#| Copyright (C) 1994 by Natarajan Shankar. All Rights Reserved. This script is hereby placed in the public domain, and therefore unlimited editing and redistribution is permitted. NO WARRANTY Natarajan Shankar PROVIDES ABSOLUTELY NO WARRANTY. THE EVENT SCRIPT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SCRIPT IS WITH YOU. SHOULD THE SCRIPT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. IN NO EVENT WILL Natarajan Shankar BE LIABLE TO YOU FOR ANY DAMAGES, ANY LOST PROFITS, LOST MONIES, OR OTHER SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THIS SCRIPT (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY THIRD PARTIES), EVEN IF YOU HAVE ADVISED US OF THE POSSIBILITY OF SUCH DAMAGES, OR FOR ANY CLAIM BY ANY OTHER PARTY. |# ; The Mechanical Proof of Goedel's Incompleteness Theorem ; by ; N. Shankar ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;; I: Defining the Proof-checker for Z2 ;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;BOOT-STRAP loads basic library of axioms about lists, litatoms, and numbers. ;;;;;;; (BOOT-STRAP) (COMPILE-UNCOMPILED-DEFNS "tmp") ;;;;;;;Turn off the use of the compiled lisp definitions for the non-BOOT-STRAP ;;;;;;;functions. (TOGGLE-DEFINED-FUNCTIONS TURN-OFF-LISP-DEFNS T) ;;;;;;;Recognizers for function, variable, and predicate symbols. (DEFN FUNCTION (FN) (EQUAL (CAR FN) 2)) (DEFN VARIABLE (X) (NUMBERP X)) (DEFN PREDICATE (P) (EQUAL (CAR P) 3)) ;;;;;;;Degree (arity) and index (subscript) of a function/predicate symbol. (DEFN DEGREE (FN) (FIX (CDDR FN))) (DEFN INDEX (FN) (FIX (CADR FN))) ;;;;;;;(V X) generates the Xth variable (DEFN V (X) (FIX X)) (PROVE-LEMMA NUMBERP-FIX (REWRITE) (NUMBERP (FIX X))) (PROVE-LEMMA VARIABLE-V (REWRITE) (VARIABLE (V X))) ;;;;;;;FN generates function symbol with index X and arity Y. (DEFN FN (X Y) (CONS 2 (CONS (FIX X) (FIX Y)))) ;;;;;;;P generates the predicate symbol with index X and arity Y. (DEFN P (X Y) (CONS 3 (CONS (FIX X) (FIX Y)))) (PROVE-LEMMA FUNCTION-FN (REWRITE) (FUNCTION (FN X Y))) (PROVE-LEMMA PREDICATE-P (REWRITE) (PREDICATE (P X Y))) ;;;;;;;F-NOT is the negation shell. (ADD-SHELL F-NOT NIL F-NOTP ((ARG (NONE-OF) ZERO))) ;;;;;;;F-OR is the disjunction shell. (ADD-SHELL F-OR NIL F-ORP ((ARG1 (NONE-OF) ZERO) (ARG2 (NONE-OF) ZERO))) ;;;;;;;FORSOME is the existential quantification shell. (ADD-SHELL FORSOME NIL FORSOMEP ((BIND (ONE-OF NUMBERP) ZERO) (BODY (NONE-OF) ZERO))) ;;;;;;;EQL is the equality predicate for Z2 expressions. Strict equality EQUAL cannot ;;;;;;;be used since expressions will be Goedel-encoded, and it is possible ;;;;;;;two different expressions to have the same Goedel-encoding. EQL essentially ;;;;;;;checks that its two arguments have the same encoding. (DEFN FIX1 (X) (IF (NUMBERP X) X NIL)) (PROVE-LEMMA BIND-COUNT (REWRITE) (IMPLIES (FORSOMEP X) (LESSP (COUNT (BIND X)) (COUNT X)))) (DEFN EQL (X Y) (IF (LISTP X) (IF (LISTP Y) (AND (EQL (CAR X) (CAR Y)) (EQL (CDR X) (CDR Y))) F) (IF (LISTP Y) F (IF (F-NOTP X) (IF (F-NOTP Y) (EQL (ARG X) (ARG Y)) F) (IF (F-NOTP Y) F (IF (F-ORP X) (IF (F-ORP Y) (AND (EQL (ARG1 X) (ARG1 Y)) (EQL (ARG2 X) (ARG2 Y))) F) (IF (F-ORP Y) F (IF (FORSOMEP X) (IF (FORSOMEP Y) (AND (EQUAL (BIND X) (BIND Y)) (EQL (BODY X) (BODY Y))) F) (IF (FORSOMEP Y) F (EQUAL (FIX1 X) (FIX1 Y))))))))))) (PROVE-LEMMA EQL-COMM (REWRITE) (EQUAL (EQL X Y) (EQL Y X))) (PROVE-LEMMA EQUAL-EQL (REWRITE) (IMPLIES (EQUAL X Y) (EQL X Y))) (PROVE-LEMMA NUMBERP-EQL (REWRITE) (IMPLIES (OR (NUMBERP X) (NUMBERP Y)) (EQUAL (EQL X Y) (EQUAL X Y)))) (PROVE-LEMMA LISTP-EQL (REWRITE) (EQUAL (EQL (CONS X Y) (CONS U V)) (AND (EQL X U) (EQL Y V)))) (PROVE-LEMMA F-NOTP-EQL (REWRITE) (EQUAL (EQL (F-NOT X) (F-NOT Y)) (EQL X Y))) (PROVE-LEMMA F-ORP-EQL (REWRITE) (EQUAL (EQL (F-OR X Y) (F-OR U V)) (AND (EQL X U) (EQL Y V)))) (PROVE-LEMMA FORSOMEP-EQL (REWRITE) (EQUAL (EQL (FORSOME X Y) (FORSOME U V)) (AND (EQUAL (FIX X) (FIX U)) (EQL Y V)))) ;;;;;;;MEMB checks if X is a member of Y, using EQL. (DEFN MEMB (X Y) (IF (LISTP Y) (IF (EQL X (CAR Y)) T (MEMB X (CDR Y))) F)) (PROVE-LEMMA DEGREE-FN (REWRITE) (EQUAL (DEGREE (FN X Y)) (FIX Y))) (PROVE-LEMMA DEGREE-P (REWRITE) (EQUAL (DEGREE (P X Y)) (FIX Y))) (PROVE-LEMMA INDEX-FN (REWRITE) (EQUAL (INDEX (FN X Y)) (FIX X))) (PROVE-LEMMA INDEX-P (REWRITE) (EQUAL (INDEX (P X Y)) (FIX X))) (PROVE-LEMMA NOT-FUNCTION (REWRITE) (IMPLIES (OR (NLISTP X) (PREDICATE X)) (NOT (FUNCTION X)))) (PROVE-LEMMA NOT-PREDICATE (REWRITE) (IMPLIES (OR (NLISTP X) (FUNCTION X)) (NOT (PREDICATE X)))) (TOGGLE G0616 INDEX T) (TOGGLE G0617 DEGREE T) (TOGGLE G0618 V T) (TOGGLE G0619 FN T) (TOGGLE G0620 P T) (TOGGLE G0621 FUNCTION T) (TOGGLE G0622 PREDICATE T) ;;;;;;;X is a function or a predicate. (DEFN FUNC-PRED (X) (OR (FUNCTION X) (PREDICATE X))) ;;;;;;;APPEND concatenates two lists. (DEFN APPEND (X Y) (IF (LISTP X) (CONS (CAR X) (APPEND (CDR X) Y)) Y)) ;;;;;;;DEL deletes all occurrences of X from list Y, using EQL. (DEFN DEL (X Y) (IF (LISTP Y) (IF (EQL X (CAR Y)) (DEL X (CDR Y)) (CONS (CAR Y) (DEL X (CDR Y)))) Y)) (PROVE-LEMMA NOT-MEMB-DEL (REWRITE) (NOT (MEMB X (DEL X Y)))) ;;;;;;;COLLECT-FREE collects a list of all the free variables in the ;;;;;;;expression/list of expressions EXP, depending on (ZEROP FLG). (DEFN COLLECT-FREE (EXP FLG) (IF (ZEROP FLG) (IF (VARIABLE EXP) (CONS EXP NIL) (IF (F-NOTP EXP) (COLLECT-FREE (ARG EXP) 0) (IF (F-ORP EXP) (APPEND (COLLECT-FREE (ARG1 EXP) 0) (COLLECT-FREE (ARG2 EXP) 0)) (IF (FORSOMEP EXP) (DEL (BIND EXP) (COLLECT-FREE (BODY EXP) 0)) (IF (LISTP EXP) (COLLECT-FREE (CDR EXP) 1) NIL))))) (IF (LISTP EXP) (APPEND (COLLECT-FREE (CAR EXP) 0) (COLLECT-FREE (CDR EXP) 1)) NIL))) (DEFN SENTENCE (EXP) (EQUAL (COLLECT-FREE EXP 0) NIL)) ;;;;;;;COVERING collects a list of all bound variables that govern free occurrences ;;;;;;;of VAR in EXP. (DEFN COVERING (EXP VAR FLG) (IF (ZEROP FLG) (IF (F-NOTP EXP) (COVERING (ARG EXP) VAR 0) (IF (F-ORP EXP) (APPEND (COVERING (ARG1 EXP) VAR 0) (COVERING (ARG2 EXP) VAR 0)) (IF (FORSOMEP EXP) (IF (MEMB VAR (COLLECT-FREE EXP 0)) (CONS (BIND EXP) (COVERING (BODY EXP) VAR 0)) NIL) (IF (LISTP EXP) (COVERING (CDR EXP) VAR 1) NIL)))) (IF (LISTP EXP) (APPEND (COVERING (CAR EXP) VAR 0) (COVERING (CDR EXP) VAR 1)) NIL))) ;;;;;;;X and Y have no common elements. (DEFN NIL-INTERSECT (X Y) (IF (LISTP X) (AND (NOT (MEMB (CAR X) Y)) (NIL-INTERSECT (CDR X) Y)) T)) ;;;;;;;TERM is FREE-FOR VAR in EXP, if no free occurrence of VAR in EXP is governed ;;;;;;;by a variable which occurs free in TERM. (DEFN FREE-FOR (EXP VAR TERM FLG) (NIL-INTERSECT (COVERING EXP VAR FLG) (COLLECT-FREE TERM 0))) ;;;;;;;(F-EQUAL X Y) is the Z2 expression for (x=y). (DEFN F-EQUAL (X Y) (LIST (P 0 2) X Y)) (PROVE-LEMMA OR-MEMB-APPEND (REWRITE) (EQUAL (MEMB X (APPEND Y Z)) (OR (MEMB X Y) (MEMB X Z)))) (PROVE-LEMMA MEMB-DEL (REWRITE) (IMPLIES (NOT (EQL X Z)) (EQUAL (MEMB X (DEL Z Y)) (MEMB X Y)))) ;;;;;;;VAR-LIST checks that LIST is a list of N variables. (DEFN VAR-LIST (LIST N) (IF (OR (ZEROP N) (NLISTP LIST)) (AND (ZEROP N) (NLISTP LIST)) (AND (VARIABLE (CAR LIST)) (VAR-LIST (CDR LIST) (SUB1 N))))) ;;;;;;;SYMB checks that X is either the equality symbol, or appears in list SYMBOLS. (DEFN SYMB (X SYMBOLS) (OR (EQUAL X (P 0 2)) (MEMB X SYMBOLS))) ;;;;;;;TERMP checks that EXP is either a variable or an n-ary function symbol (in SYMBOLS) ;;;;;;;applied to n smaller terms. (DEFN TERMP (EXP FLG SYMBOLS) (IF (ZEROP FLG) (IF (LISTP EXP) (AND (FUNCTION (CAR EXP)) (SYMB (CAR EXP) SYMBOLS) (TERMP (CDR EXP) 1 SYMBOLS) (EQUAL (LENGTH (CDR EXP)) (DEGREE (CAR EXP)))) (VARIABLE EXP)) (IF (NLISTP EXP) T (AND (TERMP (CAR EXP) 0 SYMBOLS) (TERMP (CDR EXP) 1 SYMBOLS))))) ;;;;;;;ATOMP checks that EXP is an n-ary predicate symbol applied to n terms. (DEFN ATOMP (EXP SYMBOLS) (AND (PREDICATE (CAR EXP)) (SYMB (CAR EXP) SYMBOLS) (EQUAL (LENGTH (CDR EXP)) (DEGREE (CAR EXP))) (TERMP (CDR EXP) 1 SYMBOLS))) (PROVE-LEMMA ATOMP-REDUC (REWRITE) (EQUAL (ATOMP (CONS X Y) SYMBOLS) (AND (PREDICATE X) (SYMB X SYMBOLS) (EQUAL (LENGTH Y) (DEGREE X)) (TERMP Y 1 SYMBOLS)))) (PROVE-LEMMA ATOMP-F-EQUAL (REWRITE) (EQUAL (ATOMP (F-EQUAL X Y) SYMBOLS) (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS)))) ;;;;;;;SUBST substitutes TERM for all free occurrences of VAR in EXP. (DEFN SUBST (EXP VAR TERM FLG) (IF (ZEROP FLG) (IF (VARIABLE EXP) (IF (EQUAL EXP VAR) TERM EXP) (IF (F-NOTP EXP) (F-NOT (SUBST (ARG EXP) VAR TERM 0)) (IF (F-ORP EXP) (F-OR (SUBST (ARG1 EXP) VAR TERM 0) (SUBST (ARG2 EXP) VAR TERM 0)) (IF (FORSOMEP EXP) (IF (EQL (BIND EXP) VAR) EXP (FORSOME (BIND EXP) (SUBST (BODY EXP) VAR TERM 0))) (IF (LISTP EXP) (CONS (CAR EXP) (SUBST (CDR EXP) VAR TERM 1)) EXP))))) (IF (LISTP EXP) (CONS (SUBST (CAR EXP) VAR TERM 0) (SUBST (CDR EXP) VAR TERM 1)) EXP))) ;;;;;;;SUB checks if every element of X occurs in Y, using EQL. (DEFN SUB (X Y) (IF (LISTP X) (AND (MEMB (CAR X) Y) (SUB (CDR X) Y)) T)) ;;;;;;;SUBSET checks if every element of X occurs in Y, using EQUAL. (DEFN SUBSET (X Y) (IF (LISTP X) (AND (MEMBER (CAR X) Y) (SUBSET (CDR X) Y)) T)) (PROVE-LEMMA SUB-SUBSET (REWRITE) (IMPLIES (SUBSET X Y) (SUB X Y))) (PROVE-LEMMA SUBST-F-EQUAL (REWRITE) (EQUAL (SUBST (F-EQUAL X Y) VAR TERM 0) (F-EQUAL (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (TOGGLE G0623 F-EQUAL T) (TOGGLE G0253 ATOMP T) ;;;;;;;FORMULA checks if EXP is a well-formed formula. (DEFN FORMULA (EXP SYMBOLS) (IF (F-NOTP EXP) (FORMULA (ARG EXP) SYMBOLS) (IF (F-ORP EXP) (AND (FORMULA (ARG1 EXP) SYMBOLS) (FORMULA (ARG2 EXP) SYMBOLS)) (IF (FORSOMEP EXP) (FORMULA (BODY EXP) SYMBOLS) (ATOMP EXP SYMBOLS))))) (PROVE-LEMMA FORMULA-F-EQUAL (REWRITE) (EQUAL (FORMULA (F-EQUAL X Y) SYMBOLS) (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS)))) ;;;;;;;(F-AND X Y) denotes (X ^ Y). (DEFN F-AND (X Y) (F-NOT (F-OR (F-NOT X) (F-NOT Y)))) ;;;;;;;(F-IMPLIES X Y) denotes (X => Y). (DEFN F-IMPLIES (X Y) (F-OR (F-NOT X) Y)) ;;;;;;;(FORALL X EXP) denotes (Ax exp). (DEFN FORALL (VAR EXP) (F-NOT (FORSOME VAR (F-NOT EXP)))) ;;;;;;;PAIREQUALS returns a formula of the form ;;;;;;;((x1=y1) -> (...-> ((xn=yn) -> EXP))). (DEFN PAIREQUALS (VARS1 VARS2 EXP) (IF (AND (LISTP VARS1) (LISTP VARS2)) (F-IMPLIES (F-EQUAL (CAR VARS1) (CAR VARS2)) (PAIREQUALS (CDR VARS1) (CDR VARS2) EXP)) EXP)) (DEFN SECOND (X) (CADR X)) (DEFN THIRD (X) (CADDR X)) (DEFN FOURTH (X) (CADDDR X)) ;;;;;;;FOL-AXIOM-PROOF checks if CONC is a logical axiom (in a theory with ;;;;;;;SYMBOLS), using hints from HINTS. The axioms are: [1] propositional ;;;;;;;axioms of the form, "((not A) or A)"; [2] substitution axioms of ;;;;;;;the form, "[t/x]A -> (forsome x A)"; [3] Identity axioms of the form, ;;;;;;;"(x=x)"; [4] Equality axioms for functions, of the form, ;;;;;;;"((x1=y1) -> (...-> ((xn=yn) -> ((fx1...xn)=(fy1...yn)))))"; ;;;;;;;[5] Equality axioms for predicates, of the form, ;;;;;;;"((x1=y1) -> (...-> ((xn=yn) -> ((px1...xn) -> (py1...yn)))))". (DEFN FOL-AXIOM-PROOF (CONC HINTS SYMBOLS) (IF (EQUAL (CAR HINTS) 1) (AND (FORMULA (SECOND HINTS) SYMBOLS) (EQL CONC (F-OR (F-NOT (SECOND HINTS)) (SECOND HINTS)))) (IF (EQUAL (CAR HINTS) 2) (AND (FORMULA (SECOND HINTS) SYMBOLS) (VARIABLE (THIRD HINTS)) (TERMP (FOURTH HINTS) 0 SYMBOLS) (FREE-FOR (SECOND HINTS) (THIRD HINTS) (FOURTH HINTS) 0) (EQL CONC (F-IMPLIES (SUBST (SECOND HINTS) (THIRD HINTS) (FOURTH HINTS) 0) (FORSOME (THIRD HINTS) (SECOND HINTS))))) (IF (EQUAL (CAR HINTS) 3) (AND (TERMP (SECOND HINTS) 0 SYMBOLS) (EQL CONC (F-EQUAL (SECOND HINTS) (SECOND HINTS)))) (IF (EQUAL (CAR HINTS) 4) (AND (TERMP (THIRD HINTS) 1 SYMBOLS) (TERMP (FOURTH HINTS) 1 SYMBOLS) (FUNCTION (SECOND HINTS)) (EQUAL (LENGTH (THIRD HINTS)) (DEGREE (SECOND HINTS))) (EQUAL (LENGTH (FOURTH HINTS)) (DEGREE (SECOND HINTS))) (EQL CONC (PAIREQUALS (THIRD HINTS) (FOURTH HINTS) (F-EQUAL (CONS (SECOND HINTS) (THIRD HINTS)) (CONS (SECOND HINTS) (FOURTH HINTS)))))) (IF (EQUAL (CAR HINTS) 5) (AND (TERMP (THIRD HINTS) 1 SYMBOLS) (TERMP (FOURTH HINTS) 1 SYMBOLS) (PREDICATE (SECOND HINTS)) (EQUAL (LENGTH (THIRD HINTS)) (DEGREE (SECOND HINTS))) (EQUAL (LENGTH (FOURTH HINTS)) (DEGREE (SECOND HINTS))) (EQL CONC (PAIREQUALS (THIRD HINTS) (FOURTH HINTS) (F-IMPLIES (CONS (SECOND HINTS) (THIRD HINTS)) (CONS (SECOND HINTS) (FOURTH HINTS)))))) F)))))) ;;;;;;;FOL-RULES checks if CONC follows from the SUB-GOALS by an application ;;;;;;;of one of the logical rules of inference, using hints from HINTS. ;;;;;;;The rules of inference are: [1] Expansion: derive "(A or B)" from "B"; ;;;;;;;[2] Contraction: derive "A" from "(A or A)"; ;;;;;;;[3] Associativity: derive "((A or B) or C)" from "(A or (B or C))"; ;;;;;;;[4] Cut: derive "(B or C)" from "(A or B)" and "((not B) or C)"; ;;;;;;;[5] E-introduction: derive "((forsome x A) -> B)" from "(A -> B)", ;;;;;;;provided "x" does not occur free in "B". (DEFN FOL-RULES (CONC HINTS SUB-GOALS SYMBOLS) (IF (EQUAL (CAR HINTS) 1) (AND (FORMULA (SECOND HINTS) SYMBOLS) (FORMULA (CAR SUB-GOALS) SYMBOLS) (EQL CONC (F-OR (SECOND HINTS) (CAR SUB-GOALS)))) (IF (EQUAL (CAR HINTS) 2) (AND (FORMULA (SECOND HINTS) SYMBOLS) (EQL SUB-GOALS (LIST (F-OR (SECOND HINTS) (SECOND HINTS)))) (EQL CONC (SECOND HINTS))) (IF (EQUAL (CAR HINTS) 3) (AND (FORMULA (SECOND HINTS) SYMBOLS) (FORMULA (THIRD HINTS) SYMBOLS) (FORMULA (FOURTH HINTS) SYMBOLS) (EQL SUB-GOALS (LIST (F-OR (SECOND HINTS) (F-OR (THIRD HINTS) (FOURTH HINTS))))) (EQL CONC (F-OR (F-OR (SECOND HINTS) (THIRD HINTS)) (FOURTH HINTS)))) (IF (EQUAL (CAR HINTS) 4) (AND (FORMULA (SECOND HINTS) SYMBOLS) (FORMULA (THIRD HINTS) SYMBOLS) (FORMULA (FOURTH HINTS) SYMBOLS) (EQL SUB-GOALS (LIST (F-OR (SECOND HINTS) (THIRD HINTS)) (F-OR (F-NOT (SECOND HINTS)) (FOURTH HINTS)))) (EQL CONC (F-OR (THIRD HINTS) (FOURTH HINTS)))) (IF (EQUAL (CAR HINTS) 5) (AND (VARIABLE (SECOND HINTS)) (FORMULA (THIRD HINTS) SYMBOLS) (FORMULA (FOURTH HINTS) SYMBOLS) (NOT (MEMB (SECOND HINTS) (COLLECT-FREE (FOURTH HINTS) 0))) (EQL SUB-GOALS (LIST (F-IMPLIES (THIRD HINTS) (FOURTH HINTS)))) (EQL CONC (F-IMPLIES (FORSOME (SECOND HINTS) (THIRD HINTS)) (FOURTH HINTS)))) F)))))) ;;;;;;;Some notation for: [1] Set-theoretic membership: "(x in y)"; ;;;;;;;[2] Null Set: "(phi)"; [3] Pairing: "{x, y}"; ;;;;;;;[4] Union: "(x U y)"; [5] Integerhood: "(I x)" defined as ;;;;;;;"x is transitive and linearly ordered"; ;;;;;;;[6] Successor: "(S x)" defined as "(x U {x})", where "{x}" is "{x, x}"; ;;;;;;;[7] If-and-only-if: "(A <-> B)". (DEFN ISIN (X Y) (LIST (P 1 2) X Y)) (DEFN PHI NIL (LIST (FN 0 0))) (DEFN Z-PAIR (X Y) (LIST (FN 1 2) X Y)) (DEFN Z-UNION (X Y) (LIST (FN 2 2) X Y)) (DEFN Z-INT (X) (LIST (P 2 1) X)) (DEFN Z-SUCC (X) (LIST (FN 3 1) X)) (DEFN F-IFF (X Y) (F-AND (F-IMPLIES X Y) (F-IMPLIES Y X))) ;;;;;;;Z2-AXIOMS checks if CONC is a set-theoretic axiom from Z2. ;;;;;;;These axioms are: ;;;;;;;[1] Extensionality: "(x=y) <-> (forall z ((z in x) <-> (z in y)))". ;;;;;;;[2] Null set: "(not (x in (phi)))". ;;;;;;;[3] Pairing: "(z in {x, y}) <-> ((z=x) v (z=y))". ;;;;;;;[4] Union: "(z in (x U y)) <-> ((z in x) v (z in y))". ;;;;;;;[5] Induction: "A[(phi)] ^ (forall x (((I x) ^ A[x]) -> A[(S x)]) ;;;;;;; -> (forall x ((I x) -> A[x]))" (DEFN Z2-AXIOMS (CONC HINTS SYMBOLS) (IF (EQUAL (CAR HINTS) 1) (AND (VARIABLE (FOURTH HINTS)) (TERMP (SECOND HINTS) 0 SYMBOLS) (TERMP (THIRD HINTS) 0 SYMBOLS) (NOT (MEMB (FOURTH HINTS) (COLLECT-FREE (SECOND HINTS) 0))) (NOT (MEMB (FOURTH HINTS) (COLLECT-FREE (THIRD HINTS) 0))) (EQL CONC (F-IFF (F-EQUAL (SECOND HINTS) (THIRD HINTS)) (FORALL (FOURTH HINTS) (F-IFF (ISIN (FOURTH HINTS) (SECOND HINTS)) (ISIN (FOURTH HINTS) (THIRD HINTS))))))) (IF (EQUAL (CAR HINTS) 2) (AND (TERMP (SECOND HINTS) 0 SYMBOLS) (EQL CONC (F-NOT (ISIN (SECOND HINTS) (PHI))))) (IF (EQUAL (CAR HINTS) 3) (AND (TERMP (LIST (SECOND HINTS) (THIRD HINTS) (FOURTH HINTS)) 1 SYMBOLS) (EQL CONC (F-IFF (ISIN (FOURTH HINTS) (Z-PAIR (SECOND HINTS) (THIRD HINTS))) (F-OR (F-EQUAL (FOURTH HINTS) (SECOND HINTS)) (F-EQUAL (FOURTH HINTS) (THIRD HINTS)))))) (IF (EQUAL (CAR HINTS) 4) (AND (TERMP (LIST (SECOND HINTS) (THIRD HINTS) (FOURTH HINTS)) 1 SYMBOLS) (EQL CONC (F-IFF (ISIN (FOURTH HINTS) (Z-UNION (SECOND HINTS) (THIRD HINTS))) (F-OR (ISIN (FOURTH HINTS) (SECOND HINTS)) (ISIN (FOURTH HINTS) (THIRD HINTS)))))) (IF (EQUAL (CAR HINTS) 5) (AND (VARIABLE (THIRD HINTS)) (FORMULA (SECOND HINTS) SYMBOLS) (EQL CONC (F-IMPLIES (F-AND (SUBST (SECOND HINTS) (THIRD HINTS) (PHI) 0) (FORALL (THIRD HINTS) (F-IMPLIES (F-AND (Z-INT (THIRD HINTS)) (SECOND HINTS)) (SUBST (SECOND HINTS) (THIRD HINTS) (Z-SUCC (THIRD HINTS)) 0)))) (FORALL (THIRD HINTS) (F-IMPLIES (Z-INT (THIRD HINTS)) (SECOND HINTS)))))) F)))))) ;;;;;;;X is a list with no duplicates. (DEFN SET (X) (IF (LISTP X) (AND (NOT (MEMB (CAR X) (CDR X))) (SET (CDR X))) T)) ;;;;;;;Returns the element paired to X in the alist Y. (DEFN ASSOC (X Y) (IF (LISTP Y) (IF (EQL (CAAR Y) X) (CDAR Y) (ASSOC X (CDR Y))) 0)) ;;;;;;;Returns the list of symbols following the last occurrence of SYM in SYMBOLS. (DEFN REST-OF (SYM SYMBOLS) (IF (LISTP SYMBOLS) (IF (AND (EQL (CAR SYMBOLS) SYM) (NOT (MEMB SYM (CDR SYMBOLS)))) (CDR SYMBOLS) (REST-OF SYM (CDR SYMBOLS))) NIL)) ;;;;;;;SYMB-DEFN-PROOF checks if CONC is admissible as the definition of a new ;;;;;;;function or predicate symbol. The definition of a predicate symbol ;;;;;;;must have the form, "(px1...xn) <-> A", where the "xi" are distinct ;;;;;;;variables, and "A" is a formula w.r.t. the symbols that follow "p" in SYMBOLS ;;;;;;;which contains no free variables other than the "xi". ;;;;;;;The definition of a function symbol must have the form, "[(fx1...xn)/x]A", ;;;;;;;where the "x" and the "xi" are distinct, "A" is a formula w.r.t. the ;;;;;;;symbols that follow "f" in SYMBOLS, and "(forsome-unique x A)" is ;;;;;;;provable in a theory which only contains the symbols that follow "f" in SYMBOLS. (DEFN SYMB-DEFN-PROOF (CONC HINTS SUB-GOALS DEFN SYMBOLS) (IF (PREDICATE (CAAR HINTS)) (AND (SET (CDAR HINTS)) (VAR-LIST (CDAR HINTS) (DEGREE (CAAR HINTS))) (EQL CONC (F-IFF (CAR HINTS) DEFN)) (SUB (COLLECT-FREE DEFN 0) (CDAR HINTS)) (FORMULA DEFN (REST-OF (CAAR HINTS) SYMBOLS))) (IF (FUNCTION (CAAR HINTS)) (AND (SET (CONS (FOURTH HINTS) (CONS (SECOND HINTS) (CDAR HINTS)))) (VAR-LIST (CDAR HINTS) (DEGREE (CAAR HINTS))) (VARIABLE (SECOND HINTS)) (VARIABLE (FOURTH HINTS)) (FORMULA (THIRD HINTS) (REST-OF (CAAR HINTS) SYMBOLS)) (SUB (COLLECT-FREE (THIRD HINTS) 0) (CONS (SECOND HINTS) (CDAR HINTS))) (FREE-FOR (THIRD HINTS) (SECOND HINTS) (CAR HINTS) 0) (FREE-FOR (THIRD HINTS) (SECOND HINTS) (FOURTH HINTS) 0) (EQL CONC (SUBST (THIRD HINTS) (SECOND HINTS) (CAR HINTS) 0)) (EQL CONC DEFN) (EQL SUB-GOALS (LIST (FORSOME (SECOND HINTS) (THIRD HINTS)) (F-IMPLIES (F-AND (THIRD HINTS) (SUBST (THIRD HINTS) (SECOND HINTS) (FOURTH HINTS) 0)) (F-EQUAL (SECOND HINTS) (FOURTH HINTS)))))) F))) ;;;;;;;A formal proof is represented as 4-tuple: , ;;;;;;;where the conclusion is derived from the conclusions of the sub-proofs ;;;;;;;by means of a proof-step given by the combination of `step' and `hints'. ;;;;;;;CONC returns the conclusion of a proof/list of proofs. (DEFN CONC (PF FLG) (IF (ZEROP FLG) (THIRD PF) (IF (LISTP PF) (CONS (CONC (CAR PF) 0) (CONC (CDR PF) 1)) NIL))) ;;;;;;;PRF checks if PF is well-formed proof in a theory whose function/predicate ;;;;;;;symbols appear in SYMBOLS, where the definitions of the defined symbols ;;;;;;;appear in DEFNS, and GIVEN is a list of assumptions. The argument GIVEN is ;;;;;;;there merely to facilitate the proof of essential incompleteness, and is never ;;;;;;;actually used to demonstrate the existence of a proof. One can obviously ;;;;;;;introduce an inconsistency through GIVEN. ;;;;;;;PRF recurses down PF and checks if the conclusion is either [1] a logical axiom; ;;;;;;;[2] follows from the conclusion of the sub-proofs (which are themselves ;;;;;;;well-formed) by means of one of the rules of inference; [3] a set-theoretic ;;;;;;;axiom; [4] a function/predicate definition; [5] an assumption from GIVEN. (DEFN PRF (PF GIVEN DEFNS FLG SYMBOLS) (IF (ZEROP FLG) (IF (NLISTP PF) F (IF (NOT (FORMULA (CONC PF 0) SYMBOLS)) F (IF (EQUAL (CAR PF) 1) (FOL-AXIOM-PROOF (CONC PF 0) (SECOND PF) SYMBOLS) (IF (EQUAL (CAR PF) 2) (AND (FOL-RULES (CONC PF 0) (SECOND PF) (CONC (FOURTH PF) 1) SYMBOLS) (PRF (FOURTH PF) GIVEN DEFNS 1 SYMBOLS)) (IF (EQUAL (CAR PF) 3) (Z2-AXIOMS (CONC PF 0) (SECOND PF) SYMBOLS) (IF (EQUAL (CAR PF) 4) (AND (SYMB-DEFN-PROOF (CONC PF 0) (SECOND PF) (CONC (FOURTH PF) 1) (ASSOC (CAAR (SECOND PF)) DEFNS) SYMBOLS) (IF (FUNCTION (CAAR (CADR PF))) (PRF (CADDDR PF) GIVEN DEFNS 1 (REST-OF (CAAR (CADR PF)) SYMBOLS)) T)) (IF (EQUAL (CAR PF) 5) (MEMB (CONC PF 0) GIVEN) F))))))) (IF (NLISTP PF) T (AND (PRF (CAR PF) GIVEN DEFNS 0 SYMBOLS) (PRF (CDR PF) GIVEN DEFNS 1 SYMBOLS))))) ;;;;;;;PROVES checks that PF is a well-formed proof whose conclusion is EXP. (DEFN PROVES (PF EXP GIVEN DEFNS SYMBOLS) (AND (EQL (CONC PF 0) EXP) (FORMULA EXP SYMBOLS) (PRF PF GIVEN DEFNS 0 SYMBOLS))) ;;;;;;;What follows is a series of rewrite rules which convert the proof-checker above ;;;;;;;into a set of rewrite rules. Functions like PROP-AXIOM construct axioms ;;;;;;;whose proofs are constructed by `proof-constructors' like PROP-AXIOM-PROOF. (DEFN PROP-AXIOM (EXP) (F-OR (F-NOT EXP) EXP)) (DEFN SUBST-AXIOM (EXP VAR TERM) (F-IMPLIES (SUBST EXP VAR TERM 0) (FORSOME VAR EXP))) (DEFN IDENT-AXIOM (VAR) (F-EQUAL VAR VAR)) (DEFN PROP-AXIOM-PROOF (EXP) (LIST 1 (LIST 1 EXP) (PROP-AXIOM EXP))) (DEFN SUBST-AXIOM-PROOF (EXP VAR TERM) (LIST 1 (LIST 2 EXP VAR TERM) (SUBST-AXIOM EXP VAR TERM))) (DEFN IDENT-AXIOM-PROOF (VAR) (LIST 1 (LIST 3 VAR) (F-EQUAL VAR VAR))) (DEFN EQUAL-AXIOM1 (VARS1 VARS2 FN) (PAIREQUALS VARS1 VARS2 (F-EQUAL (CONS FN VARS1) (CONS FN VARS2)))) (DEFN EQUAL-AXIOM1-PROOF (FN VARS1 VARS2) (LIST 1 (LIST 4 FN VARS1 VARS2) (EQUAL-AXIOM1 VARS1 VARS2 FN))) (DEFN EQUAL-AXIOM2 (VARS1 VARS2 PR) (PAIREQUALS VARS1 VARS2 (F-IMPLIES (CONS PR VARS1) (CONS PR VARS2)))) (DEFN EQUAL-AXIOM2-PROOF (PR VARS1 VARS2) (LIST 1 (LIST 5 PR VARS1 VARS2) (EQUAL-AXIOM2 VARS1 VARS2 PR))) (PROVE-LEMMA FORMULA-F-NOT (REWRITE) (EQUAL (FORMULA (F-NOT X) SYMBOLS) (FORMULA X SYMBOLS))) (PROVE-LEMMA FORMULA-F-OR (REWRITE) (EQUAL (FORMULA (F-OR X Y) SYMBOLS) (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS)))) (PROVE-LEMMA FORMULA-FORSOME (REWRITE) (EQUAL (FORMULA (FORSOME X Y) SYMBOLS) (FORMULA Y SYMBOLS))) ;;;;;;;The lemma below establishes that PROP-AXIOM-PROOF constructs a well-formed proof ;;;;;;;of a propositional axiom. Once this is proved, the definition of PROP-AXIOM-PROOF ;;;;;;;is irrelevant and is disabled. (PROVE-LEMMA PROP-AXIOM-PROVES (REWRITE) (IMPLIES (FORMULA EXP SYMBOLS) (PROVES (PROP-AXIOM-PROOF EXP) (F-OR (F-NOT EXP) EXP) GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA SUBST-LENGTH (REWRITE) (IMPLIES (NOT (ZEROP FLG)) (EQUAL (LENGTH (SUBST EXP VAR TERM FLG)) (LENGTH EXP)))) (PROVE-LEMMA SUBST-TERMP (REWRITE) (IMPLIES (AND (TERMP EXP FLG SYMBOLS) (TERMP TERM 0 SYMBOLS)) (TERMP (SUBST EXP VAR TERM FLG) FLG SYMBOLS))) (TOGGLE G0606 ATOMP NIL) (PROVE-LEMMA SUBST-FORMULA (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (TERMP TERM 0 SYMBOLS)) (FORMULA (SUBST EXP VAR TERM 0) SYMBOLS))) (TOGGLE G0607 ATOMP T) (PROVE-LEMMA SUBST-AXIOM-PROVES (REWRITE) (IMPLIES (AND (EQUAL LHS (SUBST EXP VAR TERM 0)) (VARIABLE VAR) (TERMP TERM 0 SYMBOLS) (FORMULA EXP SYMBOLS) (FREE-FOR EXP VAR TERM 0)) (PROVES (SUBST-AXIOM-PROOF EXP VAR TERM) (F-IMPLIES LHS (FORSOME VAR EXP)) GIVEN DEFNS SYMBOLS)) ((DISABLE FREE-FOR))) (PROVE-LEMMA FORMULA-PAIREQUALS (REWRITE) (IMPLIES (AND (TERMP VARS1 1 SYMBOLS) (TERMP VARS2 1 SYMBOLS) (FORMULA EXP SYMBOLS)) (FORMULA (PAIREQUALS VARS1 VARS2 EXP) SYMBOLS))) (PROVE-LEMMA EQUAL-AXIOM1-PROVES (REWRITE) (IMPLIES (AND (FUNCTION FN) (SYMB FN SYMBOLS) (EQUAL (LENGTH VARS1) (DEGREE FN)) (EQUAL (LENGTH VARS2) (DEGREE FN)) (TERMP VARS1 1 SYMBOLS) (TERMP VARS2 1 SYMBOLS) (EQUAL CONCL (EQUAL-AXIOM1 VARS1 VARS2 FN))) (PROVES (EQUAL-AXIOM1-PROOF FN VARS1 VARS2) CONCL GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA EQUAL-AXIOM2-PROVES (REWRITE) (IMPLIES (AND (PREDICATE PR) (SYMB PR SYMBOLS) (EQUAL (LENGTH VARS1) (DEGREE PR)) (EQUAL (LENGTH VARS2) (DEGREE PR)) (TERMP VARS1 1 SYMBOLS) (TERMP VARS2 1 SYMBOLS) (EQUAL CONCL (EQUAL-AXIOM2 VARS1 VARS2 PR))) (PROVES (EQUAL-AXIOM2-PROOF PR VARS1 VARS2) CONCL GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA IDENT-AXIOM-PROVES (REWRITE) (IMPLIES (TERMP VAR 0 SYMBOLS) (PROVES (IDENT-AXIOM-PROOF VAR) (F-EQUAL VAR VAR) GIVEN DEFNS SYMBOLS))) (DEFN ASSUM-PROOF (EXP) (LIST 5 NIL EXP)) (PROVE-LEMMA ASSUM-PROOF-PROVES (REWRITE) (IMPLIES (AND (MEMBER EXP GIVEN) (FORMULA EXP SYMBOLS)) (PROVES (ASSUM-PROOF EXP) EXP GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA MEMB-MEMBER (REWRITE) (IMPLIES (MEMBER X Y) (MEMB X Y))) (DEFN FUN-DEFN-PROOF (FN VARS X Y EXP PF1 PF2) (LIST 4 (LIST (CONS FN VARS) X EXP Y) (SUBST EXP X (CONS FN VARS) 0) (LIST PF1 PF2))) (PROVE-LEMMA FUN-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-LIST VARS (DEGREE FN)) (VARIABLE X) (VARIABLE Y) (SET (CONS Y (CONS X VARS))) (FUNCTION FN) (SYMB FN SYMBOLS) (FORMULA A-PRIME SYMBOLS) (SUBSET (COLLECT-FREE EXP 0) (CONS X VARS)) (FREE-FOR EXP X (CONS FN VARS) 0) (FREE-FOR EXP X Y 0) (EQUAL A-PRIME (ASSOC FN DEFNS)) (PROVES PF1 (FORSOME X EXP) GIVEN DEFNS (REST-OF FN SYMBOLS)) (PROVES PF2 (F-IMPLIES (F-AND EXP (SUBST EXP X Y 0)) (F-EQUAL X Y)) GIVEN DEFNS (REST-OF FN SYMBOLS)) (EQUAL A-PRIME (SUBST EXP X (CONS FN VARS) 0))) (PROVES (FUN-DEFN-PROOF FN VARS X Y EXP PF1 PF2) A-PRIME GIVEN DEFNS SYMBOLS)) ((DISABLE COLLECT-FREE FREE-FOR SYMB EQL SUBSET SET))) (TOGGLE G0591 FUN-DEFN-PROOF T) (DEFN PRED-DEFN-PROOF (PR VARS DEFN) (LIST 4 (LIST (CONS PR VARS)) (F-IFF (CONS PR VARS) DEFN))) (PROVE-LEMMA VAR-LIST-TERMP (REWRITE) (IMPLIES (VAR-LIST VARS (LENGTH VARS)) (TERMP VARS 1 SYMBOLS))) (PROVE-LEMMA VAR-LIST-LENGTH (REWRITE) (IMPLIES (NOT (EQUAL (LENGTH VARS) (FIX N))) (NOT (VAR-LIST VARS N)))) (PROVE-LEMMA MEMB-REST-OF (REWRITE) (IMPLIES (NOT (MEMB X Z)) (NOT (MEMB X (REST-OF Y Z))))) (PROVE-LEMMA TERMP-REST-OF (REWRITE) (IMPLIES (NOT (TERMP EXP FLG SYMBOLS)) (NOT (TERMP EXP FLG (REST-OF SYMB SYMBOLS))))) (TOGGLE G0594 ATOMP NIL) (PROVE-LEMMA FORMULA-REST-OF (REWRITE) (IMPLIES (NOT (FORMULA EXP SYMBOLS)) (NOT (FORMULA EXP (REST-OF SYMB SYMBOLS))))) (TOGGLE G0595 ATOMP T) (PROVE-LEMMA PRED-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-LIST VARS (DEGREE PR)) (SET VARS) (PREDICATE PR) (SYMB PR SYMBOLS) (EQUAL DEFN (ASSOC PR DEFNS)) (FORMULA DEFN (REST-OF PR SYMBOLS)) (SUBSET (COLLECT-FREE DEFN 0) VARS) (EQUAL CONCL (F-IFF (CONS PR VARS) DEFN))) (PROVES (PRED-DEFN-PROOF PR VARS DEFN) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE COLLECT-FREE SYMB))) (TOGGLE G0592 PRED-DEFN-PROOF T) (DEFN EXPAN-PROOF (A B PF) (LIST 2 (LIST 1 A) (F-OR A B) (LIST PF))) (DEFN CONTRAC-PROOF (A PF) (LIST 2 (LIST 2 A) A (LIST PF))) (DEFN ASSOC-PROOF (A B C PF) (LIST 2 (LIST 3 A B C) (F-OR (F-OR A B) C) (LIST PF))) (DEFN CUT-PROOF (A B C PF1 PF2) (LIST 2 (LIST 4 A B C) (F-OR B C) (LIST PF1 PF2))) (DEFN FORSOME-INTRO-PROOF (VAR A B PF) (LIST 2 (LIST 5 VAR A B) (F-IMPLIES (FORSOME VAR A) B) (LIST PF))) (TOGGLE G0624 FOL-AXIOM-PROOF T) (TOGGLE G0625 FUN-DEFN-PROOF T) (PROVE-LEMMA EXPAN-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA A SYMBOLS) (PROVES PF B GIVEN DEFNS SYMBOLS)) (PROVES (EXPAN-PROOF A B PF) (F-OR A B) GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA ASSOC-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-OR A (F-OR B C)) GIVEN DEFNS SYMBOLS) (PROVES (ASSOC-PROOF A B C PF) (F-OR (F-OR A B) C) GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA CONTRAC-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-OR A A) GIVEN DEFNS SYMBOLS) (PROVES (CONTRAC-PROOF A PF) A GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA CUT-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-OR A B) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-OR (F-NOT A) C) GIVEN DEFNS SYMBOLS) (FORMULA (F-OR B C) SYMBOLS)) (PROVES (CUT-PROOF A B C PF1 PF2) (F-OR B C) GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA FORSOME-INTRO-PROVES (REWRITE) (IMPLIES (AND (PROVES PF (F-IMPLIES A B) GIVEN DEFNS SYMBOLS) (NOT (MEMB VAR (COLLECT-FREE B 0))) (VARIABLE VAR) (FORMULA (F-IMPLIES (FORSOME VAR A) B) SYMBOLS)) (PROVES (FORSOME-INTRO-PROOF VAR A B PF) (F-IMPLIES (FORSOME VAR A) B) GIVEN DEFNS SYMBOLS)) ((DISABLE COLLECT-FREE FORMULA))) (TOGGLE G2752 PROP-AXIOM-PROOF T) (TOGGLE G2753 SUBST-AXIOM-PROOF T) (TOGGLE G2754 EQUAL-AXIOM1-PROOF T) (TOGGLE G2755 EQUAL-AXIOM2-PROOF T) (TOGGLE G2756 IDENT-AXIOM-PROOF T) (TOGGLE G2757 ASSUM-PROOF T) (TOGGLE G2758 FUN-DEFN-PROOF T) (TOGGLE G2759 EXPAN-PROOF T) (TOGGLE G2760 CONTRAC-PROOF T) (TOGGLE G2761 ASSOC-PROOF T) (TOGGLE G2762 CUT-PROOF T) (TOGGLE G2763 FORSOME-INTRO-PROOF T) (TOGGLE G0626 FOL-RULES T) (PROVE-LEMMA NLISTP-PROVES (REWRITE) (IMPLIES (NLISTP PF) (NOT (PROVES PF EXP GIVEN DEFNS SYMBOLS)))) (DEFN EXT-AXIOM (X TERMA TERMB) (F-IFF (F-EQUAL TERMA TERMB) (FORALL X (F-IFF (ISIN X TERMA) (ISIN X TERMB))))) (DEFN EXT-AXIOM-PROOF (X TERMA TERMB) (LIST 3 (LIST 1 TERMA TERMB X) (EXT-AXIOM X TERMA TERMB))) (PROVE-LEMMA EXT-AXIOM-PROOF-PROVES (REWRITE) (IMPLIES (AND (NOT (MEMB X (COLLECT-FREE TERMA 0))) (NOT (MEMB X (COLLECT-FREE TERMB 0))) (VARIABLE X) (MEMB (P 1 2) SYMBOLS) (TERMP TERMA 0 SYMBOLS) (TERMP TERMB 0 SYMBOLS)) (PROVES (EXT-AXIOM-PROOF X TERMA TERMB) (F-IFF (F-EQUAL TERMA TERMB) (FORALL X (F-IFF (ISIN X TERMA) (ISIN X TERMB)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0374 EXT-AXIOM-PROOF T) (DEFN NULL-AXIOM (TERM) (F-NOT (ISIN TERM (PHI)))) (DEFN NULL-AXIOM-PROOF (TERM) (LIST 3 (LIST 2 TERM) (NULL-AXIOM TERM))) (PROVE-LEMMA NULL-AXIOM-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 0 0) (P 1 2)) SYMBOLS) (TERMP TERM 0 SYMBOLS)) (PROVES (NULL-AXIOM-PROOF TERM) (F-NOT (ISIN TERM (PHI))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0375 NULL-AXIOM-PROOF T) (DEFN PAIR-AXIOM (X TERMA TERMB) (F-IFF (ISIN X (Z-PAIR TERMA TERMB)) (F-OR (F-EQUAL X TERMA) (F-EQUAL X TERMB)))) (DEFN PAIR-AXIOM-PROOF (X TERMA TERMB) (LIST 3 (LIST 3 TERMA TERMB X) (PAIR-AXIOM X TERMA TERMB))) (PROVE-LEMMA PAIR-AXIOM-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP TERMA 0 SYMBOLS) (TERMP TERMB 0 SYMBOLS) (SUBSET (LIST (FN 1 2) (P 1 2)) SYMBOLS)) (PROVES (PAIR-AXIOM-PROOF X TERMA TERMB) (F-IFF (ISIN X (Z-PAIR TERMA TERMB)) (F-OR (F-EQUAL X TERMA) (F-EQUAL X TERMB))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0376 PAIR-AXIOM-PROOF T) (DEFN UNION-AXIOM (X TERMA TERMB) (F-IFF (ISIN X (Z-UNION TERMA TERMB)) (F-OR (ISIN X TERMA) (ISIN X TERMB)))) (DEFN UNION-AXIOM-PROOF (X TERMA TERMB) (LIST 3 (LIST 4 TERMA TERMB X) (UNION-AXIOM X TERMA TERMB))) (PROVE-LEMMA UNION-AXIOM-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP TERMA 0 SYMBOLS) (TERMP TERMB 0 SYMBOLS) (MEMB (P 1 2) SYMBOLS) (MEMB (FN 2 2) SYMBOLS)) (PROVES (UNION-AXIOM-PROOF X TERMA TERMB) (F-IFF (ISIN X (Z-UNION TERMA TERMB)) (F-OR (ISIN X TERMA) (ISIN X TERMB))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0377 UNION-AXIOM-PROOF T) (DEFN IND-AXIOM (FORM X) (F-IMPLIES (F-AND (SUBST FORM X (PHI) 0) (FORALL X (F-IMPLIES (F-AND (Z-INT X) FORM) (SUBST FORM X (Z-SUCC X) 0)))) (FORALL X (F-IMPLIES (Z-INT X) FORM)))) (DEFN IND-AXIOM-PROOF (FORM X) (LIST 3 (LIST 5 FORM X) (IND-AXIOM FORM X))) (TOGGLE G0627 PREDICATE NIL) (PROVE-LEMMA IND-AXIOM-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA FORM SYMBOLS) (VARIABLE X) (SUBSET (LIST (FN 0 0) (FN 3 1) (P 2 1)) SYMBOLS) (EQUAL CONCL (IND-AXIOM FORM X))) (PROVES (IND-AXIOM-PROOF FORM X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0629 PREDICATE T) (TOGGLE G0378 IND-AXIOM-PROOF T) (TOGGLE G0379 PRF T) (PROVE-LEMMA PROVES-IS-FORMULA (REWRITE) (IMPLIES (PROVES PF EXP GIVEN DEFNS SYMBOLS) (FORMULA EXP SYMBOLS))) (PROVE-LEMMA PROVES-IS-FORMULA-AGAIN (REWRITE) (IMPLIES (NOT (FORMULA EXP SYMBOLS)) (NOT (PROVES PF EXP GIVEN DEFNS SYMBOLS)))) (TOGGLE G0380 PROVES T) ;;;;;;;The commutativity of disjunction is the first example of a `derived inference rule'. ;;;;;;;COMMUT-PROOF constructs a proof of "(B or A)" given a proof of "(A or B)". (DEFN COMMUT-PROOF (A B PF) (CUT-PROOF A B A PF (PROP-AXIOM-PROOF A))) ;;;;;;;The lemma below establishes that this is the required proof. The definition ;;;;;;;of COMMUT-PROOF then becomes irrelevant and is disabled. (PROVE-LEMMA COMMUT-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-OR A B) GIVEN DEFNS SYMBOLS) (PROVES (COMMUT-PROOF A B PF) (F-OR B A) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-OR A B)))) (DISABLE PROVES-IS-FORMULA))) (TOGGLE G2766 COMMUT-PROOF T) (DEFN DETACH-PROOF (A B PF1 PF2) (CONTRAC-PROOF B (CUT-PROOF A B B (COMMUT-PROOF B A (EXPAN-PROOF B A PF1)) PF2))) (TOGGLE G0503 PROVES-IS-FORMULA T) ;;;;;;;Modus Ponens is proved as a derived inference rule below. (PROVE-LEMMA DETACH-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 A GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES A B) GIVEN DEFNS SYMBOLS)) (PROVES (DETACH-PROOF A B PF1 PF2) B GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES A B)))))) (TOGGLE G2767 DETACH-PROOF T) (PROVE-LEMMA FORMULA-F-IMPLIES (REWRITE) (EQUAL (FORMULA (F-IMPLIES X Y) SYMBOLS) (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS)))) (PROVE-LEMMA COVERING-F-IMPLIES (REWRITE) (EQUAL (COVERING (F-IMPLIES X Y) VAR 0) (APPEND (COVERING X VAR 0) (COVERING Y VAR 0)))) (PROVE-LEMMA MEMBER-APPEND (REWRITE) (EQUAL (MEMBER X (APPEND Y Z)) (OR (MEMBER X Y) (MEMBER X Z)))) (PROVE-LEMMA COLLECT-FREE-F-IMPLIES (REWRITE) (EQUAL (COLLECT-FREE (F-IMPLIES X Y) 0) (APPEND (COLLECT-FREE X 0) (COLLECT-FREE Y 0)))) (TOGGLE G0344 F-IMPLIES T) (DEFN LIST-IMPLIES (LIST CONC) (IF (NLISTP LIST) CONC (IF (NLISTP (CDR LIST)) (F-IMPLIES (CAR LIST) CONC) (F-IMPLIES (CAR LIST) (LIST-IMPLIES (CDR LIST) CONC))))) (DEFN LIST-DETACH-PROOF (ALIST B PFLIST PF2) (IF (NLISTP ALIST) PF2 (IF (NLISTP (CDR ALIST)) (DETACH-PROOF (CAR ALIST) B (CAR PFLIST) PF2) (LIST-DETACH-PROOF (CDR ALIST) B (CDR PFLIST) (DETACH-PROOF (CAR ALIST) (LIST-IMPLIES (CDR ALIST) B) (CAR PFLIST) PF2))))) (PROVE-LEMMA FORMULA-LIST-IMPLIES NIL (IMPLIES (AND (FORMULA (LIST-IMPLIES ALIST B) SYMBOLS) (LISTP ALIST)) (FORMULA (LIST-IMPLIES (CDR ALIST) B) SYMBOLS))) ;;;;;;;PROVES-LIST checks that PFLIST is a list of proofs of the elements of ;;;;;;;the list EXPLIST. (DEFN PROVES-LIST (PFLIST EXPLIST GIVEN DEFNS SYMBOLS) (IF (NLISTP EXPLIST) (EQUAL PFLIST NIL) (AND (PROVES (CAR PFLIST) (CAR EXPLIST) GIVEN DEFNS SYMBOLS) (PROVES-LIST (CDR PFLIST) (CDR EXPLIST) GIVEN DEFNS SYMBOLS)))) (PROVE-LEMMA DETACH-RULE-CORR (REWRITE) (IMPLIES (AND (PROVES-LIST PFLIST ALIST GIVEN DEFNS SYMBOLS) (PROVES PF2 (LIST-IMPLIES ALIST B) GIVEN DEFNS SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (LIST-DETACH-PROOF ALIST B PFLIST PF2) B GIVEN DEFNS SYMBOLS)) ((INDUCT (LIST-DETACH-PROOF ALIST B PFLIST PF2)) (USE (FORMULA-LIST-IMPLIES)))) (TOGGLE G0220 LIST-DETACH-PROOF T) (DEFN RT-EXPAN-PROOF (A B PF) (COMMUT-PROOF B A (EXPAN-PROOF B A PF))) (PROVE-LEMMA RT-EXPAN-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF A GIVEN DEFNS SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (RT-EXPAN-PROOF A B PF) (F-OR A B) GIVEN DEFNS SYMBOLS))) (TOGGLE G0227 RT-EXPAN-PROOF T) ;;;;;;;MAKE-DISJUNCT returns a disjunction of a given list of formulas. (DEFN MAKE-DISJUNCT (FLIST) (IF (NLISTP FLIST) NIL (IF (NLISTP (CDR FLIST)) (CAR FLIST) (F-OR (CAR FLIST) (MAKE-DISJUNCT (CDR FLIST)))))) (DEFN M1-PROOF (EXP FLIST PF) (IF (NLISTP FLIST) NIL (IF (NLISTP (CDR FLIST)) PF (IF (EQUAL EXP (CAR FLIST)) (RT-EXPAN-PROOF (CAR FLIST) (MAKE-DISJUNCT (CDR FLIST)) PF) (EXPAN-PROOF (CAR FLIST) (MAKE-DISJUNCT (CDR FLIST)) (M1-PROOF EXP (CDR FLIST) PF)))))) ;;;;;;;The rule below asserts that if "A" is provable, so is any disjunction ;;;;;;;which contains "A" as a disjunct. (PROVE-LEMMA M1-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS) (MEMBER EXP FLIST) (PROVES PF EXP GIVEN DEFNS SYMBOLS)) (PROVES (M1-PROOF EXP FLIST PF) (MAKE-DISJUNCT FLIST) GIVEN DEFNS SYMBOLS)) ((INDUCT (M1-PROOF EXP FLIST PF)))) (TOGGLE G0228 M1-PROOF T) ;;;;;;;Note that the lemma in the above form contains MAKE-DISJUNCT in the ;;;;;;;conclusion which might prevent a match with a disjunction of the ;;;;;;;form "(A or B)". This is remedied by moving it to the hypothesis in ;;;;;;;the rephrased form below. The lemma had to first be proved in the ;;;;;;;above form to get the induction right. (PROVE-LEMMA M1-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS) (MEMBER EXP FLIST) (PROVES PF EXP GIVEN DEFNS SYMBOLS) (EQUAL CONCL (MAKE-DISJUNCT FLIST))) (PROVES (M1-PROOF EXP FLIST PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (M1-PROOF-PROVES)))) (TOGGLE G0504 M1-PROOF-PROVES T) (DEFN RT-ASSOC-PROOF (A B C PF) (COMMUT-PROOF (F-OR B C) A (ASSOC-PROOF B C A (COMMUT-PROOF (F-OR C A) B (ASSOC-PROOF C A B (COMMUT-PROOF (F-OR A B) C PF)))))) (PROVE-LEMMA RT-ASSOC-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-OR (F-OR A B) C) GIVEN DEFNS SYMBOLS) (PROVES (RT-ASSOC-PROOF A B C PF) (F-OR A (F-OR B C)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-OR (F-OR A B) C)))))) (TOGGLE G0231 RT-ASSOC-PROOF T) (DEFN INSERT-PROOF (A B C PF) (COMMUT-PROOF (F-OR A C) B (ASSOC-PROOF A C B (EXPAN-PROOF A (F-OR C B) (COMMUT-PROOF B C PF))))) (PROVE-LEMMA INSERT-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF (F-OR B C) GIVEN DEFNS SYMBOLS) (FORMULA A SYMBOLS)) (PROVES (INSERT-PROOF A B C PF) (F-OR B (F-OR A C)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-OR B C)))))) (TOGGLE G0232 INSERT-PROOF T) (DEFN M2-PROOF-STEP (EXP1 EXP2 FLIST PF) (IF (NLISTP FLIST) NIL (IF (NLISTP (CDR FLIST)) (IF (EQUAL EXP2 (CAR FLIST)) PF NIL) (IF (EQUAL EXP2 (CAR FLIST)) (RT-ASSOC-PROOF EXP1 EXP2 (MAKE-DISJUNCT (CDR FLIST)) (RT-EXPAN-PROOF (F-OR EXP1 EXP2) (MAKE-DISJUNCT (CDR FLIST)) PF)) (INSERT-PROOF (CAR FLIST) EXP1 (MAKE-DISJUNCT (CDR FLIST)) (M2-PROOF-STEP EXP1 EXP2 (CDR FLIST) PF)))))) (PROVE-LEMMA M2-PROOF-STEP-PROVES (REWRITE) (IMPLIES (AND (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS) (MEMBER EXP2 FLIST) (PROVES PF (F-OR EXP1 EXP2) GIVEN DEFNS SYMBOLS)) (PROVES (M2-PROOF-STEP EXP1 EXP2 FLIST PF) (F-OR EXP1 (MAKE-DISJUNCT FLIST)) GIVEN DEFNS SYMBOLS)) ((INDUCT (M2-PROOF-STEP EXP1 EXP2 FLIST PF)) (USE (PROVES-IS-FORMULA (EXP (F-OR EXP1 EXP2)))))) (PROVE-LEMMA M2-PROOF-STEP-PROVES1 (REWRITE) (IMPLIES (AND (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS) (MEMBER EXP2 FLIST) (PROVES PF (F-OR EXP1 EXP2) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-OR EXP1 (MAKE-DISJUNCT FLIST)))) (PROVES (M2-PROOF-STEP EXP1 EXP2 FLIST PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (M2-PROOF-STEP-PROVES)))) (TOGGLE G0233 M2-PROOF-STEP T) (TOGGLE G0234 M2-PROOF-STEP-PROVES T) (DEFN M2-PROOF (EXP1 EXP2 FLIST PF) (IF (NLISTP FLIST) NIL (IF (EQUAL EXP1 EXP2) (M1-PROOF EXP1 FLIST (CONTRAC-PROOF EXP1 PF)) (IF (EQUAL EXP1 (CAR FLIST)) (M2-PROOF-STEP EXP1 EXP2 (CDR FLIST) PF) (IF (EQUAL EXP2 (CAR FLIST)) (M2-PROOF-STEP EXP2 EXP1 (CDR FLIST) (COMMUT-PROOF EXP1 EXP2 PF)) (EXPAN-PROOF (CAR FLIST) (MAKE-DISJUNCT (CDR FLIST)) (M2-PROOF EXP1 EXP2 (CDR FLIST) PF))))))) ;;;;;;;The rule below asserts that if "(A or B)" is provable, so is any ;;;;;;;disjunction which contains "A" and "B" as disjuncts. (PROVE-LEMMA M2-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS) (MEMBER EXP1 FLIST) (MEMBER EXP2 FLIST) (PROVES PF (F-OR EXP1 EXP2) GIVEN DEFNS SYMBOLS)) (PROVES (M2-PROOF EXP1 EXP2 FLIST PF) (MAKE-DISJUNCT FLIST) GIVEN DEFNS SYMBOLS)) ((INDUCT (M2-PROOF EXP1 EXP2 FLIST PF)) (USE (PROVES-IS-FORMULA (EXP (F-OR EXP1 EXP2)))))) (PROVE-LEMMA M2-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS) (MEMBER EXP1 FLIST) (MEMBER EXP2 FLIST) (PROVES PF (F-OR EXP1 EXP2) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (MAKE-DISJUNCT FLIST))) (PROVES (M2-PROOF EXP1 EXP2 FLIST PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (M2-PROOF-PROVES)))) (TOGGLE G0235 M2-PROOF T) (TOGGLE G0236 M2-PROOF-PROVES T) (DEFN M3-PROOF (EXP1 EXP2 FLIST2 PF) (CONTRAC-PROOF (MAKE-DISJUNCT FLIST2) (CONTRAC-PROOF (F-OR (MAKE-DISJUNCT FLIST2) (MAKE-DISJUNCT FLIST2)) (M2-PROOF (F-OR (MAKE-DISJUNCT FLIST2) (MAKE-DISJUNCT FLIST2)) EXP1 (CONS (F-OR (MAKE-DISJUNCT FLIST2) (MAKE-DISJUNCT FLIST2)) (CONS (MAKE-DISJUNCT FLIST2) FLIST2)) (ASSOC-PROOF (MAKE-DISJUNCT FLIST2) (MAKE-DISJUNCT FLIST2) EXP1 (COMMUT-PROOF (F-OR (MAKE-DISJUNCT FLIST2) EXP1) (MAKE-DISJUNCT FLIST2) (M2-PROOF (F-OR (MAKE-DISJUNCT FLIST2) EXP1) EXP2 (CONS (F-OR (MAKE-DISJUNCT FLIST2) EXP1) FLIST2) (ASSOC-PROOF (MAKE-DISJUNCT FLIST2) EXP1 EXP2 (COMMUT-PROOF (F-OR EXP1 EXP2) (MAKE-DISJUNCT FLIST2) PF))))))))) (DEFN FORM-LIST (FLIST SYMBOLS) (IF (LISTP FLIST) (AND (FORMULA (CAR FLIST) SYMBOLS) (FORM-LIST (CDR FLIST) SYMBOLS)) T)) (PROVE-LEMMA SUBSET-CONS (REWRITE) (IMPLIES (SUBSET X Y) (SUBSET X (CONS Z Y)))) (PROVE-LEMMA FORMLIST-FORMULA-MAKE-DISJ (REWRITE) (IMPLIES (AND (LISTP FLIST) (FORM-LIST FLIST SYMBOLS)) (FORMULA (MAKE-DISJUNCT FLIST) SYMBOLS))) (PROVE-LEMMA M3-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF (MAKE-DISJUNCT (CONS (F-OR EXP1 EXP2) FLIST2)) GIVEN DEFNS SYMBOLS) (MEMBER EXP1 FLIST2) (MEMBER EXP2 FLIST2)) (PROVES (M3-PROOF EXP1 EXP2 FLIST2 PF) (MAKE-DISJUNCT FLIST2) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (MAKE-DISJUNCT (CONS (F-OR EXP1 EXP2) FLIST2))))))) (TOGGLE G0222 M3-PROOF T) (PROVE-LEMMA M3-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (PROVES PF (MAKE-DISJUNCT (CONS (F-OR EXP1 EXP2) FLIST2)) GIVEN DEFNS SYMBOLS) (MEMBER EXP1 FLIST2) (MEMBER EXP2 FLIST2) (EQUAL CONCL (MAKE-DISJUNCT FLIST2))) (PROVES (M3-PROOF EXP1 EXP2 FLIST2 PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (M3-PROOF-PROVES)))) (TOGGLE G0229 M3-PROOF-PROVES T) (DEFN M-PROOF (FLIST1 FLIST2 PF) (IF (NLISTP FLIST1) NIL (IF (NLISTP (CDR FLIST1)) (M1-PROOF (CAR FLIST1) FLIST2 PF) (IF (NLISTP (CDDR FLIST1)) (M2-PROOF (CAR FLIST1) (CADR FLIST1) FLIST2 PF) (M3-PROOF (CAR FLIST1) (CADR FLIST1) FLIST2 (M-PROOF (CONS (F-OR (CAR FLIST1) (CADR FLIST1)) (CDDR FLIST1)) (CONS (F-OR (CAR FLIST1) (CADR FLIST1)) FLIST2) (ASSOC-PROOF (CAR FLIST1) (CADR FLIST1) (MAKE-DISJUNCT (CDDR FLIST1)) PF)))))) ((LESSP (LENGTH FLIST1)))) ;;;;;;;The rule below is the important lemma on disjuncts which asserts that ;;;;;;;if a disjunction of formulas {"A1",...,"Am"} is provable, so is any ;;;;;;;disjunction of formulas {"B1",...,"Bn"} which contains all the "Ai". (PROVE-LEMMA M-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-LIST FLIST2 SYMBOLS) (LISTP FLIST1) (LISTP FLIST2) (SUBSET FLIST1 FLIST2) (PROVES PF (MAKE-DISJUNCT FLIST1) GIVEN DEFNS SYMBOLS)) (PROVES (M-PROOF FLIST1 FLIST2 PF) (MAKE-DISJUNCT FLIST2) GIVEN DEFNS SYMBOLS)) ((INDUCT (M-PROOF FLIST1 FLIST2 PF)))) (DEFN TERMP1 (EXP FLG) (IF (ZEROP FLG) (IF (LISTP EXP) (AND (FUNCTION (CAR EXP)) (EQUAL (LENGTH (CDR EXP)) (DEGREE (CAR EXP))) (TERMP1 (CDR EXP) 1)) (VARIABLE EXP)) (IF (NLISTP EXP) T (AND (TERMP1 (CAR EXP) 0) (TERMP1 (CDR EXP) 1))))) (PROVE-LEMMA TERMP-TERMP1 (REWRITE) (IMPLIES (TERMP EXP FLG SYMBOLS) (TERMP1 EXP FLG))) (DEFN ATOMP1 (EXP) (AND (PREDICATE (CAR EXP)) (EQUAL (LENGTH (CDR EXP)) (DEGREE (CAR EXP))) (TERMP1 (CDR EXP) 1))) (TOGGLE G0345 ATOMP NIL) (PROVE-LEMMA ATOMP-ATOMP1 (REWRITE) (IMPLIES (ATOMP EXP SYMBOLS) (ATOMP1 EXP))) (DEFN DBLE-NEG-TYPE (EXP) (AND (F-NOTP EXP) (F-NOTP (ARG EXP)))) (DEFN NEG (EXP1 EXP2) (OR (EQUAL EXP1 (F-NOT EXP2)) (EQUAL EXP2 (F-NOT EXP1)))) (DEFN NEG-LIST (EXP LIST) (IF (F-NOTP EXP) (MEMBER (ARG EXP) LIST) (MEMBER (F-NOT EXP) LIST))) (DEFN ELEM-FORM (EXP) (OR (ATOMP1 EXP) (AND (FORSOMEP EXP) (EQUAL EXP (FORSOME (BIND EXP) (BODY EXP)))))) (DEFN NEG-ELEM-FORM (EXP) (AND (F-NOTP EXP) (ELEM-FORM (ARG EXP)))) (DEFN PROP-ATOMP (EXP) (OR (ELEM-FORM EXP) (NEG-ELEM-FORM EXP))) (DEFN FORM-COUNT (EXP) (IF (F-NOTP EXP) (ADD1 (FORM-COUNT (ARG EXP))) (IF (F-ORP EXP) (ADD1 (PLUS (FORM-COUNT (ARG1 EXP)) (FORM-COUNT (ARG2 EXP)))) 1))) (DEFN LIST-COUNT (LIST) (IF (LISTP LIST) (PLUS (FORM-COUNT (CAR LIST)) (LIST-COUNT (CDR LIST))) 0)) (DEFN NOR-TYPE (EXP) (AND (F-NOTP EXP) (F-ORP (ARG EXP)))) (PROVE-LEMMA LESSP-LIST-COUNT (REWRITE) (IMPLIES (LISTP FLIST) (LESSP (LIST-COUNT (CDR FLIST)) (LIST-COUNT FLIST)))) (PROVE-LEMMA F-ORP-LIST-COUNT (REWRITE) (IMPLIES (AND (F-ORP (CAR FLIST)) (LISTP FLIST)) (LESSP (LIST-COUNT (CONS (ARG1 (CAR FLIST)) (CONS (ARG2 (CAR FLIST)) (CDR FLIST)))) (LIST-COUNT FLIST)))) (PROVE-LEMMA NOR-TYPE-LIST-COUNT1 (REWRITE) (IMPLIES (AND (LISTP FLIST) (NOR-TYPE (CAR FLIST))) (LESSP (LIST-COUNT (CONS (F-NOT (ARG1 (ARG (CAR FLIST)))) (CDR FLIST))) (LIST-COUNT FLIST)))) (PROVE-LEMMA NOR-TYPE-LIST-COUNT2 (REWRITE) (IMPLIES (AND (LISTP FLIST) (NOR-TYPE (CAR FLIST))) (LESSP (LIST-COUNT (CONS (F-NOT (ARG2 (ARG (CAR FLIST)))) (CDR FLIST))) (LIST-COUNT FLIST)))) (PROVE-LEMMA DBLE-NEG-LIST-COUNT (REWRITE) (IMPLIES (AND (LISTP FLIST) (DBLE-NEG-TYPE (CAR FLIST))) (LESSP (LIST-COUNT (CONS (ARG (ARG (CAR FLIST))) (CDR FLIST))) (LIST-COUNT FLIST)))) (TOGGLE G0240 LIST-COUNT T) ;;;;;;;TAUTOLOGYP1 is the tautology-checker. It recurses through a list of ;;;;;;;formulas FLIST and builds up a list of literals AUXLIST. If AUXLIST ;;;;;;;is ever to contain a literal and its negation, TAUTOLOGYP1 returns T. ;;;;;;;Otherwise, it returns F. (DEFN TAUTOLOGYP1 (FLIST AUXLIST) (IF (LISTP FLIST) (IF (F-ORP (CAR FLIST)) (TAUTOLOGYP1 (CONS (ARG1 (CAR FLIST)) (CONS (ARG2 (CAR FLIST)) (CDR FLIST))) AUXLIST) (IF (NOR-TYPE (CAR FLIST)) (AND (TAUTOLOGYP1 (CONS (F-NOT (ARG1 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST) (TAUTOLOGYP1 (CONS (F-NOT (ARG2 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST)) (IF (DBLE-NEG-TYPE (CAR FLIST)) (TAUTOLOGYP1 (CONS (ARG (ARG (CAR FLIST))) (CDR FLIST)) AUXLIST) (OR (NEG-LIST (CAR FLIST) AUXLIST) (TAUTOLOGYP1 (CDR FLIST) (CONS (CAR FLIST) AUXLIST)))))) F) ((LESSP (LIST-COUNT FLIST)))) (PROVE-LEMMA FORM-LIST-APPEND (REWRITE) (IMPLIES (AND (FORM-LIST X SYMBOLS) (FORM-LIST Y SYMBOLS)) (FORM-LIST (APPEND X Y) SYMBOLS)) ((INDUCT (APPEND X Y)) (DISABLE FORMULA))) (DEFN NEG-PROOF (EXP1 EXP2) (IF (EQUAL EXP1 (F-NOT EXP2)) (PROP-AXIOM-PROOF EXP2) (COMMUT-PROOF EXP2 EXP1 (PROP-AXIOM-PROOF EXP1)))) (PROVE-LEMMA NEG-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP1 SYMBOLS) (FORMULA EXP2 SYMBOLS) (NEG EXP1 EXP2) (EQUAL CONCL (F-OR EXP1 EXP2))) (PROVES (NEG-PROOF EXP1 EXP2) CONCL GIVEN DEFNS SYMBOLS))) (DEFN NEG-LIST-PROOF (EXP FLIST) (IF (MEMBER (F-NOT EXP) FLIST) (M2-PROOF EXP (F-NOT EXP) (CONS EXP FLIST) (NEG-PROOF EXP (F-NOT EXP))) (M2-PROOF EXP (ARG EXP) (CONS EXP FLIST) (NEG-PROOF EXP (ARG EXP))))) (PROVE-LEMMA NEG-LIST-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (FORM-LIST FLIST SYMBOLS) (NEG-LIST EXP FLIST) (EQUAL CONCL (MAKE-DISJUNCT (CONS EXP FLIST)))) (PROVES (NEG-LIST-PROOF EXP FLIST) CONCL GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA SUBSET-IDENT (REWRITE) (SUBSET X X)) (PROVE-LEMMA SUBSET-CAR (REWRITE) (SUBSET X (CONS Y X))) (PROVE-LEMMA SUBSET-APPEND (REWRITE) (SUBSET (CONS EXP LIST2) (APPEND (CONS EXP LIST1) LIST2))) (PROVE-LEMMA M-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORM-LIST FLIST2 SYMBOLS) (SUBSET FLIST1 FLIST2) (PROVES PF (MAKE-DISJUNCT FLIST1) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (MAKE-DISJUNCT FLIST2))) (PROVES (M-PROOF FLIST1 FLIST2 PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (M-PROOF-PROVES)))) (TOGGLE G0505 M-PROOF-PROVES T) (TOGGLE G0256 NEG-LIST-PROOF T) (DEFN PROP-ATOM-PROOF1 (FLIST1 FLIST2) (M-PROOF (CONS (CAR FLIST1) FLIST2) (APPEND FLIST1 FLIST2) (NEG-LIST-PROOF (CAR FLIST1) FLIST2))) (PROVE-LEMMA PROP-ATOM-PROOF1-PROVES (REWRITE) (IMPLIES (AND (FORM-LIST FLIST1 SYMBOLS) (LISTP FLIST1) (FORM-LIST FLIST2 SYMBOLS) (NEG-LIST (CAR FLIST1) FLIST2) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST1 FLIST2)))) (PROVES (PROP-ATOM-PROOF1 FLIST1 FLIST2) CONCL GIVEN DEFNS SYMBOLS)) ((USE (SUBSET-APPEND (EXP (CAR FLIST1)) (LIST1 (CDR FLIST1)) (LIST2 FLIST2))))) (TOGGLE G0259 PROP-ATOM-PROOF1 T) (PROVE-LEMMA SUBSET-APPEND-CAR (REWRITE) (SUBSET (APPEND LIST1 (CONS EXP LIST2)) (APPEND (CONS EXP LIST1) LIST2))) (PROVE-LEMMA FORM-LIST-APPEND-CAR (REWRITE) (IMPLIES (AND (FORM-LIST (CONS EXP LIST1) SYMBOLS) (OR (EQUAL LIST2 NIL) (FORM-LIST LIST2 SYMBOLS))) (FORM-LIST (APPEND LIST1 (CONS EXP LIST2)) SYMBOLS))) (DEFN PROP-ATOM-PROOF2 (FLIST1 FLIST2 PF) (M-PROOF (APPEND (CDR FLIST1) (CONS (CAR FLIST1) FLIST2)) (APPEND FLIST1 FLIST2) PF)) (PROVE-LEMMA PROP-ATOM-PROOF2-PROVES (REWRITE) (IMPLIES (AND (FORM-LIST FLIST1 SYMBOLS) (LISTP FLIST1) (FORM-LIST FLIST2 SYMBOLS) (PROVES PF (MAKE-DISJUNCT (APPEND (CDR FLIST1) (CONS (CAR FLIST1) FLIST2))) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST1 FLIST2)))) (PROVES (PROP-ATOM-PROOF2 FLIST1 FLIST2 PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (SUBSET-APPEND-CAR (LIST1 (CDR FLIST1)) (EXP (CAR FLIST1)) (LIST2 FLIST2))))) (TOGGLE G0258 PROP-ATOM-PROOF2 T) (DEFN CANCEL-PROOF (A B PF1 PF2) (CONTRAC-PROOF B (CUT-PROOF A B B PF2 (RT-EXPAN-PROOF (F-NOT A) B PF1)))) (PROVE-LEMMA CANCEL-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-NOT A) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-OR A B) GIVEN DEFNS SYMBOLS)) (PROVES (CANCEL-PROOF A B PF1 PF2) B GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-OR A B)) (PF PF2))))) (TOGGLE G0255 CANCEL-PROOF T) (DEFN NLISTP-NOR-TYPE-PROOF (A B PF1 PF2) (CANCEL-PROOF B (F-NOT (F-OR A B)) PF2 (CANCEL-PROOF A (F-OR B (F-NOT (F-OR A B))) PF1 (M-PROOF (LIST (F-NOT (F-OR A B)) A B) (LIST A B (F-NOT (F-OR A B))) (PROP-AXIOM-PROOF (F-OR A B)))))) (DEFN LISTP-NOR-TYPE-PROOF (A B C PF1 PF2) (M-PROOF (LIST (F-NOT (F-OR A B)) C C) (LIST (F-NOT (F-OR A B)) C) (RT-ASSOC-PROOF (F-NOT (F-OR A B)) C C (CUT-PROOF B (F-OR (F-NOT (F-OR A B)) C) C (RT-ASSOC-PROOF B (F-NOT (F-OR A B)) C (CUT-PROOF A (F-OR B (F-NOT (F-OR A B))) C (M-PROOF (LIST (F-NOT (F-OR A B)) A B) (LIST A B (F-NOT (F-OR A B))) (PROP-AXIOM-PROOF (F-OR A B))) PF1)) PF2)))) (DEFN NOR-PROOF (A B CLIST PF1 PF2) (IF (NLISTP CLIST) (NLISTP-NOR-TYPE-PROOF A B PF1 PF2) (LISTP-NOR-TYPE-PROOF A B (MAKE-DISJUNCT CLIST) PF1 PF2))) (DEFN NLISTP-DBLE-NEG-PROOF (A PF) (CONTRAC-PROOF (F-NOT (F-NOT A)) (CUT-PROOF A (F-NOT (F-NOT A)) (F-NOT (F-NOT A)) (RT-EXPAN-PROOF A (F-NOT (F-NOT A)) PF) (COMMUT-PROOF (F-NOT (F-NOT A)) (F-NOT A) (PROP-AXIOM-PROOF (F-NOT A)))))) (DEFN LISTP-DBLE-NEG-PROOF (A C PF) (COMMUT-PROOF C (F-NOT (F-NOT A)) (CUT-PROOF A C (F-NOT (F-NOT A)) PF (COMMUT-PROOF (F-NOT (F-NOT A)) (F-NOT A) (PROP-AXIOM-PROOF (F-NOT A)))))) (DEFN DBLE-NEG-PROOF (A CLIST PF) (IF (NLISTP CLIST) (NLISTP-DBLE-NEG-PROOF A PF) (LISTP-DBLE-NEG-PROOF A (MAKE-DISJUNCT CLIST) PF))) (DEFN F-ORP-PROOF (A B CLIST PF) (IF (NLISTP CLIST) PF (ASSOC-PROOF A B (MAKE-DISJUNCT CLIST) PF))) ;;;;;;;TAUT-PROOF1 is the proof-constructor that constructs the proof for a formula ;;;;;;;asserted to be a tautology by TAUTOLOGYP1. TAUT-PROOF1 and TAUTOLOGYP1 recurse ;;;;;;;in the same way. (DEFN TAUT-PROOF1 (FLIST AUXLIST) (IF (LISTP FLIST) (IF (F-ORP (CAR FLIST)) (F-ORP-PROOF (ARG1 (CAR FLIST)) (ARG2 (CAR FLIST)) (APPEND (CDR FLIST) AUXLIST) (TAUT-PROOF1 (CONS (ARG1 (CAR FLIST)) (CONS (ARG2 (CAR FLIST)) (CDR FLIST))) AUXLIST)) (IF (NOR-TYPE (CAR FLIST)) (NOR-PROOF (ARG1 (ARG (CAR FLIST))) (ARG2 (ARG (CAR FLIST))) (APPEND (CDR FLIST) AUXLIST) (TAUT-PROOF1 (CONS (F-NOT (ARG1 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST) (TAUT-PROOF1 (CONS (F-NOT (ARG2 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST)) (IF (DBLE-NEG-TYPE (CAR FLIST)) (DBLE-NEG-PROOF (ARG (ARG (CAR FLIST))) (APPEND (CDR FLIST) AUXLIST) (TAUT-PROOF1 (CONS (ARG (ARG (CAR FLIST))) (CDR FLIST)) AUXLIST)) (IF (NEG-LIST (CAR FLIST) AUXLIST) (PROP-ATOM-PROOF1 FLIST AUXLIST) (PROP-ATOM-PROOF2 FLIST AUXLIST (TAUT-PROOF1 (CDR FLIST) (CONS (CAR FLIST) AUXLIST))))))) NIL) ((LESSP (LIST-COUNT FLIST)))) ;;;;;;;The lemma below is a form of the tautology theorem. If (TAUTOLOGYP1 FLIST AUXLIST) ;;;;;;;is T, then (TAUT-PROOF1 FLIST AUXLIST) constructs a correct proof of ;;;;;;;the disjunction of the formulas in FLIST and AUXLIST. We still have to ;;;;;;;show that the tautology-checker TAUTOLOGYP1 is correct w.r.t the truth-table ;;;;;;;definition of a tautology. (PROVE-LEMMA TAUT-THM1 (REWRITE) (IMPLIES (AND (FORM-LIST FLIST SYMBOLS) (FORM-LIST AUXLIST SYMBOLS) (TAUTOLOGYP1 FLIST AUXLIST)) (PROVES (TAUT-PROOF1 FLIST AUXLIST) (MAKE-DISJUNCT (APPEND FLIST AUXLIST)) GIVEN DEFNS SYMBOLS)) ((INDUCT (TAUTOLOGYP1 FLIST AUXLIST)))) (TOGGLE G0275 TAUT-PROOF1 T) (PROVE-LEMMA TAUT-THM2 (REWRITE) (IMPLIES (AND (FORM-LIST FLIST SYMBOLS) (FORM-LIST AUXLIST SYMBOLS) (TAUTOLOGYP1 FLIST AUXLIST) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST AUXLIST)))) (PROVES (TAUT-PROOF1 FLIST AUXLIST) CONCL GIVEN DEFNS SYMBOLS)) ((USE (TAUT-THM1 (CONCL (MAKE-DISJUNCT (APPEND FLIST AUXLIST))))))) ;;;;;;;EVAL evaluates the truth-value of the Boolean expression EXP, ;;;;;;;where the truth-value assigned to atoms are specified in ALIST. (DEFN EVAL (EXP ALIST) (IF (F-NOTP EXP) (NOT (EVAL (ARG EXP) ALIST)) (IF (F-ORP EXP) (OR (EVAL (ARG1 EXP) ALIST) (EVAL (ARG2 EXP) ALIST)) (MEMBER EXP ALIST)))) (PROVE-LEMMA MEMBER-EVAL (REWRITE) (IMPLIES (AND (MEMBER EXP FLIST) (EVAL EXP ALIST)) (EVAL (MAKE-DISJUNCT FLIST) ALIST))) (PROVE-LEMMA EVAL-MAKE-DISJUNCT (REWRITE) (IMPLIES (AND (LISTP LIST1) (LISTP LIST2)) (EQUAL (EVAL (MAKE-DISJUNCT (APPEND LIST1 LIST2)) ALIST) (OR (EVAL (MAKE-DISJUNCT LIST1) ALIST) (EVAL (MAKE-DISJUNCT LIST2) ALIST))))) (PROVE-LEMMA NEG-LIST-EVAL (REWRITE) (IMPLIES (AND (LISTP FLIST1) (NEG-LIST (CAR FLIST1) FLIST2)) (EVAL (MAKE-DISJUNCT (APPEND FLIST1 FLIST2)) ALIST)) ((INDUCT (MEMBER X FLIST2)))) (PROVE-LEMMA EVAL-PROP-ATOMP (REWRITE) (IMPLIES (AND (LISTP FLIST1) (EVAL (MAKE-DISJUNCT (APPEND (CDR FLIST1) (CONS (CAR FLIST1) FLIST2))) ALIST)) (EVAL (MAKE-DISJUNCT (APPEND FLIST1 FLIST2)) ALIST)) ((INDUCT (APPEND FLIST FLIST2)))) (PROVE-LEMMA EVAL-PROP-ATOMP1 (REWRITE) (IMPLIES (AND (LISTP FLIST1) (EVAL (MAKE-DISJUNCT (APPEND (CDR FLIST1) (CONS (CAR FLIST1) FLIST2))) ALIST) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST1 FLIST2)))) (EVAL CONCL ALIST)) ((DISABLE APPEND))) (PROVE-LEMMA NEG-LIST-EVAL1 (REWRITE) (IMPLIES (AND (LISTP FLIST1) (NEG-LIST (CAR FLIST1) FLIST2) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST1 FLIST2)))) (EVAL CONCL ALIST))) ;;;;;;;The lemma below is one half of the correctness of the tautology-checker. ;;;;;;;It asserts that any formula checked to be a tautology, evaluates to ;;;;;;;true under any assignment of truth-values to the atoms. (PROVE-LEMMA TAUT-EVAL (REWRITE) (IMPLIES (TAUTOLOGYP1 FLIST AUXLIST) (EVAL (MAKE-DISJUNCT (APPEND FLIST AUXLIST)) ALIST)) ((DISABLE EVAL-MAKE-DISJUNCT NEG-LIST) (INDUCT (TAUTOLOGYP1 FLIST AUXLIST)))) ;;;;;;;FALSIFY attempts to return a falsifying assignment corresponding to a list of literals. (DEFN FALSIFY (LIST) (IF (NLISTP LIST) NIL (IF (F-NOTP (CAR LIST)) (CONS (ARG (CAR LIST)) (FALSIFY (CDR LIST))) (FALSIFY (CDR LIST))))) ;;;;;;;FALSIFY-TAUT attempts to return an assignment which falsifies a non-tautology. (DEFN FALSIFY-TAUT (FLIST AUXLIST) (IF (LISTP FLIST) (IF (F-ORP (CAR FLIST)) (FALSIFY-TAUT (CONS (ARG1 (CAR FLIST)) (CONS (ARG2 (CAR FLIST)) (CDR FLIST))) AUXLIST) (IF (NOR-TYPE (CAR FLIST)) (IF (FALSIFY-TAUT (CONS (F-NOT (ARG2 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST) (FALSIFY-TAUT (CONS (F-NOT (ARG2 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST) (FALSIFY-TAUT (CONS (F-NOT (ARG1 (ARG (CAR FLIST)))) (CDR FLIST)) AUXLIST)) (IF (DBLE-NEG-TYPE (CAR FLIST)) (FALSIFY-TAUT (CONS (ARG (ARG (CAR FLIST))) (CDR FLIST)) AUXLIST) (IF (NEG-LIST (CAR FLIST) AUXLIST) F (FALSIFY-TAUT (CDR FLIST) (CONS (CAR FLIST) AUXLIST)))))) (FALSIFY AUXLIST)) ((LESSP (LIST-COUNT FLIST)))) (PROVE-LEMMA NOT-FALSIFY-TAUT (REWRITE) (EQUAL (TAUTOLOGYP1 FLIST AUXLIST) (NOT (FALSIFY-TAUT FLIST AUXLIST))) ((INDUCT (TAUTOLOGYP1 FLIST AUXLIST)))) (PROVE-LEMMA EVAL-MEMBER (REWRITE) (IMPLIES (AND (NOT (F-NOTP EXP)) (NOT (F-ORP EXP)) (MEMBER EXP ALIST)) (EVAL EXP ALIST))) (DEFN PROP-ATOMP-LIST (FLIST) (IF (LISTP FLIST) (AND (NOT (F-ORP (CAR FLIST))) (NOT (NOR-TYPE (CAR FLIST))) (NOT (DBLE-NEG-TYPE (CAR FLIST))) (NOT (NEG-LIST (CAR FLIST) (CDR FLIST))) (PROP-ATOMP-LIST (CDR FLIST))) T)) (PROVE-LEMMA MEMBER-FALSIFY (REWRITE) (EQUAL (MEMBER EXP (FALSIFY LIST)) (MEMBER (F-NOT EXP) LIST))) (PROVE-LEMMA ALIST-CONS-EVAL2 (REWRITE) (IMPLIES (AND (NOT (MEMBER X FLIST)) (LISTP FLIST) (PROP-ATOMP-LIST FLIST) (NOT (EVAL (MAKE-DISJUNCT FLIST) ALIST))) (NOT (EVAL (MAKE-DISJUNCT FLIST) (CONS X ALIST))))) (PROVE-LEMMA PROP-ATOMP-LIST-EVAL (REWRITE) (IMPLIES (AND (LISTP FLIST) (PROP-ATOMP-LIST FLIST)) (NOT (EVAL (MAKE-DISJUNCT FLIST) (FALSIFY FLIST))))) (PROVE-LEMMA NOT-EVAL-PROP-ATOMP (REWRITE) (EQUAL (EVAL (MAKE-DISJUNCT (APPEND FLIST1 (CONS EXP FLIST2))) ALIST) (EVAL (MAKE-DISJUNCT (CONS EXP (APPEND FLIST1 FLIST2))) ALIST))) ;;;;;;;The lemma below is the second half of the correctness of the tautology-checker. ;;;;;;;It asserts that if AUXLIST does not contain both a literal and its negation, ;;;;;;;then any formula which is checked to not be a tautology is falsifiable. (PROVE-LEMMA NOT-TAUT-FALSE (REWRITE) (IMPLIES (AND (PROP-ATOMP-LIST AUXLIST) (NOT (TAUTOLOGYP1 FLIST AUXLIST))) (NOT (EVAL (MAKE-DISJUNCT (APPEND FLIST AUXLIST)) (FALSIFY-TAUT FLIST AUXLIST)))) ((INDUCT (FALSIFY-TAUT FLIST AUXLIST)))) ;;;;;;;TAUTOLOGYP is TAUTOLOGYP1 with AUXLIST set to NIL. (DEFN TAUTOLOGYP (FLIST) (TAUTOLOGYP1 FLIST NIL)) (DEFN TAUT-PROOF (FLIST) (TAUT-PROOF1 FLIST NIL)) (PROVE-LEMMA FORM-LIST-APPEND-NIL (REWRITE) (EQUAL (MAKE-DISJUNCT (APPEND FLIST NIL)) (MAKE-DISJUNCT FLIST))) (PROVE-LEMMA TAUTOLOGY-THEOREM (REWRITE) (IMPLIES (AND (FORM-LIST FLIST SYMBOLS) (TAUTOLOGYP FLIST) (EQUAL CONCL (MAKE-DISJUNCT FLIST))) (PROVES (TAUT-PROOF FLIST) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE TAUT-PROOF1 TAUTOLOGYP1 FORMULA NOT-FALSIFY-TAUT))) (PROVE-LEMMA TAUT-EVAL2 (REWRITE) (IMPLIES (AND (TAUTOLOGYP1 FLIST AUXLIST) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST AUXLIST)))) (EVAL CONCL ALIST)) ((DISABLE TAUTOLOGYP1 NOT-FALSIFY-TAUT))) (PROVE-LEMMA TAUTOLOGIES-ARE-TRUE (REWRITE) (IMPLIES (AND (LISTP FLIST) (TAUTOLOGYP FLIST)) (EVAL (MAKE-DISJUNCT FLIST) ALIST)) ((DISABLE FORMULA TAUTOLOGYP1 NOT-FALSIFY-TAUT))) (PROVE-LEMMA NOT-TAUT-FALSIFY2 (REWRITE) (IMPLIES (AND (PROP-ATOMP-LIST AUXLIST) (NOT (TAUTOLOGYP1 FLIST AUXLIST)) (EQUAL CONCL (MAKE-DISJUNCT (APPEND FLIST AUXLIST)))) (NOT (EVAL CONCL (FALSIFY-TAUT FLIST AUXLIST)))) ((DISABLE TAUTOLOGYP1 NOT-FALSIFY-TAUT FORMULA))) (PROVE-LEMMA TRUTHS-ARE-TAUTOLOGIES (REWRITE) (IMPLIES (NOT (TAUTOLOGYP FLIST)) (NOT (EVAL (MAKE-DISJUNCT FLIST) (FALSIFY-TAUT FLIST NIL)))) ((DISABLE TAUTOLOGYP1 NOT-FALSIFY-TAUT FORMULA))) (DEFN LIS-NOT (FLIST) (IF (NLISTP FLIST) NIL (CONS (F-NOT (CAR FLIST)) (LIS-NOT (CDR FLIST))))) (DEFN TAUT-CONSEQ (FLIST EXP) (TAUTOLOGYP (APPEND (LIS-NOT FLIST) (CONS EXP NIL)))) (DEFN TAUTCONSEQ-PROOF (FLIST EXP PFLIST) (LIST-DETACH-PROOF FLIST EXP PFLIST (TAUT-PROOF (APPEND (LIS-NOT FLIST) (CONS EXP NIL))))) (TOGGLE G0873 F-IMPLIES NIL) (PROVE-LEMMA EVAL-F-IMPLIES (REWRITE) (EQUAL (EVAL (F-IMPLIES X Y) ALIST) (IMPLIES (EVAL X ALIST) (EVAL Y ALIST)))) (PROVE-LEMMA LIST-IMPLIES-REDUC (REWRITE) (EQUAL (LIST-IMPLIES FLIST EXP) (MAKE-DISJUNCT (APPEND (LIS-NOT FLIST) (CONS EXP NIL))))) (TOGGLE G0874 F-IMPLIES T) (PROVE-LEMMA APPEND-EXP-FORM-LIST (REWRITE) (IMPLIES (AND (FORM-LIST FLIST SYMBOLS) (FORMULA EXP SYMBOLS)) (FORM-LIST (APPEND (LIS-NOT FLIST) (CONS EXP NIL)) SYMBOLS))) (PROVE-LEMMA EVAL-TAUTOLOGYP (REWRITE) (IMPLIES (EVAL (MAKE-DISJUNCT FLIST) (FALSIFY-TAUT FLIST NIL)) (TAUTOLOGYP FLIST)) ((DISABLE TAUTOLOGYP FORM-LIST FALSIFY-TAUT) (USE (TRUTHS-ARE-TAUTOLOGIES)))) (PROVE-LEMMA PROVES-LIST-FORM-LIST (REWRITE) (IMPLIES (PROVES-LIST PFLIST FLIST GIVEN DEFNS SYMBOLS) (FORM-LIST FLIST SYMBOLS))) (PROVE-LEMMA TAUT-CONSEQ-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (TAUT-CONSEQ FLIST EXP) (PROVES-LIST PFLIST FLIST GIVEN DEFNS SYMBOLS)) (PROVES (TAUTCONSEQ-PROOF FLIST EXP PFLIST) EXP GIVEN DEFNS SYMBOLS))) (TOGGLE G0276 TAUTCONSEQ-PROOF T) (PROVE-LEMMA EVAL-TAUTCONSEQ (REWRITE) (IMPLIES (AND (FORM-LIST FLIST SYMBOLS) (FORMULA EXP SYMBOLS) (EVAL (MAKE-DISJUNCT (APPEND (LIS-NOT FLIST) (CONS EXP NIL))) (FALSIFY-TAUT (APPEND (LIS-NOT FLIST) (CONS EXP NIL)) NIL))) (TAUT-CONSEQ FLIST EXP)) ((DISABLE TAUTOLOGYP APPEND FORMULA LIS-NOT EVAL-MAKE-DISJUNCT FORM-LIST) (USE (EVAL-TAUTOLOGYP (FLIST (APPEND (LIS-NOT FLIST) (CONS EXP NIL))))))) (TOGGLE G0277 TAUT-CONSEQ T) (TOGGLE G0282 FALSIFY-TAUT T) ;;;;;;;The lemma below is the frequently used form of the tautology theorem. ;;;;;;;It asserts that if EXP is a tautological consequence of a list of ;;;;;;;provable formulas FLIST, then EXP is provable. "B" is the ;;;;;;;tautological consequence of {"A1",...,"An"} if "(A1->(...->(An->B)))" is ;;;;;;;a tautology. A formula is a tautology if it evaluates to true under its ;;;;;;;falsifying assignment. (PROVE-LEMMA EVAL-TAUTCONSEQ-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (EVAL (MAKE-DISJUNCT (APPEND (LIS-NOT FLIST) (CONS EXP NIL))) (FALSIFY-TAUT (APPEND (LIS-NOT FLIST) (CONS EXP NIL)) NIL)) (PROVES-LIST PFLIST FLIST GIVEN DEFNS SYMBOLS)) (PROVES (TAUTCONSEQ-PROOF FLIST EXP PFLIST) EXP GIVEN DEFNS SYMBOLS)) ((DISABLE FORMULA FORM-LIST PROVES-LIST-FORM-LIST) (USE (PROVES-LIST-FORM-LIST)))) (TOGGLE G0283 TAUT-CONSEQ-PROVES T) ;;;;;;;The rules below are some properties of the various logical connectives which ;;;;;;;follow as straightforward consequences of the tautology theorem. (DEFN F-IFF-MP-PROOF1 (A B PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IFF A B) A) B (LIST PF1 PF2))) ;;;;;;;The rule of detachment for `<->' (first form). (PROVE-LEMMA F-IFF-MP-PROVES1 (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES PF2 A GIVEN DEFNS SYMBOLS)) (PROVES (F-IFF-MP-PROOF1 A B PF1 PF2) B GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IFF A B)))))) (TOGGLE G0284 F-IFF-MP-PROOF1 T) (DEFN F-IFF-MP-PROOF2 (A B PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IFF A B) B) A (LIST PF1 PF2))) ;;;;;;;The rule of detachment for `<->' (second form). (PROVE-LEMMA F-IFF-MP-PROVES2 (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES PF2 B GIVEN DEFNS SYMBOLS)) (PROVES (F-IFF-MP-PROOF2 A B PF1 PF2) A GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IFF A B)))))) (DEFN TRANS-IMPLIES-PROOF (A B C PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES A B) (F-IMPLIES B C)) (F-IMPLIES A C) (LIST PF1 PF2))) ;;;;;;;The transitivity of `->'. (PROVE-LEMMA TRANSITIVITY-OF-IMPLIES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES A B) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES B C) GIVEN DEFNS SYMBOLS)) (PROVES (TRANS-IMPLIES-PROOF A B C PF1 PF2) (F-IMPLIES A C) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES A B))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES B C)))) )) (TOGGLE G0285 TRANS-IMPLIES-PROOF T) ;;;;;;;The transitivity of `<->'. (DEFN TRANS-F-IFF-PROOF (A B C PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IFF A B) (F-IFF B C)) (F-IFF A C) (LIST PF1 PF2))) (PROVE-LEMMA TRANSITIVITY-OF-IFF (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IFF B C) GIVEN DEFNS SYMBOLS)) (PROVES (TRANS-F-IFF-PROOF A B C PF1 PF2) (F-IFF A C) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IFF A B))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IFF B C)))) )) (TOGGLE G0286 TRANS-F-IFF-PROOF T) (DEFN AND-SPLIT-PROOF1 (A B PF1) (TAUTCONSEQ-PROOF (LIST (F-AND A B)) A (LIST PF1))) ;;;;;;;Derive "A" from "(A and B)". (PROVE-LEMMA AND-SPLIT1 (REWRITE) (IMPLIES (PROVES PF1 (F-AND A B) GIVEN DEFNS SYMBOLS) (PROVES (AND-SPLIT-PROOF1 A B PF1) A GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-AND A B)))))) (DEFN AND-SPLIT-PROOF2 (A B PF1) (TAUTCONSEQ-PROOF (LIST (F-AND A B)) B (LIST PF1))) ;;;;;;;Derive "B" from "(A and B)". (PROVE-LEMMA AND-SPLIT2 (REWRITE) (IMPLIES (PROVES PF1 (F-AND A B) GIVEN DEFNS SYMBOLS) (PROVES (AND-SPLIT-PROOF2 A B PF1) B GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-AND A B)))))) (DEFN AND-JOIN-PROOF (A B PF1 PF2) (TAUTCONSEQ-PROOF (LIST A B) (F-AND A B) (LIST PF1 PF2))) ;;;;;;;Derive "(A and B)" from "A" and "B". (PROVE-LEMMA AND-JOIN (REWRITE) (IMPLIES (AND (PROVES PF1 A GIVEN DEFNS SYMBOLS) (PROVES PF2 B GIVEN DEFNS SYMBOLS)) (PROVES (AND-JOIN-PROOF A B PF1 PF2) (F-AND A B) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP A)) (PROVES-IS-FORMULA (PF PF2) (EXP B))))) (TOGGLE G0287 AND-SPLIT-PROOF1 T) (TOGGLE G0288 AND-SPLIT-PROOF2 T) (TOGGLE G0289 AND-JOIN-PROOF T) (DEFN IFF-SPLIT-PROOF1 (A B PF1) (TAUTCONSEQ-PROOF (LIST (F-IFF A B)) (F-IMPLIES A B) (LIST PF1))) ;;;;;;;Derive "(A -> B)" from "(A <-> B)". (PROVE-LEMMA IFF-SPLIT1 (REWRITE) (IMPLIES (PROVES PF1 (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES (IFF-SPLIT-PROOF1 A B PF1) (F-IMPLIES A B) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IFF A B)))))) (TOGGLE G0290 IFF-SPLIT-PROOF1 T) (DEFN IFF-SPLIT-PROOF2 (A B PF1) (TAUTCONSEQ-PROOF (LIST (F-IFF A B)) (F-IMPLIES B A) (LIST PF1))) ;;;;;;;Derive "(B -> A)" from "(A <-> B)". (PROVE-LEMMA IFF-SPLIT2 (REWRITE) (IMPLIES (PROVES PF1 (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES (IFF-SPLIT-PROOF2 A B PF1) (F-IMPLIES B A) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IFF A B)))))) (TOGGLE G0291 IFF-SPLIT-PROOF2 T) (DEFN IFF-JOIN-PROOF (A B PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES A B) (F-IMPLIES B A)) (F-IFF A B) (LIST PF1 PF2))) ;;;;;;;Derive "(A <-> B)" from "(A -> B)" and "(B -> A)". (PROVE-LEMMA IFF-JOIN (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES A B) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES B A) GIVEN DEFNS SYMBOLS)) (PROVES (IFF-JOIN-PROOF A B PF1 PF2) (F-IFF A B) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES A B)))))) (TOGGLE G0292 IFF-JOIN-PROOF T) (DEFN CONTRA-POS-PROOF1 (A B PF1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES A B)) (F-IMPLIES (F-NOT B) (F-NOT A)) (LIST PF1))) ;;;;;;;Derive "((not B) -> (not A))" from "(A -> B)". (PROVE-LEMMA CONTRA-POS1 (REWRITE) (IMPLIES (PROVES PF1 (F-IMPLIES A B) GIVEN DEFNS SYMBOLS) (PROVES (CONTRA-POS-PROOF1 A B PF1) (F-IMPLIES (F-NOT B) (F-NOT A)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES A B)))))) (TOGGLE G0293 CONTRA-POS-PROOF1 T) (DEFN CONTRA-POS-PROOF2 (A B PF) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-NOT B) (F-NOT A))) (F-IMPLIES A B) (LIST PF))) ;;;;;;;Derive "(A -> B)" from "((not B) -> (not A))". (PROVE-LEMMA CONTRA-POS2 (REWRITE) (IMPLIES (PROVES PF (F-IMPLIES (F-NOT B) (F-NOT A)) GIVEN DEFNS SYMBOLS) (PROVES (CONTRA-POS-PROOF2 A B PF) (F-IMPLIES A B) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IMPLIES (F-NOT B) (F-NOT A))))))) (TOGGLE G0294 CONTRA-POS-PROOF2 T) (DEFN IFF-COMMUTE-PROOF (A B PF) (TAUTCONSEQ-PROOF (LIST (F-IFF A B)) (F-IFF B A) (LIST PF))) ;;;;;;;Derive "(B <-> A)" from "(A <-> B)". (PROVE-LEMMA IFF-COMMUTE-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES (IFF-COMMUTE-PROOF A B PF) (F-IFF B A) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IFF A B)))))) (TOGGLE G0884 IFF-COMMUTE-PROOF T) (PROVE-LEMMA FORMULA-F-IFF (REWRITE) (EQUAL (FORMULA (F-IFF A B) SYMBOLS) (AND (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)))) (PROVE-LEMMA COLLECT-FREE-F-IFF (REWRITE) (EQUAL (MEMBER VAR (COLLECT-FREE (F-IFF A B) 0)) (OR (MEMBER VAR (COLLECT-FREE A 0)) (MEMBER VAR (COLLECT-FREE B 0))))) (PROVE-LEMMA COVERING-F-IFF (REWRITE) (EQUAL (COVERING (F-IFF A B) VAR 0) (APPEND (APPEND (COVERING A VAR 0) (COVERING B VAR 0)) (APPEND (COVERING B VAR 0) (COVERING A VAR 0))))) (PROVE-LEMMA EVAL-F-IFF (REWRITE) (EQUAL (EVAL (F-IFF A B) ALIST) (EQUAL (EVAL A ALIST) (EVAL B ALIST)))) (TOGGLE G0885 F-IFF T) ;;;;;;;Now we get into some rules about quantifiers. (DEFN FORALL-INTRO-PROOF (A B VAR PF) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME VAR (F-NOT B)) (F-NOT A))) (F-IMPLIES A (F-NOT (FORSOME VAR (F-NOT B)))) (LIST (FORSOME-INTRO-PROOF VAR (F-NOT B) (F-NOT A) (CONTRA-POS-PROOF1 A B PF))))) (PROVE-LEMMA MEMB-MEMBER-NUMBERP (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (MEMB X Y) (MEMBER X Y)))) ;;;;;;;Derive "(A -> (forall x B))" from "(A -> B)", provided "x" does not occur free in "A". (PROVE-LEMMA FORALL-INTRO-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF (F-IMPLIES A B) GIVEN DEFNS SYMBOLS) (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE (F-NOT A) 0))) (EQUAL CONCL (F-IMPLIES A (FORALL VAR B)))) (PROVES (FORALL-INTRO-PROOF A B VAR PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IMPLIES A B)))) (DISABLE COLLECT-FREE PROVES-IS-FORMULA))) (TOGGLE G0295 FORALL-INTRO-PROOF T) (DEFN GENERALISE-PROOF (VAR A PF1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-NOT (FORALL VAR A)) (FORALL VAR A))) (FORALL VAR A) (LIST (FORALL-INTRO-PROOF (F-NOT (FORALL VAR A)) A VAR (TAUTCONSEQ-PROOF (LIST A) (F-IMPLIES (F-NOT (FORALL VAR A)) A) (LIST PF1)))))) (PROVE-LEMMA COLLECT-FREE-FLG (REWRITE) (IMPLIES (NOT (NUMBERP FLG)) (EQUAL (COLLECT-FREE EXP FLG) (COLLECT-FREE EXP 0)))) (PROVE-LEMMA COVERING-FLG (REWRITE) (IMPLIES (NOT (NUMBERP FLG)) (EQUAL (COVERING EXP VAR FLG) (COVERING EXP VAR 0)))) (PROVE-LEMMA SUBST-FLG (REWRITE) (IMPLIES (NOT (NUMBERP FLG)) (EQUAL (SUBST EXP VAR TERM FLG) (SUBST EXP VAR TERM 0)))) (PROVE-LEMMA VARIABLEP-COLLECT-FREE (REWRITE) (IMPLIES (NOT (VARIABLE VAR)) (NOT (MEMBER VAR (COLLECT-FREE EXP FLG))))) (PROVE-LEMMA MEMBER-DEL (REWRITE) (NOT (MEMBER X (DEL X Y)))) (PROVE-LEMMA FORSOME-COLLECT-FREE-REDUC (REWRITE) (IMPLIES (NUMBERP VAR) (NOT (MEMBER VAR (COLLECT-FREE (FORSOME VAR EXP) 0))))) ;;;;;;;Derive "(forall x A)" from "A". (PROVE-LEMMA GENERALISE-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 A GIVEN DEFNS SYMBOLS) (VARIABLE VAR) (EQUAL CONCL (FORALL VAR A))) (PROVES (GENERALISE-PROOF VAR A PF1) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP A))))) (TOGGLE G0300 GENERALISE-PROOF T) (DEFN SUBST-RULE-PROOF (A VAR TERM PF1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-NOT (SUBST A VAR TERM 0)) (FORSOME VAR (F-NOT A))) (F-NOT (FORSOME VAR (F-NOT A)))) (SUBST A VAR TERM 0) (LIST (SUBST-AXIOM-PROOF (F-NOT A) VAR TERM) (GENERALISE-PROOF VAR A PF1)))) ;;;;;;;Derive "[t/x]A" from "A", where "t" is free for "x" in "A". (PROVE-LEMMA SUBST-RULE-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (TERMP TERM 0 SYMBOLS) (PROVES PF1 A GIVEN DEFNS SYMBOLS) (FREE-FOR A VAR TERM 0) (EQUAL A-PRIME (SUBST A VAR TERM 0))) (PROVES (SUBST-RULE-PROOF A VAR TERM PF1) A-PRIME GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP A))))) (TOGGLE G0886 SUBST-RULE-PROOF T) ;;;;;;;"[x/x]A" is equal to "A". (PROVE-LEMMA SUBST-VAR-VAR (REWRITE) (EQUAL (SUBST EXP VAR VAR FLG) EXP)) (DEFN E-INTRO-PROOF (VAR C) (SUBST-AXIOM-PROOF C VAR VAR)) (PROVE-LEMMA APPEND-NIL-INTERSECT (REWRITE) (EQUAL (NIL-INTERSECT (APPEND X Y) Z) (AND (NIL-INTERSECT X Z) (NIL-INTERSECT Y Z)))) (PROVE-LEMMA VAR-COVERING-VAR (REWRITE) (NOT (MEMBER VAR (COVERING EXP VAR FLG)))) (PROVE-LEMMA NIL-INTERSECT-CONS (REWRITE) (IMPLIES (AND (NOT (MEMB Z X)) (NIL-INTERSECT X Y)) (NIL-INTERSECT X (CONS Z Y)))) (PROVE-LEMMA NIL-INTERSECT-NIL (REWRITE) (NIL-INTERSECT X NIL)) ;;;;;;;"(C -> (forsome x C))" is a theorem. (PROVE-LEMMA E-INTRO-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA C SYMBOLS) (VARIABLE VAR)) (PROVES (E-INTRO-PROOF VAR C) (F-IMPLIES C (FORSOME VAR C)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0306 E-INTRO-PROOF T) (DEFN ALL-ELIM-PROOF (VAR C) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-NOT C) (FORSOME VAR (F-NOT C)))) (F-IMPLIES (FORALL VAR C) C) (LIST (E-INTRO-PROOF VAR (F-NOT C))))) ;;;;;;;"((forall x C) -> C)" is a theorem. (PROVE-LEMMA ALL-ELIM-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA C SYMBOLS) (VARIABLE VAR)) (PROVES (ALL-ELIM-PROOF VAR C) (F-IMPLIES (FORALL VAR C) C) GIVEN DEFNS SYMBOLS))) (TOGGLE G0307 ALL-ELIM-PROOF T) (PROVE-LEMMA MEMBER-DEL1 (REWRITE) (IMPLIES (NOT (EQL X Y)) (EQUAL (MEMBER X (DEL Y Z)) (MEMBER X Z)))) ;;;;;;;"[t/x]A" is equal to "A", if "x" does not occur free in "A". (PROVE-LEMMA SUBST-IDENT (REWRITE) (IMPLIES (NOT (MEMBER VAR (COLLECT-FREE EXP FLG))) (EQUAL (SUBST EXP VAR TERM FLG) EXP))) ;;;;;;;"y" is free in "[t/x]A" iff either "y" is free in "t" and "x" is free in "A" ;;;;;;; or "y" is not "x" and "y" is free in "A". (PROVE-LEMMA COLLECT-FREE-SUBST (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VARIABLE VAR1) (NOT (MEMBER VAR (COVERING EXP VAR1 FLG)))) (EQUAL (MEMBER VAR (COLLECT-FREE (SUBST EXP VAR1 TERM FLG) FLG)) (OR (AND (NOT (EQUAL VAR VAR1)) (MEMBER VAR (COLLECT-FREE EXP FLG))) (AND (MEMBER VAR1 (COLLECT-FREE EXP FLG)) (MEMBER VAR (COLLECT-FREE TERM 0))))))) ;;;;;;;If "y" is a `new' variable, the bound variables governing free occurrences ;;;;;;;of "y" in "[y/x]A" are the ones that govern free occurrences of "x" in "A". (PROVE-LEMMA FREE-FOR-SUBST (REWRITE) (IMPLIES (AND (VARIABLE AUX) (VARIABLE VAR) (NOT (MEMBER AUX (COLLECT-FREE A FLG))) (NOT (MEMBER AUX (COVERING A VAR FLG)))) (EQUAL (COVERING (SUBST A VAR AUX FLG) AUX FLG) (COVERING A VAR FLG))) ((INDUCT (COVERING A VAR FLG)))) (PROVE-LEMMA NOT-FREE-COVERING (REWRITE) (IMPLIES (AND (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE EXP FLG)))) (EQUAL (COVERING EXP VAR FLG) NIL))) (PROVE-LEMMA NOT-MEMBER-DELETE2 (REWRITE) (EQUAL (MEMBER X (DEL Y Z)) (AND (NOT (EQL X Y)) (MEMBER X Z)))) (PROVE-LEMMA COLLECT-FREE-SUBST1 (REWRITE) (IMPLIES (AND (VARIABLE VAR1) (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE EXP FLG))) (NOT (MEMBER VAR (COLLECT-FREE TERM 0)))) (NOT (MEMBER VAR (COLLECT-FREE (SUBST EXP VAR1 TERM FLG) FLG))))) (PROVE-LEMMA COLLECT-FREE-SUBST2 (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VARIABLE VAR1) (NOT (EQUAL VAR VAR1)) (MEMBER VAR (COLLECT-FREE EXP FLG))) (MEMBER VAR (COLLECT-FREE (SUBST EXP VAR1 TERM FLG) FLG)))) (PROVE-LEMMA SUBST-COVERING-UNCHANGED (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VARIABLE VAR1) (NOT (EQUAL VAR VAR1)) (NOT (MEMBER VAR (COLLECT-FREE TERM 0)))) (EQUAL (COVERING (SUBST EXP VAR1 TERM FLG) VAR FLG) (COVERING EXP VAR FLG)))) (DEFN VAR-SET (LIST N) (IF (ZEROP N) (EQUAL LIST NIL) (AND (VARIABLE (CAR LIST)) (NOT (MEMBER (CAR LIST) (CDR LIST))) (VAR-SET (CDR LIST) (SUB1 N))))) (PROVE-LEMMA NIL-INTERSECT-APPEND (REWRITE) (EQUAL (NIL-INTERSECT X (APPEND Y Z)) (AND (NIL-INTERSECT X Y) (NIL-INTERSECT X Z)))) (PROVE-LEMMA VAR-SET-LENGTH (REWRITE) (IMPLIES (VAR-SET X COUNT) (VAR-SET X (LENGTH X)))) (PROVE-LEMMA NIL-INTERSECT-SUBST (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VAR-SET X (LENGTH X)) (NIL-INTERSECT X (COLLECT-FREE EXP FLG)) (NIL-INTERSECT X (COLLECT-FREE TERM 0))) (NIL-INTERSECT X (COLLECT-FREE (SUBST EXP VAR TERM FLG) FLG))) ((INDUCT (NIL-INTERSECT X Y)))) (PROVE-LEMMA NIL-INTERSECT-CONS2 (REWRITE) (EQUAL (NIL-INTERSECT X (CONS Y Z)) (AND (NOT (MEMB Y X)) (NIL-INTERSECT X Z)))) ;;;;;;;PAR-SUBST is the first definition of simultaneous substitution. ;;;;;;;It returns "[t1/x1, t2/x2,...,tn/xn]A". It employs a list of ;;;;;;;new variables "yi" and evaluates "[t1/y1]...[tn/yn][yn/xn]...[y1/x1]A". ;;;;;;;This is in order to avoid substituting for an occurrence of an "xi" ;;;;;;;in some "tj". This definition of simultaneous substitution while ;;;;;;;clumsy, turns out to be convenient for the proof of instantiation rule, ;;;;;;;which by necessity must be derived from the substitution rule above. (DEFN PAR-SUBST (EXP VARS TERMS AUXVARS) (IF (AND (LISTP VARS) (LISTP TERMS) (LISTP AUXVARS)) (SUBST (PAR-SUBST (SUBST EXP (CAR VARS) (CAR AUXVARS) 0) (CDR VARS) (CDR TERMS) (CDR AUXVARS)) (CAR AUXVARS) (CAR TERMS) 0) EXP)) ;;;;;;;The unsubstituted free variables in EXP remain free after PAR-SUBST. (PROVE-LEMMA PAR-SUBST-COLLECT-FREE (REWRITE) (IMPLIES (AND (VARIABLE AUX) (MEMBER AUX (COLLECT-FREE EXP 0)) (VAR-SET AUXLIST (LENGTH VARLIST)) (VAR-SET VARLIST (LENGTH VARLIST)) (NOT (MEMBER AUX VARLIST)) (NOT (MEMBER AUX AUXLIST))) (MEMBER AUX (COLLECT-FREE (PAR-SUBST EXP VARLIST TERMLIST AUXLIST) 0)))) ;;;;;;;The COVERING of an unsubsubstituted free variables in EXP is unchanged ;;;;;;;after PAR-SUBST, provided it does not occur free in TERMLIST. (PROVE-LEMMA PAR-SUBST-COVERING (REWRITE) (IMPLIES (AND (EQUAL (LENGTH TERMLIST) (LENGTH VARLIST)) (NOT (MEMBER AUX (COLLECT-FREE TERMLIST 1))) (NOT (MEMBER AUX AUXLIST)) (NOT (MEMBER AUX VARLIST)) (VAR-SET VARLIST (LENGTH VARLIST)) (VAR-SET AUXLIST (LENGTH VARLIST)) (VARIABLE AUX)) (EQUAL (COVERING (PAR-SUBST EXP VARLIST TERMLIST AUXLIST) AUX 0) (COVERING EXP AUX 0)))) ;;;;;;;FREE-FOR-LIST checks if each term in TERMLIST is free for the corresponding ;;;;;;;variable in VARLIST, in A. (DEFN FREE-FOR-LIST (A VARLIST TERMLIST) (IF (AND (LISTP VARLIST) (LISTP TERMLIST)) (AND (FREE-FOR A (CAR VARLIST) (CAR TERMLIST) 0) (FREE-FOR-LIST A (CDR VARLIST) (CDR TERMLIST))) T)) ;;;;;;;The variables covering AUX in (SUBST EXP VAR AUX 0) are the ones covering VAR ;;;;;;;in EXP, and that is unaffected by PAR-SUBST, when the hypotheses below hold. (PROVE-LEMMA COVERING-PAR-SUBST (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VARIABLE AUX) (NOT (MEMBER AUX (COLLECT-FREE TERMLIST 1))) (NOT (MEMBER AUX (COLLECT-FREE EXP 0))) (NOT (MEMBER AUX (COVERING EXP VAR 0))) (NOT (MEMBER AUX AUXLIST)) (NOT (MEMBER AUX VARLIST)) (VAR-SET VARLIST (LENGTH VARLIST)) (VAR-SET AUXLIST (LENGTH VARLIST)) (EQUAL (LENGTH TERMLIST) (LENGTH VARLIST))) (EQUAL (COVERING (PAR-SUBST (SUBST EXP VAR AUX 0) VARLIST TERMLIST AUXLIST) AUX 0) (COVERING EXP VAR 0)))) ;;;;;;;INST-CONDITIONS lays down the various conditions for PAR-SUBST to be a proper ;;;;;;;simultaneous substitution: (1) VARS and AUXVARS must be sets of variables, ;;;;;;;(2) TERMS must be a list of terms, (3) AUXVARS must be a list of new variables, ;;;;;;;(4) the AUXVARS must be free the respective VARS in A, and (5) the TERMS must ;;;;;;;be free for the respective VARS in A. (DEFN INST-CONDITIONS (A VARS TERMS AUXVARS SYMBOLS) (AND (VAR-SET VARS (LENGTH VARS)) (VAR-SET AUXVARS (LENGTH VARS)) (TERMP TERMS 1 SYMBOLS) (EQUAL (LENGTH TERMS) (LENGTH VARS)) (NIL-INTERSECT AUXVARS (COLLECT-FREE TERMS 1)) (NIL-INTERSECT AUXVARS (COLLECT-FREE A 0)) (NIL-INTERSECT AUXVARS VARS) (FREE-FOR-LIST A VARS AUXVARS) (FREE-FOR-LIST A VARS TERMS))) ;;;;;;;FREE-FOR-LIST is unaffected by an irrelevant substitution into A. (PROVE-LEMMA FREE-FOR-LIST-ELIM (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VARIABLE AUX) (VAR-SET VARS (LENGTH VARS)) (NOT (MEMBER VAR VARS)) (NOT (MEMBER AUX VARS)) (FREE-FOR-LIST A VARS TERMS)) (FREE-FOR-LIST (SUBST A VAR AUX 0) VARS TERMS))) ;;;;;;;PAR-SUBST-PROOF constructs the proof of the instance of A, given the proof of A. (DEFN PAR-SUBST-PROOF (A VARS TERMS AUXVARS PF1) (IF (AND (LISTP VARS) (LISTP TERMS) (LISTP AUXVARS)) (SUBST-RULE-PROOF (PAR-SUBST (SUBST A (CAR VARS) (CAR AUXVARS) 0) (CDR VARS) (CDR TERMS) (CDR AUXVARS)) (CAR AUXVARS) (CAR TERMS) (PAR-SUBST-PROOF (SUBST A (CAR VARS) (CAR AUXVARS) 0) (CDR VARS) (CDR TERMS) (CDR AUXVARS) (SUBST-RULE-PROOF A (CAR VARS) (CAR AUXVARS) PF1))) PF1)) ;;;;;;;The lemma below is the first form of the Instantiation Rule. ;;;;;;;It asserts that if A is provable, so is any instance of it as ;;;;;;;constructed by PAR-SUBST. (PROVE-LEMMA PAR-SUBST-PROOF-PROVES (REWRITE) (IMPLIES (AND (INST-CONDITIONS A VARS TERMS AUXVARS SYMBOLS) (PROVES PF1 A GIVEN DEFNS SYMBOLS)) (PROVES (PAR-SUBST-PROOF A VARS TERMS AUXVARS PF1) (PAR-SUBST A VARS TERMS AUXVARS) GIVEN DEFNS SYMBOLS)) ((INDUCT (PAR-SUBST-PROOF A VARS TERMS AUXVARS PF1)))) ;;;;;;;Since PAR-SUBST is not a very efficient way to carry out simultaneous ;;;;;;;substitution, we will prove it to be equivalent to a different ;;;;;;;form of simultaneous substitution. (DEFN DEL-PAIRS (VAR VARS TERMS) (IF (AND (LISTP VARS) (LISTP TERMS)) (IF (EQL (CAR VARS) VAR) (DEL-PAIRS VAR (CDR VARS) (CDR TERMS)) (CONS (CAR TERMS) (DEL-PAIRS VAR (CDR VARS) (CDR TERMS)))) TERMS)) (DEFN GETSUB (VAR VARS TERMS) (IF (AND (LISTP VARS) (LISTP TERMS)) (IF (EQL (CAR VARS) VAR) (CAR TERMS) (GETSUB VAR (CDR VARS) (CDR TERMS))) VAR)) (PROVE-LEMMA DEL-PAIRS-GETSUB (REWRITE) (IMPLIES (VARIABLE VAR) (EQUAL (GETSUB VAR (DEL VAR VARS) (DEL-PAIRS VAR VARS TERMS)) VAR))) ;;;;;;;PARALLEL-SUBST below is the more efficient form of simultaneous substitution. ;;;;;;;It recurses down EXP and replaces any free occurrence of a variable in ;;;;;;;VARS by the corresponding term in TERMS. (DEFN PARALLEL-SUBST (EXP VARS TERMS FLG) (IF (ZEROP FLG) (IF (VARIABLE EXP) (GETSUB EXP VARS TERMS) (IF (F-NOTP EXP) (F-NOT (PARALLEL-SUBST (ARG EXP) VARS TERMS 0)) (IF (F-ORP EXP) (F-OR (PARALLEL-SUBST (ARG1 EXP) VARS TERMS 0) (PARALLEL-SUBST (ARG2 EXP) VARS TERMS 0)) (IF (FORSOMEP EXP) (FORSOME (BIND EXP) (PARALLEL-SUBST (BODY EXP) (DEL (BIND EXP) VARS) (DEL-PAIRS (BIND EXP) VARS TERMS) 0)) (IF (LISTP EXP) (CONS (CAR EXP) (PARALLEL-SUBST (CDR EXP) VARS TERMS 1)) EXP))))) (IF (LISTP EXP) (CONS (PARALLEL-SUBST (CAR EXP) VARS TERMS 0) (PARALLEL-SUBST (CDR EXP) VARS TERMS 1)) EXP))) (PROVE-LEMMA GETSUB-NOT-MEMB (REWRITE) (IMPLIES (NOT (MEMB VAR VARLIST)) (EQUAL (GETSUB VAR VARLIST TERMS) VAR))) (PROVE-LEMMA EQL-TRANS (REWRITE) (IMPLIES (AND (EQL X Y) (EQL Y Z)) (EQL X Z))) (PROVE-LEMMA GETSUB-DEL-PAIRS (REWRITE) (IMPLIES (EQUAL (GETSUB VAR VARS TERMS) VAR) (EQUAL (GETSUB VAR (DEL VAR1 VARS) (DEL-PAIRS VAR1 VARS TERMS)) VAR))) (TOGGLE G0636 EQL-TRANS T) ;;;;;;;The lemma below asserts that the effect of a single substitution ;;;;;;;followed by a simultaneous substitution, can be got by extending the ;;;;;;;simultaneous substitution. (PROVE-LEMMA NEWVAR-UNCHANGED-BY-PARALLEL-SUBST (REWRITE) (IMPLIES (AND (EQUAL (GETSUB NEWVAR VARS TERMS) NEWVAR) (VARIABLE VAR) (VARIABLE NEWVAR)) (EQUAL (PARALLEL-SUBST (SUBST EXP VAR NEWVAR FLG) VARS TERMS FLG) (PARALLEL-SUBST EXP (CONS VAR VARS) (CONS NEWVAR TERMS) FLG))) ((INDUCT (PARALLEL-SUBST EXP VARS TERMS FLG)))) (PROVE-LEMMA NOT-FREE-IN-TERMS-STEP (REWRITE) (IMPLIES (AND (VARIABLE VAR) (VARIABLE NEWVAR) (NOT (EQUAL NEWVAR VAR)) (NOT (MEMBER NEWVAR (COLLECT-FREE TERMS 1)))) (NOT (MEMBER NEWVAR (COLLECT-FREE (GETSUB VAR VARS TERMS) 0))))) (PROVE-LEMMA COLLECT-TERMS-DEL-PAIRS (REWRITE) (IMPLIES (NOT (MEMBER NEWVAR (COLLECT-FREE TERMS 1))) (NOT (MEMBER NEWVAR (COLLECT-FREE (DEL-PAIRS VAR VARS TERMS) 1))))) (PROVE-LEMMA COLLECT-FREE-PARALLEL-SUBST (REWRITE) (IMPLIES (AND (VARIABLE NEWVAR) (NOT (MEMBER NEWVAR (COLLECT-FREE EXP FLG))) (NOT (MEMBER NEWVAR (COLLECT-FREE TERMS 1)))) (NOT (MEMBER NEWVAR (COLLECT-FREE (PARALLEL-SUBST EXP VARS TERMS FLG) FLG))))) (PROVE-LEMMA PARALLEL-SUBST-NOT-FREE-VAR (REWRITE) (IMPLIES (AND (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE EXP FLG)))) (EQUAL (PARALLEL-SUBST EXP (CONS VAR VARS) (CONS TERM TERMS) FLG) (PARALLEL-SUBST EXP VARS TERMS FLG)))) (PROVE-LEMMA SUBST-PARALLEL-SUBST (REWRITE) (IMPLIES (AND (VARIABLE NEWVAR) (NOT (MEMBER NEWVAR (COLLECT-FREE EXP FLG))) (NOT (MEMBER NEWVAR (COLLECT-FREE TERMS 1)))) (EQUAL (SUBST (PARALLEL-SUBST EXP VARS TERMS FLG) NEWVAR NEWTERM FLG) (PARALLEL-SUBST EXP VARS TERMS FLG)))) ;;;;;;;A PARALLEL-SUBST where VAR is replaced by NEWVAR, followed by a single substitution ;;;;;;;where NEWVAR is replaced by NEWTERM, is equivalent to the same PARALLEL-SUBST ;;;;;;;with VAR replaced by NEWTERM instead. (PROVE-LEMMA PARALLEL-SUBST-SUBST (REWRITE) (IMPLIES (AND (VARIABLE NEWVAR) (VARIABLE VAR) (NOT (MEMBER NEWVAR (COLLECT-FREE EXP FLG))) (NOT (MEMBER NEWVAR (COLLECT-FREE TERMS 1))) (NOT (MEMBER NEWVAR (COVERING EXP VAR FLG)))) (EQUAL (SUBST (PARALLEL-SUBST EXP (CONS VAR VARS) (CONS NEWVAR TERMS) FLG) NEWVAR NEWTERM FLG) (PARALLEL-SUBST EXP (CONS VAR VARS) (CONS NEWTERM TERMS) FLG))) ((INDUCT (PARALLEL-SUBST EXP VARS TERMS FLG)))) ;;;;;;;A null parallel-substitution leaved EXP unchanged. (PROVE-LEMMA PARALLEL-SUBST-NIL (REWRITE) (IMPLIES (OR (NLISTP VARS) (NLISTP TERMS)) (EQUAL (PARALLEL-SUBST EXP VARS TERMS FLG) EXP))) ;;;;;;;Finally, the desired lemma that PAR-SUBST is equivalent to PARALLEL-SUBST, ;;;;;;;if the hypothesis conditions hold. (PROVE-LEMMA PARALLEL-SUBST-SAME-AS-PAR-SUBST (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (VAR-SET AUXVARS (LENGTH AUXVARS)) (EQUAL (LENGTH AUXVARS) (LENGTH VARS)) (NIL-INTERSECT AUXVARS VARS) (FREE-FOR-LIST EXP VARS AUXVARS) (NIL-INTERSECT AUXVARS (COLLECT-FREE TERMS 1)) (NIL-INTERSECT AUXVARS (COLLECT-FREE EXP 0))) (EQUAL (PAR-SUBST EXP VARS TERMS AUXVARS) (PARALLEL-SUBST EXP VARS TERMS 0))) ((INDUCT (PAR-SUBST EXP VARS TERMS AUXVARS)) (DISABLE SUBST-PARALLEL-SUBST))) ;;;;;;;We still have to show that list of new variables AUXVARS can be constructed. ;;;;;;;That is done in the sequence of events (definitions and lemmas) below. (DEFN MAKE-NEWVARS (INDEX NUMBER) (IF (ZEROP NUMBER) NIL (CONS (ADD1 INDEX) (MAKE-NEWVARS (ADD1 INDEX) (SUB1 NUMBER))))) (DEFN FIND-HI-INDEX (VARLIST) (IF (LISTP VARLIST) (IF (LESSP (CAR VARLIST) (FIND-HI-INDEX (CDR VARLIST))) (FIND-HI-INDEX (CDR VARLIST)) (FIX (CAR VARLIST))) 0)) (DEFN MAKE-AUXVARS (VARLIST NUMBER) (MAKE-NEWVARS (FIND-HI-INDEX VARLIST) NUMBER)) (PROVE-LEMMA NOT-MEMBER-VARLIST (REWRITE) (IMPLIES (LESSP (FIND-HI-INDEX VARLIST) VAR) (NOT (MEMBER VAR VARLIST)))) (PROVE-LEMMA NEWVARS-MAKE-NEWVARS (REWRITE) (IMPLIES (LEQ (FIND-HI-INDEX VARLIST) INDEX) (NIL-INTERSECT (MAKE-NEWVARS INDEX NUMBER) VARLIST)) ((INDUCT (MAKE-NEWVARS INDEX NUMBER)))) (PROVE-LEMMA VAR-SET-MAKE-NEWVARS-STEP (REWRITE) (IMPLIES (LEQ VAR INDEX) (NOT (MEMBER VAR (MAKE-NEWVARS INDEX NUMBER))))) (PROVE-LEMMA APPEND-VAR-LIST (REWRITE) (IMPLIES (AND (VAR-LIST X (LENGTH X)) (VAR-LIST Y (LENGTH Y))) (VAR-LIST (APPEND X Y) (LENGTH (APPEND X Y))))) (DEFN COVERING-LIST (EXP VARS FLG) (IF (LISTP VARS) (APPEND (COVERING EXP (CAR VARS) FLG) (COVERING-LIST EXP (CDR VARS) FLG)) NIL)) (PROVE-LEMMA FREE-FOR-LIST-NEWVARS-COVERING-LIST (REWRITE) (IMPLIES (AND (VAR-SET NEWVARS (LENGTH NEWVARS)) (NIL-INTERSECT NEWVARS (COVERING-LIST EXP VARS 0))) (FREE-FOR-LIST EXP VARS NEWVARS))) (PROVE-LEMMA VAR-LIST-VAR-SET (REWRITE) (IMPLIES (VAR-SET VARS LENGTH) (VAR-LIST VARS LENGTH))) (PROVE-LEMMA FIND-HI-INDEX-APPEND (REWRITE) (EQUAL (FIND-HI-INDEX (APPEND LIST1 LIST2)) (IF (LESSP (FIND-HI-INDEX LIST1) (FIND-HI-INDEX LIST2)) (FIND-HI-INDEX LIST2) (FIND-HI-INDEX LIST1)))) (DEFN COLLECT-VARS (EXP VARS TERMS) (APPEND VARS (APPEND (COLLECT-FREE TERMS 1) (APPEND (COLLECT-FREE EXP 0) (COVERING-LIST EXP VARS 0))))) (PROVE-LEMMA NIL-INTERSECT-NEWVARS-VARS (REWRITE) (NIL-INTERSECT (MAKE-NEWVARS (FIND-HI-INDEX (COLLECT-VARS EXP VARS TERMS)) LENGTH) VARS)) (PROVE-LEMMA NIL-INTERSECT-NEWVARS-TERMS (REWRITE) (NIL-INTERSECT (MAKE-NEWVARS (FIND-HI-INDEX (COLLECT-VARS EXP VARS TERMS)) LENGTH) (COLLECT-FREE TERMS 1)) ((DISABLE COLLECT-FREE))) (PROVE-LEMMA NIL-INTERSECT-NEWVARS-EXP (REWRITE) (NIL-INTERSECT (MAKE-NEWVARS (FIND-HI-INDEX (COLLECT-VARS EXP VARS TERMS)) LENGTH) (COLLECT-FREE EXP 0)) ((DISABLE COLLECT-FREE))) (PROVE-LEMMA VAR-SET-MAKE-NEWVARS-AGAIN (REWRITE) (VAR-SET (MAKE-NEWVARS INDEX NUMBER) NUMBER)) (PROVE-LEMMA LENGTH-MAKE-NEWVARS (REWRITE) (EQUAL (LENGTH (MAKE-NEWVARS X N)) (FIX N))) (PROVE-LEMMA FREE-FOR-LIST-NEWVARS-EXP (REWRITE) (FREE-FOR-LIST EXP VARS (MAKE-NEWVARS (FIND-HI-INDEX (COLLECT-VARS EXP VARS TERMS)) LENGTH))) (TOGGLE G0347 MAKE-NEWVARS T) (DEFN INSTANCE-PROOF (A VARS TERMS PF1) (PAR-SUBST-PROOF A VARS TERMS (MAKE-AUXVARS (COLLECT-VARS A VARS TERMS) (LENGTH VARS)) PF1)) (PROVE-LEMMA PAR-SUBST-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (EQUAL CONCL (PAR-SUBST A VARS TERMS AUXVARS)) (INST-CONDITIONS A VARS TERMS AUXVARS SYMBOLS) (PROVES PF1 A GIVEN DEFNS SYMBOLS)) (PROVES (PAR-SUBST-PROOF A VARS TERMS AUXVARS PF1) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PAR-SUBST-PROOF-PROVES)) (DISABLE INST-CONDITIONS))) (TOGGLE G0346 PAR-SUBST-PROOF T) (TOGGLE G0350 FIND-HI-INDEX T) (TOGGLE G0351 FIND-HI-INDEX-APPEND T) ;;;;;;;The Instantiation Rule can then be phrased as shown below, in terms ;;;;;;;of PARALLEL-SUBST instead of PAR-SUBST. (PROVE-LEMMA INSTANCE-PROOF-PROVES (REWRITE) (IMPLIES (AND (EQUAL A-PRIME (PARALLEL-SUBST A VARS TERMS 0)) (VAR-SET VARS (LENGTH VARS)) (TERMP TERMS 1 SYMBOLS) (EQUAL (LENGTH TERMS) (LENGTH VARS)) (FREE-FOR-LIST A VARS TERMS) (PROVES PF1 A GIVEN DEFNS SYMBOLS)) (PROVES (INSTANCE-PROOF A VARS TERMS PF1) A-PRIME GIVEN DEFNS SYMBOLS)) ((DISABLE COLLECT-VARS))) (DEFN LIST-EXIS-QUANTIFY (VARS A) (IF (LISTP VARS) (FORSOME (CAR VARS) (LIST-EXIS-QUANTIFY (CDR VARS) A)) A)) (PROVE-LEMMA NOT-MEMBER-DEL-PAIRS (REWRITE) (IMPLIES (NOT (MEMB X Y)) (EQUAL (DEL-PAIRS X Y Z) Z))) (PROVE-LEMMA NOT-MEMBER-DELETE-EQUALS (REWRITE) (IMPLIES (NOT (MEMB X Y)) (EQUAL (DEL X Y) Y))) (DEFN PAIRLIST (VARS TERMS) (IF (AND (LISTP VARS) (LISTP TERMS)) (CONS (CONS (CAR VARS) (CAR TERMS)) (PAIRLIST (CDR VARS) (CDR TERMS))) NIL)) (PROVE-LEMMA PARALLEL-SUBST-LIST-EXIS-QUANT (REWRITE) (IMPLIES (VAR-SET VARS (LENGTH VARS)) (EQUAL (PARALLEL-SUBST (LIST-EXIS-QUANTIFY VARS A) VARS TERMS 0) (LIST-EXIS-QUANTIFY VARS A))) ((INDUCT (PAIRLIST VARS TERMS)))) (DEFN LIST-E-INTRO-PROOF (VARLIST A) (IF (LISTP VARLIST) (IF (LISTP (CDR VARLIST)) (TRANS-IMPLIES-PROOF A (LIST-EXIS-QUANTIFY (CDR VARLIST) A) (LIST-EXIS-QUANTIFY VARLIST A) (LIST-E-INTRO-PROOF (CDR VARLIST) A) (E-INTRO-PROOF (CAR VARLIST) (LIST-EXIS-QUANTIFY (CDR VARLIST) A))) (E-INTRO-PROOF (CAR VARLIST) A)) (PROP-AXIOM-PROOF A))) (PROVE-LEMMA FORMULA-LIST-EXIS (REWRITE) (IMPLIES (AND (FORMULA A SYMBOLS) (VAR-SET VARS (LENGTH VARS))) (FORMULA (LIST-EXIS-QUANTIFY VARS A) SYMBOLS))) (TOGGLE G0353 INSTANCE-PROOF T) (TOGGLE G0354 F-IMPLIES NIL) (PROVE-LEMMA A-IMPLIES-A (REWRITE) (IMPLIES (FORMULA A SYMBOLS) (PROVES (PROP-AXIOM-PROOF A) (F-IMPLIES A A) GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA PARALLEL-SUBST-F-IMPLIES (REWRITE) (EQUAL (PARALLEL-SUBST (F-IMPLIES A B) VARS TERMS 0) (F-IMPLIES (PARALLEL-SUBST A VARS TERMS 0) (PARALLEL-SUBST B VARS TERMS 0)))) (PROVE-LEMMA SUBST-F-IMPLIES (REWRITE) (EQUAL (SUBST (F-IMPLIES X Y) VAR TERM 0) (F-IMPLIES (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (TOGGLE G0355 F-IMPLIES T) ;;;;;;;The iterated forsome-introduction rule: ;;;;;;; "A -> (forsome x1 (...(forsome xn A)))". (PROVE-LEMMA LIST-E-INTRO-PROOF-PROVES1 NIL (IMPLIES (AND (VAR-SET VARLIST (LENGTH VARLIST)) (FORMULA A SYMBOLS)) (PROVES (LIST-E-INTRO-PROOF VARLIST A) (F-IMPLIES A (LIST-EXIS-QUANTIFY VARLIST A)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0348 LIST-E-INTRO-PROOF T) (PROVE-LEMMA LIST-E-INTRO-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET VARLIST (LENGTH VARLIST)) (FORMULA A SYMBOLS) (EQUAL A-PRIME (LIST-EXIS-QUANTIFY VARLIST A))) (PROVES (LIST-E-INTRO-PROOF VARLIST A) (F-IMPLIES A A-PRIME) GIVEN DEFNS SYMBOLS)) ((USE (LIST-E-INTRO-PROOF-PROVES1)))) (DEFN SUBST-THM-A-PROOF (A VARS TERMS) (INSTANCE-PROOF (F-IMPLIES A (LIST-EXIS-QUANTIFY VARS A)) VARS TERMS (LIST-E-INTRO-PROOF VARS A))) (PROVE-LEMMA NOT-FREE-LIST-EXIS (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (MEMBER VAR VARS)) (NOT (MEMBER VAR (COLLECT-FREE (LIST-EXIS-QUANTIFY VARS A) 0))))) (PROVE-LEMMA NOT-MEMB-DEL2 (REWRITE) (IMPLIES (NOT (MEMB X Y)) (NOT (MEMB X (DEL Z Y))))) (PROVE-LEMMA COVERING-LIST-EXIS (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (MEMBER VAR VARS) (NUMBERP VAR)) (EQUAL (COVERING (LIST-EXIS-QUANTIFY VARS A) VAR 0) NIL))) (PROVE-LEMMA FREE-FOR-LIST-STEP1 (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (VAR-SET BVARS (LENGTH BVARS)) (SUBSET VARS BVARS) (FREE-FOR-LIST A VARS TERMS)) (FREE-FOR-LIST (F-IMPLIES A (LIST-EXIS-QUANTIFY BVARS A)) VARS TERMS)) ((DISABLE LIST-EXIS-QUANTIFY))) ;;;;;;;The first substitution theorem: ;;;;;;; "[t1/x1, t2/x2,...,tn/xn]A -> (forsome x1 (...(forsome xn A)))". (PROVE-LEMMA SUBST-THM-A (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (TERMP TERMS 1 SYMBOLS) (EQUAL (LENGTH TERMS) (LENGTH VARS)) (FREE-FOR-LIST A VARS TERMS) (FORMULA A SYMBOLS) (EQUAL A-PRIME (F-IMPLIES (PARALLEL-SUBST A VARS TERMS 0) (LIST-EXIS-QUANTIFY VARS A)))) (PROVES (SUBST-THM-A-PROOF A VARS TERMS) A-PRIME GIVEN DEFNS SYMBOLS))) (TOGGLE G0356 SUBST-THM-A-PROOF T) (DEFN LIST-ALL-QUANTIFY (VARS A) (IF (LISTP VARS) (FORALL (CAR VARS) (LIST-ALL-QUANTIFY (CDR VARS) A)) A)) (PROVE-LEMMA PARALLEL-SUBST-LIST-ALL-QUANT (REWRITE) (IMPLIES (VAR-SET VARS (LENGTH VARS)) (EQUAL (PARALLEL-SUBST (LIST-ALL-QUANTIFY VARS A) VARS TERMS 0) (LIST-ALL-QUANTIFY VARS A))) ((INDUCT (PAIRLIST VARS TERMS)))) (DEFN LIST-ALL-ELIM-PROOF (VARS A) (IF (LISTP VARS) (IF (NLISTP (CDR VARS)) (ALL-ELIM-PROOF (CAR VARS) A) (TRANS-IMPLIES-PROOF (LIST-ALL-QUANTIFY VARS A) (LIST-ALL-QUANTIFY (CDR VARS) A) A (ALL-ELIM-PROOF (CAR VARS) (LIST-ALL-QUANTIFY (CDR VARS) A)) (LIST-ALL-ELIM-PROOF (CDR VARS) A))) (PROP-AXIOM-PROOF A))) (PROVE-LEMMA FORMULA-LIST-ALL-QUANT (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (FORMULA A SYMBOLS)) (FORMULA (LIST-ALL-QUANTIFY VARS A) SYMBOLS))) (PROVE-LEMMA ALL-ELIM-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (VARIABLE VAR) (FORMULA A SYMBOLS) (EQUAL A-PRIME (F-IMPLIES (FORALL VAR A) A))) (PROVES (ALL-ELIM-PROOF VAR A) A-PRIME GIVEN DEFNS SYMBOLS)) ((USE (ALL-ELIM-PROOF-PROVES (C A))))) (PROVE-LEMMA LIST-ALL-ELIM-PROOF-PROVES1 NIL (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (FORMULA A SYMBOLS)) (PROVES (LIST-ALL-ELIM-PROOF VARS A) (F-IMPLIES (LIST-ALL-QUANTIFY VARS A) A) GIVEN DEFNS SYMBOLS))) (TOGGLE G0357 LIST-ALL-ELIM-PROOF T) (PROVE-LEMMA NOT-FREE-LIST-ALL (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (MEMBER VAR VARS)) (NOT (MEMBER VAR (COLLECT-FREE (LIST-ALL-QUANTIFY VARS A) 0))))) (PROVE-LEMMA COVERING-LIST-ALL (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (MEMBER VAR VARS) (NUMBERP VAR)) (EQUAL (COVERING (LIST-ALL-QUANTIFY VARS A) VAR 0) NIL))) (PROVE-LEMMA FREE-FOR-LIST-STEP2 (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (VAR-SET BVARS (LENGTH BVARS)) (SUBSET VARS BVARS) (FREE-FOR-LIST A VARS TERMS)) (FREE-FOR-LIST (F-IMPLIES (LIST-ALL-QUANTIFY BVARS A) A) VARS TERMS)) ((DISABLE LIST-EXIS-QUANTIFY))) (DEFN SUBST-THM-B-PROOF (A VARS TERMS) (INSTANCE-PROOF (F-IMPLIES (LIST-ALL-QUANTIFY VARS A) A) VARS TERMS (LIST-ALL-ELIM-PROOF VARS A))) (PROVE-LEMMA LIST-ALL-ELIM-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (FORMULA A SYMBOLS) (EQUAL A-PRIME (F-IMPLIES (LIST-ALL-QUANTIFY VARS A) A))) (PROVES (LIST-ALL-ELIM-PROOF VARS A) A-PRIME GIVEN DEFNS SYMBOLS)) ((USE (LIST-ALL-ELIM-PROOF-PROVES1)))) ;;;;;;;The second substitution theorem: ;;;;;;; "(forall x1 (...(forall xn A))) -> [t1/x1, ..., tn/xn]A". (PROVE-LEMMA SUBST-THM-B (REWRITE) (IMPLIES (AND (VAR-SET VARS (LENGTH VARS)) (TERMP TERMS 1 SYMBOLS) (EQUAL (LENGTH TERMS) (LENGTH VARS)) (FORMULA A SYMBOLS) (FREE-FOR-LIST A VARS TERMS) (EQUAL A-PRIME (F-IMPLIES (LIST-ALL-QUANTIFY VARS A) (PARALLEL-SUBST A VARS TERMS 0)))) (PROVES (SUBST-THM-B-PROOF A VARS TERMS) A-PRIME GIVEN DEFNS SYMBOLS))) (TOGGLE G0358 SUBST-THM-B-PROOF T) (DEFN DISTRIB-RULE-PROOF-A (VAR A B PF1) (FORSOME-INTRO-PROOF VAR A (FORSOME VAR B) (TRANS-IMPLIES-PROOF A B (FORSOME VAR B) PF1 (E-INTRO-PROOF VAR B)))) ;;;;;;;The first distribution rule: Derive "(forsome x A) -> (forsome x B)" from "A -> B". (PROVE-LEMMA DISTRIB-RULE-PROOF-A-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (PROVES PF1 (F-IMPLIES A B) GIVEN DEFNS SYMBOLS)) (PROVES (DISTRIB-RULE-PROOF-A VAR A B PF1) (F-IMPLIES (FORSOME VAR A) (FORSOME VAR B)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA-AGAIN (EXP (F-IMPLIES A B)) (PF PF1))) (DISABLE PROVES-IS-FORMULA))) (TOGGLE G0360 DISTRIB-RULE-PROOF-A T) (DEFN DISTRIB-RULE-PROOF-B (VAR A B PF1) (FORALL-INTRO-PROOF (FORALL VAR A) B VAR (TRANS-IMPLIES-PROOF (FORALL VAR A) A B (ALL-ELIM-PROOF VAR A) PF1))) ;;;;;;;The second distribution rule: Derive "(forall x A) -> (forall x B)" from "A -> B". (PROVE-LEMMA DISTRIB-RULE-PROOF-B-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (PROVES PF (F-IMPLIES A B) GIVEN DEFNS SYMBOLS) (EQUAL A-PRIME (F-IMPLIES (FORALL VAR A) (FORALL VAR B)))) (PROVES (DISTRIB-RULE-PROOF-B VAR A B PF) A-PRIME GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA-AGAIN (EXP (F-IMPLIES A B)))) (DISABLE PROVES-IS-FORMULA))) (TOGGLE G0361 DISTRIB-RULE-PROOF-B T) (PROVE-LEMMA FORMULA-FORALL (REWRITE) (EQUAL (FORMULA (FORALL VAR EXP) SYMBOLS) (FORMULA EXP SYMBOLS))) (PROVE-LEMMA COLLECT-FREE-FORSOME (REWRITE) (IMPLIES (VARIABLE VAR) (EQUAL (COLLECT-FREE (FORSOME VAR EXP) 0) (DEL VAR (COLLECT-FREE EXP 0))))) (PROVE-LEMMA COLLECT-FREE-FORALL (REWRITE) (IMPLIES (VARIABLE VAR) (EQUAL (COLLECT-FREE (FORALL VAR EXP) 0) (DEL VAR (COLLECT-FREE EXP 0))))) (PROVE-LEMMA COVERING-FORALL (REWRITE) (IMPLIES (VARIABLE VAR) (EQUAL (COVERING (FORALL VAR EXP) X 0) (IF (MEMB X (COLLECT-FREE (FORALL VAR EXP) 0)) (CONS VAR (COVERING EXP X 0)) NIL)))) (PROVE-LEMMA PARALLEL-SUBST-FORALL (REWRITE) (IMPLIES (VARIABLE VAR) (EQUAL (PARALLEL-SUBST (FORALL VAR EXP) VARS TERMS 0) (FORALL VAR (PARALLEL-SUBST EXP (DEL VAR VARS) (DEL-PAIRS VAR VARS TERMS) 0))))) (PROVE-LEMMA SUBST-FORALL (REWRITE) (IMPLIES (VARIABLE VAR) (EQUAL (SUBST (FORALL VAR EXP) X TERM 0) (IF (EQUAL VAR X) (FORALL VAR EXP) (FORALL VAR (SUBST EXP X TERM 0)))))) (TOGGLE G0363 FORALL T) (DEFN LIST-F-IFF (LHS RHS) (IF (AND (LISTP LHS) (LISTP RHS)) (CONS (F-IFF (CAR LHS) (CAR RHS)) (LIST-F-IFF (CDR LHS) (CDR RHS))) NIL)) (DEFN F-IFF-DISTRIB-RULE-A-PROOF (VAR A A-PRIME PF) (IFF-JOIN-PROOF (FORSOME VAR A) (FORSOME VAR A-PRIME) (DISTRIB-RULE-PROOF-A VAR A A-PRIME (IFF-SPLIT-PROOF1 A A-PRIME PF)) (DISTRIB-RULE-PROOF-A VAR A-PRIME A (IFF-SPLIT-PROOF2 A A-PRIME PF)))) (PROVE-LEMMA F-IFF-DISTRIB-RULE-A-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF (F-IFF A A-PRIME) GIVEN DEFNS SYMBOLS) (VARIABLE VAR)) (PROVES (F-IFF-DISTRIB-RULE-A-PROOF VAR A A-PRIME PF) (F-IFF (FORSOME VAR A) (FORSOME VAR A-PRIME)) GIVEN DEFNS SYMBOLS))) (DEFN NOT-IFF-PROOF (A B PF) (TAUTCONSEQ-PROOF (LIST (F-IFF A B)) (F-IFF (F-NOT A) (F-NOT B)) (LIST PF))) (PROVE-LEMMA NOT-IFF-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-IFF A B) GIVEN DEFNS SYMBOLS) (PROVES (NOT-IFF-PROOF A B PF) (F-IFF (F-NOT A) (F-NOT B)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IFF A B)))))) (TOGGLE G0317 NOT-IFF-PROOF T) (TOGGLE G0318 F-IFF-DISTRIB-RULE-A-PROOF T) (DEFN OR-IFF-PROOF (A1 A2 B1 B2 PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IFF A1 B1) (F-IFF A2 B2)) (F-IFF (F-OR A1 A2) (F-OR B1 B2)) (LIST PF1 PF2))) (PROVE-LEMMA OR-IFF-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IFF A1 B1) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IFF A2 B2) GIVEN DEFNS SYMBOLS)) (PROVES (OR-IFF-PROOF A1 A2 B1 B2 PF1 PF2) (F-IFF (F-OR A1 A2) (F-OR B1 B2)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IFF A1 B1))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IFF A2 B2)))) )) (TOGGLE G0319 OR-IFF-PROOF T) ;;;;;;;EQN-FORM checks if A and A-PRIME are identical modulo the equivalences ;;;;;;;given in the list GIVEN. It is used to prove the equivalence theorem. (DEFN EQN-FORM (A-PRIME A GIVEN) (IF (EQUAL A-PRIME A) T (IF (MEMBER (F-IFF A A-PRIME) GIVEN) T (IF (AND (F-NOTP A) (F-NOTP A-PRIME)) (EQN-FORM (ARG A-PRIME) (ARG A) GIVEN) (IF (AND (F-ORP A) (F-ORP A-PRIME)) (AND (EQN-FORM (ARG1 A-PRIME) (ARG1 A) GIVEN) (EQN-FORM (ARG2 A-PRIME) (ARG2 A) GIVEN)) (IF (AND (FORSOMEP A) (FORSOMEP A-PRIME)) (AND (EQUAL (BIND A) (BIND A-PRIME)) (EQN-FORM (BODY A-PRIME) (BODY A) GIVEN)) F)))))) (DEFN GETPF (X Y Z) (IF (AND (LISTP Y) (LISTP Z)) (IF (EQUAL X (CAR Y)) (CAR Z) (GETPF X (CDR Y) (CDR Z))) X)) (PROVE-LEMMA GETPF-PROVES (REWRITE) (IMPLIES (AND (PROVES-LIST PFLIST LIST GIVEN DEFNS SYMBOLS) (MEMBER CONCL LIST)) (PROVES (GETPF CONCL LIST PFLIST) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0596 PROVES NIL) (PROVE-LEMMA EQL-TRANS2 (REWRITE) (IMPLIES (AND (EQL X Z) (EQL Y Z)) (EQL X Y))) (PROVE-LEMMA EQL-TRANS3 (REWRITE) (IMPLIES (AND (EQL X Y) (EQL X Z)) (EQL Y Z))) (PROVE-LEMMA PROVES-EQL (REWRITE) (IMPLIES (AND (PROVES PF CONC1 GIVEN DEFNS SYMBOLS) (EQL CONC1 CONC2) (FORMULA CONC2 SYMBOLS)) (PROVES PF CONC2 GIVEN DEFNS SYMBOLS))) (TOGGLE G0598 PROVES T) (PROVE-LEMMA GETSUB-PROVES (REWRITE) (IMPLIES (AND (PROVES-LIST PFLIST LIST GIVEN DEFNS SYMBOLS) (MEMB CONCL LIST) (FORMULA CONCL SYMBOLS)) (PROVES (GETSUB CONCL LIST PFLIST) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0600 PROVES-EQL T) ;;;;;;;EQN-FORM-PROOF is the proof-constructor which constructs the proof of the ;;;;;;;equivalence of A and A-PRIME from the proofs of the equivalences in GIVEN. (DEFN EQN-FORM-PROOF (A-PRIME A GIVEN PFLIST) (IF (EQUAL A-PRIME A) (TAUTCONSEQ-PROOF NIL (F-IFF A A) NIL) (IF (MEMBER (F-IFF A A-PRIME) GIVEN) (GETPF (F-IFF A A-PRIME) GIVEN PFLIST) (IF (AND (F-NOTP A) (F-NOTP A-PRIME)) (NOT-IFF-PROOF (ARG A) (ARG A-PRIME) (EQN-FORM-PROOF (ARG A-PRIME) (ARG A) GIVEN PFLIST)) (IF (AND (F-ORP A) (F-ORP A-PRIME)) (OR-IFF-PROOF (ARG1 A) (ARG2 A) (ARG1 A-PRIME) (ARG2 A-PRIME) (EQN-FORM-PROOF (ARG1 A-PRIME) (ARG1 A) GIVEN PFLIST) (EQN-FORM-PROOF (ARG2 A-PRIME) (ARG2 A) GIVEN PFLIST)) (IF (AND (FORSOMEP A) (FORSOMEP A-PRIME)) (F-IFF-DISTRIB-RULE-A-PROOF (BIND A) (BODY A) (BODY A-PRIME) (EQN-FORM-PROOF (BODY A-PRIME) (BODY A) GIVEN PFLIST)) NIL)))))) ;;;;;;;The equivalence theorem: If A and A-PRIME are identical modulo the ;;;;;;;proven equivalences in GIVEN (whose proofs are in PFLIST), then ;;;;;;; "A <-> A-PRIME" is provable. (PROVE-LEMMA EQN-FORM-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORMULA (F-IFF A A-PRIME) SYMBOLS) (EQN-FORM A-PRIME A LIST) (PROVES-LIST PFLIST LIST GIVEN DEFNS SYMBOLS)) (PROVES (EQN-FORM-PROOF A-PRIME A LIST PFLIST) (F-IFF A A-PRIME) GIVEN DEFNS SYMBOLS)) ((INDUCT (EQN-FORM A-PRIME A LIST)))) (TOGGLE G0338 EQN-FORM-PROOF T) (DEFN ELIM-LINK-PROOF (X Y Z PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES X (F-IMPLIES Y Z)) (F-IMPLIES X Y)) (F-IMPLIES X Z) (LIST PF1 PF2))) (PROVE-LEMMA ELIM-LINK-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES X (F-IMPLIES Y Z)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES X Y) GIVEN DEFNS SYMBOLS)) (PROVES (ELIM-LINK-PROOF X Y Z PF1 PF2) (F-IMPLIES X Z) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES X (F-IMPLIES Y Z))))))) (TOGGLE G0499 ELIM-LINK-PROOF T) (DEFN ELIM-ARGS-PROOF (HYP ARGS EXP PFLIST PF) (IF (LISTP ARGS) (ELIM-ARGS-PROOF HYP (CDR ARGS) EXP (CDR PFLIST) (ELIM-LINK-PROOF HYP (CAR ARGS) (LIST-IMPLIES (CDR ARGS) EXP) PF (CAR PFLIST))) PF)) (DEFN DIST-F-IMPLIES (HYP LIST) (IF (LISTP LIST) (CONS (F-IMPLIES HYP (CAR LIST)) (DIST-F-IMPLIES HYP (CDR LIST))) NIL)) (TOGGLE G0506 LIST-IMPLIES-REDUC T) (PROVE-LEMMA ELIM-ARGS-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (PROVES-LIST PFLIST (DIST-F-IMPLIES HYP ARGS) GIVEN DEFNS SYMBOLS) (PROVES PF (F-IMPLIES HYP (LIST-IMPLIES ARGS EXP)) GIVEN DEFNS SYMBOLS)) (PROVES (ELIM-ARGS-PROOF HYP ARGS EXP PFLIST PF) (F-IMPLIES HYP EXP) GIVEN DEFNS SYMBOLS)) ((INDUCT (ELIM-ARGS-PROOF HYP ARGS EXP PFLIST PF)) (USE (PROVES-LIST-FORM-LIST (FLIST (DIST-F-IMPLIES HYP ARGS)))))) (TOGGLE G0507 ELIM-ARGS-PROOF T) (DEFN SYMMETRY-PROOF1 (X Y) (TAUTCONSEQ-PROOF (LIST (F-EQUAL X X) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL X X) (F-IMPLIES (F-EQUAL X X) (F-EQUAL Y X))))) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL Y X)) (LIST (IDENT-AXIOM-PROOF X) (EQUAL-AXIOM2-PROOF (P 0 2) (LIST X X) (LIST Y X))))) (TOGGLE G0365 F-EQUAL NIL) (PROVE-LEMMA EQUAL-EQUAL-AXIOM2 (REWRITE) (IMPLIES (FORMULA (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL U V) (F-IMPLIES (F-EQUAL X U) (F-EQUAL Y V)))) SYMBOLS) (PROVES (EQUAL-AXIOM2-PROOF (P 0 2) (LIST X U) (LIST Y V)) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL U V) (F-IMPLIES (F-EQUAL X U) (F-EQUAL Y V)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0368 F-EQUAL T) ;;;;;;;The symmetry theorem: "(x = y) -> (y = x)" ;;;;;;;The next few events lead up to the proof of the equality theorem. (PROVE-LEMMA SYMMETRY-THEOREM1 (REWRITE) (IMPLIES (FORMULA (F-EQUAL X Y) SYMBOLS) (PROVES (SYMMETRY-PROOF1 X Y) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL Y X)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0372 SYMMETRY-PROOF1 T) (DEFN LIST-F-AND (LIST) (IF (LISTP LIST) (IF (LISTP (CDR LIST)) (F-AND (CAR LIST) (LIST-F-AND (CDR LIST))) (CAR LIST)) NIL)) (PROVE-LEMMA FORMULA-LIST-F-AND (REWRITE) (IMPLIES (AND (FORM-LIST LIST SYMBOLS) (LISTP LIST)) (FORMULA (LIST-F-AND LIST) SYMBOLS))) (DEFN LIST-F-AND-MEMBER-PROOF (X LIST) (IF (LISTP LIST) (IF (LISTP (CDR LIST)) (IF (EQUAL X (CAR LIST)) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-AND X (LIST-F-AND (CDR LIST))) X) NIL) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (LIST-F-AND (CDR LIST)) X)) (F-IMPLIES (LIST-F-AND LIST) X) (LIST (LIST-F-AND-MEMBER-PROOF X (CDR LIST))))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES X X) NIL)) NIL)) (PROVE-LEMMA LIST-F-AND-MEMBER-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-LIST LIST SYMBOLS) (MEMBER X LIST) (FORMULA X SYMBOLS)) (PROVES (LIST-F-AND-MEMBER-PROOF X LIST) (F-IMPLIES (LIST-F-AND LIST) X) GIVEN DEFNS SYMBOLS)) ((INDUCT (LIST-F-AND-MEMBER-PROOF X LIST)))) (TOGGLE G0508 LIST-F-AND T) (DEFN ADD-HYP-PROOF (HYP EXP PF) (TAUTCONSEQ-PROOF (LIST EXP) (F-IMPLIES HYP EXP) (LIST PF))) (PROVE-LEMMA ADD-HYP-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA HYP SYMBOLS) (PROVES PF EXP GIVEN DEFNS SYMBOLS)) (PROVES (ADD-HYP-PROOF HYP EXP PF) (F-IMPLIES HYP EXP) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA)))) (TOGGLE G0509 ADD-HYP-PROOF T) (DEFN LIST-F-EQUAL (LISTA LISTB) (IF (AND (LISTP LISTA) (LISTP LISTB)) (CONS (F-EQUAL (CAR LISTA) (CAR LISTB)) (LIST-F-EQUAL (CDR LISTA) (CDR LISTB))) NIL)) (DEFN FLG-F-IMPLIES-EQUAL (HYP TERMA TERMB FLG) (IF (ZEROP FLG) (F-IMPLIES HYP (F-EQUAL TERMA TERMB)) (DIST-F-IMPLIES HYP (LIST-F-EQUAL TERMA TERMB)))) (DEFN FLG-PROVES (PF EXP GIVEN DEFNS SYMBOLS FLG) (IF (ZEROP FLG) (PROVES PF EXP GIVEN DEFNS SYMBOLS) (PROVES-LIST PF EXP GIVEN DEFNS SYMBOLS))) (DEFN TERM-LIST (TERMS SYMBOLS) (IF (LISTP TERMS) (AND (TERMP (CAR TERMS) 0 SYMBOLS) (TERM-LIST (CDR TERMS) SYMBOLS)) T)) (DEFN FLG-TERMP (TERM FLG SYMBOLS) (IF (ZEROP FLG) (TERMP TERM 0 SYMBOLS) (TERM-LIST TERM SYMBOLS))) (PROVE-LEMMA TERMP-TERM-LIST (REWRITE) (IMPLIES (TERMP EXP 1 SYMBOLS) (TERM-LIST EXP SYMBOLS))) (PROVE-LEMMA PAIREQUALS-REDUC (REWRITE) (EQUAL (PAIREQUALS VARS1 VARS2 EXP) (LIST-IMPLIES (LIST-F-EQUAL VARS1 VARS2) EXP)) ((DISABLE LIST-IMPLIES-REDUC))) (PROVE-LEMMA FORMULA-LIST-IMPLIES1 (REWRITE) (EQUAL (FORMULA (LIST-IMPLIES LIST EXP) SYMBOLS) (AND (FORM-LIST LIST SYMBOLS) (FORMULA EXP SYMBOLS)))) (PROVE-LEMMA FORM-LIST-F-EQUAL (REWRITE) (IMPLIES (AND (TERM-LIST TERMS1 SYMBOLS) (TERM-LIST TERMS2 SYMBOLS)) (FORM-LIST (LIST-F-EQUAL TERMS1 TERMS2) SYMBOLS))) (DEFN SYMMETRY-PROOF (A B) (IFF-JOIN-PROOF (F-EQUAL A B) (F-EQUAL B A) (SYMMETRY-PROOF1 A B) (SYMMETRY-PROOF1 B A))) (PROVE-LEMMA SYMMETRY-THEOREM (REWRITE) (IMPLIES (FORMULA (F-EQUAL A B) SYMBOLS) (PROVES (SYMMETRY-PROOF A B) (F-IFF (F-EQUAL A B) (F-EQUAL B A)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0373 SYMMETRY-PROOF T) (DEFN COMMUTE-EQUAL-PROOF (X Y PF) (DETACH-PROOF (F-EQUAL X Y) (F-EQUAL Y X) PF (SYMMETRY-PROOF1 X Y))) (PROVE-LEMMA COMMUTE-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF (F-EQUAL X Y) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL Y X))) (PROVES (COMMUTE-EQUAL-PROOF X Y PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-EQUAL X Y)))) (DISABLE PROVES-IS-FORMULA))) (TOGGLE G0370 COMMUTE-EQUAL-PROOF T) (DEFN LIST-COMMUTE-EQUAL-PROOF (LISTA LISTB PFLIST) (IF (AND (LISTP LISTA) (LISTP LISTB)) (CONS (COMMUTE-EQUAL-PROOF (CAR LISTA) (CAR LISTB) (CAR PFLIST)) (LIST-COMMUTE-EQUAL-PROOF (CDR LISTA) (CDR LISTB) (CDR PFLIST))) NIL)) (PROVE-LEMMA LIST-COMMUTE-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (PROVES-LIST PFLIST (LIST-F-EQUAL LISTA LISTB) GIVEN DEFNS SYMBOLS) (PROVES-LIST (LIST-COMMUTE-EQUAL-PROOF LISTA LISTB PFLIST) (LIST-F-EQUAL LISTB LISTA) GIVEN DEFNS SYMBOLS))) (TOGGLE G0371 LIST-COMMUTE-EQUAL-PROOF T) (DEFN FORALL-OVER-IMPLIES-PROOF (X A B) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME X A) (F-IMPLIES (FORALL X (F-IMPLIES A B)) (FORSOME X B)))) (F-IMPLIES (FORALL X (F-IMPLIES A B)) (F-IMPLIES (FORSOME X A) (FORSOME X B))) (LIST (FORSOME-INTRO-PROOF X A (F-IMPLIES (FORALL X (F-IMPLIES A B)) (FORSOME X B)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X (F-IMPLIES A B)) (F-IMPLIES A B)) (F-IMPLIES B (FORSOME X B))) (F-IMPLIES A (F-IMPLIES (FORALL X (F-IMPLIES A B)) (FORSOME X B))) (LIST (ALL-ELIM-PROOF X (F-IMPLIES A B)) (E-INTRO-PROOF X B))))))) (PROVE-LEMMA FORALL-OVER-IMPLIES-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (FORALL-OVER-IMPLIES-PROOF X A B) (F-IMPLIES (FORALL X (F-IMPLIES A B)) (F-IMPLIES (FORSOME X A) (FORSOME X B))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0910 FORALL-OVER-IMPLIES-PROOF T) (DEFN FORALL-OVER-IFF-PROOF (X A B) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME X A) (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B))) (F-IMPLIES (FORSOME X B) (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A)))) (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF (FORSOME X A) (FORSOME X B))) (LIST (FORSOME-INTRO-PROOF X A (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF A B)) (F-IMPLIES B (FORSOME X B))) (F-IMPLIES A (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B))) (LIST (ALL-ELIM-PROOF X (F-IFF A B)) (E-INTRO-PROOF X B)))) (FORSOME-INTRO-PROOF X B (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF A B)) (F-IMPLIES A (FORSOME X A))) (F-IMPLIES B (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A))) (LIST (ALL-ELIM-PROOF X (F-IFF A B)) (E-INTRO-PROOF X A))))))) (PROVE-LEMMA FORALL-OVER-IFF-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (FORALL-OVER-IFF-PROOF X A B) (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF (FORSOME X A) (FORSOME X B))) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF A B)) (F-IMPLIES B (FORSOME X B)))) (EXP (F-IMPLIES A (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B)))) (PFLIST (LIST (ALL-ELIM-PROOF X (F-IFF A B)) (E-INTRO-PROOF X B)))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF A B)) (F-IMPLIES A (FORSOME X A)))) (EXP (F-IMPLIES B (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A)))) (PFLIST (LIST (ALL-ELIM-PROOF X (F-IFF A B)) (E-INTRO-PROOF X A)))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (FORSOME X A) (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B))) (F-IMPLIES (FORSOME X B) (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A))))) (EXP (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF (FORSOME X A) (FORSOME X B)))) (PFLIST (LIST (FORSOME-INTRO-PROOF X A (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF A B)) (F-IMPLIES B (FORSOME X B))) (F-IMPLIES A (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X B))) (LIST (ALL-ELIM-PROOF X (F-IFF A B)) (E-INTRO-PROOF X B)))) (FORSOME-INTRO-PROOF X B (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X (F-IFF A B)) (F-IFF A B)) (F-IMPLIES A (FORSOME X A))) (F-IMPLIES B (F-IMPLIES (FORALL X (F-IFF A B)) (FORSOME X A))) (LIST (ALL-ELIM-PROOF X (F-IFF A B)) (E-INTRO-PROOF X A)))))))))) (TOGGLE G0911 FORALL-OVER-IFF-PROOF T) (DEFN ELIM-FREE-TERMS (X LIST) (IF (LISTP LIST) (IF (MEMBER X (COLLECT-FREE (CAR LIST) 0)) (ELIM-FREE-TERMS X (CDR LIST)) (CONS (CAR LIST) (ELIM-FREE-TERMS X (CDR LIST)))) NIL)) (PROVE-LEMMA SUBSET-ELIM-FREE-TERMS (REWRITE) (SUBSET (ELIM-FREE-TERMS X LIST) LIST)) (PROVE-LEMMA NOT-FREE-ELIM-FREE-TERMS (REWRITE) (NOT (MEMBER X (COLLECT-FREE (ELIM-FREE-TERMS X LIST) 1)))) (TOGGLE G0912 LIST-F-AND NIL) (PROVE-LEMMA COLLECT-FREE-LIST-F-AND (REWRITE) (EQUAL (MEMBER X (COLLECT-FREE (LIST-F-AND LIST) 0)) (MEMBER X (COLLECT-FREE LIST 1)))) (PROVE-LEMMA FORMULA-F-AND (REWRITE) (EQUAL (FORMULA (F-AND X Y) SYMBOLS) (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS)))) (PROVE-LEMMA COVERING-F-AND (REWRITE) (EQUAL (COVERING (F-AND X Y) VAR 0) (APPEND (COVERING X VAR 0) (COVERING Y VAR 0)))) (PROVE-LEMMA COLLECT-FREE-F-AND (REWRITE) (EQUAL (COLLECT-FREE (F-AND Y Z) 0) (APPEND (COLLECT-FREE Y 0) (COLLECT-FREE Z 0)))) (PROVE-LEMMA SUBST-F-AND (REWRITE) (EQUAL (SUBST (F-AND X Y) VAR TERM 0) (F-AND (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-F-AND (REWRITE) (EQUAL (PARALLEL-SUBST (F-AND X Y) VARS TERMS 0) (F-AND (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0)))) (PROVE-LEMMA EVAL-F-AND (REWRITE) (EQUAL (EVAL (F-AND X Y) ALIST) (AND (EVAL X ALIST) (EVAL Y ALIST)))) (TOGGLE G0384 F-AND T) (DEFN SUBSET-LIST-F-AND-PROOF (LIST1 LIST2) (IF (LISTP LIST2) (IF (LISTP (CDR LIST2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (LIST-F-AND LIST1) (CAR LIST2)) (F-IMPLIES (LIST-F-AND LIST1) (LIST-F-AND (CDR LIST2)))) (F-IMPLIES (LIST-F-AND LIST1) (LIST-F-AND LIST2)) (LIST (LIST-F-AND-MEMBER-PROOF (CAR LIST2) LIST1) (SUBSET-LIST-F-AND-PROOF LIST1 (CDR LIST2)))) (LIST-F-AND-MEMBER-PROOF (CAR LIST2) LIST1)) NIL)) (PROVE-LEMMA SUBSET-LIST-F-AND-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-LIST LIST1 SYMBOLS) (FORM-LIST LIST2 SYMBOLS) (LISTP LIST1) (LISTP LIST2) (SUBSET LIST2 LIST1)) (PROVES (SUBSET-LIST-F-AND-PROOF LIST1 LIST2) (F-IMPLIES (LIST-F-AND LIST1) (LIST-F-AND LIST2)) GIVEN DEFNS SYMBOLS))) (DEFN LIST-F-IMPLIES (X Y) (IF (AND (LISTP X) (LISTP Y)) (CONS (F-IMPLIES (CAR X) (CAR Y)) (LIST-F-IMPLIES (CDR X) (CDR Y))) NIL)) (DEFN IMPLIES-IMPLIES-PROOF (X Y U V PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES U X) (F-IMPLIES Y V)) (F-IMPLIES (F-IMPLIES X Y) (F-IMPLIES U V)) (LIST PF1 PF2))) (PROVE-LEMMA IMPLIES-IMPLIES-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES U X) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES Y V) GIVEN DEFNS SYMBOLS)) (PROVES (IMPLIES-IMPLIES-PROOF X Y U V PF1 PF2) (F-IMPLIES (F-IMPLIES X Y) (F-IMPLIES U V)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES U X))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES Y V)))) )) (TOGGLE G0876 IMPLIES-IMPLIES-PROOF T) (DEFN LIST-IMPLIES-IMPLIES-PROOF (X Y Z PFLIST) (IF (AND (LISTP X) (LISTP Y)) (IMPLIES-IMPLIES-PROOF (CAR Y) (LIST-IMPLIES (CDR Y) Z) (CAR X) (LIST-IMPLIES (CDR X) Z) (CAR PFLIST) (LIST-IMPLIES-IMPLIES-PROOF (CDR X) (CDR Y) Z (CDR PFLIST))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES Z Z) NIL))) (PROVE-LEMMA LIST-IMPLIES-IMPLIES-PROOF-PROVES (REWRITE) (IMPLIES (AND (EQUAL (LENGTH X) (LENGTH Y)) (FORMULA Z SYMBOLS) (PROVES-LIST PFLIST (LIST-F-IMPLIES X Y) GIVEN DEFNS SYMBOLS)) (PROVES (LIST-IMPLIES-IMPLIES-PROOF X Y Z PFLIST) (F-IMPLIES (LIST-IMPLIES Y Z) (LIST-IMPLIES X Z)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-LIST-FORM-LIST (FLIST (LIST-F-IMPLIES X Y)))))) (TOGGLE G0877 LIST-IMPLIES-IMPLIES-PROOF T) (DEFN LIST-SYMMETRY-PROOF1 (X Y) (IF (AND (LISTP X) (LISTP Y)) (CONS (SYMMETRY-PROOF1 (CAR X) (CAR Y)) (LIST-SYMMETRY-PROOF1 (CDR X) (CDR Y))) NIL)) (PROVE-LEMMA LIST-SYMMETRY-PROOF1-PROVES (REWRITE) (IMPLIES (AND (TERM-LIST X SYMBOLS) (TERM-LIST Y SYMBOLS)) (PROVES-LIST (LIST-SYMMETRY-PROOF1 X Y) (LIST-F-IMPLIES (LIST-F-EQUAL X Y) (LIST-F-EQUAL Y X)) GIVEN DEFNS SYMBOLS)) ((INDUCT (LIST-SYMMETRY-PROOF1 X Y)))) (TOGGLE G0878 LIST-SYMMETRY-PROOF1 T) (DEFN IMP-IFF-NOT-PROOF (X Y Z PF) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES X (F-IFF Y Z))) (F-IMPLIES X (F-IFF (F-NOT Y) (F-NOT Z))) (LIST PF))) (PROVE-LEMMA IMP-IFF-NOT-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-IMPLIES X (F-IFF Y Z)) GIVEN DEFNS SYMBOLS) (PROVES (IMP-IFF-NOT-PROOF X Y Z PF) (F-IMPLIES X (F-IFF (F-NOT Y) (F-NOT Z))) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IMPLIES X (F-IFF Y Z)))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES X (F-IFF Y Z)))) (EXP (F-IMPLIES X (F-IFF (F-NOT Y) (F-NOT Z)))) (PFLIST (LIST PF)))) )) (TOGGLE G0879 IMP-IFF-NOT-PROOF T) (DEFN IMP-IFF-OR-PROOF (X Y1 Z1 Y2 Z2 PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES X (F-IFF Y1 Z1)) (F-IMPLIES X (F-IFF Y2 Z2))) (F-IMPLIES X (F-IFF (F-OR Y1 Y2) (F-OR Z1 Z2))) (LIST PF1 PF2))) (PROVE-LEMMA IMP-IFF-OR-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES X (F-IFF Y1 Z1)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES X (F-IFF Y2 Z2)) GIVEN DEFNS SYMBOLS)) (PROVES (IMP-IFF-OR-PROOF X Y1 Z1 Y2 Z2 PF1 PF2) (F-IMPLIES X (F-IFF (F-OR Y1 Y2) (F-OR Z1 Z2))) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES X (F-IFF Y1 Z1)))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES X (F-IFF Y2 Z2)))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES X (F-IFF Y1 Z1)) (F-IMPLIES X (F-IFF Y2 Z2)))) (EXP (F-IMPLIES X (F-IFF (F-OR Y1 Y2) (F-OR Z1 Z2)))) (PFLIST (LIST PF1 PF2)))) )) (TOGGLE G0880 IMP-IFF-OR-PROOF T) (DEFN MAKE-CHAIN (A B LIST) (IF (LISTP LIST) (CONS (F-IMPLIES A (CAR LIST)) (MAKE-CHAIN (CAR LIST) B (CDR LIST))) (LIST (F-IMPLIES A B)))) (DEFN CHAIN-PROOF (A B LIST PFLIST) (IF (LISTP LIST) (TRANS-IMPLIES-PROOF A (CAR LIST) B (CAR PFLIST) (CHAIN-PROOF (CAR LIST) B (CDR LIST) (CDR PFLIST))) (CAR PFLIST))) ;;;;;;;The chain rule below is a frequently used rule of inference. ;;;;;;;It asserts that "A -> B" is provable if there is a chain of provable ;;;;;;;implications leading from "A" to "B". (PROVE-LEMMA CHAIN-RULE (REWRITE) (IMPLIES (PROVES-LIST PFLIST (MAKE-CHAIN A B LIST) GIVEN DEFNS SYMBOLS) (PROVES (CHAIN-PROOF A B LIST PFLIST) (F-IMPLIES A B) GIVEN DEFNS SYMBOLS))) (TOGGLE G0396 CHAIN-PROOF T) (DEFN MAKE-IFF-CHAIN (A B LIST) (IF (LISTP LIST) (CONS (F-IFF A (CAR LIST)) (MAKE-IFF-CHAIN (CAR LIST) B (CDR LIST))) (LIST (F-IFF A B)))) (DEFN CHAIN-IFF-PROOF (A B LIST PFLIST) (IF (LISTP LIST) (TRANS-F-IFF-PROOF A (CAR LIST) B (CAR PFLIST) (CHAIN-IFF-PROOF (CAR LIST) B (CDR LIST) (CDR PFLIST))) (CAR PFLIST))) ;;;;;;;The chain rule form "<->". (PROVE-LEMMA CHAIN-IFF-PROOF-PROVES (REWRITE) (IMPLIES (PROVES-LIST PFLIST (MAKE-IFF-CHAIN A B LIST) GIVEN DEFNS SYMBOLS) (PROVES (CHAIN-IFF-PROOF A B LIST PFLIST) (F-IFF A B) GIVEN DEFNS SYMBOLS))) (TOGGLE G0386 CHAIN-IFF-PROOF T) (DEFN IMP-IFF-FORSOME-PROOF (X Y Z VAR PF) (CHAIN-PROOF X (F-IFF (FORSOME VAR Y) (FORSOME VAR Z)) (LIST (FORALL VAR (F-IFF Y Z))) (LIST (FORALL-INTRO-PROOF X (F-IFF Y Z) VAR PF) (FORALL-OVER-IFF-PROOF VAR Y Z)))) (PROVE-LEMMA IMP-IFF-FORSOME-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE X 0))) (PROVES PF (F-IMPLIES X (F-IFF Y Z)) GIVEN DEFNS SYMBOLS)) (PROVES (IMP-IFF-FORSOME-PROOF X Y Z VAR PF) (F-IMPLIES X (F-IFF (FORSOME VAR Y) (FORSOME VAR Z))) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IMPLIES X (F-IFF Y Z))))))) (TOGGLE G0881 IMP-IFF-FORSOME-PROOF T) (DEFN DIST-F-IMPLIES-SYMMETRY-PROOF (X LIST1 LIST2 PFLIST) (IF (AND (LISTP LIST1) (LISTP LIST2)) (CONS (CHAIN-PROOF X (F-EQUAL (CAR LIST2) (CAR LIST1)) (LIST (F-EQUAL (CAR LIST1) (CAR LIST2))) (LIST (CAR PFLIST) (SYMMETRY-PROOF1 (CAR LIST1) (CAR LIST2)))) (DIST-F-IMPLIES-SYMMETRY-PROOF X (CDR LIST1) (CDR LIST2) (CDR PFLIST))) NIL)) (PROVE-LEMMA DIST-F-IMPLIES-SYMMETRY-PROOF-PROVES (REWRITE) (IMPLIES (PROVES-LIST PFLIST (DIST-F-IMPLIES X (LIST-F-EQUAL LIST1 LIST2)) GIVEN DEFNS SYMBOLS) (PROVES-LIST (DIST-F-IMPLIES-SYMMETRY-PROOF X LIST1 LIST2 PFLIST) (DIST-F-IMPLIES X (LIST-F-EQUAL LIST2 LIST1)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-LIST-FORM-LIST (FLIST (DIST-F-IMPLIES X (LIST-F-EQUAL LIST1 LIST2))))) (DISABLE PROVES-LIST-FORM-LIST))) (TOGGLE G0882 DIST-F-IMPLIES-SYMMETRY-PROOF T) (DEFN IMP-IFF-IMPLIES-PROOF (X Y Z PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES X (F-IMPLIES Y Z)) (F-IMPLIES X (F-IMPLIES Z Y))) (F-IMPLIES X (F-IFF Y Z)) (LIST PF1 PF2))) (PROVE-LEMMA IMP-IFF-IMPLIES-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES X (F-IMPLIES Y Z)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES X (F-IMPLIES Z Y)) GIVEN DEFNS SYMBOLS)) (PROVES (IMP-IFF-IMPLIES-PROOF X Y Z PF1 PF2) (F-IMPLIES X (F-IFF Y Z)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES X (F-IMPLIES Y Z)))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES X (F-IMPLIES Z Y))))) )) (TOGGLE G0883 IMP-IFF-IMPLIES-PROOF T) ;;;;;;;TERM-EQUAL-PROOF is the proof-constructor for the equality theorem ;;;;;;;for terms. (DEFN TERM-EQUAL-PROOF (TERMA TERMB LIST FLG) (IF (ZEROP FLG) (IF (EQUAL TERMA TERMB) (ADD-HYP-PROOF (LIST-F-AND LIST) (F-EQUAL TERMA TERMA) (IDENT-AXIOM-PROOF TERMA)) (IF (MEMBER (F-EQUAL TERMA TERMB) LIST) (LIST-F-AND-MEMBER-PROOF (F-EQUAL TERMA TERMB) LIST) (IF (MEMBER (F-EQUAL TERMB TERMA) LIST) (CHAIN-PROOF (LIST-F-AND LIST) (F-EQUAL TERMA TERMB) (LIST (F-EQUAL TERMB TERMA)) (LIST (LIST-F-AND-MEMBER-PROOF (F-EQUAL TERMB TERMA) LIST) (SYMMETRY-PROOF1 TERMB TERMA))) (IF (AND (LISTP TERMA) (LISTP TERMB)) (ELIM-ARGS-PROOF (LIST-F-AND LIST) (LIST-F-EQUAL (CDR TERMA) (CDR TERMB)) (F-EQUAL TERMA TERMB) (TERM-EQUAL-PROOF (CDR TERMA) (CDR TERMB) LIST 1) (ADD-HYP-PROOF (LIST-F-AND LIST) (LIST-IMPLIES (LIST-F-EQUAL (CDR TERMA) (CDR TERMB)) (F-EQUAL TERMA TERMB)) (EQUAL-AXIOM1-PROOF (CAR TERMA) (CDR TERMA) (CDR TERMB)))) NIL)))) (IF (AND (LISTP TERMA) (LISTP TERMB)) (CONS (TERM-EQUAL-PROOF (CAR TERMA) (CAR TERMB) LIST 0) (TERM-EQUAL-PROOF (CDR TERMA) (CDR TERMB) LIST 1)) NIL))) ;;;;;;;TERM-EQUAL checks if TERMA and TERMB are identical modulo the list of ;;;;;;;equalities in LIST. (DEFN TERM-EQUAL (TERMA TERMB LIST FLG) (IF (ZEROP FLG) (IF (EQUAL TERMA TERMB) T (IF (MEMBER (F-EQUAL TERMA TERMB) LIST) T (IF (MEMBER (F-EQUAL TERMB TERMA) LIST) T (IF (AND (LISTP TERMA) (LISTP TERMB)) (AND (EQUAL (CAR TERMA) (CAR TERMB)) (TERM-EQUAL (CDR TERMA) (CDR TERMB) LIST 1)) F)))) (IF (AND (LISTP TERMA) (LISTP TERMB)) (AND (TERM-EQUAL (CAR TERMA) (CAR TERMB) LIST 0) (TERM-EQUAL (CDR TERMA) (CDR TERMB) LIST 1)) (EQUAL TERMA TERMB)))) ;;;;;;;The equality theorem for terms: If "a" and "b" are identical ;;;;;;;modulo the equalities "x1 = y1",..., "xn = yn", etc., then ;;;;;;;it is provable that, "((x1=y1) ^ ... ^ (xn=yn))->(a=b)". (PROVE-LEMMA TERM-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (FLG-TERMP TERMA FLG SYMBOLS) (FLG-TERMP TERMB FLG SYMBOLS) (LISTP LIST) (FORM-LIST LIST SYMBOLS) (TERM-EQUAL TERMA TERMB LIST FLG)) (FLG-PROVES (TERM-EQUAL-PROOF TERMA TERMB LIST FLG) (FLG-F-IMPLIES-EQUAL (LIST-F-AND LIST) TERMA TERMB FLG) GIVEN DEFNS SYMBOLS FLG)) ((INDUCT (TERM-EQUAL TERMA TERMB LIST FLG)))) (TOGGLE G0364 TERM-EQUAL-PROOF T) (PROVE-LEMMA TERM-EQUAL-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (TERMP TERMA 0 SYMBOLS) (TERMP TERMB 0 SYMBOLS) (LISTP LIST) (FORM-LIST LIST SYMBOLS) (TERM-EQUAL TERMA TERMB LIST 0)) (PROVES (TERM-EQUAL-PROOF TERMA TERMB LIST 0) (F-IMPLIES (LIST-F-AND LIST) (F-EQUAL TERMA TERMB)) GIVEN DEFNS SYMBOLS)) ((USE (TERM-EQUAL-PROOF-PROVES (FLG 0))))) (PROVE-LEMMA TERM-EQUAL-PROOF-PROVES2 (REWRITE) (IMPLIES (AND (TERM-LIST TERMA SYMBOLS) (TERM-LIST TERMB SYMBOLS) (LISTP LIST) (FORM-LIST LIST SYMBOLS) (TERM-EQUAL TERMA TERMB LIST 1) (EQUAL CONCL (DIST-F-IMPLIES (LIST-F-AND LIST) (LIST-F-EQUAL TERMA TERMB)))) (PROVES-LIST (TERM-EQUAL-PROOF TERMA TERMB LIST 1) CONCL GIVEN DEFNS SYMBOLS)) ((USE (TERM-EQUAL-PROOF-PROVES (FLG 1))))) (TOGGLE G0887 TERM-EQUAL-PROOF-PROVES T) ;;;;;;;FORM-EQUAL is used in the equality theorem for formulas. ;;;;;;;It checks that FORMA and FORMB are identical modulo the equalities in LIST. (DEFN FORM-EQUAL (FORMA FORMB LIST) (IF (EQUAL FORMA FORMB) T (IF (AND (F-NOTP FORMA) (F-NOTP FORMB)) (FORM-EQUAL (ARG FORMA) (ARG FORMB) LIST) (IF (AND (F-ORP FORMA) (F-ORP FORMB)) (AND (FORM-EQUAL (ARG1 FORMA) (ARG1 FORMB) LIST) (FORM-EQUAL (ARG2 FORMA) (ARG2 FORMB) LIST)) (IF (AND (FORSOMEP FORMA) (FORSOMEP FORMB)) (AND (EQUAL (BIND FORMA) (BIND FORMB)) (LISTP (ELIM-FREE-TERMS (BIND FORMA) LIST)) (FORM-EQUAL (BODY FORMA) (BODY FORMB) (ELIM-FREE-TERMS (BIND FORMA) LIST))) (IF (AND (LISTP FORMA) (LISTP FORMB)) (AND (EQUAL (CAR FORMA) (CAR FORMB)) (TERM-EQUAL (CDR FORMA) (CDR FORMB) LIST 1)) F)))))) ;;;;;;;FORM-EQUAL-PROOF is the corresponding proof-constructor. (DEFN FORM-EQUAL-PROOF (FORMA FORMB LIST) (IF (EQUAL FORMA FORMB) (ADD-HYP-PROOF (LIST-F-AND LIST) (F-IFF FORMA FORMB) (EQN-FORM-PROOF FORMA FORMB NIL NIL)) (IF (AND (F-NOTP FORMA) (F-NOTP FORMB)) (IMP-IFF-NOT-PROOF (LIST-F-AND LIST) (ARG FORMA) (ARG FORMB) (FORM-EQUAL-PROOF (ARG FORMA) (ARG FORMB) LIST)) (IF (AND (F-ORP FORMA) (F-ORP FORMB)) (IMP-IFF-OR-PROOF (LIST-F-AND LIST) (ARG1 FORMA) (ARG1 FORMB) (ARG2 FORMA) (ARG2 FORMB) (FORM-EQUAL-PROOF (ARG1 FORMA) (ARG1 FORMB) LIST) (FORM-EQUAL-PROOF (ARG2 FORMA) (ARG2 FORMB) LIST)) (IF (AND (FORSOMEP FORMA) (FORSOMEP FORMB)) (CHAIN-PROOF (LIST-F-AND LIST) (F-IFF FORMA FORMB) (LIST (LIST-F-AND (ELIM-FREE-TERMS (BIND FORMA) LIST))) (LIST (SUBSET-LIST-F-AND-PROOF LIST (ELIM-FREE-TERMS (BIND FORMA) LIST)) (IMP-IFF-FORSOME-PROOF (LIST-F-AND (ELIM-FREE-TERMS (BIND FORMA) LIST)) (BODY FORMA) (BODY FORMB) (BIND FORMA) (FORM-EQUAL-PROOF (BODY FORMA) (BODY FORMB) (ELIM-FREE-TERMS (BIND FORMA) LIST))))) (IMP-IFF-IMPLIES-PROOF (LIST-F-AND LIST) FORMA FORMB (ELIM-ARGS-PROOF (LIST-F-AND LIST) (LIST-F-EQUAL (CDR FORMA) (CDR FORMB)) (F-IMPLIES FORMA FORMB) (TERM-EQUAL-PROOF (CDR FORMA) (CDR FORMB) LIST 1) (ADD-HYP-PROOF (LIST-F-AND LIST) (LIST-IMPLIES (LIST-F-EQUAL (CDR FORMA) (CDR FORMB)) (F-IMPLIES FORMA FORMB)) (EQUAL-AXIOM2-PROOF (CAR FORMA) (CDR FORMA) (CDR FORMB)))) (ELIM-ARGS-PROOF (LIST-F-AND LIST) (LIST-F-EQUAL (CDR FORMB) (CDR FORMA)) (F-IMPLIES FORMB FORMA) (DIST-F-IMPLIES-SYMMETRY-PROOF (LIST-F-AND LIST) (CDR FORMA) (CDR FORMB) (TERM-EQUAL-PROOF (CDR FORMA) (CDR FORMB) LIST 1)) (ADD-HYP-PROOF (LIST-F-AND LIST) (LIST-IMPLIES (LIST-F-EQUAL (CDR FORMB) (CDR FORMA)) (F-IMPLIES FORMB FORMA)) (EQUAL-AXIOM2-PROOF (CAR FORMA) (CDR FORMB) (CDR FORMA)))))))))) (PROVE-LEMMA FORM-LIST-ELIM-FREE-TERMS (REWRITE) (IMPLIES (FORM-LIST LIST SYMBOLS) (FORM-LIST (ELIM-FREE-TERMS X LIST) SYMBOLS))) ;;;;;;;The equality theorem for formulas: If "A" is identical to "B" modulo ;;;;;;;the equalities "x1=y1", ..., "xn=yn", etc., then it is provable that ;;;;;;; "((x1=y1) ^ ... ^ (xn=yn)) -> (A <-> B)". (PROVE-LEMMA FORM-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA FORMA SYMBOLS) (FORMULA FORMB SYMBOLS) (FORM-EQUAL FORMA FORMB LIST) (LISTP LIST) (FORM-LIST LIST SYMBOLS)) (PROVES (FORM-EQUAL-PROOF FORMA FORMB LIST) (F-IMPLIES (LIST-F-AND LIST) (F-IFF FORMA FORMB)) GIVEN DEFNS SYMBOLS)) ((INDUCT (FORM-EQUAL FORMA FORMB LIST)) (DISABLE LIST-IMPLIES-REDUC))) (TOGGLE G0893 FORM-EQUAL-PROOF T) (PROVE-LEMMA GET-LIST-F-EQUAL (REWRITE) (IMPLIES (NOT (EQUAL EXP (GETPF EXP VARS TERMS))) (MEMBER (F-EQUAL EXP (GETPF EXP VARS TERMS)) (LIST-F-EQUAL VARS TERMS)))) (PROVE-LEMMA GETSUB-GETPF (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (GETSUB X Y Z) (GETPF X Y Z)))) (PROVE-LEMMA TERM-EQUAL-PARALLEL-SUBST (REWRITE) (IMPLIES (TERMP EXP FLG SYMBOLS) (TERM-EQUAL EXP (PARALLEL-SUBST EXP VARS TERMS FLG) (LIST-F-EQUAL VARS TERMS) FLG))) (PROVE-LEMMA DELETE-DELETE (REWRITE) (EQUAL (DEL X (DEL Y Z)) (DEL Y (DEL X Z)))) (PROVE-LEMMA DEL-PAIRS-DEL-PAIRS (REWRITE) (EQUAL (DEL-PAIRS X (DEL Y VARS) (DEL-PAIRS Y VARS TERMS)) (DEL-PAIRS Y (DEL X VARS) (DEL-PAIRS X VARS TERMS)))) (PROVE-LEMMA NOT-FREE-DEL-PAIRS-PARALLEL-SUBST (REWRITE) (IMPLIES (NOT (MEMBER X (COLLECT-FREE EXP FLG))) (EQUAL (PARALLEL-SUBST EXP (DEL X VARS) (DEL-PAIRS X VARS TERMS) FLG) (PARALLEL-SUBST EXP VARS TERMS FLG)))) (TOGGLE G0894 F-EQUAL NIL) (PROVE-LEMMA COLLECT-FREE-F-EQUAL (REWRITE) (EQUAL (MEMBER X (COLLECT-FREE (F-EQUAL Y Z) 0)) (OR (MEMBER X (COLLECT-FREE Y 0)) (MEMBER X (COLLECT-FREE Z 0))))) (TOGGLE G0895 F-EQUAL T) (PROVE-LEMMA DEL-PAIRS-ELIM-FREE (REWRITE) (IMPLIES (AND (VARIABLE X) (VAR-LIST VARS (LENGTH VARS)) (NOT (MEMBER X (COLLECT-FREE TERMS 1)))) (EQUAL (LIST-F-EQUAL (DEL X VARS) (DEL-PAIRS X VARS TERMS)) (ELIM-FREE-TERMS X (LIST-F-EQUAL VARS TERMS)))) ((INDUCT (DEL-PAIRS X VARS TERMS)))) (PROVE-LEMMA VAR-LIST-DEL (REWRITE) (IMPLIES (VAR-LIST VARS (LENGTH VARS)) (VAR-LIST (DEL X VARS) (LENGTH (DEL X VARS))))) (PROVE-LEMMA APPEND-NIL-ONE (REWRITE) (IMPLIES (NOT (EQUAL Y NIL)) (NOT (EQUAL (APPEND X Y) NIL)))) (PROVE-LEMMA APPEND-NIL-TWO (REWRITE) (IMPLIES (NOT (EQUAL (APPEND X NIL) NIL)) (NOT (EQUAL (APPEND X Y) NIL)))) (PROVE-LEMMA DEL-PAIRS-COLLECT-FREE (REWRITE) (IMPLIES (EQUAL (COLLECT-FREE TERMS 1) NIL) (EQUAL (COLLECT-FREE (DEL-PAIRS X VARS TERMS) 1) NIL)) ((INDUCT (DEL-PAIRS X VARS TERMS)))) (PROVE-LEMMA NLISTP-TERM-EQUAL (REWRITE) (IMPLIES (AND (NOT (EQUAL X Y)) (NLISTP LIST)) (NOT (TERM-EQUAL X Y LIST FLG)))) (PROVE-LEMMA NLISTP-FORM-EQUAL (REWRITE) (IMPLIES (AND (NOT (EQUAL X Y)) (NLISTP LIST)) (NOT (FORM-EQUAL X Y LIST)))) (PROVE-LEMMA FORM-EQUAL-PARALLEL-SUBST (REWRITE) (IMPLIES (AND (VAR-LIST VARS (LENGTH VARS)) (FORMULA EXP SYMBOLS) (EQUAL (COLLECT-FREE TERMS 1) NIL)) (FORM-EQUAL EXP (PARALLEL-SUBST EXP VARS TERMS 0) (LIST-F-EQUAL VARS TERMS)))) (PROVE-LEMMA TERM-EQUAL-SUBST (REWRITE) (IMPLIES (AND (VARIABLE VAR) (TERMP EXP FLG SYMBOLS)) (TERM-EQUAL EXP (SUBST EXP VAR TERM FLG) (LIST (F-EQUAL VAR TERM)) FLG))) (PROVE-LEMMA FORM-EQUAL-SUBST (REWRITE) (IMPLIES (AND (VARIABLE VAR) (FORMULA EXP SYMBOLS) (FREE-FOR EXP VAR TERM 0)) (FORM-EQUAL EXP (SUBST EXP VAR TERM 0) (LIST (F-EQUAL VAR TERM))))) (PROVE-LEMMA SYMB-EQUALS (REWRITE) (EQUAL (SYMB SYM SYMBOLS) (OR (MEMB SYM SYMBOLS) (EQUAL SYM (P 0 2))))) (PROVE-LEMMA INDEX-NOT-EQUAL (REWRITE) (IMPLIES (AND (NUMBERP X) (NOT (EQUAL X 0))) (NOT (EQUAL (P X Y) (P 0 2)))) ((ENABLE P))) (PROVE-LEMMA FN-P-NOT-EQUAL (REWRITE) (NOT (EQUAL (FN X Y) (P 0 2))) ((ENABLE FN P))) (PROVE-LEMMA MEMB-FN (REWRITE) (EQUAL (MEMB (FN X Y) SYMBOLS) (MEMBER (FN X Y) SYMBOLS)) ((ENABLE FN))) (PROVE-LEMMA MEMB-P (REWRITE) (EQUAL (MEMB (P X Y) SYMBOLS) (MEMBER (P X Y) SYMBOLS)) ((ENABLE P))) ;;;;;;;The next section contains results that follow from the Z2 set axioms. (PROVE-LEMMA FORMULA-ISIN (REWRITE) (EQUAL (FORMULA (ISIN X Y) SYMBOLS) (AND (MEMB (P 1 2) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS))) ((DISABLE SYMB))) (PROVE-LEMMA EQUAL-AXIOM2-ISIN (REWRITE) (IMPLIES (AND (TERMP (LIST X Y U V) 1 SYMBOLS) (MEMBER (P 1 2) SYMBOLS)) (PROVES (EQUAL-AXIOM2-PROOF (P 1 2) (LIST X Y) (LIST U V)) (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL Y V) (F-IMPLIES (ISIN X Y) (ISIN U V)))) GIVEN DEFNS SYMBOLS)) ((DISABLE PAIREQUALS-REDUC))) (PROVE-LEMMA COLLECT-FREE-ISIN (REWRITE) (EQUAL (COLLECT-FREE (ISIN Y Z) 0) (COLLECT-FREE (LIST Y Z) 1))) (PROVE-LEMMA COVERING-ISIN (REWRITE) (EQUAL (COVERING (ISIN X Y) Z 0) (COVERING (LIST X Y) Z 1))) (PROVE-LEMMA SUBST-ISIN (REWRITE) (EQUAL (SUBST (ISIN X Y) VAR TERM 0) (ISIN (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-ISIN (REWRITE) (EQUAL (PARALLEL-SUBST (ISIN X Y) VARS TERMS 0) (ISIN (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0)))) (TOGGLE G0381 ISIN T) (DEFN MK-BND (LIST N) (PLUS (ADD1 N) (FIND-HI-INDEX (COLLECT-FREE LIST 1)))) (PROVE-LEMMA LESSP-MK-BND (REWRITE) (LESSP (FIND-HI-INDEX (COLLECT-FREE LIST 1)) (MK-BND LIST N))) (PROVE-LEMMA MK-BND-NEQUAL (REWRITE) (IMPLIES (NOT (EQUAL (FIX M) (FIX N))) (NOT (EQUAL (MK-BND LIST M) (MK-BND LIST N))))) (TOGGLE G0612 MK-BND T) (PROVE-LEMMA MK-BND-NOT-FREE1 (REWRITE) (NOT (MEMBER (MK-BND (LIST X) N) (COLLECT-FREE X 0))) ((USE (NOT-MEMBER-VARLIST (VAR (MK-BND (LIST X) N)) (VARLIST (COLLECT-FREE (LIST X) 1)))) (DISABLE NOT-MEMBER-VARLIST))) (PROVE-LEMMA MK-BND-NOT-FREE2 (REWRITE) (AND (NOT (MEMBER (MK-BND (LIST X Y) N) (COLLECT-FREE X 0))) (NOT (MEMBER (MK-BND (LIST X Y) N) (COLLECT-FREE Y 0)))) ((USE (NOT-MEMBER-VARLIST (VAR (MK-BND (LIST X Y) N)) (VARLIST (COLLECT-FREE (LIST X Y) 1)))) (DISABLE NOT-MEMBER-VARLIST))) (PROVE-LEMMA MK-BND-NOT-FREE3 (REWRITE) (AND (NOT (MEMBER (MK-BND (LIST X Y Z) N) (COLLECT-FREE X 0))) (NOT (MEMBER (MK-BND (LIST X Y Z) N) (COLLECT-FREE Y 0))) (NOT (MEMBER (MK-BND (LIST X Y Z) N) (COLLECT-FREE Z 0)))) ((USE (NOT-MEMBER-VARLIST (VAR (MK-BND (LIST X Y Z) N)) (VARLIST (COLLECT-FREE (LIST X Y Z) 1)))) (DISABLE NOT-MEMBER-VARLIST))) ;;;;;;;The next few rules are usable versions of the set-theory axioms. (DEFN EXT-AXIOM-EQ-ELIM1-PROOF (TERMA TERMB TERMC PF) (TAUTCONSEQ-PROOF (LIST (EXT-AXIOM (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (F-IMPLIES (FORALL (MK-BND (LIST TERMA TERMB) 0) (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB))) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) (ISIN TERMC TERMA)) (F-IMPLIES (F-EQUAL TERMA TERMB) (ISIN TERMC TERMB)) (LIST (EXT-AXIOM-PROOF (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (SUBST-THM-B-PROOF (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB)) (LIST (MK-BND (LIST TERMA TERMB) 0)) (LIST TERMC)) PF))) (PROVE-LEMMA NIL-INTERSECT-DEL (REWRITE) (IMPLIES (NIL-INTERSECT X (DEL Y Z)) (NIL-INTERSECT (DEL Y X) Z))) (PROVE-LEMMA NOT-FREE-PARALLEL-SUBST (REWRITE) (IMPLIES (NIL-INTERSECT VARS (COLLECT-FREE EXP FLG)) (EQUAL (PARALLEL-SUBST EXP VARS TERMS FLG) EXP))) (PROVE-LEMMA PARALLEL-SUBST-F-IFF (REWRITE) (EQUAL (PARALLEL-SUBST (F-IFF X Y) VARS TERMS 0) (F-IFF (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0))) ((ENABLE F-IFF))) ;;;;;;;One case of the extensionality axiom: "(c in a)"|- "(a=b)->(c in b)". (PROVE-LEMMA EXT-AXIOM-EQ-ELIM1 (REWRITE) (IMPLIES (AND (TERMP TERMB 0 SYMBOLS) (MEMBER (P 1 2) SYMBOLS) (PROVES PF (ISIN TERMC TERMA) GIVEN DEFNS SYMBOLS)) (PROVES (EXT-AXIOM-EQ-ELIM1-PROOF TERMA TERMB TERMC PF) (F-IMPLIES (F-EQUAL TERMA TERMB) (ISIN TERMC TERMB)) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (PROVES-IS-FORMULA (EXP (ISIN TERMC TERMA))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (EXT-AXIOM (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (F-IMPLIES (FORALL (MK-BND (LIST TERMA TERMB) 0) (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB))) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) (ISIN TERMC TERMA))) (EXP (F-IMPLIES (F-EQUAL TERMA TERMB) (ISIN TERMC TERMB))) (PFLIST (LIST (EXT-AXIOM-PROOF (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (SUBST-THM-B-PROOF (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB)) (LIST (MK-BND (LIST TERMA TERMB) 0)) (LIST TERMC)) PF)))))) (DEFN EXT-AXIOM-EQ-ELIM2-PROOF (TERMA TERMB TERMC PF) (TAUTCONSEQ-PROOF (LIST (EXT-AXIOM (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (F-IMPLIES (FORALL (MK-BND (LIST TERMA TERMB) 0) (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB))) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) (ISIN TERMC TERMB)) (F-IMPLIES (F-EQUAL TERMA TERMB) (ISIN TERMC TERMA)) (LIST (EXT-AXIOM-PROOF (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (SUBST-THM-B-PROOF (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB)) (LIST (MK-BND (LIST TERMA TERMB) 0)) (LIST TERMC)) PF))) ;;;;;;;Second case of the extensionality axiom: "(c in b)" |- "(a=b)->(c in a)". (PROVE-LEMMA EXT-AXIOM-EQ-ELIM2 (REWRITE) (IMPLIES (AND (TERMP TERMA 0 SYMBOLS) (MEMBER (P 1 2) SYMBOLS) (PROVES PF (ISIN TERMC TERMB) GIVEN DEFNS SYMBOLS)) (PROVES (EXT-AXIOM-EQ-ELIM2-PROOF TERMA TERMB TERMC PF) (F-IMPLIES (F-EQUAL TERMA TERMB) (ISIN TERMC TERMA)) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (PROVES-IS-FORMULA (EXP (ISIN TERMC TERMB))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (EXT-AXIOM (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (F-IMPLIES (FORALL (MK-BND (LIST TERMA TERMB) 0) (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB))) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) (ISIN TERMC TERMB))) (EXP (F-IMPLIES (F-EQUAL TERMA TERMB) (ISIN TERMC TERMA))) (PFLIST (LIST (EXT-AXIOM-PROOF (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB) (SUBST-THM-B-PROOF (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB)) (LIST (MK-BND (LIST TERMA TERMB) 0)) (LIST TERMC)) PF)))))) (TOGGLE G0631 EXT-AXIOM-EQ-ELIM1-PROOF T) (TOGGLE G0632 EXT-AXIOM-EQ-ELIM2-PROOF T) (TOGGLE G0633 F-IFF-MP-PROOF2 T) (DEFN EXT-AXIOM-EQ-INTRO-PROOF (X TERMA TERMB PF) (F-IFF-MP-PROOF2 (F-EQUAL TERMA TERMB) (FORALL X (F-IFF (ISIN X TERMA) (ISIN X TERMB))) (EXT-AXIOM-PROOF X TERMA TERMB) (GENERALISE-PROOF X (F-IFF (ISIN X TERMA) (ISIN X TERMB)) PF))) ;;;;;;;Third case of ext. axiom: "(x in a) <-> (x in b)" |- "(a=b)". (PROVE-LEMMA EXT-AXIOM-EQL-INTRO (REWRITE) (IMPLIES (AND (VARIABLE X) (NOT (MEMBER X (COLLECT-FREE (LIST TERMA TERMB) 1))) (PROVES PF (F-IFF (ISIN X TERMA) (ISIN X TERMB)) GIVEN DEFNS SYMBOLS)) (PROVES (EXT-AXIOM-EQ-INTRO-PROOF X TERMA TERMB PF) (F-EQUAL TERMA TERMB) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IFF (ISIN X TERMA) (ISIN X TERMB))))))) (TOGGLE G0634 EXT-AXIOM-EQ-INTRO-PROOF T) (PROVE-LEMMA SYMB-REDUC (REWRITE) (IMPLIES (MEMBER SYM SYMBOLS) (SYMB SYM SYMBOLS))) (TOGGLE G0635 SYMB T) (PROVE-LEMMA EQUAL-AXIOM1-Z-PAIR (REWRITE) (IMPLIES (AND (TERMP (LIST X Y U V) 1 SYMBOLS) (MEMBER (FN 1 2) SYMBOLS)) (PROVES (EQUAL-AXIOM1-PROOF (FN 1 2) (LIST X Y) (LIST U V)) (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL Y V) (F-EQUAL (Z-PAIR X Y) (Z-PAIR U V)))) GIVEN DEFNS SYMBOLS)) ((DISABLE PAIREQUALS-REDUC))) (PROVE-LEMMA EQUAL-AXIOM1-Z-UNION (REWRITE) (IMPLIES (AND (TERMP (LIST X Y U V) 1 SYMBOLS) (MEMBER (FN 2 2) SYMBOLS)) (PROVES (EQUAL-AXIOM1-PROOF (FN 2 2) (LIST X Y) (LIST U V)) (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL Y V) (F-EQUAL (Z-UNION X Y) (Z-UNION U V)))) GIVEN DEFNS SYMBOLS)) ((DISABLE PAIREQUALS-REDUC))) (PROVE-LEMMA COLLECT-FREE-Z-PAIR (REWRITE) (EQUAL (COLLECT-FREE (Z-PAIR Y Z) 0) (COLLECT-FREE (LIST Y Z) 1))) (PROVE-LEMMA COVERING-Z-PAIR (REWRITE) (EQUAL (COVERING (Z-PAIR X Y) VAR 0) (COVERING (LIST X Y) VAR 1))) (PROVE-LEMMA SUBST-Z-PAIR (REWRITE) (EQUAL (SUBST (Z-PAIR X Y) VAR TERM 0) (Z-PAIR (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-PAIR (REWRITE) (EQUAL (PARALLEL-SUBST (Z-PAIR X Y) VARS TERMS 0) (Z-PAIR (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0)))) (PROVE-LEMMA TERMP-Z-PAIR (REWRITE) (EQUAL (TERMP (Z-PAIR X Y) 0 SYMBOLS) (AND (MEMBER (FN 1 2) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS)))) (PROVE-LEMMA TERM-EQUAL-Z-PAIR (REWRITE) (IMPLIES (AND (TERM-EQUAL X U LIST 0) (TERM-EQUAL Y V LIST 0)) (TERM-EQUAL (Z-PAIR X Y) (Z-PAIR U V) LIST 0))) (PROVE-LEMMA TERM-EQUAL-Z-UNION (REWRITE) (IMPLIES (AND (TERM-EQUAL X U LIST 0) (TERM-EQUAL Y V LIST 0)) (TERM-EQUAL (Z-UNION X Y) (Z-UNION U V) LIST 0))) (TOGGLE G0387 Z-PAIR T) (PROVE-LEMMA TERMP-Z-UNION (REWRITE) (EQUAL (TERMP (Z-UNION X Y) 0 SYMBOLS) (AND (MEMBER (FN 2 2) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS)))) (PROVE-LEMMA COLLECT-FREE-Z-UNION (REWRITE) (EQUAL (COLLECT-FREE (Z-UNION Y Z) 0) (COLLECT-FREE (LIST Y Z) 1))) (PROVE-LEMMA COVERING-Z-UNION (REWRITE) (EQUAL (COVERING (Z-UNION X Y) VAR 0) (COVERING (LIST X Y) VAR 1))) (PROVE-LEMMA SUBST-Z-UNION (REWRITE) (EQUAL (SUBST (Z-UNION X Y) VAR TERM 0) (Z-UNION (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-UNION (REWRITE) (EQUAL (PARALLEL-SUBST (Z-UNION X Y) VARS TERMS 0) (Z-UNION (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0)))) (TOGGLE G0388 Z-UNION T) (DEFN Z-PAIR-ELIM-PROOF (X TERMA TERMB EXP PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IFF (ISIN X (Z-PAIR TERMA TERMB)) (F-OR (F-EQUAL X TERMA) (F-EQUAL X TERMB))) (F-IMPLIES (F-EQUAL X TERMA) EXP) (F-IMPLIES (F-EQUAL X TERMB) EXP)) (F-IMPLIES (ISIN X (Z-PAIR TERMA TERMB)) EXP) (LIST (PAIR-AXIOM-PROOF X TERMA TERMB) PF1 PF2))) ;;;;;;;Pair-elimination: if |-"(x = a)->exp" and |-"(x=b)->exp", ;;;;;;;then |-"(x in {a,b}) -> exp". (PROVE-LEMMA Z-PAIR-ELIM (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS) (PROVES PF1 (F-IMPLIES (F-EQUAL X TERMA) EXP) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (F-EQUAL X TERMB) EXP) GIVEN DEFNS SYMBOLS)) (PROVES (Z-PAIR-ELIM-PROOF X TERMA TERMB EXP PF1 PF2) (F-IMPLIES (ISIN X (Z-PAIR TERMA TERMB)) EXP) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (F-EQUAL X TERMA) EXP))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES (F-EQUAL X TERMB) EXP))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IFF (ISIN X (Z-PAIR TERMA TERMB)) (F-OR (F-EQUAL X TERMA) (F-EQUAL X TERMB))) (F-IMPLIES (F-EQUAL X TERMA) EXP) (F-IMPLIES (F-EQUAL X TERMB) EXP))) (EXP (F-IMPLIES (ISIN X (Z-PAIR TERMA TERMB)) EXP)) (PFLIST (LIST (PAIR-AXIOM-PROOF X TERMA TERMB) PF1 PF2)))))) (TOGGLE G0643 Z-PAIR-ELIM-PROOF T) (DEFN ISIN-PAIR1-PROOF (TERMA TERMB) (F-IFF-MP-PROOF2 (ISIN TERMA (Z-PAIR TERMA TERMB)) (F-OR (F-EQUAL TERMA TERMA) (F-EQUAL TERMA TERMB)) (PAIR-AXIOM-PROOF TERMA TERMA TERMB) (RT-EXPAN-PROOF (F-EQUAL TERMA TERMA) (F-EQUAL TERMA TERMB) (IDENT-AXIOM-PROOF TERMA)))) ;;;;;;; |-"(x in {x, y})". (PROVE-LEMMA ISIN-PAIR1-PROOF-PROVES (REWRITE) (IMPLIES (FORMULA (ISIN TERMA (Z-PAIR TERMA TERMB)) SYMBOLS) (PROVES (ISIN-PAIR1-PROOF TERMA TERMB) (ISIN TERMA (Z-PAIR TERMA TERMB)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0391 ISIN-PAIR1-PROOF T) (DEFN ISIN-PAIR2-PROOF (TERMA TERMB) (F-IFF-MP-PROOF2 (ISIN TERMB (Z-PAIR TERMA TERMB)) (F-OR (F-EQUAL TERMB TERMA) (F-EQUAL TERMB TERMB)) (PAIR-AXIOM-PROOF TERMB TERMA TERMB) (EXPAN-PROOF (F-EQUAL TERMB TERMA) (F-EQUAL TERMB TERMB) (IDENT-AXIOM-PROOF TERMB)))) ;;;;;;; |- "(y in {x,y})". (PROVE-LEMMA ISIN-PAIR2-PROOF-PROVES (REWRITE) (IMPLIES (FORMULA (ISIN TERMB (Z-PAIR TERMA TERMB)) SYMBOLS) (PROVES (ISIN-PAIR2-PROOF TERMA TERMB) (ISIN TERMB (Z-PAIR TERMA TERMB)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0392 ISIN-PAIR2-PROOF T) (DEFN Z-SING (X) (Z-PAIR X X)) (DEFN ISIN-SING-PROOF (X Y) (CHAIN-IFF-PROOF (ISIN Y (Z-SING X)) (F-EQUAL Y X) (LIST (F-OR (F-EQUAL Y X) (F-EQUAL Y X))) (LIST (PAIR-AXIOM-PROOF Y X X) (TAUTCONSEQ-PROOF NIL (F-IFF (F-OR (F-EQUAL Y X) (F-EQUAL Y X)) (F-EQUAL Y X)) NIL)))) ;;;;;;; |- "(y in {x}) <-> (y=x)". (PROVE-LEMMA ISIN-SING (REWRITE) (IMPLIES (FORMULA (F-IFF (ISIN Y (Z-SING X)) (F-EQUAL Y X)) SYMBOLS) (PROVES (ISIN-SING-PROOF X Y) (F-IFF (ISIN Y (Z-SING X)) (F-EQUAL Y X)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0913 ISIN-SING-PROOF T) (PROVE-LEMMA TERMP-Z-SING (REWRITE) (EQUAL (TERMP (Z-SING X) 0 SYMBOLS) (AND (MEMBER (FN 1 2) SYMBOLS) (TERMP X 0 SYMBOLS)))) (PROVE-LEMMA COLLECT-FREE-Z-SING (REWRITE) (EQUAL (COLLECT-FREE (Z-SING Y) 0) (COLLECT-FREE (LIST Y Y) 1))) (PROVE-LEMMA COVERING-Z-SING (REWRITE) (EQUAL (COVERING (Z-SING X) VAR 0) (COVERING (LIST X X) VAR 1))) (PROVE-LEMMA SUBST-Z-SING (REWRITE) (EQUAL (SUBST (Z-SING X) VAR TERM 0) (Z-SING (SUBST X VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-SING (REWRITE) (EQUAL (PARALLEL-SUBST (Z-SING X) VARS TERMS 0) (Z-SING (PARALLEL-SUBST X VARS TERMS 0)))) (PROVE-LEMMA TERM-EQUAL-Z-SING (REWRITE) (IMPLIES (TERM-EQUAL X Y LIST 0) (TERM-EQUAL (Z-SING X) (Z-SING Y) LIST 0))) (TOGGLE G0389 Z-SING T) (DEFN ISIN-SING1-PROOF (X) (F-IFF-MP-PROOF2 (ISIN X (Z-SING X)) (F-EQUAL X X) (ISIN-SING-PROOF X X) (IDENT-AXIOM-PROOF X))) ;;;;;;; |- "(x in {x})". (PROVE-LEMMA ISIN-SING1-PROOF-PROVES (REWRITE) (IMPLIES (FORMULA (ISIN TERM (Z-SING TERM)) SYMBOLS) (PROVES (ISIN-SING1-PROOF TERM) (ISIN TERM (Z-SING TERM)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0393 ISIN-SING1-PROOF T) (DEFN DEL-FORSOME-PROOF (X EXP) (IFF-JOIN-PROOF (FORSOME X EXP) EXP (FORSOME-INTRO-PROOF X EXP EXP (PROP-AXIOM-PROOF EXP)) (SUBST-THM-A-PROOF EXP (LIST X) (LIST X)))) ;;;;;;; If "x" not free in "exp", then |- "(forsome x exp) <-> exp". (PROVE-LEMMA DEL-FORSOME-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA EXP SYMBOLS) (NOT (MEMBER X (COLLECT-FREE EXP 0)))) (PROVES (DEL-FORSOME-PROOF X EXP) (F-IFF (FORSOME X EXP) EXP) GIVEN DEFNS SYMBOLS))) (TOGGLE G0597 DEL-FORSOME-PROOF T) (DEFN DEL-FORALL-PROOF (X EXP) (IFF-JOIN-PROOF (FORALL X EXP) EXP (SUBST-THM-B-PROOF EXP (LIST X) (LIST X)) (FORALL-INTRO-PROOF EXP EXP X (PROP-AXIOM-PROOF EXP)))) ;;;;;;; If "x" not free in "exp", then |- "(forall x exp) <-> exp". (PROVE-LEMMA DEL-FORALL-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA EXP SYMBOLS) (NOT (MEMBER X (COLLECT-FREE EXP 0)))) (PROVES (DEL-FORALL-PROOF X EXP) (F-IFF (FORALL X EXP) EXP) GIVEN DEFNS SYMBOLS))) (TOGGLE G0599 DEL-FORALL-PROOF T) (DEFN SING-SING-EQUAL-PROOF (X Y) (CHAIN-PROOF (F-EQUAL (Z-SING X) (Z-SING Y)) (F-EQUAL X Y) (LIST (ISIN X (Z-SING Y))) (LIST (EXT-AXIOM-EQ-ELIM1-PROOF (Z-SING X) (Z-SING Y) X (ISIN-SING1-PROOF X)) (IFF-SPLIT-PROOF1 (ISIN X (Z-SING Y)) (F-EQUAL X Y) (ISIN-SING-PROOF Y X))))) ;;;;;;; |- "({x}={y}) -> (x=y)". (PROVE-LEMMA SING-SING-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (SING-SING-EQUAL-PROOF X Y) (F-IMPLIES (F-EQUAL (Z-SING X) (Z-SING Y)) (F-EQUAL X Y)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0652 SING-SING-EQUAL-PROOF T) (DEFN SING-PAIR-EQUAL-PROOF1 (X U V) (CHAIN-PROOF (F-EQUAL (Z-SING X) (Z-PAIR U V)) (F-EQUAL X U) (LIST (ISIN U (Z-SING X)) (F-EQUAL U X)) (LIST (EXT-AXIOM-EQ-ELIM2-PROOF (Z-SING X) (Z-PAIR U V) U (ISIN-PAIR1-PROOF U V)) (IFF-SPLIT-PROOF1 (ISIN U (Z-SING X)) (F-EQUAL U X) (ISIN-SING-PROOF X U)) (SYMMETRY-PROOF1 U X)))) ;;;;;;; |- "({x}={u,v}) -> (x=u)". (PROVE-LEMMA SING-PAIR-EQUAL-PROOF1-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X U V) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (SING-PAIR-EQUAL-PROOF1 X U V) (F-IMPLIES (F-EQUAL (Z-SING X) (Z-PAIR U V)) (F-EQUAL X U)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0653 SING-PAIR-EQUAL-PROOF1 T) (DEFN SING-PAIR-EQUAL-PROOF2 (X U V) (CHAIN-PROOF (F-EQUAL (Z-SING X) (Z-PAIR U V)) (F-EQUAL X V) (LIST (ISIN V (Z-SING X)) (F-EQUAL V X)) (LIST (EXT-AXIOM-EQ-ELIM2-PROOF (Z-SING X) (Z-PAIR U V) V (ISIN-PAIR2-PROOF U V)) (IFF-SPLIT-PROOF1 (ISIN V (Z-SING X)) (F-EQUAL V X) (ISIN-SING-PROOF X V)) (SYMMETRY-PROOF1 V X)))) ;;;;;;; |-"({x}={u,v}) -> (x=v)". (PROVE-LEMMA SING-PAIR-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X U V) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (SING-PAIR-EQUAL-PROOF2 X U V) (F-IMPLIES (F-EQUAL (Z-SING X) (Z-PAIR U V)) (F-EQUAL X V)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0654 SING-PAIR-EQUAL-PROOF2 T) (DEFN Z-OPAIR (X Y) (Z-PAIR (Z-SING X) (Z-PAIR X Y))) (PROVE-LEMMA TERMP-Z-OPAIR (REWRITE) (EQUAL (TERMP (Z-OPAIR X Y) 0 SYMBOLS) (AND (MEMBER (FN 1 2) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS)))) (PROVE-LEMMA TERM-EQUAL-Z-OPAIR (REWRITE) (IMPLIES (AND (MEMBER (F-EQUAL X U) LIST) (MEMBER (F-EQUAL Y V) LIST)) (TERM-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V) LIST 0))) (DEFN Z-CAR-UNIQUE-PROOF (X Y U V) (CHAIN-PROOF (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V)) (F-EQUAL X U) (LIST (ISIN (Z-SING X) (Z-OPAIR U V))) (LIST (EXT-AXIOM-EQ-ELIM1-PROOF (Z-OPAIR X Y) (Z-OPAIR U V) (Z-SING X) (ISIN-PAIR1-PROOF (Z-SING X) (Z-PAIR X Y))) (Z-PAIR-ELIM-PROOF (Z-SING X) (Z-SING U) (Z-PAIR U V) (F-EQUAL X U) (SING-SING-EQUAL-PROOF X U) (SING-PAIR-EQUAL-PROOF1 X U V))))) ;;;;;;; |- "(=)-> (x=u)". (PROVE-LEMMA Z-CAR-UNIQUE-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y U V) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CAR-UNIQUE-PROOF X Y U V) (F-IMPLIES (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V)) (F-EQUAL X U)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0656 Z-CAR-UNIQUE-PROOF T) (DEFN Z-CDR-UNIQUE-STEP-PROOF (X Y U V) (CHAIN-PROOF (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V)) (F-OR (F-EQUAL Y U) (F-EQUAL Y V)) (LIST (ISIN (Z-PAIR X Y) (Z-OPAIR U V))) (LIST (EXT-AXIOM-EQ-ELIM1-PROOF (Z-OPAIR X Y) (Z-OPAIR U V) (Z-PAIR X Y) (ISIN-PAIR2-PROOF (Z-SING X) (Z-PAIR X Y))) (Z-PAIR-ELIM-PROOF (Z-PAIR X Y) (Z-SING U) (Z-PAIR U V) (F-OR (F-EQUAL Y U) (F-EQUAL Y V)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-PAIR X Y) (Z-SING U)) (F-EQUAL Y U))) (F-IMPLIES (F-EQUAL (Z-PAIR X Y) (Z-SING U)) (F-OR (F-EQUAL Y U) (F-EQUAL Y V))) (LIST (CHAIN-PROOF (F-EQUAL (Z-PAIR X Y) (Z-SING U)) (F-EQUAL Y U) (LIST (F-EQUAL (Z-SING U) (Z-PAIR X Y)) (F-EQUAL U Y)) (LIST (SYMMETRY-PROOF1 (Z-PAIR X Y) (Z-SING U)) (SING-PAIR-EQUAL-PROOF2 U X Y) (SYMMETRY-PROOF1 U Y))))) (CHAIN-PROOF (F-EQUAL (Z-PAIR X Y) (Z-PAIR U V)) (F-OR (F-EQUAL Y U) (F-EQUAL Y V)) (LIST (ISIN Y (Z-PAIR U V))) (LIST (EXT-AXIOM-EQ-ELIM1-PROOF (Z-PAIR X Y) (Z-PAIR U V) Y (ISIN-PAIR2-PROOF X Y)) (IFF-SPLIT-PROOF1 (ISIN Y (Z-PAIR U V)) (F-OR (F-EQUAL Y U) (F-EQUAL Y V)) (PAIR-AXIOM-PROOF Y U V)))))))) ;;;;;;; |- "(=) -> ((y=u) v (y=v))". (PROVE-LEMMA Z-CDR-UNIQUE-STEP (REWRITE) (IMPLIES (AND (TERMP (LIST X Y U V) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CDR-UNIQUE-STEP-PROOF X Y U V) (F-IMPLIES (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V)) (F-OR (F-EQUAL Y U) (F-EQUAL Y V))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0657 Z-CDR-UNIQUE-STEP-PROOF T) (DEFN TRANS-EQUAL-PROOF1 (X Y Z) (TAUTCONSEQ-PROOF (LIST (LIST-IMPLIES (LIST (F-EQUAL Y X) (F-EQUAL Z Z) (F-EQUAL Y Z)) (F-EQUAL X Z)) (F-EQUAL Z Z)) (LIST-IMPLIES (LIST (F-EQUAL Y X) (F-EQUAL Y Z)) (F-EQUAL X Z)) (LIST (EQUAL-AXIOM2-PROOF (P 0 2) (LIST Y Z) (LIST X Z)) (IDENT-AXIOM-PROOF Z)))) ;;;;;;; |-"(y = x) -> ((y = z) -> (x = z))". (PROVE-LEMMA TRANS-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP Z 0 SYMBOLS)) (PROVES (TRANS-EQUAL-PROOF1 X Y Z) (F-IMPLIES (F-EQUAL Y X) (F-IMPLIES (F-EQUAL Y Z) (F-EQUAL X Z))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0362 TRANS-EQUAL-PROOF1 T) (PROVE-LEMMA TERMP-COVERING (REWRITE) (IMPLIES (TERMP EXP FLG SYMBOLS) (EQUAL (COVERING EXP VAR FLG) NIL))) (PROVE-LEMMA ATOMP-COVERING (REWRITE) (IMPLIES (ATOMP EXP SYMBOLS) (EQUAL (COVERING EXP VAR 0) NIL))) (PROVE-LEMMA COLLECT-FREE-Z-OPAIR (REWRITE) (EQUAL (COLLECT-FREE (Z-OPAIR Y Z) 0) (COLLECT-FREE (LIST (Z-SING Y) (Z-PAIR Y Z)) 1))) (TOGGLE G0366 Z-OPAIR T) (DEFN TRANS-EQUAL-PROOF2 (X Y Z) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X Y) (F-EQUAL Y X)) (F-IMPLIES (F-EQUAL Z Y) (F-EQUAL Y Z)) (F-IMPLIES (F-EQUAL Y X) (F-IMPLIES (F-EQUAL Y Z) (F-EQUAL X Z)))) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL Z Y) (F-EQUAL X Z))) (LIST (SYMMETRY-PROOF1 X Y) (SYMMETRY-PROOF1 Z Y) (TRANS-EQUAL-PROOF1 X Y Z)))) ;;;;;;; |- "(x = y) -> ((z = y) -> (x = z))". (PROVE-LEMMA TRANS-EQUAL-PROOF2-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP Z 0 SYMBOLS)) (PROVES (TRANS-EQUAL-PROOF2 X Y Z) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL Z Y) (F-EQUAL X Z))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0367 TRANS-EQUAL-PROOF2 T) (DEFN TRANS-EQUAL-PROOF3 (X Y Z) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL Y Z) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL X Z)))) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL Y Z) (F-EQUAL X Z))) (LIST (DETACH-PROOF (F-EQUAL X X) (F-IMPLIES (F-EQUAL Y Z) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL X Z))) (IDENT-AXIOM-PROOF X) (EQUAL-AXIOM2-PROOF (P 0 2) (LIST X Y) (LIST X Z)))))) ;;;;;;; |- "(x = y) -> ((y = z) -> (x = z))". (PROVE-LEMMA TRANS-EQUAL-PROOF3-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP Z 0 SYMBOLS)) (PROVES (TRANS-EQUAL-PROOF3 X Y Z) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (F-EQUAL Y Z) (F-EQUAL X Z))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0736 TRANS-EQUAL-PROOF3 T) (DEFN Z-CDR-UNIQUE-PROOF (X U Y V) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-OR (F-EQUAL U Y) (F-EQUAL U V))) (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-OR (F-EQUAL V X) (F-EQUAL V U))) (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-EQUAL X Y)) (F-IMPLIES (F-EQUAL V U) (F-EQUAL U V)) (F-IMPLIES (F-EQUAL U Y) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL U X))) (F-IMPLIES (F-EQUAL U X) (F-IMPLIES (F-EQUAL V X) (F-EQUAL U V)))) (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-EQUAL U V)) (LIST (Z-CDR-UNIQUE-STEP-PROOF X U Y V) (CHAIN-PROOF (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-OR (F-EQUAL V X) (F-EQUAL V U)) (LIST (F-EQUAL (Z-OPAIR Y V) (Z-OPAIR X U))) (LIST (SYMMETRY-PROOF1 (Z-OPAIR X U) (Z-OPAIR Y V)) (Z-CDR-UNIQUE-STEP-PROOF Y V X U))) (Z-CAR-UNIQUE-PROOF X U Y V) (SYMMETRY-PROOF1 V U) (TRANS-EQUAL-PROOF2 U Y X) (TRANS-EQUAL-PROOF2 U X V)))) ;;;;;;; |- "(=) -> (u = v)". (PROVE-LEMMA Z-CDR-UNIQUE-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP U 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP V 0 SYMBOLS) (MEMBER (P 1 2) SYMBOLS) (MEMBER (FN 1 2) SYMBOLS)) (PROVES (Z-CDR-UNIQUE-PROOF X U Y V) (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-EQUAL U V)) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-OR (F-EQUAL U Y) (F-EQUAL U V))) (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-OR (F-EQUAL V X) (F-EQUAL V U))) (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-EQUAL X Y)) (F-IMPLIES (F-EQUAL V U) (F-EQUAL U V)) (F-IMPLIES (F-EQUAL U Y) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL U X))) (F-IMPLIES (F-EQUAL U X) (F-IMPLIES (F-EQUAL V X) (F-EQUAL U V))))) (EXP (F-IMPLIES (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-EQUAL U V))) (PFLIST (LIST (Z-CDR-UNIQUE-STEP-PROOF X U Y V) (CHAIN-PROOF (F-EQUAL (Z-OPAIR X U) (Z-OPAIR Y V)) (F-OR (F-EQUAL V X) (F-EQUAL V U)) (LIST (F-EQUAL (Z-OPAIR Y V) (Z-OPAIR X U))) (LIST (SYMMETRY-PROOF1 (Z-OPAIR X U) (Z-OPAIR Y V)) (Z-CDR-UNIQUE-STEP-PROOF Y V X U))) (Z-CAR-UNIQUE-PROOF X U Y V) (SYMMETRY-PROOF1 V U) (TRANS-EQUAL-PROOF2 U Y X) (TRANS-EQUAL-PROOF2 U X V))))))) (TOGGLE G0369 Z-CDR-UNIQUE-PROOF T) ;;;;;;;The next definition introduces the "if" connective which ;;;;;;;plays an important role in the proofs to follow. ;;;;;;;Def.: "(if A B C)" = "((A ^ B) v ((not A) ^ C))". (DEFN F-IF (X Y Z) (F-OR (F-AND X Y) (F-AND (F-NOT X) Z))) (DEFN F-IF-INTRO-STEP-PROOF1 (X Y Z) (TAUTCONSEQ-PROOF NIL (F-IMPLIES X (F-IMPLIES Y (F-IF X Y Z))) NIL)) ;;;;;;; |- "(A -> (B -> (if A B C)))". (PROVE-LEMMA F-IF-INTRO-STEP1 (REWRITE) (IMPLIES (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS)) (PROVES (F-IF-INTRO-STEP-PROOF1 X Y Z) (F-IMPLIES X (F-IMPLIES Y (F-IF X Y Z))) GIVEN DEFNS SYMBOLS))) (DEFN F-IF-INTRO-STEP-PROOF2 (X Y Z) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-NOT X) (F-IMPLIES Z (F-IF X Y Z))) NIL)) ;;;;;;; |- "((not A) -> (C -> (if A B C)))". (PROVE-LEMMA F-IF-INTRO-STEP2 (REWRITE) (IMPLIES (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS)) (PROVES (F-IF-INTRO-STEP-PROOF2 X Y Z) (F-IMPLIES (F-NOT X) (F-IMPLIES Z (F-IF X Y Z))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0663 F-IF-INTRO-STEP-PROOF1 T) (TOGGLE G0664 F-IF-INTRO-STEP-PROOF2 T) (DEFN F-IF-INTRO-PROOF1 (X Y Z PFX PFY) (TAUTCONSEQ-PROOF (LIST X Y) (F-IF X Y Z) (LIST PFX PFY))) ;;;;;;; If |- "A" and |- "B", then |- "(if A B C)". (PROVE-LEMMA F-IF-INTRO-PROOF1-PROVES (REWRITE) (IMPLIES (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS) (PROVES PFX X GIVEN DEFNS SYMBOLS) (PROVES PFY Y GIVEN DEFNS SYMBOLS)) (PROVES (F-IF-INTRO-PROOF1 X Y Z PFX PFY) (F-IF X Y Z) GIVEN DEFNS SYMBOLS))) (TOGGLE G0902 F-IF-INTRO-PROOF1 T) (DEFN F-IF-INTRO-PROOF2 (X Y Z PFNX PFZ) (TAUTCONSEQ-PROOF (LIST (F-NOT X) Z) (F-IF X Y Z) (LIST PFNX PFZ))) ;;;;;;; If |- "(not A)" and |- "C", then |- "(if A B C)". (PROVE-LEMMA F-IF-INTRO-PROOF2-PROVES (REWRITE) (IMPLIES (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS) (PROVES PFNX (F-NOT X) GIVEN DEFNS SYMBOLS) (PROVES PFZ Z GIVEN DEFNS SYMBOLS)) (PROVES (F-IF-INTRO-PROOF2 X Y Z PFNX PFZ) (F-IF X Y Z) GIVEN DEFNS SYMBOLS))) (TOGGLE G0903 F-IF-INTRO-PROOF2 T) (DEFN F-IF-ELIM-PROOF1 (X Y Z PFX) (TAUTCONSEQ-PROOF (LIST X) (F-IMPLIES (F-IF X Y Z) Y) (LIST PFX))) ;;;;;;; If |- "A", then |- "((if A B C) -> C)". (PROVE-LEMMA F-IF-ELIM-PROOF1-PROVES (REWRITE) (IMPLIES (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS) (PROVES PFX X GIVEN DEFNS SYMBOLS)) (PROVES (F-IF-ELIM-PROOF1 X Y Z PFX) (F-IMPLIES (F-IF X Y Z) Y) GIVEN DEFNS SYMBOLS))) (TOGGLE G0904 F-IF-ELIM-PROOF1 T) (DEFN F-IF-ELIM-PROOF2 (X Y Z PFNX) (TAUTCONSEQ-PROOF (LIST (F-NOT X)) (F-IMPLIES (F-IF X Y Z) Z) (LIST PFNX))) ;;;;;;; If |-"(not A)", then |-"((if A B C) -> C)". (PROVE-LEMMA F-IF-ELIM-PROOF2-PROVES (REWRITE) (IMPLIES (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS) (PROVES PFNX (F-NOT X) GIVEN DEFNS SYMBOLS)) (PROVES (F-IF-ELIM-PROOF2 X Y Z PFNX) (F-IMPLIES (F-IF X Y Z) Z) GIVEN DEFNS SYMBOLS))) (TOGGLE G0905 F-IF-ELIM-PROOF2 T) (PROVE-LEMMA FORMULA-F-IF (REWRITE) (EQUAL (FORMULA (F-IF X Y Z) SYMBOLS) (AND (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS)))) (PROVE-LEMMA COLLECT-FREE-F-IF (REWRITE) (EQUAL (COLLECT-FREE (F-IF X Y Z) 0) (COLLECT-FREE (F-OR (F-AND X Y) (F-AND (F-NOT X) Z)) 0))) (PROVE-LEMMA SUBST-F-IF (REWRITE) (EQUAL (SUBST (F-IF X Y Z) VAR TERM 0) (F-IF (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0) (SUBST Z VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-F-IF (REWRITE) (EQUAL (PARALLEL-SUBST (F-IF X Y Z) VARS TERMS 0) (F-IF (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0) (PARALLEL-SUBST Z VARS TERMS 0)))) (PROVE-LEMMA COVERING-F-IF (REWRITE) (EQUAL (COVERING (F-IF X Y Z) VAR 0) (APPEND (APPEND (COVERING X VAR 0) (COVERING Y VAR 0)) (APPEND (COVERING X VAR 0) (COVERING Z VAR 0))))) (PROVE-LEMMA EVAL-F-IF (REWRITE) (EQUAL (EVAL (F-IF X Y Z) ALIST) (IF (EVAL X ALIST) (EVAL Y ALIST) (EVAL Z ALIST)))) (TOGGLE G0909 F-IF T) (DEFN CASE-SPLIT-PROOF (X Y PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES X Y) (F-IMPLIES (F-NOT X) Y)) Y (LIST PF1 PF2))) ;;;;;;;If |- "(A -> B)" and |- "((not A) -> B)", then |- "B". (PROVE-LEMMA CASE-SPLIT-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES X Y) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (F-NOT X) Y) GIVEN DEFNS SYMBOLS)) (PROVES (CASE-SPLIT-PROOF X Y PF1 PF2) Y GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES X Y)))))) (TOGGLE G0601 CASE-SPLIT-PROOF T) (PROVE-LEMMA TERMP-PHI (REWRITE) (EQUAL (TERMP (PHI) 0 SYMBOLS) (MEMBER (FN 0 0) SYMBOLS))) (PROVE-LEMMA COLLECT-FREE-PHI (REWRITE) (EQUAL (COLLECT-FREE (PHI) 0) NIL)) (PROVE-LEMMA COVERING-PHI (REWRITE) (EQUAL (COVERING (PHI) VAR 0) NIL)) (PROVE-LEMMA SUBST-PHI (REWRITE) (EQUAL (SUBST (PHI) VAR TERM 0) (PHI))) (PROVE-LEMMA PARALLEL-SUBST-PHI (REWRITE) (EQUAL (PARALLEL-SUBST (PHI) VARS TERMS 0) (PHI))) (TOGGLE G0668 PHI T) (PROVE-LEMMA PROVES-LIST-NIL (REWRITE) (PROVES-LIST NIL NIL GIVEN DEFNS SYMBOLS)) (DEFN FORSOME-DISTRIB-OR-PROOF1 (X A B) (FORSOME-INTRO-PROOF X (F-OR A B) (F-OR (FORSOME X A) (FORSOME X B)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES A (FORSOME X A)) (F-IMPLIES B (FORSOME X B))) (F-IMPLIES (F-OR A B) (F-OR (FORSOME X A) (FORSOME X B))) (LIST (E-INTRO-PROOF X A) (E-INTRO-PROOF X B))))) ;;;;;;; |- "((forsome x (A v B)) -> ((forsome x A) v (forsome x B)))". (PROVE-LEMMA FORSOME-DISTRIB-OR-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (FORSOME-DISTRIB-OR-PROOF1 X A B) (F-IMPLIES (FORSOME X (F-OR A B)) (F-OR (FORSOME X A) (FORSOME X B))) GIVEN DEFNS SYMBOLS))) (DEFN FORSOME-DISTRIB-STEP-PROOF (X A B) (FORSOME-INTRO-PROOF X B (FORSOME X (F-OR A B)) (CHAIN-PROOF B (FORSOME X (F-OR A B)) (LIST (F-OR A B)) (LIST (TAUTCONSEQ-PROOF NIL (F-IMPLIES B (F-OR A B)) NIL) (E-INTRO-PROOF X (F-OR A B)))))) ;;;;;;; |- "(forsome x B) -> (forsome x (A v B))". (PROVE-LEMMA FORSOME-DISTRIB-STEP-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (FORSOME-DISTRIB-STEP-PROOF X A B) (F-IMPLIES (FORSOME X B) (FORSOME X (F-OR A B))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0669 FORSOME-DISTRIB-OR-PROOF1 T) (TOGGLE G0670 FORSOME-DISTRIB-STEP-PROOF T) (DEFN FORSOME-DISTRIB-OR-PROOF2 (X A B) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME X A) (FORSOME X (F-OR A B))) (F-IMPLIES (FORSOME X B) (FORSOME X (F-OR A B)))) (F-IMPLIES (F-OR (FORSOME X A) (FORSOME X B)) (FORSOME X (F-OR A B))) (LIST (FORSOME-INTRO-PROOF X A (FORSOME X (F-OR A B)) (CHAIN-PROOF A (FORSOME X (F-OR A B)) (LIST (F-OR A B)) (LIST (TAUTCONSEQ-PROOF NIL (F-IMPLIES A (F-OR A B)) NIL) (E-INTRO-PROOF X (F-OR A B))))) (FORSOME-DISTRIB-STEP-PROOF X A B)))) ;;;;;;; |- "(((forsome x A) v (forsome x B)) -> (forsome x (A v B)))". (PROVE-LEMMA FORSOME-DISTRIB-OR-PROOF-PROVES2 (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (FORSOME-DISTRIB-OR-PROOF2 X A B) (F-IMPLIES (F-OR (FORSOME X A) (FORSOME X B)) (FORSOME X (F-OR A B))) GIVEN DEFNS SYMBOLS))) (DEFN FORALL-DISTRIB-OR-PROOF (X A B) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X A) (FORALL X (F-OR A B))) (F-IMPLIES (FORALL X B) (FORALL X (F-OR A B)))) (F-IMPLIES (F-OR (FORALL X A) (FORALL X B)) (FORALL X (F-OR A B))) (LIST (FORALL-INTRO-PROOF (FORALL X A) (F-OR A B) X (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X A) A)) (F-IMPLIES (FORALL X A) (F-OR A B)) (LIST (ALL-ELIM-PROOF X A)))) (FORALL-INTRO-PROOF (FORALL X B) (F-OR A B) X (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORALL X B) B)) (F-IMPLIES (FORALL X B) (F-OR A B)) (LIST (ALL-ELIM-PROOF X B))))))) (PROVE-LEMMA PROVES-LIST-REDUC (REWRITE) (EQUAL (PROVES-LIST (CONS PF1 PF2) (CONS EXP1 EXP2) GIVEN DEFNS SYMBOLS) (AND (PROVES PF1 EXP1 GIVEN DEFNS SYMBOLS) (PROVES-LIST PF2 EXP2 GIVEN DEFNS SYMBOLS)))) ;;;;;;; |-"((forall x A) v (forall x B)) -> (forall x (A v B))". (PROVE-LEMMA FORALL-DISTRIB-OR (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS)) (PROVES (FORALL-DISTRIB-OR-PROOF X A B) (F-IMPLIES (F-OR (FORALL X A) (FORALL X B)) (FORALL X (F-OR A B))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0672 FORALL-DISTRIB-OR-PROOF T) (TOGGLE G0673 FORALL NIL) (DEFN FORSOME-FORALL-PROOF (X A) (TAUTCONSEQ-PROOF (LIST (F-IFF (FORSOME X (F-NOT (F-NOT A))) (FORSOME X A))) (F-IFF (F-NOT (FORSOME X A)) (FORALL X (F-NOT A))) (LIST (EQN-FORM-PROOF (FORSOME X A) (FORSOME X (F-NOT (F-NOT A))) (LIST (F-IFF (F-NOT (F-NOT A)) A)) (LIST (TAUTCONSEQ-PROOF NIL (F-IFF (F-NOT (F-NOT A)) A) NIL)))))) ;;;;;;; |- "(not (forsome x A)) <-> (forall x (not A))". (PROVE-LEMMA FORSOME-FORALL (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS)) (PROVES (FORSOME-FORALL-PROOF X A) (F-IFF (F-NOT (FORSOME X A)) (FORALL X (F-NOT A))) GIVEN DEFNS SYMBOLS))) (DEFN FORALL-FORSOME-PROOF (X A) (TAUTCONSEQ-PROOF NIL (F-IFF (F-NOT (FORALL X A)) (FORSOME X (F-NOT A))) NIL)) ;;;;;;; |- "(not (forall x A)) <-> (forsome x (not A))". (PROVE-LEMMA FORALL-FORSOME (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS)) (PROVES (FORALL-FORSOME-PROOF X A) (F-IFF (F-NOT (FORALL X A)) (FORSOME X (F-NOT A))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0674 FORSOME-FORALL-PROOF T) (TOGGLE G0675 FORALL-FORSOME-PROOF T) (TOGGLE G0593 FORSOME-DISTRIB-OR-PROOF2 T) (TOGGLE G0676 FORALL T) (DEFN FORSOME-DISTRIB-AND-PROOF (X A B) (CHAIN-PROOF (F-AND A (FORSOME X B)) (FORSOME X (F-AND A B)) (LIST (F-NOT (F-OR (F-NOT A) (F-NOT (FORSOME X B)))) (F-NOT (F-OR (FORSOME X (F-NOT A)) (F-NOT (FORSOME X B)))) (F-NOT (F-IMPLIES (FORSOME X B) (FORSOME X (F-NOT A)))) (F-NOT (FORALL X (F-IMPLIES B (F-NOT A)))) (FORSOME X (F-NOT (F-IMPLIES B (F-NOT A))))) (LIST (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-AND A (FORSOME X B)) (F-NOT (F-OR (F-NOT A) (F-NOT (FORSOME X B))))) NIL) (IFF-SPLIT-PROOF1 (F-NOT (F-OR (F-NOT A) (F-NOT (FORSOME X B)))) (F-NOT (F-OR (FORSOME X (F-NOT A)) (F-NOT (FORSOME X B)))) (EQN-FORM-PROOF (F-NOT (F-OR (FORSOME X (F-NOT A)) (F-NOT (FORSOME X B)))) (F-NOT (F-OR (F-NOT A) (F-NOT (FORSOME X B)))) (LIST (F-IFF (F-NOT A) (FORSOME X (F-NOT A)))) (LIST (IFF-COMMUTE-PROOF (FORSOME X (F-NOT A)) (F-NOT A) (DEL-FORSOME-PROOF X (F-NOT A)))))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-NOT (F-OR (FORSOME X (F-NOT A)) (F-NOT (FORSOME X B)))) (F-NOT (F-IMPLIES (FORSOME X B) (FORSOME X (F-NOT A))))) NIL) (CONTRA-POS-PROOF1 (FORALL X (F-IMPLIES B (F-NOT A))) (F-IMPLIES (FORSOME X B) (FORSOME X (F-NOT A))) (FORALL-OVER-IMPLIES-PROOF X B (F-NOT A))) (IFF-SPLIT-PROOF1 (F-NOT (FORALL X (F-IMPLIES B (F-NOT A)))) (FORSOME X (F-NOT (F-IMPLIES B (F-NOT A)))) (FORALL-FORSOME-PROOF X (F-IMPLIES B (F-NOT A)))) (IFF-SPLIT-PROOF1 (FORSOME X (F-NOT (F-IMPLIES B (F-NOT A)))) (FORSOME X (F-AND A B)) (EQN-FORM-PROOF (FORSOME X (F-AND A B)) (FORSOME X (F-NOT (F-IMPLIES B (F-NOT A)))) (LIST (F-IFF (F-NOT (F-IMPLIES B (F-NOT A))) (F-AND A B))) (LIST (TAUTCONSEQ-PROOF NIL (F-IFF (F-NOT (F-IMPLIES B (F-NOT A))) (F-AND A B)) NIL))))))) ;;;;;;; If "x" not free in "A", then |- "(A ^ (forsome x B)) -> (forsome x (A ^ B))". (PROVE-LEMMA FORSOME-DISTRIB-AND-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (FORMULA A SYMBOLS) (FORMULA B SYMBOLS) (NOT (MEMBER X (COLLECT-FREE A 0)))) (PROVES (FORSOME-DISTRIB-AND-PROOF X A B) (F-IMPLIES (F-AND A (FORSOME X B)) (FORSOME X (F-AND A B))) GIVEN DEFNS SYMBOLS)) ((USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST NIL) (EXP (F-IMPLIES (F-AND A (FORSOME X B)) (F-NOT (F-OR (F-NOT A) (F-NOT (FORSOME X B)))))) (PFLIST NIL)) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST NIL) (EXP (F-IMPLIES (F-NOT (F-OR (FORSOME X (F-NOT A)) (F-NOT (FORSOME X B)))) (F-NOT (F-IMPLIES (FORSOME X B) (FORSOME X (F-NOT A)))))) (PFLIST NIL)) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST NIL) (EXP (F-IFF (F-NOT (F-IMPLIES B (F-NOT A))) (F-AND A B))) (PFLIST NIL))) (DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES))) (TOGGLE G0681 FORSOME-DISTRIB-AND-PROOF T) (TOGGLE G0683 FORSOME-DISTRIB-OR-PROOF2 T) (DEFN FORSOME-F-IF-PROOF (VAR X Y Z) (CHAIN-PROOF (F-IF X (FORSOME VAR Y) (FORSOME VAR Z)) (FORSOME VAR (F-IF X Y Z)) (LIST (F-OR (FORSOME VAR (F-AND X Y)) (FORSOME VAR (F-AND (F-NOT X) Z)))) (LIST (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-AND X (FORSOME VAR Y)) (FORSOME VAR (F-AND X Y))) (F-IMPLIES (F-AND (F-NOT X) (FORSOME VAR Z)) (FORSOME VAR (F-AND (F-NOT X) Z)))) (F-IMPLIES (F-IF X (FORSOME VAR Y) (FORSOME VAR Z)) (F-OR (FORSOME VAR (F-AND X Y)) (FORSOME VAR (F-AND (F-NOT X) Z)))) (LIST (FORSOME-DISTRIB-AND-PROOF VAR X Y) (FORSOME-DISTRIB-AND-PROOF VAR (F-NOT X) Z))) (FORSOME-DISTRIB-OR-PROOF2 VAR (F-AND X Y) (F-AND (F-NOT X) Z))))) ;;;;;;; If "v" not free in "A", then ;;;;;;; |-"(if A (forsome v B) (forsome v C)) -> (forsome v (if A B C))". ;;;;;;;This important rule justifies definition by cases using the "if" connective. (PROVE-LEMMA FORSOME-F-IF-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS) (NOT (MEMBER VAR (COLLECT-FREE X 0)))) (PROVES (FORSOME-F-IF-PROOF VAR X Y Z) (F-IMPLIES (F-IF X (FORSOME VAR Y) (FORSOME VAR Z)) (FORSOME VAR (F-IF X Y Z))) GIVEN DEFNS SYMBOLS)) ((ENABLE F-IF))) (TOGGLE G0684 FORSOME-F-IF-PROOF T) (DEFN UNIQUE-F-IF-PROOF (TEST LEFT1 LEFT2 RIGHT1 RIGHT2 EXP PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-AND LEFT1 LEFT2) EXP) (F-IMPLIES (F-AND RIGHT1 RIGHT2) EXP)) (F-IMPLIES (F-AND (F-IF TEST LEFT1 RIGHT1) (F-IF TEST LEFT2 RIGHT2)) EXP) (LIST PF1 PF2))) ;;;;;;;If |-"(B1 ^ B2) -> P" and |-"(C1 ^ C2) -> P", then ;;;;;;; |- "(((if A B1 C1) ^ (if A B2 C2)) -> P)". ;;;;;;;This lemma justifies the uniqueness part of the admissibility of a ;;;;;;;definition by cases using the "if" connective. (PROVE-LEMMA UNIQUE-F-IF-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA TEST SYMBOLS) (PROVES PF1 (F-IMPLIES (F-AND LEFT1 LEFT2) EXP) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (F-AND RIGHT1 RIGHT2) EXP) GIVEN DEFNS SYMBOLS)) (PROVES (UNIQUE-F-IF-PROOF TEST LEFT1 LEFT2 RIGHT1 RIGHT2 EXP PF1 PF2) (F-IMPLIES (F-AND (F-IF TEST LEFT1 RIGHT1) (F-IF TEST LEFT2 RIGHT2)) EXP) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (F-AND LEFT1 LEFT2) EXP))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES (F-AND RIGHT1 RIGHT2) EXP)))) )) (TOGGLE G0603 UNIQUE-F-IF-PROOF T) (DEFN FORSOME-F-IF-CASE-PROOF (VAR X Y Z PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES X (FORSOME VAR Y)) (F-IMPLIES (F-NOT X) (FORSOME VAR Z)) (F-IMPLIES (F-IF X (FORSOME VAR Y) (FORSOME VAR Z)) (FORSOME VAR (F-IF X Y Z)))) (FORSOME VAR (F-IF X Y Z)) (LIST PF1 PF2 (FORSOME-F-IF-PROOF VAR X Y Z)))) ;;;;;;;If |- "(A -> (forsome v B))" and |-"((not A) -> (forsome v C))", ;;;;;;;then |- "(forsome v (if A B C))". (PROVE-LEMMA FORSOME-F-IF-CASE-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (FORMULA X SYMBOLS) (FORMULA Y SYMBOLS) (FORMULA Z SYMBOLS) (NOT (MEMBER VAR (COLLECT-FREE X 0))) (PROVES PF1 (F-IMPLIES X (FORSOME VAR Y)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (F-NOT X) (FORSOME VAR Z)) GIVEN DEFNS SYMBOLS)) (PROVES (FORSOME-F-IF-CASE-PROOF VAR X Y Z PF1 PF2) (FORSOME VAR (F-IF X Y Z)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0687 FORSOME-F-IF-CASE-PROOF T) (DEFN EXIS-FUN-INTRO-PROOF (VAR TERM) (DETACH-PROOF (F-EQUAL TERM TERM) (FORSOME VAR (F-EQUAL VAR TERM)) (IDENT-AXIOM-PROOF TERM) (SUBST-THM-A-PROOF (F-EQUAL VAR TERM) (LIST VAR) (LIST TERM)))) (PROVE-LEMMA PARALLEL-SUBST-F-EQUAL (REWRITE) (EQUAL (PARALLEL-SUBST (F-EQUAL A B) VARS TERMS 0) (F-EQUAL (PARALLEL-SUBST A VARS TERMS 0) (PARALLEL-SUBST B VARS TERMS 0))) ((ENABLE F-EQUAL))) (PROVE-LEMMA F-EQUAL-COL-FREE (REWRITE) (EQUAL (COLLECT-FREE (F-EQUAL X Y) 0) (COLLECT-FREE (LIST X Y) 1)) ((ENABLE F-EQUAL))) (PROVE-LEMMA COVERING-F-EQUAL (REWRITE) (EQUAL (COVERING (F-EQUAL X Y) VAR 0) (COVERING (LIST X Y) VAR 1)) ((ENABLE F-EQUAL))) ;;;;;;; |- "(forsome v (v = t))", "v" not free in "t". (PROVE-LEMMA EXIS-FUN-INTRO-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (TERMP TERM 0 SYMBOLS) (NOT (MEMBER VAR (COLLECT-FREE TERM 0)))) (PROVES (EXIS-FUN-INTRO-PROOF VAR TERM) (FORSOME VAR (F-EQUAL VAR TERM)) GIVEN DEFNS SYMBOLS)) ((USE (ATOMP-COVERING (EXP (F-EQUAL VAR TERM)))))) (TOGGLE G0690 EXIS-FUN-INTRO-PROOF T) (PROVE-LEMMA SUBSET-APPEND-REDUC (REWRITE) (EQUAL (SUBSET (APPEND X Y) Z) (AND (SUBSET X Z) (SUBSET Y Z)))) (DEFN Z-SUCC-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 3 1) DEFNS) (F-EQUAL (Z-SUCC 0) (Z-UNION (Z-SING 0) 0))) (SUBSET (LIST (FN 2 2) (FN 1 2)) (REST-OF (FN 3 1) SYMBOLS)))) (DEFN UNIQUE-FUN-INTRO-PROOF (VAR1 VAR2 TERM) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL VAR1 TERM) (F-IMPLIES (F-EQUAL VAR2 TERM) (F-EQUAL VAR1 VAR2)))) (F-IMPLIES (F-AND (F-EQUAL VAR1 TERM) (F-EQUAL VAR2 TERM)) (F-EQUAL VAR1 VAR2)) (LIST (TRANS-EQUAL-PROOF2 VAR1 TERM VAR2)))) ;;;;;;; |- "((v1 = t) ^ (v2 = t)) -> (v1 = v2)". (PROVE-LEMMA UNIQUE-FUN-INTRO-PROOF-PROVES (REWRITE) (IMPLIES (TERMP (LIST VAR1 VAR2 TERM) 1 SYMBOLS) (PROVES (UNIQUE-FUN-INTRO-PROOF VAR1 VAR2 TERM) (F-IMPLIES (F-AND (F-EQUAL VAR1 TERM) (F-EQUAL VAR2 TERM)) (F-EQUAL VAR1 VAR2)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0604 UNIQUE-FUN-INTRO-PROOF T) (TOGGLE G0702 REST-OF T) (DEFN Z-SUCC-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (F-EQUAL (Z-SUCC 0) (Z-UNION (Z-SING 0) 0)) 0 TERM (FUN-DEFN-PROOF (FN 3 1) (LIST 0) 1 2 (F-EQUAL 1 (Z-UNION (Z-SING 0) 0)) (EXIS-FUN-INTRO-PROOF 1 (Z-UNION (Z-SING 0) 0)) (UNIQUE-FUN-INTRO-PROOF 1 2 (Z-UNION (Z-SING 0) 0))))) ;;;;;;;The definition of the successor operation: |- "(S t) = ({t} U t)". (PROVE-LEMMA Z-SUCC-DEFN (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS)) (PROVES (Z-SUCC-DEFN-PROOF TERM) (F-EQUAL (Z-SUCC TERM) (Z-UNION (Z-SING TERM) TERM)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0407 Z-SUCC-DEFN-PROOF T) (TOGGLE G0677 Z-SUCC-HYPS T) (PROVE-LEMMA TERMP-Z-SUCC (REWRITE) (EQUAL (TERMP (Z-SUCC X) 0 SYMBOLS) (AND (MEMBER (FN 3 1) SYMBOLS) (TERMP X 0 SYMBOLS)))) (PROVE-LEMMA SUBST-Z-SUCC (REWRITE) (EQUAL (SUBST (Z-SUCC X) VAR TERM 0) (Z-SUCC (SUBST X VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-SUCC (REWRITE) (EQUAL (PARALLEL-SUBST (Z-SUCC X) VARS TERMS 0) (Z-SUCC (PARALLEL-SUBST X VARS TERMS 0)))) (PROVE-LEMMA COVERING-Z-SUCC (REWRITE) (EQUAL (COVERING (Z-SUCC X) VAR 0) (COVERING (LIST X) VAR 1))) (PROVE-LEMMA Z-SUCC-COL-FREE (REWRITE) (EQUAL (COLLECT-FREE (Z-SUCC X) 0) (COLLECT-FREE (LIST X) 1))) (PROVE-LEMMA EQUAL-AXIOM1-Z-SUCC (REWRITE) (IMPLIES (AND (MEMBER (FN 3 1) SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS)) (PROVES (EQUAL-AXIOM1-PROOF (FN 3 1) (LIST X) (LIST Y)) (F-IMPLIES (F-EQUAL X Y) (F-EQUAL (Z-SUCC X) (Z-SUCC Y))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0408 Z-SUCC T) (DEFN EXT-AXIOM-EQ-DETACH-PROOF (TERMA TERMB TERMC PF) (DETACH-PROOF (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB)) PF (CHAIN-PROOF (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB)) (LIST (FORALL (MK-BND (LIST TERMA TERMB) 0) (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB)))) (LIST (IFF-SPLIT-PROOF1 (F-EQUAL TERMA TERMB) (FORALL (MK-BND (LIST TERMA TERMB) 0) (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB))) (EXT-AXIOM-PROOF (MK-BND (LIST TERMA TERMB) 0) TERMA TERMB)) (SUBST-THM-B-PROOF (F-IFF (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMA) (ISIN (MK-BND (LIST TERMA TERMB) 0) TERMB)) (LIST (MK-BND (LIST TERMA TERMB) 0)) (LIST TERMC)))))) ;;;;;;; If |-"(a = b)", then |-"(c in a) <-> (c in b)". (PROVE-LEMMA EXT-AXIOM-EQ-DETACH (REWRITE) (IMPLIES (AND (TERMP (LIST TERMA TERMB TERMC) 1 SYMBOLS) (PROVES PF (F-EQUAL TERMA TERMB) GIVEN DEFNS SYMBOLS) (MEMBER (P 1 2) SYMBOLS)) (PROVES (EXT-AXIOM-EQ-DETACH-PROOF TERMA TERMB TERMC PF) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0704 EXT-AXIOM-EQ-DETACH-PROOF T) (DEFN IN-Z-SUCC-PROOF (X Y) (CHAIN-IFF-PROOF (ISIN Y (Z-SUCC X)) (F-OR (F-EQUAL Y X) (ISIN Y X)) (LIST (ISIN Y (Z-UNION (Z-SING X) X)) (F-OR (ISIN Y (Z-SING X)) (ISIN Y X))) (LIST (EXT-AXIOM-EQ-DETACH-PROOF (Z-SUCC X) (Z-UNION (Z-SING X) X) Y (Z-SUCC-DEFN-PROOF X)) (UNION-AXIOM-PROOF Y (Z-SING X) X) (EQN-FORM-PROOF (F-OR (F-EQUAL Y X) (ISIN Y X)) (F-OR (ISIN Y (Z-SING X)) (ISIN Y X)) (LIST (F-IFF (ISIN Y (Z-SING X)) (F-EQUAL Y X))) (LIST (ISIN-SING-PROOF X Y)))))) ;;;;;;; |-"(y in (S x)) <-> ((y = x) v (y in x))". (PROVE-LEMMA IN-Z-SUCC-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS)) (PROVES (IN-Z-SUCC-PROOF X Y) (F-IFF (ISIN Y (Z-SUCC X)) (F-OR (F-EQUAL Y X) (ISIN Y X))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0705 IN-Z-SUCC-PROOF T) (DEFN X-IN-Z-SUCC-X-PROOF (X) (F-IFF-MP-PROOF2 (ISIN X (Z-SUCC X)) (F-OR (F-EQUAL X X) (ISIN X X)) (IN-Z-SUCC-PROOF X X) (RT-EXPAN-PROOF (F-EQUAL X X) (ISIN X X) (IDENT-AXIOM-PROOF X)))) ;;;;;;; |-"(x in (S x))". (PROVE-LEMMA X-IN-Z-SUCC-X (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (TERMP X 0 SYMBOLS)) (PROVES (X-IN-Z-SUCC-X-PROOF X) (ISIN X (Z-SUCC X)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0707 X-IN-Z-SUCC-X-PROOF T) (DEFN Z-SUCC-EQUAL-STEP-PROOF (X Y) (CHAIN-PROOF (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (ISIN X Y)) (LIST (ISIN X (Z-SUCC Y))) (LIST (EXT-AXIOM-EQ-ELIM1-PROOF (Z-SUCC X) (Z-SUCC Y) X (X-IN-Z-SUCC-X-PROOF X)) (IFF-SPLIT-PROOF1 (ISIN X (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (ISIN X Y)) (IN-Z-SUCC-PROOF Y X))))) ;;;;;;; |- "((S x)=(S y)) -> ((x = y) v (x in y))". (PROVE-LEMMA Z-SUCC-EQUAL-STEP (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS)) (PROVES (Z-SUCC-EQUAL-STEP-PROOF X Y) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (ISIN X Y))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0708 Z-SUCC-EQUAL-STEP-PROOF T) (DEFN EQUAL-Z-SUCC-PROOF (X Y) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (ISIN X Y))) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-EQUAL (Z-SUCC Y) (Z-SUCC X))) (F-IMPLIES (F-EQUAL (Z-SUCC Y) (Z-SUCC X)) (F-OR (F-EQUAL Y X) (ISIN Y X))) (F-IMPLIES (F-EQUAL Y X) (F-EQUAL X Y))) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (F-AND (ISIN X Y) (ISIN Y X)))) (LIST (Z-SUCC-EQUAL-STEP-PROOF X Y) (SYMMETRY-PROOF1 (Z-SUCC X) (Z-SUCC Y)) (Z-SUCC-EQUAL-STEP-PROOF Y X) (SYMMETRY-PROOF1 Y X)))) ;;;;;;; |- "((S x)=(S y)) -> ((x = y) v ((x in y) ^ (y in x)))". (PROVE-LEMMA EQUAL-Z-SUCC-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS)) (PROVES (EQUAL-Z-SUCC-PROOF X Y) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (F-AND (ISIN X Y) (ISIN Y X)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0709 EQUAL-Z-SUCC-PROOF T) ;;;;;;;The next series of defns and lemmas deal with the definition of "(I x)". ;;;;;;;"(I x)" holds of "x" iff "x" is transitive and linearly ordered by "in". ;;;;;;;"(Trans x)" iff "(forall y (forall z ((y in x) -> ((z in y) -> (z in x)))))". ;;;;;;;"x" is linearly ordered by "in" (i.e., "(Trich x)") iff ;;;;;;;"(forall y (forall z (((y in x) ^ (z in x)) -> ((y = z) v ((y in z) v (z in y))))))" ;;;;;;;Z-TRANS generates the transitivity assertion. (DEFN Z-TRANS1 (X U V) (F-IMPLIES (F-AND (ISIN U X) (ISIN V U)) (ISIN V X))) (DEFN Z-TRANS (X Y Z) (FORALL Y (FORALL Z (Z-TRANS1 X Y Z)))) (DEFN Z-TRANS-INSTANCE-PROOF (X Y Z Y1 Z1) (SUBST-THM-B-PROOF (Z-TRANS1 X Y Z) (LIST Y Z) (LIST Y1 Z1))) (PROVE-LEMMA Z-TRANS-INSTANCE-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y1 Z1) 1 SYMBOLS) (VAR-SET (LIST Y Z) 2) (NIL-INTERSECT (LIST Y Z) (COLLECT-FREE X 0)) (MEMBER (P 1 2) SYMBOLS) (EQUAL CONCL (F-IMPLIES (Z-TRANS X Y Z) (Z-TRANS1 X Y1 Z1)))) (PROVES (Z-TRANS-INSTANCE-PROOF X Y Z Y1 Z1) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0710 Z-TRANS-INSTANCE-PROOF T) (PROVE-LEMMA FORMULA-Z-TRANS (REWRITE) (EQUAL (FORMULA (Z-TRANS X Y Z) SYMBOLS) (AND (MEMBER (P 1 2) SYMBOLS) (TERMP (LIST X Y Z) 1 SYMBOLS)))) (PROVE-LEMMA COLLECT-FREE-Z-TRANS (REWRITE) (IMPLIES (AND (VAR-LIST (LIST Y Z) 2) (NIL-INTERSECT (LIST Y Z) (COLLECT-FREE X 0))) (EQUAL (MEMBER VAR (COLLECT-FREE (Z-TRANS X Y Z) 0)) (MEMBER VAR (COLLECT-FREE X 0))))) (TOGGLE G0715 Z-TRANS T) (DEFN IN-Z-TRANS-PROOF (X V1 V2 Y Z) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (Z-TRANS X V1 V2) (Z-TRANS1 X Y Z)) (F-IMPLIES (Z-TRANS Y V1 V2) (Z-TRANS1 Y X Z))) (F-IMPLIES (F-AND (F-AND (Z-TRANS X V1 V2) (Z-TRANS Y V1 V2)) (F-AND (ISIN X Y) (ISIN Y X))) (F-IFF (ISIN Z X) (ISIN Z Y))) (LIST (Z-TRANS-INSTANCE-PROOF X V1 V2 Y Z) (Z-TRANS-INSTANCE-PROOF Y V1 V2 X Z)))) ;;;;;;; |- "((Trans x) ^ (Trans y) ^ (x in y) ^ (y in x)) -> ((z in x) <-> (z in y))". (PROVE-LEMMA IN-Z-TRANS-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y Z) 1 SYMBOLS) (VAR-SET (LIST V1 V2) 2) (NIL-INTERSECT (LIST V1 V2) (COLLECT-FREE (LIST X Y) 1)) (MEMBER (P 1 2) SYMBOLS)) (PROVES (IN-Z-TRANS-PROOF X V1 V2 Y Z) (F-IMPLIES (F-AND (F-AND (Z-TRANS X V1 V2) (Z-TRANS Y V1 V2)) (F-AND (ISIN X Y) (ISIN Y X))) (F-IFF (ISIN Z X) (ISIN Z Y))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0718 IN-Z-TRANS-PROOF T) (DEFN Z-TRANS-EQUAL-PROOF1 (X Y V1 V2) (CHAIN-PROOF (F-AND (F-AND (Z-TRANS X V1 V2) (Z-TRANS Y V1 V2)) (F-AND (ISIN X Y) (ISIN Y X))) (F-EQUAL X Y) (LIST (FORALL V1 (F-IFF (ISIN V1 X) (ISIN V1 Y)))) (LIST (FORALL-INTRO-PROOF (F-AND (F-AND (Z-TRANS X V1 V2) (Z-TRANS Y V1 V2)) (F-AND (ISIN X Y) (ISIN Y X))) (F-IFF (ISIN V1 X) (ISIN V1 Y)) V1 (IN-Z-TRANS-PROOF X V1 V2 Y V1)) (IFF-SPLIT-PROOF2 (F-EQUAL X Y) (FORALL V1 (F-IFF (ISIN V1 X) (ISIN V1 Y))) (EXT-AXIOM-PROOF V1 X Y))))) ;;;;;;; |- "((Trans x) ^ (Trans y) ^ (x in y) ^ (y in x)) -> (x = y)". (PROVE-LEMMA Z-TRANS-EQUAL-PROOF1-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y) 1 SYMBOLS) (VAR-SET (LIST V1 V2) 2) (NIL-INTERSECT (LIST V1 V2) (COLLECT-FREE (LIST X Y) 1)) (MEMBER (P 1 2) SYMBOLS)) (PROVES (Z-TRANS-EQUAL-PROOF1 X Y V1 V2) (F-IMPLIES (F-AND (F-AND (Z-TRANS X V1 V2) (Z-TRANS Y V1 V2)) (F-AND (ISIN X Y) (ISIN Y X))) (F-EQUAL X Y)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0719 Z-TRANS-EQUAL-PROOF1 T) (DEFN Z-SUCC-EQUAL-PROOF (X Y V1 V2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-OR (F-EQUAL X Y) (F-AND (ISIN X Y) (ISIN Y X)))) (F-IMPLIES (F-AND (F-AND (Z-TRANS X V1 V2) (Z-TRANS Y V1 V2)) (F-AND (ISIN X Y) (ISIN Y X))) (F-EQUAL X Y))) (F-IMPLIES (Z-TRANS X V1 V2) (F-IMPLIES (Z-TRANS Y V1 V2) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-EQUAL X Y)))) (LIST (EQUAL-Z-SUCC-PROOF X Y) (Z-TRANS-EQUAL-PROOF1 X Y V1 V2)))) ;;;;;;; |- "((Trans x) -> ((Trans y) -> (((S x)=(S y)) -> (x = y))))". (PROVE-LEMMA Z-SUCC-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y) 1 SYMBOLS) (VAR-SET (LIST V1 V2) 2) (NIL-INTERSECT (LIST V1 V2) (COLLECT-FREE (LIST X Y) 1)) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS)) (PROVES (Z-SUCC-EQUAL-PROOF X Y V1 V2) (F-IMPLIES (Z-TRANS X V1 V2) (F-IMPLIES (Z-TRANS Y V1 V2) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-EQUAL X Y)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0720 Z-SUCC-EQUAL-PROOF T) (TOGGLE G0721 Z-TRANS-EQUAL-PROOF1-PROVES T) (TOGGLE G0722 IN-Z-TRANS-PROOF-PROVES T) ;;;;;;;NUMERAL returns the set-theoretic ordinal corresponding to a Lisp natural number. ;;;;;;;The numeral for X will be represented as "|X|". (DEFN NUMERAL (X) (IF (ZEROP X) (PHI) (Z-SUCC (NUMERAL (SUB1 X))))) (PROVE-LEMMA TERMP-NUMERAL (REWRITE) (IMPLIES (AND (MEMBER (FN 0 0) SYMBOLS) (MEMBER (FN 3 1) SYMBOLS)) (TERMP (NUMERAL X) 0 SYMBOLS)) ((INDUCT (NUMERAL X)))) (PROVE-LEMMA COLLECT-FREE-NUMERAL (REWRITE) (EQUAL (COLLECT-FREE (NUMERAL X) 0) NIL)) (DEFN CHAIN-OR-PROOF (A B C D PF1 PF2 PF3) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES A (F-OR B C)) (F-IMPLIES B D) (F-IMPLIES C D)) (F-IMPLIES A D) (LIST PF1 PF2 PF3))) ;;;;;;; If |- "(A -> (B v C))", |- "(B -> D)", and |- "(C -> D)", then |- "(A -> D)". (PROVE-LEMMA CHAIN-OR-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES A (F-OR B C)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES B D) GIVEN DEFNS SYMBOLS) (PROVES PF3 (F-IMPLIES C D) GIVEN DEFNS SYMBOLS)) (PROVES (CHAIN-OR-PROOF A B C D PF1 PF2 PF3) (F-IMPLIES A D) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES A (F-OR B C)))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES B D)))) )) (TOGGLE G0605 CHAIN-OR-PROOF T) (DEFN Z-TRANS-NUMERAL-PROOF (X Y Z) (IF (ZEROP X) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN Y (PHI)))) (F-IMPLIES (F-AND (ISIN Y (PHI)) (ISIN Z Y)) (ISIN Z (PHI))) (LIST (NULL-AXIOM-PROOF Y))) (CHAIN-PROOF (F-AND (ISIN Y (NUMERAL X)) (ISIN Z Y)) (ISIN Z (NUMERAL X)) (LIST (F-AND (F-OR (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (ISIN Z Y)) (ISIN Z (NUMERAL (SUB1 X)))) (LIST (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN Y (Z-SUCC (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))))) (F-IMPLIES (F-AND (ISIN Y (Z-SUCC (NUMERAL (SUB1 X)))) (ISIN Z Y)) (F-AND (F-OR (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (ISIN Z Y))) (LIST (IFF-SPLIT-PROOF1 (ISIN Y (Z-SUCC (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (IN-Z-SUCC-PROOF (NUMERAL (SUB1 X)) Y)))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL Y (NUMERAL (SUB1 X))) (F-IMPLIES (ISIN Z Y) (ISIN Z (NUMERAL (SUB1 X))))) (F-IMPLIES (F-AND (ISIN Y (NUMERAL (SUB1 X))) (ISIN Z Y)) (ISIN Z (NUMERAL (SUB1 X))))) (F-IMPLIES (F-AND (F-OR (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (ISIN Z Y)) (ISIN Z (NUMERAL (SUB1 X)))) (LIST (DETACH-PROOF (F-EQUAL Z Z) (F-IMPLIES (F-EQUAL Y (NUMERAL (SUB1 X))) (F-IMPLIES (ISIN Z Y) (ISIN Z (NUMERAL (SUB1 X))))) (IDENT-AXIOM-PROOF Z) (EQUAL-AXIOM2-PROOF (P 1 2) (LIST Z Y) (LIST Z (NUMERAL (SUB1 X))))) (Z-TRANS-NUMERAL-PROOF (SUB1 X) Y Z))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-OR (F-EQUAL Z (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))) (ISIN Z (Z-SUCC (NUMERAL (SUB1 X)))))) (F-IMPLIES (ISIN Z (NUMERAL (SUB1 X))) (ISIN Z (Z-SUCC (NUMERAL (SUB1 X))))) (LIST (IFF-SPLIT-PROOF2 (ISIN Z (Z-SUCC (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Z (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))) (IN-Z-SUCC-PROOF (NUMERAL (SUB1 X)) Z)))))))) ;;;;;;; |- "((y in |X|) ^ (z in y)) -> (z in |X|)". (PROVE-LEMMA Z-TRANS-NUMERAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (TERMP (LIST Y Z) 1 SYMBOLS)) (PROVES (Z-TRANS-NUMERAL-PROOF X Y Z) (F-IMPLIES (F-AND (ISIN Y (NUMERAL X)) (ISIN Z Y)) (ISIN Z (NUMERAL X))) GIVEN DEFNS SYMBOLS)) ((INDUCT (NUMERAL X)) (DISABLE PAIREQUALS-REDUC))) (TOGGLE G0723 Z-TRANS-NUMERAL-PROOF T) (PROVE-LEMMA FORM-EQUAL-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORMULA FORMA SYMBOLS) (FORMULA FORMB SYMBOLS) (FORM-EQUAL FORMA FORMB LIST) (LISTP LIST) (FORM-LIST LIST SYMBOLS) (EQUAL CONCL (F-IMPLIES (LIST-F-AND LIST) (F-IFF FORMA FORMB)))) (PROVES (FORM-EQUAL-PROOF FORMA FORMB LIST) CONCL GIVEN DEFNS SYMBOLS)) ((USE (FORM-EQUAL-PROOF-PROVES)))) (TOGGLE G0724 FORM-EQUAL-PROOF-PROVES T) (PROVE-LEMMA TERMP-DEL-PAIRS (REWRITE) (IMPLIES (TERMP X 1 SYMBOLS) (TERMP (DEL-PAIRS Y VARS X) 1 SYMBOLS))) (PROVE-LEMMA LENGTH-PARALLEL-SUBST (REWRITE) (EQUAL (LENGTH (PARALLEL-SUBST EXP VARS TERMS 1)) (LENGTH EXP))) (PROVE-LEMMA TERMP-PARALLEL-SUBST (REWRITE) (IMPLIES (AND (TERMP TERM FLG SYMBOLS) (TERMP TERMS 1 SYMBOLS)) (TERMP (PARALLEL-SUBST TERM VARS TERMS FLG) FLG SYMBOLS))) (PROVE-LEMMA FORMULA-PARALLEL-SUBST (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (TERMP TERMS 1 SYMBOLS)) (FORMULA (PARALLEL-SUBST EXP VARS TERMS 0) SYMBOLS))) (PROVE-LEMMA FORM-EQUAL-PARALLEL-SUBST-AGAIN (REWRITE) (IMPLIES (AND (VAR-LIST VARS (LENGTH VARS)) (FORMULA EXP SYMBOLS) (EQUAL (COLLECT-FREE TERMS 1) NIL) (EQUAL LIST (LIST-F-EQUAL VARS TERMS))) (FORM-EQUAL EXP (PARALLEL-SUBST EXP VARS TERMS 0) LIST))) (TOGGLE G0729 FORM-EQUAL-PARALLEL-SUBST T) (TOGGLE G0730 FORM-EQUAL T) (DEFN IN-Z-SUCC-PROOF1 (X Y) (IFF-SPLIT-PROOF1 (ISIN Y (Z-SUCC X)) (F-OR (F-EQUAL Y X) (ISIN Y X)) (IN-Z-SUCC-PROOF X Y))) (DEFN Z-TRICH1 (X Y Z) (F-IMPLIES (F-AND (ISIN Y X) (ISIN Z X)) (F-OR (F-EQUAL Y Z) (F-OR (ISIN Y Z) (ISIN Z Y))))) (DEFN EXT-CASE1-PROOF (TERMA TERMB TERMC X) (CHAIN-PROOF (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB)) (LIST (FORALL X (F-IFF (ISIN X TERMA) (ISIN X TERMB)))) (LIST (IFF-SPLIT-PROOF1 (F-EQUAL TERMA TERMB) (FORALL X (F-IFF (ISIN X TERMA) (ISIN X TERMB))) (EXT-AXIOM-PROOF X TERMA TERMB)) (SUBST-THM-B-PROOF (F-IFF (ISIN X TERMA) (ISIN X TERMB)) (LIST X) (LIST TERMC))))) ;;;;;;; |- "(a=b) -> ((c in a) <-> (c in b))". (PROVE-LEMMA EXT-CASE1 (REWRITE) (IMPLIES (AND (VARIABLE X) (NOT (MEMBER X (COLLECT-FREE TERMA 0))) (NOT (MEMBER X (COLLECT-FREE TERMB 0))) (FORMULA (F-IMPLIES (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) SYMBOLS)) (PROVES (EXT-CASE1-PROOF TERMA TERMB TERMC X) (F-IMPLIES (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0914 EXT-CASE1-PROOF T) (DEFN EXT-CASE-PROOF (TERMA TERMB TERMC) (EXT-CASE1-PROOF TERMA TERMB TERMC (MK-BND (LIST TERMA TERMB) 0))) (PROVE-LEMMA EXT-AXIOM-CASE (REWRITE) (IMPLIES (FORMULA (F-IMPLIES (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) SYMBOLS) (PROVES (EXT-CASE-PROOF TERMA TERMB TERMC) (F-IMPLIES (F-EQUAL TERMA TERMB) (F-IFF (ISIN TERMC TERMA) (ISIN TERMC TERMB))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0915 EXT-CASE-PROOF T) (DEFN EXT-SUBCASE-PROOF2 (X Y Z) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X Y) (F-IFF (ISIN Z X) (ISIN Z Y)))) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (ISIN Z Y) (ISIN Z X))) (LIST (EXT-CASE-PROOF X Y Z)))) ;;;;;;; |-"(a=b) -> ((c in a) -> (c in b))". (PROVE-LEMMA EXT-SUBCASE-PROOF2-PROVES (REWRITE) (IMPLIES (AND (MEMBER (P 1 2) SYMBOLS) (TERMP (LIST X Y Z) 1 SYMBOLS)) (PROVES (EXT-SUBCASE-PROOF2 X Y Z) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (ISIN Z Y) (ISIN Z X))) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (F-EQUAL X Y) (F-IFF (ISIN Z X) (ISIN Z Y))))) (EXP (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (ISIN Z Y) (ISIN Z X)))) (PFLIST (LIST (EXT-CASE-PROOF X Y Z))))))) (TOGGLE G0737 EXT-SUBCASE-PROOF2 T) (DEFN Z-TRICH-NUMERAL-PROOF (X Y Z) (IF (ZEROP X) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN Y (PHI)))) (Z-TRICH1 (PHI) Y Z) (LIST (NULL-AXIOM-PROOF Y))) (CHAIN-OR-PROOF (F-AND (ISIN Y (Z-SUCC (NUMERAL (SUB1 X)))) (ISIN Z (Z-SUCC (NUMERAL (SUB1 X))))) (F-AND (F-EQUAL Y (NUMERAL (SUB1 X))) (F-EQUAL Z (NUMERAL (SUB1 X)))) (F-OR (F-AND (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))) (F-OR (F-AND (F-EQUAL Z (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (F-AND (ISIN Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))))) (F-OR (F-EQUAL Y Z) (F-OR (ISIN Y Z) (ISIN Z Y))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN Y (Z-SUCC (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X))))) (F-IMPLIES (ISIN Z (Z-SUCC (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Z (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))))) (F-IMPLIES (F-AND (ISIN Y (Z-SUCC (NUMERAL (SUB1 X)))) (ISIN Z (Z-SUCC (NUMERAL (SUB1 X))))) (F-OR (F-AND (F-EQUAL Y (NUMERAL (SUB1 X))) (F-EQUAL Z (NUMERAL (SUB1 X)))) (F-OR (F-AND (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))) (F-OR (F-AND (F-EQUAL Z (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (F-AND (ISIN Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))))))) (LIST (IN-Z-SUCC-PROOF1 (NUMERAL (SUB1 X)) Y) (IN-Z-SUCC-PROOF1 (NUMERAL (SUB1 X)) Z))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL Y (NUMERAL (SUB1 X))) (F-IMPLIES (F-EQUAL Z (NUMERAL (SUB1 X))) (F-EQUAL Y Z)))) (F-IMPLIES (F-AND (F-EQUAL Y (NUMERAL (SUB1 X))) (F-EQUAL Z (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Y Z) (F-OR (ISIN Y Z) (ISIN Z Y)))) (LIST (TRANS-EQUAL-PROOF2 Y (NUMERAL (SUB1 X)) Z))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL Y (NUMERAL (SUB1 X))) (F-IMPLIES (ISIN Z (NUMERAL (SUB1 X))) (ISIN Z Y))) (F-IMPLIES (F-EQUAL Z (NUMERAL (SUB1 X))) (F-IMPLIES (ISIN Y (NUMERAL (SUB1 X))) (ISIN Y Z))) (F-IMPLIES (F-AND (ISIN Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))) (F-OR (F-EQUAL Y Z) (F-OR (ISIN Y Z) (ISIN Z Y))))) (F-IMPLIES (F-OR (F-AND (F-EQUAL Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))) (F-OR (F-AND (F-EQUAL Z (NUMERAL (SUB1 X))) (ISIN Y (NUMERAL (SUB1 X)))) (F-AND (ISIN Y (NUMERAL (SUB1 X))) (ISIN Z (NUMERAL (SUB1 X)))))) (F-OR (F-EQUAL Y Z) (F-OR (ISIN Y Z) (ISIN Z Y)))) (LIST (EXT-SUBCASE-PROOF2 Y (NUMERAL (SUB1 X)) Z) (EXT-SUBCASE-PROOF2 Z (NUMERAL (SUB1 X)) Y) (Z-TRICH-NUMERAL-PROOF (SUB1 X) Y Z)))))) ;;;;;;; |- "((y in |X|) ^ (z in |X|)) -> ((y = z) ^ ((y in z) v (z in y)))". (PROVE-LEMMA Z-TRICH-NUMERAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST Y Z) 1 SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS)) (PROVES (Z-TRICH-NUMERAL-PROOF X Y Z) (F-IMPLIES (F-AND (ISIN Y (NUMERAL X)) (ISIN Z (NUMERAL X))) (F-OR (F-EQUAL Y Z) (F-OR (ISIN Y Z) (ISIN Z Y)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0738 Z-TRICH-NUMERAL-PROOF T) (DEFN IND-AXIOM-CASE-PROOF (FORM X PFBASE PFIND) (TAUTCONSEQ-PROOF (LIST (SUBST FORM X (PHI) 0) (FORALL X (F-IMPLIES (F-AND (Z-INT X) FORM) (SUBST FORM X (Z-SUCC X) 0))) (IND-AXIOM FORM X) (F-IMPLIES (FORALL X (F-IMPLIES (Z-INT X) FORM)) (F-IMPLIES (Z-INT X) FORM))) (F-IMPLIES (Z-INT X) FORM) (LIST PFBASE (GENERALISE-PROOF X (F-IMPLIES (F-AND (Z-INT X) FORM) (SUBST FORM X (Z-SUCC X) 0)) PFIND) (IND-AXIOM-PROOF FORM X) (ALL-ELIM-PROOF X (F-IMPLIES (Z-INT X) FORM))))) ;;;;;;; If |- "A[|0|]" and |- "((I x) ^ A[x]) -> A[(S x)]", then ;;;;;;; |- "(I x) -> A[x]". (PROVE-LEMMA IND-AXIOM-CASE (REWRITE) (IMPLIES (AND (VARIABLE X) (SUBSET (LIST (FN 3 1) (FN 0 0)) SYMBOLS) (FORMULA (F-IMPLIES (Z-INT X) FORM) SYMBOLS) (PROVES PFBASE (SUBST FORM X (PHI) 0) GIVEN DEFNS SYMBOLS) (PROVES PFIND (F-IMPLIES (F-AND (Z-INT X) FORM) (SUBST FORM X (Z-SUCC X) 0)) GIVEN DEFNS SYMBOLS)) (PROVES (IND-AXIOM-CASE-PROOF FORM X PFBASE PFIND) (F-IMPLIES (Z-INT X) FORM) GIVEN DEFNS SYMBOLS))) (TOGGLE G0422 IND-AXIOM-CASE-PROOF T) (PROVE-LEMMA ATOMP-Z-INT (REWRITE) (EQUAL (ATOMP (Z-INT X) SYMBOLS) (AND (MEMBER (P 2 1) SYMBOLS) (TERMP X 0 SYMBOLS)))) (PROVE-LEMMA FORMULA-Z-INT (REWRITE) (EQUAL (FORMULA (Z-INT X) SYMBOLS) (AND (MEMBER (P 2 1) SYMBOLS) (TERMP X 0 SYMBOLS)))) (DEFN PHI-IN-INT-PROOF (X) (IND-AXIOM-CASE-PROOF (F-OR (F-EQUAL (PHI) X) (ISIN (PHI) X)) X (RT-EXPAN-PROOF (F-EQUAL (PHI) (PHI)) (ISIN (PHI) (PHI)) (IDENT-AXIOM-PROOF (PHI))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-OR (F-EQUAL (PHI) X) (ISIN (PHI) X)) (ISIN (PHI) (Z-SUCC X)))) (F-IMPLIES (F-AND (Z-INT X) (F-OR (F-EQUAL (PHI) X) (ISIN (PHI) X))) (F-OR (F-EQUAL (PHI) (Z-SUCC X)) (ISIN (PHI) (Z-SUCC X)))) (LIST (IFF-SPLIT-PROOF2 (ISIN (PHI) (Z-SUCC X)) (F-OR (F-EQUAL (PHI) X) (ISIN (PHI) X)) (IN-Z-SUCC-PROOF X (PHI))))))) ;;;;;;; |- "(I x) -> ((|0| = x) v (|0| in x))". This is the only proof ;;;;;;;in this sequence of events in which the induction axiom schema of Z2 is employed. (PROVE-LEMMA PHI-IN-INT-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (MEMBER (P 2 1) SYMBOLS) (EQUAL CONCL (F-IMPLIES (Z-INT X) (F-OR (F-EQUAL (PHI) X) (ISIN (PHI) X))))) (PROVES (PHI-IN-INT-PROOF X) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-INT))) (TOGGLE G0426 PHI-IN-INT-PROOF T) (DEFN EXT-NOT-EQUAL-PROOF (X Y D PFX PFY) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X Y) (ISIN D X)) (F-NOT (ISIN D X))) (F-NOT (F-EQUAL X Y)) (LIST (EXT-AXIOM-EQ-ELIM2-PROOF X Y D PFY) PFX))) ;;;;;;; If |-"(not (d in x))" and |- "(d in y)", then |-"(not (x = y))". (PROVE-LEMMA EXT-NOT-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP D 0 SYMBOLS) (MEMBER (P 1 2) SYMBOLS) (PROVES PFX (F-NOT (ISIN D X)) GIVEN DEFNS SYMBOLS) (PROVES PFY (ISIN D Y) GIVEN DEFNS SYMBOLS)) (PROVES (EXT-NOT-EQUAL-PROOF X Y D PFX PFY) (F-NOT (F-EQUAL X Y)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0427 EXT-NOT-EQUAL-PROOF T) (TOGGLE G0428 Z-OPAIR NIL) (DEFN PHI-NOT-IN-OPAIR-PROOF (U V) (AND-JOIN-PROOF (F-NOT (F-EQUAL (PHI) (Z-OPAIR U V))) (F-NOT (ISIN (PHI) (Z-OPAIR U V))) (EXT-NOT-EQUAL-PROOF (PHI) (Z-OPAIR U V) (Z-SING U) (NULL-AXIOM-PROOF (Z-SING U)) (ISIN-PAIR1-PROOF (Z-SING U) (Z-PAIR U V))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN (PHI) (Z-OPAIR U V)) (F-OR (F-EQUAL (PHI) (Z-SING U)) (F-EQUAL (PHI) (Z-PAIR U V)))) (F-NOT (F-EQUAL (PHI) (Z-SING U))) (F-NOT (F-EQUAL (PHI) (Z-PAIR U V)))) (F-NOT (ISIN (PHI) (Z-OPAIR U V))) (LIST (IFF-SPLIT-PROOF1 (ISIN (PHI) (Z-OPAIR U V)) (F-OR (F-EQUAL (PHI) (Z-SING U)) (F-EQUAL (PHI) (Z-PAIR U V))) (PAIR-AXIOM-PROOF (PHI) (Z-SING U) (Z-PAIR U V))) (EXT-NOT-EQUAL-PROOF (PHI) (Z-SING U) U (NULL-AXIOM-PROOF U) (ISIN-SING1-PROOF U)) (EXT-NOT-EQUAL-PROOF (PHI) (Z-PAIR U V) U (NULL-AXIOM-PROOF U) (ISIN-PAIR1-PROOF U V)))))) ;;;;;;; |- "((not (|0| in )) ^ (not (|0| in )))". (PROVE-LEMMA PHI-NOT-IN-OPAIR-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 0 0) (P 1 2) (FN 1 2)) SYMBOLS) (TERMP U 0 SYMBOLS) (TERMP V 0 SYMBOLS) (EQUAL CONCL (F-AND (F-NOT (F-EQUAL (PHI) (Z-OPAIR U V))) (F-NOT (ISIN (PHI) (Z-OPAIR U V)))))) (PROVES (PHI-NOT-IN-OPAIR-PROOF U V) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0429 PHI-NOT-IN-OPAIR-PROOF T) (TOGGLE G0430 Z-OPAIR T) (DEFN NOT-INT-OPAIR-PROOF (U V X) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (Z-INT (Z-OPAIR U V)) (F-OR (F-EQUAL (PHI) (Z-OPAIR U V)) (ISIN (PHI) (Z-OPAIR U V)))) (F-AND (F-NOT (F-EQUAL (PHI) (Z-OPAIR U V))) (F-NOT (ISIN (PHI) (Z-OPAIR U V))))) (F-NOT (Z-INT (Z-OPAIR U V))) (LIST (SUBST-RULE-PROOF (F-IMPLIES (Z-INT X) (F-OR (F-EQUAL (PHI) X) (ISIN (PHI) X))) X (Z-OPAIR U V) (PHI-IN-INT-PROOF X)) (PHI-NOT-IN-OPAIR-PROOF U V)))) ;;;;;;; |- "(not (I ))". (PROVE-LEMMA NOT-INT-OPAIR-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE X) (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (MEMBER (P 2 1) SYMBOLS) (TERMP U 0 SYMBOLS) (TERMP V 0 SYMBOLS)) (PROVES (NOT-INT-OPAIR-PROOF U V X) (F-NOT (Z-INT (Z-OPAIR U V))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0868 NOT-INT-OPAIR-PROOF T) (DEFN Z-TRICH (X V1 V2) (FORALL V1 (FORALL V2 (Z-TRICH1 X V1 V2)))) (DEFN Z-INT-DEFN (X Y Z) (F-AND (Z-TRANS X Y Z) (Z-TRICH X Y Z))) (TOGGLE G0609 PRED-DEFN-PROOF T) (PROVE-LEMMA SUBST-F-IFF (REWRITE) (EQUAL (SUBST (F-IFF X Y) VAR TERM 0) (F-IFF (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0))) ((ENABLE F-IFF))) (TOGGLE G0872 Z-TRANS NIL) (PROVE-LEMMA SUBSET-DEL (REWRITE) (IMPLIES (VARIABLE X) (EQUAL (SUBSET (DEL X Y) Z) (SUBSET Y (CONS X Z))))) (DEFN Z-INT-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (F-IFF (Z-INT 0) (Z-INT-DEFN 0 1 2)) 0 TERM (PRED-DEFN-PROOF (P 2 1) (LIST 0) (Z-INT-DEFN 0 1 2)))) (TOGGLE G0613 NOT-MEMBER-VARLIST T) (DEFN Z-INT-HYPS (DEFNS SYMBOLS) (AND (MEMBER (P 1 2) (REST-OF (P 2 1) SYMBOLS)) (EQUAL (ASSOC (P 2 1) DEFNS) (Z-INT-DEFN 0 1 2)))) (PROVE-LEMMA Z-INT-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP TERM 0 SYMBOLS) (SUBSET (LIST (P 1 2) (P 2 1)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (NIL-INTERSECT (LIST 1 2) (COLLECT-FREE TERM 0))) (PROVES (Z-INT-DEFN-PROOF TERM) (F-IFF (Z-INT TERM) (F-AND (Z-TRANS TERM 1 2) (Z-TRICH TERM 1 2))) GIVEN DEFNS SYMBOLS)) ((DISABLE NOT-FREE-COVERING))) (TOGGLE G0639 Z-INT-DEFN-PROOF T) (PROVE-LEMMA COVERING-NUMERAL (REWRITE) (EQUAL (COVERING (NUMERAL X) VAR 0) NIL)) (DEFN Z-INT-NUMERAL-PROOF (X) (F-IFF-MP-PROOF2 (Z-INT (NUMERAL X)) (F-AND (Z-TRANS (NUMERAL X) 1 2) (Z-TRICH (NUMERAL X) 1 2)) (Z-INT-DEFN-PROOF (NUMERAL X)) (AND-JOIN-PROOF (Z-TRANS (NUMERAL X) 1 2) (Z-TRICH (NUMERAL X) 1 2) (GENERALISE-PROOF 1 (FORALL 2 (Z-TRANS1 (NUMERAL X) 1 2)) (GENERALISE-PROOF 2 (Z-TRANS1 (NUMERAL X) 1 2) (Z-TRANS-NUMERAL-PROOF X 1 2))) (GENERALISE-PROOF 1 (FORALL 2 (Z-TRICH1 (NUMERAL X) 1 2)) (GENERALISE-PROOF 2 (Z-TRICH1 (NUMERAL X) 1 2) (Z-TRICH-NUMERAL-PROOF X 1 2)))))) (TOGGLE G0744 Z-INT-DEFN T) (TOGGLE G0614 Z-INT-HYPS T) ;;;;;;; |- "(I |X|)". At this point we are overloading our notation. Though |X| ;;;;;;;appears in quotes, it denotes the numeral which is the result of ;;;;;;;evaluating |X| for the given X. So the metatheorem is that "(I |X|)" is ;;;;;;;a Z2 theorem for any X. (PROVE-LEMMA Z-INT-NUMERAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 2 1) (P 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS)) (PROVES (Z-INT-NUMERAL-PROOF X) (Z-INT (NUMERAL X)) GIVEN DEFNS SYMBOLS)) ((DISABLE NUMERAL) (USE (Z-INT-DEFN-PROOF-PROVES (TERM (NUMERAL X)))))) (TOGGLE G0906 Z-INT-NUMERAL-PROOF T) (PROVE-LEMMA COVERING-Z-INT (REWRITE) (EQUAL (COVERING (Z-INT X) VAR 0) (COVERING (LIST X) VAR 1))) (PROVE-LEMMA COLLECT-Z-INT (REWRITE) (EQUAL (COLLECT-FREE (Z-INT X) 0) (COLLECT-FREE (LIST X) 1))) (PROVE-LEMMA SUBST-Z-INT (REWRITE) (EQUAL (SUBST (Z-INT X) VAR TERM 0) (Z-INT (SUBST X VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-INT (REWRITE) (EQUAL (PARALLEL-SUBST (Z-INT X) VAR TERM 0) (Z-INT (PARALLEL-SUBST X VAR TERM 0)))) (TOGGLE G0907 Z-INT T) (DEFN Z-CAR (X) (LIST (FN 4 1) X)) (DEFN Z-CDR (X) (LIST (FN 5 1) X)) (TOGGLE G0628 Z-OPAIR NIL) (PROVE-LEMMA COVERING-Z-OPAIR (REWRITE) (EQUAL (COVERING (Z-OPAIR X Y) VAR 0) (COVERING (LIST (Z-SING X) (Z-PAIR X Y)) VAR 1))) (PROVE-LEMMA SUBST-Z-OPAIR (REWRITE) (EQUAL (SUBST (Z-OPAIR X Y) VAR TERM 0) (Z-OPAIR (SUBST X VAR TERM 0) (SUBST Y VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-OPAIR (REWRITE) (EQUAL (PARALLEL-SUBST (Z-OPAIR X Y) VARS TERMS 0) (Z-OPAIR (PARALLEL-SUBST X VARS TERMS 0) (PARALLEL-SUBST Y VARS TERMS 0)))) (TOGGLE G0608 Z-OPAIR T) (DEFN Z-CAR-UNIQUE-STEP1-PROOF (X Y Y1 Z Z1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL (Z-OPAIR Y Z) (Z-OPAIR Y1 Z1)))) (F-IMPLIES (F-EQUAL (Z-OPAIR Y Z) (Z-OPAIR Y1 Z1)) (F-EQUAL Y Y1))) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Y Y1))) (LIST (TRANS-EQUAL-PROOF1 (Z-OPAIR Y Z) X (Z-OPAIR Y1 Z1)) (Z-CAR-UNIQUE-PROOF Y Z Y1 Z1)))) ;;;;;;; |- "(x = ) -> ((x = ) -> (y = y1))". (PROVE-LEMMA Z-CAR-UNIQUE-STEP1-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y Y1 Z Z1) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CAR-UNIQUE-STEP1-PROOF X Y Y1 Z Z1) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Y Y1))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0630 Z-CAR-UNIQUE-STEP1-PROOF T) (DEFN Z-CAR-UNIQUE-STEP2-PROOF (X Y Y1 Z Z1) (FORSOME-INTRO-PROOF Z (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Y Y1)) (CHAIN-PROOF (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Y Y1)) (LIST (FORALL Z1 (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Y Y1))) (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (FORSOME Z1 (F-EQUAL Y Y1)))) (LIST (FORALL-INTRO-PROOF (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Y Y1)) Z1 (Z-CAR-UNIQUE-STEP1-PROOF X Y Y1 Z Z1)) (FORALL-OVER-IMPLIES-PROOF Z1 (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Y Y1)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME Z1 (F-EQUAL Y Y1)) (F-EQUAL Y Y1))) (F-IMPLIES (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (FORSOME Z1 (F-EQUAL Y Y1))) (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Y Y1))) (LIST (FORSOME-INTRO-PROOF Z1 (F-EQUAL Y Y1) (F-EQUAL Y Y1) (PROP-AXIOM-PROOF (F-EQUAL Y Y1))))))))) (PROVE-LEMMA Z-CAR-UNIQUE-STEP2-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST Y Y1 Z Z1) 4) (TERMP X 0 SYMBOLS) (NIL-INTERSECT (LIST Z Z1) (COLLECT-FREE X 0)) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CAR-UNIQUE-STEP2-PROOF X Y Y1 Z Z1) (F-IMPLIES (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Y Y1))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0637 Z-CAR-UNIQUE-STEP2-PROOF T) (PROVE-LEMMA SUBST-SUBST (REWRITE) (IMPLIES (AND (NOT (MEMBER Y (COLLECT-FREE EXP FLG))) (FREE-FOR EXP X Y FLG) (VARIABLE X) (VARIABLE Y)) (EQUAL (SUBST (SUBST EXP X Y FLG) Y X FLG) EXP))) (PROVE-LEMMA NOT-FREE-SUBST (REWRITE) (IMPLIES (NOT (MEMBER X (COLLECT-FREE TERM 0))) (NOT (MEMBER X (COLLECT-FREE (SUBST EXP X TERM FLG) FLG))))) (DEFN RENAME-BNDVAR-PROOF (X Y EXP) (FORSOME-INTRO-PROOF X (SUBST (SUBST EXP X Y 0) Y X 0) (FORSOME Y (SUBST EXP X Y 0)) (SUBST-AXIOM-PROOF (SUBST EXP X Y 0) Y X))) (PROVE-LEMMA RENAME-BNDVAR-PROOF-PROVES (REWRITE) (IMPLIES (AND (NOT (MEMBER Y (COLLECT-FREE EXP 0))) (FREE-FOR EXP X Y 0) (FORMULA EXP SYMBOLS) (VAR-SET (LIST X Y) 2) (EQUAL EXP-INST (SUBST EXP X Y 0))) (PROVES (RENAME-BNDVAR-PROOF X Y EXP) (F-IMPLIES (FORSOME X EXP) (FORSOME Y EXP-INST)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0640 RENAME-BNDVAR-PROOF T) (DEFN Z-CAR-UNIQUENESS-CASE-PROOF (X Y Y1 Z Z1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME Z (F-EQUAL X (Z-OPAIR Y1 Z))) (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1)))) (F-IMPLIES (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (F-IMPLIES (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Y Y1)))) (F-IMPLIES (F-AND (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (FORSOME Z (F-EQUAL X (Z-OPAIR Y1 Z)))) (F-EQUAL Y Y1)) (LIST (RENAME-BNDVAR-PROOF Z Z1 (F-EQUAL X (Z-OPAIR Y1 Z))) (Z-CAR-UNIQUE-STEP2-PROOF X Y Y1 Z Z1)))) (PROVE-LEMMA Z-CAR-UNIQUENESS-CASE-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST Y Y1 Z Z1) 4) (NIL-INTERSECT (LIST Z Z1) (COLLECT-FREE X 0)) (TERMP X 0 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CAR-UNIQUENESS-CASE-PROOF X Y Y1 Z Z1) (F-IMPLIES (F-AND (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (FORSOME Z (F-EQUAL X (Z-OPAIR Y1 Z)))) (F-EQUAL Y Y1)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0645 Z-CAR-UNIQUENESS-CASE-PROOF T) ;;;;;;;The definition of the Z2 analogue of CAR. (DEFN Z-CAR-DEFN (X Y Y1 Z) (F-IF (FORSOME Y1 (FORSOME Z (F-EQUAL X (Z-OPAIR Y1 Z)))) (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (F-EQUAL Y (PHI)))) ;;;;;;;The existence part of the admissibility proof of "(Z-car x)". (DEFN Z-CAR-EXIS-PROOF (X Y Z) (FORSOME-F-IF-CASE-PROOF Y (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z)))) (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (F-EQUAL Y (PHI)) (PROP-AXIOM-PROOF (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))))) (TAUTCONSEQ-PROOF (LIST (FORSOME Y (F-EQUAL Y (PHI)))) (F-IMPLIES (F-NOT (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))))) (FORSOME Y (F-EQUAL Y (PHI)))) (LIST (EXIS-FUN-INTRO-PROOF Y (PHI)))))) (PROVE-LEMMA Z-CAR-EXIS-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST Y Z) 2) (SUBSET (LIST (FN 0 0) (FN 1 2)) SYMBOLS) (TERMP X 0 SYMBOLS) (EQUAL CONCL (FORSOME Y (Z-CAR-DEFN X Y Y Z)))) (PROVES (Z-CAR-EXIS-PROOF X Y Z) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0646 Z-CAR-EXIS-PROOF T) ;;;;;;;The uniqueness part of the admissibility proof of "(Z-car x)". (DEFN Z-CAR-UNIQUENESS-PROOF (X Y Y1 Z Z1) (UNIQUE-F-IF-PROOF (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z)))) (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z))) (FORSOME Z (F-EQUAL X (Z-OPAIR Y1 Z))) (F-EQUAL Y (PHI)) (F-EQUAL Y1 (PHI)) (F-EQUAL Y Y1) (Z-CAR-UNIQUENESS-CASE-PROOF X Y Y1 Z Z1) (UNIQUE-FUN-INTRO-PROOF Y Y1 (PHI)))) (DEFN Z-CAR-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-CAR-DEFN 0 (Z-CAR 0) 1 2) 0 TERM (FUN-DEFN-PROOF (FN 4 1) (LIST 0) 1 3 (Z-CAR-DEFN 0 1 1 2) (Z-CAR-EXIS-PROOF 0 1 2) (Z-CAR-UNIQUENESS-PROOF 0 1 3 2 4)))) (TOGGLE G0648 NOT-MEMBER-DELETE-EQUALS T) (PROVE-LEMMA COVERING-FORSOME (REWRITE) (IMPLIES (VARIABLE X) (EQUAL (COVERING (FORSOME X Y) VAR 0) (IF (MEMB VAR (COLLECT-FREE (FORSOME X Y) 0)) (CONS X (COVERING Y VAR 0)) NIL)))) (DEFN Z-CAR-HYPS (DEFNS SYMBOLS) (AND (SUBSET (LIST (P 1 2) (FN 1 2) (FN 0 0)) (REST-OF (FN 4 1) SYMBOLS)) (EQUAL (ASSOC (FN 4 1) DEFNS) (Z-CAR-DEFN 0 (Z-CAR 0) 1 2)))) ;;;;;;;The admissibility of "(Z-car x)". (PROVE-LEMMA Z-CAR-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 4 1) (P 1 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (EQUAL (COLLECT-FREE TERM 0) NIL) (EQUAL CONCL (Z-CAR-DEFN TERM (Z-CAR TERM) 1 2))) (PROVES (Z-CAR-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS)) ((USE (Z-CAR-EXIS-PROOF-PROVES (X 0) (Y 1) (Z 2) (SYMBOLS (REST-OF (FN 4 1) SYMBOLS)))) )) (TOGGLE G0649 Z-CAR-DEFN-PROOF T) (TOGGLE G0678 Z-CAR-HYPS T) (DEFN Z-CDR-UNIQUE-STEP1-PROOF (X Y Y1 Z Z1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL (Z-OPAIR Y Z) (Z-OPAIR Y1 Z1)))) (F-IMPLIES (F-EQUAL (Z-OPAIR Y Z) (Z-OPAIR Y1 Z1)) (F-EQUAL Z Z1))) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Z Z1))) (LIST (TRANS-EQUAL-PROOF1 (Z-OPAIR Y Z) X (Z-OPAIR Y1 Z1)) (Z-CDR-UNIQUE-PROOF Y Z Y1 Z1)))) (PROVE-LEMMA Z-CDR-UNIQUE-STEP1-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP (LIST X Y Y1 Z Z1) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CDR-UNIQUE-STEP1-PROOF X Y Y1 Z Z1) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Z Z1))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0647 Z-CDR-UNIQUE-STEP1-PROOF T) (DEFN Z-CDR-UNIQUE-STEP2-PROOF (X Y Y1 Z Z1) (FORSOME-INTRO-PROOF Y (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Z Z1)) (CHAIN-PROOF (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Z Z1)) (LIST (FORALL Y1 (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Z Z1))) (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (FORSOME Y1 (F-EQUAL Z Z1)))) (LIST (FORALL-INTRO-PROOF (F-EQUAL X (Z-OPAIR Y Z)) (F-IMPLIES (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Z Z1)) Y1 (Z-CDR-UNIQUE-STEP1-PROOF X Y Y1 Z Z1)) (FORALL-OVER-IMPLIES-PROOF Y1 (F-EQUAL X (Z-OPAIR Y1 Z1)) (F-EQUAL Z Z1)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME Y1 (F-EQUAL Z Z1)) (F-EQUAL Z Z1))) (F-IMPLIES (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (FORSOME Y1 (F-EQUAL Z Z1))) (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Z Z1))) (LIST (FORSOME-INTRO-PROOF Y1 (F-EQUAL Z Z1) (F-EQUAL Z Z1) (PROP-AXIOM-PROOF (F-EQUAL Z Z1))))))))) (PROVE-LEMMA Z-CDR-UNIQUE-STEP2-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST Y Y1 Z Z1) 4) (TERMP X 0 SYMBOLS) (NIL-INTERSECT (LIST Y Y1) (COLLECT-FREE X 0)) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CDR-UNIQUE-STEP2-PROOF X Y Y1 Z Z1) (F-IMPLIES (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))) (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Z Z1))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0650 Z-CDR-UNIQUE-STEP2-PROOF T) (DEFN Z-CDR-UNIQUENESS-CASE-PROOF (X Y Y1 Z Z1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z1))) (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1)))) (F-IMPLIES (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))) (F-IMPLIES (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1))) (F-EQUAL Z Z1)))) (F-IMPLIES (F-AND (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))) (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z1)))) (F-EQUAL Z Z1)) (LIST (RENAME-BNDVAR-PROOF Y Y1 (F-EQUAL X (Z-OPAIR Y Z1))) (Z-CDR-UNIQUE-STEP2-PROOF X Y Y1 Z Z1)))) (PROVE-LEMMA Z-CDR-UNIQUENESS-CASE-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST Y Y1 Z Z1) 4) (NIL-INTERSECT (LIST Y Y1) (COLLECT-FREE X 0)) (TERMP X 0 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS)) (PROVES (Z-CDR-UNIQUENESS-CASE-PROOF X Y Y1 Z Z1) (F-IMPLIES (F-AND (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))) (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z1)))) (F-EQUAL Z Z1)) GIVEN DEFNS SYMBOLS))) ;;;;;;;The definition of the Z2 analogue of CDR, "(Z-cdr x)". (DEFN Z-CDR-DEFN (X Z Y1 Z1) (F-IF (FORSOME Z1 (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z1)))) (FORSOME Y1 (F-EQUAL X (Z-OPAIR Y1 Z))) (F-EQUAL Z (PHI)))) ;;;;;;;The existence part of the admissibility of "(Z-cdr x)". (DEFN Z-CDR-EXIS-PROOF (X Y Z) (FORSOME-F-IF-CASE-PROOF Z (FORSOME Z (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z)))) (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))) (F-EQUAL Z (PHI)) (PROP-AXIOM-PROOF (FORSOME Z (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))))) (TAUTCONSEQ-PROOF (LIST (FORSOME Z (F-EQUAL Z (PHI)))) (F-IMPLIES (F-NOT (FORSOME Z (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))))) (FORSOME Z (F-EQUAL Z (PHI)))) (LIST (EXIS-FUN-INTRO-PROOF Z (PHI)))))) (PROVE-LEMMA Z-CDR-EXIS-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST Y Z) 2) (SUBSET (LIST (FN 0 0) (FN 1 2)) SYMBOLS) (TERMP X 0 SYMBOLS)) (PROVES (Z-CDR-EXIS-PROOF X Y Z) (FORSOME Z (Z-CDR-DEFN X Z Y Z)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0651 Z-CDR-EXIS-PROOF T) ;;;;;;;The uniqueness part of the admissibility of "(Z-cdr x)". (DEFN Z-CDR-UNIQUENESS-PROOF (X Y Y1 Z Z1) (UNIQUE-F-IF-PROOF (FORSOME Z (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z)))) (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z))) (FORSOME Y (F-EQUAL X (Z-OPAIR Y Z1))) (F-EQUAL Z (PHI)) (F-EQUAL Z1 (PHI)) (F-EQUAL Z Z1) (Z-CDR-UNIQUENESS-CASE-PROOF X Y Y1 Z Z1) (UNIQUE-FUN-INTRO-PROOF Z Z1 (PHI)))) (DEFN Z-CDR-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-CDR-DEFN 0 (Z-CDR 0) 1 2) 0 TERM (FUN-DEFN-PROOF (FN 5 1) (LIST 0) 2 4 (Z-CDR-DEFN 0 2 1 2) (Z-CDR-EXIS-PROOF 0 1 2) (Z-CDR-UNIQUENESS-PROOF 0 1 3 2 4)))) (DEFN Z-CDR-HYPS (DEFNS SYMBOLS) (AND (SUBSET (LIST (P 1 2) (FN 1 2) (FN 0 0)) (REST-OF (FN 5 1) SYMBOLS)) (EQUAL (ASSOC (FN 5 1) DEFNS) (Z-CDR-DEFN 0 (Z-CDR 0) 1 2)))) ;;;;;;;The admissibility of "(Z-cdr x)". (PROVE-LEMMA Z-CDR-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (P 1 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (EQUAL (COLLECT-FREE TERM 0) NIL) (EQUAL CONCL (Z-CDR-DEFN TERM (Z-CDR TERM) 1 2))) (PROVES (Z-CDR-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS)) ((USE (Z-CDR-EXIS-PROOF-PROVES (X 0) (Y 1) (Z 2) (SYMBOLS (REST-OF (FN 5 1) SYMBOLS)))) )) (TOGGLE G0679 Z-CDR-HYPS T) (TOGGLE G0655 Z-CDR-DEFN-PROOF T) (DEFN LIST-NUM-NEQUAL-PROOF (N U V) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (NUMERAL N) (Z-OPAIR U V)) (F-IMPLIES (Z-INT (NUMERAL N)) (Z-INT (Z-OPAIR U V)))) (Z-INT (NUMERAL N)) (F-NOT (Z-INT (Z-OPAIR U V)))) (F-NOT (F-EQUAL (NUMERAL N) (Z-OPAIR U V))) (LIST (EQUAL-AXIOM2-PROOF (P 2 1) (LIST (NUMERAL N)) (LIST (Z-OPAIR U V))) (Z-INT-NUMERAL-PROOF N) (NOT-INT-OPAIR-PROOF U V 0)))) (TOGGLE G0659 Z-INT NIL) (PROVE-LEMMA EQUAL-AXIOM2-Z-INT (REWRITE) (IMPLIES (AND (TERMP (LIST X Y) 1 SYMBOLS) (MEMBER (P 2 1) SYMBOLS)) (PROVES (EQUAL-AXIOM2-PROOF (P 2 1) (LIST X) (LIST Y)) (F-IMPLIES (F-EQUAL X Y) (F-IMPLIES (Z-INT X) (Z-INT Y))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0660 Z-INT T) ;;;;;;;An important metatheorem: |- "(not (|N| = ))". (PROVE-LEMMA LIST-NUM-NEQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (MEMBER (P 2 1) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (TERMP (LIST U V) 1 SYMBOLS) (EQUAL CONCL (F-NOT (F-EQUAL (NUMERAL N) (Z-OPAIR U V))))) (PROVES (LIST-NUM-NEQUAL-PROOF N U V) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0658 LIST-NUM-NEQUAL-PROOF T) ;;;;;;;The Goedel-encoding. It takes Lisp data-structures built from numbers using ;;;;;;;CONS to sets in Z2 which are formed from numerals using ordered pairing. ;;;;;;;We represent the encoding of X as . (DEFN NCODE (X) (IF (LISTP X) (Z-OPAIR (NCODE (CAR X)) (NCODE (CDR X))) (NUMERAL X))) (PROVE-LEMMA TERMP-NCODE (REWRITE) (IMPLIES (AND (MEMBER (FN 3 1) SYMBOLS) (MEMBER (FN 1 2) SYMBOLS) (MEMBER (FN 0 0) SYMBOLS)) (TERMP (NCODE X) 0 SYMBOLS)) ((INDUCT (NCODE X)))) (PROVE-LEMMA COLLECT-FREE-NCODE (REWRITE) (EQUAL (COLLECT-FREE (NCODE X) 0) NIL)) (DEFN NCODE-EQUAL (X Y) (IF (LISTP X) (IF (LISTP Y) (AND (NCODE-EQUAL (CAR X) (CAR Y)) (NCODE-EQUAL (CDR X) (CDR Y))) F) (IF (LISTP Y) F (IF (ZEROP X) (ZEROP Y) (IF (ZEROP Y) F (NCODE-EQUAL (SUB1 X) (SUB1 Y))))))) (TOGGLE G0756 Z-TRANS T) (TOGGLE G0757 Z-TRICH T) (DEFN NCODE-NEQUAL-STEP-PROOF (X1 Y1 X Y PF1 PF2) (DETACH-PROOF (F-NOT (F-EQUAL X1 Y1)) (F-NOT (F-EQUAL X Y)) PF1 (CONTRA-POS-PROOF1 (F-EQUAL X Y) (F-EQUAL X1 Y1) PF2))) (DEFN Z-TRANS2 (X) (Z-TRANS X 1 2)) (DEFN Z-TRICH2 (X) (Z-TRICH X 1 2)) (DEFN NCODE-NEQUAL-PROOF (X Y) (IF (LISTP X) (IF (LISTP Y) (IF (NOT (NCODE-EQUAL (CAR X) (CAR Y))) (NCODE-NEQUAL-STEP-PROOF (NCODE (CAR X)) (NCODE (CAR Y)) (NCODE X) (NCODE Y) (NCODE-NEQUAL-PROOF (CAR X) (CAR Y)) (Z-CAR-UNIQUE-PROOF (NCODE (CAR X)) (NCODE (CDR X)) (NCODE (CAR Y)) (NCODE (CDR Y)))) (NCODE-NEQUAL-STEP-PROOF (NCODE (CDR X)) (NCODE (CDR Y)) (NCODE X) (NCODE Y) (NCODE-NEQUAL-PROOF (CDR X) (CDR Y)) (Z-CDR-UNIQUE-PROOF (NCODE (CAR X)) (NCODE (CDR X)) (NCODE (CAR Y)) (NCODE (CDR Y))))) (NCODE-NEQUAL-STEP-PROOF (NCODE Y) (NCODE X) (NCODE X) (NCODE Y) (LIST-NUM-NEQUAL-PROOF Y (NCODE (CAR X)) (NCODE (CDR X))) (SYMMETRY-PROOF1 (NCODE X) (NCODE Y)))) (IF (LISTP Y) (LIST-NUM-NEQUAL-PROOF X (NCODE (CAR Y)) (NCODE (CDR Y))) (IF (ZEROP X) (EXT-NOT-EQUAL-PROOF (NCODE X) (NCODE Y) (NCODE (SUB1 Y)) (NULL-AXIOM-PROOF (NCODE (SUB1 Y))) (X-IN-Z-SUCC-X-PROOF (NCODE (SUB1 Y)))) (IF (ZEROP Y) (NCODE-NEQUAL-STEP-PROOF (NCODE Y) (NCODE X) (NCODE X) (NCODE Y) (EXT-NOT-EQUAL-PROOF (NCODE Y) (NCODE X) (NCODE (SUB1 X)) (NULL-AXIOM-PROOF (NCODE (SUB1 X))) (X-IN-Z-SUCC-X-PROOF (NCODE (SUB1 X)))) (SYMMETRY-PROOF1 (NCODE X) (NCODE Y))) (TAUTCONSEQ-PROOF (LIST (Z-TRANS2 (NCODE (SUB1 X))) (Z-TRANS2 (NCODE (SUB1 Y))) (F-IMPLIES (Z-TRANS2 (NCODE (SUB1 X))) (F-IMPLIES (Z-TRANS2 (NCODE (SUB1 Y))) (F-IMPLIES (F-EQUAL (NCODE X) (NCODE Y)) (F-EQUAL (NCODE (SUB1 X)) (NCODE (SUB1 Y)))))) (F-NOT (F-EQUAL (NCODE (SUB1 X)) (NCODE (SUB1 Y))))) (F-NOT (F-EQUAL (NCODE X) (NCODE Y))) (LIST (TAUTCONSEQ-PROOF (LIST (Z-INT (NCODE (SUB1 X))) (F-IFF (Z-INT (NCODE (SUB1 X))) (F-AND (Z-TRANS2 (NCODE (SUB1 X))) (Z-TRICH2 (NCODE (SUB1 X)))))) (Z-TRANS2 (NCODE (SUB1 X))) (LIST (Z-INT-NUMERAL-PROOF (SUB1 X)) (Z-INT-DEFN-PROOF (NCODE (SUB1 X))))) (TAUTCONSEQ-PROOF (LIST (Z-INT (NCODE (SUB1 Y))) (F-IFF (Z-INT (NCODE (SUB1 Y))) (F-AND (Z-TRANS2 (NCODE (SUB1 Y))) (Z-TRICH2 (NCODE (SUB1 Y)))))) (Z-TRANS2 (NCODE (SUB1 Y))) (LIST (Z-INT-NUMERAL-PROOF (SUB1 Y)) (Z-INT-DEFN-PROOF (NCODE (SUB1 Y))))) (Z-SUCC-EQUAL-PROOF (NCODE (SUB1 X)) (NCODE (SUB1 Y)) 1 2) (NCODE-NEQUAL-PROOF (SUB1 X) (SUB1 Y))))))))) ;;;;;;;A crucial metatheorem: If X is different from Y, then |- "(not (=))". (PROVE-LEMMA NCODE-NEQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (NOT (NCODE-EQUAL X Y))) (PROVES (NCODE-NEQUAL-PROOF X Y) (F-NOT (F-EQUAL (NCODE X) (NCODE Y))) GIVEN DEFNS SYMBOLS)) ((INDUCT (NCODE-NEQUAL-PROOF X Y)))) (TOGGLE G0758 NCODE-NEQUAL-PROOF T) (PROVE-LEMMA NCODE-NEQUAL-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (NOT (NCODE-EQUAL X Y)) (EQUAL CONCL (F-NOT (F-EQUAL (NCODE X) (NCODE Y))))) (PROVES (NCODE-NEQUAL-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS)) ((USE (NCODE-NEQUAL-PROOF-PROVES)))) (TOGGLE G0760 NCODE-NEQUAL-PROOF-PROVES T) ;;;;;;;What we would like to do next is to demonstrate the admissibility of ;;;;;;;Z2 analogues of several Lisp functions which are used to define the Lisp ;;;;;;;interpreter. These include the primitive Lisp functions like LISTP, CAR, CDR, ;;;;;;;CONS, ZEROP, NUMBERP, ADD1, SUB1, and EQUAL. The definitions of these Z2 ;;;;;;;functions involve the use of the logical-if connective. For example, the ;;;;;;;definition of the analogue of CAR, "(Z-car x)", is ;;;;;;; "(if (forsome y (forsome z (x = ))) ;;;;;;; then (forsome z (x = <(Z-car x), z>)) ;;;;;;; else ((Z-car x) = |0|))". ;;;;;;;The definition of the analogue of LISTP, "(Z-listp x)", is ;;;;;;; "(if (forsome y (forsome z (x = ))) ;;;;;;; then ((Z-car x) = |1|) ;;;;;;; else ((Z-car x) = |0|))". ;;;;;;;Since we will be proving a number of metatheorem regarding the logical-if ;;;;;;;connective, it is convenient to have a representation for such expressions ;;;;;;;which is easily manipulated without having to expand the abbreviation "(if A B C)". ;;;;;;;The shell Z-IF is used to represent if-trees. (ADD-SHELL Z-IF NIL Z-IFP ((Z-TEST (NONE-OF) ZERO) (Z-LEFT (NONE-OF) ZERO) (Z-RIGHT (NONE-OF) ZERO))) ;;;;;;;TERM-Z-IF checks if every test position of the if-tree EXP is a formula, ;;;;;;;and every leaf expression is a term in which VAR does not occur free. ;;;;;;;We will call such an if-tree a `term-if-tree'. This is useful in representing ;;;;;;;a definition by cases where each case has the form "((f x) = exp)". ;;;;;;;The term-if-tree corresponding to the definition of "(Z-listp x)" is ;;;;;;;(Z-IF "(forsome y (forsome z (x = )))" |1| |0|). (DEFN TERM-Z-IF (EXP VAR SYMBOLS) (IF (Z-IFP EXP) (AND (FORMULA (Z-TEST EXP) SYMBOLS) (NOT (MEMBER VAR (COLLECT-FREE (Z-TEST EXP) 0))) (TERM-Z-IF (Z-LEFT EXP) VAR SYMBOLS) (TERM-Z-IF (Z-RIGHT EXP) VAR SYMBOLS)) (AND (TERMP EXP 0 SYMBOLS) (NOT (MEMBER VAR (COLLECT-FREE EXP 0)))))) ;;;;;;;MAKE-TERM-Z-IF makes an formula out of the term-if-tree by replacing each occurrence ;;;;;;;of Z-IF by the logical-if connective, and returning "(var = exp)" for each ;;;;;;;leaf term "exp". Thus MAKE-TERM-Z-IF applied to the term-if-tree for "Z-listp" ;;;;;;;with the variable "value" for VAR returns the definition for "Z-listp". (DEFN MAKE-TERM-Z-IF (VAR EXP) (IF (Z-IFP EXP) (F-IF (Z-TEST EXP) (MAKE-TERM-Z-IF VAR (Z-LEFT EXP)) (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP))) (F-EQUAL VAR EXP))) (DEFN TERM-Z-IF-EXIS-PROOF (VAR EXP) (IF (Z-IFP EXP) (FORSOME-F-IF-CASE-PROOF VAR (Z-TEST EXP) (MAKE-TERM-Z-IF VAR (Z-LEFT EXP)) (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP)) (TAUTCONSEQ-PROOF (LIST (FORSOME VAR (MAKE-TERM-Z-IF VAR (Z-LEFT EXP)))) (F-IMPLIES (Z-TEST EXP) (FORSOME VAR (MAKE-TERM-Z-IF VAR (Z-LEFT EXP)))) (LIST (TERM-Z-IF-EXIS-PROOF VAR (Z-LEFT EXP)))) (TAUTCONSEQ-PROOF (LIST (FORSOME VAR (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP)))) (F-IMPLIES (F-NOT (Z-TEST EXP)) (FORSOME VAR (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP)))) (LIST (TERM-Z-IF-EXIS-PROOF VAR (Z-RIGHT EXP))))) (EXIS-FUN-INTRO-PROOF VAR EXP))) (PROVE-LEMMA FORMULA-MAKE-TERM-Z-IF (REWRITE) (IMPLIES (AND (TERM-Z-IF EXP VAR SYMBOLS) (VARIABLE VAR)) (FORMULA (MAKE-TERM-Z-IF VAR EXP) SYMBOLS))) ;;;;;;;Many of the functions are defined as formulas constructed from ;;;;;;;term-if-trees generated by the Z-IF shell. The lemma below is used to ;;;;;;;carry out the existence part of the admissibility of such definitions. ;;;;;;;The crucial part in the proof of this lemma is the observation that ;;;;;;;if "value" is not free in TEST, then from ;;;;;;; "(if TEST (forsome value EXPL) (forsome value EXPR))", ;;;;;;;we can derive "(forsome value (if TEST EXPL EXPR))". (PROVE-LEMMA TERM-Z-IF-EXIS-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (TERM-Z-IF EXP VAR SYMBOLS)) (PROVES (TERM-Z-IF-EXIS-PROOF VAR EXP) (FORSOME VAR (MAKE-TERM-Z-IF VAR EXP)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0761 TERM-Z-IF-EXIS-PROOF T) (PROVE-LEMMA TERM-Z-IF-EXIS-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (VARIABLE VAR) (TERM-Z-IF EXP VAR SYMBOLS) (EQUAL CONCL (FORSOME VAR (MAKE-TERM-Z-IF VAR EXP)))) (PROVES (TERM-Z-IF-EXIS-PROOF VAR EXP) CONCL GIVEN DEFNS SYMBOLS)) ((USE (TERM-Z-IF-EXIS-PROOF-PROVES)))) (TOGGLE G0762 TERM-Z-IF-EXIS-PROOF-PROVES T) ;;;;;;;We would now like to show for example that the definition of "Z-listp" ;;;;;;;does in fact make it the Z2 analogue of the Lisp function LISTP. ;;;;;;;That is |- "((Z-listp ) = <(BOOL-FIX (LISTP X))>)", ;;;;;;;where BOOL-FIX converts F to 0, and T to 1. Again, we overload the notation ;;;;;;;by permitting Lisp functions within quotes to denote their values. ;;;;;;;The predicate PROVES-Z-IF ;;;;;;;requires careful explanation. Its first argument PF-TREE is a proof-tree ;;;;;;;that mimics the structure of the if-tree EXP. A proof-tree is of the ;;;;;;;form: < proof-tree-left proof-tree-right>. ;;;;;;;PROVES-Z-IF checks that when EXP is of the form (Z-IF test left right), ;;;;;;;then if cond is T, proof1 is a proof of test, and proof-tree-left is ;;;;;;;the proof-tree corresponding to left; and if cond is F, then proof2 is ;;;;;;;a proof of the negation of test, and proof-tree-right is the proof-tree ;;;;;;;corresponding to right. In the base case, PROVES-Z-IF checks that PF-TREE ;;;;;;;is a proof of "(EXP = VAL)". Once this has been checked, we can later evaluate ;;;;;;;the term-if-tree in terms of the values of the leaf nodes by constructing the ;;;;;;;appropriate proof-tree. (DEFN PROVES-Z-IF (PF-TREE EXP VAR VAL GIVEN DEFNS SYMBOLS) (IF (Z-IFP EXP) (IF (CAAR PF-TREE) (AND (PROVES (CADAR PF-TREE) (Z-TEST EXP) GIVEN DEFNS SYMBOLS) (PROVES-Z-IF (CADR PF-TREE) (Z-LEFT EXP) VAR VAL GIVEN DEFNS SYMBOLS)) (AND (PROVES (CADDAR PF-TREE) (F-NOT (Z-TEST EXP)) GIVEN DEFNS SYMBOLS) (PROVES-Z-IF (CADDR PF-TREE) (Z-RIGHT EXP) VAR VAL GIVEN DEFNS SYMBOLS))) (PROVES PF-TREE (F-EQUAL EXP VAL) GIVEN DEFNS SYMBOLS))) (DEFN Z-IF-EVAL-PROOF (PF-TREE EXP VAR VAL) (IF (Z-IFP EXP) (IF (CAAR PF-TREE) (CHAIN-PROOF (MAKE-TERM-Z-IF VAR EXP) (F-EQUAL VAR VAL) (LIST (MAKE-TERM-Z-IF VAR (Z-LEFT EXP))) (LIST (F-IF-ELIM-PROOF1 (Z-TEST EXP) (MAKE-TERM-Z-IF VAR (Z-LEFT EXP)) (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP)) (CADAR PF-TREE)) (Z-IF-EVAL-PROOF (CADR PF-TREE) (Z-LEFT EXP) VAR VAL))) (CHAIN-PROOF (MAKE-TERM-Z-IF VAR EXP) (F-EQUAL VAR VAL) (LIST (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP))) (LIST (F-IF-ELIM-PROOF2 (Z-TEST EXP) (MAKE-TERM-Z-IF VAR (Z-LEFT EXP)) (MAKE-TERM-Z-IF VAR (Z-RIGHT EXP)) (CADDAR PF-TREE)) (Z-IF-EVAL-PROOF (CADDR PF-TREE) (Z-RIGHT EXP) VAR VAL)))) (DETACH-PROOF (F-EQUAL EXP VAL) (F-IMPLIES (F-EQUAL VAR EXP) (F-EQUAL VAR VAL)) PF-TREE (DETACH-PROOF (F-EQUAL VAR VAR) (F-IMPLIES (F-EQUAL EXP VAL) (F-IMPLIES (F-EQUAL VAR EXP) (F-EQUAL VAR VAL))) (IDENT-AXIOM-PROOF VAR) (EQUAL-AXIOM2-PROOF (P 0 2) (LIST VAR EXP) (LIST VAR VAL)))))) (PROVE-LEMMA FORMULA-MAKE-TERM-Z-IF-AGAIN (REWRITE) (IMPLIES (AND (TERM-Z-IF EXP VAR SYMBOLS) (TERMP VAR 0 SYMBOLS)) (FORMULA (MAKE-TERM-Z-IF VAR EXP) SYMBOLS))) ;;;;;;;If each leaf term "exp" in EXP has VAL ;;;;;;;as its value (this is checked by PROVES-Z-IF), then the if-expression ;;;;;;;which has "(var = exp)" for each leaf term "exp" in EXP can be proved ;;;;;;;to imply "(var = VAL)". (PROVE-LEMMA Z-IF-EVAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERM-Z-IF EXP VAR SYMBOLS) (TERMP (LIST VAR VAL) 1 SYMBOLS) (PROVES-Z-IF PF-TREE EXP VAR VAL GIVEN DEFNS SYMBOLS)) (PROVES (Z-IF-EVAL-PROOF PF-TREE EXP VAR VAL) (F-IMPLIES (MAKE-TERM-Z-IF VAR EXP) (F-EQUAL VAR VAL)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0765 Z-IF-EVAL-PROOF T) (DEFN Z-IF-EVAL-PROOF1 (PF-TREE EXP VAR VAL PF) (DETACH-PROOF (MAKE-TERM-Z-IF VAR EXP) (F-EQUAL VAR VAL) PF (Z-IF-EVAL-PROOF PF-TREE EXP VAR VAL))) (PROVE-LEMMA Z-IF-EVAL-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (TERM-Z-IF EXP VAR SYMBOLS) (TERMP (LIST VAR VAL) 1 SYMBOLS) (PROVES-Z-IF PF-TREE EXP VAR VAL GIVEN DEFNS SYMBOLS) (PROVES PF (MAKE-TERM-Z-IF VAR EXP) GIVEN DEFNS SYMBOLS)) (PROVES (Z-IF-EVAL-PROOF1 PF-TREE EXP VAR VAL PF) (F-EQUAL VAR VAL) GIVEN DEFNS SYMBOLS))) (TOGGLE G0766 Z-IF-EVAL-PROOF1 T) (DEFN STACK-AND-IMPLIES (EXP HYPS) (IF (LISTP HYPS) (F-IMPLIES (LIST-F-AND HYPS) EXP) EXP)) (DEFN FORM-Z-IF-EXIS-STEP-PROOF (TEST LEFT RIGHT VAR TESTS PF1 PF2) (TAUTCONSEQ-PROOF (LIST (STACK-AND-IMPLIES (FORSOME VAR LEFT) (CONS TEST TESTS)) (STACK-AND-IMPLIES (FORSOME VAR RIGHT) (CONS (F-NOT TEST) TESTS)) (F-IMPLIES (F-IF TEST (FORSOME VAR LEFT) (FORSOME VAR RIGHT)) (FORSOME VAR (F-IF TEST LEFT RIGHT)))) (STACK-AND-IMPLIES (FORSOME VAR (F-IF TEST LEFT RIGHT)) TESTS) (LIST PF1 PF2 (FORSOME-F-IF-PROOF VAR TEST LEFT RIGHT)))) ;;;;;;;In the definitions which use term-if-trees, the existence and uniqueness of the ;;;;;;;object being defined follows from that of the leaf terms. There are other ;;;;;;;definitions where the leaf nodes of the if-trees are formulas (a `form-if-tree'), ;;;;;;;and the existence/uniqueness of the defined object in each leaf node case requires ;;;;;;;the conjunction of the tests leading up to it. The definition of "(Z-car x)", ;;;;;;; "(if (forsome y (forsome z (x = ))) ;;;;;;; then (forsome z (x = <(Z-car x), z>)) ;;;;;;; else ((Z-car x) = |0|))". ;;;;;;;is a good example of this. The lemma below combines the ;;;;;;;existence proofs in each of the left/right cases to form the existence proof ;;;;;;;for the if-subtree rooted at the corresponding test node. (PROVE-LEMMA FORM-Z-IF-EXIS-STEP-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE TEST 0))) (PROVES PF1 (STACK-AND-IMPLIES (FORSOME VAR LEFT) (CONS TEST TESTS)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (STACK-AND-IMPLIES (FORSOME VAR RIGHT) (CONS (F-NOT TEST) TESTS)) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (STACK-AND-IMPLIES (FORSOME VAR (F-IF TEST LEFT RIGHT)) TESTS))) (PROVES (FORM-Z-IF-EXIS-STEP-PROOF TEST LEFT RIGHT VAR TESTS PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (STACK-AND-IMPLIES (FORSOME VAR LEFT) (CONS TEST TESTS)))) (PROVES-IS-FORMULA (PF PF2) (EXP (STACK-AND-IMPLIES (FORSOME VAR RIGHT) (CONS (F-NOT TEST) TESTS))))) )) (TOGGLE G0769 FORM-Z-IF-EXIS-STEP-PROOF T) ;;;;;;;FORM-Z-IF checks if EXP is a form-if-tree. (DEFN FORM-Z-IF (EXP SYMBOLS) (IF (Z-IFP EXP) (AND (FORMULA (Z-TEST EXP) SYMBOLS) (FORM-Z-IF (Z-LEFT EXP) SYMBOLS) (FORM-Z-IF (Z-RIGHT EXP) SYMBOLS)) (FORMULA EXP SYMBOLS))) ;;;;;;;MAKE-FORM-Z-IF returns the if-expression represented by the form-if-tree EXP. (DEFN MAKE-FORM-Z-IF (EXP) (IF (Z-IFP EXP) (F-IF (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP))) EXP)) ;;;;;;;PROVES-FORM-Z-IF-EXIS checks that for every leaf formula in the form-if-tree EXP, ;;;;;;;PF-TREE contains a corresponding proof that the conjunction of the tests leading ;;;;;;;to that leaf node "exp" implies "(forsome var exp)". (DEFN PROVES-FORM-Z-IF-EXIS (PF-TREE EXP VAR TESTS GIVEN DEFNS SYMBOLS) (IF (Z-IFP EXP) (AND (NOT (MEMBER VAR (COLLECT-FREE (Z-TEST EXP) 0))) (PROVES-FORM-Z-IF-EXIS (CAR PF-TREE) (Z-LEFT EXP) VAR (CONS (Z-TEST EXP) TESTS) GIVEN DEFNS SYMBOLS) (PROVES-FORM-Z-IF-EXIS (CADR PF-TREE) (Z-RIGHT EXP) VAR (CONS (F-NOT (Z-TEST EXP)) TESTS) GIVEN DEFNS SYMBOLS)) (PROVES PF-TREE (STACK-AND-IMPLIES (FORSOME VAR EXP) TESTS) GIVEN DEFNS SYMBOLS))) (DEFN FORM-Z-IF-EXIS-PROOF (PF-TREE EXP VAR TESTS) (IF (Z-IFP EXP) (FORM-Z-IF-EXIS-STEP-PROOF (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) VAR TESTS (FORM-Z-IF-EXIS-PROOF (CAR PF-TREE) (Z-LEFT EXP) VAR (CONS (Z-TEST EXP) TESTS)) (FORM-Z-IF-EXIS-PROOF (CADR PF-TREE) (Z-RIGHT EXP) VAR (CONS (F-NOT (Z-TEST EXP)) TESTS))) PF-TREE)) (PROVE-LEMMA FORMULA-MAKE-FORM (REWRITE) (IMPLIES (FORM-Z-IF EXP SYMBOLS) (FORMULA (MAKE-FORM-Z-IF EXP) SYMBOLS))) ;;;;;;;The lemma below demonstrates that the existence proofs for the leaf nodes ;;;;;;;can be combined to give the existence proof for the if-expression represented ;;;;;;;by the form-if-tree EXP. (PROVE-LEMMA FORM-Z-IF-EXIS-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (VARIABLE VAR) (PROVES-FORM-Z-IF-EXIS PF-TREE EXP VAR TESTS GIVEN DEFNS SYMBOLS)) (PROVES (FORM-Z-IF-EXIS-PROOF PF-TREE EXP VAR TESTS) (STACK-AND-IMPLIES (FORSOME VAR (MAKE-FORM-Z-IF EXP)) TESTS) GIVEN DEFNS SYMBOLS))) (TOGGLE G0770 FORM-Z-IF-EXIS-PROOF T) (PROVE-LEMMA FORM-Z-IF-EXIS-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (VARIABLE VAR) (PROVES-FORM-Z-IF-EXIS PF-TREE EXP VAR TESTS GIVEN DEFNS SYMBOLS) (EQUAL CONCL (STACK-AND-IMPLIES (FORSOME VAR (MAKE-FORM-Z-IF EXP)) TESTS))) (PROVES (FORM-Z-IF-EXIS-PROOF PF-TREE EXP VAR TESTS) CONCL GIVEN DEFNS SYMBOLS)) ((USE (FORM-Z-IF-EXIS-PROOF-PROVES)))) (TOGGLE G0784 FORM-Z-IF-EXIS-PROOF-PROVES T) ;;;;;;;Next we show how definitions represented by form-if-trees are evaluated. ;;;;;;;PROVES-FORM-Z-IF-EVAL is the form-if-tree analogue of PROVES-Z-IF. ;;;;;;;The only difference is that in the base case, PROVES-FORM-Z-IF-EVAL ;;;;;;;checks if PF-TREE is a proof of "(EXP -> (LHS = VAL))". (DEFN PROVES-FORM-Z-IF-EVAL (PF-TREE EXP LHS VAL GIVEN DEFNS SYMBOLS) (IF (Z-IFP EXP) (IF (CAAR PF-TREE) (AND (PROVES (CADAR PF-TREE) (Z-TEST EXP) GIVEN DEFNS SYMBOLS) (PROVES-FORM-Z-IF-EVAL (CADR PF-TREE) (Z-LEFT EXP) LHS VAL GIVEN DEFNS SYMBOLS)) (AND (PROVES (CADDAR PF-TREE) (F-NOT (Z-TEST EXP)) GIVEN DEFNS SYMBOLS) (PROVES-FORM-Z-IF-EVAL (CADDR PF-TREE) (Z-RIGHT EXP) LHS VAL GIVEN DEFNS SYMBOLS))) (PROVES PF-TREE (F-IMPLIES EXP (F-EQUAL LHS VAL)) GIVEN DEFNS SYMBOLS))) (DEFN FORM-Z-IF-EVAL-PROOF (PF-TREE EXP LHS VAL) (IF (Z-IFP EXP) (IF (CAAR PF-TREE) (CHAIN-PROOF (MAKE-FORM-Z-IF EXP) (F-EQUAL LHS VAL) (LIST (MAKE-FORM-Z-IF (Z-LEFT EXP))) (LIST (F-IF-ELIM-PROOF1 (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (CADAR PF-TREE)) (FORM-Z-IF-EVAL-PROOF (CADR PF-TREE) (Z-LEFT EXP) LHS VAL))) (CHAIN-PROOF (MAKE-FORM-Z-IF EXP) (F-EQUAL LHS VAL) (LIST (MAKE-FORM-Z-IF (Z-RIGHT EXP))) (LIST (F-IF-ELIM-PROOF2 (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (CADDAR PF-TREE)) (FORM-Z-IF-EVAL-PROOF (CADDR PF-TREE) (Z-RIGHT EXP) LHS VAL)))) PF-TREE)) (PROVE-LEMMA FORM-Z-IF-EVAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (TERMP (LIST LHS VAL) 1 SYMBOLS) (PROVES-FORM-Z-IF-EVAL PF-TREE EXP LHS VAL GIVEN DEFNS SYMBOLS)) (PROVES (FORM-Z-IF-EVAL-PROOF PF-TREE EXP LHS VAL) (F-IMPLIES (MAKE-FORM-Z-IF EXP) (F-EQUAL LHS VAL)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0785 FORM-Z-IF-EVAL-PROOF T) (DEFN FORM-Z-IF-EVAL-PROOF1 (PF-TREE EXP LHS VAL PF) (DETACH-PROOF (MAKE-FORM-Z-IF EXP) (F-EQUAL LHS VAL) PF (FORM-Z-IF-EVAL-PROOF PF-TREE EXP LHS VAL))) ;;;;;;;Now we can show that if we have a proof-tree satisfying PROVES-FORM-Z-IF-EVAL, ;;;;;;;then we can prove that the function can be evaluated as desired, e.g., ;;;;;;;we can show that "((Z-car ) = <(CAR X)>)". (PROVE-LEMMA FORM-Z-IF-EVAL-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (TERMP (LIST LHS VAL) 1 SYMBOLS) (PROVES-FORM-Z-IF-EVAL PF-TREE EXP LHS VAL GIVEN DEFNS SYMBOLS) (PROVES PF (MAKE-FORM-Z-IF EXP) GIVEN DEFNS SYMBOLS)) (PROVES (FORM-Z-IF-EVAL-PROOF1 PF-TREE EXP LHS VAL PF) (F-EQUAL LHS VAL) GIVEN DEFNS SYMBOLS))) (TOGGLE G0786 FORM-Z-IF-EVAL-PROOF1 T) (PROVE-LEMMA NLISTP-NIL-INTERSECT (REWRITE) (IMPLIES (NLISTP Y) (NIL-INTERSECT X Y))) (PROVE-LEMMA NOT-FREE-FREE-FOR (REWRITE) (IMPLIES (NLISTP (COLLECT-FREE TERM 0)) (FREE-FOR EXP VAR TERM FLG))) (PROVE-LEMMA LISTP-APPEND (REWRITE) (EQUAL (LISTP (APPEND X Y)) (OR (LISTP X) (LISTP Y)))) (TOGGLE G0666 FREE-FOR T) (PROVE-LEMMA NOT-FREE-FOR-LIST (REWRITE) (IMPLIES (NLISTP (COLLECT-FREE TERMLIST 1)) (FREE-FOR-LIST EXP VARLIST TERMLIST))) (TOGGLE G0671 FREE-FOR-LIST T) (TOGGLE G0680 LISTP-APPEND T) (DEFN LISTP-COND-PROOF1 (X Y) (DETACH-PROOF (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR X Y)) (FORSOME 1 (FORSOME 2 (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR 1 2)))) (IDENT-AXIOM-PROOF (Z-OPAIR X Y)) (SUBST-THM-A-PROOF (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR 1 2)) (LIST 1 2) (LIST X Y)))) (PROVE-LEMMA LISTP-COND-PROOF1-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 2 1) (P 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL (COLLECT-FREE X 0) NIL) (EQUAL (COLLECT-FREE Y 0) NIL)) (PROVES (LISTP-COND-PROOF1 X Y) (FORSOME 1 (FORSOME 2 (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR 1 2)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0685 LISTP-COND-PROOF1 T) (DEFN NUMERAL-NOT-LISTP-PROOF (N X Y U V) (F-IFF-MP-PROOF2 (F-NOT (FORSOME X (FORSOME Y (F-EQUAL (NUMERAL N) (Z-OPAIR U V))))) (FORALL X (F-NOT (FORSOME Y (F-EQUAL (NUMERAL N) (Z-OPAIR U V))))) (FORSOME-FORALL-PROOF X (FORSOME Y (F-EQUAL (NUMERAL N) (Z-OPAIR U V)))) (GENERALISE-PROOF X (F-NOT (FORSOME Y (F-EQUAL (NUMERAL N) (Z-OPAIR U V)))) (F-IFF-MP-PROOF2 (F-NOT (FORSOME Y (F-EQUAL (NUMERAL N) (Z-OPAIR U V)))) (FORALL Y (F-NOT (F-EQUAL (NUMERAL N) (Z-OPAIR U V)))) (FORSOME-FORALL-PROOF Y (F-EQUAL (NUMERAL N) (Z-OPAIR U V))) (GENERALISE-PROOF Y (F-NOT (F-EQUAL (NUMERAL N) (Z-OPAIR U V))) (LIST-NUM-NEQUAL-PROOF N U V)))))) ;;;;;;;No numeral is an ordered pair. (PROVE-LEMMA NUMERAL-NOT-LISTP-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 2 1) (P 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-LIST (LIST X Y U V) 4) (EQUAL N-BAR (NUMERAL N))) (PROVES (NUMERAL-NOT-LISTP-PROOF N X Y U V) (F-NOT (FORSOME X (FORSOME Y (F-EQUAL N-BAR (Z-OPAIR U V))))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0693 NUMERAL-NOT-LISTP-PROOF T) (DEFN Z-CAR-NCODE-PROOF (X) (FORM-Z-IF-EVAL-PROOF1 (LIST (LIST (LISTP X) (LISTP-COND-PROOF1 (NCODE (CAR X)) (NCODE (CDR X))) (NUMERAL-NOT-LISTP-PROOF X 1 2 1 2)) (FORSOME-INTRO-PROOF 2 (F-EQUAL (Z-OPAIR (NCODE (CAR X)) (NCODE (CDR X))) (Z-OPAIR (Z-CAR (NCODE X)) 2)) (F-EQUAL (Z-CAR (NCODE X)) (NCODE (CAR X))) (CHAIN-PROOF (F-EQUAL (Z-OPAIR (NCODE (CAR X)) (NCODE (CDR X))) (Z-OPAIR (Z-CAR (NCODE X)) 2)) (F-EQUAL (Z-CAR (NCODE X)) (NCODE (CAR X))) (LIST (F-EQUAL (NCODE (CAR X)) (Z-CAR (NCODE X)))) (LIST (Z-CAR-UNIQUE-PROOF (NCODE (CAR X)) (NCODE (CDR X)) (Z-CAR (NCODE X)) 2) (SYMMETRY-PROOF1 (NCODE (CAR X)) (Z-CAR (NCODE X)))))) (PROP-AXIOM-PROOF (F-EQUAL (Z-CAR (NCODE X)) (PHI)))) (Z-IF (FORSOME 1 (FORSOME 2 (F-EQUAL (NCODE X) (Z-OPAIR 1 2)))) (FORSOME 2 (F-EQUAL (NCODE X) (Z-OPAIR (Z-CAR (NCODE X)) 2))) (F-EQUAL (Z-CAR (NCODE X)) (PHI))) (Z-CAR (NCODE X)) (NCODE (CAR X)) (Z-CAR-DEFN-PROOF (NCODE X)))) ;;;;;;;FORM-Z-IF-EVAL-PROOF-PROVES1 is used to prove that "(Z-car x)" is ;;;;;;;the Z2 analogue of CAR, in the lemma below. (PROVE-LEMMA Z-CAR-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 2 1) (P 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-CAR (NCODE X)) (NCODE (CAR X))))) (PROVES (Z-CAR-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0691 Z-CAR-NCODE-PROOF T) (DEFN LISTP-COND-PROOF2 (X Y) (DETACH-PROOF (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR X Y)) (FORSOME 2 (FORSOME 1 (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR 1 2)))) (IDENT-AXIOM-PROOF (Z-OPAIR X Y)) (SUBST-THM-A-PROOF (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR 1 2)) (LIST 2 1) (LIST Y X)))) (PROVE-LEMMA LISTP-COND-PROOF2-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 2 1) (P 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL (COLLECT-FREE X 0) NIL) (EQUAL (COLLECT-FREE Y 0) NIL)) (PROVES (LISTP-COND-PROOF2 X Y) (FORSOME 2 (FORSOME 1 (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR 1 2)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0692 LISTP-COND-PROOF2 T) (DEFN Z-CDR-NCODE-PROOF (X) (FORM-Z-IF-EVAL-PROOF1 (LIST (LIST (LISTP X) (LISTP-COND-PROOF2 (NCODE (CAR X)) (NCODE (CDR X))) (NUMERAL-NOT-LISTP-PROOF X 2 1 1 2)) (FORSOME-INTRO-PROOF 1 (F-EQUAL (Z-OPAIR (NCODE (CAR X)) (NCODE (CDR X))) (Z-OPAIR 1 (Z-CDR (NCODE X)))) (F-EQUAL (Z-CDR (NCODE X)) (NCODE (CDR X))) (CHAIN-PROOF (F-EQUAL (Z-OPAIR (NCODE (CAR X)) (NCODE (CDR X))) (Z-OPAIR 1 (Z-CDR (NCODE X)))) (F-EQUAL (Z-CDR (NCODE X)) (NCODE (CDR X))) (LIST (F-EQUAL (NCODE (CDR X)) (Z-CDR (NCODE X)))) (LIST (Z-CDR-UNIQUE-PROOF (NCODE (CAR X)) (NCODE (CDR X)) 1 (Z-CDR (NCODE X))) (SYMMETRY-PROOF1 (NCODE (CDR X)) (Z-CDR (NCODE X)))))) (PROP-AXIOM-PROOF (F-EQUAL (Z-CDR (NCODE X)) (PHI)))) (Z-IF (FORSOME 2 (FORSOME 1 (F-EQUAL (NCODE X) (Z-OPAIR 1 2)))) (FORSOME 1 (F-EQUAL (NCODE X) (Z-OPAIR 1 (Z-CDR (NCODE X))))) (F-EQUAL (Z-CDR (NCODE X)) (PHI))) (Z-CDR (NCODE X)) (NCODE (CDR X)) (Z-CDR-DEFN-PROOF (NCODE X)))) ;;;;;;;"(Z-cdr x)" is the Z2 analogue of CDR. (PROVE-LEMMA Z-CDR-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 5 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 2 1) (P 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-CDR (NCODE X)) (NCODE (CDR X))))) (PROVES (Z-CDR-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0694 Z-CDR-NCODE-PROOF T) (PROVE-LEMMA COL-FREE-Z-CAR (REWRITE) (EQUAL (COLLECT-FREE (Z-CAR X) 0) (COLLECT-FREE (LIST X) 1))) (PROVE-LEMMA COVERING-Z-CAR (REWRITE) (EQUAL (COVERING (Z-CAR X) VAR 0) (COVERING (LIST X) VAR 1))) (PROVE-LEMMA SUBST-Z-CAR (REWRITE) (EQUAL (SUBST (Z-CAR X) VAR TERM 0) (Z-CAR (SUBST X VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-CAR (REWRITE) (EQUAL (PARALLEL-SUBST (Z-CAR X) VARS TERMS 0) (Z-CAR (PARALLEL-SUBST X VARS TERMS 0)))) (PROVE-LEMMA TERMP-Z-CAR (REWRITE) (EQUAL (TERMP (Z-CAR X) 0 SYMBOLS) (AND (MEMBER (FN 4 1) SYMBOLS) (TERMP X 0 SYMBOLS)))) (TOGGLE G0696 Z-CAR T) (PROVE-LEMMA COL-FREE-Z-CDR (REWRITE) (EQUAL (COLLECT-FREE (Z-CDR X) 0) (COLLECT-FREE (LIST X) 1))) (PROVE-LEMMA COVERING-Z-CDR (REWRITE) (EQUAL (COVERING (Z-CDR X) VAR 0) (COVERING (LIST X) VAR 1))) (PROVE-LEMMA SUBST-Z-CDR (REWRITE) (EQUAL (SUBST (Z-CDR X) VAR TERM 0) (Z-CDR (SUBST X VAR TERM 0)))) (PROVE-LEMMA PARALLEL-SUBST-Z-CDR (REWRITE) (EQUAL (PARALLEL-SUBST (Z-CDR X) VARS TERMS 0) (Z-CDR (PARALLEL-SUBST X VARS TERMS 0)))) (PROVE-LEMMA TERMP-Z-CDR (REWRITE) (EQUAL (TERMP (Z-CDR X) 0 SYMBOLS) (AND (MEMBER (FN 5 1) SYMBOLS) (TERMP X 0 SYMBOLS)))) (TOGGLE G0697 Z-CDR T) (DEFN TERM-Z-IF-UNIQUE-PROOF (X Y EXP) (IF (Z-IFP EXP) (UNIQUE-F-IF-PROOF (Z-TEST EXP) (MAKE-TERM-Z-IF X (Z-LEFT EXP)) (MAKE-TERM-Z-IF Y (Z-LEFT EXP)) (MAKE-TERM-Z-IF X (Z-RIGHT EXP)) (MAKE-TERM-Z-IF Y (Z-RIGHT EXP)) (F-EQUAL X Y) (TERM-Z-IF-UNIQUE-PROOF X Y (Z-LEFT EXP)) (TERM-Z-IF-UNIQUE-PROOF X Y (Z-RIGHT EXP))) (UNIQUE-FUN-INTRO-PROOF X Y EXP))) ;;;;;;;The uniqueness part of the admissibility proofs for definitions constructed ;;;;;;;by term-if-trees follows from the uniqueness proofs of the leaf nodes. ;;;;;;;The lemma below proves that any definition constructed by a term-if-tree ;;;;;;;automatically has the uniqueness property, since terms represent unique values. (PROVE-LEMMA TERM-Z-IF-UNIQUE-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERM-Z-IF EXP X SYMBOLS) (TERM-Z-IF EXP Y SYMBOLS) (VAR-LIST (LIST X Y) 2)) (PROVES (TERM-Z-IF-UNIQUE-PROOF X Y EXP) (F-IMPLIES (F-AND (MAKE-TERM-Z-IF X EXP) (MAKE-TERM-Z-IF Y EXP)) (F-EQUAL X Y)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0695 TERM-Z-IF-UNIQUE-PROOF T) (PROVE-LEMMA TERM-Z-IF-UNIQUE-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (TERM-Z-IF EXP X SYMBOLS) (TERM-Z-IF EXP Y SYMBOLS) (VAR-LIST (LIST X Y) 2) (EQUAL CONCL (F-IMPLIES (F-AND (MAKE-TERM-Z-IF X EXP) (MAKE-TERM-Z-IF Y EXP)) (F-EQUAL X Y)))) (PROVES (TERM-Z-IF-UNIQUE-PROOF X Y EXP) CONCL GIVEN DEFNS SYMBOLS)) ((USE (TERM-Z-IF-UNIQUE-PROOF-PROVES)))) (DEFN Z-LISTP-EXIS-PROOF (X Y Z) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z)))) (Z-SUCC (PHI)) (PHI)))) (DEFN Z-LISTP-UNIQUE-PROOF (X Y Y1 Z) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z)))) (Z-SUCC (PHI)) (PHI)))) ;;;;;;;The definition for "(Z-listp x)". (DEFN Z-LISTP-DEFN (X Y Y1 Z1) (F-IF (FORSOME Y1 (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1)))) (F-EQUAL Y (Z-SUCC (PHI))) (F-EQUAL Y (PHI)))) (DEFN BOOL-FIX (X) (IF X 1 0)) ;;;;;;;The expression representing "(Z-listp x)". (DEFN Z-LISTP (X) (LIST (FN 6 1) X)) ;;;;;;;The admissibility proof for "(Z-listp x)". (DEFN Z-LISTP-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-LISTP-DEFN 0 (Z-LISTP 0) 1 2) 0 TERM (FUN-DEFN-PROOF (FN 6 1) (LIST 0) 1 3 (Z-LISTP-DEFN 0 1 1 2) (Z-LISTP-EXIS-PROOF 0 1 2) (Z-LISTP-UNIQUE-PROOF 0 1 3 2)))) ;;;;;;;DEFNS must contain the definition of "Z-listp" associated with the ;;;;;;;function symbol for "Z-listp" and the functions used to define ;;;;;;;"Z-listp" must follow "Z-listp" in SYMBOLS. (DEFN Z-LISTP-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 6 1) DEFNS) (Z-LISTP-DEFN 0 (Z-LISTP 0) 1 2)) (SUBSET (LIST (FN 3 1) (FN 1 2) (FN 0 0)) (REST-OF (FN 6 1) SYMBOLS)))) (TOGGLE G0699 FREE-FOR NIL) ;;;;;;;The definition for "Z-listp" is proved to be admissible in the lemma below. (PROVE-LEMMA Z-LISTP-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 6 1) (FN 3 1) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-LISTP-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (EQUAL (COLLECT-FREE TERM 0) NIL) (EQUAL CONCL (Z-LISTP-DEFN TERM (Z-LISTP TERM) 1 2))) (PROVES (Z-LISTP-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0703 Z-LISTP-DEFN-PROOF T) (TOGGLE G0706 Z-LISTP-HYPS T) (DEFN Z-LISTP-NCODE-PROOF (X) (Z-IF-EVAL-PROOF1 (LIST (LIST (LISTP X) (LISTP-COND-PROOF1 (NCODE (CAR X)) (NCODE (CDR X))) (NUMERAL-NOT-LISTP-PROOF X 1 2 1 2)) (IDENT-AXIOM-PROOF (Z-SUCC (PHI))) (IDENT-AXIOM-PROOF (PHI))) (Z-IF (FORSOME 1 (FORSOME 2 (F-EQUAL (NCODE X) (Z-OPAIR 1 2)))) (Z-SUCC (PHI)) (PHI)) (Z-LISTP (NCODE X)) (NCODE (BOOL-FIX (LISTP X))) (Z-LISTP-DEFN-PROOF (NCODE X)))) ;;;;;;;|- "((Z-listp ) = <(BOOL-FIX (LISTP X))>)". (PROVE-LEMMA Z-LISTP-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 6 1) (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-LISTP-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-LISTP (NCODE X)) (NCODE (BOOL-FIX (LISTP X)))))) (PROVES (Z-LISTP-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE FREE-FOR))) (TOGGLE G0711 Z-LISTP-NCODE-PROOF T) ;;;;;;;A similar sequence of events for "(Z-add1 x)", the Z2 analogue of ADD1. (DEFN Z-ADD1-EXIS-PROOF (X Y Z) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z)))) (Z-SUCC (PHI)) (Z-SUCC X)))) (DEFN Z-ADD1-UNIQUE-PROOF (X Y Y1 Z) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (FORSOME Y (FORSOME Z (F-EQUAL X (Z-OPAIR Y Z)))) (Z-SUCC (PHI)) (Z-SUCC X)))) (DEFN Z-ADD1-DEFN (X Y Y1 Z1) (F-IF (FORSOME Y1 (FORSOME Z1 (F-EQUAL X (Z-OPAIR Y1 Z1)))) (F-EQUAL Y (Z-SUCC (PHI))) (F-EQUAL Y (Z-SUCC X)))) (DEFN Z-ADD1 (X) (LIST (FN 7 1) X)) (DEFN Z-ADD1-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-ADD1-DEFN 0 (Z-ADD1 0) 1 2) 0 TERM (FUN-DEFN-PROOF (FN 7 1) (LIST 0) 1 3 (Z-ADD1-DEFN 0 1 1 2) (Z-ADD1-EXIS-PROOF 0 1 2) (Z-ADD1-UNIQUE-PROOF 0 1 3 2)))) (DEFN Z-ADD1-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 7 1) DEFNS) (Z-ADD1-DEFN 0 (Z-ADD1 0) 1 2)) (SUBSET (LIST (FN 3 1) (FN 1 2) (FN 0 0)) (REST-OF (FN 7 1) SYMBOLS)))) (PROVE-LEMMA Z-ADD1-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 7 1) (FN 3 1) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-ADD1-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (EQUAL (COLLECT-FREE TERM 0) NIL) (EQUAL CONCL (Z-ADD1-DEFN TERM (Z-ADD1 TERM) 1 2))) (PROVES (Z-ADD1-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0712 Z-ADD1-DEFN-PROOF T) (TOGGLE G0713 Z-ADD1-HYPS T) (DEFN Z-ADD1-NCODE-PROOF (X) (Z-IF-EVAL-PROOF1 (LIST (LIST (LISTP X) (LISTP-COND-PROOF1 (NCODE (CAR X)) (NCODE (CDR X))) (NUMERAL-NOT-LISTP-PROOF X 1 2 1 2)) (IDENT-AXIOM-PROOF (Z-SUCC (PHI))) (IDENT-AXIOM-PROOF (Z-SUCC (NCODE X)))) (Z-IF (FORSOME 1 (FORSOME 2 (F-EQUAL (NCODE X) (Z-OPAIR 1 2)))) (Z-SUCC (PHI)) (Z-SUCC (NCODE X))) (Z-ADD1 (NCODE X)) (NCODE (ADD1 X)) (Z-ADD1-DEFN-PROOF (NCODE X)))) (PROVE-LEMMA Z-ADD1-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 7 1) (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-ADD1-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-ADD1 (NCODE X)) (NCODE (ADD1 X))))) (PROVES (Z-ADD1-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE FREE-FOR))) (TOGGLE G0714 Z-ADD1-NCODE-PROOF T) ;;;;;;;The sequence of events introducing "(Z-numberp x)", the Z2 analogue of NUMBERP. (DEFN Z-NUMBERP-DEFN (X Y) (F-IF (Z-INT X) (F-EQUAL Y (Z-SUCC (PHI))) (F-EQUAL Y (PHI)))) (DEFN Z-NUMBERP-EXIS-PROOF (X Y) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (Z-INT X) (Z-SUCC (PHI)) (PHI)))) (DEFN Z-NUMBERP-UNIQUE-PROOF (X Y Y1) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (Z-INT X) (Z-SUCC (PHI)) (PHI)))) (DEFN Z-NUMBERP (X) (LIST (FN 8 1) X)) (DEFN Z-NUMBERP-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-NUMBERP-DEFN 0 (Z-NUMBERP 0)) 0 TERM (FUN-DEFN-PROOF (FN 8 1) (LIST 0) 1 2 (Z-NUMBERP-DEFN 0 1) (Z-NUMBERP-EXIS-PROOF 0 1) (Z-NUMBERP-UNIQUE-PROOF 0 1 2)))) (DEFN Z-NUMBERP-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 8 1) DEFNS) (Z-NUMBERP-DEFN 0 (Z-NUMBERP 0))) (SUBSET (LIST (FN 3 1) (P 2 1) (FN 0 0)) (REST-OF (FN 8 1) SYMBOLS)))) (TOGGLE G0716 Z-INT NIL) (PROVE-LEMMA COLLECT-FREE-Z-INT (REWRITE) (EQUAL (COLLECT-FREE (Z-INT X) 0) (COLLECT-FREE (LIST X) 1))) (TOGGLE G0717 Z-INT T) (PROVE-LEMMA Z-NUMBERP-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 8 1) (FN 3 1) (P 2 1) (FN 0 0)) SYMBOLS) (Z-NUMBERP-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (EQUAL (COLLECT-FREE TERM 0) NIL) (EQUAL CONCL (Z-NUMBERP-DEFN TERM (Z-NUMBERP TERM)))) (PROVES (Z-NUMBERP-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0725 Z-NUMBERP-DEFN-PROOF T) (TOGGLE G0726 Z-NUMBERP-HYPS T) (DEFN Z-NUMBERP-NCODE-PROOF (X) (Z-IF-EVAL-PROOF1 (LIST (LIST (NOT (LISTP X)) (Z-INT-NUMERAL-PROOF X) (NOT-INT-OPAIR-PROOF (NCODE (CAR X)) (NCODE (CDR X)) 0)) (IDENT-AXIOM-PROOF (Z-SUCC (PHI))) (IDENT-AXIOM-PROOF (PHI))) (Z-IF (Z-INT (NCODE X)) (Z-SUCC (PHI)) (PHI)) (Z-NUMBERP (NCODE X)) (NCODE (BOOL-FIX (NOT (LISTP X)))) (Z-NUMBERP-DEFN-PROOF (NCODE X)))) (PROVE-LEMMA Z-INT-NUMERAL-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (MEMBER (P 2 1) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL X-BAR (NUMERAL X))) (PROVES (Z-INT-NUMERAL-PROOF X) (Z-INT X-BAR) GIVEN DEFNS SYMBOLS)) ((USE (Z-INT-NUMERAL-PROOF-PROVES)))) (TOGGLE G0727 Z-INT-NUMERAL-PROOF-PROVES T) (PROVE-LEMMA Z-NUMBERP-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 8 1) (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-NUMBERP-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-NUMBERP (NCODE X)) (NCODE (BOOL-FIX (NOT (LISTP X))))))) (PROVES (Z-NUMBERP-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0728 Z-NUMBERP-NCODE-PROOF T) ;;;;;;;Sequence of events introducing "(Z-zerop x)", the Z2 analogue of ZEROP. (DEFN Z-ZEROP-EXIS-PROOF (X Y) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (Z-INT X) (Z-IF (F-EQUAL X (PHI)) (Z-SUCC (PHI)) (PHI)) (Z-SUCC (PHI))))) (DEFN Z-ZEROP-UNIQUE-PROOF (X Y Y1) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (Z-INT X) (Z-IF (F-EQUAL X (PHI)) (Z-SUCC (PHI)) (PHI)) (Z-SUCC (PHI))))) (DEFN Z-ZEROP-DEFN (X Y) (F-IF (Z-INT X) (F-IF (F-EQUAL X (PHI)) (F-EQUAL Y (Z-SUCC (PHI))) (F-EQUAL Y (PHI))) (F-EQUAL Y (Z-SUCC (PHI))))) (DEFN Z-ZEROP (X) (LIST (FN 9 1) X)) (DEFN Z-ZEROP-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-ZEROP-DEFN 0 (Z-ZEROP 0)) 0 TERM (FUN-DEFN-PROOF (FN 9 1) (LIST 0) 1 2 (Z-ZEROP-DEFN 0 1) (Z-ZEROP-EXIS-PROOF 0 1) (Z-ZEROP-UNIQUE-PROOF 0 1 2)))) (DEFN Z-ZEROP-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 9 1) DEFNS) (Z-ZEROP-DEFN 0 (Z-ZEROP 0))) (SUBSET (LIST (FN 3 1) (P 2 1) (FN 0 0)) (REST-OF (FN 9 1) SYMBOLS)))) (PROVE-LEMMA Z-ZEROP-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 9 1) (FN 3 1) (P 2 1) (FN 0 0)) SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (EQUAL (COLLECT-FREE TERM 0) NIL) (EQUAL CONCL (Z-ZEROP-DEFN TERM (Z-ZEROP TERM)))) (PROVES (Z-ZEROP-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0763 Z-ZEROP-DEFN-PROOF T) (TOGGLE G0764 Z-ZEROP-HYPS T) (DEFN Z-ZEROP-NCODE-PROOF (X) (Z-IF-EVAL-PROOF1 (LIST (LIST (NOT (LISTP X)) (Z-INT-NUMERAL-PROOF X) (NOT-INT-OPAIR-PROOF (NCODE (CAR X)) (NCODE (CDR X)) 0)) (LIST (LIST (ZEROP X) (IDENT-AXIOM-PROOF (PHI)) (NCODE-NEQUAL-PROOF X 0)) (IDENT-AXIOM-PROOF (Z-SUCC (PHI))) (IDENT-AXIOM-PROOF (PHI))) (IDENT-AXIOM-PROOF (Z-SUCC (PHI)))) (Z-IF (Z-INT (NCODE X)) (Z-IF (F-EQUAL (NCODE X) (PHI)) (Z-SUCC (PHI)) (PHI)) (Z-SUCC (PHI))) (Z-ZEROP (NCODE X)) (NCODE (BOOL-FIX (ZEROP X))) (Z-ZEROP-DEFN-PROOF (NCODE X)))) (PROVE-LEMMA Z-ZEROP-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 9 1) (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-ZEROP (NCODE X)) (NCODE (BOOL-FIX (ZEROP X)))))) (PROVES (Z-ZEROP-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0767 Z-ZEROP-NCODE-PROOF T) (DEFN FORM-Z-IF-UNIQUE-PROVES (X Y EXP PFTREE GIVEN DEFNS SYMBOLS) (IF (Z-IFP EXP) (AND (NOT (MEMBER X (COLLECT-FREE (Z-TEST EXP) 0))) (NOT (MEMBER Y (COLLECT-FREE (Z-TEST EXP) 0))) (FORM-Z-IF-UNIQUE-PROVES X Y (Z-LEFT EXP) (CAR PFTREE) GIVEN DEFNS SYMBOLS) (FORM-Z-IF-UNIQUE-PROVES X Y (Z-RIGHT EXP) (CDR PFTREE) GIVEN DEFNS SYMBOLS)) (PROVES PFTREE (F-IMPLIES (F-AND EXP (SUBST EXP X Y 0)) (F-EQUAL X Y)) GIVEN DEFNS SYMBOLS))) (DEFN FORM-Z-IF-UNIQUE-PROOF (X Y EXP PFTREE) (IF (Z-IFP EXP) (UNIQUE-F-IF-PROOF (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (SUBST (MAKE-FORM-Z-IF (Z-LEFT EXP)) X Y 0) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (SUBST (MAKE-FORM-Z-IF (Z-RIGHT EXP)) X Y 0) (F-EQUAL X Y) (FORM-Z-IF-UNIQUE-PROOF X Y (Z-LEFT EXP) (CAR PFTREE)) (FORM-Z-IF-UNIQUE-PROOF X Y (Z-RIGHT EXP) (CDR PFTREE))) PFTREE)) (PROVE-LEMMA FORM-Z-IF-UNIQUE-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (VAR-LIST (LIST X Y) 2) (FORM-Z-IF-UNIQUE-PROVES X Y EXP PFTREE GIVEN DEFNS SYMBOLS)) (PROVES (FORM-Z-IF-UNIQUE-PROOF X Y EXP PFTREE) (F-IMPLIES (F-AND (MAKE-FORM-Z-IF EXP) (SUBST (MAKE-FORM-Z-IF EXP) X Y 0)) (F-EQUAL X Y)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0700 FORM-Z-IF-EVAL-PROOF T) (PROVE-LEMMA FORM-Z-IF-UNIQUE-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (VAR-LIST (LIST X Y) 2) (FORM-Z-IF-UNIQUE-PROVES X Y EXP PFTREE GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (F-AND (MAKE-FORM-Z-IF EXP) (SUBST (MAKE-FORM-Z-IF EXP) X Y 0)) (F-EQUAL X Y)))) (PROVES (FORM-Z-IF-UNIQUE-PROOF X Y EXP PFTREE) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0701 FORM-Z-IF-UNIQUE-PROOF-PROVES T) (DEFN TRANS-NOT-EQUAL-PROOF (X Y Z PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL Y X) (F-IMPLIES (F-EQUAL Y Z) (F-EQUAL X Z))) (F-NOT (F-EQUAL X Z)) (F-EQUAL Y Z)) (F-NOT (F-EQUAL Y X)) (LIST (TRANS-EQUAL-PROOF1 X Y Z) PF1 PF2))) (PROVE-LEMMA TRANS-NOT-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-NOT (F-EQUAL X Z)) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-EQUAL Y Z) GIVEN DEFNS SYMBOLS)) (PROVES (TRANS-NOT-EQUAL-PROOF X Y Z PF1 PF2) (F-NOT (F-EQUAL Y X)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-NOT (F-EQUAL X Z)))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-EQUAL Y Z)))) )) (TOGGLE G0840 TRANS-NOT-EQUAL-PROOF T) (DEFN FLIP-EQUALS-PROOF (X Y PF) (DETACH-PROOF (F-EQUAL X Y) (F-EQUAL Y X) PF (SYMMETRY-PROOF1 X Y))) (PROVE-LEMMA FLIP-EQUALS-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-EQUAL X Y) GIVEN DEFNS SYMBOLS) (PROVES (FLIP-EQUALS-PROOF X Y PF) (F-EQUAL Y X) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-EQUAL X Y)))))) (TOGGLE G0841 FLIP-EQUALS-PROOF T) (DEFN RENAME-FORALL-PROOF (X Y EXP) (FORALL-INTRO-PROOF (FORALL X EXP) (SUBST EXP X Y 0) Y (SUBST-THM-B-PROOF EXP (LIST X) (LIST Y)))) (TOGGLE G0731 FREE-FOR-LIST NIL) (PROVE-LEMMA PARALLEL-SUBST-SUBST-CASE (REWRITE) (EQUAL (PARALLEL-SUBST EXP (LIST X) (LIST TERM) FLG) (SUBST EXP X TERM FLG))) (PROVE-LEMMA RENAME-FORALL-PROOF-PROVES (REWRITE) (IMPLIES (AND (NOT (MEMBER Y (COLLECT-FREE EXP 0))) (FORMULA EXP SYMBOLS) (FREE-FOR EXP X Y 0) (VAR-SET (LIST X Y) 2) (EQUAL EXP-INST (SUBST EXP X Y 0))) (PROVES (RENAME-FORALL-PROOF X Y EXP) (F-IMPLIES (FORALL X EXP) (FORALL Y EXP-INST)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0732 FREE-FOR-LIST T) (TOGGLE G0733 PARALLEL-SUBST-SUBST-CASE T) (TOGGLE G0734 FORM-Z-IF-UNIQUE-PROOF T) ;;;;;;;Sequence of events introducing "(Z-sub1 x)", the Z2 analogue of SUB1. (DEFN Z-SUB1 (X) (LIST (FN 10 1) X)) (DEFN Z-SUB1-DEFN (X Y Z) (F-IF (Z-INT X) (F-IF (FORSOME Z (F-AND (Z-INT Z) (F-EQUAL (Z-SUCC Z) X))) (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) X)) (F-EQUAL Y (PHI))) (F-EQUAL Y (PHI)))) (DEFN Z-SUB1-EXPR (X Y Z) (Z-IF (Z-INT X) (Z-IF (FORSOME Z (F-AND (Z-INT Z) (F-EQUAL (Z-SUCC Z) X))) (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) X)) (F-EQUAL Y (PHI))) (F-EQUAL Y (PHI)))) (DEFN Z-SUB1-EXIS-PROOF (X Y) (FORM-Z-IF-EXIS-PROOF (LIST (LIST (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-AND (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) X))) (Z-INT X)) (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) X)))) NIL) (TAUTCONSEQ-PROOF (LIST (FORSOME Y (F-EQUAL Y (PHI)))) (F-IMPLIES (F-AND (F-NOT (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) X)))) (Z-INT X)) (FORSOME Y (F-EQUAL Y (PHI)))) (LIST (EXIS-FUN-INTRO-PROOF Y (PHI))))) (TAUTCONSEQ-PROOF (LIST (FORSOME Y (F-EQUAL Y (PHI)))) (F-IMPLIES (F-NOT (Z-INT X)) (FORSOME Y (F-EQUAL Y (PHI)))) (LIST (EXIS-FUN-INTRO-PROOF Y (PHI))))) (Z-SUB1-EXPR X Y Y) Y NIL)) (DEFN Z-INT-Z-SUCC-EQUAL-PROOF (X Y) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (Z-INT X) (F-AND (Z-TRANS2 X) (Z-TRICH2 X))) (F-IMPLIES (Z-INT Y) (F-AND (Z-TRANS2 Y) (Z-TRICH2 Y))) (F-IMPLIES (Z-TRANS2 X) (F-IMPLIES (Z-TRANS2 Y) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-EQUAL X Y))))) (F-IMPLIES (Z-INT X) (F-IMPLIES (Z-INT Y) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-EQUAL X Y)))) (LIST (IFF-SPLIT-PROOF1 (Z-INT X) (F-AND (Z-TRANS2 X) (Z-TRICH2 X)) (Z-INT-DEFN-PROOF X)) (IFF-SPLIT-PROOF1 (Z-INT Y) (F-AND (Z-TRANS2 Y) (Z-TRICH2 Y)) (Z-INT-DEFN-PROOF Y)) (Z-SUCC-EQUAL-PROOF X Y 1 2)))) (PROVE-LEMMA Z-INT-Z-SUCC-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (P 2 1) (P 1 2) (FN 3 1) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (NIL-INTERSECT (LIST 1 2) (COLLECT-FREE (LIST X Y) 1))) (PROVES (Z-INT-Z-SUCC-EQUAL-PROOF X Y) (F-IMPLIES (Z-INT X) (F-IMPLIES (Z-INT Y) (F-IMPLIES (F-EQUAL (Z-SUCC X) (Z-SUCC Y)) (F-EQUAL X Y)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0739 Z-INT-Z-SUCC-EQUAL-PROOF T) (DEFN Z-SUB1-UNIQUE-PROOF (X Y Y1) (FORM-Z-IF-UNIQUE-PROOF Y Y1 (Z-SUB1-EXPR X Y Y) (CONS (CONS (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-SUCC Y) X) (F-IMPLIES (F-EQUAL (Z-SUCC Y1) X) (F-EQUAL (Z-SUCC Y) (Z-SUCC Y1)))) (F-IMPLIES (Z-INT Y) (F-IMPLIES (Z-INT Y1) (F-IMPLIES (F-EQUAL (Z-SUCC Y) (Z-SUCC Y1)) (F-EQUAL Y Y1))))) (F-IMPLIES (F-AND (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) X)) (F-AND (Z-INT Y1) (F-EQUAL (Z-SUCC Y1) X))) (F-EQUAL Y Y1)) (LIST (TRANS-EQUAL-PROOF2 (Z-SUCC Y) X (Z-SUCC Y1)) (Z-INT-Z-SUCC-EQUAL-PROOF Y Y1))) (UNIQUE-FUN-INTRO-PROOF Y Y1 (PHI))) (UNIQUE-FUN-INTRO-PROOF Y Y1 (PHI))))) (DEFN Z-SUB1-DEFN-PROOF (TERM) (SUBST-RULE-PROOF (Z-SUB1-DEFN 0 (Z-SUB1 0) 3) 0 TERM (FUN-DEFN-PROOF (FN 10 1) (LIST 0) 3 4 (Z-SUB1-DEFN 0 3 3) (Z-SUB1-EXIS-PROOF 0 3) (Z-SUB1-UNIQUE-PROOF 0 3 4)))) (DEFN Z-SUB1-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 10 1) DEFNS) (Z-SUB1-DEFN 0 (Z-SUB1 0) 3)) (Z-INT-HYPS DEFNS (REST-OF (FN 10 1) SYMBOLS)) (Z-SUCC-HYPS DEFNS (REST-OF (FN 10 1) SYMBOLS)) (SUBSET (LIST (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) (REST-OF (FN 10 1) SYMBOLS)))) (PROVE-LEMMA Z-SUB1-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 3 1) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (TERMP TERM 0 SYMBOLS) (NIL-INTERSECT (LIST 3 4) (COLLECT-FREE TERM 0)) (EQUAL CONCL (Z-SUB1-DEFN TERM (Z-SUB1 TERM) 3))) (PROVES (Z-SUB1-DEFN-PROOF TERM) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0787 Z-SUB1-DEFN-PROOF T) (TOGGLE G0788 Z-SUB1-HYPS T) (DEFN ENABLE-NZEROP-PROOF (X Y) (DETACH-PROOF (F-AND (Z-INT (NCODE (SUB1 X))) (F-EQUAL (Z-SUCC (NCODE (SUB1 X))) (Z-SUCC (NCODE (SUB1 X))))) (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (Z-SUCC (NCODE (SUB1 X)))))) (AND-JOIN-PROOF (Z-INT (NCODE (SUB1 X))) (F-EQUAL (Z-SUCC (NCODE (SUB1 X))) (Z-SUCC (NCODE (SUB1 X)))) (Z-INT-NUMERAL-PROOF (SUB1 X)) (IDENT-AXIOM-PROOF (Z-SUCC (NCODE (SUB1 X))))) (SUBST-THM-A-PROOF (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (Z-SUCC (NCODE (SUB1 X))))) (LIST Y) (LIST (NCODE (SUB1 X)))))) (PROVE-LEMMA ENABLE-NZEROP-PROOF-PROVES (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (SUBSET (LIST (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (VARIABLE Y) (EQUAL CONCL (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (NCODE X)))))) (PROVES (ENABLE-NZEROP-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0790 ENABLE-NZEROP-PROOF T) (DEFN DISABLE-NZEROP-PROOF (X Y) (F-IFF-MP-PROOF2 (F-NOT (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (NCODE X))))) (FORALL Y (F-NOT (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (NCODE X))))) (FORSOME-FORALL-PROOF Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (NCODE X)))) (GENERALISE-PROOF Y (F-NOT (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (NCODE X)))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-SUCC Y) (PHI)) (F-EQUAL (PHI) (Z-SUCC Y))) (F-NOT (F-EQUAL (PHI) (Z-SUCC Y)))) (F-NOT (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (PHI)))) (LIST (SYMMETRY-PROOF1 (Z-SUCC Y) (PHI)) (EXT-NOT-EQUAL-PROOF (PHI) (Z-SUCC Y) Y (NULL-AXIOM-PROOF Y) (X-IN-Z-SUCC-X-PROOF Y))))))) (PROVE-LEMMA DISABLE-NZEROP-PROOF-PROVES (REWRITE) (IMPLIES (AND (NOT (LISTP X)) (ZEROP X) (SUBSET (LIST (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (VARIABLE Y) (EQUAL CONCL (F-NOT (FORSOME Y (F-AND (Z-INT Y) (F-EQUAL (Z-SUCC Y) (NCODE X))))))) (PROVES (DISABLE-NZEROP-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0791 DISABLE-NZEROP-PROOF T) (DEFN NZEROP-Z-SUB1-NCODE-PROOF (X) (TAUTCONSEQ-PROOF (LIST (Z-INT (NCODE (SUB1 X))) (F-IMPLIES (Z-INT (Z-SUB1 (NCODE X))) (F-IMPLIES (Z-INT (NCODE (SUB1 X))) (F-IMPLIES (F-EQUAL (Z-SUCC (Z-SUB1 (NCODE X))) (Z-SUCC (NCODE (SUB1 X)))) (F-EQUAL (Z-SUB1 (NCODE X)) (NCODE (SUB1 X))))))) (F-IMPLIES (F-AND (Z-INT (Z-SUB1 (NCODE X))) (F-EQUAL (Z-SUCC (Z-SUB1 (NCODE X))) (Z-SUCC (NCODE (SUB1 X))))) (F-EQUAL (Z-SUB1 (NCODE X)) (NCODE (SUB1 X)))) (LIST (Z-INT-NUMERAL-PROOF (SUB1 X)) (Z-INT-Z-SUCC-EQUAL-PROOF (Z-SUB1 (NCODE X)) (NCODE (SUB1 X)))))) (DEFN Z-SUB1-NCODE-PROOF (X) (FORM-Z-IF-EVAL-PROOF1 (LIST (LIST (NLISTP X) (Z-INT-NUMERAL-PROOF X) (NOT-INT-OPAIR-PROOF (NCODE (CAR X)) (NCODE (CDR X)) 0)) (LIST (LIST (NOT (ZEROP X)) (ENABLE-NZEROP-PROOF X 3) (DISABLE-NZEROP-PROOF X 3)) (NZEROP-Z-SUB1-NCODE-PROOF X) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-EQUAL (Z-SUB1 (NCODE X)) (PHI)) (F-EQUAL (Z-SUB1 (NCODE X)) (PHI))) NIL)) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-EQUAL (Z-SUB1 (NCODE X)) (PHI)) (F-EQUAL (Z-SUB1 (NCODE X)) (PHI))) NIL)) (Z-SUB1-EXPR (NCODE X) (Z-SUB1 (NCODE X)) 3) (Z-SUB1 (NCODE X)) (NCODE (SUB1 X)) (Z-SUB1-DEFN-PROOF (NCODE X)))) (PROVE-LEMMA Z-SUB1-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-SUB1 (NCODE X)) (NCODE (SUB1 X))))) (PROVES (Z-SUB1-NCODE-PROOF X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0793 Z-SUB1-NCODE-PROOF T) ;;;;;;;Sequence of events introducing "(Z-equal x y)", the Z2 analogue of EQUAL. (DEFN Z-EQUAL (X Y) (LIST (FN 11 2) X Y)) (DEFN Z-EQUAL-DEFN (X Y Z) (F-IF (F-EQUAL X Y) (F-EQUAL Z (Z-SUCC (PHI))) (F-EQUAL Z (PHI)))) (DEFN Z-EQUAL-DEFN-PROOF (X Y) (INSTANCE-PROOF (Z-EQUAL-DEFN 0 1 (Z-EQUAL 0 1)) (LIST 0 1) (LIST X Y) (FUN-DEFN-PROOF (FN 11 2) (LIST 0 1) 2 3 (Z-EQUAL-DEFN 0 1 2) (TERM-Z-IF-EXIS-PROOF 2 (Z-IF (F-EQUAL 0 1) (Z-SUCC (PHI)) (PHI))) (TERM-Z-IF-UNIQUE-PROOF 2 3 (Z-IF (F-EQUAL 0 1) (Z-SUCC (PHI)) (PHI)))))) (DEFN Z-EQUAL-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 11 2) DEFNS) (Z-EQUAL-DEFN 0 1 (Z-EQUAL 0 1))) (SUBSET (LIST (FN 3 1) (FN 0 0)) (REST-OF (FN 11 2) SYMBOLS)))) (TOGGLE G0740 FREE-FOR-LIST NIL) (PROVE-LEMMA Z-EQUAL-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 11 2) (FN 3 1) (FN 0 0)) SYMBOLS) (Z-EQUAL-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL CONCL (Z-EQUAL-DEFN X Y (Z-EQUAL X Y)))) (PROVES (Z-EQUAL-DEFN-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0794 Z-EQUAL-DEFN-PROOF T) (TOGGLE G0795 Z-EQUAL-HYPS T) (PROVE-LEMMA NCODE-EQUAL-NCODE-EQUAL (REWRITE) (IMPLIES (NCODE-EQUAL X Y) (EQUAL (NCODE Y) (NCODE X)))) (DEFN Z-EQUAL-NCODE-PROOF (X Y) (Z-IF-EVAL-PROOF1 (LIST (LIST (NCODE-EQUAL X Y) (IDENT-AXIOM-PROOF (NCODE X)) (NCODE-NEQUAL-PROOF X Y)) (IDENT-AXIOM-PROOF (Z-SUCC (PHI))) (IDENT-AXIOM-PROOF (PHI))) (Z-IF (F-EQUAL (NCODE X) (NCODE Y)) (Z-SUCC (PHI)) (PHI)) (Z-EQUAL (NCODE X) (NCODE Y)) (NCODE (BOOL-FIX (NCODE-EQUAL X Y))) (Z-EQUAL-DEFN-PROOF (NCODE X) (NCODE Y)))) (PROVE-LEMMA Z-EQUAL-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 11 2) (P 2 1) (P 1 2) (FN 3 1) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-EQUAL-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-EQUAL (NCODE X) (NCODE Y)) (NCODE (BOOL-FIX (NCODE-EQUAL X Y)))))) (PROVES (Z-EQUAL-NCODE-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0796 Z-EQUAL-NCODE-PROOF T) ;;;;;;;Sequence of events introducing "(Z-cons x y)", the Z2 analogue of CONS. (DEFN Z-CONS (X Y) (LIST (FN 12 2) X Y)) (DEFN Z-CONS-DEFN (X Y Z) (F-EQUAL Z (Z-OPAIR X Y))) (DEFN Z-CONS-DEFN-PROOF (X Y) (INSTANCE-PROOF (Z-CONS-DEFN 0 1 (Z-CONS 0 1)) (LIST 0 1) (LIST X Y) (FUN-DEFN-PROOF (FN 12 2) (LIST 0 1) 2 3 (Z-CONS-DEFN 0 1 2) (EXIS-FUN-INTRO-PROOF 2 (Z-OPAIR 0 1)) (UNIQUE-FUN-INTRO-PROOF 2 3 (Z-OPAIR 0 1))))) (DEFN Z-CONS-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 12 2) DEFNS) (Z-CONS-DEFN 0 1 (Z-CONS 0 1))) (MEMBER (FN 1 2) (REST-OF (FN 12 2) SYMBOLS)))) (PROVE-LEMMA Z-CONS-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 12 2) (FN 1 2)) SYMBOLS) (Z-CONS-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL (COLLECT-FREE X 0) NIL) (EQUAL (COLLECT-FREE Y 0) NIL) (EQUAL CONCL (Z-CONS-DEFN X Y (Z-CONS X Y)))) (PROVES (Z-CONS-DEFN-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0800 Z-CONS-DEFN-PROOF T) (TOGGLE G0801 Z-CONS-HYPS T) (TOGGLE G0741 Z-CONS-DEFN-PROOF T) (TOGGLE G0742 Z-CONS-HYPS T) (PROVE-LEMMA NZEROP-NCODE-EQUAL (REWRITE) (IMPLIES (OR (NOT (ZEROP X)) (NOT (ZEROP Y))) (EQUAL (NCODE-EQUAL X Y) (EQUAL X Y)))) (DEFN LIST-AND-JOIN-PROOF (EXPLIST PFLIST) (IF (LISTP EXPLIST) (IF (LISTP (CDR EXPLIST)) (AND-JOIN-PROOF (CAR EXPLIST) (LIST-F-AND (CDR EXPLIST)) (CAR PFLIST) (LIST-AND-JOIN-PROOF (CDR EXPLIST) (CDR PFLIST))) (CAR PFLIST)) PFLIST)) (PROVE-LEMMA LIST-AND-JOIN-PROOF-PROVES (REWRITE) (IMPLIES (AND (LISTP EXPLIST) (PROVES-LIST PFLIST EXPLIST GIVEN DEFNS SYMBOLS)) (PROVES (LIST-AND-JOIN-PROOF EXPLIST PFLIST) (LIST-F-AND EXPLIST) GIVEN DEFNS SYMBOLS))) (TOGGLE G0804 LIST-AND-JOIN-PROOF T) (DEFN COMPOSE-PROOF (FN VAL ARGS VALS PFLIST PF) (LIST-DETACH-PROOF (LIST-F-EQUAL (LIST (CONS FN ARGS) (CONS FN VALS) (CONS FN ARGS)) (LIST (CONS FN ARGS) VAL (CONS FN VALS))) (F-EQUAL (CONS FN ARGS) VAL) (LIST (IDENT-AXIOM-PROOF (CONS FN ARGS)) PF (LIST-DETACH-PROOF (LIST-F-EQUAL ARGS VALS) (F-EQUAL (CONS FN ARGS) (CONS FN VALS)) PFLIST (EQUAL-AXIOM1-PROOF FN ARGS VALS))) (EQUAL-AXIOM2-PROOF (P 0 2) (LIST (CONS FN ARGS) (CONS FN VALS)) (LIST (CONS FN ARGS) VAL)))) ;;;;;;;So far we have seen how to introduce functions defined by cases. Another ;;;;;;;important way of defining functions is by composition, i.e., "(f x1 ... xn)" ;;;;;;;can be defined as "(g (h1 x1...xn) ... (hn x1...xn))". (It is worth noting ;;;;;;;that it is exactly because we make heavy use of function composition that ;;;;;;;we introduced function symbols corresponding to the Lisp primitives. ;;;;;;;When we were working with the predicates representing the definitions, ;;;;;;;composition was extremely tedious to simulate.) We can of course ;;;;;;;combine definition by cases and by composition. The remaining important ;;;;;;;mode of definition is recursion, and we will see how this is carried out, later. ;;;;;;;The lemma below asserts that if |- "(arg1=val1)", . . ., |- "(argn=valn)", ;;;;;;;and |- "((f val1 ... valn) = val)", then |- "((f arg1 ... argn) = val)". (PROVE-LEMMA COMPOSE-PROOF-PROVES (REWRITE) (IMPLIES (AND (FUNCTION FN) (SYMB FN SYMBOLS) (TERMP ARGS 1 SYMBOLS) (TERMP VALS 1 SYMBOLS) (TERMP VAL 0 SYMBOLS) (EQUAL (LENGTH ARGS) (DEGREE FN)) (EQUAL (LENGTH VALS) (DEGREE FN)) (PROVES-LIST PFLIST (LIST-F-EQUAL ARGS VALS) GIVEN DEFNS SYMBOLS) (PROVES PF (F-EQUAL (CONS FN VALS) VAL) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (CONS FN ARGS) VAL))) (PROVES (COMPOSE-PROOF FN VAL ARGS VALS PFLIST PF) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SYMB-REDUC))) (TOGGLE G0805 COMPOSE-PROOF T) ;;;;;;;Perhaps the most commonly used composition is the iterated use of CAR/CDR. ;;;;;;;The function CAR-CDR recurses down LIST and if (CAR LIST) is 1, it applies ;;;;;;;CAR to the result of (CAR-CDR X (CDR LIST)). Otherwise, it returns ;;;;;;;(CDR (CAR-CDR X (CDR LIST))). (DEFN CAR-CDR (X LIST) (IF (LISTP LIST) (IF (EQUAL (CAR LIST) 1) (CAR (CAR-CDR X (CDR LIST))) (CDR (CAR-CDR X (CDR LIST)))) X)) ;;;;;;;Z-CAR-CDR composes "Z-car" and "Z-cdr" in a manner similar to CAR-CDR. (DEFN Z-CAR-CDR (X LIST) (IF (LISTP LIST) (IF (EQUAL (CAR LIST) 1) (Z-CAR (Z-CAR-CDR X (CDR LIST))) (Z-CDR (Z-CAR-CDR X (CDR LIST)))) X)) (PROVE-LEMMA TERMP-Z-CAR-CDR (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1)) SYMBOLS) (TERMP X 0 SYMBOLS)) (TERMP (Z-CAR-CDR X LIST) 0 SYMBOLS))) (DEFN Z-CAR-CDR-PROOF (X LIST) (IF (LISTP LIST) (IF (EQUAL (CAR LIST) 1) (COMPOSE-PROOF (FN 4 1) (NCODE (CAR-CDR X LIST)) (LIST (Z-CAR-CDR (NCODE X) (CDR LIST))) (LIST (NCODE (CAR-CDR X (CDR LIST)))) (LIST (Z-CAR-CDR-PROOF X (CDR LIST))) (Z-CAR-NCODE-PROOF (CAR-CDR X (CDR LIST)))) (COMPOSE-PROOF (FN 5 1) (NCODE (CAR-CDR X LIST)) (LIST (Z-CAR-CDR (NCODE X) (CDR LIST))) (LIST (NCODE (CAR-CDR X (CDR LIST)))) (LIST (Z-CAR-CDR-PROOF X (CDR LIST))) (Z-CDR-NCODE-PROOF (CAR-CDR X (CDR LIST))))) (IDENT-AXIOM-PROOF (NCODE X)))) (TOGGLE G0806 Z-CAR NIL) (TOGGLE G0807 Z-CDR NIL) ;;;;;;;Z-CAR-CDR is the Z2 analogue of CAR-CDR. (PROVE-LEMMA Z-CAR-CDR-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (P 2 1) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-CAR-CDR (NCODE X) LIST) (NCODE (CAR-CDR X LIST))))) (PROVES (Z-CAR-CDR-PROOF X LIST) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0808 Z-CAR-CDR-PROOF T) (DEFN COMPOSE-CAR-PROOF (FN VAL ARG PFVAL) (COMPOSE-PROOF FN VAL (LIST (Z-CAR (NCODE ARG))) (LIST (NCODE (CAR ARG))) (LIST (Z-CAR-NCODE-PROOF ARG)) PFVAL)) (PROVE-LEMMA COMPOSE-CAR-PROOF-PROVES (REWRITE) (IMPLIES (AND (FUNCTION FN) (SYMB FN SYMBOLS) (EQUAL (DEGREE FN) 1) (TERMP VAL 0 SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (MEMBER (P 2 1) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (PROVES PFVAL (F-EQUAL (LIST FN (NCODE (CAR ARG))) VAL) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (LIST FN (Z-CAR (NCODE ARG))) VAL))) (PROVES (COMPOSE-CAR-PROOF FN VAL ARG PFVAL) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SYMB-REDUC))) (TOGGLE G0821 COMPOSE-CAR-PROOF T) (DEFN COMPOSE-CAR-CADR-PROOF (FN VAL ARG PFVAL) (COMPOSE-PROOF FN VAL (LIST (Z-CAR (NCODE ARG)) (Z-CAR (Z-CDR (NCODE ARG)))) (LIST (NCODE (CAR ARG)) (NCODE (CADR ARG))) (LIST (Z-CAR-NCODE-PROOF ARG) (Z-CAR-CDR-PROOF ARG (LIST 1 2))) PFVAL)) (PROVE-LEMMA COMPOSE-CAR-CADR-PROOF-PROVES (REWRITE) (IMPLIES (AND (FUNCTION FN) (SYMB FN SYMBOLS) (EQUAL (DEGREE FN) 2) (TERMP VAL 0 SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0)) SYMBOLS) (MEMBER (P 2 1) SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (PROVES PFVAL (F-EQUAL (LIST FN (NCODE (CAR ARG)) (NCODE (CADR ARG))) VAL) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (LIST FN (Z-CAR (NCODE ARG)) (Z-CAR (Z-CDR (NCODE ARG)))) VAL))) (PROVES (COMPOSE-CAR-CADR-PROOF FN VAL ARG PFVAL) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SYMB-REDUC))) (TOGGLE G0822 COMPOSE-CAR-CADR-PROOF T) ;;;;;;;Next we would like to define the Z2 analogue of APPLY-SUBR, the part ;;;;;;;of the Lisp interpreter that evaluates the Lisp primitives. This is ;;;;;;;done in three parts to make the proof manageable. In the first part ;;;;;;;we represent APPLY-SUBR1 which evaluates LISTP, CONS, CAR, and CDR. ;;;;;;;These operations are represented by the symbols 6, 7, 8, and 9, respectively, ;;;;;;;to the Lisp interpreter. APPLY-SUBR1 is represented by "(Z-apply-subr1 f args)". (DEFN Z-APPLY-SUBR1 (FN ARGS) (LIST (FN 13 2) FN ARGS)) (DEFN Z-APPLY-SUBR1-DEFN (FN ARGS Y) (F-IF (F-EQUAL FN (NCODE 6)) (F-EQUAL Y (Z-LISTP (Z-CAR ARGS))) (F-IF (F-EQUAL FN (NCODE 7)) (F-EQUAL Y (Z-CONS (Z-CAR ARGS) (Z-CAR (Z-CDR ARGS)))) (F-IF (F-EQUAL FN (NCODE 8)) (F-EQUAL Y (Z-CAR (Z-CAR ARGS))) (F-EQUAL Y (Z-CDR (Z-CAR ARGS))))))) (DEFN Z-APPLY-SUBR1-EXIS-PROOF (FN ARGS Y) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (F-EQUAL FN (NCODE 6)) (Z-LISTP (Z-CAR ARGS)) (Z-IF (F-EQUAL FN (NCODE 7)) (Z-CONS (Z-CAR ARGS) (Z-CAR (Z-CDR ARGS))) (Z-IF (F-EQUAL FN (NCODE 8)) (Z-CAR (Z-CAR ARGS)) (Z-CDR (Z-CAR ARGS))))))) (DEFN Z-APPLY-SUBR1-UNIQUE-PROOF (Y Y1 FN ARGS) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (F-EQUAL FN (NCODE 6)) (Z-LISTP (Z-CAR ARGS)) (Z-IF (F-EQUAL FN (NCODE 7)) (Z-CONS (Z-CAR ARGS) (Z-CAR (Z-CDR ARGS))) (Z-IF (F-EQUAL FN (NCODE 8)) (Z-CAR (Z-CAR ARGS)) (Z-CDR (Z-CAR ARGS))))))) (DEFN Z-APPLY-SUBR1-DEFN-PROOF (FN ARGS) (INSTANCE-PROOF (Z-APPLY-SUBR1-DEFN 0 1 (Z-APPLY-SUBR1 0 1)) (LIST 0 1) (LIST FN ARGS) (FUN-DEFN-PROOF (FN 13 2) (LIST 0 1) 2 3 (Z-APPLY-SUBR1-DEFN 0 1 2) (Z-APPLY-SUBR1-EXIS-PROOF 0 1 2) (Z-APPLY-SUBR1-UNIQUE-PROOF 2 3 0 1)))) (DEFN Z-APPLY-SUBR1-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 13 2) DEFNS) (Z-APPLY-SUBR1-DEFN 0 1 (Z-APPLY-SUBR1 0 1))) (SUBSET (LIST (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 12 2)) (REST-OF (FN 13 2) SYMBOLS)))) (PROVE-LEMMA Z-APPLY-SUBR1-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2)) SYMBOLS) (Z-APPLY-SUBR1-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL CONCL (Z-APPLY-SUBR1-DEFN X Y (Z-APPLY-SUBR1 X Y)))) (PROVES (Z-APPLY-SUBR1-DEFN-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0810 Z-APPLY-SUBR1-DEFN-PROOF T) (TOGGLE G0811 Z-APPLY-SUBR1-HYPS T) ;;;;;;;APPLY-SUBR2 evaluates the Lisp primitives ZEROP, ADD1, SUB1, and those ;;;;;;;evaluated by APPLY-SUBR1. It is represented by "(Z-apply-subr2 f args)". (DEFN Z-APPLY-SUBR2 (FN ARGS) (LIST (FN 14 2) FN ARGS)) (DEFN Z-APPLY-SUBR2-DEFN (FN ARGS Y) (F-IF (F-EQUAL FN (NCODE 3)) (F-EQUAL Y (Z-ZEROP (Z-CAR ARGS))) (F-IF (F-EQUAL FN (NCODE 4)) (F-EQUAL Y (Z-ADD1 (Z-CAR ARGS))) (F-IF (F-EQUAL FN (NCODE 5)) (F-EQUAL Y (Z-SUB1 (Z-CAR ARGS))) (F-EQUAL Y (Z-APPLY-SUBR1 FN ARGS)))))) (DEFN Z-APPLY-SUBR2-EXIS-PROOF (FN ARGS Y) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (F-EQUAL FN (NCODE 3)) (Z-ZEROP (Z-CAR ARGS)) (Z-IF (F-EQUAL FN (NCODE 4)) (Z-ADD1 (Z-CAR ARGS)) (Z-IF (F-EQUAL FN (NCODE 5)) (Z-SUB1 (Z-CAR ARGS)) (Z-APPLY-SUBR1 FN ARGS)))))) (DEFN Z-APPLY-SUBR2-UNIQUE-PROOF (FN ARGS Y Y1) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (F-EQUAL FN (NCODE 3)) (Z-ZEROP (Z-CAR ARGS)) (Z-IF (F-EQUAL FN (NCODE 4)) (Z-ADD1 (Z-CAR ARGS)) (Z-IF (F-EQUAL FN (NCODE 5)) (Z-SUB1 (Z-CAR ARGS)) (Z-APPLY-SUBR1 FN ARGS)))))) (DEFN Z-APPLY-SUBR2-DEFN-PROOF (FN ARGS) (INSTANCE-PROOF (Z-APPLY-SUBR2-DEFN 0 1 (Z-APPLY-SUBR2 0 1)) (LIST 0 1) (LIST FN ARGS) (FUN-DEFN-PROOF (FN 14 2) (LIST 0 1) 2 3 (Z-APPLY-SUBR2-DEFN 0 1 2) (Z-APPLY-SUBR2-EXIS-PROOF 0 1 2) (Z-APPLY-SUBR2-UNIQUE-PROOF 0 1 2 3)))) (DEFN Z-APPLY-SUBR2-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 14 2) DEFNS) (Z-APPLY-SUBR2-DEFN 0 1 (Z-APPLY-SUBR2 0 1))) (SUBSET (LIST (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 12 2) (FN 13 2)) (REST-OF (FN 14 2) SYMBOLS)))) (PROVE-LEMMA Z-APPLY-SUBR2-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2)) SYMBOLS) (Z-APPLY-SUBR2-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL CONCL (Z-APPLY-SUBR2-DEFN X Y (Z-APPLY-SUBR2 X Y)))) (PROVES (Z-APPLY-SUBR2-DEFN-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0812 Z-APPLY-SUBR2-DEFN-PROOF T) (TOGGLE G0813 Z-APPLY-SUBR2-HYPS T) ;;;;;;;Finally, APPLY-SUBR evaluates the Lisp primitives EQUAL, NUMBERP, ;;;;;;;and those evaluated by APPLY-SUBR2. It is represented by ;;;;;;;"(Z-apply-subr f args)". (DEFN Z-APPLY-SUBR (FN ARGS) (LIST (FN 15 2) FN ARGS)) (DEFN Z-APPLY-SUBR-DEFN (FN ARGS Y) (F-IF (F-EQUAL FN (NCODE 1)) (F-EQUAL Y (Z-EQUAL (Z-CAR ARGS) (Z-CAR (Z-CDR ARGS)))) (F-IF (F-EQUAL FN (NCODE 2)) (F-EQUAL Y (Z-NUMBERP (Z-CAR ARGS))) (F-EQUAL Y (Z-APPLY-SUBR2 FN ARGS))))) (DEFN Z-APPLY-SUBR-EXIS-PROOF (FN ARGS Y) (TERM-Z-IF-EXIS-PROOF Y (Z-IF (F-EQUAL FN (NCODE 1)) (Z-EQUAL (Z-CAR ARGS) (Z-CAR (Z-CDR ARGS))) (Z-IF (F-EQUAL FN (NCODE 2)) (Z-NUMBERP (Z-CAR ARGS)) (Z-APPLY-SUBR2 FN ARGS))))) (DEFN Z-APPLY-SUBR-UNIQUE-PROOF (FN ARGS Y Y1) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-IF (F-EQUAL FN (NCODE 1)) (Z-EQUAL (Z-CAR ARGS) (Z-CAR (Z-CDR ARGS))) (Z-IF (F-EQUAL FN (NCODE 2)) (Z-NUMBERP (Z-CAR ARGS)) (Z-APPLY-SUBR2 FN ARGS))))) (DEFN Z-APPLY-SUBR-DEFN-PROOF (FN ARGS) (INSTANCE-PROOF (Z-APPLY-SUBR-DEFN 0 1 (Z-APPLY-SUBR 0 1)) (LIST 0 1) (LIST FN ARGS) (FUN-DEFN-PROOF (FN 15 2) (LIST 0 1) 2 3 (Z-APPLY-SUBR-DEFN 0 1 2) (Z-APPLY-SUBR-EXIS-PROOF 0 1 2) (Z-APPLY-SUBR-UNIQUE-PROOF 0 1 2 3)))) (DEFN Z-APPLY-SUBR-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 15 2) DEFNS) (Z-APPLY-SUBR-DEFN 0 1 (Z-APPLY-SUBR 0 1))) (SUBSET (LIST (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 12 2) (FN 13 2) (FN 14 2)) (REST-OF (FN 15 2) SYMBOLS)))) (PROVE-LEMMA Z-APPLY-SUBR-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2)) SYMBOLS) (Z-APPLY-SUBR-HYPS DEFNS SYMBOLS) (TERMP (LIST X Y) 1 SYMBOLS) (EQUAL CONCL (Z-APPLY-SUBR-DEFN X Y (Z-APPLY-SUBR X Y)))) (PROVES (Z-APPLY-SUBR-DEFN-PROOF X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0814 Z-APPLY-SUBR-DEFN-PROOF T) (TOGGLE G0815 Z-APPLY-SUBR-HYPS T) (DEFN APPLY-SUBR1 (FN ARGS) (IF (EQUAL FN 6) (BOOL-FIX (LISTP (CAR ARGS))) (IF (EQUAL FN 7) (CONS (CAR ARGS) (CADR ARGS)) (IF (EQUAL FN 8) (CAR (CAR ARGS)) (CDR (CAR ARGS)))))) (DEFN Z-APPLY-SUBR1-NCODE-PROOF (FN ARGS) (Z-IF-EVAL-PROOF1 (LIST (LIST (EQUAL FN 6) (IDENT-AXIOM-PROOF (NCODE 6)) (NCODE-NEQUAL-PROOF FN 6)) (COMPOSE-CAR-PROOF (FN 6 1) (NCODE (BOOL-FIX (LISTP (CAR ARGS)))) ARGS (Z-LISTP-NCODE-PROOF (CAR ARGS))) (LIST (LIST (EQUAL FN 7) (IDENT-AXIOM-PROOF (NCODE 7)) (NCODE-NEQUAL-PROOF FN 7)) (COMPOSE-CAR-CADR-PROOF (FN 12 2) (NCODE (CONS (CAR ARGS) (CADR ARGS))) ARGS (Z-CONS-DEFN-PROOF (NCODE (CAR ARGS)) (NCODE (CADR ARGS)))) (LIST (LIST (EQUAL FN 8) (IDENT-AXIOM-PROOF (NCODE 8)) (NCODE-NEQUAL-PROOF FN 8)) (COMPOSE-CAR-PROOF (FN 4 1) (NCODE (CAR (CAR ARGS))) ARGS (Z-CAR-NCODE-PROOF (CAR ARGS))) (COMPOSE-CAR-PROOF (FN 5 1) (NCODE (CDR (CAR ARGS))) ARGS (Z-CDR-NCODE-PROOF (CAR ARGS)))))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 6)) (Z-LISTP (Z-CAR (NCODE ARGS))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 7)) (Z-CONS (Z-CAR (NCODE ARGS)) (Z-CAR (Z-CDR (NCODE ARGS)))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 8)) (Z-CAR (Z-CAR (NCODE ARGS))) (Z-CDR (Z-CAR (NCODE ARGS)))))) (Z-APPLY-SUBR1 (NCODE FN) (NCODE ARGS)) (NCODE (APPLY-SUBR1 FN ARGS)) (Z-APPLY-SUBR1-DEFN-PROOF (NCODE FN) (NCODE ARGS)))) (PROVE-LEMMA Z-APPLY-SUBR1-NCODE-PROOF-PROVES-STEP (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-APPLY-SUBR1-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-CONS-HYPS DEFNS SYMBOLS) (Z-LISTP-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-APPLY-SUBR1 (NCODE FN) (NCODE ARGS)) (NCODE (APPLY-SUBR1 FN ARGS))))) (PROVES (Z-APPLY-SUBR1-NCODE-PROOF FN ARGS) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0820 Z-APPLY-SUBR1-NCODE-PROOF T) (TOGGLE G0825 APPLY-SUBR1 T) (TOGGLE G0826 SUB1 T) (DEFN APPLY-SUBR2 (FN ARGS) (IF (EQUAL FN 3) (BOOL-FIX (ZEROP (CAR ARGS))) (IF (EQUAL FN 4) (ADD1 (CAR ARGS)) (IF (EQUAL FN 5) (SUB1 (CAR ARGS)) (APPLY-SUBR1 FN ARGS))))) (DEFN Z-APPLY-SUBR2-NCODE-PROOF (FN ARGS) (Z-IF-EVAL-PROOF1 (LIST (LIST (EQUAL FN 3) (IDENT-AXIOM-PROOF (NCODE 3)) (NCODE-NEQUAL-PROOF FN 3)) (COMPOSE-CAR-PROOF (FN 9 1) (NCODE (BOOL-FIX (ZEROP (CAR ARGS)))) ARGS (Z-ZEROP-NCODE-PROOF (CAR ARGS))) (LIST (LIST (EQUAL FN 4) (IDENT-AXIOM-PROOF (NCODE 4)) (NCODE-NEQUAL-PROOF FN 4)) (COMPOSE-CAR-PROOF (FN 7 1) (NCODE (ADD1 (CAR ARGS))) ARGS (Z-ADD1-NCODE-PROOF (CAR ARGS))) (LIST (LIST (EQUAL FN 5) (IDENT-AXIOM-PROOF (NCODE 5)) (NCODE-NEQUAL-PROOF FN 5)) (COMPOSE-CAR-PROOF (FN 10 1) (NCODE (SUB1 (CAR ARGS))) ARGS (Z-SUB1-NCODE-PROOF (CAR ARGS))) (Z-APPLY-SUBR1-NCODE-PROOF FN ARGS)))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 3)) (Z-ZEROP (Z-CAR (NCODE ARGS))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 4)) (Z-ADD1 (Z-CAR (NCODE ARGS))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 5)) (Z-SUB1 (Z-CAR (NCODE ARGS))) (Z-APPLY-SUBR1 (NCODE FN) (NCODE ARGS))))) (Z-APPLY-SUBR2 (NCODE FN) (NCODE ARGS)) (NCODE (APPLY-SUBR2 FN ARGS)) (Z-APPLY-SUBR2-DEFN-PROOF (NCODE FN) (NCODE ARGS)))) (PROVE-LEMMA Z-APPLY-SUBR2-NCODE-PROOF-PROVES-STEP (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-HYPS DEFNS SYMBOLS) (Z-APPLY-SUBR2-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-APPLY-SUBR1-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-CONS-HYPS DEFNS SYMBOLS) (Z-LISTP-HYPS DEFNS SYMBOLS) (Z-ADD1-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-APPLY-SUBR2 (NCODE FN) (NCODE ARGS)) (NCODE (APPLY-SUBR2 FN ARGS))))) (PROVES (Z-APPLY-SUBR2-NCODE-PROOF FN ARGS) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0827 Z-APPLY-SUBR2-NCODE-PROOF T) (TOGGLE G0828 APPLY-SUBR2 T) (DEFN APPLY-SUBR (FN ARGS) (IF (EQUAL FN 1) (BOOL-FIX (NCODE-EQUAL (CAR ARGS) (CADR ARGS))) (IF (EQUAL FN 2) (BOOL-FIX (NOT (LISTP (CAR ARGS)))) (APPLY-SUBR2 FN ARGS)))) (DEFN Z-APPLY-SUBR-NCODE-PROOF (FN ARGS) (Z-IF-EVAL-PROOF1 (LIST (LIST (EQUAL FN 1) (IDENT-AXIOM-PROOF (NCODE 1)) (NCODE-NEQUAL-PROOF FN 1)) (COMPOSE-CAR-CADR-PROOF (FN 11 2) (NCODE (BOOL-FIX (NCODE-EQUAL (CAR ARGS) (CADR ARGS)))) ARGS (Z-EQUAL-NCODE-PROOF (CAR ARGS) (CADR ARGS))) (LIST (LIST (EQUAL FN 2) (IDENT-AXIOM-PROOF (NCODE 2)) (NCODE-NEQUAL-PROOF FN 2)) (COMPOSE-CAR-PROOF (FN 8 1) (NCODE (BOOL-FIX (NOT (LISTP (CAR ARGS))))) ARGS (Z-NUMBERP-NCODE-PROOF (CAR ARGS))) (Z-APPLY-SUBR2-NCODE-PROOF FN ARGS))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 1)) (Z-EQUAL (Z-CAR (NCODE ARGS)) (Z-CAR (Z-CDR (NCODE ARGS)))) (Z-IF (F-EQUAL (NCODE FN) (NCODE 2)) (Z-NUMBERP (Z-CAR (NCODE ARGS))) (Z-APPLY-SUBR2 (NCODE FN) (NCODE ARGS)))) (Z-APPLY-SUBR (NCODE FN) (NCODE ARGS)) (NCODE (APPLY-SUBR FN ARGS)) (Z-APPLY-SUBR-DEFN-PROOF (NCODE FN) (NCODE ARGS)))) (DEFN Z-APPLY-SUBR-ALL-HYPS (GIVEN DEFNS SYMBOLS) (AND (Z-APPLY-SUBR-HYPS DEFNS SYMBOLS) (Z-APPLY-SUBR2-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-APPLY-SUBR1-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-CONS-HYPS DEFNS SYMBOLS) (Z-LISTP-HYPS DEFNS SYMBOLS) (Z-ADD1-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-EQUAL-HYPS DEFNS SYMBOLS) (Z-NUMBERP-HYPS DEFNS SYMBOLS))) (PROVE-LEMMA Z-APPLY-SUBR-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-ALL-HYPS GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-APPLY-SUBR (NCODE FN) (NCODE ARGS)) (NCODE (APPLY-SUBR FN ARGS))))) (PROVES (Z-APPLY-SUBR-NCODE-PROOF FN ARGS) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0829 Z-APPLY-SUBR-NCODE-PROOF T) (TOGGLE G0830 APPLY-SUBR T) ;;;;;;;Thus far we have shown how we can derive Z2 analogues of the Lisp primitives ;;;;;;;and the function APPLY-SUBR. These functions will be used in demonstrating ;;;;;;;the representability of the Lisp interpreter. A major obstacle that has ;;;;;;;to be overcome is the representability (in Z2) of recursively defined Lisp functions. ;;;;;;;These will be represented by specifying the partial graph (the set of value/argument ;;;;;;;ordered pairs used in the computation of the value of the function at ;;;;;;;a specific argument). This partial graph will first be constructed as a ;;;;;;;list of pairs for the computation of the Lisp function and then translated ;;;;;;;into the corresponding set. The specification of the partial graph in Z2 will be ;;;;;;;shown to hold of this translation. It will also be shown that any set ;;;;;;;satisfying the specification. ;;;;;;;The function GRAPH-TRANS below translates a list into the corresponding set ;;;;;;;so that the list (X1 . (X2 . ... (Xn . NIL))) is converted to the set ;;;;;;; "{, , ..., }". The translation of list X will be represented as [X]. (DEFN GRAPH-TRANS (X) (IF (LISTP X) (Z-UNION (Z-SING (NCODE (CAR X))) (GRAPH-TRANS (CDR X))) (PHI))) (DEFN IN-GRAPH-PROOF (X GRAPH) (IF (LISTP GRAPH) (IF (EQUAL X (CAR GRAPH)) (F-IFF-MP-PROOF2 (ISIN (NCODE X) (Z-UNION (Z-SING (NCODE X)) (GRAPH-TRANS (CDR GRAPH)))) (F-OR (ISIN (NCODE X) (Z-SING (NCODE X))) (ISIN (NCODE X) (GRAPH-TRANS (CDR GRAPH)))) (UNION-AXIOM-PROOF (NCODE X) (Z-SING (NCODE X)) (GRAPH-TRANS (CDR GRAPH))) (RT-EXPAN-PROOF (ISIN (NCODE X) (Z-SING (NCODE X))) (ISIN (NCODE X) (GRAPH-TRANS (CDR GRAPH))) (ISIN-SING1-PROOF (NCODE X)))) (F-IFF-MP-PROOF2 (ISIN (NCODE X) (Z-UNION (Z-SING (NCODE (CAR GRAPH))) (GRAPH-TRANS (CDR GRAPH)))) (F-OR (ISIN (NCODE X) (Z-SING (NCODE (CAR GRAPH)))) (ISIN (NCODE X) (GRAPH-TRANS (CDR GRAPH)))) (UNION-AXIOM-PROOF (NCODE X) (Z-SING (NCODE (CAR GRAPH))) (GRAPH-TRANS (CDR GRAPH))) (EXPAN-PROOF (ISIN (NCODE X) (Z-SING (NCODE (CAR GRAPH)))) (ISIN (NCODE X) (GRAPH-TRANS (CDR GRAPH))) (IN-GRAPH-PROOF X (CDR GRAPH))))) NIL)) (PROVE-LEMMA TERMP-GRAPH-TRANS (REWRITE) (IMPLIES (AND (MEMBER (FN 0 0) SYMBOLS) (MEMBER (FN 3 1) SYMBOLS) (MEMBER (FN 1 2) SYMBOLS) (MEMBER (FN 2 2) SYMBOLS)) (TERMP (GRAPH-TRANS X) 0 SYMBOLS)) ((INDUCT (GRAPH-TRANS X)))) ;;;;;;;If X is in GRAPH, then |- "( in [GRAPH])". (PROVE-LEMMA IN-GRAPH-PROOF-PROVES (REWRITE) (IMPLIES (AND (MEMBER (FN 0 0) SYMBOLS) (MEMBER (FN 3 1) SYMBOLS) (MEMBER (FN 1 2) SYMBOLS) (MEMBER (FN 2 2) SYMBOLS) (MEMBER (P 1 2) SYMBOLS) (MEMBER X GRAPH) (EQUAL X-BAR (NCODE X)) (EQUAL TRACE (GRAPH-TRANS GRAPH))) (PROVES (IN-GRAPH-PROOF X GRAPH) (ISIN X-BAR TRACE) GIVEN DEFNS SYMBOLS))) (TOGGLE G0831 IN-GRAPH-PROOF T) (DEFN OPAIR-EQUAL-PROOF (X Y U V) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL Y V) (F-EQUAL (Z-PAIR X Y) (Z-PAIR U V)))) (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL X U) (F-EQUAL (Z-SING X) (Z-SING U)))) (F-IMPLIES (F-EQUAL (Z-SING X) (Z-SING U)) (F-IMPLIES (F-EQUAL (Z-PAIR X Y) (Z-PAIR U V)) (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V))))) (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL Y V) (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V)))) (LIST (EQUAL-AXIOM1-PROOF (FN 1 2) (LIST X Y) (LIST U V)) (EQUAL-AXIOM1-PROOF (FN 1 2) (LIST X X) (LIST U U)) (EQUAL-AXIOM1-PROOF (FN 1 2) (LIST (Z-SING X) (Z-PAIR X Y)) (LIST (Z-SING U) (Z-PAIR U V)))))) (TOGGLE G0832 Z-OPAIR NIL) (TOGGLE G0833 Z-SING NIL) (PROVE-LEMMA OPAIR-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (MEMBER (FN 1 2) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP U 0 SYMBOLS) (TERMP V 0 SYMBOLS)) (PROVES (OPAIR-EQUAL-PROOF X Y U V) (F-IMPLIES (F-EQUAL X U) (F-IMPLIES (F-EQUAL Y V) (F-EQUAL (Z-OPAIR X Y) (Z-OPAIR U V)))) GIVEN DEFNS SYMBOLS)) ((DISABLE LIST-IMPLIES-REDUC))) (TOGGLE G0834 Z-SING T) (TOGGLE G0835 Z-OPAIR T) (TOGGLE G0836 OPAIR-EQUAL-PROOF T) (DEFN IN-GRAPH-TRANS-PROOF (X Y Z) (TAUTCONSEQ-PROOF (LIST (F-IFF (ISIN X (GRAPH-TRANS (CONS Y Z))) (F-OR (ISIN X (Z-SING (NCODE Y))) (ISIN X (GRAPH-TRANS Z)))) (F-IFF (ISIN X (Z-SING (NCODE Y))) (F-EQUAL X (NCODE Y)))) (F-IFF (ISIN X (GRAPH-TRANS (CONS Y Z))) (F-OR (F-EQUAL X (NCODE Y)) (ISIN X (GRAPH-TRANS Z)))) (LIST (UNION-AXIOM-PROOF X (Z-SING (NCODE Y)) (GRAPH-TRANS Z)) (ISIN-SING-PROOF (NCODE Y) X)))) (DEFN ISIN-GRAPH-TRANS-PROOF (X Y) (F-IFF-MP-PROOF2 (ISIN (NCODE X) (GRAPH-TRANS (CONS X Y))) (F-OR (F-EQUAL (NCODE X) (NCODE X)) (ISIN (NCODE X) (GRAPH-TRANS Y))) (IN-GRAPH-TRANS-PROOF (NCODE X) X Y) (RT-EXPAN-PROOF (F-EQUAL (NCODE X) (NCODE X)) (ISIN (NCODE X) (GRAPH-TRANS Y)) (IDENT-AXIOM-PROOF (NCODE X))))) (DEFN GRAPH-TRANS-MERGE-PROOF (X Y EXP1 EXP2 PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IFF (ISIN EXP1 (GRAPH-TRANS (CONS X Y))) (F-OR (F-EQUAL EXP1 (NCODE X)) (ISIN EXP1 (GRAPH-TRANS Y)))) (F-IMPLIES (F-EQUAL EXP1 (NCODE X)) EXP2) (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS Y)) EXP2)) (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS (CONS X Y))) EXP2) (LIST (IN-GRAPH-TRANS-PROOF EXP1 X Y) PF1 PF2))) ;;;;;;; |- "((x in [(CONS Y Z)]) <-> ((x = ) v (x in [Z])))". (PROVE-LEMMA IN-GRAPH-TRANS-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP X 0 SYMBOLS) (EQUAL Y-BAR (NCODE Y)) (EQUAL Z-BAR (GRAPH-TRANS Z))) (PROVES (IN-GRAPH-TRANS-PROOF X Y Z) (F-IFF (ISIN X (GRAPH-TRANS (CONS Y Z))) (F-OR (F-EQUAL X Y-BAR) (ISIN X Z-BAR))) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES) (USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IFF (ISIN X (GRAPH-TRANS (CONS Y Z))) (F-OR (ISIN X (Z-SING (NCODE Y))) (ISIN X (GRAPH-TRANS Z)))) (F-IFF (ISIN X (Z-SING (NCODE Y))) (F-EQUAL X (NCODE Y))))) (EXP (F-IFF (ISIN X (GRAPH-TRANS (CONS Y Z))) (F-OR (F-EQUAL X (NCODE Y)) (ISIN X (GRAPH-TRANS Z))))) (PFLIST (LIST (UNION-AXIOM-PROOF X (Z-SING (NCODE Y)) (GRAPH-TRANS Z)) (ISIN-SING-PROOF (NCODE Y) X))))))) (TOGGLE G0488 IN-GRAPH-TRANS-PROOF T) ;;;;;;; |- "( in [(CONS X Y)])". (PROVE-LEMMA ISIN-GRAPH-TRANS-PROOF-PROVES (REWRITE) (IMPLIES (AND (EQUAL X-BAR (NCODE X)) (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS)) (PROVES (ISIN-GRAPH-TRANS-PROOF X Y) (ISIN X-BAR (GRAPH-TRANS (CONS X Y))) GIVEN DEFNS SYMBOLS)) ((DISABLE GRAPH-TRANS))) ;;;;;;; If |- "((a = ) -> B)", and |- "((a in [Y]) -> B)", then |- "((a in [CONS X Y]) -> B)". ;;;;;;;This lemma is really important because we prove that every member of the ;;;;;;;partial graph satisfies the specification, by induction on the list from which ;;;;;;;the graph is constructed. This lemma permits the case-split required to carry ;;;;;;;out such an induction. This will be clarified later. (PROVE-LEMMA GRAPH-TRANS-MERGE (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP EXP1 0 SYMBOLS) (FORMULA EXP2 SYMBOLS) (PROVES PF1 (F-IMPLIES (F-EQUAL EXP1 (NCODE X)) EXP2) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS Y)) EXP2) GIVEN DEFNS SYMBOLS)) (PROVES (GRAPH-TRANS-MERGE-PROOF X Y EXP1 EXP2 PF1 PF2) (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS (CONS X Y))) EXP2) GIVEN DEFNS SYMBOLS)) ((DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES GRAPH-TRANS) (USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IFF (ISIN EXP1 (GRAPH-TRANS (CONS X Y))) (F-OR (F-EQUAL EXP1 (NCODE X)) (ISIN EXP1 (GRAPH-TRANS Y)))) (F-IMPLIES (F-EQUAL EXP1 (NCODE X)) EXP2) (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS Y)) EXP2))) (EXP (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS (CONS X Y))) EXP2)) (PFLIST (LIST (IN-GRAPH-TRANS-PROOF EXP1 X Y) PF1 PF2)))))) (TOGGLE G0490 ISIN-GRAPH-TRANS-PROOF T) (TOGGLE G0491 GRAPH-TRANS-MERGE-PROOF T) (PROVE-LEMMA NLISTP-GRAPH-TRANS (REWRITE) (IMPLIES (NLISTP X) (EQUAL (GRAPH-TRANS X) (PHI)))) (PROVE-LEMMA COLLECT-FREE-GRAPH-TRANS (REWRITE) (EQUAL (COLLECT-FREE (GRAPH-TRANS X) 0) NIL)) (TOGGLE G0459 GRAPH-TRANS T) (DEFN IN-GRAPH-STEP-PROOF (EXP X Y PF) (F-IFF-MP-PROOF2 (ISIN EXP (GRAPH-TRANS (CONS X Y))) (F-OR (F-EQUAL EXP (NCODE X)) (ISIN EXP (GRAPH-TRANS Y))) (IN-GRAPH-TRANS-PROOF EXP X Y) (EXPAN-PROOF (F-EQUAL EXP (NCODE X)) (ISIN EXP (GRAPH-TRANS Y)) PF))) ;;;;;;; If |- "(exp in [Y])", then |- "(exp in [(CONS X Y)])". (PROVE-LEMMA IN-GRAPH-STEP-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP EXP 0 SYMBOLS) (PROVES PF (ISIN EXP (GRAPH-TRANS Y)) GIVEN DEFNS SYMBOLS) (EQUAL TRACE (GRAPH-TRANS (CONS X Y)))) (PROVES (IN-GRAPH-STEP-PROOF EXP X Y PF) (ISIN EXP TRACE) GIVEN DEFNS SYMBOLS))) (TOGGLE G0837 IN-GRAPH-STEP-PROOF T) ;;;;;;;Z-LIST converts a list of the form (X1. (... (Xn . NIL))) to <, ..., >. (DEFN Z-LIST (EXP) (IF (LISTP EXP) (IF (LISTP (CDR EXP)) (Z-OPAIR (CAR EXP) (Z-LIST (CDR EXP))) (CAR EXP)) NIL)) (PROVE-LEMMA TERMP-Z-LIST (REWRITE) (IMPLIES (AND (MEMBER (FN 1 2) SYMBOLS) (LISTP LIST) (TERMP LIST 1 SYMBOLS)) (TERMP (Z-LIST LIST) 0 SYMBOLS))) (DEFN Z-LIST-EQUAL-PROOF (LIST1 LIST2 PF) (IF (AND (LISTP LIST1) (LISTP LIST2)) (IF (AND (LISTP (CDR LIST1)) (LISTP (CDR LIST2))) (AND-JOIN-PROOF (F-EQUAL (CAR LIST1) (CAR LIST2)) (LIST-F-AND (LIST-F-EQUAL (CDR LIST1) (CDR LIST2))) (DETACH-PROOF (F-EQUAL (Z-LIST LIST1) (Z-LIST LIST2)) (F-EQUAL (CAR LIST1) (CAR LIST2)) PF (Z-CAR-UNIQUE-PROOF (CAR LIST1) (Z-LIST (CDR LIST1)) (CAR LIST2) (Z-LIST (CDR LIST2)))) (Z-LIST-EQUAL-PROOF (CDR LIST1) (CDR LIST2) (DETACH-PROOF (F-EQUAL (Z-LIST LIST1) (Z-LIST LIST2)) (F-EQUAL (Z-LIST (CDR LIST1)) (Z-LIST (CDR LIST2))) PF (Z-CDR-UNIQUE-PROOF (CAR LIST1) (Z-LIST (CDR LIST1)) (CAR LIST2) (Z-LIST (CDR LIST2)))))) PF) NIL)) (DEFN LEN-EQUAL (X Y) (IF (AND (LISTP X) (LISTP Y)) (LEN-EQUAL (CDR X) (CDR Y)) (AND (NLISTP X) (NLISTP Y)))) (PROVE-LEMMA Z-LIST-EQUAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS) (TERMP LIST1 1 SYMBOLS) (TERMP LIST2 1 SYMBOLS) (LISTP LIST1) (LISTP LIST2) (LEN-EQUAL LIST1 LIST2) (PROVES PF (F-EQUAL (Z-LIST LIST1) (Z-LIST LIST2)) GIVEN DEFNS SYMBOLS)) (PROVES (Z-LIST-EQUAL-PROOF LIST1 LIST2 PF) (LIST-F-AND (LIST-F-EQUAL LIST1 LIST2)) GIVEN DEFNS SYMBOLS)) ((INDUCT (Z-LIST-EQUAL-PROOF LIST1 LIST2 PF)))) (TOGGLE G0838 Z-LIST-EQUAL-PROOF T) ;;;;;;;PROVES-FORM-Z-IF-OK is similar to PROVES-Z-IF except that in the base case, ;;;;;;;it merely checks if PFTREE is a proof of EXP. (DEFN PROVES-FORM-Z-IF-OK (PFTREE EXP GIVEN DEFNS SYMBOLS) (IF (Z-IFP EXP) (IF (CAAR PFTREE) (AND (PROVES (CADAR PFTREE) (Z-TEST EXP) GIVEN DEFNS SYMBOLS) (PROVES-FORM-Z-IF-OK (CADR PFTREE) (Z-LEFT EXP) GIVEN DEFNS SYMBOLS)) (AND (PROVES (CADDAR PFTREE) (F-NOT (Z-TEST EXP)) GIVEN DEFNS SYMBOLS) (PROVES-FORM-Z-IF-OK (CADDR PFTREE) (Z-RIGHT EXP) GIVEN DEFNS SYMBOLS))) (PROVES PFTREE EXP GIVEN DEFNS SYMBOLS))) (DEFN FORM-Z-IF-OK-PROOF (PFTREE EXP) (IF (Z-IFP EXP) (IF (CAAR PFTREE) (F-IF-INTRO-PROOF1 (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (CADAR PFTREE) (FORM-Z-IF-OK-PROOF (CADR PFTREE) (Z-LEFT EXP))) (F-IF-INTRO-PROOF2 (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (CADDAR PFTREE) (FORM-Z-IF-OK-PROOF (CADDR PFTREE) (Z-RIGHT EXP)))) PFTREE)) ;;;;;;;From a proof-tree containing proofs of each of the test nodes of an form-if-tree ;;;;;;;and the leaf node that they lead upto, we can construct a proof of the entire ;;;;;;;if-expression represented by the form-if-tree. (PROVE-LEMMA FORM-Z-IF-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (PROVES-FORM-Z-IF-OK PFTREE EXP GIVEN DEFNS SYMBOLS) (EQUAL CONCL (MAKE-FORM-Z-IF EXP))) (PROVES (FORM-Z-IF-OK-PROOF PFTREE EXP) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0839 FORM-Z-IF-OK-PROOF T) (DEFN EQUAL-Z-LIST-PROOF (X Y PFLIST) (IF (AND (LISTP X) (LISTP Y)) (IF (AND (LISTP (CDR X)) (LISTP (CDR Y))) (LIST-DETACH-PROOF (LIST (F-EQUAL (CAR X) (CAR Y)) (F-EQUAL (Z-LIST (CDR X)) (Z-LIST (CDR Y)))) (F-EQUAL (Z-LIST X) (Z-LIST Y)) (LIST (CAR PFLIST) (EQUAL-Z-LIST-PROOF (CDR X) (CDR Y) (CDR PFLIST))) (OPAIR-EQUAL-PROOF (CAR X) (Z-LIST (CDR X)) (CAR Y) (Z-LIST (CDR Y)))) (CAR PFLIST)) NIL)) (PROVE-LEMMA EQUAL-Z-LIST-PROOF-PROVES (REWRITE) (IMPLIES (AND (MEMBER (FN 1 2) SYMBOLS) (TERMP X 1 SYMBOLS) (TERMP Y 1 SYMBOLS) (LISTP X) (LISTP Y) (LEN-EQUAL X Y) (PROVES-LIST PFLIST (LIST-F-EQUAL X Y) GIVEN DEFNS SYMBOLS)) (PROVES (EQUAL-Z-LIST-PROOF X Y PFLIST) (F-EQUAL (Z-LIST X) (Z-LIST Y)) GIVEN DEFNS SYMBOLS)) ((INDUCT (EQUAL-Z-LIST-PROOF X Y PFLIST)))) (TOGGLE G0842 EQUAL-Z-LIST-PROOF T) (PROVE-LEMMA EQUAL-Z-LIST-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (MEMBER (FN 1 2) SYMBOLS) (TERMP X 1 SYMBOLS) (TERMP Y 1 SYMBOLS) (LISTP X) (LISTP Y) (LEN-EQUAL X Y) (PROVES-LIST PFLIST (LIST-F-EQUAL X Y) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-LIST X) (Z-LIST Y)))) (PROVES (EQUAL-Z-LIST-PROOF X Y PFLIST) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0843 EQUAL-Z-LIST-PROOF-PROVES T) (PROVE-LEMMA NLISTP-NCODE (REWRITE) (IMPLIES (NLISTP X) (EQUAL (NCODE X) (NUMERAL X)))) (DEFN FLIP-NOT-EQUALS-PROOF (X Y PF) (DETACH-PROOF (F-NOT (F-EQUAL X Y)) (F-NOT (F-EQUAL Y X)) PF (CONTRA-POS-PROOF1 (F-EQUAL Y X) (F-EQUAL X Y) (SYMMETRY-PROOF1 Y X)))) (PROVE-LEMMA TERM-LIST-VAR-LIST (REWRITE) (IMPLIES (VAR-LIST VARS (LENGTH VARS)) (TERM-LIST VARS SYMBOLS))) (DEFN FORM-EQUAL-CASE-PROOF (VARS TERMS EXP PF) (TAUTCONSEQ-PROOF (LIST (PARALLEL-SUBST EXP VARS TERMS 0) (F-IMPLIES (LIST-F-AND (LIST-F-EQUAL VARS TERMS)) (F-IFF EXP (PARALLEL-SUBST EXP VARS TERMS 0)))) (F-IMPLIES (LIST-F-AND (LIST-F-EQUAL VARS TERMS)) EXP) (LIST PF (FORM-EQUAL-PROOF EXP (PARALLEL-SUBST EXP VARS TERMS 0) (LIST-F-EQUAL VARS TERMS))))) (PROVE-LEMMA TERM-LIST-TERMP (REWRITE) (IMPLIES (TERM-LIST TERMS SYMBOLS) (TERMP TERMS 1 SYMBOLS))) ;;;;;;;If |- "[a1/x1, ..., an/xn]A", then |- "(((x1=a1) ^ ... ^ (xn=an)) -> A)". (PROVE-LEMMA FORM-EQUAL-CASE-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (PROVES PF (PARALLEL-SUBST EXP VARS TERMS 0) GIVEN DEFNS SYMBOLS) (VAR-LIST VARS (LENGTH VARS)) (TERM-LIST TERMS SYMBOLS) (LISTP (LIST-F-EQUAL VARS TERMS)) (EQUAL (COLLECT-FREE TERMS 1) NIL) (EQUAL CONCL (F-IMPLIES (LIST-F-AND (LIST-F-EQUAL VARS TERMS)) EXP))) (PROVES (FORM-EQUAL-CASE-PROOF VARS TERMS EXP PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (PARALLEL-SUBST EXP VARS TERMS 0) (F-IMPLIES (LIST-F-AND (LIST-F-EQUAL VARS TERMS)) (F-IFF EXP (PARALLEL-SUBST EXP VARS TERMS 0))))) (EXP (F-IMPLIES (LIST-F-AND (LIST-F-EQUAL VARS TERMS)) EXP)) (PFLIST (LIST PF (FORM-EQUAL-PROOF EXP (PARALLEL-SUBST EXP VARS TERMS 0) (LIST-F-EQUAL VARS TERMS)))))) (DISABLE LIST-F-AND EVAL-TAUTCONSEQ-PROOF-PROVES))) (TOGGLE G0931 FORM-EQUAL-CASE-PROOF T) (DEFN Z-LIST-EQUAL-IMP-PROOF (X Y) (IF (AND (LISTP X) (LISTP Y)) (IF (AND (LISTP (CDR X)) (LISTP (CDR Y))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL (Z-LIST X) (Z-LIST Y)) (F-EQUAL (CAR X) (CAR Y))) (F-IMPLIES (F-EQUAL (Z-LIST X) (Z-LIST Y)) (LIST-F-AND (LIST-F-EQUAL (CDR X) (CDR Y))))) (F-IMPLIES (F-EQUAL (Z-LIST X) (Z-LIST Y)) (LIST-F-AND (LIST-F-EQUAL X Y))) (LIST (Z-CAR-UNIQUE-PROOF (CAR X) (Z-LIST (CDR X)) (CAR Y) (Z-LIST (CDR Y))) (CHAIN-PROOF (F-EQUAL (Z-LIST X) (Z-LIST Y)) (LIST-F-AND (LIST-F-EQUAL (CDR X) (CDR Y))) (LIST (F-EQUAL (Z-LIST (CDR X)) (Z-LIST (CDR Y)))) (LIST (Z-CDR-UNIQUE-PROOF (CAR X) (Z-LIST (CDR X)) (CAR Y) (Z-LIST (CDR Y))) (Z-LIST-EQUAL-IMP-PROOF (CDR X) (CDR Y)))))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-EQUAL (CAR X) (CAR Y)) (F-EQUAL (CAR X) (CAR Y))) NIL)) NIL)) (PROVE-LEMMA TERMP-CAR-CDR (REWRITE) (IMPLIES (AND (LISTP X) (TERMP X 1 SYMBOLS)) (AND (TERMP (CAR X) 0 SYMBOLS) (TERMP (CDR X) 1 SYMBOLS)))) (PROVE-LEMMA Z-LIST-EQUAL-IMP-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS) (TERMP LIST1 1 SYMBOLS) (TERMP LIST2 1 SYMBOLS) (LISTP LIST1) (LISTP LIST2) (LEN-EQUAL LIST1 LIST2)) (PROVES (Z-LIST-EQUAL-IMP-PROOF LIST1 LIST2) (F-IMPLIES (F-EQUAL (Z-LIST LIST1) (Z-LIST LIST2)) (LIST-F-AND (LIST-F-EQUAL LIST1 LIST2))) GIVEN DEFNS SYMBOLS)) ((INDUCT (Z-LIST-EQUAL-IMP-PROOF LIST1 LIST2)))) (TOGGLE G0845 Z-LIST-EQUAL-IMP-PROOF T) (PROVE-LEMMA Z-LIST-EQUAL-IMP-PROOF-PROVES1 (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS) (TERMP LIST1 1 SYMBOLS) (TERMP LIST2 1 SYMBOLS) (LISTP LIST1) (LISTP LIST2) (LEN-EQUAL LIST1 LIST2) (EQUAL CONCL (F-IMPLIES (F-EQUAL (Z-LIST LIST1) (Z-LIST LIST2)) (LIST-F-AND (LIST-F-EQUAL LIST1 LIST2))))) (PROVES (Z-LIST-EQUAL-IMP-PROOF LIST1 LIST2) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0846 Z-LIST-EQUAL-IMP-PROOF-PROVES T) (DEFN EQUAL-ISIN-PROOF (X Y Z PF1 PF2) (LIST-DETACH-PROOF (LIST (F-EQUAL X Y) (F-EQUAL Z Z) (ISIN X Z)) (ISIN Y Z) (LIST PF1 (IDENT-AXIOM-PROOF Z) PF2) (EQUAL-AXIOM2-PROOF (P 1 2) (LIST X Z) (LIST Y Z)))) ;;;;;;;If |- "(x = y)", and |- "(x in z)", then |- "(y in z)". (PROVE-LEMMA EQUAL-ISIN-PROOF-PROVES (REWRITE) (IMPLIES (AND (PROVES PF1 (F-EQUAL X Y) GIVEN DEFNS SYMBOLS) (PROVES PF2 (ISIN X Z) GIVEN DEFNS SYMBOLS)) (PROVES (EQUAL-ISIN-PROOF X Y Z PF1 PF2) (ISIN Y Z) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-EQUAL X Y))) (PROVES-IS-FORMULA (PF PF2) (EXP (ISIN X Z)))) )) ;;;;;;;As it turns out, in order to represent the Lisp interpreter in Z2, we only need ;;;;;;;represent two recursive functions, the function GET below, and the Lisp interpreter ;;;;;;;EV itself. The Lisp interpreter is a Lisp function which evaluates quoted ;;;;;;;Lisp objects which represent pure-Lisp expressions. These e-expressions are ;;;;;;;either e-variables (represented by numbers) or e-function symbols (also represented ;;;;;;;by numbers) applied to a list of e-expressions. The interpreter takes as ;;;;;;;its arguments: the e-expression to be evaluated, the bindings of values to the ;;;;;;;e-variables, and the bindings of definitions to the defined e-function symbols. ;;;;;;;Since e-variables are numbers, their bindings are stored in a list so that the ;;;;;;;binding of the variable N is the N+1th element in the list. GET does exactly ;;;;;;;this by returning the X+1th element in the list Y. (DEFN GET (X Y) (IF (ZEROP X) (CAR Y) (GET (SUB1 X) (CDR Y)))) ;;;;;;;We said earlier that the partial graph corresponding to a computation is first ;;;;;;;constructed as a list of value/argument pairs which is then translated into the ;;;;;;;corresponding set. GET-GRAPH constructs this list of value/argument pairs ;;;;;;;corresponding to the computation of (GET X Y). (DEFN GET-GRAPH (X Y) (IF (ZEROP X) (LIST (CONS (GET X Y) (CONS X Y))) (CONS (CONS (GET X Y) (CONS X Y)) (GET-GRAPH (SUB1 X) (CDR Y))))) (PROVE-LEMMA MEMBER-GET-GRAPH (REWRITE) (MEMBER (CONS (GET X Y) (CONS X Y)) (GET-GRAPH X Y))) (PROVE-LEMMA IN-GRAPH-CDR-GET-GRAPH (REWRITE) (IMPLIES (NOT (ZEROP X)) (MEMBER (CONS (GET X Y) (CONS (SUB1 X) (CDR Y))) (GET-GRAPH X Y)))) (DEFN A-GET-DEFN-PART-OK-PROOF1 (X Y) (FORM-Z-IF-OK-PROOF (LIST (LIST (ZEROP X) (Z-ZEROP-NCODE-PROOF X) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-ZEROP (NCODE X)) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (Z-ZEROP-NCODE-PROOF X))) (FLIP-EQUALS-PROOF (Z-CAR (NCODE Y)) (NCODE (GET X Y)) (Z-CAR-NCODE-PROOF Y)) (EQUAL-ISIN-PROOF (Z-LIST (LIST (NCODE (GET X Y)) (NCODE (SUB1 X)) (NCODE (CDR Y)))) (Z-LIST (LIST (NCODE (GET X Y)) (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y)))) (GRAPH-TRANS (GET-GRAPH X Y)) (EQUAL-Z-LIST-PROOF (LIST (NCODE (GET X Y)) (NCODE (SUB1 X)) (NCODE (CDR Y))) (LIST (NCODE (GET X Y)) (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y))) (LIST (IDENT-AXIOM-PROOF (NCODE (GET X Y))) (FLIP-EQUALS-PROOF (Z-SUB1 (NCODE X)) (NCODE (SUB1 X)) (Z-SUB1-NCODE-PROOF X)) (FLIP-EQUALS-PROOF (Z-CDR (NCODE Y)) (NCODE (CDR Y)) (Z-CDR-NCODE-PROOF Y)))) (IN-GRAPH-PROOF (CONS (GET X Y) (CONS (SUB1 X) (CDR Y))) (GET-GRAPH X Y)))) (Z-IF (F-EQUAL (Z-ZEROP (NCODE X)) (NCODE 1)) (F-EQUAL (NCODE (GET X Y)) (Z-CAR (NCODE Y))) (ISIN (Z-OPAIR (NCODE (GET X Y)) (Z-OPAIR (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y)))) (GRAPH-TRANS (GET-GRAPH X Y)))))) ;;;;;;;At this point we present the Z2 formula which represents the Lisp function GET. ;;;;;;;The formula representing the assertion (GET X Y) = VAL asserts the existence ;;;;;;;of a partial graph "trace" to which the tuple <, , > belongs, such ;;;;;;;that all of its members satisfy the Z2 analogue of the definition of GET. ;;;;;;;More formally, ;;;;;;; "(forsome trace (( in trace) ;;;;;;; ^ ;;;;;;; (forall v1, x1, y1 ;;;;;;; (( in trace) ;;;;;;; -> ;;;;;;; (if ((Z-zerop x1) = <1>) ;;;;;;; then (v1 = (Z-car y1)) ;;;;;;; else ( in trace))))))". ;;;;;;; ;;;;;;;Notice how in the second part where we specify that each 3-tuple "" ;;;;;;;in "trace" satisfies the Z2 analogue of the definition of GET, the analogue of ;;;;;;;the recursive call (GET (SUB1 X)(CDR Y)) is the membership check ;;;;;;;"( in trace)". A-GET-DEFN-PART below constructs ;;;;;;;the definition (second) part of the above formula. (DEFN A-GET-DEFN-PART (X Y VAL TRACE) (F-IF (F-EQUAL (Z-ZEROP X) (NCODE 1)) (F-EQUAL VAL (Z-CAR Y)) (ISIN (Z-LIST (LIST VAL (Z-SUB1 X) (Z-CDR Y))) TRACE))) ;;;;;;;Next we wish to show that the partial graph given by (GET-GRAPH X Y) ;;;;;;;satisfies the formula above. By this we show that the representing formula ;;;;;;;is `OK'. This is done in many steps. One part ;;;;;;;of this is to show that each element of this partial graph satisfies the ;;;;;;;A-GET-DEFN-PART. This will be done by induction. The first part is ;;;;;;;to show that "<<(GET X Y)>, , >" satisfies the definition part ;;;;;;;with (GRAPH-TRANS (GET-GRAPH X Y)) for "trace". This is carried out below. (PROVE-LEMMA A-GET-DEFN-PART-OK-PROOF1-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL CONCL (A-GET-DEFN-PART (NCODE X) (NCODE Y) (NCODE (GET X Y)) (GRAPH-TRANS (GET-GRAPH X Y))))) (PROVES (A-GET-DEFN-PART-OK-PROOF1 X Y) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0847 A-GET-DEFN-PART-OK-PROOF1 T) (DEFN IN-GRAPH-CDR-PROOF (X Y GRAPH) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-OR (F-EQUAL X (NCODE Y)) (ISIN X (GRAPH-TRANS GRAPH))) (ISIN X (GRAPH-TRANS (CONS Y GRAPH))))) (F-IMPLIES (ISIN X (GRAPH-TRANS GRAPH)) (ISIN X (GRAPH-TRANS (CONS Y GRAPH)))) (LIST (IFF-SPLIT-PROOF2 (ISIN X (GRAPH-TRANS (CONS Y GRAPH))) (F-OR (F-EQUAL X (NCODE Y)) (ISIN X (GRAPH-TRANS GRAPH))) (IN-GRAPH-TRANS-PROOF X Y GRAPH))))) ;;;;;;; |- "((x in [GRAPH]) -> (x in [(CONS Y GRAPH)]))". (PROVE-LEMMA IN-GRAPH-CDR-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 3 1) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (TERMP X 0 SYMBOLS)) (PROVES (IN-GRAPH-CDR-PROOF X Y GRAPH) (F-IMPLIES (ISIN X (GRAPH-TRANS GRAPH)) (ISIN X (GRAPH-TRANS (CONS Y GRAPH)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0850 IN-GRAPH-CDR-PROOF T) (DEFN A-GET-DEFN-PART-STEP-PROOF (Y U V V1 PF) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES V V1)) (F-IMPLIES (F-IF Y U V) (F-IF Y U V1)) (LIST PF))) ;;;;;;;If |- "(C -> C1)", then |- "((if A then B else C) -> (if A then B else C1))". (PROVE-LEMMA A-GET-DEFN-PART-STEP-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA (F-IF Y U V) SYMBOLS) (FORMULA V1 SYMBOLS) (PROVES PF (F-IMPLIES V V1) GIVEN DEFNS SYMBOLS)) (PROVES (A-GET-DEFN-PART-STEP-PROOF Y U V V1 PF) (F-IMPLIES (F-IF Y U V) (F-IF Y U V1)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0851 A-GET-DEFN-PART-STEP-PROOF T) (DEFN INST-FORMALS-PROOF (FORMALS ACTUALS EXP PF) (CHAIN-PROOF (F-EQUAL (Z-LIST FORMALS) (Z-LIST ACTUALS)) EXP (LIST (LIST-F-AND (LIST-F-EQUAL FORMALS ACTUALS))) (LIST (Z-LIST-EQUAL-IMP-PROOF FORMALS ACTUALS) (FORM-EQUAL-CASE-PROOF FORMALS ACTUALS EXP PF)))) (DEFN A-GET-DEFN-OK-PROOF (X1 Y1 VAL1 X Y) (IF (ZEROP X) (GRAPH-TRANS-MERGE-PROOF (CONS (GET X Y) (CONS X Y)) NIL (Z-LIST (LIST VAL1 X1 Y1)) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))) (INST-FORMALS-PROOF (LIST VAL1 X1 Y1) (LIST (NCODE (GET X Y)) (NCODE X) (NCODE Y)) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))) (A-GET-DEFN-PART-OK-PROOF1 X Y)) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN (Z-LIST (LIST VAL1 X1 Y1)) (PHI)))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) (PHI)) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y)))) (LIST (NULL-AXIOM-PROOF (Z-LIST (LIST VAL1 X1 Y1)))))) (GRAPH-TRANS-MERGE-PROOF (CONS (GET X Y) (CONS X Y)) (GET-GRAPH (SUB1 X) (CDR Y)) (Z-LIST (LIST VAL1 X1 Y1)) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))) (INST-FORMALS-PROOF (LIST VAL1 X1 Y1) (LIST (NCODE (GET X Y)) (NCODE X) (NCODE Y)) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))) (A-GET-DEFN-PART-OK-PROOF1 X Y)) (CHAIN-PROOF (ISIN (Z-LIST (LIST VAL1 X1 Y1)) (GRAPH-TRANS (GET-GRAPH (SUB1 X) (CDR Y)))) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))) (LIST (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH (SUB1 X) (CDR Y))))) (LIST (A-GET-DEFN-OK-PROOF X1 Y1 VAL1 (SUB1 X) (CDR Y)) (A-GET-DEFN-PART-STEP-PROOF (F-EQUAL (Z-ZEROP X1) (NCODE 1)) (F-EQUAL VAL1 (Z-CAR Y1)) (ISIN (Z-LIST (LIST VAL1 (Z-SUB1 X1) (Z-CDR Y1))) (GRAPH-TRANS (GET-GRAPH (SUB1 X) (CDR Y)))) (ISIN (Z-LIST (LIST VAL1 (Z-SUB1 X1) (Z-CDR Y1))) (GRAPH-TRANS (GET-GRAPH X Y))) (IN-GRAPH-CDR-PROOF (Z-LIST (LIST VAL1 (Z-SUB1 X1) (Z-CDR Y1))) (CONS (GET X Y) (CONS X Y)) (GET-GRAPH (SUB1 X) (CDR Y))))))))) ;;;;;;;In the lemma below, we carry out the induction to prove that every element of ;;;;;;;the partial graph satisfies the analogue of the definition of GET, i.e., ;;;;;;; |- "(( in [(GET-GRAPH X Y)]) -> (A-GET-DEFN-PART x1 y1 v1 [(GET-GRAPH X Y)]))". (PROVE-LEMMA A-GET-DEFN-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST VAL1 X1 Y1) 3)) (PROVES (A-GET-DEFN-OK-PROOF X1 Y1 VAL1 X Y) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) (GRAPH-TRANS (GET-GRAPH X Y))) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0852 A-GET-DEFN-OK-PROOF T) (DEFN LIST-GEN-PROOF (VARS EXP PF) (IF (LISTP VARS) (GENERALISE-PROOF (CAR VARS) (LIST-ALL-QUANTIFY (CDR VARS) EXP) (LIST-GEN-PROOF (CDR VARS) EXP PF)) PF)) (PROVE-LEMMA LIST-GEN-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-LIST VARS (LENGTH VARS)) (PROVES PF EXP GIVEN DEFNS SYMBOLS)) (PROVES (LIST-GEN-PROOF VARS EXP PF) (LIST-ALL-QUANTIFY VARS EXP) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA)))) (TOGGLE G0853 LIST-GEN-PROOF T) (TOGGLE G0854 A-GET-DEFN-PART T) ;;;;;;;A-GET combines the first and second parts of the specification of "trace". (DEFN A-GET (X Y VAL X1 Y1 VAL1 TRACE) (F-AND (ISIN (Z-OPAIR VAL (Z-OPAIR X Y)) TRACE) (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))))) (DEFN A-GET-OK-PROOF1 (X Y X1 Y1 VAL1) (AND-JOIN-PROOF (ISIN (NCODE (CONS (GET X Y) (CONS X Y))) (GRAPH-TRANS (GET-GRAPH X Y))) (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) (GRAPH-TRANS (GET-GRAPH X Y))) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))))) (IN-GRAPH-PROOF (CONS (GET X Y) (CONS X Y)) (GET-GRAPH X Y)) (LIST-GEN-PROOF (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) (GRAPH-TRANS (GET-GRAPH X Y))) (A-GET-DEFN-PART X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y)))) (A-GET-DEFN-OK-PROOF X1 Y1 VAL1 X Y)))) ;;;;;;;Finally we show that ;;;;;;;|- "[/x, /y, <(GET X Y)>/val, [(GET-GRAPH X Y)]/trace]A-get". ;;;;;;;This completes the first part of the representability proof for GET. ;;;;;;;The second part involves showing that any "trace" satisfying the ;;;;;;;specification A-GET must encode only evaluations of GET. By this we ;;;;;;;show that the representing formula is `GOOD'. (PROVE-LEMMA A-GET-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST VAL1 X1 Y1) 3) (EQUAL X-BAR (NCODE X)) (EQUAL Y-BAR (NCODE Y)) (EQUAL VAL-BAR (NCODE (GET X Y))) (EQUAL TRACE (GRAPH-TRANS (GET-GRAPH X Y)))) (PROVES (A-GET-OK-PROOF1 X Y X1 Y1 VAL1) (A-GET X-BAR Y-BAR VAL-BAR X1 Y1 VAL1 TRACE) GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST LIST-ALL-QUANTIFY))) (TOGGLE G0856 A-GET-OK-PROOF1 T) (TOGGLE G0857 A-GET-DEFN-PART NIL) (DEFN EQUAL-ISIN-IMP-PROOF (X Y Z PF) (LIST-DETACH-PROOF (LIST (F-EQUAL X Y) (F-EQUAL Z Z)) (F-IMPLIES (ISIN X Z) (ISIN Y Z)) (LIST PF (IDENT-AXIOM-PROOF Z)) (EQUAL-AXIOM2-PROOF (P 1 2) (LIST X Z) (LIST Y Z)))) (PROVE-LEMMA FORM-Z-IF-EVAL-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (TERMP (LIST LHS VAL) 1 SYMBOLS) (PROVES-FORM-Z-IF-EVAL PF-TREE EXP LHS VAL GIVEN DEFNS SYMBOLS) (EQUAL FORM (MAKE-FORM-Z-IF EXP))) (PROVES (FORM-Z-IF-EVAL-PROOF PF-TREE EXP LHS VAL) (F-IMPLIES FORM (F-EQUAL LHS VAL)) GIVEN DEFNS SYMBOLS)) ((USE (FORM-Z-IF-EVAL-PROOF-PROVES)))) (TOGGLE G0858 FORM-Z-IF-EVAL-PROOF-PROVES T) ;;;;;;;PROVES-REC-FORM-Z-IF-EVAL is similar to PROVES-Z-IF, except that ;;;;;;;in the base case it checks if PF-TREE is a proof of "(EXP -> CONCL)". (DEFN PROVES-REC-FORM-Z-IF-EVAL (PF-TREE EXP CONCL GIVEN DEFNS SYMBOLS) (IF (Z-IFP EXP) (IF (CAAR PF-TREE) (AND (PROVES (CADAR PF-TREE) (Z-TEST EXP) GIVEN DEFNS SYMBOLS) (PROVES-REC-FORM-Z-IF-EVAL (CADR PF-TREE) (Z-LEFT EXP) CONCL GIVEN DEFNS SYMBOLS)) (AND (PROVES (CADDAR PF-TREE) (F-NOT (Z-TEST EXP)) GIVEN DEFNS SYMBOLS) (PROVES-REC-FORM-Z-IF-EVAL (CADDR PF-TREE) (Z-RIGHT EXP) CONCL GIVEN DEFNS SYMBOLS))) (PROVES PF-TREE (F-IMPLIES EXP CONCL) GIVEN DEFNS SYMBOLS))) (DEFN REC-FORM-Z-IF-EVAL-PROOF (PF-TREE EXP CONCL) (IF (Z-IFP EXP) (IF (CAAR PF-TREE) (CHAIN-PROOF (MAKE-FORM-Z-IF EXP) CONCL (LIST (MAKE-FORM-Z-IF (Z-LEFT EXP))) (LIST (F-IF-ELIM-PROOF1 (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (CADAR PF-TREE)) (REC-FORM-Z-IF-EVAL-PROOF (CADR PF-TREE) (Z-LEFT EXP) CONCL))) (CHAIN-PROOF (MAKE-FORM-Z-IF EXP) CONCL (LIST (MAKE-FORM-Z-IF (Z-RIGHT EXP))) (LIST (F-IF-ELIM-PROOF2 (Z-TEST EXP) (MAKE-FORM-Z-IF (Z-LEFT EXP)) (MAKE-FORM-Z-IF (Z-RIGHT EXP)) (CADDAR PF-TREE)) (REC-FORM-Z-IF-EVAL-PROOF (CADDR PF-TREE) (Z-RIGHT EXP) CONCL)))) PF-TREE)) ;;;;;;;The lemma below proves that if each of the leaf nodes of an form-if-tree ;;;;;;;implies a certain conclusion CONCL, then the if-expression represented by ;;;;;;;the if-tree implies CONCL. (PROVE-LEMMA REC-FORM-Z-IF-EVAL-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (PROVES-REC-FORM-Z-IF-EVAL PF-TREE EXP CONCL GIVEN DEFNS SYMBOLS)) (PROVES (REC-FORM-Z-IF-EVAL-PROOF PF-TREE EXP CONCL) (F-IMPLIES (MAKE-FORM-Z-IF EXP) CONCL) GIVEN DEFNS SYMBOLS))) (TOGGLE G0743 REC-FORM-Z-IF-EVAL-PROOF T) (PROVE-LEMMA REC-FORM-Z-IF-EVAL-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (FORM-Z-IF EXP SYMBOLS) (PROVES-REC-FORM-Z-IF-EVAL PF-TREE EXP CONCL GIVEN DEFNS SYMBOLS) (EQUAL FORM (MAKE-FORM-Z-IF EXP))) (PROVES (REC-FORM-Z-IF-EVAL-PROOF PF-TREE EXP CONCL) (F-IMPLIES FORM CONCL) GIVEN DEFNS SYMBOLS))) (TOGGLE G0745 REC-FORM-Z-IF-EVAL-PROOF-PROVES T) (PROVE-LEMMA TERMP-IF (REWRITE) (EQUAL (TERMP (IF X Y Z) FLG SYMBOLS) (IF X (TERMP Y FLG SYMBOLS) (TERMP Z FLG SYMBOLS)))) (DEFN A-GET-DEFN-PART-GOOD-PROOF1 (X Y VAL TRACE EXP PF) (REC-FORM-Z-IF-EVAL-PROOF (LIST (LIST (ZEROP X) (Z-ZEROP-NCODE-PROOF X) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-ZEROP (NCODE X)) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (Z-ZEROP-NCODE-PROOF X))) (TRANS-IMPLIES-PROOF (F-EQUAL VAL (Z-CAR (NCODE Y))) (F-EQUAL VAL (NCODE (CAR Y))) (F-IMPLIES EXP (F-EQUAL VAL (NCODE (CAR Y)))) (LIST-DETACH-PROOF (LIST (F-EQUAL VAL VAL) (F-EQUAL (Z-CAR (NCODE Y)) (NCODE (CAR Y)))) (F-IMPLIES (F-EQUAL VAL (Z-CAR (NCODE Y))) (F-EQUAL VAL (NCODE (CAR Y)))) (LIST (IDENT-AXIOM-PROOF VAL) (Z-CAR-NCODE-PROOF Y)) (EQUAL-AXIOM2-PROOF (P 0 2) (LIST VAL (Z-CAR (NCODE Y))) (LIST VAL (NCODE (CAR Y))))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-EQUAL VAL (NCODE (CAR Y))) (F-IMPLIES EXP (F-EQUAL VAL (NCODE (CAR Y))))) NIL)) (TRANS-IMPLIES-PROOF (ISIN (Z-LIST (LIST VAL (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y)))) TRACE) (ISIN (Z-LIST (LIST VAL (NCODE (SUB1 X)) (NCODE (CDR Y)))) TRACE) (F-IMPLIES EXP (F-EQUAL VAL (NCODE (GET X Y)))) (EQUAL-ISIN-IMP-PROOF (Z-LIST (LIST VAL (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y)))) (Z-LIST (LIST VAL (NCODE (SUB1 X)) (NCODE (CDR Y)))) TRACE (EQUAL-Z-LIST-PROOF (LIST VAL (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y))) (LIST VAL (NCODE (SUB1 X)) (NCODE (CDR Y))) (LIST (IDENT-AXIOM-PROOF VAL) (Z-SUB1-NCODE-PROOF X) (Z-CDR-NCODE-PROOF Y)))) PF)) (Z-IF (F-EQUAL (Z-ZEROP (NCODE X)) (NCODE 1)) (F-EQUAL VAL (Z-CAR (NCODE Y))) (ISIN (Z-OPAIR VAL (Z-OPAIR (Z-SUB1 (NCODE X)) (Z-CDR (NCODE Y)))) TRACE)) (F-IMPLIES EXP (F-EQUAL VAL (NCODE (GET X Y)))))) ;;;;;;;The second part involves showing that A-GET is `GOOD', i.e., that ;;;;;;;any "trace" satisfying A-GET encodes a computation of GET. ;;;;;;;The proof is somewhat tricky but the essential idea is this: ;;;;;;;we want to prove "A-get(, , val, trace) -> (val = <(GET X Y)>)". ;;;;;;;We start with the left-hand side of this implication, it implies that ;;;;;;; "(<, , val> in trace)" and hence by the second part of "A-get" ;;;;;;;that "<, , val>" satisfies the analogue of the definition of GET. ;;;;;;;If (ZEROP X), then "((Z-zerop ) = <1>)" and hence "(val = (Z-car ))" ;;;;;;;which by the lemma about "Z-car" is "(val = <(CAR Y)>)" which is the ;;;;;;;desired conclusion. In the case when (ZEROP X) is F, we have ;;;;;;;"(A-get(, , val, trace) -> (), (Z-cdr )> in trace))" ;;;;;;;(call it [1]), the r.h.s. of which is "(, <(CDR Y)>> in trace)" ;;;;;;;By the induction hypothesis, ;;;;;;;"(A-get(<(SUB1 X)>, <(CDR Y)>, val, trace) -> (val = <(GET (SUB1 X)(CDR Y))>))" [2]. ;;;;;;;But "A-get(, , val, trace)" and "(, <(CDR Y)>> in trace)" imply ;;;;;;;"A-get(<(SUB1 X)>, <(CDR Y)>, val, trace)". By [1], [2], and the definition of GET, ;;;;;;;we have the desired conclusion. The lemma below is one portion of the argument ;;;;;;;above where we prove ;;;;;;; |- "(A-get-defn-part(, , val, trace) -> (EXP -> (val = <(GET X Y)>)))", ;;;;;;;provided when (ZEROP X) is F, ;;;;;;; |- "((, <(CDR Y)>> in trace) -> (EXP -> (val = <(GET X Y)>)))". ;;;;;;; (PROVE-LEMMA A-GET-DEFN-PART-GOOD-PROOF1-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (TERMP VAL 0 SYMBOLS) (TERMP TRACE 0 SYMBOLS) (FORMULA EXP SYMBOLS) (EQUAL VAL-BAR (NCODE (GET X Y))) (EQUAL FORM (A-GET-DEFN-PART (NCODE X) (NCODE Y) VAL TRACE)) (IF (ZEROP X) T (PROVES PF (F-IMPLIES (ISIN (Z-LIST (LIST VAL (NCODE (SUB1 X)) (NCODE (CDR Y)))) TRACE) (F-IMPLIES EXP (F-EQUAL VAL VAL-BAR))) GIVEN DEFNS SYMBOLS))) (PROVES (A-GET-DEFN-PART-GOOD-PROOF1 X Y VAL TRACE EXP PF) (F-IMPLIES FORM (F-IMPLIES EXP (F-EQUAL VAL VAL-BAR))) GIVEN DEFNS SYMBOLS)) ((DISABLE NCODE))) (TOGGLE G0615 A-GET-DEFN-PART-GOOD-PROOF1 T) (DEFN GOOD-FRAME1-PROOF (A B C) (TAUTCONSEQ-PROOF NIL (F-IFF (F-IMPLIES (F-AND A B) C) (F-IMPLIES B (F-IMPLIES A C))) NIL)) (PROVE-LEMMA GOOD-FRAME1-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA A SYMBOLS) (FORMULA B SYMBOLS) (FORMULA C SYMBOLS)) (PROVES (GOOD-FRAME1-PROOF A B C) (F-IFF (F-IMPLIES (F-AND A B) C) (F-IMPLIES B (F-IMPLIES A C))) GIVEN DEFNS SYMBOLS)) ((USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST NIL) (EXP (F-IFF (F-IMPLIES (F-AND A B) C) (F-IMPLIES B (F-IMPLIES A C)))) (PFLIST NIL))) (DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES))) (TOGGLE G0746 GOOD-FRAME1-PROOF T) (DEFN A-GET-REDUC-PROOF (X Y VAL X1 Y1 VAL1 TRACE) (F-IFF-MP-PROOF2 (F-IMPLIES (A-GET X Y VAL X1 Y1 VAL1 TRACE) (A-GET-DEFN-PART X Y VAL TRACE)) (F-IMPLIES (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL X Y)) TRACE) (A-GET-DEFN-PART X Y VAL TRACE))) (GOOD-FRAME1-PROOF (ISIN (Z-LIST (LIST VAL X Y)) TRACE) (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) (A-GET-DEFN-PART X Y VAL TRACE)) (SUBST-THM-B-PROOF (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE)) (LIST X1 Y1 VAL1) (LIST X Y VAL)))) ;;;;;;; |- "(A-get(x, y, val, trace) -> A-get-defn-part(x, y, val, trace))". (PROVE-LEMMA A-GET-REDUC-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS) (TERMP VAL 0 SYMBOLS) (VAR-SET (LIST X1 Y1 VAL1 TRACE) 4) (EQUAL CONCL (F-IMPLIES (A-GET X Y VAL X1 Y1 VAL1 TRACE) (A-GET-DEFN-PART X Y VAL TRACE)))) (PROVES (A-GET-REDUC-PROOF X Y VAL X1 Y1 VAL1 TRACE) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0644 A-GET-REDUC-PROOF T) (DEFN GOOD-FRAME2-PROOF (A B C D PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-AND A B) C) (F-IMPLIES C (F-IMPLIES B D))) (F-IMPLIES (F-AND A B) D) (LIST PF1 PF2))) (PROVE-LEMMA GOOD-FRAME2-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA A SYMBOLS) (FORMULA B SYMBOLS) (FORMULA C SYMBOLS) (FORMULA D SYMBOLS) (PROVES PF1 (F-IMPLIES (F-AND A B) C) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES C (F-IMPLIES B D)) GIVEN DEFNS SYMBOLS)) (PROVES (GOOD-FRAME2-PROOF A B C D PF1 PF2) (F-IMPLIES (F-AND A B) D) GIVEN DEFNS SYMBOLS)) ((USE (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (F-AND A B) C) (F-IMPLIES C (F-IMPLIES B D)))) (EXP (F-IMPLIES (F-AND A B) D)) (PFLIST (LIST PF1 PF2)))) (DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES))) (TOGGLE G0747 GOOD-FRAME2-PROOF T) (DEFN GOOD-FRAME3-PROOF (A B C PF) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-AND A B) C)) (F-IMPLIES A (F-IMPLIES B C)) (LIST PF))) (PROVE-LEMMA GOOD-FRAME3-PROOF-PROVES (REWRITE) (IMPLIES (PROVES PF (F-IMPLIES (F-AND A B) C) GIVEN DEFNS SYMBOLS) (PROVES (GOOD-FRAME3-PROOF A B C PF) (F-IMPLIES A (F-IMPLIES B C)) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IMPLIES (F-AND A B) C))) (EVAL-TAUTCONSEQ-PROOF-PROVES (FLIST (LIST (F-IMPLIES (F-AND A B) C))) (EXP (F-IMPLIES A (F-IMPLIES B C))) (PFLIST (LIST PF)))) (DISABLE EVAL-TAUTCONSEQ-PROOF-PROVES))) (TOGGLE G0748 GOOD-FRAME3-PROOF T) (DEFN A-GET-GOOD-PROOF (X Y VAL X1 Y1 VAL1 TRACE) (IF (ZEROP X) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST VAL (NCODE X) (NCODE Y))) TRACE) (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) (A-GET-DEFN-PART (NCODE X) (NCODE Y) VAL TRACE) (F-EQUAL VAL (NCODE (GET X Y))) (A-GET-REDUC-PROOF (NCODE X) (NCODE Y) VAL X1 Y1 VAL1 TRACE) (A-GET-DEFN-PART-GOOD-PROOF1 X Y VAL TRACE (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) NIL)) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST VAL (NCODE X) (NCODE Y))) TRACE) (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) (A-GET-DEFN-PART (NCODE X) (NCODE Y) VAL TRACE) (F-EQUAL VAL (NCODE (GET X Y))) (A-GET-REDUC-PROOF (NCODE X) (NCODE Y) VAL X1 Y1 VAL1 TRACE) (A-GET-DEFN-PART-GOOD-PROOF1 X Y VAL TRACE (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST VAL (NCODE (SUB1 X)) (NCODE (CDR Y)))) TRACE) (LIST-ALL-QUANTIFY (LIST X1 Y1 VAL1) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 X1 Y1)) TRACE) (A-GET-DEFN-PART X1 Y1 VAL1 TRACE))) (F-EQUAL VAL (NCODE (GET X Y))) (A-GET-GOOD-PROOF (SUB1 X) (CDR Y) VAL X1 Y1 VAL1 TRACE)))))) ;;;;;;;The desired `GOOD' part: ;;;;;;; |- "(A-get(, , val, trace) -> (val = <(GET X Y)>))". (PROVE-LEMMA A-GET-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (TERMP VAL 0 SYMBOLS) (VAR-SET (LIST X1 Y1 VAL1 TRACE) 4)) (PROVES (A-GET-GOOD-PROOF X Y VAL X1 Y1 VAL1 TRACE) (F-IMPLIES (A-GET (NCODE X) (NCODE Y) VAL X1 Y1 VAL1 TRACE) (F-EQUAL VAL (NCODE (GET X Y)))) GIVEN DEFNS SYMBOLS)) ((INDUCT (GET X Y)))) (TOGGLE G0749 A-GET-GOOD-PROOF T) (TOGGLE G0750 NCODE T) ;;;;;;;SUBRP is a function used in the Lisp interpreter which checks if a given ;;;;;;;e-function symbol, i.e., a function symbol in an expression to be interpreted ;;;;;;;by the Lisp interpreter. The events below introduce the Z2 analogue of this ;;;;;;;function. (DEFN Z-SUBRP (FN) (LIST (FN 16 1) FN)) (DEFN Z-SUBRP-DEFN (FN Y) (F-IF (F-EQUAL FN (NCODE 1)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 2)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 3)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 4)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 5)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 6)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 7)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 8)) (F-EQUAL Y (NCODE 1)) (F-IF (F-EQUAL FN (NCODE 9)) (F-EQUAL Y (NCODE 1)) (F-EQUAL Y (PHI)))))))))))) (DEFN Z-SUBRP-EXPR (FN) (Z-IF (F-EQUAL FN (NCODE 1)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 2)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 3)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 4)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 5)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 6)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 7)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 8)) (NCODE 1) (Z-IF (F-EQUAL FN (NCODE 9)) (NCODE 1) (PHI))))))))))) (DEFN Z-SUBRP-EXIS-PROOF (FN Y) (TERM-Z-IF-EXIS-PROOF Y (Z-SUBRP-EXPR FN))) (DEFN Z-SUBRP-UNIQUE-PROOF (FN Y Y1) (TERM-Z-IF-UNIQUE-PROOF Y Y1 (Z-SUBRP-EXPR FN))) (DEFN Z-SUBRP-DEFN-PROOF (FN) (INSTANCE-PROOF (Z-SUBRP-DEFN 0 (Z-SUBRP 0)) (LIST 0) (LIST FN) (FUN-DEFN-PROOF (FN 16 1) (LIST 0) 1 2 (Z-SUBRP-DEFN 0 1) (Z-SUBRP-EXIS-PROOF 0 1) (Z-SUBRP-UNIQUE-PROOF 0 1 2)))) (DEFN Z-SUBRP-HYPS (DEFNS SYMBOLS) (AND (EQUAL (ASSOC (FN 16 1) DEFNS) (Z-SUBRP-DEFN 0 (Z-SUBRP 0))) (SUBSET (LIST (FN 3 1) (FN 1 2) (FN 0 0)) (REST-OF (FN 16 1) SYMBOLS)))) (PROVE-LEMMA Z-SUBRP-DEFN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 16 1) (FN 0 0) (FN 3 1) (FN 1 2)) SYMBOLS) (Z-SUBRP-HYPS DEFNS SYMBOLS) (TERMP X 0 SYMBOLS) (EQUAL CONCL (Z-SUBRP-DEFN X (Z-SUBRP X)))) (PROVES (Z-SUBRP-DEFN-PROOF X) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0751 Z-SUBRP-DEFN-PROOF T) (TOGGLE G0752 Z-SUBRP-HYPS T) (DEFN SUBRP (FN) (OR (EQUAL FN 1) (EQUAL FN 2) (EQUAL FN 3) (EQUAL FN 4) (EQUAL FN 5) (EQUAL FN 6) (EQUAL FN 7) (EQUAL FN 8) (EQUAL FN 9))) (DEFN Z-SUBRP-NCODE-PROOF (FN) (Z-IF-EVAL-PROOF1 (LIST (LIST (EQUAL FN 1) (IDENT-AXIOM-PROOF (NCODE 1)) (NCODE-NEQUAL-PROOF FN 1)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 2) (IDENT-AXIOM-PROOF (NCODE 2)) (NCODE-NEQUAL-PROOF FN 2)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 3) (IDENT-AXIOM-PROOF (NCODE 3)) (NCODE-NEQUAL-PROOF FN 3)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 4) (IDENT-AXIOM-PROOF (NCODE 4)) (NCODE-NEQUAL-PROOF FN 4)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 5) (IDENT-AXIOM-PROOF (NCODE 5)) (NCODE-NEQUAL-PROOF FN 5)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 6) (IDENT-AXIOM-PROOF (NCODE 6)) (NCODE-NEQUAL-PROOF FN 6)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 7) (IDENT-AXIOM-PROOF (NCODE 7)) (NCODE-NEQUAL-PROOF FN 7)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 8) (IDENT-AXIOM-PROOF (NCODE 8)) (NCODE-NEQUAL-PROOF FN 8)) (IDENT-AXIOM-PROOF (NCODE 1)) (LIST (LIST (EQUAL FN 9) (IDENT-AXIOM-PROOF (NCODE 9)) (NCODE-NEQUAL-PROOF FN 9)) (IDENT-AXIOM-PROOF (NCODE 1)) (IDENT-AXIOM-PROOF (PHI))))))))))) (Z-SUBRP-EXPR (NCODE FN)) (Z-SUBRP (NCODE FN)) (NCODE (BOOL-FIX (SUBRP FN))) (Z-SUBRP-DEFN-PROOF (NCODE FN)))) (PROVE-LEMMA Z-SUBRP-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 16 1) (FN 0 0) (FN 3 1) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-SUBRP-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-SUBRP (NCODE FN)) (NCODE (BOOL-FIX (SUBRP FN)))))) (PROVES (Z-SUBRP-NCODE-PROOF FN) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0753 Z-SUBRP-NCODE-PROOF T) (TOGGLE G0754 SUBRP T) (DEFN EG-PROOF (EXP VARS TERMS PF) (DETACH-PROOF (PARALLEL-SUBST EXP VARS TERMS 0) (LIST-EXIS-QUANTIFY VARS EXP) PF (SUBST-THM-A-PROOF EXP VARS TERMS))) ;;;;;;; If |- "[a1/x1,..., an/xn]A", then |- "(forsome x1,...,xn A)". (PROVE-LEMMA EG-PROOF-PROVES (REWRITE) (IMPLIES (AND (FORMULA EXP SYMBOLS) (TERMP TERMS 1 SYMBOLS) (EQUAL (LENGTH VARS) (LENGTH TERMS)) (VAR-SET VARS (LENGTH VARS)) (FREE-FOR-LIST EXP VARS TERMS) (PROVES PF (PARALLEL-SUBST EXP VARS TERMS 0) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (LIST-EXIS-QUANTIFY VARS EXP))) (PROVES (EG-PROOF EXP VARS TERMS PF) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0479 EG-PROOF T) (PROVE-LEMMA A-GET-OK-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST VAL1 X1 Y1) 3) (EQUAL CONCL (A-GET (NCODE X) (NCODE Y) (NCODE (GET X Y)) X1 Y1 VAL1 (GRAPH-TRANS (GET-GRAPH X Y))))) (PROVES (A-GET-OK-PROOF1 X Y X1 Y1 VAL1) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SUBSET VAR-SET A-GET))) (TOGGLE G0773 A-GET-OK-PROOF-PROVES T) (DEFN A-GET1 (X Y VAL X1 Y1 VAL1 TRACE) (FORSOME TRACE (A-GET X Y VAL X1 Y1 VAL1 TRACE))) (DEFN A-GET1-OK-PROOF (X Y X1 Y1 VAL1 TRACE) (EG-PROOF (A-GET (NCODE X) (NCODE Y) (NCODE (GET X Y)) X1 Y1 VAL1 TRACE) (LIST TRACE) (LIST (GRAPH-TRANS (GET-GRAPH X Y))) (A-GET-OK-PROOF1 X Y X1 Y1 VAL1))) (PROVE-LEMMA PARALLEL-SUBST-NCODE (REWRITE) (EQUAL (PARALLEL-SUBST (NCODE X) VARS TERMS 0) (NCODE X))) (PROVE-LEMMA SUBST-NCODE (REWRITE) (EQUAL (SUBST (NCODE X) VAR TERM 0) (NCODE X))) (PROVE-LEMMA PARALLEL-SUBST-GRAPH-TRANS (REWRITE) (EQUAL (PARALLEL-SUBST (GRAPH-TRANS X) VARS TERMS 0) (GRAPH-TRANS X))) (PROVE-LEMMA SUBST-GRAPH-TRANS (REWRITE) (EQUAL (SUBST (GRAPH-TRANS X) VAR TERM 0) (GRAPH-TRANS X))) (TOGGLE G0755 NOT-FREE-PARALLEL-SUBST T) (TOGGLE G0759 NOT-FREE-DEL-PAIRS-PARALLEL-SUBST T) (TOGGLE G0768 PARALLEL-SUBST-NIL T) (TOGGLE G0771 PARALLEL-SUBST-NOT-FREE-VAR T) (TOGGLE G0772 NOT-MEMBER-DEL-PAIRS T) (PROVE-LEMMA FREE-FOR-NIL (REWRITE) (IMPLIES (EQUAL (COLLECT-FREE TERM 0) NIL) (FREE-FOR EXP VAR TERM FLG))) (DEFN NIL-LIST-COLLECT-FREE (X) (IF (LISTP X) (AND (EQUAL (COLLECT-FREE (CAR X) 0) NIL) (NIL-LIST-COLLECT-FREE (CDR X))) T)) (PROVE-LEMMA FREE-FOR-LIST-NIL-LIST (REWRITE) (IMPLIES (NIL-LIST-COLLECT-FREE TERMS) (FREE-FOR-LIST EXP VARS TERMS))) (TOGGLE G0774 FREE-FOR-LIST T) (PROVE-LEMMA LISTP-PARALLEL-SUBST (REWRITE) (IMPLIES (LISTP EXP) (LISTP (PARALLEL-SUBST EXP VARS TERMS FLG)))) (PROVE-LEMMA PARALLEL-SUBST-Z-LIST (REWRITE) (EQUAL (PARALLEL-SUBST (Z-LIST LIST) VARS TERMS 0) (Z-LIST (PARALLEL-SUBST LIST VARS TERMS 1)))) (TOGGLE G0775 LISTP-PARALLEL-SUBST T) (PROVE-LEMMA A-GET1-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST VAL1 X1 Y1 TRACE) 4) (EQUAL CONCL (A-GET1 (NCODE X) (NCODE Y) (NCODE (GET X Y)) X1 Y1 VAL1 TRACE))) (PROVES (A-GET1-OK-PROOF X Y X1 Y1 VAL1 TRACE) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0776 A-GET1-OK-PROOF T) (PROVE-LEMMA A-GET-GOOD-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (TERMP VAL 0 SYMBOLS) (VAR-SET (LIST X1 Y1 VAL1 TRACE) 4) (EQUAL CONCL (F-IMPLIES (A-GET (NCODE X) (NCODE Y) VAL X1 Y1 VAL1 TRACE) (F-EQUAL VAL (NCODE (GET X Y)))))) (PROVES (A-GET-GOOD-PROOF X Y VAL X1 Y1 VAL1 TRACE) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SUBSET VAR-SET A-GET) (USE (A-GET-GOOD-PROOF-PROVES)))) (TOGGLE G0777 A-GET-GOOD-PROOF-PROVES T) (DEFN A-GET1-GOOD-PROOF (X Y VAL X1 Y1 VAL1 TRACE) (FORSOME-INTRO-PROOF TRACE (BODY (A-GET1 (NCODE X) (NCODE Y) VAL X1 Y1 VAL1 TRACE)) (F-EQUAL VAL (NCODE (GET X Y))) (A-GET-GOOD-PROOF X Y VAL X1 Y1 VAL1 TRACE))) (PROVE-LEMMA A-GET1-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (TERMP VAL 0 SYMBOLS) (NOT (MEMBER TRACE (COLLECT-FREE VAL 0))) (VAR-SET (LIST X1 Y1 VAL1 TRACE) 4) (EQUAL CONCL (F-IMPLIES (A-GET1 (NCODE X) (NCODE Y) VAL X1 Y1 VAL1 TRACE) (F-EQUAL VAL (NCODE (GET X Y)))))) (PROVES (A-GET1-GOOD-PROOF X Y VAL X1 Y1 VAL1 TRACE) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0778 A-GET1-GOOD-PROOF T) ;;;;;;;The next several pages cover the proof of the representability of the ;;;;;;;Lisp interpreter EV. Apart from the e-expression to be evaluated, ;;;;;;;the e-variable bindings list, and the e-function symbol bindings list, ;;;;;;;the interpreter takes a counter N which is the maximum permissible ;;;;;;;depth of the evaluation stack. If this bound is exceeded before the ;;;;;;;expression is fully evaluated, EV returns a bottom object (BTM). ;;;;;;;This object is added by as a shell by the command below. (ADD-SHELL BTM NIL BTMP NIL) (DEFN EQUAL-Z-LIST-ISIN-PROOF (LIST1 LIST2 EXP PFLIST PF) (EQUAL-ISIN-PROOF (Z-LIST LIST1) (Z-LIST LIST2) EXP (EQUAL-Z-LIST-PROOF LIST1 LIST2 PFLIST) PF)) (DEFN EQUAL-Z-LIST-ISIN-IMP-PROOF (LIST1 LIST2 EXP PFLIST) (EQUAL-ISIN-IMP-PROOF (Z-LIST LIST1) (Z-LIST LIST2) EXP (EQUAL-Z-LIST-PROOF LIST1 LIST2 PFLIST))) (PROVE-LEMMA NCODE-CONS (REWRITE) (EQUAL (NCODE (CONS X Y)) (Z-OPAIR (NCODE X) (NCODE Y))) ((ENABLE NCODE))) (TOGGLE G0781 PROVES-IS-FORMULA-AGAIN T) (TOGGLE G0782 TERMP-TERM-LIST T) (TOGGLE G0783 TERM-LIST-VAR-LIST T) (DEFN EV-EQUAL-Z-LIST-PROOF (VAL FLG EXP EXPR VA FA PF) (EQUAL-Z-LIST-PROOF (LIST VAL (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA)) (LIST VAL (NCODE FLG) EXPR (NCODE VA) (NCODE FA)) (LIST (IDENT-AXIOM-PROOF VAL) (IDENT-AXIOM-PROOF (NCODE FLG)) (FLIP-EQUALS-PROOF EXPR (NCODE EXP) PF) (IDENT-AXIOM-PROOF (NCODE VA)) (IDENT-AXIOM-PROOF (NCODE FA))))) (DEFN EV-EQUAL-Z-LIST-ISIN-PROOF (VAL FLG EXP EXPR VA FA TRACE PF IN-PF) (EQUAL-Z-LIST-ISIN-PROOF (LIST VAL (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA)) (LIST VAL (NCODE FLG) EXPR (NCODE VA) (NCODE FA)) TRACE (LIST (IDENT-AXIOM-PROOF VAL) (IDENT-AXIOM-PROOF (NCODE FLG)) (FLIP-EQUALS-PROOF EXPR (NCODE EXP) PF) (IDENT-AXIOM-PROOF (NCODE VA)) (IDENT-AXIOM-PROOF (NCODE FA))) IN-PF)) (PROVE-LEMMA EV-EQUAL-Z-LIST-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP VAL 0 SYMBOLS) (PROVES PF (F-EQUAL EXPR (NCODE EXP)) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-LIST (LIST VAL (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) (Z-LIST (LIST VAL (NCODE FLG) EXPR (NCODE VA) (NCODE FA)))))) (PROVES (EV-EQUAL-Z-LIST-PROOF VAL FLG EXP EXPR VA FA PF) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (EXP (F-EQUAL EXPR (NCODE EXP))))))) (TOGGLE G0789 EV-EQUAL-Z-LIST-PROOF T) (PROVE-LEMMA EV-EQUAL-Z-LIST-ISIN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP VAL 0 SYMBOLS) (TERMP TRACE 0 SYMBOLS) (PROVES IN-PF (ISIN (Z-LIST (LIST VAL (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) GIVEN DEFNS SYMBOLS) (PROVES PF (F-EQUAL EXPR (NCODE EXP)) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (ISIN (Z-LIST (LIST VAL (NCODE FLG) EXPR (NCODE VA) (NCODE FA))) TRACE))) (PROVES (EV-EQUAL-Z-LIST-ISIN-PROOF VAL FLG EXP EXPR VA FA TRACE PF IN-PF) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (EXP (F-EQUAL EXPR (NCODE EXP))))))) (TOGGLE G0792 EV-EQUAL-Z-LIST-ISIN-PROOF T) ;;;;;;;The skeleton of the representability proof for EV is similar to that of GET, but ;;;;;;;the details are enormously more complicated since EV is an extremely complicated ;;;;;;;function. In the first `OK' part of the proof, we prove each section of EV to ;;;;;;;be `OK' separately. Below, the part of EV which evaluates Lisp if-expressions ;;;;;;;is proved `OK'. (DEFN A-EV-DEFN-IF1-OK-PROOF (EXP VA FA VAL TEST TRACE IN-PF2 IN-PF3) (FORM-Z-IF-OK-PROOF (LIST (LIST (NCODE-EQUAL TEST 0) (IDENT-AXIOM-PROOF (NCODE TEST)) (NCODE-NEQUAL-PROOF TEST 0)) (EV-EQUAL-Z-LIST-ISIN-PROOF VAL 0 (CADDDR EXP) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) VA FA TRACE (Z-CAR-CDR-PROOF EXP (LIST 1 2 2 2)) IN-PF2) (EV-EQUAL-Z-LIST-ISIN-PROOF VAL 0 (CADDR EXP) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) VA FA TRACE (Z-CAR-CDR-PROOF EXP (LIST 1 2 2)) IN-PF3)) (Z-IF (F-EQUAL (NCODE TEST) (NCODE 0)) (ISIN (Z-LIST (LIST VAL (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) (NCODE VA) (NCODE FA))) TRACE) (ISIN (Z-LIST (LIST VAL (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) (NCODE VA) (NCODE FA))) TRACE)))) (TOGGLE G0797 TERMP-CAR-CDR T) (PROVE-LEMMA A-EV-DEFN-IF1-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (TERMP TRACE 0 SYMBOLS) (IF (NCODE-EQUAL TEST 0) (PROVES IN-PF2 (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (NCODE (CADDDR EXP)) (NCODE VA) (NCODE FA))) TRACE) GIVEN DEFNS SYMBOLS) (PROVES IN-PF3 (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (NCODE (CADDR EXP)) (NCODE VA) (NCODE FA))) TRACE) GIVEN DEFNS SYMBOLS)) (EQUAL CONCL (F-IF (F-EQUAL (NCODE TEST) (NCODE 0)) (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) (NCODE VA) (NCODE FA))) TRACE) (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) (NCODE VA) (NCODE FA))) TRACE)))) (PROVES (A-EV-DEFN-IF1-OK-PROOF EXP VA FA (NCODE VAL) TEST TRACE IN-PF2 IN-PF3) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST))) (TOGGLE G0798 A-EV-DEFN-IF1-OK-PROOF T) (DEFN A-EV-IF-PART (EXP-BAR VA-BAR FA-BAR VAL-BAR TRACE RVAR1) (FORSOME RVAR1 (F-AND (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (Z-CDR EXP-BAR)) VA-BAR FA-BAR)) TRACE) (F-IF (F-EQUAL RVAR1 (NCODE 0)) (ISIN (Z-LIST (LIST VAL-BAR (NCODE 0) (Z-CAR-CDR EXP-BAR (LIST 1 2 2 2)) VA-BAR FA-BAR)) TRACE) (ISIN (Z-LIST (LIST VAL-BAR (NCODE 0) (Z-CAR-CDR EXP-BAR (LIST 1 2 2)) VA-BAR FA-BAR)) TRACE))))) (DEFN A-EV-DEFN-IF-OK-PROOF (EXP VA FA VAL TEST RVAR1 GRAPH IN-PF1 IN-PF2 IN-PF3) (EG-PROOF (F-AND (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (Z-CDR (NCODE EXP))) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-IF (F-EQUAL RVAR1 (NCODE 0)) (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)))) (LIST RVAR1) (LIST (NCODE TEST)) (AND-JOIN-PROOF (ISIN (Z-LIST (LIST (NCODE TEST) (NCODE 0) (Z-CAR (Z-CDR (NCODE EXP))) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-IF (F-EQUAL (NCODE TEST) (NCODE 0)) (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH))) (EV-EQUAL-Z-LIST-ISIN-PROOF (NCODE TEST) 0 (CADR EXP) (Z-CAR (Z-CDR (NCODE EXP))) VA FA (GRAPH-TRANS GRAPH) (Z-CAR-CDR-PROOF EXP (LIST 1 2)) IN-PF1) (A-EV-DEFN-IF1-OK-PROOF EXP VA FA (NCODE VAL) TEST (GRAPH-TRANS GRAPH) IN-PF2 IN-PF3)))) (PROVE-LEMMA A-EV-DEFN-IF-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VARIABLE RVAR1) (PROVES IN-PF1 (ISIN (Z-LIST (LIST (NCODE TEST) (NCODE 0) (NCODE (CADR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (IF (NCODE-EQUAL TEST 0) (PROVES IN-PF2 (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (NCODE (CADDDR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (PROVES IN-PF3 (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (NCODE (CADDR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS)) (EQUAL CONCL (A-EV-IF-PART (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE VAL) (GRAPH-TRANS GRAPH) RVAR1))) (PROVES (A-EV-DEFN-IF-OK-PROOF EXP VA FA VAL TEST RVAR1 GRAPH IN-PF1 IN-PF2 IN-PF3) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE NLISTP-NCODE Z-LIST))) (TOGGLE G0799 A-EV-DEFN-IF-OK-PROOF T) ;;;;;;;The Z2 representation of the part of EV which evaluates Lisp primitives is proved ;;;;;;;`OK' below. (DEFN A-EV-SUBR-PART (EXP VA FA VAL RVAR TRACE) (FORSOME RVAR (F-AND (ISIN (Z-LIST (LIST RVAR (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) RVAR))))) (DEFN A-EV-DEFN-SUBR-OK-PROOF (EXP VA FA VAL RVAL RVAR GRAPH IN-PF) (EG-PROOF (F-AND (ISIN (Z-LIST (LIST RVAR (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-EQUAL VAL (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) RVAR))) (LIST RVAR) (LIST (NCODE RVAL)) (AND-JOIN-PROOF (ISIN (Z-LIST (LIST (NCODE RVAL) (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-EQUAL VAL (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL))) (EV-EQUAL-Z-LIST-ISIN-PROOF (NCODE RVAL) 1 (CDR EXP) (Z-CDR (NCODE EXP)) VA FA (GRAPH-TRANS GRAPH) (Z-CDR-NCODE-PROOF EXP) IN-PF) (FLIP-EQUALS-PROOF (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL)) VAL (COMPOSE-PROOF (FN 15 2) VAL (LIST (Z-CAR (NCODE EXP)) (NCODE RVAL)) (LIST (NCODE (CAR EXP)) (NCODE RVAL)) (LIST (Z-CAR-NCODE-PROOF EXP) (IDENT-AXIOM-PROOF (NCODE RVAL))) (Z-APPLY-SUBR-NCODE-PROOF (CAR EXP) RVAL)))))) (PROVE-LEMMA A-EV-DEFN-SUBR-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-ALL-HYPS GIVEN DEFNS SYMBOLS) (VARIABLE RVAR) (PROVES IN-PF (ISIN (Z-LIST (LIST (NCODE RVAL) (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (EQUAL VAL (NCODE (APPLY-SUBR (CAR EXP) RVAL))) (EQUAL CONCL (A-EV-SUBR-PART EXP VA FA VAL RVAR (GRAPH-TRANS GRAPH)))) (PROVES (A-EV-DEFN-SUBR-OK-PROOF EXP VA FA VAL RVAL RVAR GRAPH IN-PF) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0802 A-EV-DEFN-SUBR-OK-PROOF T) (TOGGLE G0803 GET T) (TOGGLE G0809 PAIRLIST T) (TOGGLE G0816 NOT-FREE-COVERING T) ;;;;;;;The e-functions symbols 0 is used for the Lisp function IF, the symbols 1-9 ;;;;;;;are used for the Lisp primitives, 10 is used for the QUOTE function. The defined ;;;;;;;e-function symbols therefore start from 11. Since the first definition in the ;;;;;;;function definition list corresponds to 11, we have to subtract 11 from the symbol ;;;;;;;before we apply GET to the definition list. the function SUB1-N subtracts N ;;;;;;;from EXP. It is represented in Z2 by an iterated application of Z-SUB1. (DEFN Z-SUB1-N (EXP N) (IF (ZEROP N) EXP (Z-SUB1 (Z-SUB1-N EXP (SUB1 N))))) (DEFN SUB1-N (EXP N) (IF (ZEROP N) EXP (SUB1 (SUB1-N EXP (SUB1 N))))) (DEFN Z-SUB1-N-NCODE-PROOF (EXP N VAL PF) (IF (ZEROP N) PF (COMPOSE-PROOF (FN 10 1) (NCODE (SUB1-N VAL N)) (LIST (Z-SUB1-N EXP (SUB1 N))) (LIST (NCODE (SUB1-N VAL (SUB1 N)))) (LIST (Z-SUB1-N-NCODE-PROOF EXP (SUB1 N) VAL PF)) (Z-SUB1-NCODE-PROOF (SUB1-N VAL (SUB1 N)))))) (PROVE-LEMMA TERM-Z-SUB1-N (REWRITE) (IMPLIES (AND (MEMBER (FN 10 1) SYMBOLS) (TERMP EXP 0 SYMBOLS)) (TERMP (Z-SUB1-N EXP N) 0 SYMBOLS))) (PROVE-LEMMA Z-SUB1-N-NCODE-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (PROVES PF (F-EQUAL EXP (NCODE VAL)) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-EQUAL (Z-SUB1-N EXP N) (NCODE (SUB1-N VAL N))))) (PROVES (Z-SUB1-N-NCODE-PROOF EXP N VAL PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-EQUAL EXP (NCODE VAL))))))) (TOGGLE G0817 Z-SUB1-N-NCODE-PROOF T) (TOGGLE G0818 SUB1-N T) ;;;;;;;Next we prove the representation of that part of EV which evaluates defined Lisp ;;;;;;;functions, to be `OK'. (DEFN A-EV-FUN-PART (EXP VA FA VAL TRACE) (FORSOME 11 (LIST-ALL-QUANTIFY (LIST 15 16) (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) 15 11 13 14 16) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 11 (NCODE FA))) TRACE)))))) (PROVE-LEMMA FORMULA-LIST-ALL-QUANTIFY (REWRITE) (IMPLIES (AND (VAR-LIST VARS (LENGTH VARS)) (FORMULA EXP SYMBOLS)) (FORMULA (LIST-ALL-QUANTIFY VARS EXP) SYMBOLS))) (PROVE-LEMMA LIST-GEN-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (VAR-LIST VARS (LENGTH VARS)) (PROVES PF EXP GIVEN DEFNS SYMBOLS) (EQUAL CONCL (LIST-ALL-QUANTIFY VARS EXP))) (PROVES (LIST-GEN-PROOF VARS EXP PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (LIST-GEN-PROOF-PROVES)))) (DEFN A-GET-EV-REDUC-PROOF (EXP FA GETVAL N X1 Y1 VAL1 TR1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN (Z-LIST (LIST GETVAL (Z-SUB1-N (Z-CAR (NCODE EXP)) N) (NCODE FA))) TR1) (ISIN (Z-LIST (LIST GETVAL (NCODE (SUB1-N (CAR EXP) N)) (NCODE FA))) TR1)) (F-IMPLIES (A-GET (NCODE (SUB1-N (CAR EXP) N)) (NCODE FA) GETVAL X1 Y1 VAL1 TR1) (F-EQUAL GETVAL (NCODE (GET (SUB1-N (CAR EXP) N) FA))))) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) N) (NCODE FA) GETVAL X1 Y1 VAL1 TR1) (F-EQUAL GETVAL (NCODE (GET (SUB1-N (CAR EXP) N) FA)))) (LIST (EQUAL-Z-LIST-ISIN-IMP-PROOF (LIST GETVAL (Z-SUB1-N (Z-CAR (NCODE EXP)) N) (NCODE FA)) (LIST GETVAL (NCODE (SUB1-N (CAR EXP) N)) (NCODE FA)) TR1 (LIST (IDENT-AXIOM-PROOF GETVAL) (Z-SUB1-N-NCODE-PROOF (Z-CAR (NCODE EXP)) N (CAR EXP) (Z-CAR-NCODE-PROOF EXP)) (IDENT-AXIOM-PROOF (NCODE FA)))) (A-GET-GOOD-PROOF (SUB1-N (CAR EXP) N) FA GETVAL X1 Y1 VAL1 TR1)))) (DEFN A-EV-DEFN-FUN-OK-PROOF (EXP VA FA VAL RVAL GRAPH IN-PF1 IN-PF2) (EG-PROOF (LIST-ALL-QUANTIFY (LIST 15 16) (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) 15 11 13 14 16) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 11 (NCODE FA))) (GRAPH-TRANS GRAPH))))) (LIST 11) (LIST (NCODE RVAL)) (LIST-GEN-PROOF (LIST 15 16) (F-AND (ISIN (Z-LIST (LIST (NCODE RVAL) (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) 15 11 13 14 16) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 (NCODE RVAL) (NCODE FA))) (GRAPH-TRANS GRAPH)))) (AND-JOIN-PROOF (ISIN (Z-LIST (LIST (NCODE RVAL) (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) 15 11 13 14 16) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 (NCODE RVAL) (NCODE FA))) (GRAPH-TRANS GRAPH))) (EV-EQUAL-Z-LIST-ISIN-PROOF (NCODE RVAL) 1 (CDR EXP) (Z-CDR (NCODE EXP)) VA FA (GRAPH-TRANS GRAPH) (Z-CDR-NCODE-PROOF EXP) IN-PF1) (CHAIN-PROOF (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) 15 11 13 14 16) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 (NCODE RVAL) (NCODE FA))) (GRAPH-TRANS GRAPH)) (LIST (F-EQUAL 15 (NCODE (GET (SUB1-N (CAR EXP) 11) FA)))) (LIST (A-GET-EV-REDUC-PROOF EXP FA 15 11 11 13 14 16) (FORM-EQUAL-CASE-PROOF (LIST 15) (LIST (NCODE (GET (SUB1-N (CAR EXP) 11) FA))) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 (NCODE RVAL) (NCODE FA))) (GRAPH-TRANS GRAPH)) IN-PF2))))))) (PROVE-LEMMA PARALLEL-SUBST-Z-SUB1-N (REWRITE) (EQUAL (PARALLEL-SUBST (Z-SUB1-N EXP N) VARS TERMS 0) (Z-SUB1-N (PARALLEL-SUBST EXP VARS TERMS 0) N))) (PROVE-LEMMA A-EV-DEFN-FUN-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (PROVES IN-PF1 (ISIN (Z-LIST (LIST (NCODE RVAL) (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (PROVES IN-PF2 (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE 0) (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (NCODE RVAL) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (A-EV-FUN-PART EXP VA FA (NCODE VAL) (GRAPH-TRANS GRAPH)))) (PROVES (A-EV-DEFN-FUN-OK-PROOF EXP VA FA (NCODE VAL) RVAL GRAPH IN-PF1 IN-PF2) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0819 A-EV-DEFN-FUN-OK-PROOF T) ;;;;;;;Finally we prove the representation of the part of EV which evaluates lists ;;;;;;;of e-expressions to be `OK'. (DEFN A-EV-DEFN-LIST-OK-PROOF (EXP VA FA RVAL1 RVAL2 RVAR1 RVAR2 GRAPH IN-PF1 IN-PF2) (EG-PROOF (F-AND (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-AND (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-EQUAL (NCODE (CONS RVAL1 RVAL2)) (Z-OPAIR RVAR1 RVAR2)))) (LIST RVAR1 RVAR2) (LIST (NCODE RVAL1) (NCODE RVAL2)) (AND-JOIN-PROOF (ISIN (Z-LIST (LIST (NCODE RVAL1) (NCODE 0) (Z-CAR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-AND (ISIN (Z-LIST (LIST (NCODE RVAL2) (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-EQUAL (NCODE (CONS RVAL1 RVAL2)) (Z-OPAIR (NCODE RVAL1) (NCODE RVAL2)))) (EV-EQUAL-Z-LIST-ISIN-PROOF (NCODE RVAL1) 0 (CAR EXP) (Z-CAR (NCODE EXP)) VA FA (GRAPH-TRANS GRAPH) (Z-CAR-NCODE-PROOF EXP) IN-PF1) (AND-JOIN-PROOF (ISIN (Z-LIST (LIST (NCODE RVAL2) (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) (F-EQUAL (NCODE (CONS RVAL1 RVAL2)) (Z-OPAIR (NCODE RVAL1) (NCODE RVAL2))) (EV-EQUAL-Z-LIST-ISIN-PROOF (NCODE RVAL2) 1 (CDR EXP) (Z-CDR (NCODE EXP)) VA FA (GRAPH-TRANS GRAPH) (Z-CDR-NCODE-PROOF EXP) IN-PF2) (IDENT-AXIOM-PROOF (Z-OPAIR (NCODE RVAL1) (NCODE RVAL2))))))) (DEFN A-EV-LIST-PART (EXP VA FA VAL RVAR1 RVAR2 TRACE) (FORSOME RVAR1 (FORSOME RVAR2 (F-AND (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-AND (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL (Z-OPAIR RVAR1 RVAR2))))))) (PROVE-LEMMA A-EV-DEFN-LIST-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST RVAR1 RVAR2) 2) (PROVES IN-PF1 (ISIN (Z-LIST (LIST (NCODE RVAL1) (NCODE 0) (NCODE (CAR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (PROVES IN-PF2 (ISIN (Z-LIST (LIST (NCODE RVAL2) (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) (GRAPH-TRANS GRAPH)) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (A-EV-LIST-PART EXP VA FA (NCODE (CONS RVAL1 RVAL2)) RVAR1 RVAR2 (GRAPH-TRANS GRAPH)))) (PROVES (A-EV-DEFN-LIST-OK-PROOF EXP VA FA RVAL1 RVAL2 RVAR1 RVAR2 GRAPH IN-PF1 IN-PF2) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0823 A-EV-DEFN-LIST-OK-PROOF T) ;;;;;;;EV is defined below. It takes a FLG to control the recursion, an e-expression EXP, ;;;;;;;an e-variable bindings list VA, a e-function symbols definition list FA, and a stack ;;;;;;;bound N. If the FLG is 1, it is evaluating a list of e-expressions - if any of them ;;;;;;;evaluates to (BTM), the whole list evaluates to (BTM). Otherwise, it returns the ;;;;;;;list of values. If the FLG is not 1, then if EXP is not a list, it must be an ;;;;;;;e-variable and EV returns (GET EXP VA). Otherwise, (CAR EXP) is an e-function ;;;;;;;symbol. If the symbol is 0, then the e-expression is evaluated as a Lisp ;;;;;;;IF-expression. If the symbol is 10, then the e-expression is evaluated as a ;;;;;;;Lisp QUOTE-expression. If the symbol is between 1 and 9, then the appropriate ;;;;;;;Lisp primitive is applied to the recursively evaluated arguments. In the remaining ;;;;;;;case, the e-function symbol is a defined one, and the corresponding definition is ;;;;;;;evaluated with a new e-variable-bindings list consisting of the recursively evaluated ;;;;;;;arguments. Since there is no guarantee in the last case that the size of the ;;;;;;;definition is going to be smaller than the e-expression being evaluated, the counter ;;;;;;;N is decremented by one. If either the counter is exhausted or one of the ;;;;;;;evaluated sub-expressions evaluates to (BTM), then EV returns (BTM). (DEFN EV (FLG EXP VA FA N) (IF (EQUAL FLG 1) (IF (LISTP EXP) (IF (OR (BTMP (EV 0 (CAR EXP) VA FA N)) (BTMP (EV 1 (CDR EXP) VA FA N))) (BTM) (CONS (EV 0 (CAR EXP) VA FA N) (EV 1 (CDR EXP) VA FA N))) NIL) (IF (LISTP EXP) (IF (ZEROP (CAR EXP)) (IF (BTMP (EV 0 (CADR EXP) VA FA N)) (BTM) (IF (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (EV 0 (CADDDR EXP) VA FA N) (EV 0 (CADDR EXP) VA FA N))) (IF (EQUAL (CAR EXP) 10) (CADR EXP) (IF (BTMP (EV 1 (CDR EXP) VA FA N)) (BTM) (IF (SUBRP (CAR EXP)) (APPLY-SUBR (CAR EXP) (EV 1 (CDR EXP) VA FA N)) (IF (ZEROP N) (BTM) (EV 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N))))))) (GET EXP VA))) ((LEX2 (LIST N (COUNT EXP))))) (PROVE-LEMMA EV-IF-REDUC (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL (EV FLG EXP VA FA N) (IF (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (EV 0 (CADDDR EXP) VA FA N) (EV 0 (CADDR EXP) VA FA N))))) (PROVE-LEMMA EV-SUBR-REDUC (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (SUBRP (CAR EXP)) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL (EV FLG EXP VA FA N) (APPLY-SUBR (CAR EXP) (EV 1 (CDR EXP) VA FA N))))) (PROVE-LEMMA EV-FUN-REDUC (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (NOT (SUBRP (CAR EXP))) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL (EV FLG EXP VA FA N) (EV 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N))))) (PROVE-LEMMA EV-LIST-REDUC (REWRITE) (IMPLIES (AND (EQUAL FLG 1) (LISTP EXP) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL (EV FLG EXP VA FA N) (CONS (EV 0 (CAR EXP) VA FA N) (EV 1 (CDR EXP) VA FA N))))) ;;;;;;;The list of value/argument pairs generated in a computation of EV is constructed ;;;;;;;by EV-GRAPH below. (DEFN EV-GRAPH (FLG EXP VA FA N) (IF (EQUAL FLG 1) (IF (LISTP EXP) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (CAR EXP) VA FA N) (EV-GRAPH 1 (CDR EXP) VA FA N))) (LIST (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))))) (IF (LISTP EXP) (IF (ZEROP (CAR EXP)) (IF (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (CADR EXP) VA FA N) (EV-GRAPH 0 (CADDDR EXP) VA FA N))) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (CADR EXP) VA FA N) (EV-GRAPH 0 (CADDR EXP) VA FA N)))) (IF (EQUAL (CAR EXP) 10) (LIST (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA))))) (IF (SUBRP (CAR EXP)) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH 1 (CDR EXP) VA FA N)) (IF (ZEROP N) (LIST (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA))))) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)) (EV-GRAPH 1 (CDR EXP) VA FA N))))))) (LIST (CONS (GET EXP VA) (CONS FLG (CONS EXP (CONS VA FA))))))) ((LEX2 (LIST N (COUNT EXP))))) (PROVE-LEMMA MEMBER-EV-GRAPH1 (REWRITE) (MEMBER (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N))) (PROVE-LEMMA SUBR-MEMBER-GRAPH (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (SUBRP (CAR EXP)) (EQUAL X (CONS (EV 1 (CDR EXP) VA FA N) (CONS 1 (CONS (CDR EXP) (CONS VA FA)))))) (MEMBER X (EV-GRAPH FLG EXP VA FA N)))) (PROVE-LEMMA FUN-EV-GRAPH (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (NOT (SUBRP (CAR EXP))) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL (EV-GRAPH FLG EXP VA FA N) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)) (EV-GRAPH 1 (CDR EXP) VA FA N)))))) (PROVE-LEMMA MEMBER-FUN-GRAPH (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (NOT (SUBRP (CAR EXP))) (EQUAL X (CONS (EV 1 (CDR EXP) VA FA N) (CONS 1 (CONS (CDR EXP) (CONS VA FA))))) (EQUAL Y (CONS (EV 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)) (CONS 0 (CONS (GET (SUB1-N (CAR EXP) 11) FA) (CONS (EV 1 (CDR EXP) VA FA N) FA))))) (NOT (BTMP (EV FLG EXP VA FA N)))) (AND (MEMBER X (EV-GRAPH FLG EXP VA FA N)) (MEMBER Y (EV-GRAPH FLG EXP VA FA N))))) (PROVE-LEMMA IF-EV-GRAPH1 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0)) (EQUAL (EV-GRAPH FLG EXP VA FA N) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (CADR EXP) VA FA N) (EV-GRAPH 0 (CADDDR EXP) VA FA N)))))) (PROVE-LEMMA IF-EV-GRAPH2 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NOT (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0))) (EQUAL (EV-GRAPH FLG EXP VA FA N) (CONS (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (APPEND (EV-GRAPH 0 (CADR EXP) VA FA N) (EV-GRAPH 0 (CADDR EXP) VA FA N)))))) (PROVE-LEMMA MEMBER-IF-GRAPH1 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (EQUAL X (CONS (EV 0 (CADR EXP) VA FA N) (CONS 0 (CONS (CADR EXP) (CONS VA FA))))) (EQUAL Y (CONS (EV 0 (CADDDR EXP) VA FA N) (CONS 0 (CONS (CADDDR EXP) (CONS VA FA)))))) (AND (MEMBER X (EV-GRAPH FLG EXP VA FA N)) (MEMBER Y (EV-GRAPH FLG EXP VA FA N)))) ((DISABLE NCODE-EQUAL EV-GRAPH) (USE (MEMBER-EV-GRAPH1 (FLG 0) (EXP (CADR EXP))) (MEMBER-EV-GRAPH1 (FLG 0) (EXP (CADDDR EXP)))))) (PROVE-LEMMA MEMBER-IF-GRAPH2 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NOT (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0)) (EQUAL X (CONS (EV 0 (CADR EXP) VA FA N) (CONS 0 (CONS (CADR EXP) (CONS VA FA))))) (EQUAL Y (CONS (EV 0 (CADDR EXP) VA FA N) (CONS 0 (CONS (CADDR EXP) (CONS VA FA)))))) (AND (MEMBER X (EV-GRAPH FLG EXP VA FA N)) (MEMBER Y (EV-GRAPH FLG EXP VA FA N)))) ((DISABLE NCODE-EQUAL EV-GRAPH) (USE (MEMBER-EV-GRAPH1 (FLG 0) (EXP (CADR EXP))) (MEMBER-EV-GRAPH1 (FLG 0) (EXP (CADDR EXP)))))) (PROVE-LEMMA MEMBER-LIST-GRAPH (REWRITE) (IMPLIES (AND (LISTP EXP) (EQUAL FLG 1) (EQUAL X (CONS (EV 0 (CAR EXP) VA FA N) (CONS 0 (CONS (CAR EXP) (CONS VA FA))))) (EQUAL Y (CONS (EV 1 (CDR EXP) VA FA N) (CONS 1 (CONS (CDR EXP) (CONS VA FA)))))) (AND (MEMBER X (EV-GRAPH FLG EXP VA FA N)) (MEMBER Y (EV-GRAPH FLG EXP VA FA N))))) (TOGGLE G0824 FUN-EV-GRAPH T) (TOGGLE G0844 IF-EV-GRAPH1 T) (TOGGLE G0848 IF-EV-GRAPH2 T) (TOGGLE G0849 PROVES-IS-FORMULA-AGAIN NIL) (TOGGLE G0855 NLISTP-NCODE T) ;;;;;;;Below is the Z2 analogue of the definition of EV. (DEFN Z-EV-DEFN-PART (FLG EXP VA FA VAL TRACE) (Z-IF (F-EQUAL (NCODE FLG) (NCODE 1)) (Z-IF (F-EQUAL (Z-LISTP (NCODE EXP)) (NCODE 1)) (A-EV-LIST-PART EXP VA FA VAL 11 12 TRACE) (F-EQUAL VAL (NCODE NIL))) (Z-IF (F-EQUAL (Z-LISTP (NCODE EXP)) (NCODE 1)) (Z-IF (F-EQUAL (Z-ZEROP (Z-CAR (NCODE EXP))) (NCODE 1)) (A-EV-IF-PART (NCODE EXP) (NCODE VA) (NCODE FA) VAL TRACE 11) (Z-IF (F-EQUAL (Z-CAR (NCODE EXP)) (NCODE 10)) (F-EQUAL VAL (Z-CAR-CDR (NCODE EXP) (LIST 1 2))) (Z-IF (F-EQUAL (Z-SUBRP (Z-CAR (NCODE EXP))) (NCODE 1)) (A-EV-SUBR-PART EXP VA FA VAL 11 TRACE) (A-EV-FUN-PART EXP VA FA VAL TRACE)))) (A-GET1 (NCODE EXP) (NCODE VA) VAL 11 13 14 16)))) (DEFN A-EV-DEFN-PART-OK-PFTREE (FLG EXP VA FA N) (LIST (LIST (EQUAL FLG 1) (IDENT-AXIOM-PROOF (NCODE 1)) (NCODE-NEQUAL-PROOF FLG 1)) (LIST (LIST (LISTP EXP) (Z-LISTP-NCODE-PROOF EXP) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-LISTP (NCODE EXP)) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (Z-LISTP-NCODE-PROOF EXP))) (A-EV-DEFN-LIST-OK-PROOF EXP VA FA (EV 0 (CAR EXP) VA FA N) (EV 1 (CDR EXP) VA FA N) 11 12 (EV-GRAPH FLG EXP VA FA N) (IN-GRAPH-PROOF (CONS (EV 0 (CAR EXP) VA FA N) (CONS 0 (CONS (CAR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N)) (IN-GRAPH-PROOF (CONS (EV 1 (CDR EXP) VA FA N) (CONS 1 (CONS (CDR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N))) (IDENT-AXIOM-PROOF (NCODE NIL))) (LIST (LIST (LISTP EXP) (Z-LISTP-NCODE-PROOF EXP) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-LISTP (NCODE EXP)) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (Z-LISTP-NCODE-PROOF EXP))) (LIST (LIST (ZEROP (CAR EXP)) (COMPOSE-CAR-PROOF (FN 9 1) (NCODE 1) EXP (Z-ZEROP-NCODE-PROOF (CAR EXP))) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-ZEROP (Z-CAR (NCODE EXP))) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (COMPOSE-CAR-PROOF (FN 9 1) (NCODE 0) EXP (Z-ZEROP-NCODE-PROOF (CAR EXP))))) (A-EV-DEFN-IF-OK-PROOF EXP VA FA (EV FLG EXP VA FA N) (EV 0 (CADR EXP) VA FA N) 11 (EV-GRAPH FLG EXP VA FA N) (IN-GRAPH-PROOF (CONS (EV 0 (CADR EXP) VA FA N) (CONS 0 (CONS (CADR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N)) (IN-GRAPH-PROOF (CONS (EV 0 (CADDDR EXP) VA FA N) (CONS 0 (CONS (CADDDR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N)) (IN-GRAPH-PROOF (CONS (EV 0 (CADDR EXP) VA FA N) (CONS 0 (CONS (CADDR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N))) (LIST (LIST (EQUAL (CAR EXP) 10) (Z-CAR-NCODE-PROOF EXP) (TRANS-NOT-EQUAL-PROOF (NCODE 10) (Z-CAR (NCODE EXP)) (NCODE (CAR EXP)) (NCODE-NEQUAL-PROOF 10 (CAR EXP)) (Z-CAR-NCODE-PROOF EXP))) (FLIP-EQUALS-PROOF (Z-CAR-CDR (NCODE EXP) (LIST 1 2)) (NCODE (CADR EXP)) (Z-CAR-CDR-PROOF EXP (LIST 1 2))) (LIST (LIST (SUBRP (CAR EXP)) (COMPOSE-CAR-PROOF (FN 16 1) (NCODE 1) EXP (Z-SUBRP-NCODE-PROOF (CAR EXP))) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-SUBRP (Z-CAR (NCODE EXP))) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (COMPOSE-CAR-PROOF (FN 16 1) (NCODE 0) EXP (Z-SUBRP-NCODE-PROOF (CAR EXP))))) (A-EV-DEFN-SUBR-OK-PROOF EXP VA FA (NCODE (EV FLG EXP VA FA N)) (EV 1 (CDR EXP) VA FA N) 11 (EV-GRAPH FLG EXP VA FA N) (IN-GRAPH-PROOF (CONS (EV 1 (CDR EXP) VA FA N) (CONS 1 (CONS (CDR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-FUN-OK-PROOF EXP VA FA (NCODE (EV FLG EXP VA FA N)) (EV 1 (CDR EXP) VA FA N) (EV-GRAPH FLG EXP VA FA N) (IN-GRAPH-PROOF (CONS (EV 1 (CDR EXP) VA FA N) (CONS 1 (CONS (CDR EXP) (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N)) (IN-GRAPH-PROOF (CONS (EV FLG EXP VA FA N) (CONS 0 (CONS (GET (SUB1-N (CAR EXP) 11) FA) (CONS (EV 1 (CDR EXP) VA FA N) FA)))) (EV-GRAPH FLG EXP VA FA N)))))) (A-GET1-OK-PROOF EXP VA 11 13 14 16)))) (DEFN A-EV-DEFN-PART-OK-PROOF (FLG EXP VA FA N) (FORM-Z-IF-OK-PROOF (A-EV-DEFN-PART-OK-PFTREE FLG EXP VA FA N) (Z-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVE-LEMMA FORM-Z-IF-Z-EV-DEFN-PART (REWRITE) (IMPLIES (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (FORM-Z-IF (Z-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) SYMBOLS))) (DEFN A-EV-DEFN-PART (FLG EXP VA FA VAL TRACE) (F-IF (F-EQUAL (NCODE FLG) (NCODE 1)) (F-IF (F-EQUAL (Z-LISTP (NCODE EXP)) (NCODE 1)) (A-EV-LIST-PART EXP VA FA VAL 11 12 TRACE) (F-EQUAL VAL (NCODE NIL))) (F-IF (F-EQUAL (Z-LISTP (NCODE EXP)) (NCODE 1)) (F-IF (F-EQUAL (Z-ZEROP (Z-CAR (NCODE EXP))) (NCODE 1)) (A-EV-IF-PART (NCODE EXP) (NCODE VA) (NCODE FA) VAL TRACE 11) (F-IF (F-EQUAL (Z-CAR (NCODE EXP)) (NCODE 10)) (F-EQUAL VAL (Z-CAR-CDR (NCODE EXP) (LIST 1 2))) (F-IF (F-EQUAL (Z-SUBRP (Z-CAR (NCODE EXP))) (NCODE 1)) (A-EV-SUBR-PART EXP VA FA VAL 11 TRACE) (A-EV-FUN-PART EXP VA FA VAL TRACE)))) (A-GET1 (NCODE EXP) (NCODE VA) VAL 11 13 14 16)))) (DEFN EV-HYPS (GIVEN DEFNS SYMBOLS) (AND (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-ALL-HYPS GIVEN DEFNS SYMBOLS) (Z-SUBRP-HYPS DEFNS SYMBOLS))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-QUOTE-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (EQUAL (CAR EXP) 10) (EV-HYPS GIVEN DEFNS SYMBOLS) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NLISTP-NCODE FORM-Z-IF A-EV-SUBR-PART A-GET A-GET1 A-EV-LIST-PART A-EV-FUN-PART A-EV-IF-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA FORM-Z-IF-Z-EV-DEFN-PART-AGAIN (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (EQUAL CONCL (Z-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (FORM-Z-IF CONCL SYMBOLS)) ((DISABLE Z-EV-DEFN-PART SUBSET))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-LIST-CASE (REWRITE) (IMPLIES (AND (EQUAL FLG 1) (LISTP EXP) (EV-HYPS GIVEN DEFNS SYMBOLS) (IF (EQUAL FLG 1) (NOT (BTMP (EV 1 EXP VA FA N))) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-IF-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-NLIST-CASE (REWRITE) (IMPLIES (AND (EQUAL FLG 1) (NLISTP EXP) (EV-HYPS GIVEN DEFNS SYMBOLS) (IF (EQUAL FLG 1) (NOT (BTMP (EV 1 EXP VA FA N))) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-IF-PART A-EV-LIST-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA NCODE-NEQUAL-PROOF-PROVES-CASE (REWRITE) (IMPLIES (AND (LESSP 0 Y) (NOT (EQUAL X Y)) (SUBSET (LIST (FN 3 1) (P 2 1) (P 1 2) (FN 2 2) (FN 1 2) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (EQUAL X-BAR (NCODE X)) (EQUAL Y-BAR (NCODE Y))) (PROVES (NCODE-NEQUAL-PROOF X Y) (F-NOT (F-EQUAL X-BAR Y-BAR)) GIVEN DEFNS SYMBOLS))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-IF-CASE1 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NCODE-EQUAL NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF A-EV-IF-PART A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-LIST-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-IF-CASE2 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (NOT (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0)) (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NCODE-EQUAL NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF A-EV-IF-PART A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-LIST-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-SUBR-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (SUBRP (CAR EXP)) (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-IF-PART A-EV-LIST-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-FUN-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (NOT (SUBRP (CAR EXP))) (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-IF-PART A-EV-LIST-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA A-EV-DEFN-PART-OK-PROOF-PROVES-VAR-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (NLISTP EXP) (EV-HYPS GIVEN DEFNS SYMBOLS) (IF (EQUAL FLG 1) (NOT (BTMP (EV 1 EXP VA FA N))) (NOT (BTMP (EV FLG EXP VA FA N)))) (EQUAL CONCL (A-EV-DEFN-PART FLG EXP VA FA (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE EV-GRAPH NLISTP-NCODE FORM-Z-IF A-EV-SUBR-PART A-GET A-GET1 A-EV-FUN-PART A-EV-IF-PART A-EV-LIST-PART) (USE (FORM-Z-IF-Z-EV-DEFN-PART)))) (PROVE-LEMMA COLLECT-FREE-VAR-LIST (REWRITE) (IMPLIES (VAR-LIST VLIST (LENGTH VLIST)) (EQUAL (COLLECT-FREE VLIST 1) (APPEND VLIST NIL)))) (DEFN GRAPH-TRANS-APPEND-PROOF (X Y Z EXP PF1 PF2) (IF (LISTP Y) (GRAPH-TRANS-MERGE-PROOF (CAR Y) (APPEND (CDR Y) Z) X EXP (CHAIN-PROOF (F-EQUAL X (NCODE (CAR Y))) EXP (LIST (ISIN X (GRAPH-TRANS Y))) (LIST (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-EQUAL X (NCODE (CAR Y))) (F-EQUAL (NCODE (CAR Y)) X)) (F-EQUAL (GRAPH-TRANS Y) (GRAPH-TRANS Y)) (ISIN (NCODE (CAR Y)) (GRAPH-TRANS Y)) (F-IMPLIES (F-EQUAL (NCODE (CAR Y)) X) (F-IMPLIES (F-EQUAL (GRAPH-TRANS Y) (GRAPH-TRANS Y)) (F-IMPLIES (ISIN (NCODE (CAR Y)) (GRAPH-TRANS Y)) (ISIN X (GRAPH-TRANS Y)))))) (F-IMPLIES (F-EQUAL X (NCODE (CAR Y))) (ISIN X (GRAPH-TRANS Y))) (LIST (SYMMETRY-PROOF1 X (NCODE (CAR Y))) (IDENT-AXIOM-PROOF (GRAPH-TRANS Y)) (IN-GRAPH-PROOF (CAR Y) Y) (EQUAL-AXIOM2-PROOF (P 1 2) (LIST (NCODE (CAR Y)) (GRAPH-TRANS Y)) (LIST X (GRAPH-TRANS Y))))) PF1)) (GRAPH-TRANS-APPEND-PROOF X (CDR Y) Z EXP (CHAIN-PROOF (ISIN X (GRAPH-TRANS (CDR Y))) EXP (LIST (ISIN X (GRAPH-TRANS Y))) (LIST (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-OR (F-EQUAL X (NCODE (CAR Y))) (ISIN X (GRAPH-TRANS (CDR Y)))) (ISIN X (GRAPH-TRANS Y)))) (F-IMPLIES (ISIN X (GRAPH-TRANS (CDR Y))) (ISIN X (GRAPH-TRANS Y))) (LIST (IFF-SPLIT-PROOF2 (ISIN X (GRAPH-TRANS Y)) (F-OR (F-EQUAL X (NCODE (CAR Y))) (ISIN X (GRAPH-TRANS (CDR Y)))) (IN-GRAPH-TRANS-PROOF X (CAR Y) (CDR Y))))) PF1)) PF2)) PF2)) (PROVE-LEMMA GRAPH-TRANS-APPEND-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP X 0 SYMBOLS) (FORMULA EXP SYMBOLS) (PROVES PF1 (F-IMPLIES (ISIN X (GRAPH-TRANS Y)) EXP) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (ISIN X (GRAPH-TRANS Z)) EXP) GIVEN DEFNS SYMBOLS) (EQUAL TRACE (GRAPH-TRANS (APPEND Y Z)))) (PROVES (GRAPH-TRANS-APPEND-PROOF X Y Z EXP PF1 PF2) (F-IMPLIES (ISIN X TRACE) EXP) GIVEN DEFNS SYMBOLS))) (TOGGLE G0888 GRAPH-TRANS-APPEND-PROOF T) ;;;;;;;Since we will be manipulating large if-trees with expressions containing ;;;;;;; "in", "forall", "^", "->", and so on, so we introduce symbols (shells) for them. (ADD-SHELL S-ISIN NIL S-ISINP ((S-ELEM (NONE-OF) ZERO) (S-SET (NONE-OF) ZERO))) (ADD-SHELL S-AND NIL S-ANDP ((S-CONJ1 (NONE-OF) ZERO) (S-CONJ2 (NONE-OF) ZERO))) (ADD-SHELL S-IMPLIES NIL S-IMPLIESP ((S-PREM (NONE-OF) ZERO) (S-CONC (NONE-OF) ZERO))) (ADD-SHELL S-FORALL NIL S-FORALLP ((S-BIND (ONE-OF NUMBERP) ZERO) (S-BODY (NONE-OF) ZERO))) (DEFN WEAKEN-ISIN (FORM1 FORM2 GR1 GR2) (IF (AND (Z-IFP FORM1) (Z-IFP FORM2)) (AND (EQUAL (Z-TEST FORM1) (Z-TEST FORM2)) (WEAKEN-ISIN (Z-LEFT FORM1) (Z-LEFT FORM2) GR1 GR2) (WEAKEN-ISIN (Z-RIGHT FORM1) (Z-RIGHT FORM2) GR1 GR2)) (IF (AND (FORSOMEP FORM1) (FORSOMEP FORM2)) (AND (EQUAL (BIND FORM1) (BIND FORM2)) (WEAKEN-ISIN (BODY FORM1) (BODY FORM2) GR1 GR2)) (IF (AND (S-FORALLP FORM1) (S-FORALLP FORM2)) (AND (EQUAL (S-BIND FORM1) (S-BIND FORM2)) (WEAKEN-ISIN (S-BODY FORM1) (S-BODY FORM2) GR1 GR2)) (IF (AND (S-ANDP FORM1) (S-ANDP FORM2)) (AND (WEAKEN-ISIN (S-CONJ1 FORM1) (S-CONJ1 FORM2) GR1 GR2) (WEAKEN-ISIN (S-CONJ2 FORM1) (S-CONJ2 FORM2) GR1 GR2)) (IF (AND (S-IMPLIESP FORM1) (S-IMPLIESP FORM2)) (AND (EQUAL (S-PREM FORM1) (S-PREM FORM2)) (WEAKEN-ISIN (S-CONC FORM1) (S-CONC FORM2) GR1 GR2)) (IF (AND (S-ISINP FORM1) (S-ISINP FORM2)) (AND (EQUAL (S-ELEM FORM1) (S-ELEM FORM2)) (EQUAL (S-SET FORM1) (GRAPH-TRANS GR2)) (EQUAL (S-SET FORM2) (GRAPH-TRANS (CONS GR1 GR2)))) (EQUAL FORM1 FORM2)))))))) (DEFN MAKE-FORM-SYMB (EXP) (IF (Z-IFP EXP) (F-IF (Z-TEST EXP) (MAKE-FORM-SYMB (Z-LEFT EXP)) (MAKE-FORM-SYMB (Z-RIGHT EXP))) (IF (FORSOMEP EXP) (FORSOME (BIND EXP) (MAKE-FORM-SYMB (BODY EXP))) (IF (S-FORALLP EXP) (FORALL (S-BIND EXP) (MAKE-FORM-SYMB (S-BODY EXP))) (IF (S-ANDP EXP) (F-AND (MAKE-FORM-SYMB (S-CONJ1 EXP)) (MAKE-FORM-SYMB (S-CONJ2 EXP))) (IF (S-IMPLIESP EXP) (F-IMPLIES (S-PREM EXP) (MAKE-FORM-SYMB (S-CONC EXP))) (IF (S-ISINP EXP) (ISIN (S-ELEM EXP) (S-SET EXP)) EXP))))))) (DEFN WEAKEN-ISIN-PROOF (FORM1 FORM2 GR1 GR2) (IF (AND (Z-IFP FORM1) (Z-IFP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (Z-LEFT FORM1)) (MAKE-FORM-SYMB (Z-LEFT FORM2))) (F-IMPLIES (MAKE-FORM-SYMB (Z-RIGHT FORM1)) (MAKE-FORM-SYMB (Z-RIGHT FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-ISIN-PROOF (Z-LEFT FORM1) (Z-LEFT FORM2) GR1 GR2) (WEAKEN-ISIN-PROOF (Z-RIGHT FORM1) (Z-RIGHT FORM2) GR1 GR2))) (IF (AND (FORSOMEP FORM1) (FORSOMEP FORM2)) (DISTRIB-RULE-PROOF-A (BIND FORM2) (MAKE-FORM-SYMB (BODY FORM1)) (MAKE-FORM-SYMB (BODY FORM2)) (WEAKEN-ISIN-PROOF (BODY FORM1) (BODY FORM2) GR1 GR2)) (IF (AND (S-FORALLP FORM1) (S-FORALLP FORM2)) (DISTRIB-RULE-PROOF-B (S-BIND FORM2) (MAKE-FORM-SYMB (S-BODY FORM1)) (MAKE-FORM-SYMB (S-BODY FORM2)) (WEAKEN-ISIN-PROOF (S-BODY FORM1) (S-BODY FORM2) GR1 GR2)) (IF (AND (S-ANDP FORM1) (S-ANDP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (S-CONJ1 FORM1)) (MAKE-FORM-SYMB (S-CONJ1 FORM2))) (F-IMPLIES (MAKE-FORM-SYMB (S-CONJ2 FORM1)) (MAKE-FORM-SYMB (S-CONJ2 FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-ISIN-PROOF (S-CONJ1 FORM1) (S-CONJ1 FORM2) GR1 GR2) (WEAKEN-ISIN-PROOF (S-CONJ2 FORM1) (S-CONJ2 FORM2) GR1 GR2))) (IF (AND (S-IMPLIESP FORM1) (S-IMPLIESP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (S-CONC FORM1)) (MAKE-FORM-SYMB (S-CONC FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-ISIN-PROOF (S-CONC FORM1) (S-CONC FORM2) GR1 GR2))) (IF (AND (S-ISINP FORM1) (S-ISINP FORM2)) (IN-GRAPH-CDR-PROOF (S-ELEM FORM2) GR1 GR2) (TAUTCONSEQ-PROOF NIL (F-IMPLIES FORM1 FORM2) NIL)))))))) (DEFN FORM-SYMB1 (EXP SYMBOLS) (IF (Z-IFP EXP) (AND (FORMULA (Z-TEST EXP) SYMBOLS) (FORM-SYMB1 (Z-LEFT EXP) SYMBOLS) (FORM-SYMB1 (Z-RIGHT EXP) SYMBOLS)) (IF (FORSOMEP EXP) (FORM-SYMB1 (BODY EXP) SYMBOLS) (IF (S-FORALLP EXP) (FORM-SYMB1 (S-BODY EXP) SYMBOLS) (IF (S-ANDP EXP) (AND (FORM-SYMB1 (S-CONJ1 EXP) SYMBOLS) (FORM-SYMB1 (S-CONJ2 EXP) SYMBOLS)) (IF (S-IMPLIESP EXP) (AND (FORMULA (S-PREM EXP) SYMBOLS) (FORM-SYMB1 (S-CONC EXP) SYMBOLS)) (IF (S-ISINP EXP) (AND (MEMBER (P 1 2) SYMBOLS) (TERMP (S-ELEM EXP) 0 SYMBOLS) (TERMP (S-SET EXP) 0 SYMBOLS)) (FORMULA EXP SYMBOLS)))))))) (PROVE-LEMMA FORMULA-MAKE-FORM-SYMB (REWRITE) (IMPLIES (FORM-SYMB1 EXP SYMBOLS) (FORMULA (MAKE-FORM-SYMB EXP) SYMBOLS))) (PROVE-LEMMA WEAKEN-ISIN-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (FORM-SYMB1 FORM1 SYMBOLS) (FORM-SYMB1 FORM2 SYMBOLS) (WEAKEN-ISIN FORM1 FORM2 GR1 GR2) (EQUAL CONCL (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)))) (PROVES (WEAKEN-ISIN-PROOF FORM1 FORM2 GR1 GR2) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0859 WEAKEN-ISIN-PROOF T) (DEFN IN-APPEND-GRAPH-PROOF1 (X GR1 GR2) (IF (LISTP GR1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN X (GRAPH-TRANS GR1)) (F-OR (F-EQUAL X (NCODE (CAR GR1))) (ISIN X (GRAPH-TRANS (CDR GR1))))) (F-IMPLIES (F-EQUAL X (NCODE (CAR GR1))) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) (F-IMPLIES (ISIN X (GRAPH-TRANS (CDR GR1))) (ISIN X (GRAPH-TRANS (APPEND (CDR GR1) GR2)))) (F-IMPLIES (ISIN X (GRAPH-TRANS (APPEND (CDR GR1) GR2))) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2))))) (F-IMPLIES (ISIN X (GRAPH-TRANS GR1)) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) (LIST (IFF-SPLIT-PROOF1 (ISIN X (GRAPH-TRANS GR1)) (F-OR (F-EQUAL X (NCODE (CAR GR1))) (ISIN X (GRAPH-TRANS (CDR GR1)))) (IN-GRAPH-TRANS-PROOF X (CAR GR1) (CDR GR1))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (F-OR (F-EQUAL X (NCODE (CAR GR1))) (ISIN X (GRAPH-TRANS (APPEND (CDR GR1) GR2)))) (ISIN X (GRAPH-TRANS (CONS (CAR GR1) (APPEND (CDR GR1) GR2)))))) (F-IMPLIES (F-EQUAL X (NCODE (CAR GR1))) (ISIN X (GRAPH-TRANS (CONS (CAR GR1) (APPEND (CDR GR1) GR2))))) (LIST (IFF-SPLIT-PROOF2 (ISIN X (GRAPH-TRANS (CONS (CAR GR1) (APPEND (CDR GR1) GR2)))) (F-OR (F-EQUAL X (NCODE (CAR GR1))) (ISIN X (GRAPH-TRANS (APPEND (CDR GR1) GR2)))) (IN-GRAPH-TRANS-PROOF X (CAR GR1) (APPEND (CDR GR1) GR2))))) (IN-APPEND-GRAPH-PROOF1 X (CDR GR1) GR2) (IN-GRAPH-CDR-PROOF X (CAR GR1) (APPEND (CDR GR1) GR2)))) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN X (GRAPH-TRANS GR1)))) (F-IMPLIES (ISIN X (GRAPH-TRANS GR1)) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) (LIST (NULL-AXIOM-PROOF X))))) ;;;;;;;Let "(X|Y)" denote (APPEND X Y). Then |- "((x in Y) -> (x in (Y|Z)))". (PROVE-LEMMA IN-APPEND-GRAPH-PROOF1-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP X 0 SYMBOLS)) (PROVES (IN-APPEND-GRAPH-PROOF1 X GR1 GR2) (F-IMPLIES (ISIN X (GRAPH-TRANS GR1)) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0860 IN-APPEND-GRAPH-PROOF1 T) (DEFN IN-APPEND-GRAPH-PROOF2 (X GR1 GR2) (IF (LISTP GR1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN X (GRAPH-TRANS GR2)) (ISIN X (GRAPH-TRANS (APPEND (CDR GR1) GR2)))) (F-IMPLIES (ISIN X (GRAPH-TRANS (APPEND (CDR GR1) GR2))) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2))))) (F-IMPLIES (ISIN X (GRAPH-TRANS GR2)) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) (LIST (IN-APPEND-GRAPH-PROOF2 X (CDR GR1) GR2) (IN-GRAPH-CDR-PROOF X (CAR GR1) (APPEND (CDR GR1) GR2)))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (ISIN X (GRAPH-TRANS GR2)) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) NIL))) ;;;;;;; |- "((x in Z) -> (x in (Y|Z)))". (PROVE-LEMMA IN-APPEND-GRAPH-PROOF2-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP X 0 SYMBOLS)) (PROVES (IN-APPEND-GRAPH-PROOF2 X GR1 GR2) (F-IMPLIES (ISIN X (GRAPH-TRANS GR2)) (ISIN X (GRAPH-TRANS (APPEND GR1 GR2)))) GIVEN DEFNS SYMBOLS))) (TOGGLE G0861 IN-APPEND-GRAPH-PROOF2 T) (DEFN WEAKEN-APPEND1 (FORM1 FORM2 Y GR1 GR2) (IF (AND (Z-IFP FORM1) (Z-IFP FORM2)) (AND (EQUAL (Z-TEST FORM1) (Z-TEST FORM2)) (EQUAL (Z-TEST FORM2) (Z-TEST FORM2)) (WEAKEN-APPEND1 (Z-LEFT FORM1) (Z-LEFT FORM2) Y GR1 GR2) (WEAKEN-APPEND1 (Z-RIGHT FORM1) (Z-RIGHT FORM2) Y GR1 GR2)) (IF (AND (FORSOMEP FORM1) (FORSOMEP FORM2)) (AND (EQUAL (BIND FORM1) (BIND FORM2)) (WEAKEN-APPEND1 (BODY FORM1) (BODY FORM2) Y GR1 GR2)) (IF (AND (S-FORALLP FORM1) (S-FORALLP FORM2)) (AND (EQUAL (S-BIND FORM1) (S-BIND FORM2)) (WEAKEN-APPEND1 (S-BODY FORM1) (S-BODY FORM2) Y GR1 GR2)) (IF (AND (S-ANDP FORM1) (S-ANDP FORM2)) (AND (WEAKEN-APPEND1 (S-CONJ1 FORM1) (S-CONJ1 FORM2) Y GR1 GR2) (WEAKEN-APPEND1 (S-CONJ2 FORM1) (S-CONJ2 FORM2) Y GR1 GR2)) (IF (AND (S-IMPLIESP FORM1) (S-IMPLIESP FORM2)) (AND (EQUAL (S-PREM FORM1) (S-PREM FORM2)) (WEAKEN-APPEND1 (S-CONC FORM1) (S-CONC FORM2) Y GR1 GR2)) (IF (AND (S-ISINP FORM1) (S-ISINP FORM2)) (AND (EQUAL (S-ELEM FORM1) (S-ELEM FORM2)) (EQUAL (S-SET FORM1) (GRAPH-TRANS GR1)) (EQUAL (S-SET FORM2) (GRAPH-TRANS (CONS Y (APPEND GR1 GR2))))) (EQUAL FORM1 FORM2)))))))) (DEFN WEAKEN-APPEND2 (FORM1 FORM2 Y GR1 GR2) (IF (AND (Z-IFP FORM1) (Z-IFP FORM2)) (AND (EQUAL (Z-TEST FORM1) (Z-TEST FORM2)) (EQUAL (Z-TEST FORM2) (Z-TEST FORM2)) (WEAKEN-APPEND2 (Z-LEFT FORM1) (Z-LEFT FORM2) Y GR1 GR2) (WEAKEN-APPEND2 (Z-RIGHT FORM1) (Z-RIGHT FORM2) Y GR1 GR2)) (IF (AND (FORSOMEP FORM1) (FORSOMEP FORM2)) (AND (EQUAL (BIND FORM1) (BIND FORM2)) (WEAKEN-APPEND2 (BODY FORM1) (BODY FORM2) Y GR1 GR2)) (IF (AND (S-FORALLP FORM1) (S-FORALLP FORM2)) (AND (EQUAL (S-BIND FORM1) (S-BIND FORM2)) (WEAKEN-APPEND2 (S-BODY FORM1) (S-BODY FORM2) Y GR1 GR2)) (IF (AND (S-ANDP FORM1) (S-ANDP FORM2)) (AND (WEAKEN-APPEND2 (S-CONJ1 FORM1) (S-CONJ1 FORM2) Y GR1 GR2) (WEAKEN-APPEND2 (S-CONJ2 FORM1) (S-CONJ2 FORM2) Y GR1 GR2)) (IF (AND (S-IMPLIESP FORM1) (S-IMPLIESP FORM2)) (AND (EQUAL (S-PREM FORM1) (S-PREM FORM2)) (WEAKEN-APPEND2 (S-CONC FORM1) (S-CONC FORM2) Y GR1 GR2)) (IF (AND (S-ISINP FORM1) (S-ISINP FORM2)) (AND (EQUAL (S-ELEM FORM1) (S-ELEM FORM2)) (EQUAL (S-SET FORM1) (GRAPH-TRANS GR2)) (EQUAL (S-SET FORM2) (GRAPH-TRANS (CONS Y (APPEND GR1 GR2))))) (EQUAL FORM1 FORM2)))))))) (DEFN WEAKEN-APPEND1-PROOF (FORM1 FORM2 Y GR1 GR2) (IF (AND (Z-IFP FORM1) (Z-IFP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (Z-LEFT FORM1)) (MAKE-FORM-SYMB (Z-LEFT FORM2))) (F-IMPLIES (MAKE-FORM-SYMB (Z-RIGHT FORM1)) (MAKE-FORM-SYMB (Z-RIGHT FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-APPEND1-PROOF (Z-LEFT FORM1) (Z-LEFT FORM2) Y GR1 GR2) (WEAKEN-APPEND1-PROOF (Z-RIGHT FORM1) (Z-RIGHT FORM2) Y GR1 GR2))) (IF (AND (FORSOMEP FORM1) (FORSOMEP FORM2)) (DISTRIB-RULE-PROOF-A (BIND FORM2) (MAKE-FORM-SYMB (BODY FORM1)) (MAKE-FORM-SYMB (BODY FORM2)) (WEAKEN-APPEND1-PROOF (BODY FORM1) (BODY FORM2) Y GR1 GR2)) (IF (AND (S-FORALLP FORM1) (S-FORALLP FORM2)) (DISTRIB-RULE-PROOF-B (S-BIND FORM2) (MAKE-FORM-SYMB (S-BODY FORM1)) (MAKE-FORM-SYMB (S-BODY FORM2)) (WEAKEN-APPEND1-PROOF (S-BODY FORM1) (S-BODY FORM2) Y GR1 GR2)) (IF (AND (S-ANDP FORM1) (S-ANDP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (S-CONJ1 FORM1)) (MAKE-FORM-SYMB (S-CONJ1 FORM2))) (F-IMPLIES (MAKE-FORM-SYMB (S-CONJ2 FORM1)) (MAKE-FORM-SYMB (S-CONJ2 FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-APPEND1-PROOF (S-CONJ1 FORM1) (S-CONJ1 FORM2) Y GR1 GR2) (WEAKEN-APPEND1-PROOF (S-CONJ2 FORM1) (S-CONJ2 FORM2) Y GR1 GR2))) (IF (AND (S-IMPLIESP FORM1) (S-IMPLIESP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (S-CONC FORM1)) (MAKE-FORM-SYMB (S-CONC FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-APPEND1-PROOF (S-CONC FORM1) (S-CONC FORM2) Y GR1 GR2))) (IF (AND (S-ISINP FORM1) (S-ISINP FORM2)) (CHAIN-PROOF (ISIN (S-ELEM FORM2) (GRAPH-TRANS GR1)) (ISIN (S-ELEM FORM2) (GRAPH-TRANS (CONS Y (APPEND GR1 GR2)))) (LIST (ISIN (S-ELEM FORM2) (GRAPH-TRANS (APPEND GR1 GR2)))) (LIST (IN-APPEND-GRAPH-PROOF1 (S-ELEM FORM2) GR1 GR2) (IN-GRAPH-CDR-PROOF (S-ELEM FORM2) Y (APPEND GR1 GR2)))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES FORM1 FORM2) NIL)))))))) (DEFN WEAKEN-APPEND2-PROOF (FORM1 FORM2 Y GR1 GR2) (IF (AND (Z-IFP FORM1) (Z-IFP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (Z-LEFT FORM1)) (MAKE-FORM-SYMB (Z-LEFT FORM2))) (F-IMPLIES (MAKE-FORM-SYMB (Z-RIGHT FORM1)) (MAKE-FORM-SYMB (Z-RIGHT FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-APPEND2-PROOF (Z-LEFT FORM1) (Z-LEFT FORM2) Y GR1 GR2) (WEAKEN-APPEND2-PROOF (Z-RIGHT FORM1) (Z-RIGHT FORM2) Y GR1 GR2))) (IF (AND (FORSOMEP FORM1) (FORSOMEP FORM2)) (DISTRIB-RULE-PROOF-A (BIND FORM2) (MAKE-FORM-SYMB (BODY FORM1)) (MAKE-FORM-SYMB (BODY FORM2)) (WEAKEN-APPEND2-PROOF (BODY FORM1) (BODY FORM2) Y GR1 GR2)) (IF (AND (S-FORALLP FORM1) (S-FORALLP FORM2)) (DISTRIB-RULE-PROOF-B (S-BIND FORM2) (MAKE-FORM-SYMB (S-BODY FORM1)) (MAKE-FORM-SYMB (S-BODY FORM2)) (WEAKEN-APPEND2-PROOF (S-BODY FORM1) (S-BODY FORM2) Y GR1 GR2)) (IF (AND (S-ANDP FORM1) (S-ANDP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (S-CONJ1 FORM1)) (MAKE-FORM-SYMB (S-CONJ1 FORM2))) (F-IMPLIES (MAKE-FORM-SYMB (S-CONJ2 FORM1)) (MAKE-FORM-SYMB (S-CONJ2 FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-APPEND2-PROOF (S-CONJ1 FORM1) (S-CONJ1 FORM2) Y GR1 GR2) (WEAKEN-APPEND2-PROOF (S-CONJ2 FORM1) (S-CONJ2 FORM2) Y GR1 GR2))) (IF (AND (S-IMPLIESP FORM1) (S-IMPLIESP FORM2)) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (MAKE-FORM-SYMB (S-CONC FORM1)) (MAKE-FORM-SYMB (S-CONC FORM2)))) (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)) (LIST (WEAKEN-APPEND2-PROOF (S-CONC FORM1) (S-CONC FORM2) Y GR1 GR2))) (IF (AND (S-ISINP FORM1) (S-ISINP FORM2)) (CHAIN-PROOF (ISIN (S-ELEM FORM2) (GRAPH-TRANS GR2)) (ISIN (S-ELEM FORM2) (GRAPH-TRANS (CONS Y (APPEND GR1 GR2)))) (LIST (ISIN (S-ELEM FORM2) (GRAPH-TRANS (APPEND GR1 GR2)))) (LIST (IN-APPEND-GRAPH-PROOF2 (S-ELEM FORM2) GR1 GR2) (IN-GRAPH-CDR-PROOF (S-ELEM FORM2) Y (APPEND GR1 GR2)))) (TAUTCONSEQ-PROOF NIL (F-IMPLIES FORM1 FORM2) NIL)))))))) (PROVE-LEMMA WEAKEN-APPEND1-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (FORM-SYMB1 FORM1 SYMBOLS) (FORM-SYMB1 FORM2 SYMBOLS) (WEAKEN-APPEND1 FORM1 FORM2 Y GR1 GR2) (EQUAL CONCL (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)))) (PROVES (WEAKEN-APPEND1-PROOF FORM1 FORM2 Y GR1 GR2) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0862 WEAKEN-APPEND1-PROOF T) (PROVE-LEMMA WEAKEN-APPEND2-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (FORM-SYMB1 FORM1 SYMBOLS) (FORM-SYMB1 FORM2 SYMBOLS) (WEAKEN-APPEND2 FORM1 FORM2 Y GR1 GR2) (EQUAL CONCL (F-IMPLIES (MAKE-FORM-SYMB FORM1) (MAKE-FORM-SYMB FORM2)))) (PROVES (WEAKEN-APPEND2-PROOF FORM1 FORM2 Y GR1 GR2) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0863 WEAKEN-APPEND2-PROOF T) (DEFN A-EV-DEFN-OK-FRAME-PROOF2 (FORMALS Y GR1 GR2 DEFN-PART DEFN-PART-FORM REC1-DEFN-PART REC1-FORM REC2-DEFN-PART REC2-FORM DEFN-PF RECPF1 RECPF2) (GRAPH-TRANS-MERGE-PROOF Y (APPEND GR1 GR2) FORMALS DEFN-PART DEFN-PF (GRAPH-TRANS-APPEND-PROOF FORMALS GR1 GR2 DEFN-PART (CHAIN-PROOF (ISIN FORMALS (GRAPH-TRANS GR1)) DEFN-PART (LIST REC1-DEFN-PART) (LIST RECPF1 (WEAKEN-APPEND1-PROOF REC1-FORM DEFN-PART-FORM Y GR1 GR2))) (CHAIN-PROOF (ISIN FORMALS (GRAPH-TRANS GR2)) DEFN-PART (LIST REC2-DEFN-PART) (LIST RECPF2 (WEAKEN-APPEND2-PROOF REC2-FORM DEFN-PART-FORM Y GR1 GR2)))))) (PROVE-LEMMA A-EV-DEFN-OK-FRAME-PROOF2-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (EQUAL GRAPH (CONS Y (APPEND GR1 GR2))) (FORM-SYMB1 DEFN-PART-FORM SYMBOLS) (FORM-SYMB1 REC1-FORM SYMBOLS) (FORM-SYMB1 REC2-FORM SYMBOLS) (EQUAL DEFN-PART (MAKE-FORM-SYMB DEFN-PART-FORM)) (EQUAL REC1-DEFN-PART (MAKE-FORM-SYMB REC1-FORM)) (EQUAL REC2-DEFN-PART (MAKE-FORM-SYMB REC2-FORM)) (WEAKEN-APPEND1 REC1-FORM DEFN-PART-FORM Y GR1 GR2) (WEAKEN-APPEND2 REC2-FORM DEFN-PART-FORM Y GR1 GR2) (PROVES DEFN-PF (F-IMPLIES (F-EQUAL FORMALS (NCODE Y)) DEFN-PART) GIVEN DEFNS SYMBOLS) (PROVES RECPF1 (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GR1)) REC1-DEFN-PART) GIVEN DEFNS SYMBOLS) (PROVES RECPF2 (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GR2)) REC2-DEFN-PART) GIVEN DEFNS SYMBOLS)) (PROVES (A-EV-DEFN-OK-FRAME-PROOF2 FORMALS Y GR1 GR2 DEFN-PART DEFN-PART-FORM REC1-DEFN-PART REC1-FORM REC2-DEFN-PART REC2-FORM DEFN-PF RECPF1 RECPF2) (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GRAPH)) DEFN-PART) GIVEN DEFNS SYMBOLS)) ((DISABLE NLISTP-NCODE) (USE (PROVES-IS-FORMULA (PF DEFN-PF) (EXP (F-IMPLIES (F-EQUAL FORMALS (NCODE Y)) DEFN-PART))) (PROVES-IS-FORMULA (PF RECPF1) (EXP (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GR1)) REC1-DEFN-PART))) (PROVES-IS-FORMULA (PF RECPF2) (EXP (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GR2)) REC2-DEFN-PART)))))) (TOGGLE G0864 A-EV-DEFN-OK-FRAME-PROOF2 T) (DEFN A-EV-SYMB-FORM (FLG EXP VA FA VAL TRACE) (Z-IF (F-EQUAL FLG (NCODE 1)) (Z-IF (F-EQUAL (Z-LISTP EXP) (NCODE 1)) (FORSOME 11 (FORSOME 12 (S-AND (S-ISIN (Z-LIST (LIST 11 (NCODE 0) (Z-CAR EXP) VA FA)) TRACE) (S-AND (S-ISIN (Z-LIST (LIST 12 (NCODE 1) (Z-CDR EXP) VA FA)) TRACE) (F-EQUAL VAL (Z-OPAIR 11 12)))))) (F-EQUAL VAL (NCODE NIL))) (Z-IF (F-EQUAL (Z-LISTP EXP) (NCODE 1)) (Z-IF (F-EQUAL (Z-ZEROP (Z-CAR EXP)) (NCODE 1)) (FORSOME 11 (S-AND (S-ISIN (Z-LIST (LIST 11 (NCODE 0) (Z-CAR (Z-CDR EXP)) VA FA)) TRACE) (Z-IF (F-EQUAL 11 (NCODE 0)) (S-ISIN (Z-LIST (LIST VAL (NCODE 0) (Z-CAR-CDR EXP (LIST 1 2 2 2)) VA FA)) TRACE) (S-ISIN (Z-LIST (LIST VAL (NCODE 0) (Z-CAR-CDR EXP (LIST 1 2 2)) VA FA)) TRACE)))) (Z-IF (F-EQUAL (Z-CAR EXP) (NCODE 10)) (F-EQUAL VAL (Z-CAR-CDR EXP (LIST 1 2))) (Z-IF (F-EQUAL (Z-SUBRP (Z-CAR EXP)) (NCODE 1)) (FORSOME 11 (S-AND (S-ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR EXP) VA FA)) TRACE) (F-EQUAL VAL (Z-APPLY-SUBR (Z-CAR EXP) 11)))) (FORSOME 11 (S-FORALL 15 (S-FORALL 16 (S-AND (S-ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR EXP) VA FA)) TRACE) (S-IMPLIES (A-GET (Z-SUB1-N (Z-CAR EXP) 11) FA 15 11 13 14 16) (S-ISIN (Z-LIST (LIST VAL (NCODE 0) 15 11 FA)) TRACE))))))))) (A-GET1 EXP VA VAL 11 13 14 16)))) (DEFN A-EV-DEFN-PART1 (FLG EXP VA FA VAL TRACE) (F-IF (F-EQUAL FLG (NCODE 1)) (F-IF (F-EQUAL (Z-LISTP EXP) (NCODE 1)) (FORSOME 11 (FORSOME 12 (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 0) (Z-CAR EXP) VA FA)) TRACE) (F-AND (ISIN (Z-LIST (LIST 12 (NCODE 1) (Z-CDR EXP) VA FA)) TRACE) (F-EQUAL VAL (Z-OPAIR 11 12)))))) (F-EQUAL VAL (NCODE NIL))) (F-IF (F-EQUAL (Z-LISTP EXP) (NCODE 1)) (F-IF (F-EQUAL (Z-ZEROP (Z-CAR EXP)) (NCODE 1)) (FORSOME 11 (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 0) (Z-CAR (Z-CDR EXP)) VA FA)) TRACE) (F-IF (F-EQUAL 11 (NCODE 0)) (ISIN (Z-LIST (LIST VAL (NCODE 0) (Z-CAR-CDR EXP (LIST 1 2 2 2)) VA FA)) TRACE) (ISIN (Z-LIST (LIST VAL (NCODE 0) (Z-CAR-CDR EXP (LIST 1 2 2)) VA FA)) TRACE)))) (F-IF (F-EQUAL (Z-CAR EXP) (NCODE 10)) (F-EQUAL VAL (Z-CAR-CDR EXP (LIST 1 2))) (F-IF (F-EQUAL (Z-SUBRP (Z-CAR EXP)) (NCODE 1)) (FORSOME 11 (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR EXP) VA FA)) TRACE) (F-EQUAL VAL (Z-APPLY-SUBR (Z-CAR EXP) 11)))) (FORSOME 11 (FORALL 15 (FORALL 16 (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR EXP) VA FA)) TRACE) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR EXP) 11) FA 15 11 13 14 16) (ISIN (Z-LIST (LIST VAL (NCODE 0) 15 11 FA)) TRACE))))))))) (A-GET1 EXP VA VAL 11 13 14 16)))) (PROVE-LEMMA A-EV-SYMB-FORM-A-EV-DEFN-PART (REWRITE) (EQUAL (MAKE-FORM-SYMB (A-EV-SYMB-FORM (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) VAL TRACE)) (A-EV-DEFN-PART FLG EXP VA FA VAL TRACE))) (PROVE-LEMMA WEAKEN-APPEND2-A-EV-DEFN-PART (REWRITE) (WEAKEN-APPEND2 (A-EV-SYMB-FORM FLG EXP VA FA VAL (GRAPH-TRANS GR2)) (A-EV-SYMB-FORM FLG EXP VA FA VAL (GRAPH-TRANS (CONS Y (APPEND GR1 GR2)))) Y GR1 GR2)) (PROVE-LEMMA WEAKEN-APPEND1-A-EV-DEFN-PART (REWRITE) (WEAKEN-APPEND1 (A-EV-SYMB-FORM FLG EXP VA FA VAL (GRAPH-TRANS GR1)) (A-EV-SYMB-FORM FLG EXP VA FA VAL (GRAPH-TRANS (CONS Y (APPEND GR1 GR2)))) Y GR1 GR2)) (DEFN A-EV-INST-FORMALS-PROOF (FLG EXP VA FA N) (INST-FORMALS-PROOF (LIST 10 6 7 8 9) (LIST (NCODE (EV FLG EXP VA FA N)) (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA)) (A-EV-DEFN-PART1 6 7 8 9 10 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART-OK-PROOF FLG EXP VA FA N))) (PROVE-LEMMA FORM-SYMB1-A-EV-SYMB-FORM (REWRITE) (IMPLIES (AND (TERMP (LIST FLG EXP VA FA VAL TRACE) 1 SYMBOLS) (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1) (FN 6 1) (FN 10 1) (FN 16 1) (FN 15 2) (FN 9 1) (FN 4 1) (FN 5 1)) SYMBOLS)) (FORM-SYMB1 (A-EV-SYMB-FORM FLG EXP VA FA VAL TRACE) SYMBOLS))) (PROVE-LEMMA FORMULA-A-EV-DEFN-PART1 (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1) (FN 6 1) (FN 10 1) (FN 16 1) (FN 15 2) (FN 9 1) (FN 4 1) (FN 5 1)) SYMBOLS) (TERMP (LIST FLG EXP VA FA VAL TRACE) 1 SYMBOLS)) (FORMULA (A-EV-DEFN-PART1 FLG EXP VA FA VAL TRACE) SYMBOLS))) (PROVE-LEMMA FORMULA-A-EV-DEFN-PART (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1) (FN 6 1) (FN 10 1) (FN 16 1) (FN 15 2) (FN 9 1) (FN 4 1) (FN 5 1)) SYMBOLS) (TERMP (LIST VAL TRACE) 1 SYMBOLS)) (FORMULA (A-EV-DEFN-PART FLG EXP VA FA VAL TRACE) SYMBOLS))) (PROVE-LEMMA PARALLEL-SUBST-A-EV-DEFN-PART1 (REWRITE) (EQUAL (PARALLEL-SUBST (A-EV-DEFN-PART1 6 7 8 9 10 (GRAPH-TRANS GRAPH)) (LIST 10 6 7 8 9) (LIST VAL (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA)) 0) (A-EV-DEFN-PART FLG EXP VA FA VAL (GRAPH-TRANS GRAPH)))) (TOGGLE G0865 A-EV-DEFN-PART1 T) (TOGGLE G0866 A-EV-DEFN-PART T) (PROVE-LEMMA TERMP-Z-OPAIR-CASE (REWRITE) (IMPLIES (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (EQUAL (TERMP (Z-OPAIR X Y) 0 SYMBOLS) (AND (TERMP X 0 SYMBOLS) (TERMP Y 0 SYMBOLS))))) (PROVE-LEMMA GRAPH-TRANS-MERGE-AGAIN (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (PROVES PF1 (F-IMPLIES (F-EQUAL EXP1 (NCODE X)) EXP2) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS Y)) EXP2) GIVEN DEFNS SYMBOLS)) (PROVES (GRAPH-TRANS-MERGE-PROOF X Y EXP1 EXP2 PF1 PF2) (F-IMPLIES (ISIN EXP1 (GRAPH-TRANS (CONS X Y))) EXP2) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (F-EQUAL EXP1 (NCODE X)) EXP2))) (GRAPH-TRANS-MERGE)) )) (TOGGLE G0867 GRAPH-TRANS-MERGE T) (DEFN A-EV-DEFN-OK-FRAME-PROOF3 (FORMALS Y GR DEFN-PART DEFN-PART-FORM REC-DEFN-PART REC-FORM DEFN-PF RECPF) (GRAPH-TRANS-MERGE-PROOF Y GR FORMALS DEFN-PART DEFN-PF (CHAIN-PROOF (ISIN FORMALS (GRAPH-TRANS GR)) DEFN-PART (LIST REC-DEFN-PART) (LIST RECPF (WEAKEN-ISIN-PROOF REC-FORM DEFN-PART-FORM Y GR))))) (PROVE-LEMMA A-EV-DEFN-OK-FRAME-PROOF3-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (EQUAL GRAPH (CONS Y GR)) (FORM-SYMB1 DEFN-PART-FORM SYMBOLS) (FORM-SYMB1 REC-FORM SYMBOLS) (EQUAL DEFN-PART (MAKE-FORM-SYMB DEFN-PART-FORM)) (EQUAL REC-DEFN-PART (MAKE-FORM-SYMB REC-FORM)) (WEAKEN-ISIN REC-FORM DEFN-PART-FORM Y GR) (PROVES DEFN-PF (F-IMPLIES (F-EQUAL FORMALS (NCODE Y)) DEFN-PART) GIVEN DEFNS SYMBOLS) (PROVES RECPF (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GR)) REC-DEFN-PART) GIVEN DEFNS SYMBOLS)) (PROVES (A-EV-DEFN-OK-FRAME-PROOF3 FORMALS Y GR DEFN-PART DEFN-PART-FORM REC-DEFN-PART REC-FORM DEFN-PF RECPF) (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GRAPH)) DEFN-PART) GIVEN DEFNS SYMBOLS)) ((DISABLE NLISTP-NCODE) (USE (PROVES-IS-FORMULA (PF DEFN-PF) (EXP (F-IMPLIES (F-EQUAL FORMALS (NCODE Y)) DEFN-PART))) (PROVES-IS-FORMULA (PF RECPF) (EXP (F-IMPLIES (ISIN FORMALS (GRAPH-TRANS GR)) REC-DEFN-PART)))))) (TOGGLE G0869 A-EV-DEFN-OK-FRAME-PROOF3 T) (PROVE-LEMMA WEAKEN-ISIN-A-EV-DEFN-PART (REWRITE) (WEAKEN-ISIN (A-EV-SYMB-FORM FLG EXP VA FA VAL (GRAPH-TRANS GR)) (A-EV-SYMB-FORM FLG EXP VA FA VAL (GRAPH-TRANS (CONS Y GR))) Y GR)) (PROVE-LEMMA TERM-NCODE-CASE (REWRITE) (IMPLIES (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP (NCODE X) 0 SYMBOLS))) (PROVE-LEMMA TERM-GRAPH-TRANS-CASE (REWRITE) (IMPLIES (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP (GRAPH-TRANS X) 0 SYMBOLS))) (PROVE-LEMMA A-EV-SYMB-FORM-A-EV-DEFN-PART1 (REWRITE) (EQUAL (MAKE-FORM-SYMB (A-EV-SYMB-FORM FLG EXP VA FA VAL TRACE)) (A-EV-DEFN-PART1 FLG EXP VA FA VAL TRACE)) ((ENABLE A-EV-DEFN-PART1))) (TOGGLE G0890 A-EV-SYMB-FORM T) (TOGGLE G0891 A-EV-DEFN-PART-OK-PROOF T) (DEFN A-EV-DEFN-OK-PROOF (FLG EXP VA FA N FLG1 EXP1 VA1 FA1 VAL1) (IF (EQUAL FLG 1) (IF (LISTP EXP) (A-EV-DEFN-OK-FRAME-PROOF2 (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH 0 (CAR EXP) VA FA N) (EV-GRAPH 1 (CDR EXP) VA FA N) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CAR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CAR EXP) VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 1 (CDR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 1 (CDR EXP) VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (A-EV-DEFN-OK-PROOF 0 (CAR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1) (A-EV-DEFN-OK-PROOF 1 (CDR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1)) (GRAPH-TRANS-MERGE-PROOF (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) NIL (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (GRAPH-TRANS NIL)))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (GRAPH-TRANS NIL)) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N)))) (LIST (NULL-AXIOM-PROOF (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1))))))) (IF (LISTP EXP) (IF (ZEROP (CAR EXP)) (IF (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (A-EV-DEFN-OK-FRAME-PROOF2 (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH 0 (CADR EXP) VA FA N) (EV-GRAPH 0 (CADDDR EXP) VA FA N) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADR EXP) VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADDDR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADDDR EXP) VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (A-EV-DEFN-OK-PROOF 0 (CADR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1) (A-EV-DEFN-OK-PROOF 0 (CADDDR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1)) (A-EV-DEFN-OK-FRAME-PROOF2 (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH 0 (CADR EXP) VA FA N) (EV-GRAPH 0 (CADDR EXP) VA FA N) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADR EXP) VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADDR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (CADDR EXP) VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (A-EV-DEFN-OK-PROOF 0 (CADR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1) (A-EV-DEFN-OK-PROOF 0 (CADDR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1))) (IF (EQUAL (CAR EXP) 10) (GRAPH-TRANS-MERGE-PROOF (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) NIL (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (GRAPH-TRANS NIL)))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (GRAPH-TRANS NIL)) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N)))) (LIST (NULL-AXIOM-PROOF (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)))))) (IF (SUBRP (CAR EXP)) (A-EV-DEFN-OK-FRAME-PROOF3 (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH 1 (CDR EXP) VA FA N) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 1 (CDR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 1 (CDR EXP) VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (A-EV-DEFN-OK-PROOF 1 (CDR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1)) (IF (ZEROP N) NIL (A-EV-DEFN-OK-FRAME-PROOF2 (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)) (EV-GRAPH 1 (CDR EXP) VA FA N) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)))) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 1 (CDR EXP) VA FA N))) (A-EV-SYMB-FORM FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH 1 (CDR EXP) VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (A-EV-DEFN-OK-PROOF 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N) FLG1 EXP1 VA1 FA1 VAL1) (A-EV-DEFN-OK-PROOF 1 (CDR EXP) VA FA N FLG1 EXP1 VA1 FA1 VAL1)))))) (GRAPH-TRANS-MERGE-PROOF (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) NIL (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-INST-FORMALS-PROOF FLG EXP VA FA N) (TAUTCONSEQ-PROOF (LIST (F-NOT (ISIN (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (GRAPH-TRANS NIL)))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)) (GRAPH-TRANS NIL)) (A-EV-DEFN-PART1 FLG1 EXP1 VA1 FA1 VAL1 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N)))) (LIST (NULL-AXIOM-PROOF (Z-LIST (LIST VAL1 FLG1 EXP1 VA1 FA1)))))))) ((LEX2 (LIST N (COUNT EXP))))) ;;;;;;;The definition part of "A-ev" is `OK'. (PROVE-LEMMA A-EV-DEFN-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1) (FN 6 1) (FN 10 1) (FN 16 1) (FN 15 2) (FN 9 1) (FN 4 1) (FN 5 1)) SYMBOLS) (SUBSET (LIST (P 1 2) (FN 1 2)) SYMBOLS) (MEMBER (FN 0 0) SYMBOLS) (MEMBER (FN 1 2) SYMBOLS) (MEMBER (P 1 2) SYMBOLS) (SUBSET (LIST (FN 0 0) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-ALL-HYPS GIVEN DEFNS SYMBOLS) (Z-SUBRP-HYPS DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N)))) (PROVES (A-EV-DEFN-OK-PROOF FLG EXP VA FA N 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 6 7 8 9 10 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N)))) GIVEN DEFNS SYMBOLS)) ((DISABLE NLISTP-NCODE Z-APPLY-SUBR-ALL-HYPS Z-SUBRP-HYPS NZEROP-NCODE-EQUAL EV-IF-REDUC SUBSET) )) (TOGGLE G0896 A-EV-DEFN-OK-PROOF T) (TOGGLE G0897 EV-GRAPH T) (DEFN A-EV (FLG EXP VA FA VAL TRACE) (F-AND (ISIN (Z-LIST (LIST VAL FLG EXP VA FA)) TRACE) (LIST-ALL-QUANTIFY (LIST 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) TRACE) (A-EV-DEFN-PART1 6 7 8 9 10 TRACE))))) (DEFN A-EV-OK-PROOF (FLG EXP VA FA N) (AND-JOIN-PROOF (ISIN (Z-LIST (LIST (NCODE (EV FLG EXP VA FA N)) (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (LIST-ALL-QUANTIFY (LIST 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 6 7 8 9 10 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (IN-GRAPH-PROOF (CONS (EV FLG EXP VA FA N) (CONS FLG (CONS EXP (CONS VA FA)))) (EV-GRAPH FLG EXP VA FA N)) (LIST-GEN-PROOF (LIST 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 6 7 8 9 10 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N)))) (A-EV-DEFN-OK-PROOF FLG EXP VA FA N 6 7 8 9 10)))) (PROVE-LEMMA A-EV-DEFN-OK-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-DEFN-PART1 6 7 8 9 10 (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N)))))) (PROVES (A-EV-DEFN-OK-PROOF FLG EXP VA FA N 6 7 8 9 10) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE NLISTP-NCODE Z-APPLY-SUBR-ALL-HYPS Z-LIST))) (TOGGLE G0898 A-EV-DEFN-OK-PROOF-PROVES T) ;;;;;;;"A-ev" is `OK', i.e., ;;;;;;;|- "A-ev(, , , , <(EV FLG EXP VA FA N)>, ;;;;;;; [(EV-GRAPH FLG EXP VA FA N)])" (PROVE-LEMMA A-EV-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (PROVES (A-EV-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-APPLY-SUBR-ALL-HYPS EV LIST-ALL-QUANTIFY))) (TOGGLE G0899 A-EV-OK-PROOF T) (PROVE-LEMMA FORSOME-INTRO-PROVES-AGAIN (REWRITE) (IMPLIES (AND (VARIABLE VAR) (NOT (MEMBER VAR (COLLECT-FREE B 0))) (PROVES PF (F-IMPLIES A B) GIVEN DEFNS SYMBOLS)) (PROVES (FORSOME-INTRO-PROOF VAR A B PF) (F-IMPLIES (FORSOME VAR A) B) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (F-IMPLIES A B)))))) (DEFN A-EV-GOOD-REDUC-PROOF (FLG EXP EXPR VA FA VAL1 TRACE CONC PFEXPR PF) (CHAIN-PROOF (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) EXPR (NCODE VA) (NCODE FA))) TRACE) CONC (LIST (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE)) (LIST (EQUAL-ISIN-IMP-PROOF (Z-LIST (LIST VAL1 (NCODE FLG) EXPR (NCODE VA) (NCODE FA))) (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE (FLIP-EQUALS-PROOF (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) (Z-LIST (LIST VAL1 (NCODE FLG) EXPR (NCODE VA) (NCODE FA))) (EV-EQUAL-Z-LIST-PROOF VAL1 FLG EXP EXPR VA FA PFEXPR))) PF))) (PROVE-LEMMA A-EV-GOOD-REDUC-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (P 1 2) (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (TERMP (LIST VAL1 TRACE) 1 SYMBOLS) (PROVES PFEXPR (F-EQUAL EXPR (NCODE EXP)) GIVEN DEFNS SYMBOLS) (PROVES PF (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) CONC) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) EXPR (NCODE VA) (NCODE FA))) TRACE) CONC))) (PROVES (A-EV-GOOD-REDUC-PROOF FLG EXP EXPR VA FA VAL1 TRACE CONC PFEXPR PF) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (PF PFEXPR) (EXP (F-EQUAL EXPR (NCODE EXP))))))) (TOGGLE G0900 A-EV-GOOD-REDUC-PROOF T) (DEFN A-EV-DEFN-GOOD-STEP-PROOF (CL1 CL2 DEXP RVAR RVAL VAL1 VAL-BAR PF1 PF2) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES CL1 (F-IMPLIES DEXP (F-EQUAL RVAR (NCODE RVAL)))) (F-IMPLIES (F-EQUAL RVAR (NCODE RVAL)) (F-IMPLIES CL2 (F-IMPLIES DEXP (F-EQUAL VAL1 VAL-BAR))))) (F-IMPLIES (F-AND CL1 CL2) (F-IMPLIES DEXP (F-EQUAL VAL1 VAL-BAR))) (LIST PF1 (FORM-EQUAL-CASE-PROOF (LIST RVAR) (LIST (NCODE RVAL)) (F-IMPLIES CL2 (F-IMPLIES DEXP (F-EQUAL VAL1 VAL-BAR))) PF2)))) (PROVE-LEMMA A-EV-DEFN-GOOD-STEP-PROOF-PROVES (REWRITE) (IMPLIES (AND (VARIABLE RVAR) (FORMULA CL2 SYMBOLS) (TERMP (LIST VAL1 VAL-BAR) 1 SYMBOLS) (PROVES PF1 (F-IMPLIES CL1 (F-IMPLIES DEXP (F-EQUAL RVAR (NCODE RVAL)))) GIVEN DEFNS SYMBOLS) (PROVES PF2 (PARALLEL-SUBST (F-IMPLIES CL2 (F-IMPLIES DEXP (F-EQUAL VAL1 VAL-BAR))) (LIST RVAR) (LIST (NCODE RVAL)) 0) GIVEN DEFNS SYMBOLS)) (PROVES (A-EV-DEFN-GOOD-STEP-PROOF CL1 CL2 DEXP RVAR RVAL VAL1 VAL-BAR PF1 PF2) (F-IMPLIES (F-AND CL1 CL2) (F-IMPLIES DEXP (F-EQUAL VAL1 VAL-BAR))) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES CL1 (F-IMPLIES DEXP (F-EQUAL RVAR (NCODE RVAL))))))) )) (TOGGLE G0901 A-EV-DEFN-GOOD-STEP-PROOF T) (DEFN A-EV-DEFN-PART-LIST-GOOD-PROOF (EXP VA FA VAL1 RVAR1 RVAR2 RVAL1 RVAL2 TRACE DEXP PF1 PF2) (FORSOME-INTRO-PROOF RVAR1 (FORSOME RVAR2 (F-AND (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-AND (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL1 (Z-OPAIR RVAR1 RVAR2))))) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (CONS RVAL1 RVAL2)))) (FORSOME-INTRO-PROOF RVAR2 (F-AND (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-AND (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL1 (Z-OPAIR RVAR1 RVAR2)))) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (CONS RVAL1 RVAL2)))) (A-EV-DEFN-GOOD-STEP-PROOF (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-AND (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL1 (Z-OPAIR RVAR1 RVAR2))) DEXP RVAR1 RVAL1 VAL1 (NCODE (CONS RVAL1 RVAL2)) (A-EV-GOOD-REDUC-PROOF 0 (CAR EXP) (Z-CAR (NCODE EXP)) VA FA RVAR1 TRACE (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1))) (Z-CAR-NCODE-PROOF EXP) PF1) (A-EV-DEFN-GOOD-STEP-PROOF (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL1 (Z-OPAIR (NCODE RVAL1) RVAR2)) DEXP RVAR2 RVAL2 VAL1 (NCODE (CONS RVAL1 RVAL2)) (A-EV-GOOD-REDUC-PROOF 1 (CDR EXP) (Z-CDR (NCODE EXP)) VA FA RVAR2 TRACE (F-IMPLIES DEXP (F-EQUAL RVAR2 (NCODE RVAL2))) (Z-CDR-NCODE-PROOF EXP) PF2) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-EQUAL VAL1 (NCODE (CONS RVAL1 RVAL2))) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (CONS RVAL1 RVAL2))))) NIL)))))) (TOGGLE G0908 NOT-FREE-PARALLEL-SUBST NIL) (PROVE-LEMMA A-EV-DEFN-PART-LIST-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST RVAR1 RVAR2 VAL1 TRACE) 4) (NIL-INTERSECT (LIST RVAR1 RVAR2) (COLLECT-FREE DEXP 0)) (PROVES PF1 (F-IMPLIES (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (NCODE (CAR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1)))) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (ISIN (Z-LIST (LIST RVAR2 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR2 (NCODE RVAL2)))) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (A-EV-LIST-PART EXP VA FA VAL1 RVAR1 RVAR2 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (CONS RVAL1 RVAL2))))))) (PROVES (A-EV-DEFN-PART-LIST-GOOD-PROOF EXP VA FA VAL1 RVAR1 RVAR2 RVAL1 RVAL2 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (NCODE (CAR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1))))))))) (TOGGLE G0916 A-EV-DEFN-PART-LIST-GOOD-PROOF T) (DEFN A-EV-DEFN-PART-IF-GOOD-PROOF (EXP VA FA VAL1 VAL TRACE RVAR1 RVAL1 DEXP PF1 PF) (FORSOME-INTRO-PROOF RVAR1 (BODY (A-EV-IF-PART (NCODE EXP) (NCODE VA) (NCODE FA) VAL1 TRACE RVAR1)) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))) (A-EV-DEFN-GOOD-STEP-PROOF (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (Z-CAR (Z-CDR (NCODE EXP))) (NCODE VA) (NCODE FA))) TRACE) (F-IF (F-EQUAL RVAR1 (NCODE 0)) (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) (NCODE VA) (NCODE FA))) TRACE) (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) (NCODE VA) (NCODE FA))) TRACE)) DEXP RVAR1 RVAL1 VAL1 (NCODE VAL) (A-EV-GOOD-REDUC-PROOF 0 (CADR EXP) (Z-CAR (Z-CDR (NCODE EXP))) VA FA RVAR1 TRACE (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1))) (Z-CAR-CDR-PROOF EXP (LIST 1 2)) PF1) (REC-FORM-Z-IF-EVAL-PROOF (LIST (LIST (NCODE-EQUAL RVAL1 0) (IDENT-AXIOM-PROOF (NCODE 0)) (NCODE-NEQUAL-PROOF RVAL1 0)) (A-EV-GOOD-REDUC-PROOF 0 (CADDDR EXP) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) VA FA VAL1 TRACE (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))) (Z-CAR-CDR-PROOF EXP (LIST 1 2 2 2)) PF) (A-EV-GOOD-REDUC-PROOF 0 (CADDR EXP) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) VA FA VAL1 TRACE (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))) (Z-CAR-CDR-PROOF EXP (LIST 1 2 2)) PF)) (Z-IF (F-EQUAL (NCODE RVAL1) (NCODE 0)) (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2 2)) (NCODE VA) (NCODE FA))) TRACE) (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (Z-CAR-CDR (NCODE EXP) (LIST 1 2 2)) (NCODE VA) (NCODE FA))) TRACE)) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))))))) (PROVE-LEMMA NLISTP-NNUMBERP-NCODE (REWRITE) (IMPLIES (AND (NOT (LISTP X)) (NOT (NUMBERP X))) (EQUAL (NCODE X) (NCODE 0))) ((ENABLE NCODE))) (PROVE-LEMMA A-EV-DEFN-PART-IF-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST RVAR1 VAL1 TRACE) 3) (NOT (MEMBER RVAR1 (COLLECT-FREE DEXP 0))) (PROVES PF1 (F-IMPLIES (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (NCODE (CADR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1)))) GIVEN DEFNS SYMBOLS) (IF (NCODE-EQUAL RVAL1 0) (PROVES PF (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (NCODE (CADDDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL)))) GIVEN DEFNS SYMBOLS) (PROVES PF (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (NCODE (CADDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL)))) GIVEN DEFNS SYMBOLS)) (EQUAL CONCL (F-IMPLIES (A-EV-IF-PART (NCODE EXP) (NCODE VA) (NCODE FA) VAL1 TRACE RVAR1) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL)))))) (PROVES (A-EV-DEFN-PART-IF-GOOD-PROOF EXP VA FA VAL1 VAL TRACE RVAR1 RVAL1 DEXP PF1 PF) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (ISIN (Z-LIST (LIST RVAR1 (NCODE 0) (NCODE (CADR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1))))))))) (TOGGLE G0919 A-EV-DEFN-PART-IF-GOOD-PROOF T) (TOGGLE G0920 NLISTP-NNUMBERP-NCODE T) (DEFN A-EV-DEFN-PART-SUBR-GOOD-PROOF (EXP VA FA VAL1 TRACE RVAR1 RVAL1 DEXP PF) (FORSOME-INTRO-PROOF RVAR1 (BODY (A-EV-SUBR-PART EXP VA FA VAL1 RVAR1 TRACE)) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (APPLY-SUBR (CAR EXP) RVAL1)))) (A-EV-DEFN-GOOD-STEP-PROOF (ISIN (Z-LIST (LIST RVAR1 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-EQUAL VAL1 (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) RVAR1)) DEXP RVAR1 RVAL1 VAL1 (NCODE (APPLY-SUBR (CAR EXP) RVAL1)) (A-EV-GOOD-REDUC-PROOF 1 (CDR EXP) (Z-CDR (NCODE EXP)) VA FA RVAR1 TRACE (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1))) (Z-CDR-NCODE-PROOF EXP) PF) (TAUTCONSEQ-PROOF (LIST (F-EQUAL (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL1)) (NCODE (APPLY-SUBR (CAR EXP) RVAL1))) (F-IMPLIES (F-EQUAL VAL1 (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL1))) (F-IMPLIES (F-EQUAL (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL1)) (NCODE (APPLY-SUBR (CAR EXP) RVAL1))) (F-EQUAL VAL1 (NCODE (APPLY-SUBR (CAR EXP) RVAL1)))))) (F-IMPLIES (F-EQUAL VAL1 (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL1))) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (APPLY-SUBR (CAR EXP) RVAL1))))) (LIST (COMPOSE-PROOF (FN 15 2) (NCODE (APPLY-SUBR (CAR EXP) RVAL1)) (LIST (Z-CAR (NCODE EXP)) (NCODE RVAL1)) (LIST (NCODE (CAR EXP)) (NCODE RVAL1)) (LIST (Z-CAR-NCODE-PROOF EXP) (IDENT-AXIOM-PROOF (NCODE RVAL1))) (Z-APPLY-SUBR-NCODE-PROOF (CAR EXP) RVAL1)) (TRANS-EQUAL-PROOF3 VAL1 (Z-APPLY-SUBR (Z-CAR (NCODE EXP)) (NCODE RVAL1)) (NCODE (APPLY-SUBR (CAR EXP) RVAL1)))))))) (PROVE-LEMMA A-EV-DEFN-PART-SUBR-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (Z-APPLY-SUBR-ALL-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST RVAR1 VAL1 TRACE) 3) (NOT (MEMBER RVAR1 (COLLECT-FREE DEXP 0))) (PROVES PF (F-IMPLIES (ISIN (Z-LIST (LIST RVAR1 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1)))) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (A-EV-SUBR-PART EXP VA FA VAL1 RVAR1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (APPLY-SUBR (CAR EXP) RVAL1))))))) (PROVES (A-EV-DEFN-PART-SUBR-GOOD-PROOF EXP VA FA VAL1 TRACE RVAR1 RVAL1 DEXP PF) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (EXP (F-IMPLIES (ISIN (Z-LIST (LIST RVAR1 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR1 (NCODE RVAL1))))))))) (TOGGLE G0921 A-EV-DEFN-PART-SUBR-GOOD-PROOF T) (PROVE-LEMMA PARALLEL-SUBST-VAR (REWRITE) (IMPLIES (NUMBERP EXP) (EQUAL (PARALLEL-SUBST EXP VARS TERMS 0) (GETPF EXP VARS TERMS)))) (TOGGLE G0922 NOT-FREE-PARALLEL-SUBST T) (TOGGLE G0923 PARALLEL-SUBST-NIL NIL) (TOGGLE G0924 GET-GRAPH T) (DEFN A-EV-FUN-PART-BODY (EXP FA VAL1 TRACE RVAR1 GETVA TR1) (F-IMPLIES (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) GETVA 11 13 14 TR1) (ISIN (Z-LIST (LIST VAL1 (NCODE 0) GETVA RVAR1 (NCODE FA))) TRACE))) (DEFN A-GET-EV-GOOD-REDUC-PROOF (EXP FA GETVAL X1 Y1 VAL1 TR1) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (ISIN (Z-LIST (LIST GETVAL (NCODE (SUB1-N (CAR EXP) 11)) (NCODE FA))) TR1) (ISIN (Z-LIST (LIST GETVAL (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA))) TR1)) (A-GET (NCODE (SUB1-N (CAR EXP) 11)) (NCODE FA) GETVAL X1 Y1 VAL1 TR1)) (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) GETVAL X1 Y1 VAL1 TR1) (LIST (EQUAL-Z-LIST-ISIN-IMP-PROOF (LIST GETVAL (NCODE (SUB1-N (CAR EXP) 11)) (NCODE FA)) (LIST GETVAL (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA)) TR1 (LIST (IDENT-AXIOM-PROOF GETVAL) (FLIP-EQUALS-PROOF (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE (SUB1-N (CAR EXP) 11)) (Z-SUB1-N-NCODE-PROOF (Z-CAR (NCODE EXP)) 11 (CAR EXP) (Z-CAR-NCODE-PROOF EXP))) (IDENT-AXIOM-PROOF (NCODE FA)))) (A-GET-OK-PROOF1 (SUB1-N (CAR EXP) 11) FA X1 Y1 VAL1)))) (PROVE-LEMMA A-GET-EV-GOOD-REDUC-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (VAR-SET (LIST X1 Y1 VAL1) 3) (EQUAL GETVAL (NCODE (GET (SUB1-N (CAR EXP) 11) FA))) (EQUAL TR1 (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA))) (EQUAL CONCL (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) GETVAL X1 Y1 VAL1 TR1))) (PROVES (A-GET-EV-GOOD-REDUC-PROOF EXP FA GETVAL X1 Y1 VAL1 TR1) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0925 A-GET-EV-GOOD-REDUC-PROOF T) (DEFN A-EV-DEFN-PART-FUN-GOOD-PROOF (EXP VA FA VAL1 VAL TRACE RVAL1 DEXP PF1 PF2) (FORSOME-INTRO-PROOF 11 (BODY (A-EV-FUN-PART EXP VA FA VAL1 TRACE)) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))) (CHAIN-PROOF (BODY (A-EV-FUN-PART EXP VA FA VAL1 TRACE)) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))) (LIST (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-FUN-PART-BODY EXP FA VAL1 TRACE 11 (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA))))) (LIST (SUBST-THM-B-PROOF (F-AND (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-FUN-PART-BODY EXP FA VAL1 TRACE 11 15 16)) (LIST 15 16) (LIST (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA)))) (A-EV-DEFN-GOOD-STEP-PROOF (ISIN (Z-LIST (LIST 11 (NCODE 1) (Z-CDR (NCODE EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-FUN-PART-BODY EXP FA VAL1 TRACE 11 (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA))) DEXP 11 RVAL1 VAL1 (NCODE VAL) (A-EV-GOOD-REDUC-PROOF 1 (CDR EXP) (Z-CDR (NCODE EXP)) VA FA 11 TRACE (F-IMPLIES DEXP (F-EQUAL 11 (NCODE RVAL1))) (Z-CDR-NCODE-PROOF EXP) PF1) (TAUTCONSEQ-PROOF (LIST (A-GET (Z-SUB1-N (Z-CAR (NCODE EXP)) 11) (NCODE FA) (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) 11 13 14 (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (NCODE RVAL1) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))))) (F-IMPLIES (A-EV-FUN-PART-BODY EXP FA VAL1 TRACE (NCODE RVAL1) (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA))) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL)))) (LIST (A-GET-EV-GOOD-REDUC-PROOF EXP FA (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) 11 13 14 (GRAPH-TRANS (GET-GRAPH (SUB1-N (CAR EXP) 11) FA))) PF2))))))) (PROVE-LEMMA A-EV-DEFN-PART-FUN-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 10 1) (FN 9 1) (FN 5 1) (FN 4 1) (FN 3 1) (FN 2 2) (FN 1 2) (P 1 2) (P 2 1) (FN 0 0)) SYMBOLS) (Z-SUCC-HYPS DEFNS SYMBOLS) (Z-CAR-HYPS DEFNS SYMBOLS) (Z-CDR-HYPS DEFNS SYMBOLS) (Z-INT-HYPS DEFNS SYMBOLS) (Z-ZEROP-HYPS DEFNS SYMBOLS) (Z-SUB1-HYPS DEFNS SYMBOLS) (VAR-SET (LIST 11 15 16 VAL1 TRACE) 5) (NOT (MEMBER 11 (COLLECT-FREE DEXP 0))) (PROVES PF1 (F-IMPLIES (ISIN (Z-LIST (LIST 11 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL 11 (NCODE RVAL1)))) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE 0) (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (NCODE RVAL1) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL)))) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (A-EV-FUN-PART EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL)))))) (PROVES (A-EV-DEFN-PART-FUN-GOOD-PROOF EXP VA FA VAL1 VAL TRACE RVAL1 DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST) (USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (ISIN (Z-LIST (LIST 11 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL 11 (NCODE RVAL1)))))) (NOT-FREE-PARALLEL-SUBST (EXP DEXP) (VARS (LIST 11)) (TERMS (LIST (NCODE RVAL1))) (FLG 0))))) (TOGGLE G0926 A-EV-DEFN-PART-FUN-GOOD-PROOF T) (DEFN SUB-RVAR-PROOF (FLG EXP VA FA TRACE RVAR VAL1 DEXP RVAL PF) (SUBST-RULE-PROOF (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE RVAL)))) VAL1 RVAR PF)) (TOGGLE G0927 NOT-FREE-COVERING NIL) (PROVE-LEMMA SUB-RVAR-PROOF-PROVES (REWRITE) (IMPLIES (AND (VAR-SET (LIST VAL1 TRACE) 2) (TERMP RVAR 0 SYMBOLS) (NOT (MEMBER VAL1 (COLLECT-FREE DEXP 0))) (PROVES PF (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE RVAL)))) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (ISIN (Z-LIST (LIST RVAR (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL RVAR (NCODE RVAL)))))) (PROVES (SUB-RVAR-PROOF FLG EXP VA FA TRACE RVAR VAL1 DEXP RVAL PF) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0928 SUB-RVAR-PROOF T) (DEFN IND-FORM (FLG EXP VA FA VAL1 VAL TRACE DEXP) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE VAL))))) (PROVE-LEMMA FORM-Z-IF-EV-DEFN-PART-AGAIN (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS) (TERMP (LIST VAL1 TRACE) 1 SYMBOLS)) (FORM-Z-IF (Z-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) SYMBOLS))) (PROVE-LEMMA NCODE-EQUAL-IDENT-AXIOM-PROOF-PROVES (REWRITE) (IMPLIES (AND (SUBSET (LIST (FN 0 0) (FN 1 2) (FN 2 2) (FN 3 1)) SYMBOLS) (NCODE-EQUAL X Y)) (PROVES (IDENT-AXIOM-PROOF (NCODE X)) (F-EQUAL (NCODE X) (NCODE Y)) GIVEN DEFNS SYMBOLS))) (TOGGLE G0929 A-EV-DEFN-PART NIL) (DEFN A-EV-DEFN-PART-GOOD-PFTREE (FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) (LIST (LIST (EQUAL FLG 1) (IDENT-AXIOM-PROOF (NCODE 1)) (NCODE-NEQUAL-PROOF FLG 1)) (LIST (LIST (LISTP EXP) (Z-LISTP-NCODE-PROOF EXP) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-LISTP (NCODE EXP)) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (Z-LISTP-NCODE-PROOF EXP))) (A-EV-DEFN-PART-LIST-GOOD-PROOF EXP VA FA VAL1 11 12 (EV 0 (CAR EXP) VA FA N) (EV 1 (CDR EXP) VA FA N) TRACE DEXP (SUB-RVAR-PROOF 0 (CAR EXP) VA FA TRACE 11 VAL1 DEXP (EV 0 (CAR EXP) VA FA N) PF1) (SUB-RVAR-PROOF 1 (CDR EXP) VA FA TRACE 12 VAL1 DEXP (EV 1 (CDR EXP) VA FA N) PF2)) (TAUTCONSEQ-PROOF NIL (F-IMPLIES (F-EQUAL VAL1 (NCODE NIL)) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE NIL)))) NIL)) (LIST (LIST (LISTP EXP) (Z-LISTP-NCODE-PROOF EXP) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-LISTP (NCODE EXP)) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (Z-LISTP-NCODE-PROOF EXP))) (LIST (LIST (ZEROP (CAR EXP)) (COMPOSE-CAR-PROOF (FN 9 1) (NCODE 1) EXP (Z-ZEROP-NCODE-PROOF (CAR EXP))) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-ZEROP (Z-CAR (NCODE EXP))) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (COMPOSE-CAR-PROOF (FN 9 1) (NCODE 0) EXP (Z-ZEROP-NCODE-PROOF (CAR EXP))))) (A-EV-DEFN-PART-IF-GOOD-PROOF EXP VA FA VAL1 (EV FLG EXP VA FA N) TRACE 11 (EV 0 (CADR EXP) VA FA N) DEXP (SUB-RVAR-PROOF 0 (CADR EXP) VA FA TRACE 11 VAL1 DEXP (EV 0 (CADR EXP) VA FA N) PF1) PF2) (LIST (LIST (EQUAL (CAR EXP) 10) (Z-CAR-NCODE-PROOF EXP) (TRANS-NOT-EQUAL-PROOF (NCODE 10) (Z-CAR (NCODE EXP)) (NCODE (CAR EXP)) (NCODE-NEQUAL-PROOF 10 (CAR EXP)) (Z-CAR-NCODE-PROOF EXP))) (TAUTCONSEQ-PROOF (LIST (F-EQUAL (Z-CAR-CDR (NCODE EXP) (LIST 1 2)) (NCODE (CADR EXP))) (F-IMPLIES (F-EQUAL VAL1 (Z-CAR-CDR (NCODE EXP) (LIST 1 2))) (F-IMPLIES (F-EQUAL (Z-CAR-CDR (NCODE EXP) (LIST 1 2)) (NCODE (CADR EXP))) (F-EQUAL VAL1 (NCODE (CADR EXP)))))) (F-IMPLIES (F-EQUAL VAL1 (Z-CAR-CDR (NCODE EXP) (LIST 1 2))) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (CADR EXP))))) (LIST (Z-CAR-CDR-PROOF EXP (LIST 1 2)) (TRANS-EQUAL-PROOF3 VAL1 (Z-CAR-CDR (NCODE EXP) (LIST 1 2)) (NCODE (CADR EXP))))) (LIST (LIST (SUBRP (CAR EXP)) (COMPOSE-CAR-PROOF (FN 16 1) (NCODE 1) EXP (Z-SUBRP-NCODE-PROOF (CAR EXP))) (TRANS-NOT-EQUAL-PROOF (NCODE 1) (Z-SUBRP (Z-CAR (NCODE EXP))) (NCODE 0) (NCODE-NEQUAL-PROOF 1 0) (COMPOSE-CAR-PROOF (FN 16 1) (NCODE 0) EXP (Z-SUBRP-NCODE-PROOF (CAR EXP))))) (A-EV-DEFN-PART-SUBR-GOOD-PROOF EXP VA FA VAL1 TRACE 11 (EV 1 (CDR EXP) VA FA N) DEXP (SUB-RVAR-PROOF 1 (CDR EXP) VA FA TRACE 11 VAL1 DEXP (EV 1 (CDR EXP) VA FA N) PF1)) (A-EV-DEFN-PART-FUN-GOOD-PROOF EXP VA FA VAL1 (EV FLG EXP VA FA N) TRACE (EV 1 (CDR EXP) VA FA N) DEXP (SUB-RVAR-PROOF 1 (CDR EXP) VA FA TRACE 11 VAL1 DEXP (EV 1 (CDR EXP) VA FA N) PF1) PF2)))) (TAUTCONSEQ-PROOF (LIST (F-IMPLIES (A-GET1 (NCODE EXP) (NCODE VA) VAL1 11 13 14 16) (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))) (F-IMPLIES (A-GET1 (NCODE EXP) (NCODE VA) VAL1 11 13 14 16) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))) (LIST (A-GET1-GOOD-PROOF EXP VA VAL1 11 13 14 16)))))) (DEFN A-EV-DEFN-PART-GOOD-PROOF (FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) (REC-FORM-Z-IF-EVAL-PROOF (A-EV-DEFN-PART-GOOD-PFTREE FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) (Z-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N)))))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-QUOTE-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (EQUAL (CAR EXP) 10) (EV-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (FORMULA DEXP SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART A-GET1 NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV-IF-REDUC EV-LIST-REDUC EV-SUBR-REDUC EV-FUN-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-LIST-CASE (REWRITE) (IMPLIES (AND (EQUAL FLG 1) (LISTP EXP) (EV-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (NIL-INTERSECT (LIST 11 12 VAL1) (COLLECT-FREE DEXP 0)) (NOT (BTMP (EV 1 EXP VA FA N))) (AND (PROVES PF1 (IND-FORM 0 (CAR EXP) VA FA VAL1 (EV 0 (CAR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS) (PROVES PF2 (IND-FORM 1 (CDR EXP) VA FA VAL1 (EV 1 (CDR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS)) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART A-GET1 NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV EV-IF-REDUC EV-SUBR-REDUC EV-FUN-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-NLIST-CASE (REWRITE) (IMPLIES (AND (EQUAL FLG 1) (NLISTP EXP) (EV-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (FORMULA DEXP SYMBOLS) (NOT (BTMP (EV 1 EXP VA FA N))) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART A-GET1 NLISTP-NCODE NZEROP-NCODE-EQUAL FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV-IF-REDUC EV-LIST-REDUC EV-SUBR-REDUC EV-FUN-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-IF-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (ZEROP (CAR EXP)) (EV-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (NIL-INTERSECT (LIST 11 12 VAL1) (COLLECT-FREE DEXP 0)) (NOT (BTMP (EV FLG EXP VA FA N))) (AND (PROVES PF1 (IND-FORM 0 (CADR EXP) VA FA VAL1 (EV 0 (CADR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS) (IF (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (PROVES PF2 (IND-FORM 0 (CADDDR EXP) VA FA VAL1 (EV 0 (CADDDR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS) (PROVES PF2 (IND-FORM 0 (CADDR EXP) VA FA VAL1 (EV 0 (CADDR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS))) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART A-GET1 NLISTP-NCODE FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV EV-LIST-REDUC EV-SUBR-REDUC EV-FUN-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-SUBR-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (SUBRP (CAR EXP)) (EV-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (NIL-INTERSECT (LIST 11 12 VAL1) (COLLECT-FREE DEXP 0)) (NOT (BTMP (EV FLG EXP VA FA N))) (PROVES PF1 (IND-FORM 1 (CDR EXP) VA FA VAL1 (EV 1 (CDR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART A-GET1 NLISTP-NCODE FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV EV-LIST-REDUC EV-IF-REDUC EV-FUN-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-FUN-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (NOT (ZEROP (CAR EXP))) (NOT (EQUAL (CAR EXP) 10)) (NOT (SUBRP (CAR EXP))) (EV-HYPS GIVEN DEFNS SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (NIL-INTERSECT (LIST 11 12 VAL1) (COLLECT-FREE DEXP 0)) (NOT (BTMP (EV FLG EXP VA FA N))) (PROVES PF1 (IND-FORM 1 (CDR EXP) VA FA VAL1 (EV 1 (CDR EXP) VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS) (PROVES PF2 (IND-FORM 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA VAL1 (EV FLG EXP VA FA N) TRACE DEXP) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART A-GET1 NLISTP-NCODE FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV EV-LIST-REDUC EV-IF-REDUC EV-SUBR-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (PROVE-LEMMA A-EV-DEFN-PART-GOOD-PROOF-PROVES-VAR-CASE (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (NOT (LISTP EXP)) (EV-HYPS GIVEN DEFNS SYMBOLS) (FORMULA DEXP SYMBOLS) (VAR-SET (LIST 11 12 15 16 VAL1 TRACE) 6) (NIL-INTERSECT (LIST 11 12 VAL1) (COLLECT-FREE DEXP 0)) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (F-IMPLIES (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE) (F-IMPLIES DEXP (F-EQUAL VAL1 (NCODE (EV FLG EXP VA FA N))))))) (PROVES (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N VAL1 TRACE DEXP PF1 PF2) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST A-EV-LIST-PART A-EV-IF-PART A-EV-SUBR-PART A-EV-FUN-PART NLISTP-NCODE FORM-Z-IF PROVES-IS-FORMULA-AGAIN EV-FUN-REDUC EV-LIST-REDUC EV-IF-REDUC EV-SUBR-REDUC) (USE (FORM-Z-IF-EV-DEFN-PART-AGAIN)))) (TOGGLE G0930 A-EV-DEFN-PART-GOOD-PROOF T) (PROVE-LEMMA FREE-FOR-X-X (REWRITE) (IMPLIES (VARIABLE X) (FREE-FOR EXP X X FLG))) (TOGGLE G0932 FREE-FOR T) (TOGGLE G0933 FREE-FOR-LIST NIL) (DEFN A-EV-REDUC-PROOF (FLG EXP VA FA VAL1 TRACE) (F-IFF-MP-PROOF2 (F-IMPLIES (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) VAL1 TRACE) (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE)) (F-IMPLIES (LIST-ALL-QUANTIFY (LIST 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) TRACE) (A-EV-DEFN-PART1 6 7 8 9 10 TRACE))) (F-IMPLIES (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE))) (GOOD-FRAME1-PROOF (ISIN (Z-LIST (LIST VAL1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (LIST-ALL-QUANTIFY (LIST 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) TRACE) (A-EV-DEFN-PART1 6 7 8 9 10 TRACE))) (A-EV-DEFN-PART FLG EXP VA FA VAL1 TRACE)) (SUBST-THM-B-PROOF (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) TRACE) (A-EV-DEFN-PART1 6 7 8 9 10 TRACE)) (LIST 6 7 8 9 10) (LIST (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) VAL1)))) (PROVE-LEMMA PARALLEL-SUBST-A-EV-DEFN-PART1-AGAIN (REWRITE) (IMPLIES (AND (VARIABLE TRACE) (NOT (MEMBER TRACE (LIST 6 7 8 9 10)))) (EQUAL (PARALLEL-SUBST (A-EV-DEFN-PART1 6 7 8 9 10 TRACE) (LIST 6 7 8 9 10) (LIST (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) VAL-BAR) 0) (A-EV-DEFN-PART FLG EXP VA FA VAL-BAR TRACE))) ((ENABLE A-EV-DEFN-PART1))) (TOGGLE G0935 A-EV-DEFN-PART T) (PROVE-LEMMA FREE-FOR-LIST-REDUC (REWRITE) (EQUAL (FREE-FOR-LIST EXP VARS TERMS) (IF (AND (LISTP VARS) (LISTP TERMS)) (AND (FREE-FOR EXP (CAR VARS) (CAR TERMS) 0) (FREE-FOR-LIST EXP (CDR VARS) (CDR TERMS))) T))) (TOGGLE G0940 FREE-FOR-LIST T) (DEFN ALL-SYMBS (SYMBOLS) (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) SYMBOLS)) (PROVE-LEMMA A-EV-REDUC-PROOF-PROVES (REWRITE) (IMPLIES (AND (ALL-SYMBS SYMBOLS) (VARIABLE TRACE) (NOT (MEMBER TRACE (LIST 6 7 8 9 10))) (EQUAL CONCL (F-IMPLIES (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) 10 TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE)))) (PROVES (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) CONCL GIVEN DEFNS SYMBOLS))) (TOGGLE G0947 A-EV-REDUC-PROOF T) (TOGGLE G0949 A-EV-DEFN-PART1 NIL) (DEFN A-EV-DEFN (TRACE ) (LIST-ALL-QUANTIFY (LIST 6 7 8 9 10) (F-IMPLIES (ISIN (Z-LIST (LIST 10 6 7 8 9)) TRACE) (A-EV-DEFN-PART1 6 7 8 9 10 TRACE)))) (PROVE-LEMMA COLLECT-FREE-Z-SUB1-N (REWRITE) (EQUAL (MEMBER VAR (COLLECT-FREE (Z-SUB1-N EXP N) 0)) (MEMBER VAR (COLLECT-FREE EXP 0)))) (PROVE-LEMMA NIL-INT-A-EV-DEFN (REWRITE) (IMPLIES (AND (VARIABLE TRACE) (NOT (MEMBER TRACE (LIST 11 12 10)))) (NIL-INTERSECT (LIST 11 12 10) (COLLECT-FREE (A-EV-DEFN TRACE) 0)))) (PROVE-LEMMA FORMULA-A-EV-DEFN (REWRITE) (IMPLIES (AND (ALL-SYMBS SYMBOLS) (VARIABLE TRACE)) (FORMULA (A-EV-DEFN TRACE) SYMBOLS))) (TOGGLE G0950 A-EV-DEFN-PART1 T) (PROVE-LEMMA A-EV-REDUC (REWRITE) (EQUAL (A-EV FLG-BAR EXP-BAR VA-BAR FA-BAR VAL1 TRACE) (F-AND (ISIN (Z-LIST (LIST VAL1 FLG-BAR EXP-BAR VA-BAR FA-BAR)) TRACE) (A-EV-DEFN TRACE)))) (TOGGLE G0951 A-EV-DEFN T) (TOGGLE G0952 A-EV T) (PROVE-LEMMA GOOD-FRAME2-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (PROVES PF1 (F-IMPLIES (F-AND A B) C) GIVEN DEFNS SYMBOLS) (PROVES PF2 (F-IMPLIES C (F-IMPLIES B D)) GIVEN DEFNS SYMBOLS)) (PROVES (GOOD-FRAME2-PROOF A B C D PF1 PF2) (F-IMPLIES (F-AND A B) D) GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (PF PF1) (EXP (F-IMPLIES (F-AND A B) C))) (PROVES-IS-FORMULA (PF PF2) (EXP (F-IMPLIES C (F-IMPLIES B D))))) )) (TOGGLE G0953 GOOD-FRAME2-PROOF-PROVES T) (DEFN A-EV-GOOD-PROOF (FLG EXP VA FA N TRACE) (IF (EQUAL FLG 1) (IF (LISTP EXP) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 0) (NCODE (CAR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 0 (CAR EXP) VA FA N))) (A-EV-GOOD-PROOF 0 (CAR EXP) VA FA N TRACE)) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 1 (CDR EXP) VA FA N))) (A-EV-GOOD-PROOF 1 (CDR EXP) VA FA N TRACE)))) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) NIL NIL))) (IF (LISTP EXP) (IF (ZEROP (CAR EXP)) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 0) (NCODE (CADR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 0 (CADR EXP) VA FA N))) (A-EV-GOOD-PROOF 0 (CADR EXP) VA FA N TRACE)) (IF (NCODE-EQUAL (EV 0 (CADR EXP) VA FA N) 0) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 0) (NCODE (CADDDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 0 (CADDDR EXP) VA FA N))) (A-EV-GOOD-PROOF 0 (CADDDR EXP) VA FA N TRACE)) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 0) (NCODE (CADDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 0 (CADDR EXP) VA FA N))) (A-EV-GOOD-PROOF 0 (CADDR EXP) VA FA N TRACE))))) (IF (EQUAL (CAR EXP) 10) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) NIL NIL)) (IF (SUBRP (CAR EXP)) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 1 (CDR EXP) VA FA N))) (A-EV-GOOD-PROOF 1 (CDR EXP) VA FA N TRACE)) NIL)) (IF (ZEROP N) NIL (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 1) (NCODE (CDR EXP)) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 1 (CDR EXP) VA FA N))) (A-EV-GOOD-PROOF 1 (CDR EXP) VA FA N TRACE)) (GOOD-FRAME3-PROOF (ISIN (Z-LIST (LIST 10 (NCODE 0) (NCODE (GET (SUB1-N (CAR EXP) 11) FA)) (NCODE (EV 1 (CDR EXP) VA FA N)) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (F-EQUAL 10 (NCODE (EV 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N)))) (A-EV-GOOD-PROOF 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N) TRACE)))))))) (GOOD-FRAME2-PROOF (ISIN (Z-LIST (LIST 10 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA))) TRACE) (A-EV-DEFN TRACE) (A-EV-DEFN-PART FLG EXP VA FA 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-REDUC-PROOF FLG EXP VA FA 10 TRACE) (A-EV-DEFN-PART-GOOD-PROOF FLG EXP VA FA N 10 TRACE (A-EV-DEFN TRACE) NIL NIL)))) ((LEX2 (LIST N (COUNT EXP))))) ;;;;;;;"A-EV" is `GOOD', i.e., ;;;;;;; |- "(A-ev(, , , , val, trace) -> (val = <(EV FLG VA FA N)>))". (PROVE-LEMMA A-EV-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (VARIABLE TRACE) (NOT (MEMBER TRACE (LIST 6 7 8 9 10 11 12 15 16))) (NOT (BTMP (EV FLG EXP VA FA N)))) (PROVES (A-EV-GOOD-PROOF FLG EXP VA FA N TRACE) (F-IMPLIES (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N)))) GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST NCODE-EQUAL NIL-INTERSECT PROVES-IS-FORMULA-AGAIN SUBSET) (INDUCT (EV FLG EXP VA FA N)))) (TOGGLE G0954 A-EV-GOOD-PROOF T) ;;;;;;; ;;;;;;;This brings us to an entirely different section of the proof. So far we have ;;;;;;;shown that a Lisp interpreter is representable by a Z2 formula. In order to ;;;;;;;construct the undecidable sentence, we need to show that the metatheory of Z2 ;;;;;;;is representable in Z2. We do that by showing that the metatheoretic formalization ;;;;;;;of Z2 is computable by means of the Lisp interpreter EV. Since EV is only aware ;;;;;;;of data-structures which are lists or numbers (num-trees), we need to first ;;;;;;;represent the Z2 expressions and proofs in these terms. The function GCODE ;;;;;;;translates the shell-constructors F-NOT, F-OR, FORSOME, CONS, and ADD1, into ;;;;;;;distinct num-trees. If it is none of the above (NIL, for instance), then GCODE ;;;;;;;returns the num-tree (CONS 5 0). ;;;;;;; (DEFN GCODE (X) (IF (LISTP X) (CONS 1 (CONS (GCODE (CAR X)) (GCODE (CDR X)))) (IF (F-NOTP X) (CONS 2 (CONS (GCODE (ARG X)) 0)) (IF (F-ORP X) (CONS 3 (CONS (GCODE (ARG1 X)) (GCODE (ARG2 X)))) (IF (FORSOMEP X) (CONS 4 (CONS (BIND X) (GCODE (BODY X)))) (IF (NUMBERP X) X (CONS 5 0))))))) ;;;;;;;The lemma below establishes the connection between EQL and GCODE. (PROVE-LEMMA EQL-GCODE-EQUAL (REWRITE) (EQUAL (EQL X Y) (EQUAL (GCODE X) (GCODE Y)))) ;;;;;;;Then we introduce functions which form e-expressions corresponding to e-function ;;;;;;;applications of the Lisp primitives. The prefix PR stands for `primitive'. (DEFN PR-CONS (X Y) (LIST 7 X Y)) (DEFN PR-CAR (X) (LIST 8 X)) (DEFN PR-CDR (X) (LIST 9 X)) (DEFN PR-EQUAL (X Y) (LIST 1 X Y)) (DEFN PR-NUMBERP (X) (LIST 2 X)) (DEFN PR-ZEROP (X) (LIST 3 X)) (DEFN PR-ADD1 (X) (LIST 4 X)) (DEFN PR-SUB1 (X) (LIST 5 X)) (DEFN PR-LISTP (X) (LIST 6 X)) ;;;;;;;The functions suffixed with `N' are the Lisp analogues of the e-functions. ;;;;;;;CONS is not the Lisp analogue of PR-CONS since PR-CONS can return (BTM), ;;;;;;;whereas CONS cannot. The function PR-CONSN returns (BTM) if one of its ;;;;;;;arguments is (BTM), and (CONS X Y) otherwise. Similarly, we have the ;;;;;;;Lisp analogues for the other primitives. (DEFN PR-CONSN (X Y) (IF (OR (BTMP X) (BTMP Y)) (BTM) (CONS X Y))) (DEFN PR-CARN (X) (IF (BTMP X) (BTM) (CAR X))) (DEFN PR-CDRN (X) (IF (BTMP X) (BTM) (CDR X))) (DEFN PR-EQUALN (X Y) (IF (OR (BTMP X) (BTMP Y)) (BTM) (BOOL-FIX (NCODE-EQUAL X Y)))) (DEFN PR-NUMBERPN (X) (IF (BTMP X) (BTM) (BOOL-FIX (NOT (LISTP X))))) (DEFN PR-ZEROPN (X) (IF (BTMP X) (BTM) (BOOL-FIX (ZEROP X)))) (DEFN PR-ADD1N (X) (IF (BTMP X) (BTM) (ADD1 X))) (DEFN PR-LISTPN (X) (IF (BTMP X) (BTM) (BOOL-FIX (LISTP X)))) (TOGGLE G0955 SUBRP NIL) (TOGGLE G0956 APPLY-SUBR NIL) (TOGGLE G0957 APPLY-SUBR1 NIL) (TOGGLE G0958 APPLY-SUBR2 NIL) ;;;;;;;The relationship between PR-CONS and PR-CONSN is established below. The lemma ;;;;;;;asserts that the result of evaluating (PR-CONS X Y) with EV is (PR-CONSN x y), ;;;;;;;where x and y are the results of evaluating X and Y, respectively. (PROVE-LEMMA PR-CONS-EVAL (REWRITE) (EQUAL (EV 0 (PR-CONS X Y) VA FA N) (PR-CONSN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (PROVE-LEMMA PR-CAR-EVAL (REWRITE) (EQUAL (EV 0 (PR-CAR X) VA FA N) (PR-CARN (EV 0 X VA FA N)))) (PROVE-LEMMA PR-CDR-EVAL (REWRITE) (EQUAL (EV 0 (PR-CDR X) VA FA N) (PR-CDRN (EV 0 X VA FA N)))) (PROVE-LEMMA PR-EQUAL-EVAL (REWRITE) (EQUAL (EV 0 (PR-EQUAL X Y) VA FA N) (PR-EQUALN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (PROVE-LEMMA PR-NUMBERP-EVAL (REWRITE) (EQUAL (EV 0 (PR-NUMBERP X) VA FA N) (PR-NUMBERPN (EV 0 X VA FA N)))) (PROVE-LEMMA PR-ZEROP-EVAL (REWRITE) (EQUAL (EV 0 (PR-ZEROP X) VA FA N) (PR-ZEROPN (EV 0 X VA FA N)))) (PROVE-LEMMA PR-ADD1-EVAL (REWRITE) (EQUAL (EV 0 (PR-ADD1 X) VA FA N) (PR-ADD1N (EV 0 X VA FA N)))) (DEFN PR-SUB1N (X) (IF (BTMP X) (BTM) (SUB1 X))) (PROVE-LEMMA PR-SUB1-EVAL (REWRITE) (EQUAL (EV 0 (PR-SUB1 X) VA FA N) (PR-SUB1N (EV 0 X VA FA N)))) (PROVE-LEMMA PR-LISTP-EVAL (REWRITE) (EQUAL (EV 0 (PR-LISTP X) VA FA N) (PR-LISTPN (EV 0 X VA FA N)))) (TOGGLE G0959 PR-CONS T) (TOGGLE G0960 PR-CAR T) (TOGGLE G0961 PR-CDR T) (TOGGLE G0962 PR-EQUAL T) (TOGGLE G0963 PR-ZEROP T) (TOGGLE G0964 PR-NUMBERP T) (TOGGLE G0965 PR-ADD1 T) (TOGGLE G0966 PR-SUB1 T) (TOGGLE G0967 PR-LISTP T) ;;;;;;;Similarly we construct e-expressions for IF-expressions and QUOTE-expressions, ;;;;;;;and show how they are evaluated. (DEFN PR-IF (X Y Z) (LIST 0 X Y Z)) (PROVE-LEMMA PR-IF-EVAL (REWRITE) (EQUAL (EV 0 (PR-IF X Y Z) VA FA N) (IF (BTMP (EV 0 X VA FA N)) (BTM) (IF (NCODE-EQUAL (EV 0 X VA FA N) 0) (EV 0 Z VA FA N) (EV 0 Y VA FA N))))) (TOGGLE G0968 PR-IF T) (DEFN PR-QUOTE (X) (LIST 10 X)) (PROVE-LEMMA PR-QUOTE-EVAL (REWRITE) (EQUAL (EV 0 (PR-QUOTE X) VA FA N) X)) ;;;;;;;Having dealt with the primitives, we now get into the defined notions. ;;;;;;;There are two kinds of definitions: explicit and recursive. The explicit ;;;;;;;definitions will be treated as abbreviations and no efunction symbol will ;;;;;;;introduced on their behalf. E-function symbols will be introduced for ;;;;;;;recursively defined e-functions. We first develop the basic logical connectives ;;;;;;;and analogues for the GCODEd versions of the shell-constructors/destructors/recognizers. ;;;;;;;G-CONS constructs the e-expression for the GCODE analogue of CONS, i.e., (G-CONS X Y) ;;;;;;;evaluates to (GCODE (CONS x y)). We will adopt the convention of representing the ;;;;;;;value of X by x. (DEFN G-CONS (X Y) (PR-CONS (PR-QUOTE 1) (PR-CONS X Y))) ;;;;;;;The logical-and connective is defined below. Note that PR-AND evaluates to 1 or 0. (DEFN PR-AND (X Y) (PR-IF X (PR-IF Y (PR-QUOTE 1) (PR-QUOTE 0)) (PR-QUOTE 0))) (DEFN PR-ANDN (X Y) (IF (BTMP X) (BTM) (IF (NCODE-EQUAL X 0) 0 (IF (BTMP Y) (BTM) (IF (NCODE-EQUAL Y 0) 0 1))))) (PROVE-LEMMA PR-AND-EVAL (REWRITE) (EQUAL (EV 0 (PR-AND X Y) VA FA N) (PR-ANDN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G0990 PR-AND T) (PROVE-LEMMA PR-ANDN-REDUC (REWRITE) (EQUAL (PR-ANDN (BOOL-FIX X) (BOOL-FIX Y)) (BOOL-FIX (AND X Y)))) ;;;;;;;The logical-not connective. (DEFN PR-NOT (X) (PR-IF X (PR-QUOTE 0) (PR-QUOTE 1))) (DEFN PR-NOTN (X) (IF (BTMP X) (BTM) (IF (NCODE-EQUAL X 0) 1 0))) (PROVE-LEMMA PR-NOT-EVAL (REWRITE) (EQUAL (EV 0 (PR-NOT X) VA FA N) (PR-NOTN (EV 0 X VA FA N)))) (TOGGLE G0991 PR-QUOTE T) (TOGGLE G0992 PR-NOT T) (PROVE-LEMMA PR-NOTN-REDUC (REWRITE) (EQUAL (PR-NOTN (BOOL-FIX X)) (BOOL-FIX (NOT X)))) ;;;;;;;The logical-or connective. (DEFN PR-OR (X Y) (PR-IF X (PR-QUOTE 1) (PR-IF Y (PR-QUOTE 1) (PR-QUOTE 0)))) (DEFN PR-ORN (X Y) (IF (BTMP X) (BTM) (IF (NCODE-EQUAL X 0) (IF (BTMP Y) (BTM) (IF (NCODE-EQUAL Y 0) 0 1)) 1))) (PROVE-LEMMA PR-OR-EVAL (REWRITE) (EQUAL (EV 0 (PR-OR X Y) VA FA N) (PR-ORN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G0993 PR-OR T) (PROVE-LEMMA PR-ORN-REDUC (REWRITE) (EQUAL (PR-ORN (BOOL-FIX X) (BOOL-FIX Y)) (BOOL-FIX (OR X Y)))) ;;;;;;;The next e-definition is an important one. Given (GCODE X), we can recover ;;;;;;;the type of X by looking at (CAR X). If it is 1, X is a list; if it is 2, ;;;;;;;X is of the form (F-NOT Y); if it is 3, X is of the form (F-OR Y Z); if it is ;;;;;;;4, X is of the form (FORSOME Y Z); otherwise it could either be a natural number ;;;;;;;for which we already have a NUMBERP primitive, or any remaining type which is ;;;;;;;coerced to NIL. G-TYPEP checks if X is of type TYPE. Note that TYPE is going ;;;;;;;to be a number, not an e-expression, since it appears withing PR-QUOTE in G-TYPEP. (DEFN G-TYPEP (X TYPE) (PR-EQUAL (PR-CAR X) (PR-QUOTE TYPE))) (DEFN G-TYPEPN (X TYPE) (PR-EQUALN (PR-CARN X) TYPE)) (PROVE-LEMMA G-TYPEP-EVAL (REWRITE) (EQUAL (EV 0 (G-TYPEP X TYPE) VA FA N) (G-TYPEPN (EV 0 X VA FA N) TYPE))) (TOGGLE G0995 G-TYPEP T) ;;;;;;;PR-IFN is the Lisp analogue of PR-IF. (DEFN PR-IFN (X Y Z) (IF (BTMP X) (BTM) (IF (NCODE-EQUAL X 0) Z Y))) ;;;;;;;PR-CAR-CDR is the iterated CAR/CDR e-expression. (DEFN PR-CAR-CDR (X LIST) (IF (LISTP LIST) (IF (EQUAL (CAR LIST) 1) (PR-CAR (PR-CAR-CDR X (CDR LIST))) (PR-CDR (PR-CAR-CDR X (CDR LIST)))) X)) ;;;;;;;The destructors for GCODEd objects are derived from G-ARG below. ;;;;;;;Let us represent (GCODE X) as \X\. ;;;;;;;G-ARG selects a field from \X\ according to its type TYPE and the ;;;;;;;desired field ARGNUM. E.g., (G-ARG Y (PR-QUOTE 1) 1) evaluates to ;;;;;;;\(CAR X)\, if Y evaluates to \X\. (DEFN G-ARG (X ARGNUM TYPE) (PR-IF (G-TYPEP X TYPE) (PR-IF ARGNUM (PR-CAR-CDR X (LIST 2 2)) (PR-CAR-CDR X (LIST 1 2))) (PR-QUOTE 0))) (TOGGLE G0997 G-TYPEPN T) (TOGGLE G0998 PR-CARN T) (TOGGLE G0999 PR-CDRN T) (DEFN G-ARGN (X ARGNUM TYPE) (PR-IFN (G-TYPEPN X TYPE) (PR-IFN ARGNUM (PR-CDRN (PR-CDRN X)) (PR-CARN (PR-CDRN X))) 0)) (PROVE-LEMMA G-ARG-EVAL (REWRITE) (EQUAL (EV 0 (G-ARG X ARGNUM TYPE) VA FA N) (G-ARGN (EV 0 X VA FA N) (EV 0 ARGNUM VA FA N) TYPE))) (TOGGLE G1000 G-ARG T) (TOGGLE G1001 G-TYPEPN NIL) (TOGGLE G1003 PR-CARN NIL) (PROVE-LEMMA PR-CARN-GCODE (REWRITE) (EQUAL (PR-CARN (GCODE X)) (CAR (GCODE X)))) (TOGGLE G1004 PR-CDRN NIL) (PROVE-LEMMA PR-CDRN-GCODE (REWRITE) (EQUAL (PR-CDRN (GCODE X)) (CDR (GCODE X)))) ;;;;;;;G-TYPEPN on Lists, negations, disjunctions, and existential quantifications. (PROVE-LEMMA G-TYPEPN-GCODE-LIST (REWRITE) (EQUAL (G-TYPEPN (GCODE X) 1) (BOOL-FIX (LISTP X)))) (PROVE-LEMMA G-TYPEPN-GCODE-F-NOTP (REWRITE) (EQUAL (G-TYPEPN (GCODE X) 2) (BOOL-FIX (F-NOTP X)))) (PROVE-LEMMA G-TYPEPN-GCODE-F-ORP (REWRITE) (EQUAL (G-TYPEPN (GCODE X) 3) (BOOL-FIX (F-ORP X)))) (PROVE-LEMMA G-TYPEPN-GCODE-FORSOMEP (REWRITE) (EQUAL (G-TYPEPN (GCODE X) 4) (BOOL-FIX (FORSOMEP X)))) (PROVE-LEMMA CAR-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 0 1) (GCODE (CAR X)))) (PROVE-LEMMA CDR-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 1 1) (GCODE (CDR X)))) (PROVE-LEMMA ARG-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 0 2) (GCODE (ARG X)))) (PROVE-LEMMA ARG1-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 0 3) (GCODE (ARG1 X)))) (PROVE-LEMMA ARG2-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 1 3) (GCODE (ARG2 X)))) (PROVE-LEMMA BIND-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 0 4) (GCODE (BIND X)))) (PROVE-LEMMA BODY-GCODE (REWRITE) (EQUAL (G-ARGN (GCODE X) 1 4) (GCODE (BODY X)))) ;;;;;;;From G-ARG, we derive the selectors (destructors) for the GCODEd objects. (DEFN G-CAR (X) (G-ARG X (PR-QUOTE 0) 1)) (DEFN G-CDR (X) (G-ARG X (PR-QUOTE 1) 1)) (DEFN G-CARN (X) (G-ARGN X 0 1)) ;;;;;;;G-FUNCTION is the EV analogue of the metatheoretic function FUNCTION. (DEFN G-FUNCTION (FN) (PR-EQUAL (G-CAR FN) (PR-QUOTE 2))) (DEFN G-FUNCTIONN (FN) (PR-EQUALN (G-CARN FN) 2)) (PROVE-LEMMA EVAL-G-FUNCTION (REWRITE) (EQUAL (EV 0 (G-FUNCTION FN) VA FA N) (G-FUNCTIONN (EV 0 FN VA FA N)))) (TOGGLE G0969 FUNCTION NIL) (PROVE-LEMMA G-FUNCTIONN-GCODE (REWRITE) (EQUAL (G-FUNCTIONN (GCODE FN)) (BOOL-FIX (FUNCTION FN)))) (TOGGLE G0970 FUNCTION T) (TOGGLE G0971 G-FUNCTION T) (TOGGLE G0972 G-FUNCTIONN T) ;;;;;;;G-VARIABLE is the EV analogue of VARIABLE. (DEFN G-VARIABLE (X) (PR-NUMBERP X)) (DEFN G-VARIABLEN (X) (PR-NUMBERPN X)) (PROVE-LEMMA EVAL-G-VARIABLE (REWRITE) (EQUAL (EV 0 (G-VARIABLE X) VA FA N) (G-VARIABLEN (EV 0 X VA FA N)))) (PROVE-LEMMA G-VARIABLEN-GCODE (REWRITE) (EQUAL (G-VARIABLEN (GCODE X)) (BOOL-FIX (VARIABLE X)))) (TOGGLE G0973 G-VARIABLE T) (TOGGLE G0976 G-VARIABLEN T) (TOGGLE G0977 PR-CONSN T) (DEFN G-CONSN (X Y) (PR-CONSN 1 (PR-CONSN X Y))) (PROVE-LEMMA G-CONS-EVAL (REWRITE) (EQUAL (EV 0 (G-CONS X Y) VA FA N) (G-CONSN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G0978 PR-CONSN NIL) (PROVE-LEMMA G-CONSN-GCODE (REWRITE) (EQUAL (G-CONSN (GCODE X) (GCODE Y)) (GCODE (CONS X Y)))) (TOGGLE G0979 PR-CONSN T) (TOGGLE G0980 G-CONSN T) (TOGGLE G0981 G-CONS T) ;;;;;;;G-FIX is the EV analogue of FIX. (DEFN G-FIX (X) (PR-IF (PR-NUMBERP X) X (PR-QUOTE 0))) (DEFN G-FIXN (X) (PR-IFN (PR-NUMBERPN X) X 0)) (PROVE-LEMMA EVAL-G-FIX (REWRITE) (EQUAL (EV 0 (G-FIX X) VA FA N) (G-FIXN (EV 0 X VA FA N)))) (PROVE-LEMMA G-FIX-GCODE (REWRITE) (EQUAL (G-FIXN (GCODE X)) (GCODE (FIX X)))) (TOGGLE G0982 G-FIX T) (TOGGLE G0983 G-FIXN T) (DEFN G-F-NOT (X) (PR-CONS (PR-QUOTE 2) (PR-CONS X (PR-QUOTE 0)))) (DEFN G-F-NOTN (X) (PR-CONSN 2 (PR-CONSN X 0))) (PROVE-LEMMA EVAL-G-F-NOT (REWRITE) (EQUAL (EV 0 (G-F-NOT X) VA FA N) (G-F-NOTN (EV 0 X VA FA N)))) (TOGGLE G0984 PR-CONSN NIL) (PROVE-LEMMA G-F-NOTN-GCODE (REWRITE) (EQUAL (G-F-NOTN (GCODE X)) (GCODE (F-NOT X)))) (TOGGLE G0985 G-F-NOT T) (TOGGLE G0986 G-F-NOTN T) (DEFN G-F-OR (X Y) (PR-CONS (PR-QUOTE 3) (PR-CONS X Y))) (DEFN G-F-ORN (X Y) (PR-CONSN 3 (PR-CONSN X Y))) (PROVE-LEMMA EVAL-G-F-OR (REWRITE) (EQUAL (EV 0 (G-F-OR X Y) VA FA N) (G-F-ORN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (PROVE-LEMMA G-F-ORN-GCODE (REWRITE) (EQUAL (G-F-ORN (GCODE X) (GCODE Y)) (GCODE (F-OR X Y)))) (TOGGLE G0987 G-F-OR T) (TOGGLE G0988 G-F-ORN T) (DEFN G-FORSOME (X Y) (PR-CONS (PR-QUOTE 4) (PR-CONS (G-FIX X) Y))) (DEFN G-FORSOMEN (X Y) (PR-CONSN 4 (PR-CONSN (G-FIXN X) Y))) (PROVE-LEMMA EVAL-G-FORSOME (REWRITE) (EQUAL (EV 0 (G-FORSOME X Y) VA FA N) (G-FORSOMEN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (PROVE-LEMMA G-FORSOMEN-GCODE (REWRITE) (EQUAL (G-FORSOMEN (GCODE X) (GCODE Y)) (GCODE (FORSOME X Y)))) (TOGGLE G0989 G-FORSOME T) (TOGGLE G0994 G-FORSOMEN T) ;;;;;;;G-PREDICATE is the EV analogue of PREDICATE. In general G-FOO is the ;;;;;;;EV analogue of FOO. (DEFN G-PREDICATE (X) (PR-EQUAL (G-CAR X) (PR-QUOTE 3))) (DEFN G-PREDICATEN (X) (PR-EQUALN (G-CARN X) 3)) (PROVE-LEMMA EVAL-G-PREDICATE (REWRITE) (EQUAL (EV 0 (G-PREDICATE X) VA FA N) (G-PREDICATEN (EV 0 X VA FA N)))) (TOGGLE G0996 PREDICATE NIL) (PROVE-LEMMA G-PREDICATEN-GCODE (REWRITE) (EQUAL (G-PREDICATEN (GCODE X)) (BOOL-FIX (PREDICATE X)))) (TOGGLE G1002 PREDICATE T) (TOGGLE G1005 G-PREDICATE T) (TOGGLE G1006 G-PREDICATEN T) (DEFN G-FUNC-PRED (X) (PR-OR (G-FUNCTION X) (G-PREDICATE X))) (DEFN G-FUNC-PREDN (X) (PR-ORN (G-FUNCTIONN X) (G-PREDICATEN X))) (PROVE-LEMMA EVAL-G-FUNC-PRED (REWRITE) (EQUAL (EV 0 (G-FUNC-PRED X) VA FA N) (G-FUNC-PREDN (EV 0 X VA FA N)))) (PROVE-LEMMA G-FUNC-PREDN-GCODE (REWRITE) (EQUAL (G-FUNC-PREDN (GCODE X)) (BOOL-FIX (FUNC-PRED X)))) (TOGGLE G1007 G-FUNC-PRED T) (TOGGLE G1008 G-FUNC-PREDN T) ;;;;;;;Now we start defining the EV analogues of the recursive metatheoretic functions. ;;;;;;;These will all be defined first, and then shown to correspond to their ;;;;;;;Boyer-Moore counterparts. (DEFN G-APPEND (X Y) (LIST 11 X Y)) (DEFN G-CDRN (X) (G-ARGN X 1 1)) (TOGGLE G1009 G-ARGN T) (TOGGLE G1010 G-TYPEPN T) (PROVE-LEMMA EVAL-PR-IF-AGAIN (REWRITE) (EQUAL (EV 0 (PR-IF X Y Z) VA FA N) (PR-IFN (EV 0 X VA FA N) (EV 0 Y VA FA N) (EV 0 Z VA FA N)))) (PROVE-LEMMA PR-IFN-GCODE (REWRITE) (EQUAL (PR-IFN (BOOL-FIX X) Y Z) (IF X Y Z))) (TOGGLE G1011 PR-IFN T) (PROVE-LEMMA EVAL-VAR (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (EV 0 X VA FA N) (GET X VA)))) (PROVE-LEMMA EVAL-FUN-ZERO (REWRITE) (IMPLIES (AND (LESSP 10 FN) (ZEROP N)) (EQUAL (EV 0 (CONS FN ARGS) VA FA N) (BTM)))) (PROVE-LEMMA EVAL-FUN1 (REWRITE) (IMPLIES (AND (NOT (EQUAL FLG 1)) (LISTP EXP) (LESSP 10 (CAR EXP))) (EQUAL (EV FLG EXP VA FA N) (IF (BTMP (EV 1 (CDR EXP) VA FA N)) (BTM) (IF (ZEROP N) (BTM) (EV 0 (GET (SUB1-N (CAR EXP) 11) FA) (EV 1 (CDR EXP) VA FA N) FA (SUB1 N))))))) (PROVE-LEMMA EVAL-FUN2 (REWRITE) (IMPLIES (LESSP 10 FN) (EQUAL (EV 0 (CONS FN ARGS) VA FA N) (IF (BTMP (EV 1 ARGS VA FA N)) (BTM) (IF (ZEROP N) (BTM) (EV 0 (GET (SUB1-N FN 11) FA) (EV 1 ARGS VA FA N) FA (SUB1 N))))))) (PROVE-LEMMA EV-LIST1 (REWRITE) (EQUAL (EV 1 (CONS X Y) VA FA N) (IF (OR (BTMP (EV 0 X VA FA N)) (BTMP (EV 1 Y VA FA N))) (BTM) (CONS (EV 0 X VA FA N) (EV 1 Y VA FA N))))) (PROVE-LEMMA EV-LIST2 (REWRITE) (EQUAL (EV 1 NIL VA FA N) NIL)) (TOGGLE G1012 EV T) (TOGGLE G1013 SUB1 NIL) (TOGGLE G1014 GET NIL) (TOGGLE G1015 G-TYPEPN T) (TOGGLE G1016 EVAL-FUN1 T) (PROVE-LEMMA EVAL-FUN3 (REWRITE) (IMPLIES (AND (LESSP 10 FN) (NOT (ZEROP N))) (EQUAL (EV 0 (CONS FN ARGS) VA FA N) (IF (BTMP (EV 1 ARGS VA FA N)) (BTM) (EV 0 (GET (SUB1-N FN 11) FA) (EV 1 ARGS VA FA N) FA (SUB1 N)))))) ;;;;;;;The e-definition of G-APPEND. (DEFN G-APPEND-DEFN NIL (PR-IF (G-TYPEP 0 1) (G-CONS (G-CAR 0) (G-APPEND (G-CDR 0) 1)) 1)) (TOGGLE G1017 G-APPEND T) ;;;;;;;The e-definition of G-DEL. (DEFN G-DEL (X Y) (LIST 12 X Y)) (DEFN G-DEL-DEFN NIL (PR-IF (G-TYPEP 1 1) (PR-IF (PR-EQUAL 0 (G-CAR 1)) (G-DEL 0 (G-CDR 1)) (G-CONS (G-CAR 1) (G-DEL 0 (G-CDR 1)))) 1)) (TOGGLE G1018 G-DEL T) ;;;;;;;The e-definition of G-MEMB. (DEFN G-MEMB (X Y) (LIST 13 X Y)) (DEFN G-MEMB-DEFN NIL (PR-IF (G-TYPEP 1 1) (PR-IF (PR-EQUAL 0 (G-CAR 1)) (PR-QUOTE 1) (G-MEMB 0 (G-CDR 1))) (PR-QUOTE 0))) (TOGGLE G1019 G-MEMB T) ;;;;;;;The e-definition of G-COLLECT-FREE. (DEFN G-COLLECT-FREE (EXP FLG) (LIST 14 EXP FLG)) (DEFN G-COLLECT-FREE-DEFN NIL (PR-IF (PR-ZEROP 1) (PR-IF (G-VARIABLE 0) (G-CONS 0 (PR-QUOTE (GCODE NIL))) (PR-IF (G-TYPEP 0 2) (G-COLLECT-FREE (G-ARG 0 (PR-QUOTE 0) 2) (PR-QUOTE 0)) (PR-IF (G-TYPEP 0 3) (G-APPEND (G-COLLECT-FREE (G-ARG 0 (PR-QUOTE 0) 3) (PR-QUOTE 0)) (G-COLLECT-FREE (G-ARG 0 (PR-QUOTE 1) 3) (PR-QUOTE 0))) (PR-IF (G-TYPEP 0 4) (G-DEL (G-ARG 0 (PR-QUOTE 0) 4) (G-COLLECT-FREE (G-ARG 0 (PR-QUOTE 1) 4) (PR-QUOTE 0))) (PR-IF (G-TYPEP 0 1) (G-COLLECT-FREE (G-CDR 0) (PR-QUOTE 1)) (PR-QUOTE (GCODE NIL))))))) (PR-IF (G-TYPEP 0 1) (G-APPEND (G-COLLECT-FREE (G-CAR 0) (PR-QUOTE 0)) (G-COLLECT-FREE (G-CDR 0) (PR-QUOTE 1))) (PR-QUOTE (GCODE NIL))))) (TOGGLE G1020 G-COLLECT-FREE T) ;;;;;;;The e-definition of G-COVERING. (DEFN G-COVERING (EXP VAR FLG) (LIST 15 EXP VAR FLG)) (DEFN G-COVERING-DEFN NIL (PR-IF (PR-ZEROP 2) (PR-IF (G-TYPEP 0 2) (G-COVERING (G-ARG 0 (PR-QUOTE 0) 2) 1 (PR-QUOTE 0)) (PR-IF (G-TYPEP 0 3) (G-APPEND (G-COVERING (G-ARG 0 (PR-QUOTE 0) 3) 1 (PR-QUOTE 0)) (G-COVERING (G-ARG 0 (PR-QUOTE 1) 3) 1 (PR-QUOTE 0))) (PR-IF (G-TYPEP 0 4) (PR-IF (G-MEMB 1 (G-COLLECT-FREE 0 (PR-QUOTE 0))) (G-CONS (G-ARG 0 (PR-QUOTE 0) 4) (G-COVERING (G-ARG 0 (PR-QUOTE 1) 4) 1 (PR-QUOTE 0))) (PR-QUOTE (GCODE NIL))) (PR-IF (G-TYPEP 0 1) (G-COVERING (G-CDR 0) 1 (PR-QUOTE 1)) (PR-QUOTE (GCODE NIL)))))) (PR-IF (G-TYPEP 0 1) (G-APPEND (G-COVERING (G-CAR 0) 1 (PR-QUOTE 0)) (G-COVERING (G-CDR 0) 1 (PR-QUOTE 1))) (PR-QUOTE (GCODE NIL))))) (TOGGLE G1021 G-COVERING T) ;;;;;;;The e-definition of G-NIL-INTERSECT. (DEFN G-NIL-INTERSECT (X Y) (LIST 16 X Y)) (TOGGLE G1022 BOOL-FIX T) (DEFN G-NIL-INTERSECT-DEFN NIL (PR-IF (G-TYPEP 0 1) (PR-AND (PR-NOT (G-MEMB (G-CAR 0) 1)) (G-NIL-INTERSECT (G-CDR 0) 1)) (PR-QUOTE (BOOL-FIX T)))) (TOGGLE G1023 G-NIL-INTERSECT T) ;;;;;;;The e-definition of G-VAR-LIST. (DEFN G-VAR-LIST (LIST LEN) (LIST 17 LIST LEN)) (PROVE-LEMMA PR-SUB1N-GCODE (REWRITE) (EQUAL (PR-SUB1N (GCODE X)) (GCODE (SUB1 X)))) (TOGGLE G1024 PR-SUB1N T) (DEFN G-VAR-LIST-DEFN NIL (PR-IF (PR-OR (PR-ZEROP 1) (PR-NOT (G-TYPEP 0 1))) (PR-AND (PR-ZEROP 1) (PR-NOT (G-TYPEP 0 1))) (PR-AND (G-VARIABLE (G-CAR 0)) (G-VAR-LIST (G-CDR 0) (PR-SUB1 1))))) (TOGGLE G1025 G-VAR-LIST T) ;;;;;;;The e-definition of G-TERMP. (DEFN G-TERMP (EXP FLG SYMBOLS) (LIST 19 EXP FLG SYMBOLS)) (TOGGLE G1026 PR-EQUALN T) (DEFN G-SYMB (X SYMBOLS) (PR-OR (PR-EQUAL X (G-CONS (PR-QUOTE (GCODE 3)) (G-CONS (PR-QUOTE (GCODE 0)) (PR-QUOTE (GCODE 2))))) (G-MEMB X SYMBOLS))) (TOGGLE G1027 G-SYMB T) (DEFN G-LENGTH (X) (LIST 18 X)) (DEFN G-LENGTH-DEFN NIL (PR-IF (G-TYPEP 0 1) (PR-ADD1 (G-LENGTH (G-CDR 0))) (PR-QUOTE (GCODE 0)))) (DEFN G-TERMP-DEFN NIL (PR-IF (PR-ZEROP 1) (PR-IF (G-TYPEP 0 1) (PR-AND (G-FUNCTION (G-CAR 0)) (PR-AND (G-SYMB (G-CAR 0) 2) (PR-AND (G-TERMP (G-CDR 0) (PR-QUOTE 1) 2) (PR-EQUAL (G-LENGTH (G-CDR 0)) (G-FIX (G-CDR (G-CDR (G-CAR 0)))))))) (G-VARIABLE 0)) (PR-IF (G-TYPEP 0 1) (PR-AND (G-TERMP (G-CAR 0) (PR-QUOTE 0) 2) (G-TERMP (G-CDR 0) (PR-QUOTE 1) 2)) (PR-QUOTE (BOOL-FIX T))))) ;;;;;;;The e-definition of G-SUBST. (DEFN G-SUBST (EXP VAR TERM FLG) (LIST 20 EXP VAR TERM FLG)) (DEFN G-SUBST-DEFN NIL (PR-IF (PR-ZEROP 3) (PR-IF (G-VARIABLE 0) (PR-IF (PR-EQUAL 0 1) 2 0) (PR-IF (G-TYPEP 0 2) (G-F-NOT (G-SUBST (G-ARG 0 (PR-QUOTE 0) 2) 1 2 (PR-QUOTE (GCODE 0)))) (PR-IF (G-TYPEP 0 3) (G-F-OR (G-SUBST (G-ARG 0 (PR-QUOTE 0) 3) 1 2 (PR-QUOTE (GCODE 0))) (G-SUBST (G-ARG 0 (PR-QUOTE 1) 3) 1 2 (PR-QUOTE (GCODE 0)))) (PR-IF (G-TYPEP 0 4) (PR-IF (PR-EQUAL (G-ARG 0 (PR-QUOTE 0) 4) 1) 0 (G-FORSOME (G-ARG 0 (PR-QUOTE 0) 4) (G-SUBST (G-ARG 0 (PR-QUOTE 1) 4) 1 2 (PR-QUOTE (GCODE 0))))) (PR-IF (G-TYPEP 0 1) (G-CONS (G-CAR 0) (G-SUBST (G-CDR 0) 1 2 (PR-QUOTE (GCODE 1)))) 0))))) (PR-IF (G-TYPEP 0 1) (G-CONS (G-SUBST (G-CAR 0) 1 2 (PR-QUOTE (GCODE 0))) (G-SUBST (G-CDR 0) 1 2 (PR-QUOTE (GCODE 1)))) 0))) (DEFN G-SUB (X Y) (LIST 21 X Y)) (DEFN G-SUB-DEFN NIL (PR-IF (G-TYPEP 0 1) (PR-AND (G-MEMB (G-CAR 0) 1) (G-SUB (G-CDR 0) 1)) (PR-QUOTE (BOOL-FIX T)))) ;;;;;;;The e-definition of G-FORMULA. (DEFN G-FORMULA (EXP SYMBOLS) (LIST 22 EXP SYMBOLS)) (DEFN G-ATOMP (EXP SYMBOLS) (PR-AND (G-PREDICATE (G-CAR EXP)) (PR-AND (G-SYMB (G-CAR EXP) SYMBOLS) (PR-AND (PR-EQUAL (G-LENGTH (G-CDR EXP)) (G-FIX (G-CDR (G-CDR (G-CAR EXP))))) (G-TERMP (G-CDR EXP) (PR-QUOTE 1) SYMBOLS))))) (TOGGLE G1028 G-ATOMP T) (DEFN G-FORMULA-DEFN NIL (PR-IF (G-TYPEP 0 2) (G-FORMULA (G-ARG 0 (PR-QUOTE 0) 2) 1) (PR-IF (G-TYPEP 0 3) (PR-AND (G-FORMULA (G-ARG 0 (PR-QUOTE 0) 3) 1) (G-FORMULA (G-ARG 0 (PR-QUOTE 1) 3) 1)) (PR-IF (G-TYPEP 0 4) (G-FORMULA (G-ARG 0 (PR-QUOTE 1) 4) 1) (G-ATOMP 0 1))))) (DEFN G-PAIREQUALS (VARS1 VARS2 EXP) (LIST 23 VARS1 VARS2 EXP)) (DEFN G-F-AND (X Y) (G-F-NOT (G-F-OR (G-F-NOT X) (G-F-NOT Y)))) (DEFN G-F-ANDN (X Y) (G-F-NOTN (G-F-ORN (G-F-NOTN X) (G-F-NOTN Y)))) (PROVE-LEMMA G-F-AND-EVAL (REWRITE) (EQUAL (EV 0 (G-F-AND X Y) VA FA N) (G-F-ANDN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G1098 F-AND NIL) (PROVE-LEMMA G-F-ANDN-GCODE (REWRITE) (EQUAL (G-F-ANDN (GCODE X) (GCODE Y)) (GCODE (F-AND X Y))) ((DISABLE GCODE))) (TOGGLE G1099 F-AND T) (TOGGLE G1100 G-F-AND T) (TOGGLE G1101 G-F-ANDN T) (DEFN G-F-IMPLIES (X Y) (G-F-OR (G-F-NOT X) Y)) (DEFN G-F-IMPLIESN (X Y) (G-F-ORN (G-F-NOTN X) Y)) (PROVE-LEMMA G-F-IMPLIES-EVAL (REWRITE) (EQUAL (EV 0 (G-F-IMPLIES X Y) VA FA N) (G-F-IMPLIESN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G1102 F-IMPLIES NIL) (PROVE-LEMMA G-F-IMPLIESN-GCODE (REWRITE) (EQUAL (G-F-IMPLIESN (GCODE X) (GCODE Y)) (GCODE (F-IMPLIES X Y)))) (TOGGLE G1103 F-IMPLIES T) (TOGGLE G1104 G-F-IMPLIES T) (TOGGLE G1105 G-F-IMPLIESN T) (DEFN G-FORALL (VAR EXP) (G-F-NOT (G-FORSOME VAR (G-F-NOT EXP)))) (DEFN G-FORALLN (VAR EXP) (G-F-NOTN (G-FORSOMEN VAR (G-F-NOTN EXP)))) (PROVE-LEMMA G-FORALL-EVAL (REWRITE) (EQUAL (EV 0 (G-FORALL X Y) VA FA N) (G-FORALLN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G1106 FORALL NIL) (PROVE-LEMMA G-FORALLN-GCODE (REWRITE) (EQUAL (G-FORALLN (GCODE X) (GCODE Y)) (GCODE (FORALL X Y)))) (TOGGLE G1107 FORALL T) (TOGGLE G1108 G-FORALL T) (TOGGLE G1109 G-FORALLN T) (DEFN G-F-EQUAL (X Y) (G-CONS (G-CONS (PR-QUOTE (GCODE 3)) (G-CONS (PR-QUOTE (GCODE 0)) (PR-QUOTE (GCODE 2)))) (G-CONS X (G-CONS Y (PR-QUOTE (GCODE NIL)))))) (DEFN G-F-EQUALN (X Y) (G-CONSN (G-CONSN (GCODE 3) (G-CONSN (GCODE 0) (GCODE 2))) (G-CONSN X (G-CONSN Y (GCODE NIL))))) (PROVE-LEMMA G-F-EQUAL-EVAL (REWRITE) (EQUAL (EV 0 (G-F-EQUAL X Y) VA FA N) (G-F-EQUALN (EV 0 X VA FA N) (EV 0 Y VA FA N))) ((DISABLE GCODE))) (TOGGLE G1049 P NIL) (TOGGLE G1050 F-EQUAL NIL) (PROVE-LEMMA G-F-EQUALN-GCODE (REWRITE) (EQUAL (G-F-EQUALN (GCODE X) (GCODE Y)) (GCODE (F-EQUAL X Y))) ((DISABLE GCODE))) (TOGGLE G1051 P T) (TOGGLE G1052 F-EQUAL T) (TOGGLE G1053 G-F-EQUAL T) (TOGGLE G1054 G-F-EQUALN T) ;;;;;;;The e-definition of G-PAIREQUALS. (DEFN G-PAIREQUALS-DEFN NIL (PR-IF (PR-AND (G-TYPEP 0 1) (G-TYPEP 1 1)) (G-F-IMPLIES (G-F-EQUAL (G-CAR 0) (G-CAR 1)) (G-PAIREQUALS (G-CDR 0) (G-CDR 1) 2)) 2)) ;;;;;;;The e-definition of G-SET. (DEFN G-SET (X) (LIST 24 X)) (DEFN G-SET-DEFN NIL (PR-IF (G-TYPEP 0 1) (PR-AND (PR-NOT (G-MEMB (G-CAR 0) (G-CDR 0))) (G-SET (G-CDR 0))) (PR-QUOTE (BOOL-FIX T)))) (DEFN G-CONC (PF FLG) (LIST 25 PF FLG)) (DEFN G-CADR (X) (G-CAR (G-CDR X))) (DEFN G-CADDR (X) (G-CAR (G-CDR (G-CDR X)))) (DEFN G-CADDDR (X) (G-CAR (G-CDR (G-CDR (G-CDR X))))) ;;;;;;;The e-definition of G-CONC. (DEFN G-CONC-DEFN NIL (PR-IF (PR-ZEROP 1) (G-CADDR 0) (PR-IF (G-TYPEP 0 1) (G-CONS (G-CONC (G-CAR 0) (PR-QUOTE 0)) (G-CONC (G-CDR 0) (PR-QUOTE 1))) (PR-QUOTE (GCODE NIL))))) ;;;;;;;The e-definition of G-REST-OF. (DEFN G-REST-OF (SYM SYMBOLS) (LIST 26 SYM SYMBOLS)) (DEFN G-REST-OF-DEFN NIL (PR-IF (G-TYPEP 1 1) (PR-IF (PR-AND (PR-EQUAL (G-CAR 1) 0) (PR-NOT (G-MEMB 0 (G-CDR 1)))) (G-CDR 1) (G-REST-OF 0 (G-CDR 1))) (PR-QUOTE (GCODE NIL)))) ;;;;;;;The e-definition of G-ASSOC. (DEFN G-ASSOC (X Y) (LIST 27 X Y)) (DEFN G-ASSOC-DEFN NIL (PR-IF (G-TYPEP 1 1) (PR-IF (PR-EQUAL (G-CAR (G-CAR 1)) 0) (G-CDR (G-CAR 1)) (G-ASSOC 0 (G-CDR 1))) (PR-QUOTE 0))) (DEFN G-PRF (PF GIVEN DEFNS FLG SYMBOLS) (LIST 28 PF GIVEN DEFNS FLG SYMBOLS)) (DEFN G-FREE-FOR (EXP VAR TERM FLG) (G-NIL-INTERSECT (G-COVERING EXP VAR FLG) (G-COLLECT-FREE TERM (PR-QUOTE 0)))) (TOGGLE G1029 G-FREE-FOR T) ;;;;;;;The EV analogues of the FOL axiom-checkers. (DEFN G-SUBST-AXIOM-PROOF (CONC HINTS SYMBOLS) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-AND (G-VARIABLE (G-CADDR HINTS)) (PR-AND (G-TERMP (G-CADDDR HINTS) (PR-QUOTE 0) SYMBOLS) (PR-AND (G-FREE-FOR (G-CADR HINTS) (G-CADDR HINTS) (G-CADDDR HINTS) (PR-QUOTE 0)) (PR-EQUAL CONC (G-F-IMPLIES (G-SUBST (G-CADR HINTS) (G-CADDR HINTS) (G-CADDDR HINTS) (PR-QUOTE 0)) (G-FORSOME (G-CADDR HINTS) (G-CADR HINTS))))))))) (DEFN G-DEGREE (X) (G-FIX (G-CDR (G-CDR X)))) (DEFN G-FUN-EQUAL-AXIOM-PROOF (CONC HINTS SYMBOLS) (PR-AND (G-TERMP (G-CADDR HINTS) (PR-QUOTE 1) SYMBOLS) (PR-AND (G-TERMP (G-CADDDR HINTS) (PR-QUOTE 1) SYMBOLS) (PR-AND (G-FUNCTION (G-CADR HINTS)) (PR-AND (PR-EQUAL (G-LENGTH (G-CADDR HINTS)) (G-DEGREE (G-CADR HINTS))) (PR-AND (PR-EQUAL (G-LENGTH (G-CADDDR HINTS)) (G-DEGREE (G-CADR HINTS))) (PR-EQUAL CONC (G-PAIREQUALS (G-CADDR HINTS) (G-CADDDR HINTS) (G-F-EQUAL (G-CONS (G-CADR HINTS) (G-CADDR HINTS)) (G-CONS (G-CADR HINTS) (G-CADDDR HINTS))))))))))) (DEFN G-PRED-EQUAL-AXIOM-PROOF (CONC HINTS SYMBOLS) (PR-AND (G-TERMP (G-CADDR HINTS) (PR-QUOTE 1) SYMBOLS) (PR-AND (G-TERMP (G-CADDDR HINTS) (PR-QUOTE 1) SYMBOLS) (PR-AND (G-PREDICATE (G-CADR HINTS)) (PR-AND (PR-EQUAL (G-LENGTH (G-CADDR HINTS)) (G-DEGREE (G-CADR HINTS))) (PR-AND (PR-EQUAL (G-LENGTH (G-CADDDR HINTS)) (G-DEGREE (G-CADR HINTS))) (PR-EQUAL CONC (G-PAIREQUALS (G-CADDR HINTS) (G-CADDDR HINTS) (G-F-IMPLIES (G-CONS (G-CADR HINTS) (G-CADDR HINTS)) (G-CONS (G-CADR HINTS) (G-CADDDR HINTS))))))))))) ;;;;;;;The EV analogue of FOL-AXIOM-PROOF. (DEFN G-FOL-AXIOM-PROOF (CONC HINTS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 1)) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-EQUAL CONC (G-F-OR (G-F-NOT (G-CADR HINTS)) (G-CADR HINTS)))) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 2)) (G-SUBST-AXIOM-PROOF CONC HINTS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 3)) (PR-AND (G-TERMP (G-CADR HINTS) (PR-QUOTE 0) SYMBOLS) (PR-EQUAL CONC (G-F-EQUAL (G-CADR HINTS) (G-CADR HINTS)))) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 4)) (G-FUN-EQUAL-AXIOM-PROOF CONC HINTS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 5)) (G-PRED-EQUAL-AXIOM-PROOF CONC HINTS SYMBOLS) (PR-QUOTE (BOOL-FIX F)))))))) ;;;;;;;The EV analogues of the various FOL rule-checkers. (DEFN G-EXPAN-RULE (CONC HINTS SUB-GOALS SYMBOLS) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-AND (G-FORMULA (G-CAR SUB-GOALS) SYMBOLS) (PR-EQUAL CONC (G-F-OR (G-CADR HINTS) (G-CAR SUB-GOALS)))))) (DEFN G-CONTRAC-RULE (CONC HINTS SUB-GOALS SYMBOLS) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-AND (PR-EQUAL SUB-GOALS (G-CONS (G-F-OR (G-CADR HINTS) (G-CADR HINTS)) (PR-QUOTE (GCODE NIL)))) (PR-EQUAL CONC (G-CADR HINTS))))) (DEFN G-ASSOC-RULE (CONC HINTS SUB-GOALS SYMBOLS) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-AND (G-FORMULA (G-CADDR HINTS) SYMBOLS) (PR-AND (G-FORMULA (G-CADDDR HINTS) SYMBOLS) (PR-AND (PR-EQUAL SUB-GOALS (G-CONS (G-F-OR (G-CADR HINTS) (G-F-OR (G-CADDR HINTS) (G-CADDDR HINTS))) (PR-QUOTE (GCODE NIL)))) (PR-EQUAL CONC (G-F-OR (G-F-OR (G-CADR HINTS) (G-CADDR HINTS)) (G-CADDDR HINTS)))))))) (DEFN G-CUT-RULE (CONC HINTS SUB-GOALS SYMBOLS) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-AND (G-FORMULA (G-CADDR HINTS) SYMBOLS) (PR-AND (G-FORMULA (G-CADDDR HINTS) SYMBOLS) (PR-AND (PR-EQUAL SUB-GOALS (G-CONS (G-F-OR (G-CADR HINTS) (G-CADDR HINTS)) (G-CONS (G-F-OR (G-F-NOT (G-CADR HINTS)) (G-CADDDR HINTS)) (PR-QUOTE (GCODE NIL))))) (PR-EQUAL CONC (G-F-OR (G-CADDR HINTS) (G-CADDDR HINTS)))))))) (DEFN G-FORSOME-INTRO-RULE (CONC HINTS SUB-GOALS SYMBOLS) (PR-AND (G-VARIABLE (G-CADR HINTS)) (PR-AND (G-FORMULA (G-CADDR HINTS) SYMBOLS) (PR-AND (G-FORMULA (G-CADDDR HINTS) SYMBOLS) (PR-AND (PR-NOT (G-MEMB (G-CADR HINTS) (G-COLLECT-FREE (G-CADDDR HINTS) (PR-QUOTE 0)))) (PR-AND (PR-EQUAL SUB-GOALS (G-CONS (G-F-IMPLIES (G-CADDR HINTS) (G-CADDDR HINTS)) (PR-QUOTE (GCODE NIL)))) (PR-EQUAL CONC (G-F-IMPLIES (G-FORSOME (G-CADR HINTS) (G-CADDR HINTS)) (G-CADDDR HINTS))))))))) ;;;;;;;The EV analogue of G-FOL-RULES. (DEFN G-FOL-RULES (CONC HINTS SUB-GOALS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 1)) (G-EXPAN-RULE CONC HINTS SUB-GOALS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 2)) (G-CONTRAC-RULE CONC HINTS SUB-GOALS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 3)) (G-ASSOC-RULE CONC HINTS SUB-GOALS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 4)) (G-CUT-RULE CONC HINTS SUB-GOALS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 5)) (G-FORSOME-INTRO-RULE CONC HINTS SUB-GOALS SYMBOLS) (PR-QUOTE (BOOL-FIX F)))))))) ;;;;;;;The EV analogues of the various set-theoretic operations. (DEFN G-ISIN (X Y) (G-CONS (G-CONS (PR-QUOTE 3) (G-CONS (PR-QUOTE 1) (PR-QUOTE 2))) (G-CONS X (G-CONS Y (PR-QUOTE (GCODE NIL)))))) (DEFN G-PHI NIL (G-CONS (G-CONS (PR-QUOTE 2) (G-CONS (PR-QUOTE 0) (PR-QUOTE 0))) (PR-QUOTE (GCODE NIL)))) (DEFN G-Z-PAIR (X Y) (G-CONS (G-CONS (PR-QUOTE 2) (G-CONS (PR-QUOTE 1) (PR-QUOTE 2))) (G-CONS X (G-CONS Y (PR-QUOTE (GCODE NIL)))))) (DEFN G-Z-UNION (X Y) (G-CONS (G-CONS (PR-QUOTE 2) (G-CONS (PR-QUOTE 2) (PR-QUOTE 2))) (G-CONS X (G-CONS Y (PR-QUOTE (GCODE NIL)))))) (DEFN G-Z-INT (X) (G-CONS (G-CONS (PR-QUOTE 3) (G-CONS (PR-QUOTE 2) (PR-QUOTE 1))) (G-CONS X (PR-QUOTE (GCODE NIL))))) (DEFN G-Z-SUCC (X) (G-CONS (G-CONS (PR-QUOTE 2) (G-CONS (PR-QUOTE 3) (PR-QUOTE 1))) (G-CONS X (PR-QUOTE (GCODE NIL))))) (DEFN G-F-IFF (X Y) (G-F-AND (G-F-IMPLIES X Y) (G-F-IMPLIES Y X))) ;;;;;;;The EV analogue of Z2-AXIOMS. (DEFN G-Z2-AXIOMS (CONC HINTS SYMBOLS) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 1)) (PR-AND (G-VARIABLE (G-CADDDR HINTS)) (PR-AND (G-TERMP (G-CADR HINTS) (PR-QUOTE 0) SYMBOLS) (PR-AND (G-TERMP (G-CADDR HINTS) (PR-QUOTE 0) SYMBOLS) (PR-AND (PR-NOT (G-MEMB (G-CADDDR HINTS) (G-COLLECT-FREE (G-CADR HINTS) (PR-QUOTE 0)))) (PR-AND (PR-NOT (G-MEMB (G-CADDDR HINTS) (G-COLLECT-FREE (G-CADDR HINTS) (PR-QUOTE 0)))) (PR-EQUAL CONC (G-F-IFF (G-F-EQUAL (G-CADR HINTS) (G-CADDR HINTS)) (G-FORALL (G-CADDDR HINTS) (G-F-IFF (G-ISIN (G-CADDDR HINTS) (G-CADR HINTS)) (G-ISIN (G-CADDDR HINTS) (G-CADDR HINTS))))))))))) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 2)) (PR-AND (G-TERMP (G-CADR HINTS) (PR-QUOTE 0) SYMBOLS) (PR-EQUAL CONC (G-F-NOT (G-ISIN (G-CADR HINTS) (G-PHI))))) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 3)) (PR-AND (G-TERMP (G-CONS (G-CADR HINTS) (G-CONS (G-CADDR HINTS) (G-CONS (G-CADDDR HINTS) (PR-QUOTE (GCODE NIL))))) (PR-QUOTE 1) SYMBOLS) (PR-EQUAL CONC (G-F-IFF (G-ISIN (G-CADDDR HINTS) (G-Z-PAIR (G-CADR HINTS) (G-CADDR HINTS))) (G-F-OR (G-F-EQUAL (G-CADDDR HINTS) (G-CADR HINTS)) (G-F-EQUAL (G-CADDDR HINTS) (G-CADDR HINTS)))))) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 4)) (PR-AND (G-TERMP (G-CONS (G-CADR HINTS) (G-CONS (G-CADDR HINTS) (G-CONS (G-CADDDR HINTS) (PR-QUOTE (GCODE NIL))))) (PR-QUOTE 1) SYMBOLS) (PR-EQUAL CONC (G-F-IFF (G-ISIN (G-CADDDR HINTS) (G-Z-UNION (G-CADR HINTS) (G-CADDR HINTS))) (G-F-OR (G-ISIN (G-CADDDR HINTS) (G-CADR HINTS)) (G-ISIN (G-CADDDR HINTS) (G-CADDR HINTS)))))) (PR-IF (PR-EQUAL (G-CAR HINTS) (PR-QUOTE 5)) (PR-AND (G-VARIABLE (G-CADDR HINTS)) (PR-AND (G-FORMULA (G-CADR HINTS) SYMBOLS) (PR-EQUAL CONC (G-F-IMPLIES (G-F-AND (G-SUBST (G-CADR HINTS) (G-CADDR HINTS) (G-PHI) (PR-QUOTE 0)) (G-FORALL (G-CADDR HINTS) (G-F-IMPLIES (G-F-AND (G-Z-INT (G-CADDR HINTS)) (G-CADR HINTS)) (G-SUBST (G-CADR HINTS) (G-CADDR HINTS) (G-Z-SUCC (G-CADDR HINTS)) (PR-QUOTE 0))))) (G-FORALL (G-CADDR HINTS) (G-F-IMPLIES (G-Z-INT (G-CADDR HINTS)) (G-CADR HINTS))))))) (PR-QUOTE (BOOL-FIX F)))))))) ;;;;;;;The EV analogue of SYMB-DEFN-PROOF. (DEFN G-SYMB-DEFN-PROOF (CONC HINTS SUB-GOALS DEFN SYMBOLS) (PR-IF (G-PREDICATE (G-CAR (G-CAR HINTS))) (PR-AND (G-SET (G-CDR (G-CAR HINTS))) (PR-AND (G-VAR-LIST (G-CDR (G-CAR HINTS)) (G-DEGREE (G-CAR (G-CAR HINTS)))) (PR-AND (PR-EQUAL CONC (G-F-IFF (G-CAR HINTS) DEFN)) (PR-AND (G-SUB (G-COLLECT-FREE DEFN (PR-QUOTE 0)) (G-CDR (G-CAR HINTS))) (G-FORMULA DEFN (G-REST-OF (G-CAR (G-CAR HINTS)) SYMBOLS)))))) (PR-IF (G-FUNCTION (G-CAR (G-CAR HINTS))) (PR-AND (G-SET (G-CONS (G-CADDDR HINTS) (G-CONS (G-CADR HINTS) (G-CDR (G-CAR HINTS))))) (PR-AND (G-VAR-LIST (G-CDR (G-CAR HINTS)) (G-DEGREE (G-CAR (G-CAR HINTS)))) (PR-AND (G-VARIABLE (G-CADR HINTS)) (PR-AND (G-VARIABLE (G-CADDDR HINTS)) (PR-AND (G-FORMULA (G-CADDR HINTS) (G-REST-OF (G-CAR (G-CAR HINTS)) SYMBOLS)) (PR-AND (G-SUB (G-COLLECT-FREE (G-CADDR HINTS) (PR-QUOTE 0)) (G-CONS (G-CADR HINTS) (G-CDR (G-CAR HINTS)))) (PR-AND (G-FREE-FOR (G-CADDR HINTS) (G-CADR HINTS) (G-CAR HINTS) (PR-QUOTE 0)) (PR-AND (G-FREE-FOR (G-CADDR HINTS) (G-CADR HINTS) (G-CADDDR HINTS) (PR-QUOTE 0)) (PR-AND (PR-EQUAL CONC (G-SUBST (G-CADDR HINTS) (G-CADR HINTS) (G-CAR HINTS) (PR-QUOTE 0))) (PR-AND (PR-EQUAL CONC DEFN) (PR-EQUAL SUB-GOALS (G-CONS (G-FORSOME (G-CADR HINTS) (G-CADDR HINTS)) (G-CONS (G-F-IMPLIES (G-F-AND (G-CADDR HINTS) (G-SUBST (G-CADDR HINTS) (G-CADR HINTS) (G-CADDDR HINTS) (PR-QUOTE 0))) (G-F-EQUAL (G-CADR HINTS) (G-CADDDR HINTS))) (PR-QUOTE (GCODE NIL))))))))))))))) (PR-QUOTE (BOOL-FIX F))))) (TOGGLE G1286 G-SYMB-DEFN-PROOF T) (TOGGLE G1287 G-Z2-AXIOMS T) (TOGGLE G1288 G-FOL-RULES T) ;;;;;;;The e-definition of G-PRF. (DEFN G-PRF-DEFN (PF GIVEN DEFNS FLG SYMBOLS) (PR-IF (PR-ZEROP FLG) (PR-IF (G-TYPEP PF 1) (PR-IF (PR-NOT (G-FORMULA (G-CONC PF (PR-QUOTE 0)) SYMBOLS)) (PR-QUOTE (BOOL-FIX F)) (PR-IF (PR-EQUAL (G-CAR PF) (PR-QUOTE 1)) (G-FOL-AXIOM-PROOF (G-CONC PF (PR-QUOTE 0)) (G-CADR PF) SYMBOLS) (PR-IF (PR-EQUAL (G-CAR PF) (PR-QUOTE 2)) (PR-AND (G-FOL-RULES (G-CONC PF (PR-QUOTE 0)) (G-CADR PF) (G-CONC (G-CADDDR PF) (PR-QUOTE 1)) SYMBOLS) (G-PRF (G-CADDDR PF) GIVEN DEFNS (PR-QUOTE 1) SYMBOLS)) (PR-IF (PR-EQUAL (G-CAR PF) (PR-QUOTE 3)) (G-Z2-AXIOMS (G-CONC PF (PR-QUOTE 0)) (G-CADR PF) SYMBOLS) (PR-IF (PR-EQUAL (G-CAR PF) (PR-QUOTE 4)) (PR-AND (G-SYMB-DEFN-PROOF (G-CONC PF (PR-QUOTE 0)) (G-CADR PF) (G-CONC (G-CADDDR PF) (PR-QUOTE 1)) (G-ASSOC (G-CAR (G-CAR (G-CADR PF))) DEFNS) SYMBOLS) (PR-IF (G-FUNCTION (G-CAR (G-CAR (G-CADR PF)))) (G-PRF (G-CADDDR PF) GIVEN DEFNS (PR-QUOTE 1) (G-REST-OF (G-CAR (G-CAR (G-CADR PF))) SYMBOLS)) (PR-QUOTE (BOOL-FIX T)))) (PR-IF (PR-EQUAL (G-CAR PF) (PR-QUOTE 5)) (G-MEMB (G-CONC PF (PR-QUOTE 0)) GIVEN) (PR-QUOTE (BOOL-FIX F)))))))) (PR-QUOTE (BOOL-FIX F))) (PR-IF (G-TYPEP PF 1) (PR-AND (G-PRF (G-CAR PF) GIVEN DEFNS (PR-QUOTE 0) SYMBOLS) (G-PRF (G-CDR PF) GIVEN DEFNS (PR-QUOTE 1) SYMBOLS)) (PR-QUOTE (BOOL-FIX T))))) ;;;;;;;So far we have presented the e-definitions leading to the EV analogue ;;;;;;;of the proof-checker PRF. We need a few more e-definitions in order to ;;;;;;;construct the undecidable sentence. ;;;;;;;Below is the e-definition for G-NUMERAL. (DEFN G-NUMERAL (X) (LIST 29 X)) (DEFN G-NUMERAL-DEFN NIL (PR-IF (PR-ZEROP 0) (G-PHI) (G-Z-SUCC (G-NUMERAL (PR-SUB1 0))))) (DEFN G-Z-SING (X) (G-Z-PAIR X X)) (DEFN G-Z-OPAIR (X Y) (G-Z-PAIR (G-Z-SING X) (G-Z-PAIR X Y))) ;;;;;;;The e-definition for G-PLUS (addition). (DEFN G-PLUS (X Y) (LIST 30 X Y)) (DEFN G-PLUS-DEFN NIL (PR-IF (PR-ZEROP 0) (G-FIX 1) (PR-ADD1 (G-PLUS (PR-SUB1 0) 1)))) ;;;;;;;The e-definition for G-TIMES (multiplication). (DEFN G-TIMES (X Y) (LIST 31 X Y)) (DEFN G-TIMES-DEFN NIL (PR-IF (PR-ZEROP 0) (PR-QUOTE (GCODE 0)) (G-PLUS 1 (G-TIMES (PR-SUB1 0) 1)))) ;;;;;;;The e-definition for G-EXP (exponentiation). (DEFN G-EXP (X Y) (LIST 32 X Y)) (DEFN G-EXP-DEFN NIL (PR-IF (PR-ZEROP 1) (PR-QUOTE (GCODE 1)) (G-TIMES 0 (G-EXP 0 (PR-SUB1 1))))) ;;;;;;;The e-definition for G-HALVE (integer division by 2). (DEFN G-HALVE (X) (LIST 33 X)) (DEFN G-HALVE-DEFN NIL (PR-IF (PR-ZEROP 0) (PR-QUOTE (GCODE 0)) (PR-IF (PR-ZEROP (PR-SUB1 0)) (PR-QUOTE (GCODE 0)) (PR-ADD1 (G-HALVE (PR-SUB1 (PR-SUB1 0))))))) ;;;;;;;The e-definition for G-LESSP. (DEFN G-LESSP (X Y) (LIST 34 X Y)) (DEFN G-LESSP-DEFN NIL (PR-IF (PR-ZEROP 1) (PR-QUOTE (BOOL-FIX F)) (PR-IF (PR-ZEROP 0) (PR-QUOTE (BOOL-FIX T)) (G-LESSP (PR-SUB1 0) (PR-SUB1 1))))) ;;;;;;;With PLUS, TIMES, and EXP, we can cipher num-trees as numbers, and with these ;;;;;;;and the HALVE function, we can decipher back the num-trees from the numbers ;;;;;;;by a yet-to-be-defined function DECIPHER1. The e-definition for G-DECIPHER1 is ;;;;;;;shown below. (DEFN G-DECIPHER1 (X Y Z) (LIST 35 X Y Z)) (DEFN G-DECIPHER1-DEFN NIL (PR-IF (PR-ZEROP 1) (G-HALVE (PR-SUB1 0)) (PR-IF (PR-ZEROP 2) (G-DECIPHER1 0 (PR-SUB1 1) 0) (PR-IF (PR-AND (G-LESSP 1 0) (G-LESSP 2 0)) (PR-IF (PR-EQUAL 0 (G-TIMES (G-EXP (PR-QUOTE (GCODE 2)) 1) (G-EXP (PR-QUOTE (GCODE 3)) 2))) (PR-CONS (G-DECIPHER1 1 (PR-SUB1 1) (PR-SUB1 1)) (G-DECIPHER1 2 (PR-SUB1 2) (PR-SUB1 2))) (G-DECIPHER1 0 1 (PR-SUB1 2))) (G-DECIPHER1 0 1 (PR-SUB1 2)))))) (DEFN G-PROVES (PF EXP GIVEN DEFNS SYMBOLS) (PR-AND (PR-EQUAL (G-CONC PF (PR-QUOTE 0)) EXP) (PR-AND (G-FORMULA EXP SYMBOLS) (G-PRF PF GIVEN DEFNS (PR-QUOTE 0) SYMBOLS)))) (TOGGLE G1035 G-PROVES T) (DEFN G-DECIPHER (X) (G-DECIPHER1 X (PR-SUB1 X) (PR-SUB1 X))) ;;;;;;;G-INV-CODE is the EV analogue of a function INV-CODE which is the inverse for GCODE. ;;;;;;;At first sight, G-INV-CODE might seem like an identity mapping but that is only ;;;;;;;true when its argument is a GCODE and as we shall see, this is not always the case. (DEFN G-INV-CODE (X) (LIST 36 X)) (DEFN G-INV-CODE-DEFN NIL (PR-IF (PR-LISTP 0) (PR-IF (PR-EQUAL (PR-CAR 0) (PR-QUOTE 1)) (G-CONS (G-INV-CODE (PR-CAR (PR-CDR 0))) (G-INV-CODE (PR-CDR (PR-CDR 0)))) (PR-IF (PR-EQUAL (PR-CAR 0) (PR-QUOTE 2)) (G-F-NOT (G-INV-CODE (PR-CAR (PR-CDR 0)))) (PR-IF (PR-EQUAL (PR-CAR 0) (PR-QUOTE 3)) (G-F-OR (G-INV-CODE (PR-CAR (PR-CDR 0))) (G-INV-CODE (PR-CDR (PR-CDR 0)))) (PR-IF (PR-EQUAL (PR-CAR 0) (PR-QUOTE 4)) (G-FORSOME (G-INV-CODE (PR-CAR (PR-CDR 0))) (G-INV-CODE (PR-CDR (PR-CDR 0)))) (PR-IF (PR-EQUAL (PR-CAR 0) (PR-QUOTE 5)) (PR-QUOTE (GCODE T)) (PR-IF (PR-EQUAL (PR-CAR 0) (PR-QUOTE 6)) (PR-QUOTE (GCODE F)) (PR-QUOTE (GCODE NIL)))))))) (G-FIX 0))) ;;;;;;;G-ISTHM is the EV analogue of the `theorem-checker' ISTHM which will be described ;;;;;;;later. The e-definition is presented below. (DEFN G-ISTHM (PFN EXP GIVEN DEFNS SYMBOLS) (LIST 37 PFN EXP GIVEN DEFNS SYMBOLS)) (DEFN G-ISTHM-DEFN NIL (PR-IF (G-PROVES (G-INV-CODE (G-DECIPHER 0)) 1 2 3 4) (PR-QUOTE (BOOL-FIX T)) (PR-IF (G-PROVES (G-INV-CODE (G-DECIPHER 0)) (G-F-NOT 1) 2 3 4) (PR-QUOTE (BOOL-FIX F)) (G-ISTHM (PR-ADD1 0) 1 2 3 4)))) ;;;;;;;The last e-definition is that of GC-NCODE which is the EV analogue of NCODE. (DEFN GC-NCODE (X) (LIST 38 X)) (DEFN GC-NCODE-DEFN NIL (PR-IF (PR-LISTP 0) (G-Z-OPAIR (GC-NCODE (PR-CAR 0)) (GC-NCODE (PR-CDR 0))) (G-NUMERAL 0))) ;;;;;;;For the time being, we disable all the e-definitions. (TOGGLE G1036 G-APPEND-DEFN T) (TOGGLE G1037 G-DEL-DEFN T) (TOGGLE G1038 G-MEMB-DEFN T) (TOGGLE G1039 G-COLLECT-FREE-DEFN T) (TOGGLE G1040 G-COVERING-DEFN T) (TOGGLE G1041 G-NIL-INTERSECT-DEFN T) (TOGGLE G1042 G-VAR-LIST-DEFN T) (TOGGLE G1043 G-LENGTH-DEFN T) (TOGGLE G1044 G-TERMP-DEFN T) (TOGGLE G1045 G-SUBST-DEFN T) (TOGGLE G1046 G-SUB-DEFN T) (TOGGLE G1047 G-FORMULA-DEFN T) (TOGGLE G1048 G-PAIREQUALS-DEFN T) (TOGGLE G1055 G-SET-DEFN T) (TOGGLE G1056 G-CONC-DEFN T) (TOGGLE G1057 G-REST-OF-DEFN T) (TOGGLE G1058 G-ASSOC-DEFN T) (TOGGLE G1059 G-PRF-DEFN T) (TOGGLE G1060 G-NUMERAL-DEFN T) (TOGGLE G1061 G-PLUS-DEFN T) (TOGGLE G1062 G-TIMES-DEFN T) (TOGGLE G1063 G-EXP-DEFN T) (TOGGLE G1064 G-HALVE-DEFN T) (TOGGLE G1065 G-LESSP-DEFN T) (TOGGLE G1066 G-DECIPHER1-DEFN T) (TOGGLE G1067 G-INV-CODE-DEFN T) (TOGGLE G1068 G-ISTHM-DEFN T) (TOGGLE G1069 GC-NCODE-DEFN T) (TOGGLE G1070 SUB1-N NIL) ;;;;;;;The function FA below is the big list of e-definitions. (DEFN FA NIL (LIST (G-APPEND-DEFN) (G-DEL-DEFN) (G-MEMB-DEFN) (G-COLLECT-FREE-DEFN) (G-COVERING-DEFN) (G-NIL-INTERSECT-DEFN) (G-VAR-LIST-DEFN) (G-LENGTH-DEFN) (G-TERMP-DEFN) (G-SUBST-DEFN) (G-SUB-DEFN) (G-FORMULA-DEFN) (G-PAIREQUALS-DEFN) (G-SET-DEFN) (G-CONC-DEFN) (G-REST-OF-DEFN) (G-ASSOC-DEFN) (G-PRF-DEFN 0 1 2 3 4) (G-NUMERAL-DEFN) (G-PLUS-DEFN) (G-TIMES-DEFN) (G-EXP-DEFN) (G-HALVE-DEFN) (G-LESSP-DEFN) (G-DECIPHER1-DEFN) (G-INV-CODE-DEFN) (G-ISTHM-DEFN) (GC-NCODE-DEFN))) (TOGGLE G1072 SUB1-N NIL) (PROVE-LEMMA DIFFERENCE-LESSP (REWRITE) (IMPLIES (LEQ X Y) (EQUAL (DIFFERENCE X Y) 0))) (PROVE-LEMMA DIFFERENCE-SUB1-N (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (SUB1-N X Y) (DIFFERENCE X Y)))) (TOGGLE G1073 SUB1-N T) ;;;;;;;We prove that GET of the e-function symbol (minus 11) on (FA) yields the ;;;;;;;appropriate e-definition for each of the defined e-function symbols. (PROVE-LEMMA GET-G-APPEND-DEFN (REWRITE) (EQUAL (GET (SUB1-N 11 11) (FA)) (G-APPEND-DEFN))) (PROVE-LEMMA GET-SUB1-N-NZEROP (REWRITE) (EQUAL (GET (ADD1 X) LIST) (GET X (CDR LIST)))) (PROVE-LEMMA DIFFERENCE-LESSP2 (REWRITE) (IMPLIES (LEQ Y X) (EQUAL (DIFFERENCE (ADD1 X) Y) (ADD1 (DIFFERENCE X Y))))) (PROVE-LEMMA GET-G-DEL-DEFN (REWRITE) (EQUAL (GET (SUB1-N 12 11) (FA)) (G-DEL-DEFN))) (PROVE-LEMMA GET-G-MEMB-DEFN (REWRITE) (EQUAL (GET (SUB1-N 13 11) (FA)) (G-MEMB-DEFN))) (PROVE-LEMMA GET-G-COLLECT-FREE-DEFN (REWRITE) (EQUAL (GET (SUB1-N 14 11) (FA)) (G-COLLECT-FREE-DEFN))) (PROVE-LEMMA GET-G-COVERING-DEFN (REWRITE) (EQUAL (GET (SUB1-N 15 11) (FA)) (G-COVERING-DEFN))) (PROVE-LEMMA GET-G-NIL-INTERSECT-DEFN (REWRITE) (EQUAL (GET (SUB1-N 16 11) (FA)) (G-NIL-INTERSECT-DEFN))) (PROVE-LEMMA GET-G-VAR-LIST-DEFN (REWRITE) (EQUAL (GET (SUB1-N 17 11) (FA)) (G-VAR-LIST-DEFN))) (PROVE-LEMMA GET-G-LENGTH-DEFN (REWRITE) (EQUAL (GET (SUB1-N 18 11) (FA)) (G-LENGTH-DEFN))) (PROVE-LEMMA GET-G-TERMP-DEFN (REWRITE) (EQUAL (GET (SUB1-N 19 11) (FA)) (G-TERMP-DEFN))) (PROVE-LEMMA GET-G-SUBST-DEFN (REWRITE) (EQUAL (GET (SUB1-N 20 11) (FA)) (G-SUBST-DEFN))) (PROVE-LEMMA GET-G-SUB-DEFN (REWRITE) (EQUAL (GET (SUB1-N 21 11) (FA)) (G-SUB-DEFN))) (PROVE-LEMMA GET-G-PAIREQUALS-DEFN (REWRITE) (EQUAL (GET (SUB1-N 23 11) (FA)) (G-PAIREQUALS-DEFN))) (PROVE-LEMMA GET-G-SET-DEFN (REWRITE) (EQUAL (GET (SUB1-N 24 11) (FA)) (G-SET-DEFN))) (PROVE-LEMMA GET-G-CONC-DEFN (REWRITE) (EQUAL (GET (SUB1-N 25 11) (FA)) (G-CONC-DEFN))) (PROVE-LEMMA GET-G-REST-OF-DEFN (REWRITE) (EQUAL (GET (SUB1-N 26 11) (FA)) (G-REST-OF-DEFN))) (PROVE-LEMMA GET-G-ASSOC-DEFN (REWRITE) (EQUAL (GET (SUB1-N 27 11) (FA)) (G-ASSOC-DEFN))) (PROVE-LEMMA GET-G-PRF-DEFN (REWRITE) (EQUAL (GET (SUB1-N 28 11) (FA)) (G-PRF-DEFN 0 1 2 3 4))) (PROVE-LEMMA GET-G-NUMERAL-DEFN (REWRITE) (EQUAL (GET (SUB1-N 29 11) (FA)) (G-NUMERAL-DEFN))) (PROVE-LEMMA GET-G-PLUS-DEFN (REWRITE) (EQUAL (GET (SUB1-N 30 11) (FA)) (G-PLUS-DEFN))) (PROVE-LEMMA GET-G-TIMES-DEFN (REWRITE) (EQUAL (GET (SUB1-N 31 11) (FA)) (G-TIMES-DEFN))) (PROVE-LEMMA GET-G-EXP-DEFN (REWRITE) (EQUAL (GET (SUB1-N 32 11) (FA)) (G-EXP-DEFN))) (PROVE-LEMMA GET-G-HALVE-DEFN (REWRITE) (EQUAL (GET (SUB1-N 33 11) (FA)) (G-HALVE-DEFN))) (PROVE-LEMMA GET-G-LESSP-DEFN (REWRITE) (EQUAL (GET (SUB1-N 34 11) (FA)) (G-LESSP-DEFN))) (PROVE-LEMMA GET-G-DECIPHER1-DEFN (REWRITE) (EQUAL (GET (SUB1-N 35 11) (FA)) (G-DECIPHER1-DEFN))) (PROVE-LEMMA GET-G-INV-CODE-DEFN (REWRITE) (EQUAL (GET (SUB1-N 36 11) (FA)) (G-INV-CODE-DEFN))) (PROVE-LEMMA GET-G-ISTHM-DEFN (REWRITE) (EQUAL (GET (SUB1-N 37 11) (FA)) (G-ISTHM-DEFN))) (PROVE-LEMMA GET-GC-NCODE-DEFN (REWRITE) (EQUAL (GET (SUB1-N 38 11) (FA)) (GC-NCODE-DEFN))) (TOGGLE G1074 FA T) (TOGGLE G1075 DIFFERENCE-SUB1-N T) (TOGGLE G1076 DIFFERENCE-LESSP T) (TOGGLE G1077 DIFFERENCE-LESSP2 T) ;;;;;;;In the next series of events, we prove that the e-functions defined correspond ;;;;;;;to their Lisp analogues. This involves two steps, in the first step we show, ;;;;;;;for example, that G-APPEND when evaluated corresponds to G-APPENDN. This is done ;;;;;;;in EVAL-G-APPEND. In the ;;;;;;;second step we show that G-APPENDN when given a large enough stack bound N ;;;;;;;corresponds to APPEND. This is done in G-APPENDN-GCODE. ;;;;;;;We do the same thing for each of the e-functions. ;;;;;;;G-APPEND-IND is the induction scheme for EVAL-G-APPEND, and is quite subtle ;;;;;;;and could not have been guessed by the theorem-prover. (DEFN G-APPEND-IND (X Y VA N) (IF (ZEROP N) T (G-APPEND-IND (G-CDR 0) 1 (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) ;;;;;;;G-APPENDN is the Lisp analogue of G-APPEND with N. (DEFN G-APPENDN (X Y N) (IF (OR (ZEROP N) (BTMP X) (BTMP Y)) (BTM) (PR-IFN (G-TYPEPN X 1) (G-CONSN (G-CARN X) (G-APPENDN (G-CDRN X) Y (SUB1 N))) Y))) (TOGGLE G1078 G-APPEND NIL) (TOGGLE G1079 G-APPEND-DEFN NIL) ;;;;;;;EV of G-APPEND applied to arguments is G-APPENDN of the EV of the arguments. (PROVE-LEMMA EVAL-G-APPEND (REWRITE) (EQUAL (EV 0 (G-APPEND X Y) VA (FA) N) (G-APPENDN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-APPEND-IND X Y VA N)) (DISABLE EVAL-FUN2))) ;;;;;;;APPENDN-IND is the induction scheme for G-APPENDN-GCODE. (DEFN APPENDN-IND (X Y N) (IF (LISTP X) (APPENDN-IND (CDR X) Y (SUB1 N)) T)) ;;;;;;;For a sufficiently large N, G-APPENDN of the GCODE of the arguments is ;;;;;;;the GCODE of the APPEND of the arguments. (PROVE-LEMMA G-APPENDN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH X) N) (EQUAL (G-APPENDN (GCODE X) (GCODE Y) N) (GCODE (APPEND X Y)))) ((DISABLE BOOL-FIX GCODE) (INDUCT (APPENDN-IND X Y N)))) (TOGGLE G1080 G-APPENDN T) (TOGGLE G1081 G-APPEND T) (TOGGLE G1082 G-APPEND-DEFN T) (TOGGLE G1083 EVAL-FUN2 T) ;;;;;;;Correspondence between G-DEL and G-DELN, and G-DELN and DEL. (DEFN G-DELN (X Y N) (IF (OR (ZEROP N) (BTMP X) (BTMP Y)) (BTM) (PR-IFN (G-TYPEPN Y 1) (PR-IFN (PR-EQUALN X (G-CARN Y)) (G-DELN X (G-CDRN Y) (SUB1 N)) (G-CONSN (G-CARN Y) (G-DELN X (G-CDRN Y) (SUB1 N)))) Y))) (DEFN G-DEL-IND (X Y VA N) (IF (ZEROP N) T (G-DEL-IND 0 (G-CDR 1) (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (TOGGLE G1084 G-DEL NIL) (TOGGLE G1085 G-DEL-DEFN NIL) (PROVE-LEMMA EVAL-G-DEL (REWRITE) (EQUAL (EV 0 (G-DEL X Y) VA (FA) N) (G-DELN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-DEL-IND X Y VA N)))) (PROVE-LEMMA NCODE-EQUAL-REFLEX (REWRITE) (NCODE-EQUAL X X)) (PROVE-LEMMA NUMBERP-NCODE-EQUAL (REWRITE) (IMPLIES (AND (NUMBERP X) (NUMBERP Y)) (EQUAL (NCODE-EQUAL X Y) (EQUAL X Y)))) (PROVE-LEMMA NCODE-GCODE-EQUAL (REWRITE) (EQUAL (NCODE-EQUAL (GCODE X) (GCODE Y)) (EQL X Y)) ((DISABLE EQL-GCODE-EQUAL))) (TOGGLE G1086 NUMBERP-NCODE-EQUAL T) (TOGGLE G1087 PR-EQUALN NIL) (PROVE-LEMMA G-DELN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH Y) N) (EQUAL (G-DELN (GCODE X) (GCODE Y) N) (GCODE (DEL X Y)))) ((DISABLE BOOL-FIX GCODE) (INDUCT (APPENDN-IND Y X N)))) (TOGGLE G1088 G-DELN T) (TOGGLE G1089 G-DEL T) (TOGGLE G1090 G-DEL-DEFN T) ;;;;;;;Correspondence between G-MEMB, G-MEMBN, and MEMB. (DEFN G-MEMBN (X Y N) (IF (OR (ZEROP N) (BTMP X) (BTMP Y)) (BTM) (PR-IFN (G-TYPEPN Y 1) (PR-IFN (PR-EQUALN X (G-CARN Y)) 1 (G-MEMBN X (G-CDRN Y) (SUB1 N))) 0))) (TOGGLE G1091 G-MEMB NIL) (TOGGLE G1092 G-MEMB-DEFN NIL) (DEFN G-MEMB-IND (X Y VA N) (IF (ZEROP N) T (G-MEMB-IND 0 (G-CDR 1) (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-MEMB-EVAL (REWRITE) (EQUAL (EV 0 (G-MEMB X Y) VA (FA) N) (G-MEMBN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-MEMB-IND X Y VA N)))) (PROVE-LEMMA G-MEMBN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH Y) N) (EQUAL (G-MEMBN (GCODE X) (GCODE Y) N) (IF (MEMB X Y) 1 0))) ((DISABLE BOOL-FIX GCODE) (INDUCT (APPENDN-IND Y X N)))) (TOGGLE G1093 G-MEMB T) (TOGGLE G1094 G-MEMBN T) (TOGGLE G1095 G-MEMB-DEFN T) ;;;;;;;Correspondence between G-COLLECT-FREE, G-COLLECT-FREEN, and COLLECT-FREE. (DEFN G-COLLECT-FREEN (EXP FLG N) (IF (OR (ZEROP N) (BTMP EXP) (BTMP FLG)) (BTM) (PR-IFN (PR-ZEROPN FLG) (PR-IFN (G-VARIABLEN EXP) (G-CONSN EXP (GCODE NIL)) (PR-IFN (G-TYPEPN EXP 2) (G-COLLECT-FREEN (G-ARGN EXP 0 2) 0 (SUB1 N)) (PR-IFN (G-TYPEPN EXP 3) (G-APPENDN (G-COLLECT-FREEN (G-ARGN EXP 0 3) 0 (SUB1 N)) (G-COLLECT-FREEN (G-ARGN EXP 1 3) 0 (SUB1 N)) (SUB1 N)) (PR-IFN (G-TYPEPN EXP 4) (G-DELN (G-ARGN EXP 0 4) (G-COLLECT-FREEN (G-ARGN EXP 1 4) 0 (SUB1 N)) (SUB1 N)) (PR-IFN (G-TYPEPN EXP 1) (G-COLLECT-FREEN (G-CDRN EXP) 1 (SUB1 N)) (GCODE NIL)))))) (PR-IFN (G-TYPEPN EXP 1) (G-APPENDN (G-COLLECT-FREEN (G-CARN EXP) 0 (SUB1 N)) (G-COLLECT-FREEN (G-CDRN EXP) 1 (SUB1 N)) (SUB1 N)) (GCODE NIL))))) (TOGGLE G1096 G-COLLECT-FREE NIL) (TOGGLE G1097 G-COLLECT-FREE-DEFN NIL) (DEFN G-COLLECT-FREE-IND (EXP FLG VA N) (IF (ZEROP N) T (AND (G-COLLECT-FREE-IND (G-ARG 0 (PR-QUOTE 0) 2) (PR-QUOTE 0) (EV 1 (LIST EXP FLG) VA (FA) N) (SUB1 N)) (G-COLLECT-FREE-IND (G-ARG 0 (PR-QUOTE 0) 3) (PR-QUOTE 0) (EV 1 (LIST EXP FLG) VA (FA) N) (SUB1 N)) (G-COLLECT-FREE-IND (G-ARG 0 (PR-QUOTE 1) 3) (PR-QUOTE 0) (EV 1 (LIST EXP FLG) VA (FA) N) (SUB1 N)) (G-COLLECT-FREE-IND (G-ARG 0 (PR-QUOTE 1) 4) (PR-QUOTE 0) (EV 1 (LIST EXP FLG) VA (FA) N) (SUB1 N)) (G-COLLECT-FREE-IND (G-CDR 0) (PR-QUOTE 1) (EV 1 (LIST EXP FLG) VA (FA) N) (SUB1 N)) (G-COLLECT-FREE-IND (G-CAR 0) (PR-QUOTE 0) (EV 1 (LIST EXP FLG) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-COLLECT-FREE-EVAL (REWRITE) (EQUAL (EV 0 (G-COLLECT-FREE EXP FLG) VA (FA) N) (G-COLLECT-FREEN (EV 0 EXP VA (FA) N) (EV 0 FLG VA (FA) N) N)) ((INDUCT (G-COLLECT-FREE-IND EXP FLG VA N)))) (DEFN EXP-COUNT (EXP) (IF (LISTP EXP) (ADD1 (PLUS (EXP-COUNT (CAR EXP)) (EXP-COUNT (CDR EXP)))) (IF (F-NOTP EXP) (ADD1 (EXP-COUNT (ARG EXP))) (IF (F-ORP EXP) (ADD1 (PLUS (EXP-COUNT (ARG1 EXP)) (EXP-COUNT (ARG2 EXP)))) (IF (FORSOMEP EXP) (ADD1 (EXP-COUNT (BODY EXP))) 1))))) (PROVE-LEMMA EXP-COUNT-APPEND (REWRITE) (LESSP (EXP-COUNT (APPEND X Y)) (PLUS (EXP-COUNT X) (EXP-COUNT Y)))) (PROVE-LEMMA EXP-COUNT-DEL (REWRITE) (LESSP (EXP-COUNT (DEL X Y)) (ADD1 (EXP-COUNT Y)))) (PROVE-LEMMA LENGTH-EXP-COUNT (REWRITE) (LESSP (LENGTH X) (ADD1 (EXP-COUNT X)))) (PROVE-LEMMA LENGTH-APPEND (REWRITE) (EQUAL (LENGTH (APPEND X Y)) (PLUS (LENGTH X) (LENGTH Y)))) (PROVE-LEMMA LENGTH-DEL (REWRITE) (LESSP (LENGTH (DEL X Y)) (ADD1 (LENGTH Y)))) (PROVE-LEMMA COLLECT-FREE-COUNT (REWRITE) (LESSP (LENGTH (COLLECT-FREE EXP FLG)) (ADD1 (EXP-COUNT EXP))) ((INDUCT (COLLECT-FREE EXP FLG)))) (DEFN COLLECT-FREEN-IND (EXP FLG N) (IF (ZEROP FLG) (IF (VARIABLE EXP) NIL (IF (F-NOTP EXP) (COLLECT-FREEN-IND (ARG EXP) 0 (SUB1 N)) (IF (F-ORP EXP) (AND (COLLECT-FREEN-IND (ARG1 EXP) 0 (SUB1 N)) (COLLECT-FREEN-IND (ARG2 EXP) 0 (SUB1 N))) (IF (FORSOMEP EXP) (COLLECT-FREEN-IND (BODY EXP) 0 (SUB1 N)) (IF (LISTP EXP) (COLLECT-FREEN-IND (CDR EXP) 1 (SUB1 N)) NIL))))) (IF (LISTP EXP) (AND (COLLECT-FREEN-IND (CAR EXP) 0 (SUB1 N)) (COLLECT-FREEN-IND (CDR EXP) 1 (SUB1 N))) NIL))) (PROVE-LEMMA G-COLLECT-FREEN-GCODE (REWRITE) (IMPLIES (AND (NOT (BTMP FLG)) (LESSP (EXP-COUNT EXP) N)) (EQUAL (G-COLLECT-FREEN (GCODE EXP) FLG N) (GCODE (COLLECT-FREE EXP FLG)))) ((DISABLE BOOL-FIX GCODE) (INDUCT (COLLECT-FREEN-IND EXP FLG N)))) (PROVE-LEMMA NUMBERP-GCODE (REWRITE) (EQUAL (NUMBERP (GCODE EXP)) (NUMBERP EXP))) (PROVE-LEMMA COLLECT-FREE-GCODE-FLG (REWRITE) (EQUAL (COLLECT-FREE EXP (GCODE FLG)) (COLLECT-FREE EXP FLG))) (TOGGLE G1110 G-COLLECT-FREE T) (TOGGLE G1111 G-COLLECT-FREEN T) (TOGGLE G1112 G-COLLECT-FREE-DEFN T) (TOGGLE G1113 PR-ANDN T) ;;;;;;;Correspondence between G-COVERING, G-COVERINGN, and COVERING. (DEFN G-COVERINGN (EXP VAR FLG N) (IF (OR (ZEROP N) (BTMP EXP) (BTMP VAR) (BTMP FLG)) (BTM) (PR-IFN (PR-ZEROPN FLG) (PR-IFN (G-TYPEPN EXP 2) (G-COVERINGN (G-ARGN EXP 0 2) VAR (GCODE 0) (SUB1 N)) (PR-IFN (G-TYPEPN EXP 3) (G-APPENDN (G-COVERINGN (G-ARGN EXP 0 3) VAR (GCODE 0) (SUB1 N)) (G-COVERINGN (G-ARGN EXP 1 3) VAR (GCODE 0) (SUB1 N)) (SUB1 N)) (PR-IFN (G-TYPEPN EXP 4) (PR-IFN (G-MEMBN VAR (G-COLLECT-FREEN EXP (GCODE 0) (SUB1 N)) (SUB1 N)) (G-CONSN (G-ARGN EXP 0 4) (G-COVERINGN (G-ARGN EXP 1 4) VAR (GCODE 0) (SUB1 N))) (GCODE NIL)) (PR-IFN (G-TYPEPN EXP 1) (G-COVERINGN (G-CDRN EXP) VAR (GCODE 1) (SUB1 N)) (GCODE NIL))))) (PR-IFN (G-TYPEPN EXP 1) (G-APPENDN (G-COVERINGN (G-CARN EXP) VAR (GCODE 0) (SUB1 N)) (G-COVERINGN (G-CDRN EXP) VAR (GCODE 1) (SUB1 N)) (SUB1 N)) (GCODE NIL))))) (TOGGLE G1114 G-COVERING NIL) (TOGGLE G1115 G-COVERING-DEFN NIL) (DEFN G-COVERING-IND (EXP VAR FLG VA N) (IF (ZEROP N) T (AND (G-COVERING-IND (G-ARG 0 (PR-QUOTE 0) 2) 1 (PR-QUOTE 0) (EV 1 (LIST EXP VAR FLG) VA (FA) N) (SUB1 N)) (G-COVERING-IND (G-ARG 0 (PR-QUOTE 0) 3) 1 (PR-QUOTE 0) (EV 1 (LIST EXP VAR FLG) VA (FA) N) (SUB1 N)) (G-COVERING-IND (G-ARG 0 (PR-QUOTE 1) 3) 1 (PR-QUOTE 0) (EV 1 (LIST EXP VAR FLG) VA (FA) N) (SUB1 N)) (G-COVERING-IND (G-ARG 0 (PR-QUOTE 1) 4) 1 (PR-QUOTE 0) (EV 1 (LIST EXP VAR FLG) VA (FA) N) (SUB1 N)) (G-COVERING-IND (G-CDR 0) 1 (PR-QUOTE 1) (EV 1 (LIST EXP VAR FLG) VA (FA) N) (SUB1 N)) (G-COVERING-IND (G-CAR 0) 1 (PR-QUOTE 0) (EV 1 (LIST EXP VAR FLG) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-COVERING-EVAL (REWRITE) (EQUAL (EV 0 (G-COVERING EXP VAR FLG) VA (FA) N) (G-COVERINGN (EV 0 EXP VA (FA) N) (EV 0 VAR VA (FA) N) (EV 0 FLG VA (FA) N) N)) ((INDUCT (G-COVERING-IND EXP VAR FLG VA N)))) (PROVE-LEMMA COVERING-COUNT (REWRITE) (LESSP (LENGTH (COVERING EXP VAR FLG)) (EXP-COUNT EXP))) (PROVE-LEMMA PR-ZEROPN-GCODE (REWRITE) (EQUAL (PR-ZEROPN (GCODE X)) (BOOL-FIX (ZEROP X)))) (TOGGLE G1116 PR-ZEROPN T) (TOGGLE G1117 BOOL-FIX NIL) (PROVE-LEMMA G-MEMBN-GCODE-AGAIN (REWRITE) (IMPLIES (LESSP (LENGTH Y) N) (EQUAL (G-MEMBN (GCODE X) (GCODE Y) N) (BOOL-FIX (MEMB X Y)))) ((DISABLE G-MEMBN GCODE))) (TOGGLE G1118 BOOL-FIX T) (TOGGLE G1119 G-MEMBN-GCODE T) (DEFN COVERINGN-IND (EXP VAR FLG N) (IF (ZEROP FLG) (IF (F-NOTP EXP) (COVERINGN-IND (ARG EXP) VAR 0 (SUB1 N)) (IF (F-ORP EXP) (AND (COVERINGN-IND (ARG1 EXP) VAR 0 (SUB1 N)) (COVERINGN-IND (ARG2 EXP) VAR 0 (SUB1 N))) (IF (FORSOMEP EXP) (IF (MEMB VAR (COLLECT-FREE EXP 0)) (COVERINGN-IND (BODY EXP) VAR 0 (SUB1 N)) NIL) (IF (LISTP EXP) (COVERINGN-IND (CDR EXP) VAR 1 (SUB1 N)) (IF (NUMBERP EXP) NIL NIL))))) (IF (LISTP EXP) (AND (COVERINGN-IND (CAR EXP) VAR 0 (SUB1 N)) (COVERINGN-IND (CDR EXP) VAR 1 (SUB1 N))) NIL))) (PROVE-LEMMA G-COVERINGN-GCODE (REWRITE) (IMPLIES (LESSP (ADD1 (EXP-COUNT EXP)) N) (EQUAL (G-COVERINGN (GCODE EXP) (GCODE VAR) (GCODE FLG) N) (GCODE (COVERING EXP VAR FLG)))) ((DISABLE BOOL-FIX GCODE) (INDUCT (COVERINGN-IND EXP VAR FLG N)))) (TOGGLE G1120 G-COVERINGN T) (TOGGLE G1121 G-COVERING T) (TOGGLE G1122 G-COVERING-DEFN T) ;;;;;;;Correspondence between G-NIL-INTERSECT, G-NIL-INTERSECTN, and NIL-INTERSECT. (DEFN G-NIL-INTERSECTN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN X 1) (PR-ANDN (PR-NOTN (G-MEMBN (G-CARN X) Y (SUB1 N))) (G-NIL-INTERSECTN (G-CDRN X) Y (SUB1 N))) (BOOL-FIX T)))) (TOGGLE G1123 G-NIL-INTERSECT-DEFN NIL) (TOGGLE G1124 G-NIL-INTERSECT NIL) (PROVE-LEMMA G-NIL-INTERSECT-EVAL (REWRITE) (EQUAL (EV 0 (G-NIL-INTERSECT X Y) VA (FA) N) (G-NIL-INTERSECTN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-APPEND-IND X Y VA N)))) (TOGGLE G1125 PR-NOTN T) (DEFN NIL-INTERSECT-IND (X Y N) (IF (ZEROP N) T (IF (LISTP X) (NIL-INTERSECT-IND (CDR X) Y (SUB1 N)) T))) (PROVE-LEMMA G-NIL-INTERSECTN-GCODE (REWRITE) (IMPLIES (LESSP (PLUS (LENGTH X) (LENGTH Y)) N) (EQUAL (G-NIL-INTERSECTN (GCODE X) (GCODE Y) N) (BOOL-FIX (NIL-INTERSECT X Y)))) ((DISABLE GCODE BOOL-FIX) (INDUCT (NIL-INTERSECT-IND X Y N)))) (TOGGLE G1126 G-NIL-INTERSECT T) (TOGGLE G1127 G-NIL-INTERSECTN T) (TOGGLE G1128 G-NIL-INTERSECT-DEFN T) (TOGGLE G1129 G-FREE-FOR NIL) ;;;;;;;Correspondence between G-FREE-FOR, G-FREE-FORN, and FREE-FOR. (DEFN G-FREE-FORN (EXP VAR TERM FLG N) (G-NIL-INTERSECTN (G-COVERINGN EXP VAR FLG N) (G-COLLECT-FREEN TERM (GCODE 0) N) N)) (PROVE-LEMMA EVAL-G-FREE-FOR (REWRITE) (EQUAL (EV 0 (G-FREE-FOR EXP VAR TERM FLG) VA (FA) N) (G-FREE-FORN (EV 0 EXP VA (FA) N) (EV 0 VAR VA (FA) N) (EV 0 TERM VA (FA) N) (EV 0 FLG VA (FA) N) N))) (TOGGLE G1130 FREE-FOR NIL) (PROVE-LEMMA G-FREE-FORN-GCODE (REWRITE) (IMPLIES (LESSP (ADD1 (PLUS (EXP-COUNT EXP) (EXP-COUNT TERM))) N) (EQUAL (G-FREE-FORN (GCODE EXP) (GCODE VAR) (GCODE TERM) (GCODE FLG) N) (BOOL-FIX (FREE-FOR EXP VAR TERM FLG))))) (TOGGLE G1131 G-FREE-FOR T) (TOGGLE G1132 G-FREE-FORN T) (TOGGLE G1133 FREE-FOR T) ;;;;;;;Correspondence between G-VAR-LIST, G-VAR-LISTN, and VAR-LIST. (DEFN G-VAR-LISTN (LIST LEN N) (IF (OR (ZEROP N) (BTMP LIST) (BTMP LEN)) (BTM) (PR-IFN (PR-ORN (PR-ZEROPN LEN) (PR-NOTN (G-TYPEPN LIST 1))) (PR-ANDN (PR-ZEROPN LEN) (PR-NOTN (G-TYPEPN LIST 1))) (PR-ANDN (G-VARIABLEN (G-CARN LIST)) (G-VAR-LISTN (G-CDRN LIST) (PR-SUB1N LEN) (SUB1 N)))))) (TOGGLE G1139 G-VAR-LIST NIL) (TOGGLE G1140 G-VAR-LIST-DEFN NIL) (DEFN G-VAR-LIST-IND (LIST LEN VA N) (IF (ZEROP N) T (G-VAR-LIST-IND (G-CDR 0) (PR-SUB1 1) (EV 1 (LIST LIST LEN) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-VAR-LIST-EVAL (REWRITE) (EQUAL (EV 0 (G-VAR-LIST LIST LEN) VA (FA) N) (G-VAR-LISTN (EV 0 LIST VA (FA) N) (EV 0 LEN VA (FA) N) N)) ((INDUCT (G-VAR-LIST-IND LIST LEN VA N)))) (DEFN VAR-LISTN-IND (LIST LEN N) (IF (ZEROP N) T (IF (OR (ZEROP LEN) (NLISTP LIST)) T (VAR-LISTN-IND (CDR LIST) (SUB1 LEN) (SUB1 N))))) (PROVE-LEMMA G-VAR-LISTN-GCODE (REWRITE) (IMPLIES (LESSP LEN N) (EQUAL (G-VAR-LISTN (GCODE LIST) (GCODE LEN) N) (BOOL-FIX (VAR-LIST LIST LEN)))) ((DISABLE GCODE BOOL-FIX) (INDUCT (VAR-LISTN-IND LIST LEN N)))) (TOGGLE G1141 G-VAR-LISTN T) (TOGGLE G1142 G-VAR-LIST T) (TOGGLE G1143 G-VAR-LIST-DEFN T) (PROVE-LEMMA PR-EQUALN-REDUC (REWRITE) (EQUAL (PR-EQUALN (GCODE X) (GCODE Y)) (BOOL-FIX (EQL X Y)))) (TOGGLE G1147 PR-EQUALN T) (TOGGLE G1150 PR-ORN T) ;;;;;;;Correspondence between G-SYMB, G-SYMBN, and SYMB. (DEFN G-SYMBN (X SYMBOLS N) (PR-ORN (PR-EQUALN X (G-CONSN (GCODE 3) (G-CONSN (GCODE 0) (GCODE 2)))) (G-MEMBN X SYMBOLS N))) (TOGGLE G1151 G-SYMB NIL) (PROVE-LEMMA G-SYMB-EVAL (REWRITE) (EQUAL (EV 0 (G-SYMB X SYMBOLS) VA (FA) N) (G-SYMBN (EV 0 X VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (TOGGLE G1152 P NIL) (TOGGLE G1153 BOOL-FIX NIL) (PROVE-LEMMA GCODE-P (REWRITE) (EQUAL (BOOL-FIX (EQUAL X (CONS 3 (CONS 0 2)))) (BOOL-FIX (EQUAL (GCODE X) (GCODE (CONS 3 (CONS 0 2))))))) (TOGGLE G1154 BOOL-FIX T) (PROVE-LEMMA G-SYMBN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH SYMBOLS) N) (EQUAL (G-SYMBN (GCODE X) (GCODE SYMBOLS) N) (BOOL-FIX (SYMB X SYMBOLS)))) ((DISABLE GCODE BOOL-FIX))) (TOGGLE G1155 P T) (TOGGLE G1156 G-SYMB T) (TOGGLE G1157 G-SYMBN T) ;;;;;;;Correspondence between G-LENGTH, G-LENGTHN, and LENGTH. (DEFN G-LENGTHN (X N) (IF (OR (BTMP X) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN X 1) (PR-ADD1N (G-LENGTHN (G-CDRN X) (SUB1 N))) (GCODE 0)))) (TOGGLE G1158 G-LENGTH-DEFN NIL) (TOGGLE G1159 G-LENGTH NIL) (DEFN G-LENGTH-IND (X VA N) (IF (ZEROP N) T (G-LENGTH-IND (G-CDR 0) (EV 1 (LIST X) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA EVAL-G-LENGTH (REWRITE) (EQUAL (EV 0 (G-LENGTH X) VA (FA) N) (G-LENGTHN (EV 0 X VA (FA) N) N)) ((INDUCT (G-LENGTH-IND X VA N)))) (PROVE-LEMMA ADD1-GCODE (REWRITE) (EQUAL (ADD1 (GCODE X)) (GCODE (ADD1 X)))) (PROVE-LEMMA G-LENGTHN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH X) N) (EQUAL (G-LENGTHN (GCODE X) N) (GCODE (LENGTH X)))) ((DISABLE GCODE BOOL-FIX) (INDUCT (VAR-LIST X N)))) (TOGGLE G1160 G-LENGTH T) (TOGGLE G1161 G-LENGTHN T) (TOGGLE G1162 G-LENGTH-DEFN T) ;;;;;;;Correspondence between G-TERMP, G-TERMPN, and TERMP. (DEFN G-TERMPN (EXP FLG SYMBOLS N) (IF (OR (BTMP EXP) (BTMP FLG) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN FLG) (PR-IFN (G-TYPEPN EXP 1) (PR-ANDN (G-FUNCTIONN (G-CARN EXP)) (PR-ANDN (G-SYMBN (G-CARN EXP) SYMBOLS (SUB1 N)) (PR-ANDN (G-TERMPN (G-CDRN EXP) (GCODE 1) SYMBOLS (SUB1 N)) (PR-EQUALN (G-LENGTHN (G-CDRN EXP) (SUB1 N)) (G-FIXN (G-CDRN (G-CDRN (G-CARN EXP)))))))) (G-VARIABLEN EXP)) (PR-IFN (G-TYPEPN EXP 1) (PR-ANDN (G-TERMPN (G-CARN EXP) (GCODE 0) SYMBOLS (SUB1 N)) (G-TERMPN (G-CDRN EXP) (GCODE 1) SYMBOLS (SUB1 N))) (BOOL-FIX T))))) (TOGGLE G1163 G-TERMP NIL) (TOGGLE G1164 G-TERMP-DEFN NIL) (DEFN G-TERMP-IND (EXP FLG SYMBOLS VA N) (IF (ZEROP N) T (AND (G-TERMP-IND (G-CDR 0) (PR-QUOTE 1) 2 (EV 1 (LIST EXP FLG SYMBOLS) VA (FA) N) (SUB1 N)) (G-TERMP-IND (G-CAR 0) (PR-QUOTE 0) 2 (EV 1 (LIST EXP FLG SYMBOLS) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-TERMP-EVAL (REWRITE) (EQUAL (EV 0 (G-TERMP EXP FLG SYMBOLS) VA (FA) N) (G-TERMPN (EV 0 EXP VA (FA) N) (EV 0 FLG VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N)) ((INDUCT (G-TERMP-IND EXP FLG SYMBOLS VA N)))) (DEFN TERMP-IND (EXP FLG SYMBOLS N) (IF (ZEROP N) T (IF (ZEROP FLG) (IF (LISTP EXP) (TERMP-IND (CDR EXP) 1 SYMBOLS (SUB1 N)) T) (IF (LISTP EXP) (AND (TERMP-IND (CAR EXP) 0 SYMBOLS (SUB1 N)) (TERMP-IND (CDR EXP) 1 SYMBOLS (SUB1 N))) T)))) (PROVE-LEMMA LENGTH-LISTP-CDR (REWRITE) (IMPLIES (LISTP X) (LESSP (LENGTH (CDR X)) (LENGTH X)))) (PROVE-LEMMA NOT-LENGTH-CDR (REWRITE) (NOT (LESSP (LENGTH X) (LENGTH (CDR X))))) (DEFN TERMP-CNT (EXP FLG SYMBOLS) (IF (ZEROP FLG) (IF (LISTP EXP) (ADD1 (TERMP-CNT (CDR EXP) 1 SYMBOLS)) (ADD1 (ADD1 (LENGTH SYMBOLS)))) (IF (LISTP EXP) (ADD1 (PLUS (TERMP-CNT (CAR EXP) 0 SYMBOLS) (TERMP-CNT (CDR EXP) 1 SYMBOLS))) (ADD1 (ADD1 (LENGTH SYMBOLS)))))) (PROVE-LEMMA LESSP-SYMBOLS-TERMP-CNT (REWRITE) (LESSP (LENGTH SYMBOLS) (SUB1 (TERMP-CNT EXP FLG SYMBOLS)))) (PROVE-LEMMA LESSP-LENGTH-TERMP-CNT (REWRITE) (LESSP (LENGTH EXP) (TERMP-CNT EXP FLG SYMBOLS))) (TOGGLE G1165 DEGREE NIL) (PROVE-LEMMA NUMBERP-GCODE-EQUAL (REWRITE) (IMPLIES (OR (NUMBERP X) (NUMBERP Y)) (EQUAL (EQUAL (GCODE X) (GCODE Y)) (EQUAL X Y)))) (PROVE-LEMMA G-TERMPN-GCODE (REWRITE) (IMPLIES (LESSP (TERMP-CNT EXP FLG SYMBOLS) N) (EQUAL (G-TERMPN (GCODE EXP) (GCODE FLG) (GCODE SYMBOLS) N) (BOOL-FIX (TERMP EXP FLG SYMBOLS)))) ((INDUCT (TERMP-IND EXP FLG SYMBOLS N)) (DISABLE GCODE VARIABLE LENGTH SYMB-EQUALS))) (TOGGLE G1166 G-TERMP T) (TOGGLE G1167 G-TERMPN T) (TOGGLE G1168 G-TERMP-DEFN T) (TOGGLE G1169 TERMP-CNT T) ;;;;;;;Correspondence between G-ATOMP, G-ATOMPN, and ATOMP. (DEFN G-ATOMPN (EXP SYMBOLS N) (PR-ANDN (G-PREDICATEN (G-CARN EXP)) (PR-ANDN (G-SYMBN (G-CARN EXP) SYMBOLS N) (PR-ANDN (PR-EQUALN (G-LENGTHN (G-CDRN EXP) N) (G-FIXN (G-CDRN (G-CDRN (G-CARN EXP))))) (G-TERMPN (G-CDRN EXP) (GCODE 1) SYMBOLS N))))) (TOGGLE G1170 G-ATOMP NIL) (PROVE-LEMMA G-ATOMP-EVAL (REWRITE) (EQUAL (EV 0 (G-ATOMP EXP SYMBOLS) VA (FA) N) (G-ATOMPN (EV 0 EXP VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (TOGGLE G1171 PR-ANDN NIL) (TOGGLE G1172 BOOL-FIX NIL) (PROVE-LEMMA LAZY-PR-ANDN-REDUC (REWRITE) (EQUAL (PR-ANDN (BOOL-FIX F) Y) (BOOL-FIX F))) (PROVE-LEMMA LAZY-PR-ANDN-REDUC2 (REWRITE) (EQUAL (PR-ANDN (BOOL-FIX T) (BOOL-FIX Y)) (BOOL-FIX Y))) (TOGGLE G1173 PR-ANDN T) (TOGGLE G1174 BOOL-FIX T) (PROVE-LEMMA G-ATOMPN-GCODE (REWRITE) (IMPLIES (LESSP (TERMP-CNT (CDR EXP) 1 SYMBOLS) N) (EQUAL (G-ATOMPN (GCODE EXP) (GCODE SYMBOLS) N) (BOOL-FIX (ATOMP EXP SYMBOLS)))) ((DISABLE GCODE LENGTH SYMB-EQUALS))) (TOGGLE G1175 G-ATOMP T) (TOGGLE G1176 G-ATOMPN T) ;;;;;;;Correspondence between G-SUBST, G-SUBSTN, and SUBST. (DEFN G-SUBSTN (EXP VAR TERM FLG N) (IF (OR (BTMP EXP) (BTMP VAR) (BTMP TERM) (BTMP FLG) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN FLG) (PR-IFN (G-VARIABLEN EXP) (PR-IFN (PR-EQUALN EXP VAR) TERM EXP) (PR-IFN (G-TYPEPN EXP 2) (G-F-NOTN (G-SUBSTN (G-ARGN EXP 0 2) VAR TERM (GCODE 0) (SUB1 N))) (PR-IFN (G-TYPEPN EXP 3) (G-F-ORN (G-SUBSTN (G-ARGN EXP 0 3) VAR TERM (GCODE 0) (SUB1 N)) (G-SUBSTN (G-ARGN EXP 1 3) VAR TERM (GCODE 0) (SUB1 N))) (PR-IFN (G-TYPEPN EXP 4) (PR-IFN (PR-EQUALN (G-ARGN EXP 0 4) VAR) EXP (G-FORSOMEN (G-ARGN EXP 0 4) (G-SUBSTN (G-ARGN EXP 1 4) VAR TERM (GCODE 0) (SUB1 N)))) (PR-IFN (G-TYPEPN EXP 1) (G-CONSN (G-CARN EXP) (G-SUBSTN (G-CDRN EXP) VAR TERM (GCODE 1) (SUB1 N))) EXP))))) (PR-IFN (G-TYPEPN EXP 1) (G-CONSN (G-SUBSTN (G-CARN EXP) VAR TERM (GCODE 0) (SUB1 N)) (G-SUBSTN (G-CDRN EXP) VAR TERM (GCODE 1) (SUB1 N))) EXP)))) (TOGGLE G1177 G-SUBST NIL) (TOGGLE G1178 G-SUBST-DEFN NIL) (DEFN G-SUBST-IND (EXP VAR TERM FLG VA N) (IF (ZEROP N) T (AND (G-SUBST-IND (G-ARG 0 (PR-QUOTE 0) 2) 1 2 (PR-QUOTE (GCODE 0)) (EV 1 (LIST EXP VAR TERM FLG) VA (FA) N) (SUB1 N)) (G-SUBST-IND (G-ARG 0 (PR-QUOTE 0) 3) 1 2 (PR-QUOTE (GCODE 0)) (EV 1 (LIST EXP VAR TERM FLG) VA (FA) N) (SUB1 N)) (G-SUBST-IND (G-ARG 0 (PR-QUOTE 1) 3) 1 2 (PR-QUOTE (GCODE 0)) (EV 1 (LIST EXP VAR TERM FLG) VA (FA) N) (SUB1 N)) (G-SUBST-IND (G-ARG 0 (PR-QUOTE 1) 4) 1 2 (PR-QUOTE (GCODE 0)) (EV 1 (LIST EXP VAR TERM FLG) VA (FA) N) (SUB1 N)) (G-SUBST-IND (G-ARG 0 (PR-QUOTE 1) 1) 1 2 (PR-QUOTE (GCODE 1)) (EV 1 (LIST EXP VAR TERM FLG) VA (FA) N) (SUB1 N)) (G-SUBST-IND (G-ARG 0 (PR-QUOTE 0) 1) 1 2 (PR-QUOTE (GCODE 0)) (EV 1 (LIST EXP VAR TERM FLG) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-SUBST-EVAL (REWRITE) (EQUAL (EV 0 (G-SUBST EXP VAR TERM FLG) VA (FA) N) (G-SUBSTN (EV 0 EXP VA (FA) N) (EV 0 VAR VA (FA) N) (EV 0 TERM VA (FA) N) (EV 0 FLG VA (FA) N) N)) ((INDUCT (G-SUBST-IND EXP VAR TERM FLG VA N)))) (DEFN SUBST-IND (EXP VAR TERM FLG N) (IF (ZEROP FLG) (IF (VARIABLE EXP) T (IF (F-NOTP EXP) (SUBST-IND (ARG EXP) VAR TERM 0 (SUB1 N)) (IF (F-ORP EXP) (AND (SUBST-IND (ARG1 EXP) VAR TERM 0 (SUB1 N)) (SUBST-IND (ARG2 EXP) VAR TERM 0 (SUB1 N))) (IF (FORSOMEP EXP) (SUBST-IND (BODY EXP) VAR TERM 0 (SUB1 N)) (IF (LISTP EXP) (SUBST-IND (CDR EXP) VAR TERM 1 (SUB1 N)) T))))) (IF (LISTP EXP) (AND (SUBST-IND (CAR EXP) VAR TERM 0 (SUB1 N)) (SUBST-IND (CDR EXP) VAR TERM 1 (SUB1 N))) T))) (PROVE-LEMMA G-SUBSTN-GCODE (REWRITE) (IMPLIES (LESSP (EXP-COUNT EXP) N) (EQUAL (G-SUBSTN (GCODE EXP) (GCODE VAR) (GCODE TERM) (GCODE FLG) N) (GCODE (SUBST EXP VAR TERM FLG)))) ((DISABLE GCODE) (INDUCT (SUBST-IND EXP VAR TERM FLG N)))) (TOGGLE G1179 G-SUBST T) (TOGGLE G1180 G-SUBSTN T) (TOGGLE G1181 G-SUBST-DEFN T) ;;;;;;;Correspondence between G-SUB, G-SUBN, and SUB. (DEFN G-SUBN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN X 1) (PR-ANDN (G-MEMBN (G-CARN X) Y (SUB1 N)) (G-SUBN (G-CDRN X) Y (SUB1 N))) (BOOL-FIX T)))) (TOGGLE G1182 G-SUB NIL) (TOGGLE G1183 G-SUB-DEFN NIL) (DEFN G-SUB-IND (X Y VA N) (IF (ZEROP N) T (G-SUB-IND (G-CDR 0) 1 (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-SUB-EVAL (REWRITE) (EQUAL (EV 0 (G-SUB X Y) VA (FA) N) (G-SUBN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-SUB-IND X Y VA N)))) (PROVE-LEMMA G-SUBN-GCODE (REWRITE) (IMPLIES (LESSP (PLUS (LENGTH X) (LENGTH Y)) N) (EQUAL (G-SUBN (GCODE X) (GCODE Y) N) (BOOL-FIX (SUB X Y)))) ((INDUCT (APPENDN-IND X Y N)))) (TOGGLE G1184 G-SUB T) (TOGGLE G1185 G-SUBN T) (TOGGLE G1186 G-SUB-DEFN T) ;;;;;;;Correspondence between G-FORMULA, G-FORMULAN, and FORMULA. (DEFN G-FORMULAN (EXP SYMBOLS N) (IF (OR (BTMP EXP) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN EXP 2) (G-FORMULAN (G-ARGN EXP 0 2) SYMBOLS (SUB1 N)) (PR-IFN (G-TYPEPN EXP 3) (PR-ANDN (G-FORMULAN (G-ARGN EXP 0 3) SYMBOLS (SUB1 N)) (G-FORMULAN (G-ARGN EXP 1 3) SYMBOLS (SUB1 N))) (PR-IFN (G-TYPEPN EXP 4) (G-FORMULAN (G-ARGN EXP 1 4) SYMBOLS (SUB1 N)) (G-ATOMPN EXP SYMBOLS (SUB1 N))))))) (TOGGLE G1187 G-FORMULA NIL) (TOGGLE G1188 G-FORMULA-DEFN NIL) (DEFN G-FORMULA-IND (EXP SYMBOLS VA N) (IF (ZEROP N) T (AND (G-FORMULA-IND (G-ARG 0 (PR-QUOTE 0) 2) 1 (EV 1 (LIST EXP SYMBOLS) VA (FA) N) (SUB1 N)) (G-FORMULA-IND (G-ARG 0 (PR-QUOTE 0) 3) 1 (EV 1 (LIST EXP SYMBOLS) VA (FA) N) (SUB1 N)) (G-FORMULA-IND (G-ARG 0 (PR-QUOTE 1) 3) 1 (EV 1 (LIST EXP SYMBOLS) VA (FA) N) (SUB1 N)) (G-FORMULA-IND (G-ARG 0 (PR-QUOTE 1) 4) 1 (EV 1 (LIST EXP SYMBOLS) VA (FA) N) (SUB1 N))))) (TOGGLE G1189 DIFFERENCE-SUB1-N NIL) (TOGGLE G1190 DIFFERENCE-LESSP2 NIL) (TOGGLE G1191 FA NIL) (TOGGLE G1192 GET-SUB1-N-NZEROP NIL) (TOGGLE G1193 DIFFERENCE-LESSP NIL) (PROVE-LEMMA GET-G-FORMULA-DEFN (REWRITE) (EQUAL (GET (SUB1-N 22 11) (FA)) (G-FORMULA-DEFN))) (TOGGLE G1194 DIFFERENCE-SUB1-N T) (TOGGLE G1195 DIFFERENCE-LESSP2 T) (TOGGLE G1196 FA T) (TOGGLE G1197 GET-SUB1-N-NZEROP T) (TOGGLE G1198 DIFFERENCE-LESSP T) (PROVE-LEMMA G-FORMULA-EVAL (REWRITE) (EQUAL (EV 0 (G-FORMULA EXP SYMBOLS) VA (FA) N) (G-FORMULAN (EV 0 EXP VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N)) ((INDUCT (G-FORMULA-IND EXP SYMBOLS VA N)))) (DEFN FORMULA-IND (EXP SYMBOLS N) (IF (ZEROP N) T (IF (F-NOTP EXP) (FORMULA-IND (ARG EXP) SYMBOLS (SUB1 N)) (IF (F-ORP EXP) (AND (FORMULA-IND (ARG1 EXP) SYMBOLS (SUB1 N)) (FORMULA-IND (ARG2 EXP) SYMBOLS (SUB1 N))) (IF (FORSOMEP EXP) (FORMULA-IND (BODY EXP) SYMBOLS (SUB1 N)) T))))) (DEFN FORMULA-CNT (EXP SYMBOLS) (IF (F-NOTP EXP) (ADD1 (FORMULA-CNT (ARG EXP) SYMBOLS)) (IF (F-ORP EXP) (ADD1 (PLUS (FORMULA-CNT (ARG1 EXP) SYMBOLS) (FORMULA-CNT (ARG2 EXP) SYMBOLS))) (IF (FORSOMEP EXP) (ADD1 (FORMULA-CNT (BODY EXP) SYMBOLS)) (ADD1 (TERMP-CNT (CDR EXP) 1 SYMBOLS)))))) (PROVE-LEMMA G-FORMULAN-GCODE (REWRITE) (IMPLIES (LESSP (FORMULA-CNT EXP SYMBOLS) N) (EQUAL (G-FORMULAN (GCODE EXP) (GCODE SYMBOLS) N) (BOOL-FIX (FORMULA EXP SYMBOLS)))) ((DISABLE GCODE ATOMP ATOMP-REDUC) (INDUCT (FORMULA-IND EXP SYMBOLS N)))) (TOGGLE G1199 G-FORMULA T) (TOGGLE G1200 G-FORMULAN T) (TOGGLE G1201 G-FORMULA-DEFN T) (TOGGLE G1202 FORMULA-CNT T) ;;;;;;;Correspondence between G-PAIREQUALS, G-PAIREQUALSN, and PAIREQUALS. (DEFN G-PAIREQUALSN (VARS1 VARS2 EXP N) (IF (OR (BTMP VARS1) (BTMP VARS2) (BTMP EXP) (ZEROP N)) (BTM) (PR-IFN (PR-ANDN (G-TYPEPN VARS1 1) (G-TYPEPN VARS2 1)) (G-F-IMPLIESN (G-F-EQUALN (G-CARN VARS1) (G-CARN VARS2)) (G-PAIREQUALSN (G-CDRN VARS1) (G-CDRN VARS2) EXP (SUB1 N))) EXP))) (TOGGLE G1203 G-PAIREQUALS NIL) (TOGGLE G1204 G-PAIREQUALS-DEFN NIL) (DEFN G-PAIREQUALS-IND (VARS1 VARS2 EXP VA N) (IF (ZEROP N) T (G-PAIREQUALS-IND (G-CDR 0) (G-CDR 1) 2 (EV 1 (LIST VARS1 VARS2 EXP) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-PAIREQUALS-EVAL (REWRITE) (EQUAL (EV 0 (G-PAIREQUALS VARS1 VARS2 EXP) VA (FA) N) (G-PAIREQUALSN (EV 0 VARS1 VA (FA) N) (EV 0 VARS2 VA (FA) N) (EV 0 EXP VA (FA) N) N)) ((INDUCT (G-PAIREQUALS-IND VARS1 VARS2 EXP VA N)))) (TOGGLE G1205 PAIREQUALS-REDUC T) (DEFN PAIREQUALS-IND (VARS1 VARS2 EXP N) (IF (ZEROP N) T (IF (AND (LISTP VARS1) (LISTP VARS2)) (PAIREQUALS-IND (CDR VARS1) (CDR VARS2) EXP (SUB1 N)) T))) (PROVE-LEMMA G-PAIREQUALSN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH VARS1) N) (EQUAL (G-PAIREQUALSN (GCODE VARS1) (GCODE VARS2) (GCODE EXP) N) (GCODE (PAIREQUALS VARS1 VARS2 EXP)))) ((DISABLE GCODE) (INDUCT (PAIREQUALS-IND VARS1 VARS2 EXP N)))) (TOGGLE G1206 G-PAIREQUALS T) (TOGGLE G1207 G-PAIREQUALSN T) (TOGGLE G1208 G-PAIREQUALS-DEFN T) (DEFN G-CADRN (X) (G-CARN (G-CDRN X))) (DEFN G-CADDRN (X) (G-CARN (G-CDRN (G-CDRN X)))) (DEFN G-CADDDRN (X) (G-CARN (G-CDRN (G-CDRN (G-CDRN X))))) ;;;;;;;SUBST-AXIOM correspondence. (DEFN G-SUBST-AXIOM-PROOFN (CONC HINTS SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-ANDN (G-VARIABLEN (G-CADDRN HINTS)) (PR-ANDN (G-TERMPN (G-CADDDRN HINTS) (GCODE 0) SYMBOLS N) (PR-ANDN (G-FREE-FORN (G-CADRN HINTS) (G-CADDRN HINTS) (G-CADDDRN HINTS) (GCODE 0) N) (PR-EQUALN CONC (G-F-IMPLIESN (G-SUBSTN (G-CADRN HINTS) (G-CADDRN HINTS) (G-CADDDRN HINTS) (GCODE 0) N) (G-FORSOMEN (G-CADDRN HINTS) (G-CADRN HINTS))))))))) (DEFN G-DEGREEN (X) (G-FIXN (G-CDRN (G-CDRN X)))) ;;;;;;;Function equality axiom correspondence. (DEFN G-FUN-EQUAL-AXIOM-PROOFN (CONC HINTS SYMBOLS N) (PR-ANDN (G-TERMPN (G-CADDRN HINTS) (GCODE 1) SYMBOLS N) (PR-ANDN (G-TERMPN (G-CADDDRN HINTS) (GCODE 1) SYMBOLS N) (PR-ANDN (G-FUNCTIONN (G-CADRN HINTS)) (PR-ANDN (PR-EQUALN (G-LENGTHN (G-CADDRN HINTS) N) (G-DEGREEN (G-CADRN HINTS))) (PR-ANDN (PR-EQUALN (G-LENGTHN (G-CADDDRN HINTS) N) (G-DEGREEN (G-CADRN HINTS))) (PR-EQUALN CONC (G-PAIREQUALSN (G-CADDRN HINTS) (G-CADDDRN HINTS) (G-F-EQUALN (G-CONSN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-CONSN (G-CADRN HINTS) (G-CADDDRN HINTS))) N)))))))) ;;;;;;;Predicate equality axiom correspondence. (DEFN G-PRED-EQUAL-AXIOM-PROOFN (CONC HINTS SYMBOLS N) (PR-ANDN (G-TERMPN (G-CADDRN HINTS) (GCODE 1) SYMBOLS N) (PR-ANDN (G-TERMPN (G-CADDDRN HINTS) (GCODE 1) SYMBOLS N) (PR-ANDN (G-PREDICATEN (G-CADRN HINTS)) (PR-ANDN (PR-EQUALN (G-LENGTHN (G-CADDRN HINTS) N) (G-DEGREEN (G-CADRN HINTS))) (PR-ANDN (PR-EQUALN (G-LENGTHN (G-CADDDRN HINTS) N) (G-DEGREEN (G-CADRN HINTS))) (PR-EQUALN CONC (G-PAIREQUALSN (G-CADDRN HINTS) (G-CADDDRN HINTS) (G-F-IMPLIESN (G-CONSN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-CONSN (G-CADRN HINTS) (G-CADDDRN HINTS))) N)))))))) ;;;;;;;Correspondence for FOL-AXIOM-PROOF. (DEFN G-FOL-AXIOM-PROOFN (CONC HINTS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 1)) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-EQUALN CONC (G-F-ORN (G-F-NOTN (G-CADRN HINTS)) (G-CADRN HINTS)))) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 2)) (G-SUBST-AXIOM-PROOFN CONC HINTS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 3)) (PR-ANDN (G-TERMPN (G-CADRN HINTS) (GCODE 0) SYMBOLS N) (PR-EQUALN CONC (G-F-EQUALN (G-CADRN HINTS) (G-CADRN HINTS)))) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 4)) (G-FUN-EQUAL-AXIOM-PROOFN CONC HINTS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 5)) (G-PRED-EQUAL-AXIOM-PROOFN CONC HINTS SYMBOLS N) (BOOL-FIX F))))))) (PROVE-LEMMA G-FOL-AXIOM-PROOF-EVAL (REWRITE) (EQUAL (EV 0 (G-FOL-AXIOM-PROOF CONC HINTS SYMBOLS) VA (FA) N) (G-FOL-AXIOM-PROOFN (EV 0 CONC VA (FA) N) (EV 0 HINTS VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (DEFN FOL-AXIOM-CNT (HINTS SYMBOLS) (ADD1 (PLUS (FORMULA-CNT (SECOND HINTS) SYMBOLS) (TERMP-CNT (FOURTH HINTS) 0 SYMBOLS) (EXP-COUNT (SECOND HINTS)) (EXP-COUNT (FOURTH HINTS)) (TERMP-CNT (SECOND HINTS) 0 SYMBOLS) (TERMP-CNT (THIRD HINTS) 1 SYMBOLS) (TERMP-CNT (FOURTH HINTS) 1 SYMBOLS) (LENGTH (THIRD HINTS)) (LENGTH (FOURTH HINTS))))) (TOGGLE G1213 FOL-AXIOM-PROOF NIL) (PROVE-LEMMA G-FOL-AXIOM-PROOFN-GCODE (REWRITE) (IMPLIES (LESSP (FOL-AXIOM-CNT HINTS SYMBOLS) N) (EQUAL (G-FOL-AXIOM-PROOFN (GCODE CONC) (GCODE HINTS) (GCODE SYMBOLS) N) (BOOL-FIX (FOL-AXIOM-PROOF CONC HINTS SYMBOLS)))) ((DISABLE GCODE FREE-FOR))) (TOGGLE G1214 G-FOL-AXIOM-PROOF T) (TOGGLE G1215 G-FOL-AXIOM-PROOFN T) (TOGGLE G1216 FOL-AXIOM-PROOF T) (DEFN G-EXPAN-RULEN (CONC HINTS SUB-GOALS SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CARN SUB-GOALS) SYMBOLS N) (PR-EQUALN CONC (G-F-ORN (G-CADRN HINTS) (G-CARN SUB-GOALS)))))) (DEFN G-CONTRAC-RULEN (CONC HINTS SUB-GOALS SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-ANDN (PR-EQUALN SUB-GOALS (G-CONSN (G-F-ORN (G-CADRN HINTS) (G-CADRN HINTS)) (GCODE NIL))) (PR-EQUALN CONC (G-CADRN HINTS))))) (DEFN G-ASSOC-RULEN (CONC HINTS SUB-GOALS SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADDRN HINTS) SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADDDRN HINTS) SYMBOLS N) (PR-ANDN (PR-EQUALN SUB-GOALS (G-CONSN (G-F-ORN (G-CADRN HINTS) (G-F-ORN (G-CADDRN HINTS) (G-CADDDRN HINTS))) (GCODE NIL))) (PR-EQUALN CONC (G-F-ORN (G-F-ORN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-CADDDRN HINTS)))))))) (DEFN G-CUT-RULEN (CONC HINTS SUB-GOALS SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADDRN HINTS) SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADDDRN HINTS) SYMBOLS N) (PR-ANDN (PR-EQUALN SUB-GOALS (G-CONSN (G-F-ORN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-CONSN (G-F-ORN (G-F-NOTN (G-CADRN HINTS)) (G-CADDDRN HINTS)) (GCODE NIL)))) (PR-EQUALN CONC (G-F-ORN (G-CADDRN HINTS) (G-CADDDRN HINTS)))))))) (DEFN G-FORSOME-INTRO-RULEN (CONC HINTS SUB-GOALS SYMBOLS N) (PR-ANDN (G-VARIABLEN (G-CADRN HINTS)) (PR-ANDN (G-FORMULAN (G-CADDRN HINTS) SYMBOLS N) (PR-ANDN (G-FORMULAN (G-CADDDRN HINTS) SYMBOLS N) (PR-ANDN (PR-NOTN (G-MEMBN (G-CADRN HINTS) (G-COLLECT-FREEN (G-CADDDRN HINTS) (GCODE 0) N) N)) (PR-ANDN (PR-EQUALN SUB-GOALS (G-CONSN (G-F-IMPLIESN (G-CADDRN HINTS) (G-CADDDRN HINTS)) (GCODE NIL))) (PR-EQUALN CONC (G-F-IMPLIESN (G-FORSOMEN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-CADDDRN HINTS))))))))) ;;;;;;;Correspondence for FOL-RULES. (DEFN G-FOL-RULESN (CONC HINTS SUB-GOALS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 1)) (G-EXPAN-RULEN CONC HINTS SUB-GOALS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 2)) (G-CONTRAC-RULEN CONC HINTS SUB-GOALS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 3)) (G-ASSOC-RULEN CONC HINTS SUB-GOALS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 4)) (G-CUT-RULEN CONC HINTS SUB-GOALS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 5)) (G-FORSOME-INTRO-RULEN CONC HINTS SUB-GOALS SYMBOLS N) (BOOL-FIX F))))))) (TOGGLE G1217 G-FOL-RULES NIL) (PROVE-LEMMA G-FOL-RULES-EVAL (REWRITE) (EQUAL (EV 0 (G-FOL-RULES CONC HINTS SUB-GOALS SYMBOLS) VA (FA) N) (G-FOL-RULESN (EV 0 CONC VA (FA) N) (EV 0 HINTS VA (FA) N) (EV 0 SUB-GOALS VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (TOGGLE G1218 G-FOL-RULES T) (TOGGLE G1219 FOL-RULES NIL) (PROVE-LEMMA G-FOL-RULESN-GCODE (REWRITE) (IMPLIES (LESSP (PLUS (FORMULA-CNT (SECOND HINTS) SYMBOLS) (FORMULA-CNT (THIRD HINTS) SYMBOLS) (FORMULA-CNT (FOURTH HINTS) SYMBOLS) (FORMULA-CNT (CAR SUB-GOALS) SYMBOLS) (EXP-COUNT (FOURTH HINTS))) N) (EQUAL (G-FOL-RULESN (GCODE CONC) (GCODE HINTS) (GCODE SUB-GOALS) (GCODE SYMBOLS) N) (BOOL-FIX (FOL-RULES CONC HINTS SUB-GOALS SYMBOLS)))) ((DISABLE GCODE))) (TOGGLE G1220 FOL-RULES T) (TOGGLE G1221 G-FOL-RULES T) (TOGGLE G1222 G-FOL-RULESN T) (DEFN G-ISINN (X Y) (G-CONSN (G-CONSN (GCODE 3) (G-CONSN (GCODE 1) (GCODE 2))) (G-CONSN X (G-CONSN Y (GCODE NIL))))) (DEFN G-PHIN NIL (G-CONSN (G-CONSN (GCODE 2) (G-CONSN (GCODE 0) (GCODE 0))) (GCODE NIL))) (DEFN G-Z-PAIRN (X Y) (G-CONSN (G-CONSN (GCODE 2) (G-CONSN (GCODE 1) (GCODE 2))) (G-CONSN X (G-CONSN Y (GCODE NIL))))) (DEFN G-Z-UNIONN (X Y) (G-CONSN (G-CONSN (GCODE 2) (G-CONSN (GCODE 2) (GCODE 2))) (G-CONSN X (G-CONSN Y (GCODE NIL))))) (DEFN G-Z-INTN (X) (G-CONSN (G-CONSN (GCODE 3) (G-CONSN (GCODE 2) (GCODE 1))) (G-CONSN X (GCODE NIL)))) (DEFN G-Z-SUCCN (X) (G-CONSN (G-CONSN (GCODE 2) (G-CONSN (GCODE 3) (GCODE 1))) (G-CONSN X (GCODE NIL)))) (DEFN G-F-IFFN (X Y) (G-F-ANDN (G-F-IMPLIESN X Y) (G-F-IMPLIESN Y X))) (PROVE-LEMMA G-F-IFF-EVAL (REWRITE) (EQUAL (EV 0 (G-F-IFF X Y) VA FA N) (G-F-IFFN (EV 0 X VA FA N) (EV 0 Y VA FA N)))) (TOGGLE G1223 F-IFF NIL) (PROVE-LEMMA G-F-IFFN-GCODE (REWRITE) (EQUAL (G-F-IFFN (GCODE X) (GCODE Y)) (GCODE (F-IFF X Y))) ((DISABLE GCODE))) (TOGGLE G1224 F-IFF T) (TOGGLE G1225 G-F-IFF T) (TOGGLE G1226 G-F-IFFN T) ;;;;;;;Correspondence for Z2-AXIOMS. (DEFN G-Z2-AXIOMSN (CONC HINTS SYMBOLS N) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 1)) (PR-ANDN (G-VARIABLEN (G-CADDDRN HINTS)) (PR-ANDN (G-TERMPN (G-CADRN HINTS) (GCODE 0) SYMBOLS N) (PR-ANDN (G-TERMPN (G-CADDRN HINTS) (GCODE 0) SYMBOLS N) (PR-ANDN (PR-NOTN (G-MEMBN (G-CADDDRN HINTS) (G-COLLECT-FREEN (G-CADRN HINTS) (GCODE 0) N) N)) (PR-ANDN (PR-NOTN (G-MEMBN (G-CADDDRN HINTS) (G-COLLECT-FREEN (G-CADDRN HINTS) (GCODE 0) N) N)) (PR-EQUALN CONC (G-F-IFFN (G-F-EQUALN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-FORALLN (G-CADDDRN HINTS) (G-F-IFFN (G-ISINN (G-CADDDRN HINTS) (G-CADRN HINTS)) (G-ISINN (G-CADDDRN HINTS) (G-CADDRN HINTS))))))))))) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 2)) (PR-ANDN (G-TERMPN (G-CADRN HINTS) (GCODE 0) SYMBOLS N) (PR-EQUALN CONC (G-F-NOTN (G-ISINN (G-CADRN HINTS) (G-PHIN))))) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 3)) (PR-ANDN (G-TERMPN (G-CONSN (G-CADRN HINTS) (G-CONSN (G-CADDRN HINTS) (G-CONSN (G-CADDDRN HINTS) (GCODE NIL)))) (GCODE 1) SYMBOLS N) (PR-EQUALN CONC (G-F-IFFN (G-ISINN (G-CADDDRN HINTS) (G-Z-PAIRN (G-CADRN HINTS) (G-CADDRN HINTS))) (G-F-ORN (G-F-EQUALN (G-CADDDRN HINTS) (G-CADRN HINTS)) (G-F-EQUALN (G-CADDDRN HINTS) (G-CADDRN HINTS)))))) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 4)) (PR-ANDN (G-TERMPN (G-CONSN (G-CADRN HINTS) (G-CONSN (G-CADDRN HINTS) (G-CONSN (G-CADDDRN HINTS) (GCODE NIL)))) (GCODE 1) SYMBOLS N) (PR-EQUALN CONC (G-F-IFFN (G-ISINN (G-CADDDRN HINTS) (G-Z-UNIONN (G-CADRN HINTS) (G-CADDRN HINTS))) (G-F-ORN (G-ISINN (G-CADDDRN HINTS) (G-CADRN HINTS)) (G-ISINN (G-CADDDRN HINTS) (G-CADDRN HINTS)))))) (PR-IFN (PR-EQUALN (G-CARN HINTS) (GCODE 5)) (PR-ANDN (G-VARIABLEN (G-CADDRN HINTS)) (PR-ANDN (G-FORMULAN (G-CADRN HINTS) SYMBOLS N) (PR-EQUALN CONC (G-F-IMPLIESN (G-F-ANDN (G-SUBSTN (G-CADRN HINTS) (G-CADDRN HINTS) (G-PHIN) (GCODE 0) N) (G-FORALLN (G-CADDRN HINTS) (G-F-IMPLIESN (G-F-ANDN (G-Z-INTN (G-CADDRN HINTS)) (G-CADRN HINTS)) (G-SUBSTN (G-CADRN HINTS) (G-CADDRN HINTS) (G-Z-SUCCN (G-CADDRN HINTS)) (GCODE 0) N)))) (G-FORALLN (G-CADDRN HINTS) (G-F-IMPLIESN (G-Z-INTN (G-CADDRN HINTS)) (G-CADRN HINTS))))))) (BOOL-FIX F))))))) (TOGGLE G1238 G-Z2-AXIOMS NIL) (PROVE-LEMMA G-Z2-AXIOMS-EVAL (REWRITE) (EQUAL (EV 0 (G-Z2-AXIOMS CONC HINTS SYMBOLS) VA (FA) N) (G-Z2-AXIOMSN (EV 0 CONC VA (FA) N) (EV 0 HINTS VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (TOGGLE G1239 P NIL) (TOGGLE G1240 FN NIL) (TOGGLE G1241 ISIN NIL) (TOGGLE G1242 PHI NIL) (TOGGLE G1243 Z-PAIR NIL) (TOGGLE G1244 Z-UNION NIL) (TOGGLE G1245 Z-INT NIL) (TOGGLE G1246 Z-SUCC NIL) (TOGGLE G1247 G-Z2-AXIOMS T) (DEFN Z2-AXIOMS-CNT (HINTS SYMBOLS) (PLUS (TERMP-CNT (SECOND HINTS) 0 SYMBOLS) (TERMP-CNT (THIRD HINTS) 0 SYMBOLS) (EXP-COUNT (SECOND HINTS)) (EXP-COUNT (THIRD HINTS)) (TERMP-CNT (LIST (SECOND HINTS) (THIRD HINTS) (FOURTH HINTS)) 1 SYMBOLS) (FORMULA-CNT (SECOND HINTS) SYMBOLS))) (PROVE-LEMMA G-Z2-AXIOMSN-GCODE (REWRITE) (IMPLIES (LESSP (PLUS (TERMP-CNT (SECOND HINTS) 0 SYMBOLS) (TERMP-CNT (THIRD HINTS) 0 SYMBOLS) (EXP-COUNT (SECOND HINTS)) (EXP-COUNT (THIRD HINTS)) (TERMP-CNT (LIST (SECOND HINTS) (THIRD HINTS) (FOURTH HINTS)) 1 SYMBOLS) (FORMULA-CNT (SECOND HINTS) SYMBOLS)) N) (EQUAL (G-Z2-AXIOMSN (GCODE CONC) (GCODE HINTS) (GCODE SYMBOLS) N) (BOOL-FIX (Z2-AXIOMS CONC HINTS SYMBOLS)))) ((DISABLE GCODE))) (TOGGLE G1248 FN T) (TOGGLE G1249 ISIN T) (TOGGLE G1250 PHI T) (TOGGLE G1251 Z-PAIR T) (TOGGLE G1252 Z-UNION T) (TOGGLE G1253 Z-INT T) (TOGGLE G1254 Z-SUCC T) (TOGGLE G1255 G-Z2-AXIOMS T) (TOGGLE G1256 G-Z2-AXIOMSN T) (TOGGLE G1257 Z2-AXIOMS T) ;;;;;;;Correspondence for SET. (DEFN G-SETN (X N) (IF (OR (BTMP X) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN X 1) (PR-ANDN (PR-NOTN (G-MEMBN (G-CARN X) (G-CDRN X) (SUB1 N))) (G-SETN (G-CDRN X) (SUB1 N))) (BOOL-FIX T)))) (TOGGLE G1258 G-SET NIL) (TOGGLE G1259 G-SET-DEFN NIL) (DEFN G-SET-IND (X VA N) (IF (ZEROP N) T (G-SET-IND (G-CDR 0) (EV 1 (LIST X) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-SET-EVAL (REWRITE) (EQUAL (EV 0 (G-SET X) VA (FA) N) (G-SETN (EV 0 X VA (FA) N) N)) ((INDUCT (G-SET-IND X VA N)))) (PROVE-LEMMA G-SETN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH X) N) (EQUAL (G-SETN (GCODE X) N) (BOOL-FIX (SET X)))) ((DISABLE GCODE) (INDUCT (APPENDN-IND X Y N)))) (TOGGLE G1260 G-SET T) (TOGGLE G1261 G-SETN T) (TOGGLE G1262 G-SET-DEFN T) ;;;;;;;Correspondence for ASSOC. (DEFN G-ASSOCN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN Y 1) (PR-IFN (PR-EQUALN (G-CARN (G-CARN Y)) X) (G-CDRN (G-CARN Y)) (G-ASSOCN X (G-CDRN Y) (SUB1 N))) (GCODE 0)))) (TOGGLE G1265 G-ASSOC-DEFN NIL) (DEFN G-ASSOC-IND (X Y VA N) (IF (ZEROP N) T (G-ASSOC-IND 0 (G-CDR 1) (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-ASSOC-EVAL (REWRITE) (EQUAL (EV 0 (G-ASSOC X Y) VA (FA) N) (G-ASSOCN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-ASSOC-IND X Y VA N)))) (PROVE-LEMMA G-ASSOCN-GCODE (REWRITE) (IMPLIES (LESSP (LENGTH Y) N) (EQUAL (G-ASSOCN (GCODE X) (GCODE Y) N) (GCODE (ASSOC X Y)))) ((INDUCT (APPENDN-IND Y X N)))) (TOGGLE G1266 G-ASSOC T) (TOGGLE G1267 G-ASSOCN T) (TOGGLE G1268 G-ASSOC-DEFN T) ;;;;;;;Correspondence for CONC. (DEFN G-CONCN (PF FLG N) (IF (OR (BTMP PF) (BTMP FLG) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN FLG) (G-CADDRN PF) (PR-IFN (G-TYPEPN PF 1) (G-CONSN (G-CONCN (G-CARN PF) (GCODE 0) (SUB1 N)) (G-CONCN (G-CDRN PF) (GCODE 1) (SUB1 N))) (GCODE NIL))))) (TOGGLE G1269 G-CONC NIL) (TOGGLE G1270 G-CONC-DEFN NIL) (DEFN G-CONC-IND (PF FLG VA N) (IF (ZEROP N) T (AND (G-CONC-IND (G-CAR 0) (PR-QUOTE 0) (EV 1 (LIST PF FLG) VA (FA) N) (SUB1 N)) (G-CONC-IND (G-CDR 0) (PR-QUOTE 1) (EV 1 (LIST PF FLG) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-CONC-EVAL (REWRITE) (EQUAL (EV 0 (G-CONC PF FLG) VA (FA) N) (G-CONCN (EV 0 PF VA (FA) N) (EV 0 FLG VA (FA) N) N)) ((INDUCT (G-CONC-IND PF FLG VA N)))) (DEFN CONC-IND (PF FLG N) (IF (ZEROP N) T (IF (ZEROP FLG) T (AND (CONC-IND (CAR PF) 0 (SUB1 N)) (CONC-IND (CDR PF) 1 (SUB1 N)))))) (PROVE-LEMMA G-CONCN-GCODE (REWRITE) (IMPLIES (LESSP (EXP-COUNT PF) N) (EQUAL (G-CONCN (GCODE PF) (GCODE FLG) N) (GCODE (CONC PF FLG)))) ((DISABLE GCODE) (INDUCT (CONC-IND PF FLG N)))) (TOGGLE G1271 G-CONC T) (TOGGLE G1272 G-CONCN T) (TOGGLE G1273 G-CONC-DEFN T) ;;;;;;;Correspondence for REST-OF. (DEFN G-REST-OFN (SYM SYMBOLS N) (IF (OR (BTMP SYM) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-TYPEPN SYMBOLS 1) (PR-IFN (PR-ANDN (PR-EQUALN (G-CARN SYMBOLS) SYM) (PR-NOTN (G-MEMBN SYM (G-CDRN SYMBOLS) (SUB1 N)))) (G-CDRN SYMBOLS) (G-REST-OFN SYM (G-CDRN SYMBOLS) (SUB1 N))) (GCODE NIL)))) (TOGGLE G1274 G-REST-OF NIL) (TOGGLE G1275 G-REST-OF-DEFN NIL) (DEFN G-REST-OF-IND (SYM SYMBOLS VA N) (IF (ZEROP N) T (G-REST-OF-IND 0 (G-CDR 1) (EV 1 (LIST SYM SYMBOLS) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-REST-OF-EVAL (REWRITE) (EQUAL (EV 0 (G-REST-OF SYM SYMBOLS) VA (FA) N) (G-REST-OFN (EV 0 SYM VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N)) ((INDUCT (G-REST-OF-IND SYM SYMBOLS VA N)))) (TOGGLE G1276 REST-OF NIL) (PROVE-LEMMA G-REST-OFN-GCODE (REWRITE) (IMPLIES (LESSP (ADD1 (LENGTH SYMBOLS)) N) (EQUAL (G-REST-OFN (GCODE SYM) (GCODE SYMBOLS) N) (GCODE (REST-OF SYM SYMBOLS)))) ((DISABLE GCODE) (INDUCT (APPENDN-IND SYMBOLS SYM N)))) (TOGGLE G1277 REST-OF T) (TOGGLE G1278 G-REST-OF T) (TOGGLE G1279 G-REST-OFN T) (TOGGLE G1280 G-REST-OF-DEFN T) (TOGGLE G1281 G-SYMB-DEFN-PROOF NIL) ;;;;;;;Correspondence for SYMB-DEFN-PROOF. (DEFN G-SYMB-DEFN-PROOFN (CONC HINTS SUB-GOALS DEFN SYMBOLS N) (PR-IFN (G-PREDICATEN (G-CARN (G-CARN HINTS))) (PR-ANDN (G-SETN (G-CDRN (G-CARN HINTS)) N) (PR-ANDN (G-VAR-LISTN (G-CDRN (G-CARN HINTS)) (G-DEGREEN (G-CARN (G-CARN HINTS))) N) (PR-ANDN (PR-EQUALN CONC (G-F-IFFN (G-CARN HINTS) DEFN)) (PR-ANDN (G-SUBN (G-COLLECT-FREEN DEFN (GCODE 0) N) (G-CDRN (G-CARN HINTS)) N) (G-FORMULAN DEFN (G-REST-OFN (G-CARN (G-CARN HINTS)) SYMBOLS N) N))))) (PR-IFN (G-FUNCTIONN (G-CARN (G-CARN HINTS))) (PR-ANDN (G-SETN (G-CONSN (G-CADDDRN HINTS) (G-CONSN (G-CADRN HINTS) (G-CDRN (G-CARN HINTS)))) N) (PR-ANDN (G-VAR-LISTN (G-CDRN (G-CARN HINTS)) (G-DEGREEN (G-CARN (G-CARN HINTS))) N) (PR-ANDN (G-VARIABLEN (G-CADRN HINTS)) (PR-ANDN (G-VARIABLEN (G-CADDDRN HINTS)) (PR-ANDN (G-FORMULAN (G-CADDRN HINTS) (G-REST-OFN (G-CARN (G-CARN HINTS)) SYMBOLS N) N) (PR-ANDN (G-SUBN (G-COLLECT-FREEN (G-CADDRN HINTS) (GCODE 0) N) (G-CONSN (G-CADRN HINTS) (G-CDRN (G-CARN HINTS))) N) (PR-ANDN (G-FREE-FORN (G-CADDRN HINTS) (G-CADRN HINTS) (G-CARN HINTS) (GCODE 0) N) (PR-ANDN (G-FREE-FORN (G-CADDRN HINTS) (G-CADRN HINTS) (G-CADDDRN HINTS) (GCODE 0) N) (PR-ANDN (PR-EQUALN CONC (G-SUBSTN (G-CADDRN HINTS) (G-CADRN HINTS) (G-CARN HINTS) (GCODE 0) N)) (PR-ANDN (PR-EQUALN CONC DEFN) (PR-EQUALN SUB-GOALS (G-CONSN (G-FORSOMEN (G-CADRN HINTS) (G-CADDRN HINTS)) (G-CONSN (G-F-IMPLIESN (G-F-ANDN (G-CADDRN HINTS) (G-SUBSTN (G-CADDRN HINTS) (G-CADRN HINTS) (G-CADDDRN HINTS) (GCODE 0) N)) (G-F-EQUALN (G-CADRN HINTS) (G-CADDDRN HINTS))) (GCODE NIL)))))))))))))) (BOOL-FIX F)))) (PROVE-LEMMA G-SYMB-DEFN-PROOF-EVAL (REWRITE) (EQUAL (EV 0 (G-SYMB-DEFN-PROOF CONC HINTS SUB-GOALS DEFN SYMBOLS) VA (FA) N) (G-SYMB-DEFN-PROOFN (EV 0 CONC VA (FA) N) (EV 0 HINTS VA (FA) N) (EV 0 SUB-GOALS VA (FA) N) (EV 0 DEFN VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (PROVE-LEMMA LAZY-PR-ANDN-REDUC3 (REWRITE) (EQUAL (PR-ANDN (BOOL-FIX X) (BOOL-FIX F)) (BOOL-FIX F))) (DEFN G-SYMB-COUNT (HINTS DEFN SYMBOLS) (IF (PREDICATE (CAAR HINTS)) (PLUS (LENGTH (CDAR HINTS)) (CDDAAR HINTS) (EXP-COUNT DEFN) (ADD1 (LENGTH SYMBOLS)) (FORMULA-CNT DEFN (REST-OF (CAAR HINTS) SYMBOLS))) (PLUS (LENGTH (CONS (FOURTH HINTS) (CONS (SECOND HINTS) (CDAR HINTS)))) (ADD1 (LENGTH SYMBOLS)) (FORMULA-CNT (THIRD HINTS) (REST-OF (CAAR HINTS) SYMBOLS)) (CDDAAR HINTS) (ADD1 (EXP-COUNT (THIRD HINTS))) (ADD1 (EXP-COUNT (SECOND HINTS))) (ADD1 (EXP-COUNT (CAR HINTS))) (ADD1 (EXP-COUNT (FOURTH HINTS)))))) (PROVE-LEMMA G-SYMB-DEFN-PROOFN-GCODE (REWRITE) (IMPLIES (LESSP (G-SYMB-COUNT HINTS DEFN SYMBOLS) N) (EQUAL (G-SYMB-DEFN-PROOFN (GCODE CONC) (GCODE HINTS) (GCODE SUB-GOALS) (GCODE DEFN) (GCODE SYMBOLS) N) (BOOL-FIX (SYMB-DEFN-PROOF CONC HINTS SUB-GOALS DEFN SYMBOLS)))) ((DISABLE GCODE))) (TOGGLE G1290 SYMB-DEFN-PROOF T) (TOGGLE G1291 G-SYMB-DEFN-PROOF T) (TOGGLE G1292 G-SYMB-DEFN-PROOFN T) ;;;;;;;Correspondence for PRF. (DEFN G-PRFN (PF GIVEN DEFNS FLG SYMBOLS N) (IF (OR (ZEROP N) (BTMP PF) (BTMP GIVEN) (BTMP DEFNS) (BTMP FLG) (BTMP SYMBOLS)) (BTM) (PR-IFN (PR-ZEROPN FLG) (PR-IFN (G-TYPEPN PF 1) (PR-IFN (PR-NOTN (G-FORMULAN (G-CONCN PF (GCODE 0) (SUB1 N)) SYMBOLS (SUB1 N))) (BOOL-FIX F) (PR-IFN (PR-EQUALN (G-CARN PF) (GCODE 1)) (G-FOL-AXIOM-PROOFN (G-CONCN PF (GCODE 0) (SUB1 N)) (G-CADRN PF) SYMBOLS (SUB1 N)) (PR-IFN (PR-EQUALN (G-CARN PF) (GCODE 2)) (PR-ANDN (G-FOL-RULESN (G-CONCN PF (GCODE 0) (SUB1 N)) (G-CADRN PF) (G-CONCN (G-CADDDRN PF) (GCODE 1) (SUB1 N)) SYMBOLS (SUB1 N)) (G-PRFN (G-CADDDRN PF) GIVEN DEFNS (GCODE 1) SYMBOLS (SUB1 N))) (PR-IFN (PR-EQUALN (G-CARN PF) (GCODE 3)) (G-Z2-AXIOMSN (G-CONCN PF (GCODE 0) (SUB1 N)) (G-CADRN PF) SYMBOLS (SUB1 N)) (PR-IFN (PR-EQUALN (G-CARN PF) (GCODE 4)) (PR-ANDN (G-SYMB-DEFN-PROOFN (G-CONCN PF (GCODE 0) (SUB1 N)) (G-CADRN PF) (G-CONCN (G-CADDDRN PF) (GCODE 1) (SUB1 N)) (G-ASSOCN (G-CARN (G-CARN (G-CADRN PF))) DEFNS (SUB1 N)) SYMBOLS (SUB1 N)) (PR-IFN (G-FUNCTIONN (G-CARN (G-CARN (G-CADRN PF)))) (G-PRFN (G-CADDDRN PF) GIVEN DEFNS (GCODE 1) (G-REST-OFN (G-CARN (G-CARN (G-CADRN PF))) SYMBOLS (SUB1 N)) (SUB1 N)) (BOOL-FIX T))) (PR-IFN (PR-EQUALN (G-CARN PF) (GCODE 5)) (G-MEMBN (G-CONCN PF (GCODE 0) (SUB1 N)) GIVEN (SUB1 N)) (BOOL-FIX F))))))) (BOOL-FIX F)) (PR-IFN (G-TYPEPN PF 1) (PR-ANDN (G-PRFN (G-CARN PF) GIVEN DEFNS (GCODE 0) SYMBOLS (SUB1 N)) (G-PRFN (G-CDRN PF) GIVEN DEFNS (GCODE 1) SYMBOLS (SUB1 N))) (BOOL-FIX T))))) (TOGGLE G1293 G-PRF-DEFN NIL) (DEFN G-PRF-IND (PF GIVEN DEFNS FLG SYMBOLS VA N) (IF (ZEROP N) T (AND (G-PRF-IND (G-CADDDR 0) 1 2 (PR-QUOTE 1) 4 (EV 1 (LIST PF GIVEN DEFNS FLG SYMBOLS) VA (FA) N) (SUB1 N)) (G-PRF-IND (G-CADDDR 0) 1 2 (PR-QUOTE 1) (G-REST-OF (G-CAR (G-CAR (G-CADR 0))) 4) (EV 1 (LIST PF GIVEN DEFNS FLG SYMBOLS) VA (FA) N) (SUB1 N)) (G-PRF-IND (G-CAR 0) 1 2 (PR-QUOTE 0) 4 (EV 1 (LIST PF GIVEN DEFNS FLG SYMBOLS) VA (FA) N) (SUB1 N)) (G-PRF-IND (G-CDR 0) 1 2 (PR-QUOTE 1) 4 (EV 1 (LIST PF GIVEN DEFNS FLG SYMBOLS) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-PRF-EVAL (REWRITE) (EQUAL (EV 0 (G-PRF PF GIVEN DEFNS FLG SYMBOLS) VA (FA) N) (G-PRFN (EV 0 PF VA (FA) N) (EV 0 GIVEN VA (FA) N) (EV 0 DEFNS VA (FA) N) (EV 0 FLG VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N)) ((INDUCT (G-PRF-IND PF GIVEN DEFNS FLG SYMBOLS VA N)))) (TOGGLE G1294 PRF NIL) (TOGGLE G1296 FOL-AXIOM-CNT T) (TOGGLE G1297 FOL-AXIOM-CNT T) (DEFN FOL-RULES-CNT (HINTS SUB-GOALS SYMBOLS) (PLUS (FORMULA-CNT (SECOND HINTS) SYMBOLS) (FORMULA-CNT (THIRD HINTS) SYMBOLS) (FORMULA-CNT (FOURTH HINTS) SYMBOLS) (FORMULA-CNT (CAR SUB-GOALS) SYMBOLS) (EXP-COUNT (FOURTH HINTS)))) (PROVE-LEMMA G-FOL-RULESN-GCODE1 (REWRITE) (IMPLIES (LESSP (FOL-RULES-CNT HINTS SUB-GOALS SYMBOLS) N) (EQUAL (G-FOL-RULESN (GCODE CONC) (GCODE HINTS) (GCODE SUB-GOALS) (GCODE SYMBOLS) N) (BOOL-FIX (FOL-RULES CONC HINTS SUB-GOALS SYMBOLS)))) ((DISABLE GCODE))) (DEFN PRF-CNT-PART (PF SYMBOLS) (PLUS (ADD1 (FORMULA-CNT (CONC PF 0) SYMBOLS)) (ADD1 (EXP-COUNT PF)))) (TOGGLE G1298 FOL-RULES-CNT T) (DEFN PRF-IND (PF GIVEN DEFNS FLG SYMBOLS N) (IF (ZEROP N) T (IF (ZEROP FLG) (IF (LISTP PF) (IF (NOT (FORMULA (CONC PF 0) SYMBOLS)) T (IF (EQUAL (CAR PF) 1) T (IF (EQUAL (CAR PF) 2) (PRF-IND (CADDDR PF) GIVEN DEFNS 1 SYMBOLS (SUB1 N)) (IF (EQUAL (CAR PF) 3) T (IF (EQUAL (CAR PF) 4) (PRF-IND (CADDDR PF) GIVEN DEFNS 1 (REST-OF (CAAR (CADR PF)) SYMBOLS) (SUB1 N)) T))))) T) (IF (LISTP PF) (AND (PRF-IND (CAR PF) GIVEN DEFNS 0 SYMBOLS (SUB1 N)) (PRF-IND (CDR PF) GIVEN DEFNS 1 SYMBOLS (SUB1 N))) T)))) (TOGGLE G1299 G-SYMB-COUNT T) (PROVE-LEMMA G-Z2-AXIOMSN-GCODE1 (REWRITE) (IMPLIES (LESSP (Z2-AXIOMS-CNT HINTS SYMBOLS) N) (EQUAL (G-Z2-AXIOMSN (GCODE CONC) (GCODE HINTS) (GCODE SYMBOLS) N) (BOOL-FIX (Z2-AXIOMS CONC HINTS SYMBOLS)))) ((DISABLE GCODE))) (TOGGLE G1300 Z2-AXIOMS-CNT T) (TOGGLE G1301 G-Z2-AXIOMSN-GCODE T) (TOGGLE G1302 G-FOL-RULESN-GCODE T) (DEFN PRF-CNT (PF GIVEN DEFNS FLG SYMBOLS) (IF (ZEROP FLG) (IF (LISTP PF) (IF (NOT (FORMULA (CONC PF 0) SYMBOLS)) (PRF-CNT-PART PF SYMBOLS) (IF (EQUAL (CAR PF) 1) (PLUS (ADD1 (FOL-AXIOM-CNT (SECOND PF) SYMBOLS)) (PRF-CNT-PART PF SYMBOLS)) (IF (EQUAL (CAR PF) 2) (PLUS (PRF-CNT-PART PF SYMBOLS) (ADD1 (FOL-RULES-CNT (SECOND PF) (CONC (CADDDR PF) 1) SYMBOLS)) (ADD1 (PRF-CNT (CADDDR PF) GIVEN DEFNS 1 SYMBOLS))) (IF (EQUAL (CAR PF) 3) (PLUS (PRF-CNT-PART PF SYMBOLS) (ADD1 (Z2-AXIOMS-CNT (SECOND PF) SYMBOLS))) (IF (EQUAL (CAR PF) 4) (PLUS (PRF-CNT-PART PF SYMBOLS) (ADD1 (G-SYMB-COUNT (SECOND PF) (ASSOC (CAAR (CADR PF)) DEFNS) SYMBOLS)) (ADD1 (ADD1 (LENGTH SYMBOLS))) (ADD1 (LENGTH DEFNS)) (ADD1 (EXP-COUNT (FOURTH PF))) (ADD1 (PRF-CNT (CADDDR PF) GIVEN DEFNS 1 (REST-OF (CAAR (CADR PF)) SYMBOLS)))) (PLUS (PRF-CNT-PART PF SYMBOLS) (ADD1 (LENGTH GIVEN)))))))) (PRF-CNT-PART PF SYMBOLS)) (IF (LISTP PF) (ADD1 (PLUS (ADD1 (PRF-CNT (CAR PF) GIVEN DEFNS 0 SYMBOLS)) (ADD1 (PRF-CNT (CDR PF) GIVEN DEFNS 1 SYMBOLS)))) (PRF-CNT-PART PF SYMBOLS)))) (PROVE-LEMMA G-PRFN-GCODE (REWRITE) (IMPLIES (LESSP (PRF-CNT PF GIVEN DEFNS FLG SYMBOLS) N) (EQUAL (G-PRFN (GCODE PF) (GCODE GIVEN) (GCODE DEFNS) (GCODE FLG) (GCODE SYMBOLS) N) (BOOL-FIX (PRF PF GIVEN DEFNS FLG SYMBOLS)))) ((DISABLE GCODE) (INDUCT (PRF-IND PF GIVEN DEFNS FLG SYMBOLS N)))) (TOGGLE G1303 G-PRF T) (TOGGLE G1304 G-PRFN T) (TOGGLE G1305 G-PRF-DEFN T) (TOGGLE G1306 PRF-CNT T) (TOGGLE G1307 PRF T) ;;;;;;;Correspondence for PROVES. (DEFN G-PROVESN (PF EXP GIVEN DEFNS SYMBOLS N) (PR-ANDN (PR-EQUALN (G-CONCN PF (GCODE 0) N) EXP) (PR-ANDN (G-FORMULAN EXP SYMBOLS N) (G-PRFN PF GIVEN DEFNS (GCODE 0) SYMBOLS N)))) (TOGGLE G1308 G-PROVES NIL) (PROVE-LEMMA G-PROVES-EVAL (REWRITE) (EQUAL (EV 0 (G-PROVES PF EXP GIVEN DEFNS SYMBOLS) VA (FA) N) (G-PROVESN (EV 0 PF VA (FA) N) (EV 0 EXP VA (FA) N) (EV 0 GIVEN VA (FA) N) (EV 0 DEFNS VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (TOGGLE G1309 PROVES NIL) (PROVE-LEMMA G-PROVESN-GCODE (REWRITE) (IMPLIES (LESSP (PLUS (EXP-COUNT PF) (FORMULA-CNT EXP SYMBOLS) (PRF-CNT PF GIVEN DEFNS 0 SYMBOLS)) N) (EQUAL (G-PROVESN (GCODE PF) (GCODE EXP) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX (PROVES PF EXP GIVEN DEFNS SYMBOLS)))) ((DISABLE GCODE))) (TOGGLE G1310 PROVES T) (TOGGLE G1311 G-PROVES T) (TOGGLE G1312 G-PROVESN T) ;;;;;;;Correspondence for NUMERAL. (DEFN G-NUMERALN (X N) (IF (OR (BTMP X) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN X) (G-PHIN) (G-Z-SUCCN (G-NUMERALN (PR-SUB1N X) (SUB1 N)))))) (TOGGLE G1313 G-NUMERAL-DEFN NIL) (DEFN G-NUMERAL-IND (X VA N) (IF (ZEROP N) T (G-NUMERAL-IND (PR-SUB1 0) (EV 1 (LIST X) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-NUMERAL-EVAL (REWRITE) (EQUAL (EV 0 (G-NUMERAL X) VA (FA) N) (G-NUMERALN (EV 0 X VA (FA) N) N)) ((INDUCT (G-NUMERAL-IND X VA N)))) (DEFN NUMERAL-IND (X N) (IF (ZEROP N) T (IF (ZEROP X) T (NUMERAL-IND (SUB1 X) (SUB1 N))))) (TOGGLE G1314 PHI NIL) (TOGGLE G1315 Z-SUCC NIL) (TOGGLE G1316 FN NIL) (PROVE-LEMMA G-NUMERALN-GCODE (REWRITE) (IMPLIES (LESSP X N) (EQUAL (G-NUMERALN (GCODE X) N) (GCODE (NUMERAL X)))) ((DISABLE GCODE) (INDUCT (NUMERAL-IND X N)))) (TOGGLE G1317 PHI T) (TOGGLE G1318 Z-SUCC T) (TOGGLE G1319 G-NUMERAL T) (TOGGLE G1320 G-NUMERALN T) (TOGGLE G1321 G-NUMERAL-DEFN T) (DEFN G-Z-SINGN (X) (G-Z-PAIRN X X)) (DEFN G-Z-OPAIRN (X Y) (G-Z-PAIRN (G-Z-SINGN X) (G-Z-PAIRN X Y))) (PROVE-LEMMA A-EV-GOOD-PROOF-PROVES-AGAIN (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (VARIABLE TRACE) (NOT (MEMBER TRACE (LIST 6 7 8 9 10 11 12 15 16))) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (F-IMPLIES (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) 10 TRACE) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N)))))) (PROVES (A-EV-GOOD-PROOF FLG EXP VA FA N TRACE) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-LIST NCODE-EQUAL NIL-INTERSECT PROVES-IS-FORMULA-AGAIN SUBSET EV-HYPS) (USE (A-EV-GOOD-PROOF-PROVES)))) (DEFN A-EV1 (FLG-BAR EXP-BAR VA-BAR FA-BAR VAL-BAR) (FORSOME 1 (A-EV FLG-BAR EXP-BAR VA-BAR FA-BAR VAL-BAR 1))) (TOGGLE G1323 A-EV T) (DEFN A-EV1-OK-PROOF (FLG EXP VA FA N) (EG-PROOF (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE (EV FLG EXP VA FA N)) 1) (LIST 1) (LIST (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))) (A-EV-OK-PROOF FLG EXP VA FA N))) (PROVE-LEMMA FORMULA-A-EV-DEFN-AGAIN (REWRITE) (IMPLIES (AND (VARIABLE TRACE) (EV-HYPS GIVEN DEFNS SYMBOLS)) (FORMULA (A-EV-DEFN TRACE) SYMBOLS)) ((DISABLE Z-APPLY-SUBR-ALL-HYPS))) (TOGGLE G1324 A-EV-DEFN-PART1 NIL) (PROVE-LEMMA PARALLEL-SUBST-TRACE-A-EV-DEFN-PART1 (REWRITE) (EQUAL (PARALLEL-SUBST (A-EV-DEFN-PART1 6 7 8 9 10 1) (LIST 1) (LIST TRACE) 0) (A-EV-DEFN-PART1 6 7 8 9 10 TRACE))) (TOGGLE G1325 A-EV-DEFN-PART1 T) (TOGGLE G1326 A-EV-DEFN NIL) (PROVE-LEMMA PARALLEL-SUBST-TRACE-A-EV-DEFN (REWRITE) (EQUAL (PARALLEL-SUBST (A-EV-DEFN 1) (LIST 1) (LIST TRACE) 0) (A-EV-DEFN TRACE))) (PROVE-LEMMA A-EV1-OK-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (A-EV1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE (EV FLG EXP VA FA N))))) (PROVES (A-EV1-OK-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-APPLY-SUBR-ALL-HYPS EV EV-HYPS) (USE (PROVES-IS-FORMULA (PF (A-EV-OK-PROOF FLG EXP VA FA N)) (EXP (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE (EV FLG EXP VA FA N)) (GRAPH-TRANS (EV-GRAPH FLG EXP VA FA N))))) (FORMULA-A-EV-DEFN-AGAIN (TRACE 1))))) (DEFN A-EV1-GOOD-PROOF (FLG EXP VA FA N) (FORSOME-INTRO-PROOF 1 (A-EV (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) 10 1) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N))) (A-EV-GOOD-PROOF FLG EXP VA FA N 1))) (PROVE-LEMMA A-EV1-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (EQUAL CONCL (F-IMPLIES (A-EV1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) 10) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N)))))) (PROVES (A-EV1-GOOD-PROOF FLG EXP VA FA N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE A-EV EV-HYPS EV))) (TOGGLE G1327 A-EV1-OK-PROOF T) (TOGGLE G1328 A-EV1-GOOD-PROOF T) (TOGGLE G1329 FREE-FOR T) (DEFN A-EV1-NOT-GOOD-PROOF (FLG EXP VA FA N VAL) (TAUTCONSEQ-PROOF (LIST (F-NOT (F-EQUAL (NCODE VAL) (NCODE (EV FLG EXP VA FA N)))) (F-IMPLIES (A-EV1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE VAL)) (F-EQUAL (NCODE VAL) (NCODE (EV FLG EXP VA FA N))))) (F-NOT (A-EV1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE VAL))) (LIST (NCODE-NEQUAL-PROOF VAL (EV FLG EXP VA FA N)) (SUBST-RULE-PROOF (F-IMPLIES (A-EV1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) 10) (F-EQUAL 10 (NCODE (EV FLG EXP VA FA N)))) 10 (NCODE VAL) (A-EV1-GOOD-PROOF FLG EXP VA FA N))))) (PROVE-LEMMA A-EV1-NOT-GOOD-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (NOT (BTMP (EV FLG EXP VA FA N))) (NOT (NCODE-EQUAL VAL (EV FLG EXP VA FA N))) (EQUAL CONCL (F-NOT (A-EV1 (NCODE FLG) (NCODE EXP) (NCODE VA) (NCODE FA) (NCODE VAL))))) (PROVES (A-EV1-NOT-GOOD-PROOF FLG EXP VA FA N VAL) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE Z-SUBRP-HYPS EV))) (DEFN A-EV2 (FLG EXP FA VAL) (FORSOME 1 (F-AND (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR 7 (NCODE (GCODE NIL)))) (NCODE FA))) 1) (A-EV-DEFN 1)))) (PROVE-LEMMA REPLACE-VA-A-EV2 (REWRITE) (EQUAL (SUBST (SUBST (A-EV2 FLG EXP FA VAL) 7 (NCODE VA2) 0) 6 (NCODE VA1) 0) (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR (NCODE VA1) (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)))) (PROVE-LEMMA REPLACE-VA-FORALL-A-EV2 (REWRITE) (EQUAL (SUBST (FORALL 6 (A-EV2 FLG EXP FA VAL)) 7 (NCODE VA2) 0) (FORALL 6 (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL))))) (PROVE-LEMMA REPLACE-VA1-A-EV2 (REWRITE) (EQUAL (SUBST (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)) 6 (NCODE VA1) 0) (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR (NCODE VA1) (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)))) (TOGGLE G1330 A-EV1 T) (TOGGLE G1331 A-EV-DEFN T) (TOGGLE G1332 A-EV T) (DEFN A-EV2-INST-PROOF (FLG EXP FA VAL VA1 VA2 PF) (SUBST-RULE-PROOF (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)) 6 (NCODE VA1) (DETACH-PROOF (FORALL 6 (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL))) (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)) PF (ALL-ELIM-PROOF 6 (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)))))) (PROVE-LEMMA A-EV2-INST-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (PROVES PF (FORALL 6 (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL))) GIVEN DEFNS SYMBOLS) (EQUAL CONCL (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR (NCODE VA1) (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)))) (PROVES (A-EV2-INST-PROOF FLG EXP FA VAL VA1 VA2 PF) CONCL GIVEN DEFNS SYMBOLS)) ((USE (PROVES-IS-FORMULA (EXP (FORALL 6 (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (Z-OPAIR (NCODE VA2) (NCODE (GCODE NIL)))) (NCODE FA) (NCODE VAL)))))) (DISABLE GCODE Z-APPLY-SUBR-ALL-HYPS))) (TOGGLE G1333 BOOL-FIX NIL) (PROVE-LEMMA NCODE-NEQUAL-BOOL-FIX-T-F (REWRITE) (NOT (NCODE-EQUAL (BOOL-FIX F) (BOOL-FIX T)))) (TOGGLE G1334 BOOL-FIX T) ;;;;;;;Exponentiation. (DEFN EXP (X Y) (IF (ZEROP Y) 1 (TIMES (EXP X (SUB1 Y)) X))) ;;;;;;;Remainder. (DEFN REM (X Y) (IF (ZEROP Y) (FIX X) (IF (LESSP X Y) (FIX X) (REM (DIFFERENCE X Y) Y)))) ;;;;;;;Development of number theory leading to Unique Prime factorization theorem. ;;;;;;;Taken from Boyer-Moore's "proveall". (PROVE-LEMMA PLUS-RIGHT-ID2 (REWRITE) (IMPLIES (NOT (NUMBERP Y)) (EQUAL (PLUS X Y) (FIX X)))) (PROVE-LEMMA PLUS-ADD1 (REWRITE) (EQUAL (PLUS X (ADD1 Y)) (IF (NUMBERP Y) (ADD1 (PLUS X Y)) (ADD1 X)))) (PROVE-LEMMA COMMUTATIVITY2-OF-PLUS (REWRITE) (EQUAL (PLUS X (PLUS Y Z)) (PLUS Y (PLUS X Z)))) (PROVE-LEMMA COMMUTATIVITY-OF-PLUS (REWRITE) (EQUAL (PLUS X Y) (PLUS Y X))) (PROVE-LEMMA ASSOCIATIVITY-OF-PLUS (REWRITE) (EQUAL (PLUS (PLUS X Y) Z) (PLUS X (PLUS Y Z)))) (PROVE-LEMMA PLUS-EQUAL-0 (REWRITE) (EQUAL (EQUAL (PLUS A B) 0) (AND (ZEROP A) (ZEROP B)))) (PROVE-LEMMA DIFFERENCE-X-X (REWRITE) (EQUAL (DIFFERENCE X X) 0)) (PROVE-LEMMA DIFFERENCE-PLUS (REWRITE) (AND (EQUAL (DIFFERENCE (PLUS X Y) X) (FIX Y)) (EQUAL (DIFFERENCE (PLUS Y X) X) (FIX Y)))) (PROVE-LEMMA PLUS-CANCELLATION (REWRITE) (EQUAL (EQUAL (PLUS A B) (PLUS A C)) (EQUAL (FIX B) (FIX C)))) (PROVE-LEMMA DIFFERENCE-0 (REWRITE) (IMPLIES (NOT (LESSP Y X)) (EQUAL (DIFFERENCE X Y) 0))) (PROVE-LEMMA EQUAL-DIFFERENCE-0 (REWRITE) (EQUAL (EQUAL 0 (DIFFERENCE X Y)) (NOT (LESSP Y X)))) (PROVE-LEMMA DIFFERENCE-CANCELLATION-0 (REWRITE) (EQUAL (EQUAL X (DIFFERENCE X Y)) (AND (NUMBERP X) (OR (EQUAL X 0) (ZEROP Y))))) (PROVE-LEMMA DIFFERENCE-CANCELLATION-1 (REWRITE) (EQUAL (EQUAL (DIFFERENCE X Y) (DIFFERENCE Z Y)) (IF (LESSP X Y) (NOT (LESSP Y Z)) (IF (LESSP Z Y) (NOT (LESSP Y X)) (EQUAL (FIX X) (FIX Z)))))) (PROVE-LEMMA TIMES-ZERO2 (REWRITE) (IMPLIES (NOT (NUMBERP Y)) (EQUAL (TIMES X Y) 0))) (PROVE-LEMMA DISTRIBUTIVITY-OF-TIMES-OVER-PLUS (REWRITE) (EQUAL (TIMES X (PLUS Y Z)) (PLUS (TIMES X Y) (TIMES X Z)))) (PROVE-LEMMA TIMES-ADD1 (REWRITE) (EQUAL (TIMES X (ADD1 Y)) (IF (NUMBERP Y) (PLUS X (TIMES X Y)) (FIX X)))) (PROVE-LEMMA COMMUTATIVITY-OF-TIMES (REWRITE) (EQUAL (TIMES X Y) (TIMES Y X))) (PROVE-LEMMA COMMUTATIVITY2-OF-TIMES (REWRITE) (EQUAL (TIMES X (TIMES Y Z)) (TIMES Y (TIMES X Z)))) (PROVE-LEMMA ASSOCIATIVITY-OF-TIMES (REWRITE) (EQUAL (TIMES (TIMES X Y) Z) (TIMES X (TIMES Y Z)))) (PROVE-LEMMA EQUAL-TIMES-0 (REWRITE) (EQUAL (EQUAL (TIMES X Y) 0) (OR (ZEROP X) (ZEROP Y)))) (PROVE-LEMMA EQUAL-LESSP (REWRITE) (EQUAL (EQUAL (LESSP X Y) Z) (IF (LESSP X Y) (EQUAL T Z) (EQUAL F Z)))) (PROVE-LEMMA DIFFERENCE-ELIM (ELIM) (IMPLIES (AND (NUMBERP Y) (NOT (LESSP Y X))) (EQUAL (PLUS X (DIFFERENCE Y X)) Y))) (PROVE-LEMMA REM-QUOTIENT (REWRITE) (EQUAL (PLUS (REM X Y) (TIMES Y (QUOTIENT X Y))) (FIX X))) (PROVE-LEMMA REM-WRT-1 (REWRITE) (EQUAL (REM Y 1) 0)) (PROVE-LEMMA REM-WRT-12 (REWRITE) (IMPLIES (NOT (NUMBERP X)) (EQUAL (REM Y X) (FIX Y)))) (PROVE-LEMMA LESSP-REM2 (REWRITE GENERALIZE) (EQUAL (LESSP (REM X Y) Y) (NOT (ZEROP Y)))) (PROVE-LEMMA REM-X-X (REWRITE) (EQUAL (REM X X) 0)) (PROVE-LEMMA REM-QUOTIENT-ELIM (ELIM) (IMPLIES (AND (NOT (ZEROP Y)) (NUMBERP X)) (EQUAL (PLUS (REM X Y) (TIMES Y (QUOTIENT X Y))) X))) (PROVE-LEMMA LESSP-TIMES-1 (REWRITE) (IMPLIES (NOT (ZEROP I)) (NOT (LESSP (TIMES I J) J)))) (PROVE-LEMMA LESSP-TIMES-2 (REWRITE) (IMPLIES (NOT (ZEROP I)) (NOT (LESSP (TIMES J I) J)))) (PROVE-LEMMA LESSP-QUOTIENT1 (REWRITE) (EQUAL (LESSP (QUOTIENT I J) I) (AND (NOT (ZEROP I)) (OR (ZEROP J) (NOT (EQUAL J 1)))))) (PROVE-LEMMA LESSP-REM1 (REWRITE) (EQUAL (LESSP (REM X Y) X) (AND (NOT (ZEROP Y)) (NOT (ZEROP X)) (NOT (LESSP X Y))))) (DEFN GCD (X Y) (IF (ZEROP X) (FIX Y) (IF (ZEROP Y) X (IF (LESSP X Y) (GCD X (DIFFERENCE Y X)) (GCD (DIFFERENCE X Y) Y)))) ((LEX2 (LIST (COUNT X) (COUNT Y))))) (PROVE-LEMMA NUMBERP-GCD (REWRITE) (NUMBERP (GCD X Y))) (PROVE-LEMMA GCD-EQUAL-0 (REWRITE) (EQUAL (EQUAL (GCD X Y) 0) (AND (ZEROP X) (ZEROP Y)))) (PROVE-LEMMA GCD-0 (REWRITE) (EQUAL (GCD 0 Y) (FIX Y))) (PROVE-LEMMA COMMUTATIVITY-OF-GCD (REWRITE) (EQUAL (GCD X Y) (GCD Y X))) (PROVE-LEMMA DIFFERENCE-PLUS1 (REWRITE) (EQUAL (DIFFERENCE (PLUS X Y) X) (FIX Y))) (PROVE-LEMMA DIFFERENCE-PLUS2 (REWRITE) (EQUAL (DIFFERENCE (PLUS Y X) X) (FIX Y))) (PROVE-LEMMA DIFFERENCE-PLUS-CANCELATION (REWRITE) (EQUAL (DIFFERENCE (PLUS X Y) (PLUS X Z)) (DIFFERENCE Y Z))) (PROVE-LEMMA TIMES-DIFFERENCE (REWRITE) (EQUAL (TIMES X (DIFFERENCE C W)) (DIFFERENCE (TIMES C X) (TIMES W X)))) (DEFN DIVIDES (X Y) (ZEROP (REM Y X))) (PROVE-LEMMA DIVIDES-TIMES (REWRITE) (EQUAL (REM (TIMES X Z) Z) 0)) (PROVE-LEMMA DIFFERENCE-PLUS3 (REWRITE) (EQUAL (DIFFERENCE (PLUS B (PLUS A C)) A) (PLUS B C))) (PROVE-LEMMA DIFFERENCE-ADD1-CANCELLATION (REWRITE) (EQUAL (DIFFERENCE (ADD1 (PLUS Y Z)) Z) (ADD1 Y))) (PROVE-LEMMA REM-ADD1 (REWRITE) (IMPLIES (AND (NOT (ZEROP Y)) (NOT (EQUAL Y 1))) (NOT (EQUAL (REM (ADD1 (TIMES X Y)) Y) 0)))) (PROVE-LEMMA DIVIDES-PLUS-REWRITE1 (REWRITE) (IMPLIES (AND (EQUAL (REM X Z) 0) (EQUAL (REM Y Z) 0)) (EQUAL (REM (PLUS X Y) Z) 0))) (PROVE-LEMMA DIVIDES-PLUS-REWRITE2 (REWRITE) (IMPLIES (AND (EQUAL (REM X Z) 0) (NOT (EQUAL (REM Y Z) 0))) (NOT (EQUAL (REM (PLUS X Y) Z) 0)))) (PROVE-LEMMA DIVIDES-PLUS-REWRITE (REWRITE) (IMPLIES (EQUAL (REM X Z) 0) (EQUAL (EQUAL (REM (PLUS X Y) Z) 0) (EQUAL (REM Y Z) 0)))) (PROVE-LEMMA LESSP-PLUS-CANCELATION (REWRITE) (EQUAL (LESSP (PLUS X Y) (PLUS X Z)) (LESSP Y Z))) (PROVE-LEMMA DIVIDES-PLUS-REWRITE-COMMUTED (REWRITE) (IMPLIES (EQUAL (REM X Z) 0) (EQUAL (EQUAL (REM (PLUS Y X) Z) 0) (EQUAL (REM Y Z) 0)))) (PROVE-LEMMA EUCLID (REWRITE) (IMPLIES (EQUAL (REM X Z) 0) (EQUAL (EQUAL (REM (DIFFERENCE Y X) Z) 0) (IF (LESSP X Y) (EQUAL (REM Y Z) 0) T)))) (PROVE-LEMMA LESSP-TIMES-CANCELLATION (REWRITE) (EQUAL (LESSP (TIMES X Z) (TIMES Y Z)) (AND (NOT (ZEROP Z)) (LESSP X Y)))) (PROVE-LEMMA LESSP-PLUS-CANCELLATION3 (REWRITE) (EQUAL (LESSP Y (PLUS X Y)) (NOT (ZEROP X)))) (PROVE-LEMMA DISTRIBUTIVITY-OF-TIMES-OVER-GCD (REWRITE) (EQUAL (GCD (TIMES X Z) (TIMES Y Z)) (TIMES Z (GCD X Y)))) (PROVE-LEMMA GCD-DIVIDES-BOTH (REWRITE) (AND (EQUAL (REM X (GCD X Y)) 0) (EQUAL (REM Y (GCD X Y)) 0))) (PROVE-LEMMA GCD-IS-THE-GREATEST NIL (IMPLIES (AND (NOT (ZEROP X)) (NOT (ZEROP Y)) (DIVIDES Z X) (DIVIDES Z Y)) (LEQ Z (GCD X Y)))) (DEFN PRIME1 (X Y) (IF (ZEROP Y) F (IF (EQUAL Y 1) T (AND (NOT (DIVIDES Y X)) (PRIME1 X (SUB1 Y)))))) (DEFN PRIME (X) (AND (NOT (ZEROP X)) (NOT (EQUAL X 1)) (PRIME1 X (SUB1 X)))) (DEFN GREATEST-FACTOR (X Y) (IF (OR (ZEROP Y) (EQUAL Y 1)) X (IF (DIVIDES Y X) Y (GREATEST-FACTOR X (SUB1 Y))))) (PROVE-LEMMA GREATEST-FACTOR-LESSP (REWRITE) (IMPLIES (AND (LESSP Y X) (NOT (PRIME1 X Y)) (NOT (ZEROP X)) (NOT (EQUAL (SUB1 X) 0)) (NOT (ZEROP Y))) (LESSP (GREATEST-FACTOR X Y) X))) (PROVE-LEMMA GREATEST-FACTOR-DIVIDES (REWRITE) (IMPLIES (AND (LESSP Y X) (NOT (PRIME1 X Y)) (NOT (ZEROP X)) (NOT (EQUAL X 1)) (NOT (ZEROP Y))) (EQUAL (REM X (GREATEST-FACTOR X Y)) 0))) (PROVE-LEMMA GREATEST-FACTOR-0 (REWRITE) (EQUAL (EQUAL (GREATEST-FACTOR X Y) 0) (AND (OR (ZEROP Y) (EQUAL Y 1)) (EQUAL X 0)))) (PROVE-LEMMA REM-0-CROCK (REWRITE) (EQUAL (REM 0 Y) 0)) (PROVE-LEMMA GREATEST-FACTOR-1 (REWRITE) (EQUAL (EQUAL (GREATEST-FACTOR X Y) 1) (EQUAL X 1))) (PROVE-LEMMA NUMBERP-GREATEST-FACTOR (REWRITE) (EQUAL (NUMBERP (GREATEST-FACTOR X Y)) (NOT (AND (OR (ZEROP Y) (EQUAL Y 1)) (NOT (NUMBERP X)))))) (DEFN PRIME-FACTORS (X) (IF (OR (ZEROP X) (EQUAL (SUB1 X) 0)) NIL (IF (PRIME1 X (SUB1 X)) (CONS X NIL) (APPEND (PRIME-FACTORS (GREATEST-FACTOR X (SUB1 X))) (PRIME-FACTORS (QUOTIENT X (GREATEST-FACTOR X (SUB1 X)))))))) (DEFN PRIME-LIST (L) (IF (NLISTP L) T (AND (PRIME (CAR L)) (PRIME-LIST (CDR L))))) (DEFN TIMES-LIST (L) (IF (NLISTP L) 1 (TIMES (CAR L) (TIMES-LIST (CDR L))))) (PROVE-LEMMA TIMES-LIST-APPEND (REWRITE) (EQUAL (TIMES-LIST (APPEND X Y)) (TIMES (TIMES-LIST X) (TIMES-LIST Y)))) (PROVE-LEMMA PRIME-LIST-APPEND (REWRITE) (EQUAL (PRIME-LIST (APPEND X Y)) (AND (PRIME-LIST X) (PRIME-LIST Y)))) (PROVE-LEMMA PRIME-LIST-PRIME-FACTORS (REWRITE) (PRIME-LIST (PRIME-FACTORS X))) (PROVE-LEMMA QUOTIENT-TIMES1 (REWRITE) (IMPLIES (AND (NUMBERP Y) (NUMBERP X) (NOT (EQUAL X 0)) (DIVIDES X Y)) (EQUAL (TIMES X (QUOTIENT Y X)) Y))) (PROVE-LEMMA QUOTIENT-LESSP (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (LESSP X Y)) (NOT (EQUAL (QUOTIENT Y X) 0)))) (PROVE-LEMMA ENOUGH-FACTORS (REWRITE) (IMPLIES (NOT (ZEROP X)) (EQUAL (TIMES-LIST (PRIME-FACTORS X)) X))) (PROVE-LEMMA PRIME-FACTORIZATION-EXISTENCE NIL (IMPLIES (NOT (ZEROP X)) (AND (EQUAL (TIMES-LIST (PRIME-FACTORS X)) X) (PRIME-LIST (PRIME-FACTORS X))))) (DEFN GREATEREQPR (W Z) (IF (ZEROP W) (ZEROP Z) (IF (EQUAL W Z) T (GREATEREQPR (SUB1 W) Z)))) (PROVE-LEMMA TIMES-ID-IFF-1 (REWRITE) (EQUAL (EQUAL Z (TIMES W Z)) (AND (NUMBERP Z) (OR (EQUAL Z 0) (EQUAL W 1))))) (PROVE-LEMMA PRIME1-BASIC (REWRITE) (IMPLIES (AND (NOT (EQUAL Z 1)) (NOT (EQUAL Z 0)) (NUMBERP Z) (GREATEREQPR U Z)) (NOT (PRIME1 (TIMES W Z) U)))) (PROVE-LEMMA GREATEREQPR-LESSP (REWRITE) (EQUAL (GREATEREQPR X Y) (NOT (LESSP X Y)))) (PROVE-LEMMA GREATEREQPR-REM (REWRITE) (IMPLIES (AND (NOT (EQUAL Z (ADD1 V))) (DIVIDES Z (ADD1 V))) (GREATEREQPR V Z))) (PROVE-LEMMA PRIME-BASIC (REWRITE) (IMPLIES (AND (NOT (EQUAL Z 1)) (NOT (EQUAL Z X)) (NOT (ZEROP X)) (NOT (EQUAL X 1)) (DIVIDES Z X)) (NOT (PRIME1 X (SUB1 X))))) (PROVE-LEMMA REM-GCD (REWRITE) (IMPLIES (EQUAL (GCD B X) Y) (EQUAL (REM B Y) 0))) (PROVE-LEMMA REM-GCD-1 (REWRITE) (IMPLIES (NOT (EQUAL (REM B X) 0)) (NOT (EQUAL (GCD B X) X)))) (PROVE-LEMMA DIVIDES-TIMES1 (REWRITE) (IMPLIES (EQUAL A (TIMES Z Y)) (EQUAL (REM A Z) 0))) (PROVE-LEMMA TIMES-IDENTITY1 (REWRITE) (IMPLIES (AND (NUMBERP Y) (NOT (EQUAL Y 1)) (NOT (EQUAL Y 0)) (NOT (EQUAL X 0))) (NOT (EQUAL X (TIMES X Y))))) (PROVE-LEMMA TIMES-IDENTITY (REWRITE) (EQUAL (EQUAL X (TIMES X Y)) (OR (EQUAL X 0) (AND (NUMBERP X) (EQUAL Y 1))))) (PROVE-LEMMA KLUDGE-BRIDGE (REWRITE) (IMPLIES (EQUAL Y (TIMES K X)) (EQUAL (GCD Y (TIMES A X)) (TIMES X (GCD A K))))) (PROVE-LEMMA HACK1 (REWRITE) (IMPLIES (AND (NOT (DIVIDES X A)) (EQUAL A (GCD (TIMES X A) (TIMES B A)))) (NOT (EQUAL (TIMES K X) (TIMES B A))))) (PROVE-LEMMA PRIME-GCD (REWRITE) (IMPLIES (AND (NOT (DIVIDES X B)) (NOT (ZEROP X)) (NOT (EQUAL (SUB1 X) 0)) (PRIME1 X (SUB1 X))) (EQUAL (EQUAL (GCD B X) 1) T))) (PROVE-LEMMA GCD-DISTRIBUTES-OVER-AN-OPENED-UP-TIMES (REWRITE) (IMPLIES (AND (NUMBERP X) (NOT (EQUAL X 0)) (EQUAL FREE (TIMES X Z))) (EQUAL (GCD (TIMES B Z) FREE) (TIMES Z (GCD B X))))) (PROVE-LEMMA PRIME-KEY (REWRITE) (IMPLIES (AND (NUMBERP Z) (PRIME X) (NOT (DIVIDES X Z)) (NOT (DIVIDES X B))) (NOT (EQUAL (TIMES X K) (TIMES B Z))))) (PROVE-LEMMA QUOTIENT-DIVIDES (REWRITE) (IMPLIES (AND (NUMBERP Y) (NOT (EQUAL (TIMES X (QUOTIENT Y X)) Y))) (NOT (EQUAL (REM Y X) 0)))) (PROVE-LEMMA LITTLE-STEP (REWRITE) (IMPLIES (AND (PRIME X) (NOT (EQUAL Y 1)) (NOT (EQUAL X Y))) (NOT (EQUAL (REM X Y) 0)))) (DEFN DELETE (X Y) (IF (LISTP Y) (IF (EQUAL X (CAR Y)) (CDR Y) (CONS (CAR Y) (DELETE X (CDR Y)))) Y)) (PROVE-LEMMA DELETE-NON-MEMBER (REWRITE) (IMPLIES (NOT (MEMBER X Y)) (EQUAL (DELETE X Y) Y))) (PROVE-LEMMA MEMBER-DELETE (REWRITE) (IMPLIES (MEMBER X (DELETE U V)) (MEMBER X V))) (PROVE-LEMMA LESSP-COUNT-DELETE (REWRITE) (IMPLIES (MEMBER N L) (LESSP (COUNT (DELETE N L)) (COUNT L)))) (DEFN PERM (A B) (IF (NLISTP A) (NLISTP B) (IF (MEMBER (CAR A) B) (PERM (CDR A) (DELETE (CAR A) B)) F))) (PROVE-LEMMA REM-TIMES (REWRITE) (EQUAL (REM (TIMES Y X) Y) 0)) (PROVE-LEMMA PRIME-LIST-DELETE (REWRITE) (IMPLIES (PRIME-LIST L2) (PRIME-LIST (DELETE X L2)))) (PROVE-LEMMA DIVIDES-TIMES-LIST (REWRITE) (IMPLIES (AND (NOT (ZEROP C)) (MEMBER C L)) (EQUAL (REM (TIMES-LIST L) C) 0))) (PROVE-LEMMA QUOTIENT-TIMES (REWRITE) (EQUAL (QUOTIENT (TIMES Y X) Y) (IF (ZEROP Y) 0 (FIX X)))) (PROVE-LEMMA DISTRIBUTIVITY-OF-DIVIDES (REWRITE) (IMPLIES (AND (NOT (ZEROP A)) (DIVIDES A W)) (EQUAL (TIMES C (QUOTIENT W A)) (QUOTIENT (TIMES C W) A)))) (PROVE-LEMMA TIMES-LIST-DELETE (REWRITE) (IMPLIES (AND (NOT (ZEROP C)) (MEMBER C L)) (EQUAL (TIMES-LIST (DELETE C L)) (QUOTIENT (TIMES-LIST L) C)))) (PROVE-LEMMA PRIME-LIST-TIMES-LIST (REWRITE) (IMPLIES (AND (PRIME C) (PRIME-LIST L2) (NOT (MEMBER C L2))) (NOT (EQUAL (REM (TIMES-LIST L2) C) 0)))) (PROVE-LEMMA IF-TIMES-THEN-DIVIDES (REWRITE) (IMPLIES (AND (NOT (ZEROP C)) (NOT (DIVIDES C X))) (NOT (EQUAL (TIMES C Y) X)))) (PROVE-LEMMA TIMES-EQUAL-1 (REWRITE) (EQUAL (EQUAL (TIMES A B) 1) (AND (NOT (EQUAL A 0)) (NOT (EQUAL B 0)) (NUMBERP A) (NUMBERP B) (EQUAL (SUB1 A) 0) (EQUAL (SUB1 B) 0)))) (PROVE-LEMMA PRIME-MEMBER (REWRITE) (IMPLIES (AND (EQUAL (TIMES C (TIMES-LIST L1)) (TIMES-LIST L2)) (PRIME C) (PRIME-LIST L2)) (MEMBER C L2)) ((DISABLE TIMES))) (PROVE-LEMMA DIVIDES-IMPLIES-TIMES (REWRITE) (IMPLIES (AND (NOT (ZEROP A)) (NUMBERP C) (EQUAL (TIMES A C) B)) (EQUAL (EQUAL C (QUOTIENT B A)) T))) ;;;;;;;Two prime factorizations with the same product are permutations of one another. (PROVE-LEMMA PRIME-FACTORIZATION-UNIQUENESS NIL (IMPLIES (AND (PRIME-LIST L1) (PRIME-LIST L2) (EQUAL (TIMES-LIST L1) (TIMES-LIST L2))) (PERM L1 L2))) ;;;;;;;NUM-TREEP checks if X is constructed from numbers using CONS. (DEFN NUM-TREEP (X) (IF (LISTP X) (AND (NUM-TREEP (CAR X)) (NUM-TREEP (CDR X))) (NUMBERP X))) ;;;;;;;DOUBLE multiplies X by 2. The recursive definition is there to provide an induction ;;;;;;;scheme. (DEFN DOUBLE (X) (IF (ZEROP X) 0 (ADD1 (ADD1 (DOUBLE (SUB1 X)))))) ;;;;;;;HALVE integer-divides X by 2. (DEFN HALVE (X) (IF (ZEROP X) 0 (IF (ZEROP (SUB1 X)) 0 (ADD1 (HALVE (SUB1 (SUB1 X))))))) (PROVE-LEMMA ODD-REM-TWO (REWRITE) (EQUAL (REM (ADD1 (DOUBLE X)) 2) 1)) ;;;;;;;NUMCODE is a one-to-one mapping from num-trees to numbers. A number N is mapped ;;;;;;;to the odd number (2N + 1). The list (CONS X Y) is mapped to ((x**2)(y**3)), ;;;;;;;if X is mapped to x, and Y to y. The unique prime factorization theorem is ;;;;;;;needed to decipher the num-tree back from a NUMCODE. (DEFN NUMCODE (X) (IF (LISTP X) (TIMES (EXP 2 (NUMCODE (CAR X))) (EXP 3 (NUMCODE (CDR X)))) (ADD1 (DOUBLE X)))) (DEFN Y-X-LIST (X Y) (IF (ZEROP Y) NIL (CONS X (Y-X-LIST X (SUB1 Y))))) (PROVE-LEMMA EXP-TIMES-LIST-Y-X-LIST (REWRITE) (EQUAL (TIMES-LIST (Y-X-LIST X Y)) (EXP X Y))) (DEFN PERM-Y-X-IND (Y Z) (IF (ZEROP Y) T (IF (ZEROP Z) T (PERM-Y-X-IND (SUB1 Y) (SUB1 Z))))) (PROVE-LEMMA PERM-Y-X-LIST-APPEND (REWRITE) (EQUAL (PERM (APPEND (Y-X-LIST X Y) LIST1) (APPEND (Y-X-LIST X Z) LIST2)) (IF (LESSP Y Z) (PERM LIST1 (APPEND (Y-X-LIST X (DIFFERENCE Z Y)) LIST2)) (PERM (APPEND (Y-X-LIST X (DIFFERENCE Y Z)) LIST1) LIST2))) ((INDUCT (PERM-Y-X-IND Y Z)))) (PROVE-LEMMA NOT-MEMBER-Y-X-LIST (REWRITE) (IMPLIES (NOT (EQUAL X X1)) (NOT (MEMBER X (Y-X-LIST X1 Y1))))) (PROVE-LEMMA NEQUAL-PERM-Y-X-LIST (REWRITE) (IMPLIES (AND (NOT (EQUAL X X1)) (NOT (ZEROP Y))) (NOT (PERM (APPEND (Y-X-LIST X Y) LIST1) (Y-X-LIST X1 Y1))))) (PROVE-LEMMA NEQUAL-PERM-Y-X-STEP (REWRITE) (IMPLIES (AND (LISTP Y) (NOT (MEMBER (CAR Y) X))) (NOT (PERM X Y)))) (PROVE-LEMMA NEQUAL-PERM-Y-X-LIST-ANOTHER (REWRITE) (IMPLIES (AND (NOT (EQUAL X X1)) (NOT (ZEROP Y1))) (NOT (PERM (Y-X-LIST X Y) (APPEND (Y-X-LIST X1 Y1) LIST1)))) ((USE (NEQUAL-PERM-Y-X-STEP (Y (APPEND (Y-X-LIST X1 Y1) LIST1)) (X (Y-X-LIST X Y)))))) (PROVE-LEMMA NOT-PERM-NUMCODE (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (NOT (EQUAL X X1))) (NOT (PERM (APPEND (Y-X-LIST 2 X) (Y-X-LIST 3 Y)) (APPEND (Y-X-LIST 2 X1) (Y-X-LIST 3 Y1)))))) (PROVE-LEMMA PRIME-LIST-Y-X-LIST (REWRITE) (IMPLIES (PRIME X) (PRIME-LIST (Y-X-LIST X Y)))) (PROVE-LEMMA REM-REC-REDUC (REWRITE) (IMPLIES (AND (NOT (ZEROP Y)) (LESSP Y X)) (EQUAL (REM X Y) (REM (DIFFERENCE X Y) Y)))) (PROVE-LEMMA REM32 (REWRITE) (EQUAL (REM 3 2) 1)) (PROVE-LEMMA PRIME1-3-2 (REWRITE) (EQUAL (PRIME1 3 2) (NOT (DIVIDES 2 3)))) (PROVE-LEMMA PRIME-3 (REWRITE) (PRIME 3)) (PROVE-LEMMA PRIME-2 (REWRITE) (PRIME 2)) (PROVE-LEMMA TIMES-LIST-APPEND23-NUMCODE (REWRITE) (EQUAL (TIMES (EXP 2 X) (EXP 3 Y)) (TIMES-LIST (APPEND (Y-X-LIST 2 X) (Y-X-LIST 3 Y))))) ;;;;;;;The NUMCODEs of two lists are distinct, if the NUMCODEs of the their first elements are. (PROVE-LEMMA NUMCODE-UNIQUENESS1 (REWRITE) (IMPLIES (AND (NOT (EQUAL X X1)) (NOT (ZEROP X))) (NOT (EQUAL (TIMES (EXP 2 X) (EXP 3 Y)) (TIMES (EXP 2 X1) (EXP 3 Y1))))) ((DISABLE TIMES EXP EXP-TIMES-LIST-Y-X-LIST PRIME PERM) (USE (PRIME-FACTORIZATION-UNIQUENESS (L1 (APPEND (Y-X-LIST 2 X) (Y-X-LIST 3 Y))) (L2 (APPEND (Y-X-LIST 2 X1) (Y-X-LIST 3 Y1)))) (NOT-PERM-NUMCODE)))) (TOGGLE G1335 TIMES-LIST-APPEND23-NUMCODE T) (PROVE-LEMMA PERM-APPEND-X-X (REWRITE) (EQUAL (PERM (APPEND X Y) (APPEND X Y1)) (PERM Y Y1))) (PROVE-LEMMA LENGTH-DELETE (REWRITE) (EQUAL (LENGTH (DELETE X Y)) (IF (MEMBER X Y) (SUB1 (LENGTH Y)) (LENGTH Y)))) (PROVE-LEMMA MEMBER-LENGTH (REWRITE) (IMPLIES (ZEROP (LENGTH Y)) (NOT (MEMBER X Y)))) (PROVE-LEMMA PERM-LENGTH (REWRITE) (IMPLIES (NOT (EQUAL (LENGTH X) (LENGTH Y))) (NOT (PERM X Y)))) (PROVE-LEMMA LENGTH-Y-X-LIST (REWRITE) (EQUAL (LENGTH (Y-X-LIST X Y)) (FIX Y))) (PROVE-LEMMA NOT-PERM-NEQUAL (REWRITE) (IMPLIES (AND (NOT (EQUAL Y Y1)) (NOT (ZEROP Y))) (NOT (PERM (Y-X-LIST X Y) (Y-X-LIST X Y1)))) ((USE (PERM-LENGTH (X (Y-X-LIST X Y)) (Y (Y-X-LIST X Y1)))))) ;;;;;;;The NUMCODEs of two lists are distinct, if the NUMCODEs of their second elements are. (PROVE-LEMMA NUMCODE-UNIQUENESS2 (REWRITE) (IMPLIES (AND (EQUAL X X1) (NOT (ZEROP Y)) (NOT (EQUAL Y Y1))) (NOT (EQUAL (TIMES (EXP 2 X) (EXP 3 Y)) (TIMES (EXP 2 X1) (EXP 3 Y1))))) ((DISABLE TIMES EXP EXP-TIMES-LIST-Y-X-LIST PRIME PERM) (USE (PRIME-FACTORIZATION-UNIQUENESS (L1 (APPEND (Y-X-LIST 2 X) (Y-X-LIST 3 Y))) (L2 (APPEND (Y-X-LIST 2 X1) (Y-X-LIST 3 Y1)))) (TIMES-LIST-APPEND23-NUMCODE) (TIMES-LIST-APPEND23-NUMCODE (X X1) (Y Y1))))) (DEFN DOUBLE-IND (X Y) (IF (ZEROP X) T (IF (ZEROP Y) T (DOUBLE-IND (SUB1 X) (SUB1 Y))))) (PROVE-LEMMA DOUBLE-NEQUAL-ADD1-DOUBLE (REWRITE) (NOT (EQUAL (DOUBLE X) (ADD1 (DOUBLE Y)))) ((INDUCT (DOUBLE-IND X Y)))) (PROVE-LEMMA TIMES-2-DOUBLE (REWRITE) (EQUAL (TIMES 2 X) (DOUBLE X))) (PROVE-LEMMA PLUS-DOUBLE (REWRITE) (EQUAL (PLUS (DOUBLE X) (DOUBLE Y)) (DOUBLE (PLUS X Y)))) (PROVE-LEMMA TIMES-DOUBLE (REWRITE) (EQUAL (TIMES X (DOUBLE Y)) (DOUBLE (TIMES X Y)))) (PROVE-LEMMA NUMCODE-REDUC (REWRITE) (IMPLIES (NOT (ZEROP Y)) (EQUAL (TIMES (EXP 2 Y) Z) (DOUBLE (TIMES (EXP 2 (SUB1 Y)) Z))))) (PROVE-LEMMA NUMCODE-NEQUAL (REWRITE) (IMPLIES (NOT (ZEROP X1)) (NOT (EQUAL (ADD1 (DOUBLE X)) (TIMES (EXP 2 X1) Y))))) (TOGGLE G1336 NUMCODE-REDUC T) (TOGGLE G1337 TIMES-2-DOUBLE T) (TOGGLE G1338 TIMES-DOUBLE T) ;;;;;;;DECIPHER1 is the function that deciphers the num-tree back from a NUMCODE. ;;;;;;;It essentially starts from Y and Z, and works its way down lexicographically ;;;;;;;until it has decomposed X into a pair of NUMCODEs, which it recursively deciphers. ;;;;;;;In the base case, when X is not the NUMCODE of any pair, it halves (SUB1 X). (DEFN DECIPHER1 (X Y Z) (IF (ZEROP Y) (HALVE (SUB1 X)) (IF (ZEROP Z) (DECIPHER1 X (SUB1 Y) X) (IF (AND (LESSP Y X) (LESSP Z X)) (IF (EQUAL X (TIMES (EXP 2 Y) (EXP 3 Z))) (CONS (DECIPHER1 Y (SUB1 Y) (SUB1 Y)) (DECIPHER1 Z (SUB1 Z) (SUB1 Z))) (DECIPHER1 X Y (SUB1 Z))) (DECIPHER1 X Y (SUB1 Z))))) ((LEX3 (LIST (COUNT X) (COUNT Y) (COUNT Z))))) (PROVE-LEMMA LESSP-EXP (REWRITE) (IMPLIES (AND (NOT (ZEROP Y)) (LESSP 1 X)) (LESSP Y (EXP X Y)))) (PROVE-LEMMA LESSP-TIMES (REWRITE) (IMPLIES (AND (LESSP 1 X) (LESSP 1 Y)) (AND (LESSP X (TIMES X Y)) (LESSP Y (TIMES X Y))))) (PROVE-LEMMA LESSP-NUMCODE1 (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (NOT (ZEROP Y))) (AND (LESSP X (TIMES (EXP 2 X) (EXP 3 Y))) (LESSP Y (TIMES (EXP 2 X) (EXP 3 Y)))))) (TOGGLE G1339 TIMES T) (TOGGLE G1340 EXP T) (PROVE-LEMMA DECIPHER-LISTP (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (NOT (ZEROP Y))) (EQUAL (DECIPHER1 (TIMES (EXP 2 X) (EXP 3 Y)) X Y) (CONS (DECIPHER1 X (SUB1 X) (SUB1 X)) (DECIPHER1 Y (SUB1 Y) (SUB1 Y))))) ((DISABLE COMMUTATIVITY-OF-TIMES))) (DEFN DECIPHER-IND (X Y X1 Y1) (IF (ZEROP X1) T (IF (ZEROP Y1) (DECIPHER-IND X Y (SUB1 X1) (TIMES (EXP 2 X) (EXP 3 Y))) (IF (LESSP X X1) (DECIPHER-IND X Y X1 (SUB1 Y1)) (IF (EQUAL Y Y1) T (DECIPHER-IND X Y X1 (SUB1 Y1)))))) ((LEX2 (LIST (COUNT X1) (COUNT Y1))))) (PROVE-LEMMA DECIPHER1-LISTP-REDUC (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (NOT (ZEROP Y)) (LEQ X X1) (IF (EQUAL X X1) (LEQ Y Y1) T)) (EQUAL (DECIPHER1 (TIMES (EXP 2 X) (EXP 3 Y)) X1 Y1) (DECIPHER1 (TIMES (EXP 2 X) (EXP 3 Y)) X Y))) ((INDUCT (DECIPHER-IND X Y X1 Y1)) (DISABLE COMMUTATIVITY-OF-TIMES REM REM-REC-REDUC PRIME PRIME-KEY HACK1))) (PROVE-LEMMA HALVE-DOUBLE (REWRITE) (EQUAL (HALVE (DOUBLE X)) (FIX X))) (PROVE-LEMMA LESSP-NUMCODE (REWRITE) (LESSP 0 (NUMCODE X))) ;;;;;;;NUMTREEP is the same as NUM-TREEP. (DEFN NUMTREEP (X) (IF (LISTP X) (AND (NUMTREEP (CAR X)) (NUMTREEP (CDR X))) (NUMBERP X))) (PROVE-LEMMA LESSP-SUB1-NUMCODE (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (NOT (ZEROP Y))) (AND (NOT (LESSP (SUB1 (TIMES (EXP 2 X) (EXP 3 Y))) X)) (NOT (LESSP (SUB1 (TIMES (EXP 2 X) (EXP 3 Y))) Y))))) (PROVE-LEMMA LESSP-NUMCODE-AGAIN (REWRITE) (NOT (EQUAL (NUMCODE X) 0))) (PROVE-LEMMA LESSP-NUMCODE-CASE (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (NOT (ZEROP Y))) (NOT (EQUAL X (SUB1 (TIMES (EXP 2 X) (EXP 3 Y))))))) (DEFN DECIPHER-IND2 (X Y Z) (IF (ZEROP Y) T (IF (ZEROP Z) (DECIPHER-IND2 X (SUB1 Y) (ADD1 (DOUBLE X))) (DECIPHER-IND2 X Y (SUB1 Z)))) ((LEX2 (LIST (COUNT Y) (COUNT Z))))) (PROVE-LEMMA DECIPHER1-NLISTP (REWRITE) (EQUAL (DECIPHER1 (ADD1 (DOUBLE X)) Y Z) (FIX X)) ((INDUCT (DECIPHER-IND2 X Y Z)))) ;;;;;;;This is the main lemma relating DECIPHER1 and NUMCODE. It asserts that ;;;;;;;DECIPHER1 applied to (NUMCODE X) (with appropriate values for the Y, Z, arguments) ;;;;;;;returns X. (PROVE-LEMMA DECIPHER1-NUMCODE (REWRITE) (IMPLIES (NUMTREEP X) (EQUAL (DECIPHER1 (NUMCODE X) (SUB1 (NUMCODE X)) (SUB1 (NUMCODE X))) X)) ((DISABLE COMMUTATIVITY-OF-TIMES REM REM-REC-REDUC PRIME PRIME-KEY HACK1))) ;;;;;;;Correspondence proofs for PLUS. (DEFN G-PLUSN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN X) (G-FIXN Y) (PR-ADD1N (G-PLUSN (PR-SUB1N X) Y (SUB1 N)))))) (TOGGLE G1341 G-PLUS NIL) (TOGGLE G1342 G-PLUS-DEFN NIL) (DEFN G-PLUS-IND (X Y VA N) (IF (ZEROP N) T (G-PLUS-IND (PR-SUB1 0) 1 (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-PLUS-EVAL (REWRITE) (EQUAL (EV 0 (G-PLUS X Y) VA (FA) N) (G-PLUSN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-PLUS-IND X Y VA N)) (DISABLE PR-ADD1N))) (PROVE-LEMMA PR-ADD1N-GCODE (REWRITE) (EQUAL (PR-ADD1N (GCODE X)) (GCODE (ADD1 X)))) (TOGGLE G1343 PR-ADD1N T) (DEFN PLUSN-IND (X Y N) (IF (ZEROP N) T (IF (ZEROP X) T (PLUSN-IND (SUB1 X) Y (SUB1 N))))) (PROVE-LEMMA G-PLUSN-GCODE (REWRITE) (IMPLIES (LESSP X N) (EQUAL (G-PLUSN (GCODE X) (GCODE Y) N) (GCODE (PLUS X Y)))) ((DISABLE GCODE) (INDUCT (PLUSN-IND X Y N)))) (TOGGLE G1344 G-PLUS T) (TOGGLE G1345 G-PLUSN T) (TOGGLE G1346 G-PLUS-IND T) ;;;;;;;Correspondence proofs for TIMES. (DEFN G-TIMESN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN X) (GCODE 0) (G-PLUSN Y (G-TIMESN (PR-SUB1N X) Y (SUB1 N)) (SUB1 N))))) (TOGGLE G1347 G-TIMES NIL) (TOGGLE G1348 G-TIMES-DEFN NIL) (PROVE-LEMMA G-TIMES-EVAL (REWRITE) (EQUAL (EV 0 (G-TIMES X Y) VA (FA) N) (G-TIMESN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-PLUS-IND X Y VA N)))) (PROVE-LEMMA G-TIMESN-GCODE (REWRITE) (IMPLIES (LESSP (ADD1 (PLUS X Y)) N) (EQUAL (G-TIMESN (GCODE X) (GCODE Y) N) (GCODE (TIMES X Y)))) ((DISABLE GCODE) (INDUCT (PLUSN-IND X Y N)))) (TOGGLE G1349 G-TIMES T) (TOGGLE G1350 G-TIMESN T) (TOGGLE G1351 G-TIMES-DEFN T) ;;;;;;;Correspondence proofs for EXP. (DEFN G-EXPN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN Y) (GCODE 1) (G-TIMESN X (G-EXPN X (PR-SUB1N Y) (SUB1 N)) (SUB1 N))))) (TOGGLE G1373 G-EXP NIL) (TOGGLE G1374 G-EXP-DEFN NIL) (DEFN G-EXP-IND (X Y VA N) (IF (ZEROP N) T (G-EXP-IND 0 (PR-SUB1 1) (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-EXP-EVAL (REWRITE) (EQUAL (EV 0 (G-EXP X Y) VA (FA) N) (G-EXPN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-EXP-IND X Y VA N)))) (TOGGLE G1375 EXP NIL) (TOGGLE G1376 TIMES NIL) (PROVE-LEMMA G-EXPN-GCODE (REWRITE) (IMPLIES (AND (NOT (ZEROP X)) (LESSP (ADD1 (PLUS X Y (EXP X Y))) N)) (EQUAL (G-EXPN (GCODE X) (GCODE Y) N) (GCODE (EXP X Y)))) ((DISABLE GCODE) (INDUCT (PLUSN-IND Y X N)))) (TOGGLE G1377 G-EXP T) (TOGGLE G1378 G-EXPN T) (TOGGLE G1379 G-EXP-DEFN T) (TOGGLE G1380 TIMES T) (TOGGLE G1381 EXP T) ;;;;;;;Correspondence proofs for HALVE. (DEFN G-HALVEN (X N) (IF (OR (BTMP X) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN X) (GCODE 0) (PR-IFN (PR-ZEROPN (PR-SUB1N X)) (GCODE 0) (PR-ADD1N (G-HALVEN (PR-SUB1N (PR-SUB1N X)) (SUB1 N))))))) (TOGGLE G1382 G-HALVE NIL) (TOGGLE G1383 G-HALVE-DEFN NIL) (DEFN G-HALVE-IND (X VA N) (IF (ZEROP N) T (G-HALVE-IND (PR-SUB1 (PR-SUB1 0)) (EV 1 (LIST X) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-HALVE-EVAL (REWRITE) (EQUAL (EV 0 (G-HALVE X) VA (FA) N) (G-HALVEN (EV 0 X VA (FA) N) N)) ((INDUCT (G-HALVE-IND X VA N)))) (DEFN HALVEN-IND (X N) (IF (ZEROP N) T (IF (ZEROP X) T (HALVEN-IND (SUB1 (SUB1 X)) (SUB1 N))))) (PROVE-LEMMA G-HALVEN-GCODE (REWRITE) (IMPLIES (LESSP X N) (EQUAL (G-HALVEN (GCODE X) N) (GCODE (HALVE X)))) ((DISABLE GCODE) (INDUCT (HALVEN-IND X N)))) (TOGGLE G1384 G-HALVE T) (TOGGLE G1385 G-HALVEN T) (TOGGLE G1386 G-HALVE-DEFN T) ;;;;;;;Correspondence proofs for LESSP. (DEFN G-LESSPN (X Y N) (IF (OR (BTMP X) (BTMP Y) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN Y) (BOOL-FIX F) (PR-IFN (PR-ZEROPN X) (BOOL-FIX T) (G-LESSPN (PR-SUB1N X) (PR-SUB1N Y) (SUB1 N)))))) (TOGGLE G1387 G-LESSP NIL) (TOGGLE G1388 G-LESSP-DEFN NIL) (DEFN G-LESSP-IND (X Y VA N) (IF (ZEROP N) T (G-LESSP-IND (PR-SUB1 0) (PR-SUB1 1) (EV 1 (LIST X Y) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-LESSP-EVAL (REWRITE) (EQUAL (EV 0 (G-LESSP X Y) VA (FA) N) (G-LESSPN (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) N)) ((INDUCT (G-LESSP-IND X Y VA N)))) (DEFN LESSPN-IND (X Y N) (IF (ZEROP N) T (IF (ZEROP Y) T (IF (ZEROP X) T (LESSPN-IND (SUB1 X) (SUB1 Y) (SUB1 N)))))) (PROVE-LEMMA G-LESSPN-GCODE (REWRITE) (IMPLIES (LESSP (PLUS X Y) N) (EQUAL (G-LESSPN (GCODE X) (GCODE Y) N) (BOOL-FIX (LESSP X Y)))) ((DISABLE GCODE) (INDUCT (LESSPN-IND X Y N)))) (TOGGLE G1389 G-LESSP T) (TOGGLE G1390 G-LESSPN T) (TOGGLE G1391 G-LESSP-DEFN T) ;;;;;;;Correspondence proofs for DECIPHER1. (DEFN G-DECIPHER1N (X Y Z N) (IF (OR (BTMP X) (BTMP Y) (BTMP Z) (ZEROP N)) (BTM) (PR-IFN (PR-ZEROPN Y) (G-HALVEN (PR-SUB1N X) (SUB1 N)) (PR-IFN (PR-ZEROPN Z) (G-DECIPHER1N X (PR-SUB1N Y) X (SUB1 N)) (PR-IFN (PR-ANDN (G-LESSPN Y X (SUB1 N)) (G-LESSPN Z X (SUB1 N))) (PR-IFN (PR-EQUALN X (G-TIMESN (G-EXPN (GCODE 2) Y (SUB1 N)) (G-EXPN (GCODE 3) Z (SUB1 N)) (SUB1 N))) (PR-CONSN (G-DECIPHER1N Y (PR-SUB1N Y) (PR-SUB1N Y) (SUB1 N)) (G-DECIPHER1N Z (PR-SUB1N Z) (PR-SUB1N Z) (SUB1 N))) (G-DECIPHER1N X Y (PR-SUB1N Z) (SUB1 N))) (G-DECIPHER1N X Y (PR-SUB1N Z) (SUB1 N))))))) (TOGGLE G1392 G-DECIPHER1 NIL) (TOGGLE G1393 G-DECIPHER1-DEFN NIL) (DEFN G-DECIPHER1-IND (X Y Z VA N) (IF (ZEROP N) T (AND (G-DECIPHER1-IND 0 (PR-SUB1 1) 0 (EV 1 (LIST X Y Z) VA (FA) N) (SUB1 N)) (G-DECIPHER1-IND 0 1 (PR-SUB1 2) (EV 1 (LIST X Y Z) VA (FA) N) (SUB1 N)) (G-DECIPHER1-IND 1 (PR-SUB1 1) (PR-SUB1 1) (EV 1 (LIST X Y Z) VA (FA) N) (SUB1 N)) (G-DECIPHER1-IND 2 (PR-SUB1 2) (PR-SUB1 2) (EV 1 (LIST X Y Z) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-DECIPHER1-EVAL (REWRITE) (EQUAL (EV 0 (G-DECIPHER1 X Y Z) VA (FA) N) (G-DECIPHER1N (EV 0 X VA (FA) N) (EV 0 Y VA (FA) N) (EV 0 Z VA (FA) N) N)) ((INDUCT (G-DECIPHER1-IND X Y Z VA N)) (DISABLE PR-CONSN))) (DEFN DEC-COUNT (X Y Z) (IF (ZEROP Y) (ADD1 X) (IF (ZEROP Z) (ADD1 (DEC-COUNT X (SUB1 Y) X)) (IF (AND (LESSP Y X) (LESSP Z X)) (IF (EQUAL X (TIMES (EXP 2 Y) (EXP 3 Z))) (ADD1 (ADD1 (PLUS X Y Z (EXP 2 Y) (EXP 3 Z) (DEC-COUNT Y (SUB1 Y) (SUB1 Y)) (DEC-COUNT Z (SUB1 Z) (SUB1 Z))))) (ADD1 (ADD1 (PLUS X Y Z (EXP 2 Y) (EXP 3 Z) (DEC-COUNT X Y (SUB1 Z)))))) (ADD1 (ADD1 (PLUS X Y Z (EXP 2 Y) (EXP 3 Z) (DEC-COUNT X Y (SUB1 Z)))))))) ((LEX3 (LIST (COUNT X) (COUNT Y) (COUNT Z))))) (PROVE-LEMMA GCODE-HALVE (REWRITE) (EQUAL (GCODE (HALVE X)) (HALVE X))) (DEFN DECIPHER1N-IND (X Y Z N) (IF (ZEROP N) T (IF (ZEROP Y) T (IF (ZEROP Z) (DECIPHER1N-IND X (SUB1 Y) X (SUB1 N)) (IF (AND (LESSP Y X) (LESSP Z X)) (IF (EQUAL X (TIMES (EXP 2 Y) (EXP 3 Z))) (AND (DECIPHER1N-IND Y (SUB1 Y) (SUB1 Y) (SUB1 N)) (DECIPHER1N-IND Z (SUB1 Z) (SUB1 Z) (SUB1 N))) (DECIPHER1N-IND X Y (SUB1 Z) (SUB1 N))) (DECIPHER1N-IND X Y (SUB1 Z) (SUB1 N))))))) (PROVE-LEMMA G-DECIPHER1N-GCODE (REWRITE) (IMPLIES (LESSP (DEC-COUNT X Y Z) N) (EQUAL (G-DECIPHER1N (GCODE X) (GCODE Y) (GCODE Z) N) (DECIPHER1 X Y Z))) ((INDUCT (DECIPHER1N-IND X Y Z N)) (DISABLE GCODE HALVE))) (TOGGLE G1394 G-DECIPHER1 T) (TOGGLE G1395 G-DECIPHER1N T) (TOGGLE G1396 G-DECIPHER1-DEFN T) (PROVE-LEMMA NUM-TREEP-GCODE (REWRITE) (NUM-TREEP (GCODE X))) (DEFN G-DECIPHERN (X N) (G-DECIPHER1N X (PR-SUB1N X) (PR-SUB1N X) N)) ;;;;;;;Correspondence proofs for INV-CODE. (DEFN G-INV-CODEN (X N) (IF (OR (BTMP X) (ZEROP N)) (BTM) (PR-IFN (PR-LISTPN X) (PR-IFN (PR-EQUALN (PR-CARN X) 1) (G-CONSN (G-INV-CODEN (PR-CARN (PR-CDRN X)) (SUB1 N)) (G-INV-CODEN (PR-CDRN (PR-CDRN X)) (SUB1 N))) (PR-IFN (PR-EQUALN (PR-CARN X) 2) (G-F-NOTN (G-INV-CODEN (PR-CARN (PR-CDRN X)) (SUB1 N))) (PR-IFN (PR-EQUALN (PR-CARN X) 3) (G-F-ORN (G-INV-CODEN (PR-CARN (PR-CDRN X)) (SUB1 N)) (G-INV-CODEN (PR-CDRN (PR-CDRN X)) (SUB1 N))) (PR-IFN (PR-EQUALN (PR-CARN X) 4) (G-FORSOMEN (G-INV-CODEN (PR-CARN (PR-CDRN X)) (SUB1 N)) (G-INV-CODEN (PR-CDRN (PR-CDRN X)) (SUB1 N))) (PR-IFN (PR-EQUALN (PR-CARN X) 5) (GCODE T) (PR-IFN (PR-EQUALN (PR-CARN X) 6) (GCODE F) (GCODE NIL))))))) (G-FIXN X)))) (TOGGLE G1398 G-INV-CODE NIL) (TOGGLE G1399 G-INV-CODE-DEFN NIL) (DEFN G-INV-CODE-IND (X VA N) (IF (ZEROP N) T (AND (G-INV-CODE-IND (PR-CAR (PR-CDR 0)) (EV 1 (LIST X) VA (FA) N) (SUB1 N)) (G-INV-CODE-IND (PR-CDR (PR-CDR 0)) (EV 1 (LIST X) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA G-INV-CODE-EVAL (REWRITE) (EQUAL (EV 0 (G-INV-CODE X) VA (FA) N) (G-INV-CODEN (EV 0 X VA (FA) N) N)) ((INDUCT (G-INV-CODE-IND X VA N)) (DISABLE PR-CARN PR-CDRN PR-LISTPN PR-CONSN))) (PROVE-LEMMA PR-CARN-REDUC1 (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (PR-CARN X) 0))) (PROVE-LEMMA PR-CARN-REDUC2 (REWRITE) (EQUAL (PR-CARN (CONS X Y)) X)) (PROVE-LEMMA PR-CDRN-REDUC1 (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (PR-CDRN X) 0))) (PROVE-LEMMA PR-CDRN-REDUC (REWRITE) (EQUAL (PR-CDRN (CONS X Y)) Y)) (PROVE-LEMMA PR-LISTP-REDUC1 (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (PR-LISTPN X) (BOOL-FIX F)))) (PROVE-LEMMA PR-LISTP-REDUC2 (REWRITE) (EQUAL (PR-LISTPN (CONS X Y)) (BOOL-FIX T))) (DEFN INV-CODE (X) (IF (LISTP X) (IF (EQUAL (CAR X) 1) (CONS (INV-CODE (CADR X)) (INV-CODE (CDDR X))) (IF (EQUAL (CAR X) 2) (F-NOT (INV-CODE (CADR X))) (IF (EQUAL (CAR X) 3) (F-OR (INV-CODE (CADR X)) (INV-CODE (CDDR X))) (IF (EQUAL (CAR X) 4) (FORSOME (INV-CODE (CADR X)) (INV-CODE (CDDR X))) (IF (EQUAL (CAR X) 5) T (IF (EQUAL (CAR X) 6) F NIL)))))) (FIX X))) (DEFN INV-CODEN-IND (X N) (IF (ZEROP N) T (IF (LISTP X) (IF (EQUAL (CAR X) 1) (AND (INV-CODEN-IND (CADR X) (SUB1 N)) (INV-CODEN-IND (CDDR X) (SUB1 N))) (IF (EQUAL (CAR X) 2) (INV-CODEN-IND (CADR X) (SUB1 N)) (IF (EQUAL (CAR X) 3) (AND (INV-CODEN-IND (CADR X) (SUB1 N)) (INV-CODEN-IND (CDDR X) (SUB1 N))) (IF (EQUAL (CAR X) 4) (AND (INV-CODEN-IND (CADR X) (SUB1 N)) (INV-CODEN-IND (CDDR X) (SUB1 N))) T)))) T))) (TOGGLE G1400 G-FIXN NIL) (PROVE-LEMMA G-FIXN-REDUC (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (G-FIXN X) (GCODE X)))) (TOGGLE G1401 G-FIXN T) (TOGGLE G1402 PR-EQUALN NIL) (PROVE-LEMMA PR-EQUALN-REDUC2 (REWRITE) (IMPLIES (AND (NOT (BTMP X)) (NOT (BTMP Y))) (EQUAL (PR-EQUALN X Y) (BOOL-FIX (NCODE-EQUAL X Y))))) (TOGGLE G1403 PR-EQUALN T) (TOGGLE G1404 G-CONSN NIL) (TOGGLE G1405 G-F-NOTN NIL) (TOGGLE G1406 G-F-ORN NIL) (TOGGLE G1407 G-FORSOMEN NIL) (PROVE-LEMMA G-CONSN-NUMBERP (REWRITE) (IMPLIES (AND (NUMBERP X) (NUMBERP Y)) (EQUAL (G-CONSN X Y) (GCODE (CONS X Y))))) (PROVE-LEMMA G-F-NOTN-NUMBERP (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (G-F-NOTN X) (GCODE (F-NOT X))))) (PROVE-LEMMA G-F-ORN-NUMBERP (REWRITE) (IMPLIES (AND (NUMBERP X) (NUMBERP Y)) (EQUAL (G-F-ORN X Y) (GCODE (F-OR X Y))))) (PROVE-LEMMA G-FORSOMEN-NUMBERP (REWRITE) (IMPLIES (AND (NUMBERP X) (NUMBERP Y)) (EQUAL (G-FORSOMEN X Y) (GCODE (FORSOME X Y))))) (TOGGLE G1408 G-CONSN T) (TOGGLE G1409 G-F-NOTN T) (TOGGLE G1410 G-F-ORN T) (PROVE-LEMMA PR-EQUALN-REDUC3 (REWRITE) (IMPLIES (AND (NUM-TREEP X) (NUM-TREEP Y)) (EQUAL (PR-EQUALN X Y) (BOOL-FIX (NCODE-EQUAL X Y))))) (PROVE-LEMMA G-FORSOMEN-NUMBERP2 (REWRITE) (IMPLIES (NUMBERP X) (EQUAL (G-FORSOMEN X (GCODE Y)) (GCODE (FORSOME X Y))))) (TOGGLE G1411 G-FORSOMEN T) (PROVE-LEMMA G-INV-CODEN-GCODE (REWRITE) (IMPLIES (AND (NUM-TREEP X) (LESSP (EXP-COUNT X) N)) (EQUAL (G-INV-CODEN X N) (GCODE (INV-CODE X)))) ((INDUCT (INV-CODEN-IND X N)) (DISABLE PR-CARN PR-CDRN PR-LISTPN))) (PROVE-LEMMA INV-CODE-GCODE (REWRITE) (EQUAL (GCODE (INV-CODE (GCODE X))) (GCODE X))) (TOGGLE G1412 G-INV-CODE T) (TOGGLE G1413 G-INV-CODEN T) (TOGGLE G1414 G-INV-CODE-DEFN T) ;;;;;;;Correspondence proofs for the "theorem-checker". There is no Lisp function ;;;;;;;ISTHM (pronounced "is theorem") because it would have to search upwards ;;;;;;;along the enumeration of proofs given by (NUMCODE (GCODE PF)), until it found a ;;;;;;;a proof or a disproof of EXP. This search might not terminate. ;;;;;;;The function G-ISTHMN however has a stack-counter N which is decremented with ;;;;;;;each recursive call, and hence does terminate. (DEFN G-ISTHMN (PFN EXP GIVEN DEFNS SYMBOLS N) (IF (OR (BTMP PFN) (BTMP EXP) (BTMP GIVEN) (BTMP DEFNS) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) EXP GIVEN DEFNS SYMBOLS (SUB1 N)) (BOOL-FIX T) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (SUB1 N)) (BOOL-FIX F) (G-ISTHMN (PR-ADD1N PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N)))))) (TOGGLE G1415 G-ISTHM NIL) (TOGGLE G1416 G-ISTHM-DEFN NIL) (DEFN G-THM-IND (PFN EXP GIVEN DEFNS SYMBOLS VA N) (IF (ZEROP N) T (G-THM-IND (PR-ADD1 0) 1 2 3 4 (EV 1 (LIST PFN EXP GIVEN DEFNS SYMBOLS) VA (FA) N) (SUB1 N)))) (PROVE-LEMMA G-ISTHM-EVAL (REWRITE) (EQUAL (EV 0 (G-ISTHM PFN EXP GIVEN DEFNS SYMBOLS) VA (FA) N) (G-ISTHMN (EV 0 PFN VA (FA) N) (EV 0 EXP VA (FA) N) (EV 0 GIVEN VA (FA) N) (EV 0 DEFNS VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N)) ((INDUCT (G-THM-IND PFN EXP GIVEN DEFNS SYMBOLS VA N)))) ;;;;;;;Analogous to G-ISTHMN, we can define G-FIND-PROOFN which locates the number of the ;;;;;;;proof/disproof at which G-ISTHMN terminated. (DEFN G-FIND-PROOFN (PFN EXP GIVEN DEFNS SYMBOLS N) (IF (OR (BTMP PFN) (BTMP EXP) (BTMP GIVEN) (BTMP DEFNS) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) EXP GIVEN DEFNS SYMBOLS (SUB1 N)) PFN (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (SUB1 N)) PFN (G-FIND-PROOFN (PR-ADD1N PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N)))))) ;;;;;;;DECIPHER is defined in terms of DECIPHER1. (DEFN DECIPHER (X) (DECIPHER1 X (SUB1 X) (SUB1 X))) (DEFN FIND-PROOFN (PFN EXP GIVEN DEFNS SYMBOLS N) (IF (OR (BTMP EXP) (BTMP GIVEN) (BTMP DEFNS) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN (GCODE PFN) (SUB1 N)) (SUB1 N)) EXP GIVEN DEFNS SYMBOLS (SUB1 N)) PFN (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN (GCODE PFN) (SUB1 N)) (SUB1 N)) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (SUB1 N)) PFN (FIND-PROOFN (ADD1 PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N)))))) (DEFN FIND-PROOF-IND (PFN N) (IF (ZEROP N) T (FIND-PROOF-IND (ADD1 PFN) (SUB1 N)))) (TOGGLE G1417 PR-IFN NIL) (TOGGLE G1418 BOOL-FIX NIL) (TOGGLE G1419 PR-ANDN NIL) (PROVE-LEMMA PR-ANDN-T-OR-F1 (REWRITE) (IMPLIES (AND (NOT (BTMP (PR-ANDN X Y))) (NOT (EQUAL (PR-ANDN X Y) (BOOL-FIX F)))) (EQUAL (PR-ANDN X Y) (BOOL-FIX T)))) (PROVE-LEMMA PR-ANDN-T-OR-F2 (REWRITE) (IMPLIES (AND (NOT (BTMP (PR-ANDN X Y))) (NOT (EQUAL (PR-ANDN X Y) (BOOL-FIX T)))) (EQUAL (PR-ANDN X Y) (BOOL-FIX F)))) (TOGGLE G1420 PR-ANDN T) (TOGGLE G1421 G-PROVESN NIL) ;;;;;;;If G-PROVESN terminates, it returns either (BOOL-FIX T) or (BOOL-FIX F). (PROVE-LEMMA G-PROVESN-T-OR-F1 (REWRITE) (IMPLIES (AND (NOT (BTMP (G-PROVESN PF EXP GIVEN DEFNS SYMBOLS N))) (NOT (EQUAL (G-PROVESN PF EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX F)))) (EQUAL (G-PROVESN PF EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX T)))) (PROVE-LEMMA G-PROVESN-T-OR-F2 (REWRITE) (IMPLIES (AND (NOT (BTMP (G-PROVESN PF EXP GIVEN DEFNS SYMBOLS N))) (NOT (EQUAL (G-PROVESN PF EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX T)))) (EQUAL (G-PROVESN PF EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX F)))) (TOGGLE G1422 G-PROVESN T) (TOGGLE G1423 BOOL-FIX T) (PROVE-LEMMA G-FIND-PROOFN-GCODE (REWRITE) (IMPLIES (NOT (BTMP (G-ISTHMN (GCODE PFN) EXP GIVEN DEFNS SYMBOLS N))) (EQUAL (G-FIND-PROOFN (GCODE PFN) EXP GIVEN DEFNS SYMBOLS N) (GCODE (FIND-PROOFN PFN EXP GIVEN DEFNS SYMBOLS N)))) ((DISABLE GCODE SUB1 G-DECIPHER1N-GCODE G-INV-CODEN-GCODE) (INDUCT (FIND-PROOF-IND PFN N)))) (TOGGLE G1424 PR-IFN T) ;;;;;;;DECIPHER1 always returns a num-tree. (PROVE-LEMMA NUM-TREEP-DECIPHER1 (REWRITE) (NUM-TREEP (DECIPHER1 X Y Z))) ;;;;;;;The lemma below essentially says that G-INV-CODEN returns the GCODE of whatever ;;;;;;;INV-CODE returns. (PROVE-LEMMA INV-CODE-DECIPHER (REWRITE) (IMPLIES (LESSP (PLUS (DEC-COUNT X (SUB1 X) (SUB1 X)) (EXP-COUNT (DECIPHER X))) N) (EQUAL (G-INV-CODEN (G-DECIPHERN (GCODE X) N) N) (GCODE (INV-CODE (DECIPHER X))))) ((DISABLE DECIPHER1 GCODE G-INV-CODEN INV-CODE G-DECIPHER1N EXP-COUNT DEC-COUNT SUB1))) (TOGGLE G1425 G-INV-CODEN T) (TOGGLE G1426 G-DECIPHERN T) (TOGGLE G1427 INV-CODE T) (TOGGLE G1428 DECIPHER T) ;;;;;;;G-FINDN returns the value of stack counter N at the point at which G-ISTHMN located ;;;;;;;a proof/disproof. (DEFN G-FINDN (PFN EXP GIVEN DEFNS SYMBOLS N) (IF (OR (BTMP PFN) (BTMP EXP) (BTMP GIVEN) (BTMP DEFNS) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) EXP GIVEN DEFNS SYMBOLS (SUB1 N)) (SUB1 N) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (SUB1 N)) (SUB1 N) (G-FINDN (PR-ADD1N PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N)))))) ;;;;;;;G-FIND-PROOF returns the GCODE of the proof/disproof. (DEFN G-FIND-PROOF (PFN EXP GIVEN DEFNS SYMBOLS N) (IF (OR (BTMP PFN) (BTMP EXP) (BTMP GIVEN) (BTMP DEFNS) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) EXP GIVEN DEFNS SYMBOLS (SUB1 N)) (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (SUB1 N)) (G-INV-CODEN (G-DECIPHERN PFN (SUB1 N)) (SUB1 N)) (G-FIND-PROOF (PR-ADD1N PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N)))))) (TOGGLE G1429 PR-IFN NIL) (TOGGLE G1430 BOOL-FIX NIL) ;;;;;;;If G-ISTHMN returns (BOOL-FIX T), then G-FIND-PROOF returns the GCODE of a proof. (PROVE-LEMMA FIND-PROOF-PROVES-T-CASE (REWRITE) (IMPLIES (EQUAL (G-ISTHMN PFN EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX T)) (EQUAL (G-PROVESN (G-FIND-PROOF PFN EXP GIVEN DEFNS SYMBOLS N) EXP GIVEN DEFNS SYMBOLS (G-FINDN PFN EXP GIVEN DEFNS SYMBOLS N)) (BOOL-FIX T)))) ;;;;;;;If G-ISTHMN returns (BOOL-FIX F), then G-FIND-PROOF returns the GCODE of a disproof. (PROVE-LEMMA FIND-PROOF-PROVES-F-CASE (REWRITE) (IMPLIES (EQUAL (G-ISTHMN PFN EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX F)) (AND (EQUAL (G-PROVESN (G-FIND-PROOF PFN EXP GIVEN DEFNS SYMBOLS N) EXP GIVEN DEFNS SYMBOLS (G-FINDN PFN EXP GIVEN DEFNS SYMBOLS N)) (BOOL-FIX F)) (EQUAL (G-PROVESN (G-FIND-PROOF PFN EXP GIVEN DEFNS SYMBOLS N) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (G-FINDN PFN EXP GIVEN DEFNS SYMBOLS N)) (BOOL-FIX T))))) ;;;;;;;This lemma relates G-FIND-PROOF and G-FIND-PROOFN (which returns the proof number). (PROVE-LEMMA G-FIND-PROOF-GCODE (REWRITE) (IMPLIES (NOT (BTMP (G-ISTHMN PFN EXP GIVEN DEFNS SYMBOLS N))) (EQUAL (G-FIND-PROOF PFN EXP GIVEN DEFNS SYMBOLS N) (G-INV-CODEN (G-DECIPHERN (G-FIND-PROOFN PFN EXP GIVEN DEFNS SYMBOLS N) (G-FINDN PFN EXP GIVEN DEFNS SYMBOLS N)) (G-FINDN PFN EXP GIVEN DEFNS SYMBOLS N))))) (TOGGLE G1431 G-FIND-PROOF T) (TOGGLE G1432 G-FIND-PROOFN T) (TOGGLE G1433 G-FINDN T) (TOGGLE G1434 FIND-PROOFN T) (TOGGLE G1435 DEC-COUNT T) (DEFN DEC-COUNTN (X) (DEC-COUNT X (SUB1 X) (SUB1 X))) (DEFN THM-COUNT (PFN EXP VAR TERM FLG GIVEN DEFNS SYMBOLS) (PLUS (PLUS (DEC-COUNTN PFN) (EXP-COUNT (DECIPHER PFN))) (EXP-COUNT (INV-CODE (DECIPHER PFN))) (FORMULA-CNT (SUBST EXP VAR TERM FLG) SYMBOLS) (PRF-CNT (INV-CODE (DECIPHER PFN)) GIVEN DEFNS 0 SYMBOLS))) ;;;;;;;The same lemmas as above with PROVES, INV-CODE, and DECIPHER, instead of ;;;;;;;G-PROVESN, G-INV-CODEN, and G-DECIPHERN. (PROVE-LEMMA FIND-PROOF-PROVES-T-CASE-GCODE (REWRITE) (IMPLIES (AND (LESSP (ADD1 (THM-COUNT (FIND-PROOFN PFN (GCODE (SUBST EXP VAR TERM FLG)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) EXP VAR TERM FLG GIVEN DEFNS SYMBOLS)) (G-FINDN (GCODE PFN) (GCODE (SUBST EXP VAR TERM FLG)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N)) (EQUAL (G-ISTHMN (GCODE PFN) (GCODE (SUBST EXP VAR TERM FLG)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX T))) (PROVES (INV-CODE (DECIPHER (FIND-PROOFN PFN (GCODE (SUBST EXP VAR TERM FLG)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N))) (SUBST EXP VAR TERM FLG) GIVEN DEFNS SYMBOLS)) ((DISABLE GCODE SUB1 G-ISTHMN COMMUTATIVITY-OF-PLUS ASSOCIATIVITY-OF-PLUS COMMUTATIVITY2-OF-PLUS) (USE (FIND-PROOF-PROVES-T-CASE (PFN (GCODE PFN)) (EXP (GCODE (SUBST EXP VAR TERM FLG))) (GIVEN (GCODE GIVEN)) (DEFNS (GCODE DEFNS)) (SYMBOLS (GCODE SYMBOLS)))))) (PROVE-LEMMA FIND-PROOF-PROVES-F-CASE-CASE (REWRITE) (IMPLIES (EQUAL (G-ISTHMN PFN EXP GIVEN DEFNS SYMBOLS N) (BOOL-FIX F)) (EQUAL (G-PROVESN (G-FIND-PROOF PFN EXP GIVEN DEFNS SYMBOLS N) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (G-FINDN PFN EXP GIVEN DEFNS SYMBOLS N)) (BOOL-FIX T))) ((USE (FIND-PROOF-PROVES-F-CASE)))) (PROVE-LEMMA LESSP-THM-COUNT1 (REWRITE) (LESSP (PLUS (EXP-COUNT (INV-CODE (DECIPHER PFN))) (FORMULA-CNT (SUBST EXP VAR TERM FLG) SYMBOLS) (PRF-CNT (INV-CODE (DECIPHER PFN)) GIVEN DEFNS 0 SYMBOLS)) (ADD1 (THM-COUNT PFN EXP VAR TERM FLG GIVEN DEFNS SYMBOLS)))) (TOGGLE G1436 FIND-PROOF-PROVES-F-CASE T) (TOGGLE G1437 SUBST-IDENT T) (PROVE-LEMMA LESSP-THM-COUNT2 (REWRITE) (LESSP (PLUS (DEC-COUNTN PFN) (EXP-COUNT (DECIPHER PFN))) (ADD1 (THM-COUNT PFN EXP VAR TERM FLG GIVEN DEFNS SYMBOLS)))) (PROVE-LEMMA FIND-PROOF-PROVES-F-CASE-GCODE (REWRITE) (IMPLIES (AND (LESSP (ADD1 (THM-COUNT (FIND-PROOFN PFN (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (F-NOT EXP) VAR TERM 0 GIVEN DEFNS SYMBOLS)) (G-FINDN (GCODE PFN) (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N)) (EQUAL (G-ISTHMN (GCODE PFN) (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX F))) (PROVES (INV-CODE (DECIPHER (FIND-PROOFN PFN (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N))) (F-NOT (SUBST EXP VAR TERM 0)) GIVEN DEFNS SYMBOLS)) ((DISABLE GCODE SUB1 G-ISTHMN THM-COUNT COMMUTATIVITY-OF-PLUS ASSOCIATIVITY-OF-PLUS COMMUTATIVITY2-OF-PLUS) (USE (FIND-PROOF-PROVES-F-CASE-CASE (PFN (GCODE PFN)) (EXP (GCODE (SUBST EXP VAR TERM 0))) (GIVEN (GCODE GIVEN)) (DEFNS (GCODE DEFNS)) (SYMBOLS (GCODE SYMBOLS)))))) (TOGGLE G1438 THM-COUNT T) ;;;;;;;Now we start constructing the undecidable sentence. (DEFN A-UNDEC1 (FLG EXP FA VAL) (FORSOME 1 (F-AND (ISIN (Z-LIST (LIST (NCODE VAL) (NCODE FLG) (NCODE EXP) (Z-OPAIR 6 (NCODE (GCODE NIL))) (NCODE FA))) 1) (A-EV-DEFN 1)))) (TOGGLE G1439 A-EV1 NIL) (TOGGLE G1440 A-EV-DEFN NIL) (TOGGLE G1441 A-EV NIL) (PROVE-LEMMA REPLACE-VA-A-UNDEC1 (REWRITE) (EQUAL (SUBST (A-UNDEC1 FLG EXP FA VAL) 6 (NCODE VA1) 0) (A-EV1 (NCODE FLG) (NCODE EXP) (Z-OPAIR (NCODE VA1) (NCODE (GCODE NIL))) (NCODE FA) (NCODE VAL)))) (TOGGLE G1442 A-EV-DEFN-PART1 NIL) (PROVE-LEMMA COLLECT-FREE-A-UNDEC1 (REWRITE) (IMPLIES (NOT (MEMBER VAR (COLLECT-FREE TERM 0))) (NOT (MEMBER VAR (COLLECT-FREE (SUBST (A-UNDEC1 FLG EXP FA VAL) 6 TERM 0) 0))))) (TOGGLE G1443 A-EV-DEFN-PART1 T) (TOGGLE G1444 A-EV-DEFN T) (PROVE-LEMMA FORMULA-A-UNDEC1 (REWRITE) (IMPLIES (ALL-SYMBS SYMBOLS) (FORMULA (A-UNDEC1 FLG EXP FA VAL) SYMBOLS))) (TOGGLE G1445 A-EV1 T) (TOGGLE G1446 A-EV T) (TOGGLE G1447 BOOL-FIX T) (TOGGLE G1448 G-ISTHM T) (TOGGLE G1449 G-ISTHMN T) (PROVE-LEMMA NUMERAL-GCODE (REWRITE) (EQUAL (NUMERAL (GCODE X)) (NUMERAL X))) ;;;;;;;Correspondence for GC-NCODE. (DEFN GC-NCODEN (X N) (IF (OR (BTMP X) (ZEROP N)) (BTM) (PR-IFN (PR-LISTPN X) (G-Z-OPAIRN (GC-NCODEN (PR-CARN X) (SUB1 N)) (GC-NCODEN (PR-CDRN X) (SUB1 N))) (G-NUMERALN X (SUB1 N))))) (TOGGLE G1450 GC-NCODE NIL) (TOGGLE G1451 GC-NCODE-DEFN NIL) (DEFN GC-NCODE-IND (X VA N) (IF (ZEROP N) T (AND (GC-NCODE-IND (PR-CAR 0) (EV 1 (LIST X) VA (FA) N) (SUB1 N)) (GC-NCODE-IND (PR-CDR 0) (EV 1 (LIST X) VA (FA) N) (SUB1 N))))) (PROVE-LEMMA GC-NCODE-EVAL (REWRITE) (EQUAL (EV 0 (GC-NCODE X) VA (FA) N) (GC-NCODEN (EV 0 X VA (FA) N) N)) ((INDUCT (GC-NCODE-IND X VA N)) (DISABLE PR-CARN PR-CDRN PR-LISTPN))) (TOGGLE G1452 Z-OPAIR NIL) (TOGGLE G1453 Z-SING NIL) (TOGGLE G1454 Z-PAIR NIL) (PROVE-LEMMA Z-PAIRN-GCODE (REWRITE) (EQUAL (G-Z-PAIRN (GCODE X) (GCODE Y)) (GCODE (Z-PAIR X Y)))) (TOGGLE G1455 Z-PAIR T) (TOGGLE G1456 Z-PAIR T) (TOGGLE G1457 G-Z-PAIRN T) (PROVE-LEMMA Z-OPAIRN-GCODE (REWRITE) (EQUAL (G-Z-OPAIRN (GCODE X) (GCODE Y)) (GCODE (Z-OPAIR X Y)))) (TOGGLE G1458 Z-SING T) (TOGGLE G1459 G-Z-SINGN T) (TOGGLE G1460 Z-OPAIR T) (TOGGLE G1461 G-Z-OPAIRN T) (TOGGLE G1462 G-NUMERALN NIL) (TOGGLE G1463 NCODE NIL) (TOGGLE G1464 Z-SUCC NIL) (PROVE-LEMMA G-Z-SUCC-GCODE (REWRITE) (EQUAL (G-Z-SUCCN (GCODE X)) (GCODE (Z-SUCC X)))) (TOGGLE G1465 Z-SUCC T) (TOGGLE G1466 G-Z-SUCCN T) (TOGGLE G1467 PR-ZEROPN NIL) (TOGGLE G1468 PR-SUB1N NIL) (TOGGLE G1469 PR-ADD1N NIL) (TOGGLE G1470 PHI NIL) (PROVE-LEMMA G-PHIN-GCODE (REWRITE) (EQUAL (G-PHIN) (GCODE (PHI)))) (TOGGLE G1471 PHI T) (TOGGLE G1472 G-PHIN T) (PROVE-LEMMA G-NUMERALN-NCODE (REWRITE) (IMPLIES (AND (LESSP X N) (NUMBERP X)) (EQUAL (G-NUMERALN X N) (GCODE (NCODE X)))) ((INDUCT (NUMERAL-IND X N)) (DISABLE GCODE))) (DEFN NCODE-CNT (X) (IF (LISTP X) (ADD1 (PLUS (NCODE-CNT (CAR X)) (NCODE-CNT (CDR X)))) (ADD1 (FIX X)))) (DEFN NCODE-IND (X N) (IF (ZEROP N) T (IF (LISTP X) (AND (NCODE-IND (CAR X) (SUB1 N)) (NCODE-IND (CDR X) (SUB1 N))) T))) (PROVE-LEMMA GC-NCODEN-GCODE (REWRITE) (IMPLIES (AND (LESSP (NCODE-CNT X) N) (NUM-TREEP X)) (EQUAL (GC-NCODEN X N) (GCODE (NCODE X)))) ((INDUCT (NCODE-IND X N)) (DISABLE GCODE))) (TOGGLE G1473 GC-NCODE T) (TOGGLE G1474 GC-NCODEN T) (TOGGLE G1475 NCODE T) (PROVE-LEMMA GC-NCODEN-GCODE-AGAIN (REWRITE) (IMPLIES (LESSP (NCODE-CNT (GCODE X)) N) (EQUAL (GC-NCODEN (GCODE X) N) (GCODE (NCODE (GCODE X)))))) (TOGGLE G1476 GC-NCODE-DEFN T) ;;;;;;;G-UNDEC (when PFN is 0) is the EV analogue of a the metatheoretic statement, ;;;;;;;"There exists a proof of the result of substituting (NCODE (GCODE EXP)) for the ;;;;;;;variable VAR in EXP (from GIVEN, DEFNS, and SYMBOLS)". (DEFN G-UNDEC (PFN EXP VAR GIVEN DEFNS SYMBOLS) (G-ISTHM PFN (G-SUBST EXP VAR (GC-NCODE EXP) (PR-QUOTE (GCODE 0))) GIVEN DEFNS SYMBOLS)) (DEFN G-UNDECN (PFN EXP VAR GIVEN DEFNS SYMBOLS N) (G-ISTHMN PFN (G-SUBSTN EXP VAR (GC-NCODEN EXP N) (GCODE 0) N) GIVEN DEFNS SYMBOLS N)) (PROVE-LEMMA G-UNDEC-EVAL (REWRITE) (EQUAL (EV 0 (G-UNDEC PFN EXP VAR GIVEN DEFNS SYMBOLS) VA (FA) N) (G-UNDECN (EV 0 PFN VA (FA) N) (EV 0 EXP VA (FA) N) (EV 0 VAR VA (FA) N) (EV 0 GIVEN VA (FA) N) (EV 0 DEFNS VA (FA) N) (EV 0 SYMBOLS VA (FA) N) N))) (TOGGLE G1477 G-UNDEC T) ;;;;;;;A-UNDEC is the formula from which the undecidable sentence is constructed. ;;;;;;;It is got from A-EV and asserts that the value of G-UNDEC on a particular ;;;;;;;EXP (represented by a free variable, say "y", in A-UNDEC) with GIVEN, DEFNS, ;;;;;;;and SYMBOLS, is (BOOL-FIX F). This means that it is asserting, "there is ;;;;;;;no proof of the result of substituting (NCODE (GCODE y)) for the variable "y" ;;;;;;;in y, from GIVEN, DEFNS, and SYMBOLS." The undecidable sentence will be got ;;;;;;;by substituting the formula the NCODE of the GCODE of A-UNDEC for the free "y" ;;;;;;;in A-UNDEC itself. (DEFN A-UNDEC (GIVEN DEFNS SYMBOLS) (A-UNDEC1 0 (G-UNDEC (PR-QUOTE (GCODE 0)) 0 (PR-QUOTE (GCODE 6)) (PR-QUOTE (GCODE GIVEN)) (PR-QUOTE (GCODE DEFNS)) (PR-QUOTE (GCODE SYMBOLS))) (FA) (BOOL-FIX F))) (DEFN UNDEC-COUNT (EXP VAR TERM GIVEN DEFNS SYMBOLS N) (PLUS (ADD1 (THM-COUNT (FIND-PROOFN 0 (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (F-NOT EXP) VAR TERM 0 GIVEN DEFNS SYMBOLS)) (ADD1 (THM-COUNT (FIND-PROOFN 0 (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) EXP VAR TERM 0 GIVEN DEFNS SYMBOLS)) (NCODE-CNT (GCODE EXP)))) (DEFN ISTHM-A-PROVES-A-PROOF (PFN EXP VAR TERM GIVEN DEFNS SYMBOLS N) (INV-CODE (DECIPHER (FIND-PROOFN PFN (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N)))) (DEFN FINDN-COUNT (PFN EXP VAR TERM GIVEN DEFNS SYMBOLS N) (G-FINDN (GCODE PFN) (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N)) (TOGGLE G1478 GCODE T) (TOGGLE G1479 EXP-COUNT T) ;;;;;;;The lemma below begins the first of four important lemmas. ;;;;;;;The undecidable sentence is of the form; ;;;;;;;(SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) ;;;;;;; 6 ;;;;;;; (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0), ;;;;;;;where DEFNS and SYMBOLS will be instantiated by a specific list of ;;;;;;;definitions and symbols, respectively. The lemma asserts that if ;;;;;;;G-ISTHMN returns (BOOL-FIX T) on the GCODE of the undecidable sentence, ;;;;;;;then the undecidable sentence is provable. This makes sense because ;;;;;;;G-ISTHMN returns (BOOL-FIX T) when it has found a proof in the enumeration ;;;;;;;of proofs. (PROVE-LEMMA ISTHM-A-PROVES-A (REWRITE) (IMPLIES (AND (LESSP (UNDEC-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) GIVEN DEFNS SYMBOLS N) (FINDN-COUNT 0 (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) GIVEN DEFNS SYMBOLS N)) (LESSP (EXP-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS)) N) (EQUAL (G-ISTHMN (GCODE 0) (G-SUBSTN (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)) (GCODE 6) (GCODE (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)))) (GCODE 0) N) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX T))) (PROVES (ISTHM-A-PROVES-A-PROOF 0 (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) GIVEN DEFNS SYMBOLS N) (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0) GIVEN DEFNS SYMBOLS)) ((DISABLE A-UNDEC))) ;;;;;;;Similarly, if G-ISTHMN returns (BOOL-FIX F), it means that it found a disproof of ;;;;;;;the undecidable sentence, and its negation is therefore provable. (PROVE-LEMMA NOT-ISTHM-A-PROVES-NOT-A (REWRITE) (IMPLIES (AND (LESSP (UNDEC-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) GIVEN DEFNS SYMBOLS N) (FINDN-COUNT 0 (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) GIVEN DEFNS SYMBOLS N)) (LESSP (EXP-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS)) N) (EQUAL (G-ISTHMN (GCODE 0) (G-SUBSTN (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)) (GCODE 6) (GCODE (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)))) (GCODE 0) N) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX F))) (PROVES (ISTHM-A-PROVES-A-PROOF 0 (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) GIVEN DEFNS SYMBOLS N) (F-NOT (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0)) GIVEN DEFNS SYMBOLS)) ((DISABLE A-UNDEC))) (TOGGLE G1480 ISTHM-A-PROVES-A-PROOF T) (TOGGLE G1481 A-EV1-NOT-GOOD-PROOF T) (DEFN ISTHM-A-PROVES-NOT-A-PROOF (GIVEN DEFNS SYMBOLS N) (A-EV1-NOT-GOOD-PROOF 0 (G-UNDEC (PR-QUOTE (GCODE 0)) 0 (PR-QUOTE (GCODE 6)) (PR-QUOTE (GCODE GIVEN)) (PR-QUOTE (GCODE DEFNS)) (PR-QUOTE (GCODE SYMBOLS))) (CONS (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)) (GCODE NIL)) (FA) N (BOOL-FIX F))) ;;;;;;;The more surprising pair of facts are that if G-ISTHMN returns (BOOL-FIX T) ;;;;;;;the GCODE of the undecidable sentence, then the negation of the undecidable ;;;;;;;sentence is provable. This is because the undecidable sentence through the ;;;;;;;fact that it represents some instance of the Lisp interpreter asserts that G-ISTHMN ;;;;;;;returns (BOOL-FIX F) on the undecidable sentence itself, which in this case is false. (PROVE-LEMMA ISTHM-A-PROVES-NOT-A-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (LESSP (NCODE-CNT (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) N) (LESSP (EXP-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS)) N) (EQUAL (G-ISTHMN (GCODE 0) (GCODE (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX T)) (EQUAL CONCL (F-NOT (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0)))) (PROVES (ISTHM-A-PROVES-NOT-A-PROOF GIVEN DEFNS SYMBOLS N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SUBST A-UNDEC1))) (TOGGLE G1482 ISTHM-A-PROVES-NOT-A-PROOF T) (DEFN NOT-ISTHM-A-PROVES-A-PROOF (GIVEN DEFNS SYMBOLS N) (A-EV1-OK-PROOF 0 (G-UNDEC (PR-QUOTE (GCODE 0)) 0 (PR-QUOTE (GCODE 6)) (PR-QUOTE (GCODE GIVEN)) (PR-QUOTE (GCODE DEFNS)) (PR-QUOTE (GCODE SYMBOLS))) (CONS (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)) (GCODE NIL)) (FA) N)) ;;;;;;;If G-ISTHMN returns (BOOL-FIX F) on the the GCODE of the undecidable sentence, ;;;;;;;then the undecidable sentence is provable. This is because the undecidable ;;;;;;;sentence through the fact that it represents some instance of the Lisp interpreter ;;;;;;;asserts that G-ISTHMN does return (BOOL-FIX F) on the undecidable sentence itself. (PROVE-LEMMA NOT-ISTHM-A-PROVES-A-PROOF-PROVES (REWRITE) (IMPLIES (AND (EV-HYPS GIVEN DEFNS SYMBOLS) (LESSP (NCODE-CNT (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) N) (LESSP (EXP-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS)) N) (EQUAL (G-ISTHMN (GCODE 0) (GCODE (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX F)) (EQUAL CONCL (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0))) (PROVES (NOT-ISTHM-A-PROVES-A-PROOF GIVEN DEFNS SYMBOLS N) CONCL GIVEN DEFNS SYMBOLS)) ((DISABLE SUBST A-UNDEC1))) ;;;;;;;Now we need to prove that if Z2 is complete, then G-ISTHMN returns either (BOOL-FIX T) ;;;;;;;or (BOOL-FIX F). Then by the above four lemmas, we have that the undecidable sentence ;;;;;;;is both provable and disprovable. Therefore, we would have established that Z2 is ;;;;;;;either incomplete or inconsistent. (TOGGLE G1483 ISTHM-A-PROVES-NOT-A-PROOF T) (DEFN THM-COUNT1 (PFN EXP GIVEN DEFNS SYMBOLS) (PLUS (PLUS (DEC-COUNTN PFN) (EXP-COUNT (DECIPHER PFN))) (EXP-COUNT (INV-CODE (DECIPHER PFN))) (FORMULA-CNT EXP SYMBOLS) (PRF-CNT (INV-CODE (DECIPHER PFN)) GIVEN DEFNS 0 SYMBOLS))) (PROVE-LEMMA THM-COUNT1-LESSP (REWRITE) (LESSP (PLUS (DEC-COUNT PFN (SUB1 PFN) (SUB1 PFN)) (EXP-COUNT (DECIPHER PFN))) (ADD1 (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS)))) (PROVE-LEMMA THM-COUNT1-LESSP1 (REWRITE) (LESSP (PLUS (EXP-COUNT (INV-CODE (DECIPHER PFN))) (FORMULA-CNT EXP SYMBOLS) (PRF-CNT (INV-CODE (DECIPHER PFN)) GIVEN DEFNS 0 SYMBOLS)) (ADD1 (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS)))) (TOGGLE G1484 THM-COUNT1 T) (DEFN COMP-COUNT (PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS) (IF (LEQ PF PFN) (PLUS (ADD1 (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS)) (ADD1 (THM-COUNT1 PFN (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (ADD1 EXTRAS)) (IF (PROVES (INV-CODE (DECIPHER PFN)) EXP GIVEN DEFNS SYMBOLS) (PLUS (ADD1 (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS)) (ADD1 (THM-COUNT1 PFN (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (ADD1 EXTRAS)) (IF (PROVES (INV-CODE (DECIPHER PFN)) (F-NOT EXP) GIVEN DEFNS SYMBOLS) (PLUS (ADD1 (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS)) (ADD1 (THM-COUNT1 PFN (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (ADD1 EXTRAS)) (PLUS (ADD1 (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS)) (ADD1 (THM-COUNT1 PFN (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (ADD1 EXTRAS) (ADD1 (COMP-COUNT PF (ADD1 PFN) EXP GIVEN DEFNS SYMBOLS EXTRAS)))))) ((LESSP (DIFFERENCE PF PFN)))) (DEFN PROVES-ISTHMN-IND (PF PFN EXP GIVEN DEFNS SYMBOLS N) (IF (ZEROP N) T (IF (LEQ PF PFN) T (IF (PROVES (INV-CODE (DECIPHER PFN)) EXP GIVEN DEFNS SYMBOLS) T (IF (PROVES (INV-CODE (DECIPHER PFN)) (F-NOT EXP) GIVEN DEFNS SYMBOLS) T (PROVES-ISTHMN-IND PF (ADD1 PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N))))))) (TOGGLE G1485 G-ISTHMN NIL) (PROVE-LEMMA LESSP-COMP-COUNT1 (REWRITE) (LESSP (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS) (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS))) (PROVE-LEMMA LESSP-COMP-COUNT2 (REWRITE) (LESSP (THM-COUNT1 PFN (F-NOT EXP) GIVEN DEFNS SYMBOLS) (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS))) (PROVE-LEMMA LESSP-EXTRAS-COMP-COUNT (REWRITE) (LESSP EXTRAS (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS))) (TOGGLE G1486 FIND-PROOF-PROVES-F-CASE-GCODE T) (TOGGLE G1487 FIND-PROOF-PROVES-T-CASE-GCODE T) (TOGGLE G1488 G-PROVESN-T-OR-F1 T) (TOGGLE G1489 G-PROVESN-T-OR-F2 T) (TOGGLE G1490 PR-IFN T) ;;;;;;;The lemma below is the crucial one in the final proof of the incompleteness theorem. ;;;;;;;It asserts that if there is a number PF which corresponds to a proof or disproof of EXP, ;;;;;;;then G-ISTHMN (with a large enough stack-counter) when started on a proof-number PFN ;;;;;;;less than or equal to PF, will either find PF or some proof/disproof before it, and ;;;;;;;will therefore either return (BOOL-FIX T) or (BOOL-FIX F). This with the four lemmas ;;;;;;;above provides enough material to prove the incompleteness theorem, but we still need ;;;;;;;to build up a large enough stack-counter to cover all these five lemmas. (PROVE-LEMMA PROVES-T-NOT-BTMP-ISTHMN (REWRITE) (IMPLIES (AND (NUMBERP PFN) (NUMBERP PF) (OR (PROVES (INV-CODE (DECIPHER PF)) EXP GIVEN DEFNS SYMBOLS) (PROVES (INV-CODE (DECIPHER PF)) (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (LEQ PFN PF) (LESSP (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS) N)) (OR (EQUAL (G-ISTHMN (GCODE PFN) (GCODE EXP) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX T)) (EQUAL (G-ISTHMN (GCODE PFN) (GCODE EXP) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (BOOL-FIX F)))) ((INDUCT (PROVES-ISTHMN-IND PF PFN EXP GIVEN DEFNS SYMBOLS N)) (DISABLE COMMUTATIVITY-OF-PLUS COMMUTATIVITY2-OF-PLUS ASSOCIATIVITY-OF-PLUS))) (TOGGLE G1491 PROVES-T-NOT-BTMP-ISTHMN T) (TOGGLE G1492 FIND-PROOFN NIL) (DEFN FINDN (PFN EXP GIVEN DEFNS SYMBOLS N) (IF (OR (BTMP EXP) (BTMP GIVEN) (BTMP DEFNS) (BTMP SYMBOLS) (ZEROP N)) (BTM) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN (GCODE PFN) (SUB1 N)) (SUB1 N)) EXP GIVEN DEFNS SYMBOLS (SUB1 N)) (SUB1 N) (PR-IFN (G-PROVESN (G-INV-CODEN (G-DECIPHERN (GCODE PFN) (SUB1 N)) (SUB1 N)) (G-F-NOTN EXP) GIVEN DEFNS SYMBOLS (SUB1 N)) (SUB1 N) (FINDN (ADD1 PFN) EXP GIVEN DEFNS SYMBOLS (SUB1 N)))))) (TOGGLE G1493 PR-IFN T) (PROVE-LEMMA LESSP-COMP-COUNT3 (REWRITE) (LESSP (PLUS (THM-COUNT1 PFN (F-NOT EXP) GIVEN DEFNS SYMBOLS) (THM-COUNT1 PFN EXP GIVEN DEFNS SYMBOLS) EXTRAS) (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS)) ((INDUCT (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS)))) (PROVE-LEMMA FINDN-THM-COUNT-LESSP (REWRITE) (IMPLIES (AND (NUMBERP PFN) (NUMBERP PF) (OR (PROVES (INV-CODE (DECIPHER PF)) EXP GIVEN DEFNS SYMBOLS) (PROVES (INV-CODE (DECIPHER PF)) (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (LEQ PFN PF) (LESSP (ADD1 (ADD1 (COMP-COUNT PF PFN EXP GIVEN DEFNS SYMBOLS EXTRAS))) N)) (LESSP (PLUS (ADD1 (THM-COUNT1 (FIND-PROOFN PFN (GCODE EXP) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) (F-NOT EXP) GIVEN DEFNS SYMBOLS)) (ADD1 (THM-COUNT1 (FIND-PROOFN PFN (GCODE EXP) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N) EXP GIVEN DEFNS SYMBOLS)) EXTRAS) (FINDN PFN (GCODE EXP) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N))) ((INDUCT (PROVES-ISTHMN-IND PF PFN EXP GIVEN DEFNS SYMBOLS N)) (DISABLE COMMUTATIVITY-OF-PLUS COMMUTATIVITY2-OF-PLUS ASSOCIATIVITY-OF-PLUS PROVES-IS-FORMULA-AGAIN EXP-COUNT))) (TOGGLE G1494 G-FINDN NIL) (PROVE-LEMMA FINDN-G-FINDN (REWRITE) (EQUAL (G-FINDN (GCODE PFN) EXP GIVEN DEFNS SYMBOLS N) (FINDN PFN EXP GIVEN DEFNS SYMBOLS N)) ((INDUCT (FIND-PROOF-IND PFN N)))) (TOGGLE G1495 G-FINDN T) (TOGGLE G1496 THM-COUNT NIL) (TOGGLE G1497 THM-COUNT1 NIL) (PROVE-LEMMA THM-COUNT-THM-COUNT1 (REWRITE) (EQUAL (THM-COUNT PFN EXP VAR TERM FLG GIVEN DEFNS SYMBOLS) (THM-COUNT1 PFN (SUBST EXP VAR TERM FLG) GIVEN DEFNS SYMBOLS))) (TOGGLE G1498 THM-COUNT T) (TOGGLE G1499 THM-COUNT1 T) (TOGGLE G1500 DECIPHER NIL) (PROVE-LEMMA NUM-TREEP-NUM-TREEP (REWRITE) (EQUAL (NUMTREEP X) (NUM-TREEP X))) (PROVE-LEMMA INV-CODE-DECIPHER-NUMCODE (REWRITE) (EQUAL (GCODE (INV-CODE (DECIPHER (NUMCODE (GCODE X))))) (GCODE X))) (TOGGLE G1501 DECIPHER T) (TOGGLE G1502 BOOL-FIX NIL) (PROVE-LEMMA PROVES-INV-CODE-DECIPHER (REWRITE) (EQUAL (PROVES (INV-CODE (DECIPHER (NUMCODE (GCODE PF)))) EXP GIVEN DEFNS SYMBOLS) (PROVES PF EXP GIVEN DEFNS SYMBOLS)) ((USE (G-PROVESN-GCODE (N (ADD1 (PLUS (EXP-COUNT (INV-CODE (DECIPHER (NUMCODE (GCODE PF))))) (FORMULA-CNT EXP SYMBOLS) (PRF-CNT (INV-CODE (DECIPHER (NUMCODE (GCODE PF)))) GIVEN DEFNS 0 SYMBOLS) (EXP-COUNT PF) (PRF-CNT PF GIVEN DEFNS 0 SYMBOLS)))) (PF (INV-CODE (DECIPHER (NUMCODE (GCODE PF)))))) (G-PROVESN-GCODE (N (ADD1 (PLUS (EXP-COUNT (INV-CODE (DECIPHER (NUMCODE (GCODE PF))))) (FORMULA-CNT EXP SYMBOLS) (PRF-CNT (INV-CODE (DECIPHER (NUMCODE (GCODE PF)))) GIVEN DEFNS 0 SYMBOLS) (EXP-COUNT PF) (PRF-CNT PF GIVEN DEFNS 0 SYMBOLS)))))) (DISABLE G-PROVESN-GCODE INV-CODE-GCODE))) (TOGGLE G1503 FINDN T) (TOGGLE G1504 BOOL-FIX T) ;;;;;;;The undecidable sentence - DEFNS and SYMBOLS will have to be instantiated, but ;;;;;;;GIVEN will be left as a parameter so that for any specific GIVEN, we get a specific ;;;;;;;undecidable sentence. This would show that the addition of the undecidable sentence ;;;;;;;or any finite list of new axioms will still leave the theory incomplete or inconsistent. (DEFN UNDEC-SENT (GIVEN DEFNS SYMBOLS) (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0)) (DEFN FINAL-COUNT (PF GIVEN DEFNS SYMBOLS) (ADD1 (PLUS (ADD1 (ADD1 (COMP-COUNT (NUMCODE (GCODE PF)) 0 (UNDEC-SENT GIVEN DEFNS SYMBOLS) GIVEN DEFNS SYMBOLS (NCODE-CNT (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)))))) (ADD1 (NCODE-CNT (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)))) (ADD1 (EXP-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS)))))) (TOGGLE G1505 NCODE-CNT T) (TOGGLE G1506 PROVES-IS-FORMULA-AGAIN T) (TOGGLE G1507 COMP-COUNT T) (TOGGLE G1508 NUMCODE T) (TOGGLE G1509 EXP-COUNT T) (TOGGLE G1510 FINDN-THM-COUNT-LESSP T) (PROVE-LEMMA UNDEC-COUNT-LESSP (REWRITE) (IMPLIES (AND (NUMBERP PF) (OR (PROVES (INV-CODE (DECIPHER PF)) (SUBST EXP VAR TERM 0) GIVEN DEFNS SYMBOLS) (PROVES (INV-CODE (DECIPHER PF)) (F-NOT (SUBST EXP VAR TERM 0)) GIVEN DEFNS SYMBOLS)) (LESSP (ADD1 (ADD1 (COMP-COUNT PF 0 (SUBST EXP VAR TERM 0) GIVEN DEFNS SYMBOLS (NCODE-CNT (GCODE EXP))))) N)) (LESSP (UNDEC-COUNT EXP VAR TERM GIVEN DEFNS SYMBOLS N) (FINDN 0 (GCODE (SUBST EXP VAR TERM 0)) (GCODE GIVEN) (GCODE DEFNS) (GCODE SYMBOLS) N))) ((USE (FINDN-THM-COUNT-LESSP (PFN 0) (EXTRAS (NCODE-CNT (GCODE EXP))) (EXP (SUBST EXP VAR TERM 0)))) (DISABLE A-UNDEC G-ISTHMN G-PROVESN-GCODE INV-CODE-DECIPHER FIND-PROOFN))) (TOGGLE G1511 UNDEC-COUNT T) (TOGGLE G1512 NOT-ISTHM-A-PROVES-A-PROOF T) (PROVE-LEMMA COMP-COUNT-FINAL-COUNT-LESSP (REWRITE) (LESSP (ADD1 (ADD1 (COMP-COUNT (NUMCODE (GCODE PF)) 0 (SUBST (A-UNDEC GIVEN DEFNS SYMBOLS) 6 (NCODE (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) 0) GIVEN DEFNS SYMBOLS (NCODE-CNT (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS)))))) (FINAL-COUNT PF GIVEN DEFNS SYMBOLS)) ((DISABLE A-UNDEC))) (PROVE-LEMMA LESSP-NCODE-CNT-FINAL-COUNT (REWRITE) (LESSP (NCODE-CNT (GCODE (A-UNDEC GIVEN DEFNS SYMBOLS))) (FINAL-COUNT PF GIVEN DEFNS SYMBOLS)) ((DISABLE A-UNDEC))) (PROVE-LEMMA LESSP-EXP-COUNT-FINAL-COUNT (REWRITE) (LESSP (EXP-COUNT (A-UNDEC GIVEN DEFNS SYMBOLS)) (FINAL-COUNT PF GIVEN DEFNS SYMBOLS)) ((DISABLE EXP-COUNT A-UNDEC))) (PROVE-LEMMA LESSP-NUM-FINAL-COUNT (REWRITE) (LESSP 4 (FINAL-COUNT PF GIVEN DEFNS SYMBOLS))) ;;;;;;;The final list of symbols, THM-SYMBS. (DEFN THM-SYMBS NIL (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 11 2) (FN 10 1) (FN 9 1) (FN 8 1) (FN 7 1) (FN 6 1) (FN 5 1) (FN 4 1) (FN 3 1) (P 2 1) (FN 2 2) (FN 1 2) (P 1 2) (FN 0 0))) ;;;;;;;The final list of function/predicate definitions. (DEFN THM-DEFNS NIL (LIST (CONS (P 2 1) (Z-INT-DEFN 0 1 2)) (CONS (FN 3 1) (F-EQUAL (Z-SUCC 0) (Z-UNION (Z-SING 0) 0))) (CONS (FN 4 1) (Z-CAR-DEFN 0 (Z-CAR 0) 1 2)) (CONS (FN 5 1) (Z-CDR-DEFN 0 (Z-CDR 0) 1 2)) (CONS (FN 6 1) (Z-LISTP-DEFN 0 (Z-LISTP 0) 1 2)) (CONS (FN 7 1) (Z-ADD1-DEFN 0 (Z-ADD1 0) 1 2)) (CONS (FN 8 1) (Z-NUMBERP-DEFN 0 (Z-NUMBERP 0))) (CONS (FN 9 1) (Z-ZEROP-DEFN 0 (Z-ZEROP 0))) (CONS (FN 10 1) (Z-SUB1-DEFN 0 (Z-SUB1 0) 3)) (CONS (FN 11 2) (Z-EQUAL-DEFN 0 1 (Z-EQUAL 0 1))) (CONS (FN 12 2) (Z-CONS-DEFN 0 1 (Z-CONS 0 1))) (CONS (FN 13 2) (Z-APPLY-SUBR1-DEFN 0 1 (Z-APPLY-SUBR1 0 1))) (CONS (FN 14 2) (Z-APPLY-SUBR2-DEFN 0 1 (Z-APPLY-SUBR2 0 1))) (CONS (FN 15 2) (Z-APPLY-SUBR-DEFN 0 1 (Z-APPLY-SUBR 0 1))) (CONS (FN 16 1) (Z-SUBRP-DEFN 0 (Z-SUBRP 0))))) (TOGGLE G1549 Z-SUBRP-HYPS NIL) (TOGGLE G1550 Z-APPLY-SUBR-HYPS NIL) (TOGGLE G1551 Z-APPLY-SUBR1-HYPS NIL) (TOGGLE G1552 Z-APPLY-SUBR2-HYPS NIL) (TOGGLE G1553 Z-SUCC-HYPS NIL) (TOGGLE G1554 Z-INT-HYPS NIL) (TOGGLE G1555 Z-CAR-HYPS NIL) (TOGGLE G1556 Z-CDR-HYPS NIL) (TOGGLE G1557 Z-LISTP-HYPS NIL) (TOGGLE G1558 Z-CONS-HYPS NIL) (TOGGLE G1559 Z-ADD1-HYPS NIL) (TOGGLE G1560 Z-SUB1-HYPS NIL) (TOGGLE G1561 Z-EQUAL-HYPS NIL) (TOGGLE G1562 Z-NUMBERP-HYPS NIL) (TOGGLE G1563 REST-OF NIL) (TOGGLE G1564 EQL-GCODE-EQUAL T) (PROVE-LEMMA EV-HYPS-Z-INT (REWRITE) (Z-INT-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA EV-HYPS-Z-SUCC (REWRITE) (Z-SUCC-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA EV-HYPS-Z-CAR (REWRITE) (Z-CAR-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA EV-HYPS-Z-CDR (REWRITE) (Z-CDR-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA Z-LISTP-EV-HYPS (REWRITE) (Z-LISTP-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA Z-CONS-EV-HYPS (REWRITE) (Z-CONS-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA Z-NUMBERP-EV-HYPS (REWRITE) (Z-NUMBERP-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA Z-EQUAL-EV-HYPS (REWRITE) (Z-EQUAL-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA Z-ADD1-EV-HYPS (REWRITE) (Z-ADD1-HYPS (THM-DEFNS) (THM-SYMBS))) (PROVE-LEMMA Z-SUB1-EV-HYPS (REWRITE) (Z-SUB1-HYPS (THM-DEFNS) (THM-SYMBS))) (TOGGLE G1565 SUBSET-CONS T) (TOGGLE G1566 PRIME-MEMBER T) (TOGGLE G1567 MEMBER-DELETE T) (PROVE-LEMMA Z-APPLY-SUBR1-EV-HYPS (REWRITE) (Z-APPLY-SUBR1-HYPS (THM-DEFNS) (THM-SYMBS)) ((DISABLE Z-APPLY-SUBR1-DEFN Z-APPLY-SUBR2-DEFN Z-APPLY-SUBR-DEFN))) (PROVE-LEMMA Z-APPLY-SUBR2-EV-HYPS (REWRITE) (Z-APPLY-SUBR2-HYPS (THM-DEFNS) (THM-SYMBS)) ((DISABLE Z-APPLY-SUBR1-DEFN Z-APPLY-SUBR2-DEFN Z-APPLY-SUBR-DEFN))) (PROVE-LEMMA Z-APPLY-SUBR-EV-HYPS (REWRITE) (Z-APPLY-SUBR-HYPS (THM-DEFNS) (THM-SYMBS)) ((DISABLE Z-APPLY-SUBR1-DEFN Z-APPLY-SUBR2-DEFN Z-APPLY-SUBR-DEFN))) (PROVE-LEMMA Z-SUBRP-EV-HYPS (REWRITE) (Z-SUBRP-HYPS (THM-DEFNS) (THM-SYMBS))) (TOGGLE G1568 Z-SUBRP-HYPS T) (TOGGLE G1569 Z-APPLY-SUBR-HYPS T) (TOGGLE G1570 Z-APPLY-SUBR1-HYPS T) (TOGGLE G1571 Z-APPLY-SUBR2-HYPS T) (TOGGLE G1572 Z-SUCC-HYPS T) (TOGGLE G1573 Z-INT-HYPS T) (TOGGLE G1574 Z-CAR-HYPS T) (TOGGLE G1575 Z-CDR-HYPS T) (TOGGLE G1576 Z-LISTP-HYPS T) (TOGGLE G1577 Z-CONS-HYPS T) (TOGGLE G1578 Z-ADD1-HYPS T) (TOGGLE G1579 Z-SUB1-HYPS T) (TOGGLE G1580 Z-EQUAL-HYPS T) (TOGGLE G1581 Z-NUMBERP-HYPS T) (PROVE-LEMMA SUBSET-THM-SYMBS (REWRITE) (SUBSET (LIST (FN 16 1) (FN 15 2) (FN 14 2) (FN 13 2) (FN 12 2) (FN 0 0) (FN 3 1) (FN 4 1) (FN 5 1) (FN 6 1) (FN 7 1) (FN 8 1) (FN 9 1) (FN 10 1) (FN 11 2) (FN 1 2) (FN 2 2) (P 2 1) (P 1 2)) (THM-SYMBS))) (TOGGLE G1585 Z-ZEROP-HYPS NIL) (PROVE-LEMMA Z-ZEROP-EV-HYPS (REWRITE) (Z-ZEROP-HYPS (THM-DEFNS) (THM-SYMBS))) (TOGGLE G1586 REST-OF T) (TOGGLE G1587 THM-DEFNS T) (PROVE-LEMMA ALL-SYMBS-THM-SYMBS (REWRITE) (ALL-SYMBS (THM-SYMBS))) (TOGGLE G1589 THM-SYMBS T) (PROVE-LEMMA EV-HYPS-THM-DEFNS-SYMBOLS (REWRITE) (EV-HYPS GIVEN (THM-DEFNS) (THM-SYMBS)) ((DISABLE SUBSET) (USE (SUBSET-THM-SYMBS)))) (PROVE-LEMMA ALL-SYMBS-TERMP-NCODE (REWRITE) (IMPLIES (ALL-SYMBS SYMBS) (TERMP (NCODE X) 0 SYMBS))) (TOGGLE G1591 ALL-SYMBS T) (PROVE-LEMMA FORMULA-UNDEC-SENT (REWRITE) (IMPLIES (ALL-SYMBS SYMBS) (FORMULA (UNDEC-SENT GIVEN DEFNS SYMBS) SYMBS)) ((DISABLE A-UNDEC1 REPLACE-VA-A-UNDEC1))) ;;;;;;;The lemma below is very nearly the final one. It asserts that if PF is either ;;;;;;;a proof or disproof of the undecidable sentence, then in one of two possible ways ;;;;;;;(as given by the four lemmas above), the undecidable sentence is both provable and ;;;;;;;disprovable. The observation is that if Z2 was complete, the undecidable sentence ;;;;;;;would either be a provable or disprovable. PF below could be instantiated with ;;;;;;;the given proof/disproof, yielding the conclusion of the lemma that Z2 is then ;;;;;;;inconsistent. We still need to show that the undecidable sentence below is a ;;;;;;;Z2 formula and that it contains no free variables. This is done next. (PROVE-LEMMA INCOMPLETENESS-MAIN-PART (REWRITE) (IMPLIES (OR (PROVES PF (UNDEC-SENT GIVEN (THM-DEFNS) (THM-SYMBS)) GIVEN (THM-DEFNS) (THM-SYMBS)) (PROVES PF (F-NOT (UNDEC-SENT GIVEN (THM-DEFNS) (THM-SYMBS))) GIVEN (THM-DEFNS) (THM-SYMBS))) (OR (AND (PROVES (ISTHM-A-PROVES-A-PROOF 0 (A-UNDEC GIVEN (THM-DEFNS) (THM-SYMBS)) 6 (NCODE (GCODE (A-UNDEC GIVEN (THM-DEFNS) (THM-SYMBS)))) GIVEN (THM-DEFNS) (THM-SYMBS) (FINAL-COUNT PF GIVEN (THM-DEFNS) (THM-SYMBS))) (UNDEC-SENT GIVEN (THM-DEFNS) (THM-SYMBS)) GIVEN (THM-DEFNS) (THM-SYMBS)) (PROVES (ISTHM-A-PROVES-NOT-A-PROOF GIVEN (THM-DEFNS) (THM-SYMBS) (