# Theory Random

Up to index of Isabelle/HOL

theory Random
imports List
`(* Author: Florian Haftmann, TU Muenchen *)header {* A HOL random engine *}theory Randomimports Code_Numeral Listbeginnotation fcomp (infixl "o>" 60)notation scomp (infixl "o->" 60)subsection {* Auxiliary functions *}fun log :: "code_numeral => code_numeral => code_numeral" where  "log b i = (if b ≤ 1 ∨ i < b then 1 else 1 + log b (i div b))"definition inc_shift :: "code_numeral => code_numeral => code_numeral" where  "inc_shift v k = (if v = k then 1 else k + 1)"definition minus_shift :: "code_numeral => code_numeral => code_numeral => code_numeral" where  "minus_shift r k l = (if k < l then r + k - l else k - l)"subsection {* Random seeds *}type_synonym seed = "code_numeral × code_numeral"primrec "next" :: "seed => code_numeral × seed" where  "next (v, w) = (let     k =  v div 53668;     v' = minus_shift 2147483563 ((v mod 53668) * 40014) (k * 12211);     l =  w div 52774;     w' = minus_shift 2147483399 ((w mod 52774) * 40692) (l * 3791);     z =  minus_shift 2147483562 v' (w' + 1) + 1   in (z, (v', w')))"definition split_seed :: "seed => seed × seed" where  "split_seed s = (let     (v, w) = s;     (v', w') = snd (next s);     v'' = inc_shift 2147483562 v;     w'' = inc_shift 2147483398 w   in ((v'', w'), (v', w'')))"subsection {* Base selectors *}fun iterate :: "code_numeral => ('b => 'a => 'b × 'a) => 'b => 'a => 'b × 'a" where  "iterate k f x = (if k = 0 then Pair x else f x o-> iterate (k - 1) f)"definition range :: "code_numeral => seed => code_numeral × seed" where  "range k = iterate (log 2147483561 k)      (λl. next o-> (λv. Pair (v + l * 2147483561))) 1    o-> (λv. Pair (v mod k))"lemma range:  "k > 0 ==> fst (range k s) < k"  by (simp add: range_def split_def del: log.simps iterate.simps)definition select :: "'a list => seed => 'a × seed" where  "select xs = range (Code_Numeral.of_nat (length xs))    o-> (λk. Pair (nth xs (Code_Numeral.nat_of k)))"     lemma select:  assumes "xs ≠ []"  shows "fst (select xs s) ∈ set xs"proof -  from assms have "Code_Numeral.of_nat (length xs) > 0" by simp  with range have    "fst (range (Code_Numeral.of_nat (length xs)) s) < Code_Numeral.of_nat (length xs)" by best  then have    "Code_Numeral.nat_of (fst (range (Code_Numeral.of_nat (length xs)) s)) < length xs" by simp  then show ?thesis    by (simp add: split_beta select_def)qedprimrec pick :: "(code_numeral × 'a) list => code_numeral => 'a" where  "pick (x # xs) i = (if i < fst x then snd x else pick xs (i - fst x))"lemma pick_member:  "i < listsum (map fst xs) ==> pick xs i ∈ set (map snd xs)"  by (induct xs arbitrary: i) simp_alllemma pick_drop_zero:  "pick (filter (λ(k, _). k > 0) xs) = pick xs"  by (induct xs) (auto simp add: fun_eq_iff)lemma pick_same:  "l < length xs ==> Random.pick (map (Pair 1) xs) (Code_Numeral.of_nat l) = nth xs l"proof (induct xs arbitrary: l)  case Nil then show ?case by simpnext  case (Cons x xs) then show ?case by (cases l) simp_allqeddefinition select_weight :: "(code_numeral × 'a) list => seed => 'a × seed" where  "select_weight xs = range (listsum (map fst xs))   o-> (λk. Pair (pick xs k))"lemma select_weight_member:  assumes "0 < listsum (map fst xs)"  shows "fst (select_weight xs s) ∈ set (map snd xs)"proof -  from range assms    have "fst (range (listsum (map fst xs)) s) < listsum (map fst xs)" .  with pick_member    have "pick xs (fst (range (listsum (map fst xs)) s)) ∈ set (map snd xs)" .  then show ?thesis by (simp add: select_weight_def scomp_def split_def) qedlemma select_weight_cons_zero:  "select_weight ((0, x) # xs) = select_weight xs"  by (simp add: select_weight_def)lemma select_weight_drop_zero:  "select_weight (filter (λ(k, _). k > 0) xs) = select_weight xs"proof -  have "listsum (map fst [(k, _)\<leftarrow>xs . 0 < k]) = listsum (map fst xs)"    by (induct xs) auto  then show ?thesis by (simp only: select_weight_def pick_drop_zero)qedlemma select_weight_select:  assumes "xs ≠ []"  shows "select_weight (map (Pair 1) xs) = select xs"proof -  have less: "!!s. fst (range (Code_Numeral.of_nat (length xs)) s) < Code_Numeral.of_nat (length xs)"    using assms by (intro range) simp  moreover have "listsum (map fst (map (Pair 1) xs)) = Code_Numeral.of_nat (length xs)"    by (induct xs) simp_all  ultimately show ?thesis    by (auto simp add: select_weight_def select_def scomp_def split_def      fun_eq_iff pick_same [symmetric])qedsubsection {* @{text ML} interface *}code_reflect Random_Engine  functions range select select_weightML {*structure Random_Engine =structopen Random_Engine;type seed = int * int;localval seed = Unsynchronized.ref   (let    val now = Time.toMilliseconds (Time.now ());    val (q, s1) = IntInf.divMod (now, 2147483562);    val s2 = q mod 2147483398;  in (s1 + 1, s2 + 1) end);infun next_seed () =  let    val (seed1, seed') = @{code split_seed} (! seed)    val _ = seed := seed'  in    seed1  endfun run f =  let    val (x, seed') = f (! seed);    val _ = seed := seed'  in x end;end;end;*}hide_type (open) seedhide_const (open) inc_shift minus_shift log "next" split_seed  iterate range select pick select_weighthide_fact (open) range_defno_notation fcomp (infixl "o>" 60)no_notation scomp (infixl "o->" 60)end`