src/HOL/Library/RBT.thy
author haftmann
Fri May 21 15:22:37 2010 +0200 (2010-05-21)
changeset 37053 a89b47a94b19
parent 37027 98bfff1d159d
child 37462 802619d7576d
permissions -rw-r--r--
tuned
haftmann@35617
     1
(* Author: Florian Haftmann, TU Muenchen *)
haftmann@35617
     2
haftmann@36147
     3
header {* Abstract type of Red-Black Trees *}
haftmann@35617
     4
haftmann@36147
     5
(*<*)
haftmann@36147
     6
theory RBT
haftmann@36147
     7
imports Main RBT_Impl Mapping
haftmann@35617
     8
begin
haftmann@35617
     9
haftmann@35617
    10
subsection {* Type definition *}
haftmann@35617
    11
haftmann@36147
    12
typedef (open) ('a, 'b) rbt = "{t :: ('a\<Colon>linorder, 'b) RBT_Impl.rbt. is_rbt t}"
haftmann@36147
    13
  morphisms impl_of RBT
haftmann@35617
    14
proof -
haftmann@36147
    15
  have "RBT_Impl.Empty \<in> ?rbt" by simp
haftmann@35617
    16
  then show ?thesis ..
haftmann@35617
    17
qed
haftmann@35617
    18
haftmann@36147
    19
lemma is_rbt_impl_of [simp, intro]:
haftmann@36147
    20
  "is_rbt (impl_of t)"
haftmann@36147
    21
  using impl_of [of t] by simp
haftmann@35617
    22
haftmann@36147
    23
lemma rbt_eq:
haftmann@36147
    24
  "t1 = t2 \<longleftrightarrow> impl_of t1 = impl_of t2"
haftmann@36147
    25
  by (simp add: impl_of_inject)
haftmann@35617
    26
haftmann@36111
    27
lemma [code abstype]:
haftmann@36147
    28
  "RBT (impl_of t) = t"
haftmann@36147
    29
  by (simp add: impl_of_inverse)
haftmann@35617
    30
haftmann@35617
    31
haftmann@35617
    32
subsection {* Primitive operations *}
haftmann@35617
    33
haftmann@36147
    34
definition lookup :: "('a\<Colon>linorder, 'b) rbt \<Rightarrow> 'a \<rightharpoonup> 'b" where
haftmann@36147
    35
  [code]: "lookup t = RBT_Impl.lookup (impl_of t)"
haftmann@35617
    36
haftmann@36147
    37
definition empty :: "('a\<Colon>linorder, 'b) rbt" where
haftmann@36147
    38
  "empty = RBT RBT_Impl.Empty"
haftmann@35617
    39
haftmann@36147
    40
lemma impl_of_empty [code abstract]:
haftmann@36147
    41
  "impl_of empty = RBT_Impl.Empty"
haftmann@36147
    42
  by (simp add: empty_def RBT_inverse)
haftmann@35617
    43
haftmann@36147
    44
definition insert :: "'a\<Colon>linorder \<Rightarrow> 'b \<Rightarrow> ('a, 'b) rbt \<Rightarrow> ('a, 'b) rbt" where
haftmann@36147
    45
  "insert k v t = RBT (RBT_Impl.insert k v (impl_of t))"
haftmann@35617
    46
haftmann@36147
    47
lemma impl_of_insert [code abstract]:
haftmann@36147
    48
  "impl_of (insert k v t) = RBT_Impl.insert k v (impl_of t)"
haftmann@36147
    49
  by (simp add: insert_def RBT_inverse)
haftmann@35617
    50
haftmann@36147
    51
definition delete :: "'a\<Colon>linorder \<Rightarrow> ('a, 'b) rbt \<Rightarrow> ('a, 'b) rbt" where
haftmann@36147
    52
  "delete k t = RBT (RBT_Impl.delete k (impl_of t))"
haftmann@35617
    53
haftmann@36147
    54
lemma impl_of_delete [code abstract]:
haftmann@36147
    55
  "impl_of (delete k t) = RBT_Impl.delete k (impl_of t)"
haftmann@36147
    56
  by (simp add: delete_def RBT_inverse)
haftmann@35617
    57
haftmann@36147
    58
definition entries :: "('a\<Colon>linorder, 'b) rbt \<Rightarrow> ('a \<times> 'b) list" where
haftmann@36147
    59
  [code]: "entries t = RBT_Impl.entries (impl_of t)"
haftmann@35617
    60
haftmann@36147
    61
definition keys :: "('a\<Colon>linorder, 'b) rbt \<Rightarrow> 'a list" where
haftmann@36147
    62
  [code]: "keys t = RBT_Impl.keys (impl_of t)"
haftmann@36111
    63
haftmann@36147
    64
definition bulkload :: "('a\<Colon>linorder \<times> 'b) list \<Rightarrow> ('a, 'b) rbt" where
haftmann@36147
    65
  "bulkload xs = RBT (RBT_Impl.bulkload xs)"
haftmann@35617
    66
haftmann@36147
    67
lemma impl_of_bulkload [code abstract]:
haftmann@36147
    68
  "impl_of (bulkload xs) = RBT_Impl.bulkload xs"
haftmann@36147
    69
  by (simp add: bulkload_def RBT_inverse)
haftmann@35617
    70
haftmann@36147
    71
definition map_entry :: "'a \<Rightarrow> ('b \<Rightarrow> 'b) \<Rightarrow> ('a\<Colon>linorder, 'b) rbt \<Rightarrow> ('a, 'b) rbt" where
haftmann@36147
    72
  "map_entry k f t = RBT (RBT_Impl.map_entry k f (impl_of t))"
haftmann@35617
    73
haftmann@36147
    74
lemma impl_of_map_entry [code abstract]:
haftmann@36147
    75
  "impl_of (map_entry k f t) = RBT_Impl.map_entry k f (impl_of t)"
haftmann@36147
    76
  by (simp add: map_entry_def RBT_inverse)
haftmann@35617
    77
haftmann@36147
    78
definition map :: "('a \<Rightarrow> 'b \<Rightarrow> 'b) \<Rightarrow> ('a\<Colon>linorder, 'b) rbt \<Rightarrow> ('a, 'b) rbt" where
haftmann@36147
    79
  "map f t = RBT (RBT_Impl.map f (impl_of t))"
haftmann@35617
    80
haftmann@36147
    81
lemma impl_of_map [code abstract]:
haftmann@36147
    82
  "impl_of (map f t) = RBT_Impl.map f (impl_of t)"
haftmann@36147
    83
  by (simp add: map_def RBT_inverse)
haftmann@35617
    84
haftmann@36147
    85
definition fold :: "('a \<Rightarrow> 'b \<Rightarrow> 'c \<Rightarrow> 'c) \<Rightarrow> ('a\<Colon>linorder, 'b) rbt \<Rightarrow> 'c \<Rightarrow> 'c" where
haftmann@36147
    86
  [code]: "fold f t = RBT_Impl.fold f (impl_of t)"
haftmann@35617
    87
haftmann@35617
    88
haftmann@35617
    89
subsection {* Derived operations *}
haftmann@35617
    90
haftmann@36147
    91
definition is_empty :: "('a\<Colon>linorder, 'b) rbt \<Rightarrow> bool" where
haftmann@36147
    92
  [code]: "is_empty t = (case impl_of t of RBT_Impl.Empty \<Rightarrow> True | _ \<Rightarrow> False)"
haftmann@35617
    93
haftmann@35617
    94
haftmann@35617
    95
subsection {* Abstract lookup properties *}
haftmann@35617
    96
haftmann@36147
    97
lemma lookup_RBT:
haftmann@36147
    98
  "is_rbt t \<Longrightarrow> lookup (RBT t) = RBT_Impl.lookup t"
haftmann@36147
    99
  by (simp add: lookup_def RBT_inverse)
haftmann@35617
   100
haftmann@36147
   101
lemma lookup_impl_of:
haftmann@36147
   102
  "RBT_Impl.lookup (impl_of t) = lookup t"
haftmann@35617
   103
  by (simp add: lookup_def)
haftmann@35617
   104
haftmann@36147
   105
lemma entries_impl_of:
haftmann@36147
   106
  "RBT_Impl.entries (impl_of t) = entries t"
haftmann@35617
   107
  by (simp add: entries_def)
haftmann@35617
   108
haftmann@36147
   109
lemma keys_impl_of:
haftmann@36147
   110
  "RBT_Impl.keys (impl_of t) = keys t"
haftmann@36111
   111
  by (simp add: keys_def)
haftmann@36111
   112
haftmann@35617
   113
lemma lookup_empty [simp]:
haftmann@35617
   114
  "lookup empty = Map.empty"
haftmann@36147
   115
  by (simp add: empty_def lookup_RBT expand_fun_eq)
haftmann@35617
   116
haftmann@36147
   117
lemma lookup_insert [simp]:
haftmann@36147
   118
  "lookup (insert k v t) = (lookup t)(k \<mapsto> v)"
haftmann@36147
   119
  by (simp add: insert_def lookup_RBT lookup_insert lookup_impl_of)
haftmann@35617
   120
haftmann@35617
   121
lemma lookup_delete [simp]:
haftmann@35617
   122
  "lookup (delete k t) = (lookup t)(k := None)"
haftmann@36147
   123
  by (simp add: delete_def lookup_RBT RBT_Impl.lookup_delete lookup_impl_of restrict_complement_singleton_eq)
haftmann@35617
   124
haftmann@35617
   125
lemma map_of_entries [simp]:
haftmann@35617
   126
  "map_of (entries t) = lookup t"
haftmann@36147
   127
  by (simp add: entries_def map_of_entries lookup_impl_of)
haftmann@35617
   128
haftmann@36111
   129
lemma entries_lookup:
haftmann@36111
   130
  "entries t1 = entries t2 \<longleftrightarrow> lookup t1 = lookup t2"
haftmann@36111
   131
  by (simp add: entries_def lookup_def entries_lookup)
haftmann@36111
   132
haftmann@35617
   133
lemma lookup_bulkload [simp]:
haftmann@35617
   134
  "lookup (bulkload xs) = map_of xs"
haftmann@36147
   135
  by (simp add: bulkload_def lookup_RBT RBT_Impl.lookup_bulkload)
haftmann@35617
   136
haftmann@35617
   137
lemma lookup_map_entry [simp]:
haftmann@35617
   138
  "lookup (map_entry k f t) = (lookup t)(k := Option.map f (lookup t k))"
haftmann@37027
   139
  by (simp add: map_entry_def lookup_RBT RBT_Impl.lookup_map_entry lookup_impl_of)
haftmann@35617
   140
haftmann@35617
   141
lemma lookup_map [simp]:
haftmann@35617
   142
  "lookup (map f t) k = Option.map (f k) (lookup t k)"
haftmann@36147
   143
  by (simp add: map_def lookup_RBT lookup_map lookup_impl_of)
haftmann@35617
   144
haftmann@35617
   145
lemma fold_fold:
haftmann@35617
   146
  "fold f t = (\<lambda>s. foldl (\<lambda>s (k, v). f k v s) s (entries t))"
haftmann@36147
   147
  by (simp add: fold_def expand_fun_eq RBT_Impl.fold_def entries_impl_of)
haftmann@35617
   148
haftmann@36111
   149
lemma is_empty_empty [simp]:
haftmann@36111
   150
  "is_empty t \<longleftrightarrow> t = empty"
haftmann@36147
   151
  by (simp add: rbt_eq is_empty_def impl_of_empty split: rbt.split)
haftmann@36111
   152
haftmann@36111
   153
lemma RBT_lookup_empty [simp]: (*FIXME*)
haftmann@36147
   154
  "RBT_Impl.lookup t = Map.empty \<longleftrightarrow> t = RBT_Impl.Empty"
haftmann@36111
   155
  by (cases t) (auto simp add: expand_fun_eq)
haftmann@36111
   156
haftmann@36111
   157
lemma lookup_empty_empty [simp]:
haftmann@36111
   158
  "lookup t = Map.empty \<longleftrightarrow> t = empty"
haftmann@36147
   159
  by (cases t) (simp add: empty_def lookup_def RBT_inject RBT_inverse)
haftmann@36111
   160
haftmann@36111
   161
lemma sorted_keys [iff]:
haftmann@36111
   162
  "sorted (keys t)"
haftmann@36147
   163
  by (simp add: keys_def RBT_Impl.keys_def sorted_entries)
haftmann@36111
   164
haftmann@36111
   165
lemma distinct_keys [iff]:
haftmann@36111
   166
  "distinct (keys t)"
haftmann@36147
   167
  by (simp add: keys_def RBT_Impl.keys_def distinct_entries)
haftmann@36111
   168
haftmann@36111
   169
haftmann@36111
   170
subsection {* Implementation of mappings *}
haftmann@36111
   171
haftmann@36147
   172
definition Mapping :: "('a\<Colon>linorder, 'b) rbt \<Rightarrow> ('a, 'b) mapping" where
haftmann@36111
   173
  "Mapping t = Mapping.Mapping (lookup t)"
haftmann@36111
   174
haftmann@36111
   175
code_datatype Mapping
haftmann@36111
   176
haftmann@36111
   177
lemma lookup_Mapping [simp, code]:
haftmann@36111
   178
  "Mapping.lookup (Mapping t) = lookup t"
haftmann@36111
   179
  by (simp add: Mapping_def)
haftmann@36111
   180
haftmann@36111
   181
lemma empty_Mapping [code]:
haftmann@36111
   182
  "Mapping.empty = Mapping empty"
haftmann@36111
   183
  by (rule mapping_eqI) simp
haftmann@36111
   184
haftmann@36111
   185
lemma is_empty_Mapping [code]:
haftmann@36111
   186
  "Mapping.is_empty (Mapping t) \<longleftrightarrow> is_empty t"
haftmann@36147
   187
  by (simp add: rbt_eq Mapping.is_empty_empty Mapping_def)
haftmann@36111
   188
haftmann@36147
   189
lemma insert_Mapping [code]:
haftmann@36147
   190
  "Mapping.update k v (Mapping t) = Mapping (insert k v t)"
haftmann@36111
   191
  by (rule mapping_eqI) simp
haftmann@36111
   192
haftmann@36111
   193
lemma delete_Mapping [code]:
haftmann@37027
   194
  "Mapping.delete k (Mapping t) = Mapping (delete k t)"
haftmann@37027
   195
  by (rule mapping_eqI) simp
haftmann@37027
   196
haftmann@37027
   197
lemma map_entry_Mapping [code]:
haftmann@37027
   198
  "Mapping.map_entry k f (Mapping t) = Mapping (map_entry k f t)"
haftmann@36111
   199
  by (rule mapping_eqI) simp
haftmann@36111
   200
haftmann@36111
   201
lemma keys_Mapping [code]:
haftmann@36111
   202
  "Mapping.keys (Mapping t) = set (keys t)"
haftmann@36111
   203
  by (simp add: keys_def Mapping_def Mapping.keys_def lookup_def lookup_keys)
haftmann@36111
   204
haftmann@36111
   205
lemma ordered_keys_Mapping [code]:
haftmann@36111
   206
  "Mapping.ordered_keys (Mapping t) = keys t"
haftmann@36111
   207
  by (rule sorted_distinct_set_unique) (simp_all add: ordered_keys_def keys_Mapping)
haftmann@36111
   208
haftmann@36111
   209
lemma Mapping_size_card_keys: (*FIXME*)
haftmann@36111
   210
  "Mapping.size m = card (Mapping.keys m)"
haftmann@36111
   211
  by (simp add: Mapping.size_def Mapping.keys_def)
haftmann@36111
   212
haftmann@36111
   213
lemma size_Mapping [code]:
haftmann@36111
   214
  "Mapping.size (Mapping t) = length (keys t)"
haftmann@36111
   215
  by (simp add: Mapping_size_card_keys keys_Mapping distinct_card)
haftmann@36111
   216
haftmann@36111
   217
lemma tabulate_Mapping [code]:
haftmann@36111
   218
  "Mapping.tabulate ks f = Mapping (bulkload (List.map (\<lambda>k. (k, f k)) ks))"
haftmann@36111
   219
  by (rule mapping_eqI) (simp add: map_of_map_restrict)
haftmann@36111
   220
haftmann@36111
   221
lemma bulkload_Mapping [code]:
haftmann@36111
   222
  "Mapping.bulkload vs = Mapping (bulkload (List.map (\<lambda>n. (n, vs ! n)) [0..<length vs]))"
haftmann@36111
   223
  by (rule mapping_eqI) (simp add: map_of_map_restrict expand_fun_eq)
haftmann@36111
   224
haftmann@37053
   225
lemma [code, code del]:
haftmann@37053
   226
  "HOL.eq (x :: (_, _) mapping) y \<longleftrightarrow> x = y" by (fact eq_equals) (*FIXME*)
haftmann@36111
   227
haftmann@36111
   228
lemma eq_Mapping [code]:
haftmann@36111
   229
  "HOL.eq (Mapping t1) (Mapping t2) \<longleftrightarrow> entries t1 = entries t2"
haftmann@36111
   230
  by (simp add: eq Mapping_def entries_lookup)
haftmann@36111
   231
wenzelm@36176
   232
hide_const (open) impl_of lookup empty insert delete
haftmann@36111
   233
  entries keys bulkload map_entry map fold
haftmann@36147
   234
(*>*)
haftmann@36147
   235
haftmann@36147
   236
text {* 
haftmann@36147
   237
  This theory defines abstract red-black trees as an efficient
haftmann@36147
   238
  representation of finite maps, backed by the implementation
haftmann@36147
   239
  in @{theory RBT_Impl}.
haftmann@36147
   240
*}
haftmann@36147
   241
haftmann@36147
   242
subsection {* Data type and invariant *}
haftmann@36147
   243
haftmann@36147
   244
text {*
haftmann@36147
   245
  The type @{typ "('k, 'v) RBT_Impl.rbt"} denotes red-black trees with
haftmann@36147
   246
  keys of type @{typ "'k"} and values of type @{typ "'v"}. To function
haftmann@36147
   247
  properly, the key type musorted belong to the @{text "linorder"}
haftmann@36147
   248
  class.
haftmann@36147
   249
haftmann@36147
   250
  A value @{term t} of this type is a valid red-black tree if it
haftmann@36147
   251
  satisfies the invariant @{text "is_rbt t"}.  The abstract type @{typ
haftmann@36147
   252
  "('k, 'v) rbt"} always obeys this invariant, and for this reason you
haftmann@36147
   253
  should only use this in our application.  Going back to @{typ "('k,
haftmann@36147
   254
  'v) RBT_Impl.rbt"} may be necessary in proofs if not yet proven
haftmann@36147
   255
  properties about the operations must be established.
haftmann@36147
   256
haftmann@36147
   257
  The interpretation function @{const "RBT.lookup"} returns the partial
haftmann@36147
   258
  map represented by a red-black tree:
haftmann@36147
   259
  @{term_type[display] "RBT.lookup"}
haftmann@36147
   260
haftmann@36147
   261
  This function should be used for reasoning about the semantics of the RBT
haftmann@36147
   262
  operations. Furthermore, it implements the lookup functionality for
haftmann@36147
   263
  the data structure: It is executable and the lookup is performed in
haftmann@36147
   264
  $O(\log n)$.  
haftmann@36147
   265
*}
haftmann@36147
   266
haftmann@36147
   267
subsection {* Operations *}
haftmann@36147
   268
haftmann@36147
   269
text {*
haftmann@36147
   270
  Currently, the following operations are supported:
haftmann@36147
   271
haftmann@36147
   272
  @{term_type [display] "RBT.empty"}
haftmann@36147
   273
  Returns the empty tree. $O(1)$
haftmann@36147
   274
haftmann@36147
   275
  @{term_type [display] "RBT.insert"}
haftmann@36147
   276
  Updates the map at a given position. $O(\log n)$
haftmann@36147
   277
haftmann@36147
   278
  @{term_type [display] "RBT.delete"}
haftmann@36147
   279
  Deletes a map entry at a given position. $O(\log n)$
haftmann@36147
   280
haftmann@36147
   281
  @{term_type [display] "RBT.entries"}
haftmann@36147
   282
  Return a corresponding key-value list for a tree.
haftmann@36147
   283
haftmann@36147
   284
  @{term_type [display] "RBT.bulkload"}
haftmann@36147
   285
  Builds a tree from a key-value list.
haftmann@36147
   286
haftmann@36147
   287
  @{term_type [display] "RBT.map_entry"}
haftmann@36147
   288
  Maps a single entry in a tree.
haftmann@36147
   289
haftmann@36147
   290
  @{term_type [display] "RBT.map"}
haftmann@36147
   291
  Maps all values in a tree. $O(n)$
haftmann@36147
   292
haftmann@36147
   293
  @{term_type [display] "RBT.fold"}
haftmann@36147
   294
  Folds over all entries in a tree. $O(n)$
haftmann@36147
   295
*}
haftmann@36147
   296
haftmann@36147
   297
haftmann@36147
   298
subsection {* Invariant preservation *}
haftmann@36147
   299
haftmann@36147
   300
text {*
haftmann@36147
   301
  \noindent
haftmann@36147
   302
  @{thm Empty_is_rbt}\hfill(@{text "Empty_is_rbt"})
haftmann@36147
   303
haftmann@36147
   304
  \noindent
haftmann@36147
   305
  @{thm insert_is_rbt}\hfill(@{text "insert_is_rbt"})
haftmann@36147
   306
haftmann@36147
   307
  \noindent
haftmann@36147
   308
  @{thm delete_is_rbt}\hfill(@{text "delete_is_rbt"})
haftmann@36147
   309
haftmann@36147
   310
  \noindent
haftmann@36147
   311
  @{thm bulkload_is_rbt}\hfill(@{text "bulkload_is_rbt"})
haftmann@36147
   312
haftmann@36147
   313
  \noindent
haftmann@36147
   314
  @{thm map_entry_is_rbt}\hfill(@{text "map_entry_is_rbt"})
haftmann@36147
   315
haftmann@36147
   316
  \noindent
haftmann@36147
   317
  @{thm map_is_rbt}\hfill(@{text "map_is_rbt"})
haftmann@36147
   318
haftmann@36147
   319
  \noindent
haftmann@36147
   320
  @{thm union_is_rbt}\hfill(@{text "union_is_rbt"})
haftmann@36147
   321
*}
haftmann@36147
   322
haftmann@36147
   323
haftmann@36147
   324
subsection {* Map Semantics *}
haftmann@36147
   325
haftmann@36147
   326
text {*
haftmann@36147
   327
  \noindent
haftmann@36147
   328
  \underline{@{text "lookup_empty"}}
haftmann@36147
   329
  @{thm [display] lookup_empty}
haftmann@36147
   330
  \vspace{1ex}
haftmann@36147
   331
haftmann@36147
   332
  \noindent
haftmann@36147
   333
  \underline{@{text "lookup_insert"}}
haftmann@36147
   334
  @{thm [display] lookup_insert}
haftmann@36147
   335
  \vspace{1ex}
haftmann@36147
   336
haftmann@36147
   337
  \noindent
haftmann@36147
   338
  \underline{@{text "lookup_delete"}}
haftmann@36147
   339
  @{thm [display] lookup_delete}
haftmann@36147
   340
  \vspace{1ex}
haftmann@36147
   341
haftmann@36147
   342
  \noindent
haftmann@36147
   343
  \underline{@{text "lookup_bulkload"}}
haftmann@36147
   344
  @{thm [display] lookup_bulkload}
haftmann@36147
   345
  \vspace{1ex}
haftmann@36147
   346
haftmann@36147
   347
  \noindent
haftmann@36147
   348
  \underline{@{text "lookup_map"}}
haftmann@36147
   349
  @{thm [display] lookup_map}
haftmann@36147
   350
  \vspace{1ex}
haftmann@36147
   351
*}
haftmann@35617
   352
haftmann@35617
   353
end