added imperative SAT checker; improved headers of example files; adopted IsaMakefile
(* Title: HOL/Imperative_HOL/ex/SatChecker.thy 
Author: Lukas Bulwahn, TU Muenchen 
*) 
header {* An efficient checker for proofs from a SAT solver *} 
theory SatChecker 
imports RBT_Impl Sorted_List "~~/src/HOL/Imperative_HOL/Imperative_HOL" 
begin 
section{* General settings and functions for our representation of clauses *} 
subsection{* Types for Literals, Clauses and ProofSteps *} 
text {* We encode Literals as integers and Clauses as sorted Lists. *} 
types ClauseId = nat 
types Lit = int 
types Clause = "Lit list" 
21 

23 
25 
28 
30 
32 

35 
37 
39 
41 
37717  121 
definition 
122 
array_ran :: "('a\<Colon>heap) option array \<Rightarrow> heap \<Rightarrow> 'a set" where 

123 
"array_ran a h = {e. Some e \<in> set (get_array a h)}" 

124 
 {*FIXME*} 

125 

129 
lemma array_ran_upd_array_Some: 

37719
shows "cl \<in> array_ran a h \<or> cl = b" 
132 
proof  

133 
have "set (get_array a h[i := Some b]) \<subseteq> insert (Some b) (set (get_array a h))" by (rule set_update_subset_insert) 

134 
with assms show ?thesis 

37719
271ecd4fb9f9
moved "open" operations from Heap.thy to Array.thy and Ref.thy
haftmann
parents:
37717
diff
changeset

135 
unfolding array_ran_def Array.change_def by fastsimp 
moved "open" operations from Heap.thy to Array.thy and Ref.thy
haftmann
parents:
37717
diff
changeset

139 
assumes "cl \<in> array_ran a (Array.change a i None h)" 
37717  140 
shows "cl \<in> array_ran a h" 
141 
proof  

142 
have "set (get_array a h[i := None]) \<subseteq> insert None (set (get_array a h))" by (rule set_update_subset_insert) 

143 
with assms show ?thesis 

37719
271ecd4fb9f9
moved "open" operations from Heap.thy to Array.thy and Ref.thy
haftmann
parents:
37717
diff
changeset

144 
unfolding array_ran_def Array.change_def by auto 
37717  145 
qed 
146 

362 
apply (elim crelE crel_if crel_return crel_raise) 
363 
apply (auto simp add: res_mem_no_heap) 
364 
by (elim crel_raise) auto 
365 

366 

367 
lemma res_thm'_no_heap: 
368 
assumes "crel (res_thm' l xs ys) h h' r" 
369 
shows "h = h'" 
370 
using assms 
371 
proof (induct xs ys arbitrary: r rule: res_thm'.induct) 
372 
case (1 l x xs y ys r) 
373 
thus ?thesis 
374 
unfolding res_thm'.simps 
375 
by (elim crelE crel_if crel_return) 
376 
(auto simp add: resolve1_no_heap resolve2_no_heap) 
377 
next 
378 
case (2 l ys r) 
379 
thus ?case 
380 
unfolding res_thm'.simps 
381 
by (elim crel_raise) auto 
382 
next 
383 
case (3 l v va r) 
384 
thus ?case 
385 
unfolding res_thm'.simps 
386 
by (elim crel_raise) auto 
387 
qed 
388 

389 

390 
lemma res_thm'_Inv2: 
391 
assumes res_thm: "crel (res_thm' l xs ys) h h' rcl" 
392 
assumes l_not_null: "l \<noteq> 0" 
393 
assumes ys: "correctClause r ys \<and> sorted ys \<and> distinct ys" 
394 
assumes xs: "correctClause r xs \<and> sorted xs \<and> distinct xs" 
395 
shows "correctClause r rcl \<and> sorted rcl \<and> distinct rcl" 
396 
proof  
397 
from res_thm'_Inv [OF res_thm] xs ys l_not_null show ?thesis 
398 
apply (auto simp add: sorted_remove1) 
399 
unfolding correctClause_def 
400 
apply (auto simp add: remove1_eq_remove) 
401 
prefer 2 
402 
apply (rule interpClause_resolvants) 
403 
apply simp_all 
404 
apply (insert compl_exists [of l]) 
405 
apply auto 
406 
apply (rule interpClause_resolvants) 
407 
apply simp_all 
408 
done 
409 
qed 
410 

411 
subsection {* res_thm and doProofStep *} 
412 

413 
definition get_clause :: "Clause option array \<Rightarrow> ClauseId \<Rightarrow> Clause Heap" 
414 
where 
415 
"get_clause a i = 
416 
(do c \<leftarrow> nth a i; 
417 
(case c of None \<Rightarrow> raise (''Clause not found'') 
418 
 Some x \<Rightarrow> return x) 
419 
done)" 
420 

421 

422 
fun res_thm2 :: "Clause option array \<Rightarrow> (Lit * ClauseId) \<Rightarrow> Clause \<Rightarrow> Clause Heap" 
423 
where 
424 
"res_thm2 a (l, j) cli = 
425 
( if l = 0 then raise(''Illegal literal'') 
426 
else 
427 
(do clj \<leftarrow> get_clause a j; 
428 
res_thm' l cli clj 
429 
done))" 
430 

37709  431 
primrec 
432 
foldM :: "('a \<Rightarrow> 'b \<Rightarrow> 'b Heap) \<Rightarrow> 'a list \<Rightarrow> 'b \<Rightarrow> 'b Heap" 

433 
where 

434 
"foldM f [] s = return s" 

435 
 "foldM f (x#xs) s = f x s \<guillemotright>= foldM f xs" 

436 

437 
fun doProofStep2 :: "Clause option array \<Rightarrow> ProofStep \<Rightarrow> Clause list \<Rightarrow> Clause list Heap" 
438 
where 
439 
"doProofStep2 a (Conflict saveTo (i, rs)) rcs = 
440 
(do 
441 
cli \<leftarrow> get_clause a i; 
442 
result \<leftarrow> foldM (res_thm2 a) rs cli; 
443 
upd saveTo (Some result) a; 
444 
return rcs 
445 
done)" 
446 
 "doProofStep2 a (Delete cid) rcs = (do upd cid None a; return rcs done)" 
447 
 "doProofStep2 a (Root cid clause) rcs = (do upd cid (Some (remdups (sort clause))) a; return (clause # rcs) done)" 
448 
 "doProofStep2 a (Xstep cid1 cid2) rcs = raise ''MiniSatChecked.doProofStep: Xstep constructor found.''" 
449 
 "doProofStep2 a (ProofDone b) rcs = raise ''MiniSatChecked.doProofStep: ProofDone constructor found.''" 
450 

451 
definition checker :: "nat \<Rightarrow> ProofStep list \<Rightarrow> nat \<Rightarrow> Clause list Heap" 
452 
where 
453 
"checker n p i = 
454 
(do 
455 
a \<leftarrow> Array.new n None; 
456 
rcs \<leftarrow> foldM (doProofStep2 a) p []; 
457 
ec \<leftarrow> Array.nth a i; 
458 
(if ec = Some [] then return rcs 
459 
else raise(''No empty clause'')) 
460 
done)" 
461 

462 
lemma res_thm2_Inv: 
463 
assumes res_thm: "crel (res_thm2 a (l, j) cli) h h' rs" 
464 
assumes correct_a: "correctArray r a h" 
465 
assumes correct_cli: "correctClause r cli \<and> sorted cli \<and> distinct cli" 
466 
shows "h = h' \<and> correctClause r rs \<and> sorted rs \<and> distinct rs" 
467 
proof  
468 
from res_thm have l_not_zero: "l \<noteq> 0" 
469 
by (auto elim: crel_raise) 
470 
{ 
471 
fix clj 
472 
let ?rs = "merge (remove l cli) (remove (compl l) clj)" 
473 
let ?rs' = "merge (remove (compl l) cli) (remove l clj)" 
474 
assume "h = h'" "Some clj = get_array a h' ! j" "j < Array.length a h'" 
475 
with correct_a have clj: "correctClause r clj" "sorted clj" "distinct clj" 
476 
unfolding correctArray_def by (auto intro: array_ranI) 
477 
with clj l_not_zero correct_cli 
478 
have "(l \<in> set cli \<and> compl l \<in> set clj 
479 
\<longrightarrow> correctClause r ?rs \<and> sorted ?rs \<and> distinct ?rs) \<and> 
480 
(compl l \<in> set cli \<and> l \<in> set clj 
481 
\<longrightarrow> correctClause r ?rs' \<and> sorted ?rs' \<and> distinct ?rs')" 
482 
apply (auto intro!: correctClause_resolvants) 
483 
apply (insert compl_exists [of l]) 
484 
by (auto intro!: correctClause_resolvants) 
485 
} 
486 
{ 
487 
fix v clj 
488 
assume "Some clj = get_array a h ! j" "j < Array.length a h" 
489 
with correct_a have clj: "correctClause r clj \<and> sorted clj \<and> distinct clj" 
490 
unfolding correctArray_def by (auto intro: array_ranI) 
491 
assume "crel (res_thm' l cli clj) h h' rs" 
492 
from res_thm'_no_heap[OF this] res_thm'_Inv2[OF this l_not_zero clj correct_cli] 
493 
have "h = h' \<and> correctClause r rs \<and> sorted rs \<and> distinct rs" by simp 
494 
} 
495 
with assms show ?thesis 
496 
unfolding res_thm2.simps get_clause_def 
497 
by (elim crelE crelE' crel_if crel_nth crel_raise crel_return crel_option_case) auto 
498 
qed 
499 

500 
lemma foldM_Inv2: 
501 
assumes "crel (foldM (res_thm2 a) rs cli) h h' rcl" 
502 
assumes correct_a: "correctArray r a h" 
503 
assumes correct_cli: "correctClause r cli \<and> sorted cli \<and> distinct cli" 
504 
shows "h = h' \<and> correctClause r rcl \<and> sorted rcl \<and> distinct rcl" 
505 
using assms 
506 
proof (induct rs arbitrary: h h' cli) 
507 
case Nil thus ?case 
508 
unfolding foldM.simps 
509 
by (elim crel_return) auto 
510 
next 
511 
case (Cons x xs) 
512 
{ 
513 
fix h1 ret 
514 
obtain l j where x_is: "x = (l, j)" by fastsimp 
515 
assume res_thm2: "crel (res_thm2 a x cli) h h1 ret" 
516 
with x_is have res_thm2': "crel (res_thm2 a (l, j) cli) h h1 ret" by simp 
517 
note step = res_thm2_Inv [OF res_thm2' Cons.prems(2) Cons.prems(3)] 
518 
from step have ret: "correctClause r ret \<and> sorted ret \<and> distinct ret" by simp 
519 
from step Cons.prems(2) have correct_a: "correctArray r a h1" by simp 
520 
assume foldM: "crel (foldM (res_thm2 a) xs ret) h1 h' rcl" 
521 
from step Cons.hyps [OF foldM correct_a ret] have 
522 
"h = h' \<and> correctClause r rcl \<and> sorted rcl \<and> distinct rcl" by auto 
523 
} 
524 
with Cons show ?case 
525 
unfolding foldM.simps 
526 
by (elim crelE) auto 
527 
qed 
528 

529 

530 
lemma step_correct2: 
531 
assumes crel: "crel (doProofStep2 a step rcs) h h' res" 
532 
assumes correctArray: "correctArray rcs a h" 
533 
shows "correctArray res a h'" 
534 
proof (cases "(a,step,rcs)" rule: doProofStep2.cases) 
535 
case (1 a saveTo i rs rcs) 
536 
with crel correctArray 
537 
show ?thesis 
538 
apply auto 
539 
apply (auto simp: get_clause_def elim!: crelE crel_nth) 
540 
apply (auto elim!: crelE crel_nth crel_option_case crel_raise 
541 
crel_return crel_upd) 
542 
apply (frule foldM_Inv2) 
543 
apply assumption 
544 
apply (simp add: correctArray_def) 
545 
apply (drule_tac x="y" in bspec) 
546 
apply (rule array_ranI[where i=i]) 
547 
by (auto intro: correctArray_update) 
548 
next 
549 
case (2 a cid rcs) 
550 
with crel correctArray 
551 
show ?thesis 
552 
by (auto simp: correctArray_def elim!: crelE crel_upd crel_return 
553 
dest: array_ran_upd_array_None) 
554 
next 
555 
case (3 a cid c rcs) 
556 
with crel correctArray 
557 
show ?thesis 
558 
apply (auto elim!: crelE crel_upd crel_return) 
559 
apply (auto simp: correctArray_def dest!: array_ran_upd_array_Some) 
560 
apply (auto intro: correctClause_mono) 
561 
by (auto simp: correctClause_def) 
562 
next 
563 
case 4 
564 
with crel correctArray 
565 
show ?thesis by (auto elim: crel_raise) 
566 
next 
567 
case 5 
568 
with crel correctArray 
569 
show ?thesis by (auto elim: crel_raise) 
570 
qed 
571 

572 

573 
theorem fold_steps_correct: 
574 
assumes "crel (foldM (doProofStep2 a) steps rcs) h h' res" 
575 
assumes "correctArray rcs a h" 
576 
shows "correctArray res a h'" 
577 
using assms 
578 
by (induct steps arbitrary: rcs h h' res) 
579 
(auto elim!: crelE crel_return dest:step_correct2) 
580 

581 
theorem checker_soundness: 
582 
assumes "crel (checker n p i) h h' cs" 
583 
shows "inconsistent cs" 
584 
using assms unfolding checker_def 
585 
apply (elim crelE crel_nth crel_if crel_return crel_raise crel_new_weak) 
586 
prefer 2 apply simp 
587 
apply auto 
588 
apply (drule fold_steps_correct) 
589 
apply (simp add: correctArray_def array_ran_def) 
590 
apply (rule implies_empty_inconsistent) 
591 
apply (simp add:correctArray_def) 
592 
apply (drule bspec) 
593 
by (rule array_ranI, auto) 
594 

595 
section {* Functional version with Lists as Array *} 
596 

597 
subsection {* List specific definitions *} 
598 

599 
definition list_ran :: "'a option list \<Rightarrow> 'a set" 
600 
where 
601 
"list_ran xs = {e. Some e \<in> set xs }" 
602 

53992c639da5
603 
lemma list_ranI: "\<lbrakk> i < List.length xs; xs ! i = Some b \<rbrakk> \<Longrightarrow> b \<in> list_ran xs" 
604 
unfolding list_ran_def by (drule sym, simp) 
605 

606 
lemma list_ran_update_Some: 
607 
"cl \<in> list_ran (xs[i := (Some b)]) \<Longrightarrow> cl \<in> list_ran xs \<or> cl = b" 
608 
proof  
609 
assume assms: "cl \<in> list_ran (xs[i := (Some b)])" 
610 
have "set (xs[i := Some b]) \<subseteq> insert (Some b) (set xs)" 
611 
by (simp only: set_update_subset_insert) 
612 
with assms have "Some cl \<in> insert (Some b) (set xs)" 
613 
unfolding list_ran_def by fastsimp 
614 
thus ?thesis 
615 
unfolding list_ran_def by auto 
616 
qed 
617 

618 
lemma list_ran_update_None: 
619 
"cl \<in> list_ran (xs[i := None]) \<Longrightarrow> cl \<in> list_ran xs" 
620 
proof  
621 
assume assms: "cl \<in> list_ran (xs[i := None])" 
622 
have "set (xs[i := None]) \<subseteq> insert None (set xs)" 
623 
by (simp only: set_update_subset_insert) 
624 
with assms show ?thesis 
625 
unfolding list_ran_def by auto 
626 
qed 
627 

628 
definition correctList :: "Clause list \<Rightarrow> Clause option list \<Rightarrow> bool" 
629 
where 
630 
"correctList rootcls xs = 
631 
(\<forall>cl \<in> list_ran xs. correctClause rootcls cl \<and> sorted cl \<and> distinct cl)" 
632 

53992c639da5
subsection {* Checker functions *} 
53992c639da5
53992c639da5
fun lres_thm :: "Clause option list \<Rightarrow> (Lit * ClauseId) \<Rightarrow> Clause \<Rightarrow> Clause Heap" 
53992c639da5
where 
53992c639da5
"lres_thm xs (l, j) cli = (if (j < List.length xs) then (case (xs ! j) of 
53992c639da5
None \<Rightarrow> raise (''MiniSatChecked.res_thm: No resolvant clause in thms array for Conflict step.'') 
53992c639da5
 Some clj \<Rightarrow> res_thm' l cli clj 
53992c639da5
) else raise ''Error'')" 
53992c639da5
53992c639da5
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
bulwahn
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
669 
fun tres_thm :: "(ClauseId, Clause) RBT_Impl.rbt \<Rightarrow> Lit \<times> ClauseId \<Rightarrow> Clause \<Rightarrow> Clause Heap" 
670 
where 
671 
"tres_thm t (l, j) cli = 
diff
changeset

parents:
diff
parents:
diff
parents:
diff
parents:
36098
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
bulwahn
b43b22f63665
theory RBT with abstract type of redblack trees backed by implementation RBT_Impl
(case (RBT_Impl.lookup t i) of 
36098
680 
None \<Rightarrow> raise (''MiniSatChecked.doProofStep: No starting clause in thms array for Conflict step.'') 
681 
 Some cli \<Rightarrow> (do 
682 
result \<leftarrow> foldM (tres_thm t) rs cli; 
683 
return ((RBT_Impl.insert saveTo result t), rcl) 
684 
done))" 
685 
 "tdoProofStep (Delete cid) (t, rcl) = return ((RBT_Impl.delete cid t), rcl)" 
686 
 "tdoProofStep (Root cid clause) (t, rcl) = return (RBT_Impl.insert cid (sort clause) t, (remdups(sort clause)) # rcl)" 
687 
 "tdoProofStep (Xstep cid1 cid2) (t, rcl) = raise ''MiniSatChecked.doProofStep: Xstep constructor found.''" 
688 
 "tdoProofStep (ProofDone b) (t, rcl) = raise ''MiniSatChecked.doProofStep: ProofDone constructor found.''" 
689 

53992c639da5
definition tchecker :: "nat \<Rightarrow> ProofStep list \<Rightarrow> nat \<Rightarrow> Clause list Heap" 
53992c639da5
where 
53992c639da5
"tchecker n p i = 
53992c639da5
(do 
36147
changeset

694 
695 
(if (RBT_Impl.lookup (fst rcs) i) = Some [] then return (snd rcs) 
696 
else raise(''No empty clause'')) 
697 
done)" 
698 

53992c639da5
section {* Code generation setup *} 
53992c639da5
53992c639da5
code_type ProofStep 
53992c639da5
(SML "MinisatProofStep.ProofStep") 
53992c639da5
53992c639da5
code_const ProofDone and Root and Conflict and Delete and Xstep 
53992c639da5
(SML "MinisatProofStep.ProofDone" and "MinisatProofStep.Root ((_),/ (_))" and "MinisatProofStep.Conflict ((_),/ (_))" and "MinisatProofStep.Delete" and "MinisatProofStep.Xstep ((_),/ (_))") 
53992c639da5
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
53992c639da5
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
added imperative SAT checker; improved headers of example files; adopted IsaMakefile
711 
end 