Mark a relation as an equivalence relation

See rule-classes for a general discussion of rule classes, including how they are used to build rules from formulas and a discussion of the various keywords in a rule class description.

Example: (defthm r-equal-is-an-equivalence ; assumes that r-equal has been defined (and (booleanp (r-equal x y)) (r-equal x x) (implies (r-equal x y) (r-equal y x)) (implies (and (r-equal x y) (r-equal y z)) (r-equal x z))) :rule-classes :equivalence)

Also see defequiv.

General Form: (and (booleanp (equiv x y)) (equiv x x) (implies (equiv x y) (equiv y x)) (implies (and (equiv x y) (equiv y z)) (equiv x z)))

except that the order of the conjuncts and terms and the choice of variable
symbols is unimportant. The effect of such a rule is to identify

The macro form `defthm` of rule-class

When `rewrite` rules. More importantly, after

(implies hyps (equiv lhs rhs)),

when stored as `rewrite` rules, cause the system to rewrite
certain occurrences of (instances of)

For example, suppose that `congruence` lemma

(implies (r-equal s1 s2) (equal (fn s1 n) (fn s2 n)))

informs the rewriter that, while rewriting the first argument of
`congruence` lemmas.
Interestingly, congruence lemmas are automatically created when an equivalence
relation is stored, saying that either of the equivalence relation's arguments
may be replaced by an equivalent argument. That is, if the equivalence
relation is

(implies (and (fn x1 y1) (fn x2 y2)) (iff (fn x1 x2) (fn y1 y2)))

Another aspect of equivalence relations is that of ``refinement.'' We say
`refinement` rules permit you to establish such connections
between your equivalence relations. The value of refinements is that if the
system is trying to rewrite something while maintaining `rewrite` rule any refinement of

The system initially has knowledge of two equivalence relations, equality,
denoted by the symbol `equal`, and propositional equivalence, denoted by
`iff`. `Equal` is known to be a refinement of all equivalence
relations and to preserve equality across all arguments of all functions.

Typically there are five steps involved in introducing and using a new equivalence relation, equiv.

(1) Define

equiv ,(2) prove the

:equivalence lemma aboutequiv ,(3) prove the

: congruencelemmas that show whereequiv can be used to maintain known relations,(4) prove the

: refinementlemmas that relateequiv to known relations other than equal, and(5) develop the theory of conditional

: rewriterules that drive equiv rewriting.

More will be written about this as we develop the techniques. For now, here is an example that shows how to make use of equivalence relations in rewriting.

Among the theorems proved below is

(defthm insert-sort-is-id (perm (insert-sort x) x))

Here `cons` and
`member`.

Then we prove the lemma

(defthm insert-is-cons (perm (insert a x) (cons a x)))

which you must think of as you would

Now prove

(consp x) & (perm (insert-sort (cdr x)) (cdr x)) -> (perm (insert-sort x) x).

Opening

(perm (insert (car x) (insert-sort (cdr x))) x).

Apply

(perm (cons (car x) (insert-sort (cdr x)) x)).

Note that we have proved that

(perm (cons (car x) (cdr x)) x).

But we know that

Here are the events.

(encapsulate (((lt * *) => *)) (local (defun lt (x y) (declare (ignore x y)) nil)) (defthm lt-non-symmetric (implies (lt x y) (not (lt y x))))) (defun insert (x lst) (cond ((atom lst) (list x)) ((lt x (car lst)) (cons x lst)) (t (cons (car lst) (insert x (cdr lst)))))) (defun insert-sort (lst) (cond ((atom lst) nil) (t (insert (car lst) (insert-sort (cdr lst)))))) (defun del (x lst) (cond ((atom lst) nil) ((equal x (car lst)) (cdr lst)) (t (cons (car lst) (del x (cdr lst)))))) (defun mem (x lst) (cond ((atom lst) nil) ((equal x (car lst)) t) (t (mem x (cdr lst))))) (defun perm (lst1 lst2) (cond ((atom lst1) (atom lst2)) ((mem (car lst1) lst2) (perm (cdr lst1) (del (car lst1) lst2))) (t nil))) (defthm perm-reflexive (perm x x)) (defthm perm-cons (implies (mem a x) (equal (perm x (cons a y)) (perm (del a x) y))) :hints (("Goal" :induct (perm x y)))) (defthm perm-symmetric (implies (perm x y) (perm y x))) (defthm mem-del (implies (mem a (del b x)) (mem a x))) (defthm perm-mem (implies (and (perm x y) (mem a x)) (mem a y))) (defthm mem-del2 (implies (and (mem a x) (not (equal a b))) (mem a (del b x)))) (defthm comm-del (equal (del a (del b x)) (del b (del a x)))) (defthm perm-del (implies (perm x y) (perm (del a x) (del a y)))) (defthm perm-transitive (implies (and (perm x y) (perm y z)) (perm x z))) (defequiv perm) (in-theory (disable perm perm-reflexive perm-symmetric perm-transitive)) (defcong perm perm (cons x y) 2) (defcong perm iff (mem x y) 2) (defthm atom-perm (implies (not (consp x)) (perm x nil)) :rule-classes :forward-chaining :hints (("Goal" :in-theory (enable perm)))) (defthm insert-is-cons (perm (insert a x) (cons a x))) (defthm insert-sort-is-id (perm (insert-sort x) x)) (defun app (x y) (if (consp x) (cons (car x) (app (cdr x) y)) y)) (defun rev (x) (if (consp x) (app (rev (cdr x)) (list (car x))) nil)) (defcong perm perm (app x y) 2) (defthm app-cons (perm (app a (cons b c)) (cons b (app a c)))) (defthm app-commutes (perm (app a b) (app b a))) (defcong perm perm (app x y) 1 :hints (("Goal" :induct (app y x)))) (defthm rev-is-id (perm (rev x) x)) (defun == (x y) (if (consp x) (if (consp y) (and (equal (car x) (car y)) (== (cdr x) (cdr y))) nil) (not (consp y)))) (defthm ==-reflexive (== x x)) (defthm ==-symmetric (implies (== x y) (== y x))) (defequiv ==) (in-theory (disable ==-symmetric ==-reflexive)) (defcong == == (cons x y) 2) (defcong == iff (consp x) 1) (defcong == == (app x y) 2) (defcong == == (app x y) 1) (defthm rev-rev (== (rev (rev x)) x))