author  blanchet 
Tue, 24 Aug 2010 18:03:43 +0200  
changeset 38698  d19c3a7ce38b 
parent 38696  4c6b65d6a135 
child 38738  0ce517c1970f 
permissions  rwrr 
35826  1 
(* Title: HOL/Tools/Sledgehammer/sledgehammer_proof_reconstruct.ML 
38027  2 
Author: Lawrence C. Paulson, Cambridge University Computer Laboratory 
3 
Author: Claire Quigley, Cambridge University Computer Laboratory 

36392  4 
Author: Jasmin Blanchette, TU Muenchen 
5 

33310  6 
Transfer of proofs from external provers. 
7 
*) 

8 

35826  9 
signature SLEDGEHAMMER_PROOF_RECONSTRUCT = 
10 
sig 
11 
type minimize_command = string list > string 
12 

13 
val metis_proof_text: 
14 
bool * minimize_command * string * (string * bool) vector * thm * int 
15 
> string * (string * bool) list 
16 
val isar_proof_text: 
38040
174568533593
fix bug in the SPASS Flotter hack, when a conjecture FOF is translated to several CNF clauses
17 
string Symtab.table * bool * int * Proof.context * int list list 
18 
> bool * minimize_command * string * (string * bool) vector * thm * int 
19 
> string * (string * bool) list 
20 
val proof_text: 
21 
bool > string Symtab.table * bool * int * Proof.context * int list list 
22 
> bool * minimize_command * string * (string * bool) vector * thm * int 
23 
> string * (string * bool) list 
24 
end; 
25 

35826  26 
structure Sledgehammer_Proof_Reconstruct : SLEDGEHAMMER_PROOF_RECONSTRUCT = 
27 
struct 
28 

38028  29 
open ATP_Problem 
30 
open Metis_Clauses 
36478
31 
open Sledgehammer_Util 
32 
open Sledgehammer_Fact_Filter 
33 
open Sledgehammer_Translate 
34 

35 
type minimize_command = string list > string 
36 

38014  37 
(* Simple simplifications to ensure that sort annotations don't leave a trail of 
38 
spurious "True"s. *) 

39 
fun s_not @{const False} = @{const True} 

40 
 s_not @{const True} = @{const False} 

41 
 s_not (@{const Not} $ t) = t 

42 
 s_not t = @{const Not} $ t 

43 
fun s_conj (@{const True}, t2) = t2 

44 
 s_conj (t1, @{const True}) = t1 

45 
 s_conj p = HOLogic.mk_conj p 

46 
fun s_disj (@{const False}, t2) = t2 

47 
 s_disj (t1, @{const False}) = t1 

48 
 s_disj p = HOLogic.mk_disj p 

49 
fun s_imp (@{const True}, t2) = t2 

50 
 s_imp (t1, @{const False}) = s_not t1 

51 
 s_imp p = HOLogic.mk_imp p 

52 
fun s_iff (@{const True}, t2) = t2 

53 
 s_iff (t1, @{const True}) = t1 

54 
 s_iff (t1, t2) = HOLogic.eq_const HOLogic.boolT $ t1 $ t2 

55 

56 
fun mk_anot (AConn (ANot, [phi])) = phi 

57 
 mk_anot phi = AConn (ANot, [phi]) 

37991  58 
fun mk_aconn c (phi1, phi2) = AConn (c, [phi1, phi2]) 
59 

38066  60 
fun index_in_shape x = find_index (exists (curry (op =) x)) 
61 
fun is_axiom_number axiom_names num = 
62 
num > 0 andalso num <= Vector.length axiom_names andalso 
38698
d19c3a7ce38b
clean handling of whether a fact is chained or not;
blanchet
parents:
38696
diff
changeset

63 
fst (Vector.sub (axiom_names, num  1)) <> "" 
38085
cc44e887246c
avoid "clause" and "cnf" terminology where it no longer makes sense
blanchet
parents:
38066
diff
changeset

64 
fun is_conjecture_number conjecture_shape num = 
36570
9bebcb40599f
identify axioms/conjectures more reliably in ATP proofs (an empty dependency list doesn't always indicate an axiom or conjecture!)
blanchet
parents:
36567
diff
changeset

65 
index_in_shape num conjecture_shape >= 0 
36291
b4c2043cc96c
added Isar proof reconstruction support for SPASS  which means all provers can now yield Isar proofs;
blanchet
parents:
36288
diff
changeset

66 

37991  67 
fun negate_term (Const (@{const_name All}, T) $ Abs (s, T', t')) = 
68 
Const (@{const_name Ex}, T) $ Abs (s, T', negate_term t') 

69 
 negate_term (Const (@{const_name Ex}, T) $ Abs (s, T', t')) = 

70 
Const (@{const_name All}, T) $ Abs (s, T', negate_term t') 

71 
 negate_term (@{const "op >"} $ t1 $ t2) = 

72 
@{const "op &"} $ t1 $ negate_term t2 

73 
 negate_term (@{const "op &"} $ t1 $ t2) = 

74 
@{const "op "} $ negate_term t1 $ negate_term t2 

75 
 negate_term (@{const "op "} $ t1 $ t2) = 

76 
@{const "op &"} $ negate_term t1 $ negate_term t2 

77 
 negate_term (@{const Not} $ t) = t 

78 
 negate_term t = @{const Not} $ t 

79 

36491
6769f8eacaac
unskolemize formulas in proof reconstruction + detect newer SPASS versions to avoid truncating identifiers if not necessary (truncating confuses proof reconstruction)
blanchet
parents:
36488
diff
changeset

80 
datatype ('a, 'b, 'c, 'd, 'e) raw_step = 
6769f8eacaac
unskolemize formulas in proof reconstruction + detect newer SPASS versions to avoid truncating identifiers if not necessary (truncating confuses proof reconstruction)
blanchet
parents:
36488
diff
changeset

81 
Definition of 'a * 'b * 'c  
6769f8eacaac
unskolemize formulas in proof reconstruction + detect newer SPASS versions to avoid truncating identifiers if not necessary (truncating confuses proof reconstruction)
blanchet
parents:
36488
diff
changeset

82 
Inference of 'a * 'd * 'e list 
6769f8eacaac
unskolemize formulas in proof reconstruction + detect newer SPASS versions to avoid truncating identifiers if not necessary (truncating confuses proof reconstruction)
blanchet
parents:
36488
diff
changeset

83 

38035  84 
fun raw_step_number (Definition (num, _, _)) = num 
85 
 raw_step_number (Inference (num, _, _)) = num 

86 

38035  87 
(**** PARSING OF TSTP FORMAT ****) 
21978
72c21698a055
Contains old Tools/ATP/AtpCommunication.ML, plus proof reconstruction
paulson
parents:
diff
changeset

88 

72c21698a055
Contains old Tools/ATP/AtpCommunication.ML, plus proof reconstruction
paulson
parents:
diff
changeset

89 
(*Strings enclosed in single quotes, e.g. filenames*) 
37991  90 
val scan_quoted = $$ "'"  Scan.repeat (~$$ "'")  $$ "'" >> implode; 
21978
72c21698a055
Contains old Tools/ATP/AtpCommunication.ML, plus proof reconstruction
paulson
parents:
diff
changeset

91 

37991  92 
val scan_dollar_name = 
36548
a8a6d7172c8c
try out Vampire 11 and parse its output correctly;
blanchet
parents:
36492
diff
changeset

93 
Scan.repeat ($$ "$")  Symbol.scan_id >> (fn (ss, s) => implode ss ^ s) 
a8a6d7172c8c
try out Vampire 11 and parse its output correctly;
blanchet
parents:
36492
diff
changeset

94 

a8a6d7172c8c
try out Vampire 11 and parse its output correctly;
blanchet
parents:
36492
diff
changeset

95 
fun repair_name _ "$true" = "c_True" 
a8a6d7172c8c
try out Vampire 11 and parse its output correctly;
blanchet
parents:
36492
diff
changeset

96 
 repair_name _ "$false" = "c_False" 
38007  97 
 repair_name _ "$$e" = "c_equal" (* seen in Vampire proofs *) 
38035  98 
 repair_name _ "equal" = "c_equal" (* needed by SPASS? *) 
99 
 repair_name pool s = 

100 
case Symtab.lookup pool s of 

101 
SOME s' => s' 

102 
 NONE => 

103 
if String.isPrefix "sQ" s andalso String.isSuffix "_eqProxy" s then 

104 
"c_equal" (* seen in Vampire proofs *) 

105 
else 

106 
s 

36392  107 
(* Generalized firstorder terms, which include file names, numbers, etc. *) 
38035  108 
val parse_potential_integer = 
109 
(scan_dollar_name  scan_quoted) >> K NONE 

110 
 scan_integer >> SOME 

111 
fun parse_annotation x = 

112 
((parse_potential_integer ::: Scan.repeat ($$ " "  parse_potential_integer) 

38036  113 
>> map_filter I)  Scan.optional parse_annotation [] 
38035  114 
>> uncurry (union (op =)) 
115 
 $$ "("  parse_annotations  $$ ")" 

116 
 $$ "["  parse_annotations  $$ "]") x 

117 
and parse_annotations x = 

38036  118 
(Scan.optional (parse_annotation 
119 
::: Scan.repeat ($$ ","  parse_annotation)) [] 

38035  120 
>> (fn numss => fold (union (op =)) numss [])) x 
121 

122 
(* Vampire proof lines sometimes contain needless information such as "(0:3)", 

123 
which can be hard to disambiguate from function application in an LL(1) 

124 
parser. As a workaround, we extend the TPTP term syntax with such detritus 

125 
and ignore it. *) 

38066  126 
fun parse_vampire_detritus x = 
127 
(scan_integer  $$ ":"  scan_integer >> K []) x 

38035  128 

129 
fun parse_term pool x = 
135 
and parse_terms pool x = 
136 
(parse_term pool ::: Scan.repeat ($$ ","  parse_term pool)) x 
137 

38034  138 
139 
parse_term pool  Scan.option (Scan.option ($$ "!")  $$ "=" 
140 
 parse_term pool) 
mk_anot (AAtom (ATerm ("c_equal", [u1, u2])))) 
37991  145 

147 

37991  148 
153 
 $$ "["  parse_terms pool  $$ "]"  $$ ":" 

 Scan.option ((Scan.this_string "=>" >> K AImplies 
159 
164 
>> (fn (phi1, NONE) => phi1 

36486
c2d7e2dff59e
170 

38035  171 
172 
The <num> could be an identifier, but we assume integers. *) 
>> (fn (((num, role), phi), deps) => 
178 
38036  183 
 AAtom (ATerm ("c_equal", _)) => 
blanchet
parents:
187 

38035  188 
>> (fn ((num, phi), deps) => Inference (num, phi, deps)) 

194 

195 
(**** PARSING OF SPASS OUTPUT ****) 
196 

36392  197 
199 
val parse_dot_name = scan_integer  $$ "."  scan_integer 
200 

36392  201 
204 

36574  205 
209 

38034  210 
216 

36393
217 
fun parse_horn_clause pool = 
222 

36558
223 
(* Syntax: <num>[0:<inference><annotations>] 
225 
fun parse_spass_line pool = 
226 
scan_integer  $$ "["  $$ "0"  $$ ":"  Symbol.scan_id 
229 

38035  230 
232 
fun parse_lines pool = Scan.repeat1 (parse_line pool) 
233 
fun parse_proof pool = 
234 
fst o Scan.finite Symbol.stopper 
235 
(Scan.error (!! (fn _ => raise Fail "unrecognized ATP output") 
236 
(parse_lines pool))) 
237 
o explode o strip_spaces 
238 

72c21698a055
239 
(**** INTERPRETATION OF TSTP SYNTAX TREES ****) 
240 

37991  241 
242 
exception FORMULA of (string, string fo_term) formula list 
244 

36909
245 
(* Type variables are given the basic sort "HOL.type". Some will later be 
SOME b => Type (invert_const b, Ts) 

251 
256 
let val s = "'" ^ b in 

259 
 NONE => 
changeset

262 
parents:
diff
283 
fun subscript_name s n = s ^ nat_subscript n 
in 
c2d7e2dff59e
286 
case space_explode "_" s of 
changeset

287 
diff
changeset

289 
subscript_name (String.implode cs1) 
290 
(the (Int.fromString (String.implode cs2))) 
291 
 (_, _) => s) 
292 
 [s1, s2] => (case Int.fromString s2 of 
293 
SOME n => subscript_name s1 n 
294 
 NONE => s) 
295 
 _ => s 
296 
end 
297 

36909
298 
(* Firstorder translation. No types are known for variables. "HOLogic.typeT" 
301 
let 
302 
fun aux opt_T extra_us u = 
303 
case u of 
307 
if a = type_wrapper_name then 
308 
case us of 
309 
[typ_u, term_u] => 
313 
SOME "equal" => 
314 
list_comb (Const (@{const_name "op ="}, HOLogic.typeT), 
315 
map (aux NONE []) us) 
316 
 SOME b => 
317 
let 
318 
val c = invert_const b 
319 
val num_type_args = num_type_args thy c 
321 
chop (if full_types then 0 else num_type_args) us 
322 
(* Extra args from "hAPP" come after any arguments given directly to 
323 
the constant. *) 
324 
val term_ts = map (aux NONE []) term_us 
325 
val extra_ts = map (aux NONE []) extra_us 
326 
val t = 
327 
Const (c, if full_types then 
328 
case opt_T of 
331 
if num_type_args = 0 then 
332 
Sign.const_instance thy (c, []) 
333 
else 
334 
raise Fail ("no type information for " ^ quote c) 
335 
else 
338 
in list_comb (t, term_ts @ extra_ts) end 
changeset

339 
340 
let 
342 
val T = map fastype_of ts > HOLogic.typeT 
343 
val t = 
changeset

346 
348 
SOME b => Var ((b, 0), T) 
349 
 NONE => 
350 
if is_tptp_variable a then 
352 
else 
355 
in list_comb (t, ts) end 
357 

38014  358 
1b20805974c7
introduced direct proof reconstruction code, eliminating the need for the "neg_clausify" method;
364 

36555
changeset

365 
366 
[(@{const_name COMBI}, @{thm COMBI_def_raw}), 
367 
(@{const_name COMBK}, @{thm COMBK_def_raw}), 
368 
(@{const_name COMBB}, @{thm COMBB_def_raw}), 
369 
(@{const_name COMBC}, @{thm COMBC_def_raw}), 
370 
(@{const_name COMBS}, @{thm COMBS_def_raw})] 
371 

8ff45c2076da
372 
fun uncombine_term (t1 $ t2) = betapply (pairself uncombine_term (t1, t2)) 
373 
 uncombine_term (Abs (s, T, t')) = Abs (s, T, uncombine_term t') 
374 
 uncombine_term (t as Const (x as (s, _))) = 
375 
(case AList.lookup (op =) combinator_table s of 
377 
 NONE => t) 
378 
 uncombine_term t = t 
379 

37991  380 
383 
let 
395 

396 
430 
fun check_formula ctxt = 
432 
#> Syntax.check_term (ProofContext.set_mode ProofContext.mode_schematic ctxt) 
433 

72c21698a055
435 
(**** Translation of TSTP files to Isar Proofs ****) 
436 

36486
437 
fun unvarify_term (Var ((s, 0), T)) = Free (s, T) 
438 
 unvarify_term t = raise TERM ("unvarify_term: nonVar", [t]) 
439 

37991  440 
let 
37991  442 
445 
val frees = map unvarify_term vars 
446 
val unvarify_args = subst_atomic (vars ~~ frees) 
450 
> unvarify_args > uncombine_term > check_formula ctxt 
451 
> HOLogic.dest_eq 
452 
in 
455 
end 
467 

38035  468 
479 

38085
480 
(* Discard axioms; consolidate adjacent lines that prove the same formula, since 
481 
they differ only in type information.*) 
changeset

483 
484 
(* No dependencies: axiom, conjecture, or (for Vampire) internal axioms or 
485 
definitions. *) 
486 
if is_axiom_number axiom_names num then 
487 
(* Axioms are not proof lines. *) 
488 
if is_only_type_information t then 
489 
map (replace_deps_in_line (num, [])) lines 
490 
(* Is there a repetition? If so, replace later line by earlier one. *) 
492 
(_, []) => lines (*no repetition of proof line*) 
493 
 (pre, Inference (num', _, _) :: post) => 
494 
pre @ map (replace_deps_in_line (num', [num])) post 
495 
else if is_conjecture_number conjecture_shape num then 
500 
(* Type information will be deleted later; skip repetition test. *) 
501 
if is_only_type_information t then 
502 
Inference (num, t, deps) :: lines 
503 
(* Is there a repetition? If so, replace later line by earlier one. *) 
505 
(* FIXME: Doesn't this code risk conflating proofs involving different 
507 
(_, []) => Inference (num, t, deps) :: lines 
508 
 (pre, Inference (num', t', _) :: post) => 
509 
Inference (num, t', deps) :: 
510 
pre @ map (replace_deps_in_line (num', [num])) post 
511 

36486
512 
(* Recursively delete empty lines (type information) from the proof. *) 
513 
fun add_nontrivial_line (Inference (num, t, [])) lines = 
514 
if is_only_type_information t then delete_dep num lines 
515 
else Inference (num, t, []) :: lines 
516 
 add_nontrivial_line line lines = line :: lines 
518 
fold_rev add_nontrivial_line (map (replace_deps_in_line (num, [])) lines) [] 
519 

37323  520 
changeset

524 

changeset

525 
changeset

526 
527 
$ t1 $ t2)) = (t1 aconv t2) 
528 
 is_trivial_formula _ = false 
529 

37498
530 
fun add_desired_line _ _ _ _ (line as Definition (num, _, _)) (j, lines) = 
38282
319c59682c51
535 
if is_axiom_number axiom_names num orelse 
changeset

536 
changeset

537 
changeset

538 
changeset

539 
540 
not (is_trivial_formula t) andalso 
541 
(null lines orelse (* last line must be kept *) 
543 
Inference (num, t, deps) :: lines (* keep line *) 
545 
map (replace_deps_in_line (num, deps)) lines) (* drop line *) 
546 

36402
547 
(** EXTRACTING LEMMAS **) 
548 

38599  549 
parents:
38038
move Sledgehammer's HOL > FOL translation to separate file (sledgehammer_translate.ML)
blanchet
move Sledgehammer's HOL > FOL translation to separate file (sledgehammer_translate.ML)
blanchet
move Sledgehammer's HOL > FOL translation to separate file (sledgehammer_translate.ML)
blanchet
e2d546a07fa2
revive "e" and "remote_e"'s fact extraction so that it works with E 1.2 as well;
573 
end 
574 
val tokens_of = 
575 
String.tokens (fn c => not (Char.isAlphaNum c) andalso c <> #"_") 
38698
d19c3a7ce38b
582 
else 
583 
axiom_name_at_index num 
589 
(case List.last rest of "input" => axiom_name_at_index num  _ => NONE) 
changeset

590 
592 

34f080a12063
val indent_size = 2 
34f080a12063
594 
val no_label = ("", ~1) 
595 

34f080a12063
596 
val raw_prefix = "X" 
597 
val assum_prefix = "A" 
598 
val fact_prefix = "F" 
599 

34f080a12063
600 
fun string_for_label (s, num) = s ^ string_of_int num 
601 

34f080a12063
602 
fun metis_using [] = "" 
603 
 metis_using ls = 
changeset

604 
605 
fun metis_apply _ 1 = "by " 
606 
 metis_apply 1 _ = "apply " 
607 
 metis_apply i _ = "prefer " ^ string_of_int i ^ " apply " 
608 
fun metis_name full_types = if full_types then "metisFT" else "metis" 
609 
fun metis_call full_types [] = metis_name full_types 
610 
 metis_call full_types ss = 
611 
"(" ^ metis_name full_types ^ " " ^ space_implode " " ss ^ ")" 
fun metis_command full_types i n (ls, ss) = 
f6b1ee5b420b
613 
metis_using ls ^ metis_apply i n ^ metis_call full_types ss 
fun metis_line full_types i n ss = 
36063
615 
"Try this command: " ^ 
616 
Markup.markup Markup.sendback (metis_command full_types i n ([], ss)) ^ "." 
617 
fun minimize_line _ [] = "" 
618 
 minimize_line minimize_command ss = 
619 
case minimize_command ss of 
620 
"" => "" 
changeset

621 
"\nTo minimize the number of lemmas, try this: " ^ 
db482afec7f0
623 
Markup.markup Markup.sendback command ^ "." 
624 

38282
625 
fun used_facts axiom_names = 
38698
d19c3a7ce38b
627 
#> List.partition snd 
628 
#> pairself (sort_distinct (string_ord) o map fst) 
630 
fun metis_proof_text (full_types, minimize_command, atp_proof, axiom_names, 
36063
cdc6855a6387
632 
let 
633 
val (chained_lemmas, other_lemmas) = used_facts axiom_names atp_proof 
634 
val n = Logic.count_prems (prop_of goal) 
635 
in 
636 
(metis_line full_types i n other_lemmas ^ 
637 
minimize_line minimize_command (other_lemmas @ chained_lemmas), 
639 
end 
641 
(** Isar proof construction and manipulation **) 
643 
fun merge_fact_sets (ls1, ss1) (ls2, ss2) = 
644 
(union (op =) ls1 ls2, union (op =) ss1 ss2) 
646 
type label = string * int 
647 
type facts = label list * string list 
648 

1b20805974c7
datatype qualifier = Show  Then  Moreover  Ultimately 
36291
651 
datatype step = 
652 
Fix of (string * typ) list  
653 
Let of term * term  
654 
Assume of label * term  
655 
Have of qualifier list * label * term * byline 
656 
and byline = 
657 
ByMetis of facts  
658 
CaseSplit of step list list * facts 
659 

36574  660 
fun smart_case_split [] facts = ByMetis facts 
661 
 smart_case_split proofs facts = CaseSplit (proofs, facts) 

662 

663 
fun add_fact_from_dep axiom_names num = 
664 
if is_axiom_number axiom_names num then 
665 
apsnd (insert (op =) (fst (Vector.sub (axiom_names, num  1)))) 
666 
else 
667 
apfst (insert (op =) (raw_prefix, num)) 
668 

37998  669 
670 
fun forall_vars t = fold_rev forall_of (map Var (Term.add_vars t [])) t 
37498
672 
fun step_for_line _ _ (Definition (_, t1, t2)) = Let (t1, t2) 
673 
 step_for_line _ _ (Inference (num, t, [])) = Assume ((raw_prefix, num), t) 
674 
 step_for_line axiom_names j (Inference (num, t, deps)) = 
675 
Have (if j = 1 then [Show] else [], (raw_prefix, num), 
676 
forall_vars t, 
677 
ByMetis (fold (add_fact_from_dep axiom_names) deps ([], []))) 
678 

36967
679 
fun proof_from_atp_proof pool ctxt full_types tfrees isar_shrink_factor 
680 
atp_proof conjecture_shape axiom_names params frees = 
681 
let 
682 
val lines = 
684 
> parse_proof pool 
686 
> decode_lines ctxt full_types tfrees 
687 
> rpair [] > fold_rev (add_line conjecture_shape axiom_names) 
688 
> rpair [] > fold_rev add_nontrivial_line 
689 
> rpair (0, []) > fold_rev (add_desired_line isar_shrink_factor 
690 
conjecture_shape axiom_names frees) 
691 
> snd 
692 
in 
693 
(if null params then [] else [Fix params]) @ 
694 
map2 (step_for_line axiom_names) (length lines downto 1) lines 
695 
end 
696 

697 
(* When redirecting proofs, we keep information about the labels seen so far in 
698 
the "backpatches" data structure. The first component indicates which facts 
699 
should be associated with forthcoming proof steps. The second component is a 
700 
pair ("assum_ls", "drop_ls"), where "assum_ls" are the labels that should 
701 
become assumptions and "drop_ls" are the labels that should be dropped in a 
702 
case split. *) 
703 
type backpatches = (label * facts) list * (label list * label list) 
704 

36556
705 
fun used_labels_of_step (Have (_, _, _, by)) = 
706 
(case by of 
707 
ByMetis (ls, _) => ls 
708 
 CaseSplit (proofs, (ls, _)) => 
709 
fold (union (op =) o used_labels_of) proofs ls) 
710 
 used_labels_of_step _ = [] 
711 
and used_labels_of proof = fold (union (op =) o used_labels_of_step) proof [] 
712 

1b20805974c7
713 
fun new_labels_of_step (Fix _) = [] 
714 
 new_labels_of_step (Let _) = [] 
changeset

715 
changeset

716 
717 
val new_labels_of = maps new_labels_of_step 
718 

1b20805974c7
719 
val join_proofs = 
720 
let 
721 
fun aux _ [] = NONE 
722 
 aux proof_tail (proofs as (proof1 :: _)) = 
723 
if exists null proofs then 
724 
NONE 
725 
else if forall (curry (op =) (hd proof1) o hd) (tl proofs) then 
726 
aux (hd proof1 :: proof_tail) (map tl proofs) 
727 
else case hd proof1 of 
728 
Have ([], l, t, _) => (* FIXME: should we really ignore the "by"? *) 
729 
if forall (fn Have ([], l', t', _) :: _ => (l, t) = (l', t') 
730 
 _ => false) (tl proofs) andalso 
731 
not (exists (member (op =) (maps new_labels_of proofs)) 
732 
(used_labels_of proof_tail)) then 
733 
SOME (l, t, map rev proofs, proof_tail) 
734 
else 
735 
NONE 
736 
 _ => NONE 
737 
in aux [] o map rev end 
738 

1b20805974c7
739 
fun case_split_qualifiers proofs = 
740 
case length proofs of 
741 
0 => [] 
742 
 1 => [Then] 
743 
 _ => [Ultimately] 
744 

37991  745 
fun redirect_proof conjecture_shape hyp_ts concl_t proof = 
33310  746 
let 
747 
(* The first pass outputs those steps that are independent of the negated 
748 
conjecture. The second pass flips the proof by contradiction to obtain a 
749 
direct proof, introducing case splits when an inference depends on 
750 
several facts that depend on the negated conjecture. *) 
755 
val concl_ls = map (pair raw_prefix) (List.last conjecture_shape) 
756 
val canonicalize_labels = 
757 
map (fn l => if member (op =) concl_ls l then hd concl_ls else l) 
758 
#> distinct (op =) 
759 
fun first_pass ([], contra) = ([], contra) 
760 
 first_pass ((step as Fix _) :: proof, contra) = 
761 
first_pass (proof, contra) >> cons step 
762 
 first_pass ((step as Let _) :: proof, contra) = 
763 
first_pass (proof, contra) >> cons step 
764 
 first_pass ((step as Assume (l as (_, num), _)) :: proof, contra) = 
765 
if member (op =) concl_ls l then 
766 
first_pass (proof, contra > l = hd concl_ls ? cons step) 
767 
else 
768 
first_pass (proof, contra) >> cons (Assume (l, find_hyp num)) 
769 
 first_pass (Have (qs, l, t, ByMetis (ls, ss)) :: proof, contra) = 
770 
let 
771 
val ls = canonicalize_labels ls 
772 
val step = Have (qs, l, t, ByMetis (ls, ss)) 
773 
in 
774 
if exists (member (op =) (fst contra)) ls then 
775 
first_pass (proof, contra >> cons l > cons step) 
776 
else 
777 
first_pass (proof, contra) >> cons step 
778 
end 
779 
 first_pass _ = raise Fail "malformed proof" 
780 
val (proof_top, (contra_ls, contra_proof)) = 
781 
first_pass (proof, (concl_ls, [])) 
782 
val backpatch_label = the_default ([], []) oo AList.lookup (op =) o fst 
783 
fun backpatch_labels patches ls = 
784 
fold merge_fact_sets (map (backpatch_label patches) ls) ([], []) 
785 
fun second_pass end_qs ([], assums, patches) = 
786 
([Have (end_qs, no_label, concl_t, 
787 
ByMetis (backpatch_labels patches (map snd assums)))], patches) 
788 
 second_pass end_qs (Assume (l, t) :: proof, assums, patches) = 
789 
second_pass end_qs (proof, (t, l) :: assums, patches) 
790 
 second_pass end_qs (Have (qs, l, t, ByMetis (ls, ss)) :: proof, assums, 
791 
patches) = 
792 
if member (op =) (snd (snd patches)) l andalso 
793 
not (member (op =) (fst (snd patches)) l) andalso 
794 
not (AList.defined (op =) (fst patches) l) then 
795 
second_pass end_qs (proof, assums, patches > apsnd (append ls)) 
796 
else 
797 
(case List.partition (member (op =) contra_ls) ls of 
798 
([contra_l], co_ls) => 
799 
if member (op =) qs Show then 
800 
second_pass end_qs (proof, assums, 
801 
patches >> cons (contra_l, (co_ls, ss))) 
802 
else 
803 
second_pass end_qs 
804 
(proof, assums, 
805 
patches >> cons (contra_l, (l :: co_ls, ss))) 
806 
>> cons (if member (op =) (fst (snd patches)) l then 
808 
else 
810 
ByMetis (backpatch_label patches l))) 
811 
 (contra_ls as _ :: _, co_ls) => 
812 
let 
813 
val proofs = 
814 
map_filter 
815 
(fn l => 
816 
if member (op =) concl_ls l then 
817 
NONE 
818 
else 
819 
let 
820 
val drop_ls = filter (curry (op <>) l) contra_ls 
821 
in 
822 
second_pass [] 
823 
(proof, assums, 
824 
patches > apfst (insert (op =) l) 
825 
> apsnd (union (op =) drop_ls)) 
826 
> fst > SOME 
827 
end) contra_ls 
828 
val (assumes, facts) = 
829 
if member (op =) (fst (snd patches)) l then 
831 
else 
832 
([], (co_ls, ss)) 
833 
in 
834 
(case join_proofs proofs of 
835 
SOME (l, t, proofs, proof_tail) => 
836 
Have (case_split_qualifiers proofs @ 
837 
(if null proof_tail then end_qs else []), l, t, 
839 
 NONE => 
840 
[Have (case_split_qualifiers proofs @ end_qs, no_label, 
842 
patches) 
843 
>> append assumes 
844 
end 
846 
 second_pass _ _ = raise Fail "malformed proof" 
847 
val proof_bottom = 
848 
second_pass [Show] (contra_proof, [], ([], ([], []))) > fst 
849 
in proof_top @ proof_bottom end 
850 

38490  851 
(* FIXME: Still needed? Probably not. *) 
36402
852 
val kill_duplicate_assumptions_in_proof = 
853 
let 
854 
fun relabel_facts subst = 
855 
apfst (map (fn l => AList.lookup (op =) subst l > the_default l)) 
1b20805974c7
introduced direct proof reconstruction code, eliminating the need for the "neg_clausify" method;
858 
SOME l' => (proof, (l, l') :: subst, assums) 
859 
 NONE => (step :: proof, subst, (t, l) :: assums)) 
860 
 do_step (Have (qs, l, t, by)) (proof, subst, assums) = 
861 
(Have (qs, l, t, 
862 
case by of 
863 
ByMetis facts => ByMetis (relabel_facts subst facts) 
864 
 CaseSplit (proofs, facts) => 
865 
CaseSplit (map do_proof proofs, relabel_facts subst facts)) :: 
866 
proof, subst, assums) 
867 
 do_step step (proof, subst, assums) = (step :: proof, subst, assums) 
868 
and do_proof proof = fold do_step proof ([], [], []) > #1 > rev 
changeset

869 
870 

1b20805974c7
871 
val then_chain_proof = 
872 
let 
873 
fun aux _ [] = [] 
874 
 aux _ ((step as Assume (l, _)) :: proof) = step :: aux l proof 
875 
 aux l' (Have (qs, l, t, by) :: proof) = 
876 
(case by of 
877 
ByMetis (ls, ss) => 
878 
Have (if member (op =) ls l' then 
879 
(Then :: qs, l, t, 
880 
ByMetis (filter_out (curry (op =) l') ls, ss)) 
881 
else 
changeset

882 
changeset

883 
884 
Have (qs, l, t, CaseSplit (map (aux no_label) proofs, facts))) :: 
885 
aux l proof 
changeset

886 
changeset

887 
888 

1b20805974c7
889 
fun kill_useless_labels_in_proof proof = 
890 
let 
891 
val used_ls = used_labels_of proof 
892 
fun do_label l = if member (op =) used_ls l then l else no_label 
893 
fun do_step (Assume (l, t)) = Assume (do_label l, t) 
894 
 do_step (Have (qs, l, t, by)) = 
895 
Have (qs, do_label l, t, 
896 
case by of 
897 
CaseSplit (proofs, facts) => 
898 
CaseSplit (map (map do_step) proofs, facts) 
899 
 _ => by) 
changeset

900 
901 
in map do_step proof end 
902 

1b20805974c7
903 
fun prefix_for_depth n = replicate_string (n + 1) 
904 

1b20805974c7
905 
val relabel_proof = 
906 
let 
907 
fun aux _ _ _ [] = [] 
908 
 aux subst depth (next_assum, next_fact) (Assume (l, t) :: proof) = 
909 
if l = no_label then 
910 
Assume (l, t) :: aux subst depth (next_assum, next_fact) proof 
911 
else 
912 
let val l' = (prefix_for_depth depth assum_prefix, next_assum) in 
913 
Assume (l', t) :: 
914 
aux ((l, l') :: subst) depth (next_assum + 1, next_fact) proof 
915 
end 
916 
 aux subst depth (next_assum, next_fact) (Have (qs, l, t, by) :: proof) = 
917 
let 
918 
val (l', subst, next_fact) = 
919 
if l = no_label then 
920 
(l, subst, next_fact) 
921 
else 
922 
let 
923 
val l' = (prefix_for_depth depth fact_prefix, next_fact) 
924 
in (l', (l, l') :: subst, next_fact + 1) end 
925 
val relabel_facts = 
926 
apfst (map (fn l => 
927 
case AList.lookup (op =) subst l of 
928 
SOME l' => l' 
929 
 NONE => raise Fail ("unknown label " ^ 
930 
quote (string_for_label l)))) 
931 
val by = 
932 
case by of 
933 
ByMetis facts => ByMetis (relabel_facts facts) 
changeset

934 
935 
CaseSplit (map (aux subst (depth + 1) (1, 1)) proofs, 
936 
relabel_facts facts) 
937 
in 
938 
Have (qs, l', t, by) :: 
939 
aux subst depth (next_assum, next_fact) proof 
940 
end 
941 
 aux subst depth nextp (step :: proof) = 
942 
step :: aux subst depth nextp proof 
943 
in aux [] 0 (1, 1) end 
944 

37479
945 
fun string_for_proof ctxt full_types i n = 
946 
let 
947 
fun fix_print_mode f x = 
948 
setmp_CRITICAL show_no_free_types true 
949 
(setmp_CRITICAL show_types true 
950 
(Print_Mode.setmp (filter (curry (op =) Symbol.xsymbolsN) 
(print_mode_value ())) f)) x 
36402
952 
fun do_indent ind = replicate_string (ind * indent_size) " " 
953 
fun do_free (s, T) = 
954 
maybe_quote s ^ " :: " ^ 
955 
maybe_quote (fix_print_mode (Syntax.string_of_typ ctxt) T) 
956 
fun do_label l = if l = no_label then "" else string_for_label l ^ ": " 
957 
fun do_have qs = 
958 
(if member (op =) qs Moreover then "moreover " else "") ^ 
959 
(if member (op =) qs Ultimately then "ultimately " else "") ^ 
960 
(if member (op =) qs Then then 
961 
if member (op =) qs Show then "thus" else "hence" 
962 
else 
963 
if member (op =) qs Show then "show" else "have") 
964 
val do_term = maybe_quote o fix_print_mode (Syntax.string_of_term ctxt) 
965 
fun do_facts (ls, ss) = 
966 
metis_command full_types 1 1 
967 
(ls > sort_distinct (prod_ord string_ord int_ord), 
968 
ss > sort_distinct string_ord) 
969 
and do_step ind (Fix xs) = 
970 
do_indent ind ^ "fix " ^ space_implode " and " (map do_free xs) ^ "\n" 
971 
 do_step ind (Let (t1, t2)) = 
972 
do_indent ind ^ "let " ^ do_term t1 ^ " = " ^ do_term t2 ^ "\n" 
973 
 do_step ind (Assume (l, t)) = 
974 
do_indent ind ^ "assume " ^ do_label l ^ do_term t ^ "\n" 
changeset

975 
changeset

976 
introduced direct proof reconstruction code, eliminating the need for the "neg_clausify" method;
blanchet
introduced direct proof reconstruction code, eliminating the need for the "neg_clausify" method;
blanchet
982 
do_facts facts ^ "\n" 
changeset

983 
changeset

984 
changeset

985 
986 
String.extract (s, ind * indent_size, 
987 
SOME (size s  ind * indent_size  1)) ^ 
988 
suffix ^ "\n" 
989 
end 
990 
and do_block ind proof = do_steps "{ " " }" (ind + 1) proof 
991 
(* Onestep proofs are pointless; better use the Metis oneliner 
992 
directly. *) 
993 
and do_proof [Have (_, _, _, ByMetis _)] = "" 
994 
 do_proof proof = 
changeset

995 
changeset

996 
changeset

997 
changeset

999 
changeset

1001 
changeset

1002 
1003 
goal, i)) = 
changeset

1004 
1005 
val (params, hyp_ts, concl_t) = strip_subgoal goal i 
1006 
val frees = fold Term.add_frees (concl_t :: hyp_ts) [] 
1007 
val tfrees = fold Term.add_tfrees (concl_t :: hyp_ts) [] 
1008 
val n = Logic.count_prems (prop_of goal) 
1009 
val (one_line_proof, lemma_names) = metis_proof_text other_params 
1010 
fun isar_proof_for () = 
1011 
case proof_from_atp_proof pool ctxt full_types tfrees isar_shrink_factor 
1012 
atp_proof conjecture_shape axiom_names params 
1015 
> kill_duplicate_assumptions_in_proof 
1016 
> then_chain_proof 
1017 
> kill_useless_labels_in_proof 
1018 
> relabel_proof 
1019 
> string_for_proof ctxt full_types i n of 
1022 
val isar_proof = 
1023 
if debug then 
1024 
isar_proof_for () 
else 
25e69e93954d
1026 
try isar_proof_for () 
1028 
in (one_line_proof ^ isar_proof, lemma_names) end 
1029 

36557  1030 
fun proof_text isar_proof isar_params other_params = 
1031 
(if isar_proof then isar_proof_text isar_params else metis_proof_text) 

1032 
other_params 

36223
1033 

31038  1034 
end; 