• Top
  • Documentation
  • Books
  • Recursion-and-induction
  • Boolean-reasoning
  • Debugging
  • Projects
  • Std
    • Std/lists
    • Std/alists
    • Obags
    • Std/util
    • Std/strings
    • Std/io
    • Std/osets
    • Std/system
    • Std/basic
      • Maybe-stringp
      • Maybe-natp
      • Two-nats-measure
      • Impossible
      • Nat-list-measure
        • Nat-list-<
      • Bytep
      • Maybe-posp
      • Nibblep
      • Mbt$
      • Organize-symbols-by-pkg
      • Organize-symbols-by-name
      • Good-valuep
      • Lnfix
      • Streqv
      • Chareqv
      • Symbol-package-name-non-cl
      • Std/basic-extensions
      • Arith-equivs
      • Induction-schemes
      • Maybe-integerp
      • Char-fix
      • Symbol-package-name-lst
      • Pos-fix
      • Maybe-bitp
      • Good-pseudo-termp
      • Str-fix
      • Maybe-string-fix
      • Lifix
      • Bfix
      • Std/basic/if*
      • Impliez
      • Tuplep
      • Std/basic/symbol-name-lst
      • Std/basic/intern-in-package-of-symbol
      • Lbfix
      • True
      • Std/basic/member-symbol-name
      • False
    • Std/typed-lists
    • Std/bitsets
    • Std/testing
    • Std/typed-alists
    • Std/stobjs
    • Std-extensions
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Testing-utilities
  • Math

• Std/basic
• Ordinals
• ACL2-count

Nat-list-measure

An ordinal measure for admitting functions: lexicographic ordering of a list of natural numbers.

(nat-list-measure a) constructs an ordinal that can be used to prove that recursive functions terminate. It essentially provides a lexicographic order of a list of naturals. That is,

(o< (nat-list-measure (list a1 b1 c1))
    (nat-list-measure (list a2 b2 c2)))

Will be true when either:

• a1 < a2, or else
• a1 == a2 and b1 < b2, or else
• a1 == a2 and b1 == b2 and c1 < c2.

Typical usage is, e.g.,:

(defun f (a b c)
  (declare (xargs :measure (nat-list-measure (list a b c))))
  ...)

See also the simpler (but more limited) two-nats-measure for some additional discussion on how such a measure might be useful.

See also nat-list-< for a somewhat fancier alternative.

Definitions and Theorems

Function: nat-list-measure

(defun nat-list-measure (a)
       (declare (xargs :guard t))
       (if (atom a)
           (nfix a)
           (make-ord (len a)
                     (+ 1 (nfix (car a)))
                     (nat-list-measure (cdr a)))))

Theorem: consp-nat-list-measure

(defthm consp-nat-list-measure
        (equal (consp (nat-list-measure a))
               (consp a)))

Theorem: atom-caar-nat-list-measure

(defthm atom-caar-nat-list-measure
        (equal (caar (nat-list-measure a))
               (and (consp a) (len a))))

Theorem: o-p-of-nat-list-measure

(defthm o-p-of-nat-list-measure
        (o-p (nat-list-measure a)))

Function: cons-list-or-quotep

(defun cons-list-or-quotep (x)
       (if (atom x)
           (equal x nil)
           (case (car x)
                 't
                 (cons (and (eql (len x) 3)
                            (cons-list-or-quotep (third x)))))))

Theorem: o<-of-nat-list-measure

(defthm
 o<-of-nat-list-measure
 (implies
  (syntaxp (and (cons-list-or-quotep a)
                (cons-list-or-quotep b)))
  (equal (o< (nat-list-measure a)
             (nat-list-measure b))
         (or (< (len a) (len b))
             (and (equal (len a) (len b))
                  (if (consp a)
                      (or (< (nfix (car a)) (nfix (car b)))
                          (and (equal (nfix (car a)) (nfix (car b)))
                               (o< (nat-list-measure (cdr a))
                                   (nat-list-measure (cdr b)))))
                      (< (nfix a) (nfix b))))))))

Subtopics

Nat-list-<

An alternate well-founded-relation that allows lists of naturals to be used directly as measures.