|
|
|---|
|
|
|
|---|
(pos-sfix x) is a usual fty set fixing function.
(pos-sfix x) → *
In the logic, we apply pos-fix to each member of the x. In the execution, none of that is actually necessary and this is just an inlined identity function.
Function:
(defun pos-sfix (x) (declare (xargs :guard (pos-setp x))) (mbe :logic (if (pos-setp x) x nil) :exec x))
Theorem:
(defthm pos-setp-of-pos-sfix (pos-setp (pos-sfix x)))
Theorem:
(defthm pos-sfix-when-pos-setp (implies (pos-setp x) (equal (pos-sfix x) x)))
Theorem:
(defthm emptyp-pos-sfix (implies (or (set::emptyp x) (not (pos-setp x))) (set::emptyp (pos-sfix x))))
Theorem:
(defthm emptyp-of-pos-sfix (equal (set::emptyp (pos-sfix x)) (or (not (pos-setp x)) (set::emptyp x))))
Function:
(defun pos-sequiv$inline (x y) (declare (xargs :guard (and (pos-setp x) (pos-setp y)))) (equal (pos-sfix x) (pos-sfix y)))
Theorem:
(defthm pos-sequiv-is-an-equivalence (and (booleanp (pos-sequiv x y)) (pos-sequiv x x) (implies (pos-sequiv x y) (pos-sequiv y x)) (implies (and (pos-sequiv x y) (pos-sequiv y z)) (pos-sequiv x z))) :rule-classes (:equivalence))
Theorem:
(defthm pos-sequiv-implies-equal-pos-sfix-1 (implies (pos-sequiv x x-equiv) (equal (pos-sfix x) (pos-sfix x-equiv))) :rule-classes (:congruence))
Theorem:
(defthm pos-sfix-under-pos-sequiv (pos-sequiv (pos-sfix x) x) :rule-classes (:rewrite :rewrite-quoted-constant))
Theorem:
(defthm equal-of-pos-sfix-1-forward-to-pos-sequiv (implies (equal (pos-sfix x) y) (pos-sequiv x y)) :rule-classes :forward-chaining)
Theorem:
(defthm equal-of-pos-sfix-2-forward-to-pos-sequiv (implies (equal x (pos-sfix y)) (pos-sequiv x y)) :rule-classes :forward-chaining)
Theorem:
(defthm pos-sequiv-of-pos-sfix-1-forward (implies (pos-sequiv (pos-sfix x) y) (pos-sequiv x y)) :rule-classes :forward-chaining)
Theorem:
(defthm pos-sequiv-of-pos-sfix-2-forward (implies (pos-sequiv x (pos-sfix y)) (pos-sequiv x y)) :rule-classes :forward-chaining)