TPTP Problem File: SWW517_5.p
View Solutions
- Solve Problem
%------------------------------------------------------------------------------
% File : SWW517_5 : TPTP v9.0.0. Released v6.0.0.
% Domain : Software Verification
% Problem : Hoare's Logic with Procedures line 257
% Version : Especial.
% English :
% Refs : [BN10] Boehme & Nipkow (2010), Sledgehammer: Judgement Day
% : [Bla13] Blanchette (2011), Email to Geoff Sutcliffe
% Source : [Bla13]
% Names : hoare_257 [Bla13]
% Status : Unknown
% Rating : 1.00 v6.4.0
% Syntax : Number of formulae : 146 ( 64 unt; 44 typ; 0 def)
% Number of atoms : 188 ( 89 equ)
% Maximal formula atoms : 7 ( 1 avg)
% Number of connectives : 145 ( 59 ~; 3 |; 13 &)
% ( 10 <=>; 60 =>; 0 <=; 0 <~>)
% Maximal formula depth : 13 ( 7 avg)
% Maximal term depth : 10 ( 1 avg)
% Number of types : 9 ( 8 usr)
% Number of type conns : 66 ( 24 >; 42 *; 0 +; 0 <<)
% Number of predicates : 9 ( 8 usr; 0 prp; 1-4 aty)
% Number of functors : 28 ( 28 usr; 10 con; 0-10 aty)
% Number of variables : 480 ( 461 !; 2 ?; 480 :)
% ( 17 !>; 0 ?*; 0 @-; 0 @+)
% SPC : TF1_UNK_EQU_NAR
% Comments : This file was generated by Isabelle (most likely Sledgehammer)
% 2011-12-13 16:20:27
%------------------------------------------------------------------------------
%----Should-be-implicit typings (10)
tff(ty_t_a,type,
a: $tType ).
tff(ty_tc_Com_Ocom,type,
com: $tType ).
tff(ty_tc_Com_Oloc,type,
loc: $tType ).
tff(ty_tc_Com_Opname,type,
pname: $tType ).
tff(ty_tc_Com_Ostate,type,
state: $tType ).
tff(ty_tc_Com_Ovname,type,
vname: $tType ).
tff(ty_tc_HOL_Obool,type,
bool: $tType ).
tff(ty_tc_Hoare__Mirabelle__vtrypsmcwp_Otriple,type,
hoare_28830079triple: $tType > $tType ).
tff(ty_tc_Nat_Onat,type,
nat: $tType ).
tff(ty_tc_fun,type,
fun: ( $tType * $tType ) > $tType ).
%----Explicit typings (34)
tff(sy_cl_Rings_Osemiring__1,type,
semiring_1:
!>[A2: $tType] : $o ).
tff(sy_c_Com_OWT,type,
wt: com > $o ).
tff(sy_c_Com_Ocom_OAss,type,
ass: ( vname * fun(state,nat) ) > com ).
tff(sy_c_Com_Ocom_OCond,type,
cond: ( fun(state,bool) * com * com ) > com ).
tff(sy_c_Com_Ocom_OLocal,type,
local: ( loc * fun(state,nat) * com ) > com ).
tff(sy_c_Com_Ocom_OSKIP,type,
skip: com ).
tff(sy_c_Com_Ocom_OSemi,type,
semi: ( com * com ) > com ).
tff(sy_c_Com_Ocom_OWhile,type,
while: ( fun(state,bool) * com ) > com ).
tff(sy_c_Com_Ocom_Ocom__case,type,
com_case:
!>[T3: $tType] : ( ( T3 * fun(vname,fun(fun(state,nat),T3)) * fun(loc,fun(fun(state,nat),fun(com,T3))) * fun(com,fun(com,T3)) * fun(fun(state,bool),fun(com,fun(com,T3))) * fun(fun(state,bool),fun(com,T3)) * fun(pname,T3) * fun(vname,fun(pname,fun(fun(state,nat),T3))) * com ) > T3 ) ).
tff(sy_c_Com_Ocom_Ocom__rec,type,
com_rec:
!>[T3: $tType] : ( ( T3 * fun(vname,fun(fun(state,nat),T3)) * fun(loc,fun(fun(state,nat),fun(com,fun(T3,T3)))) * fun(com,fun(com,fun(T3,fun(T3,T3)))) * fun(fun(state,bool),fun(com,fun(com,fun(T3,fun(T3,T3))))) * fun(fun(state,bool),fun(com,fun(T3,T3))) * fun(pname,T3) * fun(vname,fun(pname,fun(fun(state,nat),T3))) * com ) > T3 ) ).
tff(sy_c_Groups_Ozero__class_Ozero,type,
zero_zero:
!>[A2: $tType] : A2 ).
tff(sy_c_Hoare__Mirabelle__vtrypsmcwp_Ohoare__valids,type,
hoare_592965047valids:
!>[A2: $tType] : ( ( fun(hoare_28830079triple(A2),bool) * fun(hoare_28830079triple(A2),bool) ) > $o ) ).
tff(sy_c_Hoare__Mirabelle__vtrypsmcwp_Otriple_Otriple,type,
hoare_1841697145triple:
!>[A2: $tType] : ( ( fun(A2,fun(state,bool)) * com * fun(A2,fun(state,bool)) ) > hoare_28830079triple(A2) ) ).
tff(sy_c_Hoare__Mirabelle__vtrypsmcwp_Otriple_Otriple__case,type,
hoare_376461865e_case:
!>[A2: $tType,T3: $tType] : ( ( fun(fun(A2,fun(state,bool)),fun(com,fun(fun(A2,fun(state,bool)),T3))) * hoare_28830079triple(A2) ) > T3 ) ).
tff(sy_c_Hoare__Mirabelle__vtrypsmcwp_Otriple_Otriple__rec,type,
hoare_678420151le_rec:
!>[A2: $tType,T3: $tType] : ( ( fun(fun(A2,fun(state,bool)),fun(com,fun(fun(A2,fun(state,bool)),T3))) * hoare_28830079triple(A2) ) > T3 ) ).
tff(sy_c_Hoare__Mirabelle__vtrypsmcwp_Otriple__valid,type,
hoare_1633586161_valid:
!>[A2: $tType] : ( ( nat * hoare_28830079triple(A2) ) > $o ) ).
tff(sy_c_Nat_OSuc,type,
suc: nat > nat ).
tff(sy_c_Nat_Onat_Onat__case,type,
nat_case:
!>[T3: $tType] : ( ( T3 * fun(nat,T3) * nat ) > T3 ) ).
tff(sy_c_Nat_Onat_Onat__rec,type,
nat_rec:
!>[T3: $tType] : ( ( T3 * fun(nat,fun(T3,T3)) * nat ) > T3 ) ).
tff(sy_c_Nat_Osemiring__1__class_Oof__nat__aux,type,
semiri532925092at_aux:
!>[A2: $tType] : ( ( fun(A2,A2) * nat * A2 ) > A2 ) ).
tff(sy_c_Natural_Oevaln,type,
evaln: ( com * state * nat * state ) > $o ).
tff(sy_c_aa,type,
aa:
!>[A2: $tType,B: $tType] : ( ( fun(A2,B) * A2 ) > B ) ).
tff(sy_c_fFalse,type,
fFalse: bool ).
tff(sy_c_fTrue,type,
fTrue: bool ).
tff(sy_c_member,type,
member:
!>[A2: $tType] : ( ( A2 * fun(A2,bool) ) > $o ) ).
tff(sy_c_pp,type,
pp: bool > $o ).
tff(sy_v_G,type,
g: fun(hoare_28830079triple(a),bool) ).
tff(sy_v_P,type,
p: ( a * state ) > $o ).
tff(sy_v_b,type,
b: fun(state,bool) ).
tff(sy_v_c,type,
c: com ).
tff(sy_v_d,type,
d: com ).
tff(sy_v_n,type,
n: nat ).
tff(sy_v_s,type,
s1: state ).
tff(sy_v_s_H,type,
s: state ).
%----Relevant facts (96)
tff(fact_0_evaln_OWhileFalse,axiom,
! [N2: nat,Ca: com,S3: state,Ba: fun(state,bool)] :
( ~ pp(aa(state,bool,Ba,S3))
=> evaln(while(Ba,Ca),S3,N2,S3) ) ).
tff(fact_1_evaln_OWhileTrue,axiom,
! [S22: state,S12: state,N2: nat,Ca: com,S01: state,Ba: fun(state,bool)] :
( pp(aa(state,bool,Ba,S01))
=> ( evaln(Ca,S01,N2,S12)
=> ( evaln(while(Ba,Ca),S12,N2,S22)
=> evaln(while(Ba,Ca),S01,N2,S22) ) ) ) ).
tff(fact_2_hoare__valids__def,axiom,
! [B: $tType,Ts: fun(hoare_28830079triple(B),bool),Ga: fun(hoare_28830079triple(B),bool)] :
( hoare_592965047valids(B,Ga,Ts)
<=> ! [N4: nat] :
( ! [X5: hoare_28830079triple(B)] :
( member(hoare_28830079triple(B),X5,Ga)
=> hoare_1633586161_valid(B,N4,X5) )
=> ! [X5: hoare_28830079triple(B)] :
( member(hoare_28830079triple(B),X5,Ts)
=> hoare_1633586161_valid(B,N4,X5) ) ) ) ).
tff(fact_3_com_Osimps_I5_J,axiom,
! [Com3: com,Fun1: fun(state,bool),Com: com,Fun: fun(state,bool)] :
( ( while(Fun,Com) = while(Fun1,Com3) )
<=> ( ( Fun = Fun1 )
& ( Com = Com3 ) ) ) ).
tff(fact_4_evaln__WHILE__case,axiom,
! [T1: state,N2: nat,S3: state,Ca: com,Ba: fun(state,bool)] :
( evaln(while(Ba,Ca),S3,N2,T1)
=> ( ( ( T1 = S3 )
=> pp(aa(state,bool,Ba,S3)) )
=> ~ ( pp(aa(state,bool,Ba,S3))
=> ! [S11: state] :
( evaln(Ca,S3,N2,S11)
=> ~ evaln(while(Ba,Ca),S11,N2,T1) ) ) ) ) ).
tff(fact_5_triples__valid__Suc,axiom,
! [B: $tType,N2: nat,Ts: fun(hoare_28830079triple(B),bool)] :
( ! [X1: hoare_28830079triple(B)] :
( member(hoare_28830079triple(B),X1,Ts)
=> hoare_1633586161_valid(B,suc(N2),X1) )
=> ! [X: hoare_28830079triple(B)] :
( member(hoare_28830079triple(B),X,Ts)
=> hoare_1633586161_valid(B,N2,X) ) ) ).
tff(fact_6_triple__valid__def2,axiom,
! [B: $tType,Q: fun(B,fun(state,bool)),Ca: com,Pa: fun(B,fun(state,bool)),N2: nat] :
( hoare_1633586161_valid(B,N2,hoare_1841697145triple(B,Pa,Ca,Q))
<=> ! [Z2: B,S5: state] :
( pp(aa(state,bool,aa(B,fun(state,bool),Pa,Z2),S5))
=> ! [S6: state] :
( evaln(Ca,S5,N2,S6)
=> pp(aa(state,bool,aa(B,fun(state,bool),Q,Z2),S6)) ) ) ) ).
tff(fact_7_evaln__max2,axiom,
! [T2: state,N21: nat,S21: state,C2: com,T11: state,N11: nat,S13: state,C1: com] :
( evaln(C1,S13,N11,T11)
=> ( evaln(C2,S21,N21,T2)
=> ? [N3: nat] :
( evaln(C1,S13,N3,T11)
& evaln(C2,S21,N3,T2) ) ) ) ).
tff(fact_8_ball__reg,axiom,
! [B: $tType,Q: fun(B,bool),Pa: fun(B,bool),R: fun(B,bool)] :
( ! [X1: B] :
( member(B,X1,R)
=> ( pp(aa(B,bool,Pa,X1))
=> pp(aa(B,bool,Q,X1)) ) )
=> ( ! [X1: B] :
( member(B,X1,R)
=> pp(aa(B,bool,Pa,X1)) )
=> ! [X: B] :
( member(B,X,R)
=> pp(aa(B,bool,Q,X)) ) ) ) ).
tff(fact_9_triple__valid__Suc,axiom,
! [A2: $tType,T: hoare_28830079triple(A2),N1: nat] :
( hoare_1633586161_valid(A2,suc(N1),T)
=> hoare_1633586161_valid(A2,N1,T) ) ).
tff(fact_10_com_Osimps_I69_J,axiom,
! [B: $tType,Com: com,Fun: fun(state,bool),F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,B)),F5: fun(fun(state,bool),fun(com,fun(com,B))),F4: fun(com,fun(com,B)),F3: fun(loc,fun(fun(state,nat),fun(com,B))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_case(B,F1,F2,F3,F4,F5,F6,F7,F8,while(Fun,Com)) = aa(com,B,aa(fun(state,bool),fun(com,B),F6,Fun),Com) ) ).
tff(fact_11_triple_Oinject,axiom,
! [B: $tType,Fun22: fun(B,fun(state,bool)),Com3: com,Fun13: fun(B,fun(state,bool)),Fun21: fun(B,fun(state,bool)),Com: com,Fun12: fun(B,fun(state,bool))] :
( ( hoare_1841697145triple(B,Fun12,Com,Fun21) = hoare_1841697145triple(B,Fun13,Com3,Fun22) )
<=> ( ( Fun12 = Fun13 )
& ( Com = Com3 )
& ( Fun21 = Fun22 ) ) ) ).
tff(fact_12_evaln__Suc,axiom,
! [S4: state,N1: nat,S2: state,C3: com] :
( evaln(C3,S2,N1,S4)
=> evaln(C3,S2,suc(N1),S4) ) ).
tff(fact_13_nat_Oinject,axiom,
! [Nat3: nat,Nat2: nat] :
( ( suc(Nat2) = suc(Nat3) )
<=> ( Nat2 = Nat3 ) ) ).
tff(fact_14_triple_Orecs,axiom,
! [B: $tType,C: $tType,Fun21: fun(C,fun(state,bool)),Com: com,Fun12: fun(C,fun(state,bool)),F1: fun(fun(C,fun(state,bool)),fun(com,fun(fun(C,fun(state,bool)),B)))] : ( hoare_678420151le_rec(C,B,F1,hoare_1841697145triple(C,Fun12,Com,Fun21)) = aa(fun(C,fun(state,bool)),B,aa(com,fun(fun(C,fun(state,bool)),B),aa(fun(C,fun(state,bool)),fun(com,fun(fun(C,fun(state,bool)),B)),F1,Fun12),Com),Fun21) ) ).
tff(fact_15_triple_Osimps_I2_J,axiom,
! [B: $tType,C: $tType,Fun21: fun(C,fun(state,bool)),Com: com,Fun12: fun(C,fun(state,bool)),F1: fun(fun(C,fun(state,bool)),fun(com,fun(fun(C,fun(state,bool)),B)))] : ( hoare_376461865e_case(C,B,F1,hoare_1841697145triple(C,Fun12,Com,Fun21)) = aa(fun(C,fun(state,bool)),B,aa(com,fun(fun(C,fun(state,bool)),B),aa(fun(C,fun(state,bool)),fun(com,fun(fun(C,fun(state,bool)),B)),F1,Fun12),Com),Fun21) ) ).
tff(fact_16_triple_Oexhaust,axiom,
! [B: $tType,Y2: hoare_28830079triple(B)] :
~ ! [Fun11: fun(B,fun(state,bool)),Com4: com,Fun2: fun(B,fun(state,bool))] : ( Y2 != hoare_1841697145triple(B,Fun11,Com4,Fun2) ) ).
tff(fact_17_n__not__Suc__n,axiom,
! [N1: nat] : ( N1 != suc(N1) ) ).
tff(fact_18_Suc__n__not__n,axiom,
! [N1: nat] : ( suc(N1) != N1 ) ).
tff(fact_19_Suc__inject,axiom,
! [Y1: nat,X4: nat] :
( ( suc(X4) = suc(Y1) )
=> ( X4 = Y1 ) ) ).
tff(fact_20_evaln__elim__cases_I1_J,axiom,
! [T: state,N1: nat,S2: state] :
( evaln(skip,S2,N1,T)
=> ( T = S2 ) ) ).
tff(fact_21_evaln_OSkip,axiom,
! [N1: nat,S2: state] : evaln(skip,S2,N1,S2) ).
tff(fact_22_com_Osimps_I16_J,axiom,
! [Com3: com,Fun1: fun(state,bool)] : ( skip != while(Fun1,Com3) ) ).
tff(fact_23_com_Osimps_I17_J,axiom,
! [Com3: com,Fun1: fun(state,bool)] : ( while(Fun1,Com3) != skip ) ).
tff(fact_24_com_Osimps_I64_J,axiom,
! [B: $tType,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,B)),F5: fun(fun(state,bool),fun(com,fun(com,B))),F4: fun(com,fun(com,B)),F3: fun(loc,fun(fun(state,nat),fun(com,B))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_case(B,F1,F2,F3,F4,F5,F6,F7,F8,skip) = F1 ) ).
tff(fact_25_of__nat__aux_Osimps_I2_J,axiom,
! [B: $tType] :
( semiring_1(B)
=> ! [I: B,N2: nat,Inc: fun(B,B)] : ( semiri532925092at_aux(B,Inc,suc(N2),I) = semiri532925092at_aux(B,Inc,N2,aa(B,B,Inc,I)) ) ) ).
tff(fact_26_nat__case__Suc,axiom,
! [B: $tType,Nat2: nat,F2: fun(nat,B),F1: B] : ( nat_case(B,F1,F2,suc(Nat2)) = aa(nat,B,F2,Nat2) ) ).
tff(fact_27_evaln_OSemi,axiom,
! [S21: state,C1: com,S13: state,N1: nat,S0: state,C0: com] :
( evaln(C0,S0,N1,S13)
=> ( evaln(C1,S13,N1,S21)
=> evaln(semi(C0,C1),S0,N1,S21) ) ) ).
tff(fact_28_evaln_OIfFalse,axiom,
! [C01: com,S12: state,N2: nat,C11: com,S3: state,Ba: fun(state,bool)] :
( ~ pp(aa(state,bool,Ba,S3))
=> ( evaln(C11,S3,N2,S12)
=> evaln(cond(Ba,C01,C11),S3,N2,S12) ) ) ).
tff(fact_29_evaln_OIfTrue,axiom,
! [C11: com,S12: state,N2: nat,C01: com,S3: state,Ba: fun(state,bool)] :
( pp(aa(state,bool,Ba,S3))
=> ( evaln(C01,S3,N2,S12)
=> evaln(cond(Ba,C01,C11),S3,N2,S12) ) ) ).
tff(fact_30_evaln__elim__cases_I5_J,axiom,
! [T1: state,N2: nat,S3: state,C21: com,C11: com,Ba: fun(state,bool)] :
( evaln(cond(Ba,C11,C21),S3,N2,T1)
=> ( ( pp(aa(state,bool,Ba,S3))
=> ~ evaln(C11,S3,N2,T1) )
=> ~ ( ~ pp(aa(state,bool,Ba,S3))
=> ~ evaln(C21,S3,N2,T1) ) ) ) ).
tff(fact_31_com_Osimps_I4_J,axiom,
! [Com21: com,Com11: com,Fun1: fun(state,bool),Com2: com,Com1: com,Fun: fun(state,bool)] :
( ( cond(Fun,Com1,Com2) = cond(Fun1,Com11,Com21) )
<=> ( ( Fun = Fun1 )
& ( Com1 = Com11 )
& ( Com2 = Com21 ) ) ) ).
tff(fact_32_com_Osimps_I3_J,axiom,
! [Com21: com,Com11: com,Com2: com,Com1: com] :
( ( semi(Com1,Com2) = semi(Com11,Com21) )
<=> ( ( Com1 = Com11 )
& ( Com2 = Com21 ) ) ) ).
tff(fact_33_WTs__elim__cases_I6_J,axiom,
! [Ca: com,Ba: fun(state,bool)] :
( wt(while(Ba,Ca))
=> wt(Ca) ) ).
tff(fact_34_WTs__elim__cases_I5_J,axiom,
! [C21: com,C11: com,Ba: fun(state,bool)] :
( wt(cond(Ba,C11,C21))
=> ~ ( wt(C11)
=> ~ wt(C21) ) ) ).
tff(fact_35_WTs__elim__cases_I4_J,axiom,
! [C2: com,C1: com] :
( wt(semi(C1,C2))
=> ~ ( wt(C1)
=> ~ wt(C2) ) ) ).
tff(fact_36_WT_OIf,axiom,
! [Ba: fun(state,bool),C11: com,C01: com] :
( wt(C01)
=> ( wt(C11)
=> wt(cond(Ba,C01,C11)) ) ) ).
tff(fact_37_WT_OSemi,axiom,
! [C1: com,C0: com] :
( wt(C0)
=> ( wt(C1)
=> wt(semi(C0,C1)) ) ) ).
tff(fact_38_com_Osimps_I45_J,axiom,
! [Com2: com,Com1: com,Com21: com,Com11: com,Fun1: fun(state,bool)] : ( cond(Fun1,Com11,Com21) != semi(Com1,Com2) ) ).
tff(fact_39_com_Osimps_I44_J,axiom,
! [Com21: com,Com11: com,Fun1: fun(state,bool),Com2: com,Com1: com] : ( semi(Com1,Com2) != cond(Fun1,Com11,Com21) ) ).
tff(fact_40_While,axiom,
! [Ba: fun(state,bool),Ca: com] :
( wt(Ca)
=> wt(while(Ba,Ca)) ) ).
tff(fact_41_com_Osimps_I52_J,axiom,
! [Com3: com,Fun1: fun(state,bool),Com2: com,Com1: com,Fun: fun(state,bool)] : ( cond(Fun,Com1,Com2) != while(Fun1,Com3) ) ).
tff(fact_42_com_Osimps_I53_J,axiom,
! [Com2: com,Com1: com,Fun: fun(state,bool),Com3: com,Fun1: fun(state,bool)] : ( while(Fun1,Com3) != cond(Fun,Com1,Com2) ) ).
tff(fact_43_WT_OSkip,axiom,
wt(skip) ).
tff(fact_44_com_Osimps_I47_J,axiom,
! [Com2: com,Com1: com,Com3: com,Fun1: fun(state,bool)] : ( while(Fun1,Com3) != semi(Com1,Com2) ) ).
tff(fact_45_com_Osimps_I46_J,axiom,
! [Com3: com,Fun1: fun(state,bool),Com2: com,Com1: com] : ( semi(Com1,Com2) != while(Fun1,Com3) ) ).
tff(fact_46_com_Osimps_I15_J,axiom,
! [Com21: com,Com11: com,Fun1: fun(state,bool)] : ( cond(Fun1,Com11,Com21) != skip ) ).
tff(fact_47_com_Osimps_I14_J,axiom,
! [Com21: com,Com11: com,Fun1: fun(state,bool)] : ( skip != cond(Fun1,Com11,Com21) ) ).
tff(fact_48_com_Osimps_I13_J,axiom,
! [Com22: com,Com12: com] : ( semi(Com12,Com22) != skip ) ).
tff(fact_49_com_Osimps_I12_J,axiom,
! [Com22: com,Com12: com] : ( skip != semi(Com12,Com22) ) ).
tff(fact_50_com_Osimps_I68_J,axiom,
! [B: $tType,Com2: com,Com1: com,Fun: fun(state,bool),F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,B)),F5: fun(fun(state,bool),fun(com,fun(com,B))),F4: fun(com,fun(com,B)),F3: fun(loc,fun(fun(state,nat),fun(com,B))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_case(B,F1,F2,F3,F4,F5,F6,F7,F8,cond(Fun,Com1,Com2)) = aa(com,B,aa(com,fun(com,B),aa(fun(state,bool),fun(com,fun(com,B)),F5,Fun),Com1),Com2) ) ).
tff(fact_51_com_Osimps_I67_J,axiom,
! [B: $tType,Com2: com,Com1: com,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,B)),F5: fun(fun(state,bool),fun(com,fun(com,B))),F4: fun(com,fun(com,B)),F3: fun(loc,fun(fun(state,nat),fun(com,B))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_case(B,F1,F2,F3,F4,F5,F6,F7,F8,semi(Com1,Com2)) = aa(com,B,aa(com,fun(com,B),F4,Com1),Com2) ) ).
tff(fact_52_evaln__elim__cases_I4_J,axiom,
! [T: state,N1: nat,S2: state,C2: com,C1: com] :
( evaln(semi(C1,C2),S2,N1,T)
=> ~ ! [S11: state] :
( evaln(C1,S2,N1,S11)
=> ~ evaln(C2,S11,N1,T) ) ) ).
tff(fact_53_nat__rec__Suc,axiom,
! [B: $tType,Nat2: nat,F2: fun(nat,fun(B,B)),F1: B] : ( nat_rec(B,F1,F2,suc(Nat2)) = aa(B,B,aa(nat,fun(B,B),F2,Nat2),nat_rec(B,F1,F2,Nat2)) ) ).
tff(fact_54_WTs__elim__cases_I3_J,axiom,
! [Ca: com,A: fun(state,nat),Y: loc] :
( wt(local(Y,A,Ca))
=> wt(Ca) ) ).
tff(fact_55_com_Orecs_I1_J,axiom,
! [B: $tType,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,fun(B,B))),F5: fun(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B))))),F4: fun(com,fun(com,fun(B,fun(B,B)))),F3: fun(loc,fun(fun(state,nat),fun(com,fun(B,B)))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,skip) = F1 ) ).
tff(fact_56_of__nat__aux_Osimps_I1_J,axiom,
! [B: $tType] :
( semiring_1(B)
=> ! [I: B,Inc: fun(B,B)] : ( semiri532925092at_aux(B,Inc,zero_zero(nat),I) = I ) ) ).
tff(fact_57_com_Osimps_I1_J,axiom,
! [Fun1: fun(state,nat),Vname1: vname,Fun: fun(state,nat),Vname: vname] :
( ( ass(Vname,Fun) = ass(Vname1,Fun1) )
<=> ( ( Vname = Vname1 )
& ( Fun = Fun1 ) ) ) ).
tff(fact_58_com_Osimps_I2_J,axiom,
! [Com3: com,Fun1: fun(state,nat),Loc1: loc,Com: com,Fun: fun(state,nat),Loc: loc] :
( ( local(Loc,Fun,Com) = local(Loc1,Fun1,Com3) )
<=> ( ( Loc = Loc1 )
& ( Fun = Fun1 )
& ( Com = Com3 ) ) ) ).
tff(fact_59_com_Osimps_I22_J,axiom,
! [Com3: com,Fun1: fun(state,nat),Loc1: loc,Fun: fun(state,nat),Vname: vname] : ( ass(Vname,Fun) != local(Loc1,Fun1,Com3) ) ).
tff(fact_60_com_Osimps_I23_J,axiom,
! [Fun: fun(state,nat),Vname: vname,Com3: com,Fun1: fun(state,nat),Loc1: loc] : ( local(Loc1,Fun1,Com3) != ass(Vname,Fun) ) ).
tff(fact_61_com_Orecs_I2_J,axiom,
! [B: $tType,Fun: fun(state,nat),Vname: vname,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,fun(B,B))),F5: fun(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B))))),F4: fun(com,fun(com,fun(B,fun(B,B)))),F3: fun(loc,fun(fun(state,nat),fun(com,fun(B,B)))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,ass(Vname,Fun)) = aa(fun(state,nat),B,aa(vname,fun(fun(state,nat),B),F2,Vname),Fun) ) ).
tff(fact_62_com_Orecs_I3_J,axiom,
! [B: $tType,Com: com,Fun: fun(state,nat),Loc: loc,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,fun(B,B))),F5: fun(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B))))),F4: fun(com,fun(com,fun(B,fun(B,B)))),F3: fun(loc,fun(fun(state,nat),fun(com,fun(B,B)))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,local(Loc,Fun,Com)) = aa(B,B,aa(com,fun(B,B),aa(fun(state,nat),fun(com,fun(B,B)),aa(loc,fun(fun(state,nat),fun(com,fun(B,B))),F3,Loc),Fun),Com),com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,Com)) ) ).
tff(fact_63_nat__rec__0,axiom,
! [B: $tType,F2: fun(nat,fun(B,B)),F1: B] : ( nat_rec(B,F1,F2,zero_zero(nat)) = F1 ) ).
tff(fact_64_Suc__neq__Zero,axiom,
! [M: nat] : ( suc(M) != zero_zero(nat) ) ).
tff(fact_65_Zero__neq__Suc,axiom,
! [M: nat] : ( zero_zero(nat) != suc(M) ) ).
tff(fact_66_nat_Osimps_I3_J,axiom,
! [Nat1: nat] : ( suc(Nat1) != zero_zero(nat) ) ).
tff(fact_67_Suc__not__Zero,axiom,
! [M: nat] : ( suc(M) != zero_zero(nat) ) ).
tff(fact_68_nat_Osimps_I2_J,axiom,
! [Nat: nat] : ( zero_zero(nat) != suc(Nat) ) ).
tff(fact_69_Zero__not__Suc,axiom,
! [M: nat] : ( zero_zero(nat) != suc(M) ) ).
tff(fact_70_nat__case__0,axiom,
! [B: $tType,F2: fun(nat,B),F1: B] : ( nat_case(B,F1,F2,zero_zero(nat)) = F1 ) ).
tff(fact_71_ext,axiom,
! [C: $tType,B: $tType,G: fun(B,C),F: fun(B,C)] :
( ! [X1: B] : ( aa(B,C,F,X1) = aa(B,C,G,X1) )
=> ( F = G ) ) ).
tff(fact_72_mem__def,axiom,
! [B: $tType,A1: fun(B,bool),X3: B] :
( member(B,X3,A1)
<=> pp(aa(B,bool,A1,X3)) ) ).
tff(fact_73_WT_OAssign,axiom,
! [A: fun(state,nat),X2: vname] : wt(ass(X2,A)) ).
tff(fact_74_WT_OLocal,axiom,
! [A: fun(state,nat),Y: loc,Ca: com] :
( wt(Ca)
=> wt(local(Y,A,Ca)) ) ).
tff(fact_75_com_Osimps_I28_J,axiom,
! [Com3: com,Fun1: fun(state,bool),Fun: fun(state,nat),Vname: vname] : ( ass(Vname,Fun) != while(Fun1,Com3) ) ).
tff(fact_76_com_Osimps_I29_J,axiom,
! [Fun: fun(state,nat),Vname: vname,Com3: com,Fun1: fun(state,bool)] : ( while(Fun1,Com3) != ass(Vname,Fun) ) ).
tff(fact_77_com_Osimps_I39_J,axiom,
! [Com: com,Fun: fun(state,nat),Loc: loc,Com3: com,Fun1: fun(state,bool)] : ( while(Fun1,Com3) != local(Loc,Fun,Com) ) ).
tff(fact_78_com_Osimps_I38_J,axiom,
! [Com3: com,Fun1: fun(state,bool),Com: com,Fun: fun(state,nat),Loc: loc] : ( local(Loc,Fun,Com) != while(Fun1,Com3) ) ).
tff(fact_79_com_Osimps_I26_J,axiom,
! [Com21: com,Com11: com,Fun1: fun(state,bool),Fun: fun(state,nat),Vname: vname] : ( ass(Vname,Fun) != cond(Fun1,Com11,Com21) ) ).
tff(fact_80_com_Osimps_I27_J,axiom,
! [Fun: fun(state,nat),Vname: vname,Com21: com,Com11: com,Fun1: fun(state,bool)] : ( cond(Fun1,Com11,Com21) != ass(Vname,Fun) ) ).
tff(fact_81_com_Osimps_I37_J,axiom,
! [Com: com,Fun: fun(state,nat),Loc: loc,Com21: com,Com11: com,Fun1: fun(state,bool)] : ( cond(Fun1,Com11,Com21) != local(Loc,Fun,Com) ) ).
tff(fact_82_com_Osimps_I36_J,axiom,
! [Com21: com,Com11: com,Fun1: fun(state,bool),Com: com,Fun: fun(state,nat),Loc: loc] : ( local(Loc,Fun,Com) != cond(Fun1,Com11,Com21) ) ).
tff(fact_83_com_Osimps_I24_J,axiom,
! [Com21: com,Com11: com,Fun: fun(state,nat),Vname: vname] : ( ass(Vname,Fun) != semi(Com11,Com21) ) ).
tff(fact_84_com_Osimps_I25_J,axiom,
! [Fun: fun(state,nat),Vname: vname,Com21: com,Com11: com] : ( semi(Com11,Com21) != ass(Vname,Fun) ) ).
tff(fact_85_com_Osimps_I35_J,axiom,
! [Com: com,Fun: fun(state,nat),Loc: loc,Com21: com,Com11: com] : ( semi(Com11,Com21) != local(Loc,Fun,Com) ) ).
tff(fact_86_com_Osimps_I34_J,axiom,
! [Com21: com,Com11: com,Com: com,Fun: fun(state,nat),Loc: loc] : ( local(Loc,Fun,Com) != semi(Com11,Com21) ) ).
tff(fact_87_com_Osimps_I8_J,axiom,
! [Fun1: fun(state,nat),Vname1: vname] : ( skip != ass(Vname1,Fun1) ) ).
tff(fact_88_com_Osimps_I10_J,axiom,
! [Com3: com,Fun1: fun(state,nat),Loc1: loc] : ( skip != local(Loc1,Fun1,Com3) ) ).
tff(fact_89_com_Osimps_I9_J,axiom,
! [Fun1: fun(state,nat),Vname1: vname] : ( ass(Vname1,Fun1) != skip ) ).
tff(fact_90_com_Osimps_I11_J,axiom,
! [Com3: com,Fun1: fun(state,nat),Loc1: loc] : ( local(Loc1,Fun1,Com3) != skip ) ).
tff(fact_91_com_Osimps_I66_J,axiom,
! [B: $tType,Com: com,Fun: fun(state,nat),Loc: loc,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,B)),F5: fun(fun(state,bool),fun(com,fun(com,B))),F4: fun(com,fun(com,B)),F3: fun(loc,fun(fun(state,nat),fun(com,B))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_case(B,F1,F2,F3,F4,F5,F6,F7,F8,local(Loc,Fun,Com)) = aa(com,B,aa(fun(state,nat),fun(com,B),aa(loc,fun(fun(state,nat),fun(com,B)),F3,Loc),Fun),Com) ) ).
tff(fact_92_com_Osimps_I65_J,axiom,
! [B: $tType,Fun: fun(state,nat),Vname: vname,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,B)),F5: fun(fun(state,bool),fun(com,fun(com,B))),F4: fun(com,fun(com,B)),F3: fun(loc,fun(fun(state,nat),fun(com,B))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_case(B,F1,F2,F3,F4,F5,F6,F7,F8,ass(Vname,Fun)) = aa(fun(state,nat),B,aa(vname,fun(fun(state,nat),B),F2,Vname),Fun) ) ).
tff(fact_93_com_Orecs_I6_J,axiom,
! [B: $tType,Com: com,Fun: fun(state,bool),F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,fun(B,B))),F5: fun(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B))))),F4: fun(com,fun(com,fun(B,fun(B,B)))),F3: fun(loc,fun(fun(state,nat),fun(com,fun(B,B)))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,while(Fun,Com)) = aa(B,B,aa(com,fun(B,B),aa(fun(state,bool),fun(com,fun(B,B)),F6,Fun),Com),com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,Com)) ) ).
tff(fact_94_com_Orecs_I5_J,axiom,
! [B: $tType,Com2: com,Com1: com,Fun: fun(state,bool),F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,fun(B,B))),F5: fun(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B))))),F4: fun(com,fun(com,fun(B,fun(B,B)))),F3: fun(loc,fun(fun(state,nat),fun(com,fun(B,B)))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,cond(Fun,Com1,Com2)) = aa(B,B,aa(B,fun(B,B),aa(com,fun(B,fun(B,B)),aa(com,fun(com,fun(B,fun(B,B))),aa(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B)))),F5,Fun),Com1),Com2),com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,Com1)),com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,Com2)) ) ).
tff(fact_95_com_Orecs_I4_J,axiom,
! [B: $tType,Com2: com,Com1: com,F8: fun(vname,fun(pname,fun(fun(state,nat),B))),F7: fun(pname,B),F6: fun(fun(state,bool),fun(com,fun(B,B))),F5: fun(fun(state,bool),fun(com,fun(com,fun(B,fun(B,B))))),F4: fun(com,fun(com,fun(B,fun(B,B)))),F3: fun(loc,fun(fun(state,nat),fun(com,fun(B,B)))),F2: fun(vname,fun(fun(state,nat),B)),F1: B] : ( com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,semi(Com1,Com2)) = aa(B,B,aa(B,fun(B,B),aa(com,fun(B,fun(B,B)),aa(com,fun(com,fun(B,fun(B,B))),F4,Com1),Com2),com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,Com1)),com_rec(B,F1,F2,F3,F4,F5,F6,F7,F8,Com2)) ) ).
%----Arities (1)
tff(arity_Nat_Onat___Rings_Osemiring__1,axiom,
semiring_1(nat) ).
%----Helper facts (2)
tff(help_pp_1_1_U,axiom,
~ pp(fFalse) ).
tff(help_pp_2_1_U,axiom,
pp(fTrue) ).
%----Conjectures (3)
tff(conj_0,hypothesis,
! [N: nat] :
( ! [X1: hoare_28830079triple(a)] :
( member(hoare_28830079triple(a),X1,g)
=> hoare_1633586161_valid(a,N,X1) )
=> ! [Z1: a,S: state] :
( ( p(Z1,S)
& pp(aa(state,bool,b,S)) )
=> ! [S1: state] :
( evaln(c,S,N,S1)
=> p(Z1,S1) ) ) ) ).
tff(conj_1,hypothesis,
evaln(d,s1,n,s) ).
tff(conj_2,conjecture,
( ( d != while(b,c) )
| ? [X: hoare_28830079triple(a)] :
( member(hoare_28830079triple(a),X,g)
& ~ hoare_1633586161_valid(a,n,X) )
| ! [Z: a] :
( ~ p(Z,s1)
| ( p(Z,s)
& ~ pp(aa(state,bool,b,s)) ) ) ) ).
%------------------------------------------------------------------------------