Theory MLSSmf_to_MLSS_Soundness

theory MLSSmf_to_MLSS_Soundness
  imports MLSSmf_to_MLSS MLSSmf_Semantics Proper_Venn_Regions MLSSmf_HF_Extras
begin

locale satisfiable_normalized_MLSSmf_clause =
  normalized_MLSSmf_clause 𝒞 for 𝒞 :: "('v, 'f) MLSSmf_clause" +
    fixes M⇩v :: "'v ⇒ hf"
      and M⇩f :: "'f ⇒ hf ⇒ hf"
  assumes model_for_𝒞: "I⇩c⇩l M⇩v M⇩f 𝒞"
begin

interpretation proper_Venn_regions V M⇩v
  using finite_V by unfold_locales

function ℳ :: "('v, 'f) Composite ⇒ hf" where
  "ℳ (Solo x)  = M⇩v x"
| "ℳ (v⇘α⇙)    = proper_Venn_region α"
| "ℳ (UnionOfVennRegions xss) = ⨆HF ((ℳ ∘ VennRegion) ` set xss)"
| "ℳ (w⇘f⇙⇘l⇙) = (M⇩f f) (ℳ (UnionOfVennRegions (var_set_set_to_var_set_list l)))"
| "ℳ (UnionOfVars xs) = ⨆HF (M⇩v ` set xs)"
| "ℳ (InterOfVars xs) = ⨅HF (M⇩v ` set xs)"
| "ℳ (MemAux x) = HF {M⇩v x}"
| "ℳ (InterOfWAux f l m) = ℳ w⇘f⇙⇘l⇙ - ℳ w⇘f⇙⇘m⇙"
| "ℳ (InterOfVarsAux xs) = M⇩v (hd xs) - ℳ (InterOfVars (tl xs))"
  by pat_completeness auto
termination
  apply (relation "measure (λcomp. case comp of
                    InterOfVarsAux _ ⇒ Suc 0
                  | UnionOfVennRegions _ ⇒ Suc 0
                  | w⇘_⇙⇘_⇙ ⇒ Suc (Suc 0)
                  | InterOfWAux _ _ _ ⇒ Suc (Suc (Suc 0))
                  | _ ⇒ 0)")
       apply auto
  done

lemma soundness_restriction_on_InterOfVars:
  assumes "set xs ∈ P⇧+ V"
    shows "∀a ∈ restriction_on_InterOfVars xs. I⇩s⇩a ℳ a"
proof (induction xs rule: restriction_on_InterOfVars.induct)
  case (2 x)
  {fix a assume "a ∈ restriction_on_InterOfVars [x]"
    then have "a = Var (InterOfVars [x]) =⇩s Var (Solo x)" by simp
    then have "I⇩s⇩a ℳ a" by (simp add: HInter_singleton)
  }
  then show ?case by blast
next
  case (3 y x xs)
  {fix a assume "a ∈ restriction_on_InterOfVars (y # x # xs) - restriction_on_InterOfVars (x # xs)"
    then consider "a = Var (InterOfVarsAux (y # x # xs)) =⇩s Var (Solo y) -⇩s Var (InterOfVars (x # xs))"
                | "a = Var (InterOfVars (y # x # xs)) =⇩s Var (Solo y) -⇩s Var (InterOfVarsAux (y # x # xs))"
      by fastforce
    then have "I⇩s⇩a ℳ a"
    proof (cases)
      case 1
      then show ?thesis by simp
    next
      case 2
      have "⨅HF (insert (M⇩v y) (insert (M⇩v x) (M⇩v ` set xs))) =
            ⨅ (HF ((insert (M⇩v x) (M⇩v ` set xs))) ◃ M⇩v y)"
        using HF_insert_hinsert by auto
      also have "... = M⇩v y ⊓ ⨅HF (insert (M⇩v x) (M⇩v ` set xs))"
        by (simp add: HF_nonempty)
      also have "... = M⇩v y - (M⇩v y - ⨅HF (insert (M⇩v x) (M⇩v ` set xs)))"
        by blast
      finally show ?thesis using 2 by simp
    qed
  }
  with "3.IH" show ?case by blast
qed simp

lemma soundness_restriction_on_UnionOfVars:
  assumes "set xs ∈ Pow V"
    shows "∀a ∈ restriction_on_UnionOfVars xs. I⇩s⇩a ℳ a"
proof (induction xs rule: restriction_on_UnionOfVars.induct)
  case 1
  then show ?case by auto
next
  case (2 x xs)
  {fix a assume "a ∈ restriction_on_UnionOfVars (x # xs) - restriction_on_UnionOfVars xs"
    then have a: "a = Var (UnionOfVars (x # xs)) =⇩s Var (Solo x) ⊔⇩s Var (UnionOfVars xs)"
      by fastforce
    have "⨆HF (insert (M⇩v x) (M⇩v ` set xs)) = ⨆ (HF (M⇩v ` set xs) ◃ M⇩v x)"
      by (simp add: HF_insert_hinsert)
    also have "... = M⇩v x ⊔ ⨆HF (M⇩v ` set xs)" by auto
    finally have "I⇩s⇩a ℳ a"
      using a by simp
  }
  with "2.IH" show ?case by blast
qed

lemma soundness_introduce_v:
  "∀fml ∈ introduce_v. interp I⇩s⇩a ℳ fml"
proof -
  {fix α assume "α ∈ P⇧+ V"
    have "ℳ v⇘α⇙ = ⨅HF (M⇩v ` α) - ⨆HF (M⇩v ` (V - α))"
      by simp
    also have "... = ⨅HF ((ℳ ∘ Solo) ` α) - ⨆HF ((ℳ ∘ Solo) ` (V - α))"
      by simp
    finally have "I⇩s⇩a ℳ (restriction_on_v α)"
      apply (simp add: set_V_list)
      using ‹α ∈ P⇧+ V›
      by (metis Int_def inf.absorb2 mem_P_plus_subset set_diff_eq)
  }
  then have "∀α ∈ P⇧+ V. interp I⇩s⇩a ℳ (AT (restriction_on_v α))"
    by simp
  moreover
  from soundness_restriction_on_InterOfVars
  have "∀a ∈ (restriction_on_InterOfVars ∘ var_set_to_list) α. I⇩s⇩a ℳ a" if "α ∈ P⇧+ V" for α
    by (metis comp_apply mem_P_plus_subset set_var_set_to_list that)
  then have "∀lt ∈ AT ` ⋃ ((restriction_on_InterOfVars ∘ var_set_to_list) ` P⇧+ V). interp I⇩s⇩a ℳ lt"
    by fastforce
  moreover
  from soundness_restriction_on_UnionOfVars
  have "∀a ∈ (restriction_on_UnionOfVars ∘ var_set_to_list) α. I⇩s⇩a ℳ a" if "α ∈ Pow V" for α
    by (metis Pow_iff comp_apply set_var_set_to_list that)
  then have "∀lt ∈ AT ` ⋃ ((restriction_on_UnionOfVars ∘ var_set_to_list) ` Pow V). interp I⇩s⇩a ℳ lt"
    by fastforce
  ultimately
  show ?thesis
    unfolding introduce_v_def by blast
qed

lemma soundness_restriction_on_UnionOfVennRegions:
  assumes "set αs ∈ Pow (Pow V)"
    shows "∀a ∈ restriction_on_UnionOfVennRegions αs. I⇩s⇩a ℳ a"
proof (induction αs rule: restriction_on_UnionOfVennRegions.induct)
  case 1
  then show ?case by auto
next
  case (2 α αs)
  {fix a assume "a ∈ restriction_on_UnionOfVennRegions (α # αs) - restriction_on_UnionOfVennRegions αs"
    then have a: "a = Var (UnionOfVennRegions (α # αs)) =⇩s Var v⇘α⇙ ⊔⇩s Var (UnionOfVennRegions αs)"
      by fastforce
    have "⨆HF ((ℳ ∘ VennRegion) ` set (α # αs)) = ⨆HF (insert (ℳ v⇘α⇙) ((ℳ ∘ VennRegion) ` set αs))"
      by simp
    also have "... = ⨆ (HF ((ℳ ∘ VennRegion) ` set αs) ◃ ℳ v⇘α⇙)"
      by (simp add: HF_insert_hinsert)
    also have "... = ℳ v⇘α⇙ ⊔ ⨆HF ((ℳ ∘ VennRegion) ` set αs)"
      by blast
    finally have "I⇩s⇩a ℳ a" using a by simp
  }
  with "2.IH" show ?case by blast
qed

lemma soundness_introduce_UnionOfVennRegions:
  "∀lt ∈ introduce_UnionOfVennRegions. interp I⇩s⇩a ℳ lt"
proof
  fix lt assume "lt ∈ introduce_UnionOfVennRegions"
  then obtain αs where "αs ∈ set all_V_set_lists" "lt ∈ AT ` restriction_on_UnionOfVennRegions αs"
    unfolding introduce_UnionOfVennRegions_def by blast
  with soundness_restriction_on_UnionOfVennRegions
  show "interp I⇩s⇩a ℳ lt"
    using set_all_V_set_lists by fastforce
qed

lemma soundness_restriction_on_FunOfUnionOfVennRegions:
  assumes l'_l: "l' = var_set_set_to_var_set_list l"
      and m'_m: "m' = var_set_set_to_var_set_list m"
    shows "∃lt ∈ set (restriction_on_FunOfUnionOfVennRegions l' m' f). interp I⇩s⇩a ℳ lt"
proof (cases "ℳ (UnionOfVennRegions l') = ℳ (UnionOfVennRegions m')")
  case True
  then have "ℳ w⇘f⇙⇘l⇙ = ℳ w⇘f⇙⇘m⇙"
    using l'_l m'_m by auto
  then have "interp I⇩s⇩a ℳ (AT (Var w⇘f⇙⇘set l'⇙ =⇩s Var w⇘f⇙⇘set m'⇙))"
    using l'_l m'_m by auto
  then show ?thesis by simp
next
  case False
  then have "interp I⇩s⇩a ℳ (AF (Var (UnionOfVennRegions l') =⇩s Var (UnionOfVennRegions m')))"
    by fastforce
  then show ?thesis by simp
qed

lemma soundness_introduce_w:
  "∃clause ∈ introduce_w. ∀lt ∈ clause. interp I⇩s⇩a ℳ lt"
proof -
  let ?f = "λlts. if interp I⇩s⇩a ℳ (lts ! 0) then lts ! 0 else lts ! 1"
  let ?g = "λ(l, m, f). restriction_on_FunOfUnionOfVennRegions l m f"
  let ?xs = "List.product all_V_set_lists (List.product all_V_set_lists F_list)"
  have "∀(l', m', f) ∈ set ?xs. ?f (?g (l', m', f)) ∈ set (?g (l', m', f))"
    by fastforce
  with valid_choice[where ?f = ?f and ?g = ?g and ?xs = ?xs]
  have "map ?f (map ?g ?xs) ∈ set (choices_from_lists (map ?g ?xs))"
    by fast
  then have "set (map ?f (map ?g ?xs)) ∈ introduce_w"
    unfolding introduce_w_def
    using mem_set_map[where ?x = "map ?f (map ?g ?xs)" and ?f = set]
    by blast
  moreover
  have "{x ∈ set V_set_list. x ∈ set l'} = set l'" if "l' ∈ set all_V_set_lists" for l'
    using that set_V_set_list set_all_V_set_lists by auto
  then have "interp I⇩s⇩a ℳ (?f (restriction_on_FunOfUnionOfVennRegions l' m' f))"
    if "l' ∈ set all_V_set_lists" "m' ∈ set all_V_set_lists" for l' m' f
    using that by auto
  then have "∀lt ∈ set (map ?f (map ?g ?xs)). interp I⇩s⇩a ℳ lt"
    by force
  ultimately
  show ?thesis by blast
qed

lemma soundness_reduce_literal:
  assumes "lt ∈ set 𝒞"
    shows "∀fml ∈ reduce_literal lt. interp I⇩s⇩a ℳ fml"
proof -
  from norm_𝒞 ‹lt ∈ set 𝒞› have "norm_literal lt" by auto
  then show ?thesis
  proof (cases rule: norm_literal.cases)
    case (inc f)
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      then have "fml ∈ reduce_literal (AT⇩m (inc(f)))"
        using inc by blast
      then obtain l m where lm: "l ⊆ P⇧+ V" "m ⊆ P⇧+ V" "l ⊆ m"
                        and fml: "fml = AT (Var w⇘f⇙⇘m⇙ =⇩s Var w⇘f⇙⇘m⇙ ⊔⇩s Var w⇘f⇙⇘l⇙)"
        by auto
      from model_for_𝒞 ‹lt ∈ set 𝒞› inc have "I⇩a M⇩v M⇩f (inc(f))" by fastforce
      then have "∀s t. s ≤ t ⟶ (M⇩f f) s ≤ (M⇩f f) t" by simp
      moreover
      from lm have "⨆HF ((ℳ ∘ VennRegion) ` l) ≤ ⨆HF ((ℳ ∘ VennRegion) ` m)"
        by (metis HUnion_proper_Venn_region_inter ℳ.simps(2) comp_apply image_cong inf.absorb_iff2)
      ultimately
      have "M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l)) ≤ M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` m))"
        by blast
      then have "M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` m)) =
                 M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` m)) ⊔ M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l))"
        by blast
      with fml lm show "interp I⇩s⇩a ℳ fml"
        by (auto simp only: interp.simps I⇩s⇩a.simps I⇩s⇩t.simps ℳ.simps set_var_set_set_to_var_set_list)
    qed
  next
    case (dec f)
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      then have "fml ∈ reduce_literal (AT⇩m (dec(f)))"
        using dec by blast
      then obtain l m where lm: "l ⊆ P⇧+ V" "m ⊆ P⇧+ V" "l ⊆ m"
                        and fml: "fml = AT (Var w⇘f⇙⇘l⇙ =⇩s Var w⇘f⇙⇘l⇙ ⊔⇩s Var w⇘f⇙⇘m⇙)"
        by auto
      from model_for_𝒞 ‹lt ∈ set 𝒞› dec have "I⇩a M⇩v M⇩f (dec(f))" by fastforce
      then have "∀s t. s ≤ t ⟶ (M⇩f f) t ≤ (M⇩f f) s" by simp
      moreover
      from lm have "⨆HF ((ℳ ∘ VennRegion) ` l) ≤ ⨆HF ((ℳ ∘ VennRegion) ` m)"
        by (metis HUnion_proper_Venn_region_inter ℳ.simps(2) comp_apply image_cong inf.absorb_iff2)
      ultimately
      have "M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` m)) ≤ M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l))"
        by blast
      then have "M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l)) =
                 M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l)) ⊔ M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` m))"
        by blast
      with fml lm show "interp I⇩s⇩a ℳ fml"
        by (auto simp only: interp.simps I⇩s⇩a.simps I⇩s⇩t.simps ℳ.simps set_var_set_set_to_var_set_list)
    qed
  next
    case (add f)
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      then have "fml ∈ reduce_literal (AT⇩m (add(f)))"
        using add by blast
      then obtain l m where lm: "l ⊆ P⇧+ V" "m ⊆ P⇧+ V"
                        and fml: "fml = AT (Var w⇘f⇙⇘l∪m⇙ =⇩s Var w⇘f⇙⇘l⇙ ⊔⇩s Var w⇘f⇙⇘m⇙)"
        by auto
      from model_for_𝒞 ‹lt ∈ set 𝒞› add have "I⇩a M⇩v M⇩f (add(f))" by fastforce
      then have "∀s t. (M⇩f f) (s ⊔ t) = (M⇩f f) s ⊔ (M⇩f f) t" by simp
      moreover
      have "⨆HF ((ℳ ∘ VennRegion) ` (l ∪ m)) = ⨆HF ((ℳ ∘ VennRegion) ` l) ⊔ ⨆HF ((ℳ ∘ VennRegion) ` m)"
        using HUnion_proper_Venn_region_union ℳ.simps(2) lm(1) lm(2) by auto
      ultimately
      have "M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` (l ∪ m))) =
            M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l)) ⊔ M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` m))"
        by auto
      with fml lm show "interp I⇩s⇩a ℳ fml"
        using set_var_set_set_to_var_set_list
        apply (simp only: interp.simps I⇩s⇩a.simps I⇩s⇩t.simps ℳ.simps)
        by (metis le_sup_iff)
    qed
  next
    case (mul f)
    with model_for_𝒞 ‹lt ∈ set 𝒞› have "I⇩a M⇩v M⇩f (mul(f))" by fastforce
    then have f_mul: "∀s t. (M⇩f f) (s ⊓ t) = (M⇩f f) s ⊓ (M⇩f f) t" by simp
    have InterOfWAux: "I⇩s⇩a ℳ (Var (InterOfWAux f l m) =⇩s Var w⇘f⇙⇘l⇙ -⇩s Var w⇘f⇙⇘m⇙)" for l m
      by auto
    {fix l m assume "l ⊆ P⇧+ V" "m ⊆ P⇧+ V"
      then have "⨆HF ((ℳ ∘ VennRegion) ` (l ∩ m)) = ⨆HF ((ℳ ∘ VennRegion) ` l) ⊓ ⨆HF ((ℳ ∘ VennRegion) ` m)"
        using HUnion_proper_Venn_region_inter by force
      then have "ℳ (UnionOfVennRegions (var_set_set_to_var_set_list (l ∩ m))) =
                 ℳ (UnionOfVennRegions (var_set_set_to_var_set_list l)) ⊓
                 ℳ (UnionOfVennRegions (var_set_set_to_var_set_list m))"
        using set_var_set_set_to_var_set_list ‹l ⊆ P⇧+ V› ‹m ⊆ P⇧+ V›
        by (metis ℳ.simps(3) inf.absorb_iff2 inf_left_commute)
      with f_mul have "ℳ w⇘f⇙⇘l∩m⇙ = ℳ w⇘f⇙⇘l⇙ ⊓ ℳ w⇘f⇙⇘m⇙"
        by auto
      moreover
      from InterOfWAux have "ℳ (InterOfWAux f l m) = ℳ w⇘f⇙⇘l⇙ - ℳ w⇘f⇙⇘m⇙"
        by simp
      ultimately
      have "ℳ w⇘f⇙⇘l∩m⇙ = ℳ w⇘f⇙⇘l⇙ - ℳ (InterOfWAux f l m)"
        by auto
      then have "I⇩s⇩a ℳ (Var w⇘f⇙⇘l∩m⇙ =⇩s Var w⇘f⇙⇘l⇙ -⇩s Var (InterOfWAux f l m))"
        by auto
    }
    with InterOfWAux show ?thesis
      using mul by auto
  next
    case (le f g)
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      then have "fml ∈ reduce_literal (AT⇩m (f ≼⇩m g))"
        using le by blast
      then obtain l where l: "l ⊆ P⇧+ V"
                      and fml: "fml = AT (Var w⇘g⇙⇘l⇙ =⇩s Var w⇘g⇙⇘l⇙ ⊔⇩s Var w⇘f⇙⇘l⇙)"
        by auto
      from model_for_𝒞 ‹lt ∈ set 𝒞› le have "I⇩a M⇩v M⇩f (f ≼⇩m g)" by fastforce
      then have "∀s. (M⇩f f) s ≤ (M⇩f g) s" by simp
      then have "M⇩f f (⨆HF ((ℳ ∘ VennRegion) ` l)) ≤ M⇩f g (⨆HF ((ℳ ∘ VennRegion) ` l))"
        by auto
      with fml l show "interp I⇩s⇩a ℳ fml"
        using set_var_set_set_to_var_set_list
        by (auto simp only: interp.simps I⇩s⇩a.simps I⇩s⇩t.simps ℳ.simps)
    qed
  next
    case (eq_empty x n)
    with ‹lt ∈ set 𝒞› model_for_𝒞 have "M⇩v x = 0" by auto
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      with eq_empty have "fml = AT (Var (Solo x) =⇩s ∅ n)"
        by simp
      with ‹M⇩v x = 0› show "interp I⇩s⇩a ℳ fml" by auto
    qed
  next
    case (eq x y)
    with ‹lt ∈ set 𝒞› model_for_𝒞 have "M⇩v x = M⇩v y" by auto
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      with eq have "fml = AT (Var (Solo x) =⇩s Var (Solo y))"
        by simp
      with ‹M⇩v x = M⇩v y› show "interp I⇩s⇩a ℳ fml" by auto
    qed
  next
    case (neq x y)
    with ‹lt ∈ set 𝒞› model_for_𝒞 have "M⇩v x ≠ M⇩v y" by auto
    show ?thesis
    proof
      fix fml assume "fml ∈ reduce_literal lt"
      with neq have "fml = AF (Var (Solo x) =⇩s Var (Solo y))"
        by simp
      with ‹M⇩v x ≠ M⇩v y› show "interp I⇩s⇩a ℳ fml" by auto
    qed
  next
    case (union x y z)
    with ‹lt ∈ set 𝒞› model_for_𝒞 have "M⇩v x = M⇩v y ⊔ M⇩v z" by fastforce
    then have "interp I⇩s⇩a ℳ (AT (Var (Solo x) =⇩s Var (Solo y) ⊔⇩s Var (Solo z)))" by simp
    with union show ?thesis by auto
  next
    case (diff x y z)
    with ‹lt ∈ set 𝒞› model_for_𝒞 have "M⇩v x = M⇩v y - M⇩v z" by fastforce
    then have "interp I⇩s⇩a ℳ (AT (Var (Solo x) =⇩s Var (Solo y) -⇩s Var (Solo z)))" by simp
    with diff show ?thesis by auto
  next
    case (single x y)
    with ‹lt ∈ set 𝒞› model_for_𝒞 have "M⇩v x = HF {M⇩v y}" by fastforce
    then have "interp I⇩s⇩a ℳ (AT (Var (Solo x) =⇩s Single (Var (Solo y))))" by simp
    with single show ?thesis by auto
  next
    case (app x f y)
    with ‹lt ∈ set 𝒞› model_for_𝒞
    have "M⇩v x = (M⇩f f) (M⇩v y)" by fastforce
    moreover
    from app ‹lt ∈ set 𝒞› have "y ∈ V"
      unfolding V_def by force
    with variable_as_composition_of_proper_Venn_regions
    have "M⇩v y = ⨆HF (proper_Venn_region ` ℒ V y)"
      by presburger
    then have "M⇩v y = ⨆HF ((ℳ ∘ VennRegion) ` ℒ V y)"
      by simp
    ultimately
    have "ℳ (Solo x) = ℳ w⇘f⇙⇘ℒ V y⇙"
      using ℳ.simps set_var_set_set_to_var_set_list ℒ_subset_P_plus
      by metis
    with app show ?thesis by simp
  qed
qed

lemma soundness_reduce_cl:
  "∀fml ∈ reduce_clause. interp I⇩s⇩a ℳ fml"
  unfolding reduce_clause_def
  using soundness_reduce_literal
  by fastforce

lemma ℳ_is_model_for_reduced_dnf: "is_model_for_reduced_dnf ℳ"
  unfolding is_model_for_reduced_dnf_def
  unfolding reduced_dnf_def
  using soundness_introduce_v soundness_introduce_w soundness_introduce_UnionOfVennRegions soundness_reduce_cl
  by (metis (no_types, lifting) Un_iff imageI)

end

lemma MLSSmf_to_MLSS_soundness:
  assumes 𝒞_norm: "norm_clause 𝒞"
      and 𝒞_has_model: "∃M⇩v M⇩f. I⇩c⇩l M⇩v M⇩f 𝒞"
    shows "∃M. normalized_MLSSmf_clause.is_model_for_reduced_dnf 𝒞 M"
proof -
  from 𝒞_has_model obtain M⇩v M⇩f where "I⇩c⇩l M⇩v M⇩f 𝒞" by blast
  with 𝒞_norm
  interpret satisfiable_normalized_MLSSmf_clause 𝒞 M⇩v M⇩f
    by unfold_locales
  from ℳ_is_model_for_reduced_dnf show ?thesis by auto
qed

end