# HG changeset patch # User nipkow # Date 1536670605 -7200 # Node ID 7a9118e63cad2f5515d6478aa7da3c6c563150a0 # Parent 6c4421b006fb7cf01b389f8f547156dde0830f31 tuned diff -r 6c4421b006fb -r 7a9118e63cad src/HOL/Data_Structures/Set2_Join.thy --- a/src/HOL/Data_Structures/Set2_Join.thy Mon Sep 10 21:33:14 2018 +0200 +++ b/src/HOL/Data_Structures/Set2_Join.thy Tue Sep 11 14:56:45 2018 +0200 @@ -27,8 +27,8 @@ "\ bst l; bst r; \x \ set_tree l. x < a; \y \ set_tree r. a < y \ \ bst (join l a r)" assumes inv_Leaf: "inv \\" -assumes inv_join: "\ inv l; inv r \ \ inv (join l k r)" -assumes inv_Node: "\ inv (Node l x h r) \ \ inv l \ inv r" +assumes inv_join: "\ inv l; inv r \ \ inv (join l a r)" +assumes inv_Node: "\ inv (Node l a h r) \ \ inv l \ inv r" begin declare set_join [simp] @@ -36,11 +36,11 @@ subsection "\split_min\" fun split_min :: "('a,'b) tree \ 'a \ ('a,'b) tree" where -"split_min (Node l x _ r) = - (if l = Leaf then (x,r) else let (m,l') = split_min l in (m, join l' x r))" +"split_min (Node l a _ r) = + (if l = Leaf then (a,r) else let (m,l') = split_min l in (m, join l' a r))" lemma split_min_set: - "\ split_min t = (x,t'); t \ Leaf \ \ x \ set_tree t \ set_tree t = Set.insert x (set_tree t')" + "\ split_min t = (m,t'); t \ Leaf \ \ m \ set_tree t \ set_tree t = Set.insert m (set_tree t')" proof(induction t arbitrary: t') case Node thus ?case by(auto split: prod.splits if_splits dest: inv_Node) next @@ -48,7 +48,7 @@ qed lemma split_min_bst: - "\ split_min t = (x,t'); bst t; t \ Leaf \ \ bst t' \ (\x' \ set_tree t'. x < x')" + "\ split_min t = (m,t'); bst t; t \ Leaf \ \ bst t' \ (\x \ set_tree t'. m < x)" proof(induction t arbitrary: t') case Node thus ?case by(fastforce simp: split_min_set bst_join split: prod.splits if_splits) next @@ -56,7 +56,7 @@ qed lemma split_min_inv: - "\ split_min t = (x,t'); inv t; t \ Leaf \ \ inv t'" + "\ split_min t = (m,t'); inv t; t \ Leaf \ \ inv t'" proof(induction t arbitrary: t') case Node thus ?case by(auto simp: inv_join split: prod.splits if_splits dest: inv_Node) next @@ -67,7 +67,7 @@ subsection "\join2\" definition join2 :: "('a,'b) tree \ ('a,'b) tree \ ('a,'b) tree" where -"join2 l r = (if r = Leaf then l else let (x,r') = split_min r in join l x r')" +"join2 l r = (if r = Leaf then l else let (m,r') = split_min r in join l m r')" lemma set_join2[simp]: "set_tree (join2 l r) = set_tree l \ set_tree r" by(simp add: join2_def split_min_set split: prod.split) @@ -84,22 +84,22 @@ fun split :: "('a,'b)tree \ 'a \ ('a,'b)tree \ bool \ ('a,'b)tree" where "split Leaf k = (Leaf, False, Leaf)" | -"split (Node l a _ r) k = - (if k < a then let (l1,b,l2) = split l k in (l1, b, join l2 a r) else - if a < k then let (r1,b,r2) = split r k in (join l a r1, b, r2) +"split (Node l a _ r) x = + (if x < a then let (l1,b,l2) = split l x in (l1, b, join l2 a r) else + if a < x then let (r1,b,r2) = split r x in (join l a r1, b, r2) else (l, True, r))" -lemma split: "split t k = (l,kin,r) \ bst t \ - set_tree l = {x \ set_tree t. x < k} \ set_tree r = {x \ set_tree t. k < x} - \ (kin = (k \ set_tree t)) \ bst l \ bst r" -proof(induction t arbitrary: l kin r) +lemma split: "split t x = (l,xin,r) \ bst t \ + set_tree l = {a \ set_tree t. a < x} \ set_tree r = {a \ set_tree t. x < a} + \ (xin = (x \ set_tree t)) \ bst l \ bst r" +proof(induction t arbitrary: l xin r) case Leaf thus ?case by simp next case Node thus ?case by(force split!: prod.splits if_splits intro!: bst_join) qed -lemma split_inv: "split t k = (l,kin,r) \ inv t \ inv l \ inv r" -proof(induction t arbitrary: l kin r) +lemma split_inv: "split t x = (l,xin,r) \ inv t \ inv l \ inv r" +proof(induction t arbitrary: l xin r) case Leaf thus ?case by simp next case Node @@ -112,7 +112,7 @@ subsection "\insert\" definition insert :: "'a \ ('a,'b) tree \ ('a,'b) tree" where -"insert k t = (let (l,_,r) = split t k in join l k r)" +"insert x t = (let (l,_,r) = split t x in join l x r)" lemma set_tree_insert: "bst t \ set_tree (insert x t) = Set.insert x (set_tree t)" by(auto simp add: insert_def split split: prod.split) @@ -127,9 +127,9 @@ subsection "\delete\" definition delete :: "'a \ ('a,'b) tree \ ('a,'b) tree" where -"delete k t = (let (l,_,r) = split t k in join2 l r)" +"delete x t = (let (l,_,r) = split t x in join2 l r)" -lemma set_tree_delete: "bst t \ set_tree (delete k t) = set_tree t - {k}" +lemma set_tree_delete: "bst t \ set_tree (delete x t) = set_tree t - {x}" by(auto simp: delete_def split split: prod.split) lemma bst_delete: "bst t \ bst (delete x t)" @@ -145,10 +145,10 @@ "union t1 t2 = (if t1 = Leaf then t2 else if t2 = Leaf then t1 else - case t1 of Node l1 k _ r1 \ - let (l2,_ ,r2) = split t2 k; + case t1 of Node l1 a _ r1 \ + let (l2,_ ,r2) = split t2 a; l' = union l1 l2; r' = union r1 r2 - in join l' k r')" + in join l' a r')" declare union.simps [simp del] @@ -181,10 +181,10 @@ "inter t1 t2 = (if t1 = Leaf then Leaf else if t2 = Leaf then Leaf else - case t1 of Node l1 k _ r1 \ - let (l2,kin,r2) = split t2 k; + case t1 of Node l1 a _ r1 \ + let (l2,ain,r2) = split t2 a; l' = inter l1 l2; r' = inter r1 r2 - in if kin then join l' k r' else join2 l' r')" + in if ain then join l' a r' else join2 l' r')" declare inter.simps [simp del] @@ -196,24 +196,24 @@ proof (cases t1) case Leaf thus ?thesis by (simp add: inter.simps) next - case [simp]: (Node l1 k _ r1) + case [simp]: (Node l1 a _ r1) show ?thesis proof (cases "t2 = Leaf") case True thus ?thesis by (simp add: inter.simps) next case False let ?L1 = "set_tree l1" let ?R1 = "set_tree r1" - have *: "k \ ?L1 \ ?R1" using \bst t1\ by (fastforce) - obtain l2 kin r2 where sp: "split t2 k = (l2,kin,r2)" using prod_cases3 by blast - let ?L2 = "set_tree l2" let ?R2 = "set_tree r2" let ?K = "if kin then {k} else {}" + have *: "a \ ?L1 \ ?R1" using \bst t1\ by (fastforce) + obtain l2 ain r2 where sp: "split t2 a = (l2,ain,r2)" using prod_cases3 by blast + let ?L2 = "set_tree l2" let ?R2 = "set_tree r2" let ?K = "if ain then {a} else {}" have t2: "set_tree t2 = ?L2 \ ?R2 \ ?K" and - **: "?L2 \ ?R2 = {}" "k \ ?L2 \ ?R2" "?L1 \ ?R2 = {}" "?L2 \ ?R1 = {}" + **: "?L2 \ ?R2 = {}" "a \ ?L2 \ ?R2" "?L1 \ ?R2 = {}" "?L2 \ ?R1 = {}" using split[OF sp] \bst t1\ \bst t2\ by (force, force, force, force, force) have IHl: "set_tree (inter l1 l2) = set_tree l1 \ set_tree l2" using "1.IH"(1)[OF _ False _ sp[symmetric]] "1.prems"(1,2) split[OF sp] by simp have IHr: "set_tree (inter r1 r2) = set_tree r1 \ set_tree r2" using "1.IH"(2)[OF _ False _ sp[symmetric]] "1.prems"(1,2) split[OF sp] by simp - have "set_tree t1 \ set_tree t2 = (?L1 \ ?R1 \ {k}) \ (?L2 \ ?R2 \ ?K)" + have "set_tree t1 \ set_tree t2 = (?L1 \ ?R1 \ {a}) \ (?L2 \ ?R2 \ ?K)" by(simp add: t2) also have "\ = (?L1 \ ?L2) \ (?R1 \ ?R2) \ ?K" using * ** by auto @@ -246,8 +246,8 @@ "diff t1 t2 = (if t1 = Leaf then Leaf else if t2 = Leaf then t1 else - case t2 of Node l2 k _ r2 \ - let (l1,_,r1) = split t1 k; + case t2 of Node l2 a _ r2 \ + let (l1,_,r1) = split t1 a; l' = diff l1 l2; r' = diff r1 r2 in join2 l' r')" @@ -261,23 +261,23 @@ proof (cases t2) case Leaf thus ?thesis by (simp add: diff.simps) next - case [simp]: (Node l2 k _ r2) + case [simp]: (Node l2 a _ r2) show ?thesis proof (cases "t1 = Leaf") case True thus ?thesis by (simp add: diff.simps) next case False let ?L2 = "set_tree l2" let ?R2 = "set_tree r2" - obtain l1 kin r1 where sp: "split t1 k = (l1,kin,r1)" using prod_cases3 by blast - let ?L1 = "set_tree l1" let ?R1 = "set_tree r1" let ?K = "if kin then {k} else {}" + obtain l1 ain r1 where sp: "split t1 a = (l1,ain,r1)" using prod_cases3 by blast + let ?L1 = "set_tree l1" let ?R1 = "set_tree r1" let ?K = "if ain then {a} else {}" have t1: "set_tree t1 = ?L1 \ ?R1 \ ?K" and - **: "k \ ?L1 \ ?R1" "?L1 \ ?R2 = {}" "?L2 \ ?R1 = {}" + **: "a \ ?L1 \ ?R1" "?L1 \ ?R2 = {}" "?L2 \ ?R1 = {}" using split[OF sp] \bst t1\ \bst t2\ by (force, force, force, force) have IHl: "set_tree (diff l1 l2) = set_tree l1 - set_tree l2" using "1.IH"(1)[OF False _ _ sp[symmetric]] "1.prems"(1,2) split[OF sp] by simp have IHr: "set_tree (diff r1 r2) = set_tree r1 - set_tree r2" using "1.IH"(2)[OF False _ _ sp[symmetric]] "1.prems"(1,2) split[OF sp] by simp - have "set_tree t1 - set_tree t2 = (?L1 \ ?R1) - (?L2 \ ?R2 \ {k})" + have "set_tree t1 - set_tree t2 = (?L1 \ ?R1) - (?L2 \ ?R2 \ {a})" by(simp add: t1) also have "\ = (?L1 - ?L2) \ (?R1 - ?R2)" using ** by auto