Welcome to Abella 2.0.4-dev
Abella < Specification "trans".
Reading specification "trans"
Abella < Import "util".
Importing from util
Abella < Theorem nstep_is_nat :
forall N M M', {nstep N M M'} -> {is_nat N}.
============================
forall N M M', {nstep N M M'} -> {is_nat N}
nstep_is_nat < induction on 1.
IH : forall N M M', {nstep N M M'}* -> {is_nat N}
============================
forall N M M', {nstep N M M'}@ -> {is_nat N}
nstep_is_nat < intros.
Variables: N M M'
IH : forall N M M', {nstep N M M'}* -> {is_nat N}
H1 : {nstep N M M'}@
============================
{is_nat N}
nstep_is_nat < case H1.
Subgoal 1:
Variables: M'
IH : forall N M M', {nstep N M M'}* -> {is_nat N}
============================
{is_nat z}
Subgoal 2 is:
{is_nat (s N1)}
nstep_is_nat < search.
Subgoal 2:
Variables: M M' M'1 N1
IH : forall N M M', {nstep N M M'}* -> {is_nat N}
H2 : {step M M'1}*
H3 : {nstep N1 M'1 M'}*
============================
{is_nat (s N1)}
nstep_is_nat < apply IH to H3.
Subgoal 2:
Variables: M M' M'1 N1
IH : forall N M M', {nstep N M M'}* -> {is_nat N}
H2 : {step M M'1}*
H3 : {nstep N1 M'1 M'}*
H4 : {is_nat N1}
============================
{is_nat (s N1)}
nstep_is_nat < search.
Proof completed.
Abella < Theorem nstep'_is_nat :
forall N M M', {nstep' N M M'} -> {is_nat N}.
============================
forall N M M', {nstep' N M M'} -> {is_nat N}
nstep'_is_nat < induction on 1.
IH : forall N M M', {nstep' N M M'}* -> {is_nat N}
============================
forall N M M', {nstep' N M M'}@ -> {is_nat N}
nstep'_is_nat < intros.
Variables: N M M'
IH : forall N M M', {nstep' N M M'}* -> {is_nat N}
H1 : {nstep' N M M'}@
============================
{is_nat N}
nstep'_is_nat < case H1.
Subgoal 1:
Variables: M'
IH : forall N M M', {nstep' N M M'}* -> {is_nat N}
============================
{is_nat z}
Subgoal 2 is:
{is_nat (s N1)}
nstep'_is_nat < search.
Subgoal 2:
Variables: M M' M'1 N1
IH : forall N M M', {nstep' N M M'}* -> {is_nat N}
H2 : {step' M M'1}*
H3 : {nstep' N1 M'1 M'}*
============================
{is_nat (s N1)}
nstep'_is_nat < apply IH to H3.
Subgoal 2:
Variables: M M' M'1 N1
IH : forall N M M', {nstep' N M M'}* -> {is_nat N}
H2 : {step' M M'1}*
H3 : {nstep' N1 M'1 M'}*
H4 : {is_nat N1}
============================
{is_nat (s N1)}
nstep'_is_nat < search.
Proof completed.
Abella < Theorem val'_step'_absurd :
forall V M, {val' V} -> {step' V M} -> false.
============================
forall V M, {val' V} -> {step' V M} -> false
val'_step'_absurd < induction on 1.
IH : forall V M, {val' V}* -> {step' V M} -> false
============================
forall V M, {val' V}@ -> {step' V M} -> false
val'_step'_absurd < intros.
Variables: V M
IH : forall V M, {val' V}* -> {step' V M} -> false
H1 : {val' V}@
H2 : {step' V M}
============================
false
val'_step'_absurd < case H1.
Subgoal 1:
Variables: M N
IH : forall V M, {val' V}* -> {step' V M} -> false
H2 : {step' (nat' N) M}
============================
false
Subgoal 2 is:
false
Subgoal 3 is:
false
Subgoal 4 is:
false
Subgoal 5 is:
false
val'_step'_absurd < case H2.
Subgoal 2:
Variables: M
IH : forall V M, {val' V}* -> {step' V M} -> false
H2 : {step' unit' M}
============================
false
Subgoal 3 is:
false
Subgoal 4 is:
false
Subgoal 5 is:
false
val'_step'_absurd < case H2.
Subgoal 3:
Variables: M V2 V1
IH : forall V M, {val' V}* -> {step' V M} -> false
H2 : {step' (pair' V1 V2) M}
H3 : {val' V1}*
H4 : {val' V2}*
============================
false
Subgoal 4 is:
false
Subgoal 5 is:
false
val'_step'_absurd < case H2.
Subgoal 3.1:
Variables: V2 V1 M1'
IH : forall V M, {val' V}* -> {step' V M} -> false
H3 : {val' V1}*
H4 : {val' V2}*
H5 : {step' V1 M1'}
============================
false
Subgoal 3.2 is:
false
Subgoal 4 is:
false
Subgoal 5 is:
false
val'_step'_absurd < backchain IH.
Subgoal 3.2:
Variables: V2 V1 M2'
IH : forall V M, {val' V}* -> {step' V M} -> false
H3 : {val' V1}*
H4 : {val' V2}*
H5 : {val' V1}
H6 : {step' V2 M2'}
============================
false
Subgoal 4 is:
false
Subgoal 5 is:
false
val'_step'_absurd < backchain IH with V = V2.
Subgoal 4:
Variables: M R
IH : forall V M, {val' V}* -> {step' V M} -> false
H2 : {step' (abs' R) M}
============================
false
Subgoal 5 is:
false
val'_step'_absurd < case H2.
Subgoal 5:
Variables: M E F
IH : forall V M, {val' V}* -> {step' V M} -> false
H2 : {step' (clos' F E) M}
H3 : {val' F}*
H4 : {val' E}*
============================
false
val'_step'_absurd < case H2.
Subgoal 5.1:
Variables: E F F'
IH : forall V M, {val' V}* -> {step' V M} -> false
H3 : {val' F}*
H4 : {val' E}*
H5 : {step' F F'}
============================
false
Subgoal 5.2 is:
false
val'_step'_absurd < backchain IH.
Subgoal 5.2:
Variables: E F E'
IH : forall V M, {val' V}* -> {step' V M} -> false
H3 : {val' F}*
H4 : {val' E}*
H5 : {val' F}
H6 : {step' E E'}
============================
false
val'_step'_absurd < backchain IH with V = E.
Proof completed.
Abella < Theorem step'_det :
forall M N N', {step' M N} -> {step' M N'} -> N = N'.
============================
forall M N N', {step' M N} -> {step' M N'} -> N = N'
step'_det < induction on 1.
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
============================
forall M N N', {step' M N}@ -> {step' M N'} -> N = N'
step'_det < intros.
Variables: M N N'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H1 : {step' M N}@
H2 : {step' M N'}
============================
N = N'
step'_det < case H1.
Subgoal 1:
Variables: N' M' M1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (pred' M1) N'}
H3 : {step' M1 M'}*
============================
pred' M' = N'
Subgoal 2 is:
nat' N'1 = N'
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 1.1:
Variables: M' M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'}*
H4 : {step' M1 M'1}
============================
pred' M' = pred' M'1
Subgoal 1.2 is:
pred' M' = nat' N'1
Subgoal 2 is:
nat' N'1 = N'
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 1.1:
Variables: M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'1}*
H4 : {step' M1 M'1}
============================
pred' M'1 = pred' M'1
Subgoal 1.2 is:
pred' M' = nat' N'1
Subgoal 2 is:
nat' N'1 = N'
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 1.2:
Variables: M' N'1 N1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (nat' N1) M'}*
H4 : {npred N1 N'1}
============================
pred' M' = nat' N'1
Subgoal 2 is:
nat' N'1 = N'
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 2:
Variables: N' N'1 N1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (pred' (nat' N1)) N'}
H3 : {npred N1 N'1}*
============================
nat' N'1 = N'
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 2.1:
Variables: N'1 N1 M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {npred N1 N'1}*
H4 : {step' (nat' N1) M'}
============================
nat' N'1 = pred' M'
Subgoal 2.2 is:
nat' N'1 = nat' N'2
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H4.
Subgoal 2.2:
Variables: N'1 N1 N'2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {npred N1 N'1}*
H4 : {npred N1 N'2}
============================
nat' N'1 = nat' N'2
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply npred_det to H3 H4.
Subgoal 2.2:
Variables: N1 N'2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {npred N1 N'2}*
H4 : {npred N1 N'2}
============================
nat' N'2 = nat' N'2
Subgoal 3 is:
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 3:
Variables: N' M1' M1 M2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (plus' M1 M2) N'}
H3 : {step' M1 M1'}*
============================
plus' M1' M2 = N'
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 3.1:
Variables: M1' M1 M2 M1'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'}*
H4 : {step' M1 M1'1}
============================
plus' M1' M2 = plus' M1'1 M2
Subgoal 3.2 is:
plus' M1' M2 = plus' M1 M2'
Subgoal 3.3 is:
plus' M1' (nat' N2) = nat' N1
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 3.1:
Variables: M1 M2 M1'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'1}*
H4 : {step' M1 M1'1}
============================
plus' M1'1 M2 = plus' M1'1 M2
Subgoal 3.2 is:
plus' M1' M2 = plus' M1 M2'
Subgoal 3.3 is:
plus' M1' (nat' N2) = nat' N1
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 3.2:
Variables: M1' M1 M2 M2'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'}*
H4 : {val' M1}
H5 : {step' M2 M2'}
============================
plus' M1' M2 = plus' M1 M2'
Subgoal 3.3 is:
plus' M1' (nat' N2) = nat' N1
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 3.3:
Variables: M1' N1 N2 N3
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (nat' N3) M1'}*
H4 : {add N3 N2 N1}
============================
plus' M1' (nat' N2) = nat' N1
Subgoal 4 is:
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 4:
Variables: N' M2' M2 V1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (plus' V1 M2) N'}
H3 : {val' V1}*
H4 : {step' M2 M2'}*
============================
plus' V1 M2' = N'
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 4.1:
Variables: M2' M2 V1 M1'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'}*
H5 : {step' V1 M1'}
============================
plus' V1 M2' = plus' M1' M2
Subgoal 4.2 is:
plus' V1 M2' = plus' V1 M2'1
Subgoal 4.3 is:
plus' (nat' N3) M2' = nat' N1
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H5.
Subgoal 4.2:
Variables: M2' M2 V1 M2'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'}*
H5 : {val' V1}
H6 : {step' M2 M2'1}
============================
plus' V1 M2' = plus' V1 M2'1
Subgoal 4.3 is:
plus' (nat' N3) M2' = nat' N1
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H4 H6.
Subgoal 4.2:
Variables: M2 V1 M2'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'1}*
H5 : {val' V1}
H6 : {step' M2 M2'1}
============================
plus' V1 M2'1 = plus' V1 M2'1
Subgoal 4.3 is:
plus' (nat' N3) M2' = nat' N1
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 4.3:
Variables: M2' N1 N2 N3
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (nat' N3)}*
H4 : {step' (nat' N2) M2'}*
H5 : {add N3 N2 N1}
============================
plus' (nat' N3) M2' = nat' N1
Subgoal 5 is:
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H4.
Subgoal 5:
Variables: N' N1 N2 N3
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (plus' (nat' N3) (nat' N2)) N'}
H3 : {add N3 N2 N1}*
============================
nat' N1 = N'
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 5.1:
Variables: N1 N2 N3 M1'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {add N3 N2 N1}*
H4 : {step' (nat' N3) M1'}
============================
nat' N1 = plus' M1' (nat' N2)
Subgoal 5.2 is:
nat' N1 = plus' (nat' N3) M2'
Subgoal 5.3 is:
nat' N1 = nat' N4
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H4.
Subgoal 5.2:
Variables: N1 N2 N3 M2'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {add N3 N2 N1}*
H4 : {val' (nat' N3)}
H5 : {step' (nat' N2) M2'}
============================
nat' N1 = plus' (nat' N3) M2'
Subgoal 5.3 is:
nat' N1 = nat' N4
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H5.
Subgoal 5.3:
Variables: N1 N2 N3 N4
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {add N3 N2 N1}*
H4 : {add N3 N2 N4}
============================
nat' N1 = nat' N4
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply add_det to H3 H4.
Subgoal 5.3:
Variables: N2 N3 N4
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {add N3 N2 N4}*
H4 : {add N3 N2 N4}
============================
nat' N4 = nat' N4
Subgoal 6 is:
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 6:
Variables: N' M' M3 M2 M1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (ifz' M3 M1 M2) N'}
H3 : {step' M3 M'}*
============================
ifz' M' M1 M2 = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 6.1:
Variables: M' M3 M2 M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M3 M'}*
H4 : {step' M3 M'1}
============================
ifz' M' M1 M2 = ifz' M'1 M1 M2
Subgoal 6.2 is:
ifz' M' N' M2 = N'
Subgoal 6.3 is:
ifz' M' M1 N' = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 6.1:
Variables: M3 M2 M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M3 M'1}*
H4 : {step' M3 M'1}
============================
ifz' M'1 M1 M2 = ifz' M'1 M1 M2
Subgoal 6.2 is:
ifz' M' N' M2 = N'
Subgoal 6.3 is:
ifz' M' M1 N' = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 6.2:
Variables: N' M' M2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (nat' z) M'}*
============================
ifz' M' N' M2 = N'
Subgoal 6.3 is:
ifz' M' M1 N' = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 6.3:
Variables: N' M' M1 N1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (nat' (s N1)) M'}*
============================
ifz' M' M1 N' = N'
Subgoal 7 is:
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 7:
Variables: N N' M2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (ifz' (nat' z) N M2) N'}
============================
N = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 7.1:
Variables: N M2 M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (nat' z) M'}
============================
N = ifz' M' N M2
Subgoal 7.2 is:
N' = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 7.2:
Variables: N' M2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
============================
N' = N'
Subgoal 8 is:
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 8:
Variables: N N' M1 N1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (ifz' (nat' (s N1)) M1 N) N'}
============================
N = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 8.1:
Variables: N M1 N1 M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (nat' (s N1)) M'}
============================
N = ifz' M' M1 N
Subgoal 8.2 is:
N' = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 8.2:
Variables: N' M1 N1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
============================
N' = N'
Subgoal 9 is:
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 9:
Variables: N' M1' M1 M2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (pair' M1 M2) N'}
H3 : {step' M1 M1'}*
============================
pair' M1' M2 = N'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 9.1:
Variables: M1' M1 M2 M1'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'}*
H4 : {step' M1 M1'1}
============================
pair' M1' M2 = pair' M1'1 M2
Subgoal 9.2 is:
pair' M1' M2 = pair' M1 M2'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 9.1:
Variables: M1 M2 M1'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'1}*
H4 : {step' M1 M1'1}
============================
pair' M1'1 M2 = pair' M1'1 M2
Subgoal 9.2 is:
pair' M1' M2 = pair' M1 M2'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 9.2:
Variables: M1' M1 M2 M2'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'}*
H4 : {val' M1}
H5 : {step' M2 M2'}
============================
pair' M1' M2 = pair' M1 M2'
Subgoal 10 is:
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 10:
Variables: N' M2' M2 V1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (pair' V1 M2) N'}
H3 : {val' V1}*
H4 : {step' M2 M2'}*
============================
pair' V1 M2' = N'
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 10.1:
Variables: M2' M2 V1 M1'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'}*
H5 : {step' V1 M1'}
============================
pair' V1 M2' = pair' M1' M2
Subgoal 10.2 is:
pair' V1 M2' = pair' V1 M2'1
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H5.
Subgoal 10.2:
Variables: M2' M2 V1 M2'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'}*
H5 : {val' V1}
H6 : {step' M2 M2'1}
============================
pair' V1 M2' = pair' V1 M2'1
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H4 H6.
Subgoal 10.2:
Variables: M2 V1 M2'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'1}*
H5 : {val' V1}
H6 : {step' M2 M2'1}
============================
pair' V1 M2'1 = pair' V1 M2'1
Subgoal 11 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 11:
Variables: N' M' M1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (fst' M1) N'}
H3 : {step' M1 M'}*
============================
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 11.1:
Variables: M' M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'}*
H4 : {step' M1 M'1}
============================
fst' M' = fst' M'1
Subgoal 11.2 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 11.1:
Variables: M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'1}*
H4 : {step' M1 M'1}
============================
fst' M'1 = fst' M'1
Subgoal 11.2 is:
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 11.2:
Variables: N' M' V2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (pair' N' V2) M'}*
H4 : {val' (pair' N' V2)}
============================
fst' M' = N'
Subgoal 12 is:
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 12:
Variables: N N' V2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (fst' (pair' N V2)) N'}
H3 : {val' (pair' N V2)}*
============================
N = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 12.1:
Variables: N V2 M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (pair' N V2)}*
H4 : {step' (pair' N V2) M'}
============================
N = fst' M'
Subgoal 12.2 is:
N' = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H4.
Subgoal 12.2:
Variables: N' V2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (pair' N' V2)}*
H4 : {val' (pair' N' V2)}
============================
N' = N'
Subgoal 13 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 13:
Variables: N' M' M1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (snd' M1) N'}
H3 : {step' M1 M'}*
============================
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 13.1:
Variables: M' M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'}*
H4 : {step' M1 M'1}
============================
snd' M' = snd' M'1
Subgoal 13.2 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 13.1:
Variables: M1 M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'1}*
H4 : {step' M1 M'1}
============================
snd' M'1 = snd' M'1
Subgoal 13.2 is:
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 13.2:
Variables: N' M' V1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (pair' V1 N') M'}*
H4 : {val' (pair' V1 N')}
============================
snd' M' = N'
Subgoal 14 is:
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 14:
Variables: N N' V1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (snd' (pair' V1 N)) N'}
H3 : {val' (pair' V1 N)}*
============================
N = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 14.1:
Variables: N V1 M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (pair' V1 N)}*
H4 : {step' (pair' V1 N) M'}
============================
N = snd' M'
Subgoal 14.2 is:
N' = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H4.
Subgoal 14.2:
Variables: N' V1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (pair' V1 N')}*
H4 : {val' (pair' V1 N')}
============================
N' = N'
Subgoal 15 is:
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 15:
Variables: N' M' M1 R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (let' M1 R) N'}
H3 : {step' M1 M'}*
============================
let' M' R = N'
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 15.1:
Variables: M' M1 R M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'}*
H4 : {step' M1 M'1}
============================
let' M' R = let' M'1 R
Subgoal 15.2 is:
let' M' R = R M1
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 15.1:
Variables: M1 R M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'1}*
H4 : {step' M1 M'1}
============================
let' M'1 R = let' M'1 R
Subgoal 15.2 is:
let' M' R = R M1
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 15.2:
Variables: M' M1 R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'}*
H4 : {val' M1}
============================
let' M' R = R M1
Subgoal 16 is:
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 16:
Variables: N' V R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (let' V R) N'}
H3 : {val' V}*
============================
R V = N'
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 16.1:
Variables: V R M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V}*
H4 : {step' V M'}
============================
R V = let' M' R
Subgoal 16.2 is:
R V = R V
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H4.
Subgoal 16.2:
Variables: V R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V}*
H4 : {val' V}
============================
R V = R V
Subgoal 17 is:
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 17:
Variables: N' M1' M1 M2
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (app' M1 M2) N'}
H3 : {step' M1 M1'}*
============================
app' M1' M2 = N'
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 17.1:
Variables: M1' M1 M2 M1'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'}*
H4 : {step' M1 M1'1}
============================
app' M1' M2 = app' M1'1 M2
Subgoal 17.2 is:
app' M1' M2 = app' M1 M2'
Subgoal 17.3 is:
app' M1' M2 = R M2
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 17.1:
Variables: M1 M2 M1'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'1}*
H4 : {step' M1 M1'1}
============================
app' M1'1 M2 = app' M1'1 M2
Subgoal 17.2 is:
app' M1' M2 = app' M1 M2'
Subgoal 17.3 is:
app' M1' M2 = R M2
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 17.2:
Variables: M1' M1 M2 M2'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M1'}*
H4 : {val' M1}
H5 : {step' M2 M2'}
============================
app' M1' M2 = app' M1 M2'
Subgoal 17.3 is:
app' M1' M2 = R M2
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 17.3:
Variables: M1' M2 R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (abs' R) M1'}*
H4 : {val' M2}
============================
app' M1' M2 = R M2
Subgoal 18 is:
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H3.
Subgoal 18:
Variables: N' M2' M2 V1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (app' V1 M2) N'}
H3 : {val' V1}*
H4 : {step' M2 M2'}*
============================
app' V1 M2' = N'
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 18.1:
Variables: M2' M2 V1 M1'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'}*
H5 : {step' V1 M1'}
============================
app' V1 M2' = app' M1' M2
Subgoal 18.2 is:
app' V1 M2' = app' V1 M2'1
Subgoal 18.3 is:
app' (abs' R) M2' = R M2
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H5.
Subgoal 18.2:
Variables: M2' M2 V1 M2'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'}*
H5 : {val' V1}
H6 : {step' M2 M2'1}
============================
app' V1 M2' = app' V1 M2'1
Subgoal 18.3 is:
app' (abs' R) M2' = R M2
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H4 H6.
Subgoal 18.2:
Variables: M2 V1 M2'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V1}*
H4 : {step' M2 M2'1}*
H5 : {val' V1}
H6 : {step' M2 M2'1}
============================
app' V1 M2'1 = app' V1 M2'1
Subgoal 18.3 is:
app' (abs' R) M2' = R M2
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 18.3:
Variables: M2' M2 R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (abs' R)}*
H4 : {step' M2 M2'}*
H5 : {val' M2}
============================
app' (abs' R) M2' = R M2
Subgoal 19 is:
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H5 H4.
Subgoal 19:
Variables: N' V R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (app' (abs' R) V) N'}
H3 : {val' V}*
============================
R V = N'
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 19.1:
Variables: V R M1'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V}*
H4 : {step' (abs' R) M1'}
============================
R V = app' M1' V
Subgoal 19.2 is:
R V = app' (abs' R) M2'
Subgoal 19.3 is:
R V = R V
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H4.
Subgoal 19.2:
Variables: V R M2'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V}*
H4 : {val' (abs' R)}
H5 : {step' V M2'}
============================
R V = app' (abs' R) M2'
Subgoal 19.3 is:
R V = R V
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H5.
Subgoal 19.3:
Variables: V R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' V}*
H4 : {val' V}
============================
R V = R V
Subgoal 20 is:
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 20:
Variables: N' F' F E
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (clos' F E) N'}
H3 : {step' F F'}*
============================
clos' F' E = N'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 20.1:
Variables: F' F E F'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' F F'}*
H4 : {step' F F'1}
============================
clos' F' E = clos' F'1 E
Subgoal 20.2 is:
clos' F' E = clos' F E'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 20.1:
Variables: F E F'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' F F'1}*
H4 : {step' F F'1}
============================
clos' F'1 E = clos' F'1 E
Subgoal 20.2 is:
clos' F' E = clos' F E'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 20.2:
Variables: F' F E E'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' F F'}*
H4 : {val' F}
H5 : {step' E E'}
============================
clos' F' E = clos' F E'
Subgoal 21 is:
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 21:
Variables: N' E' E F
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (clos' F E) N'}
H3 : {val' F}*
H4 : {step' E E'}*
============================
clos' F E' = N'
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 21.1:
Variables: E' E F F'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' F}*
H4 : {step' E E'}*
H5 : {step' F F'}
============================
clos' F E' = clos' F' E
Subgoal 21.2 is:
clos' F E' = clos' F E'1
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H3 H5.
Subgoal 21.2:
Variables: E' E F E'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' F}*
H4 : {step' E E'}*
H5 : {val' F}
H6 : {step' E E'1}
============================
clos' F E' = clos' F E'1
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H4 H6.
Subgoal 21.2:
Variables: E F E'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' F}*
H4 : {step' E E'1}*
H5 : {val' F}
H6 : {step' E E'1}
============================
clos' F E'1 = clos' F E'1
Subgoal 22 is:
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 22:
Variables: N' M' M1 R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (open' M1 R) N'}
H3 : {step' M1 M'}*
============================
open' M' R = N'
Subgoal 23 is:
R F E = N'
step'_det < case H2.
Subgoal 22.1:
Variables: M' M1 R M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'}*
H4 : {step' M1 M'1}
============================
open' M' R = open' M'1 R
Subgoal 22.2 is:
open' M' R = R F E
Subgoal 23 is:
R F E = N'
step'_det < apply IH to H3 H4.
Subgoal 22.1:
Variables: M1 R M'1
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' M1 M'1}*
H4 : {step' M1 M'1}
============================
open' M'1 R = open' M'1 R
Subgoal 22.2 is:
open' M' R = R F E
Subgoal 23 is:
R F E = N'
step'_det < search.
Subgoal 22.2:
Variables: M' R E F
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {step' (clos' F E) M'}*
H4 : {val' (clos' F E)}
============================
open' M' R = R F E
Subgoal 23 is:
R F E = N'
step'_det < apply val'_step'_absurd to H4 H3.
Subgoal 23:
Variables: N' E F R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H2 : {step' (open' (clos' F E) R) N'}
H3 : {val' (clos' F E)}*
============================
R F E = N'
step'_det < case H2.
Subgoal 23.1:
Variables: E F R M'
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (clos' F E)}*
H4 : {step' (clos' F E) M'}
============================
R F E = open' M' R
Subgoal 23.2 is:
R F E = R F E
step'_det < apply val'_step'_absurd to H3 H4.
Subgoal 23.2:
Variables: E F R
IH : forall M N N', {step' M N}* -> {step' M N'} -> N = N'
H3 : {val' (clos' F E)}*
H4 : {val' (clos' F E)}
============================
R F E = R F E
step'_det < search.
Proof completed.
Abella < Theorem nstep'_val'_det :
forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1} ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2.
============================
forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1} ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
nstep'_val'_det < induction on 3.
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
============================
forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}@ ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
nstep'_val'_det < intros.
Variables: N1 N2 M V1 V2
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H3 : {nstep' N1 M V1}@
H4 : {nstep' N2 M V2}
============================
N1 = N2 /\ V1 = V2
nstep'_val'_det < case H3.
Subgoal 1:
Variables: N2 V1 V2
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H4 : {nstep' N2 V1 V2}
============================
z = N2 /\ V1 = V2
Subgoal 2 is:
s N = N2 /\ V1 = V2
nstep'_val'_det < case H4.
Subgoal 1.1:
Variables: V2
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V2}
H2 : {val' V2}
============================
z = z /\ V2 = V2
Subgoal 1.2 is:
z = s N /\ V1 = V2
Subgoal 2 is:
s N = N2 /\ V1 = V2
nstep'_val'_det < search.
Subgoal 1.2:
Variables: V1 V2 M' N
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H5 : {step' V1 M'}
H6 : {nstep' N M' V2}
============================
z = s N /\ V1 = V2
Subgoal 2 is:
s N = N2 /\ V1 = V2
nstep'_val'_det < apply val'_step'_absurd to H1 H5.
Subgoal 2:
Variables: N2 M V1 V2 M' N
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H4 : {nstep' N2 M V2}
H5 : {step' M M'}*
H6 : {nstep' N M' V1}*
============================
s N = N2 /\ V1 = V2
nstep'_val'_det < case H4.
Subgoal 2.1:
Variables: V1 V2 M' N
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H5 : {step' V2 M'}*
H6 : {nstep' N M' V1}*
============================
s N = z /\ V1 = V2
Subgoal 2.2 is:
s N = s N3 /\ V1 = V2
nstep'_val'_det < apply val'_step'_absurd to H2 H5.
Subgoal 2.2:
Variables: M V1 V2 M' N M'1 N3
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H5 : {step' M M'}*
H6 : {nstep' N M' V1}*
H7 : {step' M M'1}
H8 : {nstep' N3 M'1 V2}
============================
s N = s N3 /\ V1 = V2
nstep'_val'_det < apply step'_det to H5 H7.
Subgoal 2.2:
Variables: M V1 V2 N M'1 N3
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V1}
H2 : {val' V2}
H5 : {step' M M'1}*
H6 : {nstep' N M'1 V1}*
H7 : {step' M M'1}
H8 : {nstep' N3 M'1 V2}
============================
s N = s N3 /\ V1 = V2
nstep'_val'_det < apply IH to _ _ H6 H8.
Subgoal 2.2:
Variables: M V2 M'1 N3
IH : forall N1 N2 M V1 V2, {val' V1} -> {val' V2} -> {nstep' N1 M V1}* ->
{nstep' N2 M V2} -> N1 =
N2 /\ V1 = V2
H1 : {val' V2}
H2 : {val' V2}
H5 : {step' M M'1}*
H6 : {nstep' N3 M'1 V2}*
H7 : {step' M M'1}
H8 : {nstep' N3 M'1 V2}
============================
s N3 = s N3 /\ V2 = V2
nstep'_val'_det < search.
Proof completed.
Abella < Theorem eval'_det :
forall E V V', {eval' E V} -> {eval' E V'} -> V = V'.
============================
forall E V V', {eval' E V} -> {eval' E V'} -> V = V'
eval'_det < intros.
Variables: E V V'
H1 : {eval' E V}
H2 : {eval' E V'}
============================
V = V'
eval'_det < case H1.
Variables: E V V' N
H2 : {eval' E V'}
H3 : {nstep' N E V}
H4 : {val' V}
============================
V = V'
eval'_det < case H2.
Variables: E V V' N N1
H3 : {nstep' N E V}
H4 : {val' V}
H5 : {nstep' N1 E V'}
H6 : {val' V'}
============================
V = V'
eval'_det < apply nstep'_val'_det to _ _ H3 H5.
Variables: E V' N1
H3 : {nstep' N1 E V'}
H4 : {val' V'}
H5 : {nstep' N1 E V'}
H6 : {val' V'}
============================
V' = V'
eval'_det < search.
Proof completed.
Abella < Theorem nstep'_trans :
forall K J M M' M'', {nstep' K M M'} -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''}).
============================
forall K J M M' M'', {nstep' K M M'} -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
nstep'_trans < induction on 1.
IH : forall K J M M' M'', {nstep' K M M'}* -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
============================
forall K J M M' M'', {nstep' K M M'}@ -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
nstep'_trans < intros.
Variables: K J M M' M''
IH : forall K J M M' M'', {nstep' K M M'}* -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
H1 : {nstep' K M M'}@
H2 : {nstep' J M' M''}
============================
exists N, {add K J N} /\ {nstep' N M M''}
nstep'_trans < case H1.
Subgoal 1:
Variables: J M' M''
IH : forall K J M M' M'', {nstep' K M M'}* -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
H2 : {nstep' J M' M''}
============================
exists N, {add z J N} /\ {nstep' N M' M''}
Subgoal 2 is:
exists N1, {add (s N) J N1} /\ {nstep' N1 M M''}
nstep'_trans < search.
Subgoal 2:
Variables: J M M' M'' M'1 N
IH : forall K J M M' M'', {nstep' K M M'}* -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
H2 : {nstep' J M' M''}
H3 : {step' M M'1}*
H4 : {nstep' N M'1 M'}*
============================
exists N1, {add (s N) J N1} /\ {nstep' N1 M M''}
nstep'_trans < apply IH to H4 H2.
Subgoal 2:
Variables: J M M' M'' M'1 N N1
IH : forall K J M M' M'', {nstep' K M M'}* -> {nstep' J M' M''} ->
(exists N, {add K J N} /\ {nstep' N M M''})
H2 : {nstep' J M' M''}
H3 : {step' M M'1}*
H4 : {nstep' N M'1 M'}*
H5 : {add N J N1}
H6 : {nstep' N1 M'1 M''}
============================
exists N1, {add (s N) J N1} /\ {nstep' N1 M M''}
nstep'_trans < search.
Proof completed.
Abella < Theorem nstep'_eval_closed :
forall K M M' M'', {nstep' K M M'} -> {eval' M' M''} -> {eval' M M''}.
============================
forall K M M' M'', {nstep' K M M'} -> {eval' M' M''} -> {eval' M M''}
nstep'_eval_closed < intros.
Variables: K M M' M''
H1 : {nstep' K M M'}
H2 : {eval' M' M''}
============================
{eval' M M''}
nstep'_eval_closed < case H2.
Variables: K M M' M'' N
H1 : {nstep' K M M'}
H3 : {nstep' N M' M''}
H4 : {val' M''}
============================
{eval' M M''}
nstep'_eval_closed < apply nstep'_trans to H1 H3.
Variables: K M M' M'' N N1
H1 : {nstep' K M M'}
H3 : {nstep' N M' M''}
H4 : {val' M''}
H5 : {add K N N1}
H6 : {nstep' N1 M M''}
============================
{eval' M M''}
nstep'_eval_closed < search.
Proof completed.
Abella < Theorem nstep_trans :
forall K J M M' M'', {nstep K M M'} -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''}).
============================
forall K J M M' M'', {nstep K M M'} -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
nstep_trans < induction on 1.
IH : forall K J M M' M'', {nstep K M M'}* -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
============================
forall K J M M' M'', {nstep K M M'}@ -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
nstep_trans < intros.
Variables: K J M M' M''
IH : forall K J M M' M'', {nstep K M M'}* -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
H1 : {nstep K M M'}@
H2 : {nstep J M' M''}
============================
exists N, {add K J N} /\ {nstep N M M''}
nstep_trans < case H1.
Subgoal 1:
Variables: J M' M''
IH : forall K J M M' M'', {nstep K M M'}* -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
H2 : {nstep J M' M''}
============================
exists N, {add z J N} /\ {nstep N M' M''}
Subgoal 2 is:
exists N1, {add (s N) J N1} /\ {nstep N1 M M''}
nstep_trans < search.
Subgoal 2:
Variables: J M M' M'' M'1 N
IH : forall K J M M' M'', {nstep K M M'}* -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
H2 : {nstep J M' M''}
H3 : {step M M'1}*
H4 : {nstep N M'1 M'}*
============================
exists N1, {add (s N) J N1} /\ {nstep N1 M M''}
nstep_trans < apply IH to H4 H2.
Subgoal 2:
Variables: J M M' M'' M'1 N N1
IH : forall K J M M' M'', {nstep K M M'}* -> {nstep J M' M''} ->
(exists N, {add K J N} /\ {nstep N M M''})
H2 : {nstep J M' M''}
H3 : {step M M'1}*
H4 : {nstep N M'1 M'}*
H5 : {add N J N1}
H6 : {nstep N1 M'1 M''}
============================
exists N1, {add (s N) J N1} /\ {nstep N1 M M''}
nstep_trans < search.
Proof completed.
Abella < Theorem val_step_absurd :
forall V M, {val V} -> {step V M} -> false.
============================
forall V M, {val V} -> {step V M} -> false
val_step_absurd < induction on 1.
IH : forall V M, {val V}* -> {step V M} -> false
============================
forall V M, {val V}@ -> {step V M} -> false
val_step_absurd < intros.
Variables: V M
IH : forall V M, {val V}* -> {step V M} -> false
H1 : {val V}@
H2 : {step V M}
============================
false
val_step_absurd < case H1.
Subgoal 1:
Variables: M N
IH : forall V M, {val V}* -> {step V M} -> false
H2 : {step (nat N) M}
============================
false
Subgoal 2 is:
false
Subgoal 3 is:
false
Subgoal 4 is:
false
val_step_absurd < case H2.
Subgoal 2:
Variables: M
IH : forall V M, {val V}* -> {step V M} -> false
H2 : {step unit M}
============================
false
Subgoal 3 is:
false
Subgoal 4 is:
false
val_step_absurd < case H2.
Subgoal 3:
Variables: M V2 V1
IH : forall V M, {val V}* -> {step V M} -> false
H2 : {step (pair V1 V2) M}
H3 : {val V1}*
H4 : {val V2}*
============================
false
Subgoal 4 is:
false
val_step_absurd < case H2.
Subgoal 3.1:
Variables: V2 V1 M1'
IH : forall V M, {val V}* -> {step V M} -> false
H3 : {val V1}*
H4 : {val V2}*
H5 : {step V1 M1'}
============================
false
Subgoal 3.2 is:
false
Subgoal 4 is:
false
val_step_absurd < backchain IH.
Subgoal 3.2:
Variables: V2 V1 M2'
IH : forall V M, {val V}* -> {step V M} -> false
H3 : {val V1}*
H4 : {val V2}*
H5 : {val V1}
H6 : {step V2 M2'}
============================
false
Subgoal 4 is:
false
val_step_absurd < backchain IH with V = V2.
Subgoal 4:
Variables: M R
IH : forall V M, {val V}* -> {step V M} -> false
H2 : {step (fix R) M}
============================
false
val_step_absurd < case H2.
Proof completed.
Abella < Theorem eval'_refl :
forall V, {val' V} -> {eval' V V}.
============================
forall V, {val' V} -> {eval' V V}
eval'_refl < induction on 1.
IH : forall V, {val' V}* -> {eval' V V}
============================
forall V, {val' V}@ -> {eval' V V}
eval'_refl < intros.
Variables: V
IH : forall V, {val' V}* -> {eval' V V}
H1 : {val' V}@
============================
{eval' V V}
eval'_refl < case H1.
Subgoal 1:
Variables: N
IH : forall V, {val' V}* -> {eval' V V}
============================
{eval' (nat' N) (nat' N)}
Subgoal 2 is:
{eval' unit' unit'}
Subgoal 3 is:
{eval' (pair' V1 V2) (pair' V1 V2)}
Subgoal 4 is:
{eval' (abs' R) (abs' R)}
Subgoal 5 is:
{eval' (clos' F E) (clos' F E)}
eval'_refl < search.
Subgoal 2:
IH : forall V, {val' V}* -> {eval' V V}
============================
{eval' unit' unit'}
Subgoal 3 is:
{eval' (pair' V1 V2) (pair' V1 V2)}
Subgoal 4 is:
{eval' (abs' R) (abs' R)}
Subgoal 5 is:
{eval' (clos' F E) (clos' F E)}
eval'_refl < search.
Subgoal 3:
Variables: V2 V1
IH : forall V, {val' V}* -> {eval' V V}
H2 : {val' V1}*
H3 : {val' V2}*
============================
{eval' (pair' V1 V2) (pair' V1 V2)}
Subgoal 4 is:
{eval' (abs' R) (abs' R)}
Subgoal 5 is:
{eval' (clos' F E) (clos' F E)}
eval'_refl < apply IH to H2.
Subgoal 3:
Variables: V2 V1
IH : forall V, {val' V}* -> {eval' V V}
H2 : {val' V1}*
H3 : {val' V2}*
H4 : {eval' V1 V1}
============================
{eval' (pair' V1 V2) (pair' V1 V2)}
Subgoal 4 is:
{eval' (abs' R) (abs' R)}
Subgoal 5 is:
{eval' (clos' F E) (clos' F E)}
eval'_refl < apply IH to H3.
Subgoal 3:
Variables: V2 V1
IH : forall V, {val' V}* -> {eval' V V}
H2 : {val' V1}*
H3 : {val' V2}*
H4 : {eval' V1 V1}
H5 : {eval' V2 V2}
============================
{eval' (pair' V1 V2) (pair' V1 V2)}
Subgoal 4 is:
{eval' (abs' R) (abs' R)}
Subgoal 5 is:
{eval' (clos' F E) (clos' F E)}
eval'_refl < search.
Subgoal 4:
Variables: R
IH : forall V, {val' V}* -> {eval' V V}
============================
{eval' (abs' R) (abs' R)}
Subgoal 5 is:
{eval' (clos' F E) (clos' F E)}
eval'_refl < search.
Subgoal 5:
Variables: E F
IH : forall V, {val' V}* -> {eval' V V}
H2 : {val' F}*
H3 : {val' E}*
============================
{eval' (clos' F E) (clos' F E)}
eval'_refl < apply IH to H2.
Subgoal 5:
Variables: E F
IH : forall V, {val' V}* -> {eval' V V}
H2 : {val' F}*
H3 : {val' E}*
H4 : {eval' F F}
============================
{eval' (clos' F E) (clos' F E)}
eval'_refl < apply IH to H3.
Subgoal 5:
Variables: E F
IH : forall V, {val' V}* -> {eval' V V}
H2 : {val' F}*
H3 : {val' E}*
H4 : {eval' F F}
H5 : {eval' E E}
============================
{eval' (clos' F E) (clos' F E)}
eval'_refl < search.
Proof completed.
Abella < Theorem nstep_val_inv :
forall J V V', {val V} -> {nstep J V V'} -> J = z /\ V = V'.
============================
forall J V V', {val V} -> {nstep J V V'} -> J = z /\ V = V'
nstep_val_inv < induction on 2.
IH : forall J V V', {val V} -> {nstep J V V'}* -> J = z /\ V = V'
============================
forall J V V', {val V} -> {nstep J V V'}@ -> J = z /\ V = V'
nstep_val_inv < intros.
Variables: J V V'
IH : forall J V V', {val V} -> {nstep J V V'}* -> J = z /\ V = V'
H1 : {val V}
H2 : {nstep J V V'}@
============================
J = z /\ V = V'
nstep_val_inv < case H2.
Subgoal 1:
Variables: V'
IH : forall J V V', {val V} -> {nstep J V V'}* -> J = z /\ V = V'
H1 : {val V'}
============================
z = z /\ V' = V'
Subgoal 2 is:
s N = z /\ V = V'
nstep_val_inv < search.
Subgoal 2:
Variables: V V' M' N
IH : forall J V V', {val V} -> {nstep J V V'}* -> J = z /\ V = V'
H1 : {val V}
H3 : {step V M'}*
H4 : {nstep N M' V'}*
============================
s N = z /\ V = V'
nstep_val_inv < apply val_step_absurd to H1 H3.
Proof completed.
Abella < Theorem nstep'_val'_inv :
forall J V V', {val' V} -> {nstep' J V V'} -> J = z /\ V = V'.
============================
forall J V V', {val' V} -> {nstep' J V V'} -> J = z /\ V = V'
nstep'_val'_inv < induction on 2.
IH : forall J V V', {val' V} -> {nstep' J V V'}* -> J = z /\ V = V'
============================
forall J V V', {val' V} -> {nstep' J V V'}@ -> J = z /\ V = V'
nstep'_val'_inv < intros.
Variables: J V V'
IH : forall J V V', {val' V} -> {nstep' J V V'}* -> J = z /\ V = V'
H1 : {val' V}
H2 : {nstep' J V V'}@
============================
J = z /\ V = V'
nstep'_val'_inv < case H2.
Subgoal 1:
Variables: V'
IH : forall J V V', {val' V} -> {nstep' J V V'}* -> J = z /\ V = V'
H1 : {val' V'}
============================
z = z /\ V' = V'
Subgoal 2 is:
s N = z /\ V = V'
nstep'_val'_inv < search.
Subgoal 2:
Variables: V V' M' N
IH : forall J V V', {val' V} -> {nstep' J V V'}* -> J = z /\ V = V'
H1 : {val' V}
H3 : {step' V M'}*
H4 : {nstep' N M' V'}*
============================
s N = z /\ V = V'
nstep'_val'_inv < apply val'_step'_absurd to H1 H3.
Proof completed.
Abella < Theorem step_pred_result :
forall M M', {step (pred M) M'} -> (exists M'', M' = pred M'') \/
(exists N, M' = nat N).
============================
forall M M', {step (pred M) M'} -> (exists M'', M' = pred M'') \/
(exists N, M' = nat N)
step_pred_result < intros.
Variables: M M'
H1 : {step (pred M) M'}
============================
(exists M'', M' = pred M'') \/ (exists N, M' = nat N)
step_pred_result < case H1.
Subgoal 1:
Variables: M M'1
H2 : {step M M'1}
============================
(exists M'', pred M'1 = pred M'') \/ (exists N, pred M'1 = nat N)
Subgoal 2 is:
(exists M'', nat N' = pred M'') \/ (exists N, nat N' = nat N)
step_pred_result < search.
Subgoal 2:
Variables: N' N
H2 : {npred N N'}
============================
(exists M'', nat N' = pred M'') \/ (exists N, nat N' = nat N)
step_pred_result < search.
Proof completed.
Abella < Theorem nstep_pred_inv :
forall V K M, {val V} -> {nstep K (pred M) V} ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'}).
============================
forall V K M, {val V} -> {nstep K (pred M) V} ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
nstep_pred_inv < induction on 2.
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
============================
forall V K M, {val V} -> {nstep K (pred M) V}@ ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
nstep_pred_inv < intros.
Variables: V K M
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val V}
H2 : {nstep K (pred M) V}@
============================
exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\ {npred N N'}
nstep_pred_inv < case H2.
Subgoal 1:
Variables: M
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val (pred M)}
============================
exists J N N', z = s J /\ {nstep J M (nat N)} /\ pred M = nat N' /\
{npred N N'}
Subgoal 2 is:
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < case H1.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val V}
H3 : {step (pred M) M'}*
H4 : {nstep N M' V}*
============================
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < apply step_pred_result to H3.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val V}
H3 : {step (pred M) M'}*
H4 : {nstep N M' V}*
H5 : (exists M'', M' = pred M'') \/ (exists N, M' = nat N)
============================
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < case H5.
Subgoal 2.1:
Variables: V M N M''
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val V}
H3 : {step (pred M) (pred M'')}*
H4 : {nstep N (pred M'') V}*
============================
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
Subgoal 2.2 is:
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M M'' J N1 N'
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val (nat N')}
H3 : {step (pred M) (pred M'')}*
H4 : {nstep (s J) (pred M'') (nat N')}*
H6 : {nstep J M'' (nat N1)}
H7 : {npred N1 N'}
============================
exists J1 N1 N'1, s (s J) = s J1 /\ {nstep J1 M (nat N1)} /\ nat N' =
nat N'1 /\ {npred N1 N'1}
Subgoal 2.2 is:
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < case H3.
Subgoal 2.1:
Variables: M M'' J N1 N'
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val (nat N')}
H4 : {nstep (s J) (pred M'') (nat N')}*
H6 : {nstep J M'' (nat N1)}
H7 : {npred N1 N'}
H8 : {step M M''}*
============================
exists J1 N1 N'1, s (s J) = s J1 /\ {nstep J1 M (nat N1)} /\ nat N' =
nat N'1 /\ {npred N1 N'1}
Subgoal 2.2 is:
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < search.
Subgoal 2.2:
Variables: V M N N1
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val V}
H3 : {step (pred M) (nat N1)}*
H4 : {nstep N (nat N1) V}*
============================
exists J N1 N', s N = s J /\ {nstep J M (nat N1)} /\ V = nat N' /\
{npred N1 N'}
nstep_pred_inv < apply nstep_val_inv to _ H4.
Subgoal 2.2:
Variables: M N1
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val (nat N1)}
H3 : {step (pred M) (nat N1)}*
H4 : {nstep z (nat N1) (nat N1)}*
============================
exists J N2 N', s z = s J /\ {nstep J M (nat N2)} /\ nat N1 = nat N' /\
{npred N2 N'}
nstep_pred_inv < case H3.
Subgoal 2.2:
Variables: N1 N2
IH : forall V K M, {val V} -> {nstep K (pred M) V}* ->
(exists J N N', K = s J /\ {nstep J M (nat N)} /\ V = nat N' /\
{npred N N'})
H1 : {val (nat N1)}
H4 : {nstep z (nat N1) (nat N1)}*
H6 : {npred N2 N1}*
============================
exists J N3 N', s z = s J /\ {nstep J (nat N2) (nat N3)} /\ nat N1 =
nat N' /\ {npred N3 N'}
nstep_pred_inv < search.
Proof completed.
Abella < Theorem step'_pred_result :
forall M M', {step' (pred' M) M'} -> (exists M'', M' = pred' M'') \/
(exists N, M' = nat' N).
============================
forall M M', {step' (pred' M) M'} -> (exists M'', M' = pred' M'') \/
(exists N, M' = nat' N)
step'_pred_result < intros.
Variables: M M'
H1 : {step' (pred' M) M'}
============================
(exists M'', M' = pred' M'') \/ (exists N, M' = nat' N)
step'_pred_result < case H1.
Subgoal 1:
Variables: M M'1
H2 : {step' M M'1}
============================
(exists M'', pred' M'1 = pred' M'') \/ (exists N, pred' M'1 = nat' N)
Subgoal 2 is:
(exists M'', nat' N' = pred' M'') \/ (exists N, nat' N' = nat' N)
step'_pred_result < search.
Subgoal 2:
Variables: N' N
H2 : {npred N N'}
============================
(exists M'', nat' N' = pred' M'') \/ (exists N, nat' N' = nat' N)
step'_pred_result < search.
Proof completed.
Abella < Theorem nstep'_pred_inv :
forall V K M, {val' V} -> {nstep' K (pred' M) V} ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'}).
============================
forall V K M, {val' V} -> {nstep' K (pred' M) V} ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
nstep'_pred_inv < induction on 2.
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
============================
forall V K M, {val' V} -> {nstep' K (pred' M) V}@ ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
nstep'_pred_inv < intros.
Variables: V K M
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' V}
H2 : {nstep' K (pred' M) V}@
============================
exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'}
nstep'_pred_inv < case H2.
Subgoal 1:
Variables: M
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' (pred' M)}
============================
exists J N N', z = s J /\ {nstep' J M (nat' N)} /\ pred' M = nat' N' /\
{npred N N'}
Subgoal 2 is:
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < case H1.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' V}
H3 : {step' (pred' M) M'}*
H4 : {nstep' N M' V}*
============================
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < apply step'_pred_result to H3.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' V}
H3 : {step' (pred' M) M'}*
H4 : {nstep' N M' V}*
H5 : (exists M'', M' = pred' M'') \/ (exists N, M' = nat' N)
============================
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < case H5.
Subgoal 2.1:
Variables: V M N M''
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' V}
H3 : {step' (pred' M) (pred' M'')}*
H4 : {nstep' N (pred' M'') V}*
============================
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
Subgoal 2.2 is:
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M M'' J N1 N'
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' (nat' N')}
H3 : {step' (pred' M) (pred' M'')}*
H4 : {nstep' (s J) (pred' M'') (nat' N')}*
H6 : {nstep' J M'' (nat' N1)}
H7 : {npred N1 N'}
============================
exists J1 N1 N'1, s (s J) = s J1 /\ {nstep' J1 M (nat' N1)} /\ nat' N' =
nat' N'1 /\ {npred N1 N'1}
Subgoal 2.2 is:
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < case H3.
Subgoal 2.1:
Variables: M M'' J N1 N'
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' (nat' N')}
H4 : {nstep' (s J) (pred' M'') (nat' N')}*
H6 : {nstep' J M'' (nat' N1)}
H7 : {npred N1 N'}
H8 : {step' M M''}*
============================
exists J1 N1 N'1, s (s J) = s J1 /\ {nstep' J1 M (nat' N1)} /\ nat' N' =
nat' N'1 /\ {npred N1 N'1}
Subgoal 2.2 is:
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < search.
Subgoal 2.2:
Variables: V M N N1
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' V}
H3 : {step' (pred' M) (nat' N1)}*
H4 : {nstep' N (nat' N1) V}*
============================
exists J N1 N', s N = s J /\ {nstep' J M (nat' N1)} /\ V = nat' N' /\
{npred N1 N'}
nstep'_pred_inv < apply nstep'_val'_inv to _ H4.
Subgoal 2.2:
Variables: M N1
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' (nat' N1)}
H3 : {step' (pred' M) (nat' N1)}*
H4 : {nstep' z (nat' N1) (nat' N1)}*
============================
exists J N2 N', s z = s J /\ {nstep' J M (nat' N2)} /\ nat' N1 = nat' N' /\
{npred N2 N'}
nstep'_pred_inv < case H3.
Subgoal 2.2:
Variables: N1 N2
IH : forall V K M, {val' V} -> {nstep' K (pred' M) V}* ->
(exists J N N', K = s J /\ {nstep' J M (nat' N)} /\ V = nat' N' /\
{npred N N'})
H1 : {val' (nat' N1)}
H4 : {nstep' z (nat' N1) (nat' N1)}*
H6 : {npred N2 N1}*
============================
exists J N3 N', s z = s J /\ {nstep' J (nat' N2) (nat' N3)} /\ nat' N1 =
nat' N' /\ {npred N3 N'}
nstep'_pred_inv < search.
Proof completed.
Abella < Theorem nstep'_pred_fwd :
forall K M N N', {nstep' K M (nat' N)} -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}.
============================
forall K M N N', {nstep' K M (nat' N)} -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
nstep'_pred_fwd < induction on 1.
IH : forall K M N N', {nstep' K M (nat' N)}* -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
============================
forall K M N N', {nstep' K M (nat' N)}@ -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
nstep'_pred_fwd < intros.
Variables: K M N N'
IH : forall K M N N', {nstep' K M (nat' N)}* -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
H1 : {nstep' K M (nat' N)}@
H2 : {npred N N'}
============================
{nstep' (s K) (pred' M) (nat' N')}
nstep'_pred_fwd < case H1.
Subgoal 1:
Variables: N N'
IH : forall K M N N', {nstep' K M (nat' N)}* -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
H2 : {npred N N'}
============================
{nstep' (s z) (pred' (nat' N)) (nat' N')}
Subgoal 2 is:
{nstep' (s (s N1)) (pred' M) (nat' N')}
nstep'_pred_fwd < search.
Subgoal 2:
Variables: M N N' M' N1
IH : forall K M N N', {nstep' K M (nat' N)}* -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
H2 : {npred N N'}
H3 : {step' M M'}*
H4 : {nstep' N1 M' (nat' N)}*
============================
{nstep' (s (s N1)) (pred' M) (nat' N')}
nstep'_pred_fwd < apply IH to H4 H2.
Subgoal 2:
Variables: M N N' M' N1
IH : forall K M N N', {nstep' K M (nat' N)}* -> {npred N N'} ->
{nstep' (s K) (pred' M) (nat' N')}
H2 : {npred N N'}
H3 : {step' M M'}*
H4 : {nstep' N1 M' (nat' N)}*
H5 : {nstep' (s N1) (pred' M') (nat' N')}
============================
{nstep' (s (s N1)) (pred' M) (nat' N')}
nstep'_pred_fwd < search.
Proof completed.
Abella < Theorem eval'_pred_fwd :
forall M N N', {eval' M (nat' N)} -> {npred N N'} ->
{eval' (pred' M) (nat' N')}.
============================
forall M N N', {eval' M (nat' N)} -> {npred N N'} ->
{eval' (pred' M) (nat' N')}
eval'_pred_fwd < intros.
Variables: M N N'
H1 : {eval' M (nat' N)}
H2 : {npred N N'}
============================
{eval' (pred' M) (nat' N')}
eval'_pred_fwd < case H1.
Variables: M N N' N1
H2 : {npred N N'}
H3 : {nstep' N1 M (nat' N)}
H4 : {val' (nat' N)}
============================
{eval' (pred' M) (nat' N')}
eval'_pred_fwd < apply nstep'_pred_fwd to H3 H2.
Variables: M N N' N1
H2 : {npred N N'}
H3 : {nstep' N1 M (nat' N)}
H4 : {val' (nat' N)}
H5 : {nstep' (s N1) (pred' M) (nat' N')}
============================
{eval' (pred' M) (nat' N')}
eval'_pred_fwd < search.
Proof completed.
Abella < Theorem eval''_pred_fwd :
forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'} -> {eval'' (htm FE M') (nat' N')}.
============================
forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'} -> {eval'' (htm FE M') (nat' N')}
eval''_pred_fwd < induction on 3.
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
============================
forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}@ -> {eval'' (htm FE M') (nat' N')}
eval''_pred_fwd < intros.
Variables: FE M M' N N'
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H1 : {eval'' (htm FE M) (nat' N)}
H2 : {npred N N'}
H3 : {hconstr M (x\pred' x) M'}@
============================
{eval'' (htm FE M') (nat' N')}
eval''_pred_fwd < case H3.
Subgoal 1:
Variables: FE N N' M1
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H1 : {eval'' (htm FE (hbase M1)) (nat' N)}
H2 : {npred N N'}
============================
{eval'' (htm FE (hbase (pred' M1))) (nat' N')}
Subgoal 2 is:
{eval'' (htm FE (habs R')) (nat' N')}
eval''_pred_fwd < case H1.
Subgoal 1:
Variables: N N' M1
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H2 : {npred N N'}
H4 : {eval' M1 (nat' N)}
============================
{eval'' (htm cnil (hbase (pred' M1))) (nat' N')}
Subgoal 2 is:
{eval'' (htm FE (habs R')) (nat' N')}
eval''_pred_fwd < apply eval'_pred_fwd to H4 H2.
Subgoal 1:
Variables: N N' M1
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H2 : {npred N N'}
H4 : {eval' M1 (nat' N)}
H5 : {eval' (pred' M1) (nat' N')}
============================
{eval'' (htm cnil (hbase (pred' M1))) (nat' N')}
Subgoal 2 is:
{eval'' (htm FE (habs R')) (nat' N')}
eval''_pred_fwd < search.
Subgoal 2:
Variables: FE N N' R' R
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H1 : {eval'' (htm FE (habs R)) (nat' N)}
H2 : {npred N N'}
H4 : {hconstr (R n1) (x\pred' x) (R' n1)}*
============================
{eval'' (htm FE (habs R')) (nat' N')}
eval''_pred_fwd < case H1.
Subgoal 2:
Variables: N N' R' R F FE1
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H2 : {npred N N'}
H4 : {hconstr (R n1) (x\pred' x) (R' n1)}*
H5 : {eval'' (htm FE1 (R F)) (nat' N)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (nat' N')}
eval''_pred_fwd < inst H4 with n1 = F.
Subgoal 2:
Variables: N N' R' R F FE1
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H2 : {npred N N'}
H4 : {hconstr (R n1) (x\pred' x) (R' n1)}*
H5 : {eval'' (htm FE1 (R F)) (nat' N)}
H6 : {hconstr (R F) (x\pred' x) (R' F)}*
============================
{eval'' (htm (ccons F FE1) (habs R')) (nat' N')}
eval''_pred_fwd < apply IH to H5 H2 H6.
Subgoal 2:
Variables: N N' R' R F FE1
IH : forall FE M M' N N', {eval'' (htm FE M) (nat' N)} -> {npred N N'} ->
{hconstr M (x\pred' x) M'}* -> {eval'' (htm FE M') (nat' N')}
H2 : {npred N N'}
H4 : {hconstr (R n1) (x\pred' x) (R' n1)}*
H5 : {eval'' (htm FE1 (R F)) (nat' N)}
H6 : {hconstr (R F) (x\pred' x) (R' F)}*
H7 : {eval'' (htm FE1 (R' F)) (nat' N')}
============================
{eval'' (htm (ccons F FE1) (habs R')) (nat' N')}
eval''_pred_fwd < search.
Proof completed.
Abella < Theorem nstep_ifz_inv :
forall V K M M1 M2, {is_nat K} -> {val V} -> {nstep K (ifz M M1 M2) V} ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N))} /\
{nstep I M2 V})).
============================
forall V K M M1 M2, {is_nat K} -> {val V} -> {nstep K (ifz M M1 M2) V} ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N))} /\
{nstep I M2 V}))
nstep_ifz_inv < induction on 3.
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
============================
forall V K M M1 M2, {is_nat K} -> {val V} -> {nstep K (ifz M M1 M2) V}@ ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N))} /\
{nstep I M2 V}))
nstep_ifz_inv < intros.
Variables: V K M M1 M2
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat K}
H2 : {val V}
H3 : {nstep K (ifz M M1 M2) V}@
============================
exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N))} /\
{nstep I M2 V})
nstep_ifz_inv < case H3.
Subgoal 1:
Variables: M M1 M2
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat z}
H2 : {val (ifz M M1 M2)}
============================
exists I J N, le J z /\ le I z /\
({nstep J M (nat z)} /\ {nstep I M1 (ifz M M1 M2)} \/
{nstep J M (nat (s N))} /\ {nstep I M2 (ifz M M1 M2)})
Subgoal 2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
nstep_ifz_inv < case H2.
Subgoal 2:
Variables: V M M1 M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H4 : {step (ifz M M1 M2) M'}*
H5 : {nstep N M' V}*
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
nstep_ifz_inv < case H4.
Subgoal 2.1:
Variables: V M M1 M2 N M'1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < apply IH to _ _ H5.
Subgoal 2.1.1:
Variables: V M M1 M2 N M'1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
============================
{is_nat N}
Subgoal 2.1 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < case H1.
Subgoal 2.1.1:
Variables: V M M1 M2 N M'1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : {is_nat N}
============================
{is_nat N}
Subgoal 2.1 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < search.
Subgoal 2.1:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H9 : {nstep J M'1 (nat z)} /\ {nstep I M1 V} \/ {nstep J M'1 (nat (s N1))} /\
{nstep I M2 V}
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < case H9.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists I.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
exists J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists s J.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
exists N1, le (s J) (s N) /\ le I (s N) /\
({nstep (s J) M (nat z)} /\ {nstep I M1 V} \/
{nstep (s J) M (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists z.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep (s J) M (nat z)} /\ {nstep I M1 V} \/
{nstep (s J) M (nat (s z))} /\ {nstep I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < left.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep (s J) M (nat z)} /\ {nstep I M1 V} \/
{nstep (s J) M (nat (s z))} /\ {nstep I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < split.
Subgoal 2.1.2.1:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
le (s J) (s N)
Subgoal 2.1.2.2 is:
le I (s N)
Subgoal 2.1.2.3 is:
{nstep (s J) M (nat z)} /\ {nstep I M1 V} \/ {nstep (s J) M (nat (s z))} /\
{nstep I M2 V}
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < backchain le_extend.
Subgoal 2.1.2.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
le I (s N)
Subgoal 2.1.2.3 is:
{nstep (s J) M (nat z)} /\ {nstep I M1 V} \/ {nstep (s J) M (nat (s z))} /\
{nstep I M2 V}
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < backchain le_succ.
Subgoal 2.1.2.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat z)}
H11 : {nstep I M1 V}
============================
{nstep (s J) M (nat z)} /\ {nstep I M1 V} \/ {nstep (s J) M (nat (s z))} /\
{nstep I M2 V}
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < search.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists I.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
exists J N1, le J (s N) /\ le I (s N) /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/ {nstep J M (nat (s N1))} /\
{nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists s J.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
exists N1, le (s J) (s N) /\ le I (s N) /\
({nstep (s J) M (nat z)} /\ {nstep I M1 V} \/
{nstep (s J) M (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists N1.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep (s J) M (nat z)} /\ {nstep I M1 V} \/
{nstep (s J) M (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < right.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep (s J) M (nat z)} /\ {nstep I M1 V} \/
{nstep (s J) M (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < split.
Subgoal 2.1.3.1:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
le (s J) (s N)
Subgoal 2.1.3.2 is:
le I (s N)
Subgoal 2.1.3.3 is:
{nstep (s J) M (nat z)} /\ {nstep I M1 V} \/ {nstep (s J) M (nat (s N1))} /\
{nstep I M2 V}
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < backchain le_extend.
Subgoal 2.1.3.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
le I (s N)
Subgoal 2.1.3.3 is:
{nstep (s J) M (nat z)} /\ {nstep I M1 V} \/ {nstep (s J) M (nat (s N1))} /\
{nstep I M2 V}
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < backchain le_succ.
Subgoal 2.1.3.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N (ifz M'1 M1 M2) V}*
H6 : {step M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep J M'1 (nat (s N1))}
H11 : {nstep I M2 V}
============================
{nstep (s J) M (nat z)} /\ {nstep I M1 V} \/ {nstep (s J) M (nat (s N1))} /\
{nstep I M2 V}
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < search.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep I M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists N.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
exists J N1, le J (s N) /\ le N (s N) /\
({nstep J (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep J (nat z) (nat (s N1))} /\ {nstep N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists z.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
exists N1, le z (s N) /\ le N (s N) /\
({nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s N1))} /\ {nstep N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists z.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < left.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < split.
Subgoal 2.2.1:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le z (s N)
Subgoal 2.2.2 is:
le N (s N)
Subgoal 2.2.3 is:
{nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < search.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le N (s N)
Subgoal 2.2.3 is:
{nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < backchain le_succ.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le N N
Subgoal 2.2.3 is:
{nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < backchain le_refl.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
{is_nat N}
Subgoal 2.2.3 is:
{nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < case H1.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H2 : {val V}
H5 : {nstep N M' V}*
H6 : {is_nat N}
============================
{is_nat N}
Subgoal 2.2.3 is:
{nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < search.
Subgoal 2.2.3:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
{nstep z (nat z) (nat z)} /\ {nstep N M' V} \/
{nstep z (nat z) (nat (s z))} /\ {nstep N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < search.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep I M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep I M' V})
nstep_ifz_inv < exists N.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
exists J N2, le J (s N) /\ le N (s N) /\
({nstep J (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep J (nat (s N1)) (nat (s N2))} /\ {nstep N M' V})
nstep_ifz_inv < exists z.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
exists N2, le z (s N) /\ le N (s N) /\
({nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N2))} /\ {nstep N M' V})
nstep_ifz_inv < exists N1.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V})
nstep_ifz_inv < right.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V})
nstep_ifz_inv < split.
Subgoal 2.3.1:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le z (s N)
Subgoal 2.3.2 is:
le N (s N)
Subgoal 2.3.3 is:
{nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V}
nstep_ifz_inv < search.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le N (s N)
Subgoal 2.3.3 is:
{nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V}
nstep_ifz_inv < backchain le_succ.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
le N N
Subgoal 2.3.3 is:
{nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V}
nstep_ifz_inv < backchain le_refl.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
{is_nat N}
Subgoal 2.3.3 is:
{nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V}
nstep_ifz_inv < case H1.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H2 : {val V}
H5 : {nstep N M' V}*
H6 : {is_nat N}
============================
{is_nat N}
Subgoal 2.3.3 is:
{nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V}
nstep_ifz_inv < search.
Subgoal 2.3.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val V} ->
{nstep K (ifz M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep J M (nat z)} /\ {nstep I M1 V} \/
{nstep J M (nat (s N))} /\ {nstep I M2 V}))
H1 : {is_nat (s N)}
H2 : {val V}
H5 : {nstep N M' V}*
============================
{nstep z (nat (s N1)) (nat z)} /\ {nstep N M1 V} \/
{nstep z (nat (s N1)) (nat (s N1))} /\ {nstep N M' V}
nstep_ifz_inv < search.
Proof completed.
Abella < Theorem nstep'_ifz_inv :
forall V K M M1 M2, {is_nat K} -> {val' V} -> {nstep' K (ifz' M M1 M2) V} ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V})).
============================
forall V K M M1 M2, {is_nat K} -> {val' V} -> {nstep' K (ifz' M M1 M2) V} ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
nstep'_ifz_inv < induction on 3.
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
============================
forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}@ ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
nstep'_ifz_inv < intros.
Variables: V K M M1 M2
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat K}
H2 : {val' V}
H3 : {nstep' K (ifz' M M1 M2) V}@
============================
exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N))} /\
{nstep' I M2 V})
nstep'_ifz_inv < case H3.
Subgoal 1:
Variables: M M1 M2
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat z}
H2 : {val' (ifz' M M1 M2)}
============================
exists I J N, le J z /\ le I z /\
({nstep' J M (nat' z)} /\ {nstep' I M1 (ifz' M M1 M2)} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 (ifz' M M1 M2)})
Subgoal 2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
nstep'_ifz_inv < case H2.
Subgoal 2:
Variables: V M M1 M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H4 : {step' (ifz' M M1 M2) M'}*
H5 : {nstep' N M' V}*
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
nstep'_ifz_inv < case H4.
Subgoal 2.1:
Variables: V M M1 M2 N M'1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < apply IH to _ _ H5.
Subgoal 2.1.1:
Variables: V M M1 M2 N M'1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
============================
{is_nat N}
Subgoal 2.1 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < case H1.
Subgoal 2.1.1:
Variables: V M M1 M2 N M'1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : {is_nat N}
============================
{is_nat N}
Subgoal 2.1 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < search.
Subgoal 2.1:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H9 : {nstep' J M'1 (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M'1 (nat' (s N1))} /\ {nstep' I M2 V}
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < case H9.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists I.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
exists J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists s J.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
exists N1, le (s J) (s N) /\ le I (s N) /\
({nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists z.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s z))} /\ {nstep' I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < left.
Subgoal 2.1.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s z))} /\ {nstep' I M2 V})
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < split.
Subgoal 2.1.2.1:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
le (s J) (s N)
Subgoal 2.1.2.2 is:
le I (s N)
Subgoal 2.1.2.3 is:
{nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s z))} /\ {nstep' I M2 V}
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < backchain le_extend.
Subgoal 2.1.2.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
le I (s N)
Subgoal 2.1.2.3 is:
{nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s z))} /\ {nstep' I M2 V}
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < backchain le_succ.
Subgoal 2.1.2.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' z)}
H11 : {nstep' I M1 V}
============================
{nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s z))} /\ {nstep' I M2 V}
Subgoal 2.1.3 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < search.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists I.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
exists J N1, le J (s N) /\ le I (s N) /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/ {nstep' J M (nat' (s N1))} /\
{nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists s J.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
exists N1, le (s J) (s N) /\ le I (s N) /\
({nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists N1.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < right.
Subgoal 2.1.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
le (s J) (s N) /\ le I (s N) /\
({nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < split.
Subgoal 2.1.3.1:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
le (s J) (s N)
Subgoal 2.1.3.2 is:
le I (s N)
Subgoal 2.1.3.3 is:
{nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V}
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < backchain le_extend.
Subgoal 2.1.3.2:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
le I (s N)
Subgoal 2.1.3.3 is:
{nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V}
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < backchain le_succ.
Subgoal 2.1.3.3:
Variables: V M M1 M2 N M'1 I J N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N (ifz' M'1 M1 M2) V}*
H6 : {step' M M'1}*
H7 : le J N
H8 : le I N
H10 : {nstep' J M'1 (nat' (s N1))}
H11 : {nstep' I M2 V}
============================
{nstep' (s J) M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' (s J) M (nat' (s N1))} /\ {nstep' I M2 V}
Subgoal 2.2 is:
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < search.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
exists I J N1, le J (s N) /\ le I (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' I M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' I M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists N.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
exists J N1, le J (s N) /\ le N (s N) /\
({nstep' J (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' J (nat' z) (nat' (s N1))} /\ {nstep' N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists z.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
exists N1, le z (s N) /\ le N (s N) /\
({nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s N1))} /\ {nstep' N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists z.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < left.
Subgoal 2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V})
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < split.
Subgoal 2.2.1:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le z (s N)
Subgoal 2.2.2 is:
le N (s N)
Subgoal 2.2.3 is:
{nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < search.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le N (s N)
Subgoal 2.2.3 is:
{nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < backchain le_succ.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le N N
Subgoal 2.2.3 is:
{nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < backchain le_refl.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
{is_nat N}
Subgoal 2.2.3 is:
{nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < case H1.
Subgoal 2.2.2:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H2 : {val' V}
H5 : {nstep' N M' V}*
H6 : {is_nat N}
============================
{is_nat N}
Subgoal 2.2.3 is:
{nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < search.
Subgoal 2.2.3:
Variables: V M2 M' N
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
{nstep' z (nat' z) (nat' z)} /\ {nstep' N M' V} \/
{nstep' z (nat' z) (nat' (s z))} /\ {nstep' N M2 V}
Subgoal 2.3 is:
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < search.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
exists I J N2, le J (s N) /\ le I (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' I M' V})
nstep'_ifz_inv < exists N.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
exists J N2, le J (s N) /\ le N (s N) /\
({nstep' J (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' J (nat' (s N1)) (nat' (s N2))} /\ {nstep' N M' V})
nstep'_ifz_inv < exists z.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
exists N2, le z (s N) /\ le N (s N) /\
({nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N2))} /\ {nstep' N M' V})
nstep'_ifz_inv < exists N1.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V})
nstep'_ifz_inv < right.
Subgoal 2.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le z (s N) /\ le N (s N) /\
({nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V})
nstep'_ifz_inv < split.
Subgoal 2.3.1:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le z (s N)
Subgoal 2.3.2 is:
le N (s N)
Subgoal 2.3.3 is:
{nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V}
nstep'_ifz_inv < search.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le N (s N)
Subgoal 2.3.3 is:
{nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V}
nstep'_ifz_inv < backchain le_succ.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
le N N
Subgoal 2.3.3 is:
{nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V}
nstep'_ifz_inv < backchain le_refl.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
{is_nat N}
Subgoal 2.3.3 is:
{nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V}
nstep'_ifz_inv < case H1.
Subgoal 2.3.2:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H2 : {val' V}
H5 : {nstep' N M' V}*
H6 : {is_nat N}
============================
{is_nat N}
Subgoal 2.3.3 is:
{nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V}
nstep'_ifz_inv < search.
Subgoal 2.3.3:
Variables: V M1 M' N N1
IH : forall V K M M1 M2, {is_nat K} -> {val' V} ->
{nstep' K (ifz' M M1 M2) V}* ->
(exists I J N, le J K /\ le I K /\
({nstep' J M (nat' z)} /\ {nstep' I M1 V} \/
{nstep' J M (nat' (s N))} /\ {nstep' I M2 V}))
H1 : {is_nat (s N)}
H2 : {val' V}
H5 : {nstep' N M' V}*
============================
{nstep' z (nat' (s N1)) (nat' z)} /\ {nstep' N M1 V} \/
{nstep' z (nat' (s N1)) (nat' (s N1))} /\ {nstep' N M' V}
nstep'_ifz_inv < search.
Proof completed.
Abella < Theorem nstep'_ifz_fwd1 :
forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)} -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V}).
============================
forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)} -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
nstep'_ifz_fwd1 < induction on 1.
IH : forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)}* -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
============================
forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)}@ -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
nstep'_ifz_fwd1 < intros.
Variables: N1 M N2 M1 M2 V
IH : forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)}* -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H1 : {nstep' N1 M (nat' z)}@
H2 : {nstep' N2 M1 V}
============================
exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V}
nstep'_ifz_fwd1 < case H1.
Subgoal 1:
Variables: N2 M1 M2 V
IH : forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)}* -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H2 : {nstep' N2 M1 V}
============================
exists N, {add z N2 N} /\ {nstep' (s N) (ifz' (nat' z) M1 M2) V}
Subgoal 2 is:
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (ifz' M M1 M2) V}
nstep'_ifz_fwd1 < search.
Subgoal 2:
Variables: M N2 M1 M2 V M' N
IH : forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)}* -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H2 : {nstep' N2 M1 V}
H3 : {step' M M'}*
H4 : {nstep' N M' (nat' z)}*
============================
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (ifz' M M1 M2) V}
nstep'_ifz_fwd1 < apply IH to H4 H2 with M2 = M2.
Subgoal 2:
Variables: M N2 M1 M2 V M' N N3
IH : forall N1 M N2 M1 M2 V, {nstep' N1 M (nat' z)}* -> {nstep' N2 M1 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H2 : {nstep' N2 M1 V}
H3 : {step' M M'}*
H4 : {nstep' N M' (nat' z)}*
H5 : {add N N2 N3}
H6 : {nstep' (s N3) (ifz' M' M1 M2) V}
============================
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (ifz' M M1 M2) V}
nstep'_ifz_fwd1 < search.
Proof completed.
Abella < Theorem eval'_ifz_fwd1 :
forall M M1 M2 V, {eval' M (nat' z)} -> {eval' M1 V} ->
{eval' (ifz' M M1 M2) V}.
============================
forall M M1 M2 V, {eval' M (nat' z)} -> {eval' M1 V} ->
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd1 < intros.
Variables: M M1 M2 V
H1 : {eval' M (nat' z)}
H2 : {eval' M1 V}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd1 < case H1.
Variables: M M1 M2 V N
H2 : {eval' M1 V}
H3 : {nstep' N M (nat' z)}
H4 : {val' (nat' z)}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd1 < case H2.
Variables: M M1 M2 V N N1
H3 : {nstep' N M (nat' z)}
H4 : {val' (nat' z)}
H5 : {nstep' N1 M1 V}
H6 : {val' V}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd1 < apply nstep'_ifz_fwd1 to H3 H5 with M2 = M2.
Variables: M M1 M2 V N N1 N2
H3 : {nstep' N M (nat' z)}
H4 : {val' (nat' z)}
H5 : {nstep' N1 M1 V}
H6 : {val' V}
H7 : {add N N1 N2}
H8 : {nstep' (s N2) (ifz' M M1 M2) V}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd1 < search.
Proof completed.
Abella < Theorem nstep'_ifz_fwd2 :
forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))} -> {nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V}).
============================
forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))} ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
nstep'_ifz_fwd2 < induction on 1.
IH : forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))}* ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
============================
forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))}@ ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
nstep'_ifz_fwd2 < intros.
Variables: N1 M N2 M1 M2 V N'
IH : forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))}* ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H1 : {nstep' N1 M (nat' (s N'))}@
H2 : {nstep' N2 M2 V}
============================
exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V}
nstep'_ifz_fwd2 < case H1.
Subgoal 1:
Variables: N2 M1 M2 V N'
IH : forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))}* ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H2 : {nstep' N2 M2 V}
============================
exists N, {add z N2 N} /\ {nstep' (s N) (ifz' (nat' (s N')) M1 M2) V}
Subgoal 2 is:
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (ifz' M M1 M2) V}
nstep'_ifz_fwd2 < search.
Subgoal 2:
Variables: M N2 M1 M2 V N' M' N
IH : forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))}* ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H2 : {nstep' N2 M2 V}
H3 : {step' M M'}*
H4 : {nstep' N M' (nat' (s N'))}*
============================
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (ifz' M M1 M2) V}
nstep'_ifz_fwd2 < apply IH to H4 H2 with M1 = M1.
Subgoal 2:
Variables: M N2 M1 M2 V N' M' N N3
IH : forall N1 M N2 M1 M2 V N', {nstep' N1 M (nat' (s N'))}* ->
{nstep' N2 M2 V} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (ifz' M M1 M2) V})
H2 : {nstep' N2 M2 V}
H3 : {step' M M'}*
H4 : {nstep' N M' (nat' (s N'))}*
H5 : {add N N2 N3}
H6 : {nstep' (s N3) (ifz' M' M1 M2) V}
============================
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (ifz' M M1 M2) V}
nstep'_ifz_fwd2 < search.
Proof completed.
Abella < Theorem eval'_ifz_fwd2 :
forall M M1 M2 V N, {eval' M (nat' (s N))} -> {eval' M2 V} ->
{eval' (ifz' M M1 M2) V}.
============================
forall M M1 M2 V N, {eval' M (nat' (s N))} -> {eval' M2 V} ->
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd2 < intros.
Variables: M M1 M2 V N
H1 : {eval' M (nat' (s N))}
H2 : {eval' M2 V}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd2 < case H1.
Variables: M M1 M2 V N N1
H2 : {eval' M2 V}
H3 : {nstep' N1 M (nat' (s N))}
H4 : {val' (nat' (s N))}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd2 < case H2.
Variables: M M1 M2 V N N1 N2
H3 : {nstep' N1 M (nat' (s N))}
H4 : {val' (nat' (s N))}
H5 : {nstep' N2 M2 V}
H6 : {val' V}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd2 < apply nstep'_ifz_fwd2 to H3 H5 with M1 = M1.
Variables: M M1 M2 V N N1 N2 N3
H3 : {nstep' N1 M (nat' (s N))}
H4 : {val' (nat' (s N))}
H5 : {nstep' N2 M2 V}
H6 : {val' V}
H7 : {add N1 N2 N3}
H8 : {nstep' (s N3) (ifz' M M1 M2) V}
============================
{eval' (ifz' M M1 M2) V}
eval'_ifz_fwd2 < search.
Proof completed.
Abella < Theorem eval''_ifz_fwd1 :
forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P} -> {eval'' (htm FE P) V}.
============================
forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P} -> {eval'' (htm FE P) V}
eval''_ifz_fwd1 < induction on 6.
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
============================
forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}@ -> {eval'' (htm FE P) V}
eval''_ifz_fwd1 < intros.
Variables: FE1 FE2 FE3 FE FE12 M1 M2 M3 P V
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H2 : {eval'' (htm FE1 M1) (nat' z)}
H3 : {eval'' (htm FE2 M2) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H6 : {hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}@
============================
{eval'' (htm FE P) V}
eval''_ifz_fwd1 < case H6.
Subgoal 1:
Variables: FE1 FE2 FE3 FE FE12 V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 (hbase M4))}
H2 : {eval'' (htm FE1 (hbase M6)) (nat' z)}
H3 : {eval'' (htm FE2 (hbase M5)) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H1.
Subgoal 1:
Variables: FE1 FE2 FE FE12 V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE1 (hbase M6)) (nat' z)}
H3 : {eval'' (htm FE2 (hbase M5)) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 cnil FE}
H7 : {tm' M4}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H2.
Subgoal 1:
Variables: FE2 FE FE12 V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE2 (hbase M5)) V}
H4 : {cappend cnil FE2 FE12}
H5 : {cappend FE12 cnil FE}
H7 : {tm' M4}
H8 : {eval' M6 (nat' z)}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H3.
Subgoal 1:
Variables: FE FE12 V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H4 : {cappend cnil cnil FE12}
H5 : {cappend FE12 cnil FE}
H7 : {tm' M4}
H8 : {eval' M6 (nat' z)}
H9 : {eval' M5 V}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H4.
Subgoal 1:
Variables: FE V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H5 : {cappend cnil cnil FE}
H7 : {tm' M4}
H8 : {eval' M6 (nat' z)}
H9 : {eval' M5 V}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H5.
Subgoal 1:
Variables: V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {tm' M4}
H8 : {eval' M6 (nat' z)}
H9 : {eval' M5 V}
============================
{eval'' (htm cnil (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < apply eval'_ifz_fwd1 to H8 H9 with M2 = M4.
Subgoal 1:
Variables: V M4 M5 M6
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {tm' M4}
H8 : {eval' M6 (nat' z)}
H9 : {eval' M5 V}
H10 : {eval' (ifz' M6 M5 M4) V}
============================
{eval'' (htm cnil (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < search.
Subgoal 2:
Variables: FE1 FE2 FE3 FE FE12 M2 M3 V R' R
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H2 : {eval'' (htm FE1 (habs R)) (nat' z)}
H3 : {eval'' (htm FE2 M2) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H2.
Subgoal 2:
Variables: FE2 FE3 FE FE12 M2 M3 V R' R F FE4
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE2 M2) V}
H4 : {cappend (ccons F FE4) FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' z)}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H4.
Subgoal 2:
Variables: FE2 FE3 FE M2 M3 V R' R F FE4 L3
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE2 M2) V}
H5 : {cappend (ccons F L3) FE3 FE}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' z)}
H9 : {cappend FE4 FE2 L3}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H5.
Subgoal 2:
Variables: FE2 FE3 M2 M3 V R' R F FE4 L3 L1
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE2 M2) V}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' z)}
H9 : {cappend FE4 FE2 L3}
H10 : {cappend L3 FE3 L1}
============================
{eval'' (htm (ccons F L1) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < inst H7 with n1 = F.
Subgoal 2:
Variables: FE2 FE3 M2 M3 V R' R F FE4 L3 L1
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE2 M2) V}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' z)}
H9 : {cappend FE4 FE2 L3}
H10 : {cappend L3 FE3 L1}
H11 : {hcombine3 (R F) M2 M3 (x\y\z\ifz' x y z) (R' F)}*
============================
{eval'' (htm (ccons F L1) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < apply IH to _ H8 H3 H9 H10 H11.
Subgoal 2:
Variables: FE2 FE3 M2 M3 V R' R F FE4 L3 L1
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE2 M2) V}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' z)}
H9 : {cappend FE4 FE2 L3}
H10 : {cappend L3 FE3 L1}
H11 : {hcombine3 (R F) M2 M3 (x\y\z\ifz' x y z) (R' F)}*
H12 : {eval'' (htm L1 (R' F)) V}
============================
{eval'' (htm (ccons F L1) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < search.
Subgoal 3:
Variables: FE1 FE2 FE3 FE FE12 M3 V R' R M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H2 : {eval'' (htm FE1 (hbase M5)) (nat' z)}
H3 : {eval'' (htm FE2 (habs R)) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H2.
Subgoal 3:
Variables: FE2 FE3 FE FE12 M3 V R' R M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE2 (habs R)) V}
H4 : {cappend cnil FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H4.
Subgoal 3:
Variables: FE3 FE FE12 M3 V R' R M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H3 : {eval'' (htm FE12 (habs R)) V}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H3.
Subgoal 3:
Variables: FE3 FE M3 V R' R M5 F FE4
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H5 : {cappend (ccons F FE4) FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval'' (htm FE4 (R F)) V}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H5.
Subgoal 3:
Variables: FE3 M3 V R' R M5 F FE4 L3
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {cappend FE4 FE3 L3}
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < inst H7 with n1 = F.
Subgoal 3:
Variables: FE3 M3 V R' R M5 F FE4 L3
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {cappend FE4 FE3 L3}
H11 : {hcombine3 (hbase M5) (R F) M3 (x\y\z\ifz' x y z) (R' F)}*
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < apply IH to _ _ H9 _ H10 H11.
Subgoal 3:
Variables: FE3 M3 V R' R M5 F FE4 L3
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 M3)}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {cappend FE4 FE3 L3}
H11 : {hcombine3 (hbase M5) (R F) M3 (x\y\z\ifz' x y z) (R' F)}*
H12 : {eval'' (htm L3 (R' F)) V}
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < search.
Subgoal 4:
Variables: FE1 FE2 FE3 FE FE12 V R' R M4 M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 (habs R))}
H2 : {eval'' (htm FE1 (hbase M5)) (nat' z)}
H3 : {eval'' (htm FE2 (hbase M4)) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H2.
Subgoal 4:
Variables: FE2 FE3 FE FE12 V R' R M4 M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 (habs R))}
H3 : {eval'' (htm FE2 (hbase M4)) V}
H4 : {cappend cnil FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H3.
Subgoal 4:
Variables: FE3 FE FE12 V R' R M4 M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 (habs R))}
H4 : {cappend cnil cnil FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H4.
Subgoal 4:
Variables: FE3 FE V R' R M4 M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE3 (habs R))}
H5 : {cappend cnil FE3 FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H5.
Subgoal 4:
Variables: FE V R' R M4 M5
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE (habs R))}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd1 < case H1.
Subgoal 4:
Variables: V R' R M4 M5 L M
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
H10 : {tm' M}
H11 : {tm' n1 |- tm'' (htm L (R n1))}
============================
{eval'' (htm (ccons M L) (habs R')) V}
eval''_ifz_fwd1 < inst H11 with n1 = M.
Subgoal 4:
Variables: V R' R M4 M5 L M
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
H10 : {tm' M}
H11 : {tm' n1 |- tm'' (htm L (R n1))}
H12 : {tm' M |- tm'' (htm L (R M))}
============================
{eval'' (htm (ccons M L) (habs R')) V}
eval''_ifz_fwd1 < cut H12 with H10.
Subgoal 4:
Variables: V R' R M4 M5 L M
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
H10 : {tm' M}
H11 : {tm' n1 |- tm'' (htm L (R n1))}
H12 : {tm' M |- tm'' (htm L (R M))}
H13 : {tm'' (htm L (R M))}
============================
{eval'' (htm (ccons M L) (habs R')) V}
eval''_ifz_fwd1 < inst H7 with n1 = M.
Subgoal 4:
Variables: V R' R M4 M5 L M
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
H10 : {tm' M}
H11 : {tm' n1 |- tm'' (htm L (R n1))}
H12 : {tm' M |- tm'' (htm L (R M))}
H13 : {tm'' (htm L (R M))}
H14 : {hcombine3 (hbase M5) (hbase M4) (R M) (x\y\z\ifz' x y z) (R' M)}*
============================
{eval'' (htm (ccons M L) (habs R')) V}
eval''_ifz_fwd1 < apply IH to H13 _ _ _ _ H14.
Subgoal 4:
Variables: V R' R M4 M5 L M
IH : forall FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE3 M3)} ->
{eval'' (htm FE1 M1) (nat' z)} -> {eval'' (htm FE2 M2) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' z)}
H9 : {eval' M4 V}
H10 : {tm' M}
H11 : {tm' n1 |- tm'' (htm L (R n1))}
H12 : {tm' M |- tm'' (htm L (R M))}
H13 : {tm'' (htm L (R M))}
H14 : {hcombine3 (hbase M5) (hbase M4) (R M) (x\y\z\ifz' x y z) (R' M)}*
H15 : {eval'' (htm L (R' M)) V}
============================
{eval'' (htm (ccons M L) (habs R')) V}
eval''_ifz_fwd1 < search.
Proof completed.
Abella < Theorem eval''_ifz_fwd2 :
forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P} -> {eval'' (htm FE P) V}.
============================
forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P} -> {eval'' (htm FE P) V}
eval''_ifz_fwd2 < induction on 6.
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
============================
forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}@ -> {eval'' (htm FE P) V}
eval''_ifz_fwd2 < intros.
Variables: N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H2 : {eval'' (htm FE1 M1) (nat' (s N))}
H3 : {eval'' (htm FE3 M3) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H6 : {hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}@
============================
{eval'' (htm FE P) V}
eval''_ifz_fwd2 < case H6.
Subgoal 1:
Variables: N FE1 FE2 FE3 FE FE12 V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 (hbase M5))}
H2 : {eval'' (htm FE1 (hbase M6)) (nat' (s N))}
H3 : {eval'' (htm FE3 (hbase M4)) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H1.
Subgoal 1:
Variables: N FE1 FE3 FE FE12 V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE1 (hbase M6)) (nat' (s N))}
H3 : {eval'' (htm FE3 (hbase M4)) V}
H4 : {cappend FE1 cnil FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {tm' M5}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H2.
Subgoal 1:
Variables: N FE3 FE FE12 V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 (hbase M4)) V}
H4 : {cappend cnil cnil FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {tm' M5}
H8 : {eval' M6 (nat' (s N))}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H3.
Subgoal 1:
Variables: N FE FE12 V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H4 : {cappend cnil cnil FE12}
H5 : {cappend FE12 cnil FE}
H7 : {tm' M5}
H8 : {eval' M6 (nat' (s N))}
H9 : {eval' M4 V}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H4.
Subgoal 1:
Variables: N FE V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H5 : {cappend cnil cnil FE}
H7 : {tm' M5}
H8 : {eval' M6 (nat' (s N))}
H9 : {eval' M4 V}
============================
{eval'' (htm FE (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H5.
Subgoal 1:
Variables: N V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {tm' M5}
H8 : {eval' M6 (nat' (s N))}
H9 : {eval' M4 V}
============================
{eval'' (htm cnil (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < apply eval'_ifz_fwd2 to H8 H9 with M1 = M5.
Subgoal 1:
Variables: N V M4 M5 M6
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {tm' M5}
H8 : {eval' M6 (nat' (s N))}
H9 : {eval' M4 V}
H10 : {eval' (ifz' M6 M5 M4) V}
============================
{eval'' (htm cnil (hbase (ifz' M6 M5 M4))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < search.
Subgoal 2:
Variables: N FE1 FE2 FE3 FE FE12 M2 M3 V R' R
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H2 : {eval'' (htm FE1 (habs R)) (nat' (s N))}
H3 : {eval'' (htm FE3 M3) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H2.
Subgoal 2:
Variables: N FE2 FE3 FE FE12 M2 M3 V R' R F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H3 : {eval'' (htm FE3 M3) V}
H4 : {cappend (ccons F FE4) FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' (s N))}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H4.
Subgoal 2:
Variables: N FE2 FE3 FE M2 M3 V R' R F FE4 L3
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H3 : {eval'' (htm FE3 M3) V}
H5 : {cappend (ccons F L3) FE3 FE}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' (s N))}
H9 : {cappend FE4 FE2 L3}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H5.
Subgoal 2:
Variables: N FE2 FE3 M2 M3 V R' R F FE4 L3 L1
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' (s N))}
H9 : {cappend FE4 FE2 L3}
H10 : {cappend L3 FE3 L1}
============================
{eval'' (htm (ccons F L1) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < inst H7 with n1 = F.
Subgoal 2:
Variables: N FE2 FE3 M2 M3 V R' R F FE4 L3 L1
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' (s N))}
H9 : {cappend FE4 FE2 L3}
H10 : {cappend L3 FE3 L1}
H11 : {hcombine3 (R F) M2 M3 (x\y\z\ifz' x y z) (R' F)}*
============================
{eval'' (htm (ccons F L1) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < apply IH to _ H8 H3 H9 H10 H11.
Subgoal 2:
Variables: N FE2 FE3 M2 M3 V R' R F FE4 L3 L1
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 M2)}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (R n1) M2 M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval'' (htm FE4 (R F)) (nat' (s N))}
H9 : {cappend FE4 FE2 L3}
H10 : {cappend L3 FE3 L1}
H11 : {hcombine3 (R F) M2 M3 (x\y\z\ifz' x y z) (R' F)}*
H12 : {eval'' (htm L1 (R' F)) V}
============================
{eval'' (htm (ccons F L1) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < search.
Subgoal 3:
Variables: N FE1 FE2 FE3 FE FE12 M3 V R' R M5
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 (habs R))}
H2 : {eval'' (htm FE1 (hbase M5)) (nat' (s N))}
H3 : {eval'' (htm FE3 M3) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H2.
Subgoal 3:
Variables: N FE2 FE3 FE FE12 M3 V R' R M5
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 (habs R))}
H3 : {eval'' (htm FE3 M3) V}
H4 : {cappend cnil FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H4.
Subgoal 3:
Variables: N FE3 FE FE12 M3 V R' R M5
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE12 (habs R))}
H3 : {eval'' (htm FE3 M3) V}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H1.
Subgoal 3:
Variables: N FE3 FE M3 V R' R M5 L M
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 M3) V}
H5 : {cappend (ccons M L) FE3 FE}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {tm' M}
H10 : {tm' n1 |- tm'' (htm L (R n1))}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H5.
Subgoal 3:
Variables: N FE3 M3 V R' R M5 L M L3
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {tm' M}
H10 : {tm' n1 |- tm'' (htm L (R n1))}
H11 : {cappend L FE3 L3}
============================
{eval'' (htm (ccons M L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < inst H10 with n1 = M.
Subgoal 3:
Variables: N FE3 M3 V R' R M5 L M L3
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {tm' M}
H10 : {tm' n1 |- tm'' (htm L (R n1))}
H11 : {cappend L FE3 L3}
H12 : {tm' M |- tm'' (htm L (R M))}
============================
{eval'' (htm (ccons M L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < cut H12 with H9.
Subgoal 3:
Variables: N FE3 M3 V R' R M5 L M L3
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {tm' M}
H10 : {tm' n1 |- tm'' (htm L (R n1))}
H11 : {cappend L FE3 L3}
H12 : {tm' M |- tm'' (htm L (R M))}
H13 : {tm'' (htm L (R M))}
============================
{eval'' (htm (ccons M L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < inst H7 with n1 = M.
Subgoal 3:
Variables: N FE3 M3 V R' R M5 L M L3
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {tm' M}
H10 : {tm' n1 |- tm'' (htm L (R n1))}
H11 : {cappend L FE3 L3}
H12 : {tm' M |- tm'' (htm L (R M))}
H13 : {tm'' (htm L (R M))}
H14 : {hcombine3 (hbase M5) (R M) M3 (x\y\z\ifz' x y z) (R' M)}*
============================
{eval'' (htm (ccons M L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < apply IH to H13 _ H3 _ _ H14.
Subgoal 3:
Variables: N FE3 M3 V R' R M5 L M L3
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H3 : {eval'' (htm FE3 M3) V}
H7 : {hcombine3 (hbase M5) (R n1) M3 (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {tm' M}
H10 : {tm' n1 |- tm'' (htm L (R n1))}
H11 : {cappend L FE3 L3}
H12 : {tm' M |- tm'' (htm L (R M))}
H13 : {tm'' (htm L (R M))}
H14 : {hcombine3 (hbase M5) (R M) M3 (x\y\z\ifz' x y z) (R' M)}*
H15 : {eval'' (htm L3 (R' M)) V}
============================
{eval'' (htm (ccons M L3) (habs R')) V}
Subgoal 4 is:
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < search.
Subgoal 4:
Variables: N FE1 FE2 FE3 FE FE12 V R' R M4 M5
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 (hbase M4))}
H2 : {eval'' (htm FE1 (hbase M5)) (nat' (s N))}
H3 : {eval'' (htm FE3 (habs R)) V}
H4 : {cappend FE1 FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H2.
Subgoal 4:
Variables: N FE2 FE3 FE FE12 V R' R M4 M5
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 (hbase M4))}
H3 : {eval'' (htm FE3 (habs R)) V}
H4 : {cappend cnil FE2 FE12}
H5 : {cappend FE12 FE3 FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H3.
Subgoal 4:
Variables: N FE2 FE FE12 V R' R M4 M5 F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE2 (hbase M4))}
H4 : {cappend cnil FE2 FE12}
H5 : {cappend FE12 (ccons F FE4) FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {eval'' (htm FE4 (R F)) V}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H4.
Subgoal 4:
Variables: N FE FE12 V R' R M4 M5 F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H1 : {tm'' (htm FE12 (hbase M4))}
H5 : {cappend FE12 (ccons F FE4) FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {eval'' (htm FE4 (R F)) V}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H1.
Subgoal 4:
Variables: N FE V R' R M4 M5 F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H5 : {cappend cnil (ccons F FE4) FE}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {tm' M4}
============================
{eval'' (htm FE (habs R')) V}
eval''_ifz_fwd2 < case H5.
Subgoal 4:
Variables: N V R' R M4 M5 F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {tm' M4}
============================
{eval'' (htm (ccons F FE4) (habs R')) V}
eval''_ifz_fwd2 < inst H7 with n1 = F.
Subgoal 4:
Variables: N V R' R M4 M5 F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {tm' M4}
H11 : {hcombine3 (hbase M5) (hbase M4) (R F) (x\y\z\ifz' x y z) (R' F)}*
============================
{eval'' (htm (ccons F FE4) (habs R')) V}
eval''_ifz_fwd2 < apply IH to _ _ H9 _ _ H11.
Subgoal 4:
Variables: N V R' R M4 M5 F FE4
IH : forall N FE1 FE2 FE3 FE FE12 M1 M2 M3 P V, {tm'' (htm FE2 M2)} ->
{eval'' (htm FE1 M1) (nat' (s N))} -> {eval'' (htm FE3 M3) V} ->
{cappend FE1 FE2 FE12} -> {cappend FE12 FE3 FE} ->
{hcombine3 M1 M2 M3 (x\y\z\ifz' x y z) P}* -> {eval'' (htm FE P) V}
H7 : {hcombine3 (hbase M5) (hbase M4) (R n1) (x\y\z\ifz' x y z) (R' n1)}*
H8 : {eval' M5 (nat' (s N))}
H9 : {eval'' (htm FE4 (R F)) V}
H10 : {tm' M4}
H11 : {hcombine3 (hbase M5) (hbase M4) (R F) (x\y\z\ifz' x y z) (R' F)}*
H12 : {eval'' (htm FE4 (R' F)) V}
============================
{eval'' (htm (ccons F FE4) (habs R')) V}
eval''_ifz_fwd2 < search.
Proof completed.
Abella < Theorem nstep_let_inv :
forall K M1 R V, {val V} -> {nstep K (let M1 R) V} ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}).
============================
forall K M1 R V, {val V} -> {nstep K (let M1 R) V} ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
nstep_let_inv < induction on 2.
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
============================
forall K M1 R V, {val V} -> {nstep K (let M1 R) V}@ ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
nstep_let_inv < intros.
Variables: K M1 R V
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
H1 : {val V}
H2 : {nstep K (let M1 R) V}@
============================
exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
nstep_let_inv < case H2.
Subgoal 1:
Variables: M1 R
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
H1 : {val (let M1 R)}
============================
exists K1 K2 K3 V1, z = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) (let M1 R)}
Subgoal 2 is:
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
nstep_let_inv < case H1.
Subgoal 2:
Variables: M1 R V M' N
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
H1 : {val V}
H3 : {step (let M1 R) M'}*
H4 : {nstep N M' V}*
============================
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
nstep_let_inv < case H3.
Subgoal 2.1:
Variables: M1 R V N M'1
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
H1 : {val V}
H4 : {nstep N (let M'1 R) V}*
H5 : {step M1 M'1}*
============================
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
Subgoal 2.2 is:
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
nstep_let_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 R V M'1 K1 K2 K3 V1
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
H1 : {val V}
H4 : {nstep (s K3) (let M'1 R) V}*
H5 : {step M1 M'1}*
H6 : {add K1 K2 K3}
H7 : {nstep K1 M'1 V1}
H8 : {val V1}
H9 : {nstep K2 (R V1) V}
============================
exists K1 K2 K4 V1, s (s K3) = s K4 /\ {add K1 K2 K4} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
Subgoal 2.2 is:
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
nstep_let_inv < search.
Subgoal 2.2:
Variables: M1 R V N
IH : forall K M1 R V, {val V} -> {nstep K (let M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V})
H1 : {val V}
H4 : {nstep N (R M1) V}*
H5 : {val M1}*
============================
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep K1 M1 V1} /\
{val V1} /\ {nstep K2 (R V1) V}
nstep_let_inv < search.
Proof completed.
Abella < Theorem nstep'_let_inv :
forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V} ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}).
============================
forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V} ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V})
nstep'_let_inv < induction on 2.
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
============================
forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}@ ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V})
nstep'_let_inv < intros.
Variables: K M1 R V
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
H1 : {val' V}
H2 : {nstep' K (let' M1 R) V}@
============================
exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
nstep'_let_inv < case H2.
Subgoal 1:
Variables: M1 R
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
H1 : {val' (let' M1 R)}
============================
exists K1 K2 K3 V1, z = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) (let' M1 R)}
Subgoal 2 is:
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
nstep'_let_inv < case H1.
Subgoal 2:
Variables: M1 R V M' N
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
H1 : {val' V}
H3 : {step' (let' M1 R) M'}*
H4 : {nstep' N M' V}*
============================
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
nstep'_let_inv < case H3.
Subgoal 2.1:
Variables: M1 R V N M'1
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
H1 : {val' V}
H4 : {nstep' N (let' M'1 R) V}*
H5 : {step' M1 M'1}*
============================
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
Subgoal 2.2 is:
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
nstep'_let_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 R V M'1 K1 K2 K3 V1
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
H1 : {val' V}
H4 : {nstep' (s K3) (let' M'1 R) V}*
H5 : {step' M1 M'1}*
H6 : {add K1 K2 K3}
H7 : {nstep' K1 M'1 V1}
H8 : {val' V1}
H9 : {nstep' K2 (R V1) V}
============================
exists K1 K2 K4 V1, s (s K3) = s K4 /\ {add K1 K2 K4} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V}
Subgoal 2.2 is:
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
nstep'_let_inv < search.
Subgoal 2.2:
Variables: M1 R V N
IH : forall K M1 R V, {val' V} -> {nstep' K (let' M1 R) V}* ->
(exists K1 K2 K3 V1, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 V1} /\ {val' V1} /\ {nstep' K2 (R V1) V})
H1 : {val' V}
H4 : {nstep' N (R M1) V}*
H5 : {val' M1}*
============================
exists K1 K2 K3 V1, s N = s K3 /\ {add K1 K2 K3} /\ {nstep' K1 M1 V1} /\
{val' V1} /\ {nstep' K2 (R V1) V}
nstep'_let_inv < search.
Proof completed.
Abella < Theorem nstep'_let_fwd :
forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V} -> {nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'}).
============================
forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V} ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
nstep'_let_fwd < induction on 2.
IH : forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
============================
forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V}@ ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
nstep'_let_fwd < intros.
Variables: N1 N2 R V M V'
IH : forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
H1 : {val' V}
H2 : {nstep' N1 M V}@
H3 : {nstep' N2 (R V) V'}
============================
exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'}
nstep'_let_fwd < case H2.
Subgoal 1:
Variables: N2 R V V'
IH : forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
H1 : {val' V}
H3 : {nstep' N2 (R V) V'}
============================
exists N, {add z N2 N} /\ {nstep' (s N) (let' V R) V'}
Subgoal 2 is:
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (let' M R) V'}
nstep'_let_fwd < search.
Subgoal 2:
Variables: N2 R V M V' M' N
IH : forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
H1 : {val' V}
H3 : {nstep' N2 (R V) V'}
H4 : {step' M M'}*
H5 : {nstep' N M' V}*
============================
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (let' M R) V'}
nstep'_let_fwd < apply IH to _ H5 H3 with R = R, V = V.
Subgoal 2:
Variables: N2 R V M V' M' N N3
IH : forall N1 N2 R V M V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N, {add N1 N2 N} /\ {nstep' (s N) (let' M R) V'})
H1 : {val' V}
H3 : {nstep' N2 (R V) V'}
H4 : {step' M M'}*
H5 : {nstep' N M' V}*
H6 : {add N N2 N3}
H7 : {nstep' (s N3) (let' M' R) V'}
============================
exists N1, {add (s N) N2 N1} /\ {nstep' (s N1) (let' M R) V'}
nstep'_let_fwd < search.
Proof completed.
Abella < Theorem eval'_let_fwd :
forall M R V V', {eval' M V} -> {eval' (R V) V'} -> {eval' (let' M R) V'}.
============================
forall M R V V', {eval' M V} -> {eval' (R V) V'} -> {eval' (let' M R) V'}
eval'_let_fwd < intros.
Variables: M R V V'
H1 : {eval' M V}
H2 : {eval' (R V) V'}
============================
{eval' (let' M R) V'}
eval'_let_fwd < case H1.
Variables: M R V V' N
H2 : {eval' (R V) V'}
H3 : {nstep' N M V}
H4 : {val' V}
============================
{eval' (let' M R) V'}
eval'_let_fwd < case H2.
Variables: M R V V' N N1
H3 : {nstep' N M V}
H4 : {val' V}
H5 : {nstep' N1 (R V) V'}
H6 : {val' V'}
============================
{eval' (let' M R) V'}
eval'_let_fwd < apply nstep'_let_fwd to _ H3 H5 with R = R.
Variables: M R V V' N N1 N2
H3 : {nstep' N M V}
H4 : {val' V}
H5 : {nstep' N1 (R V) V'}
H6 : {val' V'}
H7 : {add N N1 N2}
H8 : {nstep' (s N2) (let' M R) V'}
============================
{eval' (let' M R) V'}
eval'_let_fwd < search.
Proof completed.
Abella < Theorem eval''_let_fwd :
forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} -> {hcombine_abs M1 M2 (x\y\let' x y) P} ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}.
============================
forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} -> {hcombine_abs M1 M2 (x\y\let' x y) P} ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
eval''_let_fwd < induction on 3.
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
============================
forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} -> {hcombine_abs M1 M2 (x\y\let' x y) P}@ ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
eval''_let_fwd < intros.
Variables: FE1 FE2 FE M1 M2 V1 V P
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 M1) V1}
H2 : {eval'' (htm FE2 (M2 V1)) V}
H3 : {hcombine_abs M1 M2 (x\y\let' x y) P}@
H4 : {cappend FE1 FE2 FE}
============================
{eval'' (htm FE P) V}
eval''_let_fwd < case H3.
Subgoal 1:
Variables: FE1 FE2 FE V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (hbase M4)) V1}
H2 : {eval'' (htm FE2 (hbase (M3 V1))) V}
H4 : {cappend FE1 FE2 FE}
============================
{eval'' (htm FE (hbase (let' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H1.
Subgoal 1:
Variables: FE2 FE V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (hbase (M3 V1))) V}
H4 : {cappend cnil FE2 FE}
H5 : {eval' M4 V1}
============================
{eval'' (htm FE (hbase (let' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H2.
Subgoal 1:
Variables: FE V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H4 : {cappend cnil cnil FE}
H5 : {eval' M4 V1}
H6 : {eval' (M3 V1) V}
============================
{eval'' (htm FE (hbase (let' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H4.
Subgoal 1:
Variables: V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H5 : {eval' M4 V1}
H6 : {eval' (M3 V1) V}
============================
{eval'' (htm cnil (hbase (let' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < apply eval'_let_fwd to H5 H6 with R = M3.
Subgoal 1:
Variables: V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H5 : {eval' M4 V1}
H6 : {eval' (M3 V1) V}
H7 : {eval' (let' M4 M3) V}
============================
{eval'' (htm cnil (hbase (let' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < search.
Subgoal 2:
Variables: FE1 FE2 FE M2 V1 V R' R
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (habs R)) V1}
H2 : {eval'' (htm FE2 (M2 V1)) V}
H4 : {cappend FE1 FE2 FE}
H5 : {hcombine_abs (R n1) M2 (x\y\let' x y) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H1.
Subgoal 2:
Variables: FE2 FE M2 V1 V R' R F FE3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (M2 V1)) V}
H4 : {cappend (ccons F FE3) FE2 FE}
H5 : {hcombine_abs (R n1) M2 (x\y\let' x y) (R' n1)}*
H6 : {eval'' (htm FE3 (R F)) V1}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H4.
Subgoal 2:
Variables: FE2 M2 V1 V R' R F FE3 L3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (M2 V1)) V}
H5 : {hcombine_abs (R n1) M2 (x\y\let' x y) (R' n1)}*
H6 : {eval'' (htm FE3 (R F)) V1}
H7 : {cappend FE3 FE2 L3}
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < inst H5 with n1 = F.
Subgoal 2:
Variables: FE2 M2 V1 V R' R F FE3 L3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (M2 V1)) V}
H5 : {hcombine_abs (R n1) M2 (x\y\let' x y) (R' n1)}*
H6 : {eval'' (htm FE3 (R F)) V1}
H7 : {cappend FE3 FE2 L3}
H8 : {hcombine_abs (R F) M2 (x\y\let' x y) (R' F)}*
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < apply IH to H6 H2 H8 H7 with M2 = M2.
Subgoal 2:
Variables: FE2 M2 V1 V R' R F FE3 L3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (M2 V1)) V}
H5 : {hcombine_abs (R n1) M2 (x\y\let' x y) (R' n1)}*
H6 : {eval'' (htm FE3 (R F)) V1}
H7 : {cappend FE3 FE2 L3}
H8 : {hcombine_abs (R F) M2 (x\y\let' x y) (R' F)}*
H9 : {eval'' (htm L3 (R' F)) V}
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < search.
Subgoal 3:
Variables: FE1 FE2 FE V1 V R' R M
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (hbase M)) V1}
H2 : {eval'' (htm FE2 (habs (R V1))) V}
H4 : {cappend FE1 FE2 FE}
H5 : {hcombine_abs (hbase M) (x\R x n1) (x\y\let' x y) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H1 (keep).
Subgoal 3:
Variables: FE2 FE V1 V R' R M
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) V1}
H2 : {eval'' (htm FE2 (habs (R V1))) V}
H4 : {cappend cnil FE2 FE}
H5 : {hcombine_abs (hbase M) (x\R x n1) (x\y\let' x y) (R' n1)}*
H6 : {eval' M V1}
============================
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H2.
Subgoal 3:
Variables: FE V1 V R' R M F FE3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) V1}
H4 : {cappend cnil (ccons F FE3) FE}
H5 : {hcombine_abs (hbase M) (x\R x n1) (x\y\let' x y) (R' n1)}*
H6 : {eval' M V1}
H7 : {eval'' (htm FE3 (R V1 F)) V}
============================
{eval'' (htm FE (habs R')) V}
eval''_let_fwd < case H4.
Subgoal 3:
Variables: V1 V R' R M F FE3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) V1}
H5 : {hcombine_abs (hbase M) (x\R x n1) (x\y\let' x y) (R' n1)}*
H6 : {eval' M V1}
H7 : {eval'' (htm FE3 (R V1 F)) V}
============================
{eval'' (htm (ccons F FE3) (habs R')) V}
eval''_let_fwd < inst H5 with n1 = F.
Subgoal 3:
Variables: V1 V R' R M F FE3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) V1}
H5 : {hcombine_abs (hbase M) (x\R x n1) (x\y\let' x y) (R' n1)}*
H6 : {eval' M V1}
H7 : {eval'' (htm FE3 (R V1 F)) V}
H8 : {hcombine_abs (hbase M) (x\R x F) (x\y\let' x y) (R' F)}*
============================
{eval'' (htm (ccons F FE3) (habs R')) V}
eval''_let_fwd < apply IH to H1 H7 H8 _ with M2 = x\R x F.
Subgoal 3:
Variables: V1 V R' R M F FE3
IH : forall FE1 FE2 FE M1 M2 V1 V P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 (M2 V1)) V} ->
{hcombine_abs M1 M2 (x\y\let' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) V1}
H5 : {hcombine_abs (hbase M) (x\R x n1) (x\y\let' x y) (R' n1)}*
H6 : {eval' M V1}
H7 : {eval'' (htm FE3 (R V1 F)) V}
H8 : {hcombine_abs (hbase M) (x\R x F) (x\y\let' x y) (R' F)}*
H9 : {eval'' (htm FE3 (R' F)) V}
============================
{eval'' (htm (ccons F FE3) (habs R')) V}
eval''_let_fwd < search.
Proof completed.
Abella < Theorem nstep_plus_inv :
forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V} ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}).
============================
forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V} ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3})
nstep_plus_inv < induction on 2.
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
============================
forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}@ ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3})
nstep_plus_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val V}
H2 : {nstep K (plus M1 M2) V}@
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
nstep_plus_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val (plus M1 M2)}
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ z = s J12 /\ plus M1 M2 =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
Subgoal 2 is:
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
nstep_plus_inv < case H1.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val V}
H3 : {step (plus M1 M2) M'}*
H4 : {nstep N M' V}*
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
nstep_plus_inv < case H3.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val V}
H4 : {nstep N (plus M1' M2) V}*
H5 : {step M1 M1'}*
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
Subgoal 2.2 is:
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N5 /\
{nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N4)} /\
{add N1 N4 N5}
nstep_plus_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 M2 M1' J1 J2 J12 N1 N2 N3
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val (nat N3)}
H4 : {nstep (s J12) (plus M1' M2) (nat N3)}*
H5 : {step M1 M1'}*
H6 : {add J1 J2 J12}
H7 : {nstep J1 M1' (nat N1)}
H8 : {nstep J2 M2 (nat N2)}
H9 : {add N1 N2 N3}
============================
exists J1 J2 J3 N1 N2 N4, {add J1 J2 J3} /\ s (s J12) = s J3 /\ nat N3 =
nat N4 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N4}
Subgoal 2.2 is:
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N5 /\
{nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N4)} /\
{add N1 N4 N5}
nstep_plus_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val V}
H4 : {nstep N (plus M1 M2') V}*
H5 : {val M1}*
H6 : {step M2 M2'}*
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N3 /\
{nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N3}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N5 /\
{nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N4)} /\
{add N1 N4 N5}
nstep_plus_inv < apply IH to _ H4.
Subgoal 2.2:
Variables: M1 M2 M2' J1 J2 J12 N1 N2 N3
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val (nat N3)}
H4 : {nstep (s J12) (plus M1 M2') (nat N3)}*
H5 : {val M1}*
H6 : {step M2 M2'}*
H7 : {add J1 J2 J12}
H8 : {nstep J1 M1 (nat N1)}
H9 : {nstep J2 M2' (nat N2)}
H10 : {add N1 N2 N3}
============================
exists J1 J2 J3 N1 N2 N4, {add J1 J2 J3} /\ s (s J12) = s J3 /\ nat N3 =
nat N4 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N4}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N5 /\
{nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N4)} /\
{add N1 N4 N5}
nstep_plus_inv < apply add_s to H7.
Subgoal 2.2:
Variables: M1 M2 M2' J1 J2 J12 N1 N2 N3
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val (nat N3)}
H4 : {nstep (s J12) (plus M1 M2') (nat N3)}*
H5 : {val M1}*
H6 : {step M2 M2'}*
H7 : {add J1 J2 J12}
H8 : {nstep J1 M1 (nat N1)}
H9 : {nstep J2 M2' (nat N2)}
H10 : {add N1 N2 N3}
H11 : {add J1 (s J2) (s J12)}
============================
exists J1 J2 J3 N1 N2 N4, {add J1 J2 J3} /\ s (s J12) = s J3 /\ nat N3 =
nat N4 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\ {add N1 N2 N4}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N5 /\
{nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N4)} /\
{add N1 N4 N5}
nstep_plus_inv < search.
Subgoal 2.3:
Variables: V N N1 N2 N3
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val V}
H4 : {nstep N (nat N1) V}*
H5 : {add N3 N2 N1}*
============================
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat N5 /\
{nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N4)} /\
{add N1 N4 N5}
nstep_plus_inv < case H4.
Subgoal 2.3.1:
Variables: N1 N2 N3
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val (nat N1)}
H5 : {add N3 N2 N1}*
============================
exists J1 J2 J12 N4 N5 N6, {add J1 J2 J12} /\ s z = s J12 /\ nat N1 =
nat N6 /\ {nstep J1 (nat N3) (nat N4)} /\ {nstep J2 (nat N2) (nat N5)} /\
{add N4 N5 N6}
Subgoal 2.3.2 is:
exists J1 J2 J12 N1 N5 N6, {add J1 J2 J12} /\ s (s N4) = s J12 /\ V =
nat N6 /\ {nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N5)} /\
{add N1 N5 N6}
nstep_plus_inv < search.
Subgoal 2.3.2:
Variables: V N1 N2 N3 M'1 N4
IH : forall V K M1 M2, {val V} -> {nstep K (plus M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat N3 /\ {nstep J1 M1 (nat N1)} /\ {nstep J2 M2 (nat N2)} /\
{add N1 N2 N3})
H1 : {val V}
H5 : {add N3 N2 N1}*
H6 : {step (nat N1) M'1}*
H7 : {nstep N4 M'1 V}*
============================
exists J1 J2 J12 N1 N5 N6, {add J1 J2 J12} /\ s (s N4) = s J12 /\ V =
nat N6 /\ {nstep J1 (nat N3) (nat N1)} /\ {nstep J2 (nat N2) (nat N5)} /\
{add N1 N5 N6}
nstep_plus_inv < case H6.
Proof completed.
Abella < Theorem nstep'_plus_inv :
forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V} ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3}).
============================
forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V} ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
nstep'_plus_inv < induction on 2.
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
============================
forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}@ ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
nstep'_plus_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' V}
H2 : {nstep' K (plus' M1 M2) V}@
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
nstep'_plus_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' (plus' M1 M2)}
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ z = s J12 /\ plus' M1 M2 =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3}
Subgoal 2 is:
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
nstep'_plus_inv < case H1.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' V}
H3 : {step' (plus' M1 M2) M'}*
H4 : {nstep' N M' V}*
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
nstep'_plus_inv < case H3.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' V}
H4 : {nstep' N (plus' M1' M2) V}*
H5 : {step' M1 M1'}*
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
Subgoal 2.2 is:
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N5 /\
{nstep' J1 (nat' N3) (nat' N1)} /\ {nstep' J2 (nat' N2) (nat' N4)} /\
{add N1 N4 N5}
nstep'_plus_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 M2 M1' J1 J2 J12 N1 N2 N3
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' (nat' N3)}
H4 : {nstep' (s J12) (plus' M1' M2) (nat' N3)}*
H5 : {step' M1 M1'}*
H6 : {add J1 J2 J12}
H7 : {nstep' J1 M1' (nat' N1)}
H8 : {nstep' J2 M2 (nat' N2)}
H9 : {add N1 N2 N3}
============================
exists J1 J2 J3 N1 N2 N4, {add J1 J2 J3} /\ s (s J12) = s J3 /\ nat' N3 =
nat' N4 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N4}
Subgoal 2.2 is:
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N5 /\
{nstep' J1 (nat' N3) (nat' N1)} /\ {nstep' J2 (nat' N2) (nat' N4)} /\
{add N1 N4 N5}
nstep'_plus_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' V}
H4 : {nstep' N (plus' M1 M2') V}*
H5 : {val' M1}*
H6 : {step' M2 M2'}*
============================
exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N3 /\
{nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\ {add N1 N2 N3}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N5 /\
{nstep' J1 (nat' N3) (nat' N1)} /\ {nstep' J2 (nat' N2) (nat' N4)} /\
{add N1 N4 N5}
nstep'_plus_inv < apply IH to _ H4.
Subgoal 2.2:
Variables: M1 M2 M2' J1 J2 J12 N1 N2 N3
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' (nat' N3)}
H4 : {nstep' (s J12) (plus' M1 M2') (nat' N3)}*
H5 : {val' M1}*
H6 : {step' M2 M2'}*
H7 : {add J1 J2 J12}
H8 : {nstep' J1 M1 (nat' N1)}
H9 : {nstep' J2 M2' (nat' N2)}
H10 : {add N1 N2 N3}
============================
exists J1 J2 J3 N1 N2 N4, {add J1 J2 J3} /\ s (s J12) = s J3 /\ nat' N3 =
nat' N4 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N4}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N5 /\
{nstep' J1 (nat' N3) (nat' N1)} /\ {nstep' J2 (nat' N2) (nat' N4)} /\
{add N1 N4 N5}
nstep'_plus_inv < apply add_s to H7.
Subgoal 2.2:
Variables: M1 M2 M2' J1 J2 J12 N1 N2 N3
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' (nat' N3)}
H4 : {nstep' (s J12) (plus' M1 M2') (nat' N3)}*
H5 : {val' M1}*
H6 : {step' M2 M2'}*
H7 : {add J1 J2 J12}
H8 : {nstep' J1 M1 (nat' N1)}
H9 : {nstep' J2 M2' (nat' N2)}
H10 : {add N1 N2 N3}
H11 : {add J1 (s J2) (s J12)}
============================
exists J1 J2 J3 N1 N2 N4, {add J1 J2 J3} /\ s (s J12) = s J3 /\ nat' N3 =
nat' N4 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N4}
Subgoal 2.3 is:
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N5 /\
{nstep' J1 (nat' N3) (nat' N1)} /\ {nstep' J2 (nat' N2) (nat' N4)} /\
{add N1 N4 N5}
nstep'_plus_inv < search.
Subgoal 2.3:
Variables: V N N1 N2 N3
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' V}
H4 : {nstep' N (nat' N1) V}*
H5 : {add N3 N2 N1}*
============================
exists J1 J2 J12 N1 N4 N5, {add J1 J2 J12} /\ s N = s J12 /\ V = nat' N5 /\
{nstep' J1 (nat' N3) (nat' N1)} /\ {nstep' J2 (nat' N2) (nat' N4)} /\
{add N1 N4 N5}
nstep'_plus_inv < case H4.
Subgoal 2.3.1:
Variables: N1 N2 N3
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' (nat' N1)}
H5 : {add N3 N2 N1}*
============================
exists J1 J2 J12 N4 N5 N6, {add J1 J2 J12} /\ s z = s J12 /\ nat' N1 =
nat' N6 /\ {nstep' J1 (nat' N3) (nat' N4)} /\
{nstep' J2 (nat' N2) (nat' N5)} /\ {add N4 N5 N6}
Subgoal 2.3.2 is:
exists J1 J2 J12 N1 N5 N6, {add J1 J2 J12} /\ s (s N4) = s J12 /\ V =
nat' N6 /\ {nstep' J1 (nat' N3) (nat' N1)} /\
{nstep' J2 (nat' N2) (nat' N5)} /\ {add N1 N5 N6}
nstep'_plus_inv < search.
Subgoal 2.3.2:
Variables: V N1 N2 N3 M'1 N4
IH : forall V K M1 M2, {val' V} -> {nstep' K (plus' M1 M2) V}* ->
(exists J1 J2 J12 N1 N2 N3, {add J1 J2 J12} /\ K = s J12 /\ V =
nat' N3 /\ {nstep' J1 M1 (nat' N1)} /\ {nstep' J2 M2 (nat' N2)} /\
{add N1 N2 N3})
H1 : {val' V}
H5 : {add N3 N2 N1}*
H6 : {step' (nat' N1) M'1}*
H7 : {nstep' N4 M'1 V}*
============================
exists J1 J2 J12 N1 N5 N6, {add J1 J2 J12} /\ s (s N4) = s J12 /\ V =
nat' N6 /\ {nstep' J1 (nat' N3) (nat' N1)} /\
{nstep' J2 (nat' N2) (nat' N5)} /\ {add N1 N5 N6}
nstep'_plus_inv < case H6.
Proof completed.
Abella < Theorem nstep'_plus_fwd1 :
forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}.
============================
forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
nstep'_plus_fwd1 < induction on 1.
IH : forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)}* -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
============================
forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)}@ -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
nstep'_plus_fwd1 < intros.
Variables: J2 N1 N2 N3 M2
IH : forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)}* -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
H1 : {nstep' J2 M2 (nat' N2)}@
H2 : {add N1 N2 N3}
============================
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
nstep'_plus_fwd1 < case H1.
Subgoal 1:
Variables: N1 N2 N3
IH : forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)}* -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
H2 : {add N1 N2 N3}
============================
{nstep' (s z) (plus' (nat' N1) (nat' N2)) (nat' N3)}
Subgoal 2 is:
{nstep' (s (s N)) (plus' (nat' N1) M2) (nat' N3)}
nstep'_plus_fwd1 < search.
Subgoal 2:
Variables: N1 N2 N3 M2 M' N
IH : forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)}* -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
H2 : {add N1 N2 N3}
H3 : {step' M2 M'}*
H4 : {nstep' N M' (nat' N2)}*
============================
{nstep' (s (s N)) (plus' (nat' N1) M2) (nat' N3)}
nstep'_plus_fwd1 < apply IH to H4 _.
Subgoal 2:
Variables: N1 N2 N3 M2 M' N
IH : forall J2 N1 N2 N3 M2, {nstep' J2 M2 (nat' N2)}* -> {add N1 N2 N3} ->
{nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
H2 : {add N1 N2 N3}
H3 : {step' M2 M'}*
H4 : {nstep' N M' (nat' N2)}*
H5 : {nstep' (s N) (plus' (nat' N1) M') (nat' N3)}
============================
{nstep' (s (s N)) (plus' (nat' N1) M2) (nat' N3)}
nstep'_plus_fwd1 < search.
Proof completed.
Abella < Theorem nstep'_plus_fwd :
forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)} ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)}).
============================
forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)} ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
nstep'_plus_fwd < induction on 1.
IH : forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}* ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
============================
forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}@ ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
nstep'_plus_fwd < intros.
Variables: J1 J2 N1 N2 N3 M1 M2
IH : forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}* ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
H1 : {nstep' J1 M1 (nat' N1)}@
H2 : {nstep' J2 M2 (nat' N2)}
H3 : {add N1 N2 N3}
============================
exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)}
nstep'_plus_fwd < case H1.
Subgoal 1:
Variables: J2 N1 N2 N3 M2
IH : forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}* ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
H2 : {nstep' J2 M2 (nat' N2)}
H3 : {add N1 N2 N3}
============================
exists J3, {add z J2 J3} /\ {nstep' (s J3) (plus' (nat' N1) M2) (nat' N3)}
Subgoal 2 is:
exists J3, {add (s N) J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)}
nstep'_plus_fwd < apply nstep'_plus_fwd1 to H2 H3.
Subgoal 1:
Variables: J2 N1 N2 N3 M2
IH : forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}* ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
H2 : {nstep' J2 M2 (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {nstep' (s J2) (plus' (nat' N1) M2) (nat' N3)}
============================
exists J3, {add z J2 J3} /\ {nstep' (s J3) (plus' (nat' N1) M2) (nat' N3)}
Subgoal 2 is:
exists J3, {add (s N) J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)}
nstep'_plus_fwd < search.
Subgoal 2:
Variables: J2 N1 N2 N3 M1 M2 M' N
IH : forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}* ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
H2 : {nstep' J2 M2 (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {step' M1 M'}*
H5 : {nstep' N M' (nat' N1)}*
============================
exists J3, {add (s N) J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)}
nstep'_plus_fwd < apply IH to H5 H2 H3.
Subgoal 2:
Variables: J2 N1 N2 N3 M1 M2 M' N J3
IH : forall J1 J2 N1 N2 N3 M1 M2, {nstep' J1 M1 (nat' N1)}* ->
{nstep' J2 M2 (nat' N2)} -> {add N1 N2 N3} ->
(exists J3, {add J1 J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)})
H2 : {nstep' J2 M2 (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {step' M1 M'}*
H5 : {nstep' N M' (nat' N1)}*
H6 : {add N J2 J3}
H7 : {nstep' (s J3) (plus' M' M2) (nat' N3)}
============================
exists J3, {add (s N) J2 J3} /\ {nstep' (s J3) (plus' M1 M2) (nat' N3)}
nstep'_plus_fwd < search.
Proof completed.
Abella < Theorem eval'_plus_fwd :
forall M1 M2 N1 N2 N3, {eval' M1 (nat' N1)} -> {eval' M2 (nat' N2)} ->
{add N1 N2 N3} -> {eval' (plus' M1 M2) (nat' N3)}.
============================
forall M1 M2 N1 N2 N3, {eval' M1 (nat' N1)} -> {eval' M2 (nat' N2)} ->
{add N1 N2 N3} -> {eval' (plus' M1 M2) (nat' N3)}
eval'_plus_fwd < intros.
Variables: M1 M2 N1 N2 N3
H1 : {eval' M1 (nat' N1)}
H2 : {eval' M2 (nat' N2)}
H3 : {add N1 N2 N3}
============================
{eval' (plus' M1 M2) (nat' N3)}
eval'_plus_fwd < case H1.
Variables: M1 M2 N1 N2 N3 N
H2 : {eval' M2 (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {nstep' N M1 (nat' N1)}
H5 : {val' (nat' N1)}
============================
{eval' (plus' M1 M2) (nat' N3)}
eval'_plus_fwd < case H2.
Variables: M1 M2 N1 N2 N3 N N4
H3 : {add N1 N2 N3}
H4 : {nstep' N M1 (nat' N1)}
H5 : {val' (nat' N1)}
H6 : {nstep' N4 M2 (nat' N2)}
H7 : {val' (nat' N2)}
============================
{eval' (plus' M1 M2) (nat' N3)}
eval'_plus_fwd < apply nstep'_plus_fwd to H4 H6 H3.
Variables: M1 M2 N1 N2 N3 N N4 J3
H3 : {add N1 N2 N3}
H4 : {nstep' N M1 (nat' N1)}
H5 : {val' (nat' N1)}
H6 : {nstep' N4 M2 (nat' N2)}
H7 : {val' (nat' N2)}
H8 : {add N N4 J3}
H9 : {nstep' (s J3) (plus' M1 M2) (nat' N3)}
============================
{eval' (plus' M1 M2) (nat' N3)}
eval'_plus_fwd < search.
Proof completed.
Abella < Theorem eval''_plus_fwd_aux :
forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)} -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} -> {eval'' (htm FE P) (nat' N3)}.
============================
forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)} -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd_aux < induction on 2.
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
============================
forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}@ -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd_aux < intros.
Variables: M1 M2 FE N1 N2 N3 P
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H2 : {eval'' (htm FE M2) (nat' N2)}@
H3 : {add N1 N2 N3}
H4 : {hcombine (hbase M1) M2 (x\y\plus' x y) P}
============================
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd_aux < case H2.
Subgoal 1:
Variables: M1 N1 N2 N3 P M
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H4 : {hcombine (hbase M1) (hbase M) (x\y\plus' x y) P}
H5 : {eval' M (nat' N2)}*
============================
{eval'' (htm cnil P) (nat' N3)}
Subgoal 2 is:
{eval'' (htm (ccons F FE1) P) (nat' N3)}
eval''_plus_fwd_aux < case H4.
Subgoal 1:
Variables: M1 N1 N2 N3 M
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H5 : {eval' M (nat' N2)}*
============================
{eval'' (htm cnil (hbase (plus' M1 M))) (nat' N3)}
Subgoal 2 is:
{eval'' (htm (ccons F FE1) P) (nat' N3)}
eval''_plus_fwd_aux < apply eval'_plus_fwd to H1 H5 H3.
Subgoal 1:
Variables: M1 N1 N2 N3 M
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H5 : {eval' M (nat' N2)}*
H6 : {eval' (plus' M1 M) (nat' N3)}
============================
{eval'' (htm cnil (hbase (plus' M1 M))) (nat' N3)}
Subgoal 2 is:
{eval'' (htm (ccons F FE1) P) (nat' N3)}
eval''_plus_fwd_aux < search.
Subgoal 2:
Variables: M1 N1 N2 N3 P F R FE1
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H4 : {hcombine (hbase M1) (habs R) (x\y\plus' x y) P}
H5 : {eval'' (htm FE1 (R F)) (nat' N2)}*
============================
{eval'' (htm (ccons F FE1) P) (nat' N3)}
eval''_plus_fwd_aux < case H4.
Subgoal 2:
Variables: M1 N1 N2 N3 F R FE1 R'
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H5 : {eval'' (htm FE1 (R F)) (nat' N2)}*
H6 : {hcombine (hbase M1) (R n1) (x\y\plus' x y) (R' n1)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (nat' N3)}
eval''_plus_fwd_aux < inst H6 with n1 = F.
Subgoal 2:
Variables: M1 N1 N2 N3 F R FE1 R'
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H5 : {eval'' (htm FE1 (R F)) (nat' N2)}*
H6 : {hcombine (hbase M1) (R n1) (x\y\plus' x y) (R' n1)}
H7 : {hcombine (hbase M1) (R F) (x\y\plus' x y) (R' F)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (nat' N3)}
eval''_plus_fwd_aux < apply IH to H1 H5 H3 H7.
Subgoal 2:
Variables: M1 N1 N2 N3 F R FE1 R'
IH : forall M1 M2 FE N1 N2 N3 P, {eval' M1 (nat' N1)} ->
{eval'' (htm FE M2) (nat' N2)}* -> {add N1 N2 N3} ->
{hcombine (hbase M1) M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval' M1 (nat' N1)}
H3 : {add N1 N2 N3}
H5 : {eval'' (htm FE1 (R F)) (nat' N2)}*
H6 : {hcombine (hbase M1) (R n1) (x\y\plus' x y) (R' n1)}
H7 : {hcombine (hbase M1) (R F) (x\y\plus' x y) (R' F)}
H8 : {eval'' (htm FE1 (R' F)) (nat' N3)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (nat' N3)}
eval''_plus_fwd_aux < search.
Proof completed.
Abella < Theorem eval''_plus_fwd :
forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)} ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}.
============================
forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)} ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd < induction on 1.
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
============================
forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}@ ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd < intros.
Variables: FE1 FE2 FE M1 M2 N1 N2 N3 P
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H1 : {eval'' (htm FE1 M1) (nat' N1)}@
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {cappend FE1 FE2 FE}
H5 : {hcombine M1 M2 (x\y\plus' x y) P}
============================
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd < case H1.
Subgoal 1:
Variables: FE2 FE M2 N1 N2 N3 P M
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {cappend cnil FE2 FE}
H5 : {hcombine (hbase M) M2 (x\y\plus' x y) P}
H6 : {eval' M (nat' N1)}*
============================
{eval'' (htm FE P) (nat' N3)}
Subgoal 2 is:
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd < case H4.
Subgoal 1:
Variables: FE M2 N1 N2 N3 P M
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE M2) (nat' N2)}
H3 : {add N1 N2 N3}
H5 : {hcombine (hbase M) M2 (x\y\plus' x y) P}
H6 : {eval' M (nat' N1)}*
============================
{eval'' (htm FE P) (nat' N3)}
Subgoal 2 is:
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd < backchain eval''_plus_fwd_aux.
Subgoal 2:
Variables: FE2 FE M2 N1 N2 N3 P F R FE3
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H4 : {cappend (ccons F FE3) FE2 FE}
H5 : {hcombine (habs R) M2 (x\y\plus' x y) P}
H6 : {eval'' (htm FE3 (R F)) (nat' N1)}*
============================
{eval'' (htm FE P) (nat' N3)}
eval''_plus_fwd < case H4.
Subgoal 2:
Variables: FE2 M2 N1 N2 N3 P F R FE3 L3
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H5 : {hcombine (habs R) M2 (x\y\plus' x y) P}
H6 : {eval'' (htm FE3 (R F)) (nat' N1)}*
H7 : {cappend FE3 FE2 L3}
============================
{eval'' (htm (ccons F L3) P) (nat' N3)}
eval''_plus_fwd < case H5.
Subgoal 2:
Variables: FE2 M2 N1 N2 N3 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H6 : {eval'' (htm FE3 (R F)) (nat' N1)}*
H7 : {cappend FE3 FE2 L3}
H8 : {hcombine (R n1) M2 (x\y\plus' x y) (R' n1)}
============================
{eval'' (htm (ccons F L3) (habs R')) (nat' N3)}
eval''_plus_fwd < inst H8 with n1 = F.
Subgoal 2:
Variables: FE2 M2 N1 N2 N3 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H6 : {eval'' (htm FE3 (R F)) (nat' N1)}*
H7 : {cappend FE3 FE2 L3}
H8 : {hcombine (R n1) M2 (x\y\plus' x y) (R' n1)}
H9 : {hcombine (R F) M2 (x\y\plus' x y) (R' F)}
============================
{eval'' (htm (ccons F L3) (habs R')) (nat' N3)}
eval''_plus_fwd < apply IH to H6 H2 H3 H7 H9.
Subgoal 2:
Variables: FE2 M2 N1 N2 N3 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 N1 N2 N3 P, {eval'' (htm FE1 M1) (nat' N1)}* ->
{eval'' (htm FE2 M2) (nat' N2)} -> {add N1 N2 N3} ->
{cappend FE1 FE2 FE} -> {hcombine M1 M2 (x\y\plus' x y) P} ->
{eval'' (htm FE P) (nat' N3)}
H2 : {eval'' (htm FE2 M2) (nat' N2)}
H3 : {add N1 N2 N3}
H6 : {eval'' (htm FE3 (R F)) (nat' N1)}*
H7 : {cappend FE3 FE2 L3}
H8 : {hcombine (R n1) M2 (x\y\plus' x y) (R' n1)}
H9 : {hcombine (R F) M2 (x\y\plus' x y) (R' F)}
H10 : {eval'' (htm L3 (R' F)) (nat' N3)}
============================
{eval'' (htm (ccons F L3) (habs R')) (nat' N3)}
eval''_plus_fwd < search.
Proof completed.
Abella < Theorem step_pair_inv :
forall M1 M2 M', {step (pair M1 M2) M'} ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'}).
============================
forall M1 M2 M', {step (pair M1 M2) M'} ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
step_pair_inv < induction on 1.
IH : forall M1 M2 M', {step (pair M1 M2) M'}* ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
============================
forall M1 M2 M', {step (pair M1 M2) M'}@ ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
step_pair_inv < intros.
Variables: M1 M2 M'
IH : forall M1 M2 M', {step (pair M1 M2) M'}* ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
H1 : {step (pair M1 M2) M'}@
============================
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
step_pair_inv < case H1.
Subgoal 1:
Variables: M1 M2 M1'
IH : forall M1 M2 M', {step (pair M1 M2) M'}* ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
H2 : {step M1 M1'}*
============================
(exists M1'1, pair M1' M2 = pair M1'1 M2 /\ {step M1 M1'1}) \/
(exists M2', {val M1} /\ pair M1' M2 = pair M1 M2' /\ {step M2 M2'})
Subgoal 2 is:
(exists M1', pair M1 M2' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2'1, {val M1} /\ pair M1 M2' = pair M1 M2'1 /\ {step M2 M2'1})
step_pair_inv < search.
Subgoal 2:
Variables: M1 M2 M2'
IH : forall M1 M2 M', {step (pair M1 M2) M'}* ->
(exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
H2 : {val M1}*
H3 : {step M2 M2'}*
============================
(exists M1', pair M1 M2' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2'1, {val M1} /\ pair M1 M2' = pair M1 M2'1 /\ {step M2 M2'1})
step_pair_inv < search.
Proof completed.
Abella < Theorem nstep_pair_inv :
forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V} ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}).
============================
forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V} ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
nstep_pair_inv < induction on 2.
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
============================
forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}@ ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
nstep_pair_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val V}
H2 : {nstep K (pair M1 M2) V}@
============================
exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair M1 M2)}
============================
exists I J V1 V2, {add I J z} /\ pair M1 M2 = pair V1 V2 /\
{nstep I M1 V1} /\ {nstep J M2 V2}
Subgoal 2 is:
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < search.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val V}
H3 : {step (pair M1 M2) M'}*
H4 : {nstep N M' V}*
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < apply step_pair_inv to H3.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val V}
H3 : {step (pair M1 M2) M'}*
H4 : {nstep N M' V}*
H5 : (exists M1', M' = pair M1' M2 /\ {step M1 M1'}) \/
(exists M2', {val M1} /\ M' = pair M1 M2' /\ {step M2 M2'})
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < case H5.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val V}
H3 : {step (pair M1 M2) (pair M1' M2)}*
H4 : {nstep N (pair M1' M2) V}*
H6 : {step M1 M1'}
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
Subgoal 2.2 is:
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 M2 N M1' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1' M2)}*
H4 : {nstep N (pair M1' M2) (pair V1 V2)}*
H6 : {step M1 M1'}
H7 : {add I J N}
H8 : {nstep I M1' V1}
H9 : {nstep J M2 V2}
============================
exists I J V3 V4, {add I J (s N)} /\ pair V1 V2 = pair V3 V4 /\
{nstep I M1 V3} /\ {nstep J M2 V4}
Subgoal 2.2 is:
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val V}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') V}*
H6 : {val M1}
H7 : {step M2 M2'}
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2}
nstep_pair_inv < apply IH to _ H4.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
exists I J V3 V4, {add I J (s N)} /\ pair V1 V2 = pair V3 V4 /\
{nstep I M1 V3} /\ {nstep J M2 V4}
nstep_pair_inv < exists I.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
exists J V3 V4, {add I J (s N)} /\ pair V1 V2 = pair V3 V4 /\
{nstep I M1 V3} /\ {nstep J M2 V4}
nstep_pair_inv < exists s J.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
exists V3 V4, {add I (s J) (s N)} /\ pair V1 V2 = pair V3 V4 /\
{nstep I M1 V3} /\ {nstep (s J) M2 V4}
nstep_pair_inv < exists V1.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
exists V4, {add I (s J) (s N)} /\ pair V1 V2 = pair V1 V4 /\
{nstep I M1 V1} /\ {nstep (s J) M2 V4}
nstep_pair_inv < exists V2.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
{add I (s J) (s N)} /\ pair V1 V2 = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep (s J) M2 V2}
nstep_pair_inv < split.
Subgoal 2.2.1:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
{add I (s J) (s N)}
Subgoal 2.2.2 is:
pair V1 V2 = pair V1 V2
Subgoal 2.2.3 is:
{nstep I M1 V1}
Subgoal 2.2.4 is:
{nstep (s J) M2 V2}
nstep_pair_inv < backchain add_s.
Subgoal 2.2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
pair V1 V2 = pair V1 V2
Subgoal 2.2.3 is:
{nstep I M1 V1}
Subgoal 2.2.4 is:
{nstep (s J) M2 V2}
nstep_pair_inv < search.
Subgoal 2.2.3:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
{nstep I M1 V1}
Subgoal 2.2.4 is:
{nstep (s J) M2 V2}
nstep_pair_inv < search.
Subgoal 2.2.4:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val V} -> {nstep K (pair M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair V1 V2 /\ {nstep I M1 V1} /\
{nstep J M2 V2})
H1 : {val (pair V1 V2)}
H3 : {step (pair M1 M2) (pair M1 M2')}*
H4 : {nstep N (pair M1 M2') (pair V1 V2)}*
H6 : {val M1}
H7 : {step M2 M2'}
H8 : {add I J N}
H9 : {nstep I M1 V1}
H10 : {nstep J M2' V2}
============================
{nstep (s J) M2 V2}
nstep_pair_inv < search.
Proof completed.
Abella < Theorem step'_pair_inv :
forall M1 M2 M', {step' (pair' M1 M2) M'} ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'}).
============================
forall M1 M2 M', {step' (pair' M1 M2) M'} ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
step'_pair_inv < induction on 1.
IH : forall M1 M2 M', {step' (pair' M1 M2) M'}* ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
============================
forall M1 M2 M', {step' (pair' M1 M2) M'}@ ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
step'_pair_inv < intros.
Variables: M1 M2 M'
IH : forall M1 M2 M', {step' (pair' M1 M2) M'}* ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
H1 : {step' (pair' M1 M2) M'}@
============================
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
step'_pair_inv < case H1.
Subgoal 1:
Variables: M1 M2 M1'
IH : forall M1 M2 M', {step' (pair' M1 M2) M'}* ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
H2 : {step' M1 M1'}*
============================
(exists M1'1, pair' M1' M2 = pair' M1'1 M2 /\ {step' M1 M1'1}) \/
(exists M2', {val' M1} /\ pair' M1' M2 = pair' M1 M2' /\ {step' M2 M2'})
Subgoal 2 is:
(exists M1', pair' M1 M2' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2'1, {val' M1} /\ pair' M1 M2' = pair' M1 M2'1 /\
{step' M2 M2'1})
step'_pair_inv < search.
Subgoal 2:
Variables: M1 M2 M2'
IH : forall M1 M2 M', {step' (pair' M1 M2) M'}* ->
(exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
H2 : {val' M1}*
H3 : {step' M2 M2'}*
============================
(exists M1', pair' M1 M2' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2'1, {val' M1} /\ pair' M1 M2' = pair' M1 M2'1 /\
{step' M2 M2'1})
step'_pair_inv < search.
Proof completed.
Abella < Theorem nstep'_pair_inv :
forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V} ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}).
============================
forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V} ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2})
nstep'_pair_inv < induction on 2.
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
============================
forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}@ ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2})
nstep'_pair_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' V}
H2 : {nstep' K (pair' M1 M2) V}@
============================
exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' M1 M2)}
============================
exists I J V1 V2, {add I J z} /\ pair' M1 M2 = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2}
Subgoal 2 is:
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < search.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' V}
H3 : {step' (pair' M1 M2) M'}*
H4 : {nstep' N M' V}*
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < apply step'_pair_inv to H3.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' V}
H3 : {step' (pair' M1 M2) M'}*
H4 : {nstep' N M' V}*
H5 : (exists M1', M' = pair' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = pair' M1 M2' /\ {step' M2 M2'})
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < case H5.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' V}
H3 : {step' (pair' M1 M2) (pair' M1' M2)}*
H4 : {nstep' N (pair' M1' M2) V}*
H6 : {step' M1 M1'}
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
Subgoal 2.2 is:
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 M2 N M1' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1' M2)}*
H4 : {nstep' N (pair' M1' M2) (pair' V1 V2)}*
H6 : {step' M1 M1'}
H7 : {add I J N}
H8 : {nstep' I M1' V1}
H9 : {nstep' J M2 V2}
============================
exists I J V3 V4, {add I J (s N)} /\ pair' V1 V2 = pair' V3 V4 /\
{nstep' I M1 V3} /\ {nstep' J M2 V4}
Subgoal 2.2 is:
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' V}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') V}*
H6 : {val' M1}
H7 : {step' M2 M2'}
============================
exists I J V1 V2, {add I J (s N)} /\ V = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' J M2 V2}
nstep'_pair_inv < apply IH to _ H4.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
exists I J V3 V4, {add I J (s N)} /\ pair' V1 V2 = pair' V3 V4 /\
{nstep' I M1 V3} /\ {nstep' J M2 V4}
nstep'_pair_inv < exists I.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
exists J V3 V4, {add I J (s N)} /\ pair' V1 V2 = pair' V3 V4 /\
{nstep' I M1 V3} /\ {nstep' J M2 V4}
nstep'_pair_inv < exists s J.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
exists V3 V4, {add I (s J) (s N)} /\ pair' V1 V2 = pair' V3 V4 /\
{nstep' I M1 V3} /\ {nstep' (s J) M2 V4}
nstep'_pair_inv < exists V1.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
exists V4, {add I (s J) (s N)} /\ pair' V1 V2 = pair' V1 V4 /\
{nstep' I M1 V1} /\ {nstep' (s J) M2 V4}
nstep'_pair_inv < exists V2.
Subgoal 2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
{add I (s J) (s N)} /\ pair' V1 V2 = pair' V1 V2 /\ {nstep' I M1 V1} /\
{nstep' (s J) M2 V2}
nstep'_pair_inv < split.
Subgoal 2.2.1:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
{add I (s J) (s N)}
Subgoal 2.2.2 is:
pair' V1 V2 = pair' V1 V2
Subgoal 2.2.3 is:
{nstep' I M1 V1}
Subgoal 2.2.4 is:
{nstep' (s J) M2 V2}
nstep'_pair_inv < backchain add_s.
Subgoal 2.2.2:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
pair' V1 V2 = pair' V1 V2
Subgoal 2.2.3 is:
{nstep' I M1 V1}
Subgoal 2.2.4 is:
{nstep' (s J) M2 V2}
nstep'_pair_inv < search.
Subgoal 2.2.3:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
{nstep' I M1 V1}
Subgoal 2.2.4 is:
{nstep' (s J) M2 V2}
nstep'_pair_inv < search.
Subgoal 2.2.4:
Variables: M1 M2 N M2' I J V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (pair' M1 M2) V}* ->
(exists I J V1 V2, {add I J K} /\ V = pair' V1 V2 /\
{nstep' I M1 V1} /\ {nstep' J M2 V2})
H1 : {val' (pair' V1 V2)}
H3 : {step' (pair' M1 M2) (pair' M1 M2')}*
H4 : {nstep' N (pair' M1 M2') (pair' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add I J N}
H9 : {nstep' I M1 V1}
H10 : {nstep' J M2' V2}
============================
{nstep' (s J) M2 V2}
nstep'_pair_inv < search.
Proof completed.
Abella < Theorem nstep'_pair_fwd1 :
forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'} ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}.
============================
forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'} ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
nstep'_pair_fwd1 < induction on 2.
IH : forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'}* ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
============================
forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'}@ ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
nstep'_pair_fwd1 < intros.
Variables: K V1 M2 M2'
IH : forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'}* ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
H1 : {val' V1}
H2 : {nstep' K M2 M2'}@
============================
{nstep' K (pair' V1 M2) (pair' V1 M2')}
nstep'_pair_fwd1 < case H2.
Subgoal 1:
Variables: V1 M2'
IH : forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'}* ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
H1 : {val' V1}
============================
{nstep' z (pair' V1 M2') (pair' V1 M2')}
Subgoal 2 is:
{nstep' (s N) (pair' V1 M2) (pair' V1 M2')}
nstep'_pair_fwd1 < search.
Subgoal 2:
Variables: V1 M2 M2' M' N
IH : forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'}* ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
H1 : {val' V1}
H3 : {step' M2 M'}*
H4 : {nstep' N M' M2'}*
============================
{nstep' (s N) (pair' V1 M2) (pair' V1 M2')}
nstep'_pair_fwd1 < apply IH to _ H4.
Subgoal 2:
Variables: V1 M2 M2' M' N
IH : forall K V1 M2 M2', {val' V1} -> {nstep' K M2 M2'}* ->
{nstep' K (pair' V1 M2) (pair' V1 M2')}
H1 : {val' V1}
H3 : {step' M2 M'}*
H4 : {nstep' N M' M2'}*
H5 : {nstep' N (pair' V1 M') (pair' V1 M2')}
============================
{nstep' (s N) (pair' V1 M2) (pair' V1 M2')}
nstep'_pair_fwd1 < search.
Proof completed.
Abella < Theorem nstep'_pair_fwd :
forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1} ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')}).
============================
forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1} ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
nstep'_pair_fwd < induction on 2.
IH : forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
============================
forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}@ ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
nstep'_pair_fwd < intros.
Variables: V1 M1 M2 M2' I J
IH : forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
H1 : {val' V1}
H2 : {nstep' I M1 V1}@
H3 : {nstep' J M2 M2'}
============================
exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')}
nstep'_pair_fwd < case H2.
Subgoal 1:
Variables: V1 M2 M2' J
IH : forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
============================
exists K, {add z J K} /\ {nstep' K (pair' V1 M2) (pair' V1 M2')}
Subgoal 2 is:
exists K, {add (s N) J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')}
nstep'_pair_fwd < apply nstep'_pair_fwd1 to _ H3.
Subgoal 1:
Variables: V1 M2 M2' J
IH : forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
H4 : {nstep' J (pair' V1 M2) (pair' V1 M2')}
============================
exists K, {add z J K} /\ {nstep' K (pair' V1 M2) (pair' V1 M2')}
Subgoal 2 is:
exists K, {add (s N) J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')}
nstep'_pair_fwd < search.
Subgoal 2:
Variables: V1 M1 M2 M2' J M' N
IH : forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
H4 : {step' M1 M'}*
H5 : {nstep' N M' V1}*
============================
exists K, {add (s N) J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')}
nstep'_pair_fwd < apply IH to _ H5 H3.
Subgoal 2:
Variables: V1 M1 M2 M2' J M' N K
IH : forall V1 M1 M2 M2' I J, {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
H4 : {step' M1 M'}*
H5 : {nstep' N M' V1}*
H6 : {add N J K}
H7 : {nstep' K (pair' M' M2) (pair' V1 M2')}
============================
exists K, {add (s N) J K} /\ {nstep' K (pair' M1 M2) (pair' V1 M2')}
nstep'_pair_fwd < search.
Proof completed.
Abella < Theorem eval'_pair_fwd :
forall M1 M2 V1 V2, {eval' M1 V1} -> {eval' M2 V2} ->
{eval' (pair' M1 M2) (pair' V1 V2)}.
============================
forall M1 M2 V1 V2, {eval' M1 V1} -> {eval' M2 V2} ->
{eval' (pair' M1 M2) (pair' V1 V2)}
eval'_pair_fwd < intros.
Variables: M1 M2 V1 V2
H1 : {eval' M1 V1}
H2 : {eval' M2 V2}
============================
{eval' (pair' M1 M2) (pair' V1 V2)}
eval'_pair_fwd < case H1.
Variables: M1 M2 V1 V2 N
H2 : {eval' M2 V2}
H3 : {nstep' N M1 V1}
H4 : {val' V1}
============================
{eval' (pair' M1 M2) (pair' V1 V2)}
eval'_pair_fwd < case H2.
Variables: M1 M2 V1 V2 N N1
H3 : {nstep' N M1 V1}
H4 : {val' V1}
H5 : {nstep' N1 M2 V2}
H6 : {val' V2}
============================
{eval' (pair' M1 M2) (pair' V1 V2)}
eval'_pair_fwd < apply nstep'_pair_fwd to _ H3 H5.
Variables: M1 M2 V1 V2 N N1 K
H3 : {nstep' N M1 V1}
H4 : {val' V1}
H5 : {nstep' N1 M2 V2}
H6 : {val' V2}
H7 : {add N N1 K}
H8 : {nstep' K (pair' M1 M2) (pair' V1 V2)}
============================
{eval' (pair' M1 M2) (pair' V1 V2)}
eval'_pair_fwd < search.
Proof completed.
Abella < Theorem eval''_pair_fwd_aux :
forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}.
============================
forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd_aux < induction on 3.
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
============================
forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}@ ->
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd_aux < intros.
Variables: M1 M2 FE V1 V2 P
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H2 : {eval'' (htm FE M2) V2}
H3 : {hcombine (hbase M1) M2 (x\y\pair' x y) P}@
============================
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd_aux < case H3.
Subgoal 1:
Variables: M1 FE V1 V2 M3
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H2 : {eval'' (htm FE (hbase M3)) V2}
============================
{eval'' (htm FE (hbase (pair' M1 M3))) (pair' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < case H2.
Subgoal 1:
Variables: M1 V1 V2 M3
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval' M3 V2}
============================
{eval'' (htm cnil (hbase (pair' M1 M3))) (pair' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < apply eval'_pair_fwd to H1 H4.
Subgoal 1:
Variables: M1 V1 V2 M3
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval' M3 V2}
H5 : {eval' (pair' M1 M3) (pair' V1 V2)}
============================
{eval'' (htm cnil (hbase (pair' M1 M3))) (pair' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < search.
Subgoal 2:
Variables: M1 FE V1 V2 R' R
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H2 : {eval'' (htm FE (habs R)) V2}
H4 : {hcombine (hbase M1) (R n1) (x\y\pair' x y) (R' n1)}*
============================
{eval'' (htm FE (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < case H2.
Subgoal 2:
Variables: M1 V1 V2 R' R F FE1
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H4 : {hcombine (hbase M1) (R n1) (x\y\pair' x y) (R' n1)}*
H5 : {eval'' (htm FE1 (R F)) V2}
============================
{eval'' (htm (ccons F FE1) (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < inst H4 with n1 = F.
Subgoal 2:
Variables: M1 V1 V2 R' R F FE1
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H4 : {hcombine (hbase M1) (R n1) (x\y\pair' x y) (R' n1)}*
H5 : {eval'' (htm FE1 (R F)) V2}
H6 : {hcombine (hbase M1) (R F) (x\y\pair' x y) (R' F)}*
============================
{eval'' (htm (ccons F FE1) (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < apply IH to H1 H5 H6.
Subgoal 2:
Variables: M1 V1 V2 R' R F FE1
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\pair' x y) P}* ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval' M1 V1}
H4 : {hcombine (hbase M1) (R n1) (x\y\pair' x y) (R' n1)}*
H5 : {eval'' (htm FE1 (R F)) V2}
H6 : {hcombine (hbase M1) (R F) (x\y\pair' x y) (R' F)}*
H7 : {eval'' (htm FE1 (R' F)) (pair' V1 V2)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (pair' V1 V2)}
eval''_pair_fwd_aux < search.
Proof completed.
Abella < Theorem eval''_pair_fwd :
forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} -> {eval'' (htm FE P) (pair' V1 V2)}.
============================
forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} -> {eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd < induction on 1.
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
============================
forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}@ ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} -> {eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd < intros.
Variables: FE1 FE2 FE M1 M2 V1 V2 P
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H1 : {eval'' (htm FE1 M1) V1}@
H2 : {eval'' (htm FE2 M2) V2}
H3 : {cappend FE1 FE2 FE}
H4 : {hcombine M1 M2 (x\y\pair' x y) P}
============================
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd < case H1.
Subgoal 1:
Variables: FE2 FE M2 V1 V2 P M
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {cappend cnil FE2 FE}
H4 : {hcombine (hbase M) M2 (x\y\pair' x y) P}
H5 : {eval' M V1}*
============================
{eval'' (htm FE P) (pair' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd < case H3.
Subgoal 1:
Variables: FE M2 V1 V2 P M
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE M2) V2}
H4 : {hcombine (hbase M) M2 (x\y\pair' x y) P}
H5 : {eval' M V1}*
============================
{eval'' (htm FE P) (pair' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd < backchain eval''_pair_fwd_aux.
Subgoal 2:
Variables: FE2 FE M2 V1 V2 P F R FE3
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {cappend (ccons F FE3) FE2 FE}
H4 : {hcombine (habs R) M2 (x\y\pair' x y) P}
H5 : {eval'' (htm FE3 (R F)) V1}*
============================
{eval'' (htm FE P) (pair' V1 V2)}
eval''_pair_fwd < case H3.
Subgoal 2:
Variables: FE2 M2 V1 V2 P F R FE3 L3
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H4 : {hcombine (habs R) M2 (x\y\pair' x y) P}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
============================
{eval'' (htm (ccons F L3) P) (pair' V1 V2)}
eval''_pair_fwd < case H4.
Subgoal 2:
Variables: FE2 M2 V1 V2 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
H7 : {hcombine (R n1) M2 (x\y\pair' x y) (R' n1)}
============================
{eval'' (htm (ccons F L3) (habs R')) (pair' V1 V2)}
eval''_pair_fwd < inst H7 with n1 = F.
Subgoal 2:
Variables: FE2 M2 V1 V2 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
H7 : {hcombine (R n1) M2 (x\y\pair' x y) (R' n1)}
H8 : {hcombine (R F) M2 (x\y\pair' x y) (R' F)}
============================
{eval'' (htm (ccons F L3) (habs R')) (pair' V1 V2)}
eval''_pair_fwd < apply IH to H5 _ _ H8.
Subgoal 2:
Variables: FE2 M2 V1 V2 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\pair' x y) P} ->
{eval'' (htm FE P) (pair' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
H7 : {hcombine (R n1) M2 (x\y\pair' x y) (R' n1)}
H8 : {hcombine (R F) M2 (x\y\pair' x y) (R' F)}
H9 : {eval'' (htm L3 (R' F)) (pair' V1 V2)}
============================
{eval'' (htm (ccons F L3) (habs R')) (pair' V1 V2)}
eval''_pair_fwd < search.
Proof completed.
Abella < Theorem nstep'_fst_pair :
forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)} ->
{nstep' (s N) (fst' M) V1}.
============================
forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)} ->
{nstep' (s N) (fst' M) V1}
nstep'_fst_pair < induction on 2.
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (fst' M) V1}
============================
forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}@ ->
{nstep' (s N) (fst' M) V1}
nstep'_fst_pair < intros.
Variables: V1 V2 M N
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
H2 : {nstep' N M (pair' V1 V2)}@
============================
{nstep' (s N) (fst' M) V1}
nstep'_fst_pair < case H2.
Subgoal 1:
Variables: V1 V2
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
============================
{nstep' (s z) (fst' (pair' V1 V2)) V1}
Subgoal 2 is:
{nstep' (s (s N1)) (fst' M) V1}
nstep'_fst_pair < search.
Subgoal 2:
Variables: V1 V2 M M' N1
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N1 M' (pair' V1 V2)}*
============================
{nstep' (s (s N1)) (fst' M) V1}
nstep'_fst_pair < apply IH to H1 H4.
Subgoal 2:
Variables: V1 V2 M M' N1
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N1 M' (pair' V1 V2)}*
H5 : {nstep' (s N1) (fst' M') V1}
============================
{nstep' (s (s N1)) (fst' M) V1}
nstep'_fst_pair < search.
Proof completed.
Abella < Theorem eval'_fst_pair :
forall M M1 M2, {eval' M (pair' M1 M2)} -> {eval' (fst' M) M1}.
============================
forall M M1 M2, {eval' M (pair' M1 M2)} -> {eval' (fst' M) M1}
eval'_fst_pair < intros.
Variables: M M1 M2
H1 : {eval' M (pair' M1 M2)}
============================
{eval' (fst' M) M1}
eval'_fst_pair < case H1.
Variables: M M1 M2 N
H2 : {nstep' N M (pair' M1 M2)}
H3 : {val' (pair' M1 M2)}
============================
{eval' (fst' M) M1}
eval'_fst_pair < apply nstep'_fst_pair to H3 H2.
Variables: M M1 M2 N
H2 : {nstep' N M (pair' M1 M2)}
H3 : {val' (pair' M1 M2)}
H4 : {nstep' (s N) (fst' M) M1}
============================
{eval' (fst' M) M1}
eval'_fst_pair < case H3.
Variables: M M1 M2 N
H2 : {nstep' N M (pair' M1 M2)}
H4 : {nstep' (s N) (fst' M) M1}
H5 : {val' M1}
H6 : {val' M2}
============================
{eval' (fst' M) M1}
eval'_fst_pair < search.
Proof completed.
Abella < Theorem nstep'_snd_pair :
forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)} ->
{nstep' (s N) (snd' M) V2}.
============================
forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)} ->
{nstep' (s N) (snd' M) V2}
nstep'_snd_pair < induction on 2.
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (snd' M) V2}
============================
forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}@ ->
{nstep' (s N) (snd' M) V2}
nstep'_snd_pair < intros.
Variables: V1 V2 M N
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
H2 : {nstep' N M (pair' V1 V2)}@
============================
{nstep' (s N) (snd' M) V2}
nstep'_snd_pair < case H2.
Subgoal 1:
Variables: V1 V2
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
============================
{nstep' (s z) (snd' (pair' V1 V2)) V2}
Subgoal 2 is:
{nstep' (s (s N1)) (snd' M) V2}
nstep'_snd_pair < search.
Subgoal 2:
Variables: V1 V2 M M' N1
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N1 M' (pair' V1 V2)}*
============================
{nstep' (s (s N1)) (snd' M) V2}
nstep'_snd_pair < apply IH to H1 H4.
Subgoal 2:
Variables: V1 V2 M M' N1
IH : forall V1 V2 M N, {val' (pair' V1 V2)} -> {nstep' N M (pair' V1 V2)}* ->
{nstep' (s N) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N1 M' (pair' V1 V2)}*
H5 : {nstep' (s N1) (snd' M') V2}
============================
{nstep' (s (s N1)) (snd' M) V2}
nstep'_snd_pair < search.
Proof completed.
Abella < Theorem eval'_snd_pair :
forall M M1 M2, {eval' M (pair' M1 M2)} -> {eval' (snd' M) M2}.
============================
forall M M1 M2, {eval' M (pair' M1 M2)} -> {eval' (snd' M) M2}
eval'_snd_pair < intros.
Variables: M M1 M2
H1 : {eval' M (pair' M1 M2)}
============================
{eval' (snd' M) M2}
eval'_snd_pair < case H1.
Variables: M M1 M2 N
H2 : {nstep' N M (pair' M1 M2)}
H3 : {val' (pair' M1 M2)}
============================
{eval' (snd' M) M2}
eval'_snd_pair < apply nstep'_snd_pair to H3 H2.
Variables: M M1 M2 N
H2 : {nstep' N M (pair' M1 M2)}
H3 : {val' (pair' M1 M2)}
H4 : {nstep' (s N) (snd' M) M2}
============================
{eval' (snd' M) M2}
eval'_snd_pair < case H3.
Variables: M M1 M2 N
H2 : {nstep' N M (pair' M1 M2)}
H4 : {nstep' (s N) (snd' M) M2}
H5 : {val' M1}
H6 : {val' M2}
============================
{eval' (snd' M) M2}
eval'_snd_pair < search.
Proof completed.
Abella < Theorem nstep_fst_inv :
forall V K M, {val V} -> {nstep K (fst M) V} ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')}).
============================
forall V K M, {val V} -> {nstep K (fst M) V} ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
nstep_fst_inv < induction on 2.
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
============================
forall V K M, {val V} -> {nstep K (fst M) V}@ ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
nstep_fst_inv < intros.
Variables: V K M
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H2 : {nstep K (fst M) V}@
============================
exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')}
nstep_fst_inv < case H2.
Subgoal 1:
Variables: M
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val (fst M)}
============================
exists K' V', z = s K' /\ {val V'} /\ {nstep K' M (pair (fst M) V')}
Subgoal 2 is:
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' M (pair V V')}
nstep_fst_inv < case H1.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H3 : {step (fst M) M'}*
H4 : {nstep N M' V}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' M (pair V V')}
nstep_fst_inv < case H3.
Subgoal 2.1:
Variables: V M N M'1
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H4 : {nstep N (fst M'1) V}*
H5 : {step M M'1}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' M (pair V V')}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair M' V2) (pair V V')}
nstep_fst_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: V M M'1 K' V'
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H4 : {nstep (s K') (fst M'1) V}*
H5 : {step M M'1}*
H6 : {val V'}
H7 : {nstep K' M'1 (pair V V')}
============================
exists K'1 V', s (s K') = s K'1 /\ {val V'} /\ {nstep K'1 M (pair V V')}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair M' V2) (pair V V')}
nstep_fst_inv < search.
Subgoal 2.2:
Variables: V M' N V2
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H4 : {nstep N M' V}*
H5 : {val (pair M' V2)}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair M' V2) (pair V V')}
nstep_fst_inv < case H5.
Subgoal 2.2:
Variables: V M' N V2
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H4 : {nstep N M' V}*
H6 : {val M'}*
H7 : {val V2}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair M' V2) (pair V V')}
nstep_fst_inv < apply nstep_val_inv to H6 H4.
Subgoal 2.2:
Variables: V V2
IH : forall V K M, {val V} -> {nstep K (fst M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V V')})
H1 : {val V}
H4 : {nstep z V V}*
H6 : {val V}*
H7 : {val V2}*
============================
exists K' V', s z = s K' /\ {val V'} /\ {nstep K' (pair V V2) (pair V V')}
nstep_fst_inv < search.
Proof completed.
Abella < Theorem nstep_snd_inv :
forall V K M, {val V} -> {nstep K (snd M) V} ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)}).
============================
forall V K M, {val V} -> {nstep K (snd M) V} ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
nstep_snd_inv < induction on 2.
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
============================
forall V K M, {val V} -> {nstep K (snd M) V}@ ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
nstep_snd_inv < intros.
Variables: V K M
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H2 : {nstep K (snd M) V}@
============================
exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)}
nstep_snd_inv < case H2.
Subgoal 1:
Variables: M
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val (snd M)}
============================
exists K' V', z = s K' /\ {val V'} /\ {nstep K' M (pair V' (snd M))}
Subgoal 2 is:
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' M (pair V' V)}
nstep_snd_inv < case H1.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H3 : {step (snd M) M'}*
H4 : {nstep N M' V}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' M (pair V' V)}
nstep_snd_inv < case H3.
Subgoal 2.1:
Variables: V M N M'1
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H4 : {nstep N (snd M'1) V}*
H5 : {step M M'1}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' M (pair V' V)}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair V1 M') (pair V' V)}
nstep_snd_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: V M M'1 K' V'
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H4 : {nstep (s K') (snd M'1) V}*
H5 : {step M M'1}*
H6 : {val V'}
H7 : {nstep K' M'1 (pair V' V)}
============================
exists K'1 V', s (s K') = s K'1 /\ {val V'} /\ {nstep K'1 M (pair V' V)}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair V1 M') (pair V' V)}
nstep_snd_inv < search.
Subgoal 2.2:
Variables: V M' N V1
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H4 : {nstep N M' V}*
H5 : {val (pair V1 M')}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair V1 M') (pair V' V)}
nstep_snd_inv < case H5.
Subgoal 2.2:
Variables: V M' N V1
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H4 : {nstep N M' V}*
H6 : {val V1}*
H7 : {val M'}*
============================
exists K' V', s N = s K' /\ {val V'} /\ {nstep K' (pair V1 M') (pair V' V)}
nstep_snd_inv < apply nstep_val_inv to H7 H4.
Subgoal 2.2:
Variables: V V1
IH : forall V K M, {val V} -> {nstep K (snd M) V}* ->
(exists K' V', K = s K' /\ {val V'} /\ {nstep K' M (pair V' V)})
H1 : {val V}
H4 : {nstep z V V}*
H6 : {val V1}*
H7 : {val V}*
============================
exists K' V', s z = s K' /\ {val V'} /\ {nstep K' (pair V1 V) (pair V' V)}
nstep_snd_inv < search.
Proof completed.
Abella < Theorem nstep'_fst_inv :
forall V K M, {val' V} -> {nstep' K (fst' M) V} ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')}).
============================
forall V K M, {val' V} -> {nstep' K (fst' M) V} ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
nstep'_fst_inv < induction on 2.
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
============================
forall V K M, {val' V} -> {nstep' K (fst' M) V}@ ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
nstep'_fst_inv < intros.
Variables: V K M
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H2 : {nstep' K (fst' M) V}@
============================
exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')}
nstep'_fst_inv < case H2.
Subgoal 1:
Variables: M
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' (fst' M)}
============================
exists K' V', z = s K' /\ {val' V'} /\ {nstep' K' M (pair' (fst' M) V')}
Subgoal 2 is:
exists K' V', s N = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')}
nstep'_fst_inv < case H1.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H3 : {step' (fst' M) M'}*
H4 : {nstep' N M' V}*
============================
exists K' V', s N = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')}
nstep'_fst_inv < case H3.
Subgoal 2.1:
Variables: V M N M'1
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H4 : {nstep' N (fst' M'1) V}*
H5 : {step' M M'1}*
============================
exists K' V', s N = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' M' V2) (pair' V V')}
nstep'_fst_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: V M M'1 K' V'
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H4 : {nstep' (s K') (fst' M'1) V}*
H5 : {step' M M'1}*
H6 : {val' V'}
H7 : {nstep' K' M'1 (pair' V V')}
============================
exists K'1 V', s (s K') = s K'1 /\ {val' V'} /\ {nstep' K'1 M (pair' V V')}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' M' V2) (pair' V V')}
nstep'_fst_inv < search.
Subgoal 2.2:
Variables: V M' N V2
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H4 : {nstep' N M' V}*
H5 : {val' (pair' M' V2)}*
============================
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' M' V2) (pair' V V')}
nstep'_fst_inv < case H5.
Subgoal 2.2:
Variables: V M' N V2
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H4 : {nstep' N M' V}*
H6 : {val' M'}*
H7 : {val' V2}*
============================
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' M' V2) (pair' V V')}
nstep'_fst_inv < apply nstep'_val'_inv to H6 H4.
Subgoal 2.2:
Variables: V V2
IH : forall V K M, {val' V} -> {nstep' K (fst' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V V')})
H1 : {val' V}
H4 : {nstep' z V V}*
H6 : {val' V}*
H7 : {val' V2}*
============================
exists K' V', s z = s K' /\ {val' V'} /\
{nstep' K' (pair' V V2) (pair' V V')}
nstep'_fst_inv < search.
Proof completed.
Abella < Theorem eval'_fst_inv :
forall M V, {eval' (fst' M) V} -> (exists V', {eval' M (pair' V V')}).
============================
forall M V, {eval' (fst' M) V} -> (exists V', {eval' M (pair' V V')})
eval'_fst_inv < intros.
Variables: M V
H1 : {eval' (fst' M) V}
============================
exists V', {eval' M (pair' V V')}
eval'_fst_inv < case H1.
Variables: M V N
H2 : {nstep' N (fst' M) V}
H3 : {val' V}
============================
exists V', {eval' M (pair' V V')}
eval'_fst_inv < apply nstep'_fst_inv to H3 H2.
Variables: M V K' V'
H2 : {nstep' (s K') (fst' M) V}
H3 : {val' V}
H4 : {val' V'}
H5 : {nstep' K' M (pair' V V')}
============================
exists V', {eval' M (pair' V V')}
eval'_fst_inv < search.
Proof completed.
Abella < Theorem nstep'_fst_fwd :
forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)} ->
{nstep' (s K) (fst' M) V1}.
============================
forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)} ->
{nstep' (s K) (fst' M) V1}
nstep'_fst_fwd < induction on 2.
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (fst' M) V1}
============================
forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}@ ->
{nstep' (s K) (fst' M) V1}
nstep'_fst_fwd < intros.
Variables: K V1 V2 M
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
H2 : {nstep' K M (pair' V1 V2)}@
============================
{nstep' (s K) (fst' M) V1}
nstep'_fst_fwd < case H2.
Subgoal 1:
Variables: V1 V2
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
============================
{nstep' (s z) (fst' (pair' V1 V2)) V1}
Subgoal 2 is:
{nstep' (s (s N)) (fst' M) V1}
nstep'_fst_fwd < search.
Subgoal 2:
Variables: V1 V2 M M' N
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N M' (pair' V1 V2)}*
============================
{nstep' (s (s N)) (fst' M) V1}
nstep'_fst_fwd < apply IH to H1 H4.
Subgoal 2:
Variables: V1 V2 M M' N
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (fst' M) V1}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N M' (pair' V1 V2)}*
H5 : {nstep' (s N) (fst' M') V1}
============================
{nstep' (s (s N)) (fst' M) V1}
nstep'_fst_fwd < search.
Proof completed.
Abella < Theorem eval'_fst_fwd :
forall M V V', {eval' M (pair' V V')} -> {eval' (fst' M) V}.
============================
forall M V V', {eval' M (pair' V V')} -> {eval' (fst' M) V}
eval'_fst_fwd < intros.
Variables: M V V'
H1 : {eval' M (pair' V V')}
============================
{eval' (fst' M) V}
eval'_fst_fwd < case H1.
Variables: M V V' N
H2 : {nstep' N M (pair' V V')}
H3 : {val' (pair' V V')}
============================
{eval' (fst' M) V}
eval'_fst_fwd < apply nstep'_fst_fwd to H3 H2.
Variables: M V V' N
H2 : {nstep' N M (pair' V V')}
H3 : {val' (pair' V V')}
H4 : {nstep' (s N) (fst' M) V}
============================
{eval' (fst' M) V}
eval'_fst_fwd < case H3.
Variables: M V V' N
H2 : {nstep' N M (pair' V V')}
H4 : {nstep' (s N) (fst' M) V}
H5 : {val' V}
H6 : {val' V'}
============================
{eval' (fst' M) V}
eval'_fst_fwd < search.
Proof completed.
Abella < Theorem eval''_fst_fwd :
forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'} -> {eval'' (htm FE M') V1}.
============================
forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'} -> {eval'' (htm FE M') V1}
eval''_fst_fwd < induction on 2.
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
============================
forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}@ -> {eval'' (htm FE M') V1}
eval''_fst_fwd < intros.
Variables: FE M M' V1 V2
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H1 : {eval'' (htm FE M) (pair' V1 V2)}
H2 : {hconstr M (x\fst' x) M'}@
============================
{eval'' (htm FE M') V1}
eval''_fst_fwd < case H2.
Subgoal 1:
Variables: FE V1 V2 M1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H1 : {eval'' (htm FE (hbase M1)) (pair' V1 V2)}
============================
{eval'' (htm FE (hbase (fst' M1))) V1}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V1}
eval''_fst_fwd < case H1.
Subgoal 1:
Variables: V1 V2 M1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H3 : {eval' M1 (pair' V1 V2)}
============================
{eval'' (htm cnil (hbase (fst' M1))) V1}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V1}
eval''_fst_fwd < apply eval'_fst_fwd to H3.
Subgoal 1:
Variables: V1 V2 M1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H3 : {eval' M1 (pair' V1 V2)}
H4 : {eval' (fst' M1) V1}
============================
{eval'' (htm cnil (hbase (fst' M1))) V1}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V1}
eval''_fst_fwd < search.
Subgoal 2:
Variables: FE V1 V2 R' R
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H1 : {eval'' (htm FE (habs R)) (pair' V1 V2)}
H3 : {hconstr (R n1) (x\fst' x) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V1}
eval''_fst_fwd < case H1.
Subgoal 2:
Variables: V1 V2 R' R F FE1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H3 : {hconstr (R n1) (x\fst' x) (R' n1)}*
H4 : {eval'' (htm FE1 (R F)) (pair' V1 V2)}
============================
{eval'' (htm (ccons F FE1) (habs R')) V1}
eval''_fst_fwd < inst H3 with n1 = F.
Subgoal 2:
Variables: V1 V2 R' R F FE1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H3 : {hconstr (R n1) (x\fst' x) (R' n1)}*
H4 : {eval'' (htm FE1 (R F)) (pair' V1 V2)}
H5 : {hconstr (R F) (x\fst' x) (R' F)}*
============================
{eval'' (htm (ccons F FE1) (habs R')) V1}
eval''_fst_fwd < apply IH to H4 H5.
Subgoal 2:
Variables: V1 V2 R' R F FE1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\fst' x) M'}* -> {eval'' (htm FE M') V1}
H3 : {hconstr (R n1) (x\fst' x) (R' n1)}*
H4 : {eval'' (htm FE1 (R F)) (pair' V1 V2)}
H5 : {hconstr (R F) (x\fst' x) (R' F)}*
H6 : {eval'' (htm FE1 (R' F)) V1}
============================
{eval'' (htm (ccons F FE1) (habs R')) V1}
eval''_fst_fwd < search.
Proof completed.
Abella < Theorem nstep'_snd_inv :
forall V K M, {val' V} -> {nstep' K (snd' M) V} ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)}).
============================
forall V K M, {val' V} -> {nstep' K (snd' M) V} ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
nstep'_snd_inv < induction on 2.
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
============================
forall V K M, {val' V} -> {nstep' K (snd' M) V}@ ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
nstep'_snd_inv < intros.
Variables: V K M
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H2 : {nstep' K (snd' M) V}@
============================
exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)}
nstep'_snd_inv < case H2.
Subgoal 1:
Variables: M
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' (snd' M)}
============================
exists K' V', z = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' (snd' M))}
Subgoal 2 is:
exists K' V', s N = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)}
nstep'_snd_inv < case H1.
Subgoal 2:
Variables: V M M' N
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H3 : {step' (snd' M) M'}*
H4 : {nstep' N M' V}*
============================
exists K' V', s N = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)}
nstep'_snd_inv < case H3.
Subgoal 2.1:
Variables: V M N M'1
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H4 : {nstep' N (snd' M'1) V}*
H5 : {step' M M'1}*
============================
exists K' V', s N = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' V1 M') (pair' V' V)}
nstep'_snd_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: V M M'1 K' V'
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H4 : {nstep' (s K') (snd' M'1) V}*
H5 : {step' M M'1}*
H6 : {val' V'}
H7 : {nstep' K' M'1 (pair' V' V)}
============================
exists K'1 V', s (s K') = s K'1 /\ {val' V'} /\ {nstep' K'1 M (pair' V' V)}
Subgoal 2.2 is:
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' V1 M') (pair' V' V)}
nstep'_snd_inv < search.
Subgoal 2.2:
Variables: V M' N V1
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H4 : {nstep' N M' V}*
H5 : {val' (pair' V1 M')}*
============================
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' V1 M') (pair' V' V)}
nstep'_snd_inv < case H5.
Subgoal 2.2:
Variables: V M' N V1
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H4 : {nstep' N M' V}*
H6 : {val' V1}*
H7 : {val' M'}*
============================
exists K' V', s N = s K' /\ {val' V'} /\
{nstep' K' (pair' V1 M') (pair' V' V)}
nstep'_snd_inv < apply nstep'_val'_inv to H7 H4.
Subgoal 2.2:
Variables: V V1
IH : forall V K M, {val' V} -> {nstep' K (snd' M) V}* ->
(exists K' V', K = s K' /\ {val' V'} /\ {nstep' K' M (pair' V' V)})
H1 : {val' V}
H4 : {nstep' z V V}*
H6 : {val' V1}*
H7 : {val' V}*
============================
exists K' V', s z = s K' /\ {val' V'} /\
{nstep' K' (pair' V1 V) (pair' V' V)}
nstep'_snd_inv < search.
Proof completed.
Abella < Theorem eval'_snd_inv :
forall M V, {eval' (snd' M) V} -> (exists V', {eval' M (pair' V' V)}).
============================
forall M V, {eval' (snd' M) V} -> (exists V', {eval' M (pair' V' V)})
eval'_snd_inv < intros.
Variables: M V
H1 : {eval' (snd' M) V}
============================
exists V', {eval' M (pair' V' V)}
eval'_snd_inv < case H1.
Variables: M V N
H2 : {nstep' N (snd' M) V}
H3 : {val' V}
============================
exists V', {eval' M (pair' V' V)}
eval'_snd_inv < apply nstep'_snd_inv to H3 H2.
Variables: M V K' V'
H2 : {nstep' (s K') (snd' M) V}
H3 : {val' V}
H4 : {val' V'}
H5 : {nstep' K' M (pair' V' V)}
============================
exists V', {eval' M (pair' V' V)}
eval'_snd_inv < search.
Proof completed.
Abella < Theorem nstep'_snd_fwd :
forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)} ->
{nstep' (s K) (snd' M) V2}.
============================
forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)} ->
{nstep' (s K) (snd' M) V2}
nstep'_snd_fwd < induction on 2.
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (snd' M) V2}
============================
forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}@ ->
{nstep' (s K) (snd' M) V2}
nstep'_snd_fwd < intros.
Variables: K V1 V2 M
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
H2 : {nstep' K M (pair' V1 V2)}@
============================
{nstep' (s K) (snd' M) V2}
nstep'_snd_fwd < case H2.
Subgoal 1:
Variables: V1 V2
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
============================
{nstep' (s z) (snd' (pair' V1 V2)) V2}
Subgoal 2 is:
{nstep' (s (s N)) (snd' M) V2}
nstep'_snd_fwd < search.
Subgoal 2:
Variables: V1 V2 M M' N
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N M' (pair' V1 V2)}*
============================
{nstep' (s (s N)) (snd' M) V2}
nstep'_snd_fwd < apply IH to H1 H4.
Subgoal 2:
Variables: V1 V2 M M' N
IH : forall K V1 V2 M, {val' (pair' V1 V2)} -> {nstep' K M (pair' V1 V2)}* ->
{nstep' (s K) (snd' M) V2}
H1 : {val' (pair' V1 V2)}
H3 : {step' M M'}*
H4 : {nstep' N M' (pair' V1 V2)}*
H5 : {nstep' (s N) (snd' M') V2}
============================
{nstep' (s (s N)) (snd' M) V2}
nstep'_snd_fwd < search.
Proof completed.
Abella < Theorem eval'_snd_fwd :
forall M V V', {eval' M (pair' V V')} -> {eval' (snd' M) V'}.
============================
forall M V V', {eval' M (pair' V V')} -> {eval' (snd' M) V'}
eval'_snd_fwd < intros.
Variables: M V V'
H1 : {eval' M (pair' V V')}
============================
{eval' (snd' M) V'}
eval'_snd_fwd < case H1.
Variables: M V V' N
H2 : {nstep' N M (pair' V V')}
H3 : {val' (pair' V V')}
============================
{eval' (snd' M) V'}
eval'_snd_fwd < apply nstep'_snd_fwd to H3 H2.
Variables: M V V' N
H2 : {nstep' N M (pair' V V')}
H3 : {val' (pair' V V')}
H4 : {nstep' (s N) (snd' M) V'}
============================
{eval' (snd' M) V'}
eval'_snd_fwd < case H3.
Variables: M V V' N
H2 : {nstep' N M (pair' V V')}
H4 : {nstep' (s N) (snd' M) V'}
H5 : {val' V}
H6 : {val' V'}
============================
{eval' (snd' M) V'}
eval'_snd_fwd < search.
Proof completed.
Abella < Theorem eval''_snd_fwd :
forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'} -> {eval'' (htm FE M') V2}.
============================
forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'} -> {eval'' (htm FE M') V2}
eval''_snd_fwd < induction on 2.
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
============================
forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}@ -> {eval'' (htm FE M') V2}
eval''_snd_fwd < intros.
Variables: FE M M' V1 V2
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H1 : {eval'' (htm FE M) (pair' V1 V2)}
H2 : {hconstr M (x\snd' x) M'}@
============================
{eval'' (htm FE M') V2}
eval''_snd_fwd < case H2.
Subgoal 1:
Variables: FE V1 V2 M1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H1 : {eval'' (htm FE (hbase M1)) (pair' V1 V2)}
============================
{eval'' (htm FE (hbase (snd' M1))) V2}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V2}
eval''_snd_fwd < case H1.
Subgoal 1:
Variables: V1 V2 M1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H3 : {eval' M1 (pair' V1 V2)}
============================
{eval'' (htm cnil (hbase (snd' M1))) V2}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V2}
eval''_snd_fwd < apply eval'_snd_fwd to H3.
Subgoal 1:
Variables: V1 V2 M1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H3 : {eval' M1 (pair' V1 V2)}
H4 : {eval' (snd' M1) V2}
============================
{eval'' (htm cnil (hbase (snd' M1))) V2}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V2}
eval''_snd_fwd < search.
Subgoal 2:
Variables: FE V1 V2 R' R
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H1 : {eval'' (htm FE (habs R)) (pair' V1 V2)}
H3 : {hconstr (R n1) (x\snd' x) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V2}
eval''_snd_fwd < case H1.
Subgoal 2:
Variables: V1 V2 R' R F FE1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H3 : {hconstr (R n1) (x\snd' x) (R' n1)}*
H4 : {eval'' (htm FE1 (R F)) (pair' V1 V2)}
============================
{eval'' (htm (ccons F FE1) (habs R')) V2}
eval''_snd_fwd < inst H3 with n1 = F.
Subgoal 2:
Variables: V1 V2 R' R F FE1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H3 : {hconstr (R n1) (x\snd' x) (R' n1)}*
H4 : {eval'' (htm FE1 (R F)) (pair' V1 V2)}
H5 : {hconstr (R F) (x\snd' x) (R' F)}*
============================
{eval'' (htm (ccons F FE1) (habs R')) V2}
eval''_snd_fwd < apply IH to H4 H5.
Subgoal 2:
Variables: V1 V2 R' R F FE1
IH : forall FE M M' V1 V2, {eval'' (htm FE M) (pair' V1 V2)} ->
{hconstr M (x\snd' x) M'}* -> {eval'' (htm FE M') V2}
H3 : {hconstr (R n1) (x\snd' x) (R' n1)}*
H4 : {eval'' (htm FE1 (R F)) (pair' V1 V2)}
H5 : {hconstr (R F) (x\snd' x) (R' F)}*
H6 : {eval'' (htm FE1 (R' F)) V2}
============================
{eval'' (htm (ccons F FE1) (habs R')) V2}
eval''_snd_fwd < search.
Proof completed.
Abella < Theorem nstep_app_inv :
forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V} ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}).
============================
forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V} ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
nstep_app_inv < induction on 2.
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
============================
forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}@ ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
nstep_app_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H2 : {nstep K (app M1 M2) V}@
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
nstep_app_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val (app M1 M2)}
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\ z =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) (app M1 M2)}
Subgoal 2 is:
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
nstep_app_inv < case H1.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H3 : {step (app M1 M2) M'}*
H4 : {nstep N M' V}*
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
nstep_app_inv < case H3.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H4 : {nstep N (app M1' M2) V}*
H5 : {step M1 M1'}*
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.2 is:
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep J1 (fix R) (fix R1)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R1 (fix R1) V2) V}
nstep_app_inv < apply IH to H1 H4.
Subgoal 2.1:
Variables: V M1 M2 M1' J1 J2 J3 J23 J123 V2 R
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H4 : {nstep (s J123) (app M1' M2) V}*
H5 : {step M1 M1'}*
H6 : {add J2 J3 J23}
H7 : {add J1 J23 J123}
H8 : {nstep J1 M1' (fix R)}
H9 : {nstep J2 M2 V2}
H10 : {val V2}
H11 : {nstep J3 (R (fix R) V2) V}
============================
exists J1 J2 J3 J23 J4 V2 R, {add J2 J3 J23} /\ {add J1 J23 J4} /\
s (s J123) =
s J4 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.2 is:
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep J1 (fix R) (fix R1)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R1 (fix R1) V2) V}
nstep_app_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H4 : {nstep N (app M1 M2') V}*
H5 : {val M1}*
H6 : {step M2 M2'}*
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep J1 (fix R) (fix R1)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R1 (fix R1) V2) V}
nstep_app_inv < apply IH to H1 H4.
Subgoal 2.2:
Variables: V M1 M2 M2' J1 J2 J3 J23 J123 V2 R
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H4 : {nstep (s J123) (app M1 M2') V}*
H5 : {val M1}*
H6 : {step M2 M2'}*
H7 : {add J2 J3 J23}
H8 : {add J1 J23 J123}
H9 : {nstep J1 M1 (fix R)}
H10 : {nstep J2 M2' V2}
H11 : {val V2}
H12 : {nstep J3 (R (fix R) V2) V}
============================
exists J1 J2 J3 J23 J4 V2 R, {add J2 J3 J23} /\ {add J1 J23 J4} /\
s (s J123) =
s J4 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep J1 (fix R) (fix R1)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R1 (fix R1) V2) V}
nstep_app_inv < apply add_s to H8.
Subgoal 2.2:
Variables: V M1 M2 M2' J1 J2 J3 J23 J123 V2 R
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H4 : {nstep (s J123) (app M1 M2') V}*
H5 : {val M1}*
H6 : {step M2 M2'}*
H7 : {add J2 J3 J23}
H8 : {add J1 J23 J123}
H9 : {nstep J1 M1 (fix R)}
H10 : {nstep J2 M2' V2}
H11 : {val V2}
H12 : {nstep J3 (R (fix R) V2) V}
H13 : {add J1 (s J23) (s J123)}
============================
exists J1 J2 J3 J23 J4 V2 R, {add J2 J3 J23} /\ {add J1 J23 J4} /\
s (s J123) =
s J4 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep J1 (fix R) (fix R1)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R1 (fix R1) V2) V}
nstep_app_inv < search.
Subgoal 2.3:
Variables: V M2 N R
IH : forall V K M1 M2, {val V} -> {nstep K (app M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep J1 M1 (fix R)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R (fix R) V2) V})
H1 : {val V}
H4 : {nstep N (R (fix R) M2) V}*
H5 : {val M2}*
============================
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep J1 (fix R) (fix R1)} /\ {nstep J2 M2 V2} /\ {val V2} /\
{nstep J3 (R1 (fix R1) V2) V}
nstep_app_inv < search.
Proof completed.
Abella < Theorem nstep'_app_fwd1 :
forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V} -> {nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'}).
============================
forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V} ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
nstep'_app_fwd1 < induction on 2.
IH : forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
============================
forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V}@ ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
nstep'_app_fwd1 < intros.
Variables: N1 N2 M R V V'
IH : forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
H1 : {val' V}
H2 : {nstep' N1 M V}@
H3 : {nstep' N2 (R V) V'}
============================
exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'}
nstep'_app_fwd1 < case H2.
Subgoal 1:
Variables: N2 R V V'
IH : forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
H1 : {val' V}
H3 : {nstep' N2 (R V) V'}
============================
exists N3, {add z N2 N3} /\ {nstep' (s N3) (app' (abs' R) V) V'}
Subgoal 2 is:
exists N3, {add (s N) N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'}
nstep'_app_fwd1 < search.
Subgoal 2:
Variables: N2 M R V V' M' N
IH : forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
H1 : {val' V}
H3 : {nstep' N2 (R V) V'}
H4 : {step' M M'}*
H5 : {nstep' N M' V}*
============================
exists N3, {add (s N) N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'}
nstep'_app_fwd1 < apply IH to _ H5 H3 with R = R.
Subgoal 2:
Variables: N2 M R V V' M' N N3
IH : forall N1 N2 M R V V', {val' V} -> {nstep' N1 M V}* ->
{nstep' N2 (R V) V'} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'})
H1 : {val' V}
H3 : {nstep' N2 (R V) V'}
H4 : {step' M M'}*
H5 : {nstep' N M' V}*
H6 : {add N N2 N3}
H7 : {nstep' (s N3) (app' (abs' R) M') V'}
============================
exists N3, {add (s N) N2 N3} /\ {nstep' (s N3) (app' (abs' R) M) V'}
nstep'_app_fwd1 < search.
Proof completed.
Abella < Theorem nstep'_app_fwd2 :
forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)} ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V}).
============================
forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)} ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
nstep'_app_fwd2 < induction on 1.
IH : forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)}* ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
============================
forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)}@ ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
nstep'_app_fwd2 < intros.
Variables: N1 N2 M1 M2 R V
IH : forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)}* ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
H1 : {nstep' N1 M1 (abs' R)}@
H2 : {nstep' N2 (app' (abs' R) M2) V}
============================
exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V}
nstep'_app_fwd2 < case H1.
Subgoal 1:
Variables: N2 M2 R V
IH : forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)}* ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
H2 : {nstep' N2 (app' (abs' R) M2) V}
============================
exists N3, {add z N2 N3} /\ {nstep' N3 (app' (abs' R) M2) V}
Subgoal 2 is:
exists N3, {add (s N) N2 N3} /\ {nstep' N3 (app' M1 M2) V}
nstep'_app_fwd2 < search.
Subgoal 2:
Variables: N2 M1 M2 R V M' N
IH : forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)}* ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
H2 : {nstep' N2 (app' (abs' R) M2) V}
H3 : {step' M1 M'}*
H4 : {nstep' N M' (abs' R)}*
============================
exists N3, {add (s N) N2 N3} /\ {nstep' N3 (app' M1 M2) V}
nstep'_app_fwd2 < apply IH to H4 H2.
Subgoal 2:
Variables: N2 M1 M2 R V M' N N3
IH : forall N1 N2 M1 M2 R V, {nstep' N1 M1 (abs' R)}* ->
{nstep' N2 (app' (abs' R) M2) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' N3 (app' M1 M2) V})
H2 : {nstep' N2 (app' (abs' R) M2) V}
H3 : {step' M1 M'}*
H4 : {nstep' N M' (abs' R)}*
H5 : {add N N2 N3}
H6 : {nstep' N3 (app' M' M2) V}
============================
exists N3, {add (s N) N2 N3} /\ {nstep' N3 (app' M1 M2) V}
nstep'_app_fwd2 < search.
Proof completed.
Abella < Theorem nstep'_app_inv :
forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V} ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}).
============================
forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V} ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V})
nstep'_app_inv < induction on 2.
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
============================
forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}@ ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V})
nstep'_app_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H2 : {nstep' K (app' M1 M2) V}@
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
nstep'_app_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' (app' M1 M2)}
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\ z =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) (app' M1 M2)}
Subgoal 2 is:
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
nstep'_app_inv < case H1.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H3 : {step' (app' M1 M2) M'}*
H4 : {nstep' N M' V}*
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
nstep'_app_inv < case H3.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H4 : {nstep' N (app' M1' M2) V}*
H5 : {step' M1 M1'}*
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.2 is:
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep' J1 (abs' R) (abs' R1)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R1 V2) V}
nstep'_app_inv < apply IH to H1 H4.
Subgoal 2.1:
Variables: V M1 M2 M1' J1 J2 J3 J23 J123 V2 R
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H4 : {nstep' (s J123) (app' M1' M2) V}*
H5 : {step' M1 M1'}*
H6 : {add J2 J3 J23}
H7 : {add J1 J23 J123}
H8 : {nstep' J1 M1' (abs' R)}
H9 : {nstep' J2 M2 V2}
H10 : {val' V2}
H11 : {nstep' J3 (R V2) V}
============================
exists J1 J2 J3 J23 J4 V2 R, {add J2 J3 J23} /\ {add J1 J23 J4} /\
s (s J123) =
s J4 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.2 is:
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep' J1 (abs' R) (abs' R1)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R1 V2) V}
nstep'_app_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H4 : {nstep' N (app' M1 M2') V}*
H5 : {val' M1}*
H6 : {step' M2 M2'}*
============================
exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N = s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep' J1 (abs' R) (abs' R1)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R1 V2) V}
nstep'_app_inv < apply IH to H1 H4.
Subgoal 2.2:
Variables: V M1 M2 M2' J1 J2 J3 J23 J123 V2 R
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H4 : {nstep' (s J123) (app' M1 M2') V}*
H5 : {val' M1}*
H6 : {step' M2 M2'}*
H7 : {add J2 J3 J23}
H8 : {add J1 J23 J123}
H9 : {nstep' J1 M1 (abs' R)}
H10 : {nstep' J2 M2' V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
============================
exists J1 J2 J3 J23 J4 V2 R, {add J2 J3 J23} /\ {add J1 J23 J4} /\
s (s J123) =
s J4 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep' J1 (abs' R) (abs' R1)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R1 V2) V}
nstep'_app_inv < apply add_s to H8.
Subgoal 2.2:
Variables: V M1 M2 M2' J1 J2 J3 J23 J123 V2 R
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H4 : {nstep' (s J123) (app' M1 M2') V}*
H5 : {val' M1}*
H6 : {step' M2 M2'}*
H7 : {add J2 J3 J23}
H8 : {add J1 J23 J123}
H9 : {nstep' J1 M1 (abs' R)}
H10 : {nstep' J2 M2' V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {add J1 (s J23) (s J123)}
============================
exists J1 J2 J3 J23 J4 V2 R, {add J2 J3 J23} /\ {add J1 J23 J4} /\
s (s J123) =
s J4 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\ {val' V2} /\
{nstep' J3 (R V2) V}
Subgoal 2.3 is:
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep' J1 (abs' R) (abs' R1)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R1 V2) V}
nstep'_app_inv < search.
Subgoal 2.3:
Variables: V M2 N R
IH : forall V K M1 M2, {val' V} -> {nstep' K (app' M1 M2) V}* ->
(exists J1 J2 J3 J23 J123 V2 R, {add J2 J3 J23} /\
{add J1 J23 J123} /\ K =
s J123 /\ {nstep' J1 M1 (abs' R)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R V2) V})
H1 : {val' V}
H4 : {nstep' N (R M2) V}*
H5 : {val' M2}*
============================
exists J1 J2 J3 J23 J123 V2 R1, {add J2 J3 J23} /\ {add J1 J23 J123} /\
s N =
s J123 /\ {nstep' J1 (abs' R) (abs' R1)} /\ {nstep' J2 M2 V2} /\
{val' V2} /\ {nstep' J3 (R1 V2) V}
nstep'_app_inv < search.
Proof completed.
Abella < Theorem eval'_app_fwd :
forall M1 M2 R V1 V, {eval' M1 (abs' R)} -> {eval' M2 V1} ->
{eval' (R V1) V} -> {eval' (app' M1 M2) V}.
============================
forall M1 M2 R V1 V, {eval' M1 (abs' R)} -> {eval' M2 V1} ->
{eval' (R V1) V} -> {eval' (app' M1 M2) V}
eval'_app_fwd < intros.
Variables: M1 M2 R V1 V
H1 : {eval' M1 (abs' R)}
H2 : {eval' M2 V1}
H3 : {eval' (R V1) V}
============================
{eval' (app' M1 M2) V}
eval'_app_fwd < case H1.
Variables: M1 M2 R V1 V N
H2 : {eval' M2 V1}
H3 : {eval' (R V1) V}
H4 : {nstep' N M1 (abs' R)}
H5 : {val' (abs' R)}
============================
{eval' (app' M1 M2) V}
eval'_app_fwd < case H2.
Variables: M1 M2 R V1 V N N1
H3 : {eval' (R V1) V}
H4 : {nstep' N M1 (abs' R)}
H5 : {val' (abs' R)}
H6 : {nstep' N1 M2 V1}
H7 : {val' V1}
============================
{eval' (app' M1 M2) V}
eval'_app_fwd < case H3.
Variables: M1 M2 R V1 V N N1 N2
H4 : {nstep' N M1 (abs' R)}
H5 : {val' (abs' R)}
H6 : {nstep' N1 M2 V1}
H7 : {val' V1}
H8 : {nstep' N2 (R V1) V}
H9 : {val' V}
============================
{eval' (app' M1 M2) V}
eval'_app_fwd < apply nstep'_app_fwd1 to _ H6 H8 with R = R.
Variables: M1 M2 R V1 V N N1 N2 N3
H4 : {nstep' N M1 (abs' R)}
H5 : {val' (abs' R)}
H6 : {nstep' N1 M2 V1}
H7 : {val' V1}
H8 : {nstep' N2 (R V1) V}
H9 : {val' V}
H10 : {add N1 N2 N3}
H11 : {nstep' (s N3) (app' (abs' R) M2) V}
============================
{eval' (app' M1 M2) V}
eval'_app_fwd < apply nstep'_app_fwd2 to H4 H11.
Variables: M1 M2 R V1 V N N1 N2 N3 N4
H4 : {nstep' N M1 (abs' R)}
H5 : {val' (abs' R)}
H6 : {nstep' N1 M2 V1}
H7 : {val' V1}
H8 : {nstep' N2 (R V1) V}
H9 : {val' V}
H10 : {add N1 N2 N3}
H11 : {nstep' (s N3) (app' (abs' R) M2) V}
H12 : {add N (s N3) N4}
H13 : {nstep' N4 (app' M1 M2) V}
============================
{eval' (app' M1 M2) V}
eval'_app_fwd < search.
Proof completed.
Abella < Theorem eval''_app_fwd :
forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P} -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}.
============================
forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P} -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
eval''_app_fwd < induction on 4.
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
============================
forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}@ -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
eval''_app_fwd < intros.
Variables: FE1 FE2 FE M1 M2 R V1 V P
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 M1) (abs' R)}
H2 : {eval'' (htm FE2 M2) V1}
H3 : {eval' (R V1) V}
H4 : {hcombine M1 M2 (x\y\app' x y) P}@
H5 : {cappend FE1 FE2 FE}
============================
{eval'' (htm FE P) V}
eval''_app_fwd < case H4.
Subgoal 1:
Variables: FE1 FE2 FE R V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (hbase M4)) (abs' R)}
H2 : {eval'' (htm FE2 (hbase M3)) V1}
H3 : {eval' (R V1) V}
H5 : {cappend FE1 FE2 FE}
============================
{eval'' (htm FE (hbase (app' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H1.
Subgoal 1:
Variables: FE2 FE R V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (hbase M3)) V1}
H3 : {eval' (R V1) V}
H5 : {cappend cnil FE2 FE}
H6 : {eval' M4 (abs' R)}
============================
{eval'' (htm FE (hbase (app' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H2.
Subgoal 1:
Variables: FE R V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H3 : {eval' (R V1) V}
H5 : {cappend cnil cnil FE}
H6 : {eval' M4 (abs' R)}
H7 : {eval' M3 V1}
============================
{eval'' (htm FE (hbase (app' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H5.
Subgoal 1:
Variables: R V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H3 : {eval' (R V1) V}
H6 : {eval' M4 (abs' R)}
H7 : {eval' M3 V1}
============================
{eval'' (htm cnil (hbase (app' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < apply eval'_app_fwd to H6 H7 H3.
Subgoal 1:
Variables: R V1 V M3 M4
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H3 : {eval' (R V1) V}
H6 : {eval' M4 (abs' R)}
H7 : {eval' M3 V1}
H8 : {eval' (app' M4 M3) V}
============================
{eval'' (htm cnil (hbase (app' M4 M3))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < search.
Subgoal 2:
Variables: FE1 FE2 FE M2 R V1 V R' R1
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (habs R1)) (abs' R)}
H2 : {eval'' (htm FE2 M2) V1}
H3 : {eval' (R V1) V}
H5 : {cappend FE1 FE2 FE}
H6 : {hcombine (R1 n1) M2 (x\y\app' x y) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H1.
Subgoal 2:
Variables: FE2 FE M2 R V1 V R' R1 F FE3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V1}
H3 : {eval' (R V1) V}
H5 : {cappend (ccons F FE3) FE2 FE}
H6 : {hcombine (R1 n1) M2 (x\y\app' x y) (R' n1)}*
H7 : {eval'' (htm FE3 (R1 F)) (abs' R)}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H5.
Subgoal 2:
Variables: FE2 M2 R V1 V R' R1 F FE3 L3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V1}
H3 : {eval' (R V1) V}
H6 : {hcombine (R1 n1) M2 (x\y\app' x y) (R' n1)}*
H7 : {eval'' (htm FE3 (R1 F)) (abs' R)}
H8 : {cappend FE3 FE2 L3}
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < inst H6 with n1 = F.
Subgoal 2:
Variables: FE2 M2 R V1 V R' R1 F FE3 L3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V1}
H3 : {eval' (R V1) V}
H6 : {hcombine (R1 n1) M2 (x\y\app' x y) (R' n1)}*
H7 : {eval'' (htm FE3 (R1 F)) (abs' R)}
H8 : {cappend FE3 FE2 L3}
H9 : {hcombine (R1 F) M2 (x\y\app' x y) (R' F)}*
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < apply IH to H7 H2 H3 H9 H8.
Subgoal 2:
Variables: FE2 M2 R V1 V R' R1 F FE3 L3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V1}
H3 : {eval' (R V1) V}
H6 : {hcombine (R1 n1) M2 (x\y\app' x y) (R' n1)}*
H7 : {eval'' (htm FE3 (R1 F)) (abs' R)}
H8 : {cappend FE3 FE2 L3}
H9 : {hcombine (R1 F) M2 (x\y\app' x y) (R' F)}*
H10 : {eval'' (htm L3 (R' F)) V}
============================
{eval'' (htm (ccons F L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < search.
Subgoal 3:
Variables: FE1 FE2 FE R V1 V R' R1 M
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (hbase M)) (abs' R)}
H2 : {eval'' (htm FE2 (habs R1)) V1}
H3 : {eval' (R V1) V}
H5 : {cappend FE1 FE2 FE}
H6 : {hcombine (hbase M) (R1 n1) (x\y\app' x y) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H1 (keep).
Subgoal 3:
Variables: FE2 FE R V1 V R' R1 M
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (abs' R)}
H2 : {eval'' (htm FE2 (habs R1)) V1}
H3 : {eval' (R V1) V}
H5 : {cappend cnil FE2 FE}
H6 : {hcombine (hbase M) (R1 n1) (x\y\app' x y) (R' n1)}*
H7 : {eval' M (abs' R)}
============================
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H2.
Subgoal 3:
Variables: FE R V1 V R' R1 M F FE3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (abs' R)}
H3 : {eval' (R V1) V}
H5 : {cappend cnil (ccons F FE3) FE}
H6 : {hcombine (hbase M) (R1 n1) (x\y\app' x y) (R' n1)}*
H7 : {eval' M (abs' R)}
H8 : {eval'' (htm FE3 (R1 F)) V1}
============================
{eval'' (htm FE (habs R')) V}
eval''_app_fwd < case H5.
Subgoal 3:
Variables: R V1 V R' R1 M F FE3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (abs' R)}
H3 : {eval' (R V1) V}
H6 : {hcombine (hbase M) (R1 n1) (x\y\app' x y) (R' n1)}*
H7 : {eval' M (abs' R)}
H8 : {eval'' (htm FE3 (R1 F)) V1}
============================
{eval'' (htm (ccons F FE3) (habs R')) V}
eval''_app_fwd < inst H6 with n1 = F.
Subgoal 3:
Variables: R V1 V R' R1 M F FE3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (abs' R)}
H3 : {eval' (R V1) V}
H6 : {hcombine (hbase M) (R1 n1) (x\y\app' x y) (R' n1)}*
H7 : {eval' M (abs' R)}
H8 : {eval'' (htm FE3 (R1 F)) V1}
H9 : {hcombine (hbase M) (R1 F) (x\y\app' x y) (R' F)}*
============================
{eval'' (htm (ccons F FE3) (habs R')) V}
eval''_app_fwd < apply IH to H1 H8 H3 H9 _.
Subgoal 3:
Variables: R V1 V R' R1 M F FE3
IH : forall FE1 FE2 FE M1 M2 R V1 V P, {eval'' (htm FE1 M1) (abs' R)} ->
{eval'' (htm FE2 M2) V1} -> {eval' (R V1) V} ->
{hcombine M1 M2 (x\y\app' x y) P}* -> {cappend FE1 FE2 FE} ->
{eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (abs' R)}
H3 : {eval' (R V1) V}
H6 : {hcombine (hbase M) (R1 n1) (x\y\app' x y) (R' n1)}*
H7 : {eval' M (abs' R)}
H8 : {eval'' (htm FE3 (R1 F)) V1}
H9 : {hcombine (hbase M) (R1 F) (x\y\app' x y) (R' F)}*
H10 : {eval'' (htm FE3 (R' F)) V}
============================
{eval'' (htm (ccons F FE3) (habs R')) V}
eval''_app_fwd < search.
Proof completed.
Abella < Theorem nstep'_clos_fwd1 :
forall M M' K V, {val' V} -> {nstep' K M M'} ->
{nstep' K (clos' V M) (clos' V M')}.
============================
forall M M' K V, {val' V} -> {nstep' K M M'} ->
{nstep' K (clos' V M) (clos' V M')}
nstep'_clos_fwd1 < induction on 2.
IH : forall M M' K V, {val' V} -> {nstep' K M M'}* ->
{nstep' K (clos' V M) (clos' V M')}
============================
forall M M' K V, {val' V} -> {nstep' K M M'}@ ->
{nstep' K (clos' V M) (clos' V M')}
nstep'_clos_fwd1 < intros.
Variables: M M' K V
IH : forall M M' K V, {val' V} -> {nstep' K M M'}* ->
{nstep' K (clos' V M) (clos' V M')}
H1 : {val' V}
H2 : {nstep' K M M'}@
============================
{nstep' K (clos' V M) (clos' V M')}
nstep'_clos_fwd1 < case H2.
Subgoal 1:
Variables: M' V
IH : forall M M' K V, {val' V} -> {nstep' K M M'}* ->
{nstep' K (clos' V M) (clos' V M')}
H1 : {val' V}
============================
{nstep' z (clos' V M') (clos' V M')}
Subgoal 2 is:
{nstep' (s N) (clos' V M) (clos' V M')}
nstep'_clos_fwd1 < search.
Subgoal 2:
Variables: M M' V M'1 N
IH : forall M M' K V, {val' V} -> {nstep' K M M'}* ->
{nstep' K (clos' V M) (clos' V M')}
H1 : {val' V}
H3 : {step' M M'1}*
H4 : {nstep' N M'1 M'}*
============================
{nstep' (s N) (clos' V M) (clos' V M')}
nstep'_clos_fwd1 < apply IH to _ H4 with V = V.
Subgoal 2:
Variables: M M' V M'1 N
IH : forall M M' K V, {val' V} -> {nstep' K M M'}* ->
{nstep' K (clos' V M) (clos' V M')}
H1 : {val' V}
H3 : {step' M M'1}*
H4 : {nstep' N M'1 M'}*
H5 : {nstep' N (clos' V M'1) (clos' V M')}
============================
{nstep' (s N) (clos' V M) (clos' V M')}
nstep'_clos_fwd1 < search.
Proof completed.
Abella < Theorem nstep'_clos_fwd :
forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1} ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')}).
============================
forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1} ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
nstep'_clos_fwd < induction on 2.
IH : forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
============================
forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}@ ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
nstep'_clos_fwd < intros.
Variables: I J V1 M1 M2 M2'
IH : forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
H1 : {val' V1}
H2 : {nstep' I M1 V1}@
H3 : {nstep' J M2 M2'}
============================
exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')}
nstep'_clos_fwd < case H2.
Subgoal 1:
Variables: J V1 M2 M2'
IH : forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
============================
exists K, {add z J K} /\ {nstep' K (clos' V1 M2) (clos' V1 M2')}
Subgoal 2 is:
exists K, {add (s N) J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')}
nstep'_clos_fwd < apply nstep'_clos_fwd1 to H1 H3.
Subgoal 1:
Variables: J V1 M2 M2'
IH : forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
H4 : {nstep' J (clos' V1 M2) (clos' V1 M2')}
============================
exists K, {add z J K} /\ {nstep' K (clos' V1 M2) (clos' V1 M2')}
Subgoal 2 is:
exists K, {add (s N) J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')}
nstep'_clos_fwd < search.
Subgoal 2:
Variables: J V1 M1 M2 M2' M' N
IH : forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
H4 : {step' M1 M'}*
H5 : {nstep' N M' V1}*
============================
exists K, {add (s N) J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')}
nstep'_clos_fwd < apply IH to _ H5 H3.
Subgoal 2:
Variables: J V1 M1 M2 M2' M' N K
IH : forall I J V1 M1 M2 M2', {val' V1} -> {nstep' I M1 V1}* ->
{nstep' J M2 M2'} ->
(exists K, {add I J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')})
H1 : {val' V1}
H3 : {nstep' J M2 M2'}
H4 : {step' M1 M'}*
H5 : {nstep' N M' V1}*
H6 : {add N J K}
H7 : {nstep' K (clos' M' M2) (clos' V1 M2')}
============================
exists K, {add (s N) J K} /\ {nstep' K (clos' M1 M2) (clos' V1 M2')}
nstep'_clos_fwd < search.
Proof completed.
Abella < Theorem eval'_clos_fwd :
forall M1 M2 V1 V2, {eval' M1 V1} -> {eval' M2 V2} ->
{eval' (clos' M1 M2) (clos' V1 V2)}.
============================
forall M1 M2 V1 V2, {eval' M1 V1} -> {eval' M2 V2} ->
{eval' (clos' M1 M2) (clos' V1 V2)}
eval'_clos_fwd < intros.
Variables: M1 M2 V1 V2
H1 : {eval' M1 V1}
H2 : {eval' M2 V2}
============================
{eval' (clos' M1 M2) (clos' V1 V2)}
eval'_clos_fwd < case H1.
Variables: M1 M2 V1 V2 N
H2 : {eval' M2 V2}
H3 : {nstep' N M1 V1}
H4 : {val' V1}
============================
{eval' (clos' M1 M2) (clos' V1 V2)}
eval'_clos_fwd < case H2.
Variables: M1 M2 V1 V2 N N1
H3 : {nstep' N M1 V1}
H4 : {val' V1}
H5 : {nstep' N1 M2 V2}
H6 : {val' V2}
============================
{eval' (clos' M1 M2) (clos' V1 V2)}
eval'_clos_fwd < apply nstep'_clos_fwd to _ H3 H5.
Variables: M1 M2 V1 V2 N N1 K
H3 : {nstep' N M1 V1}
H4 : {val' V1}
H5 : {nstep' N1 M2 V2}
H6 : {val' V2}
H7 : {add N N1 K}
H8 : {nstep' K (clos' M1 M2) (clos' V1 V2)}
============================
{eval' (clos' M1 M2) (clos' V1 V2)}
eval'_clos_fwd < search.
Proof completed.
Abella < Theorem step'_clos_inv :
forall M1 M2 M', {step' (clos' M1 M2) M'} ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'}).
============================
forall M1 M2 M', {step' (clos' M1 M2) M'} ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
step'_clos_inv < induction on 1.
IH : forall M1 M2 M', {step' (clos' M1 M2) M'}* ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
============================
forall M1 M2 M', {step' (clos' M1 M2) M'}@ ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
step'_clos_inv < intros.
Variables: M1 M2 M'
IH : forall M1 M2 M', {step' (clos' M1 M2) M'}* ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
H1 : {step' (clos' M1 M2) M'}@
============================
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
step'_clos_inv < case H1.
Subgoal 1:
Variables: M1 M2 F'
IH : forall M1 M2 M', {step' (clos' M1 M2) M'}* ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
H2 : {step' M1 F'}*
============================
(exists M1', clos' F' M2 = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ clos' F' M2 = clos' M1 M2' /\ {step' M2 M2'})
Subgoal 2 is:
(exists M1', clos' M1 E' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ clos' M1 E' = clos' M1 M2' /\ {step' M2 M2'})
step'_clos_inv < search.
Subgoal 2:
Variables: M1 M2 E'
IH : forall M1 M2 M', {step' (clos' M1 M2) M'}* ->
(exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
H2 : {val' M1}*
H3 : {step' M2 E'}*
============================
(exists M1', clos' M1 E' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ clos' M1 E' = clos' M1 M2' /\ {step' M2 M2'})
step'_clos_inv < search.
Proof completed.
Abella < Theorem nstep'_clos_inv :
forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V} ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}).
============================
forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V} ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
nstep'_clos_inv < induction on 2.
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
============================
forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}@ ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
nstep'_clos_inv < intros.
Variables: V K M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' V}
H2 : {nstep' K (clos' M1 M2) V}@
============================
exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\ {nstep' K1 M1 V1} /\
{nstep' K2 M2 V2}
nstep'_clos_inv < case H2.
Subgoal 1:
Variables: M1 M2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' M1 M2)}
============================
exists K1 K2 V1 V2, {add K1 K2 z} /\ clos' M1 M2 = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
Subgoal 2 is:
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
nstep'_clos_inv < search.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' V}
H3 : {step' (clos' M1 M2) M'}*
H4 : {nstep' N M' V}*
============================
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
nstep'_clos_inv < apply step'_clos_inv to H3.
Subgoal 2:
Variables: V M1 M2 M' N
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' V}
H3 : {step' (clos' M1 M2) M'}*
H4 : {nstep' N M' V}*
H5 : (exists M1', M' = clos' M1' M2 /\ {step' M1 M1'}) \/
(exists M2', {val' M1} /\ M' = clos' M1 M2' /\ {step' M2 M2'})
============================
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
nstep'_clos_inv < case H5.
Subgoal 2.1:
Variables: V M1 M2 N M1'
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' V}
H3 : {step' (clos' M1 M2) (clos' M1' M2)}*
H4 : {nstep' N (clos' M1' M2) V}*
H6 : {step' M1 M1'}
============================
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
Subgoal 2.2 is:
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
nstep'_clos_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 M2 N M1' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1' M2)}*
H4 : {nstep' N (clos' M1' M2) (clos' V1 V2)}*
H6 : {step' M1 M1'}
H7 : {add K1 K2 N}
H8 : {nstep' K1 M1' V1}
H9 : {nstep' K2 M2 V2}
============================
exists K1 K2 V3 V4, {add K1 K2 (s N)} /\ clos' V1 V2 = clos' V3 V4 /\
{nstep' K1 M1 V3} /\ {nstep' K2 M2 V4}
Subgoal 2.2 is:
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
nstep'_clos_inv < search.
Subgoal 2.2:
Variables: V M1 M2 N M2'
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' V}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') V}*
H6 : {val' M1}
H7 : {step' M2 M2'}
============================
exists K1 K2 V1 V2, {add K1 K2 (s N)} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2}
nstep'_clos_inv < apply IH to _ H4.
Subgoal 2.2:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
exists K1 K2 V3 V4, {add K1 K2 (s N)} /\ clos' V1 V2 = clos' V3 V4 /\
{nstep' K1 M1 V3} /\ {nstep' K2 M2 V4}
nstep'_clos_inv < exists K1.
Subgoal 2.2:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
exists K2 V3 V4, {add K1 K2 (s N)} /\ clos' V1 V2 = clos' V3 V4 /\
{nstep' K1 M1 V3} /\ {nstep' K2 M2 V4}
nstep'_clos_inv < exists s K2.
Subgoal 2.2:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
exists V3 V4, {add K1 (s K2) (s N)} /\ clos' V1 V2 = clos' V3 V4 /\
{nstep' K1 M1 V3} /\ {nstep' (s K2) M2 V4}
nstep'_clos_inv < exists V1.
Subgoal 2.2:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
exists V4, {add K1 (s K2) (s N)} /\ clos' V1 V2 = clos' V1 V4 /\
{nstep' K1 M1 V1} /\ {nstep' (s K2) M2 V4}
nstep'_clos_inv < exists V2.
Subgoal 2.2:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
{add K1 (s K2) (s N)} /\ clos' V1 V2 = clos' V1 V2 /\ {nstep' K1 M1 V1} /\
{nstep' (s K2) M2 V2}
nstep'_clos_inv < split.
Subgoal 2.2.1:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
{add K1 (s K2) (s N)}
Subgoal 2.2.2 is:
clos' V1 V2 = clos' V1 V2
Subgoal 2.2.3 is:
{nstep' K1 M1 V1}
Subgoal 2.2.4 is:
{nstep' (s K2) M2 V2}
nstep'_clos_inv < backchain add_s.
Subgoal 2.2.2:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
clos' V1 V2 = clos' V1 V2
Subgoal 2.2.3 is:
{nstep' K1 M1 V1}
Subgoal 2.2.4 is:
{nstep' (s K2) M2 V2}
nstep'_clos_inv < search.
Subgoal 2.2.3:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
{nstep' K1 M1 V1}
Subgoal 2.2.4 is:
{nstep' (s K2) M2 V2}
nstep'_clos_inv < search.
Subgoal 2.2.4:
Variables: M1 M2 N M2' K1 K2 V1 V2
IH : forall V K M1 M2, {val' V} -> {nstep' K (clos' M1 M2) V}* ->
(exists K1 K2 V1 V2, {add K1 K2 K} /\ V = clos' V1 V2 /\
{nstep' K1 M1 V1} /\ {nstep' K2 M2 V2})
H1 : {val' (clos' V1 V2)}
H3 : {step' (clos' M1 M2) (clos' M1 M2')}*
H4 : {nstep' N (clos' M1 M2') (clos' V1 V2)}*
H6 : {val' M1}
H7 : {step' M2 M2'}
H8 : {add K1 K2 N}
H9 : {nstep' K1 M1 V1}
H10 : {nstep' K2 M2' V2}
============================
{nstep' (s K2) M2 V2}
nstep'_clos_inv < search.
Proof completed.
Abella < Theorem eval''_clos_fwd_aux :
forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}.
============================
forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2} ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd_aux < induction on 2.
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
============================
forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}@ ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd_aux < intros.
Variables: M1 M2 FE V1 V2 P
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H2 : {eval'' (htm FE M2) V2}@
H3 : {hcombine (hbase M1) M2 (x\y\clos' x y) P}
============================
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd_aux < case H2.
Subgoal 1:
Variables: M1 V1 V2 P M
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H3 : {hcombine (hbase M1) (hbase M) (x\y\clos' x y) P}
H4 : {eval' M V2}*
============================
{eval'' (htm cnil P) (clos' V1 V2)}
Subgoal 2 is:
{eval'' (htm (ccons F FE1) P) (clos' V1 V2)}
eval''_clos_fwd_aux < case H3.
Subgoal 1:
Variables: M1 V1 V2 M
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval' M V2}*
============================
{eval'' (htm cnil (hbase (clos' M1 M))) (clos' V1 V2)}
Subgoal 2 is:
{eval'' (htm (ccons F FE1) P) (clos' V1 V2)}
eval''_clos_fwd_aux < apply eval'_clos_fwd to H1 H4.
Subgoal 1:
Variables: M1 V1 V2 M
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval' M V2}*
H5 : {eval' (clos' M1 M) (clos' V1 V2)}
============================
{eval'' (htm cnil (hbase (clos' M1 M))) (clos' V1 V2)}
Subgoal 2 is:
{eval'' (htm (ccons F FE1) P) (clos' V1 V2)}
eval''_clos_fwd_aux < search.
Subgoal 2:
Variables: M1 V1 V2 P F R FE1
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H3 : {hcombine (hbase M1) (habs R) (x\y\clos' x y) P}
H4 : {eval'' (htm FE1 (R F)) V2}*
============================
{eval'' (htm (ccons F FE1) P) (clos' V1 V2)}
eval''_clos_fwd_aux < case H3.
Subgoal 2:
Variables: M1 V1 V2 F R FE1 R'
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval'' (htm FE1 (R F)) V2}*
H5 : {hcombine (hbase M1) (R n1) (x\y\clos' x y) (R' n1)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (clos' V1 V2)}
eval''_clos_fwd_aux < inst H5 with n1 = F.
Subgoal 2:
Variables: M1 V1 V2 F R FE1 R'
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval'' (htm FE1 (R F)) V2}*
H5 : {hcombine (hbase M1) (R n1) (x\y\clos' x y) (R' n1)}
H6 : {hcombine (hbase M1) (R F) (x\y\clos' x y) (R' F)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (clos' V1 V2)}
eval''_clos_fwd_aux < apply IH to H1 H4 H6.
Subgoal 2:
Variables: M1 V1 V2 F R FE1 R'
IH : forall M1 M2 FE V1 V2 P, {eval' M1 V1} -> {eval'' (htm FE M2) V2}* ->
{hcombine (hbase M1) M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval' M1 V1}
H4 : {eval'' (htm FE1 (R F)) V2}*
H5 : {hcombine (hbase M1) (R n1) (x\y\clos' x y) (R' n1)}
H6 : {hcombine (hbase M1) (R F) (x\y\clos' x y) (R' F)}
H7 : {eval'' (htm FE1 (R' F)) (clos' V1 V2)}
============================
{eval'' (htm (ccons F FE1) (habs R')) (clos' V1 V2)}
eval''_clos_fwd_aux < search.
Proof completed.
Abella < Theorem eval''_clos_fwd :
forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} -> {eval'' (htm FE P) (clos' V1 V2)}.
============================
forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1} ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} -> {eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd < induction on 1.
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
============================
forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}@ ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} -> {eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd < intros.
Variables: FE1 FE2 FE M1 M2 V1 V2 P
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H1 : {eval'' (htm FE1 M1) V1}@
H2 : {eval'' (htm FE2 M2) V2}
H3 : {cappend FE1 FE2 FE}
H4 : {hcombine M1 M2 (x\y\clos' x y) P}
============================
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd < case H1.
Subgoal 1:
Variables: FE2 FE M2 V1 V2 P M
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {cappend cnil FE2 FE}
H4 : {hcombine (hbase M) M2 (x\y\clos' x y) P}
H5 : {eval' M V1}*
============================
{eval'' (htm FE P) (clos' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd < case H3.
Subgoal 1:
Variables: FE M2 V1 V2 P M
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE M2) V2}
H4 : {hcombine (hbase M) M2 (x\y\clos' x y) P}
H5 : {eval' M V1}*
============================
{eval'' (htm FE P) (clos' V1 V2)}
Subgoal 2 is:
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd < backchain eval''_clos_fwd_aux.
Subgoal 2:
Variables: FE2 FE M2 V1 V2 P F R FE3
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {cappend (ccons F FE3) FE2 FE}
H4 : {hcombine (habs R) M2 (x\y\clos' x y) P}
H5 : {eval'' (htm FE3 (R F)) V1}*
============================
{eval'' (htm FE P) (clos' V1 V2)}
eval''_clos_fwd < case H3.
Subgoal 2:
Variables: FE2 M2 V1 V2 P F R FE3 L3
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H4 : {hcombine (habs R) M2 (x\y\clos' x y) P}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
============================
{eval'' (htm (ccons F L3) P) (clos' V1 V2)}
eval''_clos_fwd < case H4.
Subgoal 2:
Variables: FE2 M2 V1 V2 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
H7 : {hcombine (R n1) M2 (x\y\clos' x y) (R' n1)}
============================
{eval'' (htm (ccons F L3) (habs R')) (clos' V1 V2)}
eval''_clos_fwd < inst H7 with n1 = F.
Subgoal 2:
Variables: FE2 M2 V1 V2 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
H7 : {hcombine (R n1) M2 (x\y\clos' x y) (R' n1)}
H8 : {hcombine (R F) M2 (x\y\clos' x y) (R' F)}
============================
{eval'' (htm (ccons F L3) (habs R')) (clos' V1 V2)}
eval''_clos_fwd < apply IH to H5 H2 H6 H8.
Subgoal 2:
Variables: FE2 M2 V1 V2 F R FE3 L3 R'
IH : forall FE1 FE2 FE M1 M2 V1 V2 P, {eval'' (htm FE1 M1) V1}* ->
{eval'' (htm FE2 M2) V2} -> {cappend FE1 FE2 FE} ->
{hcombine M1 M2 (x\y\clos' x y) P} ->
{eval'' (htm FE P) (clos' V1 V2)}
H2 : {eval'' (htm FE2 M2) V2}
H5 : {eval'' (htm FE3 (R F)) V1}*
H6 : {cappend FE3 FE2 L3}
H7 : {hcombine (R n1) M2 (x\y\clos' x y) (R' n1)}
H8 : {hcombine (R F) M2 (x\y\clos' x y) (R' F)}
H9 : {eval'' (htm L3 (R' F)) (clos' V1 V2)}
============================
{eval'' (htm (ccons F L3) (habs R')) (clos' V1 V2)}
eval''_clos_fwd < search.
Proof completed.
Abella < Theorem nstep'_open_fwd :
forall N1 N2 F E M R V, {val' (clos' F E)} -> {nstep' N1 M (clos' F E)} ->
{nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V}).
============================
forall N1 N2 F E M R V, {val' (clos' F E)} -> {nstep' N1 M (clos' F E)} ->
{nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
nstep'_open_fwd < induction on 2.
IH : forall N1 N2 F E M R V, {val' (clos' F E)} ->
{nstep' N1 M (clos' F E)}* -> {nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
============================
forall N1 N2 F E M R V, {val' (clos' F E)} -> {nstep' N1 M (clos' F E)}@ ->
{nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
nstep'_open_fwd < intros.
Variables: N1 N2 F E M R V
IH : forall N1 N2 F E M R V, {val' (clos' F E)} ->
{nstep' N1 M (clos' F E)}* -> {nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
H1 : {val' (clos' F E)}
H2 : {nstep' N1 M (clos' F E)}@
H3 : {nstep' N2 (R F E) V}
============================
exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V}
nstep'_open_fwd < case H2.
Subgoal 1:
Variables: N2 F E R V
IH : forall N1 N2 F E M R V, {val' (clos' F E)} ->
{nstep' N1 M (clos' F E)}* -> {nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
H1 : {val' (clos' F E)}
H3 : {nstep' N2 (R F E) V}
============================
exists N3, {add z N2 N3} /\ {nstep' (s N3) (open' (clos' F E) R) V}
Subgoal 2 is:
exists N3, {add (s N) N2 N3} /\ {nstep' (s N3) (open' M R) V}
nstep'_open_fwd < search.
Subgoal 2:
Variables: N2 F E M R V M' N
IH : forall N1 N2 F E M R V, {val' (clos' F E)} ->
{nstep' N1 M (clos' F E)}* -> {nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
H1 : {val' (clos' F E)}
H3 : {nstep' N2 (R F E) V}
H4 : {step' M M'}*
H5 : {nstep' N M' (clos' F E)}*
============================
exists N3, {add (s N) N2 N3} /\ {nstep' (s N3) (open' M R) V}
nstep'_open_fwd < apply IH to _ H5 H3 with R = R.
Subgoal 2:
Variables: N2 F E M R V M' N N3
IH : forall N1 N2 F E M R V, {val' (clos' F E)} ->
{nstep' N1 M (clos' F E)}* -> {nstep' N2 (R F E) V} ->
(exists N3, {add N1 N2 N3} /\ {nstep' (s N3) (open' M R) V})
H1 : {val' (clos' F E)}
H3 : {nstep' N2 (R F E) V}
H4 : {step' M M'}*
H5 : {nstep' N M' (clos' F E)}*
H6 : {add N N2 N3}
H7 : {nstep' (s N3) (open' M' R) V}
============================
exists N3, {add (s N) N2 N3} /\ {nstep' (s N3) (open' M R) V}
nstep'_open_fwd < search.
Proof completed.
Abella < Theorem eval'_open_fwd :
forall M1 M2 R VE V2 V, {eval' M1 (clos' (abs' R) VE)} -> {eval' M2 V2} ->
{eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V} ->
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}.
============================
forall M1 M2 R VE V2 V, {eval' M1 (clos' (abs' R) VE)} -> {eval' M2 V2} ->
{eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V} ->
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < intros.
Variables: M1 M2 R VE V2 V
H1 : {eval' M1 (clos' (abs' R) VE)}
H2 : {eval' M2 V2}
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < case H1.
Variables: M1 M2 R VE V2 V N
H2 : {eval' M2 V2}
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < case H2.
Variables: M1 M2 R VE V2 V N N1
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < case H5 (keep).
Variables: M1 M2 R VE V2 V N N1
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < assert exists N3, {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}.
Subgoal 1:
Variables: M1 M2 R VE V2 V N N1
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
============================
exists N3, {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
Subgoal is:
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < apply nstep'_pair_fwd to H7 H6 _ with M2 = VE, M2' = VE.
Subgoal 1:
Variables: M1 M2 R VE V2 V N N1 K
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H10 : {add N1 z K}
H11 : {nstep' K (pair' M2 VE) (pair' V2 VE)}
============================
exists N3, {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
Subgoal is:
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < apply nstep'_pair_fwd to H5 H4 H11.
Subgoal 1:
Variables: M1 M2 R VE V2 V N N1 K K1
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H10 : {add N1 z K}
H11 : {nstep' K (pair' M2 VE) (pair' V2 VE)}
H12 : {add N K K1}
H13 : {nstep' K1 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
============================
exists N3, {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
Subgoal is:
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < search.
Variables: M1 M2 R VE V2 V N N1
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H10 : exists N3, {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < case H10.
Variables: M1 M2 R VE V2 V N N1 N3
H3 : {eval' (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H11 : {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < case H3.
Variables: M1 M2 R VE V2 V N N1 N3 N2
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H11 : {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
H12 : {nstep' N2 (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H13 : {val' V}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < apply nstep'_app_fwd1 to _ H11 H12 with R = R.
Variables: M1 M2 R VE V2 V N N1 N3 N2 N4
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H11 : {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
H12 : {nstep' N2 (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H13 : {val' V}
H14 : {add N3 N2 N4}
H15 : {nstep' (s N4) (app' (abs' R) (pair' M1 (pair' M2 VE))) V}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < apply nstep'_open_fwd to _ H4 H15 with R = f\e\app' f (pair' M1 (pair' M2 e)).
Variables: M1 M2 R VE V2 V N N1 N3 N2 N4 N5
H4 : {nstep' N M1 (clos' (abs' R) VE)}
H5 : {val' (clos' (abs' R) VE)}
H6 : {nstep' N1 M2 V2}
H7 : {val' V2}
H8 : {val' (abs' R)}
H9 : {val' VE}
H11 : {nstep' N3 (pair' M1 (pair' M2 VE))
(pair' (clos' (abs' R) VE) (pair' V2 VE))}
H12 : {nstep' N2 (R (pair' (clos' (abs' R) VE) (pair' V2 VE))) V}
H13 : {val' V}
H14 : {add N3 N2 N4}
H15 : {nstep' (s N4) (app' (abs' R) (pair' M1 (pair' M2 VE))) V}
H16 : {add N (s N4) N5}
H17 : {nstep' (s N5) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
============================
{eval' (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
eval'_open_fwd < search.
Proof completed.
Abella < Theorem nstep'_open_inv :
forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V} ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V}).
============================
forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V} ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
nstep'_open_inv < induction on 2.
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
============================
forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}@ ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
nstep'_open_inv < intros.
Variables: K M1 R V
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
H1 : {val' V}
H2 : {nstep' K (open' M1 R) V}@
============================
exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\ {nstep' K2 (R F E) V}
nstep'_open_inv < case H2.
Subgoal 1:
Variables: M1 R
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
H1 : {val' (open' M1 R)}
============================
exists K1 K2 K3 F E, z = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) (open' M1 R)}
Subgoal 2 is:
exists K1 K2 K3 F E, s N = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\ {nstep' K2 (R F E) V}
nstep'_open_inv < case H1.
Subgoal 2:
Variables: M1 R V M' N
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
H1 : {val' V}
H3 : {step' (open' M1 R) M'}*
H4 : {nstep' N M' V}*
============================
exists K1 K2 K3 F E, s N = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\ {nstep' K2 (R F E) V}
nstep'_open_inv < case H3.
Subgoal 2.1:
Variables: M1 R V N M'1
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
H1 : {val' V}
H4 : {nstep' N (open' M'1 R) V}*
H5 : {step' M1 M'1}*
============================
exists K1 K2 K3 F E, s N = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\ {nstep' K2 (R F E) V}
Subgoal 2.2 is:
exists K1 K2 K3 F1 E1, s N = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 (clos' F E) (clos' F1 E1)} /\ {val' (clos' F1 E1)} /\
{nstep' K2 (R F1 E1) V}
nstep'_open_inv < apply IH to _ H4.
Subgoal 2.1:
Variables: M1 R V M'1 K1 K2 K3 F E
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
H1 : {val' V}
H4 : {nstep' (s K3) (open' M'1 R) V}*
H5 : {step' M1 M'1}*
H6 : {add K1 K2 K3}
H7 : {nstep' K1 M'1 (clos' F E)}
H8 : {val' (clos' F E)}
H9 : {nstep' K2 (R F E) V}
============================
exists K1 K2 K4 F E, s (s K3) = s K4 /\ {add K1 K2 K4} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\ {nstep' K2 (R F E) V}
Subgoal 2.2 is:
exists K1 K2 K3 F1 E1, s N = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 (clos' F E) (clos' F1 E1)} /\ {val' (clos' F1 E1)} /\
{nstep' K2 (R F1 E1) V}
nstep'_open_inv < search.
Subgoal 2.2:
Variables: R V N E F
IH : forall K M1 R V, {val' V} -> {nstep' K (open' M1 R) V}* ->
(exists K1 K2 K3 F E, K = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 M1 (clos' F E)} /\ {val' (clos' F E)} /\
{nstep' K2 (R F E) V})
H1 : {val' V}
H4 : {nstep' N (R F E) V}*
H5 : {val' (clos' F E)}*
============================
exists K1 K2 K3 F1 E1, s N = s K3 /\ {add K1 K2 K3} /\
{nstep' K1 (clos' F E) (clos' F1 E1)} /\ {val' (clos' F1 E1)} /\
{nstep' K2 (R F1 E1) V}
nstep'_open_inv < search.
Proof completed.
Abella < Theorem nstep'_open_inv_sp :
forall K V M1 M2, {val' V} ->
{nstep' K (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V} ->
(exists K1 K2 K3 K12 K123 K1231 F E V2, K = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K3 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\
{nstep' K3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}).
============================
forall K V M1 M2, {val' V} ->
{nstep' K (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V} ->
(exists K1 K2 K3 K12 K123 K1231 F E V2, K = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K3 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\
{nstep' K3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V})
nstep'_open_inv_sp < intros.
Variables: K V M1 M2
H1 : {val' V}
H2 : {nstep' K (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
============================
exists K1 K2 K3 K12 K123 K1231 F E V2, K = s (s K1231) /\ {add K1 K2 K12} /\
{add K12 K3 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_open_inv to H1 H2.
Variables: V M1 M2 K1 K2 K3 F E
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 K2 K3}
H4 : {nstep' K1 M1 (clos' F E)}
H5 : {val' (clos' F E)}
H6 : {nstep' K2 (app' F (pair' M1 (pair' M2 E))) V}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_app_inv to _ H6.
Variables: V M1 M2 K1 K3 F E J1 J2 J3 J23 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' F E)}
H5 : {val' (clos' F E)}
H6 : {nstep' (s J123) (app' F (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J23}
H8 : {add J1 J23 J123}
H9 : {nstep' J1 F (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H5.
Variables: V M1 M2 K1 K3 F E J1 J2 J3 J23 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' F E)}
H6 : {nstep' (s J123) (app' F (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J23}
H8 : {add J1 J23 J123}
H9 : {nstep' J1 F (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' F}
H14 : {val' E}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_val'_inv to H13 H9.
Variables: V M1 M2 K1 K3 E J2 J3 J23 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J23}
H8 : {add z J23 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' (abs' R)}
H14 : {val' E}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H8.
Variables: V M1 M2 K1 K3 E J2 J3 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' (abs' R)}
H14 : {val' E}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_is_nat to H2.
Variables: V M1 M2 K1 K3 E J2 J3 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H15 : {is_nat (s K3)}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H15.
Variables: V M1 M2 K1 K3 E J2 J3 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H16 : {is_nat K3}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply add_comm to _ H3.
Variables: V M1 M2 K1 K3 E J2 J3 J123 V2 R
H1 : {val' V}
H2 : {nstep' (s K3) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) K3}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H16 : {is_nat K3}
H17 : {add (s J123) K1 K3}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s K3 = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H17.
Variables: V M1 M2 K1 E J2 J3 J123 V2 R N3
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) (s N3)}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) V2}
H11 : {val' V2}
H12 : {nstep' J3 (R V2) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H16 : {is_nat (s N3)}
H18 : {add J123 K1 N3}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_pair_inv to _ H10.
Variables: V M1 M2 K1 E J2 J3 J123 R N3 I J V1 V3
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) (s N3)}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) (pair' V1 V3)}
H11 : {val' (pair' V1 V3)}
H12 : {nstep' J3 (R (pair' V1 V3)) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H16 : {is_nat (s N3)}
H18 : {add J123 K1 N3}
H19 : {add I J J2}
H20 : {nstep' I M1 V1}
H21 : {nstep' J (pair' M2 E) V3}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H11.
Variables: V M1 M2 K1 E J2 J3 J123 R N3 I J V1 V3
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) (s N3)}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) (pair' V1 V3)}
H12 : {nstep' J3 (R (pair' V1 V3)) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H16 : {is_nat (s N3)}
H18 : {add J123 K1 N3}
H19 : {add I J J2}
H20 : {nstep' I M1 V1}
H21 : {nstep' J (pair' M2 E) V3}
H22 : {val' V1}
H23 : {val' V3}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_pair_inv to _ H21.
Variables: V M1 M2 K1 E J2 J3 J123 R N3 I J V1 I1 J4 V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) (s N3)}
H4 : {nstep' K1 M1 (clos' (abs' R) E)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 E))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 E)) (pair' V1 (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' V1 (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' E}
H16 : {is_nat (s N3)}
H18 : {add J123 K1 N3}
H19 : {add I J J2}
H20 : {nstep' I M1 V1}
H21 : {nstep' J (pair' M2 E) (pair' V4 V5)}
H22 : {val' V1}
H23 : {val' (pair' V4 V5)}
H24 : {add I1 J4 J}
H25 : {nstep' I1 M2 V4}
H26 : {nstep' J4 E V5}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_val'_inv to _ H26.
Variables: V M1 M2 K1 J2 J3 J123 R N3 I J V1 I1 V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) (s N3)}
H4 : {nstep' K1 M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5)) (pair' V1 (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' V1 (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 K1 N3}
H19 : {add I J J2}
H20 : {nstep' I M1 V1}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' V1}
H23 : {val' (pair' V4 V5)}
H24 : {add I1 z J}
H25 : {nstep' I1 M2 V4}
H26 : {nstep' z V5 V5}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H23.
Variables: V M1 M2 K1 J2 J3 J123 R N3 I J V1 I1 V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add K1 (s J123) (s N3)}
H4 : {nstep' K1 M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5)) (pair' V1 (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' V1 (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 K1 N3}
H19 : {add I J J2}
H20 : {nstep' I M1 V1}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' V1}
H24 : {add I1 z J}
H25 : {nstep' I1 M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_val'_det to _ _ H4 H20.
Variables: V M1 M2 J2 J3 J123 R N3 I J I1 V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add I1 z J}
H25 : {nstep' I1 M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply nstep'_is_nat to H21.
Variables: V M1 M2 J2 J3 J123 R N3 I J I1 V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add I1 z J}
H25 : {nstep' I1 M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < apply add_comm to _ H24.
Variables: V M1 M2 J2 J3 J123 R N3 I J I1 V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add I1 z J}
H25 : {nstep' I1 M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
H30 : {add z I1 J}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < case H30.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K1 K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add K1 K2 K12} /\ {add K12 K4 K123} /\ {add K123 K1 K1231} /\
{nstep' K1 M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < exists I.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K2 K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\
{add I K2 K12} /\ {add K12 K4 K123} /\ {add K123 I K1231} /\
{nstep' I M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' K2 M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < exists J.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K4 K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\ {add I J K12} /\
{add K12 K4 K123} /\ {add K123 I K1231} /\
{nstep' I M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' J M2 V2} /\
{val' V2} /\ {nstep' K4 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < exists J3.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K12 K123 K1231 F E V2, s (s N3) = s (s K1231) /\ {add I J K12} /\
{add K12 J3 K123} /\ {add K123 I K1231} /\
{nstep' I M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' J M2 V2} /\
{val' V2} /\ {nstep' J3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < exists J2.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K123 K1231 F E V2, s (s N3) = s (s K1231) /\ {add I J J2} /\
{add J2 J3 K123} /\ {add K123 I K1231} /\
{nstep' I M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' J M2 V2} /\
{val' V2} /\ {nstep' J3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < exists J123.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists K1231 F E V2, s (s N3) = s (s K1231) /\ {add I J J2} /\
{add J2 J3 J123} /\ {add J123 I K1231} /\
{nstep' I M1 (clos' (abs' F) E)} /\ {val' E} /\ {nstep' J M2 V2} /\
{val' V2} /\ {nstep' J3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < exists N3.
Variables: V M1 M2 J2 J3 J123 R N3 I J V4 V5
H1 : {val' V}
H2 : {nstep' (s (s N3)) (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) V}
H3 : {add I (s J123) (s N3)}
H4 : {nstep' I M1 (clos' (abs' R) V5)}
H6 : {nstep' (s J123) (app' (abs' R) (pair' M1 (pair' M2 V5))) V}
H7 : {add J2 J3 J123}
H9 : {nstep' z (abs' R) (abs' R)}
H10 : {nstep' J2 (pair' M1 (pair' M2 V5))
(pair' (clos' (abs' R) V5) (pair' V4 V5))}
H12 : {nstep' J3 (R (pair' (clos' (abs' R) V5) (pair' V4 V5))) V}
H13 : {val' (abs' R)}
H14 : {val' V5}
H16 : {is_nat (s N3)}
H18 : {add J123 I N3}
H19 : {add I J J2}
H20 : {nstep' I M1 (clos' (abs' R) V5)}
H21 : {nstep' J (pair' M2 V5) (pair' V4 V5)}
H22 : {val' (clos' (abs' R) V5)}
H24 : {add J z J}
H25 : {nstep' J M2 V4}
H26 : {nstep' z V5 V5}
H27 : {val' V4}
H28 : {val' V5}
H29 : {is_nat J}
============================
exists F E V2, s (s N3) = s (s N3) /\ {add I J J2} /\ {add J2 J3 J123} /\
{add J123 I N3} /\ {nstep' I M1 (clos' (abs' F) E)} /\ {val' E} /\
{nstep' J M2 V2} /\ {val' V2} /\
{nstep' J3 (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
nstep'_open_inv_sp < search.
Proof completed.
Abella < Theorem eval''_open_fwd :
forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1) (clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P} ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}.
============================
forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1) (clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P} ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
eval''_open_fwd < induction on 4.
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
============================
forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1) (clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}@ ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
eval''_open_fwd < intros.
Variables: FE1 FE2 FE F E M1 M2 V2 V P
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 M1) (clos' (abs' F) E)}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H4 : {hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}@
H5 : {cappend FE1 FE2 FE}
============================
{eval'' (htm FE P) V}
eval''_open_fwd < case H4.
Subgoal 1:
Variables: FE1 FE2 FE F E V2 V M3 M4
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (hbase M4)) (clos' (abs' F) E)}
H2 : {eval'' (htm FE2 (hbase M3)) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend FE1 FE2 FE}
============================
{eval'' (htm FE (hbase (open' M4 (f\e\app' f (pair' M4 (pair' M3 e)))))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H1.
Subgoal 1:
Variables: FE2 FE F E V2 V M3 M4
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 (hbase M3)) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend cnil FE2 FE}
H6 : {eval' M4 (clos' (abs' F) E)}
============================
{eval'' (htm FE (hbase (open' M4 (f\e\app' f (pair' M4 (pair' M3 e)))))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H2.
Subgoal 1:
Variables: FE F E V2 V M3 M4
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend cnil cnil FE}
H6 : {eval' M4 (clos' (abs' F) E)}
H7 : {eval' M3 V2}
============================
{eval'' (htm FE (hbase (open' M4 (f\e\app' f (pair' M4 (pair' M3 e)))))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H5.
Subgoal 1:
Variables: F E V2 V M3 M4
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {eval' M4 (clos' (abs' F) E)}
H7 : {eval' M3 V2}
============================
{eval'' (htm cnil (hbase (open' M4 (f\e\app' f (pair' M4 (pair' M3 e)))))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < apply eval'_open_fwd to H6 H7 H3.
Subgoal 1:
Variables: F E V2 V M3 M4
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {eval' M4 (clos' (abs' F) E)}
H7 : {eval' M3 V2}
H8 : {eval' (open' M4 (f\e\app' f (pair' M4 (pair' M3 e)))) V}
============================
{eval'' (htm cnil (hbase (open' M4 (f\e\app' f (pair' M4 (pair' M3 e)))))) V}
Subgoal 2 is:
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < search.
Subgoal 2:
Variables: FE1 FE2 FE F E M2 V2 V R' R
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (habs R)) (clos' (abs' F) E)}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend FE1 FE2 FE}
H6 : {hcombine (R n1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H1.
Subgoal 2:
Variables: FE2 FE F E M2 V2 V R' R F1 FE3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend (ccons F1 FE3) FE2 FE}
H6 : {hcombine (R n1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' n1)}*
H7 : {eval'' (htm FE3 (R F1)) (clos' (abs' F) E)}
============================
{eval'' (htm FE (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H5.
Subgoal 2:
Variables: FE2 F E M2 V2 V R' R F1 FE3 L3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {hcombine (R n1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' n1)}*
H7 : {eval'' (htm FE3 (R F1)) (clos' (abs' F) E)}
H8 : {cappend FE3 FE2 L3}
============================
{eval'' (htm (ccons F1 L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < inst H6 with n1 = F1.
Subgoal 2:
Variables: FE2 F E M2 V2 V R' R F1 FE3 L3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {hcombine (R n1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' n1)}*
H7 : {eval'' (htm FE3 (R F1)) (clos' (abs' F) E)}
H8 : {cappend FE3 FE2 L3}
H9 : {hcombine (R F1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' F1)}*
============================
{eval'' (htm (ccons F1 L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < apply IH to H7 H2 H3 H9 H8.
Subgoal 2:
Variables: FE2 F E M2 V2 V R' R F1 FE3 L3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H2 : {eval'' (htm FE2 M2) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {hcombine (R n1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' n1)}*
H7 : {eval'' (htm FE3 (R F1)) (clos' (abs' F) E)}
H8 : {cappend FE3 FE2 L3}
H9 : {hcombine (R F1) M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e))))
(R' F1)}*
H10 : {eval'' (htm L3 (R' F1)) V}
============================
{eval'' (htm (ccons F1 L3) (habs R')) V}
Subgoal 3 is:
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < search.
Subgoal 3:
Variables: FE1 FE2 FE F E V2 V R' R M
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm FE1 (hbase M)) (clos' (abs' F) E)}
H2 : {eval'' (htm FE2 (habs R)) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend FE1 FE2 FE}
H6 : {hcombine (hbase M) (R n1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' n1)}*
============================
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H1 (keep).
Subgoal 3:
Variables: FE2 FE F E V2 V R' R M
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (clos' (abs' F) E)}
H2 : {eval'' (htm FE2 (habs R)) V2}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend cnil FE2 FE}
H6 : {hcombine (hbase M) (R n1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' n1)}*
H7 : {eval' M (clos' (abs' F) E)}
============================
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H2.
Subgoal 3:
Variables: FE F E V2 V R' R M F1 FE3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (clos' (abs' F) E)}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H5 : {cappend cnil (ccons F1 FE3) FE}
H6 : {hcombine (hbase M) (R n1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' n1)}*
H7 : {eval' M (clos' (abs' F) E)}
H8 : {eval'' (htm FE3 (R F1)) V2}
============================
{eval'' (htm FE (habs R')) V}
eval''_open_fwd < case H5.
Subgoal 3:
Variables: F E V2 V R' R M F1 FE3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (clos' (abs' F) E)}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {hcombine (hbase M) (R n1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' n1)}*
H7 : {eval' M (clos' (abs' F) E)}
H8 : {eval'' (htm FE3 (R F1)) V2}
============================
{eval'' (htm (ccons F1 FE3) (habs R')) V}
eval''_open_fwd < inst H6 with n1 = F1.
Subgoal 3:
Variables: F E V2 V R' R M F1 FE3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (clos' (abs' F) E)}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {hcombine (hbase M) (R n1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' n1)}*
H7 : {eval' M (clos' (abs' F) E)}
H8 : {eval'' (htm FE3 (R F1)) V2}
H9 : {hcombine (hbase M) (R F1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' F1)}*
============================
{eval'' (htm (ccons F1 FE3) (habs R')) V}
eval''_open_fwd < apply IH to H1 H8 H3 H9 _.
Subgoal 3:
Variables: F E V2 V R' R M F1 FE3
IH : forall FE1 FE2 FE F E M1 M2 V2 V P, {eval'' (htm FE1 M1)
(clos' (abs' F) E)} ->
{eval'' (htm FE2 M2) V2} ->
{eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V} ->
{hcombine M1 M2 (x\y\open' x (f\e\app' f (pair' x (pair' y e)))) P}* ->
{cappend FE1 FE2 FE} -> {eval'' (htm FE P) V}
H1 : {eval'' (htm cnil (hbase M)) (clos' (abs' F) E)}
H3 : {eval' (F (pair' (clos' (abs' F) E) (pair' V2 E))) V}
H6 : {hcombine (hbase M) (R n1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' n1)}*
H7 : {eval' M (clos' (abs' F) E)}
H8 : {eval'' (htm FE3 (R F1)) V2}
H9 : {hcombine (hbase M) (R F1)
(x\y\open' x (f\e\app' f (pair' x (pair' y e)))) (R' F1)}*
H10 : {eval'' (htm FE3 (R' F1)) V}
============================
{eval'' (htm (ccons F1 FE3) (habs R')) V}
eval''_open_fwd < search.
Proof completed.
Abella < Theorem eval''_det :
forall E V V', {eval'' E V} -> {eval'' E V'} -> V = V'.
============================
forall E V V', {eval'' E V} -> {eval'' E V'} -> V = V'
eval''_det < induction on 1.
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
============================
forall E V V', {eval'' E V}@ -> {eval'' E V'} -> V = V'
eval''_det < intros.
Variables: E V V'
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H1 : {eval'' E V}@
H2 : {eval'' E V'}
============================
V = V'
eval''_det < case H1.
Subgoal 1:
Variables: V V' M
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H2 : {eval'' (htm cnil (hbase M)) V'}
H3 : {eval' M V}*
============================
V = V'
Subgoal 2 is:
V = V'
eval''_det < case H2.
Subgoal 1:
Variables: V V' M
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H3 : {eval' M V}*
H4 : {eval' M V'}
============================
V = V'
Subgoal 2 is:
V = V'
eval''_det < apply eval'_det to H3 H4.
Subgoal 1:
Variables: V' M
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H3 : {eval' M V'}*
H4 : {eval' M V'}
============================
V' = V'
Subgoal 2 is:
V = V'
eval''_det < search.
Subgoal 2:
Variables: V V' F R FE
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H2 : {eval'' (htm (ccons F FE) (habs R)) V'}
H3 : {eval'' (htm FE (R F)) V}*
============================
V = V'
eval''_det < case H2.
Subgoal 2:
Variables: V V' F R FE
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H3 : {eval'' (htm FE (R F)) V}*
H4 : {eval'' (htm FE (R F)) V'}
============================
V = V'
eval''_det < apply IH to H3 H4.
Subgoal 2:
Variables: V' F R FE
IH : forall E V V', {eval'' E V}* -> {eval'' E V'} -> V = V'
H3 : {eval'' (htm FE (R F)) V'}*
H4 : {eval'' (htm FE (R F)) V'}
============================
V' = V'
eval''_det < search.
Proof completed.
Abella <