• Top
    • Documentation
    • Books
    • Recursion-and-induction
    • Boolean-reasoning
    • Debugging
    • Projects
    • Std
      • Std/lists
        • Std/lists/abstract
        • Rev
        • Defsort
        • List-fix
        • Std/lists/nth
        • Hons-remove-duplicates
        • Std/lists/update-nth
        • Set-equiv
        • Duplicity
        • Prefixp
        • Std/lists/take
        • Std/lists/intersection$
        • Nats-equiv
        • Repeat
        • Index-of
        • All-equalp
        • Sublistp
        • Std/lists/nthcdr
        • Std/lists/append
        • Listpos
        • List-equiv
        • Final-cdr
        • Std/lists/remove
        • Subseq-list
        • Rcons
        • Std/lists/revappend
        • Std/lists/remove-duplicates-equal
        • Std/lists/last
        • Std/lists/reverse
        • Std/lists/resize-list
        • Flatten
        • Suffixp
        • Std/lists/set-difference
        • Std/lists/butlast
        • Std/lists/len
        • Std/lists/intersectp
        • Std/lists/true-listp
        • Intersectp-witness
        • Subsetp-witness
          • Std/lists/remove1-equal
          • Rest-n
          • First-n
          • Std/lists/union
          • Append-without-guard
          • Std/lists/subsetp
          • Std/lists/member
        • Std/alists
        • Obags
        • Std/util
        • Std/strings
        • Std/io
        • Std/osets
        • Std/system
        • Std/basic
        • Std/typed-lists
        • Std/bitsets
        • Std/testing
        • Std/typed-alists
        • Std/stobjs
        • Std-extensions
      • Proof-automation
      • Macro-libraries
      • ACL2
      • Interfacing-tools
      • Hardware-verification
      • Software-verification
      • Testing-utilities
      • Math
    • Std/lists

    Subsetp-witness

    (subsetp-witness x y) finds an element of x that is not a member of y, if one exists.

    This function is useful for basic pick-a-point style reasoning about subsets.

    Definitions and Theorems

    Function: subsetp-witness

    (defun subsetp-witness (x y)
       (if (atom x)
           nil
           (if (member (car x) y)
               (subsetp-witness (cdr x) y)
               (car x))))

    Theorem: subsetp-witness-correct

    (defthm subsetp-witness-correct
        (let ((a (subsetp-witness x y)))
             (iff (subsetp x y)
                  (implies (member a x) (member a y)))))

    Theorem: subsetp-witness-rw

    (defthm
 subsetp-witness-rw
 (implies (rewriting-positive-literal (cons 'subsetp-equal
                                            (cons x (cons y 'nil))))
          (let ((a (subsetp-witness x y)))
               (iff (subsetp x y)
                    (implies (member a x) (member a y))))))