TPTP Problem File: ITP057^1.p
View Solutions
- Solve Problem
%------------------------------------------------------------------------------
% File : ITP057^1 : TPTP v8.2.0. Released v7.5.0.
% Domain : Interactive Theorem Proving
% Problem : Sledgehammer FLPTheorem problem prob_165__3291512_1
% Version : Especial.
% English :
% Refs : [BH+15] Blanchette et al. (2015), Mining the Archive of Formal
% : [Des21] Desharnais (2021), Email to Geoff Sutcliffe
% Source : [Des21]
% Names : FLPTheorem/prob_165__3291512_1 [Des21]
% Status : Theorem
% Rating : 0.60 v8.2.0, 0.38 v8.1.0, 0.45 v7.5.0
% Syntax : Number of formulae : 424 ( 147 unt; 68 typ; 0 def)
% Number of atoms : 1196 ( 323 equ; 0 cnn)
% Maximal formula atoms : 12 ( 3 avg)
% Number of connectives : 3524 ( 130 ~; 25 |; 121 &;2765 @)
% ( 0 <=>; 483 =>; 0 <=; 0 <~>)
% Maximal formula depth : 24 ( 7 avg)
% Number of types : 11 ( 10 usr)
% Number of type conns : 645 ( 645 >; 0 *; 0 +; 0 <<)
% Number of symbols : 61 ( 58 usr; 17 con; 0-6 aty)
% Number of variables : 1128 ( 153 ^; 916 !; 59 ?;1128 :)
% SPC : TH0_THM_EQU_NAR
% Comments : This file was generated by Sledgehammer 2021-02-23 15:30:22.046
%------------------------------------------------------------------------------
% Could-be-implicit typings (10)
thf(ty_n_t__List__Olist_It__AsynchronousSystem__Oconfiguration__Oconfiguration____ext_Itf__p_Mtf__v_Mtf__s_Mt__Product____Type__Ounit_J_J,type,
list_c1059388851t_unit: $tType ).
thf(ty_n_t__AsynchronousSystem__Oconfiguration__Oconfiguration____ext_Itf__p_Mtf__v_Mtf__s_Mt__Product____Type__Ounit_J,type,
config256849571t_unit: $tType ).
thf(ty_n_t__List__Olist_It__AsynchronousSystem__Omessage_Itf__p_Mtf__v_J_J,type,
list_message_p_v: $tType ).
thf(ty_n_t__AsynchronousSystem__Omessage_Itf__p_Mtf__v_J,type,
message_p_v: $tType ).
thf(ty_n_t__AsynchronousSystem__OmessageValue_Itf__v_J,type,
messageValue_v: $tType ).
thf(ty_n_t__Set__Oset_Itf__p_J,type,
set_p: $tType ).
thf(ty_n_t__Set__Oset_I_Eo_J,type,
set_o: $tType ).
thf(ty_n_t__Nat__Onat,type,
nat: $tType ).
thf(ty_n_tf__s,type,
s: $tType ).
thf(ty_n_tf__p,type,
p: $tType ).
% Explicit typings (58)
thf(sy_c_AsynchronousSystem_OasynchronousSystem_OinitReachable_001tf__p_001tf__s_001tf__v,type,
initReachable_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > config256849571t_unit > $o ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_Oinitial_001tf__p_001tf__s_001tf__v,type,
initial_p_s_v: ( p > s ) > config256849571t_unit > $o ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_OqReachable_001tf__p_001tf__s_001tf__v,type,
qReachable_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > config256849571t_unit > set_p > config256849571t_unit > $o ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_Oreachable_001tf__p_001tf__s_001tf__v,type,
reachable_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > config256849571t_unit > config256849571t_unit > $o ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_OstepReachable_001tf__p_001tf__s_001tf__v,type,
stepReachable_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > config256849571t_unit > message_p_v > config256849571t_unit > $o ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_Osteps_001tf__p_001tf__s_001tf__v,type,
steps_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > config256849571t_unit > message_p_v > config256849571t_unit > $o ).
thf(sy_c_AsynchronousSystem_Oconfiguration_Omsgs_001tf__p_001tf__v_001tf__s_001t__Product____Type__Ounit,type,
msgs_p1029620568t_unit: config256849571t_unit > message_p_v > nat ).
thf(sy_c_AsynchronousSystem_Oconfiguration_Ostates_001tf__p_001tf__v_001tf__s_001t__Product____Type__Ounit,type,
states1228886952t_unit: config256849571t_unit > p > s ).
thf(sy_c_AsynchronousSystem_Oenabled_001tf__p_001tf__v_001tf__s,type,
enabled_p_v_s: config256849571t_unit > message_p_v > $o ).
thf(sy_c_AsynchronousSystem_OisReceiverOf_001tf__p_001tf__v,type,
isReceiverOf_p_v: p > message_p_v > $o ).
thf(sy_c_AsynchronousSystem_Omessage_OOutMsg_001tf__p_001tf__v,type,
outMsg_p_v: $o > message_p_v ).
thf(sy_c_Execution_Oexecution_001tf__p_001tf__s_001tf__v,type,
execution_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > list_c1059388851t_unit > list_message_p_v > $o ).
thf(sy_c_Execution_Oexecution_OfirstOccurrence_001tf__p_001tf__v_001tf__s,type,
firstO1414030372_p_v_s: list_c1059388851t_unit > list_message_p_v > message_p_v > nat > $o ).
thf(sy_c_Execution_Oexecution_OminimalEnabled_001tf__p_001tf__v_001tf__s,type,
minimalEnabled_p_v_s: list_c1059388851t_unit > list_message_p_v > message_p_v > $o ).
thf(sy_c_FLPSystem_OflpSystem_001tf__p_001tf__s_001tf__v,type,
flpSystem_p_s_v: ( p > s > messageValue_v > message_p_v > nat ) > $o ).
thf(sy_c_FLPSystem_OflpSystem_OagreementInit_001tf__p_001tf__s_001tf__v,type,
agreementInit_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > config256849571t_unit > config256849571t_unit > $o ).
thf(sy_c_FLPSystem_OflpSystem_Oagreement_001tf__p_001tf__v_001tf__s,type,
agreement_p_v_s: config256849571t_unit > $o ).
thf(sy_c_FLPSystem_OflpSystem_OpSilDecVal_001tf__p_001tf__s_001tf__v,type,
pSilDecVal_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > $o > p > config256849571t_unit > $o ).
thf(sy_c_FLPSystem_OflpSystem_OterminationPseudo_001tf__p_001tf__s_001tf__v,type,
termin1618267753_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > nat > config256849571t_unit > set_p > $o ).
thf(sy_c_FLPSystem_OflpSystem_OvUniform_001tf__p_001tf__s_001tf__v,type,
vUniform_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > $o > config256849571t_unit > $o ).
thf(sy_c_FLPSystem_OflpSystem_Ovalidity_001tf__p_001tf__s_001tf__v,type,
validity_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > config256849571t_unit > config256849571t_unit > $o ).
thf(sy_c_FLPTheorem__Mirabelle__bncobrwgic_OflpPseudoConsensus_001tf__p_001tf__s_001tf__v,type,
fLPThe9398366_p_s_v: ( p > s > messageValue_v > s ) > ( p > s > messageValue_v > message_p_v > nat ) > ( p > s ) > $o ).
thf(sy_c_Groups_Oone__class_Oone_001t__Nat__Onat,type,
one_one_nat: nat ).
thf(sy_c_Groups_Ozero__class_Ozero_001t__Nat__Onat,type,
zero_zero_nat: nat ).
thf(sy_c_ListUtilities_OprefixList_001t__AsynchronousSystem__Oconfiguration__Oconfiguration____ext_Itf__p_Mtf__v_Mtf__s_Mt__Product____Type__Ounit_J,type,
prefix1615116500t_unit: list_c1059388851t_unit > list_c1059388851t_unit > $o ).
thf(sy_c_ListUtilities_OprefixList_001t__AsynchronousSystem__Omessage_Itf__p_Mtf__v_J,type,
prefix47729710ge_p_v: list_message_p_v > list_message_p_v > $o ).
thf(sy_c_List_Olast_001t__AsynchronousSystem__Oconfiguration__Oconfiguration____ext_Itf__p_Mtf__v_Mtf__s_Mt__Product____Type__Ounit_J,type,
last_c571238084t_unit: list_c1059388851t_unit > config256849571t_unit ).
thf(sy_c_List_Olast_001t__AsynchronousSystem__Omessage_Itf__p_Mtf__v_J,type,
last_message_p_v: list_message_p_v > message_p_v ).
thf(sy_c_Orderings_Obot__class_Obot_001_062_I_Eo_M_Eo_J,type,
bot_bot_o_o: $o > $o ).
thf(sy_c_Orderings_Obot__class_Obot_001t__Nat__Onat,type,
bot_bot_nat: nat ).
thf(sy_c_Orderings_Obot__class_Obot_001t__Set__Oset_I_Eo_J,type,
bot_bot_set_o: set_o ).
thf(sy_c_Orderings_Obot__class_Obot_001t__Set__Oset_Itf__p_J,type,
bot_bot_set_p: set_p ).
thf(sy_c_Orderings_Oord__class_Oless_001t__Nat__Onat,type,
ord_less_nat: nat > nat > $o ).
thf(sy_c_Orderings_Oord__class_Oless_001t__Set__Oset_I_Eo_J,type,
ord_less_set_o: set_o > set_o > $o ).
thf(sy_c_Orderings_Oord__class_Oless__eq_001_062_I_Eo_M_Eo_J,type,
ord_less_eq_o_o: ( $o > $o ) > ( $o > $o ) > $o ).
thf(sy_c_Orderings_Oord__class_Oless__eq_001_062_Itf__p_M_Eo_J,type,
ord_less_eq_p_o: ( p > $o ) > ( p > $o ) > $o ).
thf(sy_c_Orderings_Oord__class_Oless__eq_001t__Nat__Onat,type,
ord_less_eq_nat: nat > nat > $o ).
thf(sy_c_Orderings_Oord__class_Oless__eq_001t__Set__Oset_I_Eo_J,type,
ord_less_eq_set_o: set_o > set_o > $o ).
thf(sy_c_Orderings_Oord__class_Oless__eq_001t__Set__Oset_Itf__p_J,type,
ord_less_eq_set_p: set_p > set_p > $o ).
thf(sy_c_Set_OCollect_001_Eo,type,
collect_o: ( $o > $o ) > set_o ).
thf(sy_c_Set_OCollect_001tf__p,type,
collect_p: ( p > $o ) > set_p ).
thf(sy_c_Set_Oinsert_001_Eo,type,
insert_o: $o > set_o > set_o ).
thf(sy_c_Set_Oinsert_001tf__p,type,
insert_p: p > set_p > set_p ).
thf(sy_c_member_001_Eo,type,
member_o: $o > set_o > $o ).
thf(sy_c_member_001tf__p,type,
member_p: p > set_p > $o ).
thf(sy_v_cMsg____,type,
cMsg: config256849571t_unit ).
thf(sy_v_c_H____,type,
c: config256849571t_unit ).
thf(sy_v_exec,type,
exec: list_c1059388851t_unit ).
thf(sy_v_execMsga____,type,
execMsga: list_c1059388851t_unit ).
thf(sy_v_exec_H____,type,
exec2: list_c1059388851t_unit ).
thf(sy_v_msg,type,
msg: message_p_v ).
thf(sy_v_p,type,
p2: p ).
thf(sy_v_sends,type,
sends: p > s > messageValue_v > message_p_v > nat ).
thf(sy_v_start,type,
start: p > s ).
thf(sy_v_trace,type,
trace: list_message_p_v ).
thf(sy_v_traceMsga____,type,
traceMsga: list_message_p_v ).
thf(sy_v_trace_H____,type,
trace2: list_message_p_v ).
thf(sy_v_trans,type,
trans: p > s > messageValue_v > s ).
% Relevant facts (355)
thf(fact_0_PisReceiverOf,axiom,
isReceiverOf_p_v @ p2 @ msg ).
% PisReceiverOf
thf(fact_1_InitReachLastExec_H,axiom,
initReachable_p_s_v @ trans @ sends @ start @ ( last_c571238084t_unit @ exec2 ) ).
% InitReachLastExec'
thf(fact_2_NewExec_I3_J,axiom,
( ( last_c571238084t_unit @ exec2 )
= c ) ).
% NewExec(3)
thf(fact_3_CMsg,axiom,
steps_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec2 ) @ msg @ cMsg ).
% CMsg
thf(fact_4_flpPseudoConsensus__axioms,axiom,
fLPThe9398366_p_s_v @ trans @ sends @ start ).
% flpPseudoConsensus_axioms
thf(fact_5_ExecMsg_I3_J,axiom,
( ( last_c571238084t_unit @ execMsga )
= cMsg ) ).
% ExecMsg(3)
thf(fact_6__092_060open_062_092_060lbrakk_062p_A_061_Ap_059_Alast_Aexec_H_A_092_060turnstile_062_Amsg_A_092_060mapsto_062_AcMsg_059_AisReceiverOf_Ap_Amsg_059_AinitReachable_A_Ilast_Aexec_H_J_092_060rbrakk_062_A_092_060Longrightarrow_062_Aval_091p_Mlast_Aexec_H_093_A_092_060subseteq_062_Aval_091p_McMsg_093_092_060close_062,axiom,
( ( p2 = p2 )
=> ( ( steps_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec2 ) @ msg @ cMsg )
=> ( ( isReceiverOf_p_v @ p2 @ msg )
=> ( ( initReachable_p_s_v @ trans @ sends @ start @ ( last_c571238084t_unit @ exec2 ) )
=> ( ord_less_eq_set_o
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ p2 @ ( last_c571238084t_unit @ exec2 ) ) )
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ p2 @ cMsg ) ) ) ) ) ) ) ).
% \<open>\<lbrakk>p = p; last exec' \<turnstile> msg \<mapsto> cMsg; isReceiverOf p msg; initReachable (last exec')\<rbrakk> \<Longrightarrow> val[p,last exec'] \<subseteq> val[p,cMsg]\<close>
thf(fact_7_DiamondOne,axiom,
! [Cfg: config256849571t_unit,M: message_p_v,Cfg1: config256849571t_unit,P: p,Q: p,M2: message_p_v,Cfg2: config256849571t_unit] :
( ( steps_p_s_v @ trans @ sends @ Cfg @ M @ Cfg1 )
=> ( ( P != Q )
=> ( ( isReceiverOf_p_v @ P @ M )
=> ( ~ ( isReceiverOf_p_v @ P @ M2 )
=> ( ( isReceiverOf_p_v @ Q @ M2 )
=> ( ~ ( isReceiverOf_p_v @ Q @ M )
=> ( ( steps_p_s_v @ trans @ sends @ Cfg @ M2 @ Cfg2 )
=> ? [Cfg3: config256849571t_unit] :
( ( steps_p_s_v @ trans @ sends @ Cfg1 @ M2 @ Cfg3 )
& ( steps_p_s_v @ trans @ sends @ Cfg2 @ M @ Cfg3 ) ) ) ) ) ) ) ) ) ).
% DiamondOne
thf(fact_8_True,axiom,
enabled_p_v_s @ ( last_c571238084t_unit @ exec2 ) @ msg ).
% True
thf(fact_9__092_060open_062_092_060exists_062cMsg_O_Alast_Aexec_H_A_092_060turnstile_062_Amsg_A_092_060mapsto_062_AcMsg_092_060close_062,axiom,
? [X_1: config256849571t_unit] : ( steps_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec2 ) @ msg @ X_1 ) ).
% \<open>\<exists>cMsg. last exec' \<turnstile> msg \<mapsto> cMsg\<close>
thf(fact_10__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062cMsg_O_Alast_Aexec_H_A_092_060turnstile_062_Amsg_A_092_060mapsto_062_AcMsg_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [CMsg: config256849571t_unit] :
~ ( steps_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec2 ) @ msg @ CMsg ) ).
% \<open>\<And>thesis. (\<And>cMsg. last exec' \<turnstile> msg \<mapsto> cMsg \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_11_Agreement,axiom,
! [I: config256849571t_unit,C: config256849571t_unit] : ( agreementInit_p_s_v @ trans @ sends @ start @ I @ C ) ).
% Agreement
thf(fact_12_ActiveProcessSilentDecisionValuesIncrease,axiom,
! [P: p,Q: p,C: config256849571t_unit,Msg: message_p_v,C2: config256849571t_unit] :
( ( P = Q )
=> ( ( steps_p_s_v @ trans @ sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
=> ( ord_less_eq_set_o
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ Q @ C ) )
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ Q @ C2 ) ) ) ) ) ) ) ).
% ActiveProcessSilentDecisionValuesIncrease
thf(fact_13_InactiveProcessSilentDecisionValuesDecrease,axiom,
! [P: p,Q: p,C: config256849571t_unit,Msg: message_p_v,C2: config256849571t_unit] :
( ( P != Q )
=> ( ( steps_p_s_v @ trans @ sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
=> ( ord_less_eq_set_o
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ Q @ C2 ) )
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ Q @ C ) ) ) ) ) ) ) ).
% InactiveProcessSilentDecisionValuesDecrease
thf(fact_14_nonUniformC_H,axiom,
( ( initReachable_p_s_v @ trans @ sends @ start @ ( last_c571238084t_unit @ exec2 ) )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $false @ ( last_c571238084t_unit @ exec2 ) )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $true @ ( last_c571238084t_unit @ exec2 ) ) ) ).
% nonUniformC'
thf(fact_15_InitReachLastExecMsg,axiom,
initReachable_p_s_v @ trans @ sends @ start @ ( last_c571238084t_unit @ execMsga ) ).
% InitReachLastExecMsg
thf(fact_16_NewExec_I1_J,axiom,
execution_p_s_v @ trans @ sends @ start @ exec2 @ trace2 ).
% NewExec(1)
thf(fact_17_InitialIsInitReachable,axiom,
! [C: config256849571t_unit] :
( ( initial_p_s_v @ start @ C )
=> ( initReachable_p_s_v @ trans @ sends @ start @ C ) ) ).
% InitialIsInitReachable
thf(fact_18_flpSystem__axioms,axiom,
flpSystem_p_s_v @ sends ).
% flpSystem_axioms
thf(fact_19_subsetI,axiom,
! [A: set_p,B: set_p] :
( ! [X: p] :
( ( member_p @ X @ A )
=> ( member_p @ X @ B ) )
=> ( ord_less_eq_set_p @ A @ B ) ) ).
% subsetI
thf(fact_20_subsetI,axiom,
! [A: set_o,B: set_o] :
( ! [X: $o] :
( ( member_o @ X @ A )
=> ( member_o @ X @ B ) )
=> ( ord_less_eq_set_o @ A @ B ) ) ).
% subsetI
thf(fact_21_subset__antisym,axiom,
! [A: set_p,B: set_p] :
( ( ord_less_eq_set_p @ A @ B )
=> ( ( ord_less_eq_set_p @ B @ A )
=> ( A = B ) ) ) ).
% subset_antisym
thf(fact_22_subset__antisym,axiom,
! [A: set_o,B: set_o] :
( ( ord_less_eq_set_o @ A @ B )
=> ( ( ord_less_eq_set_o @ B @ A )
=> ( A = B ) ) ) ).
% subset_antisym
thf(fact_23_QReachableTrans,axiom,
! [Cfg2: config256849571t_unit,Q2: set_p,Cfg32: config256849571t_unit,Cfg1: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ Cfg2 @ Q2 @ Cfg32 )
=> ( ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ).
% QReachableTrans
thf(fact_24_InitQ,axiom,
! [Cfg1: config256849571t_unit,Q2: set_p] : ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg1 ) ).
% InitQ
thf(fact_25_order__refl,axiom,
! [X2: set_p] : ( ord_less_eq_set_p @ X2 @ X2 ) ).
% order_refl
thf(fact_26_order__refl,axiom,
! [X2: $o > $o] : ( ord_less_eq_o_o @ X2 @ X2 ) ).
% order_refl
thf(fact_27_order__refl,axiom,
! [X2: p > $o] : ( ord_less_eq_p_o @ X2 @ X2 ) ).
% order_refl
thf(fact_28_order__refl,axiom,
! [X2: set_o] : ( ord_less_eq_set_o @ X2 @ X2 ) ).
% order_refl
thf(fact_29_order__refl,axiom,
! [X2: nat] : ( ord_less_eq_nat @ X2 @ X2 ) ).
% order_refl
thf(fact_30_OnlyOccurenceDisables,axiom,
! [Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,M2: message_p_v] :
( ( steps_p_s_v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ( enabled_p_v_s @ Cfg1 @ M2 )
=> ( ~ ( enabled_p_v_s @ Cfg2 @ M2 )
=> ( M = M2 ) ) ) ) ).
% OnlyOccurenceDisables
thf(fact_31_qReachable_Osimps,axiom,
! [A1: config256849571t_unit,A2: set_p,A3: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ A1 @ A2 @ A3 )
= ( ( A3 = A1 )
| ? [Cfg22: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ A1 @ A2 @ Cfg22 )
& ? [Msg2: message_p_v] :
( ( steps_p_s_v @ trans @ sends @ Cfg22 @ Msg2 @ A3 )
& ? [X3: p] :
( ( member_p @ X3 @ A2 )
& ( isReceiverOf_p_v @ X3 @ Msg2 ) ) ) ) ) ) ).
% qReachable.simps
thf(fact_32_qReachable_Oinducts,axiom,
! [X1: config256849571t_unit,X22: set_p,X32: config256849571t_unit,P2: config256849571t_unit > set_p > config256849571t_unit > $o] :
( ( qReachable_p_s_v @ trans @ sends @ X1 @ X22 @ X32 )
=> ( ! [Cfg12: config256849571t_unit,Q3: set_p] : ( P2 @ Cfg12 @ Q3 @ Cfg12 )
=> ( ! [Cfg12: config256849571t_unit,Q3: set_p,Cfg23: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ Cfg12 @ Q3 @ Cfg23 )
=> ( ( P2 @ Cfg12 @ Q3 @ Cfg23 )
=> ! [Msg3: message_p_v,Cfg33: config256849571t_unit] :
( ( steps_p_s_v @ trans @ sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( ? [X: p] :
( ( member_p @ X @ Q3 )
& ( isReceiverOf_p_v @ X @ Msg3 ) )
=> ( P2 @ Cfg12 @ Q3 @ Cfg33 ) ) ) ) )
=> ( P2 @ X1 @ X22 @ X32 ) ) ) ) ).
% qReachable.inducts
thf(fact_33_qReachable_Ocases,axiom,
! [A1: config256849571t_unit,A2: set_p,A3: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ A1 @ A2 @ A3 )
=> ( ( A3 != A1 )
=> ~ ! [Cfg23: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ A1 @ A2 @ Cfg23 )
=> ! [Msg3: message_p_v] :
( ( steps_p_s_v @ trans @ sends @ Cfg23 @ Msg3 @ A3 )
=> ~ ? [X: p] :
( ( member_p @ X @ A2 )
& ( isReceiverOf_p_v @ X @ Msg3 ) ) ) ) ) ) ).
% qReachable.cases
thf(fact_34_StepQ,axiom,
! [Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit,Msg: message_p_v,Cfg32: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ( steps_p_s_v @ trans @ sends @ Cfg2 @ Msg @ Cfg32 )
=> ( ? [X4: p] :
( ( member_p @ X4 @ Q2 )
& ( isReceiverOf_p_v @ X4 @ Msg ) )
=> ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ) ).
% StepQ
thf(fact_35_ExecMsg_I1_J,axiom,
prefix1615116500t_unit @ exec2 @ execMsga ).
% ExecMsg(1)
thf(fact_36_isExecution,axiom,
execution_p_s_v @ trans @ sends @ start @ execMsga @ traceMsga ).
% isExecution
thf(fact_37_MsgEnabled,axiom,
enabled_p_v_s @ ( last_c571238084t_unit @ exec ) @ msg ).
% MsgEnabled
thf(fact_38_NonUniformLexec,axiom,
( ( initReachable_p_s_v @ trans @ sends @ start @ ( last_c571238084t_unit @ exec ) )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $false @ ( last_c571238084t_unit @ exec ) )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $true @ ( last_c571238084t_unit @ exec ) ) ) ).
% NonUniformLexec
thf(fact_39_flpPseudoConsensus_Oaxioms_I1_J,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Start: p > s] :
( ( fLPThe9398366_p_s_v @ Trans @ Sends @ Start )
=> ( flpSystem_p_s_v @ Sends ) ) ).
% flpPseudoConsensus.axioms(1)
thf(fact_40_flpPseudoConsensus_OAgreement,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Start: p > s,I: config256849571t_unit,C: config256849571t_unit] :
( ( fLPThe9398366_p_s_v @ Trans @ Sends @ Start )
=> ( agreementInit_p_s_v @ Trans @ Sends @ Start @ I @ C ) ) ).
% flpPseudoConsensus.Agreement
thf(fact_41_less__eq__set__def,axiom,
( ord_less_eq_set_p
= ( ^ [A4: set_p,B2: set_p] :
( ord_less_eq_p_o
@ ^ [X3: p] : ( member_p @ X3 @ A4 )
@ ^ [X3: p] : ( member_p @ X3 @ B2 ) ) ) ) ).
% less_eq_set_def
thf(fact_42_less__eq__set__def,axiom,
( ord_less_eq_set_o
= ( ^ [A4: set_o,B2: set_o] :
( ord_less_eq_o_o
@ ^ [X3: $o] : ( member_o @ X3 @ A4 )
@ ^ [X3: $o] : ( member_o @ X3 @ B2 ) ) ) ) ).
% less_eq_set_def
thf(fact_43_dual__order_Oantisym,axiom,
! [B3: set_p,A5: set_p] :
( ( ord_less_eq_set_p @ B3 @ A5 )
=> ( ( ord_less_eq_set_p @ A5 @ B3 )
=> ( A5 = B3 ) ) ) ).
% dual_order.antisym
thf(fact_44_dual__order_Oantisym,axiom,
! [B3: $o > $o,A5: $o > $o] :
( ( ord_less_eq_o_o @ B3 @ A5 )
=> ( ( ord_less_eq_o_o @ A5 @ B3 )
=> ( A5 = B3 ) ) ) ).
% dual_order.antisym
thf(fact_45_dual__order_Oantisym,axiom,
! [B3: p > $o,A5: p > $o] :
( ( ord_less_eq_p_o @ B3 @ A5 )
=> ( ( ord_less_eq_p_o @ A5 @ B3 )
=> ( A5 = B3 ) ) ) ).
% dual_order.antisym
thf(fact_46_dual__order_Oantisym,axiom,
! [B3: set_o,A5: set_o] :
( ( ord_less_eq_set_o @ B3 @ A5 )
=> ( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( A5 = B3 ) ) ) ).
% dual_order.antisym
thf(fact_47_dual__order_Oantisym,axiom,
! [B3: nat,A5: nat] :
( ( ord_less_eq_nat @ B3 @ A5 )
=> ( ( ord_less_eq_nat @ A5 @ B3 )
=> ( A5 = B3 ) ) ) ).
% dual_order.antisym
thf(fact_48_dual__order_Oeq__iff,axiom,
( ( ^ [Y: set_p,Z: set_p] : Y = Z )
= ( ^ [A6: set_p,B4: set_p] :
( ( ord_less_eq_set_p @ B4 @ A6 )
& ( ord_less_eq_set_p @ A6 @ B4 ) ) ) ) ).
% dual_order.eq_iff
thf(fact_49_dual__order_Oeq__iff,axiom,
( ( ^ [Y: $o > $o,Z: $o > $o] : Y = Z )
= ( ^ [A6: $o > $o,B4: $o > $o] :
( ( ord_less_eq_o_o @ B4 @ A6 )
& ( ord_less_eq_o_o @ A6 @ B4 ) ) ) ) ).
% dual_order.eq_iff
thf(fact_50_dual__order_Oeq__iff,axiom,
( ( ^ [Y: p > $o,Z: p > $o] : Y = Z )
= ( ^ [A6: p > $o,B4: p > $o] :
( ( ord_less_eq_p_o @ B4 @ A6 )
& ( ord_less_eq_p_o @ A6 @ B4 ) ) ) ) ).
% dual_order.eq_iff
thf(fact_51_dual__order_Oeq__iff,axiom,
( ( ^ [Y: set_o,Z: set_o] : Y = Z )
= ( ^ [A6: set_o,B4: set_o] :
( ( ord_less_eq_set_o @ B4 @ A6 )
& ( ord_less_eq_set_o @ A6 @ B4 ) ) ) ) ).
% dual_order.eq_iff
thf(fact_52_dual__order_Oeq__iff,axiom,
( ( ^ [Y: nat,Z: nat] : Y = Z )
= ( ^ [A6: nat,B4: nat] :
( ( ord_less_eq_nat @ B4 @ A6 )
& ( ord_less_eq_nat @ A6 @ B4 ) ) ) ) ).
% dual_order.eq_iff
thf(fact_53_dual__order_Otrans,axiom,
! [B3: set_p,A5: set_p,C: set_p] :
( ( ord_less_eq_set_p @ B3 @ A5 )
=> ( ( ord_less_eq_set_p @ C @ B3 )
=> ( ord_less_eq_set_p @ C @ A5 ) ) ) ).
% dual_order.trans
thf(fact_54_dual__order_Otrans,axiom,
! [B3: $o > $o,A5: $o > $o,C: $o > $o] :
( ( ord_less_eq_o_o @ B3 @ A5 )
=> ( ( ord_less_eq_o_o @ C @ B3 )
=> ( ord_less_eq_o_o @ C @ A5 ) ) ) ).
% dual_order.trans
thf(fact_55_dual__order_Otrans,axiom,
! [B3: p > $o,A5: p > $o,C: p > $o] :
( ( ord_less_eq_p_o @ B3 @ A5 )
=> ( ( ord_less_eq_p_o @ C @ B3 )
=> ( ord_less_eq_p_o @ C @ A5 ) ) ) ).
% dual_order.trans
thf(fact_56_dual__order_Otrans,axiom,
! [B3: set_o,A5: set_o,C: set_o] :
( ( ord_less_eq_set_o @ B3 @ A5 )
=> ( ( ord_less_eq_set_o @ C @ B3 )
=> ( ord_less_eq_set_o @ C @ A5 ) ) ) ).
% dual_order.trans
thf(fact_57_dual__order_Otrans,axiom,
! [B3: nat,A5: nat,C: nat] :
( ( ord_less_eq_nat @ B3 @ A5 )
=> ( ( ord_less_eq_nat @ C @ B3 )
=> ( ord_less_eq_nat @ C @ A5 ) ) ) ).
% dual_order.trans
thf(fact_58_linorder__wlog,axiom,
! [P2: nat > nat > $o,A5: nat,B3: nat] :
( ! [A7: nat,B5: nat] :
( ( ord_less_eq_nat @ A7 @ B5 )
=> ( P2 @ A7 @ B5 ) )
=> ( ! [A7: nat,B5: nat] :
( ( P2 @ B5 @ A7 )
=> ( P2 @ A7 @ B5 ) )
=> ( P2 @ A5 @ B3 ) ) ) ).
% linorder_wlog
thf(fact_59_dual__order_Orefl,axiom,
! [A5: set_p] : ( ord_less_eq_set_p @ A5 @ A5 ) ).
% dual_order.refl
thf(fact_60_dual__order_Orefl,axiom,
! [A5: $o > $o] : ( ord_less_eq_o_o @ A5 @ A5 ) ).
% dual_order.refl
thf(fact_61_dual__order_Orefl,axiom,
! [A5: p > $o] : ( ord_less_eq_p_o @ A5 @ A5 ) ).
% dual_order.refl
thf(fact_62_dual__order_Orefl,axiom,
! [A5: set_o] : ( ord_less_eq_set_o @ A5 @ A5 ) ).
% dual_order.refl
thf(fact_63_dual__order_Orefl,axiom,
! [A5: nat] : ( ord_less_eq_nat @ A5 @ A5 ) ).
% dual_order.refl
thf(fact_64_order__trans,axiom,
! [X2: set_p,Y2: set_p,Z2: set_p] :
( ( ord_less_eq_set_p @ X2 @ Y2 )
=> ( ( ord_less_eq_set_p @ Y2 @ Z2 )
=> ( ord_less_eq_set_p @ X2 @ Z2 ) ) ) ).
% order_trans
thf(fact_65_order__trans,axiom,
! [X2: $o > $o,Y2: $o > $o,Z2: $o > $o] :
( ( ord_less_eq_o_o @ X2 @ Y2 )
=> ( ( ord_less_eq_o_o @ Y2 @ Z2 )
=> ( ord_less_eq_o_o @ X2 @ Z2 ) ) ) ).
% order_trans
thf(fact_66_order__trans,axiom,
! [X2: p > $o,Y2: p > $o,Z2: p > $o] :
( ( ord_less_eq_p_o @ X2 @ Y2 )
=> ( ( ord_less_eq_p_o @ Y2 @ Z2 )
=> ( ord_less_eq_p_o @ X2 @ Z2 ) ) ) ).
% order_trans
thf(fact_67_order__trans,axiom,
! [X2: set_o,Y2: set_o,Z2: set_o] :
( ( ord_less_eq_set_o @ X2 @ Y2 )
=> ( ( ord_less_eq_set_o @ Y2 @ Z2 )
=> ( ord_less_eq_set_o @ X2 @ Z2 ) ) ) ).
% order_trans
thf(fact_68_order__trans,axiom,
! [X2: nat,Y2: nat,Z2: nat] :
( ( ord_less_eq_nat @ X2 @ Y2 )
=> ( ( ord_less_eq_nat @ Y2 @ Z2 )
=> ( ord_less_eq_nat @ X2 @ Z2 ) ) ) ).
% order_trans
thf(fact_69_order__class_Oorder_Oantisym,axiom,
! [A5: set_p,B3: set_p] :
( ( ord_less_eq_set_p @ A5 @ B3 )
=> ( ( ord_less_eq_set_p @ B3 @ A5 )
=> ( A5 = B3 ) ) ) ).
% order_class.order.antisym
thf(fact_70_order__class_Oorder_Oantisym,axiom,
! [A5: $o > $o,B3: $o > $o] :
( ( ord_less_eq_o_o @ A5 @ B3 )
=> ( ( ord_less_eq_o_o @ B3 @ A5 )
=> ( A5 = B3 ) ) ) ).
% order_class.order.antisym
thf(fact_71_order__class_Oorder_Oantisym,axiom,
! [A5: p > $o,B3: p > $o] :
( ( ord_less_eq_p_o @ A5 @ B3 )
=> ( ( ord_less_eq_p_o @ B3 @ A5 )
=> ( A5 = B3 ) ) ) ).
% order_class.order.antisym
thf(fact_72_order__class_Oorder_Oantisym,axiom,
! [A5: set_o,B3: set_o] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ord_less_eq_set_o @ B3 @ A5 )
=> ( A5 = B3 ) ) ) ).
% order_class.order.antisym
thf(fact_73_order__class_Oorder_Oantisym,axiom,
! [A5: nat,B3: nat] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ord_less_eq_nat @ B3 @ A5 )
=> ( A5 = B3 ) ) ) ).
% order_class.order.antisym
thf(fact_74_ord__le__eq__trans,axiom,
! [A5: set_p,B3: set_p,C: set_p] :
( ( ord_less_eq_set_p @ A5 @ B3 )
=> ( ( B3 = C )
=> ( ord_less_eq_set_p @ A5 @ C ) ) ) ).
% ord_le_eq_trans
thf(fact_75_ord__le__eq__trans,axiom,
! [A5: $o > $o,B3: $o > $o,C: $o > $o] :
( ( ord_less_eq_o_o @ A5 @ B3 )
=> ( ( B3 = C )
=> ( ord_less_eq_o_o @ A5 @ C ) ) ) ).
% ord_le_eq_trans
thf(fact_76_ord__le__eq__trans,axiom,
! [A5: p > $o,B3: p > $o,C: p > $o] :
( ( ord_less_eq_p_o @ A5 @ B3 )
=> ( ( B3 = C )
=> ( ord_less_eq_p_o @ A5 @ C ) ) ) ).
% ord_le_eq_trans
thf(fact_77_ord__le__eq__trans,axiom,
! [A5: set_o,B3: set_o,C: set_o] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( B3 = C )
=> ( ord_less_eq_set_o @ A5 @ C ) ) ) ).
% ord_le_eq_trans
thf(fact_78_ord__le__eq__trans,axiom,
! [A5: nat,B3: nat,C: nat] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( B3 = C )
=> ( ord_less_eq_nat @ A5 @ C ) ) ) ).
% ord_le_eq_trans
thf(fact_79_ord__eq__le__trans,axiom,
! [A5: set_p,B3: set_p,C: set_p] :
( ( A5 = B3 )
=> ( ( ord_less_eq_set_p @ B3 @ C )
=> ( ord_less_eq_set_p @ A5 @ C ) ) ) ).
% ord_eq_le_trans
thf(fact_80_ord__eq__le__trans,axiom,
! [A5: $o > $o,B3: $o > $o,C: $o > $o] :
( ( A5 = B3 )
=> ( ( ord_less_eq_o_o @ B3 @ C )
=> ( ord_less_eq_o_o @ A5 @ C ) ) ) ).
% ord_eq_le_trans
thf(fact_81_ord__eq__le__trans,axiom,
! [A5: p > $o,B3: p > $o,C: p > $o] :
( ( A5 = B3 )
=> ( ( ord_less_eq_p_o @ B3 @ C )
=> ( ord_less_eq_p_o @ A5 @ C ) ) ) ).
% ord_eq_le_trans
thf(fact_82_ord__eq__le__trans,axiom,
! [A5: set_o,B3: set_o,C: set_o] :
( ( A5 = B3 )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ord_less_eq_set_o @ A5 @ C ) ) ) ).
% ord_eq_le_trans
thf(fact_83_ord__eq__le__trans,axiom,
! [A5: nat,B3: nat,C: nat] :
( ( A5 = B3 )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ord_less_eq_nat @ A5 @ C ) ) ) ).
% ord_eq_le_trans
thf(fact_84_mem__Collect__eq,axiom,
! [A5: p,P2: p > $o] :
( ( member_p @ A5 @ ( collect_p @ P2 ) )
= ( P2 @ A5 ) ) ).
% mem_Collect_eq
thf(fact_85_mem__Collect__eq,axiom,
! [A5: $o,P2: $o > $o] :
( ( member_o @ A5 @ ( collect_o @ P2 ) )
= ( P2 @ A5 ) ) ).
% mem_Collect_eq
thf(fact_86_Collect__mem__eq,axiom,
! [A: set_p] :
( ( collect_p
@ ^ [X3: p] : ( member_p @ X3 @ A ) )
= A ) ).
% Collect_mem_eq
thf(fact_87_Collect__mem__eq,axiom,
! [A: set_o] :
( ( collect_o
@ ^ [X3: $o] : ( member_o @ X3 @ A ) )
= A ) ).
% Collect_mem_eq
thf(fact_88_Collect__cong,axiom,
! [P2: p > $o,Q2: p > $o] :
( ! [X: p] :
( ( P2 @ X )
= ( Q2 @ X ) )
=> ( ( collect_p @ P2 )
= ( collect_p @ Q2 ) ) ) ).
% Collect_cong
thf(fact_89_Collect__cong,axiom,
! [P2: $o > $o,Q2: $o > $o] :
( ! [X: $o] :
( ( P2 @ X )
= ( Q2 @ X ) )
=> ( ( collect_o @ P2 )
= ( collect_o @ Q2 ) ) ) ).
% Collect_cong
thf(fact_90_order__class_Oorder_Oeq__iff,axiom,
( ( ^ [Y: set_p,Z: set_p] : Y = Z )
= ( ^ [A6: set_p,B4: set_p] :
( ( ord_less_eq_set_p @ A6 @ B4 )
& ( ord_less_eq_set_p @ B4 @ A6 ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_91_order__class_Oorder_Oeq__iff,axiom,
( ( ^ [Y: $o > $o,Z: $o > $o] : Y = Z )
= ( ^ [A6: $o > $o,B4: $o > $o] :
( ( ord_less_eq_o_o @ A6 @ B4 )
& ( ord_less_eq_o_o @ B4 @ A6 ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_92_order__class_Oorder_Oeq__iff,axiom,
( ( ^ [Y: p > $o,Z: p > $o] : Y = Z )
= ( ^ [A6: p > $o,B4: p > $o] :
( ( ord_less_eq_p_o @ A6 @ B4 )
& ( ord_less_eq_p_o @ B4 @ A6 ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_93_order__class_Oorder_Oeq__iff,axiom,
( ( ^ [Y: set_o,Z: set_o] : Y = Z )
= ( ^ [A6: set_o,B4: set_o] :
( ( ord_less_eq_set_o @ A6 @ B4 )
& ( ord_less_eq_set_o @ B4 @ A6 ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_94_order__class_Oorder_Oeq__iff,axiom,
( ( ^ [Y: nat,Z: nat] : Y = Z )
= ( ^ [A6: nat,B4: nat] :
( ( ord_less_eq_nat @ A6 @ B4 )
& ( ord_less_eq_nat @ B4 @ A6 ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_95_antisym__conv,axiom,
! [Y2: set_p,X2: set_p] :
( ( ord_less_eq_set_p @ Y2 @ X2 )
=> ( ( ord_less_eq_set_p @ X2 @ Y2 )
= ( X2 = Y2 ) ) ) ).
% antisym_conv
thf(fact_96_antisym__conv,axiom,
! [Y2: $o > $o,X2: $o > $o] :
( ( ord_less_eq_o_o @ Y2 @ X2 )
=> ( ( ord_less_eq_o_o @ X2 @ Y2 )
= ( X2 = Y2 ) ) ) ).
% antisym_conv
thf(fact_97_antisym__conv,axiom,
! [Y2: p > $o,X2: p > $o] :
( ( ord_less_eq_p_o @ Y2 @ X2 )
=> ( ( ord_less_eq_p_o @ X2 @ Y2 )
= ( X2 = Y2 ) ) ) ).
% antisym_conv
thf(fact_98_antisym__conv,axiom,
! [Y2: set_o,X2: set_o] :
( ( ord_less_eq_set_o @ Y2 @ X2 )
=> ( ( ord_less_eq_set_o @ X2 @ Y2 )
= ( X2 = Y2 ) ) ) ).
% antisym_conv
thf(fact_99_antisym__conv,axiom,
! [Y2: nat,X2: nat] :
( ( ord_less_eq_nat @ Y2 @ X2 )
=> ( ( ord_less_eq_nat @ X2 @ Y2 )
= ( X2 = Y2 ) ) ) ).
% antisym_conv
thf(fact_100_le__cases3,axiom,
! [X2: nat,Y2: nat,Z2: nat] :
( ( ( ord_less_eq_nat @ X2 @ Y2 )
=> ~ ( ord_less_eq_nat @ Y2 @ Z2 ) )
=> ( ( ( ord_less_eq_nat @ Y2 @ X2 )
=> ~ ( ord_less_eq_nat @ X2 @ Z2 ) )
=> ( ( ( ord_less_eq_nat @ X2 @ Z2 )
=> ~ ( ord_less_eq_nat @ Z2 @ Y2 ) )
=> ( ( ( ord_less_eq_nat @ Z2 @ Y2 )
=> ~ ( ord_less_eq_nat @ Y2 @ X2 ) )
=> ( ( ( ord_less_eq_nat @ Y2 @ Z2 )
=> ~ ( ord_less_eq_nat @ Z2 @ X2 ) )
=> ~ ( ( ord_less_eq_nat @ Z2 @ X2 )
=> ~ ( ord_less_eq_nat @ X2 @ Y2 ) ) ) ) ) ) ) ).
% le_cases3
thf(fact_101_order_Otrans,axiom,
! [A5: set_p,B3: set_p,C: set_p] :
( ( ord_less_eq_set_p @ A5 @ B3 )
=> ( ( ord_less_eq_set_p @ B3 @ C )
=> ( ord_less_eq_set_p @ A5 @ C ) ) ) ).
% order.trans
thf(fact_102_order_Otrans,axiom,
! [A5: $o > $o,B3: $o > $o,C: $o > $o] :
( ( ord_less_eq_o_o @ A5 @ B3 )
=> ( ( ord_less_eq_o_o @ B3 @ C )
=> ( ord_less_eq_o_o @ A5 @ C ) ) ) ).
% order.trans
thf(fact_103_order_Otrans,axiom,
! [A5: p > $o,B3: p > $o,C: p > $o] :
( ( ord_less_eq_p_o @ A5 @ B3 )
=> ( ( ord_less_eq_p_o @ B3 @ C )
=> ( ord_less_eq_p_o @ A5 @ C ) ) ) ).
% order.trans
thf(fact_104_order_Otrans,axiom,
! [A5: set_o,B3: set_o,C: set_o] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ord_less_eq_set_o @ A5 @ C ) ) ) ).
% order.trans
thf(fact_105_order_Otrans,axiom,
! [A5: nat,B3: nat,C: nat] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ord_less_eq_nat @ A5 @ C ) ) ) ).
% order.trans
thf(fact_106_le__cases,axiom,
! [X2: nat,Y2: nat] :
( ~ ( ord_less_eq_nat @ X2 @ Y2 )
=> ( ord_less_eq_nat @ Y2 @ X2 ) ) ).
% le_cases
thf(fact_107_eq__refl,axiom,
! [X2: $o > $o,Y2: $o > $o] :
( ( X2 = Y2 )
=> ( ord_less_eq_o_o @ X2 @ Y2 ) ) ).
% eq_refl
thf(fact_108_eq__refl,axiom,
! [X2: p > $o,Y2: p > $o] :
( ( X2 = Y2 )
=> ( ord_less_eq_p_o @ X2 @ Y2 ) ) ).
% eq_refl
thf(fact_109_eq__refl,axiom,
! [X2: set_o,Y2: set_o] :
( ( X2 = Y2 )
=> ( ord_less_eq_set_o @ X2 @ Y2 ) ) ).
% eq_refl
thf(fact_110_eq__refl,axiom,
! [X2: nat,Y2: nat] :
( ( X2 = Y2 )
=> ( ord_less_eq_nat @ X2 @ Y2 ) ) ).
% eq_refl
thf(fact_111_linear,axiom,
! [X2: nat,Y2: nat] :
( ( ord_less_eq_nat @ X2 @ Y2 )
| ( ord_less_eq_nat @ Y2 @ X2 ) ) ).
% linear
thf(fact_112_antisym,axiom,
! [X2: set_o,Y2: set_o] :
( ( ord_less_eq_set_o @ X2 @ Y2 )
=> ( ( ord_less_eq_set_o @ Y2 @ X2 )
=> ( X2 = Y2 ) ) ) ).
% antisym
thf(fact_113_antisym,axiom,
! [X2: nat,Y2: nat] :
( ( ord_less_eq_nat @ X2 @ Y2 )
=> ( ( ord_less_eq_nat @ Y2 @ X2 )
=> ( X2 = Y2 ) ) ) ).
% antisym
thf(fact_114_eq__iff,axiom,
( ( ^ [Y: set_o,Z: set_o] : Y = Z )
= ( ^ [X3: set_o,Y3: set_o] :
( ( ord_less_eq_set_o @ X3 @ Y3 )
& ( ord_less_eq_set_o @ Y3 @ X3 ) ) ) ) ).
% eq_iff
thf(fact_115_eq__iff,axiom,
( ( ^ [Y: nat,Z: nat] : Y = Z )
= ( ^ [X3: nat,Y3: nat] :
( ( ord_less_eq_nat @ X3 @ Y3 )
& ( ord_less_eq_nat @ Y3 @ X3 ) ) ) ) ).
% eq_iff
thf(fact_116_ord__le__eq__subst,axiom,
! [A5: set_o,B3: set_o,F: set_o > set_o,C: set_o] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ( F @ B3 )
= C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ ( F @ A5 ) @ C ) ) ) ) ).
% ord_le_eq_subst
thf(fact_117_ord__le__eq__subst,axiom,
! [A5: set_o,B3: set_o,F: set_o > nat,C: nat] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ( F @ B3 )
= C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ ( F @ A5 ) @ C ) ) ) ) ).
% ord_le_eq_subst
thf(fact_118_ord__le__eq__subst,axiom,
! [A5: nat,B3: nat,F: nat > set_o,C: set_o] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ( F @ B3 )
= C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ ( F @ A5 ) @ C ) ) ) ) ).
% ord_le_eq_subst
thf(fact_119_ord__le__eq__subst,axiom,
! [A5: nat,B3: nat,F: nat > nat,C: nat] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ( F @ B3 )
= C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ ( F @ A5 ) @ C ) ) ) ) ).
% ord_le_eq_subst
thf(fact_120_ord__eq__le__subst,axiom,
! [A5: set_o,F: set_o > set_o,B3: set_o,C: set_o] :
( ( A5
= ( F @ B3 ) )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ A5 @ ( F @ C ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_121_ord__eq__le__subst,axiom,
! [A5: nat,F: set_o > nat,B3: set_o,C: set_o] :
( ( A5
= ( F @ B3 ) )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ A5 @ ( F @ C ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_122_ord__eq__le__subst,axiom,
! [A5: set_o,F: nat > set_o,B3: nat,C: nat] :
( ( A5
= ( F @ B3 ) )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ A5 @ ( F @ C ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_123_ord__eq__le__subst,axiom,
! [A5: nat,F: nat > nat,B3: nat,C: nat] :
( ( A5
= ( F @ B3 ) )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ A5 @ ( F @ C ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_124_order__subst2,axiom,
! [A5: set_o,B3: set_o,F: set_o > set_o,C: set_o] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ord_less_eq_set_o @ ( F @ B3 ) @ C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ ( F @ A5 ) @ C ) ) ) ) ).
% order_subst2
thf(fact_125_order__subst2,axiom,
! [A5: set_o,B3: set_o,F: set_o > nat,C: nat] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ord_less_eq_nat @ ( F @ B3 ) @ C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ ( F @ A5 ) @ C ) ) ) ) ).
% order_subst2
thf(fact_126_order__subst2,axiom,
! [A5: nat,B3: nat,F: nat > set_o,C: set_o] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ord_less_eq_set_o @ ( F @ B3 ) @ C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ ( F @ A5 ) @ C ) ) ) ) ).
% order_subst2
thf(fact_127_order__subst2,axiom,
! [A5: nat,B3: nat,F: nat > nat,C: nat] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ord_less_eq_nat @ ( F @ B3 ) @ C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ ( F @ A5 ) @ C ) ) ) ) ).
% order_subst2
thf(fact_128_order__subst1,axiom,
! [A5: set_o,F: set_o > set_o,B3: set_o,C: set_o] :
( ( ord_less_eq_set_o @ A5 @ ( F @ B3 ) )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ A5 @ ( F @ C ) ) ) ) ) ).
% order_subst1
thf(fact_129_order__subst1,axiom,
! [A5: set_o,F: nat > set_o,B3: nat,C: nat] :
( ( ord_less_eq_set_o @ A5 @ ( F @ B3 ) )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_set_o @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_set_o @ A5 @ ( F @ C ) ) ) ) ) ).
% order_subst1
thf(fact_130_order__subst1,axiom,
! [A5: nat,F: set_o > nat,B3: set_o,C: set_o] :
( ( ord_less_eq_nat @ A5 @ ( F @ B3 ) )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ! [X: set_o,Y4: set_o] :
( ( ord_less_eq_set_o @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ A5 @ ( F @ C ) ) ) ) ) ).
% order_subst1
thf(fact_131_order__subst1,axiom,
! [A5: nat,F: nat > nat,B3: nat,C: nat] :
( ( ord_less_eq_nat @ A5 @ ( F @ B3 ) )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ! [X: nat,Y4: nat] :
( ( ord_less_eq_nat @ X @ Y4 )
=> ( ord_less_eq_nat @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq_nat @ A5 @ ( F @ C ) ) ) ) ) ).
% order_subst1
thf(fact_132_Collect__mono__iff,axiom,
! [P2: $o > $o,Q2: $o > $o] :
( ( ord_less_eq_set_o @ ( collect_o @ P2 ) @ ( collect_o @ Q2 ) )
= ( ! [X3: $o] :
( ( P2 @ X3 )
=> ( Q2 @ X3 ) ) ) ) ).
% Collect_mono_iff
thf(fact_133_set__eq__subset,axiom,
( ( ^ [Y: set_o,Z: set_o] : Y = Z )
= ( ^ [A4: set_o,B2: set_o] :
( ( ord_less_eq_set_o @ A4 @ B2 )
& ( ord_less_eq_set_o @ B2 @ A4 ) ) ) ) ).
% set_eq_subset
thf(fact_134_subset__trans,axiom,
! [A: set_o,B: set_o,C3: set_o] :
( ( ord_less_eq_set_o @ A @ B )
=> ( ( ord_less_eq_set_o @ B @ C3 )
=> ( ord_less_eq_set_o @ A @ C3 ) ) ) ).
% subset_trans
thf(fact_135_Collect__mono,axiom,
! [P2: $o > $o,Q2: $o > $o] :
( ! [X: $o] :
( ( P2 @ X )
=> ( Q2 @ X ) )
=> ( ord_less_eq_set_o @ ( collect_o @ P2 ) @ ( collect_o @ Q2 ) ) ) ).
% Collect_mono
thf(fact_136_subset__refl,axiom,
! [A: set_o] : ( ord_less_eq_set_o @ A @ A ) ).
% subset_refl
thf(fact_137_subset__iff,axiom,
( ord_less_eq_set_p
= ( ^ [A4: set_p,B2: set_p] :
! [T: p] :
( ( member_p @ T @ A4 )
=> ( member_p @ T @ B2 ) ) ) ) ).
% subset_iff
thf(fact_138_subset__iff,axiom,
( ord_less_eq_set_o
= ( ^ [A4: set_o,B2: set_o] :
! [T: $o] :
( ( member_o @ T @ A4 )
=> ( member_o @ T @ B2 ) ) ) ) ).
% subset_iff
thf(fact_139_equalityD2,axiom,
! [A: set_o,B: set_o] :
( ( A = B )
=> ( ord_less_eq_set_o @ B @ A ) ) ).
% equalityD2
thf(fact_140_equalityD1,axiom,
! [A: set_o,B: set_o] :
( ( A = B )
=> ( ord_less_eq_set_o @ A @ B ) ) ).
% equalityD1
thf(fact_141_subset__eq,axiom,
( ord_less_eq_set_p
= ( ^ [A4: set_p,B2: set_p] :
! [X3: p] :
( ( member_p @ X3 @ A4 )
=> ( member_p @ X3 @ B2 ) ) ) ) ).
% subset_eq
thf(fact_142_subset__eq,axiom,
( ord_less_eq_set_o
= ( ^ [A4: set_o,B2: set_o] :
! [X3: $o] :
( ( member_o @ X3 @ A4 )
=> ( member_o @ X3 @ B2 ) ) ) ) ).
% subset_eq
thf(fact_143_equalityE,axiom,
! [A: set_o,B: set_o] :
( ( A = B )
=> ~ ( ( ord_less_eq_set_o @ A @ B )
=> ~ ( ord_less_eq_set_o @ B @ A ) ) ) ).
% equalityE
thf(fact_144_subsetD,axiom,
! [A: set_p,B: set_p,C: p] :
( ( ord_less_eq_set_p @ A @ B )
=> ( ( member_p @ C @ A )
=> ( member_p @ C @ B ) ) ) ).
% subsetD
thf(fact_145_subsetD,axiom,
! [A: set_o,B: set_o,C: $o] :
( ( ord_less_eq_set_o @ A @ B )
=> ( ( member_o @ C @ A )
=> ( member_o @ C @ B ) ) ) ).
% subsetD
thf(fact_146_in__mono,axiom,
! [A: set_p,B: set_p,X2: p] :
( ( ord_less_eq_set_p @ A @ B )
=> ( ( member_p @ X2 @ A )
=> ( member_p @ X2 @ B ) ) ) ).
% in_mono
thf(fact_147_in__mono,axiom,
! [A: set_o,B: set_o,X2: $o] :
( ( ord_less_eq_set_o @ A @ B )
=> ( ( member_o @ X2 @ A )
=> ( member_o @ X2 @ B ) ) ) ).
% in_mono
thf(fact_148_Collect__subset,axiom,
! [A: set_p,P2: p > $o] :
( ord_less_eq_set_p
@ ( collect_p
@ ^ [X3: p] :
( ( member_p @ X3 @ A )
& ( P2 @ X3 ) ) )
@ A ) ).
% Collect_subset
thf(fact_149_Collect__subset,axiom,
! [A: set_o,P2: $o > $o] :
( ord_less_eq_set_o
@ ( collect_o
@ ^ [X3: $o] :
( ( member_o @ X3 @ A )
& ( P2 @ X3 ) ) )
@ A ) ).
% Collect_subset
thf(fact_150_flpSystem_OInactiveProcessSilentDecisionValuesDecrease,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,P: p,Q: p,Trans: p > s > messageValue_v > s,C: config256849571t_unit,Msg: message_p_v,C2: config256849571t_unit,Start: p > s] :
( ( flpSystem_p_s_v @ Sends )
=> ( ( P != Q )
=> ( ( steps_p_s_v @ Trans @ Sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( initReachable_p_s_v @ Trans @ Sends @ Start @ C )
=> ( ord_less_eq_set_o
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ Q @ C2 ) )
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ Q @ C ) ) ) ) ) ) ) ) ).
% flpSystem.InactiveProcessSilentDecisionValuesDecrease
thf(fact_151_flpSystem_OActiveProcessSilentDecisionValuesIncrease,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,P: p,Q: p,Trans: p > s > messageValue_v > s,C: config256849571t_unit,Msg: message_p_v,C2: config256849571t_unit,Start: p > s] :
( ( flpSystem_p_s_v @ Sends )
=> ( ( P = Q )
=> ( ( steps_p_s_v @ Trans @ Sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( initReachable_p_s_v @ Trans @ Sends @ Start @ C )
=> ( ord_less_eq_set_o
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ Q @ C ) )
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ Q @ C2 ) ) ) ) ) ) ) ) ).
% flpSystem.ActiveProcessSilentDecisionValuesIncrease
thf(fact_152_NotStepReachable,axiom,
~ ( stepReachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ msg @ c ) ).
% NotStepReachable
thf(fact_153_cMsgLastReachable,axiom,
reachable_p_s_v @ trans @ sends @ cMsg @ ( last_c571238084t_unit @ execMsga ) ).
% cMsgLastReachable
thf(fact_154_NoReceivingNoChange,axiom,
! [Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,P: p] :
( ( steps_p_s_v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ~ ( isReceiverOf_p_v @ P @ M )
=> ( ( states1228886952t_unit @ Cfg1 @ P )
= ( states1228886952t_unit @ Cfg2 @ P ) ) ) ) ).
% NoReceivingNoChange
thf(fact_155_initReachable__def,axiom,
! [Cfg: config256849571t_unit] :
( ( initReachable_p_s_v @ trans @ sends @ start @ Cfg )
= ( ? [Cfg0: config256849571t_unit] :
( ( initial_p_s_v @ start @ Cfg0 )
& ( reachable_p_s_v @ trans @ sends @ Cfg0 @ Cfg ) ) ) ) ).
% initReachable_def
thf(fact_156_ReachableStepFirst,axiom,
! [Cfg: config256849571t_unit,Cfg4: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ Cfg @ Cfg4 )
=> ( ( Cfg = Cfg4 )
| ? [Cfg12: config256849571t_unit,Msg3: message_p_v,P3: p] :
( ( steps_p_s_v @ trans @ sends @ Cfg @ Msg3 @ Cfg12 )
& ( enabled_p_v_s @ Cfg @ Msg3 )
& ( isReceiverOf_p_v @ P3 @ Msg3 )
& ( reachable_p_s_v @ trans @ sends @ Cfg12 @ Cfg4 ) ) ) ) ).
% ReachableStepFirst
thf(fact_157_NotInQFrozenQReachability,axiom,
! [Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit,P: p] :
( ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member_p @ P @ Q2 )
=> ( ( states1228886952t_unit @ Cfg1 @ P )
= ( states1228886952t_unit @ Cfg2 @ P ) ) ) ) ).
% NotInQFrozenQReachability
thf(fact_158_C_H_I2_J,axiom,
( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ p2 @ c ) )
= ( insert_o @ $true @ ( insert_o @ $false @ bot_bot_set_o ) ) ) ).
% C'(2)
thf(fact_159_NoActivityNoMessageLoss,axiom,
! [Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit,P: p,M2: message_p_v] :
( ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member_p @ P @ Q2 )
=> ( ( isReceiverOf_p_v @ P @ M2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M2 ) @ ( msgs_p1029620568t_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% NoActivityNoMessageLoss
thf(fact_160_ReachableTrans,axiom,
! [Cfg1: config256849571t_unit,Cfg2: config256849571t_unit,Cfg32: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg2 )
=> ( ( reachable_p_s_v @ trans @ sends @ Cfg2 @ Cfg32 )
=> ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg32 ) ) ) ).
% ReachableTrans
thf(fact_161_init,axiom,
! [Cfg1: config256849571t_unit] : ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg1 ) ).
% init
thf(fact_162_empty__iff,axiom,
! [C: p] :
~ ( member_p @ C @ bot_bot_set_p ) ).
% empty_iff
thf(fact_163_empty__iff,axiom,
! [C: $o] :
~ ( member_o @ C @ bot_bot_set_o ) ).
% empty_iff
thf(fact_164_all__not__in__conv,axiom,
! [A: set_p] :
( ( ! [X3: p] :
~ ( member_p @ X3 @ A ) )
= ( A = bot_bot_set_p ) ) ).
% all_not_in_conv
thf(fact_165_all__not__in__conv,axiom,
! [A: set_o] :
( ( ! [X3: $o] :
~ ( member_o @ X3 @ A ) )
= ( A = bot_bot_set_o ) ) ).
% all_not_in_conv
thf(fact_166_Collect__empty__eq,axiom,
! [P2: $o > $o] :
( ( ( collect_o @ P2 )
= bot_bot_set_o )
= ( ! [X3: $o] :
~ ( P2 @ X3 ) ) ) ).
% Collect_empty_eq
thf(fact_167_empty__Collect__eq,axiom,
! [P2: $o > $o] :
( ( bot_bot_set_o
= ( collect_o @ P2 ) )
= ( ! [X3: $o] :
~ ( P2 @ X3 ) ) ) ).
% empty_Collect_eq
thf(fact_168_insertCI,axiom,
! [A5: $o,B: set_o,B3: $o] :
( ( ~ ( member_o @ A5 @ B )
=> ( A5 = B3 ) )
=> ( member_o @ A5 @ ( insert_o @ B3 @ B ) ) ) ).
% insertCI
thf(fact_169_insertCI,axiom,
! [A5: p,B: set_p,B3: p] :
( ( ~ ( member_p @ A5 @ B )
=> ( A5 = B3 ) )
=> ( member_p @ A5 @ ( insert_p @ B3 @ B ) ) ) ).
% insertCI
thf(fact_170_insert__iff,axiom,
! [A5: $o,B3: $o,A: set_o] :
( ( member_o @ A5 @ ( insert_o @ B3 @ A ) )
= ( ( A5 = B3 )
| ( member_o @ A5 @ A ) ) ) ).
% insert_iff
thf(fact_171_insert__iff,axiom,
! [A5: p,B3: p,A: set_p] :
( ( member_p @ A5 @ ( insert_p @ B3 @ A ) )
= ( ( A5 = B3 )
| ( member_p @ A5 @ A ) ) ) ).
% insert_iff
thf(fact_172_insert__absorb2,axiom,
! [X2: $o,A: set_o] :
( ( insert_o @ X2 @ ( insert_o @ X2 @ A ) )
= ( insert_o @ X2 @ A ) ) ).
% insert_absorb2
thf(fact_173_C_H_I1_J,axiom,
reachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ c ).
% C'(1)
thf(fact_174_reachable_Ocases,axiom,
! [A1: config256849571t_unit,A2: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ A1 @ A2 )
=> ( ( A2 != A1 )
=> ~ ! [Cfg23: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ A1 @ Cfg23 )
=> ! [Msg3: message_p_v] :
~ ( steps_p_s_v @ trans @ sends @ Cfg23 @ Msg3 @ A2 ) ) ) ) ).
% reachable.cases
thf(fact_175_reachable_Oinducts,axiom,
! [X1: config256849571t_unit,X22: config256849571t_unit,P2: config256849571t_unit > config256849571t_unit > $o] :
( ( reachable_p_s_v @ trans @ sends @ X1 @ X22 )
=> ( ! [Cfg12: config256849571t_unit] : ( P2 @ Cfg12 @ Cfg12 )
=> ( ! [Cfg12: config256849571t_unit,Cfg23: config256849571t_unit,Msg3: message_p_v,Cfg33: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ Cfg12 @ Cfg23 )
=> ( ( P2 @ Cfg12 @ Cfg23 )
=> ( ( steps_p_s_v @ trans @ sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( P2 @ Cfg12 @ Cfg33 ) ) ) )
=> ( P2 @ X1 @ X22 ) ) ) ) ).
% reachable.inducts
thf(fact_176_reachable_Osimps,axiom,
! [A1: config256849571t_unit,A2: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ A1 @ A2 )
= ( ? [Cfg13: config256849571t_unit] :
( ( A1 = Cfg13 )
& ( A2 = Cfg13 ) )
| ? [Cfg13: config256849571t_unit,Cfg22: config256849571t_unit,Msg2: message_p_v,Cfg34: config256849571t_unit] :
( ( A1 = Cfg13 )
& ( A2 = Cfg34 )
& ( reachable_p_s_v @ trans @ sends @ Cfg13 @ Cfg22 )
& ( steps_p_s_v @ trans @ sends @ Cfg22 @ Msg2 @ Cfg34 ) ) ) ) ).
% reachable.simps
thf(fact_177_reachable_Ostep,axiom,
! [Cfg1: config256849571t_unit,Cfg2: config256849571t_unit,Msg: message_p_v,Cfg32: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg2 )
=> ( ( steps_p_s_v @ trans @ sends @ Cfg2 @ Msg @ Cfg32 )
=> ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg32 ) ) ) ).
% reachable.step
thf(fact_178_QReachImplReach,axiom,
! [Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit] :
( ( qReachable_p_s_v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg2 ) ) ).
% QReachImplReach
thf(fact_179_isPrefixListExec,axiom,
prefix1615116500t_unit @ exec @ execMsga ).
% isPrefixListExec
thf(fact_180_OtherMessagesOnlyGrowing,axiom,
! [Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,M2: message_p_v] :
( ( steps_p_s_v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ( M != M2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M2 ) @ ( msgs_p1029620568t_unit @ Cfg2 @ M2 ) ) ) ) ).
% OtherMessagesOnlyGrowing
thf(fact_181_stepReachable__def,axiom,
! [C1: config256849571t_unit,Msg: message_p_v,C22: config256849571t_unit] :
( ( stepReachable_p_s_v @ trans @ sends @ C1 @ Msg @ C22 )
= ( ? [C4: config256849571t_unit,C5: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ C1 @ C4 )
& ( steps_p_s_v @ trans @ sends @ C4 @ Msg @ C5 )
& ( reachable_p_s_v @ trans @ sends @ C5 @ C22 ) ) ) ) ).
% stepReachable_def
thf(fact_182_StepReachable,axiom,
! [Cfg: config256849571t_unit,Cfg4: config256849571t_unit,Msg: message_p_v] :
( ( reachable_p_s_v @ trans @ sends @ Cfg @ Cfg4 )
=> ( ( enabled_p_v_s @ Cfg @ Msg )
=> ( ~ ( enabled_p_v_s @ Cfg4 @ Msg )
=> ( stepReachable_p_s_v @ trans @ sends @ Cfg @ Msg @ Cfg4 ) ) ) ) ).
% StepReachable
thf(fact_183_NoMessageLossStep,axiom,
! [Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,P: p,M2: message_p_v] :
( ( steps_p_s_v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ( isReceiverOf_p_v @ P @ M )
=> ( ~ ( isReceiverOf_p_v @ P @ M2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M2 ) @ ( msgs_p1029620568t_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% NoMessageLossStep
thf(fact_184_subset__empty,axiom,
! [A: set_o] :
( ( ord_less_eq_set_o @ A @ bot_bot_set_o )
= ( A = bot_bot_set_o ) ) ).
% subset_empty
thf(fact_185_empty__subsetI,axiom,
! [A: set_o] : ( ord_less_eq_set_o @ bot_bot_set_o @ A ) ).
% empty_subsetI
thf(fact_186_singletonI,axiom,
! [A5: p] : ( member_p @ A5 @ ( insert_p @ A5 @ bot_bot_set_p ) ) ).
% singletonI
thf(fact_187_singletonI,axiom,
! [A5: $o] : ( member_o @ A5 @ ( insert_o @ A5 @ bot_bot_set_o ) ) ).
% singletonI
thf(fact_188_insert__subset,axiom,
! [X2: p,A: set_p,B: set_p] :
( ( ord_less_eq_set_p @ ( insert_p @ X2 @ A ) @ B )
= ( ( member_p @ X2 @ B )
& ( ord_less_eq_set_p @ A @ B ) ) ) ).
% insert_subset
thf(fact_189_insert__subset,axiom,
! [X2: $o,A: set_o,B: set_o] :
( ( ord_less_eq_set_o @ ( insert_o @ X2 @ A ) @ B )
= ( ( member_o @ X2 @ B )
& ( ord_less_eq_set_o @ A @ B ) ) ) ).
% insert_subset
thf(fact_190_ExecMsg_I2_J,axiom,
prefix47729710ge_p_v @ trace2 @ traceMsga ).
% ExecMsg(2)
thf(fact_191_lastExecExec_HReachable,axiom,
reachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ ( last_c571238084t_unit @ exec2 ) ).
% lastExecExec'Reachable
thf(fact_192_singleton__conv,axiom,
! [A5: $o] :
( ( collect_o
@ ^ [X3: $o] : X3 = A5 )
= ( insert_o @ A5 @ bot_bot_set_o ) ) ).
% singleton_conv
thf(fact_193_singleton__conv2,axiom,
! [A5: $o] :
( ( collect_o
@ ( ^ [Y: $o,Z: $o] : Y = Z
@ A5 ) )
= ( insert_o @ A5 @ bot_bot_set_o ) ) ).
% singleton_conv2
thf(fact_194_ExecIsExecution,axiom,
execution_p_s_v @ trans @ sends @ start @ exec @ trace ).
% ExecIsExecution
thf(fact_195_vUniform__def,axiom,
! [V2: $o,C: config256849571t_unit] :
( ( vUniform_p_s_v @ trans @ sends @ start @ V2 @ C )
= ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
& ! [P4: p] :
( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ P4 @ C ) )
= ( insert_o @ V2 @ bot_bot_set_o ) ) ) ) ).
% vUniform_def
thf(fact_196_singleton__insert__inj__eq_H,axiom,
! [A5: $o,A: set_o,B3: $o] :
( ( ( insert_o @ A5 @ A )
= ( insert_o @ B3 @ bot_bot_set_o ) )
= ( ( A5 = B3 )
& ( ord_less_eq_set_o @ A @ ( insert_o @ B3 @ bot_bot_set_o ) ) ) ) ).
% singleton_insert_inj_eq'
thf(fact_197_singleton__insert__inj__eq,axiom,
! [B3: $o,A5: $o,A: set_o] :
( ( ( insert_o @ B3 @ bot_bot_set_o )
= ( insert_o @ A5 @ A ) )
= ( ( A5 = B3 )
& ( ord_less_eq_set_o @ A @ ( insert_o @ B3 @ bot_bot_set_o ) ) ) ) ).
% singleton_insert_inj_eq
thf(fact_198_ExecMsg_I4_J,axiom,
( ( last_message_p_v @ traceMsga )
= msg ) ).
% ExecMsg(4)
thf(fact_199_isStepReachable,axiom,
stepReachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ msg @ ( last_c571238084t_unit @ execMsga ) ).
% isStepReachable
thf(fact_200_SilentDecisionValueNotInverting,axiom,
! [Q: p,C: config256849571t_unit,V2: $o,Msg: message_p_v,C2: config256849571t_unit,P: p] :
( ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ Q @ C ) )
= ( insert_o @ V2 @ bot_bot_set_o ) )
=> ( ( steps_p_s_v @ trans @ sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
=> ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ Q @ C2 ) )
!= ( insert_o @ ~ V2 @ bot_bot_set_o ) ) ) ) ) ) ).
% SilentDecisionValueNotInverting
thf(fact_201__092_060open_062_092_060And_062p_O_A_092_060exists_062c_H_O_Areachable_A_Ilast_Aexec_J_Ac_H_A_092_060and_062_Aval_091p_Mc_H_093_A_061_A_123True_M_AFalse_125_092_060close_062,axiom,
! [P: p] :
? [C6: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ C6 )
& ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ P @ C6 ) )
= ( insert_o @ $true @ ( insert_o @ $false @ bot_bot_set_o ) ) ) ) ).
% \<open>\<And>p. \<exists>c'. reachable (last exec) c' \<and> val[p,c'] = {True, False}\<close>
thf(fact_202__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062c_H_O_A_092_060lbrakk_062reachable_A_Ilast_Aexec_J_Ac_H_059_Aval_091p_Mc_H_093_A_061_A_123True_M_AFalse_125_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [C6: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ C6 )
=> ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ p2 @ C6 ) )
!= ( insert_o @ $true @ ( insert_o @ $false @ bot_bot_set_o ) ) ) ) ).
% \<open>\<And>thesis. (\<And>c'. \<lbrakk>reachable (last exec) c'; val[p,c'] = {True, False}\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_203_Agree,axiom,
! [Cfg: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ exec ) @ Cfg )
=> ( agreement_p_v_s @ Cfg ) ) ).
% Agree
thf(fact_204_emptyE,axiom,
! [A5: p] :
~ ( member_p @ A5 @ bot_bot_set_p ) ).
% emptyE
thf(fact_205_emptyE,axiom,
! [A5: $o] :
~ ( member_o @ A5 @ bot_bot_set_o ) ).
% emptyE
thf(fact_206_insertE,axiom,
! [A5: $o,B3: $o,A: set_o] :
( ( member_o @ A5 @ ( insert_o @ B3 @ A ) )
=> ( ( A5 = ~ B3 )
=> ( member_o @ A5 @ A ) ) ) ).
% insertE
thf(fact_207_insertE,axiom,
! [A5: p,B3: p,A: set_p] :
( ( member_p @ A5 @ ( insert_p @ B3 @ A ) )
=> ( ( A5 != B3 )
=> ( member_p @ A5 @ A ) ) ) ).
% insertE
thf(fact_208_equals0D,axiom,
! [A: set_p,A5: p] :
( ( A = bot_bot_set_p )
=> ~ ( member_p @ A5 @ A ) ) ).
% equals0D
thf(fact_209_equals0D,axiom,
! [A: set_o,A5: $o] :
( ( A = bot_bot_set_o )
=> ~ ( member_o @ A5 @ A ) ) ).
% equals0D
thf(fact_210_equals0I,axiom,
! [A: set_p] :
( ! [Y4: p] :
~ ( member_p @ Y4 @ A )
=> ( A = bot_bot_set_p ) ) ).
% equals0I
thf(fact_211_equals0I,axiom,
! [A: set_o] :
( ! [Y4: $o] :
~ ( member_o @ Y4 @ A )
=> ( A = bot_bot_set_o ) ) ).
% equals0I
thf(fact_212_insertI1,axiom,
! [A5: $o,B: set_o] : ( member_o @ A5 @ ( insert_o @ A5 @ B ) ) ).
% insertI1
thf(fact_213_insertI1,axiom,
! [A5: p,B: set_p] : ( member_p @ A5 @ ( insert_p @ A5 @ B ) ) ).
% insertI1
thf(fact_214_insertI2,axiom,
! [A5: $o,B: set_o,B3: $o] :
( ( member_o @ A5 @ B )
=> ( member_o @ A5 @ ( insert_o @ B3 @ B ) ) ) ).
% insertI2
thf(fact_215_insertI2,axiom,
! [A5: p,B: set_p,B3: p] :
( ( member_p @ A5 @ B )
=> ( member_p @ A5 @ ( insert_p @ B3 @ B ) ) ) ).
% insertI2
thf(fact_216_ex__in__conv,axiom,
! [A: set_p] :
( ( ? [X3: p] : ( member_p @ X3 @ A ) )
= ( A != bot_bot_set_p ) ) ).
% ex_in_conv
thf(fact_217_ex__in__conv,axiom,
! [A: set_o] :
( ( ? [X3: $o] : ( member_o @ X3 @ A ) )
= ( A != bot_bot_set_o ) ) ).
% ex_in_conv
thf(fact_218_Set_Oset__insert,axiom,
! [X2: $o,A: set_o] :
( ( member_o @ X2 @ A )
=> ~ ! [B6: set_o] :
( ( A
= ( insert_o @ X2 @ B6 ) )
=> ( member_o @ X2 @ B6 ) ) ) ).
% Set.set_insert
thf(fact_219_Set_Oset__insert,axiom,
! [X2: p,A: set_p] :
( ( member_p @ X2 @ A )
=> ~ ! [B6: set_p] :
( ( A
= ( insert_p @ X2 @ B6 ) )
=> ( member_p @ X2 @ B6 ) ) ) ).
% Set.set_insert
thf(fact_220_singletonD,axiom,
! [B3: p,A5: p] :
( ( member_p @ B3 @ ( insert_p @ A5 @ bot_bot_set_p ) )
=> ( B3 = A5 ) ) ).
% singletonD
thf(fact_221_singletonD,axiom,
! [B3: $o,A5: $o] :
( ( member_o @ B3 @ ( insert_o @ A5 @ bot_bot_set_o ) )
=> ( B3 = A5 ) ) ).
% singletonD
thf(fact_222_insert__ident,axiom,
! [X2: $o,A: set_o,B: set_o] :
( ~ ( member_o @ X2 @ A )
=> ( ~ ( member_o @ X2 @ B )
=> ( ( ( insert_o @ X2 @ A )
= ( insert_o @ X2 @ B ) )
= ( A = B ) ) ) ) ).
% insert_ident
thf(fact_223_insert__ident,axiom,
! [X2: p,A: set_p,B: set_p] :
( ~ ( member_p @ X2 @ A )
=> ( ~ ( member_p @ X2 @ B )
=> ( ( ( insert_p @ X2 @ A )
= ( insert_p @ X2 @ B ) )
= ( A = B ) ) ) ) ).
% insert_ident
thf(fact_224_insert__absorb,axiom,
! [A5: $o,A: set_o] :
( ( member_o @ A5 @ A )
=> ( ( insert_o @ A5 @ A )
= A ) ) ).
% insert_absorb
thf(fact_225_insert__absorb,axiom,
! [A5: p,A: set_p] :
( ( member_p @ A5 @ A )
=> ( ( insert_p @ A5 @ A )
= A ) ) ).
% insert_absorb
thf(fact_226_insert__eq__iff,axiom,
! [A5: $o,A: set_o,B3: $o,B: set_o] :
( ~ ( member_o @ A5 @ A )
=> ( ~ ( member_o @ B3 @ B )
=> ( ( ( insert_o @ A5 @ A )
= ( insert_o @ B3 @ B ) )
= ( ( ( A5 = B3 )
=> ( A = B ) )
& ( ( A5 = ~ B3 )
=> ? [C7: set_o] :
( ( A
= ( insert_o @ B3 @ C7 ) )
& ~ ( member_o @ B3 @ C7 )
& ( B
= ( insert_o @ A5 @ C7 ) )
& ~ ( member_o @ A5 @ C7 ) ) ) ) ) ) ) ).
% insert_eq_iff
thf(fact_227_insert__eq__iff,axiom,
! [A5: p,A: set_p,B3: p,B: set_p] :
( ~ ( member_p @ A5 @ A )
=> ( ~ ( member_p @ B3 @ B )
=> ( ( ( insert_p @ A5 @ A )
= ( insert_p @ B3 @ B ) )
= ( ( ( A5 = B3 )
=> ( A = B ) )
& ( ( A5 != B3 )
=> ? [C7: set_p] :
( ( A
= ( insert_p @ B3 @ C7 ) )
& ~ ( member_p @ B3 @ C7 )
& ( B
= ( insert_p @ A5 @ C7 ) )
& ~ ( member_p @ A5 @ C7 ) ) ) ) ) ) ) ).
% insert_eq_iff
thf(fact_228_singleton__iff,axiom,
! [B3: p,A5: p] :
( ( member_p @ B3 @ ( insert_p @ A5 @ bot_bot_set_p ) )
= ( B3 = A5 ) ) ).
% singleton_iff
thf(fact_229_singleton__iff,axiom,
! [B3: $o,A5: $o] :
( ( member_o @ B3 @ ( insert_o @ A5 @ bot_bot_set_o ) )
= ( B3 = A5 ) ) ).
% singleton_iff
thf(fact_230_insert__commute,axiom,
! [X2: $o,Y2: $o,A: set_o] :
( ( insert_o @ X2 @ ( insert_o @ Y2 @ A ) )
= ( insert_o @ Y2 @ ( insert_o @ X2 @ A ) ) ) ).
% insert_commute
thf(fact_231_Collect__conv__if,axiom,
! [P2: $o > $o,A5: $o] :
( ( ( P2 @ A5 )
=> ( ( collect_o
@ ^ [X3: $o] :
( ( X3 = A5 )
& ( P2 @ X3 ) ) )
= ( insert_o @ A5 @ bot_bot_set_o ) ) )
& ( ~ ( P2 @ A5 )
=> ( ( collect_o
@ ^ [X3: $o] :
( ( X3 = A5 )
& ( P2 @ X3 ) ) )
= bot_bot_set_o ) ) ) ).
% Collect_conv_if
thf(fact_232_Collect__conv__if2,axiom,
! [P2: $o > $o,A5: $o] :
( ( ( P2 @ A5 )
=> ( ( collect_o
@ ^ [X3: $o] :
( ( A5 = X3 )
& ( P2 @ X3 ) ) )
= ( insert_o @ A5 @ bot_bot_set_o ) ) )
& ( ~ ( P2 @ A5 )
=> ( ( collect_o
@ ^ [X3: $o] :
( ( A5 = X3 )
& ( P2 @ X3 ) ) )
= bot_bot_set_o ) ) ) ).
% Collect_conv_if2
thf(fact_233_doubleton__eq__iff,axiom,
! [A5: $o,B3: $o,C: $o,D: $o] :
( ( ( insert_o @ A5 @ ( insert_o @ B3 @ bot_bot_set_o ) )
= ( insert_o @ C @ ( insert_o @ D @ bot_bot_set_o ) ) )
= ( ( ( A5 = C )
& ( B3 = D ) )
| ( ( A5 = D )
& ( B3 = C ) ) ) ) ).
% doubleton_eq_iff
thf(fact_234_insert__not__empty,axiom,
! [A5: $o,A: set_o] :
( ( insert_o @ A5 @ A )
!= bot_bot_set_o ) ).
% insert_not_empty
thf(fact_235_singleton__inject,axiom,
! [A5: $o,B3: $o] :
( ( ( insert_o @ A5 @ bot_bot_set_o )
= ( insert_o @ B3 @ bot_bot_set_o ) )
=> ( A5 = B3 ) ) ).
% singleton_inject
thf(fact_236_subset__singletonD,axiom,
! [A: set_o,X2: $o] :
( ( ord_less_eq_set_o @ A @ ( insert_o @ X2 @ bot_bot_set_o ) )
=> ( ( A = bot_bot_set_o )
| ( A
= ( insert_o @ X2 @ bot_bot_set_o ) ) ) ) ).
% subset_singletonD
thf(fact_237_mk__disjoint__insert,axiom,
! [A5: $o,A: set_o] :
( ( member_o @ A5 @ A )
=> ? [B6: set_o] :
( ( A
= ( insert_o @ A5 @ B6 ) )
& ~ ( member_o @ A5 @ B6 ) ) ) ).
% mk_disjoint_insert
thf(fact_238_mk__disjoint__insert,axiom,
! [A5: p,A: set_p] :
( ( member_p @ A5 @ A )
=> ? [B6: set_p] :
( ( A
= ( insert_p @ A5 @ B6 ) )
& ~ ( member_p @ A5 @ B6 ) ) ) ).
% mk_disjoint_insert
thf(fact_239_subset__singleton__iff,axiom,
! [X5: set_o,A5: $o] :
( ( ord_less_eq_set_o @ X5 @ ( insert_o @ A5 @ bot_bot_set_o ) )
= ( ( X5 = bot_bot_set_o )
| ( X5
= ( insert_o @ A5 @ bot_bot_set_o ) ) ) ) ).
% subset_singleton_iff
thf(fact_240_insert__Collect,axiom,
! [A5: $o,P2: $o > $o] :
( ( insert_o @ A5 @ ( collect_o @ P2 ) )
= ( collect_o
@ ^ [U: $o] :
( ( U != A5 )
=> ( P2 @ U ) ) ) ) ).
% insert_Collect
thf(fact_241_insert__compr,axiom,
( insert_p
= ( ^ [A6: p,B2: set_p] :
( collect_p
@ ^ [X3: p] :
( ( X3 = A6 )
| ( member_p @ X3 @ B2 ) ) ) ) ) ).
% insert_compr
thf(fact_242_insert__compr,axiom,
( insert_o
= ( ^ [A6: $o,B2: set_o] :
( collect_o
@ ^ [X3: $o] :
( ( X3 = A6 )
| ( member_o @ X3 @ B2 ) ) ) ) ) ).
% insert_compr
thf(fact_243_empty__def,axiom,
( bot_bot_set_o
= ( collect_o
@ ^ [X3: $o] : $false ) ) ).
% empty_def
thf(fact_244_bot_Oextremum,axiom,
! [A5: set_o] : ( ord_less_eq_set_o @ bot_bot_set_o @ A5 ) ).
% bot.extremum
thf(fact_245_bot_Oextremum,axiom,
! [A5: nat] : ( ord_less_eq_nat @ bot_bot_nat @ A5 ) ).
% bot.extremum
thf(fact_246_bot_Oextremum__unique,axiom,
! [A5: set_o] :
( ( ord_less_eq_set_o @ A5 @ bot_bot_set_o )
= ( A5 = bot_bot_set_o ) ) ).
% bot.extremum_unique
thf(fact_247_bot_Oextremum__unique,axiom,
! [A5: nat] :
( ( ord_less_eq_nat @ A5 @ bot_bot_nat )
= ( A5 = bot_bot_nat ) ) ).
% bot.extremum_unique
thf(fact_248_bot_Oextremum__uniqueI,axiom,
! [A5: set_o] :
( ( ord_less_eq_set_o @ A5 @ bot_bot_set_o )
=> ( A5 = bot_bot_set_o ) ) ).
% bot.extremum_uniqueI
thf(fact_249_bot_Oextremum__uniqueI,axiom,
! [A5: nat] :
( ( ord_less_eq_nat @ A5 @ bot_bot_nat )
=> ( A5 = bot_bot_nat ) ) ).
% bot.extremum_uniqueI
thf(fact_250_insert__mono,axiom,
! [C3: set_o,D2: set_o,A5: $o] :
( ( ord_less_eq_set_o @ C3 @ D2 )
=> ( ord_less_eq_set_o @ ( insert_o @ A5 @ C3 ) @ ( insert_o @ A5 @ D2 ) ) ) ).
% insert_mono
thf(fact_251_subset__insert,axiom,
! [X2: p,A: set_p,B: set_p] :
( ~ ( member_p @ X2 @ A )
=> ( ( ord_less_eq_set_p @ A @ ( insert_p @ X2 @ B ) )
= ( ord_less_eq_set_p @ A @ B ) ) ) ).
% subset_insert
thf(fact_252_subset__insert,axiom,
! [X2: $o,A: set_o,B: set_o] :
( ~ ( member_o @ X2 @ A )
=> ( ( ord_less_eq_set_o @ A @ ( insert_o @ X2 @ B ) )
= ( ord_less_eq_set_o @ A @ B ) ) ) ).
% subset_insert
thf(fact_253_subset__insertI,axiom,
! [B: set_o,A5: $o] : ( ord_less_eq_set_o @ B @ ( insert_o @ A5 @ B ) ) ).
% subset_insertI
thf(fact_254_subset__insertI2,axiom,
! [A: set_o,B: set_o,B3: $o] :
( ( ord_less_eq_set_o @ A @ B )
=> ( ord_less_eq_set_o @ A @ ( insert_o @ B3 @ B ) ) ) ).
% subset_insertI2
thf(fact_255_flpSystem_OvUniform__def,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,Trans: p > s > messageValue_v > s,Start: p > s,V2: $o,C: config256849571t_unit] :
( ( flpSystem_p_s_v @ Sends )
=> ( ( vUniform_p_s_v @ Trans @ Sends @ Start @ V2 @ C )
= ( ( initReachable_p_s_v @ Trans @ Sends @ Start @ C )
& ! [P4: p] :
( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ P4 @ C ) )
= ( insert_o @ V2 @ bot_bot_set_o ) ) ) ) ) ).
% flpSystem.vUniform_def
thf(fact_256_flpSystem_OSilentDecisionValueNotInverting,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,Trans: p > s > messageValue_v > s,Start: p > s,Q: p,C: config256849571t_unit,V2: $o,Msg: message_p_v,C2: config256849571t_unit,P: p] :
( ( flpSystem_p_s_v @ Sends )
=> ( ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ Q @ C ) )
= ( insert_o @ V2 @ bot_bot_set_o ) )
=> ( ( steps_p_s_v @ Trans @ Sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( initReachable_p_s_v @ Trans @ Sends @ Start @ C )
=> ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ Q @ C2 ) )
!= ( insert_o @ ~ V2 @ bot_bot_set_o ) ) ) ) ) ) ) ).
% flpSystem.SilentDecisionValueNotInverting
thf(fact_257_flpSystem_OpSilDecVal_Ocong,axiom,
pSilDecVal_p_s_v = pSilDecVal_p_s_v ).
% flpSystem.pSilDecVal.cong
thf(fact_258_flpSystem_OvUniform_Ocong,axiom,
vUniform_p_s_v = vUniform_p_s_v ).
% flpSystem.vUniform.cong
thf(fact_259_flpSystem_OagreementInit_Ocong,axiom,
agreementInit_p_s_v = agreementInit_p_s_v ).
% flpSystem.agreementInit.cong
thf(fact_260_expandExecutionReachable,axiom,
! [CfgLast: config256849571t_unit,Cfg: config256849571t_unit,Exec: list_c1059388851t_unit,Trace: list_message_p_v] :
( ( reachable_p_s_v @ trans @ sends @ CfgLast @ Cfg )
=> ( ( execution_p_s_v @ trans @ sends @ start @ Exec @ Trace )
=> ( ( CfgLast
= ( last_c571238084t_unit @ Exec ) )
=> ? [Exec2: list_c1059388851t_unit,Trace2: list_message_p_v] :
( ( execution_p_s_v @ trans @ sends @ start @ Exec2 @ Trace2 )
& ( ( ( prefix1615116500t_unit @ Exec @ Exec2 )
& ( prefix47729710ge_p_v @ Trace @ Trace2 ) )
| ( ( Exec = Exec2 )
& ( Trace = Trace2 ) ) )
& ( ( last_c571238084t_unit @ Exec2 )
= Cfg ) ) ) ) ) ).
% expandExecutionReachable
thf(fact_261_NewExec_I2_J,axiom,
( ( ( prefix1615116500t_unit @ exec @ exec2 )
& ( prefix47729710ge_p_v @ trace @ trace2 ) )
| ( ( exec = exec2 )
& ( trace = trace2 ) ) ) ).
% NewExec(2)
thf(fact_262_NoOutMessageLoss,axiom,
! [Cfg1: config256849571t_unit,Cfg2: config256849571t_unit,V2: $o] :
( ( reachable_p_s_v @ trans @ sends @ Cfg1 @ Cfg2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ ( outMsg_p_v @ V2 ) ) @ ( msgs_p1029620568t_unit @ Cfg2 @ ( outMsg_p_v @ V2 ) ) ) ) ).
% NoOutMessageLoss
thf(fact_263_asynchronousSystem_OReachableStepFirst,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg: config256849571t_unit,Cfg4: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ Cfg @ Cfg4 )
=> ( ( Cfg = Cfg4 )
| ? [Cfg12: config256849571t_unit,Msg3: message_p_v,P3: p] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg @ Msg3 @ Cfg12 )
& ( enabled_p_v_s @ Cfg @ Msg3 )
& ( isReceiverOf_p_v @ P3 @ Msg3 )
& ( reachable_p_s_v @ Trans @ Sends @ Cfg12 @ Cfg4 ) ) ) ) ).
% asynchronousSystem.ReachableStepFirst
thf(fact_264_asynchronousSystem_ONoActivityNoMessageLoss,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit,P: p,M2: message_p_v] :
( ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member_p @ P @ Q2 )
=> ( ( isReceiverOf_p_v @ P @ M2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M2 ) @ ( msgs_p1029620568t_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% asynchronousSystem.NoActivityNoMessageLoss
thf(fact_265_asynchronousSystem_ONoMessageLossStep,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,P: p,M2: message_p_v] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ( isReceiverOf_p_v @ P @ M )
=> ( ~ ( isReceiverOf_p_v @ P @ M2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M2 ) @ ( msgs_p1029620568t_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% asynchronousSystem.NoMessageLossStep
thf(fact_266_message_Oinject_I2_J,axiom,
! [X22: $o,Y22: $o] :
( ( ( outMsg_p_v @ X22 )
= ( outMsg_p_v @ Y22 ) )
= ( X22 = Y22 ) ) ).
% message.inject(2)
thf(fact_267_StepOutMsg,axiom,
! [Cfg1: config256849571t_unit,V2: $o,Cfg2: config256849571t_unit] :
~ ( steps_p_s_v @ trans @ sends @ Cfg1 @ ( outMsg_p_v @ V2 ) @ Cfg2 ) ).
% StepOutMsg
thf(fact_268_isPrefixListTrace,axiom,
prefix47729710ge_p_v @ trace @ traceMsga ).
% isPrefixListTrace
thf(fact_269_expandExecutionStep,axiom,
! [Exec3: list_c1059388851t_unit,Msg: message_p_v,CMsg2: config256849571t_unit,Trace3: list_message_p_v] :
( ( steps_p_s_v @ trans @ sends @ ( last_c571238084t_unit @ Exec3 ) @ Msg @ CMsg2 )
=> ( ( execution_p_s_v @ trans @ sends @ start @ Exec3 @ Trace3 )
=> ? [Exec4: list_c1059388851t_unit,Trace4: list_message_p_v] :
( ( execution_p_s_v @ trans @ sends @ start @ Exec4 @ Trace4 )
& ( prefix1615116500t_unit @ Exec3 @ Exec4 )
& ( prefix47729710ge_p_v @ Trace3 @ Trace4 )
& ( ( last_c571238084t_unit @ Exec4 )
= CMsg2 )
& ( ( last_message_p_v @ Trace4 )
= Msg ) ) ) ) ).
% expandExecutionStep
thf(fact_270__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062exec_H_Atrace_H_O_A_092_060lbrakk_062execution_Atrans_Asends_Astart_Aexec_H_Atrace_H_059_AprefixList_Aexec_Aexec_H_A_092_060and_062_AprefixList_Atrace_Atrace_H_A_092_060or_062_Aexec_A_061_Aexec_H_A_092_060and_062_Atrace_A_061_Atrace_H_059_Alast_Aexec_H_A_061_Ac_H_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [Exec2: list_c1059388851t_unit,Trace2: list_message_p_v] :
( ( execution_p_s_v @ trans @ sends @ start @ Exec2 @ Trace2 )
=> ( ( ( ( prefix1615116500t_unit @ exec @ Exec2 )
& ( prefix47729710ge_p_v @ trace @ Trace2 ) )
| ( ( exec = Exec2 )
& ( trace = Trace2 ) ) )
=> ( ( last_c571238084t_unit @ Exec2 )
!= c ) ) ) ).
% \<open>\<And>thesis. (\<And>exec' trace'. \<lbrakk>execution trans sends start exec' trace'; prefixList exec exec' \<and> prefixList trace trace' \<or> exec = exec' \<and> trace = trace'; last exec' = c'\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_271__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062execMsg_AtraceMsg_O_A_092_060lbrakk_062execution_Atrans_Asends_Astart_AexecMsg_AtraceMsg_059_AprefixList_Aexec_H_AexecMsg_059_AprefixList_Atrace_H_AtraceMsg_059_Alast_AexecMsg_A_061_AcMsg_059_Alast_AtraceMsg_A_061_Amsg_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [ExecMsg: list_c1059388851t_unit,TraceMsg: list_message_p_v] :
( ( execution_p_s_v @ trans @ sends @ start @ ExecMsg @ TraceMsg )
=> ( ( prefix1615116500t_unit @ exec2 @ ExecMsg )
=> ( ( prefix47729710ge_p_v @ trace2 @ TraceMsg )
=> ( ( ( last_c571238084t_unit @ ExecMsg )
= cMsg )
=> ( ( last_message_p_v @ TraceMsg )
!= msg ) ) ) ) ) ).
% \<open>\<And>thesis. (\<And>execMsg traceMsg. \<lbrakk>execution trans sends start execMsg traceMsg; prefixList exec' execMsg; prefixList trace' traceMsg; last execMsg = cMsg; last traceMsg = msg\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_272_bot__set__def,axiom,
( bot_bot_set_o
= ( collect_o @ bot_bot_o_o ) ) ).
% bot_set_def
thf(fact_273_asynchronousSystem_OStepOutMsg,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,V2: $o,Cfg2: config256849571t_unit] :
~ ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ ( outMsg_p_v @ V2 ) @ Cfg2 ) ).
% asynchronousSystem.StepOutMsg
thf(fact_274_isReceiverOf_Osimps_I3_J,axiom,
! [P1: p,V2: $o] :
~ ( isReceiverOf_p_v @ P1 @ ( outMsg_p_v @ V2 ) ) ).
% isReceiverOf.simps(3)
thf(fact_275_asynchronousSystem_ONoOutMessageLoss,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Cfg2: config256849571t_unit,V2: $o] :
( ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ ( outMsg_p_v @ V2 ) ) @ ( msgs_p1029620568t_unit @ Cfg2 @ ( outMsg_p_v @ V2 ) ) ) ) ).
% asynchronousSystem.NoOutMessageLoss
thf(fact_276_asynchronousSystem_Osteps_Ocong,axiom,
steps_p_s_v = steps_p_s_v ).
% asynchronousSystem.steps.cong
thf(fact_277_asynchronousSystem_OReachableTrans,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Cfg2: config256849571t_unit,Cfg32: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg2 )
=> ( ( reachable_p_s_v @ Trans @ Sends @ Cfg2 @ Cfg32 )
=> ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg32 ) ) ) ).
% asynchronousSystem.ReachableTrans
thf(fact_278_asynchronousSystem_Oreachable_Ocong,axiom,
reachable_p_s_v = reachable_p_s_v ).
% asynchronousSystem.reachable.cong
thf(fact_279_asynchronousSystem_Oinit,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit] : ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg1 ) ).
% asynchronousSystem.init
thf(fact_280_UniqueReceiverOf,axiom,
! [Q: p,Msg: message_p_v,P: p] :
( ( isReceiverOf_p_v @ Q @ Msg )
=> ( ( P != Q )
=> ~ ( isReceiverOf_p_v @ P @ Msg ) ) ) ).
% UniqueReceiverOf
thf(fact_281_asynchronousSystem_OQReachableTrans,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg2: config256849571t_unit,Q2: set_p,Cfg32: config256849571t_unit,Cfg1: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans @ Sends @ Cfg2 @ Q2 @ Cfg32 )
=> ( ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ).
% asynchronousSystem.QReachableTrans
thf(fact_282_asynchronousSystem_OqReachable_Ocong,axiom,
qReachable_p_s_v = qReachable_p_s_v ).
% asynchronousSystem.qReachable.cong
thf(fact_283_asynchronousSystem_OInitQ,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Q2: set_p] : ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg1 ) ).
% asynchronousSystem.InitQ
thf(fact_284_asynchronousSystem_OinitReachable_Ocong,axiom,
initReachable_p_s_v = initReachable_p_s_v ).
% asynchronousSystem.initReachable.cong
thf(fact_285_asynchronousSystem_Oinitial_Ocong,axiom,
initial_p_s_v = initial_p_s_v ).
% asynchronousSystem.initial.cong
thf(fact_286_asynchronousSystem_OstepReachable_Ocong,axiom,
stepReachable_p_s_v = stepReachable_p_s_v ).
% asynchronousSystem.stepReachable.cong
thf(fact_287_asynchronousSystem_Ostep,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Cfg2: config256849571t_unit,Msg: message_p_v,Cfg32: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg2 )
=> ( ( steps_p_s_v @ Trans @ Sends @ Cfg2 @ Msg @ Cfg32 )
=> ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg32 ) ) ) ).
% asynchronousSystem.step
thf(fact_288_asynchronousSystem_Oreachable_Ocases,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,A1: config256849571t_unit,A2: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ A1 @ A2 )
=> ( ( A2 != A1 )
=> ~ ! [Cfg23: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ A1 @ Cfg23 )
=> ! [Msg3: message_p_v] :
~ ( steps_p_s_v @ Trans @ Sends @ Cfg23 @ Msg3 @ A2 ) ) ) ) ).
% asynchronousSystem.reachable.cases
thf(fact_289_asynchronousSystem_Oreachable_Osimps,axiom,
( reachable_p_s_v
= ( ^ [Trans2: p > s > messageValue_v > s,Sends2: p > s > messageValue_v > message_p_v > nat,A12: config256849571t_unit,A22: config256849571t_unit] :
( ? [Cfg13: config256849571t_unit] :
( ( A12 = Cfg13 )
& ( A22 = Cfg13 ) )
| ? [Cfg13: config256849571t_unit,Cfg22: config256849571t_unit,Msg2: message_p_v,Cfg34: config256849571t_unit] :
( ( A12 = Cfg13 )
& ( A22 = Cfg34 )
& ( reachable_p_s_v @ Trans2 @ Sends2 @ Cfg13 @ Cfg22 )
& ( steps_p_s_v @ Trans2 @ Sends2 @ Cfg22 @ Msg2 @ Cfg34 ) ) ) ) ) ).
% asynchronousSystem.reachable.simps
thf(fact_290_asynchronousSystem_Oreachable_Oinducts,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,X1: config256849571t_unit,X22: config256849571t_unit,P2: config256849571t_unit > config256849571t_unit > $o] :
( ( reachable_p_s_v @ Trans @ Sends @ X1 @ X22 )
=> ( ! [Cfg12: config256849571t_unit] : ( P2 @ Cfg12 @ Cfg12 )
=> ( ! [Cfg12: config256849571t_unit,Cfg23: config256849571t_unit,Msg3: message_p_v,Cfg33: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ Cfg12 @ Cfg23 )
=> ( ( P2 @ Cfg12 @ Cfg23 )
=> ( ( steps_p_s_v @ Trans @ Sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( P2 @ Cfg12 @ Cfg33 ) ) ) )
=> ( P2 @ X1 @ X22 ) ) ) ) ).
% asynchronousSystem.reachable.inducts
thf(fact_291_asynchronousSystem_ODiamondOne,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg: config256849571t_unit,M: message_p_v,Cfg1: config256849571t_unit,P: p,Q: p,M2: message_p_v,Cfg2: config256849571t_unit] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg @ M @ Cfg1 )
=> ( ( P != Q )
=> ( ( isReceiverOf_p_v @ P @ M )
=> ( ~ ( isReceiverOf_p_v @ P @ M2 )
=> ( ( isReceiverOf_p_v @ Q @ M2 )
=> ( ~ ( isReceiverOf_p_v @ Q @ M )
=> ( ( steps_p_s_v @ Trans @ Sends @ Cfg @ M2 @ Cfg2 )
=> ? [Cfg3: config256849571t_unit] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ M2 @ Cfg3 )
& ( steps_p_s_v @ Trans @ Sends @ Cfg2 @ M @ Cfg3 ) ) ) ) ) ) ) ) ) ).
% asynchronousSystem.DiamondOne
thf(fact_292_asynchronousSystem_OQReachImplReach,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( reachable_p_s_v @ Trans @ Sends @ Cfg1 @ Cfg2 ) ) ).
% asynchronousSystem.QReachImplReach
thf(fact_293_asynchronousSystem_OOnlyOccurenceDisables,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,M2: message_p_v] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ( enabled_p_v_s @ Cfg1 @ M2 )
=> ( ~ ( enabled_p_v_s @ Cfg2 @ M2 )
=> ( M = M2 ) ) ) ) ).
% asynchronousSystem.OnlyOccurenceDisables
thf(fact_294_asynchronousSystem_ONotInQFrozenQReachability,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit,P: p] :
( ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member_p @ P @ Q2 )
=> ( ( states1228886952t_unit @ Cfg1 @ P )
= ( states1228886952t_unit @ Cfg2 @ P ) ) ) ) ).
% asynchronousSystem.NotInQFrozenQReachability
thf(fact_295_asynchronousSystem_OInitialIsInitReachable,axiom,
! [Start: p > s,C: config256849571t_unit,Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat] :
( ( initial_p_s_v @ Start @ C )
=> ( initReachable_p_s_v @ Trans @ Sends @ Start @ C ) ) ).
% asynchronousSystem.InitialIsInitReachable
thf(fact_296_asynchronousSystem_OOtherMessagesOnlyGrowing,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,M2: message_p_v] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ( M != M2 )
=> ( ord_less_eq_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M2 ) @ ( msgs_p1029620568t_unit @ Cfg2 @ M2 ) ) ) ) ).
% asynchronousSystem.OtherMessagesOnlyGrowing
thf(fact_297_asynchronousSystem_OStepQ,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,Q2: set_p,Cfg2: config256849571t_unit,Msg: message_p_v,Cfg32: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ( steps_p_s_v @ Trans @ Sends @ Cfg2 @ Msg @ Cfg32 )
=> ( ? [X4: p] :
( ( member_p @ X4 @ Q2 )
& ( isReceiverOf_p_v @ X4 @ Msg ) )
=> ( qReachable_p_s_v @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ) ).
% asynchronousSystem.StepQ
thf(fact_298_asynchronousSystem_OqReachable_Ocases,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,A1: config256849571t_unit,A2: set_p,A3: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans @ Sends @ A1 @ A2 @ A3 )
=> ( ( A3 != A1 )
=> ~ ! [Cfg23: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans @ Sends @ A1 @ A2 @ Cfg23 )
=> ! [Msg3: message_p_v] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg23 @ Msg3 @ A3 )
=> ~ ? [X: p] :
( ( member_p @ X @ A2 )
& ( isReceiverOf_p_v @ X @ Msg3 ) ) ) ) ) ) ).
% asynchronousSystem.qReachable.cases
thf(fact_299_asynchronousSystem_OqReachable_Osimps,axiom,
( qReachable_p_s_v
= ( ^ [Trans2: p > s > messageValue_v > s,Sends2: p > s > messageValue_v > message_p_v > nat,A12: config256849571t_unit,A22: set_p,A32: config256849571t_unit] :
( ( A32 = A12 )
| ? [Cfg22: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans2 @ Sends2 @ A12 @ A22 @ Cfg22 )
& ? [Msg2: message_p_v] :
( ( steps_p_s_v @ Trans2 @ Sends2 @ Cfg22 @ Msg2 @ A32 )
& ? [X3: p] :
( ( member_p @ X3 @ A22 )
& ( isReceiverOf_p_v @ X3 @ Msg2 ) ) ) ) ) ) ) ).
% asynchronousSystem.qReachable.simps
thf(fact_300_asynchronousSystem_OqReachable_Oinducts,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,X1: config256849571t_unit,X22: set_p,X32: config256849571t_unit,P2: config256849571t_unit > set_p > config256849571t_unit > $o] :
( ( qReachable_p_s_v @ Trans @ Sends @ X1 @ X22 @ X32 )
=> ( ! [Cfg12: config256849571t_unit,Q3: set_p] : ( P2 @ Cfg12 @ Q3 @ Cfg12 )
=> ( ! [Cfg12: config256849571t_unit,Q3: set_p,Cfg23: config256849571t_unit] :
( ( qReachable_p_s_v @ Trans @ Sends @ Cfg12 @ Q3 @ Cfg23 )
=> ( ( P2 @ Cfg12 @ Q3 @ Cfg23 )
=> ! [Msg3: message_p_v,Cfg33: config256849571t_unit] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( ? [X: p] :
( ( member_p @ X @ Q3 )
& ( isReceiverOf_p_v @ X @ Msg3 ) )
=> ( P2 @ Cfg12 @ Q3 @ Cfg33 ) ) ) ) )
=> ( P2 @ X1 @ X22 @ X32 ) ) ) ) ).
% asynchronousSystem.qReachable.inducts
thf(fact_301_asynchronousSystem_ONoReceivingNoChange,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit,P: p] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ~ ( isReceiverOf_p_v @ P @ M )
=> ( ( states1228886952t_unit @ Cfg1 @ P )
= ( states1228886952t_unit @ Cfg2 @ P ) ) ) ) ).
% asynchronousSystem.NoReceivingNoChange
thf(fact_302_asynchronousSystem_OinitReachable__def,axiom,
( initReachable_p_s_v
= ( ^ [Trans2: p > s > messageValue_v > s,Sends2: p > s > messageValue_v > message_p_v > nat,Start2: p > s,Cfg5: config256849571t_unit] :
? [Cfg0: config256849571t_unit] :
( ( initial_p_s_v @ Start2 @ Cfg0 )
& ( reachable_p_s_v @ Trans2 @ Sends2 @ Cfg0 @ Cfg5 ) ) ) ) ).
% asynchronousSystem.initReachable_def
thf(fact_303_asynchronousSystem_OstepReachable__def,axiom,
( stepReachable_p_s_v
= ( ^ [Trans2: p > s > messageValue_v > s,Sends2: p > s > messageValue_v > message_p_v > nat,C12: config256849571t_unit,Msg2: message_p_v,C23: config256849571t_unit] :
? [C4: config256849571t_unit,C5: config256849571t_unit] :
( ( reachable_p_s_v @ Trans2 @ Sends2 @ C12 @ C4 )
& ( steps_p_s_v @ Trans2 @ Sends2 @ C4 @ Msg2 @ C5 )
& ( reachable_p_s_v @ Trans2 @ Sends2 @ C5 @ C23 ) ) ) ) ).
% asynchronousSystem.stepReachable_def
thf(fact_304_asynchronousSystem_OStepReachable,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg: config256849571t_unit,Cfg4: config256849571t_unit,Msg: message_p_v] :
( ( reachable_p_s_v @ Trans @ Sends @ Cfg @ Cfg4 )
=> ( ( enabled_p_v_s @ Cfg @ Msg )
=> ( ~ ( enabled_p_v_s @ Cfg4 @ Msg )
=> ( stepReachable_p_s_v @ Trans @ Sends @ Cfg @ Msg @ Cfg4 ) ) ) ) ).
% asynchronousSystem.StepReachable
thf(fact_305_asynchronousSystem_OexpandExecutionStep,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Exec3: list_c1059388851t_unit,Msg: message_p_v,CMsg2: config256849571t_unit,Start: p > s,Trace3: list_message_p_v] :
( ( steps_p_s_v @ Trans @ Sends @ ( last_c571238084t_unit @ Exec3 ) @ Msg @ CMsg2 )
=> ( ( execution_p_s_v @ Trans @ Sends @ Start @ Exec3 @ Trace3 )
=> ? [Exec4: list_c1059388851t_unit,Trace4: list_message_p_v] :
( ( execution_p_s_v @ Trans @ Sends @ Start @ Exec4 @ Trace4 )
& ( prefix1615116500t_unit @ Exec3 @ Exec4 )
& ( prefix47729710ge_p_v @ Trace3 @ Trace4 )
& ( ( last_c571238084t_unit @ Exec4 )
= CMsg2 )
& ( ( last_message_p_v @ Trace4 )
= Msg ) ) ) ) ).
% asynchronousSystem.expandExecutionStep
thf(fact_306_asynchronousSystem_OexpandExecutionReachable,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,CfgLast: config256849571t_unit,Cfg: config256849571t_unit,Start: p > s,Exec: list_c1059388851t_unit,Trace: list_message_p_v] :
( ( reachable_p_s_v @ Trans @ Sends @ CfgLast @ Cfg )
=> ( ( execution_p_s_v @ Trans @ Sends @ Start @ Exec @ Trace )
=> ( ( CfgLast
= ( last_c571238084t_unit @ Exec ) )
=> ? [Exec2: list_c1059388851t_unit,Trace2: list_message_p_v] :
( ( execution_p_s_v @ Trans @ Sends @ Start @ Exec2 @ Trace2 )
& ( ( ( prefix1615116500t_unit @ Exec @ Exec2 )
& ( prefix47729710ge_p_v @ Trace @ Trace2 ) )
| ( ( Exec = Exec2 )
& ( Trace = Trace2 ) ) )
& ( ( last_c571238084t_unit @ Exec2 )
= Cfg ) ) ) ) ) ).
% asynchronousSystem.expandExecutionReachable
thf(fact_307_NonUniformCanReachSilentBivalence,axiom,
! [C: config256849571t_unit,P: p] :
( ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $false @ C )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $true @ C ) )
=> ( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ trans @ sends @ start @ one_one_nat @ Cc @ X_1 )
=> ( ! [Cfg6: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ C @ Cfg6 )
=> ( agreement_p_v_s @ Cfg6 ) )
=> ? [C6: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ C @ C6 )
& ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ P @ C6 ) )
= ( insert_o @ $true @ ( insert_o @ $false @ bot_bot_set_o ) ) ) ) ) ) ) ).
% NonUniformCanReachSilentBivalence
thf(fact_308_PseudoTermination,axiom,
! [Cc2: config256849571t_unit,Q2: set_p] : ( termin1618267753_p_s_v @ trans @ sends @ start @ one_one_nat @ Cc2 @ Q2 ) ).
% PseudoTermination
thf(fact_309_DecisionValuesExist,axiom,
! [C: config256849571t_unit,P: p] :
( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ trans @ sends @ start @ one_one_nat @ Cc @ X_1 )
=> ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
=> ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ P @ C ) )
!= bot_bot_set_o ) ) ) ).
% DecisionValuesExist
thf(fact_310_InitialNonUniformCfg,axiom,
( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ trans @ sends @ start @ one_one_nat @ Cc @ X_1 )
=> ( ! [I2: config256849571t_unit,X_1: config256849571t_unit] : ( validity_p_s_v @ trans @ sends @ start @ I2 @ X_1 )
=> ( ! [I2: config256849571t_unit,X_1: config256849571t_unit] : ( agreementInit_p_s_v @ trans @ sends @ start @ I2 @ X_1 )
=> ? [Cfg6: config256849571t_unit] :
( ( initial_p_s_v @ start @ Cfg6 )
& ( initReachable_p_s_v @ trans @ sends @ start @ Cfg6 )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $false @ Cfg6 )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $true @ Cfg6 ) ) ) ) ) ).
% InitialNonUniformCfg
thf(fact_311_flpPseudoConsensus_OPseudoTermination,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Start: p > s,Cc2: config256849571t_unit,Q2: set_p] :
( ( fLPThe9398366_p_s_v @ Trans @ Sends @ Start )
=> ( termin1618267753_p_s_v @ Trans @ Sends @ Start @ one_one_nat @ Cc2 @ Q2 ) ) ).
% flpPseudoConsensus.PseudoTermination
thf(fact_312_flpSystem_OterminationPseudo_Ocong,axiom,
termin1618267753_p_s_v = termin1618267753_p_s_v ).
% flpSystem.terminationPseudo.cong
thf(fact_313_flpSystem_ODecisionValuesExist,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,Trans: p > s > messageValue_v > s,Start: p > s,C: config256849571t_unit,P: p] :
( ( flpSystem_p_s_v @ Sends )
=> ( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ Trans @ Sends @ Start @ one_one_nat @ Cc @ X_1 )
=> ( ( initReachable_p_s_v @ Trans @ Sends @ Start @ C )
=> ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ P @ C ) )
!= bot_bot_set_o ) ) ) ) ).
% flpSystem.DecisionValuesExist
thf(fact_314_flpSystem_ONonUniformCanReachSilentBivalence,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,Trans: p > s > messageValue_v > s,Start: p > s,C: config256849571t_unit,P: p] :
( ( flpSystem_p_s_v @ Sends )
=> ( ( ( initReachable_p_s_v @ Trans @ Sends @ Start @ C )
& ~ ( vUniform_p_s_v @ Trans @ Sends @ Start @ $false @ C )
& ~ ( vUniform_p_s_v @ Trans @ Sends @ Start @ $true @ C ) )
=> ( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ Trans @ Sends @ Start @ one_one_nat @ Cc @ X_1 )
=> ( ! [Cfg6: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ C @ Cfg6 )
=> ( agreement_p_v_s @ Cfg6 ) )
=> ? [C6: config256849571t_unit] :
( ( reachable_p_s_v @ Trans @ Sends @ C @ C6 )
& ( ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ Trans @ Sends @ Start @ V @ P @ C6 ) )
= ( insert_o @ $true @ ( insert_o @ $false @ bot_bot_set_o ) ) ) ) ) ) ) ) ).
% flpSystem.NonUniformCanReachSilentBivalence
thf(fact_315_flpSystem_OInitialNonUniformCfg,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,Trans: p > s > messageValue_v > s,Start: p > s] :
( ( flpSystem_p_s_v @ Sends )
=> ( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ Trans @ Sends @ Start @ one_one_nat @ Cc @ X_1 )
=> ( ! [I2: config256849571t_unit,X_1: config256849571t_unit] : ( validity_p_s_v @ Trans @ Sends @ Start @ I2 @ X_1 )
=> ( ! [I2: config256849571t_unit,X_1: config256849571t_unit] : ( agreementInit_p_s_v @ Trans @ Sends @ Start @ I2 @ X_1 )
=> ? [Cfg6: config256849571t_unit] :
( ( initial_p_s_v @ Start @ Cfg6 )
& ( initReachable_p_s_v @ Trans @ Sends @ Start @ Cfg6 )
& ~ ( vUniform_p_s_v @ Trans @ Sends @ Start @ $false @ Cfg6 )
& ~ ( vUniform_p_s_v @ Trans @ Sends @ Start @ $true @ Cfg6 ) ) ) ) ) ) ).
% flpSystem.InitialNonUniformCfg
thf(fact_316_execution_OExistImpliesMinEnabled,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Start: p > s,Exec: list_c1059388851t_unit,Trace: list_message_p_v,P: p,Msg: message_p_v] :
( ( execution_p_s_v @ Trans @ Sends @ Start @ Exec @ Trace )
=> ( ( isReceiverOf_p_v @ P @ Msg )
=> ( ( enabled_p_v_s @ ( last_c571238084t_unit @ Exec ) @ Msg )
=> ? [X_1: message_p_v] : ( minimalEnabled_p_v_s @ Exec @ Trace @ X_1 ) ) ) ) ).
% execution.ExistImpliesMinEnabled
thf(fact_317_flpSystem_Ovalidity_Ocong,axiom,
validity_p_s_v = validity_p_s_v ).
% flpSystem.validity.cong
thf(fact_318_execution_OFirstOccurrenceExists,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Start: p > s,Exec: list_c1059388851t_unit,Trace: list_message_p_v,Msg: message_p_v] :
( ( execution_p_s_v @ Trans @ Sends @ Start @ Exec @ Trace )
=> ( ( enabled_p_v_s @ ( last_c571238084t_unit @ Exec ) @ Msg )
=> ( ? [P5: p] : ( isReceiverOf_p_v @ P5 @ Msg )
=> ? [X_1: nat] : ( firstO1414030372_p_v_s @ Exec @ Trace @ Msg @ X_1 ) ) ) ) ).
% execution.FirstOccurrenceExists
thf(fact_319_NonUniformImpliesNotDecided,axiom,
! [C: config256849571t_unit,V2: $o] :
( ! [Cfg6: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ C @ Cfg6 )
=> ( agreement_p_v_s @ Cfg6 ) )
=> ( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ trans @ sends @ start @ one_one_nat @ Cc @ X_1 )
=> ( ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $false @ C )
& ~ ( vUniform_p_s_v @ trans @ sends @ start @ $true @ C ) )
=> ~ ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
& ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C @ ( outMsg_p_v @ V2 ) ) ) ) ) ) ) ).
% NonUniformImpliesNotDecided
thf(fact_320_agreement__def,axiom,
( agreement_p_v_s
= ( ^ [C8: config256849571t_unit] :
! [V1: $o] :
( ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C8 @ ( outMsg_p_v @ V1 ) ) )
=> ! [V22: $o] :
( ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C8 @ ( outMsg_p_v @ V22 ) ) )
= ( V22 = V1 ) ) ) ) ) ).
% agreement_def
thf(fact_321_ExistsMsg,axiom,
! [Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit] :
( ( steps_p_s_v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M ) ) ) ).
% ExistsMsg
thf(fact_322_agreementInit__def,axiom,
! [I: config256849571t_unit,C: config256849571t_unit] :
( ( agreementInit_p_s_v @ trans @ sends @ start @ I @ C )
= ( ( ( initial_p_s_v @ start @ I )
& ( reachable_p_s_v @ trans @ sends @ I @ C ) )
=> ! [V1: $o] :
( ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C @ ( outMsg_p_v @ V1 ) ) )
=> ! [V22: $o] :
( ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C @ ( outMsg_p_v @ V22 ) ) )
= ( V22 = V1 ) ) ) ) ) ).
% agreementInit_def
thf(fact_323_DecidedImpliesUniform,axiom,
! [C: config256849571t_unit,V2: $o] :
( ! [Cfg6: config256849571t_unit] :
( ( reachable_p_s_v @ trans @ sends @ C @ Cfg6 )
=> ( agreement_p_v_s @ Cfg6 ) )
=> ( ! [Cc: config256849571t_unit,X_1: set_p] : ( termin1618267753_p_s_v @ trans @ sends @ start @ one_one_nat @ Cc @ X_1 )
=> ( ( ( initReachable_p_s_v @ trans @ sends @ start @ C )
& ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C @ ( outMsg_p_v @ V2 ) ) ) )
=> ( vUniform_p_s_v @ trans @ sends @ start @ V2 @ C ) ) ) ) ).
% DecidedImpliesUniform
thf(fact_324_flpSystem_Oagreement__def,axiom,
! [Sends: p > s > messageValue_v > message_p_v > nat,C: config256849571t_unit] :
( ( flpSystem_p_s_v @ Sends )
=> ( ( agreement_p_v_s @ C )
= ( ! [V1: $o] :
( ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C @ ( outMsg_p_v @ V1 ) ) )
=> ! [V22: $o] :
( ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ C @ ( outMsg_p_v @ V22 ) ) )
= ( V22 = V1 ) ) ) ) ) ) ).
% flpSystem.agreement_def
thf(fact_325_enabled__def,axiom,
( enabled_p_v_s
= ( ^ [Cfg5: config256849571t_unit,Msg2: message_p_v] : ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ Cfg5 @ Msg2 ) ) ) ) ).
% enabled_def
thf(fact_326_asynchronousSystem_OExistsMsg,axiom,
! [Trans: p > s > messageValue_v > s,Sends: p > s > messageValue_v > message_p_v > nat,Cfg1: config256849571t_unit,M: message_p_v,Cfg2: config256849571t_unit] :
( ( steps_p_s_v @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ord_less_nat @ zero_zero_nat @ ( msgs_p1029620568t_unit @ Cfg1 @ M ) ) ) ).
% asynchronousSystem.ExistsMsg
thf(fact_327_order_Onot__eq__order__implies__strict,axiom,
! [A5: set_o,B3: set_o] :
( ( A5 != B3 )
=> ( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ord_less_set_o @ A5 @ B3 ) ) ) ).
% order.not_eq_order_implies_strict
thf(fact_328_order_Onot__eq__order__implies__strict,axiom,
! [A5: nat,B3: nat] :
( ( A5 != B3 )
=> ( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ord_less_nat @ A5 @ B3 ) ) ) ).
% order.not_eq_order_implies_strict
thf(fact_329_dual__order_Ostrict__implies__order,axiom,
! [B3: set_o,A5: set_o] :
( ( ord_less_set_o @ B3 @ A5 )
=> ( ord_less_eq_set_o @ B3 @ A5 ) ) ).
% dual_order.strict_implies_order
thf(fact_330_dual__order_Ostrict__implies__order,axiom,
! [B3: nat,A5: nat] :
( ( ord_less_nat @ B3 @ A5 )
=> ( ord_less_eq_nat @ B3 @ A5 ) ) ).
% dual_order.strict_implies_order
thf(fact_331_dual__order_Ostrict__iff__order,axiom,
( ord_less_set_o
= ( ^ [B4: set_o,A6: set_o] :
( ( ord_less_eq_set_o @ B4 @ A6 )
& ( A6 != B4 ) ) ) ) ).
% dual_order.strict_iff_order
thf(fact_332_dual__order_Ostrict__iff__order,axiom,
( ord_less_nat
= ( ^ [B4: nat,A6: nat] :
( ( ord_less_eq_nat @ B4 @ A6 )
& ( A6 != B4 ) ) ) ) ).
% dual_order.strict_iff_order
thf(fact_333_dual__order_Oorder__iff__strict,axiom,
( ord_less_eq_set_o
= ( ^ [B4: set_o,A6: set_o] :
( ( ord_less_set_o @ B4 @ A6 )
| ( A6 = B4 ) ) ) ) ).
% dual_order.order_iff_strict
thf(fact_334_dual__order_Oorder__iff__strict,axiom,
( ord_less_eq_nat
= ( ^ [B4: nat,A6: nat] :
( ( ord_less_nat @ B4 @ A6 )
| ( A6 = B4 ) ) ) ) ).
% dual_order.order_iff_strict
thf(fact_335_order_Ostrict__implies__order,axiom,
! [A5: set_o,B3: set_o] :
( ( ord_less_set_o @ A5 @ B3 )
=> ( ord_less_eq_set_o @ A5 @ B3 ) ) ).
% order.strict_implies_order
thf(fact_336_order_Ostrict__implies__order,axiom,
! [A5: nat,B3: nat] :
( ( ord_less_nat @ A5 @ B3 )
=> ( ord_less_eq_nat @ A5 @ B3 ) ) ).
% order.strict_implies_order
thf(fact_337_dual__order_Ostrict__trans2,axiom,
! [B3: set_o,A5: set_o,C: set_o] :
( ( ord_less_set_o @ B3 @ A5 )
=> ( ( ord_less_eq_set_o @ C @ B3 )
=> ( ord_less_set_o @ C @ A5 ) ) ) ).
% dual_order.strict_trans2
thf(fact_338_dual__order_Ostrict__trans2,axiom,
! [B3: nat,A5: nat,C: nat] :
( ( ord_less_nat @ B3 @ A5 )
=> ( ( ord_less_eq_nat @ C @ B3 )
=> ( ord_less_nat @ C @ A5 ) ) ) ).
% dual_order.strict_trans2
thf(fact_339_dual__order_Ostrict__trans1,axiom,
! [B3: set_o,A5: set_o,C: set_o] :
( ( ord_less_eq_set_o @ B3 @ A5 )
=> ( ( ord_less_set_o @ C @ B3 )
=> ( ord_less_set_o @ C @ A5 ) ) ) ).
% dual_order.strict_trans1
thf(fact_340_dual__order_Ostrict__trans1,axiom,
! [B3: nat,A5: nat,C: nat] :
( ( ord_less_eq_nat @ B3 @ A5 )
=> ( ( ord_less_nat @ C @ B3 )
=> ( ord_less_nat @ C @ A5 ) ) ) ).
% dual_order.strict_trans1
thf(fact_341_order_Ostrict__iff__order,axiom,
( ord_less_set_o
= ( ^ [A6: set_o,B4: set_o] :
( ( ord_less_eq_set_o @ A6 @ B4 )
& ( A6 != B4 ) ) ) ) ).
% order.strict_iff_order
thf(fact_342_order_Ostrict__iff__order,axiom,
( ord_less_nat
= ( ^ [A6: nat,B4: nat] :
( ( ord_less_eq_nat @ A6 @ B4 )
& ( A6 != B4 ) ) ) ) ).
% order.strict_iff_order
thf(fact_343_order_Oorder__iff__strict,axiom,
( ord_less_eq_set_o
= ( ^ [A6: set_o,B4: set_o] :
( ( ord_less_set_o @ A6 @ B4 )
| ( A6 = B4 ) ) ) ) ).
% order.order_iff_strict
thf(fact_344_order_Oorder__iff__strict,axiom,
( ord_less_eq_nat
= ( ^ [A6: nat,B4: nat] :
( ( ord_less_nat @ A6 @ B4 )
| ( A6 = B4 ) ) ) ) ).
% order.order_iff_strict
thf(fact_345_order_Ostrict__trans2,axiom,
! [A5: set_o,B3: set_o,C: set_o] :
( ( ord_less_set_o @ A5 @ B3 )
=> ( ( ord_less_eq_set_o @ B3 @ C )
=> ( ord_less_set_o @ A5 @ C ) ) ) ).
% order.strict_trans2
thf(fact_346_order_Ostrict__trans2,axiom,
! [A5: nat,B3: nat,C: nat] :
( ( ord_less_nat @ A5 @ B3 )
=> ( ( ord_less_eq_nat @ B3 @ C )
=> ( ord_less_nat @ A5 @ C ) ) ) ).
% order.strict_trans2
thf(fact_347_order_Ostrict__trans1,axiom,
! [A5: set_o,B3: set_o,C: set_o] :
( ( ord_less_eq_set_o @ A5 @ B3 )
=> ( ( ord_less_set_o @ B3 @ C )
=> ( ord_less_set_o @ A5 @ C ) ) ) ).
% order.strict_trans1
thf(fact_348_order_Ostrict__trans1,axiom,
! [A5: nat,B3: nat,C: nat] :
( ( ord_less_eq_nat @ A5 @ B3 )
=> ( ( ord_less_nat @ B3 @ C )
=> ( ord_less_nat @ A5 @ C ) ) ) ).
% order.strict_trans1
thf(fact_349_not__le__imp__less,axiom,
! [Y2: nat,X2: nat] :
( ~ ( ord_less_eq_nat @ Y2 @ X2 )
=> ( ord_less_nat @ X2 @ Y2 ) ) ).
% not_le_imp_less
thf(fact_350_less__le__not__le,axiom,
( ord_less_set_o
= ( ^ [X3: set_o,Y3: set_o] :
( ( ord_less_eq_set_o @ X3 @ Y3 )
& ~ ( ord_less_eq_set_o @ Y3 @ X3 ) ) ) ) ).
% less_le_not_le
thf(fact_351_less__le__not__le,axiom,
( ord_less_nat
= ( ^ [X3: nat,Y3: nat] :
( ( ord_less_eq_nat @ X3 @ Y3 )
& ~ ( ord_less_eq_nat @ Y3 @ X3 ) ) ) ) ).
% less_le_not_le
thf(fact_352_le__imp__less__or__eq,axiom,
! [X2: set_o,Y2: set_o] :
( ( ord_less_eq_set_o @ X2 @ Y2 )
=> ( ( ord_less_set_o @ X2 @ Y2 )
| ( X2 = Y2 ) ) ) ).
% le_imp_less_or_eq
thf(fact_353_le__imp__less__or__eq,axiom,
! [X2: nat,Y2: nat] :
( ( ord_less_eq_nat @ X2 @ Y2 )
=> ( ( ord_less_nat @ X2 @ Y2 )
| ( X2 = Y2 ) ) ) ).
% le_imp_less_or_eq
thf(fact_354_le__less__linear,axiom,
! [X2: nat,Y2: nat] :
( ( ord_less_eq_nat @ X2 @ Y2 )
| ( ord_less_nat @ Y2 @ X2 ) ) ).
% le_less_linear
% Conjectures (1)
thf(conj_0,conjecture,
( ord_less_eq_set_o
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ p2 @ ( last_c571238084t_unit @ exec2 ) ) )
@ ( collect_o
@ ^ [V: $o] : ( pSilDecVal_p_s_v @ trans @ sends @ start @ V @ p2 @ cMsg ) ) ) ).
%------------------------------------------------------------------------------