diff --git a/thys/Ordered_Resolution_Prover/Inference_System.thy b/thys/Ordered_Resolution_Prover/Inference_System.thy --- a/thys/Ordered_Resolution_Prover/Inference_System.thy +++ b/thys/Ordered_Resolution_Prover/Inference_System.thy @@ -1,295 +1,291 @@ (* Title: Refutational Inference Systems Author: Jasmin Blanchette , 2014, 2017 Author: Dmitriy Traytel , 2014 Author: Anders Schlichtkrull , 2017 Maintainer: Anders Schlichtkrull *) section \Refutational Inference Systems\ theory Inference_System imports Herbrand_Interpretation begin text \ This theory gathers results from Section 2.4 (``Refutational Theorem Proving''), 3 (``Standard Resolution''), and 4.2 (``Counterexample-Reducing Inference Systems'') of Bachmair and Ganzinger's chapter. \ subsection \Preliminaries\ text \ Inferences have one distinguished main premise, any number of side premises, and a conclusion. \ datatype 'a inference = Infer (side_prems_of: "'a clause multiset") (main_prem_of: "'a clause") (concl_of: "'a clause") abbreviation prems_of :: "'a inference \ 'a clause multiset" where "prems_of \ \ side_prems_of \ + {#main_prem_of \#}" abbreviation concls_of :: "'a inference set \ 'a clause set" where "concls_of \ \ concl_of ` \" -(* FIXME: make an abbreviation *) definition infer_from :: "'a clause set \ 'a inference \ bool" where "infer_from CC \ \ set_mset (prems_of \) \ CC" locale inference_system = fixes \ :: "'a inference set" begin definition inferences_from :: "'a clause set \ 'a inference set" where "inferences_from CC = {\. \ \ \ \ infer_from CC \}" definition inferences_between :: "'a clause set \ 'a clause \ 'a inference set" where "inferences_between CC C = {\. \ \ \ \ infer_from (CC \ {C}) \ \ C \# prems_of \}" lemma inferences_from_mono: "CC \ DD \ inferences_from CC \ inferences_from DD" unfolding inferences_from_def infer_from_def by fast definition saturated :: "'a clause set \ bool" where "saturated N \ concls_of (inferences_from N) \ N" lemma saturatedD: assumes satur: "saturated N" and inf: "Infer CC D E \ \" and cc_subs_n: "set_mset CC \ N" and d_in_n: "D \ N" shows "E \ N" proof - have "Infer CC D E \ inferences_from N" unfolding inferences_from_def infer_from_def using inf cc_subs_n d_in_n by simp then have "E \ concls_of (inferences_from N)" unfolding image_iff by (metis inference.sel(3)) then show "E \ N" using satur unfolding saturated_def by blast qed end text \ Satisfiability preservation is a weaker requirement than soundness. \ locale sat_preserving_inference_system = inference_system + assumes \_sat_preserving: "satisfiable N \ satisfiable (N \ concls_of (inferences_from N))" locale sound_inference_system = inference_system + assumes \_sound: "Infer CC D E \ \ \ I \m CC \ I \ D \ I \ E" begin lemma \_sat_preserving: assumes sat_n: "satisfiable N" shows "satisfiable (N \ concls_of (inferences_from N))" proof - obtain I where i: "I \s N" using sat_n by blast then have "\CC D E. Infer CC D E \ \ \ set_mset CC \ N \ D \ N \ I \ E" using \_sound unfolding true_clss_def true_cls_mset_def by (simp add: subset_eq) then have "\\. \ \ \ \ infer_from N \ \ I \ concl_of \" unfolding infer_from_def by (case_tac \) clarsimp then have "I \s concls_of (inferences_from N)" unfolding inferences_from_def image_def true_clss_def infer_from_def by blast then have "I \s N \ concls_of (inferences_from N)" using i by simp then show ?thesis by blast qed sublocale sat_preserving_inference_system by unfold_locales (erule \_sat_preserving) end locale reductive_inference_system = inference_system \ for \ :: "('a :: wellorder) inference set" + assumes \_reductive: "\ \ \ \ concl_of \ < main_prem_of \" subsection \Refutational Completeness\ text \ Refutational completeness can be established once and for all for counterexample-reducing inference systems. The material formalized here draws from both the general framework of Section 4.2 and the concrete instances of Section 3. \ locale counterex_reducing_inference_system = inference_system \ for \ :: "('a :: wellorder) inference set" + fixes I_of :: "'a clause set \ 'a interp" assumes \_counterex_reducing: "{#} \ N \ D \ N \ \ I_of N \ D \ (\C. C \ N \ \ I_of N \ C \ D \ C) \ \CC E. set_mset CC \ N \ I_of N \m CC \ Infer CC D E \ \ \ \ I_of N \ E \ E < D" begin lemma ex_min_counterex: fixes N :: "('a :: wellorder) clause set" assumes "\ I \s N" shows "\C \ N. \ I \ C \ (\D \ N. D < C \ I \ D)" proof - obtain C where "C \ N" and "\ I \ C" using assms unfolding true_clss_def by auto then have c_in: "C \ {C \ N. \ I \ C}" by blast show ?thesis using wf_eq_minimal[THEN iffD1, rule_format, OF wf_less_multiset c_in] by blast qed (* Theorem 4.4 (generalizes Theorems 3.9 and 3.16) *) theorem saturated_model: assumes satur: "saturated N" and ec_ni_n: "{#} \ N" shows "I_of N \s N" proof - - have ec_ni_n: "{#} \ N" - using ec_ni_n by auto - { assume "\ I_of N \s N" then obtain D where d_in_n: "D \ N" and d_cex: "\ I_of N \ D" and d_min: "\C. C \ N \ C < D \ I_of N \ C" by (meson ex_min_counterex) then obtain CC E where cc_subs_n: "set_mset CC \ N" and inf_e: "Infer CC D E \ \" and e_cex: "\ I_of N \ E" and e_lt_d: "E < D" using \_counterex_reducing[OF ec_ni_n] not_less by metis from cc_subs_n inf_e have "E \ N" using d_in_n satur by (blast dest: saturatedD) then have False using e_cex e_lt_d d_min not_less by blast } then show ?thesis by satx qed text \ Cf. Corollary 3.10: \ corollary saturated_complete: "saturated N \ \ satisfiable N \ {#} \ N" using saturated_model by blast end subsection \Compactness\ text \ Bachmair and Ganzinger claim that compactness follows from refutational completeness but leave the proof to the readers' imagination. Our proof relies on an inductive definition of saturation in terms of a base set of clauses. \ context inference_system begin inductive_set saturate :: "'a clause set \ 'a clause set" for CC :: "'a clause set" where base: "C \ CC \ C \ saturate CC" | step: "Infer CC' D E \ \ \ (\C'. C' \# CC' \ C' \ saturate CC) \ D \ saturate CC \ E \ saturate CC" lemma saturate_mono: "C \ saturate CC \ CC \ DD \ C \ saturate DD" by (induct rule: saturate.induct) (auto intro: saturate.intros) lemma saturated_saturate[simp, intro]: "saturated (saturate N)" unfolding saturated_def inferences_from_def infer_from_def image_def by clarify (rename_tac x, case_tac x, auto elim!: saturate.step) lemma saturate_finite: "C \ saturate CC \ \DD. DD \ CC \ finite DD \ C \ saturate DD" proof (induct rule: saturate.induct) case (base C) then have "{C} \ CC" and "finite {C}" and "C \ saturate {C}" by (auto intro: saturate.intros) then show ?case by blast next case (step CC' D E) obtain DD_of where "\C. C \# CC' \ DD_of C \ CC \ finite (DD_of C) \ C \ saturate (DD_of C)" using step(3) by metis then have "(\C \ set_mset CC'. DD_of C) \ CC" "finite (\C \ set_mset CC'. DD_of C) \ set_mset CC' \ saturate (\C \ set_mset CC'. DD_of C)" by (auto intro: saturate_mono) then obtain DD where d_sub: "DD \ CC" and d_fin: "finite DD" and in_sat_d: "set_mset CC' \ saturate DD" by blast obtain EE where e_sub: "EE \ CC" and e_fin: "finite EE" and in_sat_ee: "D \ saturate EE" using step(5) by blast have "DD \ EE \ CC" using d_sub e_sub step(1) by fast moreover have "finite (DD \ EE)" using d_fin e_fin by fast moreover have "E \ saturate (DD \ EE)" using in_sat_d in_sat_ee step.hyps(1) by (blast intro: inference_system.saturate.step saturate_mono) ultimately show ?case by blast qed end context sound_inference_system begin theorem saturate_sound: "C \ saturate CC \ I \s CC \ I \ C" by (induct rule: saturate.induct) (auto simp: true_cls_mset_def true_clss_def \_sound) end context sat_preserving_inference_system begin text \ This result surely holds, but we have yet to prove it. The challenge is: Every time a new clause is introduced, we also get a new interpretation (by the definition of \sat_preserving_inference_system\). But the interpretation we want here is then the one that exists "at the limit". Maybe we can use compactness to prove it. \ theorem saturate_sat_preserving: "satisfiable CC \ satisfiable (saturate CC)" oops end locale sound_counterex_reducing_inference_system = counterex_reducing_inference_system + sound_inference_system begin text \ Compactness of clausal logic is stated as Theorem 3.12 for the case of unordered ground resolution. The proof below is a generalization to any sound counterexample-reducing inference system. The actual theorem will become available once the locale has been instantiated with a concrete inference system. \ theorem clausal_logic_compact: fixes N :: "('a :: wellorder) clause set" shows "\ satisfiable N \ (\DD \ N. finite DD \ \ satisfiable DD)" proof assume "\ satisfiable N" then have "{#} \ saturate N" using saturated_complete saturated_saturate saturate.base unfolding true_clss_def by meson then have "\DD \ N. finite DD \ {#} \ saturate DD" using saturate_finite by fastforce then show "\DD \ N. finite DD \ \ satisfiable DD" using saturate_sound by auto next assume "\DD \ N. finite DD \ \ satisfiable DD" then show "\ satisfiable N" by (blast intro: true_clss_mono) qed end end diff --git a/thys/Ordered_Resolution_Prover/Standard_Redundancy.thy b/thys/Ordered_Resolution_Prover/Standard_Redundancy.thy --- a/thys/Ordered_Resolution_Prover/Standard_Redundancy.thy +++ b/thys/Ordered_Resolution_Prover/Standard_Redundancy.thy @@ -1,339 +1,339 @@ (* Title: The Standard Redundancy Criterion Author: Jasmin Blanchette , 2014, 2017 Author: Dmitriy Traytel , 2014 Author: Anders Schlichtkrull , 2017 Maintainer: Anders Schlichtkrull *) section \The Standard Redundancy Criterion\ theory Standard_Redundancy imports Proving_Process begin text \ This material is based on Section 4.2.2 (``The Standard Redundancy Criterion'') of Bachmair and Ganzinger's chapter. \ locale standard_redundancy_criterion = inference_system \ for \ :: "('a :: wellorder) inference set" begin definition redundant_infer :: "'a clause set \ 'a inference \ bool" where "redundant_infer N \ \ (\DD. set_mset DD \ N \ (\I. I \m DD + side_prems_of \ \ I \ concl_of \) \ (\D. D \# DD \ D < main_prem_of \))" definition Rf :: "'a clause set \ 'a clause set" where "Rf N = {C. \DD. set_mset DD \ N \ (\I. I \m DD \ I \ C) \ (\D. D \# DD \ D < C)}" definition Ri :: "'a clause set \ 'a inference set" where "Ri N = {\ \ \. redundant_infer N \}" lemma tautology_Rf: assumes "Pos A \# C" assumes "Neg A \# C" shows "C \ Rf N" proof - have "set_mset {#} \ N \ (\I. I \m {#} \ I \ C) \ (\D. D \# {#} \ D < C)" using assms by auto then show "C \ Rf N" unfolding Rf_def by blast qed lemma tautology_redundant_infer: assumes pos: "Pos A \# concl_of \" and neg: "Neg A \# concl_of \" shows "redundant_infer N \" by (metis empty_iff empty_subsetI neg pos pos_neg_in_imp_true redundant_infer_def set_mset_empty) lemma contradiction_Rf: "{#} \ N \ Rf N = UNIV - {{#}}" unfolding Rf_def by force text \ The following results correspond to Lemma 4.5. The lemma \wlog_non_Rf\ generalizes the core of the argument. \ lemma Rf_mono: "N \ N' \ Rf N \ Rf N'" unfolding Rf_def by auto lemma wlog_non_Rf: assumes ex: "\DD. set_mset DD \ N \ (\I. I \m DD + CC \ I \ E) \ (\D'. D' \# DD \ D' < D)" shows "\DD. set_mset DD \ N - Rf N \ (\I. I \m DD + CC \ I \ E) \ (\D'. D' \# DD \ D' < D)" proof - from ex obtain DD0 where dd0: "DD0 \ {DD. set_mset DD \ N \ (\I. I \m DD + CC \ I \ E) \ (\D'. D' \# DD \ D' < D)}" by blast have "\DD. set_mset DD \ N \ (\I. I \m DD + CC \ I \ E) \ (\D'. D' \# DD \ D' < D) \ (\DD'. set_mset DD' \ N \ (\I. I \m DD' + CC \ I \ E) \ (\D'. D' \# DD' \ D' < D) \ DD \ DD')" using wf_eq_minimal[THEN iffD1, rule_format, OF wf_less_multiset dd0] unfolding not_le[symmetric] by blast then obtain DD where dd_subs_n: "set_mset DD \ N" and ddcc_imp_e: "\I. I \m DD + CC \ I \ E" and dd_lt_d: "\D'. D' \# DD \ D' < D" and d_min: "\DD'. set_mset DD' \ N \ (\I. I \m DD' + CC \ I \ E) \ (\D'. D' \# DD' \ D' < D) \ DD \ DD'" by blast have "\Da. Da \# DD \ Da \ Rf N" proof clarify fix Da assume da_in_dd: "Da \# DD" and da_rf: "Da \ Rf N" from da_rf obtain DD' where dd'_subs_n: "set_mset DD' \ N" and dd'_imp_da: "\I. I \m DD' \ I \ Da" and dd'_lt_da: "\D'. D' \# DD' \ D' < Da" unfolding Rf_def by blast define DDa where "DDa = DD - {#Da#} + DD'" have "set_mset DDa \ N" unfolding DDa_def using dd_subs_n dd'_subs_n by (meson contra_subsetD in_diffD subsetI union_iff) moreover have "\I. I \m DDa + CC \ I \ E" using dd'_imp_da ddcc_imp_e da_in_dd unfolding DDa_def true_cls_mset_def by (metis in_remove1_mset_neq union_iff) moreover have "\D'. D' \# DDa \ D' < D" using dd_lt_d dd'_lt_da da_in_dd unfolding DDa_def by (metis insert_DiffM2 order.strict_trans union_iff) moreover have "DDa < DD" unfolding DDa_def by (meson da_in_dd dd'_lt_da mset_lt_single_right_iff single_subset_iff union_le_diff_plus) ultimately show False using d_min unfolding less_eq_multiset_def by (auto intro!: antisym) qed then show ?thesis using dd_subs_n ddcc_imp_e dd_lt_d by auto qed lemma Rf_imp_ex_non_Rf: assumes "C \ Rf N" shows "\CC. set_mset CC \ N - Rf N \ (\I. I \m CC \ I \ C) \ (\C'. C' \# CC \ C' < C)" using assms by (auto simp: Rf_def intro: wlog_non_Rf[of _ "{#}", simplified]) lemma Rf_subs_Rf_diff_Rf: "Rf N \ Rf (N - Rf N)" proof fix C assume c_rf: "C \ Rf N" then obtain CC where cc_subs: "set_mset CC \ N - Rf N" and cc_imp_c: "\I. I \m CC \ I \ C" and cc_lt_c: "\C'. C' \# CC \ C' < C" using Rf_imp_ex_non_Rf by blast have "\D. D \# CC \ D \ Rf N" using cc_subs by (simp add: subset_iff) then have cc_nr: - "\C DD. C \# CC \ set_mset DD \ N \ \I. I \m DD \ I \ C \ \D. D \# DD \ ~ D < C" + "\C DD. C \# CC \ set_mset DD \ N \ \I. I \m DD \ I \ C \ \D. D \# DD \ \ D < C" unfolding Rf_def by auto metis have "set_mset CC \ N" using cc_subs by auto then have "set_mset CC \ N - {C. \DD. set_mset DD \ N \ (\I. I \m DD \ I \ C) \ (\D. D \# DD \ D < C)}" using cc_nr by auto then show "C \ Rf (N - Rf N)" using cc_imp_c cc_lt_c unfolding Rf_def by auto qed lemma Rf_eq_Rf_diff_Rf: "Rf N = Rf (N - Rf N)" by (metis Diff_subset Rf_mono Rf_subs_Rf_diff_Rf subset_antisym) text \ The following results correspond to Lemma 4.6. \ lemma Ri_mono: "N \ N' \ Ri N \ Ri N'" unfolding Ri_def redundant_infer_def by auto lemma Ri_subs_Ri_diff_Rf: "Ri N \ Ri (N - Rf N)" proof fix \ assume \_ri: "\ \ Ri N" then obtain CC D E where \: "\ = Infer CC D E" by (cases \) have cc: "CC = side_prems_of \" and d: "D = main_prem_of \" and e: "E = concl_of \" unfolding \ by simp_all obtain DD where "set_mset DD \ N" and "\I. I \m DD + CC \ I \ E" and "\C. C \# DD \ C < D" using \_ri unfolding Ri_def redundant_infer_def cc d e by blast then obtain DD' where "set_mset DD' \ N - Rf N" and "\I. I \m DD' + CC \ I \ E" and "\D'. D' \# DD' \ D' < D" using wlog_non_Rf by atomize_elim blast then show "\ \ Ri (N - Rf N)" using \_ri unfolding Ri_def redundant_infer_def d cc e by blast qed lemma Ri_eq_Ri_diff_Rf: "Ri N = Ri (N - Rf N)" by (metis Diff_subset Ri_mono Ri_subs_Ri_diff_Rf subset_antisym) lemma Ri_subset_\: "Ri N \ \" unfolding Ri_def by blast lemma Rf_indep: "N' \ Rf N \ Rf N \ Rf (N - N')" by (metis Diff_cancel Diff_eq_empty_iff Diff_mono Rf_eq_Rf_diff_Rf Rf_mono) lemma Ri_indep: "N' \ Rf N \ Ri N \ Ri (N - N')" by (metis Diff_mono Ri_eq_Ri_diff_Rf Ri_mono order_refl) lemma Rf_model: assumes "I \s N - Rf N" shows "I \s N" proof - have "I \s Rf (N - Rf N)" unfolding true_clss_def by (subst Rf_def, simp add: true_cls_mset_def, metis assms subset_eq true_clss_def) then have "I \s Rf N" using Rf_subs_Rf_diff_Rf true_clss_mono by blast then show ?thesis using assms by (metis Un_Diff_cancel true_clss_union) qed lemma Rf_sat: "satisfiable (N - Rf N) \ satisfiable N" by (metis Rf_model) text \ The following corresponds to Theorem 4.7: \ sublocale redundancy_criterion \ Rf Ri by unfold_locales (rule Ri_subset_\, (elim Rf_mono Ri_mono Rf_indep Ri_indep Rf_sat)+) end locale standard_redundancy_criterion_reductive = standard_redundancy_criterion + reductive_inference_system begin text \ The following corresponds to Theorem 4.8: \ lemma Ri_effective: assumes in_\: "\ \ \" and concl_of_in_n_un_rf_n: "concl_of \ \ N \ Rf N" shows "\ \ Ri N" proof - obtain CC D E where \: "\ = Infer CC D E" by (cases \) then have cc: "CC = side_prems_of \" and d: "D = main_prem_of \" and e: "E = concl_of \" unfolding \ by simp_all note e_in_n_un_rf_n = concl_of_in_n_un_rf_n[folded e] { assume "E \ N" moreover have "E < D" using \_reductive e d in_\ by auto ultimately have "set_mset {#E#} \ N" and "\I. I \m {#E#} + CC \ I \ E" and "\D'. D' \# {#E#} \ D' < D" by simp_all then have "redundant_infer N \" using redundant_infer_def cc d e by blast } moreover { assume "E \ Rf N" then obtain DD where dd_sset: "set_mset DD \ N" and dd_imp_e: "\I. I \m DD \ I \ E" and dd_lt_e: "\C'. C' \# DD \ C' < E" unfolding Rf_def by blast from dd_lt_e have "\Da. Da \# DD \ Da < D" using d e in_\ \_reductive less_trans by blast then have "redundant_infer N \" using redundant_infer_def dd_sset dd_imp_e cc d e by blast } ultimately show "\ \ Ri N" using in_\ e_in_n_un_rf_n unfolding Ri_def by blast qed sublocale effective_redundancy_criterion \ Rf Ri unfolding effective_redundancy_criterion_def by (intro conjI redundancy_criterion_axioms, unfold_locales, rule Ri_effective) lemma contradiction_Rf: "{#} \ N \ Ri N = \" unfolding Ri_def redundant_infer_def using \_reductive le_multiset_empty_right by (force intro: exI[of _ "{#{#}#}"] le_multiset_empty_left) end locale standard_redundancy_criterion_counterex_reducing = standard_redundancy_criterion + counterex_reducing_inference_system begin text \ The following result corresponds to Theorem 4.9. \ lemma saturated_upto_complete_if: assumes satur: "saturated_upto N" and unsat: "\ satisfiable N" shows "{#} \ N" proof (rule ccontr) assume ec_ni_n: "{#} \ N" define M where "M = N - Rf N" have ec_ni_m: "{#} \ M" unfolding M_def using ec_ni_n by fast have "I_of M \s M" proof (rule ccontr) assume "\ I_of M \s M" then obtain D where d_in_m: "D \ M" and d_cex: "\ I_of M \ D" and d_min: "\C. C \ M \ C < D \ I_of M \ C" using ex_min_counterex by meson then obtain \ CC E where \: "\ = Infer CC D E" and cc_subs_m: "set_mset CC \ M" and cc_true: "I_of M \m CC" and \_in: "\ \ \" and e_cex: "\ I_of M \ E" and e_lt_d: "E < D" using \_counterex_reducing[OF ec_ni_m] not_less by metis have cc: "CC = side_prems_of \" and d: "D = main_prem_of \" and e: "E = concl_of \" unfolding \ by simp_all have "\ \ Ri N" by (rule subsetD[OF satur[unfolded saturated_upto_def inferences_from_def infer_from_def]]) (simp add: \_in d_in_m cc_subs_m cc[symmetric] d[symmetric] M_def[symmetric]) then have "\ \ Ri M" unfolding M_def using Ri_indep by fast then obtain DD where dd_subs_m: "set_mset DD \ M" and dd_cc_imp_d: "\I. I \m DD + CC \ I \ E" and dd_lt_d: "\C. C \# DD \ C < D" unfolding Ri_def redundant_infer_def cc d e by blast from dd_subs_m dd_lt_d have "I_of M \m DD" using d_min unfolding true_cls_mset_def by (metis contra_subsetD) then have "I_of M \ E" using dd_cc_imp_d cc_true by auto then show False using e_cex by auto qed then have "I_of M \s N" using M_def Rf_model by blast then show False using unsat by blast qed theorem saturated_upto_complete: assumes "saturated_upto N" shows "\ satisfiable N \ {#} \ N" using assms saturated_upto_complete_if true_clss_def by auto end end