From 7537ff075dbb2d814d722d2d72586ce78235467c Mon Sep 17 00:00:00 2001 From: Haniel Barbosa Date: Wed, 31 Jul 2019 12:17:29 -0500 Subject: [PATCH] Parsing THF and adding several regressions (#3131) --- src/options/options.h | 1 - src/parser/parser.cpp | 9 + src/parser/tptp/Tptp.g | 527 +- src/parser/tptp/tptp.cpp | 23 +- src/parser/tptp/tptp.h | 10 +- test/regress/CMakeLists.txt | 29 +- .../ho/bug_nodbuilding_interpreted_SYO042^1.p | 56 + .../{regress1 => regress0}/ho/fta0210.smt2 | 0 .../ho/ho-exponential-model.smt2 | 0 .../ho/ho-matching-enum-2.smt2 | 0 .../{regress1 => regress0}/ho/ho-std-fmf.smt2 | 0 .../{regress1 => regress0}/ho/hoa0008.smt2 | 0 .../ho/match-middle.smt2 | 0 test/regress/regress1/ho/NUM638^1.smt2 | 17 + test/regress/regress1/ho/NUM925^1.p | 638 ++ test/regress/regress1/ho/SYO056^1.p | 100 + test/regress/regress1/ho/bound_var_bug.p | 26 + .../ho/bug_freeVar_BDD_General_data_270.p | 11 + .../ho/bug_freevar_PHI004^4-delta.smt2 | 35 + test/regress/regress1/ho/fta0328.lfho.p | 200 + .../regress1/ho/nested_lambdas-AGT034^2.smt2 | 101 + .../ho/nested_lambdas-sat-SYO056^1-delta.smt2 | 50 + .../ho/soundness_fmf_SYO362^5-delta.p | 63 + test/regress/regress1/ho/store-ax-min.p | 28 + test/regress/regress2/ho/SYO362^5.p | 22 + .../{regress1 => regress2}/ho/auth0068.smt2 | 0 .../regress2/ho/bug_instfalse_SEU882^5.p | 44 + .../{regress1 => regress2}/ho/fta0409.smt2 | 0 .../regress2/ho/involved_parsing_ALG248^3.p | 2126 +++++++ .../ho/partial_app_interpreted_SWW474^2.p | 5211 +++++++++++++++++ 30 files changed, 9277 insertions(+), 50 deletions(-) create mode 100644 test/regress/regress0/ho/bug_nodbuilding_interpreted_SYO042^1.p rename test/regress/{regress1 => regress0}/ho/fta0210.smt2 (100%) rename test/regress/{regress1 => regress0}/ho/ho-exponential-model.smt2 (100%) rename test/regress/{regress1 => regress0}/ho/ho-matching-enum-2.smt2 (100%) rename test/regress/{regress1 => regress0}/ho/ho-std-fmf.smt2 (100%) rename test/regress/{regress1 => regress0}/ho/hoa0008.smt2 (100%) rename test/regress/{regress1 => regress0}/ho/match-middle.smt2 (100%) create mode 100644 test/regress/regress1/ho/NUM638^1.smt2 create mode 100644 test/regress/regress1/ho/NUM925^1.p create mode 100644 test/regress/regress1/ho/SYO056^1.p create mode 100644 test/regress/regress1/ho/bound_var_bug.p create mode 100644 test/regress/regress1/ho/bug_freeVar_BDD_General_data_270.p create mode 100644 test/regress/regress1/ho/bug_freevar_PHI004^4-delta.smt2 create mode 100644 test/regress/regress1/ho/fta0328.lfho.p create mode 100644 test/regress/regress1/ho/nested_lambdas-AGT034^2.smt2 create mode 100644 test/regress/regress1/ho/nested_lambdas-sat-SYO056^1-delta.smt2 create mode 100644 test/regress/regress1/ho/soundness_fmf_SYO362^5-delta.p create mode 100644 test/regress/regress1/ho/store-ax-min.p create mode 100644 test/regress/regress2/ho/SYO362^5.p rename test/regress/{regress1 => regress2}/ho/auth0068.smt2 (100%) create mode 100644 test/regress/regress2/ho/bug_instfalse_SEU882^5.p rename test/regress/{regress1 => regress2}/ho/fta0409.smt2 (100%) create mode 100644 test/regress/regress2/ho/involved_parsing_ALG248^3.p create mode 100644 test/regress/regress2/ho/partial_app_interpreted_SWW474^2.p diff --git a/src/options/options.h b/src/options/options.h index 56b92359b..020350c49 100644 --- a/src/options/options.h +++ b/src/options/options.h @@ -242,7 +242,6 @@ public: unsigned getThreadStackSize() const; unsigned getThreads() const; - // TODO: Document these. void setInputLanguage(InputLanguage); void setInteractive(bool); diff --git a/src/parser/parser.cpp b/src/parser/parser.cpp index 5e036ee69..dec4ebc97 100644 --- a/src/parser/parser.cpp +++ b/src/parser/parser.cpp @@ -492,6 +492,15 @@ Type Parser::mkFlatFunctionType(std::vector& sorts, Type range) // no difference return range; } + if (Debug.isOn("parser")) + { + Debug("parser") << "mkFlatFunctionType: range " << range << " and domains "; + for (Type t : sorts) + { + Debug("parser") << " " << t; + } + Debug("parser") << "\n"; + } while (range.isFunction()) { std::vector domainTypes = diff --git a/src/parser/tptp/Tptp.g b/src/parser/tptp/Tptp.g index 758198e0d..599b3bbe1 100644 --- a/src/parser/tptp/Tptp.g +++ b/src/parser/tptp/Tptp.g @@ -148,7 +148,6 @@ parseCommand returns [CVC4::Command* cmd = NULL] Tptp::FormulaRole fr; std::string name, inclSymbol; } -// : LPAREN_TOK c = command RPAREN_TOK { $cmd = c; } : CNF_TOK LPAREN_TOK nameN[name] COMMA_TOK formulaRole[fr] COMMA_TOK { PARSER_STATE->setCnf(true); PARSER_STATE->setFof(false); @@ -203,6 +202,26 @@ parseCommand returns [CVC4::Command* cmd = NULL] cmd = PARSER_STATE->makeAssertCommand(fr, aexpr, /* cnf == */ false, true); } ) RPAREN_TOK DOT_TOK + | THF_TOK LPAREN_TOK nameN[name] COMMA_TOK + // Supported THF formulas: either a logic formula or a typing atom (i.e. we + // ignore subtyping and logic sequents). Also, only TH0 + ( TYPE_TOK COMMA_TOK thfAtomTyping[cmd] + | formulaRole[fr] COMMA_TOK + { PARSER_STATE->setCnf(false); PARSER_STATE->setFof(false); } + thfLogicFormula[expr] (COMMA_TOK anything*)? + { + Expr aexpr = PARSER_STATE->getAssertionExpr(fr,expr); + if (!aexpr.isNull()) + { + // set the expression name (e.g. used with unsat core printing) + Command* csen = new SetExpressionNameCommand(aexpr, name); + csen->setMuted(true); + PARSER_STATE->preemptCommand(csen); + } + // make the command to assert the formula + cmd = PARSER_STATE->makeAssertCommand(fr, aexpr, /* cnf == */ false, true); + } + ) RPAREN_TOK DOT_TOK | INCLUDE_TOK LPAREN_TOK unquotedFileName[name] ( COMMA_TOK LBRACK_TOK nameN[inclSymbol] ( COMMA_TOK nameN[inclSymbol] )* RBRACK_TOK )? @@ -226,13 +245,13 @@ parseCommand returns [CVC4::Command* cmd = NULL] | EOF { CommandSequence* seq = new CommandSequence(); - // assert that all distinct constants are distinct + // assert that all distinct constants are distinct Expr aexpr = PARSER_STATE->getAssertionDistinctConstants(); if( !aexpr.isNull() ) { seq->addCommand(new AssertCommand(aexpr, false)); } - + std::string filename = PARSER_STATE->getInput()->getInputStreamName(); size_t i = filename.find_last_of('/'); if(i != std::string::npos) { @@ -284,7 +303,6 @@ formulaRole[CVC4::parser::Tptp::FormulaRole& role] cnfFormula[CVC4::Expr& expr] : LPAREN_TOK cnfDisjunction[expr] RPAREN_TOK | cnfDisjunction[expr] -//| FALSE_TOK { expr = MK_CONST(bool(false)); } ; cnfDisjunction[CVC4::Expr& expr] @@ -302,7 +320,6 @@ cnfDisjunction[CVC4::Expr& expr] cnfLiteral[CVC4::Expr& expr] : atomicFormula[expr] | NOT_TOK atomicFormula[expr] { expr = MK_EXPR(kind::NOT, expr); } -//| folInfixUnary[expr] ; atomicFormula[CVC4::Expr& expr] @@ -323,22 +340,77 @@ atomicFormula[CVC4::Expr& expr] PARSER_STATE->makeApplication(expr, name, args, false); } ) - | definedFun[expr] LPAREN_TOK arguments[args] RPAREN_TOK - equalOp[equal] term[expr2] - { expr = EXPR_MANAGER->mkExpr(expr, args); - expr = MK_EXPR(kind::EQUAL, expr, expr2); - if(!equal) expr = MK_EXPR(kind::NOT, expr); - } + | definedFun[expr] + ( + LPAREN_TOK arguments[args] RPAREN_TOK + equalOp[equal] term[expr2] + { + expr = EXPR_MANAGER->mkExpr(expr, args); + expr = MK_EXPR(kind::EQUAL, expr, expr2); + if (!equal) + { + expr = MK_EXPR(kind::NOT, expr); + } + } + )? | (simpleTerm[expr] | letTerm[expr] | conditionalTerm[expr]) - equalOp[equal] term[expr2] - { // equality/disequality between terms - expr = MK_EXPR(kind::EQUAL, expr, expr2); - if(!equal) expr = MK_EXPR(kind::NOT, expr); + ( + equalOp[equal] term[expr2] + { // equality/disequality between terms + expr = MK_EXPR(kind::EQUAL, expr, expr2); + if (!equal) + { + expr = MK_EXPR(kind::NOT, expr); + } + } + )? + | definedPred[expr] (LPAREN_TOK arguments[args] RPAREN_TOK)? + { + if (!args.empty()) + { + expr = EXPR_MANAGER->mkExpr(expr, args); + } } - | definedPred[expr] LPAREN_TOK arguments[args] RPAREN_TOK - { expr = EXPR_MANAGER->mkExpr(expr, args); } | definedProp[expr] ; + +thfAtomicFormula[CVC4::Expr& expr] +@declarations { + Expr expr2; + std::string name; + std::vector args; + bool equal; +} + : atomicWord[name] (LPAREN_TOK arguments[args] RPAREN_TOK)? + { + PARSER_STATE->makeApplication(expr, name, args, true); + } + | definedFun[expr] + ( + LPAREN_TOK arguments[args] RPAREN_TOK + equalOp[equal] term[expr2] + { + expr = EXPR_MANAGER->mkExpr(expr, args); + expr = MK_EXPR(kind::EQUAL, expr, expr2); + if (!equal) + { + expr = MK_EXPR(kind::NOT, expr); + } + } + )? + | thfSimpleTerm[expr] + | letTerm[expr] + | conditionalTerm[expr] + | thfDefinedPred[expr] (LPAREN_TOK arguments[args] RPAREN_TOK)? + { + if (!args.empty()) + { + expr = EXPR_MANAGER->mkExpr(expr, args); + } + } + | definedProp[expr] + ; + //%----Using removes a reduce/reduce ambiguity in lex/yacc. //%----Note: "defined" means a word starting with one $ and "system" means $$. @@ -373,6 +445,45 @@ definedPred[CVC4::Expr& expr] } | '$is_int' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::IS_INTEGER); } | '$distinct' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::DISTINCT); } + | AND_TOK { expr = EXPR_MANAGER->operatorOf(CVC4::kind::AND); } + | IMPLIES_TOK { expr = EXPR_MANAGER->operatorOf(CVC4::kind::IMPLIES); } + | OR_TOK { expr = EXPR_MANAGER->operatorOf(CVC4::kind::OR); } + ; + +thfDefinedPred[CVC4::Expr& expr] + : '$less' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::LT); } + | '$lesseq' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::LEQ); } + | '$greater' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::GT); } + | '$greatereq' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::GEQ); } + | '$is_rat' + // a real n is a rational if there exists q,r integers such that + // to_real(q) = n*to_real(r), + // where r is non-zero. + { + Expr n = EXPR_MANAGER->mkBoundVar("N", EXPR_MANAGER->realType()); + Expr q = EXPR_MANAGER->mkBoundVar("Q", EXPR_MANAGER->integerType()); + Expr qr = MK_EXPR(CVC4::kind::TO_REAL, q); + Expr r = EXPR_MANAGER->mkBoundVar("R", EXPR_MANAGER->integerType()); + Expr rr = MK_EXPR(CVC4::kind::TO_REAL, r); + Expr body = MK_EXPR( + CVC4::kind::AND, + MK_EXPR(CVC4::kind::NOT, + MK_EXPR(CVC4::kind::EQUAL, r, MK_CONST(Rational(0)))), + MK_EXPR(CVC4::kind::EQUAL, qr, MK_EXPR(CVC4::kind::MULT, n, rr))); + Expr bvl = MK_EXPR(CVC4::kind::BOUND_VAR_LIST, q, r); + body = MK_EXPR(CVC4::kind::EXISTS, bvl, body); + Expr lbvl = MK_EXPR(CVC4::kind::BOUND_VAR_LIST, n); + expr = MK_EXPR(CVC4::kind::LAMBDA, lbvl, body); + } + | '$is_int' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::IS_INTEGER); } + | '$distinct' { expr = EXPR_MANAGER->operatorOf(CVC4::kind::DISTINCT); } + | LPAREN_TOK + ( + AND_TOK { expr = EXPR_MANAGER->operatorOf(CVC4::kind::AND); } + | OR_TOK { expr = EXPR_MANAGER->operatorOf(CVC4::kind::OR); } + | IMPLIES_TOK { expr = EXPR_MANAGER->operatorOf(CVC4::kind::IMPLIES); } + ) + RPAREN_TOK ; definedFun[CVC4::Expr& expr] @@ -504,6 +615,16 @@ simpleTerm[CVC4::Expr& expr] | DISTINCT_OBJECT { expr = PARSER_STATE->convertStrToUnsorted(AntlrInput::tokenText($DISTINCT_OBJECT)); } ; +/* Not an application */ +thfSimpleTerm[CVC4::Expr& expr] + : NUMBER { expr = PARSER_STATE->d_tmp_expr; } + | DISTINCT_OBJECT + { + expr = PARSER_STATE->convertStrToUnsorted( + AntlrInput::tokenText($DISTINCT_OBJECT)); + } + ; + functionTerm[CVC4::Expr& expr] @declarations { std::vector args; @@ -637,8 +758,283 @@ fofBinaryNonAssoc[CVC4::parser::tptp::NonAssoc& na] ; folQuantifier[CVC4::Kind& kind] - : BANG_TOK { kind = kind::FORALL; } - | MARK_TOK { kind = kind::EXISTS; } + : FORALL_TOK { kind = kind::FORALL; } + | EXISTS_TOK { kind = kind::EXISTS; } + ; + +/*******/ +/* THF */ + +thfQuantifier[CVC4::Kind& kind] + : FORALL_TOK { kind = kind::FORALL; } + | EXISTS_TOK { kind = kind::EXISTS; } + | LAMBDA_TOK { kind = kind::LAMBDA; } + | CHOICE_TOK { kind = kind::CHOICE; } + | DEF_DESC_TOK + { + UNSUPPORTED("Description quantifier"); + } + | (TH1_UN_A | TH1_UN_E) + { + UNSUPPORTED("TH1 operator"); + } + ; + +thfAtomTyping[CVC4::Command*& cmd] +// for now only supports mapping types (i.e. no applied types) +@declarations { + CVC4::Expr expr; + CVC4::Type type; + std::string name; +} + : LPAREN_TOK thfAtomTyping[cmd] RPAREN_TOK + | nameN[name] COLON_TOK + ( '$tType' + { + if (PARSER_STATE->isDeclared(name, SYM_SORT)) + { + // duplicate declaration is fine, they're compatible + cmd = new EmptyCommand("compatible redeclaration of sort " + name); + } + else if (PARSER_STATE->isDeclared(name, SYM_VARIABLE)) + { + // error: cannot be both sort and constant + PARSER_STATE->parseError( + "Symbol `" + name + + "' previously declared as a constant; cannot also be a sort"); + } + else + { + // as yet, it's undeclared + Type type = PARSER_STATE->mkSort(name); + cmd = new DeclareTypeCommand(name, 0, type); + } + } + | parseThfType[type] + { + if (PARSER_STATE->isDeclared(name, SYM_SORT)) + { + // error: cannot be both sort and constant + PARSER_STATE->parseError("Symbol `" + name + + "' previously declared as a sort"); + cmd = new EmptyCommand("compatible redeclaration of sort " + name); + } + else if (PARSER_STATE->isDeclared(name, SYM_VARIABLE)) + { + if (type == PARSER_STATE->getVariable(name).getType()) + { + // duplicate declaration is fine, they're compatible + cmd = new EmptyCommand("compatible redeclaration of constant " + + name); + } + else + { + // error: sorts incompatible + PARSER_STATE->parseError( + "Symbol `" + name + + "' declared previously with a different sort"); + } + } + else + { + // as yet, it's undeclared + CVC4::Expr freshExpr; + if (type.isFunction()) + { + freshExpr = PARSER_STATE->mkFunction(name, type); + } + else + { + freshExpr = PARSER_STATE->mkVar(name, type); + } + cmd = new DeclareFunctionCommand(name, freshExpr, type); + } + } + ) + ; + +thfLogicFormula[CVC4::Expr& expr] +@declarations { + tptp::NonAssoc na; + std::vector< Expr > args; + Expr expr2; + bool equal; +} + //prefix unary formula case + // ~ + : thfUnitaryFormula[expr] + ( // Equality: = + equalOp[equal] + thfUnitaryFormula[expr2] + { + if (expr.getKind() == kind::BUILTIN && expr2.getKind() != kind::BUILTIN) + { + // make expr with a lambda of the same type as expr + PARSER_STATE->mkLambdaWrapper(expr, expr2.getType()); + } + else if (expr2.getKind() == kind::BUILTIN + && expr.getKind() != kind::BUILTIN) + { + // make expr2 with a lambda of the same type as expr + PARSER_STATE->mkLambdaWrapper(expr2, expr.getType()); + } + else if (expr.getKind() == kind::BUILTIN + && expr2.getKind() == kind::BUILTIN) + { + // TODO create whatever lambda + } + expr = MK_EXPR(kind::EQUAL, expr, expr2); + if (!equal) + { + expr = MK_EXPR(kind::NOT, expr); + } + } + | // Non-associative: <=> <~> ~& ~| + fofBinaryNonAssoc[na] thfUnitaryFormula[expr2] + { + switch(na) { + case tptp::NA_IFF: + expr = MK_EXPR(kind::EQUAL,expr,expr2); + break; + case tptp::NA_REVIFF: + expr = MK_EXPR(kind::XOR,expr,expr2); + break; + case tptp::NA_IMPLIES: + expr = MK_EXPR(kind::IMPLIES,expr,expr2); + break; + case tptp::NA_REVIMPLIES: + expr = MK_EXPR(kind::IMPLIES,expr2,expr); + break; + case tptp::NA_REVOR: + expr = MK_EXPR(kind::NOT,MK_EXPR(kind::OR,expr,expr2)); + break; + case tptp::NA_REVAND: + expr = MK_EXPR(kind::NOT,MK_EXPR(kind::AND,expr,expr2)); + break; + } + } + | // N-ary and & + ( { args.push_back(expr); } + ( AND_TOK thfUnitaryFormula[expr] { args.push_back(expr); } )+ + { + expr = MK_EXPR_ASSOCIATIVE(kind::AND, args); + } + ) + | // N-ary or | + ( { args.push_back(expr); } + ( OR_TOK thfUnitaryFormula[expr] { args.push_back(expr); } )+ + { + expr = MK_EXPR_ASSOCIATIVE(kind::OR, args); + } + ) + | // N-ary @ | + // + // @ (denoting apply) is left-associative and lambda is right-associative. + // ^ [X] : ^ [Y] : f @ g (where f is a and g is a + // ) should be parsed as: (^ [X] : (^ [Y] : f)) @ g. + // That is, g is not in the scope of either lambda. + { args.push_back(expr); } + ( APP_TOK + ( + thfUnitaryFormula[expr] { args.push_back(expr); } + | LBRACK_TOK + { UNSUPPORTED("Tuple terms"); } + thfTupleForm[args] + RBRACK_TOK + ) + )+ + { + expr = args[0]; + // also add case for total applications + if (expr.getKind() == kind::BUILTIN) + { + args.erase(args.begin()); + expr = EXPR_MANAGER->mkExpr(expr, args); + } + else + { + // check if any argument is a bultin node, e.g. "~", and create a + // lambda wrapper then, e.g. (\lambda x. ~ x) + for (unsigned i = 1; i < args.size(); ++i) + { + // create a lambda wrapper, e.g. (\lambda x. ~ x) + if (args[i].getKind() != kind::BUILTIN) + { + continue; + } + PARSER_STATE->mkLambdaWrapper( + args[i], + (static_cast(args[0].getType())) + .getArgTypes()[i - 1]); + } + for (unsigned i = 1; i < args.size(); ++i) + { + expr = MK_EXPR(kind::HO_APPLY, expr, args[i]); + } + } + } + )? + ; + +thfTupleForm[std::vector& args] +@declarations { + Expr expr; +} + : thfUnitaryFormula[expr] + { args.push_back(expr); } + ( COMMA_TOK thfUnitaryFormula[expr] { args.push_back(expr); } )+ +; + +thfUnitaryFormula[CVC4::Expr& expr] +@declarations { + Kind kind; + std::vector< Expr > bv; + Expr expr2; + bool equal; +} + : variable[expr] + | thfAtomicFormula[expr] + | LPAREN_TOK + thfLogicFormula[expr] + RPAREN_TOK + | NOT_TOK + { expr = EXPR_MANAGER->operatorOf(CVC4::kind::NOT); } + (thfUnitaryFormula[expr2] { expr = MK_EXPR(expr,expr2); })? + | // Quantified + thfQuantifier[kind] + LBRACK_TOK {PARSER_STATE->pushScope();} + thfBindVariable[expr] + { + bv.push_back(expr); + } + ( COMMA_TOK thfBindVariable[expr] + { + bv.push_back(expr); + } + )* + RBRACK_TOK COLON_TOK + thfUnitaryFormula[expr] + { + PARSER_STATE->popScope(); + // handle lambda case, in which return type must be flattened and the + // auxiliary variables introduced in the proccess must be added no the + // variable list + // + // see documentation of mkFlatFunctionType for how it's done + // + // flatten body via flattening its type + std::vector sorts; + std::vector flattenVars; + PARSER_STATE->mkFlatFunctionType(sorts, expr.getType(), flattenVars); + if (!flattenVars.empty()) + { + // apply body of lambda to flatten vars + expr = PARSER_STATE->mkHoApply(expr, flattenVars); + // add variables to BOUND_VAR_LIST + bv.insert(bv.end(), flattenVars.begin(), flattenVars.end()); + } + expr = MK_EXPR(kind, MK_EXPR(kind::BOUND_VAR_LIST, bv), expr); + } ; /*******/ @@ -776,7 +1172,7 @@ tffLetTermDefn[CVC4::Expr& lhs, CVC4::Expr& rhs] @declarations { std::vector bvlist; } - : (BANG_TOK LBRACK_TOK tffVariableList[bvlist] RBRACK_TOK COLON_TOK)* + : (FORALL_TOK LBRACK_TOK tffVariableList[bvlist] RBRACK_TOK COLON_TOK)* tffLetTermBinding[bvlist, lhs, rhs] ; @@ -793,7 +1189,7 @@ tffLetFormulaDefn[CVC4::Expr& lhs, CVC4::Expr& rhs] @declarations { std::vector bvlist; } - : (BANG_TOK LBRACK_TOK tffVariableList[bvlist] RBRACK_TOK COLON_TOK)* + : (FORALL_TOK LBRACK_TOK tffVariableList[bvlist] RBRACK_TOK COLON_TOK)* tffLetFormulaBinding[bvlist, lhs, rhs] ; @@ -806,6 +1202,20 @@ tffLetFormulaBinding[std::vector& bvlist, CVC4::Expr& lhs, CVC4::Exp | LPAREN_TOK tffLetFormulaBinding[bvlist, lhs, rhs] RPAREN_TOK ; +thfBindVariable[CVC4::Expr& expr] +@declarations { + std::string name; + CVC4::Type type = PARSER_STATE->d_unsorted; +} + : UPPER_WORD + { name = AntlrInput::tokenText($UPPER_WORD); } + ( COLON_TOK parseThfType[type] )? + { + expr = PARSER_STATE->mkBoundVar(name, type); + } + ; + + tffbindvariable[CVC4::Expr& expr] @declarations { CVC4::Type type = PARSER_STATE->d_unsorted; @@ -827,8 +1237,39 @@ tffVariableList[std::vector& bvlist] ( COMMA_TOK tffbindvariable[e] { bvlist.push_back(e); } )* ; -parseType[CVC4::Type& type] +parseThfType[CVC4::Type& type] +// assumes only mapping types (arrows), no tuple type @declarations { + std::vector sorts; +} + : thfType[type] { sorts.push_back(type); } + ( + (ARROW_TOK | TIMES_TOK) thfType[type] { sorts.push_back(type); } + )* + { + if (sorts.size() < 1) + { + type = sorts[0]; + } + else + { + Type range = sorts.back(); + sorts.pop_back(); + type = PARSER_STATE->mkFlatFunctionType(sorts, range); + } + } + ; + +thfType[CVC4::Type& type] +// assumes only mapping types (arrows), no tuple type + : simpleType[type] + | LPAREN_TOK parseThfType[type] RPAREN_TOK + | LBRACK_TOK { UNSUPPORTED("Tuple types"); } parseThfType[type] RBRACK_TOK + ; + +parseType[CVC4::Type & type] +@declarations +{ std::vector v; } : simpleType[type] @@ -837,7 +1278,7 @@ parseType[CVC4::Type& type] ( TIMES_TOK simpleType[type] { v.push_back(type); } )+ RPAREN_TOK ) - GREATER_TOK simpleType[type] + ARROW_TOK simpleType[type] { v.push_back(type); type = EXPR_MANAGER->mkFunctionType(v); } @@ -873,8 +1314,8 @@ anything | COLON_TOK | OR_TOK | NOT_TOK - | BANG_TOK - | MARK_TOK + | FORALL_TOK + | EXISTS_TOK | AND_TOK | IFF_TOK | IMPLIES_TOK @@ -914,23 +1355,32 @@ LBRACK_TOK : '['; RBRACK_TOK : ']'; COLON_TOK : ':'; -GREATER_TOK : '>'; +// typing +ARROW_TOK : '>'; +SUBTYPE_TOK : '>>'; //operator -OR_TOK : '|'; -NOT_TOK : '~'; -BANG_TOK : '!'; -MARK_TOK : '?'; -AND_TOK : '&'; -IFF_TOK : '<=>'; +OR_TOK : '|'; +NOT_TOK : '~'; +FORALL_TOK : '!'; +EXISTS_TOK : '?'; +LAMBDA_TOK : '^'; +CHOICE_TOK : '@+'; +DEF_DESC_TOK : '@-'; +AND_TOK : '&'; +IFF_TOK : '<=>'; IMPLIES_TOK : '=>'; REVIMPLIES_TOK : '<='; -REVIFF_TOK : '<~>'; -REVOR_TOK : '~|'; -REVAND_TOK : '~&'; -TIMES_TOK : '*'; -PLUS_TOK : '+'; -MINUS_TOK : '-'; +REVIFF_TOK : '<~>'; +REVOR_TOK : '~|'; +REVAND_TOK : '~&'; +TIMES_TOK : '*'; +PLUS_TOK : '+'; +MINUS_TOK : '-'; +APP_TOK : '@'; + +TH1_UN_A : '!!'; +TH1_UN_E : '??'; //predicate TRUE_TOK : '$true'; @@ -1076,4 +1526,3 @@ COMMENT : '%' (~('\n' | '\r'))* { SKIP(); } //comment line | '/*' ( options {greedy=false;} : . )* '*/' { SKIP(); } //comment block ; - diff --git a/src/parser/tptp/tptp.cpp b/src/parser/tptp/tptp.cpp index c4efe5e09..694369429 100644 --- a/src/parser/tptp/tptp.cpp +++ b/src/parser/tptp/tptp.cpp @@ -121,7 +121,7 @@ bool newInputStream(std::string fileName, pANTLR3_LEXER lexer, std::vector< pANT // Same thing as the predefined PUSHSTREAM(in); lexer->pushCharStream(lexer,in); // restart it - //lexer->rec->state->tokenStartCharIndex = -10; + //lexer->rec->state->tokenStartCharIndex = -10; //lexer->emit(lexer); // Note that the input stream is not closed when it EOFs, I don't bother @@ -301,6 +301,27 @@ void Tptp::makeApplication(Expr& expr, std::string& name, } } +void Tptp::mkLambdaWrapper(Expr& expr, Type argType) +{ + std::vector lvars; + std::vector domainTypes = + (static_cast(argType)).getArgTypes(); + for (unsigned i = 0, size = domainTypes.size(); i < size; ++i) + { + // the introduced variable is internal (not parsable) + std::stringstream ss; + ss << "_lvar_" << i; + Expr v = getExprManager()->mkBoundVar(ss.str(), domainTypes[i]); + lvars.push_back(v); + } + // apply body of lambda to variables + Expr wrapper = getExprManager()->mkExpr( + kind::LAMBDA, + getExprManager()->mkExpr(kind::BOUND_VAR_LIST, lvars), + getExprManager()->mkExpr(expr, lvars)); + + expr = wrapper; +} Expr Tptp::getAssertionExpr(FormulaRole fr, Expr expr) { switch (fr) { diff --git a/src/parser/tptp/tptp.h b/src/parser/tptp/tptp.h index 605748d88..5b3ed0807 100644 --- a/src/parser/tptp/tptp.h +++ b/src/parser/tptp/tptp.h @@ -105,6 +105,14 @@ class Tptp : public Parser { void makeApplication(Expr& expr, std::string& name, std::vector& args, bool term); + /** creates a lambda abstraction around expression + * + * Given an expression expr of type argType = t1...tn -> t, creates a lambda + * expression + * (lambda x1:t1,...,xn:tn . (expr x)) : t + */ + void mkLambdaWrapper(Expr& expr, Type argType); + /** get assertion expression, based on the formula role. * expr should have Boolean type. * This returns the expression that should be asserted, given the formula role fr. @@ -159,7 +167,7 @@ class Tptp : public Parser { // TPTP directory where to find includes; // empty if none could be determined std::string d_tptpDir; - + // the null expression Expr d_nullExpr; diff --git a/test/regress/CMakeLists.txt b/test/regress/CMakeLists.txt index 0ac2d4142..df278ba5a 100644 --- a/test/regress/CMakeLists.txt +++ b/test/regress/CMakeLists.txt @@ -467,6 +467,7 @@ set(regress_0_tests regress0/get-value-reals.smt2 regress0/ho/apply-collapse-sat.smt2 regress0/ho/apply-collapse-unsat.smt2 + regress0/ho/bug_nodbuilding_interpreted_SYO042^1.p regress0/ho/cong-full-apply.smt2 regress0/ho/cong.smt2 regress0/ho/declare-fun-variants.smt2 @@ -478,11 +479,17 @@ set(regress_0_tests regress0/ho/ext-sat.smt2 regress0/ho/finite-fun-ext.smt2 regress0/ho/fta0144-alpha-eq.smt2 + regress0/ho/fta0210.smt2 + regress0/ho/ho-exponential-model.smt2 regress0/ho/ho-match-fun-suffix.smt2 regress0/ho/ho-matching-enum.smt2 + regress0/ho/ho-matching-enum-2.smt2 regress0/ho/ho-matching-nested-app.smt2 + regress0/ho/ho-std-fmf.smt2 + regress0/ho/hoa0008.smt2 regress0/ho/ite-apply-eq.smt2 regress0/ho/lambda-equality-non-canon.smt2 + regress0/ho/match-middle.smt2 regress0/ho/modulo-func-equality.smt2 regress0/ho/shadowing-defs.smt2 regress0/ho/simple-matching-partial.smt2 @@ -1182,14 +1189,14 @@ set(regress_1_tests regress1/fmf/sort-inf-int.smt2 regress1/fmf/with-ind-104-core.smt2 regress1/gensys_brn001.smt2 - regress1/ho/auth0068.smt2 - regress1/ho/fta0210.smt2 - regress1/ho/fta0409.smt2 - regress1/ho/ho-exponential-model.smt2 - regress1/ho/ho-matching-enum-2.smt2 - regress1/ho/ho-std-fmf.smt2 - regress1/ho/hoa0008.smt2 - regress1/ho/match-middle.smt2 + regress1/ho/fta0328.lfho.p + regress1/ho/nested_lambdas-AGT034^2.smt2 + regress1/ho/nested_lambdas-sat-SYO056^1-delta.smt2 + regress1/ho/NUM638^1.smt2 + regress1/ho/NUM925^1.p + regress1/ho/soundness_fmf_SYO362^5-delta.p + regress1/ho/store-ax-min.p + regress1/ho/SYO056^1.p regress1/hole6.cvc regress1/ite5.smt2 regress1/lemmas/clocksynchro_5clocks.main_invar.base.smt @@ -1766,6 +1773,12 @@ set(regress_2_tests regress2/hash_sat_07_17.smt2 regress2/hash_sat_09_09.smt2 regress2/hash_sat_10_09.smt2 + regress2/ho/auth0068.smt2 + regress2/ho/bug_instfalse_SEU882^5.p + regress2/ho/fta0409.smt2 + regress2/ho/involved_parsing_ALG248^3.p + regress2/ho/partial_app_interpreted_SWW474^2.p + regress2/ho/SYO362^5.p regress2/hole7.cvc regress2/hole8.cvc regress2/instance_1444.smt diff --git a/test/regress/regress0/ho/bug_nodbuilding_interpreted_SYO042^1.p b/test/regress/regress0/ho/bug_nodbuilding_interpreted_SYO042^1.p new file mode 100644 index 000000000..0ed7fe44b --- /dev/null +++ b/test/regress/regress0/ho/bug_nodbuilding_interpreted_SYO042^1.p @@ -0,0 +1,56 @@ +% COMMAND-LINE: --uf-ho +% EXPECT: % SZS status Unsatisfiable for bug_nodbuilding_interpreted_SYO042^1 + +%------------------------------------------------------------------------------ +% File : SYO042^1 : TPTP v7.2.0. Released v4.0.0. +% Domain : Syntactic +% Problem : Unsatisfiable basic formula 4 +% Version : Especial. +% English : + +% Refs : [BS09a] Brown E. & Smolka (2009), Terminating Tableaux for the +% : [BS09b] Brown E. & Smolka (2009), Extended First-Order Logic +% Source : [BS09a] +% Names : + +% Status : Unsatisfiable +% Rating : 0.00 v5.4.0, 0.33 v5.3.0, 0.67 v5.0.0, 0.33 v4.1.0, 0.67 v4.0.1, 1.00 v4.0.0 +% Syntax : Number of formulae : 5 ( 0 unit; 4 type; 0 defn) +% Number of atoms : 15 ( 3 equality; 0 variable) +% Maximal formula depth : 7 ( 4 average) +% Number of connectives : 10 ( 2 ~; 0 |; 4 &; 4 @) +% ( 0 <=>; 0 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 3 ( 3 >; 0 *; 0 +; 0 <<) +% Number of symbols : 6 ( 4 :; 0 =) +% Number of variables : 0 ( 0 sgn; 0 !; 0 ?; 0 ^) +% ( 0 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_UNS_EQU_NAR + +% Comments : The fragment of simple type theory that restricts equations to +% base types and disallows lambda abstraction and quantification is +% decidable. This is an example. +%------------------------------------------------------------------------------ +thf(g,type,( + g: $o > $o )). + +thf(p,type,( + p: ( $o > $o ) > $o )). + +thf(x,type,( + x: $o )). + +thf(y,type,( + y: $o )). + +thf(4,axiom, + ( ( x != y ) + & ( ( g @ x ) + = y ) + & ( ( g @ y ) + = x ) + & ( p @ g ) + & ~ ( p @ (~) ) )). + +%------------------------------------------------------------------------------ diff --git a/test/regress/regress1/ho/fta0210.smt2 b/test/regress/regress0/ho/fta0210.smt2 similarity index 100% rename from test/regress/regress1/ho/fta0210.smt2 rename to test/regress/regress0/ho/fta0210.smt2 diff --git a/test/regress/regress1/ho/ho-exponential-model.smt2 b/test/regress/regress0/ho/ho-exponential-model.smt2 similarity index 100% rename from test/regress/regress1/ho/ho-exponential-model.smt2 rename to test/regress/regress0/ho/ho-exponential-model.smt2 diff --git a/test/regress/regress1/ho/ho-matching-enum-2.smt2 b/test/regress/regress0/ho/ho-matching-enum-2.smt2 similarity index 100% rename from test/regress/regress1/ho/ho-matching-enum-2.smt2 rename to test/regress/regress0/ho/ho-matching-enum-2.smt2 diff --git a/test/regress/regress1/ho/ho-std-fmf.smt2 b/test/regress/regress0/ho/ho-std-fmf.smt2 similarity index 100% rename from test/regress/regress1/ho/ho-std-fmf.smt2 rename to test/regress/regress0/ho/ho-std-fmf.smt2 diff --git a/test/regress/regress1/ho/hoa0008.smt2 b/test/regress/regress0/ho/hoa0008.smt2 similarity index 100% rename from test/regress/regress1/ho/hoa0008.smt2 rename to test/regress/regress0/ho/hoa0008.smt2 diff --git a/test/regress/regress1/ho/match-middle.smt2 b/test/regress/regress0/ho/match-middle.smt2 similarity index 100% rename from test/regress/regress1/ho/match-middle.smt2 rename to test/regress/regress0/ho/match-middle.smt2 diff --git a/test/regress/regress1/ho/NUM638^1.smt2 b/test/regress/regress1/ho/NUM638^1.smt2 new file mode 100644 index 000000000..bee17b21a --- /dev/null +++ b/test/regress/regress1/ho/NUM638^1.smt2 @@ -0,0 +1,17 @@ +; COMMAND-LINE: --uf-ho --finite-model-find +; EXPECT: unsat + +(set-option :incremental false) +(set-logic ALL) +(declare-sort $$unsorted 0) +(declare-sort nat 0) +(declare-fun x () nat) +(declare-fun n_1 () nat) +(assert (not (= x n_1))) +(declare-fun suc (nat) nat) +(declare-fun some ((-> nat Bool)) Bool) +(assert (forall ((Xx nat) (Xy nat)) (=> (= (suc Xx) (suc Xy)) (= Xx Xy)) )) +(assert (forall ((Xx nat)) (=> (not (= Xx n_1)) (some (lambda ((Xu nat)) (= Xx (suc Xu))))) )) +(assert (not (not (=> (forall ((Xx_0 nat) (Xy nat)) (=> (= x (suc Xx_0)) (=> (= x (suc Xy)) (= Xx_0 Xy))) ) (not (some (lambda ((Xu nat)) (= x (suc Xu))))))))) +(meta-info :filename "NUM638^1") +(check-sat-assuming ( (not false) )) diff --git a/test/regress/regress1/ho/NUM925^1.p b/test/regress/regress1/ho/NUM925^1.p new file mode 100644 index 000000000..d2977ddb8 --- /dev/null +++ b/test/regress/regress1/ho/NUM925^1.p @@ -0,0 +1,638 @@ +% COMMAND-LINE: --uf-ho +% EXPECT: % SZS status Theorem for NUM925^1 + +%------------------------------------------------------------------------------ +% File : NUM925^1 : TPTP v7.2.0. Released v5.3.0. +% Domain : Number Theory +% Problem : Sum of two squares line 192, 100 axioms selected +% Version : Especial. +% English : + +% Refs : [BN10] Boehme & Nipkow (2010), Sledgehammer: Judgement Day +% : [Bla11] Blanchette (2011), Email to Geoff Sutcliffe +% Source : [Bla11] +% Names : s2s_100_thf_l192 [Bla11] + +% Status : Theorem +% Rating : 0.22 v7.2.0, 0.12 v7.1.0, 0.38 v7.0.0, 0.29 v6.4.0, 0.33 v6.3.0, 0.40 v6.2.0, 0.29 v6.1.0, 0.43 v5.5.0, 0.33 v5.4.0, 0.40 v5.3.0 +% Syntax : Number of formulae : 128 ( 0 unit; 21 type; 0 defn) +% Number of atoms : 868 ( 105 equality; 251 variable) +% Maximal formula depth : 11 ( 5 average) +% Number of connectives : 571 ( 20 ~; 4 |; 7 &; 495 @) +% ( 36 <=>; 9 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 18 ( 18 >; 0 *; 0 +; 0 <<) +% Number of symbols : 23 ( 21 :; 0 =) +% Number of variables : 118 ( 0 sgn; 118 !; 0 ?; 0 ^) +% ( 118 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_THM_EQU_NAR + +% Comments : This file was generated by Isabelle (most likely Sledgehammer) +% 2011-08-09 19:10:38 +%------------------------------------------------------------------------------ +%----Should-be-implicit typings (2) +thf(ty_ty_tc__Int__Oint,type,( + int: $tType )). + +thf(ty_ty_tc__Nat__Onat,type,( + nat: $tType )). + +%----Explicit typings (19) +thf(sy_c_Groups_Oone__class_Oone_000tc__Int__Oint,type,( + one_one_int: int )). + +thf(sy_c_Groups_Oone__class_Oone_000tc__Nat__Onat,type,( + one_one_nat: nat )). + +thf(sy_c_Groups_Oplus__class_Oplus_000tc__Int__Oint,type,( + plus_plus_int: int > int > int )). + +thf(sy_c_Groups_Oplus__class_Oplus_000tc__Nat__Onat,type,( + plus_plus_nat: nat > nat > nat )). + +thf(sy_c_Groups_Ozero__class_Ozero_000tc__Int__Oint,type,( + zero_zero_int: int )). + +thf(sy_c_Groups_Ozero__class_Ozero_000tc__Nat__Onat,type,( + zero_zero_nat: nat )). + +thf(sy_c_Int_OBit0,type,( + bit0: int > int )). + +thf(sy_c_Int_OBit1,type,( + bit1: int > int )). + +thf(sy_c_Int_OPls,type,( + pls: int )). + +thf(sy_c_Int_Onumber__class_Onumber__of_000tc__Int__Oint,type,( + number_number_of_int: int > int )). + +thf(sy_c_Int_Onumber__class_Onumber__of_000tc__Nat__Onat,type,( + number_number_of_nat: int > nat )). + +thf(sy_c_Nat_Osemiring__1__class_Oof__nat_000tc__Int__Oint,type,( + semiri1621563631at_int: nat > int )). + +thf(sy_c_Nat_Osemiring__1__class_Oof__nat_000tc__Nat__Onat,type,( + semiri984289939at_nat: nat > nat )). + +thf(sy_c_Orderings_Oord__class_Oless_000tc__Int__Oint,type,( + ord_less_int: int > int > $o )). + +thf(sy_c_Orderings_Oord__class_Oless_000tc__Nat__Onat,type,( + ord_less_nat: nat > nat > $o )). + +thf(sy_c_Power_Opower__class_Opower_000tc__Int__Oint,type,( + power_power_int: int > nat > int )). + +thf(sy_c_Power_Opower__class_Opower_000tc__Nat__Onat,type,( + power_power_nat: nat > nat > nat )). + +thf(sy_v_n____,type,( + n: nat )). + +thf(sy_v_t____,type,( + t: int )). + +%----Relevant facts (106) +thf(fact_0_n1pos,axiom, + ( ord_less_int @ zero_zero_int @ ( plus_plus_int @ one_one_int @ ( semiri1621563631at_int @ n ) ) )). + +thf(fact_1_t1,axiom, + ( ord_less_int @ one_one_int @ t )). + +thf(fact_2_sum__power2__eq__zero__iff,axiom,( + ! [X_3: int,Y_3: int] : + ( ( ( plus_plus_int @ ( power_power_int @ X_3 @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) @ ( power_power_int @ Y_3 @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) ) + = zero_zero_int ) + <=> ( ( X_3 = zero_zero_int ) + & ( Y_3 = zero_zero_int ) ) ) )). + +thf(fact_3_one__power2,axiom, + ( ( power_power_int @ one_one_int @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + = one_one_int )). + +thf(fact_4_one__power2,axiom, + ( ( power_power_nat @ one_one_nat @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + = one_one_nat )). + +thf(fact_5_zero__power2,axiom, + ( ( power_power_int @ zero_zero_int @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + = zero_zero_int )). + +thf(fact_6_zero__power2,axiom, + ( ( power_power_nat @ zero_zero_nat @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + = zero_zero_nat )). + +thf(fact_7_zero__eq__power2,axiom,( + ! [A_7: int] : + ( ( ( power_power_int @ A_7 @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + = zero_zero_int ) + <=> ( A_7 = zero_zero_int ) ) )). + +thf(fact_8_add__special_I2_J,axiom,( + ! [W_7: int] : + ( ( plus_plus_int @ one_one_int @ ( number_number_of_int @ W_7 ) ) + = ( number_number_of_int @ ( plus_plus_int @ ( bit1 @ pls ) @ W_7 ) ) ) )). + +thf(fact_9_add__special_I3_J,axiom,( + ! [V_5: int] : + ( ( plus_plus_int @ ( number_number_of_int @ V_5 ) @ one_one_int ) + = ( number_number_of_int @ ( plus_plus_int @ V_5 @ ( bit1 @ pls ) ) ) ) )). + +thf(fact_10_one__add__one__is__two,axiom, + ( ( plus_plus_int @ one_one_int @ one_one_int ) + = ( number_number_of_int @ ( bit0 @ ( bit1 @ pls ) ) ) )). + +thf(fact_11_semiring__one__add__one__is__two,axiom, + ( ( plus_plus_int @ one_one_int @ one_one_int ) + = ( number_number_of_int @ ( bit0 @ ( bit1 @ pls ) ) ) )). + +thf(fact_12_semiring__one__add__one__is__two,axiom, + ( ( plus_plus_nat @ one_one_nat @ one_one_nat ) + = ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) )). + +thf(fact_13_quartic__square__square,axiom,( + ! [X_3: int] : + ( ( power_power_int @ ( power_power_int @ X_3 @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + = ( power_power_int @ X_3 @ ( number_number_of_nat @ ( bit0 @ ( bit0 @ ( bit1 @ pls ) ) ) ) ) ) )). + +thf(fact_14_power__0__left__number__of,axiom,( + ! [W_6: int] : + ( ( ( ( number_number_of_nat @ W_6 ) + = zero_zero_nat ) + => ( ( power_power_int @ zero_zero_int @ ( number_number_of_nat @ W_6 ) ) + = one_one_int ) ) + & ( ( ( number_number_of_nat @ W_6 ) + != zero_zero_nat ) + => ( ( power_power_int @ zero_zero_int @ ( number_number_of_nat @ W_6 ) ) + = zero_zero_int ) ) ) )). + +thf(fact_15_power__0__left__number__of,axiom,( + ! [W_6: int] : + ( ( ( ( number_number_of_nat @ W_6 ) + = zero_zero_nat ) + => ( ( power_power_nat @ zero_zero_nat @ ( number_number_of_nat @ W_6 ) ) + = one_one_nat ) ) + & ( ( ( number_number_of_nat @ W_6 ) + != zero_zero_nat ) + => ( ( power_power_nat @ zero_zero_nat @ ( number_number_of_nat @ W_6 ) ) + = zero_zero_nat ) ) ) )). + +thf(fact_16_semiring__norm_I110_J,axiom, + ( one_one_int + = ( number_number_of_int @ ( bit1 @ pls ) ) )). + +thf(fact_17_numeral__1__eq__1,axiom, + ( ( number_number_of_int @ ( bit1 @ pls ) ) + = one_one_int )). + +thf(fact_18_n0,axiom, + ( ord_less_nat @ zero_zero_nat @ n )). + +thf(fact_19_zless__linear,axiom,( + ! [X_3: int,Y_3: int] : + ( ( ord_less_int @ X_3 @ Y_3 ) + | ( X_3 = Y_3 ) + | ( ord_less_int @ Y_3 @ X_3 ) ) )). + +thf(fact_20_less__number__of__int__code,axiom,( + ! [K: int,L: int] : + ( ( ord_less_int @ ( number_number_of_int @ K ) @ ( number_number_of_int @ L ) ) + <=> ( ord_less_int @ K @ L ) ) )). + +thf(fact_21_plus__numeral__code_I9_J,axiom,( + ! [V_3: int,W_4: int] : + ( ( plus_plus_int @ ( number_number_of_int @ V_3 ) @ ( number_number_of_int @ W_4 ) ) + = ( number_number_of_int @ ( plus_plus_int @ V_3 @ W_4 ) ) ) )). + +thf(fact_22_less__number__of,axiom,( + ! [X_6: int,Y_5: int] : + ( ( ord_less_int @ ( number_number_of_int @ X_6 ) @ ( number_number_of_int @ Y_5 ) ) + <=> ( ord_less_int @ X_6 @ Y_5 ) ) )). + +thf(fact_23_zero__is__num__zero,axiom, + ( zero_zero_int + = ( number_number_of_int @ pls ) )). + +thf(fact_24_zpower__int,axiom,( + ! [M: nat,N_1: nat] : + ( ( power_power_int @ ( semiri1621563631at_int @ M ) @ N_1 ) + = ( semiri1621563631at_int @ ( power_power_nat @ M @ N_1 ) ) ) )). + +thf(fact_25_int__power,axiom,( + ! [M: nat,N_1: nat] : + ( ( semiri1621563631at_int @ ( power_power_nat @ M @ N_1 ) ) + = ( power_power_int @ ( semiri1621563631at_int @ M ) @ N_1 ) ) )). + +thf(fact_26_zadd__int__left,axiom,( + ! [M: nat,N_1: nat,Z: int] : + ( ( plus_plus_int @ ( semiri1621563631at_int @ M ) @ ( plus_plus_int @ ( semiri1621563631at_int @ N_1 ) @ Z ) ) + = ( plus_plus_int @ ( semiri1621563631at_int @ ( plus_plus_nat @ M @ N_1 ) ) @ Z ) ) )). + +thf(fact_27_zadd__int,axiom,( + ! [M: nat,N_1: nat] : + ( ( plus_plus_int @ ( semiri1621563631at_int @ M ) @ ( semiri1621563631at_int @ N_1 ) ) + = ( semiri1621563631at_int @ ( plus_plus_nat @ M @ N_1 ) ) ) )). + +thf(fact_28_int__1,axiom, + ( ( semiri1621563631at_int @ one_one_nat ) + = one_one_int )). + +thf(fact_29_nat__number__of__Pls,axiom, + ( ( number_number_of_nat @ pls ) + = zero_zero_nat )). + +thf(fact_30_semiring__norm_I113_J,axiom, + ( zero_zero_nat + = ( number_number_of_nat @ pls ) )). + +thf(fact_31_int__eq__0__conv,axiom,( + ! [N_1: nat] : + ( ( ( semiri1621563631at_int @ N_1 ) + = zero_zero_int ) + <=> ( N_1 = zero_zero_nat ) ) )). + +thf(fact_32_int__0,axiom, + ( ( semiri1621563631at_int @ zero_zero_nat ) + = zero_zero_int )). + +thf(fact_33_nat__1__add__1,axiom, + ( ( plus_plus_nat @ one_one_nat @ one_one_nat ) + = ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) )). + +thf(fact_34_less__int__code_I16_J,axiom,( + ! [K1: int,K2: int] : + ( ( ord_less_int @ ( bit1 @ K1 ) @ ( bit1 @ K2 ) ) + <=> ( ord_less_int @ K1 @ K2 ) ) )). + +thf(fact_35_rel__simps_I17_J,axiom,( + ! [K: int,L: int] : + ( ( ord_less_int @ ( bit1 @ K ) @ ( bit1 @ L ) ) + <=> ( ord_less_int @ K @ L ) ) )). + +thf(fact_36_rel__simps_I2_J,axiom,( + ~ ( ord_less_int @ pls @ pls ) )). + +thf(fact_37_less__int__code_I13_J,axiom,( + ! [K1: int,K2: int] : + ( ( ord_less_int @ ( bit0 @ K1 ) @ ( bit0 @ K2 ) ) + <=> ( ord_less_int @ K1 @ K2 ) ) )). + +thf(fact_38_rel__simps_I14_J,axiom,( + ! [K: int,L: int] : + ( ( ord_less_int @ ( bit0 @ K ) @ ( bit0 @ L ) ) + <=> ( ord_less_int @ K @ L ) ) )). + +thf(fact_39_zadd__strict__right__mono,axiom,( + ! [K: int,I: int,J: int] : + ( ( ord_less_int @ I @ J ) + => ( ord_less_int @ ( plus_plus_int @ I @ K ) @ ( plus_plus_int @ J @ K ) ) ) )). + +thf(fact_40_add__nat__number__of,axiom,( + ! [V_4: int,V_3: int] : + ( ( ( ord_less_int @ V_3 @ pls ) + => ( ( plus_plus_nat @ ( number_number_of_nat @ V_3 ) @ ( number_number_of_nat @ V_4 ) ) + = ( number_number_of_nat @ V_4 ) ) ) + & ( ~ ( ord_less_int @ V_3 @ pls ) + => ( ( ( ord_less_int @ V_4 @ pls ) + => ( ( plus_plus_nat @ ( number_number_of_nat @ V_3 ) @ ( number_number_of_nat @ V_4 ) ) + = ( number_number_of_nat @ V_3 ) ) ) + & ( ~ ( ord_less_int @ V_4 @ pls ) + => ( ( plus_plus_nat @ ( number_number_of_nat @ V_3 ) @ ( number_number_of_nat @ V_4 ) ) + = ( number_number_of_nat @ ( plus_plus_int @ V_3 @ V_4 ) ) ) ) ) ) ) )). + +thf(fact_41_one__is__num__one,axiom, + ( one_one_int + = ( number_number_of_int @ ( bit1 @ pls ) ) )). + +thf(fact_42_nat__numeral__1__eq__1,axiom, + ( ( number_number_of_nat @ ( bit1 @ pls ) ) + = one_one_nat )). + +thf(fact_43_Numeral1__eq1__nat,axiom, + ( one_one_nat + = ( number_number_of_nat @ ( bit1 @ pls ) ) )). + +thf(fact_44_eq__number__of,axiom,( + ! [X_5: int,Y_4: int] : + ( ( ( number_number_of_int @ X_5 ) + = ( number_number_of_int @ Y_4 ) ) + <=> ( X_5 = Y_4 ) ) )). + +thf(fact_45_number__of__reorient,axiom,( + ! [W_5: int,X_4: nat] : + ( ( ( number_number_of_nat @ W_5 ) + = X_4 ) + <=> ( X_4 + = ( number_number_of_nat @ W_5 ) ) ) )). + +thf(fact_46_number__of__reorient,axiom,( + ! [W_5: int,X_4: int] : + ( ( ( number_number_of_int @ W_5 ) + = X_4 ) + <=> ( X_4 + = ( number_number_of_int @ W_5 ) ) ) )). + +thf(fact_47_rel__simps_I51_J,axiom,( + ! [K: int,L: int] : + ( ( ( bit1 @ K ) + = ( bit1 @ L ) ) + <=> ( K = L ) ) )). + +thf(fact_48_rel__simps_I48_J,axiom,( + ! [K: int,L: int] : + ( ( ( bit0 @ K ) + = ( bit0 @ L ) ) + <=> ( K = L ) ) )). + +thf(fact_49_even__less__0__iff,axiom,( + ! [A_6: int] : + ( ( ord_less_int @ ( plus_plus_int @ A_6 @ A_6 ) @ zero_zero_int ) + <=> ( ord_less_int @ A_6 @ zero_zero_int ) ) )). + +thf(fact_50_zadd__assoc,axiom,( + ! [Z1: int,Z2: int,Z3: int] : + ( ( plus_plus_int @ ( plus_plus_int @ Z1 @ Z2 ) @ Z3 ) + = ( plus_plus_int @ Z1 @ ( plus_plus_int @ Z2 @ Z3 ) ) ) )). + +thf(fact_51_zadd__left__commute,axiom,( + ! [X_3: int,Y_3: int,Z: int] : + ( ( plus_plus_int @ X_3 @ ( plus_plus_int @ Y_3 @ Z ) ) + = ( plus_plus_int @ Y_3 @ ( plus_plus_int @ X_3 @ Z ) ) ) )). + +thf(fact_52_zadd__commute,axiom,( + ! [Z: int,W_4: int] : + ( ( plus_plus_int @ Z @ W_4 ) + = ( plus_plus_int @ W_4 @ Z ) ) )). + +thf(fact_53_int__int__eq,axiom,( + ! [M: nat,N_1: nat] : + ( ( ( semiri1621563631at_int @ M ) + = ( semiri1621563631at_int @ N_1 ) ) + <=> ( M = N_1 ) ) )). + +thf(fact_54_less__special_I3_J,axiom,( + ! [X_2: int] : + ( ( ord_less_int @ ( number_number_of_int @ X_2 ) @ zero_zero_int ) + <=> ( ord_less_int @ X_2 @ pls ) ) )). + +thf(fact_55_less__special_I1_J,axiom,( + ! [Y_2: int] : + ( ( ord_less_int @ zero_zero_int @ ( number_number_of_int @ Y_2 ) ) + <=> ( ord_less_int @ pls @ Y_2 ) ) )). + +thf(fact_56_rel__simps_I12_J,axiom,( + ! [K: int] : + ( ( ord_less_int @ ( bit1 @ K ) @ pls ) + <=> ( ord_less_int @ K @ pls ) ) )). + +thf(fact_57_less__int__code_I15_J,axiom,( + ! [K1: int,K2: int] : + ( ( ord_less_int @ ( bit1 @ K1 ) @ ( bit0 @ K2 ) ) + <=> ( ord_less_int @ K1 @ K2 ) ) )). + +thf(fact_58_rel__simps_I16_J,axiom,( + ! [K: int,L: int] : + ( ( ord_less_int @ ( bit1 @ K ) @ ( bit0 @ L ) ) + <=> ( ord_less_int @ K @ L ) ) )). + +thf(fact_59_rel__simps_I10_J,axiom,( + ! [K: int] : + ( ( ord_less_int @ ( bit0 @ K ) @ pls ) + <=> ( ord_less_int @ K @ pls ) ) )). + +thf(fact_60_rel__simps_I4_J,axiom,( + ! [K: int] : + ( ( ord_less_int @ pls @ ( bit0 @ K ) ) + <=> ( ord_less_int @ pls @ K ) ) )). + +thf(fact_61_bin__less__0__simps_I4_J,axiom,( + ! [W_4: int] : + ( ( ord_less_int @ ( bit1 @ W_4 ) @ zero_zero_int ) + <=> ( ord_less_int @ W_4 @ zero_zero_int ) ) )). + +thf(fact_62_bin__less__0__simps_I1_J,axiom,( + ~ ( ord_less_int @ pls @ zero_zero_int ) )). + +thf(fact_63_bin__less__0__simps_I3_J,axiom,( + ! [W_4: int] : + ( ( ord_less_int @ ( bit0 @ W_4 ) @ zero_zero_int ) + <=> ( ord_less_int @ W_4 @ zero_zero_int ) ) )). + +thf(fact_64_int__0__less__1,axiom, + ( ord_less_int @ zero_zero_int @ one_one_int )). + +thf(fact_65_zless__add1__eq,axiom,( + ! [W_4: int,Z: int] : + ( ( ord_less_int @ W_4 @ ( plus_plus_int @ Z @ one_one_int ) ) + <=> ( ( ord_less_int @ W_4 @ Z ) + | ( W_4 = Z ) ) ) )). + +thf(fact_66_int__less__0__conv,axiom,( + ! [K: nat] : + ~ ( ord_less_int @ ( semiri1621563631at_int @ K ) @ zero_zero_int ) )). + +thf(fact_67_less__special_I4_J,axiom,( + ! [X_1: int] : + ( ( ord_less_int @ ( number_number_of_int @ X_1 ) @ one_one_int ) + <=> ( ord_less_int @ X_1 @ ( bit1 @ pls ) ) ) )). + +thf(fact_68_less__special_I2_J,axiom,( + ! [Y_1: int] : + ( ( ord_less_int @ one_one_int @ ( number_number_of_int @ Y_1 ) ) + <=> ( ord_less_int @ ( bit1 @ pls ) @ Y_1 ) ) )). + +thf(fact_69_odd__less__0,axiom,( + ! [Z: int] : + ( ( ord_less_int @ ( plus_plus_int @ ( plus_plus_int @ one_one_int @ Z ) @ Z ) @ zero_zero_int ) + <=> ( ord_less_int @ Z @ zero_zero_int ) ) )). + +thf(fact_70_double__eq__0__iff,axiom,( + ! [A_5: int] : + ( ( ( plus_plus_int @ A_5 @ A_5 ) + = zero_zero_int ) + <=> ( A_5 = zero_zero_int ) ) )). + +thf(fact_71_rel__simps_I46_J,axiom,( + ! [K: int] : + ( ( bit1 @ K ) + != pls ) )). + +thf(fact_72_rel__simps_I39_J,axiom,( + ! [L: int] : + ( pls + != ( bit1 @ L ) ) )). + +thf(fact_73_rel__simps_I50_J,axiom,( + ! [K: int,L: int] : + ( ( bit1 @ K ) + != ( bit0 @ L ) ) )). + +thf(fact_74_rel__simps_I49_J,axiom,( + ! [K: int,L: int] : + ( ( bit0 @ K ) + != ( bit1 @ L ) ) )). + +thf(fact_75_rel__simps_I44_J,axiom,( + ! [K: int] : + ( ( ( bit0 @ K ) + = pls ) + <=> ( K = pls ) ) )). + +thf(fact_76_rel__simps_I38_J,axiom,( + ! [L: int] : + ( ( pls + = ( bit0 @ L ) ) + <=> ( pls = L ) ) )). + +thf(fact_77_Bit0__Pls,axiom, + ( ( bit0 @ pls ) + = pls )). + +thf(fact_78_Pls__def,axiom,( + pls = zero_zero_int )). + +thf(fact_79_int__0__neq__1,axiom,( + zero_zero_int != one_one_int )). + +thf(fact_80_add__Pls__right,axiom,( + ! [K: int] : + ( ( plus_plus_int @ K @ pls ) + = K ) )). + +thf(fact_81_add__Pls,axiom,( + ! [K: int] : + ( ( plus_plus_int @ pls @ K ) + = K ) )). + +thf(fact_82_add__Bit0__Bit0,axiom,( + ! [K: int,L: int] : + ( ( plus_plus_int @ ( bit0 @ K ) @ ( bit0 @ L ) ) + = ( bit0 @ ( plus_plus_int @ K @ L ) ) ) )). + +thf(fact_83_Bit0__def,axiom,( + ! [K: int] : + ( ( bit0 @ K ) + = ( plus_plus_int @ K @ K ) ) )). + +thf(fact_84_zadd__0__right,axiom,( + ! [Z: int] : + ( ( plus_plus_int @ Z @ zero_zero_int ) + = Z ) )). + +thf(fact_85_zadd__0,axiom,( + ! [Z: int] : + ( ( plus_plus_int @ zero_zero_int @ Z ) + = Z ) )). + +thf(fact_86_semiring__numeral__0__eq__0,axiom, + ( ( number_number_of_int @ pls ) + = zero_zero_int )). + +thf(fact_87_semiring__numeral__0__eq__0,axiom, + ( ( number_number_of_nat @ pls ) + = zero_zero_nat )). + +thf(fact_88_number__of__Pls,axiom, + ( ( number_number_of_int @ pls ) + = zero_zero_int )). + +thf(fact_89_semiring__norm_I112_J,axiom, + ( zero_zero_int + = ( number_number_of_int @ pls ) )). + +thf(fact_90_add__numeral__0,axiom,( + ! [A_4: int] : + ( ( plus_plus_int @ ( number_number_of_int @ pls ) @ A_4 ) + = A_4 ) )). + +thf(fact_91_add__numeral__0__right,axiom,( + ! [A_3: int] : + ( ( plus_plus_int @ A_3 @ ( number_number_of_int @ pls ) ) + = A_3 ) )). + +thf(fact_92_power__eq__0__iff__number__of,axiom,( + ! [A_2: int,W_3: int] : + ( ( ( power_power_int @ A_2 @ ( number_number_of_nat @ W_3 ) ) + = zero_zero_int ) + <=> ( ( A_2 = zero_zero_int ) + & ( ( number_number_of_nat @ W_3 ) + != zero_zero_nat ) ) ) )). + +thf(fact_93_power__eq__0__iff__number__of,axiom,( + ! [A_2: nat,W_3: int] : + ( ( ( power_power_nat @ A_2 @ ( number_number_of_nat @ W_3 ) ) + = zero_zero_nat ) + <=> ( ( A_2 = zero_zero_nat ) + & ( ( number_number_of_nat @ W_3 ) + != zero_zero_nat ) ) ) )). + +thf(fact_94_add__number__of__left,axiom,( + ! [V_2: int,W_2: int,Z_1: int] : + ( ( plus_plus_int @ ( number_number_of_int @ V_2 ) @ ( plus_plus_int @ ( number_number_of_int @ W_2 ) @ Z_1 ) ) + = ( plus_plus_int @ ( number_number_of_int @ ( plus_plus_int @ V_2 @ W_2 ) ) @ Z_1 ) ) )). + +thf(fact_95_add__number__of__eq,axiom,( + ! [V_1: int,W_1: int] : + ( ( plus_plus_int @ ( number_number_of_int @ V_1 ) @ ( number_number_of_int @ W_1 ) ) + = ( number_number_of_int @ ( plus_plus_int @ V_1 @ W_1 ) ) ) )). + +thf(fact_96_number__of__add,axiom,( + ! [V: int,W: int] : + ( ( number_number_of_int @ ( plus_plus_int @ V @ W ) ) + = ( plus_plus_int @ ( number_number_of_int @ V ) @ ( number_number_of_int @ W ) ) ) )). + +thf(fact_97_add__Bit1__Bit0,axiom,( + ! [K: int,L: int] : + ( ( plus_plus_int @ ( bit1 @ K ) @ ( bit0 @ L ) ) + = ( bit1 @ ( plus_plus_int @ K @ L ) ) ) )). + +thf(fact_98_add__Bit0__Bit1,axiom,( + ! [K: int,L: int] : + ( ( plus_plus_int @ ( bit0 @ K ) @ ( bit1 @ L ) ) + = ( bit1 @ ( plus_plus_int @ K @ L ) ) ) )). + +thf(fact_99_Bit1__def,axiom,( + ! [K: int] : + ( ( bit1 @ K ) + = ( plus_plus_int @ ( plus_plus_int @ one_one_int @ K ) @ K ) ) )). + +thf(fact_100_odd__nonzero,axiom,( + ! [Z: int] : + ( ( plus_plus_int @ ( plus_plus_int @ one_one_int @ Z ) @ Z ) + != zero_zero_int ) )). + +thf(fact_101_number__of__int,axiom,( + ! [N: nat] : + ( ( number_number_of_nat @ ( semiri1621563631at_int @ N ) ) + = ( semiri984289939at_nat @ N ) ) )). + +thf(fact_102_number__of__int,axiom,( + ! [N: nat] : + ( ( number_number_of_int @ ( semiri1621563631at_int @ N ) ) + = ( semiri1621563631at_int @ N ) ) )). + +thf(fact_103_zero__less__power2,axiom,( + ! [A_1: int] : + ( ( ord_less_int @ zero_zero_int @ ( power_power_int @ A_1 @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) ) + <=> ( A_1 != zero_zero_int ) ) )). + +thf(fact_104_power2__less__0,axiom,( + ! [A: int] : + ~ ( ord_less_int @ ( power_power_int @ A @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) @ zero_zero_int ) )). + +thf(fact_105_sum__power2__gt__zero__iff,axiom,( + ! [X: int,Y: int] : + ( ( ord_less_int @ zero_zero_int @ ( plus_plus_int @ ( power_power_int @ X @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) @ ( power_power_int @ Y @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) ) ) + <=> ( ( X != zero_zero_int ) + | ( Y != zero_zero_int ) ) ) )). + +%----Conjectures (1) +thf(conj_0,conjecture,( + ( power_power_int @ ( plus_plus_int @ one_one_int @ ( semiri1621563631at_int @ n ) ) @ ( number_number_of_nat @ ( bit0 @ ( bit1 @ pls ) ) ) ) + != zero_zero_int )). + +%------------------------------------------------------------------------------ diff --git a/test/regress/regress1/ho/SYO056^1.p b/test/regress/regress1/ho/SYO056^1.p new file mode 100644 index 000000000..a8a6bafca --- /dev/null +++ b/test/regress/regress1/ho/SYO056^1.p @@ -0,0 +1,100 @@ +% COMMAND-LINE: --uf-ho --finite-model-find +% EXPECT: % SZS status CounterSatisfiable for SYO056^1 + +%------------------------------------------------------------------------------ +% File : SYO056^1 : TPTP v7.2.0. Released v4.0.0. +% Domain : Logic Calculi (Quantified multimodal logic) +% Problem : Simple textbook example 13 +% Version : [Ben09] axioms. +% English : + +% Refs : [Gol92] Goldblatt (1992), Logics of Time and Computation +% : [Ben09] Benzmueller (2009), Email to Geoff Sutcliffe +% Source : [Ben09] +% Names : ex13.p [Ben09] + +% Status : CounterSatisfiable +% Rating : 0.25 v7.2.0, 0.33 v6.4.0, 0.00 v6.3.0, 0.33 v5.4.0, 0.00 v5.0.0, 0.67 v4.1.0, 0.50 v4.0.0 +% Syntax : Number of formulae : 64 ( 0 unit; 32 type; 31 defn) +% Number of atoms : 238 ( 36 equality; 137 variable) +% Maximal formula depth : 12 ( 6 average) +% Number of connectives : 138 ( 4 ~; 4 |; 8 &; 114 @) +% ( 0 <=>; 8 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 172 ( 172 >; 0 *; 0 +; 0 <<) +% Number of symbols : 36 ( 32 :; 0 =) +% Number of variables : 87 ( 3 sgn; 30 !; 6 ?; 51 ^) +% ( 87 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_CSA_EQU_NAR + +% Comments : +%------------------------------------------------------------------------------ +%----Include embedding of quantified multimodal logic in simple type theory +%% include('Axioms/LCL013^0.ax'). +%------------------------------------------------------------------------------ +thf(mvalid_type,type,( + mvalid: ( $i > $o ) > $o )). + +thf(mvalid,definition, + ( mvalid + = ( ^ [Phi: $i > $o] : + ! [W: $i] : + ( Phi @ W ) ) )). + + +thf(mforall_prop_type,type,( + mforall_prop: ( ( $i > $o ) > $i > $o ) > $i > $o )). + +thf(mforall_prop,definition, + ( mforall_prop + = ( ^ [Phi: ( $i > $o ) > $i > $o,W: $i] : + ! [P: $i > $o] : + ( Phi @ P @ W ) ) )). + +thf(mnot_type,type,( + mnot: ( $i > $o ) > $i > $o )). + +thf(mnot,definition, + ( mnot + = ( ^ [Phi: $i > $o,W: $i] : + ~ ( Phi @ W ) ) )). + +thf(mor_type,type,( + mor: ( $i > $o ) > ( $i > $o ) > $i > $o )). + +thf(mor,definition, + ( mor + = ( ^ [Phi: $i > $o,Psi: $i > $o,W: $i] : + ( ( Phi @ W ) + | ( Psi @ W ) ) ) )). + +thf(mimplies_type,type,( + mimplies: ( $i > $o ) > ( $i > $o ) > $i > $o )). + +thf(mimplies,definition, + ( mimplies + = ( ^ [Phi: $i > $o,Psi: $i > $o] : + ( mor @ ( mnot @ Phi ) @ Psi ) ) )). + +thf(mbox_type,type,( + mbox: ( $i > $i > $o ) > ( $i > $o ) > $i > $o )). + +thf(mbox,definition, + ( mbox + = ( ^ [R: $i > $i > $o,Phi: $i > $o,W: $i] : + ! [V: $i] : + ( ~ ( R @ W @ V ) + | ( Phi @ V ) ) ) )). + + +thf(conj,conjecture,( + ! [R: $i > $i > $o] : + ( mvalid + @ ( mforall_prop + @ ^ [A: $i > $o] : + ( mforall_prop + @ ^ [B: $i > $o] : + ( mimplies @ ( mbox @ R @ ( mor @ A @ B ) ) @ ( mor @ ( mbox @ R @ A ) @ ( mbox @ R @ B ) ) ) ) ) ) )). + +%------------------------------------------------------------------------------ diff --git a/test/regress/regress1/ho/bound_var_bug.p b/test/regress/regress1/ho/bound_var_bug.p new file mode 100644 index 000000000..0dc946d6a --- /dev/null +++ b/test/regress/regress1/ho/bound_var_bug.p @@ -0,0 +1,26 @@ +% COMMAND-LINE: --uf-ho +% EXPECT: % SZS status GaveUp for bound_var_bug + +% TIMEFORMAT='%3R'; { time (exec 2>&1; /Users/blanchette/misc/leo --foatp e --atp e="$E_HOME"/eprover --atp epclextract="$E_HOME"/epclextract --proofoutput 1 --timeout 30 /Users/blanchette/hgs/afp_mining/tools/judgment_day_2017/data_afp/leo2-mepo/Call_Arity_SestoftGC_data/prob_308__3244432_1 ) ; } +% This file was generated by Isabelle (most likely Sledgehammer) +% 2017-07-27 17:26:12.634 + +% Could-be-implicit typings (91) + +thf(ty_n_t__Product____Type__Oprod_It__List__Olist_It__Product____Type__Oprod_It__Vars__Ovar_Mt__Terms__Oexp_J_J_Mt__Product____Type__Oprod_It__Terms__Oexp_Mt__List__Olist_It__SestoftConf__Ostack____elem_J_J_J, type, + produc1516857811k_elem : $tType). + + +thf(ty_n_t__Vars__Ovar, type, + var : $tType). + +thf(sy_c_Transitive__Closure_Ortranclp_001t__Product____Type__Oprod_It__List__Olist_It__Product____Type__Oprod_It__Vars__Ovar_Mt__Terms__Oexp_J_J_Mt__Product____Type__Oprod_It__Terms__Oexp_Mt__List__Olist_It__SestoftConf__Ostack____elem_J_J_J, type, + transi803447880k_elem : (produc1516857811k_elem > produc1516857811k_elem > $o) > produc1516857811k_elem > produc1516857811k_elem > $o). + +% Relevant facts (1094) + +thf(fact_233_rtranclp__idemp, axiom, + ((![R : produc1516857811k_elem > produc1516857811k_elem > $o]: ((transi803447880k_elem @ (transi803447880k_elem @ R)) = (transi803447880k_elem @ R))))). % rtranclp_idemp + +thf(fact_293_rtranclp_Osimps, axiom, + ((transi803447880k_elem = (^[R4 : produc1516857811k_elem > produc1516857811k_elem > $o]: (^[A12 : produc1516857811k_elem]: (^[A23 : produc1516857811k_elem]: (((?[A5 : produc1516857811k_elem]: (((A12 = A5)) & ((A23 = A5))))) | ((?[A5 : produc1516857811k_elem]: (?[B4 : produc1516857811k_elem]: (?[C5 : produc1516857811k_elem]: (((A12 = A5)) & ((((A23 = C5)) & ((((transi803447880k_elem @ R4 @ A5 @ B4)) & ((R4 @ B4 @ C5)))))))))))))))))). % rtranclp.simps diff --git a/test/regress/regress1/ho/bug_freeVar_BDD_General_data_270.p b/test/regress/regress1/ho/bug_freeVar_BDD_General_data_270.p new file mode 100644 index 000000000..6c35270fd --- /dev/null +++ b/test/regress/regress1/ho/bug_freeVar_BDD_General_data_270.p @@ -0,0 +1,11 @@ +% COMMAND-LINE: --uf-ho --finite-model-find +% EXPECT: % SZS status Satisfiable for bug_freeVar_BDD_General_data_270 + +thf(ty_n_t__Nat__Onat, type, + nat : $tType). + +thf(sy_c_Orderings_Oord__class_Oless__eq_001t__Nat__Onat, type, + ord_less_eq_nat : nat > nat > $o). + +thf(fact_76_eq__iff, axiom, + (((^[Y3 : nat]: (^[Z2 : nat]: (Y3 = Z2))) = (^[X4 : nat]: (^[Y4 : nat]: (((ord_less_eq_nat @ X4 @ Y4)) & ((ord_less_eq_nat @ Y4 @ X4)))))))). % eq_iff diff --git a/test/regress/regress1/ho/bug_freevar_PHI004^4-delta.smt2 b/test/regress/regress1/ho/bug_freevar_PHI004^4-delta.smt2 new file mode 100644 index 000000000..9dd95aeae --- /dev/null +++ b/test/regress/regress1/ho/bug_freevar_PHI004^4-delta.smt2 @@ -0,0 +1,35 @@ +; COMMAND-LINE: --uf-ho --finite-model-find --no-check-models +; EXPECT: sat + +(set-logic ALL) +(declare-sort $$unsorted 0) +(declare-sort qML_mu 0) +(declare-sort qML_i 0) +(declare-fun scott_G (qML_mu qML_i) Bool) +(declare-fun scott_P ((-> qML_mu qML_i Bool) qML_i) Bool) + +(assert + (= + scott_G + (lambda ((X qML_mu) (__flatten_var_0 qML_i)) + (forall ((BOUND_VARIABLE_292 (-> qML_mu qML_i Bool))) + (or + (not (scott_P BOUND_VARIABLE_292 __flatten_var_0)) + (BOUND_VARIABLE_292 X __flatten_var_0) + ) )))) + +(assert + (forall ((X_1 qML_i)) + (scott_P + (lambda ((X qML_mu) (__flatten_var_0 qML_i)) + (forall ((BOUND_VARIABLE_292 (-> qML_mu qML_i Bool))) + (or + (not (scott_P BOUND_VARIABLE_292 __flatten_var_0)) + (BOUND_VARIABLE_292 X __flatten_var_0)) )) + X_1 + ) + )) + + + +(check-sat) \ No newline at end of file diff --git a/test/regress/regress1/ho/fta0328.lfho.p b/test/regress/regress1/ho/fta0328.lfho.p new file mode 100644 index 000000000..c33b43ca5 --- /dev/null +++ b/test/regress/regress1/ho/fta0328.lfho.p @@ -0,0 +1,200 @@ +% COMMAND-LINE: --uf-ho --uf-ho --finite-model-find +% EXPECT: % SZS status CounterSatisfiable for fta0328.lfho + +% TIMEFORMAT='%3R'; { time (exec 2>&1; /Users/blanchette/.isabelle/contrib/e-2.0-2/x86_64-darwin/eprover --auto-schedule --tstp-in --tstp-out --silent --cpu-limit=2 --proof-object=1 /Users/blanchette/hgs/matryoshka/papers/2019-TACAS-ehoh/eval/judgment_day/judgment_day_lifting_32/fta/prob_804__4064966_1 ) ; } +% This file was generated by Isabelle (most likely Sledgehammer) +% 2018-05-22 19:17:55.732 + +% Could-be-implicit typings (8) +thf(ty_n_t__Polynomial__Opoly_It__Polynomial__Opoly_It__Polynomial__Opoly_It__Complex__Ocomplex_J_J_J, type, + poly_p1267267526omplex : $tType). +thf(ty_n_t__Polynomial__Opoly_It__Polynomial__Opoly_It__Complex__Ocomplex_J_J, type, + poly_poly_complex : $tType). +thf(ty_n_t__Polynomial__Opoly_It__Complex__Ocomplex_J, type, + poly_complex : $tType). +thf(ty_n_t__Polynomial__Opoly_It__Nat__Onat_J, type, + poly_nat : $tType). +thf(ty_n_t__Complex__Ocomplex, type, + complex : $tType). +thf(ty_n_t__Real__Oreal, type, + real : $tType). +thf(ty_n_t__HOL__Obool, type, + bool : $tType). +thf(ty_n_t__Nat__Onat, type, + nat : $tType). + +% Explicit typings (28) +thf(sy_c_Fundamental__Theorem__Algebra__Mirabelle__bptywjkimr_Oconstant_001t__Complex__Ocomplex_001t__Complex__Ocomplex, type, + fundam769667258omplex : (complex > complex) > $o). +thf(sy_c_Fundamental__Theorem__Algebra__Mirabelle__bptywjkimr_Opsize_001t__Complex__Ocomplex, type, + fundam835161864omplex : poly_complex > nat). +thf(sy_c_Groups_Oplus__class_Oplus_001t__Complex__Ocomplex, type, + plus_plus_complex : complex > complex > complex). +thf(sy_c_Groups_Oplus__class_Oplus_001t__Nat__Onat, type, + plus_plus_nat : nat > nat > nat). +thf(sy_c_Groups_Oplus__class_Oplus_001t__Polynomial__Opoly_It__Complex__Ocomplex_J, type, + plus_p1547158847omplex : poly_complex > poly_complex > poly_complex). +thf(sy_c_Groups_Oplus__class_Oplus_001t__Polynomial__Opoly_It__Polynomial__Opoly_It__Complex__Ocomplex_J_J, type, + plus_p138939463omplex : poly_poly_complex > poly_poly_complex > poly_poly_complex). +thf(sy_c_Groups_Ozero__class_Ozero_001t__Complex__Ocomplex, type, + zero_zero_complex : complex). +thf(sy_c_Groups_Ozero__class_Ozero_001t__Nat__Onat, type, + zero_zero_nat : nat). +thf(sy_c_Groups_Ozero__class_Ozero_001t__Polynomial__Opoly_It__Complex__Ocomplex_J, type, + zero_z1746442943omplex : poly_complex). +thf(sy_c_Groups_Ozero__class_Ozero_001t__Polynomial__Opoly_It__Nat__Onat_J, type, + zero_zero_poly_nat : poly_nat). +thf(sy_c_Groups_Ozero__class_Ozero_001t__Polynomial__Opoly_It__Polynomial__Opoly_It__Complex__Ocomplex_J_J, type, + zero_z1040703943omplex : poly_poly_complex). +thf(sy_c_Groups_Ozero__class_Ozero_001t__Polynomial__Opoly_It__Polynomial__Opoly_It__Polynomial__Opoly_It__Complex__Ocomplex_J_J_J, type, + zero_z1200043727omplex : poly_p1267267526omplex). +thf(sy_c_Orderings_Oord__class_Oless_001t__Nat__Onat, type, + ord_less_nat : nat > nat > $o). +thf(sy_c_Orderings_Oord__class_Oless__eq_001t__Nat__Onat, type, + ord_less_eq_nat : nat > nat > $o). +thf(sy_c_Orderings_Oord__class_Oless__eq_001t__Real__Oreal, type, + ord_less_eq_real : real > real > $o). +thf(sy_c_Polynomial_Opoly_001t__Complex__Ocomplex, type, + poly_complex2 : poly_complex > complex > complex). +thf(sy_c_Polynomial_Opoly_001t__Nat__Onat, type, + poly_nat2 : poly_nat > nat > nat). +thf(sy_c_Polynomial_Opoly_001t__Polynomial__Opoly_It__Complex__Ocomplex_J, type, + poly_poly_complex2 : poly_poly_complex > poly_complex > poly_complex). +thf(sy_c_Polynomial_Opoly_001t__Polynomial__Opoly_It__Polynomial__Opoly_It__Complex__Ocomplex_J_J, type, + poly_p282434315omplex : poly_p1267267526omplex > poly_poly_complex > poly_poly_complex). +thf(sy_c_Real__Vector__Spaces_Onorm__class_Onorm_001t__Complex__Ocomplex, type, + real_V638595069omplex : complex > real). +thf(sy_c_fFalse, type, + fFalse : bool). +thf(sy_c_fTrue, type, + fTrue : bool). +thf(sy_c_pp, type, + pp : bool > $o). +thf(sy_v_a____, type, + a : complex). +thf(sy_v_c____, type, + c : complex). +thf(sy_v_p, type, + p : poly_complex). +thf(sy_v_pa____, type, + pa : poly_complex). +thf(sy_v_q____, type, + q : poly_complex). + +% Relevant facts (53) +thf(fact_0_kas_I1_J, axiom, + ((~ ((a = zero_zero_complex))))). % kas(1) +thf(fact_1_q_I2_J, axiom, + ((![X : complex]: ((poly_complex2 @ q @ X) = (poly_complex2 @ pa @ (plus_plus_complex @ c @ X)))))). % q(2) +thf(fact_2_nc, axiom, + ((~ ((fundam769667258omplex @ (poly_complex2 @ p)))))). % nc +thf(fact_3_False, axiom, + ((~ (((poly_complex2 @ pa @ c) = zero_zero_complex))))). % False +thf(fact_4_less_Oprems, axiom, + ((~ ((fundam769667258omplex @ (poly_complex2 @ pa)))))). % less.prems +thf(fact_5_a00, axiom, + ((~ (((poly_complex2 @ q @ zero_zero_complex) = zero_zero_complex))))). % a00 +thf(fact_6_pqc0, axiom, + (((poly_complex2 @ pa @ c) = (poly_complex2 @ q @ zero_zero_complex)))). % pqc0 +thf(fact_7_q_I1_J, axiom, + (((fundam835161864omplex @ q) = (fundam835161864omplex @ pa)))). % q(1) +thf(fact_8_poly__0, axiom, + ((![X2 : poly_poly_complex]: ((poly_p282434315omplex @ zero_z1200043727omplex @ X2) = zero_z1040703943omplex)))). % poly_0 +thf(fact_9_poly__0, axiom, + ((![X2 : nat]: ((poly_nat2 @ zero_zero_poly_nat @ X2) = zero_zero_nat)))). % poly_0 +thf(fact_10_poly__0, axiom, + ((![X2 : poly_complex]: ((poly_poly_complex2 @ zero_z1040703943omplex @ X2) = zero_z1746442943omplex)))). % poly_0 +thf(fact_11_poly__0, axiom, + ((![X2 : complex]: ((poly_complex2 @ zero_z1746442943omplex @ X2) = zero_zero_complex)))). % poly_0 +thf(fact_12_poly__all__0__iff__0, axiom, + ((![P : poly_p1267267526omplex]: ((![X3 : poly_poly_complex]: ((poly_p282434315omplex @ P @ X3) = zero_z1040703943omplex)) <=> (P = zero_z1200043727omplex))))). % poly_all_0_iff_0 +thf(fact_13_poly__all__0__iff__0, axiom, + ((![P : poly_complex]: ((![X3 : complex]: ((poly_complex2 @ P @ X3) = zero_zero_complex)) <=> (P = zero_z1746442943omplex))))). % poly_all_0_iff_0 +thf(fact_14_poly__all__0__iff__0, axiom, + ((![P : poly_poly_complex]: ((![X3 : poly_complex]: ((poly_poly_complex2 @ P @ X3) = zero_z1746442943omplex)) <=> (P = zero_z1040703943omplex))))). % poly_all_0_iff_0 +thf(fact_15__092_060open_062_092_060exists_062q_O_Apsize_Aq_A_061_Apsize_Ap_A_092_060and_062_A_I_092_060forall_062x_O_Apoly_Aq_Ax_A_061_Apoly_Ap_A_Ic_A_L_Ax_J_J_092_060close_062, axiom, + ((?[Q : poly_complex]: (((fundam835161864omplex @ Q) = (fundam835161864omplex @ pa)) & (![X : complex]: ((poly_complex2 @ Q @ X) = (poly_complex2 @ pa @ (plus_plus_complex @ c @ X)))))))). % \\q. psize q = psize p \ (\x. poly q x = poly p (c + x))\ +thf(fact_16__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062q_O_A_092_060lbrakk_062psize_Aq_A_061_Apsize_Ap_059_A_092_060forall_062x_O_Apoly_Aq_Ax_A_061_Apoly_Ap_A_Ic_A_L_Ax_J_092_060rbrakk_062_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062, axiom, + ((~ ((![Q : poly_complex]: (((fundam835161864omplex @ Q) = (fundam835161864omplex @ pa)) => (~ ((![X : complex]: ((poly_complex2 @ Q @ X) = (poly_complex2 @ pa @ (plus_plus_complex @ c @ X)))))))))))). % \\thesis. (\q. \psize q = psize p; \x. poly q x = poly p (c + x)\ \ thesis) \ thesis\ +thf(fact_17__092_060open_062constant_A_Ipoly_Aq_J_A_092_060Longrightarrow_062_AFalse_092_060close_062, axiom, + ((~ ((fundam769667258omplex @ (poly_complex2 @ q)))))). % \constant (poly q) \ False\ +thf(fact_18_qnc, axiom, + ((~ ((fundam769667258omplex @ (poly_complex2 @ q)))))). % qnc +thf(fact_19_poly__eq__poly__eq__iff, axiom, + ((![P : poly_poly_complex, Q2 : poly_poly_complex]: (((poly_poly_complex2 @ P) = (poly_poly_complex2 @ Q2)) <=> (P = Q2))))). % poly_eq_poly_eq_iff +thf(fact_20_poly__eq__poly__eq__iff, axiom, + ((![P : poly_complex, Q2 : poly_complex]: (((poly_complex2 @ P) = (poly_complex2 @ Q2)) <=> (P = Q2))))). % poly_eq_poly_eq_iff +thf(fact_21_c, axiom, + ((![W : complex]: (ord_less_eq_real @ (real_V638595069omplex @ (poly_complex2 @ pa @ c)) @ (real_V638595069omplex @ (poly_complex2 @ pa @ W)))))). % c +thf(fact_22_zero__reorient, axiom, + ((![X2 : poly_poly_complex]: ((zero_z1040703943omplex = X2) <=> (X2 = zero_z1040703943omplex))))). % zero_reorient +thf(fact_23_zero__reorient, axiom, + ((![X2 : nat]: ((zero_zero_nat = X2) <=> (X2 = zero_zero_nat))))). % zero_reorient +thf(fact_24_zero__reorient, axiom, + ((![X2 : complex]: ((zero_zero_complex = X2) <=> (X2 = zero_zero_complex))))). % zero_reorient +thf(fact_25_zero__reorient, axiom, + ((![X2 : poly_complex]: ((zero_z1746442943omplex = X2) <=> (X2 = zero_z1746442943omplex))))). % zero_reorient +thf(fact_26_cq0, axiom, + ((![W : complex]: (ord_less_eq_real @ (real_V638595069omplex @ (poly_complex2 @ q @ zero_zero_complex)) @ (real_V638595069omplex @ (poly_complex2 @ pa @ W)))))). % cq0 +thf(fact_27_less_Ohyps, axiom, + ((![P : poly_complex]: ((ord_less_nat @ (fundam835161864omplex @ P) @ (fundam835161864omplex @ pa)) => ((~ ((fundam769667258omplex @ (poly_complex2 @ P)))) => (?[Z : complex]: ((poly_complex2 @ P @ Z) = zero_zero_complex))))))). % less.hyps +thf(fact_28_add__left__cancel, axiom, + ((![A : poly_complex, B : poly_complex, C : poly_complex]: (((plus_p1547158847omplex @ A @ B) = (plus_p1547158847omplex @ A @ C)) <=> (B = C))))). % add_left_cancel +thf(fact_29_add__left__cancel, axiom, + ((![A : complex, B : complex, C : complex]: (((plus_plus_complex @ A @ B) = (plus_plus_complex @ A @ C)) <=> (B = C))))). % add_left_cancel +thf(fact_30_add__right__cancel, axiom, + ((![B : poly_complex, A : poly_complex, C : poly_complex]: (((plus_p1547158847omplex @ B @ A) = (plus_p1547158847omplex @ C @ A)) <=> (B = C))))). % add_right_cancel +thf(fact_31_add__right__cancel, axiom, + ((![B : complex, A : complex, C : complex]: (((plus_plus_complex @ B @ A) = (plus_plus_complex @ C @ A)) <=> (B = C))))). % add_right_cancel +thf(fact_32__092_060open_062_092_060And_062thesis_O_A_I_092_060And_062c_O_A_092_060forall_062w_O_Acmod_A_Ipoly_Ap_Ac_J_A_092_060le_062_Acmod_A_Ipoly_Ap_Aw_J_A_092_060Longrightarrow_062_Athesis_J_A_092_060Longrightarrow_062_Athesis_092_060close_062, axiom, + ((~ ((![C2 : complex]: (~ ((![W : complex]: (ord_less_eq_real @ (real_V638595069omplex @ (poly_complex2 @ pa @ C2)) @ (real_V638595069omplex @ (poly_complex2 @ pa @ W))))))))))). % \\thesis. (\c. \w. cmod (poly p c) \ cmod (poly p w) \ thesis) \ thesis\ +thf(fact_33_le__zero__eq, axiom, + ((![N : nat]: ((ord_less_eq_nat @ N @ zero_zero_nat) <=> (N = zero_zero_nat))))). % le_zero_eq +thf(fact_34_not__gr__zero, axiom, + ((![N : nat]: ((~ ((ord_less_nat @ zero_zero_nat @ N))) <=> (N = zero_zero_nat))))). % not_gr_zero +thf(fact_35_zero__eq__add__iff__both__eq__0, axiom, + ((![X2 : nat, Y : nat]: ((zero_zero_nat = (plus_plus_nat @ X2 @ Y)) <=> ((X2 = zero_zero_nat) & (Y = zero_zero_nat)))))). % zero_eq_add_iff_both_eq_0 +thf(fact_36_add__eq__0__iff__both__eq__0, axiom, + ((![X2 : nat, Y : nat]: (((plus_plus_nat @ X2 @ Y) = zero_zero_nat) <=> ((X2 = zero_zero_nat) & (Y = zero_zero_nat)))))). % add_eq_0_iff_both_eq_0 +thf(fact_37_add__cancel__right__right, axiom, + ((![A : poly_poly_complex, B : poly_poly_complex]: ((A = (plus_p138939463omplex @ A @ B)) <=> (B = zero_z1040703943omplex))))). % add_cancel_right_right +thf(fact_38_add__cancel__right__right, axiom, + ((![A : nat, B : nat]: ((A = (plus_plus_nat @ A @ B)) <=> (B = zero_zero_nat))))). % add_cancel_right_right +thf(fact_39_add__cancel__right__right, axiom, + ((![A : complex, B : complex]: ((A = (plus_plus_complex @ A @ B)) <=> (B = zero_zero_complex))))). % add_cancel_right_right +thf(fact_40_add__cancel__right__right, axiom, + ((![A : poly_complex, B : poly_complex]: ((A = (plus_p1547158847omplex @ A @ B)) <=> (B = zero_z1746442943omplex))))). % add_cancel_right_right +thf(fact_41_add__cancel__right__left, axiom, + ((![A : poly_poly_complex, B : poly_poly_complex]: ((A = (plus_p138939463omplex @ B @ A)) <=> (B = zero_z1040703943omplex))))). % add_cancel_right_left +thf(fact_42_add__cancel__right__left, axiom, + ((![A : nat, B : nat]: ((A = (plus_plus_nat @ B @ A)) <=> (B = zero_zero_nat))))). % add_cancel_right_left +thf(fact_43_add__cancel__right__left, axiom, + ((![A : complex, B : complex]: ((A = (plus_plus_complex @ B @ A)) <=> (B = zero_zero_complex))))). % add_cancel_right_left +thf(fact_44_add__cancel__right__left, axiom, + ((![A : poly_complex, B : poly_complex]: ((A = (plus_p1547158847omplex @ B @ A)) <=> (B = zero_z1746442943omplex))))). % add_cancel_right_left +thf(fact_45_add__cancel__left__right, axiom, + ((![A : poly_poly_complex, B : poly_poly_complex]: (((plus_p138939463omplex @ A @ B) = A) <=> (B = zero_z1040703943omplex))))). % add_cancel_left_right +thf(fact_46_add__cancel__left__right, axiom, + ((![A : nat, B : nat]: (((plus_plus_nat @ A @ B) = A) <=> (B = zero_zero_nat))))). % add_cancel_left_right +thf(fact_47_add__cancel__left__right, axiom, + ((![A : complex, B : complex]: (((plus_plus_complex @ A @ B) = A) <=> (B = zero_zero_complex))))). % add_cancel_left_right +thf(fact_48_add__cancel__left__right, axiom, + ((![A : poly_complex, B : poly_complex]: (((plus_p1547158847omplex @ A @ B) = A) <=> (B = zero_z1746442943omplex))))). % add_cancel_left_right +thf(fact_49_add__cancel__left__left, axiom, + ((![B : poly_poly_complex, A : poly_poly_complex]: (((plus_p138939463omplex @ B @ A) = A) <=> (B = zero_z1040703943omplex))))). % add_cancel_left_left +thf(fact_50_add__cancel__left__left, axiom, + ((![B : nat, A : nat]: (((plus_plus_nat @ B @ A) = A) <=> (B = zero_zero_nat))))). % add_cancel_left_left +thf(fact_51_add__cancel__left__left, axiom, + ((![B : complex, A : complex]: (((plus_plus_complex @ B @ A) = A) <=> (B = zero_zero_complex))))). % add_cancel_left_left +thf(fact_52_add__cancel__left__left, axiom, + ((![B : poly_complex, A : poly_complex]: (((plus_p1547158847omplex @ B @ A) = A) <=> (B = zero_z1746442943omplex))))). % add_cancel_left_left + +% Helper facts (2) +thf(help_pp_2_1_U, axiom, + ((pp @ fTrue))). +thf(help_pp_1_1_U, axiom, + ((~ ((pp @ fFalse))))). + +% Conjectures (1) +thf(conj_0, conjecture, + ((?[Z2 : complex]: ((poly_complex2 @ pa @ Z2) = zero_zero_complex)))). diff --git a/test/regress/regress1/ho/nested_lambdas-AGT034^2.smt2 b/test/regress/regress1/ho/nested_lambdas-AGT034^2.smt2 new file mode 100644 index 000000000..1670e0711 --- /dev/null +++ b/test/regress/regress1/ho/nested_lambdas-AGT034^2.smt2 @@ -0,0 +1,101 @@ +; COMMAND-LINE: --uf-ho --no-check-unsat-cores --no-check-proofs +; EXPECT: unsat + +(set-logic ALL) +(declare-sort $$unsorted 0) +(declare-sort mu 0) +(declare-fun meq_ind (mu mu $$unsorted) Bool) +(assert (= meq_ind (lambda ((X mu) (Y mu) (W $$unsorted)) (= X Y)))) +(declare-fun meq_prop ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= meq_prop (lambda ((X (-> $$unsorted Bool)) (Y (-> $$unsorted Bool)) (W $$unsorted)) (= (X W) (Y W))))) +(declare-fun mnot ((-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mnot (lambda ((Phi (-> $$unsorted Bool)) (W $$unsorted)) (not (Phi W))))) +(declare-fun mor ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mor (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (W $$unsorted)) (or (Phi W) (Psi W))))) +(declare-fun mand ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mand (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mnot (mor (mnot Phi) (mnot Psi)) __flatten_var_0)))) +(declare-fun mimplies ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mimplies (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mor (mnot Phi) Psi __flatten_var_0)))) +(declare-fun mimplied ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mimplied (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mor (mnot Psi) Phi __flatten_var_0)))) +(declare-fun mequiv ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mequiv (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mand (mimplies Phi Psi) (mimplies Psi Phi) __flatten_var_0)))) +(declare-fun mxor ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mxor (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mnot (mequiv Phi Psi) __flatten_var_0)))) +(declare-fun mforall_ind ((-> mu $$unsorted Bool) $$unsorted) Bool) +(assert (= mforall_ind (lambda ((Phi (-> mu $$unsorted Bool)) (W $$unsorted)) (forall ((X mu)) (Phi X W) )))) +(declare-fun mforall_prop ((-> (-> $$unsorted Bool) $$unsorted Bool) $$unsorted) Bool) +(assert (= mforall_prop (lambda ((Phi (-> (-> $$unsorted Bool) $$unsorted Bool)) (W $$unsorted)) (forall ((P (-> $$unsorted Bool))) (Phi P W) )))) +(declare-fun mexists_ind ((-> mu $$unsorted Bool) $$unsorted) Bool) +(assert (= mexists_ind (lambda ((Phi (-> mu $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mnot (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mnot (Phi X) __flatten_var_0))) __flatten_var_0)))) +(declare-fun mexists_prop ((-> (-> $$unsorted Bool) $$unsorted Bool) $$unsorted) Bool) +(assert (= mexists_prop (lambda ((Phi (-> (-> $$unsorted Bool) $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mnot (mforall_prop (lambda ((P (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mnot (Phi P) __flatten_var_0))) __flatten_var_0)))) +(declare-fun mtrue ($$unsorted) Bool) +(assert (= mtrue (lambda ((W $$unsorted)) true))) +(declare-fun mfalse ($$unsorted) Bool) +(assert (= mfalse (mnot mtrue))) +(declare-fun mbox ((-> $$unsorted $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mbox (lambda ((R (-> $$unsorted $$unsorted Bool)) (Phi (-> $$unsorted Bool)) (W $$unsorted)) (forall ((V $$unsorted)) (or (not (R W V)) (Phi V)) )))) +(declare-fun mdia ((-> $$unsorted $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mdia (lambda ((R (-> $$unsorted $$unsorted Bool)) (Phi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) (mnot (mbox R (mnot Phi)) __flatten_var_0)))) +(declare-fun mreflexive ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mreflexive (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted)) (R S S) )))) +(declare-fun msymmetric ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= msymmetric (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted)) (=> (R S T) (R T S)) )))) +(declare-fun mserial ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mserial (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted)) (exists ((T $$unsorted)) (R S T) ) )))) +(declare-fun mtransitive ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mtransitive (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted) (U $$unsorted)) (=> (and (R S T) (R T U)) (R S U)) )))) +(declare-fun meuclidean ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= meuclidean (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted) (U $$unsorted)) (=> (and (R S T) (R S U)) (R T U)) )))) +(declare-fun mpartially_functional ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mpartially_functional (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted) (U $$unsorted)) (=> (and (R S T) (R S U)) (= T U)) )))) +(declare-fun mfunctional ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mfunctional (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted)) (exists ((T $$unsorted)) (and (R S T) (forall ((U $$unsorted)) (=> (R S U) (= T U)) )) ) )))) +(declare-fun mweakly_dense ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mweakly_dense (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted) (U $$unsorted)) (=> (R S T) (exists ((U $$unsorted)) (and (R S U) (R U T)) )) )))) +(declare-fun mweakly_connected ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mweakly_connected (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted) (U $$unsorted)) (=> (and (R S T) (R S U)) (or (R T U) (= T U) (R U T))) )))) +(declare-fun mweakly_directed ((-> $$unsorted $$unsorted Bool)) Bool) +(assert (= mweakly_directed (lambda ((R (-> $$unsorted $$unsorted Bool))) (forall ((S $$unsorted) (T $$unsorted) (U $$unsorted)) (=> (and (R S T) (R S U)) (exists ((V $$unsorted)) (and (R T V) (R U V)) )) )))) +(declare-fun mvalid ((-> $$unsorted Bool)) Bool) +(assert (= mvalid (lambda ((Phi (-> $$unsorted Bool))) (forall ((W $$unsorted)) (Phi W) )))) +(declare-fun minvalid ((-> $$unsorted Bool)) Bool) +(assert (= minvalid (lambda ((Phi (-> $$unsorted Bool))) (forall ((W $$unsorted)) (not (Phi W)) )))) +(declare-fun msatisfiable ((-> $$unsorted Bool)) Bool) +(assert (= msatisfiable (lambda ((Phi (-> $$unsorted Bool))) (exists ((W $$unsorted)) (Phi W) )))) +(declare-fun mcountersatisfiable ((-> $$unsorted Bool)) Bool) +(assert (= mcountersatisfiable (lambda ((Phi (-> $$unsorted Bool))) (exists ((W $$unsorted)) (not (Phi W)) )))) +(declare-fun a1 ($$unsorted $$unsorted) Bool) +(declare-fun a2 ($$unsorted $$unsorted) Bool) +(declare-fun a3 ($$unsorted $$unsorted) Bool) +(declare-fun jan () mu) +(declare-fun piotr () mu) +(declare-fun cola () mu) +(declare-fun pepsi () mu) +(declare-fun beer () mu) +(declare-fun likes (mu mu $$unsorted) Bool) +(declare-fun very_much_likes (mu mu $$unsorted) Bool) +(declare-fun possibly_likes (mu mu $$unsorted) Bool) +(assert (mvalid (mbox a1 (likes jan cola)))) +(assert (mvalid (mbox a1 (likes piotr pepsi)))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mbox a1 (mimplies (mdia a1 (likes X pepsi)) (likes X cola)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mbox a1 (mimplies (mdia a1 (likes X cola)) (likes X pepsi)) __flatten_var_0))))) +(assert (mvalid (mbox a2 (likes jan pepsi)))) +(assert (mvalid (mbox a1 (likes piotr cola)))) +(assert (mvalid (mbox a1 (likes piotr beer)))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mbox a2 (mimplies (likes X pepsi) (likes X cola)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mbox a2 (mimplies (likes X cola) (likes X pepsi)) __flatten_var_0))))) +(assert (mvalid (mbox a3 (likes jan cola)))) +(assert (mvalid (mdia a3 (likes piotr pepsi)))) +(assert (mvalid (mdia a1 (likes piotr beer)))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mforall_ind (lambda ((Y mu) (__flatten_var_0 $$unsorted)) (mbox a3 (mimplies (mand (likes X Y) (mand (mbox a1 (likes X Y)) (mbox a2 (likes X Y)))) (very_much_likes X Y)) __flatten_var_0)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mforall_ind (lambda ((Y mu) (__flatten_var_0 $$unsorted)) (mimplies (mbox a3 (very_much_likes X Y)) (very_much_likes X Y) __flatten_var_0)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mforall_ind (lambda ((Y mu) (__flatten_var_0 $$unsorted)) (mimplies (mdia a3 (very_much_likes X Y)) (likes X Y) __flatten_var_0)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mforall_ind (lambda ((Y mu) (__flatten_var_0 $$unsorted)) (mimplies (mdia a1 (likes X Y)) (possibly_likes X Y) __flatten_var_0)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mforall_ind (lambda ((Y mu) (__flatten_var_0 $$unsorted)) (mimplies (mdia a2 (likes X Y)) (possibly_likes X Y) __flatten_var_0)) __flatten_var_0))))) +(assert (mvalid (mforall_ind (lambda ((X mu) (__flatten_var_0 $$unsorted)) (mforall_ind (lambda ((Y mu) (__flatten_var_0 $$unsorted)) (mimplies (mdia a3 (likes X Y)) (possibly_likes X Y) __flatten_var_0)) __flatten_var_0))))) +(assert (not (mvalid (very_much_likes jan cola)))) +(meta-info :filename "AGT034^2") + +(check-sat) \ No newline at end of file diff --git a/test/regress/regress1/ho/nested_lambdas-sat-SYO056^1-delta.smt2 b/test/regress/regress1/ho/nested_lambdas-sat-SYO056^1-delta.smt2 new file mode 100644 index 000000000..9211adfb5 --- /dev/null +++ b/test/regress/regress1/ho/nested_lambdas-sat-SYO056^1-delta.smt2 @@ -0,0 +1,50 @@ +; COMMAND-LINE: --uf-ho --finite-model-find --no-check-models +; EXPECT: sat + + +(set-logic ALL) +(declare-sort $$unsorted 0) + +(declare-fun mvalid ((-> $$unsorted Bool)) Bool) +(assert (= mvalid (lambda ((Phi (-> $$unsorted Bool))) (forall ((W $$unsorted)) (Phi W) )))) + +(declare-fun mforall_prop ((-> (-> $$unsorted Bool) $$unsorted Bool) $$unsorted) Bool) +(assert (= mforall_prop + (lambda ((Phi (-> (-> $$unsorted Bool) $$unsorted Bool)) (W $$unsorted)) + (forall ((P (-> $$unsorted Bool))) (Phi P W) )))) + +(declare-fun mnot ((-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mnot (lambda ((Phi (-> $$unsorted Bool)) (W $$unsorted)) (not (Phi W))))) + +(declare-fun mor ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mor + (lambda ((Phi (-> $$unsorted Bool)) (Psi (-> $$unsorted Bool)) (W $$unsorted)) + (or (Phi W) (Psi W))))) + +(declare-fun mimplies ((-> $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mimplies + (lambda ( + (Phi (-> $$unsorted Bool)) + (Psi (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) + (mor (mnot Phi) Psi __flatten_var_0)))) + +(declare-fun mbox ((-> $$unsorted $$unsorted Bool) (-> $$unsorted Bool) $$unsorted) Bool) +(assert (= mbox + (lambda ((R (-> $$unsorted $$unsorted Bool)) (Phi (-> $$unsorted Bool)) (W $$unsorted)) + (forall ((V $$unsorted)) (or (not (R W V)) (Phi V)) )))) + +(assert (not (forall ((R (-> $$unsorted $$unsorted Bool))) + (mvalid + (mforall_prop + (lambda ((A (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) + (mforall_prop + (lambda ((B (-> $$unsorted Bool)) (__flatten_var_0 $$unsorted)) + (mimplies + (mbox R (mor A B)) + (mor + (mbox R A) + (mbox R B)) + __flatten_var_0)) + __flatten_var_0)))) ))) + +(check-sat) diff --git a/test/regress/regress1/ho/soundness_fmf_SYO362^5-delta.p b/test/regress/regress1/ho/soundness_fmf_SYO362^5-delta.p new file mode 100644 index 000000000..baabd675a --- /dev/null +++ b/test/regress/regress1/ho/soundness_fmf_SYO362^5-delta.p @@ -0,0 +1,63 @@ +% COMMAND-LINE: --uf-ho --finite-model-find +% EXPECT: % SZS status GaveUp for soundness_fmf_SYO362^5-delta + +%------------------------------------------------------------------------------ +% File : SYO362^5 : TPTP v7.2.0. Released v4.0.0. +% Domain : Syntactic +% Problem : TPS problem THM631A +% Version : Especial. +% English : If a set function preserves unions, then it is monotone. + +% Refs : [Bro09] Brown (2009), Email to Geoff Sutcliffe +% Source : [Bro09] +% Names : tps_0419 [Bro09] +% : THM631 [TPS] +% : THM631A [TPS] + +% Status : Theorem +% Rating : 0.22 v7.2.0, 0.12 v7.1.0, 0.25 v7.0.0, 0.14 v6.4.0, 0.17 v6.3.0, 0.20 v6.2.0, 0.29 v6.1.0, 0.14 v6.0.0, 0.29 v5.5.0, 0.50 v5.4.0, 0.60 v5.3.0, 0.80 v4.1.0, 1.00 v4.0.0 +% Syntax : Number of formulae : 2 ( 0 unit; 1 type; 0 defn) +% Number of atoms : 22 ( 1 equality; 16 variable) +% Maximal formula depth : 9 ( 6 average) +% Number of connectives : 19 ( 0 ~; 2 |; 0 &; 13 @) +% ( 0 <=>; 4 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 7 ( 7 >; 0 *; 0 +; 0 <<) +% Number of symbols : 3 ( 1 :; 0 =) +% Number of variables : 8 ( 0 sgn; 6 !; 0 ?; 2 ^) +% ( 8 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_THM_EQU_NAR + +% Comments : This problem is from the TPS library. Copyright (c) 2009 The TPS +% project in the Department of Mathematical Sciences at Carnegie +% Mellon University. Distributed under the Creative Commons copyleft +% license: http://creativecommons.org/licenses/by-sa/3.0/ +% : Polymorphic definitions expanded. +% : +%------------------------------------------------------------------------------ +thf(cK,type,( + cK: ( $i > $o ) > $i > $o )). + +thf(cTHM631A_pme,conjecture, + ( ! [X: $i > $o,Y: $i > $o] : + ( ( cK + @ ^ [Xz: $i] : + ( ( X @ Xz ) + | ( Y @ Xz ) ) ) + = ( ^ [Xw: $i] : + ( ( cK @ X @ Xw ) + | ( cK @ Y @ Xw ) ) ) ) + => ! [X: $i > $o,Y: $i > $o] : + ( ! [Xx: $i] : + ( ( X @ Xx ) + => ( Y @ Xx ) ) + => ! [Xx: $i] : + ( ( cK @ X @ Xx ) + => ( cK @ Y @ Xx ) ) ) )). + +%------------------------------------------------------------------------------ + +%% soundness issue (since resolved) was due to wrong lambda +%% lifting. Free variables in lambda body not being carried out to +%% quantified formula standing for lambda lifting diff --git a/test/regress/regress1/ho/store-ax-min.p b/test/regress/regress1/ho/store-ax-min.p new file mode 100644 index 000000000..d67eb8dad --- /dev/null +++ b/test/regress/regress1/ho/store-ax-min.p @@ -0,0 +1,28 @@ +% COMMAND-LINE: --uf-ho --full-saturate-quant --ho-elim-store-ax +% COMMAND-LINE: --uf-ho --full-saturate-quant --ho-elim +% EXPECT: % SZS status Theorem for store-ax-min + +thf(a, type, (a: $i)). +thf(b, type, (b: $i)). + +%% thf(blah1, axiom, ( ! [X: $i, Y: $i] : (X = Y))). + +thf(blah2, axiom, ( ~ (a = b))). + +%% thf(storeax, axiom, ( +%% ! [F : $i > $i, D : $i, R : $i] : +%% ( +%% ? [G : $i > $i] : +%% ( +%% ! [X : $i] : +%% ( +%% (G @ X) = $ite( X = D, R, F @ X) +%% ) +%% ) +%% ) + + +%% (~ (X = Y))) +%% ). + +thf(blah, conjecture, ( ? [F : $i > $i, G : $i > $i] : (~ (F = G)))). diff --git a/test/regress/regress2/ho/SYO362^5.p b/test/regress/regress2/ho/SYO362^5.p new file mode 100644 index 000000000..c01d3f235 --- /dev/null +++ b/test/regress/regress2/ho/SYO362^5.p @@ -0,0 +1,22 @@ +% COMMAND-LINE: --uf-ho --full-saturate-quant --ho-elim +% EXPECT: % SZS status Theorem for SYO362^5 + +thf(cK,type,( + cK: ( $i > $o ) > $i > $o )). + +thf(cTHM631A_pme,conjecture, + ( ! [X: $i > $o,Y: $i > $o] : + ( ( cK + @ ^ [Xz: $i] : + ( ( X @ Xz ) + | ( Y @ Xz ) ) ) + = ( ^ [Xw: $i] : + ( ( cK @ X @ Xw ) + | ( cK @ Y @ Xw ) ) ) ) + => ! [X: $i > $o,Y: $i > $o] : + ( ! [Xx: $i] : + ( ( X @ Xx ) + => ( Y @ Xx ) ) + => ! [Xx: $i] : + ( ( cK @ X @ Xx ) + => ( cK @ Y @ Xx ) ) ) )). diff --git a/test/regress/regress1/ho/auth0068.smt2 b/test/regress/regress2/ho/auth0068.smt2 similarity index 100% rename from test/regress/regress1/ho/auth0068.smt2 rename to test/regress/regress2/ho/auth0068.smt2 diff --git a/test/regress/regress2/ho/bug_instfalse_SEU882^5.p b/test/regress/regress2/ho/bug_instfalse_SEU882^5.p new file mode 100644 index 000000000..a62a2080a --- /dev/null +++ b/test/regress/regress2/ho/bug_instfalse_SEU882^5.p @@ -0,0 +1,44 @@ +% COMMAND-LINE: --uf-ho --full-saturate-quant --ho-elim +% EXPECT: % SZS status Theorem for bug_instfalse_SEU882^5 + +%------------------------------------------------------------------------------ +% File : SEU882^5 : TPTP v7.2.0. Released v4.0.0. +% Domain : Set Theory +% Problem : TPS problem THM139 +% Version : Especial. +% English : Every object is in the range of some function. + +% Refs : [Bro09] Brown (2009), Email to Geoff Sutcliffe +% Source : [Bro09] +% Names : tps_0037 [Bro09] +% : THM139 [TPS] + +% Status : Theorem +% Rating : 0.11 v7.2.0, 0.00 v7.1.0, 0.12 v7.0.0, 0.14 v6.4.0, 0.17 v6.3.0, 0.20 v6.2.0, 0.14 v5.5.0, 0.17 v5.4.0, 0.20 v5.3.0, 0.40 v5.2.0, 0.20 v4.1.0, 0.00 v4.0.0 +% Syntax : Number of formulae : 1 ( 0 unit; 0 type; 0 defn) +% Number of atoms : 4 ( 1 equality; 3 variable) +% Maximal formula depth : 6 ( 6 average) +% Number of connectives : 1 ( 0 ~; 0 |; 0 &; 1 @) +% ( 0 <=>; 0 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 1 ( 1 >; 0 *; 0 +; 0 <<) +% Number of symbols : 1 ( 0 :; 0 =) +% Number of variables : 3 ( 0 sgn; 1 !; 2 ?; 0 ^) +% ( 3 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_THM_EQU_NAR + +% Comments : This problem is from the TPS library. Copyright (c) 2009 The TPS +% project in the Department of Mathematical Sciences at Carnegie +% Mellon University. Distributed under the Creative Commons copyleft +% license: http://creativecommons.org/licenses/by-sa/3.0/ +% : Polymorphic definitions expanded. +% : +%------------------------------------------------------------------------------ +thf(cTHM139_pme,conjecture,( + ! [Xy: $i] : + ? [Xf: $i > $i,Xx: $i] : + ( ( Xf @ Xx ) + = Xy ) )). + +%------------------------------------------------------------------------------ diff --git a/test/regress/regress1/ho/fta0409.smt2 b/test/regress/regress2/ho/fta0409.smt2 similarity index 100% rename from test/regress/regress1/ho/fta0409.smt2 rename to test/regress/regress2/ho/fta0409.smt2 diff --git a/test/regress/regress2/ho/involved_parsing_ALG248^3.p b/test/regress/regress2/ho/involved_parsing_ALG248^3.p new file mode 100644 index 000000000..5ad693629 --- /dev/null +++ b/test/regress/regress2/ho/involved_parsing_ALG248^3.p @@ -0,0 +1,2126 @@ +% COMMAND-LINE: --uf-ho +% EXPECT: % SZS status Theorem for involved_parsing_ALG248^3 + +%------------------------------------------------------------------------------ +% File : ALG248^3 : TPTP v7.2.0. Bugfixed v5.2.0. +% Domain : Algebra +% Problem : Push property lemma 1 +% Version : [Bro09] axioms : Reduced > Especial. +% English : + +% Refs : [DHK95] Dowek et al. (1995), Higher-order Unification via Expl +% : [Zha08] Zhang (2008), Using LEO-II to Prove Properties of an E +% : [Ben09] Benzmueller (2009), Email to Geoff Sutcliffe +% : [Bro09] Brown (2009), M-Set Models +% Source : [Ben09] +% Names : pushprop_lem1v2_lthm [Ben09] + +% Status : Theorem +% Rating : 0.11 v7.2.0, 0.00 v7.1.0, 0.25 v7.0.0, 0.14 v6.4.0, 0.17 v6.3.0, 0.20 v6.2.0, 0.00 v6.1.0, 0.14 v5.5.0, 0.17 v5.4.0, 0.20 v5.2.0 +% Syntax : Number of formulae : 238 ( 1 unit; 124 type; 113 defn) +% Number of atoms : 2372 ( 161 equality; 723 variable) +% Maximal formula depth : 39 ( 8 average) +% Number of connectives : 1942 ( 6 ~; 0 |; 4 &; 916 @) +% ( 2 <=>;1014 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 128 ( 128 >; 0 *; 0 +; 0 <<) +% Number of symbols : 126 ( 124 :; 0 =) +% Number of variables : 327 ( 3 sgn; 283 !; 5 ?; 39 ^) +% ( 327 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_THM_EQU_NAR + +% Comments : +% Bugfixes : v5.2.0 - Bugfixes in ALG003^0.ax +%------------------------------------------------------------------------------ +%----Include Untyped Lambda Sigma defs +%% include('Axioms/ALG003^0.ax'). +%------------------------------------------------------------------------------ +thf(term_type,type,( + term: $tType )). + +thf(subst_type,type,( + subst: $tType )). + +thf(one_type,type,( + one: term )). + +thf(ap_type,type,( + ap: term > term > term )). + +thf(lam_type,type,( + lam: term > term )). + +thf(sub_type,type,( + sub: term > subst > term )). + +thf(id_type,type,( + id: subst )). + +thf(sh_type,type,( + sh: subst )). + +thf(push_type,type,( + push: term > subst > subst )). + +thf(comp_type,type,( + comp: subst > subst > subst )). + +thf(var_type,type,( + var: term > $o )). + +thf(pushprop_lem1v2_type,type,( + pushprop_lem1v2: $o )). + +thf(pushprop_lem1_gthm_type,type,( + pushprop_lem1_gthm: $o )). + +thf(axmap_type,type,( + axmap: $o )). + +thf(pushprop_lem0_gthm_type,type,( + pushprop_lem0_gthm: $o )). + +thf(shinj_type,type,( + shinj: $o )). + +thf(hoasinduction_lem1v2_type,type,( + hoasinduction_lem1v2: $o )). + +thf(hoasinduction_lem1v2_gthm_type,type,( + hoasinduction_lem1v2_gthm: $o )). + +thf(hoasap_type,type,( + hoasap: subst > term > subst > term > term )). + +thf(induction2lem_type,type,( + induction2lem: $o )). + +thf(hoasinduction_lem3v2_f_type,type,( + hoasinduction_lem3v2_f: $o )). + +thf(axvarshift_type,type,( + axvarshift: $o )). + +thf(hoasapinj2_type,type,( + hoasapinj2: $o )). + +thf(hoasapnotvar_gthm_type,type,( + hoasapnotvar_gthm: $o )). + +thf(hoasapinj1_type,type,( + hoasapinj1: $o )). + +thf(ulamvar1_type,type,( + ulamvar1: $o )). + +thf(induction2lem_lthm_type,type,( + induction2lem_lthm: $o )). + +thf(hoasinduction_lem3v2_gthm_type,type,( + hoasinduction_lem3v2_gthm: $o )). + +thf(apnotvar_type,type,( + apnotvar: $o )). + +thf(pushprop_lthm_orig_type,type,( + pushprop_lthm_orig: $o )). + +thf(hoasinduction_lem3v2_f_lthm_type,type,( + hoasinduction_lem3v2_f_lthm: $o )). + +thf(hoasinduction_lthm_type,type,( + hoasinduction_lthm: $o )). + +thf(hoasinduction_no_psi_cond_lthm_type,type,( + hoasinduction_no_psi_cond_lthm: $o )). + +thf(hoaslaminj_type,type,( + hoaslaminj: $o )). + +thf(hoasinduction_lem3aaa_type,type,( + hoasinduction_lem3aaa: $o )). + +thf(induction2lem_gthm_type,type,( + induction2lem_gthm: $o )). + +thf(hoasinduction_lem3aa_lthm_type,type,( + hoasinduction_lem3aa_lthm: $o )). + +thf(hoasinduction_lem3_type,type,( + hoasinduction_lem3: $o )). + +thf(hoasinduction_lem2_type,type,( + hoasinduction_lem2: $o )). + +thf(termmset_lthm_type,type,( + termmset_lthm: $o )). + +thf(hoasinduction_lem1_type,type,( + hoasinduction_lem1: $o )). + +thf(hoaslamnotap_lthm_type,type,( + hoaslamnotap_lthm: $o )). + +thf(pushprop_lem1v2_lthm_type,type,( + pushprop_lem1v2_lthm: $o )). + +thf(hoasapnotvar_type,type,( + hoasapnotvar: $o )). + +thf(hoasinduction_lem0_type,type,( + hoasinduction_lem0: $o )). + +thf(hoasinduction_type,type,( + hoasinduction: $o )). + +thf(hoasinduction_gthm_type,type,( + hoasinduction_gthm: $o )). + +thf(axapp_type,type,( + axapp: $o )). + +thf(hoaslamnotvar_lthm_type,type,( + hoaslamnotvar_lthm: $o )). + +thf(pushprop_lem3v2_lthm_type,type,( + pushprop_lem3v2_lthm: $o )). + +thf(hoasinduction_lem3b_lthm_type,type,( + hoasinduction_lem3b_lthm: $o )). + +thf(ulamvarind_type,type,( + ulamvarind: $o )). + +thf(induction_type,type,( + induction: $o )). + +thf(hoasinduction_lem3a_lthm_type,type,( + hoasinduction_lem3a_lthm: $o )). + +thf(termmset_gthm_type,type,( + termmset_gthm: $o )). + +thf(hoasinduction_lem3aa_type,type,( + hoasinduction_lem3aa: $o )). + +thf(pushprop_lem1v2_gthm_type,type,( + pushprop_lem1v2_gthm: $o )). + +thf(hoaslamnotap_gthm_type,type,( + hoaslamnotap_gthm: $o )). + +thf(hoaslamnotvar_gthm_type,type,( + hoaslamnotvar_gthm: $o )). + +thf(hoasinduction_lem3b_gthm_type,type,( + hoasinduction_lem3b_gthm: $o )). + +thf(pushprop_lem2v2_type,type,( + pushprop_lem2v2: $o )). + +thf(hoasinduction_lem3a_gthm_type,type,( + hoasinduction_lem3a_gthm: $o )). + +thf(axclos_type,type,( + axclos: $o )). + +thf(axassoc_type,type,( + axassoc: $o )). + +thf(hoasinduction_lem2v2_type,type,( + hoasinduction_lem2v2: $o )). + +thf(pushprop_lthm_type,type,( + pushprop_lthm: $o )). + +thf(apinj2_type,type,( + apinj2: $o )). + +thf(apinj1_type,type,( + apinj1: $o )). + +thf(hoasapinj2_lthm_type,type,( + hoasapinj2_lthm: $o )). + +thf(hoasinduction_lem3v2a_type,type,( + hoasinduction_lem3v2a: $o )). + +thf(hoasapinj1_lthm_type,type,( + hoasapinj1_lthm: $o )). + +thf(hoaslaminj_lthm_type,type,( + hoaslaminj_lthm: $o )). + +thf(axvarcons_type,type,( + axvarcons: $o )). + +thf(hoaslam_type,type,( + hoaslam: subst > ( subst > term > term ) > term )). + +thf(axscons_type,type,( + axscons: $o )). + +thf(hoasinduction_lem2v2_gthm_type,type,( + hoasinduction_lem2v2_gthm: $o )). + +thf(axidr_type,type,( + axidr: $o )). + +thf(pushprop_lem1_type,type,( + pushprop_lem1: $o )). + +thf(laminj_type,type,( + laminj: $o )). + +thf(hoasinduction_lem3_lthm_type,type,( + hoasinduction_lem3_lthm: $o )). + +thf(pushprop_lem0_type,type,( + pushprop_lem0: $o )). + +thf(pushprop_gthm_type,type,( + pushprop_gthm: $o )). + +thf(axabs_type,type,( + axabs: $o )). + +thf(hoasinduction_lem3v2a_lthm_type,type,( + hoasinduction_lem3v2a_lthm: $o )). + +thf(hoasinduction_lem2_lthm_type,type,( + hoasinduction_lem2_lthm: $o )). + +thf(hoasapinj2_gthm_type,type,( + hoasapinj2_gthm: $o )). + +thf(hoasinduction_p_and_p_prime_type,type,( + hoasinduction_p_and_p_prime: ( subst > term > subst > $o ) > ( term > $o ) > $o )). + +thf(hoasinduction_lem1_lthm_type,type,( + hoasinduction_lem1_lthm: $o )). + +thf(lamnotap_type,type,( + lamnotap: $o )). + +thf(hoasapinj1_gthm_type,type,( + hoasapinj1_gthm: $o )). + +thf(hoaslamnotvar_type,type,( + hoaslamnotvar: $o )). + +thf(axidl_type,type,( + axidl: $o )). + +thf(hoaslaminj_gthm_type,type,( + hoaslaminj_gthm: $o )). + +thf(induction2_lthm_type,type,( + induction2_lthm: $o )). + +thf(hoasinduction_lem0_lthm_type,type,( + hoasinduction_lem0_lthm: $o )). + +thf(substmonoid_lthm_type,type,( + substmonoid_lthm: $o )). + +thf(pushprop_type,type,( + pushprop: $o )). + +thf(hoasinduction_lem3_gthm_type,type,( + hoasinduction_lem3_gthm: $o )). + +thf(hoasinduction_lem2_gthm_type,type,( + hoasinduction_lem2_gthm: $o )). + +thf(hoasinduction_lem3b_type,type,( + hoasinduction_lem3b: $o )). + +thf(substmonoid_type,type,( + substmonoid: $o )). + +thf(lamnotvar_type,type,( + lamnotvar: $o )). + +thf(hoasinduction_lem3a_type,type,( + hoasinduction_lem3a: $o )). + +thf(hoasinduction_lem1_gthm_type,type,( + hoasinduction_lem1_gthm: $o )). + +thf(hoasinduction_no_psi_cond_type,type,( + hoasinduction_no_psi_cond: $o )). + +thf(induction2_gthm_type,type,( + induction2_gthm: $o )). + +thf(pushprop_lem2v2_lthm_type,type,( + pushprop_lem2v2_lthm: $o )). + +thf(hoasvar_type,type,( + hoasvar: subst > term > subst > $o )). + +thf(hoaslamnotap_type,type,( + hoaslamnotap: $o )). + +thf(substmonoid_gthm_type,type,( + substmonoid_gthm: $o )). + +thf(ulamvarsh_type,type,( + ulamvarsh: $o )). + +thf(induction2_type,type,( + induction2: $o )). + +thf(pushprop_lem3v2_type,type,( + pushprop_lem3v2: $o )). + +thf(pushprop_lem2v2_gthm_type,type,( + pushprop_lem2v2_gthm: $o )). + +thf(pushprop_lem1_lthm_type,type,( + pushprop_lem1_lthm: $o )). + +thf(hoasinduction_lem3v2_type,type,( + hoasinduction_lem3v2: $o )). + +thf(axshiftcons_type,type,( + axshiftcons: $o )). + +thf(termmset_type,type,( + termmset: $o )). + +thf(pushprop_lem0_lthm_type,type,( + pushprop_lem0_lthm: $o )). + +thf(hoasapnotvar_lthm_type,type,( + hoasapnotvar_lthm: $o )). + +thf(hoasinduction_lem3v2_lthm_type,type,( + hoasinduction_lem3v2_lthm: $o )). + +thf(pushprop_p_and_p_prime_type,type,( + pushprop_p_and_p_prime: term > subst > ( term > $o ) > ( term > $o ) > $o )). + +thf(axvarid_type,type,( + axvarid: $o )). + +thf(hoasinduction_lthm_3_type,type,( + hoasinduction_lthm_3: $o )). + +thf(axapp,definition, + ( axapp + = ( ! [A: term,B: term,M: subst] : + ( ( sub @ ( ap @ A @ B ) @ M ) + = ( ap @ ( sub @ A @ M ) @ ( sub @ B @ M ) ) ) ) )). + +thf(axvarcons,definition, + ( axvarcons + = ( ! [A: term,M: subst] : + ( ( sub @ one @ ( push @ A @ M ) ) + = A ) ) )). + +thf(axvarid,definition, + ( axvarid + = ( ! [A: term] : + ( ( sub @ A @ id ) + = A ) ) )). + +thf(axabs,definition, + ( axabs + = ( ! [A: term,M: subst] : + ( ( sub @ ( lam @ A ) @ M ) + = ( lam @ ( sub @ A @ ( push @ one @ ( comp @ M @ sh ) ) ) ) ) ) )). + +thf(axclos,definition, + ( axclos + = ( ! [A: term,M: subst,N: subst] : + ( ( sub @ ( sub @ A @ M ) @ N ) + = ( sub @ A @ ( comp @ M @ N ) ) ) ) )). + +thf(axidl,definition, + ( axidl + = ( ! [M: subst] : + ( ( comp @ id @ M ) + = M ) ) )). + +thf(axshiftcons,definition, + ( axshiftcons + = ( ! [A: term,M: subst] : + ( ( comp @ sh @ ( push @ A @ M ) ) + = M ) ) )). + +thf(axassoc,definition, + ( axassoc + = ( ! [M: subst,N: subst,K: subst] : + ( ( comp @ ( comp @ M @ N ) @ K ) + = ( comp @ M @ ( comp @ N @ K ) ) ) ) )). + +thf(axmap,definition, + ( axmap + = ( ! [A: term,M: subst,N: subst] : + ( ( comp @ ( push @ A @ M ) @ N ) + = ( push @ ( sub @ A @ N ) @ ( comp @ M @ N ) ) ) ) )). + +thf(axidr,definition, + ( axidr + = ( ! [M: subst] : + ( ( comp @ M @ id ) + = M ) ) )). + +thf(axvarshift,definition, + ( axvarshift + = ( ( push @ one @ sh ) + = id ) )). + +thf(axscons,definition, + ( axscons + = ( ! [M: subst] : + ( ( push @ ( sub @ one @ M ) @ ( comp @ sh @ M ) ) + = M ) ) )). + +thf(ulamvar1,definition, + ( ulamvar1 + = ( var @ one ) )). + +thf(ulamvarsh,definition, + ( ulamvarsh + = ( ! [A: term] : + ( ( var @ A ) + => ( var @ ( sub @ A @ sh ) ) ) ) )). + +thf(ulamvarind,definition, + ( ulamvarind + = ( ! [P: term > $o] : + ( ( P @ one ) + => ( ! [A: term] : + ( ( var @ A ) + => ( ( P @ A ) + => ( P @ ( sub @ A @ sh ) ) ) ) + => ! [A: term] : + ( ( var @ A ) + => ( P @ A ) ) ) ) ) )). + +thf(apinj1,definition, + ( apinj1 + = ( ! [A: term,B: term,C: term,D: term] : + ( ( ( ap @ A @ C ) + = ( ap @ B @ D ) ) + => ( A = B ) ) ) )). + +thf(apinj2,definition, + ( apinj2 + = ( ! [A: term,B: term,C: term,D: term] : + ( ( ( ap @ A @ C ) + = ( ap @ B @ D ) ) + => ( C = D ) ) ) )). + +thf(laminj,definition, + ( laminj + = ( ! [A: term,B: term] : + ( ( ( lam @ A ) + = ( lam @ B ) ) + => ( A = B ) ) ) )). + +thf(shinj,definition, + ( shinj + = ( ! [A: term,B: term] : + ( ( ( sub @ A @ sh ) + = ( sub @ B @ sh ) ) + => ( A = B ) ) ) )). + +thf(lamnotap,definition, + ( lamnotap + = ( ! [A: term,B: term,C: term] : + ( ( lam @ A ) + != ( ap @ B @ C ) ) ) )). + +thf(apnotvar,definition, + ( apnotvar + = ( ! [A: term,B: term] : + ~ ( var @ ( ap @ A @ B ) ) ) )). + +thf(lamnotvar,definition, + ( lamnotvar + = ( ! [A: term] : + ~ ( var @ ( lam @ A ) ) ) )). + +thf(induction,definition, + ( induction + = ( ! [P: term > $o] : + ( ! [A: term] : + ( ( var @ A ) + => ( P @ A ) ) + => ( ! [A: term,B: term] : + ( ( P @ A ) + => ( ( P @ B ) + => ( P @ ( ap @ A @ B ) ) ) ) + => ( ! [A: term] : + ( ( P @ A ) + => ( P @ ( lam @ A ) ) ) + => ! [A: term] : + ( P @ A ) ) ) ) ) )). + +thf(pushprop_p_and_p_prime,definition, + ( pushprop_p_and_p_prime + = ( ^ [A: term,M: subst,P: term > $o,Q: term > $o] : + ! [X: term] : + ( ( Q @ X ) + <=> ( P @ ( sub @ X @ ( push @ A @ M ) ) ) ) ) )). + +thf(pushprop_lem0,definition, + ( pushprop_lem0 + = ( ! [P: term > $o,A: term,M: subst] : + ? [Q: term > $o] : + ( pushprop_p_and_p_prime @ A @ M @ P @ Q ) ) )). + +thf(pushprop_lem0_gthm,definition, + ( pushprop_lem0_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => pushprop_lem0 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(pushprop_lem0_lthm,definition,( + pushprop_lem0_lthm = pushprop_lem0 )). + +thf(pushprop_lem1,definition, + ( pushprop_lem1 + = ( ! [P: term > $o,K: term > $o,A: term,M: subst,B: term] : + ( ( P @ A ) + => ( K @ ( sub @ A @ ( push @ B @ M ) ) ) ) ) )). + +thf(pushprop_lem1_gthm,definition, + ( pushprop_lem1_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => pushprop_lem1 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(pushprop_lem1_lthm,definition, + ( pushprop_lem1_lthm + = ( axvarcons + => ( axclos + => ( axshiftcons + => ( ulamvarind + => pushprop_lem1 ) ) ) ) )). + +thf(pushprop_lem1v2,definition, + ( pushprop_lem1v2 + = ( ! [P: term > $o,Q: term > $o,A: term,M: subst] : + ( ( P @ A ) + => ( ( pushprop_p_and_p_prime @ A @ M @ P @ Q ) + => ( Q @ one ) ) ) ) )). + +thf(pushprop_lem1v2_gthm,definition, + ( pushprop_lem1v2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => pushprop_lem1v2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(pushprop_lem1v2_lthm,definition, + ( pushprop_lem1v2_lthm + = ( axvarcons + => pushprop_lem1v2 ) )). + +thf(pushprop_lem2v2,definition, + ( pushprop_lem2v2 + = ( ! [P: term > $o,Q: term > $o,A: term,M: subst] : + ( ( pushprop_p_and_p_prime @ A @ M @ P @ Q ) + => ( ! [B: term] : + ( ( var @ B ) + => ( P @ ( sub @ B @ M ) ) ) + => ! [C: term] : + ( ( var @ C ) + => ( ( Q @ C ) + => ( Q @ ( sub @ C @ sh ) ) ) ) ) ) ) )). + +thf(pushprop_lem2v2_gthm,definition, + ( pushprop_lem2v2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => pushprop_lem2v2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(pushprop_lem2v2_lthm,definition, + ( pushprop_lem2v2_lthm + = ( axclos + => ( axshiftcons + => pushprop_lem2v2 ) ) )). + +thf(pushprop_lem3v2,definition, + ( pushprop_lem3v2 + = ( ! [P: term > $o,Q: term > $o,A: term,M: subst] : + ( ( pushprop_p_and_p_prime @ A @ M @ P @ Q ) + => ( ! [B: term] : + ( ( var @ B ) + => ( Q @ B ) ) + => ! [B: term] : + ( ( var @ B ) + => ( P @ ( sub @ B @ ( push @ A @ M ) ) ) ) ) ) ) )). + +thf(pushprop_lem3v2_lthm,definition,( + pushprop_lem3v2_lthm = pushprop_lem3v2 )). + +thf(pushprop,definition, + ( pushprop + = ( ! [P: term > $o,A: term,M: subst] : + ( ! [B: term] : + ( ( var @ B ) + => ( P @ ( sub @ B @ M ) ) ) + => ( ( P @ A ) + => ! [B: term] : + ( ( var @ B ) + => ( P @ ( sub @ B @ ( push @ A @ M ) ) ) ) ) ) ) )). + +thf(pushprop_gthm,definition, + ( pushprop_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => pushprop ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(pushprop_lthm_orig,definition, + ( pushprop_lthm_orig + = ( ulamvar1 + => ( axvarcons + => ( axclos + => ( axshiftcons + => ( ulamvarind + => pushprop ) ) ) ) ) )). + +thf(pushprop_lthm,definition, + ( pushprop_lthm + = ( pushprop_lem0 + => ( ulamvar1 + => ( axvarcons + => ( axclos + => ( axshiftcons + => ( ulamvarind + => pushprop ) ) ) ) ) ) )). + +thf(induction2lem,definition, + ( induction2lem + = ( ! [P: term > $o] : + ( ! [A: term,B: term] : + ( ( P @ A ) + => ( ( P @ B ) + => ( P @ ( ap @ A @ B ) ) ) ) + => ( ! [A: term] : + ( ! [B: term] : + ( ( P @ B ) + => ( P @ ( sub @ A @ ( push @ B @ id ) ) ) ) + => ( P @ ( lam @ A ) ) ) + => ! [A: term,M: subst] : + ( ! [B: term] : + ( ( var @ B ) + => ( P @ ( sub @ B @ M ) ) ) + => ( P @ ( sub @ A @ M ) ) ) ) ) ) )). + +thf(induction2lem_gthm,definition, + ( induction2lem_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => induction2lem ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(induction2lem_lthm,definition, + ( induction2lem_lthm + = ( axapp + => ( axvarcons + => ( axabs + => ( axclos + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( induction + => ( pushprop + => induction2lem ) ) ) ) ) ) ) ) ) ) )). + +thf(induction2,definition, + ( induction2 + = ( ! [P: term > $o] : + ( ! [A: term] : + ( ( var @ A ) + => ( P @ A ) ) + => ( ! [A: term,B: term] : + ( ( P @ A ) + => ( ( P @ B ) + => ( P @ ( ap @ A @ B ) ) ) ) + => ( ! [A: term] : + ( ! [B: term] : + ( ( P @ B ) + => ( P @ ( sub @ A @ ( push @ B @ id ) ) ) ) + => ( P @ ( lam @ A ) ) ) + => ! [A: term] : + ( P @ A ) ) ) ) ) )). + +thf(induction2_gthm,definition, + ( induction2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => induction2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(induction2_lthm,definition, + ( induction2_lthm + = ( axvarid + => ( induction2lem + => induction2 ) ) )). + +thf(substmonoid,definition, + ( substmonoid + = ( ! [M: subst,N: subst,K: subst] : + ( ( comp @ ( comp @ M @ N ) @ K ) + = ( comp @ M @ ( comp @ N @ K ) ) ) + & ! [M: subst] : + ( ( comp @ id @ M ) + = M ) + & ! [M: subst] : + ( ( comp @ M @ id ) + = M ) ) )). + +thf(substmonoid_gthm,definition, + ( substmonoid_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => substmonoid ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(substmonoid_lthm,definition, + ( substmonoid_lthm + = ( axidl + => ( axassoc + => ( axidr + => substmonoid ) ) ) )). + +thf(termmset,definition, + ( termmset + = ( ! [A: term,M: subst,N: subst] : + ( ( sub @ ( sub @ A @ M ) @ N ) + = ( sub @ A @ ( comp @ M @ N ) ) ) + & ! [A: term] : + ( ( sub @ A @ id ) + = A ) ) )). + +thf(termmset_gthm,definition, + ( termmset_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => termmset ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(termmset_lthm,definition, + ( termmset_lthm + = ( axvarid + => ( axclos + => termmset ) ) )). + +thf(hoasap,definition, + ( hoasap + = ( ^ [M: subst,A: term,N: subst,B: term] : + ( ap @ ( sub @ A @ N ) @ B ) ) )). + +thf(hoaslam,definition, + ( hoaslam + = ( ^ [M: subst,F: subst > term > term] : + ( lam @ ( F @ sh @ one ) ) ) )). + +thf(hoasvar,definition, + ( hoasvar + = ( ^ [M: subst,A: term,N: subst] : + ( var @ ( sub @ A @ N ) ) ) )). + +thf(hoasapinj1,definition, + ( hoasapinj1 + = ( ! [A: term,B: term,C: term,D: term] : + ( ( ( hoasap @ id @ A @ id @ C ) + = ( hoasap @ id @ B @ id @ D ) ) + => ( A = B ) ) ) )). + +thf(hoasapinj1_gthm,definition, + ( hoasapinj1_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => hoasapinj1 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasapinj1_lthm,definition, + ( hoasapinj1_lthm + = ( axvarid + => ( apinj1 + => hoasapinj1 ) ) )). + +thf(hoasapinj2,definition, + ( hoasapinj2 + = ( ! [A: term,B: term,C: term,D: term] : + ( ( ( hoasap @ id @ A @ id @ C ) + = ( hoasap @ id @ B @ id @ D ) ) + => ( C = D ) ) ) )). + +thf(hoasapinj2_gthm,definition, + ( hoasapinj2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => hoasapinj2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasapinj2_lthm,definition, + ( hoasapinj2_lthm + = ( apinj2 + => hoasapinj2 ) )). + +thf(hoaslaminj,definition, + ( hoaslaminj + = ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ! [G: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( G @ M @ A ) @ N ) + = ( G @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ( ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + = ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( G @ M @ A ) ) ) + => ! [M: subst,A: term] : + ( ( F @ M @ A ) + = ( G @ M @ A ) ) ) ) ) ) )). + +thf(hoaslaminj_gthm,definition, + ( hoaslaminj_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => hoaslaminj ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoaslaminj_lthm,definition, + ( hoaslaminj_lthm + = ( axvarcons + => ( axshiftcons + => ( laminj + => hoaslaminj ) ) ) )). + +thf(hoaslamnotap,definition, + ( hoaslamnotap + = ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ! [A: term,B: term] : + ( ( hoaslam @ id + @ ^ [M: subst,C: term] : + ( F @ M @ C ) ) + != ( hoasap @ id @ A @ id @ B ) ) ) ) )). + +thf(hoaslamnotap_gthm,definition, + ( hoaslamnotap_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => hoaslamnotap ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoaslamnotap_lthm,definition, + ( hoaslamnotap_lthm + = ( lamnotap + => hoaslamnotap ) )). + +thf(hoaslamnotvar,definition, + ( hoaslamnotvar + = ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ~ ( hoasvar @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) )). + +thf(hoaslamnotvar_gthm,definition, + ( hoaslamnotvar_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => hoaslamnotvar ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoaslamnotvar_lthm,definition, + ( hoaslamnotvar_lthm + = ( axvarid + => ( lamnotvar + => hoaslamnotvar ) ) )). + +thf(hoasapnotvar,definition, + ( hoasapnotvar + = ( ! [A: term,B: term] : + ~ ( hoasvar @ id @ ( hoasap @ id @ A @ id @ B ) @ id ) ) )). + +thf(hoasapnotvar_gthm,definition, + ( hoasapnotvar_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => hoasapnotvar ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasapnotvar_lthm,definition, + ( hoasapnotvar_lthm + = ( axvarid + => ( apnotvar + => hoasapnotvar ) ) )). + +thf(hoasinduction_p_and_p_prime,definition, + ( hoasinduction_p_and_p_prime + = ( ^ [P: subst > term > subst > $o,Q: term > $o] : + ! [X: term] : + ( ( Q @ X ) + <=> ( P @ id @ X @ id ) ) ) )). + +thf(hoasinduction_lem0,definition, + ( hoasinduction_lem0 + = ( ! [P: subst > term > subst > $o] : + ? [Q: term > $o] : + ( hoasinduction_p_and_p_prime @ P @ Q ) ) )). + +thf(hoasinduction_lem0_lthm,definition,( + hoasinduction_lem0_lthm = hoasinduction_lem0 )). + +thf(hoasinduction_lem1v2,definition, + ( hoasinduction_lem1v2 + = ( ! [P: subst > term > subst > $o,Q: term > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [A: term] : + ( ( hoasvar @ id @ A @ id ) + => ( P @ id @ A @ id ) ) + => ( ( hoasinduction_p_and_p_prime @ P @ Q ) + => ! [A: term] : + ( ( var @ A ) + => ( Q @ A ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem1v2_gthm,definition, + ( hoasinduction_lem1v2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem1v2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem2v2,definition, + ( hoasinduction_lem2v2 + = ( ! [P: subst > term > subst > $o,Q: term > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [A: term,B: term] : + ( ( P @ id @ A @ id ) + => ( ( P @ id @ B @ id ) + => ( P @ id @ ( hoasap @ id @ A @ id @ B ) @ id ) ) ) + => ( ( hoasinduction_p_and_p_prime @ P @ Q ) + => ! [A: term,B: term] : + ( ( Q @ A ) + => ( ( Q @ B ) + => ( Q @ ( ap @ A @ B ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem2v2_gthm,definition, + ( hoasinduction_lem2v2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem2v2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3v2_f,definition, + ( hoasinduction_lem3v2_f + = ( ! [B: term] : + ? [F: subst > term > term] : + ! [A: term,M: subst] : + ( ( F @ M @ A ) + = ( sub @ B @ ( push @ A @ M ) ) ) ) )). + +thf(hoasinduction_lem3v2_f_lthm,definition,( + hoasinduction_lem3v2_f_lthm = hoasinduction_lem3v2_f )). + +thf(hoasinduction_lem3v2,definition, + ( hoasinduction_lem3v2 + = ( ! [P: subst > term > subst > $o,Q: term > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ( ( hoasinduction_p_and_p_prime @ P @ Q ) + => ! [A: term] : + ( ! [B: term] : + ( ( Q @ B ) + => ( Q @ ( sub @ A @ ( push @ B @ id ) ) ) ) + => ( Q @ ( lam @ A ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3v2_gthm,definition, + ( hoasinduction_lem3v2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem3v2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3v2_lthm,definition, + ( hoasinduction_lem3v2_lthm + = ( axvarid + => ( axvarshift + => ( axclos + => ( axmap + => hoasinduction_lem3v2 ) ) ) ) )). + +thf(hoasinduction_lem3v2a,definition, + ( hoasinduction_lem3v2a + = ( ! [P: subst > term > subst > $o,Q: term > $o] : + ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ( ( hoasinduction_p_and_p_prime @ P @ Q ) + => ! [A: term] : + ( ! [B: term] : + ( ( Q @ B ) + => ( Q @ ( sub @ A @ ( push @ B @ id ) ) ) ) + => ( Q @ ( lam @ A ) ) ) ) ) ) )). + +thf(hoasinduction_lem3v2a_lthm,definition, + ( hoasinduction_lem3v2a_lthm + = ( hoasinduction_lem3v2_f + => ( axvarid + => ( axvarshift + => ( axclos + => ( axmap + => hoasinduction_lem3v2a ) ) ) ) ) )). + +thf(hoasinduction_lem1,definition, + ( hoasinduction_lem1 + = ( ! [P: subst > term > subst > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [A: term] : + ( ( hoasvar @ id @ A @ id ) + => ( P @ id @ A @ id ) ) + => ! [A: term] : + ( ( var @ A ) + => ( P @ id @ A @ id ) ) ) ) ) ) )). + +thf(hoasinduction_lem1_gthm,definition, + ( hoasinduction_lem1_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem1 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem1_lthm,definition, + ( hoasinduction_lem1_lthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem1 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem2,definition, + ( hoasinduction_lem2 + = ( ! [P: subst > term > subst > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [A: term,B: term] : + ( ( P @ id @ A @ id ) + => ( ( P @ id @ B @ id ) + => ( P @ id @ ( hoasap @ id @ A @ id @ B ) @ id ) ) ) + => ! [A: term,B: term] : + ( ( P @ id @ A @ id ) + => ( ( P @ id @ B @ id ) + => ( P @ id @ ( ap @ A @ B ) @ id ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem2_gthm,definition, + ( hoasinduction_lem2_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem2_lthm,definition, + ( hoasinduction_lem2_lthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => hoasinduction_lem2 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3aa,definition, + ( hoasinduction_lem3aa + = ( ! [P: subst > term > subst > $o] : + ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ! [A: term] : + ( ! [B: term] : + ( ( P @ id @ B @ id ) + => ( P @ id @ ( sub @ A @ ( push @ B @ id ) ) @ id ) ) + => ( P @ id @ ( lam @ ( sub @ A @ ( push @ one @ sh ) ) ) @ id ) ) ) ) )). + +thf(hoasinduction_lem3aa_lthm,definition, + ( hoasinduction_lem3aa_lthm + = ( axclos + => ( axmap + => hoasinduction_lem3aa ) ) )). + +thf(hoasinduction_lem3aaa,definition, + ( hoasinduction_lem3aaa + = ( ! [P: subst > term > subst > $o] : + ( ! [F: subst > term > term] : + ( ? [C: term] : + ! [M: subst,A: term,N: subst] : + ( ( ( sub @ ( F @ M @ A ) @ N ) + = ( sub @ ( sub @ C @ ( push @ A @ M ) ) @ N ) ) + & ( ( sub @ C @ ( push @ ( sub @ A @ N ) @ ( comp @ M @ N ) ) ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ! [A: term] : + ( ! [B: term] : + ( ( P @ id @ B @ id ) + => ( P @ id @ ( sub @ A @ ( push @ B @ id ) ) @ id ) ) + => ( P @ id @ ( lam @ ( sub @ A @ ( push @ one @ sh ) ) ) @ id ) ) ) ) )). + +thf(hoasinduction_lem3,definition, + ( hoasinduction_lem3 + = ( ! [P: subst > term > subst > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ! [A: term] : + ( ! [B: term] : + ( ( P @ id @ B @ id ) + => ( P @ id @ ( sub @ A @ ( push @ B @ id ) ) @ id ) ) + => ( P @ id @ ( lam @ A ) @ id ) ) ) ) ) ) )). + +thf(hoasinduction_lem3_gthm,definition, + ( hoasinduction_lem3_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => ( hoasinduction_lem1 + => ( hoasinduction_lem2 + => hoasinduction_lem3 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3_lthm,definition, + ( hoasinduction_lem3_lthm + = ( axvarid + => ( axvarshift + => ( hoasinduction_lem3aa + => hoasinduction_lem3 ) ) ) )). + +thf(hoasinduction_lem3a,definition, + ( hoasinduction_lem3a + = ( ! [P: subst > term > subst > $o] : + ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ! [A: term] : + ( ! [B: term] : + ( ( P @ id @ B @ id ) + => ( P @ id @ ( sub @ A @ ( push @ B @ id ) ) @ id ) ) + => ( P @ id @ ( lam @ A ) @ id ) ) ) ) )). + +thf(hoasinduction_lem3a_gthm,definition, + ( hoasinduction_lem3a_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => ( hoasinduction_lem1 + => ( hoasinduction_lem2 + => hoasinduction_lem3a ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3a_lthm,definition, + ( hoasinduction_lem3a_lthm + = ( axvarid + => ( axvarshift + => ( hoasinduction_lem3aa + => hoasinduction_lem3a ) ) ) )). + +thf(hoasinduction_lem3b,definition, + ( hoasinduction_lem3b + = ( ! [B: term] : + ? [F: subst > term > term] : + ( ( sub @ B @ ( push @ one @ sh ) ) + = ( F @ sh @ one ) ) ) )). + +thf(hoasinduction_lem3b_gthm,definition, + ( hoasinduction_lem3b_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => ( hoasinduction_lem1 + => ( hoasinduction_lem2 + => hoasinduction_lem3b ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lem3b_lthm,definition,( + hoasinduction_lem3b_lthm = hoasinduction_lem3b )). + +thf(hoasinduction,definition, + ( hoasinduction + = ( ! [P: subst > term > subst > $o] : + ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ M @ A @ ( comp @ K @ N ) ) + => ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) ) + => ( ! [M: subst,A: term,N: subst,K: subst] : + ( ( P @ ( comp @ M @ K ) @ ( sub @ A @ K ) @ N ) + => ( P @ M @ A @ ( comp @ K @ N ) ) ) + => ( ! [A: term] : + ( ( hoasvar @ id @ A @ id ) + => ( P @ id @ A @ id ) ) + => ( ! [A: term,B: term] : + ( ( P @ id @ A @ id ) + => ( ( P @ id @ B @ id ) + => ( P @ id @ ( hoasap @ id @ A @ id @ B ) @ id ) ) ) + => ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ! [A: term] : + ( P @ id @ A @ id ) ) ) ) ) ) ) )). + +thf(hoasinduction_gthm,definition, + ( hoasinduction_gthm + = ( axapp + => ( axvarcons + => ( axvarid + => ( axabs + => ( axclos + => ( axidl + => ( axshiftcons + => ( axassoc + => ( axmap + => ( axidr + => ( axvarshift + => ( axscons + => ( ulamvar1 + => ( ulamvarsh + => ( ulamvarind + => ( apinj1 + => ( apinj2 + => ( laminj + => ( shinj + => ( lamnotap + => ( apnotvar + => ( lamnotvar + => ( induction + => ( pushprop + => ( induction2lem + => ( induction2 + => ( substmonoid + => ( termmset + => ( hoasapinj1 + => ( hoasapinj2 + => ( hoaslaminj + => ( hoaslamnotap + => ( hoaslamnotvar + => ( hoasapnotvar + => ( hoasinduction_lem1 + => ( hoasinduction_lem2 + => ( hoasinduction_lem3 + => hoasinduction ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )). + +thf(hoasinduction_lthm,definition, + ( hoasinduction_lthm + = ( induction2 + => ( hoasinduction_lem1 + => ( hoasinduction_lem2 + => ( hoasinduction_lem3 + => hoasinduction ) ) ) ) )). + +thf(hoasinduction_lthm_3,definition, + ( hoasinduction_lthm_3 + = ( hoasinduction_lem0 + => ( induction2 + => ( axvarid + => ( hoasinduction_lem3v2a + => hoasinduction ) ) ) ) )). + +thf(hoasinduction_no_psi_cond,definition, + ( hoasinduction_no_psi_cond + = ( ! [P: subst > term > subst > $o] : + ( ! [A: term,B: term] : + ( ( P @ id @ A @ id ) + => ( ( P @ id @ B @ id ) + => ( P @ id @ ( hoasap @ id @ A @ id @ B ) @ id ) ) ) + => ( ! [F: subst > term > term] : + ( ! [M: subst,A: term,N: subst] : + ( ( sub @ ( F @ M @ A ) @ N ) + = ( F @ ( comp @ M @ N ) @ ( sub @ A @ N ) ) ) + => ( ! [A: term] : + ( ( P @ id @ A @ id ) + => ( P @ id @ ( F @ id @ A ) @ id ) ) + => ( P @ id + @ ( hoaslam @ id + @ ^ [M: subst,A: term] : + ( F @ M @ A ) ) + @ id ) ) ) + => ! [A: term] : + ( P @ id @ A @ id ) ) ) ) )). + +thf(hoasinduction_no_psi_cond_lthm,definition, + ( hoasinduction_no_psi_cond_lthm + = ( hoasinduction_lem0 + => ( induction2 + => ( axvarid + => ( hoasinduction_lem3v2a + => hoasinduction_no_psi_cond ) ) ) ) )). + + +thf(thm,conjecture,( + pushprop_lem1v2_lthm )). + +%------------------------------------------------------------------------------ diff --git a/test/regress/regress2/ho/partial_app_interpreted_SWW474^2.p b/test/regress/regress2/ho/partial_app_interpreted_SWW474^2.p new file mode 100644 index 000000000..b4e9e9bb7 --- /dev/null +++ b/test/regress/regress2/ho/partial_app_interpreted_SWW474^2.p @@ -0,0 +1,5211 @@ +% COMMAND-LINE: --uf-ho --full-saturate-quant --ho-elim --no-check-unsat-cores --no-check-proofs +% EXPECT: % SZS status Theorem for partial_app_interpreted_SWW474^2 + +%------------------------------------------------------------------------------ +% File : SWW474^2 : TPTP v7.2.0. Released v5.3.0. +% Domain : Software Verification +% Problem : Hoare's Logic with Procedures line 440, 500 axioms selected +% Version : Especial. +% English : + +% Refs : [BN10] Boehme & Nipkow (2010), Sledgehammer: Judgement Day +% : [Bla11] Blanchette (2011), Email to Geoff Sutcliffe +% Source : [Bla11] +% Names : hoare_500_thf_l440 [Bla11] + +% Status : Theorem +% Rating : 0.56 v7.2.0, 0.50 v7.0.0, 0.43 v6.4.0, 0.50 v6.3.0, 0.60 v6.2.0, 0.43 v6.1.0, 0.71 v5.5.0, 0.67 v5.4.0, 0.80 v5.3.0 +% Syntax : Number of formulae : 833 ( 2 unit; 110 type; 0 defn) +% Number of atoms : 8029 ( 594 equality;4565 variable) +% Maximal formula depth : 19 ( 8 average) +% Number of connectives : 6344 ( 226 ~; 35 |; 108 &;5021 @) +% ( 116 <=>; 838 =>; 0 <=; 0 <~>) +% ( 0 ~|; 0 ~&) +% Number of type conns : 2404 (2404 >; 0 *; 0 +; 0 <<) +% Number of symbols : 118 ( 110 :; 0 =) +% Number of variables : 2030 ( 12 sgn;1851 !; 48 ?; 131 ^) +% (2030 :; 0 !>; 0 ?*) +% ( 0 @-; 0 @+) +% SPC : TH0_THM_EQU_NAR + +% Comments : This file was generated by Isabelle (most likely Sledgehammer) +% 2011-08-09 19:43:11 +%------------------------------------------------------------------------------ +%----Should-be-implicit typings (7) +thf(ty_ty_tc__Com__Ocom,type,( + com: $tType )). + +thf(ty_ty_tc__Com__Opname,type,( + pname: $tType )). + +thf(ty_ty_tc__Com__Ostate,type,( + state: $tType )). + +thf(ty_ty_tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate_J,type,( + hoare_1167836817_state: $tType )). + +thf(ty_ty_tc__Option__Ooption_Itc__Com__Ocom_J,type,( + option_com: $tType )). + +thf(ty_ty_tc__Option__Ooption_Itc__Com__Opname_J,type,( + option_pname: $tType )). + +thf(ty_ty_tc__Option__Ooption_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Co,type,( + option1574264306_state: $tType )). + +%----Explicit typings (103) +thf(sy_c_Com_OWT,type,( + wt: com > $o )). + +thf(sy_c_Com_OWT__bodies,type,( + wT_bodies: $o )). + +thf(sy_c_Com_Obody,type,( + body: pname > option_com )). + +thf(sy_c_Com_Ocom_OBODY,type,( + body_1: pname > com )). + +thf(sy_c_Com_Ocom_OSKIP,type,( + skip: com )). + +thf(sy_c_Com_Ocom_OSemi,type,( + semi: com > com > com )). + +thf(sy_c_Com_Ocom_OWhile,type,( + while: ( state > $o ) > com > com )). + +thf(sy_c_Finite__Set_Ofinite_000_062_I_062_Itc__Com__Opname_M_Eo_J_M_Eo_J,type,( + finite1066544169me_o_o: ( ( ( pname > $o ) > $o ) > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofinite_000_062_I_062_Itc__Hoare____Mirabelle____srushsumbx__Ot,type,( + finite33115244te_o_o: ( ( ( hoare_1167836817_state > $o ) > $o ) > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofinite_000_062_Itc__Com__Opname_M_Eo_J,type,( + finite297249702name_o: ( ( pname > $o ) > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofinite_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_,type,( + finite1380128977tate_o: ( ( hoare_1167836817_state > $o ) > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofinite_000tc__Com__Opname,type,( + finite_finite_pname: ( pname > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofinite_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__C,type,( + finite1084549118_state: ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one_000_062_Itc__Com__Opname_M_Eo_J,type,( + finite349908348name_o: ( ( pname > $o ) > ( pname > $o ) > pname > $o ) > ( ( ( pname > $o ) > $o ) > pname > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one_000_062_Itc__Hoare____Mirabelle____srushsumbx__Ot,type,( + finite979047547tate_o: ( ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o ) > ( ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one_000tc__Com__Opname,type,( + finite1282449217_pname: ( pname > pname > pname ) > ( ( pname > $o ) > pname ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one_000tc__Hoare____Mirabelle____srushsumbx__Otriple_,type,( + finite1074406356_state: ( hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state ) > ( ( hoare_1167836817_state > $o ) > hoare_1167836817_state ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one__idem_000_062_Itc__Com__Opname_M_Eo_J,type,( + finite697516351name_o: ( ( pname > $o ) > ( pname > $o ) > pname > $o ) > ( ( ( pname > $o ) > $o ) > pname > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one__idem_000_062_Itc__Hoare____Mirabelle____srushsum,type,( + finite671847800tate_o: ( ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o ) > ( ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one__idem_000tc__Com__Opname,type,( + finite89670078_pname: ( pname > pname > pname ) > ( ( pname > $o ) > pname ) > $o )). + +thf(sy_c_Finite__Set_Ofolding__one__idem_000tc__Hoare____Mirabelle____srushsumbx__Ot,type,( + finite806517911_state: ( hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state ) > ( ( hoare_1167836817_state > $o ) > hoare_1167836817_state ) > $o )). + +thf(sy_c_Groups_Ominus__class_Ominus_000_062_I_062_Itc__Com__Opname_M_Eo_J_M_Eo_J,type,( + minus_1480864103me_o_o: ( ( pname > $o ) > $o ) > ( ( pname > $o ) > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Groups_Ominus__class_Ominus_000_062_I_062_Itc__Hoare____Mirabelle____srushs,type,( + minus_1708687022te_o_o: ( ( hoare_1167836817_state > $o ) > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Groups_Ominus__class_Ominus_000_062_Itc__Com__Opname_M_Eo_J,type,( + minus_minus_pname_o: ( pname > $o ) > ( pname > $o ) > pname > $o )). + +thf(sy_c_Groups_Ominus__class_Ominus_000_062_Itc__Hoare____Mirabelle____srushsumbx__,type,( + minus_2107060239tate_o: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_HOL_OThe_000tc__Com__Opname,type,( + the_pname: ( pname > $o ) > pname )). + +thf(sy_c_HOL_OThe_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate_,type,( + the_Ho310147232_state: ( hoare_1167836817_state > $o ) > hoare_1167836817_state )). + +thf(sy_c_Hoare__Mirabelle__srushsumbx_OMGT,type,( + hoare_Mirabelle_MGT: com > hoare_1167836817_state )). + +thf(sy_c_Hoare__Mirabelle__srushsumbx_Ohoare__derivs_000tc__Com__Ostate,type,( + hoare_123228589_state: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Hoare__Mirabelle__srushsumbx_Ohoare__valids_000tc__Com__Ostate,type,( + hoare_529639851_state: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Hoare__Mirabelle__srushsumbx_Ostate__not__singleton,type,( + hoare_1201148605gleton: $o )). + +thf(sy_c_Hoare__Mirabelle__srushsumbx_Otriple_Otriple_000tc__Com__Ostate,type,( + hoare_908217195_state: ( state > state > $o ) > com > ( state > state > $o ) > hoare_1167836817_state )). + +thf(sy_c_If_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate_J,type,( + if_Hoa833675553_state: $o > hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state )). + +thf(sy_c_If_000tc__Option__Ooption_Itc__Com__Ocom_J,type,( + if_option_com: $o > option_com > option_com > option_com )). + +thf(sy_c_Lattices_Osemilattice__inf__class_Oinf_000_062_I_062_Itc__Com__Opname_M_Eo_,type,( + semila2013987940me_o_o: ( ( pname > $o ) > $o ) > ( ( pname > $o ) > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Lattices_Osemilattice__inf__class_Oinf_000_062_I_062_Itc__Hoare____Mirabell,type,( + semila1758709489te_o_o: ( ( hoare_1167836817_state > $o ) > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Lattices_Osemilattice__inf__class_Oinf_000_062_Itc__Com__Opname_M_Eo_J,type,( + semila1673364395name_o: ( pname > $o ) > ( pname > $o ) > pname > $o )). + +thf(sy_c_Lattices_Osemilattice__inf__class_Oinf_000_062_Itc__Hoare____Mirabelle____s,type,( + semila179895820tate_o: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Lattices_Osemilattice__sup__class_Osup_000_062_I_062_Itc__Com__Opname_M_Eo_,type,( + semila181081674me_o_o: ( ( pname > $o ) > $o ) > ( ( pname > $o ) > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Lattices_Osemilattice__sup__class_Osup_000_062_I_062_Itc__Hoare____Mirabell,type,( + semila866907787te_o_o: ( ( hoare_1167836817_state > $o ) > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Lattices_Osemilattice__sup__class_Osup_000_062_Itc__Com__Opname_M_Eo_J,type,( + semila1780557381name_o: ( pname > $o ) > ( pname > $o ) > pname > $o )). + +thf(sy_c_Lattices_Osemilattice__sup__class_Osup_000_062_Itc__Hoare____Mirabelle____s,type,( + semila1172322802tate_o: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Lattices_Osemilattice__sup__class_Osup_000_Eo,type,( + semila10642723_sup_o: $o > $o > $o )). + +thf(sy_c_Map_Odom_000tc__Com__Opname_000tc__Com__Ocom,type,( + dom_pname_com: ( pname > option_com ) > pname > $o )). + +thf(sy_c_Natural_Oevalc,type,( + evalc: com > state > state > $o )). + +thf(sy_c_Option_Ooption_OSome_000tc__Com__Ocom,type,( + some_com: com > option_com )). + +thf(sy_c_Option_Ooption_OSome_000tc__Com__Opname,type,( + some_pname: pname > option_pname )). + +thf(sy_c_Option_Ooption_OSome_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__,type,( + some_H1433514562_state: hoare_1167836817_state > option1574264306_state )). + +thf(sy_c_Option_Oset_000tc__Com__Ocom,type,( + set_com: option_com > com > $o )). + +thf(sy_c_Option_Oset_000tc__Com__Opname,type,( + set_pname: option_pname > pname > $o )). + +thf(sy_c_Option_Oset_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Osta,type,( + set_Ho2131684873_state: option1574264306_state > hoare_1167836817_state > $o )). + +thf(sy_c_Option_Othe_000tc__Com__Ocom,type,( + the_com: option_com > com )). + +thf(sy_c_Orderings_Obot__class_Obot_000_062_I_062_Itc__Com__Opname_M_Eo_J_M_Eo_J,type,( + bot_bot_pname_o_o: ( pname > $o ) > $o )). + +thf(sy_c_Orderings_Obot__class_Obot_000_062_I_062_Itc__Hoare____Mirabelle____srushsu,type,( + bot_bo691907561te_o_o: ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Orderings_Obot__class_Obot_000_062_Itc__Com__Ocom_M_Eo_J,type,( + bot_bot_com_o: com > $o )). + +thf(sy_c_Orderings_Obot__class_Obot_000_062_Itc__Com__Opname_M_Eo_J,type,( + bot_bot_pname_o: pname > $o )). + +thf(sy_c_Orderings_Obot__class_Obot_000_062_Itc__Hoare____Mirabelle____srushsumbx__O,type,( + bot_bo70021908tate_o: hoare_1167836817_state > $o )). + +thf(sy_c_Orderings_Obot__class_Obot_000_Eo,type,( + bot_bot_o: $o )). + +thf(sy_c_Orderings_Oord__class_Oless__eq_000_062_I_062_Itc__Com__Opname_M_Eo_J_M_Eo_,type,( + ord_le1205211808me_o_o: ( ( pname > $o ) > $o ) > ( ( pname > $o ) > $o ) > $o )). + +thf(sy_c_Orderings_Oord__class_Oless__eq_000_062_I_062_Itc__Hoare____Mirabelle____sr,type,( + ord_le741939125te_o_o: ( ( hoare_1167836817_state > $o ) > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > $o )). + +thf(sy_c_Orderings_Oord__class_Oless__eq_000_062_Itc__Com__Opname_M_Eo_J,type,( + ord_less_eq_pname_o: ( pname > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Orderings_Oord__class_Oless__eq_000_062_Itc__Hoare____Mirabelle____srushsum,type,( + ord_le827224136tate_o: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Orderings_Oord__class_Oless__eq_000_Eo,type,( + ord_less_eq_o: $o > $o > $o )). + +thf(sy_c_Set_OCollect_000_062_I_062_Itc__Com__Opname_M_Eo_J_M_Eo_J,type,( + collect_pname_o_o: ( ( ( pname > $o ) > $o ) > $o ) > ( ( pname > $o ) > $o ) > $o )). + +thf(sy_c_Set_OCollect_000_062_I_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_I,type,( + collec1218656682te_o_o: ( ( ( hoare_1167836817_state > $o ) > $o ) > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > $o )). + +thf(sy_c_Set_OCollect_000_062_Itc__Com__Opname_M_Eo_J,type,( + collect_pname_o: ( ( pname > $o ) > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Set_OCollect_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Co,type,( + collec269976083tate_o: ( ( hoare_1167836817_state > $o ) > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Set_OCollect_000tc__Com__Opname,type,( + collect_pname: ( pname > $o ) > pname > $o )). + +thf(sy_c_Set_OCollect_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ost,type,( + collec1027672124_state: ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Set_Oimage_000_062_Itc__Com__Opname_M_Eo_J_000_062_Itc__Com__Opname_M_Eo_J,type,( + image_1085733413name_o: ( ( pname > $o ) > pname > $o ) > ( ( pname > $o ) > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Set_Oimage_000_062_Itc__Com__Opname_M_Eo_J_000tc__Com__Opname,type,( + image_pname_o_pname: ( ( pname > $o ) > pname ) > ( ( pname > $o ) > $o ) > pname > $o )). + +thf(sy_c_Set_Oimage_000_062_Itc__Com__Opname_M_Eo_J_000tc__Hoare____Mirabelle____sru,type,( + image_1381916541_state: ( ( pname > $o ) > hoare_1167836817_state ) > ( ( pname > $o ) > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Set_Oimage_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com_,type,( + image_1488525317tate_o: ( ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Set_Oimage_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__001,type,( + image_980295115_pname: ( ( hoare_1167836817_state > $o ) > pname ) > ( ( hoare_1167836817_state > $o ) > $o ) > pname > $o )). + +thf(sy_c_Set_Oimage_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__002,type,( + image_635813834_state: ( ( hoare_1167836817_state > $o ) > hoare_1167836817_state ) > ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Set_Oimage_000tc__Com__Opname_000_062_Itc__Com__Opname_M_Eo_J,type,( + image_pname_pname_o: ( pname > pname > $o ) > ( pname > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Set_Oimage_000tc__Com__Opname_000_062_Itc__Hoare____Mirabelle____srushsumbx,type,( + image_475339327tate_o: ( pname > hoare_1167836817_state > $o ) > ( pname > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Set_Oimage_000tc__Com__Opname_000tc__Com__Opname,type,( + image_pname_pname: ( pname > pname ) > ( pname > $o ) > pname > $o )). + +thf(sy_c_Set_Oimage_000tc__Com__Opname_000tc__Hoare____Mirabelle____srushsumbx__Otri,type,( + image_575578384_state: ( pname > hoare_1167836817_state ) > ( pname > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Set_Oimage_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostat,type,( + image_2066861949name_o: ( hoare_1167836817_state > pname > $o ) > ( hoare_1167836817_state > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Set_Oimage_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostat_003,type,( + image_1745649338tate_o: ( hoare_1167836817_state > hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Set_Oimage_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostat_004,type,( + image_8178176_pname: ( hoare_1167836817_state > pname ) > ( hoare_1167836817_state > $o ) > pname > $o )). + +thf(sy_c_Set_Oimage_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostat_005,type,( + image_31595733_state: ( hoare_1167836817_state > hoare_1167836817_state ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Set_Oinsert_000_062_Itc__Com__Opname_M_Eo_J,type,( + insert_pname_o: ( pname > $o ) > ( ( pname > $o ) > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_Set_Oinsert_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com,type,( + insert999278200tate_o: ( hoare_1167836817_state > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_Set_Oinsert_000tc__Com__Ocom,type,( + insert_com: com > ( com > $o ) > com > $o )). + +thf(sy_c_Set_Oinsert_000tc__Com__Opname,type,( + insert_pname: pname > ( pname > $o ) > pname > $o )). + +thf(sy_c_Set_Oinsert_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Osta,type,( + insert2134838167_state: hoare_1167836817_state > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o )). + +thf(sy_c_Set_Othe__elem_000tc__Com__Opname,type,( + the_elem_pname: ( pname > $o ) > pname )). + +thf(sy_c_Set_Othe__elem_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__O,type,( + the_el323660082_state: ( hoare_1167836817_state > $o ) > hoare_1167836817_state )). + +thf(sy_c_fequal_000_062_Itc__Com__Opname_M_Eo_J,type,( + fequal_pname_o: ( pname > $o ) > ( pname > $o ) > $o )). + +thf(sy_c_fequal_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ost,type,( + fequal1486222077tate_o: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_c_fequal_000tc__Com__Opname,type,( + fequal_pname: pname > pname > $o )). + +thf(sy_c_fequal_000tc__Com__Ostate,type,( + fequal_state: state > state > $o )). + +thf(sy_c_fequal_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate_J,type,( + fequal1831255762_state: hoare_1167836817_state > hoare_1167836817_state > $o )). + +thf(sy_c_member_000_062_Itc__Com__Opname_M_Eo_J,type,( + member_pname_o: ( pname > $o ) > ( ( pname > $o ) > $o ) > $o )). + +thf(sy_c_member_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ost,type,( + member864234961tate_o: ( hoare_1167836817_state > $o ) > ( ( hoare_1167836817_state > $o ) > $o ) > $o )). + +thf(sy_c_member_000tc__Com__Ocom,type,( + member_com: com > ( com > $o ) > $o )). + +thf(sy_c_member_000tc__Com__Opname,type,( + member_pname: pname > ( pname > $o ) > $o )). + +thf(sy_c_member_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate_J,type,( + member2058392318_state: hoare_1167836817_state > ( hoare_1167836817_state > $o ) > $o )). + +thf(sy_v_Fa,type,( + fa: hoare_1167836817_state > $o )). + +thf(sy_v_pn,type,( + pn: pname )). + +thf(sy_v_y,type,( + y: com )). + +%----Relevant facts (699) +thf(fact_0_empty,axiom,( + ! [G_3: hoare_1167836817_state > $o] : + ( hoare_123228589_state @ G_3 @ bot_bo70021908tate_o ) )). + +thf(fact_1_asm,axiom,( + ! [Ts_7: hoare_1167836817_state > $o,G_35: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Ts_7 @ G_35 ) + => ( hoare_123228589_state @ G_35 @ Ts_7 ) ) )). + +thf(fact_2_weaken,axiom,( + ! [Ts_6: hoare_1167836817_state > $o,G_34: hoare_1167836817_state > $o,Ts_5: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ G_34 @ Ts_5 ) + => ( ( ord_le827224136tate_o @ Ts_6 @ Ts_5 ) + => ( hoare_123228589_state @ G_34 @ Ts_6 ) ) ) )). + +thf(fact_3_thin,axiom,( + ! [G_33: hoare_1167836817_state > $o,G_32: hoare_1167836817_state > $o,Ts_4: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ G_32 @ Ts_4 ) + => ( ( ord_le827224136tate_o @ G_32 @ G_33 ) + => ( hoare_123228589_state @ G_33 @ Ts_4 ) ) ) )). + +thf(fact_4_cut,axiom,( + ! [G_31: hoare_1167836817_state > $o,G_30: hoare_1167836817_state > $o,Ts_3: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ G_30 @ Ts_3 ) + => ( ( hoare_123228589_state @ G_31 @ G_30 ) + => ( hoare_123228589_state @ G_31 @ Ts_3 ) ) ) )). + +thf(fact_5_hoare__derivs_Oinsert,axiom,( + ! [Ts_2: hoare_1167836817_state > $o,G_29: hoare_1167836817_state > $o,T_3: hoare_1167836817_state] : + ( ( hoare_123228589_state @ G_29 @ ( insert2134838167_state @ T_3 @ bot_bo70021908tate_o ) ) + => ( ( hoare_123228589_state @ G_29 @ Ts_2 ) + => ( hoare_123228589_state @ G_29 @ ( insert2134838167_state @ T_3 @ Ts_2 ) ) ) ) )). + +thf(fact_6_derivs__insertD,axiom,( + ! [G_28: hoare_1167836817_state > $o,T_2: hoare_1167836817_state,Ts_1: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ G_28 @ ( insert2134838167_state @ T_2 @ Ts_1 ) ) + => ( ( hoare_123228589_state @ G_28 @ ( insert2134838167_state @ T_2 @ bot_bo70021908tate_o ) ) + & ( hoare_123228589_state @ G_28 @ Ts_1 ) ) ) )). + +thf(fact_7_MGT__BodyN,axiom,( + ! [Pn_1: pname,G_3: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ ( body_1 @ Pn_1 ) ) @ G_3 ) @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ ( the_com @ ( body @ Pn_1 ) ) ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_3 @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ ( body_1 @ Pn_1 ) ) @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_8_finite__Collect__subsets,axiom,( + ! [A_201: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ A_201 ) + => ( finite1066544169me_o_o + @ ( collect_pname_o_o + @ ^ [B_43: ( pname > $o ) > $o] : + ( ord_le1205211808me_o_o @ B_43 @ A_201 ) ) ) ) )). + +thf(fact_9_finite__Collect__subsets,axiom,( + ! [A_201: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ A_201 ) + => ( finite33115244te_o_o + @ ( collec1218656682te_o_o + @ ^ [B_43: ( hoare_1167836817_state > $o ) > $o] : + ( ord_le741939125te_o_o @ B_43 @ A_201 ) ) ) ) )). + +thf(fact_10_finite__Collect__subsets,axiom,( + ! [A_201: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_201 ) + => ( finite1380128977tate_o + @ ( collec269976083tate_o + @ ^ [B_43: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ B_43 @ A_201 ) ) ) ) )). + +thf(fact_11_finite__Collect__subsets,axiom,( + ! [A_201: pname > $o] : + ( ( finite_finite_pname @ A_201 ) + => ( finite297249702name_o + @ ( collect_pname_o + @ ^ [B_43: pname > $o] : + ( ord_less_eq_pname_o @ B_43 @ A_201 ) ) ) ) )). + +thf(fact_12_finite__imageI,axiom,( + ! [H_1: hoare_1167836817_state > pname > $o,F_61: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_61 ) + => ( finite297249702name_o @ ( image_2066861949name_o @ H_1 @ F_61 ) ) ) )). + +thf(fact_13_finite__imageI,axiom,( + ! [H_1: hoare_1167836817_state > hoare_1167836817_state > $o,F_61: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_61 ) + => ( finite1380128977tate_o @ ( image_1745649338tate_o @ H_1 @ F_61 ) ) ) )). + +thf(fact_14_finite__imageI,axiom,( + ! [H_1: pname > pname > $o,F_61: pname > $o] : + ( ( finite_finite_pname @ F_61 ) + => ( finite297249702name_o @ ( image_pname_pname_o @ H_1 @ F_61 ) ) ) )). + +thf(fact_15_finite__imageI,axiom,( + ! [H_1: pname > hoare_1167836817_state > $o,F_61: pname > $o] : + ( ( finite_finite_pname @ F_61 ) + => ( finite1380128977tate_o @ ( image_475339327tate_o @ H_1 @ F_61 ) ) ) )). + +thf(fact_16_finite__imageI,axiom,( + ! [H_1: ( pname > $o ) > hoare_1167836817_state,F_61: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_61 ) + => ( finite1084549118_state @ ( image_1381916541_state @ H_1 @ F_61 ) ) ) )). + +thf(fact_17_finite__imageI,axiom,( + ! [H_1: ( hoare_1167836817_state > $o ) > hoare_1167836817_state,F_61: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_61 ) + => ( finite1084549118_state @ ( image_635813834_state @ H_1 @ F_61 ) ) ) )). + +thf(fact_18_finite__imageI,axiom,( + ! [H_1: ( pname > $o ) > pname,F_61: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_61 ) + => ( finite_finite_pname @ ( image_pname_o_pname @ H_1 @ F_61 ) ) ) )). + +thf(fact_19_finite__imageI,axiom,( + ! [H_1: ( hoare_1167836817_state > $o ) > pname,F_61: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_61 ) + => ( finite_finite_pname @ ( image_980295115_pname @ H_1 @ F_61 ) ) ) )). + +thf(fact_20_finite__imageI,axiom,( + ! [H_1: pname > hoare_1167836817_state,F_61: pname > $o] : + ( ( finite_finite_pname @ F_61 ) + => ( finite1084549118_state @ ( image_575578384_state @ H_1 @ F_61 ) ) ) )). + +thf(fact_21_empty__subsetI,axiom,( + ! [A_200: pname > $o] : + ( ord_less_eq_pname_o @ bot_bot_pname_o @ A_200 ) )). + +thf(fact_22_empty__subsetI,axiom,( + ! [A_200: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ bot_bo70021908tate_o @ A_200 ) )). + +thf(fact_23_finite_OinsertI,axiom,( + ! [A_199: pname > $o,A_198: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ A_198 ) + => ( finite297249702name_o @ ( insert_pname_o @ A_199 @ A_198 ) ) ) )). + +thf(fact_24_finite_OinsertI,axiom,( + ! [A_199: hoare_1167836817_state > $o,A_198: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ A_198 ) + => ( finite1380128977tate_o @ ( insert999278200tate_o @ A_199 @ A_198 ) ) ) )). + +thf(fact_25_finite_OinsertI,axiom,( + ! [A_199: pname,A_198: pname > $o] : + ( ( finite_finite_pname @ A_198 ) + => ( finite_finite_pname @ ( insert_pname @ A_199 @ A_198 ) ) ) )). + +thf(fact_26_finite_OinsertI,axiom,( + ! [A_199: hoare_1167836817_state,A_198: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_198 ) + => ( finite1084549118_state @ ( insert2134838167_state @ A_199 @ A_198 ) ) ) )). + +thf(fact_27_finite_OemptyI,axiom, + ( finite297249702name_o @ bot_bot_pname_o_o )). + +thf(fact_28_finite_OemptyI,axiom, + ( finite1380128977tate_o @ bot_bo691907561te_o_o )). + +thf(fact_29_finite_OemptyI,axiom, + ( finite1084549118_state @ bot_bo70021908tate_o )). + +thf(fact_30_finite_OemptyI,axiom, + ( finite_finite_pname @ bot_bot_pname_o )). + +thf(fact_31_finite__Collect__conjI,axiom,( + ! [Q_24: ( pname > $o ) > $o,P_42: ( pname > $o ) > $o] : + ( ( ( finite297249702name_o @ ( collect_pname_o @ P_42 ) ) + | ( finite297249702name_o @ ( collect_pname_o @ Q_24 ) ) ) + => ( finite297249702name_o + @ ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( P_42 @ X_5 ) @ ( Q_24 @ X_5 ) ) ) ) ) )). + +thf(fact_32_finite__Collect__conjI,axiom,( + ! [Q_24: ( hoare_1167836817_state > $o ) > $o,P_42: ( hoare_1167836817_state > $o ) > $o] : + ( ( ( finite1380128977tate_o @ ( collec269976083tate_o @ P_42 ) ) + | ( finite1380128977tate_o @ ( collec269976083tate_o @ Q_24 ) ) ) + => ( finite1380128977tate_o + @ ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( P_42 @ X_5 ) @ ( Q_24 @ X_5 ) ) ) ) ) )). + +thf(fact_33_finite__Collect__conjI,axiom,( + ! [Q_24: hoare_1167836817_state > $o,P_42: hoare_1167836817_state > $o] : + ( ( ( finite1084549118_state @ ( collec1027672124_state @ P_42 ) ) + | ( finite1084549118_state @ ( collec1027672124_state @ Q_24 ) ) ) + => ( finite1084549118_state + @ ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( P_42 @ X_5 ) @ ( Q_24 @ X_5 ) ) ) ) ) )). + +thf(fact_34_finite__Collect__conjI,axiom,( + ! [Q_24: pname > $o,P_42: pname > $o] : + ( ( ( finite_finite_pname @ ( collect_pname @ P_42 ) ) + | ( finite_finite_pname @ ( collect_pname @ Q_24 ) ) ) + => ( finite_finite_pname + @ ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( P_42 @ X_5 ) @ ( Q_24 @ X_5 ) ) ) ) ) )). + +thf(fact_35_image__constant__conv,axiom,( + ! [C_54: pname,A_197: hoare_1167836817_state > $o] : + ( ( ( A_197 = bot_bo70021908tate_o ) + => ( ( image_8178176_pname + @ ^ [X_5: hoare_1167836817_state] : C_54 + @ A_197 ) + = bot_bot_pname_o ) ) + & ( ( A_197 != bot_bo70021908tate_o ) + => ( ( image_8178176_pname + @ ^ [X_5: hoare_1167836817_state] : C_54 + @ A_197 ) + = ( insert_pname @ C_54 @ bot_bot_pname_o ) ) ) ) )). + +thf(fact_36_image__constant__conv,axiom,( + ! [C_54: hoare_1167836817_state,A_197: pname > $o] : + ( ( ( A_197 = bot_bot_pname_o ) + => ( ( image_575578384_state + @ ^ [X_5: pname] : C_54 + @ A_197 ) + = bot_bo70021908tate_o ) ) + & ( ( A_197 != bot_bot_pname_o ) + => ( ( image_575578384_state + @ ^ [X_5: pname] : C_54 + @ A_197 ) + = ( insert2134838167_state @ C_54 @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_37_image__constant,axiom,( + ! [C_53: pname,X_101: hoare_1167836817_state,A_196: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_101 @ A_196 ) + => ( ( image_8178176_pname + @ ^ [X_5: hoare_1167836817_state] : C_53 + @ A_196 ) + = ( insert_pname @ C_53 @ bot_bot_pname_o ) ) ) )). + +thf(fact_38_image__constant,axiom,( + ! [C_53: hoare_1167836817_state,X_101: pname,A_196: pname > $o] : + ( ( member_pname @ X_101 @ A_196 ) + => ( ( image_575578384_state + @ ^ [X_5: pname] : C_53 + @ A_196 ) + = ( insert2134838167_state @ C_53 @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_39_insert__dom,axiom,( + ! [F_60: pname > option_com,X_100: pname,Y_49: com] : + ( ( ( F_60 @ X_100 ) + = ( some_com @ Y_49 ) ) + => ( ( insert_pname @ X_100 @ ( dom_pname_com @ F_60 ) ) + = ( dom_pname_com @ F_60 ) ) ) )). + +thf(fact_40_finite__surj,axiom,( + ! [B_130: ( pname > $o ) > $o,F_59: hoare_1167836817_state > pname > $o,A_195: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_195 ) + => ( ( ord_le1205211808me_o_o @ B_130 @ ( image_2066861949name_o @ F_59 @ A_195 ) ) + => ( finite297249702name_o @ B_130 ) ) ) )). + +thf(fact_41_finite__surj,axiom,( + ! [B_130: ( hoare_1167836817_state > $o ) > $o,F_59: hoare_1167836817_state > hoare_1167836817_state > $o,A_195: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_195 ) + => ( ( ord_le741939125te_o_o @ B_130 @ ( image_1745649338tate_o @ F_59 @ A_195 ) ) + => ( finite1380128977tate_o @ B_130 ) ) ) )). + +thf(fact_42_finite__surj,axiom,( + ! [B_130: pname > $o,F_59: hoare_1167836817_state > pname,A_195: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_195 ) + => ( ( ord_less_eq_pname_o @ B_130 @ ( image_8178176_pname @ F_59 @ A_195 ) ) + => ( finite_finite_pname @ B_130 ) ) ) )). + +thf(fact_43_finite__surj,axiom,( + ! [B_130: ( pname > $o ) > $o,F_59: pname > pname > $o,A_195: pname > $o] : + ( ( finite_finite_pname @ A_195 ) + => ( ( ord_le1205211808me_o_o @ B_130 @ ( image_pname_pname_o @ F_59 @ A_195 ) ) + => ( finite297249702name_o @ B_130 ) ) ) )). + +thf(fact_44_finite__surj,axiom,( + ! [B_130: ( hoare_1167836817_state > $o ) > $o,F_59: pname > hoare_1167836817_state > $o,A_195: pname > $o] : + ( ( finite_finite_pname @ A_195 ) + => ( ( ord_le741939125te_o_o @ B_130 @ ( image_475339327tate_o @ F_59 @ A_195 ) ) + => ( finite1380128977tate_o @ B_130 ) ) ) )). + +thf(fact_45_finite__surj,axiom,( + ! [B_130: pname > $o,F_59: pname > pname,A_195: pname > $o] : + ( ( finite_finite_pname @ A_195 ) + => ( ( ord_less_eq_pname_o @ B_130 @ ( image_pname_pname @ F_59 @ A_195 ) ) + => ( finite_finite_pname @ B_130 ) ) ) )). + +thf(fact_46_finite__surj,axiom,( + ! [B_130: hoare_1167836817_state > $o,F_59: ( pname > $o ) > hoare_1167836817_state,A_195: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ A_195 ) + => ( ( ord_le827224136tate_o @ B_130 @ ( image_1381916541_state @ F_59 @ A_195 ) ) + => ( finite1084549118_state @ B_130 ) ) ) )). + +thf(fact_47_finite__surj,axiom,( + ! [B_130: hoare_1167836817_state > $o,F_59: ( hoare_1167836817_state > $o ) > hoare_1167836817_state,A_195: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ A_195 ) + => ( ( ord_le827224136tate_o @ B_130 @ ( image_635813834_state @ F_59 @ A_195 ) ) + => ( finite1084549118_state @ B_130 ) ) ) )). + +thf(fact_48_finite__surj,axiom,( + ! [B_130: pname > $o,F_59: ( pname > $o ) > pname,A_195: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ A_195 ) + => ( ( ord_less_eq_pname_o @ B_130 @ ( image_pname_o_pname @ F_59 @ A_195 ) ) + => ( finite_finite_pname @ B_130 ) ) ) )). + +thf(fact_49_finite__surj,axiom,( + ! [B_130: pname > $o,F_59: ( hoare_1167836817_state > $o ) > pname,A_195: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ A_195 ) + => ( ( ord_less_eq_pname_o @ B_130 @ ( image_980295115_pname @ F_59 @ A_195 ) ) + => ( finite_finite_pname @ B_130 ) ) ) )). + +thf(fact_50_finite__surj,axiom,( + ! [B_130: hoare_1167836817_state > $o,F_59: pname > hoare_1167836817_state,A_195: pname > $o] : + ( ( finite_finite_pname @ A_195 ) + => ( ( ord_le827224136tate_o @ B_130 @ ( image_575578384_state @ F_59 @ A_195 ) ) + => ( finite1084549118_state @ B_130 ) ) ) )). + +thf(fact_51_subset__singletonD,axiom,( + ! [A_194: pname > $o,X_99: pname] : + ( ( ord_less_eq_pname_o @ A_194 @ ( insert_pname @ X_99 @ bot_bot_pname_o ) ) + => ( ( A_194 = bot_bot_pname_o ) + | ( A_194 + = ( insert_pname @ X_99 @ bot_bot_pname_o ) ) ) ) )). + +thf(fact_52_subset__singletonD,axiom,( + ! [A_194: hoare_1167836817_state > $o,X_99: hoare_1167836817_state] : + ( ( ord_le827224136tate_o @ A_194 @ ( insert2134838167_state @ X_99 @ bot_bo70021908tate_o ) ) + => ( ( A_194 = bot_bo70021908tate_o ) + | ( A_194 + = ( insert2134838167_state @ X_99 @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_53_MGF,axiom,( + ! [C_21: com] : + ( hoare_1201148605gleton + => ( wT_bodies + => ( ( wt @ C_21 ) + => ( hoare_123228589_state @ bot_bo70021908tate_o @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ C_21 ) @ bot_bo70021908tate_o ) ) ) ) ) )). + +thf(fact_54_emptyE,axiom,( + ! [A_193: pname] : + ~ ( member_pname @ A_193 @ bot_bot_pname_o ) )). + +thf(fact_55_emptyE,axiom,( + ! [A_193: hoare_1167836817_state] : + ~ ( member2058392318_state @ A_193 @ bot_bo70021908tate_o ) )). + +thf(fact_56_insertCI,axiom,( + ! [B_129: pname,A_192: pname,B_128: pname > $o] : + ( ( ~ ( member_pname @ A_192 @ B_128 ) + => ( A_192 = B_129 ) ) + => ( member_pname @ A_192 @ ( insert_pname @ B_129 @ B_128 ) ) ) )). + +thf(fact_57_insertCI,axiom,( + ! [B_129: hoare_1167836817_state,A_192: hoare_1167836817_state,B_128: hoare_1167836817_state > $o] : + ( ( ~ ( member2058392318_state @ A_192 @ B_128 ) + => ( A_192 = B_129 ) ) + => ( member2058392318_state @ A_192 @ ( insert2134838167_state @ B_129 @ B_128 ) ) ) )). + +thf(fact_58_insertE,axiom,( + ! [A_191: pname,B_127: pname,A_190: pname > $o] : + ( ( member_pname @ A_191 @ ( insert_pname @ B_127 @ A_190 ) ) + => ( ( A_191 != B_127 ) + => ( member_pname @ A_191 @ A_190 ) ) ) )). + +thf(fact_59_insertE,axiom,( + ! [A_191: hoare_1167836817_state,B_127: hoare_1167836817_state,A_190: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_191 @ ( insert2134838167_state @ B_127 @ A_190 ) ) + => ( ( A_191 != B_127 ) + => ( member2058392318_state @ A_191 @ A_190 ) ) ) )). + +thf(fact_60_equalityI,axiom,( + ! [A_189: pname > $o,B_126: pname > $o] : + ( ( ord_less_eq_pname_o @ A_189 @ B_126 ) + => ( ( ord_less_eq_pname_o @ B_126 @ A_189 ) + => ( A_189 = B_126 ) ) ) )). + +thf(fact_61_equalityI,axiom,( + ! [A_189: hoare_1167836817_state > $o,B_126: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_189 @ B_126 ) + => ( ( ord_le827224136tate_o @ B_126 @ A_189 ) + => ( A_189 = B_126 ) ) ) )). + +thf(fact_62_subsetD,axiom,( + ! [C_52: pname,A_188: pname > $o,B_125: pname > $o] : + ( ( ord_less_eq_pname_o @ A_188 @ B_125 ) + => ( ( member_pname @ C_52 @ A_188 ) + => ( member_pname @ C_52 @ B_125 ) ) ) )). + +thf(fact_63_subsetD,axiom,( + ! [C_52: hoare_1167836817_state,A_188: hoare_1167836817_state > $o,B_125: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_188 @ B_125 ) + => ( ( member2058392318_state @ C_52 @ A_188 ) + => ( member2058392318_state @ C_52 @ B_125 ) ) ) )). + +thf(fact_64_image__eqI,axiom,( + ! [A_187: hoare_1167836817_state > $o,B_124: pname,F_58: hoare_1167836817_state > pname,X_98: hoare_1167836817_state] : + ( ( B_124 + = ( F_58 @ X_98 ) ) + => ( ( member2058392318_state @ X_98 @ A_187 ) + => ( member_pname @ B_124 @ ( image_8178176_pname @ F_58 @ A_187 ) ) ) ) )). + +thf(fact_65_image__eqI,axiom,( + ! [A_187: pname > $o,B_124: hoare_1167836817_state,F_58: pname > hoare_1167836817_state,X_98: pname] : + ( ( B_124 + = ( F_58 @ X_98 ) ) + => ( ( member_pname @ X_98 @ A_187 ) + => ( member2058392318_state @ B_124 @ ( image_575578384_state @ F_58 @ A_187 ) ) ) ) )). + +thf(fact_66_equals0D,axiom,( + ! [A_186: pname,A_185: pname > $o] : + ( ( A_185 = bot_bot_pname_o ) + => ~ ( member_pname @ A_186 @ A_185 ) ) )). + +thf(fact_67_equals0D,axiom,( + ! [A_186: hoare_1167836817_state,A_185: hoare_1167836817_state > $o] : + ( ( A_185 = bot_bo70021908tate_o ) + => ~ ( member2058392318_state @ A_186 @ A_185 ) ) )). + +thf(fact_68_Collect__empty__eq,axiom,( + ! [P_41: pname > $o] : + ( ( ( collect_pname @ P_41 ) + = bot_bot_pname_o ) + <=> ! [X_5: pname] : + ~ ( P_41 @ X_5 ) ) )). + +thf(fact_69_Collect__empty__eq,axiom,( + ! [P_41: ( pname > $o ) > $o] : + ( ( ( collect_pname_o @ P_41 ) + = bot_bot_pname_o_o ) + <=> ! [X_5: pname > $o] : + ~ ( P_41 @ X_5 ) ) )). + +thf(fact_70_Collect__empty__eq,axiom,( + ! [P_41: ( hoare_1167836817_state > $o ) > $o] : + ( ( ( collec269976083tate_o @ P_41 ) + = bot_bo691907561te_o_o ) + <=> ! [X_5: hoare_1167836817_state > $o] : + ~ ( P_41 @ X_5 ) ) )). + +thf(fact_71_Collect__empty__eq,axiom,( + ! [P_41: hoare_1167836817_state > $o] : + ( ( ( collec1027672124_state @ P_41 ) + = bot_bo70021908tate_o ) + <=> ! [X_5: hoare_1167836817_state] : + ~ ( P_41 @ X_5 ) ) )). + +thf(fact_72_empty__iff,axiom,( + ! [C_51: pname] : + ~ ( member_pname @ C_51 @ bot_bot_pname_o ) )). + +thf(fact_73_empty__iff,axiom,( + ! [C_51: hoare_1167836817_state] : + ~ ( member2058392318_state @ C_51 @ bot_bo70021908tate_o ) )). + +thf(fact_74_empty__Collect__eq,axiom,( + ! [P_40: pname > $o] : + ( ( bot_bot_pname_o + = ( collect_pname @ P_40 ) ) + <=> ! [X_5: pname] : + ~ ( P_40 @ X_5 ) ) )). + +thf(fact_75_empty__Collect__eq,axiom,( + ! [P_40: ( pname > $o ) > $o] : + ( ( bot_bot_pname_o_o + = ( collect_pname_o @ P_40 ) ) + <=> ! [X_5: pname > $o] : + ~ ( P_40 @ X_5 ) ) )). + +thf(fact_76_empty__Collect__eq,axiom,( + ! [P_40: ( hoare_1167836817_state > $o ) > $o] : + ( ( bot_bo691907561te_o_o + = ( collec269976083tate_o @ P_40 ) ) + <=> ! [X_5: hoare_1167836817_state > $o] : + ~ ( P_40 @ X_5 ) ) )). + +thf(fact_77_empty__Collect__eq,axiom,( + ! [P_40: hoare_1167836817_state > $o] : + ( ( bot_bo70021908tate_o + = ( collec1027672124_state @ P_40 ) ) + <=> ! [X_5: hoare_1167836817_state] : + ~ ( P_40 @ X_5 ) ) )). + +thf(fact_78_ex__in__conv,axiom,( + ! [A_184: pname > $o] : + ( ? [X_5: pname] : + ( member_pname @ X_5 @ A_184 ) + <=> ( A_184 != bot_bot_pname_o ) ) )). + +thf(fact_79_ex__in__conv,axiom,( + ! [A_184: hoare_1167836817_state > $o] : + ( ? [X_5: hoare_1167836817_state] : + ( member2058392318_state @ X_5 @ A_184 ) + <=> ( A_184 != bot_bo70021908tate_o ) ) )). + +thf(fact_80_all__not__in__conv,axiom,( + ! [A_183: pname > $o] : + ( ! [X_5: pname] : + ~ ( member_pname @ X_5 @ A_183 ) + <=> ( A_183 = bot_bot_pname_o ) ) )). + +thf(fact_81_all__not__in__conv,axiom,( + ! [A_183: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ~ ( member2058392318_state @ X_5 @ A_183 ) + <=> ( A_183 = bot_bo70021908tate_o ) ) )). + +thf(fact_82_empty__def,axiom, + ( bot_bot_pname_o + = ( collect_pname + @ ^ [X_5: pname] : $false ) )). + +thf(fact_83_empty__def,axiom, + ( bot_bot_pname_o_o + = ( collect_pname_o + @ ^ [X_5: pname > $o] : $false ) )). + +thf(fact_84_empty__def,axiom, + ( bot_bo691907561te_o_o + = ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : $false ) )). + +thf(fact_85_empty__def,axiom, + ( bot_bo70021908tate_o + = ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : $false ) )). + +thf(fact_86_insert__absorb,axiom,( + ! [A_182: pname,A_181: pname > $o] : + ( ( member_pname @ A_182 @ A_181 ) + => ( ( insert_pname @ A_182 @ A_181 ) + = A_181 ) ) )). + +thf(fact_87_insert__absorb,axiom,( + ! [A_182: hoare_1167836817_state,A_181: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_182 @ A_181 ) + => ( ( insert2134838167_state @ A_182 @ A_181 ) + = A_181 ) ) )). + +thf(fact_88_insertI2,axiom,( + ! [B_123: pname,A_180: pname,B_122: pname > $o] : + ( ( member_pname @ A_180 @ B_122 ) + => ( member_pname @ A_180 @ ( insert_pname @ B_123 @ B_122 ) ) ) )). + +thf(fact_89_insertI2,axiom,( + ! [B_123: hoare_1167836817_state,A_180: hoare_1167836817_state,B_122: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_180 @ B_122 ) + => ( member2058392318_state @ A_180 @ ( insert2134838167_state @ B_123 @ B_122 ) ) ) )). + +thf(fact_90_insert__ident,axiom,( + ! [B_121: pname > $o,X_97: pname,A_179: pname > $o] : + ( ~ ( member_pname @ X_97 @ A_179 ) + => ( ~ ( member_pname @ X_97 @ B_121 ) + => ( ( ( insert_pname @ X_97 @ A_179 ) + = ( insert_pname @ X_97 @ B_121 ) ) + <=> ( A_179 = B_121 ) ) ) ) )). + +thf(fact_91_insert__ident,axiom,( + ! [B_121: hoare_1167836817_state > $o,X_97: hoare_1167836817_state,A_179: hoare_1167836817_state > $o] : + ( ~ ( member2058392318_state @ X_97 @ A_179 ) + => ( ~ ( member2058392318_state @ X_97 @ B_121 ) + => ( ( ( insert2134838167_state @ X_97 @ A_179 ) + = ( insert2134838167_state @ X_97 @ B_121 ) ) + <=> ( A_179 = B_121 ) ) ) ) )). + +thf(fact_92_insert__code,axiom,( + ! [Y_48: pname,A_178: pname > $o,X_96: pname] : + ( ( insert_pname @ Y_48 @ A_178 @ X_96 ) + <=> ( ( Y_48 = X_96 ) + | ( A_178 @ X_96 ) ) ) )). + +thf(fact_93_insert__code,axiom,( + ! [Y_48: hoare_1167836817_state,A_178: hoare_1167836817_state > $o,X_96: hoare_1167836817_state] : + ( ( insert2134838167_state @ Y_48 @ A_178 @ X_96 ) + <=> ( ( Y_48 = X_96 ) + | ( A_178 @ X_96 ) ) ) )). + +thf(fact_94_insert__iff,axiom,( + ! [A_177: pname,B_120: pname,A_176: pname > $o] : + ( ( member_pname @ A_177 @ ( insert_pname @ B_120 @ A_176 ) ) + <=> ( ( A_177 = B_120 ) + | ( member_pname @ A_177 @ A_176 ) ) ) )). + +thf(fact_95_insert__iff,axiom,( + ! [A_177: hoare_1167836817_state,B_120: hoare_1167836817_state,A_176: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_177 @ ( insert2134838167_state @ B_120 @ A_176 ) ) + <=> ( ( A_177 = B_120 ) + | ( member2058392318_state @ A_177 @ A_176 ) ) ) )). + +thf(fact_96_insert__commute,axiom,( + ! [X_95: pname,Y_47: pname,A_175: pname > $o] : + ( ( insert_pname @ X_95 @ ( insert_pname @ Y_47 @ A_175 ) ) + = ( insert_pname @ Y_47 @ ( insert_pname @ X_95 @ A_175 ) ) ) )). + +thf(fact_97_insert__commute,axiom,( + ! [X_95: hoare_1167836817_state,Y_47: hoare_1167836817_state,A_175: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ X_95 @ ( insert2134838167_state @ Y_47 @ A_175 ) ) + = ( insert2134838167_state @ Y_47 @ ( insert2134838167_state @ X_95 @ A_175 ) ) ) )). + +thf(fact_98_insert__absorb2,axiom,( + ! [X_94: pname,A_174: pname > $o] : + ( ( insert_pname @ X_94 @ ( insert_pname @ X_94 @ A_174 ) ) + = ( insert_pname @ X_94 @ A_174 ) ) )). + +thf(fact_99_insert__absorb2,axiom,( + ! [X_94: hoare_1167836817_state,A_174: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ X_94 @ ( insert2134838167_state @ X_94 @ A_174 ) ) + = ( insert2134838167_state @ X_94 @ A_174 ) ) )). + +thf(fact_100_insert__Collect,axiom,( + ! [A_173: pname,P_39: pname > $o] : + ( ( insert_pname @ A_173 @ ( collect_pname @ P_39 ) ) + = ( collect_pname + @ ^ [U_2: pname] : + ( (=>) @ ( (~) @ ( U_2 = A_173 ) ) @ ( P_39 @ U_2 ) ) ) ) )). + +thf(fact_101_insert__Collect,axiom,( + ! [A_173: pname > $o,P_39: ( pname > $o ) > $o] : + ( ( insert_pname_o @ A_173 @ ( collect_pname_o @ P_39 ) ) + = ( collect_pname_o + @ ^ [U_2: pname > $o] : + ( (=>) @ ( (~) @ ( U_2 = A_173 ) ) @ ( P_39 @ U_2 ) ) ) ) )). + +thf(fact_102_insert__Collect,axiom,( + ! [A_173: hoare_1167836817_state > $o,P_39: ( hoare_1167836817_state > $o ) > $o] : + ( ( insert999278200tate_o @ A_173 @ ( collec269976083tate_o @ P_39 ) ) + = ( collec269976083tate_o + @ ^ [U_2: hoare_1167836817_state > $o] : + ( (=>) @ ( (~) @ ( U_2 = A_173 ) ) @ ( P_39 @ U_2 ) ) ) ) )). + +thf(fact_103_insert__Collect,axiom,( + ! [A_173: hoare_1167836817_state,P_39: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ A_173 @ ( collec1027672124_state @ P_39 ) ) + = ( collec1027672124_state + @ ^ [U_2: hoare_1167836817_state] : + ( (=>) @ ( (~) @ ( U_2 = A_173 ) ) @ ( P_39 @ U_2 ) ) ) ) )). + +thf(fact_104_insert__compr,axiom,( + ! [A_172: pname,B_119: pname > $o] : + ( ( insert_pname @ A_172 @ B_119 ) + = ( collect_pname + @ ^ [X_5: pname] : + ( (|) @ ( X_5 = A_172 ) @ ( member_pname @ X_5 @ B_119 ) ) ) ) )). + +thf(fact_105_insert__compr,axiom,( + ! [A_172: pname > $o,B_119: ( pname > $o ) > $o] : + ( ( insert_pname_o @ A_172 @ B_119 ) + = ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (|) @ ( X_5 = A_172 ) @ ( member_pname_o @ X_5 @ B_119 ) ) ) ) )). + +thf(fact_106_insert__compr,axiom,( + ! [A_172: hoare_1167836817_state > $o,B_119: ( hoare_1167836817_state > $o ) > $o] : + ( ( insert999278200tate_o @ A_172 @ B_119 ) + = ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (|) @ ( X_5 = A_172 ) @ ( member864234961tate_o @ X_5 @ B_119 ) ) ) ) )). + +thf(fact_107_insert__compr,axiom,( + ! [A_172: hoare_1167836817_state,B_119: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ A_172 @ B_119 ) + = ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (|) @ ( X_5 = A_172 ) @ ( member2058392318_state @ X_5 @ B_119 ) ) ) ) )). + +thf(fact_108_insertI1,axiom,( + ! [A_171: pname,B_118: pname > $o] : + ( member_pname @ A_171 @ ( insert_pname @ A_171 @ B_118 ) ) )). + +thf(fact_109_insertI1,axiom,( + ! [A_171: hoare_1167836817_state,B_118: hoare_1167836817_state > $o] : + ( member2058392318_state @ A_171 @ ( insert2134838167_state @ A_171 @ B_118 ) ) )). + +thf(fact_110_equalityE,axiom,( + ! [A_170: pname > $o,B_117: pname > $o] : + ( ( A_170 = B_117 ) + => ~ ( ( ord_less_eq_pname_o @ A_170 @ B_117 ) + => ~ ( ord_less_eq_pname_o @ B_117 @ A_170 ) ) ) )). + +thf(fact_111_equalityE,axiom,( + ! [A_170: hoare_1167836817_state > $o,B_117: hoare_1167836817_state > $o] : + ( ( A_170 = B_117 ) + => ~ ( ( ord_le827224136tate_o @ A_170 @ B_117 ) + => ~ ( ord_le827224136tate_o @ B_117 @ A_170 ) ) ) )). + +thf(fact_112_subset__trans,axiom,( + ! [C_50: pname > $o,A_169: pname > $o,B_116: pname > $o] : + ( ( ord_less_eq_pname_o @ A_169 @ B_116 ) + => ( ( ord_less_eq_pname_o @ B_116 @ C_50 ) + => ( ord_less_eq_pname_o @ A_169 @ C_50 ) ) ) )). + +thf(fact_113_subset__trans,axiom,( + ! [C_50: hoare_1167836817_state > $o,A_169: hoare_1167836817_state > $o,B_116: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_169 @ B_116 ) + => ( ( ord_le827224136tate_o @ B_116 @ C_50 ) + => ( ord_le827224136tate_o @ A_169 @ C_50 ) ) ) )). + +thf(fact_114_set__mp,axiom,( + ! [X_93: pname,A_168: pname > $o,B_115: pname > $o] : + ( ( ord_less_eq_pname_o @ A_168 @ B_115 ) + => ( ( member_pname @ X_93 @ A_168 ) + => ( member_pname @ X_93 @ B_115 ) ) ) )). + +thf(fact_115_set__mp,axiom,( + ! [X_93: hoare_1167836817_state,A_168: hoare_1167836817_state > $o,B_115: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_168 @ B_115 ) + => ( ( member2058392318_state @ X_93 @ A_168 ) + => ( member2058392318_state @ X_93 @ B_115 ) ) ) )). + +thf(fact_116_set__rev__mp,axiom,( + ! [B_114: pname > $o,X_92: pname,A_167: pname > $o] : + ( ( member_pname @ X_92 @ A_167 ) + => ( ( ord_less_eq_pname_o @ A_167 @ B_114 ) + => ( member_pname @ X_92 @ B_114 ) ) ) )). + +thf(fact_117_set__rev__mp,axiom,( + ! [B_114: hoare_1167836817_state > $o,X_92: hoare_1167836817_state,A_167: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_92 @ A_167 ) + => ( ( ord_le827224136tate_o @ A_167 @ B_114 ) + => ( member2058392318_state @ X_92 @ B_114 ) ) ) )). + +thf(fact_118_in__mono,axiom,( + ! [X_91: pname,A_166: pname > $o,B_113: pname > $o] : + ( ( ord_less_eq_pname_o @ A_166 @ B_113 ) + => ( ( member_pname @ X_91 @ A_166 ) + => ( member_pname @ X_91 @ B_113 ) ) ) )). + +thf(fact_119_in__mono,axiom,( + ! [X_91: hoare_1167836817_state,A_166: hoare_1167836817_state > $o,B_113: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_166 @ B_113 ) + => ( ( member2058392318_state @ X_91 @ A_166 ) + => ( member2058392318_state @ X_91 @ B_113 ) ) ) )). + +thf(fact_120_equalityD2,axiom,( + ! [A_165: pname > $o,B_112: pname > $o] : + ( ( A_165 = B_112 ) + => ( ord_less_eq_pname_o @ B_112 @ A_165 ) ) )). + +thf(fact_121_equalityD2,axiom,( + ! [A_165: hoare_1167836817_state > $o,B_112: hoare_1167836817_state > $o] : + ( ( A_165 = B_112 ) + => ( ord_le827224136tate_o @ B_112 @ A_165 ) ) )). + +thf(fact_122_equalityD1,axiom,( + ! [A_164: pname > $o,B_111: pname > $o] : + ( ( A_164 = B_111 ) + => ( ord_less_eq_pname_o @ A_164 @ B_111 ) ) )). + +thf(fact_123_equalityD1,axiom,( + ! [A_164: hoare_1167836817_state > $o,B_111: hoare_1167836817_state > $o] : + ( ( A_164 = B_111 ) + => ( ord_le827224136tate_o @ A_164 @ B_111 ) ) )). + +thf(fact_124_set__eq__subset,axiom,( + ! [A_163: pname > $o,B_110: pname > $o] : + ( ( A_163 = B_110 ) + <=> ( ( ord_less_eq_pname_o @ A_163 @ B_110 ) + & ( ord_less_eq_pname_o @ B_110 @ A_163 ) ) ) )). + +thf(fact_125_set__eq__subset,axiom,( + ! [A_163: hoare_1167836817_state > $o,B_110: hoare_1167836817_state > $o] : + ( ( A_163 = B_110 ) + <=> ( ( ord_le827224136tate_o @ A_163 @ B_110 ) + & ( ord_le827224136tate_o @ B_110 @ A_163 ) ) ) )). + +thf(fact_126_subset__refl,axiom,( + ! [A_162: pname > $o] : + ( ord_less_eq_pname_o @ A_162 @ A_162 ) )). + +thf(fact_127_subset__refl,axiom,( + ! [A_162: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ A_162 @ A_162 ) )). + +thf(fact_128_rev__image__eqI,axiom,( + ! [B_109: pname,F_57: hoare_1167836817_state > pname,X_90: hoare_1167836817_state,A_161: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_90 @ A_161 ) + => ( ( B_109 + = ( F_57 @ X_90 ) ) + => ( member_pname @ B_109 @ ( image_8178176_pname @ F_57 @ A_161 ) ) ) ) )). + +thf(fact_129_rev__image__eqI,axiom,( + ! [B_109: hoare_1167836817_state,F_57: pname > hoare_1167836817_state,X_90: pname,A_161: pname > $o] : + ( ( member_pname @ X_90 @ A_161 ) + => ( ( B_109 + = ( F_57 @ X_90 ) ) + => ( member2058392318_state @ B_109 @ ( image_575578384_state @ F_57 @ A_161 ) ) ) ) )). + +thf(fact_130_imageI,axiom,( + ! [F_56: hoare_1167836817_state > pname,X_89: hoare_1167836817_state,A_160: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_89 @ A_160 ) + => ( member_pname @ ( F_56 @ X_89 ) @ ( image_8178176_pname @ F_56 @ A_160 ) ) ) )). + +thf(fact_131_imageI,axiom,( + ! [F_56: pname > hoare_1167836817_state,X_89: pname,A_160: pname > $o] : + ( ( member_pname @ X_89 @ A_160 ) + => ( member2058392318_state @ ( F_56 @ X_89 ) @ ( image_575578384_state @ F_56 @ A_160 ) ) ) )). + +thf(fact_132_image__iff,axiom,( + ! [Z_21: hoare_1167836817_state,F_55: pname > hoare_1167836817_state,A_159: pname > $o] : + ( ( member2058392318_state @ Z_21 @ ( image_575578384_state @ F_55 @ A_159 ) ) + <=> ? [X_5: pname] : + ( ( member_pname @ X_5 @ A_159 ) + & ( Z_21 + = ( F_55 @ X_5 ) ) ) ) )). + +thf(fact_133_finite__Collect__disjI,axiom,( + ! [P_38: ( pname > $o ) > $o,Q_23: ( pname > $o ) > $o] : + ( ( finite297249702name_o + @ ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (|) @ ( P_38 @ X_5 ) @ ( Q_23 @ X_5 ) ) ) ) + <=> ( ( finite297249702name_o @ ( collect_pname_o @ P_38 ) ) + & ( finite297249702name_o @ ( collect_pname_o @ Q_23 ) ) ) ) )). + +thf(fact_134_finite__Collect__disjI,axiom,( + ! [P_38: ( hoare_1167836817_state > $o ) > $o,Q_23: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o + @ ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (|) @ ( P_38 @ X_5 ) @ ( Q_23 @ X_5 ) ) ) ) + <=> ( ( finite1380128977tate_o @ ( collec269976083tate_o @ P_38 ) ) + & ( finite1380128977tate_o @ ( collec269976083tate_o @ Q_23 ) ) ) ) )). + +thf(fact_135_finite__Collect__disjI,axiom,( + ! [P_38: hoare_1167836817_state > $o,Q_23: hoare_1167836817_state > $o] : + ( ( finite1084549118_state + @ ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (|) @ ( P_38 @ X_5 ) @ ( Q_23 @ X_5 ) ) ) ) + <=> ( ( finite1084549118_state @ ( collec1027672124_state @ P_38 ) ) + & ( finite1084549118_state @ ( collec1027672124_state @ Q_23 ) ) ) ) )). + +thf(fact_136_finite__Collect__disjI,axiom,( + ! [P_38: pname > $o,Q_23: pname > $o] : + ( ( finite_finite_pname + @ ( collect_pname + @ ^ [X_5: pname] : + ( (|) @ ( P_38 @ X_5 ) @ ( Q_23 @ X_5 ) ) ) ) + <=> ( ( finite_finite_pname @ ( collect_pname @ P_38 ) ) + & ( finite_finite_pname @ ( collect_pname @ Q_23 ) ) ) ) )). + +thf(fact_137_insert__compr__raw,axiom,( + ! [X_5: pname,Xa: pname > $o] : + ( ( insert_pname @ X_5 @ Xa ) + = ( collect_pname + @ ^ [Y_2: pname] : + ( (|) @ ( Y_2 = X_5 ) @ ( member_pname @ Y_2 @ Xa ) ) ) ) )). + +thf(fact_138_insert__compr__raw,axiom,( + ! [X_5: pname > $o,Xa: ( pname > $o ) > $o] : + ( ( insert_pname_o @ X_5 @ Xa ) + = ( collect_pname_o + @ ^ [Y_2: pname > $o] : + ( (|) @ ( Y_2 = X_5 ) @ ( member_pname_o @ Y_2 @ Xa ) ) ) ) )). + +thf(fact_139_insert__compr__raw,axiom,( + ! [X_5: hoare_1167836817_state > $o,Xa: ( hoare_1167836817_state > $o ) > $o] : + ( ( insert999278200tate_o @ X_5 @ Xa ) + = ( collec269976083tate_o + @ ^ [Y_2: hoare_1167836817_state > $o] : + ( (|) @ ( Y_2 = X_5 ) @ ( member864234961tate_o @ Y_2 @ Xa ) ) ) ) )). + +thf(fact_140_insert__compr__raw,axiom,( + ! [X_5: hoare_1167836817_state,Xa: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ X_5 @ Xa ) + = ( collec1027672124_state + @ ^ [Y_2: hoare_1167836817_state] : + ( (|) @ ( Y_2 = X_5 ) @ ( member2058392318_state @ Y_2 @ Xa ) ) ) ) )). + +thf(fact_141_singleton__inject,axiom,( + ! [A_158: pname,B_108: pname] : + ( ( ( insert_pname @ A_158 @ bot_bot_pname_o ) + = ( insert_pname @ B_108 @ bot_bot_pname_o ) ) + => ( A_158 = B_108 ) ) )). + +thf(fact_142_singleton__inject,axiom,( + ! [A_158: hoare_1167836817_state,B_108: hoare_1167836817_state] : + ( ( ( insert2134838167_state @ A_158 @ bot_bo70021908tate_o ) + = ( insert2134838167_state @ B_108 @ bot_bo70021908tate_o ) ) + => ( A_158 = B_108 ) ) )). + +thf(fact_143_singletonE,axiom,( + ! [B_107: pname,A_157: pname] : + ( ( member_pname @ B_107 @ ( insert_pname @ A_157 @ bot_bot_pname_o ) ) + => ( B_107 = A_157 ) ) )). + +thf(fact_144_singletonE,axiom,( + ! [B_107: hoare_1167836817_state,A_157: hoare_1167836817_state] : + ( ( member2058392318_state @ B_107 @ ( insert2134838167_state @ A_157 @ bot_bo70021908tate_o ) ) + => ( B_107 = A_157 ) ) )). + +thf(fact_145_doubleton__eq__iff,axiom,( + ! [A_156: pname,B_106: pname,C_49: pname,D_6: pname] : + ( ( ( insert_pname @ A_156 @ ( insert_pname @ B_106 @ bot_bot_pname_o ) ) + = ( insert_pname @ C_49 @ ( insert_pname @ D_6 @ bot_bot_pname_o ) ) ) + <=> ( ( ( A_156 = C_49 ) + & ( B_106 = D_6 ) ) + | ( ( A_156 = D_6 ) + & ( B_106 = C_49 ) ) ) ) )). + +thf(fact_146_doubleton__eq__iff,axiom,( + ! [A_156: hoare_1167836817_state,B_106: hoare_1167836817_state,C_49: hoare_1167836817_state,D_6: hoare_1167836817_state] : + ( ( ( insert2134838167_state @ A_156 @ ( insert2134838167_state @ B_106 @ bot_bo70021908tate_o ) ) + = ( insert2134838167_state @ C_49 @ ( insert2134838167_state @ D_6 @ bot_bo70021908tate_o ) ) ) + <=> ( ( ( A_156 = C_49 ) + & ( B_106 = D_6 ) ) + | ( ( A_156 = D_6 ) + & ( B_106 = C_49 ) ) ) ) )). + +thf(fact_147_singleton__iff,axiom,( + ! [B_105: pname,A_155: pname] : + ( ( member_pname @ B_105 @ ( insert_pname @ A_155 @ bot_bot_pname_o ) ) + <=> ( B_105 = A_155 ) ) )). + +thf(fact_148_singleton__iff,axiom,( + ! [B_105: hoare_1167836817_state,A_155: hoare_1167836817_state] : + ( ( member2058392318_state @ B_105 @ ( insert2134838167_state @ A_155 @ bot_bo70021908tate_o ) ) + <=> ( B_105 = A_155 ) ) )). + +thf(fact_149_insert__not__empty,axiom,( + ! [A_154: pname,A_153: pname > $o] : + ( ( insert_pname @ A_154 @ A_153 ) + != bot_bot_pname_o ) )). + +thf(fact_150_insert__not__empty,axiom,( + ! [A_154: hoare_1167836817_state,A_153: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ A_154 @ A_153 ) + != bot_bo70021908tate_o ) )). + +thf(fact_151_empty__not__insert,axiom,( + ! [A_152: pname,A_151: pname > $o] : + ( bot_bot_pname_o + != ( insert_pname @ A_152 @ A_151 ) ) )). + +thf(fact_152_empty__not__insert,axiom,( + ! [A_152: hoare_1167836817_state,A_151: hoare_1167836817_state > $o] : + ( bot_bo70021908tate_o + != ( insert2134838167_state @ A_152 @ A_151 ) ) )). + +thf(fact_153_finite__insert,axiom,( + ! [A_150: pname > $o,A_149: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ ( insert_pname_o @ A_150 @ A_149 ) ) + <=> ( finite297249702name_o @ A_149 ) ) )). + +thf(fact_154_finite__insert,axiom,( + ! [A_150: hoare_1167836817_state > $o,A_149: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ ( insert999278200tate_o @ A_150 @ A_149 ) ) + <=> ( finite1380128977tate_o @ A_149 ) ) )). + +thf(fact_155_finite__insert,axiom,( + ! [A_150: pname,A_149: pname > $o] : + ( ( finite_finite_pname @ ( insert_pname @ A_150 @ A_149 ) ) + <=> ( finite_finite_pname @ A_149 ) ) )). + +thf(fact_156_finite__insert,axiom,( + ! [A_150: hoare_1167836817_state,A_149: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ ( insert2134838167_state @ A_150 @ A_149 ) ) + <=> ( finite1084549118_state @ A_149 ) ) )). + +thf(fact_157_subset__empty,axiom,( + ! [A_148: pname > $o] : + ( ( ord_less_eq_pname_o @ A_148 @ bot_bot_pname_o ) + <=> ( A_148 = bot_bot_pname_o ) ) )). + +thf(fact_158_subset__empty,axiom,( + ! [A_148: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_148 @ bot_bo70021908tate_o ) + <=> ( A_148 = bot_bo70021908tate_o ) ) )). + +thf(fact_159_image__is__empty,axiom,( + ! [F_54: hoare_1167836817_state > pname,A_147: hoare_1167836817_state > $o] : + ( ( ( image_8178176_pname @ F_54 @ A_147 ) + = bot_bot_pname_o ) + <=> ( A_147 = bot_bo70021908tate_o ) ) )). + +thf(fact_160_image__is__empty,axiom,( + ! [F_54: pname > hoare_1167836817_state,A_147: pname > $o] : + ( ( ( image_575578384_state @ F_54 @ A_147 ) + = bot_bo70021908tate_o ) + <=> ( A_147 = bot_bot_pname_o ) ) )). + +thf(fact_161_image__empty,axiom,( + ! [F_53: hoare_1167836817_state > pname] : + ( ( image_8178176_pname @ F_53 @ bot_bo70021908tate_o ) + = bot_bot_pname_o ) )). + +thf(fact_162_image__empty,axiom,( + ! [F_53: pname > hoare_1167836817_state] : + ( ( image_575578384_state @ F_53 @ bot_bot_pname_o ) + = bot_bo70021908tate_o ) )). + +thf(fact_163_empty__is__image,axiom,( + ! [F_52: hoare_1167836817_state > pname,A_146: hoare_1167836817_state > $o] : + ( ( bot_bot_pname_o + = ( image_8178176_pname @ F_52 @ A_146 ) ) + <=> ( A_146 = bot_bo70021908tate_o ) ) )). + +thf(fact_164_empty__is__image,axiom,( + ! [F_52: pname > hoare_1167836817_state,A_146: pname > $o] : + ( ( bot_bo70021908tate_o + = ( image_575578384_state @ F_52 @ A_146 ) ) + <=> ( A_146 = bot_bot_pname_o ) ) )). + +thf(fact_165_finite__subset,axiom,( + ! [A_145: ( pname > $o ) > $o,B_104: ( pname > $o ) > $o] : + ( ( ord_le1205211808me_o_o @ A_145 @ B_104 ) + => ( ( finite297249702name_o @ B_104 ) + => ( finite297249702name_o @ A_145 ) ) ) )). + +thf(fact_166_finite__subset,axiom,( + ! [A_145: ( hoare_1167836817_state > $o ) > $o,B_104: ( hoare_1167836817_state > $o ) > $o] : + ( ( ord_le741939125te_o_o @ A_145 @ B_104 ) + => ( ( finite1380128977tate_o @ B_104 ) + => ( finite1380128977tate_o @ A_145 ) ) ) )). + +thf(fact_167_finite__subset,axiom,( + ! [A_145: hoare_1167836817_state > $o,B_104: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_145 @ B_104 ) + => ( ( finite1084549118_state @ B_104 ) + => ( finite1084549118_state @ A_145 ) ) ) )). + +thf(fact_168_finite__subset,axiom,( + ! [A_145: pname > $o,B_104: pname > $o] : + ( ( ord_less_eq_pname_o @ A_145 @ B_104 ) + => ( ( finite_finite_pname @ B_104 ) + => ( finite_finite_pname @ A_145 ) ) ) )). + +thf(fact_169_rev__finite__subset,axiom,( + ! [A_144: ( pname > $o ) > $o,B_103: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ B_103 ) + => ( ( ord_le1205211808me_o_o @ A_144 @ B_103 ) + => ( finite297249702name_o @ A_144 ) ) ) )). + +thf(fact_170_rev__finite__subset,axiom,( + ! [A_144: ( hoare_1167836817_state > $o ) > $o,B_103: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ B_103 ) + => ( ( ord_le741939125te_o_o @ A_144 @ B_103 ) + => ( finite1380128977tate_o @ A_144 ) ) ) )). + +thf(fact_171_rev__finite__subset,axiom,( + ! [A_144: hoare_1167836817_state > $o,B_103: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ B_103 ) + => ( ( ord_le827224136tate_o @ A_144 @ B_103 ) + => ( finite1084549118_state @ A_144 ) ) ) )). + +thf(fact_172_rev__finite__subset,axiom,( + ! [A_144: pname > $o,B_103: pname > $o] : + ( ( finite_finite_pname @ B_103 ) + => ( ( ord_less_eq_pname_o @ A_144 @ B_103 ) + => ( finite_finite_pname @ A_144 ) ) ) )). + +thf(fact_173_insert__mono,axiom,( + ! [A_143: pname,C_48: pname > $o,D_5: pname > $o] : + ( ( ord_less_eq_pname_o @ C_48 @ D_5 ) + => ( ord_less_eq_pname_o @ ( insert_pname @ A_143 @ C_48 ) @ ( insert_pname @ A_143 @ D_5 ) ) ) )). + +thf(fact_174_insert__mono,axiom,( + ! [A_143: hoare_1167836817_state,C_48: hoare_1167836817_state > $o,D_5: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ C_48 @ D_5 ) + => ( ord_le827224136tate_o @ ( insert2134838167_state @ A_143 @ C_48 ) @ ( insert2134838167_state @ A_143 @ D_5 ) ) ) )). + +thf(fact_175_mem__def,axiom,( + ! [X_88: pname,A_142: pname > $o] : + ( ( member_pname @ X_88 @ A_142 ) + <=> ( A_142 @ X_88 ) ) )). + +thf(fact_176_mem__def,axiom,( + ! [X_88: hoare_1167836817_state,A_142: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_88 @ A_142 ) + <=> ( A_142 @ X_88 ) ) )). + +thf(fact_177_Collect__def,axiom,( + ! [P_37: hoare_1167836817_state > $o] : + ( ( collec1027672124_state @ P_37 ) + = P_37 ) )). + +thf(fact_178_Collect__def,axiom,( + ! [P_37: pname > $o] : + ( ( collect_pname @ P_37 ) + = P_37 ) )). + +thf(fact_179_Collect__def,axiom,( + ! [P_37: ( pname > $o ) > $o] : + ( ( collect_pname_o @ P_37 ) + = P_37 ) )). + +thf(fact_180_Collect__def,axiom,( + ! [P_37: ( hoare_1167836817_state > $o ) > $o] : + ( ( collec269976083tate_o @ P_37 ) + = P_37 ) )). + +thf(fact_181_subset__insertI2,axiom,( + ! [B_102: pname,A_141: pname > $o,B_101: pname > $o] : + ( ( ord_less_eq_pname_o @ A_141 @ B_101 ) + => ( ord_less_eq_pname_o @ A_141 @ ( insert_pname @ B_102 @ B_101 ) ) ) )). + +thf(fact_182_subset__insertI2,axiom,( + ! [B_102: hoare_1167836817_state,A_141: hoare_1167836817_state > $o,B_101: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_141 @ B_101 ) + => ( ord_le827224136tate_o @ A_141 @ ( insert2134838167_state @ B_102 @ B_101 ) ) ) )). + +thf(fact_183_subset__insert,axiom,( + ! [B_100: pname > $o,X_87: pname,A_140: pname > $o] : + ( ~ ( member_pname @ X_87 @ A_140 ) + => ( ( ord_less_eq_pname_o @ A_140 @ ( insert_pname @ X_87 @ B_100 ) ) + <=> ( ord_less_eq_pname_o @ A_140 @ B_100 ) ) ) )). + +thf(fact_184_subset__insert,axiom,( + ! [B_100: hoare_1167836817_state > $o,X_87: hoare_1167836817_state,A_140: hoare_1167836817_state > $o] : + ( ~ ( member2058392318_state @ X_87 @ A_140 ) + => ( ( ord_le827224136tate_o @ A_140 @ ( insert2134838167_state @ X_87 @ B_100 ) ) + <=> ( ord_le827224136tate_o @ A_140 @ B_100 ) ) ) )). + +thf(fact_185_insert__subset,axiom,( + ! [X_86: pname,A_139: pname > $o,B_99: pname > $o] : + ( ( ord_less_eq_pname_o @ ( insert_pname @ X_86 @ A_139 ) @ B_99 ) + <=> ( ( member_pname @ X_86 @ B_99 ) + & ( ord_less_eq_pname_o @ A_139 @ B_99 ) ) ) )). + +thf(fact_186_insert__subset,axiom,( + ! [X_86: hoare_1167836817_state,A_139: hoare_1167836817_state > $o,B_99: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ ( insert2134838167_state @ X_86 @ A_139 ) @ B_99 ) + <=> ( ( member2058392318_state @ X_86 @ B_99 ) + & ( ord_le827224136tate_o @ A_139 @ B_99 ) ) ) )). + +thf(fact_187_subset__insertI,axiom,( + ! [B_98: pname > $o,A_138: pname] : + ( ord_less_eq_pname_o @ B_98 @ ( insert_pname @ A_138 @ B_98 ) ) )). + +thf(fact_188_subset__insertI,axiom,( + ! [B_98: hoare_1167836817_state > $o,A_138: hoare_1167836817_state] : + ( ord_le827224136tate_o @ B_98 @ ( insert2134838167_state @ A_138 @ B_98 ) ) )). + +thf(fact_189_insert__image,axiom,( + ! [F_51: hoare_1167836817_state > pname,X_85: hoare_1167836817_state,A_137: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_85 @ A_137 ) + => ( ( insert_pname @ ( F_51 @ X_85 ) @ ( image_8178176_pname @ F_51 @ A_137 ) ) + = ( image_8178176_pname @ F_51 @ A_137 ) ) ) )). + +thf(fact_190_insert__image,axiom,( + ! [F_51: pname > hoare_1167836817_state,X_85: pname,A_137: pname > $o] : + ( ( member_pname @ X_85 @ A_137 ) + => ( ( insert2134838167_state @ ( F_51 @ X_85 ) @ ( image_575578384_state @ F_51 @ A_137 ) ) + = ( image_575578384_state @ F_51 @ A_137 ) ) ) )). + +thf(fact_191_image__insert,axiom,( + ! [F_50: hoare_1167836817_state > pname,A_136: hoare_1167836817_state,B_97: hoare_1167836817_state > $o] : + ( ( image_8178176_pname @ F_50 @ ( insert2134838167_state @ A_136 @ B_97 ) ) + = ( insert_pname @ ( F_50 @ A_136 ) @ ( image_8178176_pname @ F_50 @ B_97 ) ) ) )). + +thf(fact_192_image__insert,axiom,( + ! [F_50: pname > hoare_1167836817_state,A_136: pname,B_97: pname > $o] : + ( ( image_575578384_state @ F_50 @ ( insert_pname @ A_136 @ B_97 ) ) + = ( insert2134838167_state @ ( F_50 @ A_136 ) @ ( image_575578384_state @ F_50 @ B_97 ) ) ) )). + +thf(fact_193_image__mono,axiom,( + ! [F_49: hoare_1167836817_state > pname,A_135: hoare_1167836817_state > $o,B_96: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_135 @ B_96 ) + => ( ord_less_eq_pname_o @ ( image_8178176_pname @ F_49 @ A_135 ) @ ( image_8178176_pname @ F_49 @ B_96 ) ) ) )). + +thf(fact_194_image__mono,axiom,( + ! [F_49: pname > hoare_1167836817_state,A_135: pname > $o,B_96: pname > $o] : + ( ( ord_less_eq_pname_o @ A_135 @ B_96 ) + => ( ord_le827224136tate_o @ ( image_575578384_state @ F_49 @ A_135 ) @ ( image_575578384_state @ F_49 @ B_96 ) ) ) )). + +thf(fact_195_subset__image__iff,axiom,( + ! [B_95: pname > $o,F_48: hoare_1167836817_state > pname,A_134: hoare_1167836817_state > $o] : + ( ( ord_less_eq_pname_o @ B_95 @ ( image_8178176_pname @ F_48 @ A_134 ) ) + <=> ? [AA: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ AA @ A_134 ) + & ( B_95 + = ( image_8178176_pname @ F_48 @ AA ) ) ) ) )). + +thf(fact_196_subset__image__iff,axiom,( + ! [B_95: hoare_1167836817_state > $o,F_48: pname > hoare_1167836817_state,A_134: pname > $o] : + ( ( ord_le827224136tate_o @ B_95 @ ( image_575578384_state @ F_48 @ A_134 ) ) + <=> ? [AA: pname > $o] : + ( ( ord_less_eq_pname_o @ AA @ A_134 ) + & ( B_95 + = ( image_575578384_state @ F_48 @ AA ) ) ) ) )). + +thf(fact_197_domI,axiom,( + ! [M_2: pname > option_com,A_133: pname,B_94: com] : + ( ( ( M_2 @ A_133 ) + = ( some_com @ B_94 ) ) + => ( member_pname @ A_133 @ ( dom_pname_com @ M_2 ) ) ) )). + +thf(fact_198_Collect__conv__if,axiom,( + ! [P_36: pname > $o,A_132: pname] : + ( ( ( P_36 @ A_132 ) + => ( ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = ( insert_pname @ A_132 @ bot_bot_pname_o ) ) ) + & ( ~ ( P_36 @ A_132 ) + => ( ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = bot_bot_pname_o ) ) ) )). + +thf(fact_199_Collect__conv__if,axiom,( + ! [P_36: ( pname > $o ) > $o,A_132: pname > $o] : + ( ( ( P_36 @ A_132 ) + => ( ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = ( insert_pname_o @ A_132 @ bot_bot_pname_o_o ) ) ) + & ( ~ ( P_36 @ A_132 ) + => ( ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = bot_bot_pname_o_o ) ) ) )). + +thf(fact_200_Collect__conv__if,axiom,( + ! [P_36: ( hoare_1167836817_state > $o ) > $o,A_132: hoare_1167836817_state > $o] : + ( ( ( P_36 @ A_132 ) + => ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = ( insert999278200tate_o @ A_132 @ bot_bo691907561te_o_o ) ) ) + & ( ~ ( P_36 @ A_132 ) + => ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = bot_bo691907561te_o_o ) ) ) )). + +thf(fact_201_Collect__conv__if,axiom,( + ! [P_36: hoare_1167836817_state > $o,A_132: hoare_1167836817_state] : + ( ( ( P_36 @ A_132 ) + => ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = ( insert2134838167_state @ A_132 @ bot_bo70021908tate_o ) ) ) + & ( ~ ( P_36 @ A_132 ) + => ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( X_5 = A_132 ) @ ( P_36 @ X_5 ) ) ) + = bot_bo70021908tate_o ) ) ) )). + +thf(fact_202_Collect__conv__if2,axiom,( + ! [P_35: pname > $o,A_131: pname] : + ( ( ( P_35 @ A_131 ) + => ( ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = ( insert_pname @ A_131 @ bot_bot_pname_o ) ) ) + & ( ~ ( P_35 @ A_131 ) + => ( ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = bot_bot_pname_o ) ) ) )). + +thf(fact_203_Collect__conv__if2,axiom,( + ! [P_35: ( pname > $o ) > $o,A_131: pname > $o] : + ( ( ( P_35 @ A_131 ) + => ( ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = ( insert_pname_o @ A_131 @ bot_bot_pname_o_o ) ) ) + & ( ~ ( P_35 @ A_131 ) + => ( ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = bot_bot_pname_o_o ) ) ) )). + +thf(fact_204_Collect__conv__if2,axiom,( + ! [P_35: ( hoare_1167836817_state > $o ) > $o,A_131: hoare_1167836817_state > $o] : + ( ( ( P_35 @ A_131 ) + => ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = ( insert999278200tate_o @ A_131 @ bot_bo691907561te_o_o ) ) ) + & ( ~ ( P_35 @ A_131 ) + => ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = bot_bo691907561te_o_o ) ) ) )). + +thf(fact_205_Collect__conv__if2,axiom,( + ! [P_35: hoare_1167836817_state > $o,A_131: hoare_1167836817_state] : + ( ( ( P_35 @ A_131 ) + => ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = ( insert2134838167_state @ A_131 @ bot_bo70021908tate_o ) ) ) + & ( ~ ( P_35 @ A_131 ) + => ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( A_131 = X_5 ) @ ( P_35 @ X_5 ) ) ) + = bot_bo70021908tate_o ) ) ) )). + +thf(fact_206_singleton__conv,axiom,( + ! [A_130: pname] : + ( ( collect_pname + @ ^ [X_5: pname] : ( X_5 = A_130 ) ) + = ( insert_pname @ A_130 @ bot_bot_pname_o ) ) )). + +thf(fact_207_singleton__conv,axiom,( + ! [A_130: pname > $o] : + ( ( collect_pname_o + @ ^ [X_5: pname > $o] : ( X_5 = A_130 ) ) + = ( insert_pname_o @ A_130 @ bot_bot_pname_o_o ) ) )). + +thf(fact_208_singleton__conv,axiom,( + ! [A_130: hoare_1167836817_state > $o] : + ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : ( X_5 = A_130 ) ) + = ( insert999278200tate_o @ A_130 @ bot_bo691907561te_o_o ) ) )). + +thf(fact_209_singleton__conv,axiom,( + ! [A_130: hoare_1167836817_state] : + ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : ( X_5 = A_130 ) ) + = ( insert2134838167_state @ A_130 @ bot_bo70021908tate_o ) ) )). + +thf(fact_210_singleton__conv2,axiom,( + ! [A_129: pname] : + ( ( collect_pname @ ( fequal_pname @ A_129 ) ) + = ( insert_pname @ A_129 @ bot_bot_pname_o ) ) )). + +thf(fact_211_singleton__conv2,axiom,( + ! [A_129: pname > $o] : + ( ( collect_pname_o @ ( fequal_pname_o @ A_129 ) ) + = ( insert_pname_o @ A_129 @ bot_bot_pname_o_o ) ) )). + +thf(fact_212_singleton__conv2,axiom,( + ! [A_129: hoare_1167836817_state > $o] : + ( ( collec269976083tate_o @ ( fequal1486222077tate_o @ A_129 ) ) + = ( insert999278200tate_o @ A_129 @ bot_bo691907561te_o_o ) ) )). + +thf(fact_213_singleton__conv2,axiom,( + ! [A_129: hoare_1167836817_state] : + ( ( collec1027672124_state @ ( fequal1831255762_state @ A_129 ) ) + = ( insert2134838167_state @ A_129 @ bot_bo70021908tate_o ) ) )). + +thf(fact_214_MGF__lemma1,axiom,( + ! [C_21: com,G_3: hoare_1167836817_state > $o] : + ( hoare_1201148605gleton + => ( ! [X_5: pname] : + ( ( member_pname @ X_5 @ ( dom_pname_com @ body ) ) + => ( hoare_123228589_state @ G_3 @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ ( body_1 @ X_5 ) ) @ bot_bo70021908tate_o ) ) ) + => ( ( wt @ C_21 ) + => ( hoare_123228589_state @ G_3 @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ C_21 ) @ bot_bo70021908tate_o ) ) ) ) ) )). + +thf(fact_215_WT__bodiesD,axiom,( + ! [Pn_1: pname,B_42: com] : + ( wT_bodies + => ( ( ( body @ Pn_1 ) + = ( some_com @ B_42 ) ) + => ( wt @ B_42 ) ) ) )). + +thf(fact_216_imageE,axiom,( + ! [B_93: pname,F_47: hoare_1167836817_state > pname,A_128: hoare_1167836817_state > $o] : + ( ( member_pname @ B_93 @ ( image_8178176_pname @ F_47 @ A_128 ) ) + => ~ ! [X_5: hoare_1167836817_state] : + ( ( B_93 + = ( F_47 @ X_5 ) ) + => ~ ( member2058392318_state @ X_5 @ A_128 ) ) ) )). + +thf(fact_217_imageE,axiom,( + ! [B_93: hoare_1167836817_state,F_47: pname > hoare_1167836817_state,A_128: pname > $o] : + ( ( member2058392318_state @ B_93 @ ( image_575578384_state @ F_47 @ A_128 ) ) + => ~ ! [X_5: pname] : + ( ( B_93 + = ( F_47 @ X_5 ) ) + => ~ ( member_pname @ X_5 @ A_128 ) ) ) )). + +thf(fact_218_finite__subset__induct,axiom,( + ! [P_34: ( ( pname > $o ) > $o ) > $o,A_127: ( pname > $o ) > $o,F_46: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_46 ) + => ( ( ord_le1205211808me_o_o @ F_46 @ A_127 ) + => ( ( P_34 @ bot_bot_pname_o_o ) + => ( ! [A_122: pname > $o,F_26: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_26 ) + => ( ( member_pname_o @ A_122 @ A_127 ) + => ( ~ ( member_pname_o @ A_122 @ F_26 ) + => ( ( P_34 @ F_26 ) + => ( P_34 @ ( insert_pname_o @ A_122 @ F_26 ) ) ) ) ) ) + => ( P_34 @ F_46 ) ) ) ) ) )). + +thf(fact_219_finite__subset__induct,axiom,( + ! [P_34: ( ( hoare_1167836817_state > $o ) > $o ) > $o,A_127: ( hoare_1167836817_state > $o ) > $o,F_46: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_46 ) + => ( ( ord_le741939125te_o_o @ F_46 @ A_127 ) + => ( ( P_34 @ bot_bo691907561te_o_o ) + => ( ! [A_122: hoare_1167836817_state > $o,F_26: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_26 ) + => ( ( member864234961tate_o @ A_122 @ A_127 ) + => ( ~ ( member864234961tate_o @ A_122 @ F_26 ) + => ( ( P_34 @ F_26 ) + => ( P_34 @ ( insert999278200tate_o @ A_122 @ F_26 ) ) ) ) ) ) + => ( P_34 @ F_46 ) ) ) ) ) )). + +thf(fact_220_finite__subset__induct,axiom,( + ! [P_34: ( pname > $o ) > $o,A_127: pname > $o,F_46: pname > $o] : + ( ( finite_finite_pname @ F_46 ) + => ( ( ord_less_eq_pname_o @ F_46 @ A_127 ) + => ( ( P_34 @ bot_bot_pname_o ) + => ( ! [A_122: pname,F_26: pname > $o] : + ( ( finite_finite_pname @ F_26 ) + => ( ( member_pname @ A_122 @ A_127 ) + => ( ~ ( member_pname @ A_122 @ F_26 ) + => ( ( P_34 @ F_26 ) + => ( P_34 @ ( insert_pname @ A_122 @ F_26 ) ) ) ) ) ) + => ( P_34 @ F_46 ) ) ) ) ) )). + +thf(fact_221_finite__subset__induct,axiom,( + ! [P_34: ( hoare_1167836817_state > $o ) > $o,A_127: hoare_1167836817_state > $o,F_46: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_46 ) + => ( ( ord_le827224136tate_o @ F_46 @ A_127 ) + => ( ( P_34 @ bot_bo70021908tate_o ) + => ( ! [A_122: hoare_1167836817_state,F_26: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_26 ) + => ( ( member2058392318_state @ A_122 @ A_127 ) + => ( ~ ( member2058392318_state @ A_122 @ F_26 ) + => ( ( P_34 @ F_26 ) + => ( P_34 @ ( insert2134838167_state @ A_122 @ F_26 ) ) ) ) ) ) + => ( P_34 @ F_46 ) ) ) ) ) )). + +thf(fact_222_WTs__elim__cases_I7_J,axiom,( + ! [P: pname] : + ( ( wt @ ( body_1 @ P ) ) + => ~ ! [Y_2: com] : + ( ( body @ P ) + != ( some_com @ Y_2 ) ) ) )). + +thf(fact_223_subsetI,axiom,( + ! [B_92: pname > $o,A_126: pname > $o] : + ( ! [X_5: pname] : + ( ( member_pname @ X_5 @ A_126 ) + => ( member_pname @ X_5 @ B_92 ) ) + => ( ord_less_eq_pname_o @ A_126 @ B_92 ) ) )). + +thf(fact_224_subsetI,axiom,( + ! [B_92: hoare_1167836817_state > $o,A_126: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_126 ) + => ( member2058392318_state @ X_5 @ B_92 ) ) + => ( ord_le827224136tate_o @ A_126 @ B_92 ) ) )). + +thf(fact_225_finite__subset__image,axiom,( + ! [F_45: ( pname > $o ) > hoare_1167836817_state,A_125: ( pname > $o ) > $o,B_91: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ B_91 ) + => ( ( ord_le827224136tate_o @ B_91 @ ( image_1381916541_state @ F_45 @ A_125 ) ) + => ? [C_47: ( pname > $o ) > $o] : + ( ( ord_le1205211808me_o_o @ C_47 @ A_125 ) + & ( finite297249702name_o @ C_47 ) + & ( B_91 + = ( image_1381916541_state @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_226_finite__subset__image,axiom,( + ! [F_45: ( hoare_1167836817_state > $o ) > hoare_1167836817_state,A_125: ( hoare_1167836817_state > $o ) > $o,B_91: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ B_91 ) + => ( ( ord_le827224136tate_o @ B_91 @ ( image_635813834_state @ F_45 @ A_125 ) ) + => ? [C_47: ( hoare_1167836817_state > $o ) > $o] : + ( ( ord_le741939125te_o_o @ C_47 @ A_125 ) + & ( finite1380128977tate_o @ C_47 ) + & ( B_91 + = ( image_635813834_state @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_227_finite__subset__image,axiom,( + ! [F_45: ( pname > $o ) > pname,A_125: ( pname > $o ) > $o,B_91: pname > $o] : + ( ( finite_finite_pname @ B_91 ) + => ( ( ord_less_eq_pname_o @ B_91 @ ( image_pname_o_pname @ F_45 @ A_125 ) ) + => ? [C_47: ( pname > $o ) > $o] : + ( ( ord_le1205211808me_o_o @ C_47 @ A_125 ) + & ( finite297249702name_o @ C_47 ) + & ( B_91 + = ( image_pname_o_pname @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_228_finite__subset__image,axiom,( + ! [F_45: ( hoare_1167836817_state > $o ) > pname,A_125: ( hoare_1167836817_state > $o ) > $o,B_91: pname > $o] : + ( ( finite_finite_pname @ B_91 ) + => ( ( ord_less_eq_pname_o @ B_91 @ ( image_980295115_pname @ F_45 @ A_125 ) ) + => ? [C_47: ( hoare_1167836817_state > $o ) > $o] : + ( ( ord_le741939125te_o_o @ C_47 @ A_125 ) + & ( finite1380128977tate_o @ C_47 ) + & ( B_91 + = ( image_980295115_pname @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_229_finite__subset__image,axiom,( + ! [F_45: hoare_1167836817_state > pname > $o,A_125: hoare_1167836817_state > $o,B_91: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ B_91 ) + => ( ( ord_le1205211808me_o_o @ B_91 @ ( image_2066861949name_o @ F_45 @ A_125 ) ) + => ? [C_47: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ C_47 @ A_125 ) + & ( finite1084549118_state @ C_47 ) + & ( B_91 + = ( image_2066861949name_o @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_230_finite__subset__image,axiom,( + ! [F_45: hoare_1167836817_state > hoare_1167836817_state > $o,A_125: hoare_1167836817_state > $o,B_91: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ B_91 ) + => ( ( ord_le741939125te_o_o @ B_91 @ ( image_1745649338tate_o @ F_45 @ A_125 ) ) + => ? [C_47: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ C_47 @ A_125 ) + & ( finite1084549118_state @ C_47 ) + & ( B_91 + = ( image_1745649338tate_o @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_231_finite__subset__image,axiom,( + ! [F_45: hoare_1167836817_state > pname,A_125: hoare_1167836817_state > $o,B_91: pname > $o] : + ( ( finite_finite_pname @ B_91 ) + => ( ( ord_less_eq_pname_o @ B_91 @ ( image_8178176_pname @ F_45 @ A_125 ) ) + => ? [C_47: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ C_47 @ A_125 ) + & ( finite1084549118_state @ C_47 ) + & ( B_91 + = ( image_8178176_pname @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_232_finite__subset__image,axiom,( + ! [F_45: pname > pname > $o,A_125: pname > $o,B_91: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ B_91 ) + => ( ( ord_le1205211808me_o_o @ B_91 @ ( image_pname_pname_o @ F_45 @ A_125 ) ) + => ? [C_47: pname > $o] : + ( ( ord_less_eq_pname_o @ C_47 @ A_125 ) + & ( finite_finite_pname @ C_47 ) + & ( B_91 + = ( image_pname_pname_o @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_233_finite__subset__image,axiom,( + ! [F_45: pname > hoare_1167836817_state > $o,A_125: pname > $o,B_91: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ B_91 ) + => ( ( ord_le741939125te_o_o @ B_91 @ ( image_475339327tate_o @ F_45 @ A_125 ) ) + => ? [C_47: pname > $o] : + ( ( ord_less_eq_pname_o @ C_47 @ A_125 ) + & ( finite_finite_pname @ C_47 ) + & ( B_91 + = ( image_475339327tate_o @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_234_finite__subset__image,axiom,( + ! [F_45: pname > pname,A_125: pname > $o,B_91: pname > $o] : + ( ( finite_finite_pname @ B_91 ) + => ( ( ord_less_eq_pname_o @ B_91 @ ( image_pname_pname @ F_45 @ A_125 ) ) + => ? [C_47: pname > $o] : + ( ( ord_less_eq_pname_o @ C_47 @ A_125 ) + & ( finite_finite_pname @ C_47 ) + & ( B_91 + = ( image_pname_pname @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_235_finite__subset__image,axiom,( + ! [F_45: pname > hoare_1167836817_state,A_125: pname > $o,B_91: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ B_91 ) + => ( ( ord_le827224136tate_o @ B_91 @ ( image_575578384_state @ F_45 @ A_125 ) ) + => ? [C_47: pname > $o] : + ( ( ord_less_eq_pname_o @ C_47 @ A_125 ) + & ( finite_finite_pname @ C_47 ) + & ( B_91 + = ( image_575578384_state @ F_45 @ C_47 ) ) ) ) ) )). + +thf(fact_236_finite__dom__body,axiom, + ( finite_finite_pname @ ( dom_pname_com @ body ) )). + +thf(fact_237_finite__induct,axiom,( + ! [P_33: ( ( pname > $o ) > $o ) > $o,F_44: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_44 ) + => ( ( P_33 @ bot_bot_pname_o_o ) + => ( ! [X_5: pname > $o,F_26: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_26 ) + => ( ~ ( member_pname_o @ X_5 @ F_26 ) + => ( ( P_33 @ F_26 ) + => ( P_33 @ ( insert_pname_o @ X_5 @ F_26 ) ) ) ) ) + => ( P_33 @ F_44 ) ) ) ) )). + +thf(fact_238_finite__induct,axiom,( + ! [P_33: ( ( hoare_1167836817_state > $o ) > $o ) > $o,F_44: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_44 ) + => ( ( P_33 @ bot_bo691907561te_o_o ) + => ( ! [X_5: hoare_1167836817_state > $o,F_26: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_26 ) + => ( ~ ( member864234961tate_o @ X_5 @ F_26 ) + => ( ( P_33 @ F_26 ) + => ( P_33 @ ( insert999278200tate_o @ X_5 @ F_26 ) ) ) ) ) + => ( P_33 @ F_44 ) ) ) ) )). + +thf(fact_239_finite__induct,axiom,( + ! [P_33: ( pname > $o ) > $o,F_44: pname > $o] : + ( ( finite_finite_pname @ F_44 ) + => ( ( P_33 @ bot_bot_pname_o ) + => ( ! [X_5: pname,F_26: pname > $o] : + ( ( finite_finite_pname @ F_26 ) + => ( ~ ( member_pname @ X_5 @ F_26 ) + => ( ( P_33 @ F_26 ) + => ( P_33 @ ( insert_pname @ X_5 @ F_26 ) ) ) ) ) + => ( P_33 @ F_44 ) ) ) ) )). + +thf(fact_240_finite__induct,axiom,( + ! [P_33: ( hoare_1167836817_state > $o ) > $o,F_44: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_44 ) + => ( ( P_33 @ bot_bo70021908tate_o ) + => ( ! [X_5: hoare_1167836817_state,F_26: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_26 ) + => ( ~ ( member2058392318_state @ X_5 @ F_26 ) + => ( ( P_33 @ F_26 ) + => ( P_33 @ ( insert2134838167_state @ X_5 @ F_26 ) ) ) ) ) + => ( P_33 @ F_44 ) ) ) ) )). + +thf(fact_241_finite_Osimps,axiom,( + ! [A_123: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ A_123 ) + <=> ( ( A_123 = bot_bot_pname_o_o ) + | ? [A_124: ( pname > $o ) > $o,A_122: pname > $o] : + ( ( A_123 + = ( insert_pname_o @ A_122 @ A_124 ) ) + & ( finite297249702name_o @ A_124 ) ) ) ) )). + +thf(fact_242_finite_Osimps,axiom,( + ! [A_123: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ A_123 ) + <=> ( ( A_123 = bot_bo691907561te_o_o ) + | ? [A_124: ( hoare_1167836817_state > $o ) > $o,A_122: hoare_1167836817_state > $o] : + ( ( A_123 + = ( insert999278200tate_o @ A_122 @ A_124 ) ) + & ( finite1380128977tate_o @ A_124 ) ) ) ) )). + +thf(fact_243_finite_Osimps,axiom,( + ! [A_123: pname > $o] : + ( ( finite_finite_pname @ A_123 ) + <=> ( ( A_123 = bot_bot_pname_o ) + | ? [A_124: pname > $o,A_122: pname] : + ( ( A_123 + = ( insert_pname @ A_122 @ A_124 ) ) + & ( finite_finite_pname @ A_124 ) ) ) ) )). + +thf(fact_244_finite_Osimps,axiom,( + ! [A_123: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_123 ) + <=> ( ( A_123 = bot_bo70021908tate_o ) + | ? [A_124: hoare_1167836817_state > $o,A_122: hoare_1167836817_state] : + ( ( A_123 + = ( insert2134838167_state @ A_122 @ A_124 ) ) + & ( finite1084549118_state @ A_124 ) ) ) ) )). + +thf(fact_245_pigeonhole__infinite,axiom,( + ! [F_43: pname > pname > $o,A_121: pname > $o] : + ( ~ ( finite_finite_pname @ A_121 ) + => ( ( finite297249702name_o @ ( image_pname_pname_o @ F_43 @ A_121 ) ) + => ? [X_5: pname] : + ( ( member_pname @ X_5 @ A_121 ) + & ~ ( finite_finite_pname + @ ( collect_pname + @ ^ [A_122: pname] : + ( (&) @ ( member_pname @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_246_pigeonhole__infinite,axiom,( + ! [F_43: pname > hoare_1167836817_state > $o,A_121: pname > $o] : + ( ~ ( finite_finite_pname @ A_121 ) + => ( ( finite1380128977tate_o @ ( image_475339327tate_o @ F_43 @ A_121 ) ) + => ? [X_5: pname] : + ( ( member_pname @ X_5 @ A_121 ) + & ~ ( finite_finite_pname + @ ( collect_pname + @ ^ [A_122: pname] : + ( (&) @ ( member_pname @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_247_pigeonhole__infinite,axiom,( + ! [F_43: hoare_1167836817_state > hoare_1167836817_state,A_121: hoare_1167836817_state > $o] : + ( ~ ( finite1084549118_state @ A_121 ) + => ( ( finite1084549118_state @ ( image_31595733_state @ F_43 @ A_121 ) ) + => ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_121 ) + & ~ ( finite1084549118_state + @ ( collec1027672124_state + @ ^ [A_122: hoare_1167836817_state] : + ( (&) @ ( member2058392318_state @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_248_pigeonhole__infinite,axiom,( + ! [F_43: ( pname > $o ) > hoare_1167836817_state,A_121: ( pname > $o ) > $o] : + ( ~ ( finite297249702name_o @ A_121 ) + => ( ( finite1084549118_state @ ( image_1381916541_state @ F_43 @ A_121 ) ) + => ? [X_5: pname > $o] : + ( ( member_pname_o @ X_5 @ A_121 ) + & ~ ( finite297249702name_o + @ ( collect_pname_o + @ ^ [A_122: pname > $o] : + ( (&) @ ( member_pname_o @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_249_pigeonhole__infinite,axiom,( + ! [F_43: ( hoare_1167836817_state > $o ) > hoare_1167836817_state,A_121: ( hoare_1167836817_state > $o ) > $o] : + ( ~ ( finite1380128977tate_o @ A_121 ) + => ( ( finite1084549118_state @ ( image_635813834_state @ F_43 @ A_121 ) ) + => ? [X_5: hoare_1167836817_state > $o] : + ( ( member864234961tate_o @ X_5 @ A_121 ) + & ~ ( finite1380128977tate_o + @ ( collec269976083tate_o + @ ^ [A_122: hoare_1167836817_state > $o] : + ( (&) @ ( member864234961tate_o @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_250_pigeonhole__infinite,axiom,( + ! [F_43: pname > pname,A_121: pname > $o] : + ( ~ ( finite_finite_pname @ A_121 ) + => ( ( finite_finite_pname @ ( image_pname_pname @ F_43 @ A_121 ) ) + => ? [X_5: pname] : + ( ( member_pname @ X_5 @ A_121 ) + & ~ ( finite_finite_pname + @ ( collect_pname + @ ^ [A_122: pname] : + ( (&) @ ( member_pname @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_251_pigeonhole__infinite,axiom,( + ! [F_43: hoare_1167836817_state > pname,A_121: hoare_1167836817_state > $o] : + ( ~ ( finite1084549118_state @ A_121 ) + => ( ( finite_finite_pname @ ( image_8178176_pname @ F_43 @ A_121 ) ) + => ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_121 ) + & ~ ( finite1084549118_state + @ ( collec1027672124_state + @ ^ [A_122: hoare_1167836817_state] : + ( (&) @ ( member2058392318_state @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_252_pigeonhole__infinite,axiom,( + ! [F_43: ( pname > $o ) > pname,A_121: ( pname > $o ) > $o] : + ( ~ ( finite297249702name_o @ A_121 ) + => ( ( finite_finite_pname @ ( image_pname_o_pname @ F_43 @ A_121 ) ) + => ? [X_5: pname > $o] : + ( ( member_pname_o @ X_5 @ A_121 ) + & ~ ( finite297249702name_o + @ ( collect_pname_o + @ ^ [A_122: pname > $o] : + ( (&) @ ( member_pname_o @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_253_pigeonhole__infinite,axiom,( + ! [F_43: ( hoare_1167836817_state > $o ) > pname,A_121: ( hoare_1167836817_state > $o ) > $o] : + ( ~ ( finite1380128977tate_o @ A_121 ) + => ( ( finite_finite_pname @ ( image_980295115_pname @ F_43 @ A_121 ) ) + => ? [X_5: hoare_1167836817_state > $o] : + ( ( member864234961tate_o @ X_5 @ A_121 ) + & ~ ( finite1380128977tate_o + @ ( collec269976083tate_o + @ ^ [A_122: hoare_1167836817_state > $o] : + ( (&) @ ( member864234961tate_o @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_254_pigeonhole__infinite,axiom,( + ! [F_43: hoare_1167836817_state > pname > $o,A_121: hoare_1167836817_state > $o] : + ( ~ ( finite1084549118_state @ A_121 ) + => ( ( finite297249702name_o @ ( image_2066861949name_o @ F_43 @ A_121 ) ) + => ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_121 ) + & ~ ( finite1084549118_state + @ ( collec1027672124_state + @ ^ [A_122: hoare_1167836817_state] : + ( (&) @ ( member2058392318_state @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_255_pigeonhole__infinite,axiom,( + ! [F_43: hoare_1167836817_state > hoare_1167836817_state > $o,A_121: hoare_1167836817_state > $o] : + ( ~ ( finite1084549118_state @ A_121 ) + => ( ( finite1380128977tate_o @ ( image_1745649338tate_o @ F_43 @ A_121 ) ) + => ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_121 ) + & ~ ( finite1084549118_state + @ ( collec1027672124_state + @ ^ [A_122: hoare_1167836817_state] : + ( (&) @ ( member2058392318_state @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_256_pigeonhole__infinite,axiom,( + ! [F_43: pname > hoare_1167836817_state,A_121: pname > $o] : + ( ~ ( finite_finite_pname @ A_121 ) + => ( ( finite1084549118_state @ ( image_575578384_state @ F_43 @ A_121 ) ) + => ? [X_5: pname] : + ( ( member_pname @ X_5 @ A_121 ) + & ~ ( finite_finite_pname + @ ( collect_pname + @ ^ [A_122: pname] : + ( (&) @ ( member_pname @ A_122 @ A_121 ) + @ ( ( F_43 @ A_122 ) + = ( F_43 @ X_5 ) ) ) ) ) ) ) ) )). + +thf(fact_257_com_Osimps_I6_J,axiom,( + ! [Pname_1: pname,Pname: pname] : + ( ( ( body_1 @ Pname_1 ) + = ( body_1 @ Pname ) ) + <=> ( Pname_1 = Pname ) ) )). + +thf(fact_258_MGT__Body,axiom,( + ! [G_3: hoare_1167836817_state > $o,Procs_3: pname > $o] : + ( ( hoare_123228589_state + @ ( semila1172322802tate_o @ G_3 + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_Mirabelle_MGT @ ( body_1 @ Pn ) ) + @ Procs_3 ) ) + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_Mirabelle_MGT @ ( the_com @ ( body @ Pn ) ) ) + @ Procs_3 ) ) + => ( ( finite_finite_pname @ Procs_3 ) + => ( hoare_123228589_state @ G_3 + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_Mirabelle_MGT @ ( body_1 @ Pn ) ) + @ Procs_3 ) ) ) ) )). + +thf(fact_259_domD,axiom,( + ! [A_120: pname,M_1: pname > option_com] : + ( ( member_pname @ A_120 @ ( dom_pname_com @ M_1 ) ) + => ? [B_90: com] : + ( ( M_1 @ A_120 ) + = ( some_com @ B_90 ) ) ) )). + +thf(fact_260_the__elem__eq,axiom,( + ! [X_84: pname] : + ( ( the_elem_pname @ ( insert_pname @ X_84 @ bot_bot_pname_o ) ) + = X_84 ) )). + +thf(fact_261_the__elem__eq,axiom,( + ! [X_84: hoare_1167836817_state] : + ( ( the_el323660082_state @ ( insert2134838167_state @ X_84 @ bot_bo70021908tate_o ) ) + = X_84 ) )). + +thf(fact_262_image__subsetI,axiom,( + ! [F_42: hoare_1167836817_state > pname,B_89: pname > $o,A_119: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_119 ) + => ( member_pname @ ( F_42 @ X_5 ) @ B_89 ) ) + => ( ord_less_eq_pname_o @ ( image_8178176_pname @ F_42 @ A_119 ) @ B_89 ) ) )). + +thf(fact_263_image__subsetI,axiom,( + ! [F_42: pname > hoare_1167836817_state,B_89: hoare_1167836817_state > $o,A_119: pname > $o] : + ( ! [X_5: pname] : + ( ( member_pname @ X_5 @ A_119 ) + => ( member2058392318_state @ ( F_42 @ X_5 ) @ B_89 ) ) + => ( ord_le827224136tate_o @ ( image_575578384_state @ F_42 @ A_119 ) @ B_89 ) ) )). + +thf(fact_264_order__refl,axiom,( + ! [X_83: pname > $o] : + ( ord_less_eq_pname_o @ X_83 @ X_83 ) )). + +thf(fact_265_order__refl,axiom,( + ! [X_83: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ X_83 @ X_83 ) )). + +thf(fact_266_nonempty__iff,axiom,( + ! [A_118: pname > $o] : + ( ( A_118 != bot_bot_pname_o ) + <=> ? [X_5: pname,B_43: pname > $o] : + ( ( A_118 + = ( insert_pname @ X_5 @ B_43 ) ) + & ~ ( member_pname @ X_5 @ B_43 ) ) ) )). + +thf(fact_267_nonempty__iff,axiom,( + ! [A_118: hoare_1167836817_state > $o] : + ( ( A_118 != bot_bo70021908tate_o ) + <=> ? [X_5: hoare_1167836817_state,B_43: hoare_1167836817_state > $o] : + ( ( A_118 + = ( insert2134838167_state @ X_5 @ B_43 ) ) + & ~ ( member2058392318_state @ X_5 @ B_43 ) ) ) )). + +thf(fact_268_the_Osimps,axiom,( + ! [X_82: com] : + ( ( the_com @ ( some_com @ X_82 ) ) + = X_82 ) )). + +thf(fact_269_weak__Body,axiom,( + ! [G_27: hoare_1167836817_state > $o,P_32: state > state > $o,Pn_4: pname,Q_22: state > state > $o] : + ( ( hoare_123228589_state @ G_27 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_32 @ ( the_com @ ( body @ Pn_4 ) ) @ Q_22 ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_27 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_32 @ ( body_1 @ Pn_4 ) @ Q_22 ) @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_270_UnCI,axiom,( + ! [A_117: pname > $o,C_46: pname,B_88: pname > $o] : + ( ( ~ ( member_pname @ C_46 @ B_88 ) + => ( member_pname @ C_46 @ A_117 ) ) + => ( member_pname @ C_46 @ ( semila1780557381name_o @ A_117 @ B_88 ) ) ) )). + +thf(fact_271_UnCI,axiom,( + ! [A_117: hoare_1167836817_state > $o,C_46: hoare_1167836817_state,B_88: hoare_1167836817_state > $o] : + ( ( ~ ( member2058392318_state @ C_46 @ B_88 ) + => ( member2058392318_state @ C_46 @ A_117 ) ) + => ( member2058392318_state @ C_46 @ ( semila1172322802tate_o @ A_117 @ B_88 ) ) ) )). + +thf(fact_272_UnE,axiom,( + ! [C_45: pname,A_116: pname > $o,B_87: pname > $o] : + ( ( member_pname @ C_45 @ ( semila1780557381name_o @ A_116 @ B_87 ) ) + => ( ~ ( member_pname @ C_45 @ A_116 ) + => ( member_pname @ C_45 @ B_87 ) ) ) )). + +thf(fact_273_UnE,axiom,( + ! [C_45: hoare_1167836817_state,A_116: hoare_1167836817_state > $o,B_87: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_45 @ ( semila1172322802tate_o @ A_116 @ B_87 ) ) + => ( ~ ( member2058392318_state @ C_45 @ A_116 ) + => ( member2058392318_state @ C_45 @ B_87 ) ) ) )). + +thf(fact_274_Collect__disj__eq,axiom,( + ! [P_31: pname > $o,Q_21: pname > $o] : + ( ( collect_pname + @ ^ [X_5: pname] : + ( (|) @ ( P_31 @ X_5 ) @ ( Q_21 @ X_5 ) ) ) + = ( semila1780557381name_o @ ( collect_pname @ P_31 ) @ ( collect_pname @ Q_21 ) ) ) )). + +thf(fact_275_Collect__disj__eq,axiom,( + ! [P_31: ( pname > $o ) > $o,Q_21: ( pname > $o ) > $o] : + ( ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (|) @ ( P_31 @ X_5 ) @ ( Q_21 @ X_5 ) ) ) + = ( semila181081674me_o_o @ ( collect_pname_o @ P_31 ) @ ( collect_pname_o @ Q_21 ) ) ) )). + +thf(fact_276_Collect__disj__eq,axiom,( + ! [P_31: ( hoare_1167836817_state > $o ) > $o,Q_21: ( hoare_1167836817_state > $o ) > $o] : + ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (|) @ ( P_31 @ X_5 ) @ ( Q_21 @ X_5 ) ) ) + = ( semila866907787te_o_o @ ( collec269976083tate_o @ P_31 ) @ ( collec269976083tate_o @ Q_21 ) ) ) )). + +thf(fact_277_Collect__disj__eq,axiom,( + ! [P_31: hoare_1167836817_state > $o,Q_21: hoare_1167836817_state > $o] : + ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (|) @ ( P_31 @ X_5 ) @ ( Q_21 @ X_5 ) ) ) + = ( semila1172322802tate_o @ ( collec1027672124_state @ P_31 ) @ ( collec1027672124_state @ Q_21 ) ) ) )). + +thf(fact_278_triple_Oinject,axiom,( + ! [Fun1_2: state > state > $o,Com_4: com,Fun2_2: state > state > $o,Fun1_1: state > state > $o,Com_3: com,Fun2_1: state > state > $o] : + ( ( ( hoare_908217195_state @ Fun1_2 @ Com_4 @ Fun2_2 ) + = ( hoare_908217195_state @ Fun1_1 @ Com_3 @ Fun2_1 ) ) + <=> ( ( Fun1_2 = Fun1_1 ) + & ( Com_4 = Com_3 ) + & ( Fun2_2 = Fun2_1 ) ) ) )). + +thf(fact_279_UnI2,axiom,( + ! [A_115: pname > $o,C_44: pname,B_86: pname > $o] : + ( ( member_pname @ C_44 @ B_86 ) + => ( member_pname @ C_44 @ ( semila1780557381name_o @ A_115 @ B_86 ) ) ) )). + +thf(fact_280_UnI2,axiom,( + ! [A_115: hoare_1167836817_state > $o,C_44: hoare_1167836817_state,B_86: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_44 @ B_86 ) + => ( member2058392318_state @ C_44 @ ( semila1172322802tate_o @ A_115 @ B_86 ) ) ) )). + +thf(fact_281_UnI1,axiom,( + ! [B_85: pname > $o,C_43: pname,A_114: pname > $o] : + ( ( member_pname @ C_43 @ A_114 ) + => ( member_pname @ C_43 @ ( semila1780557381name_o @ A_114 @ B_85 ) ) ) )). + +thf(fact_282_UnI1,axiom,( + ! [B_85: hoare_1167836817_state > $o,C_43: hoare_1167836817_state,A_114: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_43 @ A_114 ) + => ( member2058392318_state @ C_43 @ ( semila1172322802tate_o @ A_114 @ B_85 ) ) ) )). + +thf(fact_283_ball__Un,axiom,( + ! [P_30: hoare_1167836817_state > $o,A_113: hoare_1167836817_state > $o,B_84: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ ( semila1172322802tate_o @ A_113 @ B_84 ) ) + => ( P_30 @ X_5 ) ) + <=> ( ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_113 ) + => ( P_30 @ X_5 ) ) + & ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ B_84 ) + => ( P_30 @ X_5 ) ) ) ) )). + +thf(fact_284_bex__Un,axiom,( + ! [P_29: hoare_1167836817_state > $o,A_112: hoare_1167836817_state > $o,B_83: hoare_1167836817_state > $o] : + ( ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ ( semila1172322802tate_o @ A_112 @ B_83 ) ) + & ( P_29 @ X_5 ) ) + <=> ( ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_112 ) + & ( P_29 @ X_5 ) ) + | ? [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ B_83 ) + & ( P_29 @ X_5 ) ) ) ) )). + +thf(fact_285_Un__assoc,axiom,( + ! [A_111: hoare_1167836817_state > $o,B_82: hoare_1167836817_state > $o,C_42: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila1172322802tate_o @ A_111 @ B_82 ) @ C_42 ) + = ( semila1172322802tate_o @ A_111 @ ( semila1172322802tate_o @ B_82 @ C_42 ) ) ) )). + +thf(fact_286_Un__iff,axiom,( + ! [C_41: pname,A_110: pname > $o,B_81: pname > $o] : + ( ( member_pname @ C_41 @ ( semila1780557381name_o @ A_110 @ B_81 ) ) + <=> ( ( member_pname @ C_41 @ A_110 ) + | ( member_pname @ C_41 @ B_81 ) ) ) )). + +thf(fact_287_Un__iff,axiom,( + ! [C_41: hoare_1167836817_state,A_110: hoare_1167836817_state > $o,B_81: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_41 @ ( semila1172322802tate_o @ A_110 @ B_81 ) ) + <=> ( ( member2058392318_state @ C_41 @ A_110 ) + | ( member2058392318_state @ C_41 @ B_81 ) ) ) )). + +thf(fact_288_Un__left__commute,axiom,( + ! [A_109: hoare_1167836817_state > $o,B_80: hoare_1167836817_state > $o,C_40: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_109 @ ( semila1172322802tate_o @ B_80 @ C_40 ) ) + = ( semila1172322802tate_o @ B_80 @ ( semila1172322802tate_o @ A_109 @ C_40 ) ) ) )). + +thf(fact_289_Un__left__absorb,axiom,( + ! [A_108: hoare_1167836817_state > $o,B_79: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_108 @ ( semila1172322802tate_o @ A_108 @ B_79 ) ) + = ( semila1172322802tate_o @ A_108 @ B_79 ) ) )). + +thf(fact_290_Un__commute,axiom,( + ! [A_107: hoare_1167836817_state > $o,B_78: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_107 @ B_78 ) + = ( semila1172322802tate_o @ B_78 @ A_107 ) ) )). + +thf(fact_291_Un__def,axiom,( + ! [A_106: pname > $o,B_77: pname > $o] : + ( ( semila1780557381name_o @ A_106 @ B_77 ) + = ( collect_pname + @ ^ [X_5: pname] : + ( (|) @ ( member_pname @ X_5 @ A_106 ) @ ( member_pname @ X_5 @ B_77 ) ) ) ) )). + +thf(fact_292_Un__def,axiom,( + ! [A_106: ( pname > $o ) > $o,B_77: ( pname > $o ) > $o] : + ( ( semila181081674me_o_o @ A_106 @ B_77 ) + = ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (|) @ ( member_pname_o @ X_5 @ A_106 ) @ ( member_pname_o @ X_5 @ B_77 ) ) ) ) )). + +thf(fact_293_Un__def,axiom,( + ! [A_106: ( hoare_1167836817_state > $o ) > $o,B_77: ( hoare_1167836817_state > $o ) > $o] : + ( ( semila866907787te_o_o @ A_106 @ B_77 ) + = ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (|) @ ( member864234961tate_o @ X_5 @ A_106 ) @ ( member864234961tate_o @ X_5 @ B_77 ) ) ) ) )). + +thf(fact_294_Un__def,axiom,( + ! [A_106: hoare_1167836817_state > $o,B_77: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_106 @ B_77 ) + = ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (|) @ ( member2058392318_state @ X_5 @ A_106 ) @ ( member2058392318_state @ X_5 @ B_77 ) ) ) ) )). + +thf(fact_295_Un__absorb,axiom,( + ! [A_105: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_105 @ A_105 ) + = A_105 ) )). + +thf(fact_296_Un__empty,axiom,( + ! [A_104: pname > $o,B_76: pname > $o] : + ( ( ( semila1780557381name_o @ A_104 @ B_76 ) + = bot_bot_pname_o ) + <=> ( ( A_104 = bot_bot_pname_o ) + & ( B_76 = bot_bot_pname_o ) ) ) )). + +thf(fact_297_Un__empty,axiom,( + ! [A_104: hoare_1167836817_state > $o,B_76: hoare_1167836817_state > $o] : + ( ( ( semila1172322802tate_o @ A_104 @ B_76 ) + = bot_bo70021908tate_o ) + <=> ( ( A_104 = bot_bo70021908tate_o ) + & ( B_76 = bot_bo70021908tate_o ) ) ) )). + +thf(fact_298_Un__empty__right,axiom,( + ! [A_103: pname > $o] : + ( ( semila1780557381name_o @ A_103 @ bot_bot_pname_o ) + = A_103 ) )). + +thf(fact_299_Un__empty__right,axiom,( + ! [A_103: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_103 @ bot_bo70021908tate_o ) + = A_103 ) )). + +thf(fact_300_Un__empty__left,axiom,( + ! [B_75: pname > $o] : + ( ( semila1780557381name_o @ bot_bot_pname_o @ B_75 ) + = B_75 ) )). + +thf(fact_301_Un__empty__left,axiom,( + ! [B_75: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ bot_bo70021908tate_o @ B_75 ) + = B_75 ) )). + +thf(fact_302_finite__UnI,axiom,( + ! [G_26: ( pname > $o ) > $o,F_41: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_41 ) + => ( ( finite297249702name_o @ G_26 ) + => ( finite297249702name_o @ ( semila181081674me_o_o @ F_41 @ G_26 ) ) ) ) )). + +thf(fact_303_finite__UnI,axiom,( + ! [G_26: ( hoare_1167836817_state > $o ) > $o,F_41: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_41 ) + => ( ( finite1380128977tate_o @ G_26 ) + => ( finite1380128977tate_o @ ( semila866907787te_o_o @ F_41 @ G_26 ) ) ) ) )). + +thf(fact_304_finite__UnI,axiom,( + ! [G_26: pname > $o,F_41: pname > $o] : + ( ( finite_finite_pname @ F_41 ) + => ( ( finite_finite_pname @ G_26 ) + => ( finite_finite_pname @ ( semila1780557381name_o @ F_41 @ G_26 ) ) ) ) )). + +thf(fact_305_finite__UnI,axiom,( + ! [G_26: hoare_1167836817_state > $o,F_41: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_41 ) + => ( ( finite1084549118_state @ G_26 ) + => ( finite1084549118_state @ ( semila1172322802tate_o @ F_41 @ G_26 ) ) ) ) )). + +thf(fact_306_finite__Un,axiom,( + ! [F_40: ( pname > $o ) > $o,G_25: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ ( semila181081674me_o_o @ F_40 @ G_25 ) ) + <=> ( ( finite297249702name_o @ F_40 ) + & ( finite297249702name_o @ G_25 ) ) ) )). + +thf(fact_307_finite__Un,axiom,( + ! [F_40: ( hoare_1167836817_state > $o ) > $o,G_25: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ ( semila866907787te_o_o @ F_40 @ G_25 ) ) + <=> ( ( finite1380128977tate_o @ F_40 ) + & ( finite1380128977tate_o @ G_25 ) ) ) )). + +thf(fact_308_finite__Un,axiom,( + ! [F_40: pname > $o,G_25: pname > $o] : + ( ( finite_finite_pname @ ( semila1780557381name_o @ F_40 @ G_25 ) ) + <=> ( ( finite_finite_pname @ F_40 ) + & ( finite_finite_pname @ G_25 ) ) ) )). + +thf(fact_309_finite__Un,axiom,( + ! [F_40: hoare_1167836817_state > $o,G_25: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ ( semila1172322802tate_o @ F_40 @ G_25 ) ) + <=> ( ( finite1084549118_state @ F_40 ) + & ( finite1084549118_state @ G_25 ) ) ) )). + +thf(fact_310_Un__insert__left,axiom,( + ! [A_102: pname,B_74: pname > $o,C_39: pname > $o] : + ( ( semila1780557381name_o @ ( insert_pname @ A_102 @ B_74 ) @ C_39 ) + = ( insert_pname @ A_102 @ ( semila1780557381name_o @ B_74 @ C_39 ) ) ) )). + +thf(fact_311_Un__insert__left,axiom,( + ! [A_102: hoare_1167836817_state,B_74: hoare_1167836817_state > $o,C_39: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( insert2134838167_state @ A_102 @ B_74 ) @ C_39 ) + = ( insert2134838167_state @ A_102 @ ( semila1172322802tate_o @ B_74 @ C_39 ) ) ) )). + +thf(fact_312_Un__insert__right,axiom,( + ! [A_101: pname > $o,A_100: pname,B_73: pname > $o] : + ( ( semila1780557381name_o @ A_101 @ ( insert_pname @ A_100 @ B_73 ) ) + = ( insert_pname @ A_100 @ ( semila1780557381name_o @ A_101 @ B_73 ) ) ) )). + +thf(fact_313_Un__insert__right,axiom,( + ! [A_101: hoare_1167836817_state > $o,A_100: hoare_1167836817_state,B_73: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_101 @ ( insert2134838167_state @ A_100 @ B_73 ) ) + = ( insert2134838167_state @ A_100 @ ( semila1172322802tate_o @ A_101 @ B_73 ) ) ) )). + +thf(fact_314_Un__mono,axiom,( + ! [B_72: pname > $o,D_4: pname > $o,A_99: pname > $o,C_38: pname > $o] : + ( ( ord_less_eq_pname_o @ A_99 @ C_38 ) + => ( ( ord_less_eq_pname_o @ B_72 @ D_4 ) + => ( ord_less_eq_pname_o @ ( semila1780557381name_o @ A_99 @ B_72 ) @ ( semila1780557381name_o @ C_38 @ D_4 ) ) ) ) )). + +thf(fact_315_Un__mono,axiom,( + ! [B_72: hoare_1167836817_state > $o,D_4: hoare_1167836817_state > $o,A_99: hoare_1167836817_state > $o,C_38: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_99 @ C_38 ) + => ( ( ord_le827224136tate_o @ B_72 @ D_4 ) + => ( ord_le827224136tate_o @ ( semila1172322802tate_o @ A_99 @ B_72 ) @ ( semila1172322802tate_o @ C_38 @ D_4 ) ) ) ) )). + +thf(fact_316_Un__least,axiom,( + ! [B_71: pname > $o,A_98: pname > $o,C_37: pname > $o] : + ( ( ord_less_eq_pname_o @ A_98 @ C_37 ) + => ( ( ord_less_eq_pname_o @ B_71 @ C_37 ) + => ( ord_less_eq_pname_o @ ( semila1780557381name_o @ A_98 @ B_71 ) @ C_37 ) ) ) )). + +thf(fact_317_Un__least,axiom,( + ! [B_71: hoare_1167836817_state > $o,A_98: hoare_1167836817_state > $o,C_37: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_98 @ C_37 ) + => ( ( ord_le827224136tate_o @ B_71 @ C_37 ) + => ( ord_le827224136tate_o @ ( semila1172322802tate_o @ A_98 @ B_71 ) @ C_37 ) ) ) )). + +thf(fact_318_Un__absorb2,axiom,( + ! [B_70: pname > $o,A_97: pname > $o] : + ( ( ord_less_eq_pname_o @ B_70 @ A_97 ) + => ( ( semila1780557381name_o @ A_97 @ B_70 ) + = A_97 ) ) )). + +thf(fact_319_Un__absorb2,axiom,( + ! [B_70: hoare_1167836817_state > $o,A_97: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ B_70 @ A_97 ) + => ( ( semila1172322802tate_o @ A_97 @ B_70 ) + = A_97 ) ) )). + +thf(fact_320_Un__absorb1,axiom,( + ! [A_96: pname > $o,B_69: pname > $o] : + ( ( ord_less_eq_pname_o @ A_96 @ B_69 ) + => ( ( semila1780557381name_o @ A_96 @ B_69 ) + = B_69 ) ) )). + +thf(fact_321_Un__absorb1,axiom,( + ! [A_96: hoare_1167836817_state > $o,B_69: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_96 @ B_69 ) + => ( ( semila1172322802tate_o @ A_96 @ B_69 ) + = B_69 ) ) )). + +thf(fact_322_subset__Un__eq,axiom,( + ! [A_95: pname > $o,B_68: pname > $o] : + ( ( ord_less_eq_pname_o @ A_95 @ B_68 ) + <=> ( ( semila1780557381name_o @ A_95 @ B_68 ) + = B_68 ) ) )). + +thf(fact_323_subset__Un__eq,axiom,( + ! [A_95: hoare_1167836817_state > $o,B_68: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_95 @ B_68 ) + <=> ( ( semila1172322802tate_o @ A_95 @ B_68 ) + = B_68 ) ) )). + +thf(fact_324_Un__upper2,axiom,( + ! [B_67: pname > $o,A_94: pname > $o] : + ( ord_less_eq_pname_o @ B_67 @ ( semila1780557381name_o @ A_94 @ B_67 ) ) )). + +thf(fact_325_Un__upper2,axiom,( + ! [B_67: hoare_1167836817_state > $o,A_94: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ B_67 @ ( semila1172322802tate_o @ A_94 @ B_67 ) ) )). + +thf(fact_326_Un__upper1,axiom,( + ! [A_93: pname > $o,B_66: pname > $o] : + ( ord_less_eq_pname_o @ A_93 @ ( semila1780557381name_o @ A_93 @ B_66 ) ) )). + +thf(fact_327_Un__upper1,axiom,( + ! [A_93: hoare_1167836817_state > $o,B_66: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ A_93 @ ( semila1172322802tate_o @ A_93 @ B_66 ) ) )). + +thf(fact_328_image__Un,axiom,( + ! [F_39: pname > hoare_1167836817_state,A_92: pname > $o,B_65: pname > $o] : + ( ( image_575578384_state @ F_39 @ ( semila1780557381name_o @ A_92 @ B_65 ) ) + = ( semila1172322802tate_o @ ( image_575578384_state @ F_39 @ A_92 ) @ ( image_575578384_state @ F_39 @ B_65 ) ) ) )). + +thf(fact_329_insert__def,axiom,( + ! [A_91: pname,B_64: pname > $o] : + ( ( insert_pname @ A_91 @ B_64 ) + = ( semila1780557381name_o + @ ( collect_pname + @ ^ [X_5: pname] : ( X_5 = A_91 ) ) + @ B_64 ) ) )). + +thf(fact_330_insert__def,axiom,( + ! [A_91: hoare_1167836817_state,B_64: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ A_91 @ B_64 ) + = ( semila1172322802tate_o + @ ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : ( X_5 = A_91 ) ) + @ B_64 ) ) )). + +thf(fact_331_insert__def,axiom,( + ! [A_91: pname > $o,B_64: ( pname > $o ) > $o] : + ( ( insert_pname_o @ A_91 @ B_64 ) + = ( semila181081674me_o_o + @ ( collect_pname_o + @ ^ [X_5: pname > $o] : ( X_5 = A_91 ) ) + @ B_64 ) ) )). + +thf(fact_332_insert__def,axiom,( + ! [A_91: hoare_1167836817_state > $o,B_64: ( hoare_1167836817_state > $o ) > $o] : + ( ( insert999278200tate_o @ A_91 @ B_64 ) + = ( semila866907787te_o_o + @ ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : ( X_5 = A_91 ) ) + @ B_64 ) ) )). + +thf(fact_333_insert__is__Un,axiom,( + ! [A_90: pname,A_89: pname > $o] : + ( ( insert_pname @ A_90 @ A_89 ) + = ( semila1780557381name_o @ ( insert_pname @ A_90 @ bot_bot_pname_o ) @ A_89 ) ) )). + +thf(fact_334_insert__is__Un,axiom,( + ! [A_90: hoare_1167836817_state,A_89: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ A_90 @ A_89 ) + = ( semila1172322802tate_o @ ( insert2134838167_state @ A_90 @ bot_bo70021908tate_o ) @ A_89 ) ) )). + +thf(fact_335_hoare__derivs_OBody,axiom,( + ! [G_24: hoare_1167836817_state > $o,P_28: pname > state > state > $o,Q_20: pname > state > state > $o,Procs_2: pname > $o] : + ( ( hoare_123228589_state + @ ( semila1172322802tate_o @ G_24 + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_28 @ P_24 ) @ ( body_1 @ P_24 ) @ ( Q_20 @ P_24 ) ) + @ Procs_2 ) ) + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_28 @ P_24 ) @ ( the_com @ ( body @ P_24 ) ) @ ( Q_20 @ P_24 ) ) + @ Procs_2 ) ) + => ( hoare_123228589_state @ G_24 + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_28 @ P_24 ) @ ( body_1 @ P_24 ) @ ( Q_20 @ P_24 ) ) + @ Procs_2 ) ) ) )). + +thf(fact_336_xt1_I6_J,axiom,( + ! [Z_20: pname > $o,Y_46: pname > $o,X_81: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_46 @ X_81 ) + => ( ( ord_less_eq_pname_o @ Z_20 @ Y_46 ) + => ( ord_less_eq_pname_o @ Z_20 @ X_81 ) ) ) )). + +thf(fact_337_xt1_I6_J,axiom,( + ! [Z_20: hoare_1167836817_state > $o,Y_46: hoare_1167836817_state > $o,X_81: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_46 @ X_81 ) + => ( ( ord_le827224136tate_o @ Z_20 @ Y_46 ) + => ( ord_le827224136tate_o @ Z_20 @ X_81 ) ) ) )). + +thf(fact_338_xt1_I5_J,axiom,( + ! [Y_45: pname > $o,X_80: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_45 @ X_80 ) + => ( ( ord_less_eq_pname_o @ X_80 @ Y_45 ) + => ( X_80 = Y_45 ) ) ) )). + +thf(fact_339_xt1_I5_J,axiom,( + ! [Y_45: hoare_1167836817_state > $o,X_80: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_45 @ X_80 ) + => ( ( ord_le827224136tate_o @ X_80 @ Y_45 ) + => ( X_80 = Y_45 ) ) ) )). + +thf(fact_340_order__trans,axiom,( + ! [Z_19: pname > $o,X_79: pname > $o,Y_44: pname > $o] : + ( ( ord_less_eq_pname_o @ X_79 @ Y_44 ) + => ( ( ord_less_eq_pname_o @ Y_44 @ Z_19 ) + => ( ord_less_eq_pname_o @ X_79 @ Z_19 ) ) ) )). + +thf(fact_341_order__trans,axiom,( + ! [Z_19: hoare_1167836817_state > $o,X_79: hoare_1167836817_state > $o,Y_44: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_79 @ Y_44 ) + => ( ( ord_le827224136tate_o @ Y_44 @ Z_19 ) + => ( ord_le827224136tate_o @ X_79 @ Z_19 ) ) ) )). + +thf(fact_342_order__antisym,axiom,( + ! [X_78: pname > $o,Y_43: pname > $o] : + ( ( ord_less_eq_pname_o @ X_78 @ Y_43 ) + => ( ( ord_less_eq_pname_o @ Y_43 @ X_78 ) + => ( X_78 = Y_43 ) ) ) )). + +thf(fact_343_order__antisym,axiom,( + ! [X_78: hoare_1167836817_state > $o,Y_43: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_78 @ Y_43 ) + => ( ( ord_le827224136tate_o @ Y_43 @ X_78 ) + => ( X_78 = Y_43 ) ) ) )). + +thf(fact_344_xt1_I4_J,axiom,( + ! [C_36: pname > $o,B_63: pname > $o,A_88: pname > $o] : + ( ( ord_less_eq_pname_o @ B_63 @ A_88 ) + => ( ( B_63 = C_36 ) + => ( ord_less_eq_pname_o @ C_36 @ A_88 ) ) ) )). + +thf(fact_345_xt1_I4_J,axiom,( + ! [C_36: hoare_1167836817_state > $o,B_63: hoare_1167836817_state > $o,A_88: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ B_63 @ A_88 ) + => ( ( B_63 = C_36 ) + => ( ord_le827224136tate_o @ C_36 @ A_88 ) ) ) )). + +thf(fact_346_ord__le__eq__trans,axiom,( + ! [C_35: pname > $o,A_87: pname > $o,B_62: pname > $o] : + ( ( ord_less_eq_pname_o @ A_87 @ B_62 ) + => ( ( B_62 = C_35 ) + => ( ord_less_eq_pname_o @ A_87 @ C_35 ) ) ) )). + +thf(fact_347_ord__le__eq__trans,axiom,( + ! [C_35: hoare_1167836817_state > $o,A_87: hoare_1167836817_state > $o,B_62: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_87 @ B_62 ) + => ( ( B_62 = C_35 ) + => ( ord_le827224136tate_o @ A_87 @ C_35 ) ) ) )). + +thf(fact_348_xt1_I3_J,axiom,( + ! [C_34: pname > $o,A_86: pname > $o,B_61: pname > $o] : + ( ( A_86 = B_61 ) + => ( ( ord_less_eq_pname_o @ C_34 @ B_61 ) + => ( ord_less_eq_pname_o @ C_34 @ A_86 ) ) ) )). + +thf(fact_349_xt1_I3_J,axiom,( + ! [C_34: hoare_1167836817_state > $o,A_86: hoare_1167836817_state > $o,B_61: hoare_1167836817_state > $o] : + ( ( A_86 = B_61 ) + => ( ( ord_le827224136tate_o @ C_34 @ B_61 ) + => ( ord_le827224136tate_o @ C_34 @ A_86 ) ) ) )). + +thf(fact_350_ord__eq__le__trans,axiom,( + ! [C_33: pname > $o,A_85: pname > $o,B_60: pname > $o] : + ( ( A_85 = B_60 ) + => ( ( ord_less_eq_pname_o @ B_60 @ C_33 ) + => ( ord_less_eq_pname_o @ A_85 @ C_33 ) ) ) )). + +thf(fact_351_ord__eq__le__trans,axiom,( + ! [C_33: hoare_1167836817_state > $o,A_85: hoare_1167836817_state > $o,B_60: hoare_1167836817_state > $o] : + ( ( A_85 = B_60 ) + => ( ( ord_le827224136tate_o @ B_60 @ C_33 ) + => ( ord_le827224136tate_o @ A_85 @ C_33 ) ) ) )). + +thf(fact_352_order__antisym__conv,axiom,( + ! [Y_42: pname > $o,X_77: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_42 @ X_77 ) + => ( ( ord_less_eq_pname_o @ X_77 @ Y_42 ) + <=> ( X_77 = Y_42 ) ) ) )). + +thf(fact_353_order__antisym__conv,axiom,( + ! [Y_42: hoare_1167836817_state > $o,X_77: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_42 @ X_77 ) + => ( ( ord_le827224136tate_o @ X_77 @ Y_42 ) + <=> ( X_77 = Y_42 ) ) ) )). + +thf(fact_354_order__eq__refl,axiom,( + ! [X_76: pname > $o,Y_41: pname > $o] : + ( ( X_76 = Y_41 ) + => ( ord_less_eq_pname_o @ X_76 @ Y_41 ) ) )). + +thf(fact_355_order__eq__refl,axiom,( + ! [X_76: hoare_1167836817_state > $o,Y_41: hoare_1167836817_state > $o] : + ( ( X_76 = Y_41 ) + => ( ord_le827224136tate_o @ X_76 @ Y_41 ) ) )). + +thf(fact_356_order__eq__iff,axiom,( + ! [X_75: pname > $o,Y_40: pname > $o] : + ( ( X_75 = Y_40 ) + <=> ( ( ord_less_eq_pname_o @ X_75 @ Y_40 ) + & ( ord_less_eq_pname_o @ Y_40 @ X_75 ) ) ) )). + +thf(fact_357_order__eq__iff,axiom,( + ! [X_75: hoare_1167836817_state > $o,Y_40: hoare_1167836817_state > $o] : + ( ( X_75 = Y_40 ) + <=> ( ( ord_le827224136tate_o @ X_75 @ Y_40 ) + & ( ord_le827224136tate_o @ Y_40 @ X_75 ) ) ) )). + +thf(fact_358_option_Oinject,axiom,( + ! [A_84: com,A_83: com] : + ( ( ( some_com @ A_84 ) + = ( some_com @ A_83 ) ) + <=> ( A_84 = A_83 ) ) )). + +thf(fact_359_constant,axiom,( + ! [G_23: hoare_1167836817_state > $o,P_27: state > state > $o,C_32: com,Q_19: state > state > $o,C_31: $o] : + ( ( C_31 + => ( hoare_123228589_state @ G_23 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_27 @ C_32 @ Q_19 ) @ bot_bo70021908tate_o ) ) ) + => ( hoare_123228589_state @ G_23 + @ ( insert2134838167_state + @ ( hoare_908217195_state + @ ^ [Z_11: state,S_3: state] : + ( (&) @ ( P_27 @ Z_11 @ S_3 ) @ C_31 ) + @ C_32 + @ Q_19 ) + @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_360_Body1,axiom,( + ! [Pn_3: pname,G_22: hoare_1167836817_state > $o,P_26: pname > state > state > $o,Q_18: pname > state > state > $o,Procs_1: pname > $o] : + ( ( hoare_123228589_state + @ ( semila1172322802tate_o @ G_22 + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_26 @ P_24 ) @ ( body_1 @ P_24 ) @ ( Q_18 @ P_24 ) ) + @ Procs_1 ) ) + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_26 @ P_24 ) @ ( the_com @ ( body @ P_24 ) ) @ ( Q_18 @ P_24 ) ) + @ Procs_1 ) ) + => ( ( member_pname @ Pn_3 @ Procs_1 ) + => ( hoare_123228589_state @ G_22 @ ( insert2134838167_state @ ( hoare_908217195_state @ ( P_26 @ Pn_3 ) @ ( body_1 @ Pn_3 ) @ ( Q_18 @ Pn_3 ) ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_361_le__bot,axiom,( + ! [A_82: pname > $o] : + ( ( ord_less_eq_pname_o @ A_82 @ bot_bot_pname_o ) + => ( A_82 = bot_bot_pname_o ) ) )). + +thf(fact_362_le__bot,axiom,( + ! [A_82: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_82 @ bot_bo70021908tate_o ) + => ( A_82 = bot_bo70021908tate_o ) ) )). + +thf(fact_363_bot__unique,axiom,( + ! [A_81: pname > $o] : + ( ( ord_less_eq_pname_o @ A_81 @ bot_bot_pname_o ) + <=> ( A_81 = bot_bot_pname_o ) ) )). + +thf(fact_364_bot__unique,axiom,( + ! [A_81: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_81 @ bot_bo70021908tate_o ) + <=> ( A_81 = bot_bo70021908tate_o ) ) )). + +thf(fact_365_bot__least,axiom,( + ! [A_80: pname > $o] : + ( ord_less_eq_pname_o @ bot_bot_pname_o @ A_80 ) )). + +thf(fact_366_bot__least,axiom,( + ! [A_80: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ bot_bo70021908tate_o @ A_80 ) )). + +thf(fact_367_le__funE,axiom,( + ! [X_74: pname,F_38: pname > $o,G_21: pname > $o] : + ( ( ord_less_eq_pname_o @ F_38 @ G_21 ) + => ( ord_less_eq_o @ ( F_38 @ X_74 ) @ ( G_21 @ X_74 ) ) ) )). + +thf(fact_368_le__funE,axiom,( + ! [X_74: hoare_1167836817_state,F_38: hoare_1167836817_state > $o,G_21: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ F_38 @ G_21 ) + => ( ord_less_eq_o @ ( F_38 @ X_74 ) @ ( G_21 @ X_74 ) ) ) )). + +thf(fact_369_le__funD,axiom,( + ! [X_73: pname,F_37: pname > $o,G_20: pname > $o] : + ( ( ord_less_eq_pname_o @ F_37 @ G_20 ) + => ( ord_less_eq_o @ ( F_37 @ X_73 ) @ ( G_20 @ X_73 ) ) ) )). + +thf(fact_370_le__funD,axiom,( + ! [X_73: hoare_1167836817_state,F_37: hoare_1167836817_state > $o,G_20: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ F_37 @ G_20 ) + => ( ord_less_eq_o @ ( F_37 @ X_73 ) @ ( G_20 @ X_73 ) ) ) )). + +thf(fact_371_le__fun__def,axiom,( + ! [F_36: pname > $o,G_19: pname > $o] : + ( ( ord_less_eq_pname_o @ F_36 @ G_19 ) + <=> ! [X_5: pname] : + ( ord_less_eq_o @ ( F_36 @ X_5 ) @ ( G_19 @ X_5 ) ) ) )). + +thf(fact_372_le__fun__def,axiom,( + ! [F_36: hoare_1167836817_state > $o,G_19: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ F_36 @ G_19 ) + <=> ! [X_5: hoare_1167836817_state] : + ( ord_less_eq_o @ ( F_36 @ X_5 ) @ ( G_19 @ X_5 ) ) ) )). + +thf(fact_373_bot__apply,axiom,( + ! [X_72: pname] : + ( ( bot_bot_pname_o @ X_72 ) + <=> bot_bot_o ) )). + +thf(fact_374_bot__apply,axiom,( + ! [X_72: hoare_1167836817_state] : + ( ( bot_bo70021908tate_o @ X_72 ) + <=> bot_bot_o ) )). + +thf(fact_375_bot__fun__def,axiom,( + ! [X_5: pname] : + ( ( bot_bot_pname_o @ X_5 ) + <=> bot_bot_o ) )). + +thf(fact_376_bot__fun__def,axiom,( + ! [X_5: hoare_1167836817_state] : + ( ( bot_bo70021908tate_o @ X_5 ) + <=> bot_bot_o ) )). + +thf(fact_377_BodyN,axiom,( + ! [P_25: state > state > $o,Pn_2: pname,Q_17: state > state > $o,G_18: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ ( insert2134838167_state @ ( hoare_908217195_state @ P_25 @ ( body_1 @ Pn_2 ) @ Q_17 ) @ G_18 ) @ ( insert2134838167_state @ ( hoare_908217195_state @ P_25 @ ( the_com @ ( body @ Pn_2 ) ) @ Q_17 ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_18 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_25 @ ( body_1 @ Pn_2 ) @ Q_17 ) @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_378_finite__pointwise,axiom,( + ! [P_23: pname > state > state > $o,Q_16: pname > state > state > $o,G_17: hoare_1167836817_state > $o,P_22: pname > state > state > $o,C0_1: pname > com,Q_15: pname > state > state > $o,U_1: pname > $o] : + ( ( finite_finite_pname @ U_1 ) + => ( ! [P_24: pname] : + ( ( hoare_123228589_state @ G_17 @ ( insert2134838167_state @ ( hoare_908217195_state @ ( P_22 @ P_24 ) @ ( C0_1 @ P_24 ) @ ( Q_15 @ P_24 ) ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_17 @ ( insert2134838167_state @ ( hoare_908217195_state @ ( P_23 @ P_24 ) @ ( C0_1 @ P_24 ) @ ( Q_16 @ P_24 ) ) @ bot_bo70021908tate_o ) ) ) + => ( ( hoare_123228589_state @ G_17 + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_22 @ P_24 ) @ ( C0_1 @ P_24 ) @ ( Q_15 @ P_24 ) ) + @ U_1 ) ) + => ( hoare_123228589_state @ G_17 + @ ( image_575578384_state + @ ^ [P_24: pname] : + ( hoare_908217195_state @ ( P_23 @ P_24 ) @ ( C0_1 @ P_24 ) @ ( Q_16 @ P_24 ) ) + @ U_1 ) ) ) ) ) )). + +thf(fact_379_escape,axiom,( + ! [G_16: hoare_1167836817_state > $o,C_30: com,Q_14: state > state > $o,P_21: state > state > $o] : + ( ! [Z_11: state,S_3: state] : + ( ( P_21 @ Z_11 @ S_3 ) + => ( hoare_123228589_state @ G_16 + @ ( insert2134838167_state + @ ( hoare_908217195_state + @ ^ [Za: state,S_4: state] : ( S_4 = S_3 ) + @ C_30 + @ ^ [Z_18: state] : + ( Q_14 @ Z_11 ) ) + @ bot_bo70021908tate_o ) ) ) + => ( hoare_123228589_state @ G_16 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_21 @ C_30 @ Q_14 ) @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_380_Body__sound__lemma,axiom,( + ! [G_15: hoare_1167836817_state > $o,P_20: pname > state > state > $o,Q_13: pname > state > state > $o,Procs: pname > $o] : + ( ( hoare_529639851_state + @ ( semila1172322802tate_o @ G_15 + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_908217195_state @ ( P_20 @ Pn ) @ ( body_1 @ Pn ) @ ( Q_13 @ Pn ) ) + @ Procs ) ) + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_908217195_state @ ( P_20 @ Pn ) @ ( the_com @ ( body @ Pn ) ) @ ( Q_13 @ Pn ) ) + @ Procs ) ) + => ( hoare_529639851_state @ G_15 + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_908217195_state @ ( P_20 @ Pn ) @ ( body_1 @ Pn ) @ ( Q_13 @ Pn ) ) + @ Procs ) ) ) )). + +thf(fact_381_conseq1,axiom,( + ! [P_19: state > state > $o,G_14: hoare_1167836817_state > $o,P_18: state > state > $o,C_29: com,Q_12: state > state > $o] : + ( ( hoare_123228589_state @ G_14 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_18 @ C_29 @ Q_12 ) @ bot_bo70021908tate_o ) ) + => ( ! [Z_11: state,S_3: state] : + ( ( P_19 @ Z_11 @ S_3 ) + => ( P_18 @ Z_11 @ S_3 ) ) + => ( hoare_123228589_state @ G_14 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_19 @ C_29 @ Q_12 ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_382_conseq2,axiom,( + ! [Q_11: state > state > $o,G_13: hoare_1167836817_state > $o,P_17: state > state > $o,C_28: com,Q_10: state > state > $o] : + ( ( hoare_123228589_state @ G_13 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_17 @ C_28 @ Q_10 ) @ bot_bo70021908tate_o ) ) + => ( ! [Z_11: state,S_3: state] : + ( ( Q_10 @ Z_11 @ S_3 ) + => ( Q_11 @ Z_11 @ S_3 ) ) + => ( hoare_123228589_state @ G_13 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_17 @ C_28 @ Q_11 ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_383_MGF__complete,axiom,( + ! [P: state > state > $o,Q_9: state > state > $o,C_21: com] : + ( ( hoare_123228589_state @ bot_bo70021908tate_o @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ C_21 ) @ bot_bo70021908tate_o ) ) + => ( ( hoare_529639851_state @ bot_bo70021908tate_o @ ( insert2134838167_state @ ( hoare_908217195_state @ P @ C_21 @ Q_9 ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ bot_bo70021908tate_o @ ( insert2134838167_state @ ( hoare_908217195_state @ P @ C_21 @ Q_9 ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_384_sup1E,axiom,( + ! [A_79: hoare_1167836817_state > $o,B_59: hoare_1167836817_state > $o,X_71: hoare_1167836817_state] : + ( ( semila1172322802tate_o @ A_79 @ B_59 @ X_71 ) + => ( ~ ( A_79 @ X_71 ) + => ( B_59 @ X_71 ) ) ) )). + +thf(fact_385_sup1CI,axiom,( + ! [A_78: hoare_1167836817_state > $o,B_58: hoare_1167836817_state > $o,X_70: hoare_1167836817_state] : + ( ( ~ ( B_58 @ X_70 ) + => ( A_78 @ X_70 ) ) + => ( semila1172322802tate_o @ A_78 @ B_58 @ X_70 ) ) )). + +thf(fact_386_hoare__sound,axiom,( + ! [G_12: hoare_1167836817_state > $o,Ts: hoare_1167836817_state > $o] : + ( ( hoare_123228589_state @ G_12 @ Ts ) + => ( hoare_529639851_state @ G_12 @ Ts ) ) )). + +thf(fact_387_bot__empty__eq,axiom,( + ! [X_5: pname] : + ( ( bot_bot_pname_o @ X_5 ) + <=> ( member_pname @ X_5 @ bot_bot_pname_o ) ) )). + +thf(fact_388_bot__empty__eq,axiom,( + ! [X_5: hoare_1167836817_state] : + ( ( bot_bo70021908tate_o @ X_5 ) + <=> ( member2058392318_state @ X_5 @ bot_bo70021908tate_o ) ) )). + +thf(fact_389_rev__predicate1D,axiom,( + ! [Q_8: pname > $o,P_16: pname > $o,X_69: pname] : + ( ( P_16 @ X_69 ) + => ( ( ord_less_eq_pname_o @ P_16 @ Q_8 ) + => ( Q_8 @ X_69 ) ) ) )). + +thf(fact_390_rev__predicate1D,axiom,( + ! [Q_8: hoare_1167836817_state > $o,P_16: hoare_1167836817_state > $o,X_69: hoare_1167836817_state] : + ( ( P_16 @ X_69 ) + => ( ( ord_le827224136tate_o @ P_16 @ Q_8 ) + => ( Q_8 @ X_69 ) ) ) )). + +thf(fact_391_predicate1D,axiom,( + ! [X_68: pname,P_15: pname > $o,Q_7: pname > $o] : + ( ( ord_less_eq_pname_o @ P_15 @ Q_7 ) + => ( ( P_15 @ X_68 ) + => ( Q_7 @ X_68 ) ) ) )). + +thf(fact_392_predicate1D,axiom,( + ! [X_68: hoare_1167836817_state,P_15: hoare_1167836817_state > $o,Q_7: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ P_15 @ Q_7 ) + => ( ( P_15 @ X_68 ) + => ( Q_7 @ X_68 ) ) ) )). + +thf(fact_393_sup1I2,axiom,( + ! [A_77: hoare_1167836817_state > $o,B_57: hoare_1167836817_state > $o,X_67: hoare_1167836817_state] : + ( ( B_57 @ X_67 ) + => ( semila1172322802tate_o @ A_77 @ B_57 @ X_67 ) ) )). + +thf(fact_394_sup1I1,axiom,( + ! [B_56: hoare_1167836817_state > $o,A_76: hoare_1167836817_state > $o,X_66: hoare_1167836817_state] : + ( ( A_76 @ X_66 ) + => ( semila1172322802tate_o @ A_76 @ B_56 @ X_66 ) ) )). + +thf(fact_395_pred__subset__eq,axiom,( + ! [R_3: pname > $o,S_6: pname > $o] : + ( ( ord_less_eq_pname_o + @ ^ [X_5: pname] : + ( member_pname @ X_5 @ R_3 ) + @ ^ [X_5: pname] : + ( member_pname @ X_5 @ S_6 ) ) + <=> ( ord_less_eq_pname_o @ R_3 @ S_6 ) ) )). + +thf(fact_396_pred__subset__eq,axiom,( + ! [R_3: hoare_1167836817_state > $o,S_6: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o + @ ^ [X_5: hoare_1167836817_state] : + ( member2058392318_state @ X_5 @ R_3 ) + @ ^ [X_5: hoare_1167836817_state] : + ( member2058392318_state @ X_5 @ S_6 ) ) + <=> ( ord_le827224136tate_o @ R_3 @ S_6 ) ) )). + +thf(fact_397_sup__Un__eq,axiom,( + ! [R_2: pname > $o,S_5: pname > $o,X_5: pname] : + ( ( semila1780557381name_o + @ ^ [Y_2: pname] : + ( member_pname @ Y_2 @ R_2 ) + @ ^ [Y_2: pname] : + ( member_pname @ Y_2 @ S_5 ) + @ X_5 ) + <=> ( member_pname @ X_5 @ ( semila1780557381name_o @ R_2 @ S_5 ) ) ) )). + +thf(fact_398_sup__Un__eq,axiom,( + ! [R_2: hoare_1167836817_state > $o,S_5: hoare_1167836817_state > $o,X_5: hoare_1167836817_state] : + ( ( semila1172322802tate_o + @ ^ [Y_2: hoare_1167836817_state] : + ( member2058392318_state @ Y_2 @ R_2 ) + @ ^ [Y_2: hoare_1167836817_state] : + ( member2058392318_state @ Y_2 @ S_5 ) + @ X_5 ) + <=> ( member2058392318_state @ X_5 @ ( semila1172322802tate_o @ R_2 @ S_5 ) ) ) )). + +thf(fact_399_conseq12,axiom,( + ! [Q_6: state > state > $o,P_14: state > state > $o,G_11: hoare_1167836817_state > $o,P_13: state > state > $o,C_27: com,Q_5: state > state > $o] : + ( ( hoare_123228589_state @ G_11 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_13 @ C_27 @ Q_5 ) @ bot_bo70021908tate_o ) ) + => ( ! [Z_11: state,S_3: state] : + ( ( P_14 @ Z_11 @ S_3 ) + => ! [S_4: state] : + ( ! [Z_18: state] : + ( ( P_13 @ Z_18 @ S_3 ) + => ( Q_5 @ Z_18 @ S_4 ) ) + => ( Q_6 @ Z_11 @ S_4 ) ) ) + => ( hoare_123228589_state @ G_11 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_14 @ C_27 @ Q_6 ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_400_le__funI,axiom,( + ! [F_35: pname > $o,G_10: pname > $o] : + ( ! [X_5: pname] : + ( ord_less_eq_o @ ( F_35 @ X_5 ) @ ( G_10 @ X_5 ) ) + => ( ord_less_eq_pname_o @ F_35 @ G_10 ) ) )). + +thf(fact_401_le__funI,axiom,( + ! [F_35: hoare_1167836817_state > $o,G_10: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ( ord_less_eq_o @ ( F_35 @ X_5 ) @ ( G_10 @ X_5 ) ) + => ( ord_le827224136tate_o @ F_35 @ G_10 ) ) )). + +thf(fact_402_Option_Oset_Osimps_I2_J,axiom,( + ! [X_65: pname] : + ( ( set_pname @ ( some_pname @ X_65 ) ) + = ( insert_pname @ X_65 @ bot_bot_pname_o ) ) )). + +thf(fact_403_Option_Oset_Osimps_I2_J,axiom,( + ! [X_65: hoare_1167836817_state] : + ( ( set_Ho2131684873_state @ ( some_H1433514562_state @ X_65 ) ) + = ( insert2134838167_state @ X_65 @ bot_bo70021908tate_o ) ) )). + +thf(fact_404_Option_Oset_Osimps_I2_J,axiom,( + ! [X_65: com] : + ( ( set_com @ ( some_com @ X_65 ) ) + = ( insert_com @ X_65 @ bot_bot_com_o ) ) )). + +thf(fact_405_elem__set,axiom,( + ! [X_64: pname,Xo: option_pname] : + ( ( member_pname @ X_64 @ ( set_pname @ Xo ) ) + <=> ( Xo + = ( some_pname @ X_64 ) ) ) )). + +thf(fact_406_elem__set,axiom,( + ! [X_64: hoare_1167836817_state,Xo: option1574264306_state] : + ( ( member2058392318_state @ X_64 @ ( set_Ho2131684873_state @ Xo ) ) + <=> ( Xo + = ( some_H1433514562_state @ X_64 ) ) ) )). + +thf(fact_407_elem__set,axiom,( + ! [X_64: com,Xo: option_com] : + ( ( member_com @ X_64 @ ( set_com @ Xo ) ) + <=> ( Xo + = ( some_com @ X_64 ) ) ) )). + +thf(fact_408_ospec,axiom,( + ! [X_63: com,P_12: com > $o,A_75: option_com] : + ( ! [X_5: com] : + ( ( member_com @ X_5 @ ( set_com @ A_75 ) ) + => ( P_12 @ X_5 ) ) + => ( ( A_75 + = ( some_com @ X_63 ) ) + => ( P_12 @ X_63 ) ) ) )). + +thf(fact_409_sup__fun__def,axiom,( + ! [F_34: hoare_1167836817_state > $o,G_9: hoare_1167836817_state > $o,X_5: hoare_1167836817_state] : + ( ( semila1172322802tate_o @ F_34 @ G_9 @ X_5 ) + <=> ( semila10642723_sup_o @ ( F_34 @ X_5 ) @ ( G_9 @ X_5 ) ) ) )). + +thf(fact_410_sup__apply,axiom,( + ! [F_33: hoare_1167836817_state > $o,G_8: hoare_1167836817_state > $o,X_62: hoare_1167836817_state] : + ( ( semila1172322802tate_o @ F_33 @ G_8 @ X_62 ) + <=> ( semila10642723_sup_o @ ( F_33 @ X_62 ) @ ( G_8 @ X_62 ) ) ) )). + +thf(fact_411_single__stateE,axiom, + ( hoare_1201148605gleton + => ! [T_1: state] : + ~ ! [S_3: state] : ( S_3 = T_1 ) )). + +thf(fact_412_state__not__singleton__def,axiom, + ( hoare_1201148605gleton + <=> ? [S_3: state,T_1: state] : ( S_3 != T_1 ) )). + +thf(fact_413_sup__assoc,axiom,( + ! [X_61: hoare_1167836817_state > $o,Y_39: hoare_1167836817_state > $o,Z_17: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila1172322802tate_o @ X_61 @ Y_39 ) @ Z_17 ) + = ( semila1172322802tate_o @ X_61 @ ( semila1172322802tate_o @ Y_39 @ Z_17 ) ) ) )). + +thf(fact_414_inf__sup__aci_I6_J,axiom,( + ! [X_60: hoare_1167836817_state > $o,Y_38: hoare_1167836817_state > $o,Z_16: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila1172322802tate_o @ X_60 @ Y_38 ) @ Z_16 ) + = ( semila1172322802tate_o @ X_60 @ ( semila1172322802tate_o @ Y_38 @ Z_16 ) ) ) )). + +thf(fact_415_sup_Oassoc,axiom,( + ! [A_74: hoare_1167836817_state > $o,B_55: hoare_1167836817_state > $o,C_26: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila1172322802tate_o @ A_74 @ B_55 ) @ C_26 ) + = ( semila1172322802tate_o @ A_74 @ ( semila1172322802tate_o @ B_55 @ C_26 ) ) ) )). + +thf(fact_416_sup__left__commute,axiom,( + ! [X_59: hoare_1167836817_state > $o,Y_37: hoare_1167836817_state > $o,Z_15: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_59 @ ( semila1172322802tate_o @ Y_37 @ Z_15 ) ) + = ( semila1172322802tate_o @ Y_37 @ ( semila1172322802tate_o @ X_59 @ Z_15 ) ) ) )). + +thf(fact_417_inf__sup__aci_I7_J,axiom,( + ! [X_58: hoare_1167836817_state > $o,Y_36: hoare_1167836817_state > $o,Z_14: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_58 @ ( semila1172322802tate_o @ Y_36 @ Z_14 ) ) + = ( semila1172322802tate_o @ Y_36 @ ( semila1172322802tate_o @ X_58 @ Z_14 ) ) ) )). + +thf(fact_418_sup_Oleft__commute,axiom,( + ! [B_54: hoare_1167836817_state > $o,A_73: hoare_1167836817_state > $o,C_25: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ B_54 @ ( semila1172322802tate_o @ A_73 @ C_25 ) ) + = ( semila1172322802tate_o @ A_73 @ ( semila1172322802tate_o @ B_54 @ C_25 ) ) ) )). + +thf(fact_419_sup__left__idem,axiom,( + ! [X_57: hoare_1167836817_state > $o,Y_35: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_57 @ ( semila1172322802tate_o @ X_57 @ Y_35 ) ) + = ( semila1172322802tate_o @ X_57 @ Y_35 ) ) )). + +thf(fact_420_inf__sup__aci_I8_J,axiom,( + ! [X_56: hoare_1167836817_state > $o,Y_34: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_56 @ ( semila1172322802tate_o @ X_56 @ Y_34 ) ) + = ( semila1172322802tate_o @ X_56 @ Y_34 ) ) )). + +thf(fact_421_sup_Oleft__idem,axiom,( + ! [A_72: hoare_1167836817_state > $o,B_53: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_72 @ ( semila1172322802tate_o @ A_72 @ B_53 ) ) + = ( semila1172322802tate_o @ A_72 @ B_53 ) ) )). + +thf(fact_422_sup__commute,axiom,( + ! [X_55: hoare_1167836817_state > $o,Y_33: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_55 @ Y_33 ) + = ( semila1172322802tate_o @ Y_33 @ X_55 ) ) )). + +thf(fact_423_inf__sup__aci_I5_J,axiom,( + ! [X_54: hoare_1167836817_state > $o,Y_32: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_54 @ Y_32 ) + = ( semila1172322802tate_o @ Y_32 @ X_54 ) ) )). + +thf(fact_424_sup_Ocommute,axiom,( + ! [A_71: hoare_1167836817_state > $o,B_52: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_71 @ B_52 ) + = ( semila1172322802tate_o @ B_52 @ A_71 ) ) )). + +thf(fact_425_sup__idem,axiom,( + ! [X_53: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_53 @ X_53 ) + = X_53 ) )). + +thf(fact_426_sup_Oidem,axiom,( + ! [A_70: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_70 @ A_70 ) + = A_70 ) )). + +thf(fact_427_le__supE,axiom,( + ! [A_69: pname > $o,B_51: pname > $o,X_52: pname > $o] : + ( ( ord_less_eq_pname_o @ ( semila1780557381name_o @ A_69 @ B_51 ) @ X_52 ) + => ~ ( ( ord_less_eq_pname_o @ A_69 @ X_52 ) + => ~ ( ord_less_eq_pname_o @ B_51 @ X_52 ) ) ) )). + +thf(fact_428_le__supE,axiom,( + ! [A_69: hoare_1167836817_state > $o,B_51: hoare_1167836817_state > $o,X_52: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ ( semila1172322802tate_o @ A_69 @ B_51 ) @ X_52 ) + => ~ ( ( ord_le827224136tate_o @ A_69 @ X_52 ) + => ~ ( ord_le827224136tate_o @ B_51 @ X_52 ) ) ) )). + +thf(fact_429_sup__mono,axiom,( + ! [B_50: pname > $o,D_3: pname > $o,A_68: pname > $o,C_24: pname > $o] : + ( ( ord_less_eq_pname_o @ A_68 @ C_24 ) + => ( ( ord_less_eq_pname_o @ B_50 @ D_3 ) + => ( ord_less_eq_pname_o @ ( semila1780557381name_o @ A_68 @ B_50 ) @ ( semila1780557381name_o @ C_24 @ D_3 ) ) ) ) )). + +thf(fact_430_sup__mono,axiom,( + ! [B_50: hoare_1167836817_state > $o,D_3: hoare_1167836817_state > $o,A_68: hoare_1167836817_state > $o,C_24: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_68 @ C_24 ) + => ( ( ord_le827224136tate_o @ B_50 @ D_3 ) + => ( ord_le827224136tate_o @ ( semila1172322802tate_o @ A_68 @ B_50 ) @ ( semila1172322802tate_o @ C_24 @ D_3 ) ) ) ) )). + +thf(fact_431_sup__least,axiom,( + ! [Z_13: pname > $o,Y_31: pname > $o,X_51: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_31 @ X_51 ) + => ( ( ord_less_eq_pname_o @ Z_13 @ X_51 ) + => ( ord_less_eq_pname_o @ ( semila1780557381name_o @ Y_31 @ Z_13 ) @ X_51 ) ) ) )). + +thf(fact_432_sup__least,axiom,( + ! [Z_13: hoare_1167836817_state > $o,Y_31: hoare_1167836817_state > $o,X_51: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_31 @ X_51 ) + => ( ( ord_le827224136tate_o @ Z_13 @ X_51 ) + => ( ord_le827224136tate_o @ ( semila1172322802tate_o @ Y_31 @ Z_13 ) @ X_51 ) ) ) )). + +thf(fact_433_le__supI,axiom,( + ! [B_49: pname > $o,A_67: pname > $o,X_50: pname > $o] : + ( ( ord_less_eq_pname_o @ A_67 @ X_50 ) + => ( ( ord_less_eq_pname_o @ B_49 @ X_50 ) + => ( ord_less_eq_pname_o @ ( semila1780557381name_o @ A_67 @ B_49 ) @ X_50 ) ) ) )). + +thf(fact_434_le__supI,axiom,( + ! [B_49: hoare_1167836817_state > $o,A_67: hoare_1167836817_state > $o,X_50: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_67 @ X_50 ) + => ( ( ord_le827224136tate_o @ B_49 @ X_50 ) + => ( ord_le827224136tate_o @ ( semila1172322802tate_o @ A_67 @ B_49 ) @ X_50 ) ) ) )). + +thf(fact_435_sup__absorb1,axiom,( + ! [Y_30: pname > $o,X_49: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_30 @ X_49 ) + => ( ( semila1780557381name_o @ X_49 @ Y_30 ) + = X_49 ) ) )). + +thf(fact_436_sup__absorb1,axiom,( + ! [Y_30: hoare_1167836817_state > $o,X_49: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_30 @ X_49 ) + => ( ( semila1172322802tate_o @ X_49 @ Y_30 ) + = X_49 ) ) )). + +thf(fact_437_sup__absorb2,axiom,( + ! [X_48: pname > $o,Y_29: pname > $o] : + ( ( ord_less_eq_pname_o @ X_48 @ Y_29 ) + => ( ( semila1780557381name_o @ X_48 @ Y_29 ) + = Y_29 ) ) )). + +thf(fact_438_sup__absorb2,axiom,( + ! [X_48: hoare_1167836817_state > $o,Y_29: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_48 @ Y_29 ) + => ( ( semila1172322802tate_o @ X_48 @ Y_29 ) + = Y_29 ) ) )). + +thf(fact_439_le__supI2,axiom,( + ! [A_66: pname > $o,X_47: pname > $o,B_48: pname > $o] : + ( ( ord_less_eq_pname_o @ X_47 @ B_48 ) + => ( ord_less_eq_pname_o @ X_47 @ ( semila1780557381name_o @ A_66 @ B_48 ) ) ) )). + +thf(fact_440_le__supI2,axiom,( + ! [A_66: hoare_1167836817_state > $o,X_47: hoare_1167836817_state > $o,B_48: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_47 @ B_48 ) + => ( ord_le827224136tate_o @ X_47 @ ( semila1172322802tate_o @ A_66 @ B_48 ) ) ) )). + +thf(fact_441_le__supI1,axiom,( + ! [B_47: pname > $o,X_46: pname > $o,A_65: pname > $o] : + ( ( ord_less_eq_pname_o @ X_46 @ A_65 ) + => ( ord_less_eq_pname_o @ X_46 @ ( semila1780557381name_o @ A_65 @ B_47 ) ) ) )). + +thf(fact_442_le__supI1,axiom,( + ! [B_47: hoare_1167836817_state > $o,X_46: hoare_1167836817_state > $o,A_65: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_46 @ A_65 ) + => ( ord_le827224136tate_o @ X_46 @ ( semila1172322802tate_o @ A_65 @ B_47 ) ) ) )). + +thf(fact_443_le__sup__iff,axiom,( + ! [X_45: pname > $o,Y_28: pname > $o,Z_12: pname > $o] : + ( ( ord_less_eq_pname_o @ ( semila1780557381name_o @ X_45 @ Y_28 ) @ Z_12 ) + <=> ( ( ord_less_eq_pname_o @ X_45 @ Z_12 ) + & ( ord_less_eq_pname_o @ Y_28 @ Z_12 ) ) ) )). + +thf(fact_444_le__sup__iff,axiom,( + ! [X_45: hoare_1167836817_state > $o,Y_28: hoare_1167836817_state > $o,Z_12: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ ( semila1172322802tate_o @ X_45 @ Y_28 ) @ Z_12 ) + <=> ( ( ord_le827224136tate_o @ X_45 @ Z_12 ) + & ( ord_le827224136tate_o @ Y_28 @ Z_12 ) ) ) )). + +thf(fact_445_le__iff__sup,axiom,( + ! [X_44: pname > $o,Y_27: pname > $o] : + ( ( ord_less_eq_pname_o @ X_44 @ Y_27 ) + <=> ( ( semila1780557381name_o @ X_44 @ Y_27 ) + = Y_27 ) ) )). + +thf(fact_446_le__iff__sup,axiom,( + ! [X_44: hoare_1167836817_state > $o,Y_27: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_44 @ Y_27 ) + <=> ( ( semila1172322802tate_o @ X_44 @ Y_27 ) + = Y_27 ) ) )). + +thf(fact_447_sup__ge2,axiom,( + ! [Y_26: pname > $o,X_43: pname > $o] : + ( ord_less_eq_pname_o @ Y_26 @ ( semila1780557381name_o @ X_43 @ Y_26 ) ) )). + +thf(fact_448_sup__ge2,axiom,( + ! [Y_26: hoare_1167836817_state > $o,X_43: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ Y_26 @ ( semila1172322802tate_o @ X_43 @ Y_26 ) ) )). + +thf(fact_449_inf__sup__ord_I4_J,axiom,( + ! [Y_25: pname > $o,X_42: pname > $o] : + ( ord_less_eq_pname_o @ Y_25 @ ( semila1780557381name_o @ X_42 @ Y_25 ) ) )). + +thf(fact_450_inf__sup__ord_I4_J,axiom,( + ! [Y_25: hoare_1167836817_state > $o,X_42: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ Y_25 @ ( semila1172322802tate_o @ X_42 @ Y_25 ) ) )). + +thf(fact_451_sup__ge1,axiom,( + ! [X_41: pname > $o,Y_24: pname > $o] : + ( ord_less_eq_pname_o @ X_41 @ ( semila1780557381name_o @ X_41 @ Y_24 ) ) )). + +thf(fact_452_sup__ge1,axiom,( + ! [X_41: hoare_1167836817_state > $o,Y_24: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ X_41 @ ( semila1172322802tate_o @ X_41 @ Y_24 ) ) )). + +thf(fact_453_inf__sup__ord_I3_J,axiom,( + ! [X_40: pname > $o,Y_23: pname > $o] : + ( ord_less_eq_pname_o @ X_40 @ ( semila1780557381name_o @ X_40 @ Y_23 ) ) )). + +thf(fact_454_inf__sup__ord_I3_J,axiom,( + ! [X_40: hoare_1167836817_state > $o,Y_23: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ X_40 @ ( semila1172322802tate_o @ X_40 @ Y_23 ) ) )). + +thf(fact_455_sup__eq__bot__iff,axiom,( + ! [X_39: pname > $o,Y_22: pname > $o] : + ( ( ( semila1780557381name_o @ X_39 @ Y_22 ) + = bot_bot_pname_o ) + <=> ( ( X_39 = bot_bot_pname_o ) + & ( Y_22 = bot_bot_pname_o ) ) ) )). + +thf(fact_456_sup__eq__bot__iff,axiom,( + ! [X_39: hoare_1167836817_state > $o,Y_22: hoare_1167836817_state > $o] : + ( ( ( semila1172322802tate_o @ X_39 @ Y_22 ) + = bot_bo70021908tate_o ) + <=> ( ( X_39 = bot_bo70021908tate_o ) + & ( Y_22 = bot_bo70021908tate_o ) ) ) )). + +thf(fact_457_sup__bot__right,axiom,( + ! [X_38: pname > $o] : + ( ( semila1780557381name_o @ X_38 @ bot_bot_pname_o ) + = X_38 ) )). + +thf(fact_458_sup__bot__right,axiom,( + ! [X_38: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_38 @ bot_bo70021908tate_o ) + = X_38 ) )). + +thf(fact_459_sup__bot__left,axiom,( + ! [X_37: pname > $o] : + ( ( semila1780557381name_o @ bot_bot_pname_o @ X_37 ) + = X_37 ) )). + +thf(fact_460_sup__bot__left,axiom,( + ! [X_37: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ bot_bo70021908tate_o @ X_37 ) + = X_37 ) )). + +thf(fact_461_folding__one__idem_Ounion__idem,axiom,( + ! [B_46: ( pname > $o ) > $o,A_64: ( pname > $o ) > $o,F_32: ( pname > $o ) > ( pname > $o ) > pname > $o,F_31: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite697516351name_o @ F_32 @ F_31 ) + => ( ( finite297249702name_o @ A_64 ) + => ( ( A_64 != bot_bot_pname_o_o ) + => ( ( finite297249702name_o @ B_46 ) + => ( ( B_46 != bot_bot_pname_o_o ) + => ( ( F_31 @ ( semila181081674me_o_o @ A_64 @ B_46 ) ) + = ( F_32 @ ( F_31 @ A_64 ) @ ( F_31 @ B_46 ) ) ) ) ) ) ) ) )). + +thf(fact_462_folding__one__idem_Ounion__idem,axiom,( + ! [B_46: ( hoare_1167836817_state > $o ) > $o,A_64: ( hoare_1167836817_state > $o ) > $o,F_32: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_31: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite671847800tate_o @ F_32 @ F_31 ) + => ( ( finite1380128977tate_o @ A_64 ) + => ( ( A_64 != bot_bo691907561te_o_o ) + => ( ( finite1380128977tate_o @ B_46 ) + => ( ( B_46 != bot_bo691907561te_o_o ) + => ( ( F_31 @ ( semila866907787te_o_o @ A_64 @ B_46 ) ) + = ( F_32 @ ( F_31 @ A_64 ) @ ( F_31 @ B_46 ) ) ) ) ) ) ) ) )). + +thf(fact_463_folding__one__idem_Ounion__idem,axiom,( + ! [B_46: pname > $o,A_64: pname > $o,F_32: pname > pname > pname,F_31: ( pname > $o ) > pname] : + ( ( finite89670078_pname @ F_32 @ F_31 ) + => ( ( finite_finite_pname @ A_64 ) + => ( ( A_64 != bot_bot_pname_o ) + => ( ( finite_finite_pname @ B_46 ) + => ( ( B_46 != bot_bot_pname_o ) + => ( ( F_31 @ ( semila1780557381name_o @ A_64 @ B_46 ) ) + = ( F_32 @ ( F_31 @ A_64 ) @ ( F_31 @ B_46 ) ) ) ) ) ) ) ) )). + +thf(fact_464_folding__one__idem_Ounion__idem,axiom,( + ! [B_46: hoare_1167836817_state > $o,A_64: hoare_1167836817_state > $o,F_32: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_31: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite806517911_state @ F_32 @ F_31 ) + => ( ( finite1084549118_state @ A_64 ) + => ( ( A_64 != bot_bo70021908tate_o ) + => ( ( finite1084549118_state @ B_46 ) + => ( ( B_46 != bot_bo70021908tate_o ) + => ( ( F_31 @ ( semila1172322802tate_o @ A_64 @ B_46 ) ) + = ( F_32 @ ( F_31 @ A_64 ) @ ( F_31 @ B_46 ) ) ) ) ) ) ) ) )). + +thf(fact_465_folding__one__idem_Osubset__idem,axiom,( + ! [B_45: ( pname > $o ) > $o,A_63: ( pname > $o ) > $o,F_30: ( pname > $o ) > ( pname > $o ) > pname > $o,F_29: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite697516351name_o @ F_30 @ F_29 ) + => ( ( finite297249702name_o @ A_63 ) + => ( ( B_45 != bot_bot_pname_o_o ) + => ( ( ord_le1205211808me_o_o @ B_45 @ A_63 ) + => ( ( F_30 @ ( F_29 @ B_45 ) @ ( F_29 @ A_63 ) ) + = ( F_29 @ A_63 ) ) ) ) ) ) )). + +thf(fact_466_folding__one__idem_Osubset__idem,axiom,( + ! [B_45: ( hoare_1167836817_state > $o ) > $o,A_63: ( hoare_1167836817_state > $o ) > $o,F_30: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_29: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite671847800tate_o @ F_30 @ F_29 ) + => ( ( finite1380128977tate_o @ A_63 ) + => ( ( B_45 != bot_bo691907561te_o_o ) + => ( ( ord_le741939125te_o_o @ B_45 @ A_63 ) + => ( ( F_30 @ ( F_29 @ B_45 ) @ ( F_29 @ A_63 ) ) + = ( F_29 @ A_63 ) ) ) ) ) ) )). + +thf(fact_467_folding__one__idem_Osubset__idem,axiom,( + ! [B_45: pname > $o,A_63: pname > $o,F_30: pname > pname > pname,F_29: ( pname > $o ) > pname] : + ( ( finite89670078_pname @ F_30 @ F_29 ) + => ( ( finite_finite_pname @ A_63 ) + => ( ( B_45 != bot_bot_pname_o ) + => ( ( ord_less_eq_pname_o @ B_45 @ A_63 ) + => ( ( F_30 @ ( F_29 @ B_45 ) @ ( F_29 @ A_63 ) ) + = ( F_29 @ A_63 ) ) ) ) ) ) )). + +thf(fact_468_folding__one__idem_Osubset__idem,axiom,( + ! [B_45: hoare_1167836817_state > $o,A_63: hoare_1167836817_state > $o,F_30: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_29: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite806517911_state @ F_30 @ F_29 ) + => ( ( finite1084549118_state @ A_63 ) + => ( ( B_45 != bot_bo70021908tate_o ) + => ( ( ord_le827224136tate_o @ B_45 @ A_63 ) + => ( ( F_30 @ ( F_29 @ B_45 ) @ ( F_29 @ A_63 ) ) + = ( F_29 @ A_63 ) ) ) ) ) ) )). + +thf(fact_469_hoare__derivs_OSkip,axiom,( + ! [G_7: hoare_1167836817_state > $o,P_11: state > state > $o] : + ( hoare_123228589_state @ G_7 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_11 @ skip @ P_11 ) @ bot_bo70021908tate_o ) ) )). + +thf(fact_470_folding__one__idem_Oinsert__idem,axiom,( + ! [X_36: pname,A_62: pname > $o,F_28: pname > pname > pname,F_27: ( pname > $o ) > pname] : + ( ( finite89670078_pname @ F_28 @ F_27 ) + => ( ( finite_finite_pname @ A_62 ) + => ( ( A_62 != bot_bot_pname_o ) + => ( ( F_27 @ ( insert_pname @ X_36 @ A_62 ) ) + = ( F_28 @ X_36 @ ( F_27 @ A_62 ) ) ) ) ) ) )). + +thf(fact_471_folding__one__idem_Oinsert__idem,axiom,( + ! [X_36: hoare_1167836817_state,A_62: hoare_1167836817_state > $o,F_28: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_27: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite806517911_state @ F_28 @ F_27 ) + => ( ( finite1084549118_state @ A_62 ) + => ( ( A_62 != bot_bo70021908tate_o ) + => ( ( F_27 @ ( insert2134838167_state @ X_36 @ A_62 ) ) + = ( F_28 @ X_36 @ ( F_27 @ A_62 ) ) ) ) ) ) )). + +thf(fact_472_folding__one__idem_Oinsert__idem,axiom,( + ! [X_36: pname > $o,A_62: ( pname > $o ) > $o,F_28: ( pname > $o ) > ( pname > $o ) > pname > $o,F_27: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite697516351name_o @ F_28 @ F_27 ) + => ( ( finite297249702name_o @ A_62 ) + => ( ( A_62 != bot_bot_pname_o_o ) + => ( ( F_27 @ ( insert_pname_o @ X_36 @ A_62 ) ) + = ( F_28 @ X_36 @ ( F_27 @ A_62 ) ) ) ) ) ) )). + +thf(fact_473_folding__one__idem_Oinsert__idem,axiom,( + ! [X_36: hoare_1167836817_state > $o,A_62: ( hoare_1167836817_state > $o ) > $o,F_28: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_27: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite671847800tate_o @ F_28 @ F_27 ) + => ( ( finite1380128977tate_o @ A_62 ) + => ( ( A_62 != bot_bo691907561te_o_o ) + => ( ( F_27 @ ( insert999278200tate_o @ X_36 @ A_62 ) ) + = ( F_28 @ X_36 @ ( F_27 @ A_62 ) ) ) ) ) ) )). + +thf(fact_474_finite__ne__induct,axiom,( + ! [P_10: ( pname > $o ) > $o,F_25: pname > $o] : + ( ( finite_finite_pname @ F_25 ) + => ( ( F_25 != bot_bot_pname_o ) + => ( ! [X_5: pname] : + ( P_10 @ ( insert_pname @ X_5 @ bot_bot_pname_o ) ) + => ( ! [X_5: pname,F_26: pname > $o] : + ( ( finite_finite_pname @ F_26 ) + => ( ( F_26 != bot_bot_pname_o ) + => ( ~ ( member_pname @ X_5 @ F_26 ) + => ( ( P_10 @ F_26 ) + => ( P_10 @ ( insert_pname @ X_5 @ F_26 ) ) ) ) ) ) + => ( P_10 @ F_25 ) ) ) ) ) )). + +thf(fact_475_finite__ne__induct,axiom,( + ! [P_10: ( hoare_1167836817_state > $o ) > $o,F_25: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_25 ) + => ( ( F_25 != bot_bo70021908tate_o ) + => ( ! [X_5: hoare_1167836817_state] : + ( P_10 @ ( insert2134838167_state @ X_5 @ bot_bo70021908tate_o ) ) + => ( ! [X_5: hoare_1167836817_state,F_26: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ F_26 ) + => ( ( F_26 != bot_bo70021908tate_o ) + => ( ~ ( member2058392318_state @ X_5 @ F_26 ) + => ( ( P_10 @ F_26 ) + => ( P_10 @ ( insert2134838167_state @ X_5 @ F_26 ) ) ) ) ) ) + => ( P_10 @ F_25 ) ) ) ) ) )). + +thf(fact_476_finite__ne__induct,axiom,( + ! [P_10: ( ( pname > $o ) > $o ) > $o,F_25: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_25 ) + => ( ( F_25 != bot_bot_pname_o_o ) + => ( ! [X_5: pname > $o] : + ( P_10 @ ( insert_pname_o @ X_5 @ bot_bot_pname_o_o ) ) + => ( ! [X_5: pname > $o,F_26: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ F_26 ) + => ( ( F_26 != bot_bot_pname_o_o ) + => ( ~ ( member_pname_o @ X_5 @ F_26 ) + => ( ( P_10 @ F_26 ) + => ( P_10 @ ( insert_pname_o @ X_5 @ F_26 ) ) ) ) ) ) + => ( P_10 @ F_25 ) ) ) ) ) )). + +thf(fact_477_finite__ne__induct,axiom,( + ! [P_10: ( ( hoare_1167836817_state > $o ) > $o ) > $o,F_25: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_25 ) + => ( ( F_25 != bot_bo691907561te_o_o ) + => ( ! [X_5: hoare_1167836817_state > $o] : + ( P_10 @ ( insert999278200tate_o @ X_5 @ bot_bo691907561te_o_o ) ) + => ( ! [X_5: hoare_1167836817_state > $o,F_26: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ F_26 ) + => ( ( F_26 != bot_bo691907561te_o_o ) + => ( ~ ( member864234961tate_o @ X_5 @ F_26 ) + => ( ( P_10 @ F_26 ) + => ( P_10 @ ( insert999278200tate_o @ X_5 @ F_26 ) ) ) ) ) ) + => ( P_10 @ F_25 ) ) ) ) ) )). + +thf(fact_478_com_Osimps_I19_J,axiom,( + ! [Pname: pname] : + ( ( body_1 @ Pname ) + != skip ) )). + +thf(fact_479_com_Osimps_I18_J,axiom,( + ! [Pname: pname] : + ( skip + != ( body_1 @ Pname ) ) )). + +thf(fact_480_WT_OSkip,axiom, + ( wt @ skip )). + +thf(fact_481_folding__one__idem_Oin__idem,axiom,( + ! [X_35: pname,A_61: pname > $o,F_24: pname > pname > pname,F_23: ( pname > $o ) > pname] : + ( ( finite89670078_pname @ F_24 @ F_23 ) + => ( ( finite_finite_pname @ A_61 ) + => ( ( member_pname @ X_35 @ A_61 ) + => ( ( F_24 @ X_35 @ ( F_23 @ A_61 ) ) + = ( F_23 @ A_61 ) ) ) ) ) )). + +thf(fact_482_folding__one__idem_Oin__idem,axiom,( + ! [X_35: hoare_1167836817_state,A_61: hoare_1167836817_state > $o,F_24: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_23: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite806517911_state @ F_24 @ F_23 ) + => ( ( finite1084549118_state @ A_61 ) + => ( ( member2058392318_state @ X_35 @ A_61 ) + => ( ( F_24 @ X_35 @ ( F_23 @ A_61 ) ) + = ( F_23 @ A_61 ) ) ) ) ) )). + +thf(fact_483_folding__one__idem_Oin__idem,axiom,( + ! [X_35: pname > $o,A_61: ( pname > $o ) > $o,F_24: ( pname > $o ) > ( pname > $o ) > pname > $o,F_23: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite697516351name_o @ F_24 @ F_23 ) + => ( ( finite297249702name_o @ A_61 ) + => ( ( member_pname_o @ X_35 @ A_61 ) + => ( ( F_24 @ X_35 @ ( F_23 @ A_61 ) ) + = ( F_23 @ A_61 ) ) ) ) ) )). + +thf(fact_484_folding__one__idem_Oin__idem,axiom,( + ! [X_35: hoare_1167836817_state > $o,A_61: ( hoare_1167836817_state > $o ) > $o,F_24: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_23: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite671847800tate_o @ F_24 @ F_23 ) + => ( ( finite1380128977tate_o @ A_61 ) + => ( ( member864234961tate_o @ X_35 @ A_61 ) + => ( ( F_24 @ X_35 @ ( F_23 @ A_61 ) ) + = ( F_23 @ A_61 ) ) ) ) ) )). + +thf(fact_485_folding__one__idem_Ohom__commute,axiom,( + ! [N_1: ( pname > $o ) > $o,H: ( pname > $o ) > pname > $o,F_22: ( pname > $o ) > ( pname > $o ) > pname > $o,F_21: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite697516351name_o @ F_22 @ F_21 ) + => ( ! [X_5: pname > $o,Y_2: pname > $o] : + ( ( H @ ( F_22 @ X_5 @ Y_2 ) ) + = ( F_22 @ ( H @ X_5 ) @ ( H @ Y_2 ) ) ) + => ( ( finite297249702name_o @ N_1 ) + => ( ( N_1 != bot_bot_pname_o_o ) + => ( ( H @ ( F_21 @ N_1 ) ) + = ( F_21 @ ( image_1085733413name_o @ H @ N_1 ) ) ) ) ) ) ) )). + +thf(fact_486_folding__one__idem_Ohom__commute,axiom,( + ! [N_1: ( hoare_1167836817_state > $o ) > $o,H: ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_22: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_21: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite671847800tate_o @ F_22 @ F_21 ) + => ( ! [X_5: hoare_1167836817_state > $o,Y_2: hoare_1167836817_state > $o] : + ( ( H @ ( F_22 @ X_5 @ Y_2 ) ) + = ( F_22 @ ( H @ X_5 ) @ ( H @ Y_2 ) ) ) + => ( ( finite1380128977tate_o @ N_1 ) + => ( ( N_1 != bot_bo691907561te_o_o ) + => ( ( H @ ( F_21 @ N_1 ) ) + = ( F_21 @ ( image_1488525317tate_o @ H @ N_1 ) ) ) ) ) ) ) )). + +thf(fact_487_folding__one__idem_Ohom__commute,axiom,( + ! [N_1: pname > $o,H: pname > pname,F_22: pname > pname > pname,F_21: ( pname > $o ) > pname] : + ( ( finite89670078_pname @ F_22 @ F_21 ) + => ( ! [X_5: pname,Y_2: pname] : + ( ( H @ ( F_22 @ X_5 @ Y_2 ) ) + = ( F_22 @ ( H @ X_5 ) @ ( H @ Y_2 ) ) ) + => ( ( finite_finite_pname @ N_1 ) + => ( ( N_1 != bot_bot_pname_o ) + => ( ( H @ ( F_21 @ N_1 ) ) + = ( F_21 @ ( image_pname_pname @ H @ N_1 ) ) ) ) ) ) ) )). + +thf(fact_488_folding__one__idem_Ohom__commute,axiom,( + ! [N_1: hoare_1167836817_state > $o,H: hoare_1167836817_state > hoare_1167836817_state,F_22: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_21: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite806517911_state @ F_22 @ F_21 ) + => ( ! [X_5: hoare_1167836817_state,Y_2: hoare_1167836817_state] : + ( ( H @ ( F_22 @ X_5 @ Y_2 ) ) + = ( F_22 @ ( H @ X_5 ) @ ( H @ Y_2 ) ) ) + => ( ( finite1084549118_state @ N_1 ) + => ( ( N_1 != bot_bo70021908tate_o ) + => ( ( H @ ( F_21 @ N_1 ) ) + = ( F_21 @ ( image_31595733_state @ H @ N_1 ) ) ) ) ) ) ) )). + +thf(fact_489_LoopF,axiom,( + ! [G_6: hoare_1167836817_state > $o,P_9: state > state > $o,B_44: state > $o,C_23: com] : + ( hoare_123228589_state @ G_6 + @ ( insert2134838167_state + @ ( hoare_908217195_state + @ ^ [Z_11: state,S_3: state] : + ( (&) @ ( P_9 @ Z_11 @ S_3 ) @ ( (~) @ ( B_44 @ S_3 ) ) ) + @ ( while @ B_44 @ C_23 ) + @ P_9 ) + @ bot_bo70021908tate_o ) ) )). + +thf(fact_490_Comp,axiom,( + ! [D_2: com,R_1: state > state > $o,G_5: hoare_1167836817_state > $o,P_8: state > state > $o,C_22: com,Q_4: state > state > $o] : + ( ( hoare_123228589_state @ G_5 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_8 @ C_22 @ Q_4 ) @ bot_bo70021908tate_o ) ) + => ( ( hoare_123228589_state @ G_5 @ ( insert2134838167_state @ ( hoare_908217195_state @ Q_4 @ D_2 @ R_1 ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_5 @ ( insert2134838167_state @ ( hoare_908217195_state @ P_8 @ ( semi @ C_22 @ D_2 ) @ R_1 ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_491_the__elem__def,axiom,( + ! [X_34: pname > $o] : + ( ( the_elem_pname @ X_34 ) + = ( the_pname + @ ^ [X_5: pname] : + ( X_34 + = ( insert_pname @ X_5 @ bot_bot_pname_o ) ) ) ) )). + +thf(fact_492_the__elem__def,axiom,( + ! [X_34: hoare_1167836817_state > $o] : + ( ( the_el323660082_state @ X_34 ) + = ( the_Ho310147232_state + @ ^ [X_5: hoare_1167836817_state] : + ( X_34 + = ( insert2134838167_state @ X_5 @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_493_WTs__elim__cases_I6_J,axiom,( + ! [B_42: state > $o,C_21: com] : + ( ( wt @ ( while @ B_42 @ C_21 ) ) + => ( wt @ C_21 ) ) )). + +thf(fact_494_WTs__elim__cases_I4_J,axiom,( + ! [C1: com,C2: com] : + ( ( wt @ ( semi @ C1 @ C2 ) ) + => ~ ( ( wt @ C1 ) + => ~ ( wt @ C2 ) ) ) )). + +thf(fact_495_com_Osimps_I46_J,axiom,( + ! [Com1_1: com,Com2_1: com,Fun: state > $o,Com_1: com] : + ( ( semi @ Com1_1 @ Com2_1 ) + != ( while @ Fun @ Com_1 ) ) )). + +thf(fact_496_com_Osimps_I47_J,axiom,( + ! [Fun: state > $o,Com_1: com,Com1_1: com,Com2_1: com] : + ( ( while @ Fun @ Com_1 ) + != ( semi @ Com1_1 @ Com2_1 ) ) )). + +thf(fact_497_com_Osimps_I3_J,axiom,( + ! [Com1_1: com,Com2_1: com,Com1: com,Com2: com] : + ( ( ( semi @ Com1_1 @ Com2_1 ) + = ( semi @ Com1 @ Com2 ) ) + <=> ( ( Com1_1 = Com1 ) + & ( Com2_1 = Com2 ) ) ) )). + +thf(fact_498_com_Osimps_I5_J,axiom,( + ! [Fun_1: state > $o,Com_2: com,Fun: state > $o,Com_1: com] : + ( ( ( while @ Fun_1 @ Com_2 ) + = ( while @ Fun @ Com_1 ) ) + <=> ( ( Fun_1 = Fun ) + & ( Com_2 = Com_1 ) ) ) )). + +thf(fact_499_com_Osimps_I59_J,axiom,( + ! [Pname: pname,Fun_1: state > $o,Com_2: com] : + ( ( body_1 @ Pname ) + != ( while @ Fun_1 @ Com_2 ) ) )). + +thf(fact_500_com_Osimps_I58_J,axiom,( + ! [Fun_1: state > $o,Com_2: com,Pname: pname] : + ( ( while @ Fun_1 @ Com_2 ) + != ( body_1 @ Pname ) ) )). + +thf(fact_501_While,axiom,( + ! [B_42: state > $o,C_21: com] : + ( ( wt @ C_21 ) + => ( wt @ ( while @ B_42 @ C_21 ) ) ) )). + +thf(fact_502_com_Osimps_I16_J,axiom,( + ! [Fun: state > $o,Com_1: com] : + ( skip + != ( while @ Fun @ Com_1 ) ) )). + +thf(fact_503_com_Osimps_I17_J,axiom,( + ! [Fun: state > $o,Com_1: com] : + ( ( while @ Fun @ Com_1 ) + != skip ) )). + +thf(fact_504_com_Osimps_I49_J,axiom,( + ! [Pname: pname,Com1_1: com,Com2_1: com] : + ( ( body_1 @ Pname ) + != ( semi @ Com1_1 @ Com2_1 ) ) )). + +thf(fact_505_com_Osimps_I48_J,axiom,( + ! [Com1_1: com,Com2_1: com,Pname: pname] : + ( ( semi @ Com1_1 @ Com2_1 ) + != ( body_1 @ Pname ) ) )). + +thf(fact_506_WT_OSemi,axiom,( + ! [C1: com,C0: com] : + ( ( wt @ C0 ) + => ( ( wt @ C1 ) + => ( wt @ ( semi @ C0 @ C1 ) ) ) ) )). + +thf(fact_507_com_Osimps_I12_J,axiom,( + ! [Com1: com,Com2: com] : + ( skip + != ( semi @ Com1 @ Com2 ) ) )). + +thf(fact_508_com_Osimps_I13_J,axiom,( + ! [Com1: com,Com2: com] : + ( ( semi @ Com1 @ Com2 ) + != skip ) )). + +thf(fact_509_folding__one_Oinsert,axiom,( + ! [X_33: pname,A_60: pname > $o,F_20: pname > pname > pname,F_19: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_20 @ F_19 ) + => ( ( finite_finite_pname @ A_60 ) + => ( ~ ( member_pname @ X_33 @ A_60 ) + => ( ( A_60 != bot_bot_pname_o ) + => ( ( F_19 @ ( insert_pname @ X_33 @ A_60 ) ) + = ( F_20 @ X_33 @ ( F_19 @ A_60 ) ) ) ) ) ) ) )). + +thf(fact_510_folding__one_Oinsert,axiom,( + ! [X_33: hoare_1167836817_state,A_60: hoare_1167836817_state > $o,F_20: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_19: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_20 @ F_19 ) + => ( ( finite1084549118_state @ A_60 ) + => ( ~ ( member2058392318_state @ X_33 @ A_60 ) + => ( ( A_60 != bot_bo70021908tate_o ) + => ( ( F_19 @ ( insert2134838167_state @ X_33 @ A_60 ) ) + = ( F_20 @ X_33 @ ( F_19 @ A_60 ) ) ) ) ) ) ) )). + +thf(fact_511_folding__one_Oinsert,axiom,( + ! [X_33: pname > $o,A_60: ( pname > $o ) > $o,F_20: ( pname > $o ) > ( pname > $o ) > pname > $o,F_19: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite349908348name_o @ F_20 @ F_19 ) + => ( ( finite297249702name_o @ A_60 ) + => ( ~ ( member_pname_o @ X_33 @ A_60 ) + => ( ( A_60 != bot_bot_pname_o_o ) + => ( ( F_19 @ ( insert_pname_o @ X_33 @ A_60 ) ) + = ( F_20 @ X_33 @ ( F_19 @ A_60 ) ) ) ) ) ) ) )). + +thf(fact_512_folding__one_Oinsert,axiom,( + ! [X_33: hoare_1167836817_state > $o,A_60: ( hoare_1167836817_state > $o ) > $o,F_20: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_19: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite979047547tate_o @ F_20 @ F_19 ) + => ( ( finite1380128977tate_o @ A_60 ) + => ( ~ ( member864234961tate_o @ X_33 @ A_60 ) + => ( ( A_60 != bot_bo691907561te_o_o ) + => ( ( F_19 @ ( insert999278200tate_o @ X_33 @ A_60 ) ) + = ( F_20 @ X_33 @ ( F_19 @ A_60 ) ) ) ) ) ) ) )). + +thf(fact_513_folding__one_Osingleton,axiom,( + ! [X_32: pname,F_18: pname > pname > pname,F_17: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_18 @ F_17 ) + => ( ( F_17 @ ( insert_pname @ X_32 @ bot_bot_pname_o ) ) + = X_32 ) ) )). + +thf(fact_514_folding__one_Osingleton,axiom,( + ! [X_32: hoare_1167836817_state,F_18: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_17: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_18 @ F_17 ) + => ( ( F_17 @ ( insert2134838167_state @ X_32 @ bot_bo70021908tate_o ) ) + = X_32 ) ) )). + +thf(fact_515_folding__one_Oclosed,axiom,( + ! [A_59: pname > $o,F_16: pname > pname > pname,F_15: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_16 @ F_15 ) + => ( ( finite_finite_pname @ A_59 ) + => ( ( A_59 != bot_bot_pname_o ) + => ( ! [X_5: pname,Y_2: pname] : + ( member_pname @ ( F_16 @ X_5 @ Y_2 ) @ ( insert_pname @ X_5 @ ( insert_pname @ Y_2 @ bot_bot_pname_o ) ) ) + => ( member_pname @ ( F_15 @ A_59 ) @ A_59 ) ) ) ) ) )). + +thf(fact_516_folding__one_Oclosed,axiom,( + ! [A_59: hoare_1167836817_state > $o,F_16: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_15: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_16 @ F_15 ) + => ( ( finite1084549118_state @ A_59 ) + => ( ( A_59 != bot_bo70021908tate_o ) + => ( ! [X_5: hoare_1167836817_state,Y_2: hoare_1167836817_state] : + ( member2058392318_state @ ( F_16 @ X_5 @ Y_2 ) @ ( insert2134838167_state @ X_5 @ ( insert2134838167_state @ Y_2 @ bot_bo70021908tate_o ) ) ) + => ( member2058392318_state @ ( F_15 @ A_59 ) @ A_59 ) ) ) ) ) )). + +thf(fact_517_folding__one_Oclosed,axiom,( + ! [A_59: ( pname > $o ) > $o,F_16: ( pname > $o ) > ( pname > $o ) > pname > $o,F_15: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite349908348name_o @ F_16 @ F_15 ) + => ( ( finite297249702name_o @ A_59 ) + => ( ( A_59 != bot_bot_pname_o_o ) + => ( ! [X_5: pname > $o,Y_2: pname > $o] : + ( member_pname_o @ ( F_16 @ X_5 @ Y_2 ) @ ( insert_pname_o @ X_5 @ ( insert_pname_o @ Y_2 @ bot_bot_pname_o_o ) ) ) + => ( member_pname_o @ ( F_15 @ A_59 ) @ A_59 ) ) ) ) ) )). + +thf(fact_518_folding__one_Oclosed,axiom,( + ! [A_59: ( hoare_1167836817_state > $o ) > $o,F_16: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_15: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite979047547tate_o @ F_16 @ F_15 ) + => ( ( finite1380128977tate_o @ A_59 ) + => ( ( A_59 != bot_bo691907561te_o_o ) + => ( ! [X_5: hoare_1167836817_state > $o,Y_2: hoare_1167836817_state > $o] : + ( member864234961tate_o @ ( F_16 @ X_5 @ Y_2 ) @ ( insert999278200tate_o @ X_5 @ ( insert999278200tate_o @ Y_2 @ bot_bo691907561te_o_o ) ) ) + => ( member864234961tate_o @ ( F_15 @ A_59 ) @ A_59 ) ) ) ) ) )). + +thf(fact_519_triple_Oexhaust,axiom,( + ! [Y_21: hoare_1167836817_state] : + ~ ! [Fun1: state > state > $o,Com: com,Fun2: state > state > $o] : + ( Y_21 + != ( hoare_908217195_state @ Fun1 @ Com @ Fun2 ) ) )). + +thf(fact_520_image__cong,axiom,( + ! [F_14: pname > hoare_1167836817_state,G_4: pname > hoare_1167836817_state,M: pname > $o,N: pname > $o] : + ( ( M = N ) + => ( ! [X_5: pname] : + ( ( member_pname @ X_5 @ N ) + => ( ( F_14 @ X_5 ) + = ( G_4 @ X_5 ) ) ) + => ( ( image_575578384_state @ F_14 @ M ) + = ( image_575578384_state @ G_4 @ N ) ) ) ) )). + +thf(fact_521_Collect__mono,axiom,( + ! [Q_3: hoare_1167836817_state > $o,P_7: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ( ( P_7 @ X_5 ) + => ( Q_3 @ X_5 ) ) + => ( ord_le827224136tate_o @ ( collec1027672124_state @ P_7 ) @ ( collec1027672124_state @ Q_3 ) ) ) )). + +thf(fact_522_Collect__mono,axiom,( + ! [Q_3: pname > $o,P_7: pname > $o] : + ( ! [X_5: pname] : + ( ( P_7 @ X_5 ) + => ( Q_3 @ X_5 ) ) + => ( ord_less_eq_pname_o @ ( collect_pname @ P_7 ) @ ( collect_pname @ Q_3 ) ) ) )). + +thf(fact_523_Collect__mono,axiom,( + ! [Q_3: ( pname > $o ) > $o,P_7: ( pname > $o ) > $o] : + ( ! [X_5: pname > $o] : + ( ( P_7 @ X_5 ) + => ( Q_3 @ X_5 ) ) + => ( ord_le1205211808me_o_o @ ( collect_pname_o @ P_7 ) @ ( collect_pname_o @ Q_3 ) ) ) )). + +thf(fact_524_Collect__mono,axiom,( + ! [Q_3: ( hoare_1167836817_state > $o ) > $o,P_7: ( hoare_1167836817_state > $o ) > $o] : + ( ! [X_5: hoare_1167836817_state > $o] : + ( ( P_7 @ X_5 ) + => ( Q_3 @ X_5 ) ) + => ( ord_le741939125te_o_o @ ( collec269976083tate_o @ P_7 ) @ ( collec269976083tate_o @ Q_3 ) ) ) )). + +thf(fact_525_predicate1I,axiom,( + ! [Q_2: pname > $o,P_6: pname > $o] : + ( ! [X_5: pname] : + ( ( P_6 @ X_5 ) + => ( Q_2 @ X_5 ) ) + => ( ord_less_eq_pname_o @ P_6 @ Q_2 ) ) )). + +thf(fact_526_predicate1I,axiom,( + ! [Q_2: hoare_1167836817_state > $o,P_6: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state] : + ( ( P_6 @ X_5 ) + => ( Q_2 @ X_5 ) ) + => ( ord_le827224136tate_o @ P_6 @ Q_2 ) ) )). + +thf(fact_527_mk__disjoint__insert,axiom,( + ! [A_58: pname,A_57: pname > $o] : + ( ( member_pname @ A_58 @ A_57 ) + => ? [B_43: pname > $o] : + ( ( A_57 + = ( insert_pname @ A_58 @ B_43 ) ) + & ~ ( member_pname @ A_58 @ B_43 ) ) ) )). + +thf(fact_528_mk__disjoint__insert,axiom,( + ! [A_58: hoare_1167836817_state,A_57: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_58 @ A_57 ) + => ? [B_43: hoare_1167836817_state > $o] : + ( ( A_57 + = ( insert2134838167_state @ A_58 @ B_43 ) ) + & ~ ( member2058392318_state @ A_58 @ B_43 ) ) ) )). + +thf(fact_529_Set_Oset__insert,axiom,( + ! [X_31: pname,A_56: pname > $o] : + ( ( member_pname @ X_31 @ A_56 ) + => ~ ! [B_43: pname > $o] : + ( ( A_56 + = ( insert_pname @ X_31 @ B_43 ) ) + => ( member_pname @ X_31 @ B_43 ) ) ) )). + +thf(fact_530_Set_Oset__insert,axiom,( + ! [X_31: hoare_1167836817_state,A_56: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_31 @ A_56 ) + => ~ ! [B_43: hoare_1167836817_state > $o] : + ( ( A_56 + = ( insert2134838167_state @ X_31 @ B_43 ) ) + => ( member2058392318_state @ X_31 @ B_43 ) ) ) )). + +thf(fact_531_equals0I,axiom,( + ! [A_55: pname > $o] : + ( ! [Y_2: pname] : + ~ ( member_pname @ Y_2 @ A_55 ) + => ( A_55 = bot_bot_pname_o ) ) )). + +thf(fact_532_equals0I,axiom,( + ! [A_55: hoare_1167836817_state > $o] : + ( ! [Y_2: hoare_1167836817_state] : + ~ ( member2058392318_state @ Y_2 @ A_55 ) + => ( A_55 = bot_bo70021908tate_o ) ) )). + +thf(fact_533_MGT__alternD,axiom,( + ! [G_3: hoare_1167836817_state > $o,C_21: com] : + ( hoare_1201148605gleton + => ( ( hoare_123228589_state @ G_3 + @ ( insert2134838167_state + @ ( hoare_908217195_state + @ ^ [Z_11: state,S0_1: state] : + ! [S1: state] : + ( (=>) @ ( evalc @ C_21 @ S0_1 @ S1 ) @ ( Z_11 = S1 ) ) + @ C_21 + @ fequal_state ) + @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_3 @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ C_21 ) @ bot_bo70021908tate_o ) ) ) ) )). + +thf(fact_534_MGT__alternI,axiom,( + ! [G_3: hoare_1167836817_state > $o,C_21: com] : + ( ( hoare_123228589_state @ G_3 @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ C_21 ) @ bot_bo70021908tate_o ) ) + => ( hoare_123228589_state @ G_3 + @ ( insert2134838167_state + @ ( hoare_908217195_state + @ ^ [Z_11: state,S0_1: state] : + ! [S1: state] : + ( (=>) @ ( evalc @ C_21 @ S0_1 @ S1 ) @ ( Z_11 = S1 ) ) + @ C_21 + @ fequal_state ) + @ bot_bo70021908tate_o ) ) ) )). + +thf(fact_535_MGT__def,axiom,( + ! [C_21: com] : + ( ( hoare_Mirabelle_MGT @ C_21 ) + = ( hoare_908217195_state @ fequal_state @ C_21 @ ( evalc @ C_21 ) ) ) )). + +thf(fact_536_evalc_OBody,axiom,( + ! [Pn_1: pname,S0: state,S1_1: state] : + ( ( evalc @ ( the_com @ ( body @ Pn_1 ) ) @ S0 @ S1_1 ) + => ( evalc @ ( body_1 @ Pn_1 ) @ S0 @ S1_1 ) ) )). + +thf(fact_537_evalc__elim__cases_I6_J,axiom,( + ! [P: pname,S_2: state,S1_1: state] : + ( ( evalc @ ( body_1 @ P ) @ S_2 @ S1_1 ) + => ( evalc @ ( the_com @ ( body @ P ) ) @ S_2 @ S1_1 ) ) )). + +thf(fact_538_evalc__elim__cases_I1_J,axiom,( + ! [S_2: state,T: state] : + ( ( evalc @ skip @ S_2 @ T ) + => ( T = S_2 ) ) )). + +thf(fact_539_evalc_OWhileFalse,axiom,( + ! [C_21: com,B_42: state > $o,S_2: state] : + ( ~ ( B_42 @ S_2 ) + => ( evalc @ ( while @ B_42 @ C_21 ) @ S_2 @ S_2 ) ) )). + +thf(fact_540_evalc_OWhileTrue,axiom,( + ! [S2: state,C_21: com,S1_1: state,B_42: state > $o,S0: state] : + ( ( B_42 @ S0 ) + => ( ( evalc @ C_21 @ S0 @ S1_1 ) + => ( ( evalc @ ( while @ B_42 @ C_21 ) @ S1_1 @ S2 ) + => ( evalc @ ( while @ B_42 @ C_21 ) @ S0 @ S2 ) ) ) ) )). + +thf(fact_541_evalc_OSemi,axiom,( + ! [C1: com,S2: state,C0: com,S0: state,S1_1: state] : + ( ( evalc @ C0 @ S0 @ S1_1 ) + => ( ( evalc @ C1 @ S1_1 @ S2 ) + => ( evalc @ ( semi @ C0 @ C1 ) @ S0 @ S2 ) ) ) )). + +thf(fact_542_evalc_OSkip,axiom,( + ! [S_2: state] : + ( evalc @ skip @ S_2 @ S_2 ) )). + +thf(fact_543_com__det,axiom,( + ! [U: state,C_21: com,S_2: state,T: state] : + ( ( evalc @ C_21 @ S_2 @ T ) + => ( ( evalc @ C_21 @ S_2 @ U ) + => ( U = T ) ) ) )). + +thf(fact_544_evalc__elim__cases_I4_J,axiom,( + ! [C1: com,C2: com,S_2: state,T: state] : + ( ( evalc @ ( semi @ C1 @ C2 ) @ S_2 @ T ) + => ~ ! [S1: state] : + ( ( evalc @ C1 @ S_2 @ S1 ) + => ~ ( evalc @ C2 @ S1 @ T ) ) ) )). + +thf(fact_545_evalc__WHILE__case,axiom,( + ! [B_42: state > $o,C_21: com,S_2: state,T: state] : + ( ( evalc @ ( while @ B_42 @ C_21 ) @ S_2 @ T ) + => ( ( ( T = S_2 ) + => ( B_42 @ S_2 ) ) + => ~ ( ( B_42 @ S_2 ) + => ! [S1: state] : + ( ( evalc @ C_21 @ S_2 @ S1 ) + => ~ ( evalc @ ( while @ B_42 @ C_21 ) @ S1 @ T ) ) ) ) ) )). + +thf(fact_546_xt1_I15_J,axiom,( + ! [C_20: pname > $o,A_54: pname > $o,F_13: ( pname > $o ) > pname > $o,B_41: pname > $o] : + ( ( A_54 + = ( F_13 @ B_41 ) ) + => ( ( ord_less_eq_pname_o @ C_20 @ B_41 ) + => ( ! [X_5: pname > $o,Y_2: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_2 @ X_5 ) + => ( ord_less_eq_pname_o @ ( F_13 @ Y_2 ) @ ( F_13 @ X_5 ) ) ) + => ( ord_less_eq_pname_o @ ( F_13 @ C_20 ) @ A_54 ) ) ) ) )). + +thf(fact_547_xt1_I15_J,axiom,( + ! [C_20: hoare_1167836817_state > $o,A_54: hoare_1167836817_state > $o,F_13: ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,B_41: hoare_1167836817_state > $o] : + ( ( A_54 + = ( F_13 @ B_41 ) ) + => ( ( ord_le827224136tate_o @ C_20 @ B_41 ) + => ( ! [X_5: hoare_1167836817_state > $o,Y_2: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_2 @ X_5 ) + => ( ord_le827224136tate_o @ ( F_13 @ Y_2 ) @ ( F_13 @ X_5 ) ) ) + => ( ord_le827224136tate_o @ ( F_13 @ C_20 ) @ A_54 ) ) ) ) )). + +thf(fact_548_xt1_I16_J,axiom,( + ! [F_12: ( pname > $o ) > pname > $o,C_19: pname > $o,B_40: pname > $o,A_53: pname > $o] : + ( ( ord_less_eq_pname_o @ B_40 @ A_53 ) + => ( ( ( F_12 @ B_40 ) + = C_19 ) + => ( ! [X_5: pname > $o,Y_2: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_2 @ X_5 ) + => ( ord_less_eq_pname_o @ ( F_12 @ Y_2 ) @ ( F_12 @ X_5 ) ) ) + => ( ord_less_eq_pname_o @ C_19 @ ( F_12 @ A_53 ) ) ) ) ) )). + +thf(fact_549_xt1_I16_J,axiom,( + ! [F_12: ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,C_19: hoare_1167836817_state > $o,B_40: hoare_1167836817_state > $o,A_53: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ B_40 @ A_53 ) + => ( ( ( F_12 @ B_40 ) + = C_19 ) + => ( ! [X_5: hoare_1167836817_state > $o,Y_2: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_2 @ X_5 ) + => ( ord_le827224136tate_o @ ( F_12 @ Y_2 ) @ ( F_12 @ X_5 ) ) ) + => ( ord_le827224136tate_o @ C_19 @ ( F_12 @ A_53 ) ) ) ) ) )). + +thf(fact_550_folding__one_Ounion__inter,axiom,( + ! [B_39: ( pname > $o ) > $o,A_52: ( pname > $o ) > $o,F_11: ( pname > $o ) > ( pname > $o ) > pname > $o,F_10: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite349908348name_o @ F_11 @ F_10 ) + => ( ( finite297249702name_o @ A_52 ) + => ( ( finite297249702name_o @ B_39 ) + => ( ( ( semila2013987940me_o_o @ A_52 @ B_39 ) + != bot_bot_pname_o_o ) + => ( ( F_11 @ ( F_10 @ ( semila181081674me_o_o @ A_52 @ B_39 ) ) @ ( F_10 @ ( semila2013987940me_o_o @ A_52 @ B_39 ) ) ) + = ( F_11 @ ( F_10 @ A_52 ) @ ( F_10 @ B_39 ) ) ) ) ) ) ) )). + +thf(fact_551_folding__one_Ounion__inter,axiom,( + ! [B_39: ( hoare_1167836817_state > $o ) > $o,A_52: ( hoare_1167836817_state > $o ) > $o,F_11: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_10: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite979047547tate_o @ F_11 @ F_10 ) + => ( ( finite1380128977tate_o @ A_52 ) + => ( ( finite1380128977tate_o @ B_39 ) + => ( ( ( semila1758709489te_o_o @ A_52 @ B_39 ) + != bot_bo691907561te_o_o ) + => ( ( F_11 @ ( F_10 @ ( semila866907787te_o_o @ A_52 @ B_39 ) ) @ ( F_10 @ ( semila1758709489te_o_o @ A_52 @ B_39 ) ) ) + = ( F_11 @ ( F_10 @ A_52 ) @ ( F_10 @ B_39 ) ) ) ) ) ) ) )). + +thf(fact_552_folding__one_Ounion__inter,axiom,( + ! [B_39: pname > $o,A_52: pname > $o,F_11: pname > pname > pname,F_10: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_11 @ F_10 ) + => ( ( finite_finite_pname @ A_52 ) + => ( ( finite_finite_pname @ B_39 ) + => ( ( ( semila1673364395name_o @ A_52 @ B_39 ) + != bot_bot_pname_o ) + => ( ( F_11 @ ( F_10 @ ( semila1780557381name_o @ A_52 @ B_39 ) ) @ ( F_10 @ ( semila1673364395name_o @ A_52 @ B_39 ) ) ) + = ( F_11 @ ( F_10 @ A_52 ) @ ( F_10 @ B_39 ) ) ) ) ) ) ) )). + +thf(fact_553_folding__one_Ounion__inter,axiom,( + ! [B_39: hoare_1167836817_state > $o,A_52: hoare_1167836817_state > $o,F_11: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_10: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_11 @ F_10 ) + => ( ( finite1084549118_state @ A_52 ) + => ( ( finite1084549118_state @ B_39 ) + => ( ( ( semila179895820tate_o @ A_52 @ B_39 ) + != bot_bo70021908tate_o ) + => ( ( F_11 @ ( F_10 @ ( semila1172322802tate_o @ A_52 @ B_39 ) ) @ ( F_10 @ ( semila179895820tate_o @ A_52 @ B_39 ) ) ) + = ( F_11 @ ( F_10 @ A_52 ) @ ( F_10 @ B_39 ) ) ) ) ) ) ) )). + +thf(fact_554_folding__one_Ounion__disjoint,axiom,( + ! [B_38: ( pname > $o ) > $o,A_51: ( pname > $o ) > $o,F_9: ( pname > $o ) > ( pname > $o ) > pname > $o,F_8: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite349908348name_o @ F_9 @ F_8 ) + => ( ( finite297249702name_o @ A_51 ) + => ( ( A_51 != bot_bot_pname_o_o ) + => ( ( finite297249702name_o @ B_38 ) + => ( ( B_38 != bot_bot_pname_o_o ) + => ( ( ( semila2013987940me_o_o @ A_51 @ B_38 ) + = bot_bot_pname_o_o ) + => ( ( F_8 @ ( semila181081674me_o_o @ A_51 @ B_38 ) ) + = ( F_9 @ ( F_8 @ A_51 ) @ ( F_8 @ B_38 ) ) ) ) ) ) ) ) ) )). + +thf(fact_555_folding__one_Ounion__disjoint,axiom,( + ! [B_38: ( hoare_1167836817_state > $o ) > $o,A_51: ( hoare_1167836817_state > $o ) > $o,F_9: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_8: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite979047547tate_o @ F_9 @ F_8 ) + => ( ( finite1380128977tate_o @ A_51 ) + => ( ( A_51 != bot_bo691907561te_o_o ) + => ( ( finite1380128977tate_o @ B_38 ) + => ( ( B_38 != bot_bo691907561te_o_o ) + => ( ( ( semila1758709489te_o_o @ A_51 @ B_38 ) + = bot_bo691907561te_o_o ) + => ( ( F_8 @ ( semila866907787te_o_o @ A_51 @ B_38 ) ) + = ( F_9 @ ( F_8 @ A_51 ) @ ( F_8 @ B_38 ) ) ) ) ) ) ) ) ) )). + +thf(fact_556_folding__one_Ounion__disjoint,axiom,( + ! [B_38: pname > $o,A_51: pname > $o,F_9: pname > pname > pname,F_8: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_9 @ F_8 ) + => ( ( finite_finite_pname @ A_51 ) + => ( ( A_51 != bot_bot_pname_o ) + => ( ( finite_finite_pname @ B_38 ) + => ( ( B_38 != bot_bot_pname_o ) + => ( ( ( semila1673364395name_o @ A_51 @ B_38 ) + = bot_bot_pname_o ) + => ( ( F_8 @ ( semila1780557381name_o @ A_51 @ B_38 ) ) + = ( F_9 @ ( F_8 @ A_51 ) @ ( F_8 @ B_38 ) ) ) ) ) ) ) ) ) )). + +thf(fact_557_folding__one_Ounion__disjoint,axiom,( + ! [B_38: hoare_1167836817_state > $o,A_51: hoare_1167836817_state > $o,F_9: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_8: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_9 @ F_8 ) + => ( ( finite1084549118_state @ A_51 ) + => ( ( A_51 != bot_bo70021908tate_o ) + => ( ( finite1084549118_state @ B_38 ) + => ( ( B_38 != bot_bo70021908tate_o ) + => ( ( ( semila179895820tate_o @ A_51 @ B_38 ) + = bot_bo70021908tate_o ) + => ( ( F_8 @ ( semila1172322802tate_o @ A_51 @ B_38 ) ) + = ( F_9 @ ( F_8 @ A_51 ) @ ( F_8 @ B_38 ) ) ) ) ) ) ) ) ) )). + +thf(fact_558_IntI,axiom,( + ! [B_37: pname > $o,C_18: pname,A_50: pname > $o] : + ( ( member_pname @ C_18 @ A_50 ) + => ( ( member_pname @ C_18 @ B_37 ) + => ( member_pname @ C_18 @ ( semila1673364395name_o @ A_50 @ B_37 ) ) ) ) )). + +thf(fact_559_IntI,axiom,( + ! [B_37: hoare_1167836817_state > $o,C_18: hoare_1167836817_state,A_50: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_18 @ A_50 ) + => ( ( member2058392318_state @ C_18 @ B_37 ) + => ( member2058392318_state @ C_18 @ ( semila179895820tate_o @ A_50 @ B_37 ) ) ) ) )). + +thf(fact_560_IntE,axiom,( + ! [C_17: pname,A_49: pname > $o,B_36: pname > $o] : + ( ( member_pname @ C_17 @ ( semila1673364395name_o @ A_49 @ B_36 ) ) + => ~ ( ( member_pname @ C_17 @ A_49 ) + => ~ ( member_pname @ C_17 @ B_36 ) ) ) )). + +thf(fact_561_IntE,axiom,( + ! [C_17: hoare_1167836817_state,A_49: hoare_1167836817_state > $o,B_36: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_17 @ ( semila179895820tate_o @ A_49 @ B_36 ) ) + => ~ ( ( member2058392318_state @ C_17 @ A_49 ) + => ~ ( member2058392318_state @ C_17 @ B_36 ) ) ) )). + +thf(fact_562_finite__Int,axiom,( + ! [G_2: ( pname > $o ) > $o,F_7: ( pname > $o ) > $o] : + ( ( ( finite297249702name_o @ F_7 ) + | ( finite297249702name_o @ G_2 ) ) + => ( finite297249702name_o @ ( semila2013987940me_o_o @ F_7 @ G_2 ) ) ) )). + +thf(fact_563_finite__Int,axiom,( + ! [G_2: ( hoare_1167836817_state > $o ) > $o,F_7: ( hoare_1167836817_state > $o ) > $o] : + ( ( ( finite1380128977tate_o @ F_7 ) + | ( finite1380128977tate_o @ G_2 ) ) + => ( finite1380128977tate_o @ ( semila1758709489te_o_o @ F_7 @ G_2 ) ) ) )). + +thf(fact_564_finite__Int,axiom,( + ! [G_2: pname > $o,F_7: pname > $o] : + ( ( ( finite_finite_pname @ F_7 ) + | ( finite_finite_pname @ G_2 ) ) + => ( finite_finite_pname @ ( semila1673364395name_o @ F_7 @ G_2 ) ) ) )). + +thf(fact_565_finite__Int,axiom,( + ! [G_2: hoare_1167836817_state > $o,F_7: hoare_1167836817_state > $o] : + ( ( ( finite1084549118_state @ F_7 ) + | ( finite1084549118_state @ G_2 ) ) + => ( finite1084549118_state @ ( semila179895820tate_o @ F_7 @ G_2 ) ) ) )). + +thf(fact_566_disjoint__iff__not__equal,axiom,( + ! [A_48: pname > $o,B_35: pname > $o] : + ( ( ( semila1673364395name_o @ A_48 @ B_35 ) + = bot_bot_pname_o ) + <=> ! [X_5: pname] : + ( ( member_pname @ X_5 @ A_48 ) + => ! [Xa: pname] : + ( ( member_pname @ Xa @ B_35 ) + => ( X_5 != Xa ) ) ) ) )). + +thf(fact_567_disjoint__iff__not__equal,axiom,( + ! [A_48: hoare_1167836817_state > $o,B_35: hoare_1167836817_state > $o] : + ( ( ( semila179895820tate_o @ A_48 @ B_35 ) + = bot_bo70021908tate_o ) + <=> ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_48 ) + => ! [Xa: hoare_1167836817_state] : + ( ( member2058392318_state @ Xa @ B_35 ) + => ( X_5 != Xa ) ) ) ) )). + +thf(fact_568_Int__empty__right,axiom,( + ! [A_47: pname > $o] : + ( ( semila1673364395name_o @ A_47 @ bot_bot_pname_o ) + = bot_bot_pname_o ) )). + +thf(fact_569_Int__empty__right,axiom,( + ! [A_47: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ A_47 @ bot_bo70021908tate_o ) + = bot_bo70021908tate_o ) )). + +thf(fact_570_Int__empty__left,axiom,( + ! [B_34: pname > $o] : + ( ( semila1673364395name_o @ bot_bot_pname_o @ B_34 ) + = bot_bot_pname_o ) )). + +thf(fact_571_Int__empty__left,axiom,( + ! [B_34: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ bot_bo70021908tate_o @ B_34 ) + = bot_bo70021908tate_o ) )). + +thf(fact_572_Int__def,axiom,( + ! [A_46: pname > $o,B_33: pname > $o] : + ( ( semila1673364395name_o @ A_46 @ B_33 ) + = ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( member_pname @ X_5 @ A_46 ) @ ( member_pname @ X_5 @ B_33 ) ) ) ) )). + +thf(fact_573_Int__def,axiom,( + ! [A_46: hoare_1167836817_state > $o,B_33: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ A_46 @ B_33 ) + = ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( member2058392318_state @ X_5 @ A_46 ) @ ( member2058392318_state @ X_5 @ B_33 ) ) ) ) )). + +thf(fact_574_Int__def,axiom,( + ! [A_46: ( pname > $o ) > $o,B_33: ( pname > $o ) > $o] : + ( ( semila2013987940me_o_o @ A_46 @ B_33 ) + = ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( member_pname_o @ X_5 @ A_46 ) @ ( member_pname_o @ X_5 @ B_33 ) ) ) ) )). + +thf(fact_575_Int__def,axiom,( + ! [A_46: ( hoare_1167836817_state > $o ) > $o,B_33: ( hoare_1167836817_state > $o ) > $o] : + ( ( semila1758709489te_o_o @ A_46 @ B_33 ) + = ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( member864234961tate_o @ X_5 @ A_46 ) @ ( member864234961tate_o @ X_5 @ B_33 ) ) ) ) )). + +thf(fact_576_Int__iff,axiom,( + ! [C_16: pname,A_45: pname > $o,B_32: pname > $o] : + ( ( member_pname @ C_16 @ ( semila1673364395name_o @ A_45 @ B_32 ) ) + <=> ( ( member_pname @ C_16 @ A_45 ) + & ( member_pname @ C_16 @ B_32 ) ) ) )). + +thf(fact_577_Int__iff,axiom,( + ! [C_16: hoare_1167836817_state,A_45: hoare_1167836817_state > $o,B_32: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_16 @ ( semila179895820tate_o @ A_45 @ B_32 ) ) + <=> ( ( member2058392318_state @ C_16 @ A_45 ) + & ( member2058392318_state @ C_16 @ B_32 ) ) ) )). + +thf(fact_578_IntD1,axiom,( + ! [C_15: pname,A_44: pname > $o,B_31: pname > $o] : + ( ( member_pname @ C_15 @ ( semila1673364395name_o @ A_44 @ B_31 ) ) + => ( member_pname @ C_15 @ A_44 ) ) )). + +thf(fact_579_IntD1,axiom,( + ! [C_15: hoare_1167836817_state,A_44: hoare_1167836817_state > $o,B_31: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_15 @ ( semila179895820tate_o @ A_44 @ B_31 ) ) + => ( member2058392318_state @ C_15 @ A_44 ) ) )). + +thf(fact_580_IntD2,axiom,( + ! [C_14: pname,A_43: pname > $o,B_30: pname > $o] : + ( ( member_pname @ C_14 @ ( semila1673364395name_o @ A_43 @ B_30 ) ) + => ( member_pname @ C_14 @ B_30 ) ) )). + +thf(fact_581_IntD2,axiom,( + ! [C_14: hoare_1167836817_state,A_43: hoare_1167836817_state > $o,B_30: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_14 @ ( semila179895820tate_o @ A_43 @ B_30 ) ) + => ( member2058392318_state @ C_14 @ B_30 ) ) )). + +thf(fact_582_Collect__conj__eq,axiom,( + ! [P_5: hoare_1167836817_state > $o,Q_1: hoare_1167836817_state > $o] : + ( ( collec1027672124_state + @ ^ [X_5: hoare_1167836817_state] : + ( (&) @ ( P_5 @ X_5 ) @ ( Q_1 @ X_5 ) ) ) + = ( semila179895820tate_o @ ( collec1027672124_state @ P_5 ) @ ( collec1027672124_state @ Q_1 ) ) ) )). + +thf(fact_583_Collect__conj__eq,axiom,( + ! [P_5: pname > $o,Q_1: pname > $o] : + ( ( collect_pname + @ ^ [X_5: pname] : + ( (&) @ ( P_5 @ X_5 ) @ ( Q_1 @ X_5 ) ) ) + = ( semila1673364395name_o @ ( collect_pname @ P_5 ) @ ( collect_pname @ Q_1 ) ) ) )). + +thf(fact_584_Collect__conj__eq,axiom,( + ! [P_5: ( pname > $o ) > $o,Q_1: ( pname > $o ) > $o] : + ( ( collect_pname_o + @ ^ [X_5: pname > $o] : + ( (&) @ ( P_5 @ X_5 ) @ ( Q_1 @ X_5 ) ) ) + = ( semila2013987940me_o_o @ ( collect_pname_o @ P_5 ) @ ( collect_pname_o @ Q_1 ) ) ) )). + +thf(fact_585_Collect__conj__eq,axiom,( + ! [P_5: ( hoare_1167836817_state > $o ) > $o,Q_1: ( hoare_1167836817_state > $o ) > $o] : + ( ( collec269976083tate_o + @ ^ [X_5: hoare_1167836817_state > $o] : + ( (&) @ ( P_5 @ X_5 ) @ ( Q_1 @ X_5 ) ) ) + = ( semila1758709489te_o_o @ ( collec269976083tate_o @ P_5 ) @ ( collec269976083tate_o @ Q_1 ) ) ) )). + +thf(fact_586_Int__Collect,axiom,( + ! [X_30: pname,A_42: pname > $o,P_4: pname > $o] : + ( ( member_pname @ X_30 @ ( semila1673364395name_o @ A_42 @ ( collect_pname @ P_4 ) ) ) + <=> ( ( member_pname @ X_30 @ A_42 ) + & ( P_4 @ X_30 ) ) ) )). + +thf(fact_587_Int__Collect,axiom,( + ! [X_30: hoare_1167836817_state,A_42: hoare_1167836817_state > $o,P_4: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ X_30 @ ( semila179895820tate_o @ A_42 @ ( collec1027672124_state @ P_4 ) ) ) + <=> ( ( member2058392318_state @ X_30 @ A_42 ) + & ( P_4 @ X_30 ) ) ) )). + +thf(fact_588_Int__Collect,axiom,( + ! [X_30: pname > $o,A_42: ( pname > $o ) > $o,P_4: ( pname > $o ) > $o] : + ( ( member_pname_o @ X_30 @ ( semila2013987940me_o_o @ A_42 @ ( collect_pname_o @ P_4 ) ) ) + <=> ( ( member_pname_o @ X_30 @ A_42 ) + & ( P_4 @ X_30 ) ) ) )). + +thf(fact_589_Int__Collect,axiom,( + ! [X_30: hoare_1167836817_state > $o,A_42: ( hoare_1167836817_state > $o ) > $o,P_4: ( hoare_1167836817_state > $o ) > $o] : + ( ( member864234961tate_o @ X_30 @ ( semila1758709489te_o_o @ A_42 @ ( collec269976083tate_o @ P_4 ) ) ) + <=> ( ( member864234961tate_o @ X_30 @ A_42 ) + & ( P_4 @ X_30 ) ) ) )). + +thf(fact_590_inf__Int__eq,axiom,( + ! [R: pname > $o,S_1: pname > $o,X_5: pname] : + ( ( semila1673364395name_o + @ ^ [Y_2: pname] : + ( member_pname @ Y_2 @ R ) + @ ^ [Y_2: pname] : + ( member_pname @ Y_2 @ S_1 ) + @ X_5 ) + <=> ( member_pname @ X_5 @ ( semila1673364395name_o @ R @ S_1 ) ) ) )). + +thf(fact_591_inf__Int__eq,axiom,( + ! [R: hoare_1167836817_state > $o,S_1: hoare_1167836817_state > $o,X_5: hoare_1167836817_state] : + ( ( semila179895820tate_o + @ ^ [Y_2: hoare_1167836817_state] : + ( member2058392318_state @ Y_2 @ R ) + @ ^ [Y_2: hoare_1167836817_state] : + ( member2058392318_state @ Y_2 @ S_1 ) + @ X_5 ) + <=> ( member2058392318_state @ X_5 @ ( semila179895820tate_o @ R @ S_1 ) ) ) )). + +thf(fact_592_Un__Int__crazy,axiom,( + ! [A_41: hoare_1167836817_state > $o,B_29: hoare_1167836817_state > $o,C_13: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila1172322802tate_o @ ( semila179895820tate_o @ A_41 @ B_29 ) @ ( semila179895820tate_o @ B_29 @ C_13 ) ) @ ( semila179895820tate_o @ C_13 @ A_41 ) ) + = ( semila179895820tate_o @ ( semila179895820tate_o @ ( semila1172322802tate_o @ A_41 @ B_29 ) @ ( semila1172322802tate_o @ B_29 @ C_13 ) ) @ ( semila1172322802tate_o @ C_13 @ A_41 ) ) ) )). + +thf(fact_593_Un__Int__distrib2,axiom,( + ! [B_28: hoare_1167836817_state > $o,C_12: hoare_1167836817_state > $o,A_40: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila179895820tate_o @ B_28 @ C_12 ) @ A_40 ) + = ( semila179895820tate_o @ ( semila1172322802tate_o @ B_28 @ A_40 ) @ ( semila1172322802tate_o @ C_12 @ A_40 ) ) ) )). + +thf(fact_594_Int__Un__distrib2,axiom,( + ! [B_27: hoare_1167836817_state > $o,C_11: hoare_1167836817_state > $o,A_39: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ ( semila1172322802tate_o @ B_27 @ C_11 ) @ A_39 ) + = ( semila1172322802tate_o @ ( semila179895820tate_o @ B_27 @ A_39 ) @ ( semila179895820tate_o @ C_11 @ A_39 ) ) ) )). + +thf(fact_595_Un__Int__distrib,axiom,( + ! [A_38: hoare_1167836817_state > $o,B_26: hoare_1167836817_state > $o,C_10: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ A_38 @ ( semila179895820tate_o @ B_26 @ C_10 ) ) + = ( semila179895820tate_o @ ( semila1172322802tate_o @ A_38 @ B_26 ) @ ( semila1172322802tate_o @ A_38 @ C_10 ) ) ) )). + +thf(fact_596_Int__Un__distrib,axiom,( + ! [A_37: hoare_1167836817_state > $o,B_25: hoare_1167836817_state > $o,C_9: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ A_37 @ ( semila1172322802tate_o @ B_25 @ C_9 ) ) + = ( semila1172322802tate_o @ ( semila179895820tate_o @ A_37 @ B_25 ) @ ( semila179895820tate_o @ A_37 @ C_9 ) ) ) )). + +thf(fact_597_Int__mono,axiom,( + ! [B_24: pname > $o,D_1: pname > $o,A_36: pname > $o,C_8: pname > $o] : + ( ( ord_less_eq_pname_o @ A_36 @ C_8 ) + => ( ( ord_less_eq_pname_o @ B_24 @ D_1 ) + => ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_36 @ B_24 ) @ ( semila1673364395name_o @ C_8 @ D_1 ) ) ) ) )). + +thf(fact_598_Int__mono,axiom,( + ! [B_24: hoare_1167836817_state > $o,D_1: hoare_1167836817_state > $o,A_36: hoare_1167836817_state > $o,C_8: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_36 @ C_8 ) + => ( ( ord_le827224136tate_o @ B_24 @ D_1 ) + => ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_36 @ B_24 ) @ ( semila179895820tate_o @ C_8 @ D_1 ) ) ) ) )). + +thf(fact_599_Int__greatest,axiom,( + ! [B_23: pname > $o,C_7: pname > $o,A_35: pname > $o] : + ( ( ord_less_eq_pname_o @ C_7 @ A_35 ) + => ( ( ord_less_eq_pname_o @ C_7 @ B_23 ) + => ( ord_less_eq_pname_o @ C_7 @ ( semila1673364395name_o @ A_35 @ B_23 ) ) ) ) )). + +thf(fact_600_Int__greatest,axiom,( + ! [B_23: hoare_1167836817_state > $o,C_7: hoare_1167836817_state > $o,A_35: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ C_7 @ A_35 ) + => ( ( ord_le827224136tate_o @ C_7 @ B_23 ) + => ( ord_le827224136tate_o @ C_7 @ ( semila179895820tate_o @ A_35 @ B_23 ) ) ) ) )). + +thf(fact_601_Int__absorb1,axiom,( + ! [B_22: pname > $o,A_34: pname > $o] : + ( ( ord_less_eq_pname_o @ B_22 @ A_34 ) + => ( ( semila1673364395name_o @ A_34 @ B_22 ) + = B_22 ) ) )). + +thf(fact_602_Int__absorb1,axiom,( + ! [B_22: hoare_1167836817_state > $o,A_34: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ B_22 @ A_34 ) + => ( ( semila179895820tate_o @ A_34 @ B_22 ) + = B_22 ) ) )). + +thf(fact_603_Int__absorb2,axiom,( + ! [A_33: pname > $o,B_21: pname > $o] : + ( ( ord_less_eq_pname_o @ A_33 @ B_21 ) + => ( ( semila1673364395name_o @ A_33 @ B_21 ) + = A_33 ) ) )). + +thf(fact_604_Int__absorb2,axiom,( + ! [A_33: hoare_1167836817_state > $o,B_21: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_33 @ B_21 ) + => ( ( semila179895820tate_o @ A_33 @ B_21 ) + = A_33 ) ) )). + +thf(fact_605_Int__lower2,axiom,( + ! [A_32: pname > $o,B_20: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_32 @ B_20 ) @ B_20 ) )). + +thf(fact_606_Int__lower2,axiom,( + ! [A_32: hoare_1167836817_state > $o,B_20: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_32 @ B_20 ) @ B_20 ) )). + +thf(fact_607_Int__lower1,axiom,( + ! [A_31: pname > $o,B_19: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_31 @ B_19 ) @ A_31 ) )). + +thf(fact_608_Int__lower1,axiom,( + ! [A_31: hoare_1167836817_state > $o,B_19: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_31 @ B_19 ) @ A_31 ) )). + +thf(fact_609_Int__insert__left__if1,axiom,( + ! [B_18: pname > $o,A_30: pname,C_6: pname > $o] : + ( ( member_pname @ A_30 @ C_6 ) + => ( ( semila1673364395name_o @ ( insert_pname @ A_30 @ B_18 ) @ C_6 ) + = ( insert_pname @ A_30 @ ( semila1673364395name_o @ B_18 @ C_6 ) ) ) ) )). + +thf(fact_610_Int__insert__left__if1,axiom,( + ! [B_18: hoare_1167836817_state > $o,A_30: hoare_1167836817_state,C_6: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_30 @ C_6 ) + => ( ( semila179895820tate_o @ ( insert2134838167_state @ A_30 @ B_18 ) @ C_6 ) + = ( insert2134838167_state @ A_30 @ ( semila179895820tate_o @ B_18 @ C_6 ) ) ) ) )). + +thf(fact_611_Int__insert__right__if1,axiom,( + ! [B_17: pname > $o,A_29: pname,A_28: pname > $o] : + ( ( member_pname @ A_29 @ A_28 ) + => ( ( semila1673364395name_o @ A_28 @ ( insert_pname @ A_29 @ B_17 ) ) + = ( insert_pname @ A_29 @ ( semila1673364395name_o @ A_28 @ B_17 ) ) ) ) )). + +thf(fact_612_Int__insert__right__if1,axiom,( + ! [B_17: hoare_1167836817_state > $o,A_29: hoare_1167836817_state,A_28: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_29 @ A_28 ) + => ( ( semila179895820tate_o @ A_28 @ ( insert2134838167_state @ A_29 @ B_17 ) ) + = ( insert2134838167_state @ A_29 @ ( semila179895820tate_o @ A_28 @ B_17 ) ) ) ) )). + +thf(fact_613_Int__insert__left__if0,axiom,( + ! [B_16: pname > $o,A_27: pname,C_5: pname > $o] : + ( ~ ( member_pname @ A_27 @ C_5 ) + => ( ( semila1673364395name_o @ ( insert_pname @ A_27 @ B_16 ) @ C_5 ) + = ( semila1673364395name_o @ B_16 @ C_5 ) ) ) )). + +thf(fact_614_Int__insert__left__if0,axiom,( + ! [B_16: hoare_1167836817_state > $o,A_27: hoare_1167836817_state,C_5: hoare_1167836817_state > $o] : + ( ~ ( member2058392318_state @ A_27 @ C_5 ) + => ( ( semila179895820tate_o @ ( insert2134838167_state @ A_27 @ B_16 ) @ C_5 ) + = ( semila179895820tate_o @ B_16 @ C_5 ) ) ) )). + +thf(fact_615_Int__insert__right__if0,axiom,( + ! [B_15: pname > $o,A_26: pname,A_25: pname > $o] : + ( ~ ( member_pname @ A_26 @ A_25 ) + => ( ( semila1673364395name_o @ A_25 @ ( insert_pname @ A_26 @ B_15 ) ) + = ( semila1673364395name_o @ A_25 @ B_15 ) ) ) )). + +thf(fact_616_Int__insert__right__if0,axiom,( + ! [B_15: hoare_1167836817_state > $o,A_26: hoare_1167836817_state,A_25: hoare_1167836817_state > $o] : + ( ~ ( member2058392318_state @ A_26 @ A_25 ) + => ( ( semila179895820tate_o @ A_25 @ ( insert2134838167_state @ A_26 @ B_15 ) ) + = ( semila179895820tate_o @ A_25 @ B_15 ) ) ) )). + +thf(fact_617_insert__inter__insert,axiom,( + ! [A_24: pname,A_23: pname > $o,B_14: pname > $o] : + ( ( semila1673364395name_o @ ( insert_pname @ A_24 @ A_23 ) @ ( insert_pname @ A_24 @ B_14 ) ) + = ( insert_pname @ A_24 @ ( semila1673364395name_o @ A_23 @ B_14 ) ) ) )). + +thf(fact_618_insert__inter__insert,axiom,( + ! [A_24: hoare_1167836817_state,A_23: hoare_1167836817_state > $o,B_14: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ ( insert2134838167_state @ A_24 @ A_23 ) @ ( insert2134838167_state @ A_24 @ B_14 ) ) + = ( insert2134838167_state @ A_24 @ ( semila179895820tate_o @ A_23 @ B_14 ) ) ) )). + +thf(fact_619_Int__insert__left,axiom,( + ! [B_13: pname > $o,A_22: pname,C_4: pname > $o] : + ( ( ( member_pname @ A_22 @ C_4 ) + => ( ( semila1673364395name_o @ ( insert_pname @ A_22 @ B_13 ) @ C_4 ) + = ( insert_pname @ A_22 @ ( semila1673364395name_o @ B_13 @ C_4 ) ) ) ) + & ( ~ ( member_pname @ A_22 @ C_4 ) + => ( ( semila1673364395name_o @ ( insert_pname @ A_22 @ B_13 ) @ C_4 ) + = ( semila1673364395name_o @ B_13 @ C_4 ) ) ) ) )). + +thf(fact_620_Int__insert__left,axiom,( + ! [B_13: hoare_1167836817_state > $o,A_22: hoare_1167836817_state,C_4: hoare_1167836817_state > $o] : + ( ( ( member2058392318_state @ A_22 @ C_4 ) + => ( ( semila179895820tate_o @ ( insert2134838167_state @ A_22 @ B_13 ) @ C_4 ) + = ( insert2134838167_state @ A_22 @ ( semila179895820tate_o @ B_13 @ C_4 ) ) ) ) + & ( ~ ( member2058392318_state @ A_22 @ C_4 ) + => ( ( semila179895820tate_o @ ( insert2134838167_state @ A_22 @ B_13 ) @ C_4 ) + = ( semila179895820tate_o @ B_13 @ C_4 ) ) ) ) )). + +thf(fact_621_Int__insert__right,axiom,( + ! [B_12: pname > $o,A_21: pname,A_20: pname > $o] : + ( ( ( member_pname @ A_21 @ A_20 ) + => ( ( semila1673364395name_o @ A_20 @ ( insert_pname @ A_21 @ B_12 ) ) + = ( insert_pname @ A_21 @ ( semila1673364395name_o @ A_20 @ B_12 ) ) ) ) + & ( ~ ( member_pname @ A_21 @ A_20 ) + => ( ( semila1673364395name_o @ A_20 @ ( insert_pname @ A_21 @ B_12 ) ) + = ( semila1673364395name_o @ A_20 @ B_12 ) ) ) ) )). + +thf(fact_622_Int__insert__right,axiom,( + ! [B_12: hoare_1167836817_state > $o,A_21: hoare_1167836817_state,A_20: hoare_1167836817_state > $o] : + ( ( ( member2058392318_state @ A_21 @ A_20 ) + => ( ( semila179895820tate_o @ A_20 @ ( insert2134838167_state @ A_21 @ B_12 ) ) + = ( insert2134838167_state @ A_21 @ ( semila179895820tate_o @ A_20 @ B_12 ) ) ) ) + & ( ~ ( member2058392318_state @ A_21 @ A_20 ) + => ( ( semila179895820tate_o @ A_20 @ ( insert2134838167_state @ A_21 @ B_12 ) ) + = ( semila179895820tate_o @ A_20 @ B_12 ) ) ) ) )). + +thf(fact_623_inf__sup__ord_I1_J,axiom,( + ! [X_29: pname > $o,Y_20: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1673364395name_o @ X_29 @ Y_20 ) @ X_29 ) )). + +thf(fact_624_inf__sup__ord_I1_J,axiom,( + ! [X_29: hoare_1167836817_state > $o,Y_20: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila179895820tate_o @ X_29 @ Y_20 ) @ X_29 ) )). + +thf(fact_625_inf__le1,axiom,( + ! [X_28: pname > $o,Y_19: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1673364395name_o @ X_28 @ Y_19 ) @ X_28 ) )). + +thf(fact_626_inf__le1,axiom,( + ! [X_28: hoare_1167836817_state > $o,Y_19: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila179895820tate_o @ X_28 @ Y_19 ) @ X_28 ) )). + +thf(fact_627_inf__sup__ord_I2_J,axiom,( + ! [X_27: pname > $o,Y_18: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1673364395name_o @ X_27 @ Y_18 ) @ Y_18 ) )). + +thf(fact_628_inf__sup__ord_I2_J,axiom,( + ! [X_27: hoare_1167836817_state > $o,Y_18: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila179895820tate_o @ X_27 @ Y_18 ) @ Y_18 ) )). + +thf(fact_629_inf__le2,axiom,( + ! [X_26: pname > $o,Y_17: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1673364395name_o @ X_26 @ Y_17 ) @ Y_17 ) )). + +thf(fact_630_inf__le2,axiom,( + ! [X_26: hoare_1167836817_state > $o,Y_17: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila179895820tate_o @ X_26 @ Y_17 ) @ Y_17 ) )). + +thf(fact_631_le__iff__inf,axiom,( + ! [X_25: pname > $o,Y_16: pname > $o] : + ( ( ord_less_eq_pname_o @ X_25 @ Y_16 ) + <=> ( ( semila1673364395name_o @ X_25 @ Y_16 ) + = X_25 ) ) )). + +thf(fact_632_le__iff__inf,axiom,( + ! [X_25: hoare_1167836817_state > $o,Y_16: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_25 @ Y_16 ) + <=> ( ( semila179895820tate_o @ X_25 @ Y_16 ) + = X_25 ) ) )). + +thf(fact_633_le__inf__iff,axiom,( + ! [X_24: pname > $o,Y_15: pname > $o,Z_10: pname > $o] : + ( ( ord_less_eq_pname_o @ X_24 @ ( semila1673364395name_o @ Y_15 @ Z_10 ) ) + <=> ( ( ord_less_eq_pname_o @ X_24 @ Y_15 ) + & ( ord_less_eq_pname_o @ X_24 @ Z_10 ) ) ) )). + +thf(fact_634_le__inf__iff,axiom,( + ! [X_24: hoare_1167836817_state > $o,Y_15: hoare_1167836817_state > $o,Z_10: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_24 @ ( semila179895820tate_o @ Y_15 @ Z_10 ) ) + <=> ( ( ord_le827224136tate_o @ X_24 @ Y_15 ) + & ( ord_le827224136tate_o @ X_24 @ Z_10 ) ) ) )). + +thf(fact_635_le__infI1,axiom,( + ! [B_11: pname > $o,A_19: pname > $o,X_23: pname > $o] : + ( ( ord_less_eq_pname_o @ A_19 @ X_23 ) + => ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_19 @ B_11 ) @ X_23 ) ) )). + +thf(fact_636_le__infI1,axiom,( + ! [B_11: hoare_1167836817_state > $o,A_19: hoare_1167836817_state > $o,X_23: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_19 @ X_23 ) + => ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_19 @ B_11 ) @ X_23 ) ) )). + +thf(fact_637_le__infI2,axiom,( + ! [A_18: pname > $o,B_10: pname > $o,X_22: pname > $o] : + ( ( ord_less_eq_pname_o @ B_10 @ X_22 ) + => ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_18 @ B_10 ) @ X_22 ) ) )). + +thf(fact_638_le__infI2,axiom,( + ! [A_18: hoare_1167836817_state > $o,B_10: hoare_1167836817_state > $o,X_22: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ B_10 @ X_22 ) + => ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_18 @ B_10 ) @ X_22 ) ) )). + +thf(fact_639_inf__absorb1,axiom,( + ! [X_21: pname > $o,Y_14: pname > $o] : + ( ( ord_less_eq_pname_o @ X_21 @ Y_14 ) + => ( ( semila1673364395name_o @ X_21 @ Y_14 ) + = X_21 ) ) )). + +thf(fact_640_inf__absorb1,axiom,( + ! [X_21: hoare_1167836817_state > $o,Y_14: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_21 @ Y_14 ) + => ( ( semila179895820tate_o @ X_21 @ Y_14 ) + = X_21 ) ) )). + +thf(fact_641_inf__absorb2,axiom,( + ! [Y_13: pname > $o,X_20: pname > $o] : + ( ( ord_less_eq_pname_o @ Y_13 @ X_20 ) + => ( ( semila1673364395name_o @ X_20 @ Y_13 ) + = Y_13 ) ) )). + +thf(fact_642_inf__absorb2,axiom,( + ! [Y_13: hoare_1167836817_state > $o,X_20: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ Y_13 @ X_20 ) + => ( ( semila179895820tate_o @ X_20 @ Y_13 ) + = Y_13 ) ) )). + +thf(fact_643_le__infI,axiom,( + ! [B_9: pname > $o,X_19: pname > $o,A_17: pname > $o] : + ( ( ord_less_eq_pname_o @ X_19 @ A_17 ) + => ( ( ord_less_eq_pname_o @ X_19 @ B_9 ) + => ( ord_less_eq_pname_o @ X_19 @ ( semila1673364395name_o @ A_17 @ B_9 ) ) ) ) )). + +thf(fact_644_le__infI,axiom,( + ! [B_9: hoare_1167836817_state > $o,X_19: hoare_1167836817_state > $o,A_17: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_19 @ A_17 ) + => ( ( ord_le827224136tate_o @ X_19 @ B_9 ) + => ( ord_le827224136tate_o @ X_19 @ ( semila179895820tate_o @ A_17 @ B_9 ) ) ) ) )). + +thf(fact_645_inf__greatest,axiom,( + ! [Z_9: pname > $o,X_18: pname > $o,Y_12: pname > $o] : + ( ( ord_less_eq_pname_o @ X_18 @ Y_12 ) + => ( ( ord_less_eq_pname_o @ X_18 @ Z_9 ) + => ( ord_less_eq_pname_o @ X_18 @ ( semila1673364395name_o @ Y_12 @ Z_9 ) ) ) ) )). + +thf(fact_646_inf__greatest,axiom,( + ! [Z_9: hoare_1167836817_state > $o,X_18: hoare_1167836817_state > $o,Y_12: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_18 @ Y_12 ) + => ( ( ord_le827224136tate_o @ X_18 @ Z_9 ) + => ( ord_le827224136tate_o @ X_18 @ ( semila179895820tate_o @ Y_12 @ Z_9 ) ) ) ) )). + +thf(fact_647_inf__mono,axiom,( + ! [B_8: pname > $o,D: pname > $o,A_16: pname > $o,C_3: pname > $o] : + ( ( ord_less_eq_pname_o @ A_16 @ C_3 ) + => ( ( ord_less_eq_pname_o @ B_8 @ D ) + => ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_16 @ B_8 ) @ ( semila1673364395name_o @ C_3 @ D ) ) ) ) )). + +thf(fact_648_inf__mono,axiom,( + ! [B_8: hoare_1167836817_state > $o,D: hoare_1167836817_state > $o,A_16: hoare_1167836817_state > $o,C_3: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_16 @ C_3 ) + => ( ( ord_le827224136tate_o @ B_8 @ D ) + => ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_16 @ B_8 ) @ ( semila179895820tate_o @ C_3 @ D ) ) ) ) )). + +thf(fact_649_le__infE,axiom,( + ! [X_17: pname > $o,A_15: pname > $o,B_7: pname > $o] : + ( ( ord_less_eq_pname_o @ X_17 @ ( semila1673364395name_o @ A_15 @ B_7 ) ) + => ~ ( ( ord_less_eq_pname_o @ X_17 @ A_15 ) + => ~ ( ord_less_eq_pname_o @ X_17 @ B_7 ) ) ) )). + +thf(fact_650_le__infE,axiom,( + ! [X_17: hoare_1167836817_state > $o,A_15: hoare_1167836817_state > $o,B_7: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ X_17 @ ( semila179895820tate_o @ A_15 @ B_7 ) ) + => ~ ( ( ord_le827224136tate_o @ X_17 @ A_15 ) + => ~ ( ord_le827224136tate_o @ X_17 @ B_7 ) ) ) )). + +thf(fact_651_inf__sup__absorb,axiom,( + ! [X_16: hoare_1167836817_state > $o,Y_11: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ X_16 @ ( semila1172322802tate_o @ X_16 @ Y_11 ) ) + = X_16 ) )). + +thf(fact_652_sup__inf__absorb,axiom,( + ! [X_15: hoare_1167836817_state > $o,Y_10: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_15 @ ( semila179895820tate_o @ X_15 @ Y_10 ) ) + = X_15 ) )). + +thf(fact_653_inf__sup__distrib1,axiom,( + ! [X_14: hoare_1167836817_state > $o,Y_9: hoare_1167836817_state > $o,Z_8: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ X_14 @ ( semila1172322802tate_o @ Y_9 @ Z_8 ) ) + = ( semila1172322802tate_o @ ( semila179895820tate_o @ X_14 @ Y_9 ) @ ( semila179895820tate_o @ X_14 @ Z_8 ) ) ) )). + +thf(fact_654_sup__inf__distrib1,axiom,( + ! [X_13: hoare_1167836817_state > $o,Y_8: hoare_1167836817_state > $o,Z_7: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_13 @ ( semila179895820tate_o @ Y_8 @ Z_7 ) ) + = ( semila179895820tate_o @ ( semila1172322802tate_o @ X_13 @ Y_8 ) @ ( semila1172322802tate_o @ X_13 @ Z_7 ) ) ) )). + +thf(fact_655_inf__sup__distrib2,axiom,( + ! [Y_7: hoare_1167836817_state > $o,Z_6: hoare_1167836817_state > $o,X_12: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ ( semila1172322802tate_o @ Y_7 @ Z_6 ) @ X_12 ) + = ( semila1172322802tate_o @ ( semila179895820tate_o @ Y_7 @ X_12 ) @ ( semila179895820tate_o @ Z_6 @ X_12 ) ) ) )). + +thf(fact_656_sup__inf__distrib2,axiom,( + ! [Y_6: hoare_1167836817_state > $o,Z_5: hoare_1167836817_state > $o,X_11: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ ( semila179895820tate_o @ Y_6 @ Z_5 ) @ X_11 ) + = ( semila179895820tate_o @ ( semila1172322802tate_o @ Y_6 @ X_11 ) @ ( semila1172322802tate_o @ Z_5 @ X_11 ) ) ) )). + +thf(fact_657_inf__bot__right,axiom,( + ! [X_10: pname > $o] : + ( ( semila1673364395name_o @ X_10 @ bot_bot_pname_o ) + = bot_bot_pname_o ) )). + +thf(fact_658_inf__bot__right,axiom,( + ! [X_10: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ X_10 @ bot_bo70021908tate_o ) + = bot_bo70021908tate_o ) )). + +thf(fact_659_inf__bot__left,axiom,( + ! [X_9: pname > $o] : + ( ( semila1673364395name_o @ bot_bot_pname_o @ X_9 ) + = bot_bot_pname_o ) )). + +thf(fact_660_inf__bot__left,axiom,( + ! [X_9: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ bot_bo70021908tate_o @ X_9 ) + = bot_bo70021908tate_o ) )). + +thf(fact_661_distrib__sup__le,axiom,( + ! [X_8: pname > $o,Y_5: pname > $o,Z_4: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1780557381name_o @ X_8 @ ( semila1673364395name_o @ Y_5 @ Z_4 ) ) @ ( semila1673364395name_o @ ( semila1780557381name_o @ X_8 @ Y_5 ) @ ( semila1780557381name_o @ X_8 @ Z_4 ) ) ) )). + +thf(fact_662_distrib__sup__le,axiom,( + ! [X_8: hoare_1167836817_state > $o,Y_5: hoare_1167836817_state > $o,Z_4: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila1172322802tate_o @ X_8 @ ( semila179895820tate_o @ Y_5 @ Z_4 ) ) @ ( semila179895820tate_o @ ( semila1172322802tate_o @ X_8 @ Y_5 ) @ ( semila1172322802tate_o @ X_8 @ Z_4 ) ) ) )). + +thf(fact_663_distrib__inf__le,axiom,( + ! [X_7: pname > $o,Y_4: pname > $o,Z_3: pname > $o] : + ( ord_less_eq_pname_o @ ( semila1780557381name_o @ ( semila1673364395name_o @ X_7 @ Y_4 ) @ ( semila1673364395name_o @ X_7 @ Z_3 ) ) @ ( semila1673364395name_o @ X_7 @ ( semila1780557381name_o @ Y_4 @ Z_3 ) ) ) )). + +thf(fact_664_distrib__inf__le,axiom,( + ! [X_7: hoare_1167836817_state > $o,Y_4: hoare_1167836817_state > $o,Z_3: hoare_1167836817_state > $o] : + ( ord_le827224136tate_o @ ( semila1172322802tate_o @ ( semila179895820tate_o @ X_7 @ Y_4 ) @ ( semila179895820tate_o @ X_7 @ Z_3 ) ) @ ( semila179895820tate_o @ X_7 @ ( semila1172322802tate_o @ Y_4 @ Z_3 ) ) ) )). + +thf(fact_665_image__Int__subset,axiom,( + ! [F_6: pname > hoare_1167836817_state,A_14: pname > $o,B_6: pname > $o] : + ( ord_le827224136tate_o @ ( image_575578384_state @ F_6 @ ( semila1673364395name_o @ A_14 @ B_6 ) ) @ ( semila179895820tate_o @ ( image_575578384_state @ F_6 @ A_14 ) @ ( image_575578384_state @ F_6 @ B_6 ) ) ) )). + +thf(fact_666_Un__Int__assoc__eq,axiom,( + ! [A_13: pname > $o,B_5: pname > $o,C_2: pname > $o] : + ( ( ( semila1780557381name_o @ ( semila1673364395name_o @ A_13 @ B_5 ) @ C_2 ) + = ( semila1673364395name_o @ A_13 @ ( semila1780557381name_o @ B_5 @ C_2 ) ) ) + <=> ( ord_less_eq_pname_o @ C_2 @ A_13 ) ) )). + +thf(fact_667_Un__Int__assoc__eq,axiom,( + ! [A_13: hoare_1167836817_state > $o,B_5: hoare_1167836817_state > $o,C_2: hoare_1167836817_state > $o] : + ( ( ( semila1172322802tate_o @ ( semila179895820tate_o @ A_13 @ B_5 ) @ C_2 ) + = ( semila179895820tate_o @ A_13 @ ( semila1172322802tate_o @ B_5 @ C_2 ) ) ) + <=> ( ord_le827224136tate_o @ C_2 @ A_13 ) ) )). + +thf(fact_668_if__image__distrib,axiom,( + ! [P_3: pname > $o,F_5: pname > hoare_1167836817_state,G_1: pname > hoare_1167836817_state,S: pname > $o] : + ( ( image_575578384_state + @ ^ [X_5: pname] : + ( if_Hoa833675553_state @ ( P_3 @ X_5 ) @ ( F_5 @ X_5 ) @ ( G_1 @ X_5 ) ) + @ S ) + = ( semila1172322802tate_o @ ( image_575578384_state @ F_5 @ ( semila1673364395name_o @ S @ ( collect_pname @ P_3 ) ) ) + @ ( image_575578384_state @ G_1 + @ ( semila1673364395name_o @ S + @ ( collect_pname + @ ^ [X_5: pname] : + ( (~) @ ( P_3 @ X_5 ) ) ) ) ) ) ) )). + +thf(fact_669_dom__if,axiom,( + ! [P_2: pname > $o,F_4: pname > option_com,G: pname > option_com] : + ( ( dom_pname_com + @ ^ [X_5: pname] : + ( if_option_com @ ( P_2 @ X_5 ) @ ( F_4 @ X_5 ) @ ( G @ X_5 ) ) ) + = ( semila1780557381name_o @ ( semila1673364395name_o @ ( dom_pname_com @ F_4 ) @ ( collect_pname @ P_2 ) ) + @ ( semila1673364395name_o @ ( dom_pname_com @ G ) + @ ( collect_pname + @ ^ [X_5: pname] : + ( (~) @ ( P_2 @ X_5 ) ) ) ) ) ) )). + +thf(fact_670_Int__Collect__mono,axiom,( + ! [Q: pname > $o,P_1: pname > $o,A_12: pname > $o,B_4: pname > $o] : + ( ( ord_less_eq_pname_o @ A_12 @ B_4 ) + => ( ! [X_5: pname] : + ( ( member_pname @ X_5 @ A_12 ) + => ( ( P_1 @ X_5 ) + => ( Q @ X_5 ) ) ) + => ( ord_less_eq_pname_o @ ( semila1673364395name_o @ A_12 @ ( collect_pname @ P_1 ) ) @ ( semila1673364395name_o @ B_4 @ ( collect_pname @ Q ) ) ) ) ) )). + +thf(fact_671_Int__Collect__mono,axiom,( + ! [Q: hoare_1167836817_state > $o,P_1: hoare_1167836817_state > $o,A_12: hoare_1167836817_state > $o,B_4: hoare_1167836817_state > $o] : + ( ( ord_le827224136tate_o @ A_12 @ B_4 ) + => ( ! [X_5: hoare_1167836817_state] : + ( ( member2058392318_state @ X_5 @ A_12 ) + => ( ( P_1 @ X_5 ) + => ( Q @ X_5 ) ) ) + => ( ord_le827224136tate_o @ ( semila179895820tate_o @ A_12 @ ( collec1027672124_state @ P_1 ) ) @ ( semila179895820tate_o @ B_4 @ ( collec1027672124_state @ Q ) ) ) ) ) )). + +thf(fact_672_Int__Collect__mono,axiom,( + ! [Q: ( pname > $o ) > $o,P_1: ( pname > $o ) > $o,A_12: ( pname > $o ) > $o,B_4: ( pname > $o ) > $o] : + ( ( ord_le1205211808me_o_o @ A_12 @ B_4 ) + => ( ! [X_5: pname > $o] : + ( ( member_pname_o @ X_5 @ A_12 ) + => ( ( P_1 @ X_5 ) + => ( Q @ X_5 ) ) ) + => ( ord_le1205211808me_o_o @ ( semila2013987940me_o_o @ A_12 @ ( collect_pname_o @ P_1 ) ) @ ( semila2013987940me_o_o @ B_4 @ ( collect_pname_o @ Q ) ) ) ) ) )). + +thf(fact_673_Int__Collect__mono,axiom,( + ! [Q: ( hoare_1167836817_state > $o ) > $o,P_1: ( hoare_1167836817_state > $o ) > $o,A_12: ( hoare_1167836817_state > $o ) > $o,B_4: ( hoare_1167836817_state > $o ) > $o] : + ( ( ord_le741939125te_o_o @ A_12 @ B_4 ) + => ( ! [X_5: hoare_1167836817_state > $o] : + ( ( member864234961tate_o @ X_5 @ A_12 ) + => ( ( P_1 @ X_5 ) + => ( Q @ X_5 ) ) ) + => ( ord_le741939125te_o_o @ ( semila1758709489te_o_o @ A_12 @ ( collec269976083tate_o @ P_1 ) ) @ ( semila1758709489te_o_o @ B_4 @ ( collec269976083tate_o @ Q ) ) ) ) ) )). + +thf(fact_674_distrib__imp1,axiom,( + ! [X_6: hoare_1167836817_state > $o,Y_3: hoare_1167836817_state > $o,Z_2: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state > $o,Y_2: hoare_1167836817_state > $o,Z_1: hoare_1167836817_state > $o] : + ( ( semila179895820tate_o @ X_5 @ ( semila1172322802tate_o @ Y_2 @ Z_1 ) ) + = ( semila1172322802tate_o @ ( semila179895820tate_o @ X_5 @ Y_2 ) @ ( semila179895820tate_o @ X_5 @ Z_1 ) ) ) + => ( ( semila1172322802tate_o @ X_6 @ ( semila179895820tate_o @ Y_3 @ Z_2 ) ) + = ( semila179895820tate_o @ ( semila1172322802tate_o @ X_6 @ Y_3 ) @ ( semila1172322802tate_o @ X_6 @ Z_2 ) ) ) ) )). + +thf(fact_675_distrib__imp2,axiom,( + ! [X_4: hoare_1167836817_state > $o,Y_1: hoare_1167836817_state > $o,Z: hoare_1167836817_state > $o] : + ( ! [X_5: hoare_1167836817_state > $o,Y_2: hoare_1167836817_state > $o,Z_1: hoare_1167836817_state > $o] : + ( ( semila1172322802tate_o @ X_5 @ ( semila179895820tate_o @ Y_2 @ Z_1 ) ) + = ( semila179895820tate_o @ ( semila1172322802tate_o @ X_5 @ Y_2 ) @ ( semila1172322802tate_o @ X_5 @ Z_1 ) ) ) + => ( ( semila179895820tate_o @ X_4 @ ( semila1172322802tate_o @ Y_1 @ Z ) ) + = ( semila1172322802tate_o @ ( semila179895820tate_o @ X_4 @ Y_1 ) @ ( semila179895820tate_o @ X_4 @ Z ) ) ) ) )). + +thf(fact_676_folding__one_Oremove,axiom,( + ! [X_3: pname,A_11: pname > $o,F_3: pname > pname > pname,F_2: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_3 @ F_2 ) + => ( ( finite_finite_pname @ A_11 ) + => ( ( member_pname @ X_3 @ A_11 ) + => ( ( ( ( minus_minus_pname_o @ A_11 @ ( insert_pname @ X_3 @ bot_bot_pname_o ) ) + = bot_bot_pname_o ) + => ( ( F_2 @ A_11 ) + = X_3 ) ) + & ( ( ( minus_minus_pname_o @ A_11 @ ( insert_pname @ X_3 @ bot_bot_pname_o ) ) + != bot_bot_pname_o ) + => ( ( F_2 @ A_11 ) + = ( F_3 @ X_3 @ ( F_2 @ ( minus_minus_pname_o @ A_11 @ ( insert_pname @ X_3 @ bot_bot_pname_o ) ) ) ) ) ) ) ) ) ) )). + +thf(fact_677_folding__one_Oremove,axiom,( + ! [X_3: hoare_1167836817_state,A_11: hoare_1167836817_state > $o,F_3: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F_2: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_3 @ F_2 ) + => ( ( finite1084549118_state @ A_11 ) + => ( ( member2058392318_state @ X_3 @ A_11 ) + => ( ( ( ( minus_2107060239tate_o @ A_11 @ ( insert2134838167_state @ X_3 @ bot_bo70021908tate_o ) ) + = bot_bo70021908tate_o ) + => ( ( F_2 @ A_11 ) + = X_3 ) ) + & ( ( ( minus_2107060239tate_o @ A_11 @ ( insert2134838167_state @ X_3 @ bot_bo70021908tate_o ) ) + != bot_bo70021908tate_o ) + => ( ( F_2 @ A_11 ) + = ( F_3 @ X_3 @ ( F_2 @ ( minus_2107060239tate_o @ A_11 @ ( insert2134838167_state @ X_3 @ bot_bo70021908tate_o ) ) ) ) ) ) ) ) ) ) )). + +thf(fact_678_folding__one_Oremove,axiom,( + ! [X_3: pname > $o,A_11: ( pname > $o ) > $o,F_3: ( pname > $o ) > ( pname > $o ) > pname > $o,F_2: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite349908348name_o @ F_3 @ F_2 ) + => ( ( finite297249702name_o @ A_11 ) + => ( ( member_pname_o @ X_3 @ A_11 ) + => ( ( ( ( minus_1480864103me_o_o @ A_11 @ ( insert_pname_o @ X_3 @ bot_bot_pname_o_o ) ) + = bot_bot_pname_o_o ) + => ( ( F_2 @ A_11 ) + = X_3 ) ) + & ( ( ( minus_1480864103me_o_o @ A_11 @ ( insert_pname_o @ X_3 @ bot_bot_pname_o_o ) ) + != bot_bot_pname_o_o ) + => ( ( F_2 @ A_11 ) + = ( F_3 @ X_3 @ ( F_2 @ ( minus_1480864103me_o_o @ A_11 @ ( insert_pname_o @ X_3 @ bot_bot_pname_o_o ) ) ) ) ) ) ) ) ) ) )). + +thf(fact_679_folding__one_Oremove,axiom,( + ! [X_3: hoare_1167836817_state > $o,A_11: ( hoare_1167836817_state > $o ) > $o,F_3: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F_2: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite979047547tate_o @ F_3 @ F_2 ) + => ( ( finite1380128977tate_o @ A_11 ) + => ( ( member864234961tate_o @ X_3 @ A_11 ) + => ( ( ( ( minus_1708687022te_o_o @ A_11 @ ( insert999278200tate_o @ X_3 @ bot_bo691907561te_o_o ) ) + = bot_bo691907561te_o_o ) + => ( ( F_2 @ A_11 ) + = X_3 ) ) + & ( ( ( minus_1708687022te_o_o @ A_11 @ ( insert999278200tate_o @ X_3 @ bot_bo691907561te_o_o ) ) + != bot_bo691907561te_o_o ) + => ( ( F_2 @ A_11 ) + = ( F_3 @ X_3 @ ( F_2 @ ( minus_1708687022te_o_o @ A_11 @ ( insert999278200tate_o @ X_3 @ bot_bo691907561te_o_o ) ) ) ) ) ) ) ) ) ) )). + +thf(fact_680_folding__one_Oinsert__remove,axiom,( + ! [X_2: pname,A_10: pname > $o,F_1: pname > pname > pname,F: ( pname > $o ) > pname] : + ( ( finite1282449217_pname @ F_1 @ F ) + => ( ( finite_finite_pname @ A_10 ) + => ( ( ( ( minus_minus_pname_o @ A_10 @ ( insert_pname @ X_2 @ bot_bot_pname_o ) ) + = bot_bot_pname_o ) + => ( ( F @ ( insert_pname @ X_2 @ A_10 ) ) + = X_2 ) ) + & ( ( ( minus_minus_pname_o @ A_10 @ ( insert_pname @ X_2 @ bot_bot_pname_o ) ) + != bot_bot_pname_o ) + => ( ( F @ ( insert_pname @ X_2 @ A_10 ) ) + = ( F_1 @ X_2 @ ( F @ ( minus_minus_pname_o @ A_10 @ ( insert_pname @ X_2 @ bot_bot_pname_o ) ) ) ) ) ) ) ) ) )). + +thf(fact_681_folding__one_Oinsert__remove,axiom,( + ! [X_2: hoare_1167836817_state,A_10: hoare_1167836817_state > $o,F_1: hoare_1167836817_state > hoare_1167836817_state > hoare_1167836817_state,F: ( hoare_1167836817_state > $o ) > hoare_1167836817_state] : + ( ( finite1074406356_state @ F_1 @ F ) + => ( ( finite1084549118_state @ A_10 ) + => ( ( ( ( minus_2107060239tate_o @ A_10 @ ( insert2134838167_state @ X_2 @ bot_bo70021908tate_o ) ) + = bot_bo70021908tate_o ) + => ( ( F @ ( insert2134838167_state @ X_2 @ A_10 ) ) + = X_2 ) ) + & ( ( ( minus_2107060239tate_o @ A_10 @ ( insert2134838167_state @ X_2 @ bot_bo70021908tate_o ) ) + != bot_bo70021908tate_o ) + => ( ( F @ ( insert2134838167_state @ X_2 @ A_10 ) ) + = ( F_1 @ X_2 @ ( F @ ( minus_2107060239tate_o @ A_10 @ ( insert2134838167_state @ X_2 @ bot_bo70021908tate_o ) ) ) ) ) ) ) ) ) )). + +thf(fact_682_folding__one_Oinsert__remove,axiom,( + ! [X_2: pname > $o,A_10: ( pname > $o ) > $o,F_1: ( pname > $o ) > ( pname > $o ) > pname > $o,F: ( ( pname > $o ) > $o ) > pname > $o] : + ( ( finite349908348name_o @ F_1 @ F ) + => ( ( finite297249702name_o @ A_10 ) + => ( ( ( ( minus_1480864103me_o_o @ A_10 @ ( insert_pname_o @ X_2 @ bot_bot_pname_o_o ) ) + = bot_bot_pname_o_o ) + => ( ( F @ ( insert_pname_o @ X_2 @ A_10 ) ) + = X_2 ) ) + & ( ( ( minus_1480864103me_o_o @ A_10 @ ( insert_pname_o @ X_2 @ bot_bot_pname_o_o ) ) + != bot_bot_pname_o_o ) + => ( ( F @ ( insert_pname_o @ X_2 @ A_10 ) ) + = ( F_1 @ X_2 @ ( F @ ( minus_1480864103me_o_o @ A_10 @ ( insert_pname_o @ X_2 @ bot_bot_pname_o_o ) ) ) ) ) ) ) ) ) )). + +thf(fact_683_folding__one_Oinsert__remove,axiom,( + ! [X_2: hoare_1167836817_state > $o,A_10: ( hoare_1167836817_state > $o ) > $o,F_1: ( hoare_1167836817_state > $o ) > ( hoare_1167836817_state > $o ) > hoare_1167836817_state > $o,F: ( ( hoare_1167836817_state > $o ) > $o ) > hoare_1167836817_state > $o] : + ( ( finite979047547tate_o @ F_1 @ F ) + => ( ( finite1380128977tate_o @ A_10 ) + => ( ( ( ( minus_1708687022te_o_o @ A_10 @ ( insert999278200tate_o @ X_2 @ bot_bo691907561te_o_o ) ) + = bot_bo691907561te_o_o ) + => ( ( F @ ( insert999278200tate_o @ X_2 @ A_10 ) ) + = X_2 ) ) + & ( ( ( minus_1708687022te_o_o @ A_10 @ ( insert999278200tate_o @ X_2 @ bot_bo691907561te_o_o ) ) + != bot_bo691907561te_o_o ) + => ( ( F @ ( insert999278200tate_o @ X_2 @ A_10 ) ) + = ( F_1 @ X_2 @ ( F @ ( minus_1708687022te_o_o @ A_10 @ ( insert999278200tate_o @ X_2 @ bot_bo691907561te_o_o ) ) ) ) ) ) ) ) ) )). + +thf(fact_684_DiffI,axiom,( + ! [B_3: pname > $o,C_1: pname,A_9: pname > $o] : + ( ( member_pname @ C_1 @ A_9 ) + => ( ~ ( member_pname @ C_1 @ B_3 ) + => ( member_pname @ C_1 @ ( minus_minus_pname_o @ A_9 @ B_3 ) ) ) ) )). + +thf(fact_685_DiffI,axiom,( + ! [B_3: hoare_1167836817_state > $o,C_1: hoare_1167836817_state,A_9: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C_1 @ A_9 ) + => ( ~ ( member2058392318_state @ C_1 @ B_3 ) + => ( member2058392318_state @ C_1 @ ( minus_2107060239tate_o @ A_9 @ B_3 ) ) ) ) )). + +thf(fact_686_DiffE,axiom,( + ! [C: pname,A_8: pname > $o,B_2: pname > $o] : + ( ( member_pname @ C @ ( minus_minus_pname_o @ A_8 @ B_2 ) ) + => ~ ( ( member_pname @ C @ A_8 ) + => ( member_pname @ C @ B_2 ) ) ) )). + +thf(fact_687_DiffE,axiom,( + ! [C: hoare_1167836817_state,A_8: hoare_1167836817_state > $o,B_2: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ C @ ( minus_2107060239tate_o @ A_8 @ B_2 ) ) + => ~ ( ( member2058392318_state @ C @ A_8 ) + => ( member2058392318_state @ C @ B_2 ) ) ) )). + +thf(fact_688_finite__Diff,axiom,( + ! [B_1: ( pname > $o ) > $o,A_7: ( pname > $o ) > $o] : + ( ( finite297249702name_o @ A_7 ) + => ( finite297249702name_o @ ( minus_1480864103me_o_o @ A_7 @ B_1 ) ) ) )). + +thf(fact_689_finite__Diff,axiom,( + ! [B_1: ( hoare_1167836817_state > $o ) > $o,A_7: ( hoare_1167836817_state > $o ) > $o] : + ( ( finite1380128977tate_o @ A_7 ) + => ( finite1380128977tate_o @ ( minus_1708687022te_o_o @ A_7 @ B_1 ) ) ) )). + +thf(fact_690_finite__Diff,axiom,( + ! [B_1: pname > $o,A_7: pname > $o] : + ( ( finite_finite_pname @ A_7 ) + => ( finite_finite_pname @ ( minus_minus_pname_o @ A_7 @ B_1 ) ) ) )). + +thf(fact_691_finite__Diff,axiom,( + ! [B_1: hoare_1167836817_state > $o,A_7: hoare_1167836817_state > $o] : + ( ( finite1084549118_state @ A_7 ) + => ( finite1084549118_state @ ( minus_2107060239tate_o @ A_7 @ B_1 ) ) ) )). + +thf(fact_692_insert__Diff,axiom,( + ! [A_6: pname,A_5: pname > $o] : + ( ( member_pname @ A_6 @ A_5 ) + => ( ( insert_pname @ A_6 @ ( minus_minus_pname_o @ A_5 @ ( insert_pname @ A_6 @ bot_bot_pname_o ) ) ) + = A_5 ) ) )). + +thf(fact_693_insert__Diff,axiom,( + ! [A_6: hoare_1167836817_state,A_5: hoare_1167836817_state > $o] : + ( ( member2058392318_state @ A_6 @ A_5 ) + => ( ( insert2134838167_state @ A_6 @ ( minus_2107060239tate_o @ A_5 @ ( insert2134838167_state @ A_6 @ bot_bo70021908tate_o ) ) ) + = A_5 ) ) )). + +thf(fact_694_Diff__insert__absorb,axiom,( + ! [X_1: pname,A_4: pname > $o] : + ( ~ ( member_pname @ X_1 @ A_4 ) + => ( ( minus_minus_pname_o @ ( insert_pname @ X_1 @ A_4 ) @ ( insert_pname @ X_1 @ bot_bot_pname_o ) ) + = A_4 ) ) )). + +thf(fact_695_Diff__insert__absorb,axiom,( + ! [X_1: hoare_1167836817_state,A_4: hoare_1167836817_state > $o] : + ( ~ ( member2058392318_state @ X_1 @ A_4 ) + => ( ( minus_2107060239tate_o @ ( insert2134838167_state @ X_1 @ A_4 ) @ ( insert2134838167_state @ X_1 @ bot_bo70021908tate_o ) ) + = A_4 ) ) )). + +thf(fact_696_insert__Diff__single,axiom,( + ! [A_3: pname,A_2: pname > $o] : + ( ( insert_pname @ A_3 @ ( minus_minus_pname_o @ A_2 @ ( insert_pname @ A_3 @ bot_bot_pname_o ) ) ) + = ( insert_pname @ A_3 @ A_2 ) ) )). + +thf(fact_697_insert__Diff__single,axiom,( + ! [A_3: hoare_1167836817_state,A_2: hoare_1167836817_state > $o] : + ( ( insert2134838167_state @ A_3 @ ( minus_2107060239tate_o @ A_2 @ ( insert2134838167_state @ A_3 @ bot_bo70021908tate_o ) ) ) + = ( insert2134838167_state @ A_3 @ A_2 ) ) )). + +thf(fact_698_Diff__insert2,axiom,( + ! [A_1: hoare_1167836817_state > $o,A: hoare_1167836817_state,B: hoare_1167836817_state > $o] : + ( ( minus_2107060239tate_o @ A_1 @ ( insert2134838167_state @ A @ B ) ) + = ( minus_2107060239tate_o @ ( minus_2107060239tate_o @ A_1 @ ( insert2134838167_state @ A @ bot_bo70021908tate_o ) ) @ B ) ) )). + +%----Helper facts (16) +thf(help_fequal_1_1_fequal_000tc__Com__Opname_T,axiom,( + ! [X: pname,Y: pname] : + ( ~ ( fequal_pname @ X @ Y ) + | ( X = Y ) ) )). + +thf(help_fequal_2_1_fequal_000tc__Com__Opname_T,axiom,( + ! [X: pname,Y: pname] : + ( ( X != Y ) + | ( fequal_pname @ X @ Y ) ) )). + +thf(help_fequal_1_1_fequal_000tc__Com__Ostate_T,axiom,( + ! [X: state,Y: state] : + ( ~ ( fequal_state @ X @ Y ) + | ( X = Y ) ) )). + +thf(help_fequal_2_1_fequal_000tc__Com__Ostate_T,axiom,( + ! [X: state,Y: state] : + ( ( X != Y ) + | ( fequal_state @ X @ Y ) ) )). + +thf(help_fequal_1_1_fequal_000_062_Itc__Com__Opname_M_Eo_J_T,axiom,( + ! [X: pname > $o,Y: pname > $o] : + ( ~ ( fequal_pname_o @ X @ Y ) + | ( X = Y ) ) )). + +thf(help_fequal_2_1_fequal_000_062_Itc__Com__Opname_M_Eo_J_T,axiom,( + ! [X: pname > $o,Y: pname > $o] : + ( ( X != Y ) + | ( fequal_pname_o @ X @ Y ) ) )). + +thf(help_If_1_1_If_000tc__Option__Ooption_Itc__Com__Ocom_J_T,axiom,( + ! [X: option_com,Y: option_com] : + ( ( if_option_com @ $true @ X @ Y ) + = X ) )). + +thf(help_If_2_1_If_000tc__Option__Ooption_Itc__Com__Ocom_J_T,axiom,( + ! [X: option_com,Y: option_com] : + ( ( if_option_com @ $false @ X @ Y ) + = Y ) )). + +thf(help_If_3_1_If_000tc__Option__Ooption_Itc__Com__Ocom_J_T,axiom,( + ! [P: $o] : + ( ( P = $true ) + | ( P = $false ) ) )). + +thf(help_If_1_1_If_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate,axiom,( + ! [X: hoare_1167836817_state,Y: hoare_1167836817_state] : + ( ( if_Hoa833675553_state @ $true @ X @ Y ) + = X ) )). + +thf(help_If_2_1_If_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate,axiom,( + ! [X: hoare_1167836817_state,Y: hoare_1167836817_state] : + ( ( if_Hoa833675553_state @ $false @ X @ Y ) + = Y ) )). + +thf(help_If_3_1_If_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com__Ostate,axiom,( + ! [P: $o] : + ( ( P = $true ) + | ( P = $false ) ) )). + +thf(help_fequal_1_1_fequal_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com,axiom,( + ! [X: hoare_1167836817_state,Y: hoare_1167836817_state] : + ( ~ ( fequal1831255762_state @ X @ Y ) + | ( X = Y ) ) )). + +thf(help_fequal_2_1_fequal_000tc__Hoare____Mirabelle____srushsumbx__Otriple_Itc__Com,axiom,( + ! [X: hoare_1167836817_state,Y: hoare_1167836817_state] : + ( ( X != Y ) + | ( fequal1831255762_state @ X @ Y ) ) )). + +thf(help_fequal_1_1_fequal_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_It,axiom,( + ! [X: hoare_1167836817_state > $o,Y: hoare_1167836817_state > $o] : + ( ~ ( fequal1486222077tate_o @ X @ Y ) + | ( X = Y ) ) )). + +thf(help_fequal_2_1_fequal_000_062_Itc__Hoare____Mirabelle____srushsumbx__Otriple_It,axiom,( + ! [X: hoare_1167836817_state > $o,Y: hoare_1167836817_state > $o] : + ( ( X != Y ) + | ( fequal1486222077tate_o @ X @ Y ) ) )). + +%----Conjectures (8) +thf(conj_0,hypothesis,( + hoare_1201148605gleton )). + +thf(conj_1,hypothesis,( + wT_bodies )). + +thf(conj_2,hypothesis, + ( finite1084549118_state @ fa )). + +thf(conj_3,hypothesis,( + ~ ( member2058392318_state @ ( hoare_Mirabelle_MGT @ y ) @ fa ) )). + +thf(conj_4,hypothesis, + ( ord_le827224136tate_o @ fa + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_Mirabelle_MGT @ ( the_com @ ( body @ Pn ) ) ) + @ ( dom_pname_com @ body ) ) )). + +thf(conj_5,hypothesis, + ( ( body @ pn ) + = ( some_com @ y ) )). + +thf(conj_6,hypothesis, + ( hoare_123228589_state + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_Mirabelle_MGT @ ( body_1 @ Pn ) ) + @ ( dom_pname_com @ body ) ) + @ fa )). + +thf(conj_7,conjecture, + ( hoare_123228589_state + @ ( image_575578384_state + @ ^ [Pn: pname] : + ( hoare_Mirabelle_MGT @ ( body_1 @ Pn ) ) + @ ( dom_pname_com @ body ) ) + @ ( insert2134838167_state @ ( hoare_Mirabelle_MGT @ y ) @ bot_bo70021908tate_o ) )). + +%------------------------------------------------------------------------------ -- 2.30.2