other
(in-package "SET")
other
(set-verify-guards-eagerness 2)
other
(include-book "misc/total-order" :dir :system)
other
(include-book "tools/rulesets" :dir :system)
other
(include-book "std/lists/list-defuns" :dir :system)
other
(include-book "computed-hints")
other
(local (include-book "std/lists/sets" :dir :system))
other
(local (include-book "primitives"))
other
(local (include-book "membership"))
other
(local (include-book "outer"))
other
(local (include-book "sort"))
other
(local (include-book "under-set-equiv"))
other
(make-event (let ((slurped-docs (get-xdoc-table (w state)))) (value `(table xdoc 'doc (union-equal ',SET::SLURPED-DOCS (get-xdoc-table world))))))
other
(defxdoc std/osets :parents (std) :short "A finite set theory implementation for ACL2 based on fully ordered lists. Some major features of this approach are that set equality is just @(see equal), and set operations like @(see union), @(see intersect), and so forth have O(n) implementations." :long "<p>Osets mostly hides the fact that sets are represented as ordered lists. You should not have to reason about the set order unless you are trying to exploit it to make some function faster. Instead, we generally try to reason about sets with a membership-based approach, via @(see in) and @(see subset).</p> <p>The osets library offers some automation for pick-a-point style reasoning, see for instance @(see all-by-membership), @(see pick-a-point-subset-strategy), and @(see double-containment).</p> <p>You can load the library with:</p> @({ (include-book "std/osets/top" :dir :system) }) <p>The definitions of the main set-manipulation functions are disabled, but are in a ruleset and may be enabled using:</p> @({ (in-theory (acl2::enable* set::definitions)) }) <p>Some potentially useful (but potentially expensive) rules are also left disabled and may be enabled using:</p> @({ (in-theory (acl2::enable* set::expensive-rules)) }) <p>Besides this @(see xdoc::xdoc) documentation, you may be interested in the 2004 ACL2 workshop paper, <a href='https://www.cs.utexas.edu/users/moore/acl2/workshop-2004/contrib/davis/set-theory.pdf'>Finite Set Theory based on Fully Ordered Lists</a>, and see also the <a href='https://www.cs.utexas.edu/users/moore/acl2/workshop-2004/contrib/davis/workshop-osets-slides.pdf'>slides</a> from the accompanying talk.</p>")
other
(defund setp (x) (declare (xargs :guard t)) (if (atom x) (null x) (or (null (cdr x)) (and (consp (cdr x)) (fast-<< (car x) (cadr x)) (setp (cdr x))))))
other
(defthm setp-type (or (equal (setp x) t) (equal (setp x) nil)) :rule-classes :type-prescription)
other
(defund-inline emptyp (x) (declare (xargs :guard (setp x))) (mbe :logic (or (null x) (not (setp x))) :exec (null x)))
other
(defthm emptyp-type (or (equal (emptyp x) t) (equal (emptyp x) nil)) :rule-classes :type-prescription)
other
(defund-inline sfix (x) (declare (xargs :guard (setp x))) (mbe :logic (if (emptyp x) nil x) :exec x))
other
(defund-inline head (x) (declare (xargs :guard (and (setp x) (not (emptyp x))))) (mbe :logic (car (sfix x)) :exec (car x)))
other
(defund-inline tail (x) (declare (xargs :guard (and (setp x) (not (emptyp x))))) (mbe :logic (cdr (sfix x)) :exec (cdr x)))
other
(defund insert (a x) (declare (xargs :guard (setp x))) (mbe :logic (cond ((emptyp x) (list a)) ((equal (head x) a) x) ((<< a (head x)) (cons a x)) (t (cons (head x) (insert a (tail x))))) :exec (cond ((null x) (cons a nil)) ((equal (car x) a) x) ((fast-lexorder a (car x)) (cons a x)) ((null (cdr x)) (cons (car x) (cons a nil))) ((equal (cadr x) a) x) ((fast-lexorder a (cadr x)) (cons (car x) (cons a (cdr x)))) (t (cons (car x) (cons (cadr x) (insert a (cddr x))))))))
infunction
(defun in (a x) (declare (xargs :guard (setp x))) (mbe :logic (and (not (emptyp x)) (or (equal a (head x)) (in a (tail x)))) :exec (and x (or (equal a (car x)) (and (cdr x) (or (equal a (cadr x)) (in a (cddr x))))))))
other
(defthm in-type (or (equal (in a x) t) (equal (in a x) nil)) :rule-classes :type-prescription)
other
(defund fast-subset (x y) (declare (xargs :guard (and (setp x) (setp y)))) (mbe :logic (cond ((emptyp x) t) ((emptyp y) nil) ((<< (head x) (head y)) nil) ((equal (head x) (head y)) (fast-subset (tail x) (tail y))) (t (fast-subset x (tail y)))) :exec (cond ((null x) t) ((null y) nil) ((fast-lexorder (car x) (car y)) (and (equal (car x) (car y)) (fast-subset (cdr x) (cdr y)))) (t (fast-subset x (cdr y))))))
other
(defun-inline subset (x y) (declare (xargs :guard (and (setp x) (setp y)))) (mbe :logic (if (emptyp x) t (and (in (head x) y) (subset (tail x) y))) :exec (fast-subset x y)))
other
(defthm subset-type (or (equal (subset x y) t) (equal (subset x y) nil)) :rule-classes :type-prescription)
other
(defund fast-measure (x y) (+ (acl2-count x) (acl2-count y)))
fast-unionfunction
(defun fast-union (x y acc) (declare (xargs :measure (fast-measure x y) :guard (and (setp x) (setp y) (true-listp acc)))) (cond ((endp x) (revappend acc y)) ((endp y) (revappend acc x)) ((equal (car x) (car y)) (fast-union (cdr x) (cdr y) (cons (car x) acc))) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-union (cdr x) y (cons (car x) acc))) (t (fast-union x (cdr y) (cons (car y) acc)))))
fast-intersectfunction
(defun fast-intersect (x y acc) (declare (xargs :measure (fast-measure x y) :guard (and (setp x) (setp y) (true-listp acc)))) (cond ((endp x) (revappend acc nil)) ((endp y) (revappend acc nil)) ((equal (car x) (car y)) (fast-intersect (cdr x) (cdr y) (cons (car x) acc))) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-intersect (cdr x) y acc)) (t (fast-intersect x (cdr y) acc))))
fast-intersectpfunction
(defun fast-intersectp (x y) (declare (xargs :guard (and (setp x) (setp y)) :measure (fast-measure x y))) (cond ((endp x) nil) ((endp y) nil) ((equal (car x) (car y)) t) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-intersectp (cdr x) y)) (t (fast-intersectp x (cdr y)))))
fast-differencefunction
(defun fast-difference (x y acc) (declare (xargs :measure (fast-measure x y) :guard (and (setp x) (setp y) (true-listp acc)))) (cond ((endp x) (revappend acc nil)) ((endp y) (revappend acc x)) ((equal (car x) (car y)) (fast-difference (cdr x) (cdr y) acc)) ((mbe :logic (<< (car x) (car y)) :exec (fast-lexorder (car x) (car y))) (fast-difference (cdr x) y (cons (car x) acc))) (t (fast-difference x (cdr y) acc))))
deletefunction
(defun delete (a x) (declare (xargs :guard (setp x))) (mbe :logic (cond ((emptyp x) nil) ((equal a (head x)) (tail x)) (t (insert (head x) (delete a (tail x))))) :exec (cond ((endp x) nil) ((equal a (car x)) (cdr x)) (t (insert (car x) (delete a (cdr x)))))))
other
(defun-inline union (x y) (declare (xargs :guard (and (setp x) (setp y)))) (mbe :logic (if (emptyp x) (sfix y) (insert (head x) (union (tail x) y))) :exec (fast-union x y nil)))
other
(defun-inline intersect (x y) (declare (xargs :guard (and (setp x) (setp y)))) (mbe :logic (cond ((emptyp x) (sfix x)) ((in (head x) y) (insert (head x) (intersect (tail x) y))) (t (intersect (tail x) y))) :exec (fast-intersect x y nil)))
other
(defun-inline intersectp (x y) (declare (xargs :guard (and (setp x) (setp y)))) (mbe :logic (not (emptyp (intersect x y))) :exec (fast-intersectp x y)))
other
(defun-inline difference (x y) (declare (xargs :guard (and (setp x) (setp y)))) (mbe :logic (cond ((emptyp x) (sfix x)) ((in (head x) y) (difference (tail x) y)) (t (insert (head x) (difference (tail x) y)))) :exec (fast-difference x y nil)))
other
(defun-inline cardinality (x) (declare (xargs :guard (setp x))) (mbe :logic (if (emptyp x) 0 (1+ (cardinality (tail x)))) :exec (length (the list x))))
other
(defund halve-list-aux (mid x acc) (declare (xargs :guard (<= (len x) (len mid)))) (if (or (atom x) (atom (cdr x))) (mv acc mid) (halve-list-aux (cdr mid) (cdr (cdr x)) (cons (car mid) acc))))
other
(defund-inline halve-list (x) (declare (xargs :guard t)) (halve-list-aux x x nil))
mergesort-execfunction
(defun mergesort-exec (x) (declare (xargs :guard t :measure (len x))) (cond ((atom x) nil) ((atom (cdr x)) (mbe :logic (insert (car x) nil) :exec (list (car x)))) (t (mv-let (part1 part2) (halve-list x) (fast-union (mergesort-exec part1) (mergesort-exec part2) nil)))))
other
(defun-inline mergesort (x) (declare (xargs :guard t)) (mbe :logic (if (endp x) nil (insert (car x) (mergesort (cdr x)))) :exec (mergesort-exec x)))
other
(encapsulate (((predicate *) => *)) (local (defun predicate (x) x)))
allfunction
(defun all (set-for-all-reduction) (declare (xargs :guard (setp set-for-all-reduction))) (if (emptyp set-for-all-reduction) t (and (predicate (head set-for-all-reduction)) (all (tail set-for-all-reduction)))))
other
(encapsulate (((all-hyps) => *) ((all-set) => *)) (local (defun all-hyps nil nil)) (local (defun all-set nil nil)) (defthmd membership-constraint (implies (all-hyps) (implies (in arbitrary-element (all-set)) (predicate arbitrary-element)))))
other
(defund subset-trigger (x y) (declare (xargs :guard (and (setp x) (setp y)))) (subset x y))
other
(defthm pick-a-point-subset-strategy (implies (and (syntaxp (rewriting-goal-lit mfc state)) (syntaxp (rewriting-conc-lit `(subset$inline ,SET::X ,SET::Y) mfc state))) (equal (subset x y) (subset-trigger x y))))
other
(automate-instantiation :new-hint-name pick-a-point-subset-hint :generic-theorem all-by-membership :generic-predicate predicate :generic-hyps all-hyps :generic-collection all-set :generic-collection-predicate all :actual-collection-predicate subset :actual-trigger subset-trigger :predicate-rewrite (((predicate ?x ?y) (in ?x ?y))) :tagging-theorem pick-a-point-subset-strategy)
other
(defthm pick-a-point-subset-constraint-helper (implies (syntaxp (equal set-for-all-reduction 'set-for-all-reduction)) (equal (subset set-for-all-reduction rhs) (cond ((emptyp set-for-all-reduction) t) ((in (head set-for-all-reduction) rhs) (subset (tail set-for-all-reduction) rhs)) (t nil)))))
other
(defthm double-containment (implies (and (setp x) (setp y)) (equal (equal x y) (and (subset x y) (subset y x)))) :rule-classes ((:rewrite :backchain-limit-lst 1)))
other
(defthmd double-containment-no-backchain-limit (implies (and (setp x) (setp y)) (equal (equal x y) (and (subset x y) (subset y x)))))
other
(defthmd sets-are-true-lists (implies (setp x) (true-listp x)))
other
(defthm sets-are-true-lists-compound-recognizer (implies (setp x) (true-listp x)) :rule-classes :compound-recognizer)
other
(defthm sets-are-true-lists-cheap (implies (setp x) (true-listp x)) :rule-classes ((:rewrite :backchain-limit-lst (1))))
other
(defthm tail-count (implies (not (emptyp x)) (< (acl2-count (tail x)) (acl2-count x))) :rule-classes ((:rewrite) (:linear)))
other
(defthm head-count (implies (not (emptyp x)) (< (acl2-count (head x)) (acl2-count x))) :rule-classes ((:rewrite) (:linear)))
other
(defthm tail-count-built-in (implies (not (emptyp x)) (o< (acl2-count (tail x)) (acl2-count x))) :rule-classes :built-in-clause)
other
(defthm head-count-built-in (implies (not (emptyp x)) (o< (acl2-count (head x)) (acl2-count x))) :rule-classes :built-in-clause)
other
(defthm insert-insert (equal (insert a (insert b x)) (insert b (insert a x))) :rule-classes ((:rewrite :loop-stopper ((a b)))))
other
(defthm sfix-produces-set (setp (sfix x)))
other
(defthm tail-produces-set (setp (tail x)))
other
(defthm insert-produces-set (setp (insert a x)))
other
(defthm emptyp-sfix-cancel (equal (emptyp (sfix x)) (emptyp x)))
other
(defthm head-sfix-cancel (equal (head (sfix x)) (head x)))
other
(defthm tail-sfix-cancel (equal (tail (sfix x)) (tail x)))
other
(defthm repeated-insert (equal (insert a (insert a x)) (insert a x)))
other
(defthm insert-sfix-cancel (equal (insert a (sfix x)) (insert a x)))
other
(defthm insert-when-emptyp (implies (and (syntaxp (not (equal x ''nil))) (emptyp x)) (equal (insert a x) (insert a nil))))
other
(defthm head-of-insert-a-nil (equal (head (insert a nil)) a))
other
(defthm tail-of-insert-a-nil (equal (tail (insert a nil)) nil))
other
(defthm subset-membership-tail-2 (implies (and (subset x y) (not (in a (tail y)))) (not (in a (tail x)))))
other
(defthm subset-transitive (and (implies (and (subset x y) (subset y z)) (subset x z)) (implies (and (subset y z) (subset x y)) (subset x z))))
other
(defthm subset-sfix-cancel-x (equal (subset (sfix x) y) (subset x y)))
other
(defthm subset-sfix-cancel-y (equal (subset x (sfix y)) (subset x y)))
other
(defthm subset-in (and (implies (and (subset x y) (in a x)) (in a y)) (implies (and (in a x) (subset x y)) (in a y))))
other
(defthm subset-in-2 (and (implies (and (subset x y) (not (in a y))) (not (in a x))) (implies (and (not (in a y)) (subset x y)) (not (in a x)))))
other
(defthm subset-reflexive (subset x x))
other
(defthm subset-insert (subset x (insert a x)))
other
(defthm subset-tail (subset (tail x) x) :rule-classes ((:rewrite) (:forward-chaining :trigger-terms ((tail x)))))
other
(defthm weak-insert-induction-helper-1 (implies (and (not (in a x)) (not (equal (head (insert a x)) a))) (equal (head (insert a x)) (head x))))
other
(defthm weak-insert-induction-helper-2 (implies (and (not (in a x)) (not (equal (head (insert a x)) a))) (equal (tail (insert a x)) (insert a (tail x)))))
other
(defthm weak-insert-induction-helper-3 (implies (and (not (in a x)) (equal (head (insert a x)) a)) (equal (tail (insert a x)) (sfix x))))
weak-insert-inductionfunction
(defun weak-insert-induction (a x) (declare (xargs :guard (setp x))) (cond ((emptyp x) nil) ((in a x) nil) ((equal (head (insert a x)) a) nil) (t (list (weak-insert-induction a (tail x))))))
other
(defthm use-weak-insert-induction t :rule-classes ((:induction :pattern (insert a x) :scheme (weak-insert-induction a x))))
other
(defthm delete-delete (equal (delete a (delete b x)) (delete b (delete a x))) :rule-classes ((:rewrite :loop-stopper ((a b)))))
other
(defthm union-symmetric (equal (union x y) (union y x)) :rule-classes ((:rewrite :loop-stopper ((x y)))))
other
(defthm union-commutative (equal (union x (union y z)) (union y (union x z))) :rule-classes ((:rewrite :loop-stopper ((x y)))))
other
(defthm union-insert-x (equal (union (insert a x) y) (insert a (union x y))))
other
(defthm union-insert-y (equal (union x (insert a y)) (insert a (union x y))))
other
(defthm union-delete-x (equal (union (delete a x) y) (if (in a y) (union x y) (delete a (union x y)))))
other
(defthm union-delete-y (equal (union x (delete a y)) (if (in a x) (union x y) (delete a (union x y)))))
other
(defthm union-set (setp (union x y)))
other
(defthm union-sfix-cancel-x (equal (union (sfix x) y) (union x y)))
other
(defthm union-sfix-cancel-y (equal (union x (sfix y)) (union x y)))
other
(defthm union-subset-x (subset x (union x y)))
other
(defthm union-subset-y (subset y (union x y)))
other
(defthm union-with-subset-left (implies (subset x y) (equal (union x y) (sfix y))) :rule-classes ((:rewrite :backchain-limit-lst 1)))
other
(defthm union-with-subset-right (implies (subset x y) (equal (union y x) (sfix y))) :rule-classes ((:rewrite :backchain-limit-lst 1)))
other
(defthm union-self (equal (union x x) (sfix x)))
other
(defthm union-associative (equal (union (union x y) z) (union x (union y z))))
other
(defthm union-outer-cancel (equal (union x (union x z)) (union x z)))
other
(defthm intersect-symmetric (equal (intersect x y) (intersect y x)) :rule-classes ((:rewrite :loop-stopper ((x y)))))
other
(defthm intersect-insert-x (implies (not (in a y)) (equal (intersect (insert a x) y) (intersect x y))))
other
(defthm intersect-insert-y (implies (not (in a x)) (equal (intersect x (insert a y)) (intersect x y))))
other
(defthm intersect-set (setp (intersect x y)))
other
(defthm intersect-sfix-cancel-x (equal (intersect (sfix x) y) (intersect x y)))
other
(defthm intersect-sfix-cancel-y (equal (intersect x (sfix y)) (intersect x y)))
other
(defthm intersect-subset-x (subset (intersect x y) x))
other
(defthm intersect-subset-y (subset (intersect x y) y))
other
(defthm intersect-with-subset-left (implies (subset x y) (equal (intersect x y) (sfix x))) :rule-classes ((:rewrite :backchain-limit-lst 1)))
other
(defthm intersect-with-subset-right (implies (subset x y) (equal (intersect y x) (sfix x))) :rule-classes ((:rewrite :backchain-limit-lst 1)))
other
(defthm intersect-self (equal (intersect x x) (sfix x)))
other
(defthm intersect-associative (equal (intersect (intersect x y) z) (intersect x (intersect y z))))
other
(defthmd union-over-intersect (equal (union x (intersect y z)) (intersect (union x y) (union x z))))
other
(defthm intersect-over-union (equal (intersect x (union y z)) (union (intersect x y) (intersect x z))))
other
(defthm intersect-commutative (equal (intersect x (intersect y z)) (intersect y (intersect x z))) :rule-classes ((:rewrite :loop-stopper ((x y)))))
other
(defthm intersect-outer-cancel (equal (intersect x (intersect x z)) (intersect x z)))
other
(defthm difference-set (setp (difference x y)))
other
(defthm difference-sfix-x (equal (difference (sfix x) y) (difference x y)))
other
(defthm difference-sfix-y (equal (difference x (sfix y)) (difference x y)))
other
(defthm difference-subset-x (subset (difference x y) x))
other
(defthm subset-difference (equal (emptyp (difference x y)) (subset x y)))
other
(defthm difference-over-union (equal (difference x (union y z)) (intersect (difference x y) (difference x z))))
other
(defthm difference-over-intersect (equal (difference x (intersect y z)) (union (difference x y) (difference x z))))
other
(defthm difference-insert-x (equal (difference (insert a x) y) (if (in a y) (difference x y) (insert a (difference x y)))))
other
(defthm difference-delete-y (equal (difference x (delete a y)) (if (in a x) (insert a (difference x y)) (difference x y))))
other
(defthm difference-preserves-subset (implies (subset x y) (subset (difference x z) (difference y z))))
other
(defthm cardinality-type (and (integerp (cardinality x)) (<= 0 (cardinality x))) :rule-classes :type-prescription)
other
(defthm cardinality-zero-emptyp (equal (equal (cardinality x) 0) (emptyp x)))
other
(defthm cardinality-sfix-cancel (equal (cardinality (sfix x)) (cardinality x)))
other
(defthm insert-cardinality (equal (cardinality (insert a x)) (if (in a x) (cardinality x) (1+ (cardinality x)))))
other
(defthm delete-cardinality (equal (cardinality (delete a x)) (if (in a x) (1- (cardinality x)) (cardinality x))))
other
(defthm subset-cardinality (implies (subset x y) (<= (cardinality x) (cardinality y))) :rule-classes (:rewrite :linear))
other
(defthm proper-subset-cardinality (implies (and (subset x y) (not (subset y x))) (< (cardinality x) (cardinality y))) :rule-classes (:rewrite :linear))
other
(defthmd equal-cardinality-subset-is-equality (implies (and (setp x) (setp y) (subset x y) (equal (cardinality x) (cardinality y))) (equal (equal x y) t)))
other
(defthm intersect-cardinality-x (<= (cardinality (intersect x y)) (cardinality x)) :rule-classes (:rewrite :linear))
other
(defthm intersect-cardinality-y (<= (cardinality (intersect x y)) (cardinality y)) :rule-classes (:rewrite :linear))
other
(defthm expand-cardinality-of-union (equal (cardinality (union x y)) (- (+ (cardinality x) (cardinality y)) (cardinality (intersect x y)))))
other
(defthmd expand-cardinality-of-intersect (equal (cardinality (intersect x y)) (+ (cardinality x) (cardinality y) (- (cardinality (union x y))))))
other
(defthm expand-cardinality-of-difference (equal (cardinality (difference x y)) (- (cardinality x) (cardinality (intersect x y)))))
other
(defthm intersect-cardinality-non-subset (implies (not (subset x y)) (< (cardinality (intersect x y)) (cardinality x))) :rule-classes (:rewrite :linear))
other
(defthm intersect-cardinality-subset-2 (equal (equal (cardinality (intersect x y)) (cardinality x)) (subset x y)))
other
(defthm intersect-cardinality-non-subset-2 (equal (< (cardinality (intersect x y)) (cardinality x)) (not (subset x y))))
other
(defthm mergesort-set (setp (mergesort x)))
other
(defthmd insert-induction-case (implies (and (not (<< a (head x))) (not (equal a (head x))) (not (emptyp x))) (equal (insert (head x) (insert a (tail x))) (insert a x))))
other
(defthmd head-insert (equal (head (insert a x)) (cond ((emptyp x) a) ((<< a (head x)) a) (t (head x)))))
other
(defthmd tail-insert (equal (tail (insert a x)) (cond ((emptyp x) nil) ((<< a (head x)) x) ((equal a (head x)) (tail x)) (t (insert a (tail x))))))
other
(defthmd head-tail-order-contrapositive (implies (not (<< (head x) (head (tail x)))) (emptyp (tail x))))
other
(defthmd setp-of-cons (equal (setp (cons a x)) (and (setp x) (or (<< a (head x)) (emptyp x)))))
other
(defthmd subset-to-subsetp (implies (and (setp x) (setp y)) (equal (subset x y) (subsetp x y))))
other
(defthmd lexorder-<<-equiv (implies (not (equal a b)) (equal (equal (<< a b) (lexorder a b)) t)))
other
(make-event (let* ((primitive-rules (get-ruleset 'primitive-rules (w state))) (order-rules (get-ruleset 'order-rules (w state))) (low-level-rules (get-ruleset 'low-level-rules (w state)))) (value `(progn (def-ruleset! primitive-rules ',SET::PRIMITIVE-RULES) (def-ruleset! order-rules ',SET::ORDER-RULES) (def-ruleset! low-level-rules ',SET::LOW-LEVEL-RULES)))))
other
(defthm insert-under-set-equiv (set-equiv (insert a x) (cons a (sfix x))))
other
(defthm delete-under-set-equiv (set-equiv (delete a x) (remove-equal a (sfix x))))
other
(defthm intersect-under-set-equiv (set-equiv (intersect x y) (intersection-equal (sfix x) (sfix y))))
other
(defthm difference-under-set-equiv (set-equiv (difference x y) (set-difference-equal (sfix x) (sfix y))))
other
(defthm mergesort-under-set-equiv (set-equiv (mergesort x) x))
other
(defcong set-equiv equal (mergesort x) 1 :event-name set-equiv-implies-equal-mergesort-1)
other
(def-ruleset! definitions '(in subset delete union intersect difference cardinality mergesort))
other
(def-ruleset! expensive-rules
'(pick-a-point-subset-strategy double-containment
subset-membership-tail
subset-membership-tail-2
subset-transitive
subset-in
subset-in-2
union-symmetric
union-commutative
union-delete-x
union-delete-y
union-with-subset-left
union-with-subset-right
intersect-symmetric
intersect-commutative
intersect-insert-x
intersect-insert-y
intersect-with-subset-left
intersect-with-subset-right
intersect-over-union
difference-over-union
difference-over-intersect
difference-insert-x
difference-delete-y
insert-cardinality
delete-cardinality
in-mergesort))
other
(in-theory (disable* definitions expensive-rules))