TPTP Problem File: ITP057^2.p
View Solutions
- Solve Problem
%------------------------------------------------------------------------------
% File : ITP057^2 : TPTP v8.2.0. Released v7.5.0.
% Domain : Interactive Theorem Proving
% Problem : Sledgehammer FLPTheorem problem prob_165__3291512_1
% Version : Especial.
% English :
% Refs : [BH+15] Blanchette et al. (2015), Mining the Archive of Formal
% : [Des21] Desharnais (2021), Email to Geoff Sutcliffe
% Source : [Des21]
% Names : FLPTheorem/prob_165__3291512_1 [Des21]
% Status : Theorem
% Rating : 0.33 v8.1.0, 0.25 v7.5.0
% Syntax : Number of formulae : 348 ( 122 unt; 63 typ; 0 def)
% Number of atoms : 958 ( 225 equ; 0 cnn)
% Maximal formula atoms : 13 ( 3 avg)
% Number of connectives : 6606 ( 108 ~; 20 |; 106 &;5968 @)
% ( 0 <=>; 404 =>; 0 <=; 0 <~>)
% Maximal formula depth : 30 ( 10 avg)
% Number of types : 6 ( 5 usr)
% Number of type conns : 580 ( 580 >; 0 *; 0 +; 0 <<)
% Number of symbols : 61 ( 58 usr; 12 con; 0-9 aty)
% Number of variables : 1245 ( 98 ^;1007 !; 56 ?;1245 :)
% ( 84 !>; 0 ?*; 0 @-; 0 @+)
% SPC : TH1_THM_EQU_NAR
% Comments : This file was generated by Sledgehammer 2021-02-23 16:15:46.166
%------------------------------------------------------------------------------
% Could-be-implicit typings (10)
thf(ty_t_AsynchronousSystem_Oconfiguration_Oconfiguration__ext,type,
configuration_ext: $tType > $tType > $tType > $tType > $tType ).
thf(ty_t_AsynchronousSystem_OmessageValue,type,
messageValue: $tType > $tType ).
thf(ty_t_AsynchronousSystem_Omessage,type,
message: $tType > $tType > $tType ).
thf(ty_t_Product__Type_Ounit,type,
product_unit: $tType ).
thf(ty_t_List_Olist,type,
list: $tType > $tType ).
thf(ty_t_Set_Oset,type,
set: $tType > $tType ).
thf(ty_t_Nat_Onat,type,
nat: $tType ).
thf(ty_tf_v,type,
v: $tType ).
thf(ty_tf_s,type,
s: $tType ).
thf(ty_tf_p,type,
p: $tType ).
% Explicit typings (53)
thf(sy_cl_HOL_Otype,type,
type:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Obot,type,
bot:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oord,type,
ord:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oorder,type,
order:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Olinorder,type,
linorder:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Opreorder,type,
preorder:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Oorder__bot,type,
order_bot:
!>[A: $tType] : $o ).
thf(sy_cl_Orderings_Odense__linorder,type,
dense_linorder:
!>[A: $tType] : $o ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_OinitReachable,type,
initReachable:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_Oinitial,type,
initial:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_OqReachable,type,
qReachable:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( configuration_ext @ P @ V @ S @ product_unit ) > ( set @ P ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_Oreachable,type,
reachable:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( configuration_ext @ P @ V @ S @ product_unit ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_OstepReachable,type,
stepReachable:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( configuration_ext @ P @ V @ S @ product_unit ) > ( message @ P @ V ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_AsynchronousSystem_OasynchronousSystem_Osteps,type,
steps:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( configuration_ext @ P @ V @ S @ product_unit ) > ( message @ P @ V ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_AsynchronousSystem_Oconfiguration_Omsgs,type,
msgs:
!>[P: $tType,V: $tType,S: $tType,Z: $tType] : ( ( configuration_ext @ P @ V @ S @ Z ) > ( message @ P @ V ) > nat ) ).
thf(sy_c_AsynchronousSystem_Oconfiguration_Ostates,type,
states:
!>[P: $tType,V: $tType,S: $tType,Z: $tType] : ( ( configuration_ext @ P @ V @ S @ Z ) > P > S ) ).
thf(sy_c_AsynchronousSystem_Oenabled,type,
enabled:
!>[P: $tType,V: $tType,S: $tType] : ( ( configuration_ext @ P @ V @ S @ product_unit ) > ( message @ P @ V ) > $o ) ).
thf(sy_c_AsynchronousSystem_OisReceiverOf,type,
isReceiverOf:
!>[P: $tType,V: $tType] : ( P > ( message @ P @ V ) > $o ) ).
thf(sy_c_AsynchronousSystem_Omessage_OOutMsg,type,
outMsg:
!>[P: $tType,V: $tType] : ( $o > ( message @ P @ V ) ) ).
thf(sy_c_Execution_Oexecution,type,
execution:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > ( list @ ( configuration_ext @ P @ V @ S @ product_unit ) ) > ( list @ ( message @ P @ V ) ) > $o ) ).
thf(sy_c_Execution_Oexecution_OfirstOccurrence,type,
firstOccurrence:
!>[P: $tType,V: $tType,S: $tType] : ( ( list @ ( configuration_ext @ P @ V @ S @ product_unit ) ) > ( list @ ( message @ P @ V ) ) > ( message @ P @ V ) > nat > $o ) ).
thf(sy_c_Execution_Oexecution_OminimalEnabled,type,
minimalEnabled:
!>[P: $tType,V: $tType,S: $tType] : ( ( list @ ( configuration_ext @ P @ V @ S @ product_unit ) ) > ( list @ ( message @ P @ V ) ) > ( message @ P @ V ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem,type,
flpSystem:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem_Oagreement,type,
agreement:
!>[P: $tType,V: $tType,S: $tType] : ( ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem_OagreementInit,type,
agreementInit:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > ( configuration_ext @ P @ V @ S @ product_unit ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem_OpSilDecVal,type,
pSilDecVal:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > $o > P > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem_OterminationPseudo,type,
terminationPseudo:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > nat > ( configuration_ext @ P @ V @ S @ product_unit ) > ( set @ P ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem_OvUniform,type,
vUniform:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > $o > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_FLPSystem_OflpSystem_Ovalidity,type,
validity:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > ( configuration_ext @ P @ V @ S @ product_unit ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o ) ).
thf(sy_c_FLPTheorem__Mirabelle__yavhmxymmt_OflpPseudoConsensus,type,
fLPThe1922692578sensus:
!>[P: $tType,S: $tType,V: $tType] : ( ( P > S > ( messageValue @ V ) > S ) > ( P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat ) > ( P > S ) > $o ) ).
thf(sy_c_Groups_Oone__class_Oone,type,
one_one:
!>[A: $tType] : A ).
thf(sy_c_Groups_Ozero__class_Ozero,type,
zero_zero:
!>[A: $tType] : A ).
thf(sy_c_ListUtilities_OprefixList,type,
prefixList:
!>[A: $tType] : ( ( list @ A ) > ( list @ A ) > $o ) ).
thf(sy_c_List_Olast,type,
last:
!>[A: $tType] : ( ( list @ A ) > A ) ).
thf(sy_c_Orderings_Obot__class_Obot,type,
bot_bot:
!>[A: $tType] : A ).
thf(sy_c_Orderings_Oord__class_Oless,type,
ord_less:
!>[A: $tType] : ( A > A > $o ) ).
thf(sy_c_Orderings_Oord__class_Oless__eq,type,
ord_less_eq:
!>[A: $tType] : ( A > A > $o ) ).
thf(sy_c_Set_OCollect,type,
collect:
!>[A: $tType] : ( ( A > $o ) > ( set @ A ) ) ).
thf(sy_c_Set_Oinsert,type,
insert:
!>[A: $tType] : ( A > ( set @ A ) > ( set @ A ) ) ).
thf(sy_c_member,type,
member:
!>[A: $tType] : ( A > ( set @ A ) > $o ) ).
thf(sy_v_cMsg____,type,
cMsg: configuration_ext @ p @ v @ s @ product_unit ).
thf(sy_v_c_H____,type,
c: configuration_ext @ p @ v @ s @ product_unit ).
thf(sy_v_exec,type,
exec: list @ ( configuration_ext @ p @ v @ s @ product_unit ) ).
thf(sy_v_execMsga____,type,
execMsga: list @ ( configuration_ext @ p @ v @ s @ product_unit ) ).
thf(sy_v_exec_H____,type,
exec2: list @ ( configuration_ext @ p @ v @ s @ product_unit ) ).
thf(sy_v_msg,type,
msg: message @ p @ v ).
thf(sy_v_p,type,
p2: p ).
thf(sy_v_sends,type,
sends: p > s > ( messageValue @ v ) > ( message @ p @ v ) > nat ).
thf(sy_v_start,type,
start: p > s ).
thf(sy_v_trace,type,
trace: list @ ( message @ p @ v ) ).
thf(sy_v_traceMsga____,type,
traceMsga: list @ ( message @ p @ v ) ).
thf(sy_v_trace_H____,type,
trace2: list @ ( message @ p @ v ) ).
thf(sy_v_trans,type,
trans: p > s > ( messageValue @ v ) > s ).
% Relevant facts (256)
thf(fact_0_PisReceiverOf,axiom,
isReceiverOf @ p @ v @ p2 @ msg ).
% PisReceiverOf
thf(fact_1_InitReachLastExec_H,axiom,
initReachable @ p @ s @ v @ trans @ sends @ start @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) ).
% InitReachLastExec'
thf(fact_2_NewExec_I3_J,axiom,
( ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 )
= c ) ).
% NewExec(3)
thf(fact_3_CMsg,axiom,
steps @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) @ msg @ cMsg ).
% CMsg
thf(fact_4_flpPseudoConsensus__axioms,axiom,
fLPThe1922692578sensus @ p @ s @ v @ trans @ sends @ start ).
% flpPseudoConsensus_axioms
thf(fact_5_ExecMsg_I3_J,axiom,
( ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ execMsga )
= cMsg ) ).
% ExecMsg(3)
thf(fact_6__092_060open_062_092_060lbrakk_062p_A_061_Ap_059_Alast_Aexec_H_A_092_060turnstile_062_Amsg_A_092_060mapsto_062_AcMsg_059_AisReceiverOf_Ap_Amsg_059_AinitReachable_A_Ilast_Aexec_H_J_092_060rbrakk_062_A_092_060Longrightarrow_062_Aval_091p_Mlast_Aexec_H_093_A_092_060subseteq_062_Aval_091p_McMsg_093_092_060close_062,axiom,
( ( p2 = p2 )
=> ( ( steps @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) @ msg @ cMsg )
=> ( ( isReceiverOf @ p @ v @ p2 @ msg )
=> ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) )
=> ( ord_less_eq @ ( set @ $o )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ p2 @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) ) )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ p2 @ cMsg ) ) ) ) ) ) ) ).
% \<open>\<lbrakk>p = p; last exec' \<turnstile> msg \<mapsto> cMsg; isReceiverOf p msg; initReachable (last exec')\<rbrakk> \<Longrightarrow> val[p,last exec'] \<subseteq> val[p,cMsg]\<close>
thf(fact_7_DiamondOne,axiom,
! [Cfg: configuration_ext @ p @ v @ s @ product_unit,M: message @ p @ v,Cfg1: configuration_ext @ p @ v @ s @ product_unit,P2: p,Q: p,M2: message @ p @ v,Cfg2: configuration_ext @ p @ v @ s @ product_unit] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg @ M @ Cfg1 )
=> ( ( P2 != Q )
=> ( ( isReceiverOf @ p @ v @ P2 @ M )
=> ( ~ ( isReceiverOf @ p @ v @ P2 @ M2 )
=> ( ( isReceiverOf @ p @ v @ Q @ M2 )
=> ( ~ ( isReceiverOf @ p @ v @ Q @ M )
=> ( ( steps @ p @ s @ v @ trans @ sends @ Cfg @ M2 @ Cfg2 )
=> ? [Cfg3: configuration_ext @ p @ v @ s @ product_unit] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ M2 @ Cfg3 )
& ( steps @ p @ s @ v @ trans @ sends @ Cfg2 @ M @ Cfg3 ) ) ) ) ) ) ) ) ) ).
% DiamondOne
thf(fact_8_True,axiom,
enabled @ p @ v @ s @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) @ msg ).
% True
thf(fact_9__092_060open_062_092_060exists_062cMsg_O_Alast_Aexec_H_A_092_060turnstile_062_Amsg_A_092_060mapsto_062_AcMsg_092_060close_062,axiom,
? [X_1: configuration_ext @ p @ v @ s @ product_unit] : ( steps @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) @ msg @ X_1 ) ).
% \<open>\<exists>cMsg. last exec' \<turnstile> msg \<mapsto> cMsg\<close>
thf(fact_10__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062cMsg_O_Alast_Aexec_H_A_092_060turnstile_062_Amsg_A_092_060mapsto_062_AcMsg_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [CMsg: configuration_ext @ p @ v @ s @ product_unit] :
~ ( steps @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) @ msg @ CMsg ) ).
% \<open>\<And>thesis. (\<And>cMsg. last exec' \<turnstile> msg \<mapsto> cMsg \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_11_Agreement,axiom,
! [I: configuration_ext @ p @ v @ s @ product_unit,C: configuration_ext @ p @ v @ s @ product_unit] : ( agreementInit @ p @ s @ v @ trans @ sends @ start @ I @ C ) ).
% Agreement
thf(fact_12_ActiveProcessSilentDecisionValuesIncrease,axiom,
! [P2: p,Q: p,C: configuration_ext @ p @ v @ s @ product_unit,Msg: message @ p @ v,C2: configuration_ext @ p @ v @ s @ product_unit] :
( ( P2 = Q )
=> ( ( steps @ p @ s @ v @ trans @ sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf @ p @ v @ P2 @ Msg )
=> ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
=> ( ord_less_eq @ ( set @ $o )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ Q @ C ) )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ Q @ C2 ) ) ) ) ) ) ) ).
% ActiveProcessSilentDecisionValuesIncrease
thf(fact_13_InactiveProcessSilentDecisionValuesDecrease,axiom,
! [P2: p,Q: p,C: configuration_ext @ p @ v @ s @ product_unit,Msg: message @ p @ v,C2: configuration_ext @ p @ v @ s @ product_unit] :
( ( P2 != Q )
=> ( ( steps @ p @ s @ v @ trans @ sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf @ p @ v @ P2 @ Msg )
=> ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
=> ( ord_less_eq @ ( set @ $o )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ Q @ C2 ) )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ Q @ C ) ) ) ) ) ) ) ).
% InactiveProcessSilentDecisionValuesDecrease
thf(fact_14_nonUniformC_H,axiom,
( ( initReachable @ p @ s @ v @ trans @ sends @ start @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $false @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $true @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) ) ) ).
% nonUniformC'
thf(fact_15_InitReachLastExecMsg,axiom,
initReachable @ p @ s @ v @ trans @ sends @ start @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ execMsga ) ).
% InitReachLastExecMsg
thf(fact_16_NewExec_I1_J,axiom,
execution @ p @ s @ v @ trans @ sends @ start @ exec2 @ trace2 ).
% NewExec(1)
thf(fact_17_InitialIsInitReachable,axiom,
! [C: configuration_ext @ p @ v @ s @ product_unit] :
( ( initial @ p @ s @ v @ start @ C )
=> ( initReachable @ p @ s @ v @ trans @ sends @ start @ C ) ) ).
% InitialIsInitReachable
thf(fact_18_flpSystem__axioms,axiom,
flpSystem @ p @ s @ v @ sends ).
% flpSystem_axioms
thf(fact_19_subsetI,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ! [X: A] :
( ( member @ A @ X @ A2 )
=> ( member @ A @ X @ B ) )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ).
% subsetI
thf(fact_20_subset__antisym,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ A2 )
=> ( A2 = B ) ) ) ).
% subset_antisym
thf(fact_21_QReachableTrans,axiom,
! [Cfg2: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p,Cfg32: configuration_ext @ p @ v @ s @ product_unit,Cfg1: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg2 @ Q2 @ Cfg32 )
=> ( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ).
% QReachableTrans
thf(fact_22_InitQ,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p] : ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg1 ) ).
% InitQ
thf(fact_23_order__refl,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X2: A] : ( ord_less_eq @ A @ X2 @ X2 ) ) ).
% order_refl
thf(fact_24_OnlyOccurenceDisables,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,M: message @ p @ v,Cfg2: configuration_ext @ p @ v @ s @ product_unit,M2: message @ p @ v] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ( enabled @ p @ v @ s @ Cfg1 @ M2 )
=> ( ~ ( enabled @ p @ v @ s @ Cfg2 @ M2 )
=> ( M = M2 ) ) ) ) ).
% OnlyOccurenceDisables
thf(fact_25_qReachable_Osimps,axiom,
! [A1: configuration_ext @ p @ v @ s @ product_unit,A22: set @ p,A3: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ A1 @ A22 @ A3 )
= ( ( A3 = A1 )
| ? [Cfg22: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ A1 @ A22 @ Cfg22 )
& ? [Msg2: message @ p @ v] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg22 @ Msg2 @ A3 )
& ? [X3: p] :
( ( member @ p @ X3 @ A22 )
& ( isReceiverOf @ p @ v @ X3 @ Msg2 ) ) ) ) ) ) ).
% qReachable.simps
thf(fact_26_qReachable_Oinducts,axiom,
! [X1: configuration_ext @ p @ v @ s @ product_unit,X22: set @ p,X32: configuration_ext @ p @ v @ s @ product_unit,P3: ( configuration_ext @ p @ v @ s @ product_unit ) > ( set @ p ) > ( configuration_ext @ p @ v @ s @ product_unit ) > $o] :
( ( qReachable @ p @ s @ v @ trans @ sends @ X1 @ X22 @ X32 )
=> ( ! [Cfg12: configuration_ext @ p @ v @ s @ product_unit,Q3: set @ p] : ( P3 @ Cfg12 @ Q3 @ Cfg12 )
=> ( ! [Cfg12: configuration_ext @ p @ v @ s @ product_unit,Q3: set @ p,Cfg23: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg12 @ Q3 @ Cfg23 )
=> ( ( P3 @ Cfg12 @ Q3 @ Cfg23 )
=> ! [Msg3: message @ p @ v,Cfg33: configuration_ext @ p @ v @ s @ product_unit] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( ? [X: p] :
( ( member @ p @ X @ Q3 )
& ( isReceiverOf @ p @ v @ X @ Msg3 ) )
=> ( P3 @ Cfg12 @ Q3 @ Cfg33 ) ) ) ) )
=> ( P3 @ X1 @ X22 @ X32 ) ) ) ) ).
% qReachable.inducts
thf(fact_27_qReachable_Ocases,axiom,
! [A1: configuration_ext @ p @ v @ s @ product_unit,A22: set @ p,A3: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ A1 @ A22 @ A3 )
=> ( ( A3 != A1 )
=> ~ ! [Cfg23: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ A1 @ A22 @ Cfg23 )
=> ! [Msg3: message @ p @ v] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg23 @ Msg3 @ A3 )
=> ~ ? [X: p] :
( ( member @ p @ X @ A22 )
& ( isReceiverOf @ p @ v @ X @ Msg3 ) ) ) ) ) ) ).
% qReachable.cases
thf(fact_28_StepQ,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p,Cfg2: configuration_ext @ p @ v @ s @ product_unit,Msg: message @ p @ v,Cfg32: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ( steps @ p @ s @ v @ trans @ sends @ Cfg2 @ Msg @ Cfg32 )
=> ( ? [X4: p] :
( ( member @ p @ X4 @ Q2 )
& ( isReceiverOf @ p @ v @ X4 @ Msg ) )
=> ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ) ).
% StepQ
thf(fact_29_ExecMsg_I1_J,axiom,
prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 @ execMsga ).
% ExecMsg(1)
thf(fact_30_isExecution,axiom,
execution @ p @ s @ v @ trans @ sends @ start @ execMsga @ traceMsga ).
% isExecution
thf(fact_31_MsgEnabled,axiom,
enabled @ p @ v @ s @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ msg ).
% MsgEnabled
thf(fact_32_NonUniformLexec,axiom,
( ( initReachable @ p @ s @ v @ trans @ sends @ start @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $false @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $true @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) ) ) ).
% NonUniformLexec
thf(fact_33_flpPseudoConsensus_Oaxioms_I1_J,axiom,
! [V: $tType,S: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Start: P > S] :
( ( fLPThe1922692578sensus @ P @ S @ V @ Trans @ Sends @ Start )
=> ( flpSystem @ P @ S @ V @ Sends ) ) ).
% flpPseudoConsensus.axioms(1)
thf(fact_34_flpPseudoConsensus_OAgreement,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Start: P > S,I: configuration_ext @ P @ V @ S @ product_unit,C: configuration_ext @ P @ V @ S @ product_unit] :
( ( fLPThe1922692578sensus @ P @ S @ V @ Trans @ Sends @ Start )
=> ( agreementInit @ P @ S @ V @ Trans @ Sends @ Start @ I @ C ) ) ).
% flpPseudoConsensus.Agreement
thf(fact_35_less__eq__set__def,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B2: set @ A] :
( ord_less_eq @ ( A > $o )
@ ^ [X3: A] : ( member @ A @ X3 @ A4 )
@ ^ [X3: A] : ( member @ A @ X3 @ B2 ) ) ) ) ).
% less_eq_set_def
thf(fact_36_dual__order_Oantisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B3: A,A5: A] :
( ( ord_less_eq @ A @ B3 @ A5 )
=> ( ( ord_less_eq @ A @ A5 @ B3 )
=> ( A5 = B3 ) ) ) ) ).
% dual_order.antisym
thf(fact_37_dual__order_Oeq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y: A,Z2: A] : Y = Z2 )
= ( ^ [A6: A,B4: A] :
( ( ord_less_eq @ A @ B4 @ A6 )
& ( ord_less_eq @ A @ A6 @ B4 ) ) ) ) ) ).
% dual_order.eq_iff
thf(fact_38_dual__order_Otrans,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B3: A,A5: A,C: A] :
( ( ord_less_eq @ A @ B3 @ A5 )
=> ( ( ord_less_eq @ A @ C @ B3 )
=> ( ord_less_eq @ A @ C @ A5 ) ) ) ) ).
% dual_order.trans
thf(fact_39_linorder__wlog,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [P3: A > A > $o,A5: A,B3: A] :
( ! [A7: A,B5: A] :
( ( ord_less_eq @ A @ A7 @ B5 )
=> ( P3 @ A7 @ B5 ) )
=> ( ! [A7: A,B5: A] :
( ( P3 @ B5 @ A7 )
=> ( P3 @ A7 @ B5 ) )
=> ( P3 @ A5 @ B3 ) ) ) ) ).
% linorder_wlog
thf(fact_40_dual__order_Orefl,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A] : ( ord_less_eq @ A @ A5 @ A5 ) ) ).
% dual_order.refl
thf(fact_41_order__trans,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X2: A,Y2: A,Z3: A] :
( ( ord_less_eq @ A @ X2 @ Y2 )
=> ( ( ord_less_eq @ A @ Y2 @ Z3 )
=> ( ord_less_eq @ A @ X2 @ Z3 ) ) ) ) ).
% order_trans
thf(fact_42_order__class_Oorder_Oantisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A,B3: A] :
( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ( ord_less_eq @ A @ B3 @ A5 )
=> ( A5 = B3 ) ) ) ) ).
% order_class.order.antisym
thf(fact_43_ord__le__eq__trans,axiom,
! [A: $tType] :
( ( ord @ A )
=> ! [A5: A,B3: A,C: A] :
( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ( B3 = C )
=> ( ord_less_eq @ A @ A5 @ C ) ) ) ) ).
% ord_le_eq_trans
thf(fact_44_ord__eq__le__trans,axiom,
! [A: $tType] :
( ( ord @ A )
=> ! [A5: A,B3: A,C: A] :
( ( A5 = B3 )
=> ( ( ord_less_eq @ A @ B3 @ C )
=> ( ord_less_eq @ A @ A5 @ C ) ) ) ) ).
% ord_eq_le_trans
thf(fact_45_mem__Collect__eq,axiom,
! [A: $tType,A5: A,P3: A > $o] :
( ( member @ A @ A5 @ ( collect @ A @ P3 ) )
= ( P3 @ A5 ) ) ).
% mem_Collect_eq
thf(fact_46_Collect__mem__eq,axiom,
! [A: $tType,A2: set @ A] :
( ( collect @ A
@ ^ [X3: A] : ( member @ A @ X3 @ A2 ) )
= A2 ) ).
% Collect_mem_eq
thf(fact_47_Collect__cong,axiom,
! [A: $tType,P3: A > $o,Q2: A > $o] :
( ! [X: A] :
( ( P3 @ X )
= ( Q2 @ X ) )
=> ( ( collect @ A @ P3 )
= ( collect @ A @ Q2 ) ) ) ).
% Collect_cong
thf(fact_48_ext,axiom,
! [B6: $tType,A: $tType,F: A > B6,G: A > B6] :
( ! [X: A] :
( ( F @ X )
= ( G @ X ) )
=> ( F = G ) ) ).
% ext
thf(fact_49_order__class_Oorder_Oeq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y: A,Z2: A] : Y = Z2 )
= ( ^ [A6: A,B4: A] :
( ( ord_less_eq @ A @ A6 @ B4 )
& ( ord_less_eq @ A @ B4 @ A6 ) ) ) ) ) ).
% order_class.order.eq_iff
thf(fact_50_antisym__conv,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [Y2: A,X2: A] :
( ( ord_less_eq @ A @ Y2 @ X2 )
=> ( ( ord_less_eq @ A @ X2 @ Y2 )
= ( X2 = Y2 ) ) ) ) ).
% antisym_conv
thf(fact_51_le__cases3,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X2: A,Y2: A,Z3: A] :
( ( ( ord_less_eq @ A @ X2 @ Y2 )
=> ~ ( ord_less_eq @ A @ Y2 @ Z3 ) )
=> ( ( ( ord_less_eq @ A @ Y2 @ X2 )
=> ~ ( ord_less_eq @ A @ X2 @ Z3 ) )
=> ( ( ( ord_less_eq @ A @ X2 @ Z3 )
=> ~ ( ord_less_eq @ A @ Z3 @ Y2 ) )
=> ( ( ( ord_less_eq @ A @ Z3 @ Y2 )
=> ~ ( ord_less_eq @ A @ Y2 @ X2 ) )
=> ( ( ( ord_less_eq @ A @ Y2 @ Z3 )
=> ~ ( ord_less_eq @ A @ Z3 @ X2 ) )
=> ~ ( ( ord_less_eq @ A @ Z3 @ X2 )
=> ~ ( ord_less_eq @ A @ X2 @ Y2 ) ) ) ) ) ) ) ) ).
% le_cases3
thf(fact_52_order_Otrans,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A,B3: A,C: A] :
( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ( ord_less_eq @ A @ B3 @ C )
=> ( ord_less_eq @ A @ A5 @ C ) ) ) ) ).
% order.trans
thf(fact_53_le__cases,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X2: A,Y2: A] :
( ~ ( ord_less_eq @ A @ X2 @ Y2 )
=> ( ord_less_eq @ A @ Y2 @ X2 ) ) ) ).
% le_cases
thf(fact_54_eq__refl,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ! [X2: A,Y2: A] :
( ( X2 = Y2 )
=> ( ord_less_eq @ A @ X2 @ Y2 ) ) ) ).
% eq_refl
thf(fact_55_linear,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X2: A,Y2: A] :
( ( ord_less_eq @ A @ X2 @ Y2 )
| ( ord_less_eq @ A @ Y2 @ X2 ) ) ) ).
% linear
thf(fact_56_antisym,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [X2: A,Y2: A] :
( ( ord_less_eq @ A @ X2 @ Y2 )
=> ( ( ord_less_eq @ A @ Y2 @ X2 )
=> ( X2 = Y2 ) ) ) ) ).
% antisym
thf(fact_57_eq__iff,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ^ [Y: A,Z2: A] : Y = Z2 )
= ( ^ [X3: A,Y3: A] :
( ( ord_less_eq @ A @ X3 @ Y3 )
& ( ord_less_eq @ A @ Y3 @ X3 ) ) ) ) ) ).
% eq_iff
thf(fact_58_ord__le__eq__subst,axiom,
! [A: $tType,B6: $tType] :
( ( ( ord @ B6 )
& ( ord @ A ) )
=> ! [A5: A,B3: A,F: A > B6,C: B6] :
( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ( ( F @ B3 )
= C )
=> ( ! [X: A,Y4: A] :
( ( ord_less_eq @ A @ X @ Y4 )
=> ( ord_less_eq @ B6 @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq @ B6 @ ( F @ A5 ) @ C ) ) ) ) ) ).
% ord_le_eq_subst
thf(fact_59_ord__eq__le__subst,axiom,
! [A: $tType,B6: $tType] :
( ( ( ord @ B6 )
& ( ord @ A ) )
=> ! [A5: A,F: B6 > A,B3: B6,C: B6] :
( ( A5
= ( F @ B3 ) )
=> ( ( ord_less_eq @ B6 @ B3 @ C )
=> ( ! [X: B6,Y4: B6] :
( ( ord_less_eq @ B6 @ X @ Y4 )
=> ( ord_less_eq @ A @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq @ A @ A5 @ ( F @ C ) ) ) ) ) ) ).
% ord_eq_le_subst
thf(fact_60_order__subst2,axiom,
! [A: $tType,C3: $tType] :
( ( ( order @ C3 )
& ( order @ A ) )
=> ! [A5: A,B3: A,F: A > C3,C: C3] :
( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ( ord_less_eq @ C3 @ ( F @ B3 ) @ C )
=> ( ! [X: A,Y4: A] :
( ( ord_less_eq @ A @ X @ Y4 )
=> ( ord_less_eq @ C3 @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq @ C3 @ ( F @ A5 ) @ C ) ) ) ) ) ).
% order_subst2
thf(fact_61_order__subst1,axiom,
! [A: $tType,B6: $tType] :
( ( ( order @ B6 )
& ( order @ A ) )
=> ! [A5: A,F: B6 > A,B3: B6,C: B6] :
( ( ord_less_eq @ A @ A5 @ ( F @ B3 ) )
=> ( ( ord_less_eq @ B6 @ B3 @ C )
=> ( ! [X: B6,Y4: B6] :
( ( ord_less_eq @ B6 @ X @ Y4 )
=> ( ord_less_eq @ A @ ( F @ X ) @ ( F @ Y4 ) ) )
=> ( ord_less_eq @ A @ A5 @ ( F @ C ) ) ) ) ) ) ).
% order_subst1
thf(fact_62_le__fun__def,axiom,
! [B6: $tType,A: $tType] :
( ( ord @ B6 )
=> ( ( ord_less_eq @ ( A > B6 ) )
= ( ^ [F2: A > B6,G2: A > B6] :
! [X3: A] : ( ord_less_eq @ B6 @ ( F2 @ X3 ) @ ( G2 @ X3 ) ) ) ) ) ).
% le_fun_def
thf(fact_63_le__funI,axiom,
! [B6: $tType,A: $tType] :
( ( ord @ B6 )
=> ! [F: A > B6,G: A > B6] :
( ! [X: A] : ( ord_less_eq @ B6 @ ( F @ X ) @ ( G @ X ) )
=> ( ord_less_eq @ ( A > B6 ) @ F @ G ) ) ) ).
% le_funI
thf(fact_64_le__funE,axiom,
! [B6: $tType,A: $tType] :
( ( ord @ B6 )
=> ! [F: A > B6,G: A > B6,X2: A] :
( ( ord_less_eq @ ( A > B6 ) @ F @ G )
=> ( ord_less_eq @ B6 @ ( F @ X2 ) @ ( G @ X2 ) ) ) ) ).
% le_funE
thf(fact_65_le__funD,axiom,
! [B6: $tType,A: $tType] :
( ( ord @ B6 )
=> ! [F: A > B6,G: A > B6,X2: A] :
( ( ord_less_eq @ ( A > B6 ) @ F @ G )
=> ( ord_less_eq @ B6 @ ( F @ X2 ) @ ( G @ X2 ) ) ) ) ).
% le_funD
thf(fact_66_Collect__mono__iff,axiom,
! [A: $tType,P3: A > $o,Q2: A > $o] :
( ( ord_less_eq @ ( set @ A ) @ ( collect @ A @ P3 ) @ ( collect @ A @ Q2 ) )
= ( ! [X3: A] :
( ( P3 @ X3 )
=> ( Q2 @ X3 ) ) ) ) ).
% Collect_mono_iff
thf(fact_67_set__eq__subset,axiom,
! [A: $tType] :
( ( ^ [Y: set @ A,Z2: set @ A] : Y = Z2 )
= ( ^ [A4: set @ A,B2: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A4 @ B2 )
& ( ord_less_eq @ ( set @ A ) @ B2 @ A4 ) ) ) ) ).
% set_eq_subset
thf(fact_68_subset__trans,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C4: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( ord_less_eq @ ( set @ A ) @ B @ C4 )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ C4 ) ) ) ).
% subset_trans
thf(fact_69_Collect__mono,axiom,
! [A: $tType,P3: A > $o,Q2: A > $o] :
( ! [X: A] :
( ( P3 @ X )
=> ( Q2 @ X ) )
=> ( ord_less_eq @ ( set @ A ) @ ( collect @ A @ P3 ) @ ( collect @ A @ Q2 ) ) ) ).
% Collect_mono
thf(fact_70_subset__refl,axiom,
! [A: $tType,A2: set @ A] : ( ord_less_eq @ ( set @ A ) @ A2 @ A2 ) ).
% subset_refl
thf(fact_71_subset__iff,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B2: set @ A] :
! [T: A] :
( ( member @ A @ T @ A4 )
=> ( member @ A @ T @ B2 ) ) ) ) ).
% subset_iff
thf(fact_72_equalityD2,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( A2 = B )
=> ( ord_less_eq @ ( set @ A ) @ B @ A2 ) ) ).
% equalityD2
thf(fact_73_equalityD1,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( A2 = B )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ).
% equalityD1
thf(fact_74_subset__eq,axiom,
! [A: $tType] :
( ( ord_less_eq @ ( set @ A ) )
= ( ^ [A4: set @ A,B2: set @ A] :
! [X3: A] :
( ( member @ A @ X3 @ A4 )
=> ( member @ A @ X3 @ B2 ) ) ) ) ).
% subset_eq
thf(fact_75_equalityE,axiom,
! [A: $tType,A2: set @ A,B: set @ A] :
( ( A2 = B )
=> ~ ( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ~ ( ord_less_eq @ ( set @ A ) @ B @ A2 ) ) ) ).
% equalityE
thf(fact_76_subsetD,axiom,
! [A: $tType,A2: set @ A,B: set @ A,C: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( member @ A @ C @ A2 )
=> ( member @ A @ C @ B ) ) ) ).
% subsetD
thf(fact_77_in__mono,axiom,
! [A: $tType,A2: set @ A,B: set @ A,X2: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ( member @ A @ X2 @ A2 )
=> ( member @ A @ X2 @ B ) ) ) ).
% in_mono
thf(fact_78_Collect__subset,axiom,
! [A: $tType,A2: set @ A,P3: A > $o] :
( ord_less_eq @ ( set @ A )
@ ( collect @ A
@ ^ [X3: A] :
( ( member @ A @ X3 @ A2 )
& ( P3 @ X3 ) ) )
@ A2 ) ).
% Collect_subset
thf(fact_79_flpSystem_OInactiveProcessSilentDecisionValuesDecrease,axiom,
! [P: $tType,V: $tType,S: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,P2: P,Q: P,Trans: P > S > ( messageValue @ V ) > S,C: configuration_ext @ P @ V @ S @ product_unit,Msg: message @ P @ V,C2: configuration_ext @ P @ V @ S @ product_unit,Start: P > S] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ( P2 != Q )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf @ P @ V @ P2 @ Msg )
=> ( ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C )
=> ( ord_less_eq @ ( set @ $o )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ Q @ C2 ) )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ Q @ C ) ) ) ) ) ) ) ) ).
% flpSystem.InactiveProcessSilentDecisionValuesDecrease
thf(fact_80_flpSystem_OActiveProcessSilentDecisionValuesIncrease,axiom,
! [P: $tType,V: $tType,S: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,P2: P,Q: P,Trans: P > S > ( messageValue @ V ) > S,C: configuration_ext @ P @ V @ S @ product_unit,Msg: message @ P @ V,C2: configuration_ext @ P @ V @ S @ product_unit,Start: P > S] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ( P2 = Q )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf @ P @ V @ P2 @ Msg )
=> ( ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C )
=> ( ord_less_eq @ ( set @ $o )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ Q @ C ) )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ Q @ C2 ) ) ) ) ) ) ) ) ).
% flpSystem.ActiveProcessSilentDecisionValuesIncrease
thf(fact_81_NotStepReachable,axiom,
~ ( stepReachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ msg @ c ) ).
% NotStepReachable
thf(fact_82_cMsgLastReachable,axiom,
reachable @ p @ s @ v @ trans @ sends @ cMsg @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ execMsga ) ).
% cMsgLastReachable
thf(fact_83_NoReceivingNoChange,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,M: message @ p @ v,Cfg2: configuration_ext @ p @ v @ s @ product_unit,P2: p] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ~ ( isReceiverOf @ p @ v @ P2 @ M )
=> ( ( states @ p @ v @ s @ product_unit @ Cfg1 @ P2 )
= ( states @ p @ v @ s @ product_unit @ Cfg2 @ P2 ) ) ) ) ).
% NoReceivingNoChange
thf(fact_84_initReachable__def,axiom,
! [Cfg: configuration_ext @ p @ v @ s @ product_unit] :
( ( initReachable @ p @ s @ v @ trans @ sends @ start @ Cfg )
= ( ? [Cfg0: configuration_ext @ p @ v @ s @ product_unit] :
( ( initial @ p @ s @ v @ start @ Cfg0 )
& ( reachable @ p @ s @ v @ trans @ sends @ Cfg0 @ Cfg ) ) ) ) ).
% initReachable_def
thf(fact_85_ReachableStepFirst,axiom,
! [Cfg: configuration_ext @ p @ v @ s @ product_unit,Cfg4: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ Cfg @ Cfg4 )
=> ( ( Cfg = Cfg4 )
| ? [Cfg12: configuration_ext @ p @ v @ s @ product_unit,Msg3: message @ p @ v,P4: p] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg @ Msg3 @ Cfg12 )
& ( enabled @ p @ v @ s @ Cfg @ Msg3 )
& ( isReceiverOf @ p @ v @ P4 @ Msg3 )
& ( reachable @ p @ s @ v @ trans @ sends @ Cfg12 @ Cfg4 ) ) ) ) ).
% ReachableStepFirst
thf(fact_86_NotInQFrozenQReachability,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p,Cfg2: configuration_ext @ p @ v @ s @ product_unit,P2: p] :
( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member @ p @ P2 @ Q2 )
=> ( ( states @ p @ v @ s @ product_unit @ Cfg1 @ P2 )
= ( states @ p @ v @ s @ product_unit @ Cfg2 @ P2 ) ) ) ) ).
% NotInQFrozenQReachability
thf(fact_87_C_H_I2_J,axiom,
( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ p2 @ c ) )
= ( insert @ $o @ $true @ ( insert @ $o @ $false @ ( bot_bot @ ( set @ $o ) ) ) ) ) ).
% C'(2)
thf(fact_88_NoActivityNoMessageLoss,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p,Cfg2: configuration_ext @ p @ v @ s @ product_unit,P2: p,M2: message @ p @ v] :
( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member @ p @ P2 @ Q2 )
=> ( ( isReceiverOf @ p @ v @ P2 @ M2 )
=> ( ord_less_eq @ nat @ ( msgs @ p @ v @ s @ product_unit @ Cfg1 @ M2 ) @ ( msgs @ p @ v @ s @ product_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% NoActivityNoMessageLoss
thf(fact_89_ReachableTrans,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Cfg2: configuration_ext @ p @ v @ s @ product_unit,Cfg32: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg2 )
=> ( ( reachable @ p @ s @ v @ trans @ sends @ Cfg2 @ Cfg32 )
=> ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg32 ) ) ) ).
% ReachableTrans
thf(fact_90_init,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit] : ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg1 ) ).
% init
thf(fact_91_bot__apply,axiom,
! [C3: $tType,D: $tType] :
( ( bot @ C3 )
=> ( ( bot_bot @ ( D > C3 ) )
= ( ^ [X3: D] : ( bot_bot @ C3 ) ) ) ) ).
% bot_apply
thf(fact_92_empty__iff,axiom,
! [A: $tType,C: A] :
~ ( member @ A @ C @ ( bot_bot @ ( set @ A ) ) ) ).
% empty_iff
thf(fact_93_all__not__in__conv,axiom,
! [A: $tType,A2: set @ A] :
( ( ! [X3: A] :
~ ( member @ A @ X3 @ A2 ) )
= ( A2
= ( bot_bot @ ( set @ A ) ) ) ) ).
% all_not_in_conv
thf(fact_94_Collect__empty__eq,axiom,
! [A: $tType,P3: A > $o] :
( ( ( collect @ A @ P3 )
= ( bot_bot @ ( set @ A ) ) )
= ( ! [X3: A] :
~ ( P3 @ X3 ) ) ) ).
% Collect_empty_eq
thf(fact_95_empty__Collect__eq,axiom,
! [A: $tType,P3: A > $o] :
( ( ( bot_bot @ ( set @ A ) )
= ( collect @ A @ P3 ) )
= ( ! [X3: A] :
~ ( P3 @ X3 ) ) ) ).
% empty_Collect_eq
thf(fact_96_insertCI,axiom,
! [A: $tType,A5: A,B: set @ A,B3: A] :
( ( ~ ( member @ A @ A5 @ B )
=> ( A5 = B3 ) )
=> ( member @ A @ A5 @ ( insert @ A @ B3 @ B ) ) ) ).
% insertCI
thf(fact_97_insert__iff,axiom,
! [A: $tType,A5: A,B3: A,A2: set @ A] :
( ( member @ A @ A5 @ ( insert @ A @ B3 @ A2 ) )
= ( ( A5 = B3 )
| ( member @ A @ A5 @ A2 ) ) ) ).
% insert_iff
thf(fact_98_insert__absorb2,axiom,
! [A: $tType,X2: A,A2: set @ A] :
( ( insert @ A @ X2 @ ( insert @ A @ X2 @ A2 ) )
= ( insert @ A @ X2 @ A2 ) ) ).
% insert_absorb2
thf(fact_99_C_H_I1_J,axiom,
reachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ c ).
% C'(1)
thf(fact_100_predicate1I,axiom,
! [A: $tType,P3: A > $o,Q2: A > $o] :
( ! [X: A] :
( ( P3 @ X )
=> ( Q2 @ X ) )
=> ( ord_less_eq @ ( A > $o ) @ P3 @ Q2 ) ) ).
% predicate1I
thf(fact_101_reachable_Ocases,axiom,
! [A1: configuration_ext @ p @ v @ s @ product_unit,A22: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ A1 @ A22 )
=> ( ( A22 != A1 )
=> ~ ! [Cfg23: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ A1 @ Cfg23 )
=> ! [Msg3: message @ p @ v] :
~ ( steps @ p @ s @ v @ trans @ sends @ Cfg23 @ Msg3 @ A22 ) ) ) ) ).
% reachable.cases
thf(fact_102_reachable_Oinducts,axiom,
! [X1: configuration_ext @ p @ v @ s @ product_unit,X22: configuration_ext @ p @ v @ s @ product_unit,P3: ( configuration_ext @ p @ v @ s @ product_unit ) > ( configuration_ext @ p @ v @ s @ product_unit ) > $o] :
( ( reachable @ p @ s @ v @ trans @ sends @ X1 @ X22 )
=> ( ! [Cfg12: configuration_ext @ p @ v @ s @ product_unit] : ( P3 @ Cfg12 @ Cfg12 )
=> ( ! [Cfg12: configuration_ext @ p @ v @ s @ product_unit,Cfg23: configuration_ext @ p @ v @ s @ product_unit,Msg3: message @ p @ v,Cfg33: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ Cfg12 @ Cfg23 )
=> ( ( P3 @ Cfg12 @ Cfg23 )
=> ( ( steps @ p @ s @ v @ trans @ sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( P3 @ Cfg12 @ Cfg33 ) ) ) )
=> ( P3 @ X1 @ X22 ) ) ) ) ).
% reachable.inducts
thf(fact_103_reachable_Osimps,axiom,
! [A1: configuration_ext @ p @ v @ s @ product_unit,A22: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ A1 @ A22 )
= ( ? [Cfg13: configuration_ext @ p @ v @ s @ product_unit] :
( ( A1 = Cfg13 )
& ( A22 = Cfg13 ) )
| ? [Cfg13: configuration_ext @ p @ v @ s @ product_unit,Cfg22: configuration_ext @ p @ v @ s @ product_unit,Msg2: message @ p @ v,Cfg34: configuration_ext @ p @ v @ s @ product_unit] :
( ( A1 = Cfg13 )
& ( A22 = Cfg34 )
& ( reachable @ p @ s @ v @ trans @ sends @ Cfg13 @ Cfg22 )
& ( steps @ p @ s @ v @ trans @ sends @ Cfg22 @ Msg2 @ Cfg34 ) ) ) ) ).
% reachable.simps
thf(fact_104_reachable_Ostep,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Cfg2: configuration_ext @ p @ v @ s @ product_unit,Msg: message @ p @ v,Cfg32: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg2 )
=> ( ( steps @ p @ s @ v @ trans @ sends @ Cfg2 @ Msg @ Cfg32 )
=> ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg32 ) ) ) ).
% reachable.step
thf(fact_105_QReachImplReach,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p,Cfg2: configuration_ext @ p @ v @ s @ product_unit] :
( ( qReachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg2 ) ) ).
% QReachImplReach
thf(fact_106_isPrefixListExec,axiom,
prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec @ execMsga ).
% isPrefixListExec
thf(fact_107_OtherMessagesOnlyGrowing,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,M: message @ p @ v,Cfg2: configuration_ext @ p @ v @ s @ product_unit,M2: message @ p @ v] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ( M != M2 )
=> ( ord_less_eq @ nat @ ( msgs @ p @ v @ s @ product_unit @ Cfg1 @ M2 ) @ ( msgs @ p @ v @ s @ product_unit @ Cfg2 @ M2 ) ) ) ) ).
% OtherMessagesOnlyGrowing
thf(fact_108_stepReachable__def,axiom,
! [C1: configuration_ext @ p @ v @ s @ product_unit,Msg: message @ p @ v,C22: configuration_ext @ p @ v @ s @ product_unit] :
( ( stepReachable @ p @ s @ v @ trans @ sends @ C1 @ Msg @ C22 )
= ( ? [C5: configuration_ext @ p @ v @ s @ product_unit,C6: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ C1 @ C5 )
& ( steps @ p @ s @ v @ trans @ sends @ C5 @ Msg @ C6 )
& ( reachable @ p @ s @ v @ trans @ sends @ C6 @ C22 ) ) ) ) ).
% stepReachable_def
thf(fact_109_StepReachable,axiom,
! [Cfg: configuration_ext @ p @ v @ s @ product_unit,Cfg4: configuration_ext @ p @ v @ s @ product_unit,Msg: message @ p @ v] :
( ( reachable @ p @ s @ v @ trans @ sends @ Cfg @ Cfg4 )
=> ( ( enabled @ p @ v @ s @ Cfg @ Msg )
=> ( ~ ( enabled @ p @ v @ s @ Cfg4 @ Msg )
=> ( stepReachable @ p @ s @ v @ trans @ sends @ Cfg @ Msg @ Cfg4 ) ) ) ) ).
% StepReachable
thf(fact_110_NoMessageLossStep,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,M: message @ p @ v,Cfg2: configuration_ext @ p @ v @ s @ product_unit,P2: p,M2: message @ p @ v] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ( isReceiverOf @ p @ v @ P2 @ M )
=> ( ~ ( isReceiverOf @ p @ v @ P2 @ M2 )
=> ( ord_less_eq @ nat @ ( msgs @ p @ v @ s @ product_unit @ Cfg1 @ M2 ) @ ( msgs @ p @ v @ s @ product_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% NoMessageLossStep
thf(fact_111_subset__empty,axiom,
! [A: $tType,A2: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ ( bot_bot @ ( set @ A ) ) )
= ( A2
= ( bot_bot @ ( set @ A ) ) ) ) ).
% subset_empty
thf(fact_112_empty__subsetI,axiom,
! [A: $tType,A2: set @ A] : ( ord_less_eq @ ( set @ A ) @ ( bot_bot @ ( set @ A ) ) @ A2 ) ).
% empty_subsetI
thf(fact_113_singletonI,axiom,
! [A: $tType,A5: A] : ( member @ A @ A5 @ ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) ).
% singletonI
thf(fact_114_insert__subset,axiom,
! [A: $tType,X2: A,A2: set @ A,B: set @ A] :
( ( ord_less_eq @ ( set @ A ) @ ( insert @ A @ X2 @ A2 ) @ B )
= ( ( member @ A @ X2 @ B )
& ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ) ).
% insert_subset
thf(fact_115_ExecMsg_I2_J,axiom,
prefixList @ ( message @ p @ v ) @ trace2 @ traceMsga ).
% ExecMsg(2)
thf(fact_116_lastExecExec_HReachable,axiom,
reachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) ).
% lastExecExec'Reachable
thf(fact_117_singleton__conv,axiom,
! [A: $tType,A5: A] :
( ( collect @ A
@ ^ [X3: A] : X3 = A5 )
= ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) ).
% singleton_conv
thf(fact_118_singleton__conv2,axiom,
! [A: $tType,A5: A] :
( ( collect @ A
@ ( ^ [Y: A,Z2: A] : Y = Z2
@ A5 ) )
= ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) ).
% singleton_conv2
thf(fact_119_ExecIsExecution,axiom,
execution @ p @ s @ v @ trans @ sends @ start @ exec @ trace ).
% ExecIsExecution
thf(fact_120_vUniform__def,axiom,
! [V3: $o,C: configuration_ext @ p @ v @ s @ product_unit] :
( ( vUniform @ p @ s @ v @ trans @ sends @ start @ V3 @ C )
= ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
& ! [P5: p] :
( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ P5 @ C ) )
= ( insert @ $o @ V3 @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ).
% vUniform_def
thf(fact_121_singleton__insert__inj__eq_H,axiom,
! [A: $tType,A5: A,A2: set @ A,B3: A] :
( ( ( insert @ A @ A5 @ A2 )
= ( insert @ A @ B3 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( A5 = B3 )
& ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ B3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% singleton_insert_inj_eq'
thf(fact_122_singleton__insert__inj__eq,axiom,
! [A: $tType,B3: A,A5: A,A2: set @ A] :
( ( ( insert @ A @ B3 @ ( bot_bot @ ( set @ A ) ) )
= ( insert @ A @ A5 @ A2 ) )
= ( ( A5 = B3 )
& ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ B3 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% singleton_insert_inj_eq
thf(fact_123_ExecMsg_I4_J,axiom,
( ( last @ ( message @ p @ v ) @ traceMsga )
= msg ) ).
% ExecMsg(4)
thf(fact_124_isStepReachable,axiom,
stepReachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ msg @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ execMsga ) ).
% isStepReachable
thf(fact_125_SilentDecisionValueNotInverting,axiom,
! [Q: p,C: configuration_ext @ p @ v @ s @ product_unit,V3: $o,Msg: message @ p @ v,C2: configuration_ext @ p @ v @ s @ product_unit,P2: p] :
( ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ Q @ C ) )
= ( insert @ $o @ V3 @ ( bot_bot @ ( set @ $o ) ) ) )
=> ( ( steps @ p @ s @ v @ trans @ sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf @ p @ v @ P2 @ Msg )
=> ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
=> ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ Q @ C2 ) )
!= ( insert @ $o @ ~ V3 @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ) ) ).
% SilentDecisionValueNotInverting
thf(fact_126__092_060open_062_092_060And_062p_O_A_092_060exists_062c_H_O_Areachable_A_Ilast_Aexec_J_Ac_H_A_092_060and_062_Aval_091p_Mc_H_093_A_061_A_123True_M_AFalse_125_092_060close_062,axiom,
! [P2: p] :
? [C7: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ C7 )
& ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ P2 @ C7 ) )
= ( insert @ $o @ $true @ ( insert @ $o @ $false @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ).
% \<open>\<And>p. \<exists>c'. reachable (last exec) c' \<and> val[p,c'] = {True, False}\<close>
thf(fact_127__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062c_H_O_A_092_060lbrakk_062reachable_A_Ilast_Aexec_J_Ac_H_059_Aval_091p_Mc_H_093_A_061_A_123True_M_AFalse_125_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [C7: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ C7 )
=> ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ p2 @ C7 ) )
!= ( insert @ $o @ $true @ ( insert @ $o @ $false @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ).
% \<open>\<And>thesis. (\<And>c'. \<lbrakk>reachable (last exec) c'; val[p,c'] = {True, False}\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_128_Agree,axiom,
! [Cfg: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec ) @ Cfg )
=> ( agreement @ p @ v @ s @ Cfg ) ) ).
% Agree
thf(fact_129_emptyE,axiom,
! [A: $tType,A5: A] :
~ ( member @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ).
% emptyE
thf(fact_130_insertE,axiom,
! [A: $tType,A5: A,B3: A,A2: set @ A] :
( ( member @ A @ A5 @ ( insert @ A @ B3 @ A2 ) )
=> ( ( A5 != B3 )
=> ( member @ A @ A5 @ A2 ) ) ) ).
% insertE
thf(fact_131_equals0D,axiom,
! [A: $tType,A2: set @ A,A5: A] :
( ( A2
= ( bot_bot @ ( set @ A ) ) )
=> ~ ( member @ A @ A5 @ A2 ) ) ).
% equals0D
thf(fact_132_equals0I,axiom,
! [A: $tType,A2: set @ A] :
( ! [Y4: A] :
~ ( member @ A @ Y4 @ A2 )
=> ( A2
= ( bot_bot @ ( set @ A ) ) ) ) ).
% equals0I
thf(fact_133_insertI1,axiom,
! [A: $tType,A5: A,B: set @ A] : ( member @ A @ A5 @ ( insert @ A @ A5 @ B ) ) ).
% insertI1
thf(fact_134_insertI2,axiom,
! [A: $tType,A5: A,B: set @ A,B3: A] :
( ( member @ A @ A5 @ B )
=> ( member @ A @ A5 @ ( insert @ A @ B3 @ B ) ) ) ).
% insertI2
thf(fact_135_ex__in__conv,axiom,
! [A: $tType,A2: set @ A] :
( ( ? [X3: A] : ( member @ A @ X3 @ A2 ) )
= ( A2
!= ( bot_bot @ ( set @ A ) ) ) ) ).
% ex_in_conv
thf(fact_136_Set_Oset__insert,axiom,
! [A: $tType,X2: A,A2: set @ A] :
( ( member @ A @ X2 @ A2 )
=> ~ ! [B7: set @ A] :
( ( A2
= ( insert @ A @ X2 @ B7 ) )
=> ( member @ A @ X2 @ B7 ) ) ) ).
% Set.set_insert
thf(fact_137_singletonD,axiom,
! [A: $tType,B3: A,A5: A] :
( ( member @ A @ B3 @ ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( B3 = A5 ) ) ).
% singletonD
thf(fact_138_insert__ident,axiom,
! [A: $tType,X2: A,A2: set @ A,B: set @ A] :
( ~ ( member @ A @ X2 @ A2 )
=> ( ~ ( member @ A @ X2 @ B )
=> ( ( ( insert @ A @ X2 @ A2 )
= ( insert @ A @ X2 @ B ) )
= ( A2 = B ) ) ) ) ).
% insert_ident
thf(fact_139_insert__absorb,axiom,
! [A: $tType,A5: A,A2: set @ A] :
( ( member @ A @ A5 @ A2 )
=> ( ( insert @ A @ A5 @ A2 )
= A2 ) ) ).
% insert_absorb
thf(fact_140_insert__eq__iff,axiom,
! [A: $tType,A5: A,A2: set @ A,B3: A,B: set @ A] :
( ~ ( member @ A @ A5 @ A2 )
=> ( ~ ( member @ A @ B3 @ B )
=> ( ( ( insert @ A @ A5 @ A2 )
= ( insert @ A @ B3 @ B ) )
= ( ( ( A5 = B3 )
=> ( A2 = B ) )
& ( ( A5 != B3 )
=> ? [C8: set @ A] :
( ( A2
= ( insert @ A @ B3 @ C8 ) )
& ~ ( member @ A @ B3 @ C8 )
& ( B
= ( insert @ A @ A5 @ C8 ) )
& ~ ( member @ A @ A5 @ C8 ) ) ) ) ) ) ) ).
% insert_eq_iff
thf(fact_141_singleton__iff,axiom,
! [A: $tType,B3: A,A5: A] :
( ( member @ A @ B3 @ ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) )
= ( B3 = A5 ) ) ).
% singleton_iff
thf(fact_142_insert__commute,axiom,
! [A: $tType,X2: A,Y2: A,A2: set @ A] :
( ( insert @ A @ X2 @ ( insert @ A @ Y2 @ A2 ) )
= ( insert @ A @ Y2 @ ( insert @ A @ X2 @ A2 ) ) ) ).
% insert_commute
thf(fact_143_Collect__conv__if,axiom,
! [A: $tType,P3: A > $o,A5: A] :
( ( ( P3 @ A5 )
=> ( ( collect @ A
@ ^ [X3: A] :
( ( X3 = A5 )
& ( P3 @ X3 ) ) )
= ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) )
& ( ~ ( P3 @ A5 )
=> ( ( collect @ A
@ ^ [X3: A] :
( ( X3 = A5 )
& ( P3 @ X3 ) ) )
= ( bot_bot @ ( set @ A ) ) ) ) ) ).
% Collect_conv_if
thf(fact_144_Collect__conv__if2,axiom,
! [A: $tType,P3: A > $o,A5: A] :
( ( ( P3 @ A5 )
=> ( ( collect @ A
@ ^ [X3: A] :
( ( A5 = X3 )
& ( P3 @ X3 ) ) )
= ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) )
& ( ~ ( P3 @ A5 )
=> ( ( collect @ A
@ ^ [X3: A] :
( ( A5 = X3 )
& ( P3 @ X3 ) ) )
= ( bot_bot @ ( set @ A ) ) ) ) ) ).
% Collect_conv_if2
thf(fact_145_doubleton__eq__iff,axiom,
! [A: $tType,A5: A,B3: A,C: A,D2: A] :
( ( ( insert @ A @ A5 @ ( insert @ A @ B3 @ ( bot_bot @ ( set @ A ) ) ) )
= ( insert @ A @ C @ ( insert @ A @ D2 @ ( bot_bot @ ( set @ A ) ) ) ) )
= ( ( ( A5 = C )
& ( B3 = D2 ) )
| ( ( A5 = D2 )
& ( B3 = C ) ) ) ) ).
% doubleton_eq_iff
thf(fact_146_insert__not__empty,axiom,
! [A: $tType,A5: A,A2: set @ A] :
( ( insert @ A @ A5 @ A2 )
!= ( bot_bot @ ( set @ A ) ) ) ).
% insert_not_empty
thf(fact_147_singleton__inject,axiom,
! [A: $tType,A5: A,B3: A] :
( ( ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) )
= ( insert @ A @ B3 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( A5 = B3 ) ) ).
% singleton_inject
thf(fact_148_bot__fun__def,axiom,
! [B6: $tType,A: $tType] :
( ( bot @ B6 )
=> ( ( bot_bot @ ( A > B6 ) )
= ( ^ [X3: A] : ( bot_bot @ B6 ) ) ) ) ).
% bot_fun_def
thf(fact_149_predicate1D,axiom,
! [A: $tType,P3: A > $o,Q2: A > $o,X2: A] :
( ( ord_less_eq @ ( A > $o ) @ P3 @ Q2 )
=> ( ( P3 @ X2 )
=> ( Q2 @ X2 ) ) ) ).
% predicate1D
thf(fact_150_subset__singletonD,axiom,
! [A: $tType,A2: set @ A,X2: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ X2 @ ( bot_bot @ ( set @ A ) ) ) )
=> ( ( A2
= ( bot_bot @ ( set @ A ) ) )
| ( A2
= ( insert @ A @ X2 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% subset_singletonD
thf(fact_151_mk__disjoint__insert,axiom,
! [A: $tType,A5: A,A2: set @ A] :
( ( member @ A @ A5 @ A2 )
=> ? [B7: set @ A] :
( ( A2
= ( insert @ A @ A5 @ B7 ) )
& ~ ( member @ A @ A5 @ B7 ) ) ) ).
% mk_disjoint_insert
thf(fact_152_subset__singleton__iff,axiom,
! [A: $tType,X5: set @ A,A5: A] :
( ( ord_less_eq @ ( set @ A ) @ X5 @ ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) )
= ( ( X5
= ( bot_bot @ ( set @ A ) ) )
| ( X5
= ( insert @ A @ A5 @ ( bot_bot @ ( set @ A ) ) ) ) ) ) ).
% subset_singleton_iff
thf(fact_153_rev__predicate1D,axiom,
! [A: $tType,P3: A > $o,X2: A,Q2: A > $o] :
( ( P3 @ X2 )
=> ( ( ord_less_eq @ ( A > $o ) @ P3 @ Q2 )
=> ( Q2 @ X2 ) ) ) ).
% rev_predicate1D
thf(fact_154_insert__Collect,axiom,
! [A: $tType,A5: A,P3: A > $o] :
( ( insert @ A @ A5 @ ( collect @ A @ P3 ) )
= ( collect @ A
@ ^ [U: A] :
( ( U != A5 )
=> ( P3 @ U ) ) ) ) ).
% insert_Collect
thf(fact_155_insert__compr,axiom,
! [A: $tType] :
( ( insert @ A )
= ( ^ [A6: A,B2: set @ A] :
( collect @ A
@ ^ [X3: A] :
( ( X3 = A6 )
| ( member @ A @ X3 @ B2 ) ) ) ) ) ).
% insert_compr
thf(fact_156_empty__def,axiom,
! [A: $tType] :
( ( bot_bot @ ( set @ A ) )
= ( collect @ A
@ ^ [X3: A] : $false ) ) ).
% empty_def
thf(fact_157_bot_Oextremum,axiom,
! [A: $tType] :
( ( order_bot @ A )
=> ! [A5: A] : ( ord_less_eq @ A @ ( bot_bot @ A ) @ A5 ) ) ).
% bot.extremum
thf(fact_158_bot_Oextremum__unique,axiom,
! [A: $tType] :
( ( order_bot @ A )
=> ! [A5: A] :
( ( ord_less_eq @ A @ A5 @ ( bot_bot @ A ) )
= ( A5
= ( bot_bot @ A ) ) ) ) ).
% bot.extremum_unique
thf(fact_159_bot_Oextremum__uniqueI,axiom,
! [A: $tType] :
( ( order_bot @ A )
=> ! [A5: A] :
( ( ord_less_eq @ A @ A5 @ ( bot_bot @ A ) )
=> ( A5
= ( bot_bot @ A ) ) ) ) ).
% bot.extremum_uniqueI
thf(fact_160_insert__mono,axiom,
! [A: $tType,C4: set @ A,D3: set @ A,A5: A] :
( ( ord_less_eq @ ( set @ A ) @ C4 @ D3 )
=> ( ord_less_eq @ ( set @ A ) @ ( insert @ A @ A5 @ C4 ) @ ( insert @ A @ A5 @ D3 ) ) ) ).
% insert_mono
thf(fact_161_subset__insert,axiom,
! [A: $tType,X2: A,A2: set @ A,B: set @ A] :
( ~ ( member @ A @ X2 @ A2 )
=> ( ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ X2 @ B ) )
= ( ord_less_eq @ ( set @ A ) @ A2 @ B ) ) ) ).
% subset_insert
thf(fact_162_subset__insertI,axiom,
! [A: $tType,B: set @ A,A5: A] : ( ord_less_eq @ ( set @ A ) @ B @ ( insert @ A @ A5 @ B ) ) ).
% subset_insertI
thf(fact_163_subset__insertI2,axiom,
! [A: $tType,A2: set @ A,B: set @ A,B3: A] :
( ( ord_less_eq @ ( set @ A ) @ A2 @ B )
=> ( ord_less_eq @ ( set @ A ) @ A2 @ ( insert @ A @ B3 @ B ) ) ) ).
% subset_insertI2
thf(fact_164_flpSystem_OvUniform__def,axiom,
! [V: $tType,S: $tType,P: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Trans: P > S > ( messageValue @ V ) > S,Start: P > S,V3: $o,C: configuration_ext @ P @ V @ S @ product_unit] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ( vUniform @ P @ S @ V @ Trans @ Sends @ Start @ V3 @ C )
= ( ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C )
& ! [P5: P] :
( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ P5 @ C ) )
= ( insert @ $o @ V3 @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ) ).
% flpSystem.vUniform_def
thf(fact_165_flpSystem_OSilentDecisionValueNotInverting,axiom,
! [S: $tType,V: $tType,P: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Trans: P > S > ( messageValue @ V ) > S,Start: P > S,Q: P,C: configuration_ext @ P @ V @ S @ product_unit,V3: $o,Msg: message @ P @ V,C2: configuration_ext @ P @ V @ S @ product_unit,P2: P] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ Q @ C ) )
= ( insert @ $o @ V3 @ ( bot_bot @ ( set @ $o ) ) ) )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ C @ Msg @ C2 )
=> ( ( isReceiverOf @ P @ V @ P2 @ Msg )
=> ( ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C )
=> ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ Q @ C2 ) )
!= ( insert @ $o @ ~ V3 @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ) ) ) ).
% flpSystem.SilentDecisionValueNotInverting
thf(fact_166_flpSystem_OpSilDecVal_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( pSilDecVal @ P @ S @ V )
= ( pSilDecVal @ P @ S @ V ) ) ).
% flpSystem.pSilDecVal.cong
thf(fact_167_flpSystem_OvUniform_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( vUniform @ P @ S @ V )
= ( vUniform @ P @ S @ V ) ) ).
% flpSystem.vUniform.cong
thf(fact_168_flpSystem_OagreementInit_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( agreementInit @ P @ S @ V )
= ( agreementInit @ P @ S @ V ) ) ).
% flpSystem.agreementInit.cong
thf(fact_169_expandExecutionReachable,axiom,
! [CfgLast: configuration_ext @ p @ v @ s @ product_unit,Cfg: configuration_ext @ p @ v @ s @ product_unit,Exec: list @ ( configuration_ext @ p @ v @ s @ product_unit ),Trace: list @ ( message @ p @ v )] :
( ( reachable @ p @ s @ v @ trans @ sends @ CfgLast @ Cfg )
=> ( ( execution @ p @ s @ v @ trans @ sends @ start @ Exec @ Trace )
=> ( ( CfgLast
= ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec ) )
=> ? [Exec2: list @ ( configuration_ext @ p @ v @ s @ product_unit ),Trace2: list @ ( message @ p @ v )] :
( ( execution @ p @ s @ v @ trans @ sends @ start @ Exec2 @ Trace2 )
& ( ( ( prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec @ Exec2 )
& ( prefixList @ ( message @ p @ v ) @ Trace @ Trace2 ) )
| ( ( Exec = Exec2 )
& ( Trace = Trace2 ) ) )
& ( ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec2 )
= Cfg ) ) ) ) ) ).
% expandExecutionReachable
thf(fact_170_NewExec_I2_J,axiom,
( ( ( prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec @ exec2 )
& ( prefixList @ ( message @ p @ v ) @ trace @ trace2 ) )
| ( ( exec = exec2 )
& ( trace = trace2 ) ) ) ).
% NewExec(2)
thf(fact_171_NoOutMessageLoss,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,Cfg2: configuration_ext @ p @ v @ s @ product_unit,V3: $o] :
( ( reachable @ p @ s @ v @ trans @ sends @ Cfg1 @ Cfg2 )
=> ( ord_less_eq @ nat @ ( msgs @ p @ v @ s @ product_unit @ Cfg1 @ ( outMsg @ p @ v @ V3 ) ) @ ( msgs @ p @ v @ s @ product_unit @ Cfg2 @ ( outMsg @ p @ v @ V3 ) ) ) ) ).
% NoOutMessageLoss
thf(fact_172_asynchronousSystem_OReachableStepFirst,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg: configuration_ext @ P @ V @ S @ product_unit,Cfg4: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg @ Cfg4 )
=> ( ( Cfg = Cfg4 )
| ? [Cfg12: configuration_ext @ P @ V @ S @ product_unit,Msg3: message @ P @ V,P4: P] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg @ Msg3 @ Cfg12 )
& ( enabled @ P @ V @ S @ Cfg @ Msg3 )
& ( isReceiverOf @ P @ V @ P4 @ Msg3 )
& ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg12 @ Cfg4 ) ) ) ) ).
% asynchronousSystem.ReachableStepFirst
thf(fact_173_asynchronousSystem_ONoActivityNoMessageLoss,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P,Cfg2: configuration_ext @ P @ V @ S @ product_unit,P2: P,M2: message @ P @ V] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member @ P @ P2 @ Q2 )
=> ( ( isReceiverOf @ P @ V @ P2 @ M2 )
=> ( ord_less_eq @ nat @ ( msgs @ P @ V @ S @ product_unit @ Cfg1 @ M2 ) @ ( msgs @ P @ V @ S @ product_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% asynchronousSystem.NoActivityNoMessageLoss
thf(fact_174_asynchronousSystem_ONoMessageLossStep,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,M: message @ P @ V,Cfg2: configuration_ext @ P @ V @ S @ product_unit,P2: P,M2: message @ P @ V] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ( isReceiverOf @ P @ V @ P2 @ M )
=> ( ~ ( isReceiverOf @ P @ V @ P2 @ M2 )
=> ( ord_less_eq @ nat @ ( msgs @ P @ V @ S @ product_unit @ Cfg1 @ M2 ) @ ( msgs @ P @ V @ S @ product_unit @ Cfg2 @ M2 ) ) ) ) ) ).
% asynchronousSystem.NoMessageLossStep
thf(fact_175_message_Oinject_I2_J,axiom,
! [V: $tType,P: $tType,X22: $o,Y22: $o] :
( ( ( outMsg @ P @ V @ X22 )
= ( outMsg @ P @ V @ Y22 ) )
= ( X22 = Y22 ) ) ).
% message.inject(2)
thf(fact_176_StepOutMsg,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,V3: $o,Cfg2: configuration_ext @ p @ v @ s @ product_unit] :
~ ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ ( outMsg @ p @ v @ V3 ) @ Cfg2 ) ).
% StepOutMsg
thf(fact_177_isPrefixListTrace,axiom,
prefixList @ ( message @ p @ v ) @ trace @ traceMsga ).
% isPrefixListTrace
thf(fact_178_expandExecutionStep,axiom,
! [Exec3: list @ ( configuration_ext @ p @ v @ s @ product_unit ),Msg: message @ p @ v,CMsg2: configuration_ext @ p @ v @ s @ product_unit,Trace3: list @ ( message @ p @ v )] :
( ( steps @ p @ s @ v @ trans @ sends @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec3 ) @ Msg @ CMsg2 )
=> ( ( execution @ p @ s @ v @ trans @ sends @ start @ Exec3 @ Trace3 )
=> ? [Exec4: list @ ( configuration_ext @ p @ v @ s @ product_unit ),Trace4: list @ ( message @ p @ v )] :
( ( execution @ p @ s @ v @ trans @ sends @ start @ Exec4 @ Trace4 )
& ( prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec3 @ Exec4 )
& ( prefixList @ ( message @ p @ v ) @ Trace3 @ Trace4 )
& ( ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec4 )
= CMsg2 )
& ( ( last @ ( message @ p @ v ) @ Trace4 )
= Msg ) ) ) ) ).
% expandExecutionStep
thf(fact_179__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062exec_H_Atrace_H_O_A_092_060lbrakk_062execution_Atrans_Asends_Astart_Aexec_H_Atrace_H_059_AprefixList_Aexec_Aexec_H_A_092_060and_062_AprefixList_Atrace_Atrace_H_A_092_060or_062_Aexec_A_061_Aexec_H_A_092_060and_062_Atrace_A_061_Atrace_H_059_Alast_Aexec_H_A_061_Ac_H_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [Exec2: list @ ( configuration_ext @ p @ v @ s @ product_unit ),Trace2: list @ ( message @ p @ v )] :
( ( execution @ p @ s @ v @ trans @ sends @ start @ Exec2 @ Trace2 )
=> ( ( ( ( prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec @ Exec2 )
& ( prefixList @ ( message @ p @ v ) @ trace @ Trace2 ) )
| ( ( exec = Exec2 )
& ( trace = Trace2 ) ) )
=> ( ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ Exec2 )
!= c ) ) ) ).
% \<open>\<And>thesis. (\<And>exec' trace'. \<lbrakk>execution trans sends start exec' trace'; prefixList exec exec' \<and> prefixList trace trace' \<or> exec = exec' \<and> trace = trace'; last exec' = c'\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_180__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062execMsg_AtraceMsg_O_A_092_060lbrakk_062execution_Atrans_Asends_Astart_AexecMsg_AtraceMsg_059_AprefixList_Aexec_H_AexecMsg_059_AprefixList_Atrace_H_AtraceMsg_059_Alast_AexecMsg_A_061_AcMsg_059_Alast_AtraceMsg_A_061_Amsg_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062,axiom,
~ ! [ExecMsg: list @ ( configuration_ext @ p @ v @ s @ product_unit ),TraceMsg: list @ ( message @ p @ v )] :
( ( execution @ p @ s @ v @ trans @ sends @ start @ ExecMsg @ TraceMsg )
=> ( ( prefixList @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 @ ExecMsg )
=> ( ( prefixList @ ( message @ p @ v ) @ trace2 @ TraceMsg )
=> ( ( ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ ExecMsg )
= cMsg )
=> ( ( last @ ( message @ p @ v ) @ TraceMsg )
!= msg ) ) ) ) ) ).
% \<open>\<And>thesis. (\<And>execMsg traceMsg. \<lbrakk>execution trans sends start execMsg traceMsg; prefixList exec' execMsg; prefixList trace' traceMsg; last execMsg = cMsg; last traceMsg = msg\<rbrakk> \<Longrightarrow> thesis) \<Longrightarrow> thesis\<close>
thf(fact_181_bot__set__def,axiom,
! [A: $tType] :
( ( bot_bot @ ( set @ A ) )
= ( collect @ A @ ( bot_bot @ ( A > $o ) ) ) ) ).
% bot_set_def
thf(fact_182_asynchronousSystem_OStepOutMsg,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,V3: $o,Cfg2: configuration_ext @ P @ V @ S @ product_unit] :
~ ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ ( outMsg @ P @ V @ V3 ) @ Cfg2 ) ).
% asynchronousSystem.StepOutMsg
thf(fact_183_isReceiverOf_Osimps_I3_J,axiom,
! [P: $tType,V: $tType,P1: P,V3: $o] :
~ ( isReceiverOf @ P @ V @ P1 @ ( outMsg @ P @ V @ V3 ) ) ).
% isReceiverOf.simps(3)
thf(fact_184_asynchronousSystem_ONoOutMessageLoss,axiom,
! [S: $tType,P: $tType,V: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Cfg2: configuration_ext @ P @ V @ S @ product_unit,V3: $o] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg2 )
=> ( ord_less_eq @ nat @ ( msgs @ P @ V @ S @ product_unit @ Cfg1 @ ( outMsg @ P @ V @ V3 ) ) @ ( msgs @ P @ V @ S @ product_unit @ Cfg2 @ ( outMsg @ P @ V @ V3 ) ) ) ) ).
% asynchronousSystem.NoOutMessageLoss
thf(fact_185_asynchronousSystem_Osteps_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( steps @ P @ S @ V )
= ( steps @ P @ S @ V ) ) ).
% asynchronousSystem.steps.cong
thf(fact_186_asynchronousSystem_OReachableTrans,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Cfg2: configuration_ext @ P @ V @ S @ product_unit,Cfg32: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg2 )
=> ( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg2 @ Cfg32 )
=> ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg32 ) ) ) ).
% asynchronousSystem.ReachableTrans
thf(fact_187_asynchronousSystem_Oreachable_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( reachable @ P @ S @ V )
= ( reachable @ P @ S @ V ) ) ).
% asynchronousSystem.reachable.cong
thf(fact_188_asynchronousSystem_Oinit,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit] : ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg1 ) ).
% asynchronousSystem.init
thf(fact_189_UniqueReceiverOf,axiom,
! [V: $tType,P: $tType,Q: P,Msg: message @ P @ V,P2: P] :
( ( isReceiverOf @ P @ V @ Q @ Msg )
=> ( ( P2 != Q )
=> ~ ( isReceiverOf @ P @ V @ P2 @ Msg ) ) ) ).
% UniqueReceiverOf
thf(fact_190_asynchronousSystem_OQReachableTrans,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg2: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P,Cfg32: configuration_ext @ P @ V @ S @ product_unit,Cfg1: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg2 @ Q2 @ Cfg32 )
=> ( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ).
% asynchronousSystem.QReachableTrans
thf(fact_191_asynchronousSystem_OqReachable_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( qReachable @ P @ S @ V )
= ( qReachable @ P @ S @ V ) ) ).
% asynchronousSystem.qReachable.cong
thf(fact_192_asynchronousSystem_OInitQ,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P] : ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg1 ) ).
% asynchronousSystem.InitQ
thf(fact_193_asynchronousSystem_OinitReachable_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( initReachable @ P @ S @ V )
= ( initReachable @ P @ S @ V ) ) ).
% asynchronousSystem.initReachable.cong
thf(fact_194_asynchronousSystem_Oinitial_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( initial @ P @ S @ V )
= ( initial @ P @ S @ V ) ) ).
% asynchronousSystem.initial.cong
thf(fact_195_asynchronousSystem_OstepReachable_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( stepReachable @ P @ S @ V )
= ( stepReachable @ P @ S @ V ) ) ).
% asynchronousSystem.stepReachable.cong
thf(fact_196_asynchronousSystem_Ostep,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Cfg2: configuration_ext @ P @ V @ S @ product_unit,Msg: message @ P @ V,Cfg32: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg2 )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg2 @ Msg @ Cfg32 )
=> ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg32 ) ) ) ).
% asynchronousSystem.step
thf(fact_197_asynchronousSystem_Oreachable_Ocases,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,A1: configuration_ext @ P @ V @ S @ product_unit,A22: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ A1 @ A22 )
=> ( ( A22 != A1 )
=> ~ ! [Cfg23: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ A1 @ Cfg23 )
=> ! [Msg3: message @ P @ V] :
~ ( steps @ P @ S @ V @ Trans @ Sends @ Cfg23 @ Msg3 @ A22 ) ) ) ) ).
% asynchronousSystem.reachable.cases
thf(fact_198_asynchronousSystem_Oreachable_Osimps,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( reachable @ P @ S @ V )
= ( ^ [Trans2: P > S > ( messageValue @ V ) > S,Sends2: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,A12: configuration_ext @ P @ V @ S @ product_unit,A23: configuration_ext @ P @ V @ S @ product_unit] :
( ? [Cfg13: configuration_ext @ P @ V @ S @ product_unit] :
( ( A12 = Cfg13 )
& ( A23 = Cfg13 ) )
| ? [Cfg13: configuration_ext @ P @ V @ S @ product_unit,Cfg22: configuration_ext @ P @ V @ S @ product_unit,Msg2: message @ P @ V,Cfg34: configuration_ext @ P @ V @ S @ product_unit] :
( ( A12 = Cfg13 )
& ( A23 = Cfg34 )
& ( reachable @ P @ S @ V @ Trans2 @ Sends2 @ Cfg13 @ Cfg22 )
& ( steps @ P @ S @ V @ Trans2 @ Sends2 @ Cfg22 @ Msg2 @ Cfg34 ) ) ) ) ) ).
% asynchronousSystem.reachable.simps
thf(fact_199_asynchronousSystem_Oreachable_Oinducts,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,X1: configuration_ext @ P @ V @ S @ product_unit,X22: configuration_ext @ P @ V @ S @ product_unit,P3: ( configuration_ext @ P @ V @ S @ product_unit ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ X1 @ X22 )
=> ( ! [Cfg12: configuration_ext @ P @ V @ S @ product_unit] : ( P3 @ Cfg12 @ Cfg12 )
=> ( ! [Cfg12: configuration_ext @ P @ V @ S @ product_unit,Cfg23: configuration_ext @ P @ V @ S @ product_unit,Msg3: message @ P @ V,Cfg33: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg12 @ Cfg23 )
=> ( ( P3 @ Cfg12 @ Cfg23 )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( P3 @ Cfg12 @ Cfg33 ) ) ) )
=> ( P3 @ X1 @ X22 ) ) ) ) ).
% asynchronousSystem.reachable.inducts
thf(fact_200_asynchronousSystem_ODiamondOne,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg: configuration_ext @ P @ V @ S @ product_unit,M: message @ P @ V,Cfg1: configuration_ext @ P @ V @ S @ product_unit,P2: P,Q: P,M2: message @ P @ V,Cfg2: configuration_ext @ P @ V @ S @ product_unit] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg @ M @ Cfg1 )
=> ( ( P2 != Q )
=> ( ( isReceiverOf @ P @ V @ P2 @ M )
=> ( ~ ( isReceiverOf @ P @ V @ P2 @ M2 )
=> ( ( isReceiverOf @ P @ V @ Q @ M2 )
=> ( ~ ( isReceiverOf @ P @ V @ Q @ M )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg @ M2 @ Cfg2 )
=> ? [Cfg3: configuration_ext @ P @ V @ S @ product_unit] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ M2 @ Cfg3 )
& ( steps @ P @ S @ V @ Trans @ Sends @ Cfg2 @ M @ Cfg3 ) ) ) ) ) ) ) ) ) ).
% asynchronousSystem.DiamondOne
thf(fact_201_asynchronousSystem_OQReachImplReach,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P,Cfg2: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Cfg2 ) ) ).
% asynchronousSystem.QReachImplReach
thf(fact_202_asynchronousSystem_OOnlyOccurenceDisables,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,M: message @ P @ V,Cfg2: configuration_ext @ P @ V @ S @ product_unit,M2: message @ P @ V] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ( enabled @ P @ V @ S @ Cfg1 @ M2 )
=> ( ~ ( enabled @ P @ V @ S @ Cfg2 @ M2 )
=> ( M = M2 ) ) ) ) ).
% asynchronousSystem.OnlyOccurenceDisables
thf(fact_203_asynchronousSystem_ONotInQFrozenQReachability,axiom,
! [V: $tType,S: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P,Cfg2: configuration_ext @ P @ V @ S @ product_unit,P2: P] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ~ ( member @ P @ P2 @ Q2 )
=> ( ( states @ P @ V @ S @ product_unit @ Cfg1 @ P2 )
= ( states @ P @ V @ S @ product_unit @ Cfg2 @ P2 ) ) ) ) ).
% asynchronousSystem.NotInQFrozenQReachability
thf(fact_204_asynchronousSystem_OInitialIsInitReachable,axiom,
! [S: $tType,V: $tType,P: $tType,Start: P > S,C: configuration_ext @ P @ V @ S @ product_unit,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat] :
( ( initial @ P @ S @ V @ Start @ C )
=> ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C ) ) ).
% asynchronousSystem.InitialIsInitReachable
thf(fact_205_asynchronousSystem_OOtherMessagesOnlyGrowing,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,M: message @ P @ V,Cfg2: configuration_ext @ P @ V @ S @ product_unit,M2: message @ P @ V] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ( M != M2 )
=> ( ord_less_eq @ nat @ ( msgs @ P @ V @ S @ product_unit @ Cfg1 @ M2 ) @ ( msgs @ P @ V @ S @ product_unit @ Cfg2 @ M2 ) ) ) ) ).
% asynchronousSystem.OtherMessagesOnlyGrowing
thf(fact_206_asynchronousSystem_OStepQ,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P,Cfg2: configuration_ext @ P @ V @ S @ product_unit,Msg: message @ P @ V,Cfg32: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg2 )
=> ( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg2 @ Msg @ Cfg32 )
=> ( ? [X4: P] :
( ( member @ P @ X4 @ Q2 )
& ( isReceiverOf @ P @ V @ X4 @ Msg ) )
=> ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg1 @ Q2 @ Cfg32 ) ) ) ) ).
% asynchronousSystem.StepQ
thf(fact_207_asynchronousSystem_OqReachable_Ocases,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,A1: configuration_ext @ P @ V @ S @ product_unit,A22: set @ P,A3: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ A1 @ A22 @ A3 )
=> ( ( A3 != A1 )
=> ~ ! [Cfg23: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ A1 @ A22 @ Cfg23 )
=> ! [Msg3: message @ P @ V] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg23 @ Msg3 @ A3 )
=> ~ ? [X: P] :
( ( member @ P @ X @ A22 )
& ( isReceiverOf @ P @ V @ X @ Msg3 ) ) ) ) ) ) ).
% asynchronousSystem.qReachable.cases
thf(fact_208_asynchronousSystem_OqReachable_Osimps,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( qReachable @ P @ S @ V )
= ( ^ [Trans2: P > S > ( messageValue @ V ) > S,Sends2: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,A12: configuration_ext @ P @ V @ S @ product_unit,A23: set @ P,A32: configuration_ext @ P @ V @ S @ product_unit] :
( ( A32 = A12 )
| ? [Cfg22: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans2 @ Sends2 @ A12 @ A23 @ Cfg22 )
& ? [Msg2: message @ P @ V] :
( ( steps @ P @ S @ V @ Trans2 @ Sends2 @ Cfg22 @ Msg2 @ A32 )
& ? [X3: P] :
( ( member @ P @ X3 @ A23 )
& ( isReceiverOf @ P @ V @ X3 @ Msg2 ) ) ) ) ) ) ) ).
% asynchronousSystem.qReachable.simps
thf(fact_209_asynchronousSystem_OqReachable_Oinducts,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,X1: configuration_ext @ P @ V @ S @ product_unit,X22: set @ P,X32: configuration_ext @ P @ V @ S @ product_unit,P3: ( configuration_ext @ P @ V @ S @ product_unit ) > ( set @ P ) > ( configuration_ext @ P @ V @ S @ product_unit ) > $o] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ X1 @ X22 @ X32 )
=> ( ! [Cfg12: configuration_ext @ P @ V @ S @ product_unit,Q3: set @ P] : ( P3 @ Cfg12 @ Q3 @ Cfg12 )
=> ( ! [Cfg12: configuration_ext @ P @ V @ S @ product_unit,Q3: set @ P,Cfg23: configuration_ext @ P @ V @ S @ product_unit] :
( ( qReachable @ P @ S @ V @ Trans @ Sends @ Cfg12 @ Q3 @ Cfg23 )
=> ( ( P3 @ Cfg12 @ Q3 @ Cfg23 )
=> ! [Msg3: message @ P @ V,Cfg33: configuration_ext @ P @ V @ S @ product_unit] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg23 @ Msg3 @ Cfg33 )
=> ( ? [X: P] :
( ( member @ P @ X @ Q3 )
& ( isReceiverOf @ P @ V @ X @ Msg3 ) )
=> ( P3 @ Cfg12 @ Q3 @ Cfg33 ) ) ) ) )
=> ( P3 @ X1 @ X22 @ X32 ) ) ) ) ).
% asynchronousSystem.qReachable.inducts
thf(fact_210_asynchronousSystem_ONoReceivingNoChange,axiom,
! [V: $tType,S: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,M: message @ P @ V,Cfg2: configuration_ext @ P @ V @ S @ product_unit,P2: P] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ~ ( isReceiverOf @ P @ V @ P2 @ M )
=> ( ( states @ P @ V @ S @ product_unit @ Cfg1 @ P2 )
= ( states @ P @ V @ S @ product_unit @ Cfg2 @ P2 ) ) ) ) ).
% asynchronousSystem.NoReceivingNoChange
thf(fact_211_asynchronousSystem_OinitReachable__def,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( initReachable @ P @ S @ V )
= ( ^ [Trans2: P > S > ( messageValue @ V ) > S,Sends2: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Start2: P > S,Cfg5: configuration_ext @ P @ V @ S @ product_unit] :
? [Cfg0: configuration_ext @ P @ V @ S @ product_unit] :
( ( initial @ P @ S @ V @ Start2 @ Cfg0 )
& ( reachable @ P @ S @ V @ Trans2 @ Sends2 @ Cfg0 @ Cfg5 ) ) ) ) ).
% asynchronousSystem.initReachable_def
thf(fact_212_asynchronousSystem_OstepReachable__def,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( stepReachable @ P @ S @ V )
= ( ^ [Trans2: P > S > ( messageValue @ V ) > S,Sends2: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,C12: configuration_ext @ P @ V @ S @ product_unit,Msg2: message @ P @ V,C23: configuration_ext @ P @ V @ S @ product_unit] :
? [C5: configuration_ext @ P @ V @ S @ product_unit,C6: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans2 @ Sends2 @ C12 @ C5 )
& ( steps @ P @ S @ V @ Trans2 @ Sends2 @ C5 @ Msg2 @ C6 )
& ( reachable @ P @ S @ V @ Trans2 @ Sends2 @ C6 @ C23 ) ) ) ) ).
% asynchronousSystem.stepReachable_def
thf(fact_213_asynchronousSystem_OStepReachable,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg: configuration_ext @ P @ V @ S @ product_unit,Cfg4: configuration_ext @ P @ V @ S @ product_unit,Msg: message @ P @ V] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ Cfg @ Cfg4 )
=> ( ( enabled @ P @ V @ S @ Cfg @ Msg )
=> ( ~ ( enabled @ P @ V @ S @ Cfg4 @ Msg )
=> ( stepReachable @ P @ S @ V @ Trans @ Sends @ Cfg @ Msg @ Cfg4 ) ) ) ) ).
% asynchronousSystem.StepReachable
thf(fact_214_asynchronousSystem_OexpandExecutionStep,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Exec3: list @ ( configuration_ext @ P @ V @ S @ product_unit ),Msg: message @ P @ V,CMsg2: configuration_ext @ P @ V @ S @ product_unit,Start: P > S,Trace3: list @ ( message @ P @ V )] :
( ( steps @ P @ S @ V @ Trans @ Sends @ ( last @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec3 ) @ Msg @ CMsg2 )
=> ( ( execution @ P @ S @ V @ Trans @ Sends @ Start @ Exec3 @ Trace3 )
=> ? [Exec4: list @ ( configuration_ext @ P @ V @ S @ product_unit ),Trace4: list @ ( message @ P @ V )] :
( ( execution @ P @ S @ V @ Trans @ Sends @ Start @ Exec4 @ Trace4 )
& ( prefixList @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec3 @ Exec4 )
& ( prefixList @ ( message @ P @ V ) @ Trace3 @ Trace4 )
& ( ( last @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec4 )
= CMsg2 )
& ( ( last @ ( message @ P @ V ) @ Trace4 )
= Msg ) ) ) ) ).
% asynchronousSystem.expandExecutionStep
thf(fact_215_asynchronousSystem_OexpandExecutionReachable,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,CfgLast: configuration_ext @ P @ V @ S @ product_unit,Cfg: configuration_ext @ P @ V @ S @ product_unit,Start: P > S,Exec: list @ ( configuration_ext @ P @ V @ S @ product_unit ),Trace: list @ ( message @ P @ V )] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ CfgLast @ Cfg )
=> ( ( execution @ P @ S @ V @ Trans @ Sends @ Start @ Exec @ Trace )
=> ( ( CfgLast
= ( last @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec ) )
=> ? [Exec2: list @ ( configuration_ext @ P @ V @ S @ product_unit ),Trace2: list @ ( message @ P @ V )] :
( ( execution @ P @ S @ V @ Trans @ Sends @ Start @ Exec2 @ Trace2 )
& ( ( ( prefixList @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec @ Exec2 )
& ( prefixList @ ( message @ P @ V ) @ Trace @ Trace2 ) )
| ( ( Exec = Exec2 )
& ( Trace = Trace2 ) ) )
& ( ( last @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec2 )
= Cfg ) ) ) ) ) ).
% asynchronousSystem.expandExecutionReachable
thf(fact_216_NonUniformCanReachSilentBivalence,axiom,
! [C: configuration_ext @ p @ v @ s @ product_unit,P2: p] :
( ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $false @ C )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $true @ C ) )
=> ( ! [Cc: configuration_ext @ p @ v @ s @ product_unit,X_1: set @ p] : ( terminationPseudo @ p @ s @ v @ trans @ sends @ start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ! [Cfg6: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ C @ Cfg6 )
=> ( agreement @ p @ v @ s @ Cfg6 ) )
=> ? [C7: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ C @ C7 )
& ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ P2 @ C7 ) )
= ( insert @ $o @ $true @ ( insert @ $o @ $false @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ) ) ) ).
% NonUniformCanReachSilentBivalence
thf(fact_217_PseudoTermination,axiom,
! [Cc2: configuration_ext @ p @ v @ s @ product_unit,Q2: set @ p] : ( terminationPseudo @ p @ s @ v @ trans @ sends @ start @ ( one_one @ nat ) @ Cc2 @ Q2 ) ).
% PseudoTermination
thf(fact_218_DecisionValuesExist,axiom,
! [C: configuration_ext @ p @ v @ s @ product_unit,P2: p] :
( ! [Cc: configuration_ext @ p @ v @ s @ product_unit,X_1: set @ p] : ( terminationPseudo @ p @ s @ v @ trans @ sends @ start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
=> ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ P2 @ C ) )
!= ( bot_bot @ ( set @ $o ) ) ) ) ) ).
% DecisionValuesExist
thf(fact_219_InitialNonUniformCfg,axiom,
( ! [Cc: configuration_ext @ p @ v @ s @ product_unit,X_1: set @ p] : ( terminationPseudo @ p @ s @ v @ trans @ sends @ start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ! [I2: configuration_ext @ p @ v @ s @ product_unit,X_1: configuration_ext @ p @ v @ s @ product_unit] : ( validity @ p @ s @ v @ trans @ sends @ start @ I2 @ X_1 )
=> ( ! [I2: configuration_ext @ p @ v @ s @ product_unit,X_1: configuration_ext @ p @ v @ s @ product_unit] : ( agreementInit @ p @ s @ v @ trans @ sends @ start @ I2 @ X_1 )
=> ? [Cfg6: configuration_ext @ p @ v @ s @ product_unit] :
( ( initial @ p @ s @ v @ start @ Cfg6 )
& ( initReachable @ p @ s @ v @ trans @ sends @ start @ Cfg6 )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $false @ Cfg6 )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $true @ Cfg6 ) ) ) ) ) ).
% InitialNonUniformCfg
thf(fact_220_flpPseudoConsensus_OPseudoTermination,axiom,
! [V: $tType,S: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Start: P > S,Cc2: configuration_ext @ P @ V @ S @ product_unit,Q2: set @ P] :
( ( fLPThe1922692578sensus @ P @ S @ V @ Trans @ Sends @ Start )
=> ( terminationPseudo @ P @ S @ V @ Trans @ Sends @ Start @ ( one_one @ nat ) @ Cc2 @ Q2 ) ) ).
% flpPseudoConsensus.PseudoTermination
thf(fact_221_flpSystem_OterminationPseudo_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( terminationPseudo @ P @ S @ V )
= ( terminationPseudo @ P @ S @ V ) ) ).
% flpSystem.terminationPseudo.cong
thf(fact_222_flpSystem_ODecisionValuesExist,axiom,
! [S: $tType,V: $tType,P: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Trans: P > S > ( messageValue @ V ) > S,Start: P > S,C: configuration_ext @ P @ V @ S @ product_unit,P2: P] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ! [Cc: configuration_ext @ P @ V @ S @ product_unit,X_1: set @ P] : ( terminationPseudo @ P @ S @ V @ Trans @ Sends @ Start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C )
=> ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ P2 @ C ) )
!= ( bot_bot @ ( set @ $o ) ) ) ) ) ) ).
% flpSystem.DecisionValuesExist
thf(fact_223_flpSystem_ONonUniformCanReachSilentBivalence,axiom,
! [S: $tType,V: $tType,P: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Trans: P > S > ( messageValue @ V ) > S,Start: P > S,C: configuration_ext @ P @ V @ S @ product_unit,P2: P] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ( ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ C )
& ~ ( vUniform @ P @ S @ V @ Trans @ Sends @ Start @ $false @ C )
& ~ ( vUniform @ P @ S @ V @ Trans @ Sends @ Start @ $true @ C ) )
=> ( ! [Cc: configuration_ext @ P @ V @ S @ product_unit,X_1: set @ P] : ( terminationPseudo @ P @ S @ V @ Trans @ Sends @ Start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ! [Cfg6: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ C @ Cfg6 )
=> ( agreement @ P @ V @ S @ Cfg6 ) )
=> ? [C7: configuration_ext @ P @ V @ S @ product_unit] :
( ( reachable @ P @ S @ V @ Trans @ Sends @ C @ C7 )
& ( ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ P @ S @ V @ Trans @ Sends @ Start @ V2 @ P2 @ C7 ) )
= ( insert @ $o @ $true @ ( insert @ $o @ $false @ ( bot_bot @ ( set @ $o ) ) ) ) ) ) ) ) ) ) ).
% flpSystem.NonUniformCanReachSilentBivalence
thf(fact_224_flpSystem_OInitialNonUniformCfg,axiom,
! [S: $tType,V: $tType,P: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Trans: P > S > ( messageValue @ V ) > S,Start: P > S] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ! [Cc: configuration_ext @ P @ V @ S @ product_unit,X_1: set @ P] : ( terminationPseudo @ P @ S @ V @ Trans @ Sends @ Start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ! [I2: configuration_ext @ P @ V @ S @ product_unit,X_1: configuration_ext @ P @ V @ S @ product_unit] : ( validity @ P @ S @ V @ Trans @ Sends @ Start @ I2 @ X_1 )
=> ( ! [I2: configuration_ext @ P @ V @ S @ product_unit,X_1: configuration_ext @ P @ V @ S @ product_unit] : ( agreementInit @ P @ S @ V @ Trans @ Sends @ Start @ I2 @ X_1 )
=> ? [Cfg6: configuration_ext @ P @ V @ S @ product_unit] :
( ( initial @ P @ S @ V @ Start @ Cfg6 )
& ( initReachable @ P @ S @ V @ Trans @ Sends @ Start @ Cfg6 )
& ~ ( vUniform @ P @ S @ V @ Trans @ Sends @ Start @ $false @ Cfg6 )
& ~ ( vUniform @ P @ S @ V @ Trans @ Sends @ Start @ $true @ Cfg6 ) ) ) ) ) ) ).
% flpSystem.InitialNonUniformCfg
thf(fact_225_execution_OExistImpliesMinEnabled,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Start: P > S,Exec: list @ ( configuration_ext @ P @ V @ S @ product_unit ),Trace: list @ ( message @ P @ V ),P2: P,Msg: message @ P @ V] :
( ( execution @ P @ S @ V @ Trans @ Sends @ Start @ Exec @ Trace )
=> ( ( isReceiverOf @ P @ V @ P2 @ Msg )
=> ( ( enabled @ P @ V @ S @ ( last @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec ) @ Msg )
=> ? [X_1: message @ P @ V] : ( minimalEnabled @ P @ V @ S @ Exec @ Trace @ X_1 ) ) ) ) ).
% execution.ExistImpliesMinEnabled
thf(fact_226_execution_OminimalEnabled_Ocong,axiom,
! [S: $tType,V: $tType,P: $tType] :
( ( minimalEnabled @ P @ V @ S )
= ( minimalEnabled @ P @ V @ S ) ) ).
% execution.minimalEnabled.cong
thf(fact_227_flpSystem_Ovalidity_Ocong,axiom,
! [V: $tType,S: $tType,P: $tType] :
( ( validity @ P @ S @ V )
= ( validity @ P @ S @ V ) ) ).
% flpSystem.validity.cong
thf(fact_228_execution_OFirstOccurrenceExists,axiom,
! [P: $tType,V: $tType,S: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Start: P > S,Exec: list @ ( configuration_ext @ P @ V @ S @ product_unit ),Trace: list @ ( message @ P @ V ),Msg: message @ P @ V] :
( ( execution @ P @ S @ V @ Trans @ Sends @ Start @ Exec @ Trace )
=> ( ( enabled @ P @ V @ S @ ( last @ ( configuration_ext @ P @ V @ S @ product_unit ) @ Exec ) @ Msg )
=> ( ? [P6: P] : ( isReceiverOf @ P @ V @ P6 @ Msg )
=> ? [X_1: nat] : ( firstOccurrence @ P @ V @ S @ Exec @ Trace @ Msg @ X_1 ) ) ) ) ).
% execution.FirstOccurrenceExists
thf(fact_229_NonUniformImpliesNotDecided,axiom,
! [C: configuration_ext @ p @ v @ s @ product_unit,V3: $o] :
( ! [Cfg6: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ C @ Cfg6 )
=> ( agreement @ p @ v @ s @ Cfg6 ) )
=> ( ! [Cc: configuration_ext @ p @ v @ s @ product_unit,X_1: set @ p] : ( terminationPseudo @ p @ s @ v @ trans @ sends @ start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $false @ C )
& ~ ( vUniform @ p @ s @ v @ trans @ sends @ start @ $true @ C ) )
=> ~ ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
& ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ C @ ( outMsg @ p @ v @ V3 ) ) ) ) ) ) ) ).
% NonUniformImpliesNotDecided
thf(fact_230_agreement__def,axiom,
( ( agreement @ p @ v @ s )
= ( ^ [C9: configuration_ext @ p @ v @ s @ product_unit] :
! [V1: $o] :
( ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ C9 @ ( outMsg @ p @ v @ V1 ) ) )
=> ! [V22: $o] :
( ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ C9 @ ( outMsg @ p @ v @ V22 ) ) )
= ( V22 = V1 ) ) ) ) ) ).
% agreement_def
thf(fact_231_ExistsMsg,axiom,
! [Cfg1: configuration_ext @ p @ v @ s @ product_unit,M: message @ p @ v,Cfg2: configuration_ext @ p @ v @ s @ product_unit] :
( ( steps @ p @ s @ v @ trans @ sends @ Cfg1 @ M @ Cfg2 )
=> ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ Cfg1 @ M ) ) ) ).
% ExistsMsg
thf(fact_232_agreementInit__def,axiom,
! [I: configuration_ext @ p @ v @ s @ product_unit,C: configuration_ext @ p @ v @ s @ product_unit] :
( ( agreementInit @ p @ s @ v @ trans @ sends @ start @ I @ C )
= ( ( ( initial @ p @ s @ v @ start @ I )
& ( reachable @ p @ s @ v @ trans @ sends @ I @ C ) )
=> ! [V1: $o] :
( ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ C @ ( outMsg @ p @ v @ V1 ) ) )
=> ! [V22: $o] :
( ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ C @ ( outMsg @ p @ v @ V22 ) ) )
= ( V22 = V1 ) ) ) ) ) ).
% agreementInit_def
thf(fact_233_DecidedImpliesUniform,axiom,
! [C: configuration_ext @ p @ v @ s @ product_unit,V3: $o] :
( ! [Cfg6: configuration_ext @ p @ v @ s @ product_unit] :
( ( reachable @ p @ s @ v @ trans @ sends @ C @ Cfg6 )
=> ( agreement @ p @ v @ s @ Cfg6 ) )
=> ( ! [Cc: configuration_ext @ p @ v @ s @ product_unit,X_1: set @ p] : ( terminationPseudo @ p @ s @ v @ trans @ sends @ start @ ( one_one @ nat ) @ Cc @ X_1 )
=> ( ( ( initReachable @ p @ s @ v @ trans @ sends @ start @ C )
& ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ p @ v @ s @ product_unit @ C @ ( outMsg @ p @ v @ V3 ) ) ) )
=> ( vUniform @ p @ s @ v @ trans @ sends @ start @ V3 @ C ) ) ) ) ).
% DecidedImpliesUniform
thf(fact_234_flpSystem_Oagreement__def,axiom,
! [V: $tType,P: $tType,S: $tType,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,C: configuration_ext @ P @ V @ S @ product_unit] :
( ( flpSystem @ P @ S @ V @ Sends )
=> ( ( agreement @ P @ V @ S @ C )
= ( ! [V1: $o] :
( ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ P @ V @ S @ product_unit @ C @ ( outMsg @ P @ V @ V1 ) ) )
=> ! [V22: $o] :
( ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ P @ V @ S @ product_unit @ C @ ( outMsg @ P @ V @ V22 ) ) )
= ( V22 = V1 ) ) ) ) ) ) ).
% flpSystem.agreement_def
thf(fact_235_enabled__def,axiom,
! [S: $tType,V: $tType,P: $tType] :
( ( enabled @ P @ V @ S )
= ( ^ [Cfg5: configuration_ext @ P @ V @ S @ product_unit,Msg2: message @ P @ V] : ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ P @ V @ S @ product_unit @ Cfg5 @ Msg2 ) ) ) ) ).
% enabled_def
thf(fact_236_asynchronousSystem_OExistsMsg,axiom,
! [S: $tType,V: $tType,P: $tType,Trans: P > S > ( messageValue @ V ) > S,Sends: P > S > ( messageValue @ V ) > ( message @ P @ V ) > nat,Cfg1: configuration_ext @ P @ V @ S @ product_unit,M: message @ P @ V,Cfg2: configuration_ext @ P @ V @ S @ product_unit] :
( ( steps @ P @ S @ V @ Trans @ Sends @ Cfg1 @ M @ Cfg2 )
=> ( ord_less @ nat @ ( zero_zero @ nat ) @ ( msgs @ P @ V @ S @ product_unit @ Cfg1 @ M ) ) ) ).
% asynchronousSystem.ExistsMsg
thf(fact_237_order_Onot__eq__order__implies__strict,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A,B3: A] :
( ( A5 != B3 )
=> ( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ord_less @ A @ A5 @ B3 ) ) ) ) ).
% order.not_eq_order_implies_strict
thf(fact_238_dual__order_Ostrict__implies__order,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B3: A,A5: A] :
( ( ord_less @ A @ B3 @ A5 )
=> ( ord_less_eq @ A @ B3 @ A5 ) ) ) ).
% dual_order.strict_implies_order
thf(fact_239_dual__order_Ostrict__iff__order,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ord_less @ A )
= ( ^ [B4: A,A6: A] :
( ( ord_less_eq @ A @ B4 @ A6 )
& ( A6 != B4 ) ) ) ) ) ).
% dual_order.strict_iff_order
thf(fact_240_dual__order_Oorder__iff__strict,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ord_less_eq @ A )
= ( ^ [B4: A,A6: A] :
( ( ord_less @ A @ B4 @ A6 )
| ( A6 = B4 ) ) ) ) ) ).
% dual_order.order_iff_strict
thf(fact_241_order_Ostrict__implies__order,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A,B3: A] :
( ( ord_less @ A @ A5 @ B3 )
=> ( ord_less_eq @ A @ A5 @ B3 ) ) ) ).
% order.strict_implies_order
thf(fact_242_dense__le__bounded,axiom,
! [A: $tType] :
( ( dense_linorder @ A )
=> ! [X2: A,Y2: A,Z3: A] :
( ( ord_less @ A @ X2 @ Y2 )
=> ( ! [W: A] :
( ( ord_less @ A @ X2 @ W )
=> ( ( ord_less @ A @ W @ Y2 )
=> ( ord_less_eq @ A @ W @ Z3 ) ) )
=> ( ord_less_eq @ A @ Y2 @ Z3 ) ) ) ) ).
% dense_le_bounded
thf(fact_243_dense__ge__bounded,axiom,
! [A: $tType] :
( ( dense_linorder @ A )
=> ! [Z3: A,X2: A,Y2: A] :
( ( ord_less @ A @ Z3 @ X2 )
=> ( ! [W: A] :
( ( ord_less @ A @ Z3 @ W )
=> ( ( ord_less @ A @ W @ X2 )
=> ( ord_less_eq @ A @ Y2 @ W ) ) )
=> ( ord_less_eq @ A @ Y2 @ Z3 ) ) ) ) ).
% dense_ge_bounded
thf(fact_244_dual__order_Ostrict__trans2,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B3: A,A5: A,C: A] :
( ( ord_less @ A @ B3 @ A5 )
=> ( ( ord_less_eq @ A @ C @ B3 )
=> ( ord_less @ A @ C @ A5 ) ) ) ) ).
% dual_order.strict_trans2
thf(fact_245_dual__order_Ostrict__trans1,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [B3: A,A5: A,C: A] :
( ( ord_less_eq @ A @ B3 @ A5 )
=> ( ( ord_less @ A @ C @ B3 )
=> ( ord_less @ A @ C @ A5 ) ) ) ) ).
% dual_order.strict_trans1
thf(fact_246_order_Ostrict__iff__order,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ord_less @ A )
= ( ^ [A6: A,B4: A] :
( ( ord_less_eq @ A @ A6 @ B4 )
& ( A6 != B4 ) ) ) ) ) ).
% order.strict_iff_order
thf(fact_247_order_Oorder__iff__strict,axiom,
! [A: $tType] :
( ( order @ A )
=> ( ( ord_less_eq @ A )
= ( ^ [A6: A,B4: A] :
( ( ord_less @ A @ A6 @ B4 )
| ( A6 = B4 ) ) ) ) ) ).
% order.order_iff_strict
thf(fact_248_order_Ostrict__trans2,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A,B3: A,C: A] :
( ( ord_less @ A @ A5 @ B3 )
=> ( ( ord_less_eq @ A @ B3 @ C )
=> ( ord_less @ A @ A5 @ C ) ) ) ) ).
% order.strict_trans2
thf(fact_249_order_Ostrict__trans1,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [A5: A,B3: A,C: A] :
( ( ord_less_eq @ A @ A5 @ B3 )
=> ( ( ord_less @ A @ B3 @ C )
=> ( ord_less @ A @ A5 @ C ) ) ) ) ).
% order.strict_trans1
thf(fact_250_not__le__imp__less,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [Y2: A,X2: A] :
( ~ ( ord_less_eq @ A @ Y2 @ X2 )
=> ( ord_less @ A @ X2 @ Y2 ) ) ) ).
% not_le_imp_less
thf(fact_251_less__le__not__le,axiom,
! [A: $tType] :
( ( preorder @ A )
=> ( ( ord_less @ A )
= ( ^ [X3: A,Y3: A] :
( ( ord_less_eq @ A @ X3 @ Y3 )
& ~ ( ord_less_eq @ A @ Y3 @ X3 ) ) ) ) ) ).
% less_le_not_le
thf(fact_252_le__imp__less__or__eq,axiom,
! [A: $tType] :
( ( order @ A )
=> ! [X2: A,Y2: A] :
( ( ord_less_eq @ A @ X2 @ Y2 )
=> ( ( ord_less @ A @ X2 @ Y2 )
| ( X2 = Y2 ) ) ) ) ).
% le_imp_less_or_eq
thf(fact_253_le__less__linear,axiom,
! [A: $tType] :
( ( linorder @ A )
=> ! [X2: A,Y2: A] :
( ( ord_less_eq @ A @ X2 @ Y2 )
| ( ord_less @ A @ Y2 @ X2 ) ) ) ).
% le_less_linear
thf(fact_254_dense__le,axiom,
! [A: $tType] :
( ( dense_linorder @ A )
=> ! [Y2: A,Z3: A] :
( ! [X: A] :
( ( ord_less @ A @ X @ Y2 )
=> ( ord_less_eq @ A @ X @ Z3 ) )
=> ( ord_less_eq @ A @ Y2 @ Z3 ) ) ) ).
% dense_le
thf(fact_255_dense__ge,axiom,
! [A: $tType] :
( ( dense_linorder @ A )
=> ! [Z3: A,Y2: A] :
( ! [X: A] :
( ( ord_less @ A @ Z3 @ X )
=> ( ord_less_eq @ A @ Y2 @ X ) )
=> ( ord_less_eq @ A @ Y2 @ Z3 ) ) ) ).
% dense_ge
% Type constructors (28)
thf(tcon_fun___Orderings_Oorder__bot,axiom,
! [A8: $tType,A9: $tType] :
( ( order_bot @ A9 )
=> ( order_bot @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Opreorder,axiom,
! [A8: $tType,A9: $tType] :
( ( preorder @ A9 )
=> ( preorder @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Oorder,axiom,
! [A8: $tType,A9: $tType] :
( ( order @ A9 )
=> ( order @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Oord,axiom,
! [A8: $tType,A9: $tType] :
( ( ord @ A9 )
=> ( ord @ ( A8 > A9 ) ) ) ).
thf(tcon_fun___Orderings_Obot,axiom,
! [A8: $tType,A9: $tType] :
( ( bot @ A9 )
=> ( bot @ ( A8 > A9 ) ) ) ).
thf(tcon_Nat_Onat___Orderings_Oorder__bot_1,axiom,
order_bot @ nat ).
thf(tcon_Nat_Onat___Orderings_Opreorder_2,axiom,
preorder @ nat ).
thf(tcon_Nat_Onat___Orderings_Olinorder,axiom,
linorder @ nat ).
thf(tcon_Nat_Onat___Orderings_Oorder_3,axiom,
order @ nat ).
thf(tcon_Nat_Onat___Orderings_Oord_4,axiom,
ord @ nat ).
thf(tcon_Nat_Onat___Orderings_Obot_5,axiom,
bot @ nat ).
thf(tcon_Set_Oset___Orderings_Oorder__bot_6,axiom,
! [A8: $tType] : ( order_bot @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Opreorder_7,axiom,
! [A8: $tType] : ( preorder @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Oorder_8,axiom,
! [A8: $tType] : ( order @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Oord_9,axiom,
! [A8: $tType] : ( ord @ ( set @ A8 ) ) ).
thf(tcon_Set_Oset___Orderings_Obot_10,axiom,
! [A8: $tType] : ( bot @ ( set @ A8 ) ) ).
thf(tcon_HOL_Obool___Orderings_Oorder__bot_11,axiom,
order_bot @ $o ).
thf(tcon_HOL_Obool___Orderings_Opreorder_12,axiom,
preorder @ $o ).
thf(tcon_HOL_Obool___Orderings_Olinorder_13,axiom,
linorder @ $o ).
thf(tcon_HOL_Obool___Orderings_Oorder_14,axiom,
order @ $o ).
thf(tcon_HOL_Obool___Orderings_Oord_15,axiom,
ord @ $o ).
thf(tcon_HOL_Obool___Orderings_Obot_16,axiom,
bot @ $o ).
thf(tcon_Product__Type_Ounit___Orderings_Oorder__bot_17,axiom,
order_bot @ product_unit ).
thf(tcon_Product__Type_Ounit___Orderings_Opreorder_18,axiom,
preorder @ product_unit ).
thf(tcon_Product__Type_Ounit___Orderings_Olinorder_19,axiom,
linorder @ product_unit ).
thf(tcon_Product__Type_Ounit___Orderings_Oorder_20,axiom,
order @ product_unit ).
thf(tcon_Product__Type_Ounit___Orderings_Oord_21,axiom,
ord @ product_unit ).
thf(tcon_Product__Type_Ounit___Orderings_Obot_22,axiom,
bot @ product_unit ).
% Conjectures (1)
thf(conj_0,conjecture,
( ord_less_eq @ ( set @ $o )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ p2 @ ( last @ ( configuration_ext @ p @ v @ s @ product_unit ) @ exec2 ) ) )
@ ( collect @ $o
@ ^ [V2: $o] : ( pSilDecVal @ p @ s @ v @ trans @ sends @ start @ V2 @ p2 @ cMsg ) ) ) ).
%------------------------------------------------------------------------------