Theory Closest_Pair_Alternative
section "Closest Pair Algorithm 2"
theory Closest_Pair_Alternative
imports Common
begin
text‹
Formalization of a divide-and-conquer algorithm solving the Closest Pair Problem
based on the presentation of Cormen \emph{et al.} \<^cite>‹"Introduction-to-Algorithms:2009"›.
›
subsection "Functional Correctness Proof"
subsubsection "Core Argument"
lemma core_argument:
assumes "distinct (p⇩0 # ps)" "sorted_snd (p⇩0 # ps)" "0 ≤ δ" "set (p⇩0 # ps) = ps⇩L ∪ ps⇩R"
assumes "∀p ∈ set (p⇩0 # ps). l - δ ≤ fst p ∧ fst p ≤ l + δ"
assumes "∀p ∈ ps⇩L. fst p ≤ l" "∀p ∈ ps⇩R. l ≤ fst p"
assumes "sparse δ ps⇩L" "sparse δ ps⇩R"
assumes "p⇩1 ∈ set ps" "dist p⇩0 p⇩1 < δ"
shows "p⇩1 ∈ set (take 7 ps)"
proof -
define PS where "PS = p⇩0 # ps"
define R where "R = cbox (l - δ, snd p⇩0) (l + δ, snd p⇩0 + δ)"
define RPS where "RPS = { p ∈ set PS. p ∈ R }"
define LSQ where "LSQ = cbox (l - δ, snd p⇩0) (l, snd p⇩0 + δ)"
define LSQPS where "LSQPS = { p ∈ ps⇩L. p ∈ LSQ }"
define RSQ where "RSQ = cbox (l, snd p⇩0) (l + δ, snd p⇩0 + δ)"
define RSQPS where "RSQPS = { p ∈ ps⇩R. p ∈ RSQ }"
note defs = PS_def R_def RPS_def LSQ_def LSQPS_def RSQ_def RSQPS_def
have "R = LSQ ∪ RSQ"
using defs cbox_right_un by auto
moreover have "∀p ∈ ps⇩L. p ∈ RSQ ⟶ p ∈ LSQ"
using RSQ_def LSQ_def assms(6) by auto
moreover have "∀p ∈ ps⇩R. p ∈ LSQ ⟶ p ∈ RSQ"
using RSQ_def LSQ_def assms(7) by auto
ultimately have "RPS = LSQPS ∪ RSQPS"
using LSQPS_def RSQPS_def PS_def RPS_def assms(4) by blast
have "sparse δ LSQPS"
using assms(8) LSQPS_def sparse_def by simp
hence CLSQPS: "card LSQPS ≤ 4"
using max_points_square[of LSQPS "l - δ" "snd p⇩0" δ] assms(3) LSQ_def LSQPS_def by auto
have "sparse δ RSQPS"
using assms(9) RSQPS_def sparse_def by simp
hence CRSQPS: "card RSQPS ≤ 4"
using max_points_square[of RSQPS l "snd p⇩0" δ] assms(3) RSQ_def RSQPS_def by auto
have CRPS: "card RPS ≤ 8"
using CLSQPS CRSQPS card_Un_le[of LSQPS RSQPS] ‹RPS = LSQPS ∪ RSQPS› by auto
have "RPS ⊆ set (take 8 PS)"
proof (rule ccontr)
assume "¬ (RPS ⊆ set (take 8 PS))"
then obtain p where *: "p ∈ set PS" "p ∈ RPS" "p ∉ set (take 8 PS)" "p ∈ R"
using RPS_def by auto
have "∀p⇩0 ∈ set (take 8 PS). ∀p⇩1 ∈ set (drop 8 PS). snd p⇩0 ≤ snd p⇩1"
using sorted_wrt_take_drop[of "λp⇩0 p⇩1. snd p⇩0 ≤ snd p⇩1" PS 8] assms(2) sorted_snd_def PS_def by fastforce
hence "∀p' ∈ set (take 8 PS). snd p' ≤ snd p"
using append_take_drop_id set_append Un_iff *(1,3) by metis
moreover have "snd p ≤ snd p⇩0 + δ"
using ‹p ∈ R› R_def mem_cbox_2D by (metis (mono_tags, lifting) prod.case_eq_if)
ultimately have "∀p ∈ set (take 8 PS). snd p ≤ snd p⇩0 + δ"
by fastforce
moreover have "∀p ∈ set (take 8 PS). snd p⇩0 ≤ snd p"
using sorted_wrt_hd_less_take[of "λp⇩0 p⇩1. snd p⇩0 ≤ snd p⇩1" p⇩0 ps 8] assms(2) sorted_snd_def PS_def by fastforce
moreover have "∀p ∈ set (take 8 PS). l - δ ≤ fst p ∧ fst p ≤ l + δ"
using assms(5) PS_def by (meson in_set_takeD)
ultimately have "∀p ∈ set (take 8 PS). p ∈ R"
using R_def mem_cbox_2D by fastforce
hence "set (take 8 PS) ⊆ RPS"
using RPS_def set_take_subset by fastforce
hence NINE: "{ p } ∪ set (take 8 PS) ⊆ RPS"
using * by simp
have "8 ≤ length PS"
using *(1,3) nat_le_linear by fastforce
hence "length (take 8 PS) = 8"
by simp
have "finite { p }" "finite (set (take 8 PS))"
by simp_all
hence "card ({ p } ∪ set (take 8 PS)) = card ({ p }) + card (set (take 8 PS))"
using *(3) card_Un_disjoint by blast
hence "card ({ p } ∪ set (take 8 PS)) = 9"
using assms(1) ‹length (take 8 PS) = 8› distinct_card[of "take 8 PS"] distinct_take[of PS] PS_def by fastforce
moreover have "finite RPS"
using RPS_def by simp
ultimately have "9 ≤ card RPS"
using NINE card_mono by metis
thus False
using CRPS by simp
qed
have "dist (snd p⇩0) (snd p⇩1) < δ"
using assms(11) dist_snd_le le_less_trans by (metis (no_types, lifting) prod.case_eq_if snd_conv)
hence "snd p⇩1 ≤ snd p⇩0 + δ"
by (simp add: dist_real_def)
moreover have "l - δ ≤ fst p⇩1" "fst p⇩1 ≤ l + δ"
using assms(5,10) by auto
moreover have "snd p⇩0 ≤ snd p⇩1"
using sorted_snd_def assms(2,10) by auto
ultimately have "p⇩1 ∈ R"
using mem_cbox_2D[of "l - δ" "fst p⇩1" "l + δ" "snd p⇩0" "snd p⇩1" "snd p⇩0 + δ"] defs
by (simp add: ‹l - δ ≤ fst p⇩1› ‹snd p⇩0 ≤ snd p⇩1› prod.case_eq_if)
moreover have "p⇩1 ∈ set PS"
using PS_def assms(10) by simp
ultimately have "p⇩1 ∈ set (take 8 PS)"
using RPS_def ‹RPS ⊆ set (take 8 PS)› by auto
thus ?thesis
using assms(1,10) PS_def by auto
qed
subsubsection "Combine step"
lemma find_closest_bf_dist_take_7:
assumes "∃p⇩1 ∈ set ps. dist p⇩0 p⇩1 < δ"
assumes "distinct (p⇩0 # ps)" "sorted_snd (p⇩0 # ps)" "0 < length ps" "0 ≤ δ" "set (p⇩0 # ps) = ps⇩L ∪ ps⇩R"
assumes "∀p ∈ set (p⇩0 # ps). l - δ ≤ fst p ∧ fst p ≤ l + δ"
assumes "∀p ∈ ps⇩L. fst p ≤ l" "∀p ∈ ps⇩R. l ≤ fst p"
assumes "sparse δ ps⇩L" "sparse δ ps⇩R"
shows "∀p⇩1 ∈ set ps. dist p⇩0 (find_closest_bf p⇩0 (take 7 ps)) ≤ dist p⇩0 p⇩1"
proof -
have "dist p⇩0 (find_closest_bf p⇩0 ps) < δ"
using assms(1) dual_order.strict_trans2 find_closest_bf_dist by blast
moreover have "find_closest_bf p⇩0 ps ∈ set ps"
using assms(4) find_closest_bf_set by blast
ultimately have "find_closest_bf p⇩0 ps ∈ set (take 7 ps)"
using core_argument[of p⇩0 ps δ ps⇩L ps⇩R l "find_closest_bf p⇩0 ps"] assms by blast
moreover have "∀p⇩1 ∈ set (take 7 ps). dist p⇩0 (find_closest_bf p⇩0 (take 7 ps)) ≤ dist p⇩0 p⇩1"
using find_closest_bf_dist by blast
ultimately have "∀p⇩1 ∈ set ps. dist p⇩0 (find_closest_bf p⇩0 (take 7 ps)) ≤ dist p⇩0 p⇩1"
using find_closest_bf_dist order.trans by blast
thus ?thesis .
qed
fun find_closest_pair_tm :: "(point * point) ⇒ point list ⇒ (point × point) tm" where
"find_closest_pair_tm (c⇩0, c⇩1) [] =1 return (c⇩0, c⇩1)"
| "find_closest_pair_tm (c⇩0, c⇩1) [_] =1 return (c⇩0, c⇩1)"
| "find_closest_pair_tm (c⇩0, c⇩1) (p⇩0 # ps) =1 (
do {
ps' <- take_tm 7 ps;
p⇩1 <- find_closest_bf_tm p⇩0 ps';
if dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1 then
find_closest_pair_tm (c⇩0, c⇩1) ps
else
find_closest_pair_tm (p⇩0, p⇩1) ps
}
)"
fun find_closest_pair :: "(point * point) ⇒ point list ⇒ (point * point)" where
"find_closest_pair (c⇩0, c⇩1) [] = (c⇩0, c⇩1)"
| "find_closest_pair (c⇩0, c⇩1) [_] = (c⇩0, c⇩1)"
| "find_closest_pair (c⇩0, c⇩1) (p⇩0 # ps) = (
let p⇩1 = find_closest_bf p⇩0 (take 7 ps) in
if dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1 then
find_closest_pair (c⇩0, c⇩1) ps
else
find_closest_pair (p⇩0, p⇩1) ps
)"
lemma find_closest_pair_eq_val_find_closest_pair_tm:
"val (find_closest_pair_tm (c⇩0, c⇩1) ps) = find_closest_pair (c⇩0, c⇩1) ps"
by (induction "(c⇩0, c⇩1)" ps arbitrary: c⇩0 c⇩1 rule: find_closest_pair.induct)
(auto simp: Let_def find_closest_bf_eq_val_find_closest_bf_tm take_eq_val_take_tm)
lemma find_closest_pair_set:
assumes "(C⇩0, C⇩1) = find_closest_pair (c⇩0, c⇩1) ps"
shows "(C⇩0 ∈ set ps ∧ C⇩1 ∈ set ps) ∨ (C⇩0 = c⇩0 ∧ C⇩1 = c⇩1)"
using assms
proof (induction "(c⇩0, c⇩1)" ps arbitrary: c⇩0 c⇩1 C⇩0 C⇩1 rule: find_closest_pair.induct)
case (3 c⇩0 c⇩1 p⇩0 p⇩2 ps)
define p⇩1 where p⇩1_def: "p⇩1 = find_closest_bf p⇩0 (take 7 (p⇩2 # ps))"
hence A: "p⇩1 ∈ set (p⇩2 # ps)"
using find_closest_bf_set[of "take 7 (p⇩2 # ps)"] in_set_takeD by fastforce
show ?case
proof (cases "dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1")
case True
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = find_closest_pair (c⇩0, c⇩1) (p⇩2 # ps)"
using prod.collapse by blast
note defs = p⇩1_def C'_def
hence "(C⇩0' ∈ set (p⇩2 # ps) ∧ C⇩1' ∈ set (p⇩2 # ps)) ∨ (C⇩0' = c⇩0 ∧ C⇩1' = c⇩1)"
using "3.hyps"(1) True p⇩1_def by blast
moreover have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs True "3.prems" apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by auto
next
case False
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = find_closest_pair (p⇩0, p⇩1) (p⇩2 # ps)"
using prod.collapse by blast
note defs = p⇩1_def C'_def
hence "(C⇩0' ∈ set (p⇩2 # ps) ∧ C⇩1' ∈ set (p⇩2 # ps)) ∨ (C⇩0' = p⇩0 ∧ C⇩1' = p⇩1)"
using "3.hyps"(2) p⇩1_def False by blast
moreover have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs False "3.prems" apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
using A by auto
qed
qed auto
lemma find_closest_pair_c0_ne_c1:
"c⇩0 ≠ c⇩1 ⟹ distinct ps ⟹ (C⇩0, C⇩1) = find_closest_pair (c⇩0, c⇩1) ps ⟹ C⇩0 ≠ C⇩1"
proof (induction "(c⇩0, c⇩1)" ps arbitrary: c⇩0 c⇩1 C⇩0 C⇩1 rule: find_closest_pair.induct)
case (3 c⇩0 c⇩1 p⇩0 p⇩2 ps)
define p⇩1 where p⇩1_def: "p⇩1 = find_closest_bf p⇩0 (take 7 (p⇩2 # ps))"
hence "p⇩1 ∈ set (p⇩2 # ps)"
using find_closest_bf_set[of "take 7 (p⇩2 # ps)"] in_set_takeD by fastforce
hence A: "p⇩0 ≠ p⇩1"
using "3.prems"(1,2) by auto
show ?case
proof (cases "dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1")
case True
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = find_closest_pair (c⇩0, c⇩1) (p⇩2 # ps)"
using prod.collapse by blast
note defs = p⇩1_def C'_def
hence "C⇩0' ≠ C⇩1'"
using "3.hyps"(1) "3.prems"(1,2) True p⇩1_def by simp
moreover have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs True "3.prems"(3) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
next
case False
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = find_closest_pair (p⇩0, p⇩1) (p⇩2 # ps)"
using prod.collapse by blast
note defs = p⇩1_def C'_def
hence "C⇩0' ≠ C⇩1'"
using "3.hyps"(2) "3.prems"(2) A False p⇩1_def by simp
moreover have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs False "3.prems"(3) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
qed
qed auto
lemma find_closest_pair_dist_mono:
assumes "(C⇩0, C⇩1) = find_closest_pair (c⇩0, c⇩1) ps"
shows "dist C⇩0 C⇩1 ≤ dist c⇩0 c⇩1"
using assms
proof (induction "(c⇩0, c⇩1)" ps arbitrary: c⇩0 c⇩1 C⇩0 C⇩1 rule: find_closest_pair.induct)
case (3 c⇩0 c⇩1 p⇩0 p⇩2 ps)
define p⇩1 where p⇩1_def: "p⇩1 = find_closest_bf p⇩0 (take 7 (p⇩2 # ps))"
show ?case
proof (cases "dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1")
case True
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = find_closest_pair (c⇩0, c⇩1) (p⇩2 # ps)"
using prod.collapse by blast
note defs = p⇩1_def C'_def
hence "dist C⇩0' C⇩1' ≤ dist c⇩0 c⇩1"
using "3.hyps"(1) True p⇩1_def by simp
moreover have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs True "3.prems" apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
next
case False
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = find_closest_pair (p⇩0, p⇩1) (p⇩2 # ps)"
using prod.collapse by blast
note defs = p⇩1_def C'_def
hence "dist C⇩0' C⇩1' ≤ dist p⇩0 p⇩1"
using "3.hyps"(2) False p⇩1_def by blast
moreover have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs False "3.prems"(1) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
using False by simp
qed
qed auto
lemma find_closest_pair_dist:
assumes "sorted_snd ps" "distinct ps" "set ps = ps⇩L ∪ ps⇩R" "0 ≤ δ"
assumes "∀p ∈ set ps. l - δ ≤ fst p ∧ fst p ≤ l + δ"
assumes "∀p ∈ ps⇩L. fst p ≤ l" "∀p ∈ ps⇩R. l ≤ fst p"
assumes "sparse δ ps⇩L" "sparse δ ps⇩R" "dist c⇩0 c⇩1 ≤ δ"
assumes "(C⇩0, C⇩1) = find_closest_pair (c⇩0, c⇩1) ps"
shows "sparse (dist C⇩0 C⇩1) (set ps)"
using assms
proof (induction "(c⇩0, c⇩1)" ps arbitrary: c⇩0 c⇩1 C⇩0 C⇩1 ps⇩L ps⇩R rule: find_closest_pair.induct)
case (1 c⇩0 c⇩1)
thus ?case unfolding sparse_def
by simp
next
case (2 c⇩0 c⇩1 uu)
thus ?case unfolding sparse_def
by (metis length_greater_0_conv length_pos_if_in_set set_ConsD)
next
case (3 c⇩0 c⇩1 p⇩0 p⇩2 ps)
define p⇩1 where p⇩1_def: "p⇩1 = find_closest_bf p⇩0 (take 7 (p⇩2 # ps))"
define PS⇩L where PS⇩L_def: "PS⇩L = ps⇩L - { p⇩0 }"
define PS⇩R where PS⇩R_def: "PS⇩R = ps⇩R - { p⇩0 }"
have assms: "sorted_snd (p⇩2 # ps)" "distinct (p⇩2 # ps)" "set (p⇩2 # ps) = PS⇩L ∪ PS⇩R"
"∀p ∈ set (p⇩2 # ps). l - δ ≤ (fst p) ∧ (fst p) ≤ l + δ"
"∀p ∈ PS⇩L. fst p ≤ l" "∀p ∈ PS⇩R. l ≤ fst p"
"sparse δ PS⇩L" "sparse δ PS⇩R"
using "3.prems"(1-9) sparse_def sorted_snd_def PS⇩L_def PS⇩R_def by auto
show ?case
proof cases
assume C1: "∃p ∈ set (p⇩2 # ps). dist p⇩0 p < δ"
hence A: "∀p ∈ set (p⇩2 # ps). dist p⇩0 p⇩1 ≤ dist p⇩0 p"
using p⇩1_def find_closest_bf_dist_take_7 "3.prems" by blast
hence B: "dist p⇩0 p⇩1 < δ"
using C1 by auto
show ?thesis
proof cases
assume C2: "dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1"
obtain C⇩0' C⇩1' where def: "(C⇩0', C⇩1') = find_closest_pair (c⇩0, c⇩1) (p⇩2 # ps)"
using prod.collapse by blast
hence "sparse (dist C⇩0' C⇩1') (set (p⇩2 # ps))"
using "3.hyps"(1)[of p⇩1 PS⇩L PS⇩R] C2 p⇩1_def "3.prems"(4,10) assms by blast
moreover have "dist C⇩0' C⇩1' ≤ dist c⇩0 c⇩1"
using def find_closest_pair_dist_mono by blast
ultimately have "sparse (dist C⇩0' C⇩1') (set (p⇩0 # p⇩2 # ps))"
using A C2 sparse_identity[of "dist C⇩0' C⇩1'" "p⇩2 # ps" p⇩0] by fastforce
moreover have "C⇩0' = C⇩0" "C⇩1' = C⇩1"
using def "3.prems"(11) C2 p⇩1_def apply (auto) by (metis prod.inject)+
ultimately show ?thesis
by simp
next
assume C2: "¬ dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1"
obtain C⇩0' C⇩1' where def: "(C⇩0', C⇩1') = find_closest_pair (p⇩0, p⇩1) (p⇩2 # ps)"
using prod.collapse by blast
hence "sparse (dist C⇩0' C⇩1') (set (p⇩2 # ps))"
using "3.hyps"(2)[of p⇩1 PS⇩L PS⇩R] C2 p⇩1_def "3.prems"(4) assms B by auto
moreover have "dist C⇩0' C⇩1' ≤ dist p⇩0 p⇩1"
using def find_closest_pair_dist_mono by blast
ultimately have "sparse (dist C⇩0' C⇩1') (set (p⇩0 # p⇩2 # ps))"
using A sparse_identity order_trans by blast
moreover have "C⇩0' = C⇩0" "C⇩1' = C⇩1"
using def "3.prems"(11) C2 p⇩1_def apply (auto) by (metis prod.inject)+
ultimately show ?thesis
by simp
qed
next
assume C1: "¬ (∃p ∈ set (p⇩2 # ps). dist p⇩0 p < δ)"
show ?thesis
proof cases
assume C2: "dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1"
obtain C⇩0' C⇩1' where def: "(C⇩0', C⇩1') = find_closest_pair (c⇩0, c⇩1) (p⇩2 # ps)"
using prod.collapse by blast
hence "sparse (dist C⇩0' C⇩1') (set (p⇩2 # ps))"
using "3.hyps"(1)[of p⇩1 PS⇩L PS⇩R] C2 p⇩1_def "3.prems"(4,10) assms by blast
moreover have "dist C⇩0' C⇩1' ≤ dist c⇩0 c⇩1"
using def find_closest_pair_dist_mono by blast
ultimately have "sparse (dist C⇩0' C⇩1') (set (p⇩0 # p⇩2 # ps))"
using "3.prems"(10) C1 sparse_identity[of "dist C⇩0' C⇩1'" "p⇩2 # ps" p⇩0] by force
moreover have "C⇩0' = C⇩0" "C⇩1' = C⇩1"
using def "3.prems"(11) C2 p⇩1_def apply (auto) by (metis prod.inject)+
ultimately show ?thesis
by simp
next
assume C2: "¬ dist c⇩0 c⇩1 ≤ dist p⇩0 p⇩1"
obtain C⇩0' C⇩1' where def: "(C⇩0', C⇩1') = find_closest_pair (p⇩0, p⇩1) (p⇩2 # ps)"
using prod.collapse by blast
hence "sparse (dist C⇩0' C⇩1') (set (p⇩2 # ps))"
using "3.hyps"(2)[of p⇩1 PS⇩L PS⇩R] C2 p⇩1_def "3.prems"(4,10) assms by auto
moreover have "dist C⇩0' C⇩1' ≤ dist p⇩0 p⇩1"
using def find_closest_pair_dist_mono by blast
ultimately have "sparse (dist C⇩0' C⇩1') (set (p⇩0 # p⇩2 # ps))"
using "3.prems"(10) C1 C2 sparse_identity[of "dist C⇩0' C⇩1'" "p⇩2 # ps" p⇩0] by force
moreover have "C⇩0' = C⇩0" "C⇩1' = C⇩1"
using def "3.prems"(11) C2 p⇩1_def apply (auto) by (metis prod.inject)+
ultimately show ?thesis
by simp
qed
qed
qed
declare find_closest_pair.simps [simp del]
fun combine_tm :: "(point × point) ⇒ (point × point) ⇒ int ⇒ point list ⇒ (point × point) tm" where
"combine_tm (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps =1 (
let (c⇩0, c⇩1) = if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R) in
do {
ps' <- filter_tm (λp. dist p (l, snd p) < dist c⇩0 c⇩1) ps;
find_closest_pair_tm (c⇩0, c⇩1) ps'
}
)"
fun combine :: "(point * point) ⇒ (point * point) ⇒ int ⇒ point list ⇒ (point * point)" where
"combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps = (
let (c⇩0, c⇩1) = if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R) in
let ps' = filter (λp. dist p (l, snd p) < dist c⇩0 c⇩1) ps in
find_closest_pair (c⇩0, c⇩1) ps'
)"
lemma combine_eq_val_combine_tm:
"val (combine_tm (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps) = combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps"
by (auto simp: filter_eq_val_filter_tm find_closest_pair_eq_val_find_closest_pair_tm)
lemma combine_set:
assumes "(c⇩0, c⇩1) = combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps"
shows "(c⇩0 ∈ set ps ∧ c⇩1 ∈ set ps) ∨ (c⇩0 = p⇩0⇩L ∧ c⇩1 = p⇩1⇩L) ∨ (c⇩0 = p⇩0⇩R ∧ c⇩1 = p⇩1⇩R)"
proof -
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = (if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R))"
by metis
define ps' where ps'_def: "ps' = filter (λp. dist p (l, snd p) < dist C⇩0' C⇩1') ps"
obtain C⇩0 C⇩1 where C_def: "(C⇩0, C⇩1) = find_closest_pair (C⇩0', C⇩1') ps'"
using prod.collapse by blast
note defs = C'_def ps'_def C_def
have "(C⇩0 ∈ set ps' ∧ C⇩1 ∈ set ps') ∨ (C⇩0 = C⇩0' ∧ C⇩1 = C⇩1')"
using C_def find_closest_pair_set by blast+
hence "(C⇩0 ∈ set ps ∧ C⇩1 ∈ set ps)∨ (C⇩0 = C⇩0' ∧ C⇩1 = C⇩1')"
using ps'_def by auto
moreover have "C⇩0 = c⇩0" "C⇩1 = c⇩1"
using assms defs apply (auto split: if_splits prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
using C'_def by (auto split: if_splits)
qed
lemma combine_c0_ne_c1:
assumes "p⇩0⇩L ≠ p⇩1⇩L" "p⇩0⇩R ≠ p⇩1⇩R" "distinct ps"
assumes "(c⇩0, c⇩1) = combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps"
shows "c⇩0 ≠ c⇩1"
proof -
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = (if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R))"
by metis
define ps' where ps'_def: "ps' = filter (λp. dist p (l, snd p) < dist C⇩0' C⇩1') ps"
obtain C⇩0 C⇩1 where C_def: "(C⇩0, C⇩1) = find_closest_pair (C⇩0', C⇩1') ps'"
using prod.collapse by blast
note defs = C'_def ps'_def C_def
have "C⇩0 ≠ C⇩1"
using defs find_closest_pair_c0_ne_c1[of C⇩0' C⇩1' ps'] assms by (auto split: if_splits)
moreover have "C⇩0 = c⇩0" "C⇩1 = c⇩1"
using assms defs apply (auto split: if_splits prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by blast
qed
lemma combine_dist:
assumes "distinct ps" "sorted_snd ps" "set ps = ps⇩L ∪ ps⇩R"
assumes "∀p ∈ ps⇩L. fst p ≤ l" "∀p ∈ ps⇩R. l ≤ fst p"
assumes "sparse (dist p⇩0⇩L p⇩1⇩L) ps⇩L" "sparse (dist p⇩0⇩R p⇩1⇩R) ps⇩R"
assumes "(c⇩0, c⇩1) = combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps"
shows "sparse (dist c⇩0 c⇩1) (set ps)"
proof -
obtain C⇩0' C⇩1' where C'_def: "(C⇩0', C⇩1') = (if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R))"
by metis
define ps' where ps'_def: "ps' = filter (λp. dist p (l, snd p) < dist C⇩0' C⇩1') ps"
define PS⇩L where PS⇩L_def: "PS⇩L = { p ∈ ps⇩L. dist p (l, snd p) < dist C⇩0' C⇩1' }"
define PS⇩R where PS⇩R_def: "PS⇩R = { p ∈ ps⇩R. dist p (l, snd p) < dist C⇩0' C⇩1' }"
obtain C⇩0 C⇩1 where C_def: "(C⇩0, C⇩1) = find_closest_pair (C⇩0', C⇩1') ps'"
using prod.collapse by blast
note defs = C'_def ps'_def PS⇩L_def PS⇩R_def C_def
have EQ: "C⇩0 = c⇩0" "C⇩1 = c⇩1"
using defs assms(8) apply (auto split: if_splits prod.splits) by (metis Pair_inject)+
have ps': "ps' = filter (λp. l - dist C⇩0' C⇩1' < fst p ∧ fst p < l + dist C⇩0' C⇩1') ps"
using ps'_def dist_transform by simp
have ps⇩L: "sparse (dist C⇩0' C⇩1') ps⇩L"
using assms(6,8) C'_def sparse_def apply (auto split: if_splits) by force+
hence PS⇩L: "sparse (dist C⇩0' C⇩1') PS⇩L"
using PS⇩L_def by (simp add: sparse_def)
have ps⇩R: "sparse (dist C⇩0' C⇩1') ps⇩R"
using assms(5,7) C'_def sparse_def apply (auto split: if_splits) by force+
hence PS⇩R: "sparse (dist C⇩0' C⇩1') PS⇩R"
using PS⇩R_def by (simp add: sparse_def)
have "sorted_snd ps'"
using ps'_def assms(2) sorted_snd_def sorted_wrt_filter by blast
moreover have "distinct ps'"
using ps'_def assms(1) distinct_filter by blast
moreover have "set ps' = PS⇩L ∪ PS⇩R "
using ps'_def PS⇩L_def PS⇩R_def assms(3) filter_Un by auto
moreover have "0 ≤ dist C⇩0' C⇩1'"
by simp
moreover have "∀p ∈ set ps'. l - dist C⇩0' C⇩1' ≤ fst p ∧ fst p ≤ l + dist C⇩0' C⇩1'"
using ps' by simp
ultimately have *: "sparse (dist C⇩0 C⇩1) (set ps')"
using find_closest_pair_dist[of ps' PS⇩L PS⇩R "dist C⇩0' C⇩1'" l C⇩0' C⇩1'] C_def PS⇩L PS⇩R
by (simp add: PS⇩L_def PS⇩R_def assms(4,5))
have "∀p⇩0 ∈ set ps. ∀p⇩1 ∈ set ps. p⇩0 ≠ p⇩1 ∧ dist p⇩0 p⇩1 < dist C⇩0' C⇩1' ⟶ p⇩0 ∈ set ps' ∧ p⇩1 ∈ set ps'"
using set_band_filter ps' ps⇩L ps⇩R assms(3,4,5) by blast
moreover have "dist C⇩0 C⇩1 ≤ dist C⇩0' C⇩1'"
using C_def find_closest_pair_dist_mono by blast
ultimately have "∀p⇩0 ∈ set ps. ∀p⇩1 ∈ set ps. p⇩0 ≠ p⇩1 ∧ dist p⇩0 p⇩1 < dist C⇩0 C⇩1 ⟶ p⇩0 ∈ set ps' ∧ p⇩1 ∈ set ps'"
by simp
hence "sparse (dist C⇩0 C⇩1) (set ps)"
using sparse_def * by (meson not_less)
thus ?thesis
using EQ by blast
qed
declare combine.simps [simp del]
declare combine_tm.simps [simp del]
subsubsection "Divide and Conquer Algorithm"
declare split_at_take_drop_conv [simp add]
function closest_pair_rec_tm :: "point list ⇒ (point list × point × point) tm" where
"closest_pair_rec_tm xs =1 (
do {
n <- length_tm xs;
if n ≤ 3 then
do {
ys <- mergesort_tm snd xs;
p <- closest_pair_bf_tm xs;
return (ys, p)
}
else
do {
(xs⇩L, xs⇩R) <- split_at_tm (n div 2) xs;
(ys⇩L, p⇩0⇩L, p⇩1⇩L) <- closest_pair_rec_tm xs⇩L;
(ys⇩R, p⇩0⇩R, p⇩1⇩R) <- closest_pair_rec_tm xs⇩R;
ys <- merge_tm snd ys⇩L ys⇩R;
(p⇩0, p⇩1) <- combine_tm (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) (fst (hd xs⇩R)) ys;
return (ys, p⇩0, p⇩1)
}
}
)"
by pat_completeness auto
termination closest_pair_rec_tm
by (relation "Wellfounded.measure (λxs. length xs)")
(auto simp add: length_eq_val_length_tm split_at_eq_val_split_at_tm)
function closest_pair_rec :: "point list ⇒ (point list * point * point)" where
"closest_pair_rec xs = (
let n = length xs in
if n ≤ 3 then
(mergesort snd xs, closest_pair_bf xs)
else
let (xs⇩L, xs⇩R) = split_at (n div 2) xs in
let (ys⇩L, p⇩0⇩L, p⇩1⇩L) = closest_pair_rec xs⇩L in
let (ys⇩R, p⇩0⇩R, p⇩1⇩R) = closest_pair_rec xs⇩R in
let ys = merge snd ys⇩L ys⇩R in
(ys, combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) (fst (hd xs⇩R)) ys)
)"
by pat_completeness auto
termination closest_pair_rec
by (relation "Wellfounded.measure (λxs. length xs)")
(auto simp: Let_def)
declare split_at_take_drop_conv [simp del]
lemma closest_pair_rec_simps:
assumes "n = length xs" "¬ (n ≤ 3)"
shows "closest_pair_rec xs = (
let (xs⇩L, xs⇩R) = split_at (n div 2) xs in
let (ys⇩L, p⇩0⇩L, p⇩1⇩L) = closest_pair_rec xs⇩L in
let (ys⇩R, p⇩0⇩R, p⇩1⇩R) = closest_pair_rec xs⇩R in
let ys = merge snd ys⇩L ys⇩R in
(ys, combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) (fst (hd xs⇩R)) ys)
)"
using assms by (auto simp: Let_def)
declare closest_pair_rec.simps [simp del]
lemma closest_pair_rec_eq_val_closest_pair_rec_tm:
"val (closest_pair_rec_tm xs) = closest_pair_rec xs"
proof (induction rule: length_induct)
case (1 xs)
define n where "n = length xs"
obtain xs⇩L xs⇩R where xs_def: "(xs⇩L, xs⇩R) = split_at (n div 2) xs"
by (metis surj_pair)
note defs = n_def xs_def
show ?case
proof cases
assume "n ≤ 3"
then show ?thesis
using defs
by (auto simp: length_eq_val_length_tm mergesort_eq_val_mergesort_tm
closest_pair_bf_eq_val_closest_pair_bf_tm closest_pair_rec.simps)
next
assume asm: "¬ n ≤ 3"
have "length xs⇩L < length xs" "length xs⇩R < length xs"
using asm defs by (auto simp: split_at_take_drop_conv)
hence "val (closest_pair_rec_tm xs⇩L) = closest_pair_rec xs⇩L"
"val (closest_pair_rec_tm xs⇩R) = closest_pair_rec xs⇩R"
using "1.IH" by blast+
thus ?thesis
using asm defs
apply (subst closest_pair_rec.simps, subst closest_pair_rec_tm.simps)
by (auto simp del: closest_pair_rec_tm.simps
simp add: Let_def length_eq_val_length_tm merge_eq_val_merge_tm
split_at_eq_val_split_at_tm combine_eq_val_combine_tm
split: prod.split)
qed
qed
lemma closest_pair_rec_set_length_sorted_snd:
assumes "(ys, p) = closest_pair_rec xs"
shows "set ys = set xs ∧ length ys = length xs ∧ sorted_snd ys"
using assms
proof (induction xs arbitrary: ys p rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
thus ?thesis using "1.prems" sorted_snd_def
by (auto simp: mergesort closest_pair_rec.simps)
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L P⇩L where YSP⇩L_def: "(YS⇩L, P⇩L) = closest_pair_rec XS⇩L"
using prod.collapse by blast
obtain YS⇩R P⇩R where YSP⇩R_def: "(YS⇩R, P⇩R) = closest_pair_rec XS⇩R"
using prod.collapse by blast
define YS where "YS = merge (λp. snd p) YS⇩L YS⇩R"
define P where "P = combine P⇩L P⇩R L YS"
note defs = XS⇩L⇩R_def L_def YSP⇩L_def YSP⇩R_def YS_def P_def
have "length XS⇩L < length xs" "length XS⇩R < length xs"
using False defs by (auto simp: split_at_take_drop_conv)
hence IH: "set XS⇩L = set YS⇩L" "set XS⇩R = set YS⇩R"
"length XS⇩L = length YS⇩L" "length XS⇩R = length YS⇩R"
"sorted_snd YS⇩L" "sorted_snd YS⇩R"
using "1.IH" defs by metis+
have "set xs = set XS⇩L ∪ set XS⇩R"
using defs by (auto simp: set_take_drop split_at_take_drop_conv)
hence SET: "set xs = set YS"
using set_merge IH(1,2) defs by fast
have "length xs = length XS⇩L + length XS⇩R"
using defs by (auto simp: split_at_take_drop_conv)
hence LENGTH: "length xs = length YS"
using IH(3,4) length_merge defs by metis
have SORTED: "sorted_snd YS"
using IH(5,6) by (simp add: defs sorted_snd_def sorted_merge)
have "(YS, P) = closest_pair_rec xs"
using False closest_pair_rec_simps defs by (auto simp: Let_def split: prod.split)
hence "(ys, p) = (YS, P)"
using "1.prems" by argo
thus ?thesis
using SET LENGTH SORTED by simp
qed
qed
lemma closest_pair_rec_distinct:
assumes "distinct xs" "(ys, p) = closest_pair_rec xs"
shows "distinct ys"
using assms
proof (induction xs arbitrary: ys p rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
thus ?thesis using "1.prems"
by (auto simp: mergesort closest_pair_rec.simps)
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L P⇩L where YSP⇩L_def: "(YS⇩L, P⇩L) = closest_pair_rec XS⇩L"
using prod.collapse by blast
obtain YS⇩R P⇩R where YSP⇩R_def: "(YS⇩R, P⇩R) = closest_pair_rec XS⇩R"
using prod.collapse by blast
define YS where "YS = merge (λp. snd p) YS⇩L YS⇩R"
define P where "P = combine P⇩L P⇩R L YS"
note defs = XS⇩L⇩R_def L_def YSP⇩L_def YSP⇩R_def YS_def P_def
have "length XS⇩L < length xs" "length XS⇩R < length xs"
using False defs by (auto simp: split_at_take_drop_conv)
moreover have "distinct XS⇩L" "distinct XS⇩R"
using "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
ultimately have IH: "distinct YS⇩L" "distinct YS⇩R"
using "1.IH" defs by blast+
have "set XS⇩L ∩ set XS⇩R = {}"
using "1.prems"(1) defs by (auto simp: split_at_take_drop_conv set_take_disj_set_drop_if_distinct)
moreover have "set XS⇩L = set YS⇩L" "set XS⇩R = set YS⇩R"
using closest_pair_rec_set_length_sorted_snd defs by blast+
ultimately have "set YS⇩L ∩ set YS⇩R = {}"
by blast
hence DISTINCT: "distinct YS"
using distinct_merge IH defs by blast
have "(YS, P) = closest_pair_rec xs"
using False closest_pair_rec_simps defs by (auto simp: Let_def split: prod.split)
hence "(ys, p) = (YS, P)"
using "1.prems" by argo
thus ?thesis
using DISTINCT by blast
qed
qed
lemma closest_pair_rec_c0_c1:
assumes "1 < length xs" "distinct xs" "(ys, c⇩0, c⇩1) = closest_pair_rec xs"
shows "c⇩0 ∈ set xs ∧ c⇩1 ∈ set xs ∧ c⇩0 ≠ c⇩1"
using assms
proof (induction xs arbitrary: ys c⇩0 c⇩1 rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
hence "(c⇩0, c⇩1) = closest_pair_bf xs"
using "1.prems"(3) closest_pair_rec.simps by simp
thus ?thesis
using "1.prems"(1,2) closest_pair_bf_c0_c1 by simp
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L C⇩0⇩L C⇩1⇩L where YSC⇩0⇩1⇩L_def: "(YS⇩L, C⇩0⇩L, C⇩1⇩L) = closest_pair_rec XS⇩L"
using prod.collapse by metis
obtain YS⇩R C⇩0⇩R C⇩1⇩R where YSC⇩0⇩1⇩R_def: "(YS⇩R, C⇩0⇩R, C⇩1⇩R) = closest_pair_rec XS⇩R"
using prod.collapse by metis
define YS where "YS = merge (λp. snd p) YS⇩L YS⇩R"
obtain C⇩0 C⇩1 where C⇩0⇩1_def: "(C⇩0, C⇩1) = combine (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) L YS"
using prod.collapse by metis
note defs = XS⇩L⇩R_def L_def YSC⇩0⇩1⇩L_def YSC⇩0⇩1⇩R_def YS_def C⇩0⇩1_def
have "1 < length XS⇩L" "length XS⇩L < length xs" "distinct XS⇩L"
using False "1.prems"(2) defs by (auto simp: split_at_take_drop_conv)
hence "C⇩0⇩L ∈ set XS⇩L" "C⇩1⇩L ∈ set XS⇩L" and IHL1: "C⇩0⇩L ≠ C⇩1⇩L"
using "1.IH" defs by metis+
hence IHL2: "C⇩0⇩L ∈ set xs" "C⇩1⇩L ∈ set xs"
using split_at_take_drop_conv in_set_takeD fst_conv defs by metis+
have "1 < length XS⇩R" "length XS⇩R < length xs" "distinct XS⇩R"
using False "1.prems"(2) defs by (auto simp: split_at_take_drop_conv)
hence "C⇩0⇩R ∈ set XS⇩R" "C⇩1⇩R ∈ set XS⇩R" and IHR1: "C⇩0⇩R ≠ C⇩1⇩R"
using "1.IH" defs by metis+
hence IHR2: "C⇩0⇩R ∈ set xs" "C⇩1⇩R ∈ set xs"
using split_at_take_drop_conv in_set_dropD snd_conv defs by metis+
have *: "(YS, C⇩0, C⇩1) = closest_pair_rec xs"
using False closest_pair_rec_simps defs by (auto simp: Let_def split: prod.split)
have YS: "set xs = set YS" "distinct YS"
using "1.prems"(2) closest_pair_rec_set_length_sorted_snd closest_pair_rec_distinct * by blast+
have "C⇩0 ∈ set xs" "C⇩1 ∈ set xs"
using combine_set IHL2 IHR2 YS defs by blast+
moreover have "C⇩0 ≠ C⇩1"
using combine_c0_ne_c1 IHL1(1) IHR1(1) YS defs by blast
ultimately show ?thesis
using "1.prems"(3) * by (metis Pair_inject)
qed
qed
lemma closest_pair_rec_dist:
assumes "1 < length xs" "distinct xs" "sorted_fst xs" "(ys, c⇩0, c⇩1) = closest_pair_rec xs"
shows "sparse (dist c⇩0 c⇩1) (set xs)"
using assms
proof (induction xs arbitrary: ys c⇩0 c⇩1 rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
hence "(c⇩0, c⇩1) = closest_pair_bf xs"
using "1.prems"(4) closest_pair_rec.simps by simp
thus ?thesis
using "1.prems"(1,4) closest_pair_bf_dist by metis
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L C⇩0⇩L C⇩1⇩L where YSC⇩0⇩1⇩L_def: "(YS⇩L, C⇩0⇩L, C⇩1⇩L) = closest_pair_rec XS⇩L"
using prod.collapse by metis
obtain YS⇩R C⇩0⇩R C⇩1⇩R where YSC⇩0⇩1⇩R_def: "(YS⇩R, C⇩0⇩R, C⇩1⇩R) = closest_pair_rec XS⇩R"
using prod.collapse by metis
define YS where "YS = merge (λp. snd p) YS⇩L YS⇩R"
obtain C⇩0 C⇩1 where C⇩0⇩1_def: "(C⇩0, C⇩1) = combine (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) L YS"
using prod.collapse by metis
note defs = XS⇩L⇩R_def L_def YSC⇩0⇩1⇩L_def YSC⇩0⇩1⇩R_def YS_def C⇩0⇩1_def
have XSLR: "XS⇩L = take (?n div 2) xs" "XS⇩R = drop (?n div 2) xs"
using defs by (auto simp: split_at_take_drop_conv)
have "1 < length XS⇩L" "length XS⇩L < length xs"
using False XSLR by simp_all
moreover have "distinct XS⇩L" "sorted_fst XS⇩L"
using "1.prems"(2,3) XSLR by (auto simp: sorted_fst_def sorted_wrt_take)
ultimately have L: "sparse (dist C⇩0⇩L C⇩1⇩L) (set XS⇩L)"
"set XS⇩L = set YS⇩L"
using 1 closest_pair_rec_set_length_sorted_snd closest_pair_rec_c0_c1
YSC⇩0⇩1⇩L_def by blast+
hence IHL: "sparse (dist C⇩0⇩L C⇩1⇩L) (set YS⇩L)"
by argo
have "1 < length XS⇩R" "length XS⇩R < length xs"
using False XSLR by simp_all
moreover have "distinct XS⇩R" "sorted_fst XS⇩R"
using "1.prems"(2,3) XSLR by (auto simp: sorted_fst_def sorted_wrt_drop)
ultimately have R: "sparse (dist C⇩0⇩R C⇩1⇩R) (set XS⇩R)"
"set XS⇩R = set YS⇩R"
using 1 closest_pair_rec_set_length_sorted_snd closest_pair_rec_c0_c1
YSC⇩0⇩1⇩R_def by blast+
hence IHR: "sparse (dist C⇩0⇩R C⇩1⇩R) (set YS⇩R)"
by argo
have *: "(YS, C⇩0, C⇩1) = closest_pair_rec xs"
using False closest_pair_rec_simps defs by (auto simp: Let_def split: prod.split)
have "set xs = set YS" "distinct YS" "sorted_snd YS"
using "1.prems"(2) closest_pair_rec_set_length_sorted_snd closest_pair_rec_distinct * by blast+
moreover have "∀p ∈ set YS⇩L. fst p ≤ L"
using False "1.prems"(3) XSLR L_def L(2) sorted_fst_take_less_hd_drop by simp
moreover have "∀p ∈ set YS⇩R. L ≤ fst p"
using False "1.prems"(3) XSLR L_def R(2) sorted_fst_hd_drop_less_drop by simp
moreover have "set YS = set YS⇩L ∪ set YS⇩R"
using set_merge defs by fast
moreover have "(C⇩0, C⇩1) = combine (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) L YS"
by (auto simp add: defs)
ultimately have "sparse (dist C⇩0 C⇩1) (set xs)"
using combine_dist IHL IHR by auto
moreover have "(YS, C⇩0, C⇩1) = (ys, c⇩0, c⇩1)"
using "1.prems"(4) * by simp
ultimately show ?thesis
by blast
qed
qed
fun closest_pair_tm :: "point list ⇒ (point * point) tm" where
"closest_pair_tm [] =1 return undefined"
| "closest_pair_tm [_] =1 return undefined"
| "closest_pair_tm ps =1 (
do {
xs <- mergesort_tm fst ps;
(_, p) <- closest_pair_rec_tm xs;
return p
}
)"
fun closest_pair :: "point list ⇒ (point * point)" where
"closest_pair [] = undefined"
| "closest_pair [_] = undefined"
| "closest_pair ps = (let (_, c⇩0, c⇩1) = closest_pair_rec (mergesort fst ps) in (c⇩0, c⇩1))"
lemma closest_pair_eq_val_closest_pair_tm:
"val (closest_pair_tm ps) = closest_pair ps"
by (induction ps rule: induct_list012)
(auto simp del: closest_pair_rec_tm.simps mergesort_tm.simps
simp add: closest_pair_rec_eq_val_closest_pair_rec_tm mergesort_eq_val_mergesort_tm
split: prod.split)
lemma closest_pair_simps:
"1 < length ps ⟹ closest_pair ps = (let (_, c⇩0, c⇩1) = closest_pair_rec (mergesort fst ps) in (c⇩0, c⇩1))"
by (induction ps rule: induct_list012) auto
declare closest_pair.simps [simp del]
theorem closest_pair_c0_c1:
assumes "1 < length ps" "distinct ps" "(c⇩0, c⇩1) = closest_pair ps"
shows "c⇩0 ∈ set ps" "c⇩1 ∈ set ps" "c⇩0 ≠ c⇩1"
using assms closest_pair_rec_c0_c1[of "mergesort fst ps"]
by (auto simp: mergesort closest_pair_simps split: prod.splits)
theorem closest_pair_dist:
assumes "1 < length ps" "distinct ps" "(c⇩0, c⇩1) = closest_pair ps"
shows "sparse (dist c⇩0 c⇩1) (set ps)"
using assms closest_pair_rec_dist[of "mergesort fst ps"] closest_pair_rec_c0_c1[of "mergesort fst ps"]
by (auto simp: sorted_fst_def mergesort closest_pair_simps split: prod.splits)
subsection "Time Complexity Proof"
subsubsection "Combine Step"
lemma time_find_closest_pair_tm:
"time (find_closest_pair_tm (c⇩0, c⇩1) ps) ≤ 17 * length ps + 1"
proof (induction ps rule: find_closest_pair_tm.induct)
case (3 c⇩0 c⇩1 p⇩0 p⇩2 ps)
let ?ps = "p⇩2 # ps"
let ?p⇩1 = "val (find_closest_bf_tm p⇩0 (val (take_tm 7 ?ps)))"
have *: "length (val (take_tm 7 ?ps)) ≤ 7"
by (subst take_eq_val_take_tm, simp)
show ?case
proof cases
assume C1: "dist c⇩0 c⇩1 ≤ dist p⇩0 ?p⇩1"
hence "time (find_closest_pair_tm (c⇩0, c⇩1) (p⇩0 # ?ps)) = 1 + time (take_tm 7 ?ps) +
time (find_closest_bf_tm p⇩0 (val (take_tm 7 ?ps))) + time (find_closest_pair_tm (c⇩0, c⇩1) ?ps)"
by (auto simp: time_simps)
also have "... ≤ 17 + time (find_closest_pair_tm (c⇩0, c⇩1) ?ps)"
using time_take_tm[of 7 ?ps] time_find_closest_bf_tm[of p⇩0 "val (take_tm 7 ?ps)"] * by auto
also have "... ≤ 17 + 17 * (length ?ps) + 1"
using "3.IH"(1) C1 by simp
also have "... = 17 * length (p⇩0 # ?ps) + 1"
by simp
finally show ?thesis .
next
assume C1: "¬ dist c⇩0 c⇩1 ≤ dist p⇩0 ?p⇩1"
hence "time (find_closest_pair_tm (c⇩0, c⇩1) (p⇩0 # ?ps)) = 1 + time (take_tm 7 ?ps) +
time (find_closest_bf_tm p⇩0 (val (take_tm 7 ?ps))) + time (find_closest_pair_tm (p⇩0, ?p⇩1) ?ps)"
by (auto simp: time_simps)
also have "... ≤ 17 + time (find_closest_pair_tm (p⇩0, ?p⇩1) ?ps)"
using time_take_tm[of 7 ?ps] time_find_closest_bf_tm[of p⇩0 "val (take_tm 7 ?ps)"] * by auto
also have "... ≤ 17 + 17 * (length ?ps) + 1"
using "3.IH"(2) C1 by simp
also have "... = 17 * length (p⇩0 # ?ps) + 1"
by simp
finally show ?thesis .
qed
qed (auto simp: time_simps)
lemma time_combine_tm:
fixes ps :: "point list"
shows "time (combine_tm (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps) ≤ 3 + 18 * length ps"
proof -
obtain c⇩0 c⇩1 where c_def:
"(c⇩0, c⇩1) = (if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R))" by metis
let ?P = "(λp. dist p (l, snd p) < dist c⇩0 c⇩1)"
define ps' where "ps' = val (filter_tm ?P ps)"
note defs = c_def ps'_def
hence "time (combine_tm (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps) = 1 + time (filter_tm ?P ps) +
time (find_closest_pair_tm (c⇩0, c⇩1) ps')"
by (auto simp: combine_tm.simps Let_def time_simps split: prod.split)
also have "... = 2 + length ps + time (find_closest_pair_tm (c⇩0, c⇩1) ps')"
using time_filter_tm by auto
also have "... ≤ 3 + length ps + 17 * length ps'"
using defs time_find_closest_pair_tm by simp
also have "... ≤ 3 + 18 * length ps"
unfolding ps'_def by (subst filter_eq_val_filter_tm, simp)
finally show ?thesis
by blast
qed
subsubsection "Divide and Conquer Algorithm"
lemma time_closest_pair_rec_tm_simps_1:
assumes "length xs ≤ 3"
shows "time (closest_pair_rec_tm xs) = 1 + time (length_tm xs) + time (mergesort_tm snd xs) + time (closest_pair_bf_tm xs)"
using assms by (auto simp: time_simps length_eq_val_length_tm)
lemma time_closest_pair_rec_tm_simps_2:
assumes "¬ (length xs ≤ 3)"
shows "time (closest_pair_rec_tm xs) = 1 + (
let (xs⇩L, xs⇩R) = val (split_at_tm (length xs div 2) xs) in
let (ys⇩L, p⇩L) = val (closest_pair_rec_tm xs⇩L) in
let (ys⇩R, p⇩R) = val (closest_pair_rec_tm xs⇩R) in
let ys = val (merge_tm (λp. snd p) ys⇩L ys⇩R) in
time (length_tm xs) + time (split_at_tm (length xs div 2) xs) + time (closest_pair_rec_tm xs⇩L) +
time (closest_pair_rec_tm xs⇩R) + time (merge_tm (λp. snd p) ys⇩L ys⇩R) + time (combine_tm p⇩L p⇩R (fst (hd xs⇩R)) ys)
)"
using assms
apply (subst closest_pair_rec_tm.simps)
by (auto simp del: closest_pair_rec_tm.simps
simp add: time_simps length_eq_val_length_tm
split: prod.split)
function closest_pair_recurrence :: "nat ⇒ real" where
"n ≤ 3 ⟹ closest_pair_recurrence n = 3 + n + mergesort_recurrence n + n * n"
| "3 < n ⟹ closest_pair_recurrence n = 7 + 21 * n + closest_pair_recurrence (nat ⌊real n / 2⌋) +
closest_pair_recurrence (nat ⌈real n / 2⌉)"
by force simp_all
termination by akra_bazzi_termination simp_all
lemma closest_pair_recurrence_nonneg[simp]:
"0 ≤ closest_pair_recurrence n"
by (induction n rule: closest_pair_recurrence.induct) auto
lemma time_closest_pair_rec_conv_closest_pair_recurrence:
"time (closest_pair_rec_tm ps) ≤ closest_pair_recurrence (length ps)"
proof (induction ps rule: length_induct)
case (1 ps)
let ?n = "length ps"
show ?case
proof (cases "?n ≤ 3")
case True
hence "time (closest_pair_rec_tm ps) = 1 + time (length_tm ps) + time (mergesort_tm snd ps) + time (closest_pair_bf_tm ps)"
using time_closest_pair_rec_tm_simps_1 by simp
moreover have "closest_pair_recurrence ?n = 3 + ?n + mergesort_recurrence ?n + ?n * ?n"
using True by simp
moreover have "time (length_tm ps) ≤ 1 + ?n" "time (mergesort_tm snd ps) ≤ mergesort_recurrence ?n"
"time (closest_pair_bf_tm ps) ≤ 1 + ?n * ?n"
using time_length_tm[of ps] time_mergesort_conv_mergesort_recurrence[of snd ps] time_closest_pair_bf_tm[of ps] by auto
ultimately show ?thesis
by linarith
next
case False
obtain XS⇩L XS⇩R where XS_def: "(XS⇩L, XS⇩R) = val (split_at_tm (?n div 2) ps)"
using prod.collapse by blast
obtain YS⇩L C⇩0⇩L C⇩1⇩L where CP⇩L_def: "(YS⇩L, C⇩0⇩L, C⇩1⇩L) = val (closest_pair_rec_tm XS⇩L)"
using prod.collapse by metis
obtain YS⇩R C⇩0⇩R C⇩1⇩R where CP⇩R_def: "(YS⇩R, C⇩0⇩R, C⇩1⇩R) = val (closest_pair_rec_tm XS⇩R)"
using prod.collapse by metis
define YS where "YS = val (merge_tm (λp. snd p) YS⇩L YS⇩R)"
obtain C⇩0 C⇩1 where C⇩0⇩1_def: "(C⇩0, C⇩1) = val (combine_tm (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) (fst (hd XS⇩R)) YS)"
using prod.collapse by metis
note defs = XS_def CP⇩L_def CP⇩R_def YS_def C⇩0⇩1_def
have XSLR: "XS⇩L = take (?n div 2) ps" "XS⇩R = drop (?n div 2) ps"
using defs by (auto simp: split_at_take_drop_conv split_at_eq_val_split_at_tm)
hence "length XS⇩L = ?n div 2" "length XS⇩R = ?n - ?n div 2"
by simp_all
hence *: "(nat ⌊real ?n / 2⌋) = length XS⇩L" "(nat ⌈real ?n / 2⌉) = length XS⇩R"
by linarith+
have "length XS⇩L = length YS⇩L" "length XS⇩R = length YS⇩R"
using defs closest_pair_rec_set_length_sorted_snd closest_pair_rec_eq_val_closest_pair_rec_tm by metis+
hence L: "?n = length YS⇩L + length YS⇩R"
using defs XSLR by fastforce
have "1 < length XS⇩L" "length XS⇩L < length ps"
using False XSLR by simp_all
hence "time (closest_pair_rec_tm XS⇩L) ≤ closest_pair_recurrence (length XS⇩L)"
using "1.IH" by simp
hence IHL: "time (closest_pair_rec_tm XS⇩L) ≤ closest_pair_recurrence (nat ⌊real ?n / 2⌋)"
using * by simp
have "1 < length XS⇩R" "length XS⇩R < length ps"
using False XSLR by simp_all
hence "time (closest_pair_rec_tm XS⇩R) ≤ closest_pair_recurrence (length XS⇩R)"
using "1.IH" by simp
hence IHR: "time (closest_pair_rec_tm XS⇩R) ≤ closest_pair_recurrence (nat ⌈real ?n / 2⌉)"
using * by simp
have "(YS, C⇩0, C⇩1) = val (closest_pair_rec_tm ps)"
using False closest_pair_rec_simps defs by (auto simp: Let_def length_eq_val_length_tm split!: prod.split)
hence "length ps = length YS"
using closest_pair_rec_set_length_sorted_snd closest_pair_rec_eq_val_closest_pair_rec_tm by auto
hence combine_bound: "time (combine_tm (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) (fst (hd XS⇩R)) YS) ≤ 3 + 18 * ?n"
using time_combine_tm by simp
have "time (closest_pair_rec_tm ps) = 1 + time (length_tm ps) + time (split_at_tm (?n div 2) ps) +
time (closest_pair_rec_tm XS⇩L) + time (closest_pair_rec_tm XS⇩R) + time (merge_tm (λp. snd p) YS⇩L YS⇩R) +
time (combine_tm (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) (fst (hd XS⇩R)) YS)"
using time_closest_pair_rec_tm_simps_2[OF False] defs
by (auto simp del: closest_pair_rec_tm.simps simp add: Let_def split: prod.split)
also have "... ≤ 7 + 21 * ?n + time (closest_pair_rec_tm XS⇩L) + time (closest_pair_rec_tm XS⇩R)"
using time_merge_tm[of "(λp. snd p)" YS⇩L YS⇩R] L combine_bound by (simp add: time_length_tm time_split_at_tm)
also have "... ≤ 7 + 21 * ?n + closest_pair_recurrence (nat ⌊real ?n / 2⌋) +
closest_pair_recurrence (nat ⌈real ?n / 2⌉)"
using IHL IHR by simp
also have "... = closest_pair_recurrence (length ps)"
using False by simp
finally show ?thesis
by simp
qed
qed
theorem closest_pair_recurrence:
"closest_pair_recurrence ∈ Θ(λn. n * ln n)"
by (master_theorem) auto
theorem time_closest_pair_rec_bigo:
"(λxs. time (closest_pair_rec_tm xs)) ∈ O[length going_to at_top]((λn. n * ln n) o length)"
proof -
have 0: "⋀ps. time (closest_pair_rec_tm ps) ≤ (closest_pair_recurrence o length) ps"
unfolding comp_def using time_closest_pair_rec_conv_closest_pair_recurrence by auto
show ?thesis
using bigo_measure_trans[OF 0] bigthetaD1[OF closest_pair_recurrence] of_nat_0_le_iff by blast
qed
definition closest_pair_time :: "nat ⇒ real" where
"closest_pair_time n = 1 + mergesort_recurrence n + closest_pair_recurrence n"
lemma time_closest_pair_conv_closest_pair_recurrence:
"time (closest_pair_tm ps) ≤ closest_pair_time (length ps)"
unfolding closest_pair_time_def
proof (induction rule: induct_list012)
case (3 x y zs)
let ?ps = "x # y # zs"
define xs where "xs = val (mergesort_tm fst ?ps)"
have *: "length xs = length ?ps"
using xs_def mergesort(3)[of fst ?ps] mergesort_eq_val_mergesort_tm by metis
have "time (closest_pair_tm ?ps) = 1 + time (mergesort_tm fst ?ps) + time (closest_pair_rec_tm xs)"
using xs_def by (auto simp del: mergesort_tm.simps closest_pair_rec_tm.simps simp add: time_simps split: prod.split)
also have "... ≤ 1 + mergesort_recurrence (length ?ps) + time (closest_pair_rec_tm xs)"
using time_mergesort_conv_mergesort_recurrence[of fst ?ps] by simp
also have "... ≤ 1 + mergesort_recurrence (length ?ps) + closest_pair_recurrence (length ?ps)"
using time_closest_pair_rec_conv_closest_pair_recurrence[of xs] * by auto
finally show ?case
by blast
qed (auto simp: time_simps)
corollary closest_pair_time:
"closest_pair_time ∈ O(λn. n * ln n)"
unfolding closest_pair_time_def
using mergesort_recurrence closest_pair_recurrence sum_in_bigo(1) const_1_bigo_n_ln_n by blast
corollary time_closest_pair_bigo:
"(λps. time (closest_pair_tm ps)) ∈ O[length going_to at_top]((λn. n * ln n) o length)"
proof -
have 0: "⋀ps. time (closest_pair_tm ps) ≤ (closest_pair_time o length) ps"
unfolding comp_def using time_closest_pair_conv_closest_pair_recurrence by auto
show ?thesis
using bigo_measure_trans[OF 0] closest_pair_time by simp
qed
subsection "Code Export"
subsubsection "Combine Step"
fun find_closest_pair_code :: "(int * point * point) ⇒ point list ⇒ (int * point * point)" where
"find_closest_pair_code (δ, c⇩0, c⇩1) [] = (δ, c⇩0, c⇩1)"
| "find_closest_pair_code (δ, c⇩0, c⇩1) [p] = (δ, c⇩0, c⇩1)"
| "find_closest_pair_code (δ, c⇩0, c⇩1) (p⇩0 # ps) = (
let (δ', p⇩1) = find_closest_bf_code p⇩0 (take 7 ps) in
if δ ≤ δ' then
find_closest_pair_code (δ, c⇩0, c⇩1) ps
else
find_closest_pair_code (δ', p⇩0, p⇩1) ps
)"
lemma find_closest_pair_code_dist_eq:
assumes "δ = dist_code c⇩0 c⇩1" "(Δ, C⇩0, C⇩1) = find_closest_pair_code (δ, c⇩0, c⇩1) ps"
shows "Δ = dist_code C⇩0 C⇩1"
using assms
proof (induction "(δ, c⇩0, c⇩1)" ps arbitrary: δ c⇩0 c⇩1 Δ C⇩0 C⇩1 rule: find_closest_pair_code.induct)
case (3 δ c⇩0 c⇩1 p⇩0 p⇩2 ps)
obtain δ' p⇩1 where δ'_def: "(δ', p⇩1) = find_closest_bf_code p⇩0 (take 7 (p⇩2 # ps))"
by (metis surj_pair)
hence A: "δ' = dist_code p⇩0 p⇩1"
using find_closest_bf_code_dist_eq[of "take 7 (p⇩2 # ps)"] by simp
show ?case
proof (cases "δ ≤ δ'")
case True
obtain Δ' C⇩0' C⇩1' where Δ'_def: "(Δ', C⇩0', C⇩1') = find_closest_pair_code (δ, c⇩0, c⇩1) (p⇩2 # ps)"
by (metis prod_cases4)
note defs = δ'_def Δ'_def
hence "Δ' = dist_code C⇩0' C⇩1'"
using "3.hyps"(1)[of "(δ', p⇩1)" δ' p⇩1] "3.prems"(1) True δ'_def by blast
moreover have "Δ = Δ'" "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs True "3.prems"(2) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
next
case False
obtain Δ' C⇩0' C⇩1' where Δ'_def: "(Δ', C⇩0', C⇩1') = find_closest_pair_code (δ', p⇩0, p⇩1) (p⇩2 # ps)"
by (metis prod_cases4)
note defs = δ'_def Δ'_def
hence "Δ' = dist_code C⇩0' C⇩1'"
using "3.hyps"(2)[of "(δ', p⇩1)" δ' p⇩1] A False δ'_def by blast
moreover have "Δ = Δ'" "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using defs False "3.prems"(2) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
qed
qed auto
declare find_closest_pair.simps [simp add]
lemma find_closest_pair_code_eq:
assumes "δ = dist c⇩0 c⇩1" "δ' = dist_code c⇩0 c⇩1"
assumes "(C⇩0, C⇩1) = find_closest_pair (c⇩0, c⇩1) ps"
assumes "(Δ', C⇩0', C⇩1') = find_closest_pair_code (δ', c⇩0, c⇩1) ps"
shows "C⇩0 = C⇩0' ∧ C⇩1 = C⇩1'"
using assms
proof (induction "(c⇩0, c⇩1)" ps arbitrary: δ δ' c⇩0 c⇩1 C⇩0 C⇩1 Δ' C⇩0' C⇩1' rule: find_closest_pair.induct)
case (3 c⇩0 c⇩1 p⇩0 p⇩2 ps)
obtain p⇩1 δ⇩p' p⇩1' where δ⇩p_def: "p⇩1 = find_closest_bf p⇩0 (take 7 (p⇩2 # ps))"
"(δ⇩p', p⇩1') = find_closest_bf_code p⇩0 (take 7 (p⇩2 # ps))"
by (metis surj_pair)
hence A: "δ⇩p' = dist_code p⇩0 p⇩1'"
using find_closest_bf_code_dist_eq[of "take 7 (p⇩2 # ps)"] by simp
have B: "p⇩1 = p⇩1'"
using "3.prems"(1,2,3) δ⇩p_def find_closest_bf_code_eq by auto
show ?case
proof (cases "δ ≤ dist p⇩0 p⇩1")
case True
hence C: "δ' ≤ δ⇩p'"
by (simp add: "3.prems"(1,2) A B dist_eq_dist_code_le)
obtain C⇩0⇩i C⇩1⇩i Δ⇩i' C⇩0⇩i' C⇩1⇩i' where Δ⇩i_def:
"(C⇩0⇩i, C⇩1⇩i) = find_closest_pair (c⇩0, c⇩1) (p⇩2 # ps)"
"(Δ⇩i', C⇩0⇩i', C⇩1⇩i') = find_closest_pair_code (δ', c⇩0, c⇩1) (p⇩2 # ps)"
by (metis prod_cases3)
note defs = δ⇩p_def Δ⇩i_def
have "C⇩0⇩i = C⇩0⇩i' ∧ C⇩1⇩i = C⇩1⇩i'"
using "3.hyps"(1)[of p⇩1] "3.prems" True defs by blast
moreover have "C⇩0 = C⇩0⇩i" "C⇩1 = C⇩1⇩i"
using defs(1,3) True "3.prems"(1,3) apply (auto split: prod.splits) by (metis Pair_inject)+
moreover have "Δ' = Δ⇩i'" "C⇩0' = C⇩0⇩i'" "C⇩1' = C⇩1⇩i'"
using defs(2,4) C "3.prems"(4) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
next
case False
hence C: "¬ δ' ≤ δ⇩p'"
by (simp add: "3.prems"(1,2) A B dist_eq_dist_code_le)
obtain C⇩0⇩i C⇩1⇩i Δ⇩i' C⇩0⇩i' C⇩1⇩i' where Δ⇩i_def:
"(C⇩0⇩i, C⇩1⇩i) = find_closest_pair (p⇩0, p⇩1) (p⇩2 # ps)"
"(Δ⇩i', C⇩0⇩i', C⇩1⇩i') = find_closest_pair_code (δ⇩p', p⇩0, p⇩1') (p⇩2 # ps)"
by (metis prod_cases3)
note defs = δ⇩p_def Δ⇩i_def
have "C⇩0⇩i = C⇩0⇩i' ∧ C⇩1⇩i = C⇩1⇩i'"
using "3.prems" "3.hyps"(2)[of p⇩1] A B False defs by blast
moreover have "C⇩0 = C⇩0⇩i" "C⇩1 = C⇩1⇩i"
using defs(1,3) False "3.prems"(1,3) apply (auto split: prod.splits) by (metis Pair_inject)+
moreover have "Δ' = Δ⇩i'" "C⇩0' = C⇩0⇩i'" "C⇩1' = C⇩1⇩i'"
using defs(2,4) C "3.prems"(4) apply (auto split: prod.splits) by (metis Pair_inject)+
ultimately show ?thesis
by simp
qed
qed auto
fun combine_code :: "(int * point * point) ⇒ (int * point * point) ⇒ int ⇒ point list ⇒ (int * point * point)" where
"combine_code (δ⇩L, p⇩0⇩L, p⇩1⇩L) (δ⇩R, p⇩0⇩R, p⇩1⇩R) l ps = (
let (δ, c⇩0, c⇩1) = if δ⇩L < δ⇩R then (δ⇩L, p⇩0⇩L, p⇩1⇩L) else (δ⇩R, p⇩0⇩R, p⇩1⇩R) in
let ps' = filter (λp. (fst p - l)⇧2 < δ) ps in
find_closest_pair_code (δ, c⇩0, c⇩1) ps'
)"
lemma combine_code_dist_eq:
assumes "δ⇩L = dist_code p⇩0⇩L p⇩1⇩L" "δ⇩R = dist_code p⇩0⇩R p⇩1⇩R"
assumes "(δ, c⇩0, c⇩1) = combine_code (δ⇩L, p⇩0⇩L, p⇩1⇩L) (δ⇩R, p⇩0⇩R, p⇩1⇩R) l ps"
shows "δ = dist_code c⇩0 c⇩1"
using assms by (auto simp: find_closest_pair_code_dist_eq split: if_splits)
lemma combine_code_eq:
assumes "δ⇩L' = dist_code p⇩0⇩L p⇩1⇩L" "δ⇩R' = dist_code p⇩0⇩R p⇩1⇩R"
assumes "(c⇩0, c⇩1) = combine (p⇩0⇩L, p⇩1⇩L) (p⇩0⇩R, p⇩1⇩R) l ps"
assumes "(δ', c⇩0', c⇩1') = combine_code (δ⇩L', p⇩0⇩L, p⇩1⇩L) (δ⇩R', p⇩0⇩R, p⇩1⇩R) l ps"
shows "c⇩0 = c⇩0' ∧ c⇩1 = c⇩1'"
proof -
obtain C⇩0⇩i C⇩1⇩i Δ⇩i' C⇩0⇩i' C⇩1⇩i' where Δ⇩i_def:
"(C⇩0⇩i, C⇩1⇩i) = (if dist p⇩0⇩L p⇩1⇩L < dist p⇩0⇩R p⇩1⇩R then (p⇩0⇩L, p⇩1⇩L) else (p⇩0⇩R, p⇩1⇩R))"
"(Δ⇩i', C⇩0⇩i', C⇩1⇩i') = (if δ⇩L' < δ⇩R' then (δ⇩L', p⇩0⇩L, p⇩1⇩L) else (δ⇩R', p⇩0⇩R, p⇩1⇩R))"
by metis
define ps' ps'' where ps'_def:
"ps' = filter (λp. dist p (l, snd p) < dist C⇩0⇩i C⇩1⇩i) ps"
"ps'' = filter (λp. (fst p - l)⇧2 < Δ⇩i') ps"
obtain C⇩0 C⇩1 Δ' C⇩0' C⇩1' where Δ_def:
"(C⇩0, C⇩1) = find_closest_pair (C⇩0⇩i, C⇩1⇩i) ps'"
"(Δ', C⇩0', C⇩1') = find_closest_pair_code (Δ⇩i', C⇩0⇩i', C⇩1⇩i') ps''"
by (metis prod_cases3)
note defs = Δ⇩i_def ps'_def Δ_def
have *: "C⇩0⇩i = C⇩0⇩i'" "C⇩1⇩i = C⇩1⇩i'" "Δ⇩i' = dist_code C⇩0⇩i' C⇩1⇩i'"
using Δ⇩i_def assms(1,2,3,4) dist_eq_dist_code_lt by (auto split: if_splits)
hence "⋀p. ¦fst p - l¦ < dist C⇩0⇩i C⇩1⇩i ⟷ (fst p - l)⇧2 < Δ⇩i'"
using dist_eq_dist_code_abs_lt by (metis (mono_tags) of_int_abs)
hence "ps' = ps''"
using ps'_def dist_fst_abs by auto
hence "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using * find_closest_pair_code_eq Δ_def by blast+
moreover have "C⇩0 = c⇩0" "C⇩1 = c⇩1"
using assms(3) defs(1,3,5) apply (auto simp: combine.simps split: prod.splits) by (metis Pair_inject)+
moreover have "C⇩0' = c⇩0'" "C⇩1' = c⇩1'"
using assms(4) defs(2,4,6) apply (auto split: prod.splits) by (metis prod.inject)+
ultimately show ?thesis
by blast
qed
subsubsection "Divide and Conquer Algorithm"
function closest_pair_rec_code :: "point list ⇒ (point list * int * point * point)" where
"closest_pair_rec_code xs = (
let n = length xs in
if n ≤ 3 then
(mergesort snd xs, closest_pair_bf_code xs)
else
let (xs⇩L, xs⇩R) = split_at (n div 2) xs in
let l = fst (hd xs⇩R) in
let (ys⇩L, p⇩L) = closest_pair_rec_code xs⇩L in
let (ys⇩R, p⇩R) = closest_pair_rec_code xs⇩R in
let ys = merge snd ys⇩L ys⇩R in
(ys, combine_code p⇩L p⇩R l ys)
)"
by pat_completeness auto
termination closest_pair_rec_code
by (relation "Wellfounded.measure (λxs. length xs)")
(auto simp: split_at_take_drop_conv Let_def)
lemma closest_pair_rec_code_simps:
assumes "n = length xs" "¬ (n ≤ 3)"
shows "closest_pair_rec_code xs = (
let (xs⇩L, xs⇩R) = split_at (n div 2) xs in
let l = fst (hd xs⇩R) in
let (ys⇩L, p⇩L) = closest_pair_rec_code xs⇩L in
let (ys⇩R, p⇩R) = closest_pair_rec_code xs⇩R in
let ys = merge snd ys⇩L ys⇩R in
(ys, combine_code p⇩L p⇩R l ys)
)"
using assms by (auto simp: Let_def)
declare combine.simps combine_code.simps closest_pair_rec_code.simps [simp del]
lemma closest_pair_rec_code_dist_eq:
assumes "1 < length xs" "(ys, δ, c⇩0, c⇩1) = closest_pair_rec_code xs"
shows "δ = dist_code c⇩0 c⇩1"
using assms
proof (induction xs arbitrary: ys δ c⇩0 c⇩1 rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
hence "(δ, c⇩0, c⇩1) = closest_pair_bf_code xs"
using "1.prems"(2) closest_pair_rec_code.simps by simp
thus ?thesis
using "1.prems"(1) closest_pair_bf_code_dist_eq by simp
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L Δ⇩L C⇩0⇩L C⇩1⇩L where YSC⇩0⇩1⇩L_def: "(YS⇩L, Δ⇩L, C⇩0⇩L, C⇩1⇩L) = closest_pair_rec_code XS⇩L"
using prod.collapse by metis
obtain YS⇩R Δ⇩R C⇩0⇩R C⇩1⇩R where YSC⇩0⇩1⇩R_def: "(YS⇩R, Δ⇩R, C⇩0⇩R, C⇩1⇩R) = closest_pair_rec_code XS⇩R"
using prod.collapse by metis
define YS where "YS = merge (λp. snd p) YS⇩L YS⇩R"
obtain Δ C⇩0 C⇩1 where C⇩0⇩1_def: "(Δ, C⇩0, C⇩1) = combine_code (Δ⇩L, C⇩0⇩L, C⇩1⇩L) (Δ⇩R, C⇩0⇩R, C⇩1⇩R) L YS"
using prod.collapse by metis
note defs = XS⇩L⇩R_def L_def YSC⇩0⇩1⇩L_def YSC⇩0⇩1⇩R_def YS_def C⇩0⇩1_def
have "1 < length XS⇩L" "length XS⇩L < length xs"
using False "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
hence IHL: "Δ⇩L = dist_code C⇩0⇩L C⇩1⇩L"
using "1.IH" defs by metis+
have "1 < length XS⇩R" "length XS⇩R < length xs"
using False "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
hence IHR: "Δ⇩R = dist_code C⇩0⇩R C⇩1⇩R"
using "1.IH" defs by metis+
have *: "(YS, Δ, C⇩0, C⇩1) = closest_pair_rec_code xs"
using False closest_pair_rec_code_simps defs by (auto simp: Let_def split: prod.split)
moreover have "Δ = dist_code C⇩0 C⇩1"
using combine_code_dist_eq IHL IHR C⇩0⇩1_def by blast
ultimately show ?thesis
using "1.prems"(2) * by (metis Pair_inject)
qed
qed
lemma closest_pair_rec_ys_eq:
assumes "1 < length xs"
assumes "(ys, c⇩0, c⇩1) = closest_pair_rec xs"
assumes "(ys', δ', c⇩0', c⇩1') = closest_pair_rec_code xs"
shows "ys = ys'"
using assms
proof (induction xs arbitrary: ys c⇩0 c⇩1 ys' δ' c⇩0' c⇩1' rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
hence "ys = mergesort snd xs"
using "1.prems"(2) closest_pair_rec.simps by simp
moreover have "ys' = mergesort snd xs"
using "1.prems"(3) closest_pair_rec_code.simps by (simp add: True)
ultimately show ?thesis
using "1.prems"(1) by simp
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L C⇩0⇩L C⇩1⇩L YS⇩L' Δ⇩L' C⇩0⇩L' C⇩1⇩L' where YSC⇩0⇩1⇩L_def:
"(YS⇩L, C⇩0⇩L, C⇩1⇩L) = closest_pair_rec XS⇩L"
"(YS⇩L', Δ⇩L', C⇩0⇩L', C⇩1⇩L') = closest_pair_rec_code XS⇩L"
using prod.collapse by metis
obtain YS⇩R C⇩0⇩R C⇩1⇩R YS⇩R' Δ⇩R' C⇩0⇩R' C⇩1⇩R' where YSC⇩0⇩1⇩R_def:
"(YS⇩R, C⇩0⇩R, C⇩1⇩R) = closest_pair_rec XS⇩R"
"(YS⇩R', Δ⇩R', C⇩0⇩R', C⇩1⇩R') = closest_pair_rec_code XS⇩R"
using prod.collapse by metis
define YS YS' where YS_def:
"YS = merge (λp. snd p) YS⇩L YS⇩R"
"YS' = merge (λp. snd p) YS⇩L' YS⇩R'"
obtain C⇩0 C⇩1 Δ' C⇩0' C⇩1' where C⇩0⇩1_def:
"(C⇩0, C⇩1) = combine (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) L YS"
"(Δ', C⇩0', C⇩1') = combine_code (Δ⇩L', C⇩0⇩L', C⇩1⇩L') (Δ⇩R', C⇩0⇩R', C⇩1⇩R') L YS'"
using prod.collapse by metis
note defs = XS⇩L⇩R_def L_def YSC⇩0⇩1⇩L_def YSC⇩0⇩1⇩R_def YS_def C⇩0⇩1_def
have "1 < length XS⇩L" "length XS⇩L < length xs"
using False "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
hence IHL: "YS⇩L = YS⇩L'"
using "1.IH" defs by metis
have "1 < length XS⇩R" "length XS⇩R < length xs"
using False "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
hence IHR: "YS⇩R = YS⇩R'"
using "1.IH" defs by metis
have "(YS, C⇩0, C⇩1) = closest_pair_rec xs"
using False closest_pair_rec_simps defs(1,2,3,5,7,9)
by (auto simp: Let_def split: prod.split)
moreover have "(YS', Δ', C⇩0', C⇩1') = closest_pair_rec_code xs"
using False closest_pair_rec_code_simps defs(1,2,4,6,8,10)
by (auto simp: Let_def split: prod.split)
moreover have "YS = YS'"
using IHL IHR YS_def by simp
ultimately show ?thesis
by (metis "1.prems"(2,3) Pair_inject)
qed
qed
lemma closest_pair_rec_code_eq:
assumes "1 < length xs"
assumes "(ys, c⇩0, c⇩1) = closest_pair_rec xs"
assumes "(ys', δ', c⇩0', c⇩1') = closest_pair_rec_code xs"
shows "c⇩0 = c⇩0' ∧ c⇩1 = c⇩1'"
using assms
proof (induction xs arbitrary: ys c⇩0 c⇩1 ys' δ' c⇩0' c⇩1' rule: length_induct)
case (1 xs)
let ?n = "length xs"
show ?case
proof (cases "?n ≤ 3")
case True
hence "(c⇩0, c⇩1) = closest_pair_bf xs"
using "1.prems"(2) closest_pair_rec.simps by simp
moreover have "(δ', c⇩0', c⇩1') = closest_pair_bf_code xs"
using "1.prems"(3) closest_pair_rec_code.simps by (simp add: True)
ultimately show ?thesis
using "1.prems"(1) closest_pair_bf_code_eq by simp
next
case False
obtain XS⇩L XS⇩R where XS⇩L⇩R_def: "(XS⇩L, XS⇩R) = split_at (?n div 2) xs"
using prod.collapse by blast
define L where "L = fst (hd XS⇩R)"
obtain YS⇩L C⇩0⇩L C⇩1⇩L YS⇩L' Δ⇩L' C⇩0⇩L' C⇩1⇩L' where YSC⇩0⇩1⇩L_def:
"(YS⇩L, C⇩0⇩L, C⇩1⇩L) = closest_pair_rec XS⇩L"
"(YS⇩L', Δ⇩L', C⇩0⇩L', C⇩1⇩L') = closest_pair_rec_code XS⇩L"
using prod.collapse by metis
obtain YS⇩R C⇩0⇩R C⇩1⇩R YS⇩R' Δ⇩R' C⇩0⇩R' C⇩1⇩R' where YSC⇩0⇩1⇩R_def:
"(YS⇩R, C⇩0⇩R, C⇩1⇩R) = closest_pair_rec XS⇩R"
"(YS⇩R', Δ⇩R', C⇩0⇩R', C⇩1⇩R') = closest_pair_rec_code XS⇩R"
using prod.collapse by metis
define YS YS' where YS_def:
"YS = merge (λp. snd p) YS⇩L YS⇩R"
"YS' = merge (λp. snd p) YS⇩L' YS⇩R'"
obtain C⇩0 C⇩1 Δ' C⇩0' C⇩1' where C⇩0⇩1_def:
"(C⇩0, C⇩1) = combine (C⇩0⇩L, C⇩1⇩L) (C⇩0⇩R, C⇩1⇩R) L YS"
"(Δ', C⇩0', C⇩1') = combine_code (Δ⇩L', C⇩0⇩L', C⇩1⇩L') (Δ⇩R', C⇩0⇩R', C⇩1⇩R') L YS'"
using prod.collapse by metis
note defs = XS⇩L⇩R_def L_def YSC⇩0⇩1⇩L_def YSC⇩0⇩1⇩R_def YS_def C⇩0⇩1_def
have "1 < length XS⇩L" "length XS⇩L < length xs"
using False "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
hence IHL: "C⇩0⇩L = C⇩0⇩L'" "C⇩1⇩L = C⇩1⇩L'"
using "1.IH" defs by metis+
have "1 < length XS⇩R" "length XS⇩R < length xs"
using False "1.prems"(1) defs by (auto simp: split_at_take_drop_conv)
hence IHR: "C⇩0⇩R = C⇩0⇩R'" "C⇩1⇩R = C⇩1⇩R'"
using "1.IH" defs by metis+
have "YS = YS'"
using defs ‹1 < length XS⇩L› ‹1 < length XS⇩R› closest_pair_rec_ys_eq by blast
moreover have "Δ⇩L' = dist_code C⇩0⇩L' C⇩1⇩L'" "Δ⇩R' = dist_code C⇩0⇩R' C⇩1⇩R'"
using defs ‹1 < length XS⇩L› ‹1 < length XS⇩R› closest_pair_rec_code_dist_eq by blast+
ultimately have "C⇩0 = C⇩0'" "C⇩1 = C⇩1'"
using combine_code_eq IHL IHR C⇩0⇩1_def by blast+
moreover have "(YS, C⇩0, C⇩1) = closest_pair_rec xs"
using False closest_pair_rec_simps defs(1,2,3,5,7,9)
by (auto simp: Let_def split: prod.split)
moreover have "(YS', Δ', C⇩0', C⇩1') = closest_pair_rec_code xs"
using False closest_pair_rec_code_simps defs(1,2,4,6,8,10)
by (auto simp: Let_def split: prod.split)
ultimately show ?thesis
using "1.prems"(2,3) by (metis Pair_inject)
qed
qed
declare closest_pair.simps [simp add]
fun closest_pair_code :: "point list ⇒ (point * point)" where
"closest_pair_code [] = undefined"
| "closest_pair_code [_] = undefined"
| "closest_pair_code ps = (let (_, _, c⇩0, c⇩1) = closest_pair_rec_code (mergesort fst ps) in (c⇩0, c⇩1))"
lemma closest_pair_code_eq:
"closest_pair ps = closest_pair_code ps"
proof (induction ps rule: induct_list012)
case (3 x y zs)
obtain ys c⇩0 c⇩1 ys' δ' c⇩0' c⇩1' where *:
"(ys, c⇩0, c⇩1) = closest_pair_rec (mergesort fst (x # y # zs))"
"(ys', δ', c⇩0', c⇩1') = closest_pair_rec_code (mergesort fst (x # y # zs))"
by (metis prod_cases3)
moreover have "1 < length (mergesort fst (x # y # zs))"
using length_mergesort[of fst "x # y # zs"] by simp
ultimately have "c⇩0 = c⇩0'" "c⇩1 = c⇩1'"
using closest_pair_rec_code_eq by blast+
thus ?case
using * by (auto split: prod.splits)
qed auto
export_code closest_pair_code in OCaml
module_name Verified
end