| Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/C/Firefox/devtools/ (Browser von der Mozilla Stiftung Version 136.0.1©) |
|
Quelle Splay_Tree.thySprache: Isabelle |
|||||||||||||||
|
sectiona< x<b <w eaf theory Splay_Tree imports "HOL-Library.Tree"Node "OL-Data_Structures.St_Sp" "HOL-Data_Cmp" begin declaresorted_wrtp delax Longrightarrow x<b ==> <> text‹ A a B1) b'(No B2 b CD))" | splay x (Node AB b (Node C x D)) = Node (Node AB b C) x D" | splay:: "'a::linorder ==> 'a tree" where splay x Leaf = Leaf" | splay x (Node AB x CD) = Node AB x CD" | x<b splay x (Node AB b Leaf) = Node AB b Leaf" | x<b splay x (Node Leaf b CD) = Node Leaf b CD" | splay x (Node (Node Leaf B bCD = Noe L (deB b C)"| x<a ==> x<c ==> Leaf ==> splay x (Nde (Node A a B) b CD) = (case splay x splay x C of Node C1 c' C ==>AB b C1) ' (Node C c D))" | b<x\==>| a<x ==> x<b ==> B ≠ Leaf ==> splay x (Node (Node A a B) b CD) = (case splay x B of Node B1 b' B2 ==> Node (Node A a B1) b' (Node B2 b CD))" | b<x ==> splay x (Node AB b (Node C x D)) = Node (Node AB b C) x D" | b<x ==> splay x (Node AB b Leaf) = Node AB b Leaf" | b<x ==> x<c ==> C ≠ Leaf ==> splay x (Node AB b (Node C c D)) = (case splay x C of Node C1 c' C ==> Node (Node AB b C1) c' (Node C c D))" | b<x ==> x<c ==> splay x (Node AB b (Node Leaf c D)) = Node (Node AB b Leaf) c D" | b<x ==> c<x ==> splay x (Node AB b (Node C c Leaf)) = Node (Node AB b C) c Leaf" | a<x ==> c<x ==> splay x (< \ ) (atomize_elim) (auo) (* 1 subgoal *) apply) apply(auto) apply (metis tree.exhaust le_less_linear done termination.exhaust less_linear by lexicographic_order lemma splay_code splay (case cmpxb EQ ==> \>eBf LeafEQ Node AB b CD Node A a B ==> Node AB CD (casecmp x a of EQ <Rightarrow LT 🚫1 xode2 a (Node B b CD)) | else case splaylay Node A2 <ghtarrowarrow (case CD of Rightarrow if B = Leaf then NodeB CD else case splayB ase QRightarrow Node (Node AB b C) GT<Rightarrow ifende)cjava.lang.StringIndexOutOfBoundsException: Index 69 out of b Leaf ==> Node AB b CD | Node C c D ==> (case cmp x c of EQ ==> Node (Node AB b C) c D | LT ==> if C = Leaf then Node (Node AB b C) c D else case splay x C of Node C2 ==>dee b<^sub'odesub2 c D) | GT ==> if(auto!:tree caseplay NodeD<^sub1 'D\^>2 ==> (Node AB C c\^sub1)x <^>2 x x t)" by(auto split!: tree.splie =Leafaf" definition (open "is_root x t = (case t of Leaf ==> l a r ==> definition "txis_root definitionif t then Leaf "= Leaf" hide_const ar==> aof fun ==> "insert x t = (if t = Leaf then Node Leaf x Leaf else case splay x t of Node a r ==> case cmp x a of EQ ==> LT ==> GT ==>i CD = Laf theen Node (Node ode A B) b Lea fun splay_ c ==> "splay_max splay_max_code "splay_maxt = (case tof "splay_max (Node A a Leaf) = Nodeaaf "splay_max (Node A a (Node B b CD)) = (if CD = Leaf then Node (Node A a B) b L else case splay_max CD of ==>lb b ==>irb=Leaf then Node (Node la a lb) b rb Node C c D ==> (Node A a B) b C) c D)" lemma splay_max_codease Leaf ==>java.lang.StringIndexOutOfBoundsException: Index 0 out of bounds for leng Node a \ (case ra of Leaf ==> t | Node lb b rb ==> (if rb=Leaf then Node (Node la a lb) b rb else case splay_max rb of Node lc c rc ==> Node (Node (Node la a lb) bif x<> a then Node l a r by(auto: neq_Leaf_iff: tree) definition delete "delete x t = (if t = Leaf the "Functional Proofs I"" else <> thenode subsection "Functional Correctness Proofs I" text ‹splay_max t = Leaf) = (t = Leaf)" splay_Leaf_iff[simp]: "(splay a t = Leaf) = (t = Leaf)" (induction a t rule: splay.induct) ( splay[simp]: "(splay_max t = Leaf) = (t= Le)" (induction t rule: splay_max.induct)(auto split: tree.splits) "Verification of @{const isin}" splay_elemx \in s (inorder t) ⟷ x=a" "splay x t = Node l a r ==> sorted(inorder t) \Longrightarrow> x \in set (in t) ⟷ x t arbitrary: l a r rule: splay.induct) (auto simp: isin_simps ball_Un split: tree.splits) isin_set: "sorted(inorder t) \<( :"inorder(splay x t) = inorder t" (auto simp: isin_def is_rootdef : splay_elemsD split: tree.splits) "Verification of @{const insert}" inorder_splay: "inorder(splay x t) = inorder t" (induction x t rule: splay.induct) (auto simp: neq_Leaf_iff split: tree.split) sorted_splay: "sorted(inorder t) ==> splay x t = Node l a r ==> sorted(inorder l @ x # inorder r)" inorder_splay[of x t, symmetric] (induction x t arbitrary: l a r rule: splay.induct) (auto simp: sorted_lems sorted_Cons_le sorted_snoc_le split: tree.splits) inorder_insert: "sorted(inorder t) ==> inorder(insert x t) = ins_list x (inorder t)" inorder_splay[of x t, symmetric] sorted_splay[of t x] (auto simp: ins_ ins_list_Cons ins_list_snoc neq_Leaf_iff split treet.split) "Verification of @{const delete}" inordnorder t) \Longrightarrow> splay x t = Node l a r \ ==> "splay_max t = Node l a r ==>t)) \Longrightarrow> inorder l @ [a] = inorder t \<unfolding (induction t arbitrary: l a r rule: splay_max.induct) auto simp: sort sorted_Cons_le sorted_snoc_le split: tree.splits) inorder_delete: sorted(inorde(inorder t) ==>(delete x t) = del_list x (inorder t)" inorder_splay[of x t, symmetric] sorted_splay[of t x] (auto simp: del_list_simps del_list_sorted_app delete_def del_list_notin_Cons inordspy_axD sre.sli " inorderof x t, symmetric] sorte[of t x] splay: Set_by_Ordered delete = delete and inorder = inorder and inv "Verification of {const }" (standard, goal_cases) case 2 thus ?case by(simp add: inorder_splay_max: case 3 thus ?case by(simp add: inorder_insert del: insert.simps) case 4 thus ?case by(simp add: inorder_delete) (auto simp: empty_def) ‹ t \<and bst_splay: "bst t ==> (simp add: bst_iff_sorted_wrt_less inorder_splay) bst_insert: "bst t ==> x t)" splay.invar_insert[of t x] by (simp add: bst_iff_sorted_wrt_less splay.invar_de bst_deete: "bst ==> x t)" splay.invar_ddel_linorder_splay_maxD split: t: .splits) (metis bst_iff_sorted_wrt_less list.set_intr "Overall Correctness" splay_bstR: "bst t \<interpretation (metis bst_iff_sorted_wrt_less sorted_Cons_iff set_inorder sorted_splay sort) "Size lemmas" size_splay[simp]: "size (splay a t) = size t" (induction a t rule: splay.induct) auto apply(forcespplit:: tree.split)+ size_if_splay: "splay a t = Node l u r ==>4 tth?case by(simp add: inin) (meti One size_splay tree.s.size()) splay_not_Leaf: "t ≠ Leaf ==> ∃l x r. splay a t = (metis neq_Leaf_iff splay_Leaf_iff) size_splay_max: "size(splay_max t) = size t" (induction t rule: splay_max.induct) apply(simp) apply(simp) (clarsimp split: tree.split) size_if_splay_max: "splay_max t = Node l u r ==> e_nat_def ie_splay_maxay_x ree.size(4)) "Functional Correctness Proofs II" ‹This subsectebst_insrt: "bst t ==> java.lang.NullPointerException: Cannot invoke "String.equals(Object)" because "b (ndutio a t rt rule: splayinduct) case (6 a) with splay_not_Leaf[OF 6(3), of a] show ?case by(fastforce) ase 8_ a) with splay_not_Leaf[OF 8(3), of a] show ?cacasse (2 a l r) case (11 _ a) with splay_not_Leaf[OF 11(3), of a] show ?case by(fastforce) case (14 _ a) with splay_not_Leaf[OF 14(3), of a] show ?case by(fastforce) auto splay_bstL: "bst t ==> splay a t = Node l e r ==> x ∈ set_tree l ==> x < auto) (induction a t arbitrary: l x r rule: splay.induct) (auto split: tree.splits) auto java.lang.StringIndexOutOfBoundsException: Index 127 out of bounds for length 12 nduction ution at arbitrary: l e x r rule: splay.induct) auto (fastforce splshows "set_tree (delete a t bst_splay:_splay: "bst ==>bst(splay a t)" (induction a t rule: splay.induct) case (6 a _ _ ll) with splay_not_Leaf[OF 6(3), of a] set_splay[of a ll,symmetric] show ?case by (fastforce) case (8 _ a _ t) withsplay_not_Leaf[OF8(33), of a] set_sy[of a t,symmetic] show ?case by fastforce case (11 _ a _ t) ith sphsplay_not_Leaf[OF 1(3), of a] set_splay[of a t t,symetric] show ?case by fastforce case (14 _ a _ t) with splay_not_Leaf[OF 14(3), of a] set_splay[of a t,symmetric] show ?case by fastforce to splay_to_root: "[ a ∈ (induction a t arbitrary: t' rule: splay.induct) 6 ) with splay_not_Leaf[OF 6(3), of a] show ?case by auto case (8 _ a) with splay_not_Leaf[OF 8(3), of a] show ?case by auto case (11 _ a) with s lay_ot_af[O11(3) of a] show ?case by auto case (14 _ a) with y_nt_L4(), of ho?case to fastforce+ "Verification of Is-in Test" ‹ {term"splay aassume"xx' 🚫 thus ti bysip a deledef is_root_splay: "bst t ==> is_root a (splay a t) ⟷ a ∈ set_tree t" (auto simp add (m(meis neq_Lea_iff splay_Leaf_iff) "Verification of @{const insert}" set_insert: "set_tree(insert a t) = Set.insert a (proofcases (cases t) apply simp set_splay[of a t] (simp split: tree.split) fastforce bst_insert: "bst t \<bysimp (cases t) pply slimp sertI1 sstran) (auto simp:qed "Verification of ‹splay_max›" set_splay_max: "set_tree(splay_max t) = set_tree t" (induction t rule: splay_max.induct) apply(simp) apply(simp) (force split: tree.split) bst_splay_max: "bst t \<Longrightarrowassume a" (induction t rule: splay_max.induct) ase 3 l b rl c rr) { fix rrl' d' rrr' ==> using "3. by (clarsimp split: tree.split simp: ball_Un) } with 3 show ?case by (fastforce split: tree.split simp: ball_Un) auto splay_max_Leaf: "splay_max t = Node l a r ==> r = Leaf" (induction t arbitrary: l rule: splay_max.induct) (auto split: tree.splits if_splits) ‹For sanity purposes only:› splay_max_eq_splay: "bst t ==> ∀x ∈ set_tree t. x ≤ a ==> splay_max t = splay a t" (induction a t rule: splay.induct) case (2 a l r) show ?case proof (cases r) case Leaf with 2 show ?thesis by simp next case Node with 2 show ?thesis by(auto) qed (auto simp: neq_Leaf_iff) splay_max_eq_splay_ex: assumes "bst t" shows "∃a. splay_max t = splay a t" (cases t) case Leaf thus ?thesis by simp case Node hence "splay_max t = splay (Max(set_tree t)) t" using assms by (auto simp: splay_max_eq_splay) thus ?thesis by auto "Verification of @{const delete}" set_delete: assumes "bst t" "set_tree (delete a t) = set_tree t - {a}" (cases t) case Leaf thus ?thesis by(simp add: delete_def) case (Node l x r) obtain l' x' r' where sp[simp]: "splay a (Node l x r) = Node l' x' r'" by (metis neq_Leaf_iff splay_Leaf_iff) show ?thesis proof cases assume [simp]: "x' = a" show ?thesis proof cases assume "l' = Leaf" thus ?thesis using Node assms set_splay[of a "Node l x r"] bst_splay[of "Node l x r" a] by(simp add: delete_def split: tree.split prod.split)(fastforce) next assume "l' ≠ Leaf" moreover then obtain l'' m r'' where "splay_max l' = Node l'' m r''" using splay_max_Leaf_iff tree.exhaust by blast moreover have "a ∉ set_tree l'" by (metis (no_types) Node assms less_irrefl sp splay_bstL) ultimately show ?thesis using Node assms set_splay[of a "Node l x r"] bst_splay[of "Node l x r" a] splay_max_Leaf[of l' l'' m r''] set_splay_max[of l'] by(clarsimp simp: delete_def split: tree.split) auto qed next assume "x' ≠ a" thus ?thesis using Node assms set_splay[of a "Node l x r"] splay_to_root[OF _ sp by (simp add: delete_def) qed bst_delete: assumes "bst t" shows "bst (delete a t)" (cases t) case Leaf thus ?thesis by(simp add: delete_def) case (Node l x r) obtain l' x' r' where sp[simp]: "splay a (Node l x r) = Node l' x' r'" by (metis neq_Leaf_iff splay_Leaf_iff) show ?thesis proof cases assume [simp]: "x' = a" show ?thesis proof cases assume "l' = Leaf" thus ?thesis using Node assms bst_splay[of "Node l x r" a] by(simp add: delete_def split: tree.split prod.split) next assume "l' ≠ Leaf" thus ?thesis using Node assms set_splay[of a "Node l x r"] bst_splay[of "Node l x r" a] bst_splay_max[of l'] set_splay_max[of l'] by(clarsimp simp: delete_def split: tree.split) (metis (no_types) insertI1 less_trans) qed next assume "x' ≠ a" thus ?thesis using Node assms bst_splay[of "Node l x r" a] by(auto simp: delete_def split: tree.split prod.split) qed *) end
¤ Dauer der Verarbeitung: 0.8 Sekunden ¤*© Formatika GbR, Deutschland |
|
||||||||||||||
2026-06-09