267  69 
let 
val cterm = cterm_of (the_context ()) 
val Q = Var (("Q", 0), HOLogic.boolT) 
clauses now use (meta)hyps instead of (meta)implications; significant speedup
webertj
parents:
17843
diff
changeset

73 
val False = HOLogic.false_const 
150e8b0fb991
clauses now use (meta)hyps instead of (meta)implications; significant speedup
webertj
parents:
17843
diff
changeset

74 
in 
Thm.instantiate ([], [(cterm Q, cterm False)]) @{thm case_split} 
end; 
val cP = cterm_of (theory_of_thm resolution_thm) (Var (("P", 0), HOLogic.boolT)); 
(*  *) 
(* lit_ord: an order on integers that considers their absolute values only, *) 
(* thereby treating integers that represent the same atom (positively *) 
(* or negatively) as equal *) 
(*  *) 
fun lit_ord (i, j) = 
int_ord (abs i, abs j); 
(*  *) 
(* CLAUSE: during proof reconstruction, three kinds of clauses are *) 
(* distinguished: *) 
(* 1. NO_CLAUSE: clause not proved (yet) *) 
(* 2. ORIG_CLAUSE: a clause as it occurs in the original problem *) 
(* 3. RAW_CLAUSE: a raw clause, with additional precomputed information *) 
(* (a mapping from int's to its literals) for faster proof *) 
(* reconstruction *) 
(*  *) 
datatype CLAUSE = NO_CLAUSE 
 ORIG_CLAUSE of Thm.thm 
 RAW_CLAUSE of Thm.thm * (int * Thm.cterm) list; 
17622
(*  *) 
(* resolve_raw_clauses: given a nonempty list of raw clauses, we fold *) 
(* resolution over the list (starting with its head), i.e. with two raw *) 
(* clauses *) 
(* [P, x1, ..., a, ..., xn]  False *) 
(* and *) 
(* [Q, y1, ..., a', ..., ym]  False *) 
(* (where a and a' are dual to each other), we convert the first clause *) 
(* to *) 
(* [P, x1, ..., xn]  a ==> False , *) 
(* the second clause to *) 
(* [Q, y1, ..., ym]  a' ==> False *) 
(* and then perform resolution with *) 
(* [ ?P ==> False; ~?P ==> False ] ==> False *) 
(* to produce *) 
(* [P, Q, x1, ..., xn, y1, ..., ym]  False *) 
(* Each clause is accompanied with an association list mapping integers *) 
(* (positive for positive literals, negative for negative literals, and *) 
(* the same absolute value for dual literals) to the actual literals as *) 
(* cterms. *) 
(*  *) 
(* (Thm.thm * (int * Thm.cterm) list) list > Thm.thm * (int * Thm.cterm) list *) 
17809
fun resolve_raw_clauses [] = 
raise THM ("Proof reconstruction failed (empty list of resolvents)!", 0, []) 
 resolve_raw_clauses (c::cs) = 
let 
(* merges two sorted lists wrt. 'lit_ord', suppressing duplicates *) 
fun merge xs [] = xs 
 merge [] ys = ys 
 merge (x::xs) (y::ys) = 
(case (lit_ord o pairself fst) (x, y) of 
LESS => x :: merge xs (y::ys) 
 EQUAL => x :: merge xs ys 
 GREATER => y :: merge (x::xs) ys) 
20278
(* find out which two hyps are used in the resolution *) 
(* (int * Thm.cterm) list * (int * Thm.cterm) list > (int * Thm.cterm) list > bool * Thm.cterm * Thm.cterm * (int * Thm.cterm) list *) 
fun find_res_hyps ([], _) _ = 
raise THM ("Proof reconstruction failed (no literal for resolution)!", 0, []) 
 find_res_hyps (_, []) _ = 
raise THM ("Proof reconstruction failed (no literal for resolution)!", 0, []) 
 find_res_hyps (h1 :: hyps1, h2 :: hyps2) acc = 
(case (lit_ord o pairself fst) (h1, h2) of 
LESS => find_res_hyps (hyps1, h2 :: hyps2) (h1 :: acc) 
 EQUAL => let 
val (i1, chyp1) = h1 
val (i2, chyp2) = h2 
in 
if i1 = ~ i2 then 
(i1 < 0, chyp1, chyp2, rev acc @ merge hyps1 hyps2) 
else (* i1 = i2 *) 
find_res_hyps (hyps1, hyps2) (h1 :: acc) 
end 
 GREATER => find_res_hyps (h1 :: hyps1, hyps2) (h2 :: acc)) 
21768
(* Thm.thm * (int * Thm.cterm) list > Thm.thm * (int * Thm.cterm) list > Thm.thm * (int * Thm.cterm) list *) 
fun resolution (c1, hyps1) (c2, hyps2) = 
17622
let 
val _ = if !trace_sat then 
tracing ("Resolving clause: " ^ Display.string_of_thm c1 ^ " (hyps: " ^ ML_Syntax.print_list (Syntax.string_of_term_global (theory_of_thm c1)) (#hyps (rep_thm c1)) 
^ ")\nwith clause: " ^ Display.string_of_thm c2 ^ " (hyps: " ^ ML_Syntax.print_list (Syntax.string_of_term_global (theory_of_thm c2)) (#hyps (rep_thm c2)) ^ ")") 
else () 
17809
20278
(* the two literals used for resolution *) 
val (hyp1_is_neg, hyp1, hyp2, new_hyps) = find_res_hyps (hyps1, hyps2) [] 
20278
val c1' = Thm.implies_intr hyp1 c1 (* Gamma1  hyp1 ==> False *) 
val c2' = Thm.implies_intr hyp2 c2 (* Gamma2  hyp2 ==> False *) 
val res_thm = (*  (lit ==> False) ==> (~lit ==> False) ==> False *) 
let 
val cLit = snd (Thm.dest_comb (if hyp1_is_neg then hyp2 else hyp1)) (* strip Trueprop *) 
in 
Thm.instantiate ([], [(cP, cLit)]) resolution_thm 
end 
val _ = if !trace_sat then 
tracing ("Resolution theorem: " ^ Display.string_of_thm res_thm) 
else () 
20440
(* Gamma1, Gamma2  False *) 
val c_new = Thm.implies_elim 
(Thm.implies_elim res_thm (if hyp1_is_neg then c2' else c1')) 
(if hyp1_is_neg then c1' else c2') 
19236
val _ = if !trace_sat then 
tracing ("Resulting clause: " ^ Display.string_of_thm c_new ^ " (hyps: " ^ ML_Syntax.print_list (Syntax.string_of_term_global (theory_of_thm c_new)) (#hyps (rep_thm c_new)) ^ ")") 
else () 
val _ = inc counter 
in 
(c_new, new_hyps) 
end 
in 
fold resolution cs c 
end; 
(*  *) 
(* replay_proof: replays the resolution proof returned by the SAT solver; *) 
(* cf. SatSolver.proof for details of the proof format. Updates the *) 
(* 'clauses' array with derived clauses, and returns the derived clause *) 
(* at index 'empty_id' (which should just be "False" if proof *) 
(* reconstruction was successful, with the used clauses as hyps). *) 
(* 'atom_table' must contain an injective mapping from all atoms that *) 
(* occur (as part of a literal) in 'clauses' to positive integers. *) 
(*  *) 
20278
(* int Termtab.table > CLAUSE Array.array > SatSolver.proof > Thm.thm *) 
20278
fun replay_proof atom_table clauses (clause_table, empty_id) = 
let 
(* Thm.cterm > int option *) 
fun index_of_literal chyp = ( 
case (HOLogic.dest_Trueprop o Thm.term_of) chyp of 
(Const ("Not", _) $ atom) => 
SOME (~(valOf (Termtab.lookup atom_table atom))) 
 atom => 
SOME (valOf (Termtab.lookup atom_table atom)) 
) handle TERM _ => NONE; (* 'chyp' is not a literal *) 
21768
(* int > Thm.thm * (int * Thm.cterm) list *) 
fun prove_clause id = 
case Array.sub (clauses, id) of 
RAW_CLAUSE clause => 
clause 
 ORIG_CLAUSE thm => 
(* convert the original clause *) 
let 
val _ = if !trace_sat then tracing ("Using original clause #" ^ string_of_int id) else () 
val raw = cnf.clause2raw_thm thm 
val hyps = sort (lit_ord o pairself fst) (map_filter (fn chyp => 
Option.map (rpair chyp) (index_of_literal chyp)) (#hyps (Thm.crep_thm raw))) 
val clause = (raw, hyps) 
val _ = Array.update (clauses, id, RAW_CLAUSE clause) 
238 
239 
end 
 NO_CLAUSE => 
(* prove the clause, using information from 'clause_table' *) 
let 
val _ = if !trace_sat then tracing ("Proving clause #" ^ string_of_int id ^ " ...") else () 
val ids = valOf (Inttab.lookup clause_table id) 
val clause = resolve_raw_clauses (map prove_clause ids) 
val _ = Array.update (clauses, id, RAW_CLAUSE clause) 
val _ = if !trace_sat then tracing ("Replay chain successful; clause stored at #" ^ string_of_int id) else () 
in 
clause 
end 
val _ = counter := 0 
val empty_clause = fst (prove_clause empty_id) 
val _ = if !trace_sat then tracing ("Proof reconstruction successful; " ^ string_of_int (!counter) ^ " resolution step(s) total.") else () 
in 
empty_clause 
end; 
20278
(*  *) 
(* string_of_prop_formula: return a humanreadable string representation of *) 
(* a 'prop_formula' (just for tracing) *) 
(*  *) 
17809
(* PropLogic.prop_formula > string *) 
17809
fun string_of_prop_formula PropLogic.True = "True" 
 string_of_prop_formula PropLogic.False = "False" 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

269 
 string_of_prop_formula (PropLogic.BoolVar i) = "x" ^ string_of_int i 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

270 
 string_of_prop_formula (PropLogic.Not fm) = "~" ^ string_of_prop_formula fm 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

271 
 string_of_prop_formula (PropLogic.Or (fm1, fm2)) = "(" ^ string_of_prop_formula fm1 ^ " v " ^ string_of_prop_formula fm2 ^ ")" 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

272 
 string_of_prop_formula (PropLogic.And (fm1, fm2)) = "(" ^ string_of_prop_formula fm1 ^ " & " ^ string_of_prop_formula fm2 ^ ")"; 
17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

273 

5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

274 
(*  *) 
21267  275 
(* take_prefix: *) 
276 
(* take_prefix n [x_1, ..., x_k] = ([x_1, ..., x_n], [x_n+1, ..., x_k]) *) 

17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

277 
(*  *) 
17618  278 

21267  279 
(* int > 'a list > 'a list * 'a list *) 
280 

281 
fun take_prefix n xs = 

282 
let 

283 
fun take 0 (rxs, xs) = (rev rxs, xs) 

284 
 take _ (rxs, []) = (rev rxs, []) 

285 
 take n (rxs, x :: xs) = take (n1) (x :: rxs, xs) 

286 
in 

287 
take n ([], xs) 

288 
end; 

17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

289 

21267  290 
(*  *) 
291 
(* rawsat_thm: run external SAT solver with the given clauses. Reconstructs *) 

292 
(* a proof from the resulting proof trace of the SAT solver. The *) 

293 
(* theorem returned is just "False" (with some of the given clauses as *) 

294 
(* hyps). *) 

295 
(*  *) 

296 

297 
(* Thm.cterm list > Thm.thm *) 

298 

299 
fun rawsat_thm clauses = 

17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

300 
let 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

301 
(* remove premises that equal "True" *) 
21267  302 
val clauses' = filter (fn clause => 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

303 
(not_equal HOLogic.true_const o HOLogic.dest_Trueprop o Thm.term_of) clause 
21267  304 
handle TERM ("dest_Trueprop", _) => true) clauses 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

305 
(* remove nonclausal premises  of course this shouldn't actually *) 
21267  306 
(* remove anything as long as 'rawsat_tac' is only called after the *) 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

307 
(* premises have been converted to clauses *) 
21267  308 
val clauses'' = filter (fn clause => 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

309 
((cnf.is_clause o HOLogic.dest_Trueprop o Thm.term_of) clause 
21267  310 
handle TERM ("dest_Trueprop", _) => false) 
311 
orelse ( 

26928  312 
warning ("Ignoring nonclausal premise " ^ Display.string_of_cterm clause); 
21267  313 
false)) clauses' 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

314 
(* remove trivial clauses  this is necessary because zChaff removes *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

315 
(* trivial clauses during preprocessing, and otherwise our clause *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

316 
(* numbering would be off *) 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

317 
val nontrivial_clauses = filter (not o cnf.clause_is_trivial o HOLogic.dest_Trueprop o Thm.term_of) clauses'' 
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

318 
(* sort clauses according to the term order  an optimization, *) 
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

319 
(* useful because forming the union of hypotheses, as done by *) 
23533  320 
(* Conjunction.intr_balanced and fold Thm.weaken below, is quadratic for *) 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

321 
(* terms sorted in descending order, while only linear for terms *) 
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

322 
(* sorted in ascending order *) 
29269
5c25a2012975
moved term order operations to structure TermOrd (cf. Pure/term_ord.ML);
wenzelm
parents:
27115
diff
changeset

323 
val sorted_clauses = sort (TermOrd.fast_term_ord o pairself Thm.term_of) nontrivial_clauses 
21267  324 
val _ = if !trace_sat then 
26931  325 
tracing ("Sorted nontrivial clauses:\n" ^ cat_lines (map Display.string_of_cterm sorted_clauses)) 
19534  326 
else () 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

327 
(* translate clauses from HOL terms to PropLogic.prop_formula *) 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

328 
val (fms, atom_table) = fold_map (PropLogic.prop_formula_of_term o HOLogic.dest_Trueprop o Thm.term_of) sorted_clauses Termtab.empty 
21267  329 
val _ = if !trace_sat then 
26931  330 
tracing ("Invoking SAT solver on clauses:\n" ^ cat_lines (map string_of_prop_formula fms)) 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

331 
else () 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

332 
val fm = PropLogic.all fms 
17842
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

333 
(* unit > Thm.thm *) 
21267  334 
fun make_quick_and_dirty_thm () = 
335 
let 

336 
val _ = if !trace_sat then 

337 
tracing "'quick_and_dirty' is set: proof reconstruction skipped, using oracle instead." 

338 
else () 

339 
val False_thm = SkipProof.make_thm (the_context ()) (HOLogic.Trueprop $ HOLogic.false_const) 

340 
in 

21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

341 
(* 'fold Thm.weaken (rev sorted_clauses)' is linear, while 'fold *) 
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

342 
(* Thm.weaken sorted_clauses' would be quadratic, since we sorted *) 
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

343 
(* clauses in ascending order (which is linear for *) 
23533  344 
(* 'Conjunction.intr_balanced', used below) *) 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

345 
fold Thm.weaken (rev sorted_clauses) False_thm 
21267  346 
end 
17618  347 
in 
21268  348 
case (tracing ("Invoking solver " ^ (!solver)); SatSolver.invoke_solver (!solver) fm) of 
17842
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

349 
SatSolver.UNSATISFIABLE (SOME (clause_table, empty_id)) => ( 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

350 
if !trace_sat then 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

351 
tracing ("Proof trace from SAT solver:\n" ^ 
21756  352 
"clauses: " ^ ML_Syntax.print_list (ML_Syntax.print_pair Int.toString (ML_Syntax.print_list Int.toString)) (Inttab.dest clause_table) ^ "\n" ^ 
21586
8da782143bde
clauses sorted according to term order (significant speedup in some cases)
webertj
parents:
21474
diff
changeset

353 
"empty clause: " ^ Int.toString empty_id) 
17842
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

354 
else (); 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

355 
if !quick_and_dirty then 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

356 
make_quick_and_dirty_thm () 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

357 
else 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

358 
let 
21267  359 
(* optimization: convert the given clauses to "[c_1 && ... && c_n]  c_i"; *) 
360 
(* this avoids accumulation of hypotheses during resolution *) 

361 
(* [c_1, ..., c_n]  c_1 && ... && c_n *) 

23533  362 
val clauses_thm = Conjunction.intr_balanced (map Thm.assume sorted_clauses) 
20440
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

363 
(* [c_1 && ... && c_n]  c_1 && ... && c_n *) 
21267  364 
val cnf_cterm = cprop_of clauses_thm 
20440
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

365 
val cnf_thm = Thm.assume cnf_cterm 
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

366 
(* [[c_1 && ... && c_n]  c_1, ..., [c_1 && ... && c_n]  c_n] *) 
23533  367 
val cnf_clauses = Conjunction.elim_balanced (length sorted_clauses) cnf_thm 
20278
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

368 
(* initialize the clause array with the given clauses *) 
20440
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

369 
val max_idx = valOf (Inttab.max_key clause_table) 
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

370 
val clause_arr = Array.array (max_idx + 1, NO_CLAUSE) 
21267  371 
val _ = fold (fn thm => fn idx => (Array.update (clause_arr, idx, ORIG_CLAUSE thm); idx+1)) cnf_clauses 0 
19236
150e8b0fb991
clauses now use (meta)hyps instead of (meta)implications; significant speedup
webertj
parents:
17843
diff
changeset

372 
(* replay the proof to derive the empty clause *) 
20440
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

373 
(* [c_1 && ... && c_n]  False *) 
21268  374 
val raw_thm = replay_proof atom_table clause_arr (clause_table, empty_id) 
17842
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

375 
in 
20440
e6fe74eebda3
faster clause representation (again): full CNF formula as a hypothesis, instead of separate clauses
webertj
parents:
20371
diff
changeset

376 
(* [c_1, ..., c_n]  False *) 
21267  377 
Thm.implies_elim (Thm.implies_intr cnf_cterm raw_thm) clauses_thm 
17842
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

378 
end) 
17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

379 
 SatSolver.UNSATISFIABLE NONE => 
17842
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

380 
if !quick_and_dirty then ( 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

381 
warning "SAT solver claims the formula to be unsatisfiable, but did not provide a proof"; 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

382 
make_quick_and_dirty_thm () 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

383 
) else 
e661a78472f0
no proof reconstruction when quick_and_dirty is set
webertj
parents:
17809
diff
changeset

384 
raise THM ("SAT solver claims the formula to be unsatisfiable, but did not provide a proof", 0, []) 
17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

385 
 SatSolver.SATISFIABLE assignment => 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

386 
let 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

387 
val msg = "SAT solver found a countermodel:\n" 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

388 
^ (commas 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

389 
o map (fn (term, idx) => 
26939
1035c89b4c02
moved global pretty/string_of functions from Sign to Syntax;
wenzelm
parents:
26931
diff
changeset

390 
Syntax.string_of_term_global (the_context ()) term ^ ": " 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

391 
^ (case assignment idx of NONE => "arbitrary"  SOME true => "true"  SOME false => "false"))) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

392 
(Termtab.dest atom_table) 
17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

393 
in 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

394 
raise THM (msg, 0, []) 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

395 
end 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

396 
 SatSolver.UNKNOWN => 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

397 
raise THM ("SAT solver failed to decide the formula", 0, []) 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

398 
end; 
17618  399 

17622
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

400 
(*  *) 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

401 
(* Tactics *) 
5d03a69481b6
code reformatted and restructured, many minor modifications
webertj
parents:
17618
diff
changeset

402 
(*  *) 
17618  403 

17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

404 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

405 
(* rawsat_tac: solves the ith subgoal of the proof state; this subgoal *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

406 
(* should be of the form *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

407 
(* [ c1; c2; ...; ck ] ==> False *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

408 
(* where each cj is a nonempty clause (i.e. a disjunction of literals) *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

409 
(* or "True" *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

410 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

411 

21267  412 
fun rawsat_tac i = METAHYPS (fn prems => rtac (rawsat_thm (map cprop_of prems)) 1) i; 
17618  413 

17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

414 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

415 
(* pre_cnf_tac: converts the ith subgoal *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

416 
(* [ A1 ; ... ; An ] ==> B *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

417 
(* to *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

418 
(* [ A1; ... ; An ; ~B ] ==> False *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

419 
(* (handling metalogical connectives in B properly before negating), *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

420 
(* then replaces metalogical connectives in the premises (i.e. "==>", *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

421 
(* "!!" and "==") by connectives of the HOL objectlogic (i.e. by *) 
19553
9d15911f1893
pre_cnf_tac: betaetanormalization restricted to the current subgoal
webertj
parents:
19534
diff
changeset

422 
(* ">", "!", and "="), then performs betaetanormalization on the *) 
9d15911f1893
pre_cnf_tac: betaetanormalization restricted to the current subgoal
webertj
parents:
19534
diff
changeset

423 
(* subgoal *) 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

424 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

425 

23533  426 
val pre_cnf_tac = 
427 
rtac ccontr THEN' 

23590
ad95084a5c63
renamed ObjectLogic.atomize_tac to ObjectLogic.atomize_prems_tac;
wenzelm
parents:
23533
diff
changeset

428 
ObjectLogic.atomize_prems_tac THEN' 
23533  429 
CONVERSION Drule.beta_eta_conversion; 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

430 

195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

431 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

432 
(* cnfsat_tac: checks if the empty clause "False" occurs among the premises; *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

433 
(* if not, eliminates conjunctions (i.e. each clause of the CNF formula *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

434 
(* becomes a separate premise), then applies 'rawsat_tac' to solve the *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

435 
(* subgoal *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

436 
(*  *) 
17697  437 

20278
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

438 
fun cnfsat_tac i = 
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

439 
(etac FalseE i) ORELSE (REPEAT_DETERM (etac conjE i) THEN rawsat_tac i); 
17618  440 

17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

441 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

442 
(* cnfxsat_tac: checks if the empty clause "False" occurs among the *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

443 
(* premises; if not, eliminates conjunctions (i.e. each clause of the *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

444 
(* CNF formula becomes a separate premise) and existential quantifiers, *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

445 
(* then applies 'rawsat_tac' to solve the subgoal *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

446 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

447 

20278
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

448 
fun cnfxsat_tac i = 
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

449 
(etac FalseE i) ORELSE 
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

450 
(REPEAT_DETERM (etac conjE i ORELSE etac exE i) THEN rawsat_tac i); 
17618  451 

17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

452 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

453 
(* sat_tac: tactic for calling an external SAT solver, taking as input an *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

454 
(* arbitrary formula. The input is translated to CNF, possibly causing *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

455 
(* an exponential blowup. *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

456 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

457 

20278
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

458 
fun sat_tac i = 
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

459 
pre_cnf_tac i THEN cnf.cnf_rewrite_tac i THEN cnfsat_tac i; 
17809
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

460 

195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

461 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

462 
(* satx_tac: tactic for calling an external SAT solver, taking as input an *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

463 
(* arbitrary formula. The input is translated to CNF, possibly *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

464 
(* introducing new literals. *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

465 
(*  *) 
195045659c06
Tactics sat and satx reimplemented, several improvements
webertj
parents:
17697
diff
changeset

466 

20278
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

467 
fun satx_tac i = 
28be10991666
proof reconstruction now uses its own data structure to manage hyps; should be both faster and more robust
webertj
parents:
20170
diff
changeset

468 
pre_cnf_tac i THEN cnf.cnfx_rewrite_tac i THEN cnfxsat_tac i; 
17618  469 

23533  470 
end; 