other
(in-package "SET")
other
(include-book "membership")
other
(set-verify-guards-eagerness 2)
fast-intersectpfunction
(defun fast-intersectp (x y) (declare (xargs :guard (and (setp x) (setp y)) :measure (fast-measure x y) :verify-guards nil)) (cond ((endp x) nil) ((endp y) nil) ((equal (car x) (car y)) t) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-intersectp (cdr x) y)) (t (fast-intersectp x (cdr y)))))
other
(verify-guards fast-intersectp :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))
other
(local (encapsulate nil (defun fast-intersect-old (x y) (declare (xargs :measure (fast-measure x y) :guard (and (setp x) (setp y)) :verify-guards nil)) (cond ((endp x) nil) ((endp y) nil) ((equal (car x) (car y)) (cons (car x) (fast-intersect-old (cdr x) (cdr y)))) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-intersect-old (cdr x) y)) (t (fast-intersect-old x (cdr y))))) (verify-guards fast-intersect-old :hints (("Goal" :in-theory (enable (:ruleset low-level-rules))))) (local (defthm l0 (implies (and (consp (fast-intersect-old x y)) (or (atom x) (<< a (car x))) (or (atom y) (<< a (car y))) (setp x) (setp y)) (<< a (car (fast-intersect-old x y)))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))) (defthm setp-of-fast-intersect-old (implies (and (setp x) (setp y)) (setp (fast-intersect-old x y))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules))))) (local (defthm l1 (implies (and (member a x) (member a y) (setp x) (setp y)) (member a (fast-intersect-old x y))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))) (local (defthm l2 (implies (member a (fast-intersect-old x y)) (and (member a x) (member a y))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))) (local (defthm member-of-fast-intersect-old (implies (and (setp x) (setp y)) (iff (member a (fast-intersect-old x y)) (and (member a x) (member a y)))))) (defthm in-fast-intersect-old (implies (and (setp x) (setp y)) (equal (in a (fast-intersect-old x y)) (and (in a x) (in a y)))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules))))) (local (defthm l4 (equal (fast-intersectp x y) (consp (fast-intersect-old x y))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))) (defthm fast-intersectp-correct-lemma (implies (and (setp x) (setp y)) (equal (fast-intersectp x y) (not (emptyp (fast-intersect-old x y))))) :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))))
fast-intersectfunction
(defun fast-intersect (x y acc) (declare (xargs :measure (fast-measure x y) :guard (and (setp x) (setp y) (true-listp acc)) :verify-guards nil)) (cond ((endp x) (revappend acc nil)) ((endp y) (revappend acc nil)) ((equal (car x) (car y)) (fast-intersect (cdr x) (cdr y) (cons (car x) acc))) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-intersect (cdr x) y acc)) (t (fast-intersect x (cdr y) acc))))
other
(verify-guards fast-intersect :hints (("Goal" :in-theory (enable (:ruleset low-level-rules)))))
other
(encapsulate nil (local (defthm lemma (implies (true-listp acc) (equal (fast-intersect x y acc) (revappend acc (fast-intersect-old x y)))))) (local (defthm lemma2 (equal (fast-intersect x y nil) (fast-intersect-old x y)))) (defthm fast-intersect-set (implies (and (force (setp x)) (force (setp y))) (setp (fast-intersect x y nil)))) (defthm fast-intersect-membership (implies (and (setp x) (setp y)) (equal (in a (fast-intersect x y nil)) (and (in a x) (in a y))))) (defthm fast-intersectp-correct (implies (and (setp x) (setp y)) (equal (fast-intersectp x y) (not (emptyp (fast-intersect x y nil)))))) (in-theory (disable fast-intersect fast-intersect-set fast-intersect-membership fast-intersectp fast-intersectp-correct)))
other
(defsection intersect :parents (std/osets) :short "@(call intersect) constructs the intersection of @('X') and @('Y')." :long "<p>The logical definition is very simple, and the essential correctness property is given by @('intersect-in').</p> <p>The execution uses a better, O(n) algorithm to intersect the sets by exploiting the set order.</p> <p>See also @(see intersectp), which doesn't construct a new set but just tells you whether the sets have any overlap. It's potentially faster if you don't care about constructing the set, because it doesn't have to do any consing.</p>" (defun-inline intersect (x y) (declare (xargs :guard (and (setp x) (setp y)) :verify-guards nil)) (mbe :logic (cond ((emptyp x) (sfix x)) ((in (head x) y) (insert (head x) (intersect (tail x) y))) (t (intersect (tail x) y))) :exec (fast-intersect x y nil))) (defthm intersect-set (setp (intersect x y))) (defthm intersect-sfix-cancel-x (equal (intersect (sfix x) y) (intersect x y))) (defthm intersect-sfix-cancel-y (equal (intersect x (sfix y)) (intersect x y))) (defthm intersect-emptyp-x (implies (emptyp x) (equal (intersect x y) nil))) (defthm intersect-emptyp-y (implies (emptyp y) (equal (intersect x y) nil))) (encapsulate nil (local (defthm intersect-in-y (implies (not (in a y)) (not (in a (intersect x y)))))) (local (defthm intersect-in-x (implies (not (in a x)) (not (in a (intersect x y)))))) (defthm intersect-in (equal (in a (intersect x y)) (and (in a y) (in a x))))) (defthm intersect-symmetric (equal (intersect x y) (intersect y x)) :rule-classes ((:rewrite :loop-stopper ((x y))))) (defthm intersect-subset-x (subset (intersect x y) x)) (defthm intersect-subset-y (subset (intersect x y) y)) (defthm intersect-insert-x (implies (not (in a y)) (equal (intersect (insert a x) y) (intersect x y)))) (defthm intersect-insert-y (implies (not (in a x)) (equal (intersect x (insert a y)) (intersect x y)))) (defthm intersect-with-subset-left (implies (subset x y) (equal (intersect x y) (sfix x))) :rule-classes ((:rewrite :backchain-limit-lst 1))) (defthm intersect-with-subset-right (implies (subset x y) (equal (intersect y x) (sfix x))) :rule-classes ((:rewrite :backchain-limit-lst 1))) (defthm intersect-self (equal (intersect x x) (sfix x))) (defthm intersect-associative (equal (intersect (intersect x y) z) (intersect x (intersect y z)))) (defthm intersect-commutative (equal (intersect x (intersect y z)) (intersect y (intersect x z))) :rule-classes ((:rewrite :loop-stopper ((x y))))) (defthm intersect-outer-cancel (equal (intersect x (intersect x z)) (intersect x z))))
other
(local (defthm fast-intersect-correct (implies (and (setp x) (setp y)) (equal (fast-intersect x y nil) (intersect x y))) :hints (("Goal" :in-theory (enable fast-intersect-set fast-intersect-membership)))))
other
(verify-guards intersect$inline)
other
(defsection intersectp :parents (std/osets) :short "@(call intersectp) checks whether @('X') and @('Y') have any common members." :long "<p>Logically we just check whether the @(see intersect) of @('X') and @('Y') is @(see emptyp).</p> <p>In the execution, we use a faster function that checks for any common members and doesn't build any new sets.</p>" (defun-inline intersectp (x y) (declare (xargs :guard (and (setp x) (setp y)) :guard-hints (("Goal" :in-theory (enable fast-intersectp-correct))))) (mbe :logic (not (emptyp (intersect x y))) :exec (fast-intersectp x y))))