Welcome to Abella 2.0.4-dev
Abella < Specification "trans".
Reading specification "trans"
Abella < Import "typing".
Importing from typing
Abella < Define ssubst : smap_list -> prop by
ssubst smnil;
nabla x, ssubst (smcons (smap x V) ML) := ssubst ML /\ {val V} /\ {tm V}.
Abella < Define vars_of_ssubst : smap_list -> tm_list -> prop by
vars_of_ssubst smnil snil;
nabla x, vars_of_ssubst (smcons (smap x V) ML) (scons x L) := vars_of_ssubst ML L.
Abella < Define app_ssubst : smap_list -> tm -> tm -> prop by
app_ssubst smnil M M;
nabla x, app_ssubst (smcons (smap x V) ML) (R x) M := app_ssubst ML (R V) M.
Abella < Theorem app_ssubst_exists :
forall ML M, ssubst ML -> (exists M', app_ssubst ML M M').
============================
forall ML M, ssubst ML -> (exists M', app_ssubst ML M M')
app_ssubst_exists < induction on 1.
IH : forall ML M, ssubst ML * -> (exists M', app_ssubst ML M M')
============================
forall ML M, ssubst ML @ -> (exists M', app_ssubst ML M M')
app_ssubst_exists < intros.
Variables: ML M
IH : forall ML M, ssubst ML * -> (exists M', app_ssubst ML M M')
H1 : ssubst ML @
============================
exists M', app_ssubst ML M M'
app_ssubst_exists < case H1.
Subgoal 1:
Variables: M
IH : forall ML M, ssubst ML * -> (exists M', app_ssubst ML M M')
============================
exists M', app_ssubst smnil M M'
Subgoal 2 is:
exists M', app_ssubst (smcons (smap n1 V) ML1) (M n1) M'
app_ssubst_exists < search.
Subgoal 2:
Variables: M ML1 V
IH : forall ML M, ssubst ML * -> (exists M', app_ssubst ML M M')
H2 : ssubst ML1 *
H3 : {val V}
H4 : {tm V}
============================
exists M', app_ssubst (smcons (smap n1 V) ML1) (M n1) M'
app_ssubst_exists < apply IH to H2 with M = M V.
Subgoal 2:
Variables: M ML1 V M'
IH : forall ML M, ssubst ML * -> (exists M', app_ssubst ML M M')
H2 : ssubst ML1 *
H3 : {val V}
H4 : {tm V}
H5 : app_ssubst ML1 (M V) M'
============================
exists M', app_ssubst (smcons (smap n1 V) ML1) (M n1) M'
app_ssubst_exists < search.
Proof completed.
Abella < Theorem ssubst_det :
forall ML M M' M'', ssubst ML -> app_ssubst ML M M' -> app_ssubst ML M M'' ->
M' =
M''.
============================
forall ML M M' M'', ssubst ML -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
ssubst_det < induction on 1.
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
============================
forall ML M M' M'', ssubst ML @ -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
ssubst_det < intros.
Variables: ML M M' M''
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H1 : ssubst ML @
H2 : app_ssubst ML M M'
H3 : app_ssubst ML M M''
============================
M' = M''
ssubst_det < case H1.
Subgoal 1:
Variables: M M' M''
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H2 : app_ssubst smnil M M'
H3 : app_ssubst smnil M M''
============================
M' = M''
Subgoal 2 is:
M' n1 = M'' n1
ssubst_det < case H2.
Subgoal 1:
Variables: M' M''
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H3 : app_ssubst smnil M' M''
============================
M' = M''
Subgoal 2 is:
M' n1 = M'' n1
ssubst_det < case H3.
Subgoal 1:
Variables: M''
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
============================
M'' = M''
Subgoal 2 is:
M' n1 = M'' n1
ssubst_det < search.
Subgoal 2:
Variables: M M' M'' ML1 V
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H2 : app_ssubst (smcons (smap n1 V) ML1) (M n1) (M' n1)
H3 : app_ssubst (smcons (smap n1 V) ML1) (M n1) (M'' n1)
H4 : ssubst ML1 *
H5 : {val V}
H6 : {tm V}
============================
M' n1 = M'' n1
ssubst_det < case H2.
Subgoal 2:
Variables: M M'' ML1 V M1
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H3 : app_ssubst (smcons (smap n1 V) ML1) (M n1) (M'' n1)
H4 : ssubst ML1 *
H5 : {val V}
H6 : {tm V}
H7 : app_ssubst ML1 (M V) M1
============================
M1 = M'' n1
ssubst_det < case H3.
Subgoal 2:
Variables: M ML1 V M1 M2
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H4 : ssubst ML1 *
H5 : {val V}
H6 : {tm V}
H7 : app_ssubst ML1 (M V) M1
H8 : app_ssubst ML1 (M V) M2
============================
M1 = M2
ssubst_det < apply IH to H4 H7 H8.
Subgoal 2:
Variables: M ML1 V M2
IH : forall ML M M' M'', ssubst ML * -> app_ssubst ML M M' ->
app_ssubst ML M M'' -> M' =
M''
H4 : ssubst ML1 *
H5 : {val V}
H6 : {tm V}
H7 : app_ssubst ML1 (M V) M2
H8 : app_ssubst ML1 (M V) M2
============================
M2 = M2
ssubst_det < search.
Proof completed.
Abella < Theorem ssubst_closed_tm_eq :
forall M ML M', {tm M} -> app_ssubst ML M M' -> M = M'.
============================
forall M ML M', {tm M} -> app_ssubst ML M M' -> M = M'
ssubst_closed_tm_eq < induction on 2.
IH : forall M ML M', {tm M} -> app_ssubst ML M M' * -> M = M'
============================
forall M ML M', {tm M} -> app_ssubst ML M M' @ -> M = M'
ssubst_closed_tm_eq < intros.
Variables: M ML M'
IH : forall M ML M', {tm M} -> app_ssubst ML M M' * -> M = M'
H1 : {tm M}
H2 : app_ssubst ML M M' @
============================
M = M'
ssubst_closed_tm_eq < case H2.
Subgoal 1:
Variables: M'
IH : forall M ML M', {tm M} -> app_ssubst ML M M' * -> M = M'
H1 : {tm M'}
============================
M' = M'
Subgoal 2 is:
M n1 = M1
ssubst_closed_tm_eq < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall M ML M', {tm M} -> app_ssubst ML M M' * -> M = M'
H1 : {tm (M n1)}
H3 : app_ssubst ML1 (M V) M1 *
============================
M n1 = M1
ssubst_closed_tm_eq < apply sclosed_tm_prune to H1.
Subgoal 2:
Variables: M1 ML1 V M'1
IH : forall M ML M', {tm M} -> app_ssubst ML M M' * -> M = M'
H1 : {tm M'1}
H3 : app_ssubst ML1 M'1 M1 *
============================
M'1 = M1
ssubst_closed_tm_eq < apply IH to _ H3.
Subgoal 2:
Variables: M1 ML1 V
IH : forall M ML M', {tm M} -> app_ssubst ML M M' * -> M = M'
H1 : {tm M1}
H3 : app_ssubst ML1 M1 M1 *
============================
M1 = M1
ssubst_closed_tm_eq < search.
Proof completed.
Abella < Theorem ssubst_inst :
forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) ->
app_ssubst ML (M V) (M' V).
============================
forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) ->
app_ssubst ML (M V) (M' V)
ssubst_inst < induction on 2.
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
============================
forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) @ ->
app_ssubst ML (M V) (M' V)
ssubst_inst < intros.
Variables: ML M M' V
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm V}
H2 : app_ssubst ML (M n1) (M' n1) @
============================
app_ssubst ML (M V) (M' V)
ssubst_inst < case H2.
Subgoal 1:
Variables: M' V
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm V}
============================
app_ssubst smnil (M' V) (M' V)
Subgoal 2 is:
app_ssubst (smcons (smap n2 ML2) ML3) (M n2 (V n2)) (M2 (V n2))
ssubst_inst < search.
Subgoal 2:
Variables: M V M2 ML3 ML2
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm (V n2)}
H3 : app_ssubst ML3 (M ML2 n1) (M2 n1) *
============================
app_ssubst (smcons (smap n2 ML2) ML3) (M n2 (V n2)) (M2 (V n2))
ssubst_inst < apply sclosed_tm_prune to H1.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_ssubst ML3 (M ML2 n1) (M2 n1) *
============================
app_ssubst (smcons (smap n2 ML2) ML3) (M n2 M'1) (M2 M'1)
ssubst_inst < unfold.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_ssubst ML3 (M ML2 n1) (M2 n1) *
============================
app_ssubst ML3 (M ML2 M'1) (M2 M'1)
ssubst_inst < intros.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_ssubst ML3 (M ML2 n1) (M2 n1) *
============================
app_ssubst ML3 (M ML2 M'1) (M2 M'1)
ssubst_inst < apply IH to H1 H3.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_ssubst ML (M x) (M' x) * ->
app_ssubst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_ssubst ML3 (M ML2 n1) (M2 n1) *
H4 : app_ssubst ML3 (M ML2 M'1) (M2 M'1)
============================
app_ssubst ML3 (M ML2 M'1) (M2 M'1)
ssubst_inst < search.
Proof completed.
Abella < Theorem explct_meta_ssubst_comm :
forall ML M E V, nabla n, {tm V} -> app_ssubst ML (M n) (E n) ->
app_ssubst (smcons (smap n V) ML) (M n) (E V).
============================
forall ML M E V, nabla n, {tm V} -> app_ssubst ML (M n) (E n) ->
app_ssubst (smcons (smap n V) ML) (M n) (E V)
explct_meta_ssubst_comm < intros.
Variables: ML M E V
H1 : {tm V}
H2 : app_ssubst ML (M n1) (E n1)
============================
app_ssubst (smcons (smap n1 V) ML) (M n1) (E V)
explct_meta_ssubst_comm < unfold.
Variables: ML M E V
H1 : {tm V}
H2 : app_ssubst ML (M n1) (E n1)
============================
app_ssubst ML (M V) (E V)
explct_meta_ssubst_comm < intros.
Variables: ML M E V
H1 : {tm V}
H2 : app_ssubst ML (M n1) (E n1)
============================
app_ssubst ML (M V) (E V)
explct_meta_ssubst_comm < backchain ssubst_inst with M = M, M' = E, x = n1.
Proof completed.
Abella < Theorem ssubst_closed_tm :
forall M ML, {tm M} -> ssubst ML -> app_ssubst ML M M.
============================
forall M ML, {tm M} -> ssubst ML -> app_ssubst ML M M
ssubst_closed_tm < induction on 2.
IH : forall M ML, {tm M} -> ssubst ML * -> app_ssubst ML M M
============================
forall M ML, {tm M} -> ssubst ML @ -> app_ssubst ML M M
ssubst_closed_tm < intros.
Variables: M ML
IH : forall M ML, {tm M} -> ssubst ML * -> app_ssubst ML M M
H1 : {tm M}
H2 : ssubst ML @
============================
app_ssubst ML M M
ssubst_closed_tm < case H2.
Subgoal 1:
Variables: M
IH : forall M ML, {tm M} -> ssubst ML * -> app_ssubst ML M M
H1 : {tm M}
============================
app_ssubst smnil M M
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (M n1) (M n1)
ssubst_closed_tm < search.
Subgoal 2:
Variables: M ML1 V
IH : forall M ML, {tm M} -> ssubst ML * -> app_ssubst ML M M
H1 : {tm (M n1)}
H3 : ssubst ML1 *
H4 : {val V}
H5 : {tm V}
============================
app_ssubst (smcons (smap n1 V) ML1) (M n1) (M n1)
ssubst_closed_tm < apply sclosed_tm_prune to H1.
Subgoal 2:
Variables: ML1 V M'
IH : forall M ML, {tm M} -> ssubst ML * -> app_ssubst ML M M
H1 : {tm M'}
H3 : ssubst ML1 *
H4 : {val V}
H5 : {tm V}
============================
app_ssubst (smcons (smap n1 V) ML1) M' M'
ssubst_closed_tm < apply IH to H1 H3.
Subgoal 2:
Variables: ML1 V M'
IH : forall M ML, {tm M} -> ssubst ML * -> app_ssubst ML M M
H1 : {tm M'}
H3 : ssubst ML1 *
H4 : {val V}
H5 : {tm V}
H6 : app_ssubst ML1 M' M'
============================
app_ssubst (smcons (smap n1 V) ML1) M' M'
ssubst_closed_tm < search.
Proof completed.
Abella < Theorem ssubst_var :
forall V ML X, ssubst ML -> smmember (smap X V) ML -> app_ssubst ML X V.
============================
forall V ML X, ssubst ML -> smmember (smap X V) ML -> app_ssubst ML X V
ssubst_var < induction on 2.
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
============================
forall V ML X, ssubst ML -> smmember (smap X V) ML @ -> app_ssubst ML X V
ssubst_var < intros.
Variables: V ML X
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H1 : ssubst ML
H2 : smmember (smap X V) ML @
============================
app_ssubst ML X V
ssubst_var < case H2.
Subgoal 1:
Variables: V X L
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H1 : ssubst (smcons (smap X V) L)
============================
app_ssubst (smcons (smap X V) L) X V
Subgoal 2 is:
app_ssubst (smcons Y L) X V
ssubst_var < case H1.
Subgoal 1:
Variables: ML1 V1
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H3 : ssubst ML1
H4 : {val V1}
H5 : {tm V1}
============================
app_ssubst (smcons (smap n1 V1) ML1) n1 V1
Subgoal 2 is:
app_ssubst (smcons Y L) X V
ssubst_var < unfold.
Subgoal 1:
Variables: ML1 V1
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H3 : ssubst ML1
H4 : {val V1}
H5 : {tm V1}
============================
app_ssubst ML1 V1 V1
Subgoal 2 is:
app_ssubst (smcons Y L) X V
ssubst_var < backchain ssubst_closed_tm.
Subgoal 2:
Variables: V X L Y
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H1 : ssubst (smcons Y L)
H3 : smmember (smap X V) L *
============================
app_ssubst (smcons Y L) X V
ssubst_var < case H1.
Subgoal 2:
Variables: V X ML1 V1
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H3 : smmember (smap (X n1) (V n1)) ML1 *
H4 : ssubst ML1
H5 : {val V1}
H6 : {tm V1}
============================
app_ssubst (smcons (smap n1 V1) ML1) (X n1) (V n1)
ssubst_var < apply smmember_prune_tm to H3.
Subgoal 2:
Variables: ML1 V1 M'2 M'1
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H3 : smmember (smap M'1 M'2) ML1 *
H4 : ssubst ML1
H5 : {val V1}
H6 : {tm V1}
============================
app_ssubst (smcons (smap n1 V1) ML1) M'1 M'2
ssubst_var < unfold.
Subgoal 2:
Variables: ML1 V1 M'2 M'1
IH : forall V ML X, ssubst ML -> smmember (smap X V) ML * ->
app_ssubst ML X V
H3 : smmember (smap M'1 M'2) ML1 *
H4 : ssubst ML1
H5 : {val V1}
H6 : {tm V1}
============================
app_ssubst ML1 M'1 M'2
ssubst_var < backchain IH.
Proof completed.
Abella < Theorem ssubst_var_eq :
forall V ML E X, ssubst ML -> smmember (smap X V) ML -> app_ssubst ML X E ->
E =
V.
============================
forall V ML E X, ssubst ML -> smmember (smap X V) ML -> app_ssubst ML X E ->
E =
V
ssubst_var_eq < intros.
Variables: V ML E X
H1 : ssubst ML
H2 : smmember (smap X V) ML
H3 : app_ssubst ML X E
============================
E = V
ssubst_var_eq < apply ssubst_var to H1 H2.
Variables: V ML E X
H1 : ssubst ML
H2 : smmember (smap X V) ML
H3 : app_ssubst ML X E
H4 : app_ssubst ML X V
============================
E = V
ssubst_var_eq < apply ssubst_det to H1 H3 H4.
Variables: V ML X
H1 : ssubst ML
H2 : smmember (smap X V) ML
H3 : app_ssubst ML X V
H4 : app_ssubst ML X V
============================
V = V
ssubst_var_eq < search.
Proof completed.
Abella < Theorem ssubst_nabla :
forall ML, nabla x, ssubst ML -> app_ssubst ML x x.
============================
forall ML, nabla x, ssubst ML -> app_ssubst ML x x
ssubst_nabla < induction on 1.
IH : forall ML, nabla x, ssubst ML * -> app_ssubst ML x x
============================
forall ML, nabla x, ssubst ML @ -> app_ssubst ML x x
ssubst_nabla < intros.
Variables: ML
IH : forall ML, nabla x, ssubst ML * -> app_ssubst ML x x
H1 : ssubst ML @
============================
app_ssubst ML n1 n1
ssubst_nabla < case H1.
Subgoal 1:
IH : forall ML, nabla x, ssubst ML * -> app_ssubst ML x x
============================
app_ssubst smnil n1 n1
Subgoal 2 is:
app_ssubst (smcons (smap n2 V) ML1) n1 n1
ssubst_nabla < search.
Subgoal 2:
Variables: ML1 V
IH : forall ML, nabla x, ssubst ML * -> app_ssubst ML x x
H2 : ssubst ML1 *
H3 : {val V}
H4 : {tm V}
============================
app_ssubst (smcons (smap n2 V) ML1) n1 n1
ssubst_nabla < unfold.
Subgoal 2:
Variables: ML1 V
IH : forall ML, nabla x, ssubst ML * -> app_ssubst ML x x
H2 : ssubst ML1 *
H3 : {val V}
H4 : {tm V}
============================
app_ssubst ML1 n1 n1
ssubst_nabla < backchain IH.
Proof completed.
Abella < Theorem ssubst_result_closed_tm :
forall ML L M M' Vs, tm_sctx L -> {L |- tm M} -> vars_of_tm_sctx L Vs ->
ssubst ML -> vars_of_ssubst ML Vs -> app_ssubst ML M M' -> {tm M'}.
============================
forall ML L M M' Vs, tm_sctx L -> {L |- tm M} -> vars_of_tm_sctx L Vs ->
ssubst ML -> vars_of_ssubst ML Vs -> app_ssubst ML M M' -> {tm M'}
ssubst_result_closed_tm < induction on 1.
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
============================
forall ML L M M' Vs, tm_sctx L @ -> {L |- tm M} -> vars_of_tm_sctx L Vs ->
ssubst ML -> vars_of_ssubst ML Vs -> app_ssubst ML M M' -> {tm M'}
ssubst_result_closed_tm < intros.
Variables: ML L M M' Vs
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H1 : tm_sctx L @
H2 : {L |- tm M}
H3 : vars_of_tm_sctx L Vs
H4 : ssubst ML
H5 : vars_of_ssubst ML Vs
H6 : app_ssubst ML M M'
============================
{tm M'}
ssubst_result_closed_tm < case H1.
Subgoal 1:
Variables: ML M M' Vs
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {tm M}
H3 : vars_of_tm_sctx nil Vs
H4 : ssubst ML
H5 : vars_of_ssubst ML Vs
H6 : app_ssubst ML M M'
============================
{tm M'}
Subgoal 2 is:
{tm (M' n1)}
ssubst_result_closed_tm < case H3.
Subgoal 1:
Variables: ML M M'
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {tm M}
H4 : ssubst ML
H5 : vars_of_ssubst ML snil
H6 : app_ssubst ML M M'
============================
{tm M'}
Subgoal 2 is:
{tm (M' n1)}
ssubst_result_closed_tm < case H5.
Subgoal 1:
Variables: M M'
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {tm M}
H4 : ssubst smnil
H6 : app_ssubst smnil M M'
============================
{tm M'}
Subgoal 2 is:
{tm (M' n1)}
ssubst_result_closed_tm < case H6.
Subgoal 1:
Variables: M'
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {tm M'}
H4 : ssubst smnil
============================
{tm M'}
Subgoal 2 is:
{tm (M' n1)}
ssubst_result_closed_tm < search.
Subgoal 2:
Variables: ML M M' Vs L1
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H3 : vars_of_tm_sctx (tm n1 :: L1) (Vs n1)
H4 : ssubst (ML n1)
H5 : vars_of_ssubst (ML n1) (Vs n1)
H6 : app_ssubst (ML n1) (M n1) (M' n1)
H7 : tm_sctx L1 *
============================
{tm (M' n1)}
ssubst_result_closed_tm < case H3.
Subgoal 2:
Variables: ML M M' L1 L'
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H4 : ssubst (ML n1)
H5 : vars_of_ssubst (ML n1) (scons n1 L')
H6 : app_ssubst (ML n1) (M n1) (M' n1)
H7 : tm_sctx L1 *
H8 : vars_of_tm_sctx L1 L'
============================
{tm (M' n1)}
ssubst_result_closed_tm < case H5.
Subgoal 2:
Variables: M M' L1 L' ML1 V
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H4 : ssubst (smcons (smap n1 V) ML1)
H6 : app_ssubst (smcons (smap n1 V) ML1) (M n1) (M' n1)
H7 : tm_sctx L1 *
H8 : vars_of_tm_sctx L1 L'
H9 : vars_of_ssubst ML1 L'
============================
{tm (M' n1)}
ssubst_result_closed_tm < case H6.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H4 : ssubst (smcons (smap n1 V) ML1)
H7 : tm_sctx L1 *
H8 : vars_of_tm_sctx L1 L'
H9 : vars_of_ssubst ML1 L'
H10 : app_ssubst ML1 (M V) M1
============================
{tm M1}
ssubst_result_closed_tm < case H4.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H7 : tm_sctx L1 *
H8 : vars_of_tm_sctx L1 L'
H9 : vars_of_ssubst ML1 L'
H10 : app_ssubst ML1 (M V) M1
H11 : ssubst ML1
H12 : {val V}
H13 : {tm V}
============================
{tm M1}
ssubst_result_closed_tm < inst H2 with n1 = V.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H7 : tm_sctx L1 *
H8 : vars_of_tm_sctx L1 L'
H9 : vars_of_ssubst ML1 L'
H10 : app_ssubst ML1 (M V) M1
H11 : ssubst ML1
H12 : {val V}
H13 : {tm V}
H14 : {L1, tm V |- tm (M V)}
============================
{tm M1}
ssubst_result_closed_tm < cut H14 with H13.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm_sctx L * -> {L |- tm M} ->
vars_of_tm_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
H2 : {L1, tm n1 |- tm (M n1)}
H7 : tm_sctx L1 *
H8 : vars_of_tm_sctx L1 L'
H9 : vars_of_ssubst ML1 L'
H10 : app_ssubst ML1 (M V) M1
H11 : ssubst ML1
H12 : {val V}
H13 : {tm V}
H14 : {L1, tm V |- tm (M V)}
H15 : {L1 |- tm (M V)}
============================
{tm M1}
ssubst_result_closed_tm < backchain IH with ML = ML1, L = L1, M = M V.
Proof completed.
Abella < Theorem ssubst_result_closed_tm' :
forall ML L T M M' Vs, {is_sty T} -> sctx L -> {L |- of M T} ->
vars_of_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}.
============================
forall ML L T M M' Vs, {is_sty T} -> sctx L -> {L |- of M T} ->
vars_of_sctx L Vs -> ssubst ML -> vars_of_ssubst ML Vs ->
app_ssubst ML M M' -> {tm M'}
ssubst_result_closed_tm' < intros.
Variables: ML L T M M' Vs
H1 : {is_sty T}
H2 : sctx L
H3 : {L |- of M T}
H4 : vars_of_sctx L Vs
H5 : ssubst ML
H6 : vars_of_ssubst ML Vs
H7 : app_ssubst ML M M'
============================
{tm M'}
ssubst_result_closed_tm' < apply sctx_to_tm_sctx to H2 H4.
Variables: ML L T M M' Vs SL
H1 : {is_sty T}
H2 : sctx L
H3 : {L |- of M T}
H4 : vars_of_sctx L Vs
H5 : ssubst ML
H6 : vars_of_ssubst ML Vs
H7 : app_ssubst ML M M'
H8 : tm_sctx SL
H9 : vars_of_tm_sctx SL Vs
============================
{tm M'}
ssubst_result_closed_tm' < assert {SL |- tm M}.
Subgoal 1:
Variables: ML L T M M' Vs SL
H1 : {is_sty T}
H2 : sctx L
H3 : {L |- of M T}
H4 : vars_of_sctx L Vs
H5 : ssubst ML
H6 : vars_of_ssubst ML Vs
H7 : app_ssubst ML M M'
H8 : tm_sctx SL
H9 : vars_of_tm_sctx SL Vs
============================
{SL |- tm M}
Subgoal is:
{tm M'}
ssubst_result_closed_tm' < backchain sof_to_tm with T = T.
Variables: ML L T M M' Vs SL
H1 : {is_sty T}
H2 : sctx L
H3 : {L |- of M T}
H4 : vars_of_sctx L Vs
H5 : ssubst ML
H6 : vars_of_ssubst ML Vs
H7 : app_ssubst ML M M'
H8 : tm_sctx SL
H9 : vars_of_tm_sctx SL Vs
H10 : {SL |- tm M}
============================
{tm M'}
ssubst_result_closed_tm' < backchain ssubst_result_closed_tm.
Proof completed.
Abella < Theorem app_ssubst_pred_comm :
forall ML M M', app_ssubst ML (pred M) M' ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'').
============================
forall ML M M', app_ssubst ML (pred M) M' ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
app_ssubst_pred_comm < induction on 1.
IH : forall ML M M', app_ssubst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
============================
forall ML M M', app_ssubst ML (pred M) M' @ ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
app_ssubst_pred_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_ssubst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
H1 : app_ssubst ML (pred M) M' @
============================
exists M'', M' = pred M'' /\ app_ssubst ML M M''
app_ssubst_pred_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_ssubst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
============================
exists M'', pred M = pred M'' /\ app_ssubst smnil M M''
Subgoal 2 is:
exists M'', M1 = pred M'' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M''
app_ssubst_pred_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
H2 : app_ssubst ML1 (pred (M V)) M1 *
============================
exists M'', M1 = pred M'' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M''
app_ssubst_pred_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M''
IH : forall ML M M', app_ssubst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_ssubst ML M M'')
H2 : app_ssubst ML1 (pred (M V)) (pred M'') *
H3 : app_ssubst ML1 (M V) M''
============================
exists M''1, pred M'' = pred M''1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M''1
app_ssubst_pred_comm < search.
Proof completed.
Abella < Theorem app_ssubst_ifz_comm :
forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2').
============================
forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
app_ssubst_ifz_comm < induction on 1.
IH : forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
============================
forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 @ ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
app_ssubst_ifz_comm < intros.
Variables: ML M M1 M2 M3
IH : forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
H1 : app_ssubst ML (ifz M M1 M2) M3 @
============================
exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2'
app_ssubst_ifz_comm < case H1.
Subgoal 1:
Variables: M M1 M2
IH : forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
============================
exists M' M1' M2', ifz M M1 M2 = ifz M' M1' M2' /\ app_ssubst smnil M M' /\
app_ssubst smnil M1 M1' /\ app_ssubst smnil M2 M2'
Subgoal 2 is:
exists M' M1' M2', M4 = ifz M' M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_ifz_comm < search.
Subgoal 2:
Variables: M M1 M2 M4 ML1 V
IH : forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (ifz (M V) (M1 V) (M2 V)) M4 *
============================
exists M' M1' M2', M4 = ifz M' M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_ifz_comm < apply IH to H2.
Subgoal 2:
Variables: M M1 M2 ML1 V M' M1' M2'
IH : forall ML M M1 M2 M3, app_ssubst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_ssubst ML M M' /\
app_ssubst ML M1 M1' /\ app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (ifz (M V) (M1 V) (M2 V)) (ifz M' M1' M2') *
H3 : app_ssubst ML1 (M V) M'
H4 : app_ssubst ML1 (M1 V) M1'
H5 : app_ssubst ML1 (M2 V) M2'
============================
exists M'1 M1'1 M2'1, ifz M' M1' M2' = ifz M'1 M1'1 M2'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'1
app_ssubst_ifz_comm < search.
Proof completed.
Abella < Theorem app_ssubst_let_comm :
forall ML M R M', app_ssubst ML (let M R) M' ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x))).
============================
forall ML M R M', app_ssubst ML (let M R) M' ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
app_ssubst_let_comm < induction on 1.
IH : forall ML M R M', app_ssubst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
============================
forall ML M R M', app_ssubst ML (let M R) M' @ ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
app_ssubst_let_comm < intros.
Variables: ML M R M'
IH : forall ML M R M', app_ssubst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
H1 : app_ssubst ML (let M R) M' @
============================
exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x))
app_ssubst_let_comm < case H1.
Subgoal 1:
Variables: M R
IH : forall ML M R M', app_ssubst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
============================
exists M1 R1, let M R = let M1 R1 /\ app_ssubst smnil M M1 /\
(nabla x, app_ssubst smnil (R x) (R1 x))
Subgoal 2 is:
exists M2 R1, M1 = let M2 R1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M2 /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R1 x))
app_ssubst_let_comm < search.
Subgoal 2:
Variables: M R M1 ML1 V
IH : forall ML M R M', app_ssubst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
H2 : app_ssubst ML1 (let (M V) (R V)) M1 *
============================
exists M2 R1, M1 = let M2 R1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M2 /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R1 x))
app_ssubst_let_comm < apply IH to H2.
Subgoal 2:
Variables: M R ML1 V M2 R1
IH : forall ML M R M', app_ssubst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_ssubst ML M M1 /\
(nabla x, app_ssubst ML (R x) (R1 x)))
H2 : app_ssubst ML1 (let (M V) (R V)) (let M2 R1) *
H3 : app_ssubst ML1 (M V) M2
H4 : app_ssubst ML1 (R V n1) (R1 n1)
============================
exists M1 R2, let M2 R1 = let M1 R2 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M1 /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R2 x))
app_ssubst_let_comm < search.
Proof completed.
Abella < Theorem app_ssubst_fix_comm :
forall ML R M', app_ssubst ML (fix R) M' ->
(exists R', M' = fix R' /\ (nabla f x, app_ssubst ML (R f x) (R' f x))).
============================
forall ML R M', app_ssubst ML (fix R) M' ->
(exists R', M' = fix R' /\ (nabla f x, app_ssubst ML (R f x) (R' f x)))
app_ssubst_fix_comm < induction on 1.
IH : forall ML R M', app_ssubst ML (fix R) M' * ->
(exists R', M' = fix R' /\
(nabla f x, app_ssubst ML (R f x) (R' f x)))
============================
forall ML R M', app_ssubst ML (fix R) M' @ ->
(exists R', M' = fix R' /\ (nabla f x, app_ssubst ML (R f x) (R' f x)))
app_ssubst_fix_comm < intros.
Variables: ML R M'
IH : forall ML R M', app_ssubst ML (fix R) M' * ->
(exists R', M' = fix R' /\
(nabla f x, app_ssubst ML (R f x) (R' f x)))
H1 : app_ssubst ML (fix R) M' @
============================
exists R', M' = fix R' /\ (nabla f x, app_ssubst ML (R f x) (R' f x))
app_ssubst_fix_comm < case H1.
Subgoal 1:
Variables: R
IH : forall ML R M', app_ssubst ML (fix R) M' * ->
(exists R', M' = fix R' /\
(nabla f x, app_ssubst ML (R f x) (R' f x)))
============================
exists R', fix R = fix R' /\ (nabla f x, app_ssubst smnil (R f x) (R' f x))
Subgoal 2 is:
exists R', M = fix R' /\
(nabla f x, app_ssubst (smcons (smap n1 V) ML1) (R n1 f x) (R' f x))
app_ssubst_fix_comm < search.
Subgoal 2:
Variables: R M ML1 V
IH : forall ML R M', app_ssubst ML (fix R) M' * ->
(exists R', M' = fix R' /\
(nabla f x, app_ssubst ML (R f x) (R' f x)))
H2 : app_ssubst ML1 (fix (R V)) M *
============================
exists R', M = fix R' /\
(nabla f x, app_ssubst (smcons (smap n1 V) ML1) (R n1 f x) (R' f x))
app_ssubst_fix_comm < apply IH to H2.
Subgoal 2:
Variables: R ML1 V R'
IH : forall ML R M', app_ssubst ML (fix R) M' * ->
(exists R', M' = fix R' /\
(nabla f x, app_ssubst ML (R f x) (R' f x)))
H2 : app_ssubst ML1 (fix (R V)) (fix R') *
H3 : app_ssubst ML1 (R V n1 n2) (R' n1 n2)
============================
exists R'1, fix R' = fix R'1 /\
(nabla f x, app_ssubst (smcons (smap n1 V) ML1) (R n1 f x) (R'1 f x))
app_ssubst_fix_comm < search.
Proof completed.
Abella < Theorem app_ssubst_app_comm :
forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2').
============================
forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
app_ssubst_app_comm < induction on 1.
IH : forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
============================
forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' @ ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
app_ssubst_app_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H1 : app_ssubst ML (app M1 M2) M' @
============================
exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2'
app_ssubst_app_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
============================
exists M1' M2', app M1 M2 = app M1' M2' /\ app_ssubst smnil M1 M1' /\
app_ssubst smnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = app M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_app_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (app (M1 V) (M2 V)) M *
============================
exists M1' M2', M = app M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_app_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_ssubst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (app (M1 V) (M2 V)) (app M1' M2') *
H3 : app_ssubst ML1 (M1 V) M1'
H4 : app_ssubst ML1 (M2 V) M2'
============================
exists M1'1 M2'1, app M1' M2' = app M1'1 M2'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'1
app_ssubst_app_comm < search.
Proof completed.
Abella < Theorem app_ssubst_plus_comm :
forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2').
============================
forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
app_ssubst_plus_comm < induction on 1.
IH : forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
============================
forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' @ ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
app_ssubst_plus_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H1 : app_ssubst ML (plus M1 M2) M' @
============================
exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2'
app_ssubst_plus_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
============================
exists M1' M2', plus M1 M2 = plus M1' M2' /\ app_ssubst smnil M1 M1' /\
app_ssubst smnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = plus M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_plus_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (plus (M1 V) (M2 V)) M *
============================
exists M1' M2', M = plus M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_plus_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_ssubst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (plus (M1 V) (M2 V)) (plus M1' M2') *
H3 : app_ssubst ML1 (M1 V) M1'
H4 : app_ssubst ML1 (M2 V) M2'
============================
exists M1'1 M2'1, plus M1' M2' = plus M1'1 M2'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'1
app_ssubst_plus_comm < search.
Proof completed.
Abella < Theorem app_ssubst_pair_comm :
forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2').
============================
forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
app_ssubst_pair_comm < induction on 1.
IH : forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
============================
forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' @ ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
app_ssubst_pair_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H1 : app_ssubst ML (pair M1 M2) M' @
============================
exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2'
app_ssubst_pair_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
============================
exists M1' M2', pair M1 M2 = pair M1' M2' /\ app_ssubst smnil M1 M1' /\
app_ssubst smnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = pair M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_pair_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (pair (M1 V) (M2 V)) M *
============================
exists M1' M2', M = pair M1' M2' /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1' /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'
app_ssubst_pair_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_ssubst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_ssubst ML M1 M1' /\
app_ssubst ML M2 M2')
H2 : app_ssubst ML1 (pair (M1 V) (M2 V)) (pair M1' M2') *
H3 : app_ssubst ML1 (M1 V) M1'
H4 : app_ssubst ML1 (M2 V) M2'
============================
exists M1'1 M2'1, pair M1' M2' = pair M1'1 M2'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M1 n1) M1'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M2 n1) M2'1
app_ssubst_pair_comm < search.
Proof completed.
Abella < Theorem app_ssubst_fst_comm :
forall ML M M', app_ssubst ML (fst M) M' ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1').
============================
forall ML M M', app_ssubst ML (fst M) M' ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
app_ssubst_fst_comm < induction on 1.
IH : forall ML M M', app_ssubst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
============================
forall ML M M', app_ssubst ML (fst M) M' @ ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
app_ssubst_fst_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_ssubst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
H1 : app_ssubst ML (fst M) M' @
============================
exists M1', M' = fst M1' /\ app_ssubst ML M M1'
app_ssubst_fst_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_ssubst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
============================
exists M1', fst M = fst M1' /\ app_ssubst smnil M M1'
Subgoal 2 is:
exists M1', M1 = fst M1' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M1'
app_ssubst_fst_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
H2 : app_ssubst ML1 (fst (M V)) M1 *
============================
exists M1', M1 = fst M1' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M1'
app_ssubst_fst_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M1'
IH : forall ML M M', app_ssubst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_ssubst ML M M1')
H2 : app_ssubst ML1 (fst (M V)) (fst M1') *
H3 : app_ssubst ML1 (M V) M1'
============================
exists M1'1, fst M1' = fst M1'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M1'1
app_ssubst_fst_comm < search.
Proof completed.
Abella < Theorem app_ssubst_snd_comm :
forall ML M M', app_ssubst ML (snd M) M' ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1').
============================
forall ML M M', app_ssubst ML (snd M) M' ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
app_ssubst_snd_comm < induction on 1.
IH : forall ML M M', app_ssubst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
============================
forall ML M M', app_ssubst ML (snd M) M' @ ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
app_ssubst_snd_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_ssubst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
H1 : app_ssubst ML (snd M) M' @
============================
exists M1', M' = snd M1' /\ app_ssubst ML M M1'
app_ssubst_snd_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_ssubst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
============================
exists M1', snd M = snd M1' /\ app_ssubst smnil M M1'
Subgoal 2 is:
exists M1', M1 = snd M1' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M1'
app_ssubst_snd_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
H2 : app_ssubst ML1 (snd (M V)) M1 *
============================
exists M1', M1 = snd M1' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M1'
app_ssubst_snd_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M1'
IH : forall ML M M', app_ssubst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_ssubst ML M M1')
H2 : app_ssubst ML1 (snd (M V)) (snd M1') *
H3 : app_ssubst ML1 (M V) M1'
============================
exists M1'1, snd M1' = snd M1'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M1'1
app_ssubst_snd_comm < search.
Proof completed.
Abella < Theorem app_ssubst_meta_app_comm :
forall ML R M P, app_ssubst ML (R M) P ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x))).
============================
forall ML R M P, app_ssubst ML (R M) P ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
app_ssubst_meta_app_comm < induction on 1.
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
============================
forall ML R M P, app_ssubst ML (R M) P @ ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
app_ssubst_meta_app_comm < intros.
Variables: ML R M P
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
H1 : app_ssubst ML (R M) P @
============================
exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x))
app_ssubst_meta_app_comm < case H1.
Subgoal 1:
Variables: R M
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
============================
exists R' M', R M = R' M' /\ app_ssubst smnil M M' /\
(nabla x, app_ssubst smnil (R x) (R' x))
Subgoal 2 is:
exists R' M', M1 = R' M' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R' x))
app_ssubst_meta_app_comm < exists R.
Subgoal 1:
Variables: R M
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
============================
exists M', R M = R M' /\ app_ssubst smnil M M' /\
(nabla x, app_ssubst smnil (R x) (R x))
Subgoal 2 is:
exists R' M', M1 = R' M' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R' x))
app_ssubst_meta_app_comm < exists M.
Subgoal 1:
Variables: R M
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
============================
R M = R M /\ app_ssubst smnil M M /\ (nabla x, app_ssubst smnil (R x) (R x))
Subgoal 2 is:
exists R' M', M1 = R' M' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R' x))
app_ssubst_meta_app_comm < search.
Subgoal 2:
Variables: R M M1 ML1 V
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
H2 : app_ssubst ML1 (R V (M V)) M1 *
============================
exists R' M', M1 = R' M' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R' x))
app_ssubst_meta_app_comm < apply IH to H2 with R = R V, M = M V.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
H2 : app_ssubst ML1 (R V (M V)) (R' M') *
H3 : app_ssubst ML1 (M V) M'
H4 : app_ssubst ML1 (R V n1) (R' n1)
============================
exists R'1 M'1, R' M' = R'1 M'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M'1 /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R'1 x))
app_ssubst_meta_app_comm < exists R'.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
H2 : app_ssubst ML1 (R V (M V)) (R' M') *
H3 : app_ssubst ML1 (M V) M'
H4 : app_ssubst ML1 (R V n1) (R' n1)
============================
exists M'1, R' M' = R' M'1 /\
app_ssubst (smcons (smap n1 V) ML1) (M n1) M'1 /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R' x))
app_ssubst_meta_app_comm < exists M'.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M P, app_ssubst ML (R M) P * ->
(exists R' M', P = R' M' /\ app_ssubst ML M M' /\
(nabla x, app_ssubst ML (R x) (R' x)))
H2 : app_ssubst ML1 (R V (M V)) (R' M') *
H3 : app_ssubst ML1 (M V) M'
H4 : app_ssubst ML1 (R V n1) (R' n1)
============================
R' M' = R' M' /\ app_ssubst (smcons (smap n1 V) ML1) (M n1) M' /\
(nabla x, app_ssubst (smcons (smap n1 V) ML1) (R n1 x) (R' x))
app_ssubst_meta_app_comm < search.
Proof completed.
Abella < Theorem app_ssubst_pred_compose :
forall ML M M', app_ssubst ML M M' -> app_ssubst ML (pred M) (pred M').
============================
forall ML M M', app_ssubst ML M M' -> app_ssubst ML (pred M) (pred M')
app_ssubst_pred_compose < induction on 1.
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (pred M) (pred M')
============================
forall ML M M', app_ssubst ML M M' @ -> app_ssubst ML (pred M) (pred M')
app_ssubst_pred_compose < intros.
Variables: ML M M'
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (pred M) (pred M')
H1 : app_ssubst ML M M' @
============================
app_ssubst ML (pred M) (pred M')
app_ssubst_pred_compose < case H1.
Subgoal 1:
Variables: M'
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (pred M) (pred M')
============================
app_ssubst smnil (pred M') (pred M')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (pred (M n1)) (pred M1)
app_ssubst_pred_compose < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (pred M) (pred M')
H2 : app_ssubst ML1 (M V) M1 *
============================
app_ssubst (smcons (smap n1 V) ML1) (pred (M n1)) (pred M1)
app_ssubst_pred_compose < unfold.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (pred M) (pred M')
H2 : app_ssubst ML1 (M V) M1 *
============================
app_ssubst ML1 (pred (M V)) (pred M1)
app_ssubst_pred_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_ifz_compose :
forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3').
============================
forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
app_ssubst_ifz_compose < induction on 1.
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
============================
forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' @ ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
app_ssubst_ifz_compose < intros.
Variables: ML M1 M2 M1' M2' M3 M3'
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H1 : app_ssubst ML M1 M1' @
H2 : app_ssubst ML M2 M2'
H3 : app_ssubst ML M3 M3'
============================
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
app_ssubst_ifz_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2' M3 M3'
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H2 : app_ssubst smnil M2 M2'
H3 : app_ssubst smnil M3 M3'
============================
app_ssubst smnil (ifz M1' M2 M3) (ifz M1' M2' M3')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (ifz (M1 n1) (M2 n1) (M3 n1))
(ifz M (M2' n1) (M3' n1))
app_ssubst_ifz_compose < case H2.
Subgoal 1:
Variables: M1' M2' M3 M3'
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H3 : app_ssubst smnil M3 M3'
============================
app_ssubst smnil (ifz M1' M2' M3) (ifz M1' M2' M3')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (ifz (M1 n1) (M2 n1) (M3 n1))
(ifz M (M2' n1) (M3' n1))
app_ssubst_ifz_compose < case H3.
Subgoal 1:
Variables: M1' M2' M3'
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
============================
app_ssubst smnil (ifz M1' M2' M3') (ifz M1' M2' M3')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (ifz (M1 n1) (M2 n1) (M3 n1))
(ifz M (M2' n1) (M3' n1))
app_ssubst_ifz_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M3 M3' M ML1 V
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H2 : app_ssubst (smcons (smap n1 V) ML1) (M2 n1) (M2' n1)
H3 : app_ssubst (smcons (smap n1 V) ML1) (M3 n1) (M3' n1)
H4 : app_ssubst ML1 (M1 V) M *
============================
app_ssubst (smcons (smap n1 V) ML1) (ifz (M1 n1) (M2 n1) (M3 n1))
(ifz M (M2' n1) (M3' n1))
app_ssubst_ifz_compose < case H2.
Subgoal 2:
Variables: M1 M2 M3 M3' M ML1 V M4
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H3 : app_ssubst (smcons (smap n1 V) ML1) (M3 n1) (M3' n1)
H4 : app_ssubst ML1 (M1 V) M *
H5 : app_ssubst ML1 (M2 V) M4
============================
app_ssubst (smcons (smap n1 V) ML1) (ifz (M1 n1) (M2 n1) (M3 n1))
(ifz M M4 (M3' n1))
app_ssubst_ifz_compose < case H3.
Subgoal 2:
Variables: M1 M2 M3 M ML1 V M4 M5
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H4 : app_ssubst ML1 (M1 V) M *
H5 : app_ssubst ML1 (M2 V) M4
H6 : app_ssubst ML1 (M3 V) M5
============================
app_ssubst (smcons (smap n1 V) ML1) (ifz (M1 n1) (M2 n1) (M3 n1))
(ifz M M4 M5)
app_ssubst_ifz_compose < unfold.
Subgoal 2:
Variables: M1 M2 M3 M ML1 V M4 M5
IH : forall ML M1 M2 M1' M2' M3 M3', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML M3 M3' ->
app_ssubst ML (ifz M1 M2 M3) (ifz M1' M2' M3')
H4 : app_ssubst ML1 (M1 V) M *
H5 : app_ssubst ML1 (M2 V) M4
H6 : app_ssubst ML1 (M3 V) M5
============================
app_ssubst ML1 (ifz (M1 V) (M2 V) (M3 V)) (ifz M M4 M5)
app_ssubst_ifz_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_plus_compose :
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' -> app_ssubst ML M2 M2' ->
app_ssubst ML (plus M1 M2) (plus M1' M2').
============================
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' -> app_ssubst ML M2 M2' ->
app_ssubst ML (plus M1 M2) (plus M1' M2')
app_ssubst_plus_compose < induction on 1.
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
============================
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' @ -> app_ssubst ML M2 M2' ->
app_ssubst ML (plus M1 M2) (plus M1' M2')
app_ssubst_plus_compose < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
H1 : app_ssubst ML M1 M1' @
H2 : app_ssubst ML M2 M2'
============================
app_ssubst ML (plus M1 M2) (plus M1' M2')
app_ssubst_plus_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
H2 : app_ssubst smnil M2 M2'
============================
app_ssubst smnil (plus M1' M2) (plus M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (plus (M1 n1) (M2 n1)) (plus M (M2' n1))
app_ssubst_plus_compose < case H2.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
============================
app_ssubst smnil (plus M1' M2') (plus M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (plus (M1 n1) (M2 n1)) (plus M (M2' n1))
app_ssubst_plus_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M ML1 V
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
H2 : app_ssubst (smcons (smap n1 V) ML1) (M2 n1) (M2' n1)
H3 : app_ssubst ML1 (M1 V) M *
============================
app_ssubst (smcons (smap n1 V) ML1) (plus (M1 n1) (M2 n1)) (plus M (M2' n1))
app_ssubst_plus_compose < case H2.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V) M3
============================
app_ssubst (smcons (smap n1 V) ML1) (plus (M1 n1) (M2 n1)) (plus M M3)
app_ssubst_plus_compose < unfold.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (plus M1 M2) (plus M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V) M3
============================
app_ssubst ML1 (plus (M1 V) (M2 V)) (plus M M3)
app_ssubst_plus_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_fst_compose :
forall ML M M', app_ssubst ML M M' -> app_ssubst ML (fst M) (fst M').
============================
forall ML M M', app_ssubst ML M M' -> app_ssubst ML (fst M) (fst M')
app_ssubst_fst_compose < induction on 1.
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (fst M) (fst M')
============================
forall ML M M', app_ssubst ML M M' @ -> app_ssubst ML (fst M) (fst M')
app_ssubst_fst_compose < intros.
Variables: ML M M'
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (fst M) (fst M')
H1 : app_ssubst ML M M' @
============================
app_ssubst ML (fst M) (fst M')
app_ssubst_fst_compose < case H1.
Subgoal 1:
Variables: M'
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (fst M) (fst M')
============================
app_ssubst smnil (fst M') (fst M')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (fst (M n1)) (fst M1)
app_ssubst_fst_compose < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (fst M) (fst M')
H2 : app_ssubst ML1 (M V) M1 *
============================
app_ssubst (smcons (smap n1 V) ML1) (fst (M n1)) (fst M1)
app_ssubst_fst_compose < unfold.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (fst M) (fst M')
H2 : app_ssubst ML1 (M V) M1 *
============================
app_ssubst ML1 (fst (M V)) (fst M1)
app_ssubst_fst_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_snd_compose :
forall ML M M', app_ssubst ML M M' -> app_ssubst ML (snd M) (snd M').
============================
forall ML M M', app_ssubst ML M M' -> app_ssubst ML (snd M) (snd M')
app_ssubst_snd_compose < induction on 1.
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (snd M) (snd M')
============================
forall ML M M', app_ssubst ML M M' @ -> app_ssubst ML (snd M) (snd M')
app_ssubst_snd_compose < intros.
Variables: ML M M'
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (snd M) (snd M')
H1 : app_ssubst ML M M' @
============================
app_ssubst ML (snd M) (snd M')
app_ssubst_snd_compose < case H1.
Subgoal 1:
Variables: M'
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (snd M) (snd M')
============================
app_ssubst smnil (snd M') (snd M')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (snd (M n1)) (snd M1)
app_ssubst_snd_compose < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (snd M) (snd M')
H2 : app_ssubst ML1 (M V) M1 *
============================
app_ssubst (smcons (smap n1 V) ML1) (snd (M n1)) (snd M1)
app_ssubst_snd_compose < unfold.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_ssubst ML M M' * -> app_ssubst ML (snd M) (snd M')
H2 : app_ssubst ML1 (M V) M1 *
============================
app_ssubst ML1 (snd (M V)) (snd M1)
app_ssubst_snd_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_pair_compose :
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' -> app_ssubst ML M2 M2' ->
app_ssubst ML (pair M1 M2) (pair M1' M2').
============================
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' -> app_ssubst ML M2 M2' ->
app_ssubst ML (pair M1 M2) (pair M1' M2')
app_ssubst_pair_compose < induction on 1.
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
============================
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' @ -> app_ssubst ML M2 M2' ->
app_ssubst ML (pair M1 M2) (pair M1' M2')
app_ssubst_pair_compose < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
H1 : app_ssubst ML M1 M1' @
H2 : app_ssubst ML M2 M2'
============================
app_ssubst ML (pair M1 M2) (pair M1' M2')
app_ssubst_pair_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
H2 : app_ssubst smnil M2 M2'
============================
app_ssubst smnil (pair M1' M2) (pair M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (pair (M1 n1) (M2 n1)) (pair M (M2' n1))
app_ssubst_pair_compose < case H2.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
============================
app_ssubst smnil (pair M1' M2') (pair M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (pair (M1 n1) (M2 n1)) (pair M (M2' n1))
app_ssubst_pair_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M ML1 V
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
H2 : app_ssubst (smcons (smap n1 V) ML1) (M2 n1) (M2' n1)
H3 : app_ssubst ML1 (M1 V) M *
============================
app_ssubst (smcons (smap n1 V) ML1) (pair (M1 n1) (M2 n1)) (pair M (M2' n1))
app_ssubst_pair_compose < case H2.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V) M3
============================
app_ssubst (smcons (smap n1 V) ML1) (pair (M1 n1) (M2 n1)) (pair M M3)
app_ssubst_pair_compose < unfold.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (pair M1 M2) (pair M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V) M3
============================
app_ssubst ML1 (pair (M1 V) (M2 V)) (pair M M3)
app_ssubst_pair_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_app_compose :
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' -> app_ssubst ML M2 M2' ->
app_ssubst ML (app M1 M2) (app M1' M2').
============================
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' -> app_ssubst ML M2 M2' ->
app_ssubst ML (app M1 M2) (app M1' M2')
app_ssubst_app_compose < induction on 1.
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
============================
forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' @ -> app_ssubst ML M2 M2' ->
app_ssubst ML (app M1 M2) (app M1' M2')
app_ssubst_app_compose < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
H1 : app_ssubst ML M1 M1' @
H2 : app_ssubst ML M2 M2'
============================
app_ssubst ML (app M1 M2) (app M1' M2')
app_ssubst_app_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
H2 : app_ssubst smnil M2 M2'
============================
app_ssubst smnil (app M1' M2) (app M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (app (M1 n1) (M2 n1)) (app M (M2' n1))
app_ssubst_app_compose < case H2.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
============================
app_ssubst smnil (app M1' M2') (app M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n1 V) ML1) (app (M1 n1) (M2 n1)) (app M (M2' n1))
app_ssubst_app_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M ML1 V
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
H2 : app_ssubst (smcons (smap n1 V) ML1) (M2 n1) (M2' n1)
H3 : app_ssubst ML1 (M1 V) M *
============================
app_ssubst (smcons (smap n1 V) ML1) (app (M1 n1) (M2 n1)) (app M (M2' n1))
app_ssubst_app_compose < case H2.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V) M3
============================
app_ssubst (smcons (smap n1 V) ML1) (app (M1 n1) (M2 n1)) (app M M3)
app_ssubst_app_compose < unfold.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_ssubst ML M1 M1' * ->
app_ssubst ML M2 M2' -> app_ssubst ML (app M1 M2) (app M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V) M3
============================
app_ssubst ML1 (app (M1 V) (M2 V)) (app M M3)
app_ssubst_app_compose < backchain IH.
Proof completed.
Abella < Theorem app_ssubst_fix_compose :
forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) ->
app_ssubst ML (fix M) (fix M').
============================
forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) ->
app_ssubst ML (fix M) (fix M')
app_ssubst_fix_compose < induction on 1.
IH : forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) * ->
app_ssubst ML (fix M) (fix M')
============================
forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) @ ->
app_ssubst ML (fix M) (fix M')
app_ssubst_fix_compose < intros.
Variables: ML M M'
IH : forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) * ->
app_ssubst ML (fix M) (fix M')
H1 : app_ssubst ML (M n1 n2) (M' n1 n2) @
============================
app_ssubst ML (fix M) (fix M')
app_ssubst_fix_compose < case H1.
Subgoal 1:
Variables: M'
IH : forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) * ->
app_ssubst ML (fix M) (fix M')
============================
app_ssubst smnil (fix (z1\z2\M' z1 z2)) (fix M')
Subgoal 2 is:
app_ssubst (smcons (smap n3 ML2) ML3) (fix (M n3)) (fix (z2\z3\M2 z2 z3))
app_ssubst_fix_compose < search.
Subgoal 2:
Variables: M M2 ML3 ML2
IH : forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) * ->
app_ssubst ML (fix M) (fix M')
H2 : app_ssubst ML3 (M ML2 n1 n2) (M2 n1 n2) *
============================
app_ssubst (smcons (smap n3 ML2) ML3) (fix (M n3)) (fix (z2\z3\M2 z2 z3))
app_ssubst_fix_compose < unfold.
Subgoal 2:
Variables: M M2 ML3 ML2
IH : forall ML M M', nabla f x, app_ssubst ML (M f x) (M' f x) * ->
app_ssubst ML (fix M) (fix M')
H2 : app_ssubst ML3 (M ML2 n1 n2) (M2 n1 n2) *
============================
app_ssubst ML3 (fix (M ML2)) (fix (z2\z3\M2 z2 z3))
app_ssubst_fix_compose < backchain IH with M = M ML2, M' = M2, f = n1, x = n2.
Proof completed.
Abella < Theorem app_ssubst_let_compose :
forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' ->
app_ssubst ML (M2 x) (M2' x) -> app_ssubst ML (let M1 M2) (let M1' M2').
============================
forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' ->
app_ssubst ML (M2 x) (M2' x) -> app_ssubst ML (let M1 M2) (let M1' M2')
app_ssubst_let_compose < induction on 1.
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
============================
forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' @ ->
app_ssubst ML (M2 x) (M2' x) -> app_ssubst ML (let M1 M2) (let M1' M2')
app_ssubst_let_compose < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
H1 : app_ssubst ML M1 M1' @
H2 : app_ssubst ML (M2 n1) (M2' n1)
============================
app_ssubst ML (let M1 M2) (let M1' M2')
app_ssubst_let_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
H2 : app_ssubst smnil (M2 n1) (M2' n1)
============================
app_ssubst smnil (let M1' M2) (let M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n2 V) ML1) (let (M1 n2) (M2 n2)) (let M (M2' n2))
app_ssubst_let_compose < case H2.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
============================
app_ssubst smnil (let M1' (z1\M2' z1)) (let M1' M2')
Subgoal 2 is:
app_ssubst (smcons (smap n2 V) ML1) (let (M1 n2) (M2 n2)) (let M (M2' n2))
app_ssubst_let_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M ML1 V
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
H2 : app_ssubst (smcons (smap n2 V) ML1) (M2 n2 n1) (M2' n2 n1)
H3 : app_ssubst ML1 (M1 V) M *
============================
app_ssubst (smcons (smap n2 V) ML1) (let (M1 n2) (M2 n2)) (let M (M2' n2))
app_ssubst_let_compose < case H2.
Subgoal 2:
Variables: M1 M2 M ML1 V M4
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V n1) (M4 n1)
============================
app_ssubst (smcons (smap n2 V) ML1) (let (M1 n2) (M2 n2)) (let M (z2\M4 z2))
app_ssubst_let_compose < unfold.
Subgoal 2:
Variables: M1 M2 M ML1 V M4
IH : forall ML M1 M2 M1' M2', nabla x, app_ssubst ML M1 M1' * ->
app_ssubst ML (M2 x) (M2' x) ->
app_ssubst ML (let M1 M2) (let M1' M2')
H3 : app_ssubst ML1 (M1 V) M *
H4 : app_ssubst ML1 (M2 V n1) (M4 n1)
============================
app_ssubst ML1 (let (M1 V) (M2 V)) (let M (z2\M4 z2))
app_ssubst_let_compose < backchain IH with x = n1.
Proof completed.
Abella < Define subst : smap_list -> prop by
subst smnil;
subst (smcons (smap X V) ML) := subst ML /\ name X /\ {val V} /\ {tm V} /\
(forall V', smmember (smap X V') ML -> V' = V).
Abella < Define app_subst : smap_list -> tm -> tm -> prop by
app_subst smnil M M;
nabla x, app_subst (smcons (smap x V) (ML x)) (R x) M := nabla x, app_subst (ML x) (R V) M.
Abella < Theorem subst_mem :
forall ML E, subst ML -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}).
============================
forall ML E, subst ML -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
subst_mem < induction on 1.
IH : forall ML E, subst ML * -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
============================
forall ML E, subst ML @ -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
subst_mem < intros.
Variables: ML E
IH : forall ML E, subst ML * -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
H1 : subst ML @
H2 : smmember E ML
============================
exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}
subst_mem < case H1.
Subgoal 1:
Variables: E
IH : forall ML E, subst ML * -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
H2 : smmember E smnil
============================
exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}
Subgoal 2 is:
exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}
subst_mem < case H2.
Subgoal 2:
Variables: E ML1 V X
IH : forall ML E, subst ML * -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
H2 : smmember E (smcons (smap X V) ML1)
H3 : subst ML1 *
H4 : name X
H5 : {val V}
H6 : {tm V}
H7 : forall V', smmember (smap X V') ML1 -> V' = V
============================
exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}
subst_mem < case H2.
Subgoal 2.1:
Variables: ML1 V X
IH : forall ML E, subst ML * -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
H3 : subst ML1 *
H4 : name X
H5 : {val V}
H6 : {tm V}
H7 : forall V', smmember (smap X V') ML1 -> V' = V
============================
exists X1 V1, smap X V = smap X1 V1 /\ name X1 /\ {val V1} /\ {tm V1}
Subgoal 2.2 is:
exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}
subst_mem < search.
Subgoal 2.2:
Variables: E ML1 V X
IH : forall ML E, subst ML * -> smmember E ML ->
(exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V})
H3 : subst ML1 *
H4 : name X
H5 : {val V}
H6 : {tm V}
H7 : forall V', smmember (smap X V') ML1 -> V' = V
H8 : smmember E ML1
============================
exists X V, E = smap X V /\ name X /\ {val V} /\ {tm V}
subst_mem < backchain IH.
Proof completed.
Abella < Theorem subst_extend :
forall ML V, nabla x, subst ML -> {tm V} -> {val V} ->
subst (smcons (smap x V) ML).
============================
forall ML V, nabla x, subst ML -> {tm V} -> {val V} ->
subst (smcons (smap x V) ML)
subst_extend < intros.
Variables: ML V
H1 : subst ML
H2 : {tm V}
H3 : {val V}
============================
subst (smcons (smap n1 V) ML)
subst_extend < unfold.
Subgoal 1:
Variables: ML V
H1 : subst ML
H2 : {tm V}
H3 : {val V}
============================
subst ML
Subgoal 2 is:
name n1
Subgoal 3 is:
{val V}
Subgoal 4 is:
{tm V}
Subgoal 5 is:
forall V', smmember (smap n1 V') ML -> V' = V
subst_extend < search.
Subgoal 2:
Variables: ML V
H1 : subst ML
H2 : {tm V}
H3 : {val V}
============================
name n1
Subgoal 3 is:
{val V}
Subgoal 4 is:
{tm V}
Subgoal 5 is:
forall V', smmember (smap n1 V') ML -> V' = V
subst_extend < search.
Subgoal 3:
Variables: ML V
H1 : subst ML
H2 : {tm V}
H3 : {val V}
============================
{val V}
Subgoal 4 is:
{tm V}
Subgoal 5 is:
forall V', smmember (smap n1 V') ML -> V' = V
subst_extend < search.
Subgoal 4:
Variables: ML V
H1 : subst ML
H2 : {tm V}
H3 : {val V}
============================
{tm V}
Subgoal 5 is:
forall V', smmember (smap n1 V') ML -> V' = V
subst_extend < search.
Subgoal 5:
Variables: ML V
H1 : subst ML
H2 : {tm V}
H3 : {val V}
============================
forall V', smmember (smap n1 V') ML -> V' = V
subst_extend < intros.
Subgoal 5:
Variables: ML V V'
H1 : subst ML
H2 : {tm V}
H3 : {val V}
H4 : smmember (smap n1 (V' n1)) ML
============================
V' n1 = V
subst_extend < apply smmember_prune_tm to H4.
Proof completed.
Abella < Theorem subst_var_rsl_clear :
forall ML V M M', nabla x, subst (ML x) -> smmember (smap x V) (ML x) ->
app_subst (ML x) (M x) (M' x) -> (exists M'', M' = y\M'').
============================
forall ML V M M', nabla x, subst (ML x) -> smmember (smap x V) (ML x) ->
app_subst (ML x) (M x) (M' x) -> (exists M'', M' = y\M'')
subst_var_rsl_clear < induction on 2.
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
============================
forall ML V M M', nabla x, subst (ML x) -> smmember (smap x V) (ML x) @ ->
app_subst (ML x) (M x) (M' x) -> (exists M'', M' = y\M'')
subst_var_rsl_clear < intros.
Variables: ML V M M'
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H1 : subst (ML n1)
H2 : smmember (smap n1 V) (ML n1) @
H3 : app_subst (ML n1) (M n1) (M' n1)
============================
exists M'', M' = y\M''
subst_var_rsl_clear < case H2.
Subgoal 1:
Variables: V M M' L
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H1 : subst (smcons (smap n1 V) (L n1))
H3 : app_subst (smcons (smap n1 V) (L n1)) (M n1) (M' n1)
============================
exists M'', M' = y\M''
Subgoal 2 is:
exists M'', M' = y\M''
subst_var_rsl_clear < case H3.
Subgoal 1:
Variables: V M L M1
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H1 : subst (smcons (smap n1 V) (L n1))
H4 : app_subst (L n1) (M V) M1
============================
exists M'', z1\M1 = y\M''
Subgoal 2 is:
exists M'', M' = y\M''
subst_var_rsl_clear < search.
Subgoal 2:
Variables: V M M' L Y
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H1 : subst (smcons (Y n1) (L n1))
H3 : app_subst (smcons (Y n1) (L n1)) (M n1) (M' n1)
H4 : smmember (smap n1 V) (L n1) *
============================
exists M'', M' = y\M''
subst_var_rsl_clear < case H3.
Subgoal 2.1:
Variables: V M L M2 V1
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H1 : subst (smcons (smap n2 (V1 n1)) (L n2 n1))
H4 : smmember (smap n1 (V n2)) (L n2 n1) *
H5 : app_subst (L n2 n1) (M (V1 n1) n1) (M2 n1)
============================
exists M'', z2\M2 z2 = y\M''
Subgoal 2.2 is:
exists M'', z1\M1 = y\M''
subst_var_rsl_clear < case H1.
Subgoal 2.1:
Variables: V M L M2 V1
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H4 : smmember (smap n1 (V n2)) (L n2 n1) *
H5 : app_subst (L n2 n1) (M (V1 n1) n1) (M2 n1)
H6 : subst (L n2 n1)
H7 : name n2
H8 : {val (V1 n1)}
H9 : {tm (V1 n1)}
H10 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = V1 n1
============================
exists M'', z2\M2 z2 = y\M''
Subgoal 2.2 is:
exists M'', z1\M1 = y\M''
subst_var_rsl_clear < apply closed_tm_prune to H9.
Subgoal 2.1:
Variables: V M L M2 M'1
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H4 : smmember (smap n1 (V n2)) (L n2 n1) *
H5 : app_subst (L n2 n1) (M M'1 n1) (M2 n1)
H6 : subst (L n2 n1)
H7 : name n2
H8 : {val M'1}
H9 : {tm M'1}
H10 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'1
============================
exists M'', z2\M2 z2 = y\M''
Subgoal 2.2 is:
exists M'', z1\M1 = y\M''
subst_var_rsl_clear < apply IH to H6 H4 H5.
Subgoal 2.1:
Variables: V M L M'1 M''
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H4 : smmember (smap n1 (V n2)) (L n2 n1) *
H5 : app_subst (L n2 n1) (M M'1 n1) M''
H6 : subst (L n2 n1)
H7 : name n2
H8 : {val M'1}
H9 : {tm M'1}
H10 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'1
============================
exists M''1, z2\M'' = y\M''1
Subgoal 2.2 is:
exists M'', z1\M1 = y\M''
subst_var_rsl_clear < search.
Subgoal 2.2:
Variables: V M L M1 V1
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) (M' x) ->
(exists M'', M' = y\M'')
H1 : subst (smcons (smap n1 V1) (L n1))
H4 : smmember (smap n1 V) (L n1) *
H5 : app_subst (L n1) (M V1) M1
============================
exists M'', z1\M1 = y\M''
subst_var_rsl_clear < search.
Proof completed.
Abella < Theorem subst_var_inst :
forall ML V M M', nabla x, subst (ML x) -> smmember (smap x V) (ML x) ->
app_subst (ML x) (M x) M' -> app_subst (ML x) (M V) M'.
============================
forall ML V M M', nabla x, subst (ML x) -> smmember (smap x V) (ML x) ->
app_subst (ML x) (M x) M' -> app_subst (ML x) (M V) M'
subst_var_inst < induction on 2.
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
============================
forall ML V M M', nabla x, subst (ML x) -> smmember (smap x V) (ML x) @ ->
app_subst (ML x) (M x) M' -> app_subst (ML x) (M V) M'
subst_var_inst < intros.
Variables: ML V M M'
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (ML n1)
H2 : smmember (smap n1 V) (ML n1) @
H3 : app_subst (ML n1) (M n1) M'
============================
app_subst (ML n1) (M V) M'
subst_var_inst < apply subst_mem to H1 H2.
Variables: ML V M M'
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (ML n1)
H2 : smmember (smap n1 V) (ML n1) @
H3 : app_subst (ML n1) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
============================
app_subst (ML n1) (M V) M'
subst_var_inst < case H2.
Subgoal 1:
Variables: V M M' L
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (smap n1 V) (L n1))
H3 : app_subst (smcons (smap n1 V) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
============================
app_subst (smcons (smap n1 V) (L n1)) (M V) M'
Subgoal 2 is:
app_subst (smcons (Y n1) (L n1)) (M V) M'
subst_var_inst < unfold.
Subgoal 1:
Variables: V M M' L
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (smap n1 V) (L n1))
H3 : app_subst (smcons (smap n1 V) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
============================
nabla x, app_subst (L x) (M V) M'
Subgoal 2 is:
app_subst (smcons (Y n1) (L n1)) (M V) M'
subst_var_inst < intros.
Subgoal 1:
Variables: V M M' L
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (smap n1 V) (L n1))
H3 : app_subst (smcons (smap n1 V) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
============================
app_subst (L n1) (M V) M'
Subgoal 2 is:
app_subst (smcons (Y n1) (L n1)) (M V) M'
subst_var_inst < case H3.
Subgoal 1:
Variables: V M M' L
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (smap n1 V) (L n1))
H4 : name n1
H5 : {val V}
H6 : {tm V}
H7 : app_subst (L n1) (M V) M'
============================
app_subst (L n1) (M V) M'
Subgoal 2 is:
app_subst (smcons (Y n1) (L n1)) (M V) M'
subst_var_inst < search.
Subgoal 2:
Variables: V M M' L Y
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (Y n1) (L n1))
H3 : app_subst (smcons (Y n1) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
H7 : smmember (smap n1 V) (L n1) *
============================
app_subst (smcons (Y n1) (L n1)) (M V) M'
subst_var_inst < case H3 (keep).
Subgoal 2.1:
Variables: V M L M2 V2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (smap n2 (V2 n1)) (L n2 n1))
H3 : app_subst (smcons (smap n2 (V2 n1)) (L n2 n1)) (M n2 n1) M2
H4 : name n1
H5 : {val (V n2)}
H6 : {tm (V n2)}
H7 : smmember (smap n1 (V n2)) (L n2 n1) *
H8 : app_subst (L n2 n1) (M (V2 n1) n1) M2
============================
app_subst (smcons (smap n2 (V2 n1)) (L n2 n1)) (M n2 (V n2)) M2
Subgoal 2.2 is:
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < case H1.
Subgoal 2.1:
Variables: V M L M2 V2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H3 : app_subst (smcons (smap n2 (V2 n1)) (L n2 n1)) (M n2 n1) M2
H4 : name n1
H5 : {val (V n2)}
H6 : {tm (V n2)}
H7 : smmember (smap n1 (V n2)) (L n2 n1) *
H8 : app_subst (L n2 n1) (M (V2 n1) n1) M2
H9 : subst (L n2 n1)
H10 : name n2
H11 : {val (V2 n1)}
H12 : {tm (V2 n1)}
H13 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = V2 n1
============================
app_subst (smcons (smap n2 (V2 n1)) (L n2 n1)) (M n2 (V n2)) M2
Subgoal 2.2 is:
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < apply closed_tm_prune to H6.
Subgoal 2.1:
Variables: M L M2 V2 M'1
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H3 : app_subst (smcons (smap n2 (V2 n1)) (L n2 n1)) (M n2 n1) M2
H4 : name n1
H5 : {val M'1}
H6 : {tm M'1}
H7 : smmember (smap n1 M'1) (L n2 n1) *
H8 : app_subst (L n2 n1) (M (V2 n1) n1) M2
H9 : subst (L n2 n1)
H10 : name n2
H11 : {val (V2 n1)}
H12 : {tm (V2 n1)}
H13 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = V2 n1
============================
app_subst (smcons (smap n2 (V2 n1)) (L n2 n1)) (M n2 M'1) M2
Subgoal 2.2 is:
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < apply closed_tm_prune to H12.
Subgoal 2.1:
Variables: M L M2 M'1 M'2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H3 : app_subst (smcons (smap n2 M'2) (L n2 n1)) (M n2 n1) M2
H4 : name n1
H5 : {val M'1}
H6 : {tm M'1}
H7 : smmember (smap n1 M'1) (L n2 n1) *
H8 : app_subst (L n2 n1) (M M'2 n1) M2
H9 : subst (L n2 n1)
H10 : name n2
H11 : {val M'2}
H12 : {tm M'2}
H13 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'2
============================
app_subst (smcons (smap n2 M'2) (L n2 n1)) (M n2 M'1) M2
Subgoal 2.2 is:
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < apply IH to H9 H7 H8.
Subgoal 2.1:
Variables: M L M2 M'1 M'2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H3 : app_subst (smcons (smap n2 M'2) (L n2 n1)) (M n2 n1) M2
H4 : name n1
H5 : {val M'1}
H6 : {tm M'1}
H7 : smmember (smap n1 M'1) (L n2 n1) *
H8 : app_subst (L n2 n1) (M M'2 n1) M2
H9 : subst (L n2 n1)
H10 : name n2
H11 : {val M'2}
H12 : {tm M'2}
H13 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'2
H14 : app_subst (L n2 n1) (M M'2 M'1) M2
============================
app_subst (smcons (smap n2 M'2) (L n2 n1)) (M n2 M'1) M2
Subgoal 2.2 is:
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < search.
Subgoal 2.2:
Variables: V M M' L V2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H1 : subst (smcons (smap n1 V2) (L n1))
H3 : app_subst (smcons (smap n1 V2) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
H7 : smmember (smap n1 V) (L n1) *
H8 : app_subst (L n1) (M V2) M'
============================
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < case H1.
Subgoal 2.2:
Variables: V M M' L V2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H3 : app_subst (smcons (smap n1 V2) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V}
H6 : {tm V}
H7 : smmember (smap n1 V) (L n1) *
H8 : app_subst (L n1) (M V2) M'
H9 : subst (L n1)
H10 : name n1
H11 : {val V2}
H12 : {tm V2}
H13 : forall V', smmember (smap n1 V') (L n1) -> V' = V2
============================
app_subst (smcons (smap n1 V2) (L n1)) (M V) M'
subst_var_inst < apply H13 to H7.
Subgoal 2.2:
Variables: M M' L V2
IH : forall ML V M M', nabla x, subst (ML x) ->
smmember (smap x V) (ML x) * -> app_subst (ML x) (M x) M' ->
app_subst (ML x) (M V) M'
H3 : app_subst (smcons (smap n1 V2) (L n1)) (M n1) M'
H4 : name n1
H5 : {val V2}
H6 : {tm V2}
H7 : smmember (smap n1 V2) (L n1) *
H8 : app_subst (L n1) (M V2) M'
H9 : subst (L n1)
H10 : name n1
H11 : {val V2}
H12 : {tm V2}
H13 : forall V', smmember (smap n1 V') (L n1) -> V' = V2
============================
app_subst (smcons (smap n1 V2) (L n1)) (M V2) M'
subst_var_inst < search.
Proof completed.
Abella < Theorem subst_det :
forall ML M M' M'', subst ML -> app_subst ML M M' -> app_subst ML M M'' ->
M' =
M''.
============================
forall ML M M' M'', subst ML -> app_subst ML M M' -> app_subst ML M M'' ->
M' =
M''
subst_det < induction on 1.
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
============================
forall ML M M' M'', subst ML @ -> app_subst ML M M' -> app_subst ML M M'' ->
M' =
M''
subst_det < intros.
Variables: ML M M' M''
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H1 : subst ML @
H2 : app_subst ML M M'
H3 : app_subst ML M M''
============================
M' = M''
subst_det < case H1.
Subgoal 1:
Variables: M M' M''
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H2 : app_subst smnil M M'
H3 : app_subst smnil M M''
============================
M' = M''
Subgoal 2 is:
M' = M''
subst_det < case H2.
Subgoal 1:
Variables: M' M''
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H3 : app_subst smnil M' M''
============================
M' = M''
Subgoal 2 is:
M' = M''
subst_det < case H3.
Subgoal 1:
Variables: M''
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
============================
M'' = M''
Subgoal 2 is:
M' = M''
subst_det < search.
Subgoal 2:
Variables: M M' M'' ML1 V X
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H2 : app_subst (smcons (smap X V) ML1) M M'
H3 : app_subst (smcons (smap X V) ML1) M M''
H4 : subst ML1 *
H5 : name X
H6 : {val V}
H7 : {tm V}
H8 : forall V', smmember (smap X V') ML1 -> V' = V
============================
M' = M''
subst_det < case H2.
Subgoal 2:
Variables: M M'' ML1 M1 V1
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H3 : app_subst (smcons (smap n1 V1) (ML1 n1)) (M n1) (M'' n1)
H4 : subst (ML1 n1) *
H5 : name n1
H6 : {val V1}
H7 : {tm V1}
H8 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = V1
H9 : app_subst (ML1 n1) (M V1) M1
============================
M1 = M'' n1
subst_det < case H3.
Subgoal 2:
Variables: M ML1 M1 V1 M2
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H4 : subst (ML1 n1) *
H5 : name n1
H6 : {val V1}
H7 : {tm V1}
H8 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = V1
H9 : app_subst (ML1 n1) (M V1) M1
H10 : app_subst (ML1 n1) (M V1) M2
============================
M1 = M2
subst_det < apply IH to H4 H9 H10.
Subgoal 2:
Variables: M ML1 V1 M2
IH : forall ML M M' M'', subst ML * -> app_subst ML M M' ->
app_subst ML M M'' -> M' =
M''
H4 : subst (ML1 n1) *
H5 : name n1
H6 : {val V1}
H7 : {tm V1}
H8 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = V1
H9 : app_subst (ML1 n1) (M V1) M2
H10 : app_subst (ML1 n1) (M V1) M2
============================
M2 = M2
subst_det < search.
Proof completed.
Abella < Theorem subst_closed_tm_eq :
forall M ML M', {tm M} -> app_subst ML M M' -> M = M'.
============================
forall M ML M', {tm M} -> app_subst ML M M' -> M = M'
subst_closed_tm_eq < induction on 2.
IH : forall M ML M', {tm M} -> app_subst ML M M' * -> M = M'
============================
forall M ML M', {tm M} -> app_subst ML M M' @ -> M = M'
subst_closed_tm_eq < intros.
Variables: M ML M'
IH : forall M ML M', {tm M} -> app_subst ML M M' * -> M = M'
H1 : {tm M}
H2 : app_subst ML M M' @
============================
M = M'
subst_closed_tm_eq < case H2.
Subgoal 1:
Variables: M'
IH : forall M ML M', {tm M} -> app_subst ML M M' * -> M = M'
H1 : {tm M'}
============================
M' = M'
Subgoal 2 is:
M n1 = M1
subst_closed_tm_eq < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall M ML M', {tm M} -> app_subst ML M M' * -> M = M'
H1 : {tm (M n1)}
H3 : app_subst (ML1 n1) (M V) M1 *
============================
M n1 = M1
subst_closed_tm_eq < apply closed_tm_prune to H1.
Subgoal 2:
Variables: M1 ML1 V M'1
IH : forall M ML M', {tm M} -> app_subst ML M M' * -> M = M'
H1 : {tm M'1}
H3 : app_subst (ML1 n1) M'1 M1 *
============================
M'1 = M1
subst_closed_tm_eq < apply IH to _ H3.
Subgoal 2:
Variables: M1 ML1 V
IH : forall M ML M', {tm M} -> app_subst ML M M' * -> M = M'
H1 : {tm M1}
H3 : app_subst (ML1 n1) M1 M1 *
============================
M1 = M1
subst_closed_tm_eq < search.
Proof completed.
Abella < Theorem subst_closed_tm :
forall M ML, {tm M} -> subst ML -> app_subst ML M M.
============================
forall M ML, {tm M} -> subst ML -> app_subst ML M M
subst_closed_tm < induction on 2.
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
============================
forall M ML, {tm M} -> subst ML @ -> app_subst ML M M
subst_closed_tm < intros.
Variables: M ML
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm M}
H2 : subst ML @
============================
app_subst ML M M
subst_closed_tm < case H2.
Subgoal 1:
Variables: M
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm M}
============================
app_subst smnil M M
Subgoal 2 is:
app_subst (smcons (smap X V) ML1) M M
subst_closed_tm < search.
Subgoal 2:
Variables: M ML1 V X
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm M}
H3 : subst ML1 *
H4 : name X
H5 : {val V}
H6 : {tm V}
H7 : forall V', smmember (smap X V') ML1 -> V' = V
============================
app_subst (smcons (smap X V) ML1) M M
subst_closed_tm < case H4.
Subgoal 2:
Variables: M ML1 V
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm (M n1)}
H3 : subst (ML1 n1) *
H5 : {val (V n1)}
H6 : {tm (V n1)}
H7 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = V n1
============================
app_subst (smcons (smap n1 (V n1)) (ML1 n1)) (M n1) (M n1)
subst_closed_tm < apply closed_tm_prune to H1.
Subgoal 2:
Variables: ML1 V M'
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm M'}
H3 : subst (ML1 n1) *
H5 : {val (V n1)}
H6 : {tm (V n1)}
H7 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = V n1
============================
app_subst (smcons (smap n1 (V n1)) (ML1 n1)) M' M'
subst_closed_tm < apply closed_tm_prune to H6.
Subgoal 2:
Variables: ML1 M' M'1
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm M'}
H3 : subst (ML1 n1) *
H5 : {val M'1}
H6 : {tm M'1}
H7 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = M'1
============================
app_subst (smcons (smap n1 M'1) (ML1 n1)) M' M'
subst_closed_tm < apply IH to H1 H3.
Subgoal 2:
Variables: ML1 M' M'1
IH : forall M ML, {tm M} -> subst ML * -> app_subst ML M M
H1 : {tm M'}
H3 : subst (ML1 n1) *
H5 : {val M'1}
H6 : {tm M'1}
H7 : forall V', smmember (smap n1 V') (ML1 n1) -> V' = M'1
H8 : app_subst (ML1 n1) M' M'
============================
app_subst (smcons (smap n1 M'1) (ML1 n1)) M' M'
subst_closed_tm < search.
Proof completed.
Abella < Theorem subst_var :
forall V ML X, subst ML -> smmember (smap X V) ML -> app_subst ML X V.
============================
forall V ML X, subst ML -> smmember (smap X V) ML -> app_subst ML X V
subst_var < induction on 2.
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
============================
forall V ML X, subst ML -> smmember (smap X V) ML @ -> app_subst ML X V
subst_var < intros.
Variables: V ML X
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H1 : subst ML
H2 : smmember (smap X V) ML @
============================
app_subst ML X V
subst_var < case H2.
Subgoal 1:
Variables: V X L
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H1 : subst (smcons (smap X V) L)
============================
app_subst (smcons (smap X V) L) X V
Subgoal 2 is:
app_subst (smcons Y L) X V
subst_var < case H1.
Subgoal 1:
Variables: V X L
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : subst L
H4 : name X
H5 : {val V}
H6 : {tm V}
H7 : forall V', smmember (smap X V') L -> V' = V
============================
app_subst (smcons (smap X V) L) X V
Subgoal 2 is:
app_subst (smcons Y L) X V
subst_var < case H4.
Subgoal 1:
Variables: V L
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : subst (L n1)
H5 : {val (V n1)}
H6 : {tm (V n1)}
H7 : forall V', smmember (smap n1 V') (L n1) -> V' = V n1
============================
app_subst (smcons (smap n1 (V n1)) (L n1)) n1 (V n1)
Subgoal 2 is:
app_subst (smcons Y L) X V
subst_var < apply closed_tm_prune to H6.
Subgoal 1:
Variables: L M'
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : subst (L n1)
H5 : {val M'}
H6 : {tm M'}
H7 : forall V', smmember (smap n1 V') (L n1) -> V' = M'
============================
app_subst (smcons (smap n1 M') (L n1)) n1 M'
Subgoal 2 is:
app_subst (smcons Y L) X V
subst_var < unfold.
Subgoal 1:
Variables: L M'
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : subst (L n1)
H5 : {val M'}
H6 : {tm M'}
H7 : forall V', smmember (smap n1 V') (L n1) -> V' = M'
============================
nabla x, app_subst (L x) M' M'
Subgoal 2 is:
app_subst (smcons Y L) X V
subst_var < intros.
Subgoal 1:
Variables: L M'
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : subst (L n1)
H5 : {val M'}
H6 : {tm M'}
H7 : forall V', smmember (smap n1 V') (L n1) -> V' = M'
============================
app_subst (L n1) M' M'
Subgoal 2 is:
app_subst (smcons Y L) X V
subst_var < backchain subst_closed_tm.
Subgoal 2:
Variables: V X L Y
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H1 : subst (smcons Y L)
H3 : smmember (smap X V) L *
============================
app_subst (smcons Y L) X V
subst_var < case H1.
Subgoal 2:
Variables: V X L V1 X1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap X V) L *
H4 : subst L
H5 : name X1
H6 : {val V1}
H7 : {tm V1}
H8 : forall V', smmember (smap X1 V') L -> V' = V1
============================
app_subst (smcons (smap X1 V1) L) X V
subst_var < apply subst_mem to H4 H3.
Subgoal 2:
Variables: L V1 X1 X2 V2
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap X2 V2) L *
H4 : subst L
H5 : name X1
H6 : {val V1}
H7 : {tm V1}
H8 : forall V', smmember (smap X1 V') L -> V' = V1
H9 : name X2
H10 : {val V2}
H11 : {tm V2}
============================
app_subst (smcons (smap X1 V1) L) X2 V2
subst_var < case H9.
Subgoal 2:
Variables: L V1 X1 V2
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 (V2 n1)) (L n1) *
H4 : subst (L n1)
H5 : name (X1 n1)
H6 : {val (V1 n1)}
H7 : {tm (V1 n1)}
H8 : forall V', smmember (smap (X1 n1) V') (L n1) -> V' = V1 n1
H10 : {val (V2 n1)}
H11 : {tm (V2 n1)}
============================
app_subst (smcons (smap (X1 n1) (V1 n1)) (L n1)) n1 (V2 n1)
subst_var < apply closed_tm_prune to H11.
Subgoal 2:
Variables: L V1 X1 M'
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M') (L n1) *
H4 : subst (L n1)
H5 : name (X1 n1)
H6 : {val (V1 n1)}
H7 : {tm (V1 n1)}
H8 : forall V', smmember (smap (X1 n1) V') (L n1) -> V' = V1 n1
H10 : {val M'}
H11 : {tm M'}
============================
app_subst (smcons (smap (X1 n1) (V1 n1)) (L n1)) n1 M'
subst_var < apply closed_tm_prune to H7.
Subgoal 2:
Variables: L X1 M' M'1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M') (L n1) *
H4 : subst (L n1)
H5 : name (X1 n1)
H6 : {val M'1}
H7 : {tm M'1}
H8 : forall V', smmember (smap (X1 n1) V') (L n1) -> V' = M'1
H10 : {val M'}
H11 : {tm M'}
============================
app_subst (smcons (smap (X1 n1) M'1) (L n1)) n1 M'
subst_var < case H5.
Subgoal 2.1:
Variables: L M' M'1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 (M' n2)) (L n2 n1) *
H4 : subst (L n2 n1)
H6 : {val (M'1 n2)}
H7 : {tm (M'1 n2)}
H8 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'1 n2
H10 : {val (M' n2)}
H11 : {tm (M' n2)}
============================
app_subst (smcons (smap n2 (M'1 n2)) (L n2 n1)) n1 (M' n2)
Subgoal 2.2 is:
app_subst (smcons (smap n1 M'1) (L n1)) n1 M'
subst_var < apply closed_tm_prune to H11.
Subgoal 2.1:
Variables: L M'1 M'2
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M'2) (L n2 n1) *
H4 : subst (L n2 n1)
H6 : {val (M'1 n2)}
H7 : {tm (M'1 n2)}
H8 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'1 n2
H10 : {val M'2}
H11 : {tm M'2}
============================
app_subst (smcons (smap n2 (M'1 n2)) (L n2 n1)) n1 M'2
Subgoal 2.2 is:
app_subst (smcons (smap n1 M'1) (L n1)) n1 M'
subst_var < apply closed_tm_prune to H7.
Subgoal 2.1:
Variables: L M'2 M'3
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M'2) (L n2 n1) *
H4 : subst (L n2 n1)
H6 : {val M'3}
H7 : {tm M'3}
H8 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'3
H10 : {val M'2}
H11 : {tm M'2}
============================
app_subst (smcons (smap n2 M'3) (L n2 n1)) n1 M'2
Subgoal 2.2 is:
app_subst (smcons (smap n1 M'1) (L n1)) n1 M'
subst_var < apply IH to H4 H3.
Subgoal 2.1:
Variables: L M'2 M'3
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M'2) (L n2 n1) *
H4 : subst (L n2 n1)
H6 : {val M'3}
H7 : {tm M'3}
H8 : forall V', smmember (smap n2 V') (L n2 n1) -> V' = M'3
H10 : {val M'2}
H11 : {tm M'2}
H12 : app_subst (L n2 n1) n1 M'2
============================
app_subst (smcons (smap n2 M'3) (L n2 n1)) n1 M'2
Subgoal 2.2 is:
app_subst (smcons (smap n1 M'1) (L n1)) n1 M'
subst_var < search.
Subgoal 2.2:
Variables: L M' M'1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M') (L n1) *
H4 : subst (L n1)
H6 : {val M'1}
H7 : {tm M'1}
H8 : forall V', smmember (smap n1 V') (L n1) -> V' = M'1
H10 : {val M'}
H11 : {tm M'}
============================
app_subst (smcons (smap n1 M'1) (L n1)) n1 M'
subst_var < apply H8 to H3.
Subgoal 2.2:
Variables: L M'1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M'1) (L n1) *
H4 : subst (L n1)
H6 : {val M'1}
H7 : {tm M'1}
H8 : forall V', smmember (smap n1 V') (L n1) -> V' = M'1
H10 : {val M'1}
H11 : {tm M'1}
============================
app_subst (smcons (smap n1 M'1) (L n1)) n1 M'1
subst_var < unfold.
Subgoal 2.2:
Variables: L M'1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M'1) (L n1) *
H4 : subst (L n1)
H6 : {val M'1}
H7 : {tm M'1}
H8 : forall V', smmember (smap n1 V') (L n1) -> V' = M'1
H10 : {val M'1}
H11 : {tm M'1}
============================
nabla x, app_subst (L x) M'1 M'1
subst_var < intros.
Subgoal 2.2:
Variables: L M'1
IH : forall V ML X, subst ML -> smmember (smap X V) ML * -> app_subst ML X V
H3 : smmember (smap n1 M'1) (L n1) *
H4 : subst (L n1)
H6 : {val M'1}
H7 : {tm M'1}
H8 : forall V', smmember (smap n1 V') (L n1) -> V' = M'1
H10 : {val M'1}
H11 : {tm M'1}
============================
app_subst (L n1) M'1 M'1
subst_var < backchain subst_closed_tm.
Proof completed.
Abella < Theorem subst_var_eq :
forall V ML E X, subst ML -> smmember (smap X V) ML -> app_subst ML X E ->
E =
V.
============================
forall V ML E X, subst ML -> smmember (smap X V) ML -> app_subst ML X E ->
E =
V
subst_var_eq < intros.
Variables: V ML E X
H1 : subst ML
H2 : smmember (smap X V) ML
H3 : app_subst ML X E
============================
E = V
subst_var_eq < apply subst_var to H1 H2.
Variables: V ML E X
H1 : subst ML
H2 : smmember (smap X V) ML
H3 : app_subst ML X E
H4 : app_subst ML X V
============================
E = V
subst_var_eq < apply subst_det to H1 H3 H4.
Variables: V ML X
H1 : subst ML
H2 : smmember (smap X V) ML
H3 : app_subst ML X V
H4 : app_subst ML X V
============================
V = V
subst_var_eq < search.
Proof completed.
Abella < Theorem subst_inst :
forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) ->
app_subst ML (M V) (M' V).
============================
forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) ->
app_subst ML (M V) (M' V)
subst_inst < induction on 2.
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
============================
forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) @ ->
app_subst ML (M V) (M' V)
subst_inst < intros.
Variables: ML M M' V
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm V}
H2 : app_subst ML (M n1) (M' n1) @
============================
app_subst ML (M V) (M' V)
subst_inst < case H2.
Subgoal 1:
Variables: M' V
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm V}
============================
app_subst smnil (M' V) (M' V)
Subgoal 2 is:
app_subst (smcons (smap n2 ML2) (ML3 n2)) (M n2 (V n2)) (M2 (V n2))
subst_inst < search.
Subgoal 2:
Variables: M V M2 ML3 ML2
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm (V n2)}
H3 : app_subst (ML3 n2) (M ML2 n1) (M2 n1) *
============================
app_subst (smcons (smap n2 ML2) (ML3 n2)) (M n2 (V n2)) (M2 (V n2))
subst_inst < apply closed_tm_prune to H1.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_subst (ML3 n2) (M ML2 n1) (M2 n1) *
============================
app_subst (smcons (smap n2 ML2) (ML3 n2)) (M n2 M'1) (M2 M'1)
subst_inst < unfold.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_subst (ML3 n2) (M ML2 n1) (M2 n1) *
============================
nabla x, app_subst (ML3 x) (M ML2 M'1) (M2 M'1)
subst_inst < intros.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_subst (ML3 n2) (M ML2 n1) (M2 n1) *
============================
app_subst (ML3 n1) (M ML2 M'1) (M2 M'1)
subst_inst < apply IH to H1 H3.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm V} -> app_subst ML (M x) (M' x) * ->
app_subst ML (M V) (M' V)
H1 : {tm M'1}
H3 : app_subst (ML3 n2) (M ML2 n1) (M2 n1) *
H4 : app_subst (ML3 n2) (M ML2 M'1) (M2 M'1)
============================
app_subst (ML3 n1) (M ML2 M'1) (M2 M'1)
subst_inst < search.
Proof completed.
Abella < Theorem explct_meta_subst_comm :
forall ML M E V, nabla n, {tm V} -> app_subst ML (M n) (E n) ->
app_subst (smcons (smap n V) ML) (M n) (E V).
============================
forall ML M E V, nabla n, {tm V} -> app_subst ML (M n) (E n) ->
app_subst (smcons (smap n V) ML) (M n) (E V)
explct_meta_subst_comm < intros.
Variables: ML M E V
H1 : {tm V}
H2 : app_subst ML (M n1) (E n1)
============================
app_subst (smcons (smap n1 V) ML) (M n1) (E V)
explct_meta_subst_comm < unfold.
Variables: ML M E V
H1 : {tm V}
H2 : app_subst ML (M n1) (E n1)
============================
nabla x, app_subst ML (M V) (E V)
explct_meta_subst_comm < intros.
Variables: ML M E V
H1 : {tm V}
H2 : app_subst ML (M n1) (E n1)
============================
app_subst ML (M V) (E V)
explct_meta_subst_comm < backchain subst_inst with M = M, M' = E, x = n1.
Proof completed.
Abella < Define vars_in_subst : tm_list -> smap_list -> prop by
vars_in_subst snil ML;
vars_in_subst (scons X Vs) ML := vars_in_subst Vs ML /\ (exists V, smmember (smap X V) ML).
Abella < Theorem vars_in_subst_extend :
forall Vs L E, vars_in_subst Vs L -> vars_in_subst Vs (smcons E L).
============================
forall Vs L E, vars_in_subst Vs L -> vars_in_subst Vs (smcons E L)
vars_in_subst_extend < induction on 1.
IH : forall Vs L E, vars_in_subst Vs L * -> vars_in_subst Vs (smcons E L)
============================
forall Vs L E, vars_in_subst Vs L @ -> vars_in_subst Vs (smcons E L)
vars_in_subst_extend < intros.
Variables: Vs L E
IH : forall Vs L E, vars_in_subst Vs L * -> vars_in_subst Vs (smcons E L)
H1 : vars_in_subst Vs L @
============================
vars_in_subst Vs (smcons E L)
vars_in_subst_extend < case H1.
Subgoal 1:
Variables: L E
IH : forall Vs L E, vars_in_subst Vs L * -> vars_in_subst Vs (smcons E L)
============================
vars_in_subst snil (smcons E L)
Subgoal 2 is:
vars_in_subst (scons X Vs1) (smcons E L)
vars_in_subst_extend < search.
Subgoal 2:
Variables: L E V Vs1 X
IH : forall Vs L E, vars_in_subst Vs L * -> vars_in_subst Vs (smcons E L)
H2 : vars_in_subst Vs1 L *
H3 : smmember (smap X V) L
============================
vars_in_subst (scons X Vs1) (smcons E L)
vars_in_subst_extend < apply IH to H2 with E = E.
Subgoal 2:
Variables: L E V Vs1 X
IH : forall Vs L E, vars_in_subst Vs L * -> vars_in_subst Vs (smcons E L)
H2 : vars_in_subst Vs1 L *
H3 : smmember (smap X V) L
H4 : vars_in_subst Vs1 (smcons E L)
============================
vars_in_subst (scons X Vs1) (smcons E L)
vars_in_subst_extend < search.
Proof completed.
Abella < Theorem subst_result_closed_tm :
forall ML L M M' Vs, subst ML -> tm_ctx L -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}.
============================
forall ML L M M' Vs, subst ML -> tm_ctx L -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
subst_result_closed_tm < induction on 2.
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
============================
forall ML L M M' Vs, subst ML -> tm_ctx L @ -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
subst_result_closed_tm < intros.
Variables: ML L M M' Vs
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H2 : tm_ctx L @
H3 : {L |- tm M}
H4 : vars_of_tm_ctx L Vs
H5 : vars_in_subst Vs ML
H6 : app_subst ML M M'
============================
{tm M'}
subst_result_closed_tm < case H2.
Subgoal 1:
Variables: ML M M' Vs
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {tm M}
H4 : vars_of_tm_ctx nil Vs
H5 : vars_in_subst Vs ML
H6 : app_subst ML M M'
============================
{tm M'}
Subgoal 2 is:
{tm M'}
subst_result_closed_tm < case H4.
Subgoal 1:
Variables: ML M M'
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {tm M}
H5 : vars_in_subst snil ML
H6 : app_subst ML M M'
============================
{tm M'}
Subgoal 2 is:
{tm M'}
subst_result_closed_tm < case H5.
Subgoal 1:
Variables: ML M M'
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {tm M}
H6 : app_subst ML M M'
============================
{tm M'}
Subgoal 2 is:
{tm M'}
subst_result_closed_tm < apply subst_closed_tm_eq to _ H6.
Subgoal 1:
Variables: ML M'
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {tm M'}
H6 : app_subst ML M' M'
============================
{tm M'}
Subgoal 2 is:
{tm M'}
subst_result_closed_tm < search.
Subgoal 2:
Variables: ML M M' Vs L1 X
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {L1, tm X |- tm M}
H4 : vars_of_tm_ctx (tm X :: L1) Vs
H5 : vars_in_subst Vs ML
H6 : app_subst ML M M'
H7 : tm_ctx L1 *
H8 : name X
============================
{tm M'}
subst_result_closed_tm < case H4.
Subgoal 2:
Variables: ML M M' L1 X L'
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {L1, tm X |- tm M}
H5 : vars_in_subst (scons X L') ML
H6 : app_subst ML M M'
H7 : tm_ctx L1 *
H8 : name X
H9 : vars_of_tm_ctx L1 L'
============================
{tm M'}
subst_result_closed_tm < case H5.
Subgoal 2:
Variables: ML M M' L1 X L' V
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {L1, tm X |- tm M}
H6 : app_subst ML M M'
H7 : tm_ctx L1 *
H8 : name X
H9 : vars_of_tm_ctx L1 L'
H10 : vars_in_subst L' ML
H11 : smmember (smap X V) ML
============================
{tm M'}
subst_result_closed_tm < apply subst_mem to _ H11.
Subgoal 2:
Variables: ML M M' L1 L' X1 V1
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst ML
H3 : {L1, tm X1 |- tm M}
H6 : app_subst ML M M'
H7 : tm_ctx L1 *
H8 : name X1
H9 : vars_of_tm_ctx L1 L'
H10 : vars_in_subst L' ML
H11 : smmember (smap X1 V1) ML
H12 : name X1
H13 : {val V1}
H14 : {tm V1}
============================
{tm M'}
subst_result_closed_tm < case H8.
Subgoal 2:
Variables: ML M M' L1 L' V1
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst (ML n1)
H3 : {L1 n1, tm n1 |- tm (M n1)}
H6 : app_subst (ML n1) (M n1) (M' n1)
H7 : tm_ctx (L1 n1) *
H9 : vars_of_tm_ctx (L1 n1) (L' n1)
H10 : vars_in_subst (L' n1) (ML n1)
H11 : smmember (smap n1 (V1 n1)) (ML n1)
H12 : name n1
H13 : {val (V1 n1)}
H14 : {tm (V1 n1)}
============================
{tm (M' n1)}
subst_result_closed_tm < apply closed_tm_prune to H14.
Subgoal 2:
Variables: ML M M' L1 L' M'1
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst (ML n1)
H3 : {L1 n1, tm n1 |- tm (M n1)}
H6 : app_subst (ML n1) (M n1) (M' n1)
H7 : tm_ctx (L1 n1) *
H9 : vars_of_tm_ctx (L1 n1) (L' n1)
H10 : vars_in_subst (L' n1) (ML n1)
H11 : smmember (smap n1 M'1) (ML n1)
H12 : name n1
H13 : {val M'1}
H14 : {tm M'1}
============================
{tm (M' n1)}
subst_result_closed_tm < apply tm_cut to _ H7 H3.
Subgoal 2:
Variables: ML M M' L1 L' M'1
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst (ML n1)
H3 : {L1 n1, tm n1 |- tm (M n1)}
H6 : app_subst (ML n1) (M n1) (M' n1)
H7 : tm_ctx (L1 n1) *
H9 : vars_of_tm_ctx (L1 n1) (L' n1)
H10 : vars_in_subst (L' n1) (ML n1)
H11 : smmember (smap n1 M'1) (ML n1)
H12 : name n1
H13 : {val M'1}
H14 : {tm M'1}
H15 : {L1 n1 |- tm (M M'1)}
============================
{tm (M' n1)}
subst_result_closed_tm < apply subst_var_rsl_clear to _ H11 H6.
Subgoal 2:
Variables: ML M L1 L' M'1 M''
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst (ML n1)
H3 : {L1 n1, tm n1 |- tm (M n1)}
H6 : app_subst (ML n1) (M n1) M''
H7 : tm_ctx (L1 n1) *
H9 : vars_of_tm_ctx (L1 n1) (L' n1)
H10 : vars_in_subst (L' n1) (ML n1)
H11 : smmember (smap n1 M'1) (ML n1)
H12 : name n1
H13 : {val M'1}
H14 : {tm M'1}
H15 : {L1 n1 |- tm (M M'1)}
============================
{tm M''}
subst_result_closed_tm < apply subst_var_inst to _ H11 H6.
Subgoal 2:
Variables: ML M L1 L' M'1 M''
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst (ML n1)
H3 : {L1 n1, tm n1 |- tm (M n1)}
H6 : app_subst (ML n1) (M n1) M''
H7 : tm_ctx (L1 n1) *
H9 : vars_of_tm_ctx (L1 n1) (L' n1)
H10 : vars_in_subst (L' n1) (ML n1)
H11 : smmember (smap n1 M'1) (ML n1)
H12 : name n1
H13 : {val M'1}
H14 : {tm M'1}
H15 : {L1 n1 |- tm (M M'1)}
H16 : app_subst (ML n1) (M M'1) M''
============================
{tm M''}
subst_result_closed_tm < apply IH to H1 H7 H15 _ _ H16.
Subgoal 2:
Variables: ML M L1 L' M'1 M''
IH : forall ML L M M' Vs, subst ML -> tm_ctx L * -> {L |- tm M} ->
vars_of_tm_ctx L Vs -> vars_in_subst Vs ML -> app_subst ML M M' ->
{tm M'}
H1 : subst (ML n1)
H3 : {L1 n1, tm n1 |- tm (M n1)}
H6 : app_subst (ML n1) (M n1) M''
H7 : tm_ctx (L1 n1) *
H9 : vars_of_tm_ctx (L1 n1) (L' n1)
H10 : vars_in_subst (L' n1) (ML n1)
H11 : smmember (smap n1 M'1) (ML n1)
H12 : name n1
H13 : {val M'1}
H14 : {tm M'1}
H15 : {L1 n1 |- tm (M M'1)}
H16 : app_subst (ML n1) (M M'1) M''
H17 : {tm M''}
============================
{tm M''}
subst_result_closed_tm < search.
Proof completed.
Abella < Theorem app_subst_pred_comm :
forall ML M M', app_subst ML (pred M) M' ->
(exists M'', M' = pred M'' /\ app_subst ML M M'').
============================
forall ML M M', app_subst ML (pred M) M' ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
app_subst_pred_comm < induction on 1.
IH : forall ML M M', app_subst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
============================
forall ML M M', app_subst ML (pred M) M' @ ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
app_subst_pred_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_subst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
H1 : app_subst ML (pred M) M' @
============================
exists M'', M' = pred M'' /\ app_subst ML M M''
app_subst_pred_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_subst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
============================
exists M'', pred M = pred M'' /\ app_subst smnil M M''
Subgoal 2 is:
exists M'', M1 = pred M'' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M''
app_subst_pred_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
H2 : app_subst (ML1 n1) (pred (M V)) M1 *
============================
exists M'', M1 = pred M'' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M''
app_subst_pred_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M2
IH : forall ML M M', app_subst ML (pred M) M' * ->
(exists M'', M' = pred M'' /\ app_subst ML M M'')
H2 : app_subst (ML1 n1) (pred (M V)) (pred M2) *
H3 : app_subst (ML1 n1) (M V) M2
============================
exists M'', pred M2 = pred M'' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M''
app_subst_pred_comm < search.
Proof completed.
Abella < Theorem app_subst_ifz_comm :
forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2').
============================
forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
app_subst_ifz_comm < induction on 1.
IH : forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
============================
forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 @ ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
app_subst_ifz_comm < intros.
Variables: ML M M1 M2 M3
IH : forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
H1 : app_subst ML (ifz M M1 M2) M3 @
============================
exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2'
app_subst_ifz_comm < case H1.
Subgoal 1:
Variables: M M1 M2
IH : forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
============================
exists M' M1' M2', ifz M M1 M2 = ifz M' M1' M2' /\ app_subst smnil M M' /\
app_subst smnil M1 M1' /\ app_subst smnil M2 M2'
Subgoal 2 is:
exists M' M1' M2', M4 = ifz M' M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_ifz_comm < search.
Subgoal 2:
Variables: M M1 M2 M4 ML1 V
IH : forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (ifz (M V) (M1 V) (M2 V)) M4 *
============================
exists M' M1' M2', M4 = ifz M' M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_ifz_comm < apply IH to H2.
Subgoal 2:
Variables: M M1 M2 ML1 V M7 M6 M5
IH : forall ML M M1 M2 M3, app_subst ML (ifz M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz M' M1' M2' /\ app_subst ML M M' /\
app_subst ML M1 M1' /\ app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (ifz (M V) (M1 V) (M2 V)) (ifz M5 M6 M7) *
H3 : app_subst (ML1 n1) (M V) M5
H4 : app_subst (ML1 n1) (M1 V) M6
H5 : app_subst (ML1 n1) (M2 V) M7
============================
exists M' M1' M2', ifz M5 M6 M7 = ifz M' M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_ifz_comm < search.
Proof completed.
Abella < Theorem app_subst_let_comm :
forall ML M R M', app_subst ML (let M R) M' ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x))).
============================
forall ML M R M', app_subst ML (let M R) M' ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
app_subst_let_comm < induction on 1.
IH : forall ML M R M', app_subst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
============================
forall ML M R M', app_subst ML (let M R) M' @ ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
app_subst_let_comm < intros.
Variables: ML M R M'
IH : forall ML M R M', app_subst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
H1 : app_subst ML (let M R) M' @
============================
exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x))
app_subst_let_comm < case H1.
Subgoal 1:
Variables: M R
IH : forall ML M R M', app_subst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
============================
exists M1 R1, let M R = let M1 R1 /\ app_subst smnil M M1 /\
(nabla x, app_subst smnil (R x) (R1 x))
Subgoal 2 is:
exists M2 R1, M1 = let M2 R1 /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M2 /\
(nabla x, app_subst (smcons (smap n1 V) (ML1 n1)) (R n1 x) (R1 x))
app_subst_let_comm < search.
Subgoal 2:
Variables: M R M1 ML1 V
IH : forall ML M R M', app_subst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
H2 : app_subst (ML1 n1) (let (M V) (R V)) M1 *
============================
exists M2 R1, M1 = let M2 R1 /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M2 /\
(nabla x, app_subst (smcons (smap n1 V) (ML1 n1)) (R n1 x) (R1 x))
app_subst_let_comm < apply IH to H2.
Subgoal 2:
Variables: M R ML1 V M4 M3
IH : forall ML M R M', app_subst ML (let M R) M' * ->
(exists M1 R1, M' = let M1 R1 /\ app_subst ML M M1 /\
(nabla x, app_subst ML (R x) (R1 x)))
H2 : app_subst (ML1 n1) (let (M V) (R V)) (let M3 M4) *
H3 : app_subst (ML1 n1) (M V) M3
H4 : app_subst (ML1 n1) (R V n2) (M4 n2)
============================
exists M2 R1, let M3 M4 = let M2 R1 /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M2 /\
(nabla x, app_subst (smcons (smap n1 V) (ML1 n1)) (R n1 x) (R1 x))
app_subst_let_comm < search.
Proof completed.
Abella < Theorem app_subst_fix_comm :
forall ML R M', app_subst ML (fix R) M' ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x))).
============================
forall ML R M', app_subst ML (fix R) M' ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
app_subst_fix_comm < induction on 1.
IH : forall ML R M', app_subst ML (fix R) M' * ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
============================
forall ML R M', app_subst ML (fix R) M' @ ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
app_subst_fix_comm < intros.
Variables: ML R M'
IH : forall ML R M', app_subst ML (fix R) M' * ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
H1 : app_subst ML (fix R) M' @
============================
exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x))
app_subst_fix_comm < case H1.
Subgoal 1:
Variables: R
IH : forall ML R M', app_subst ML (fix R) M' * ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
============================
exists R', fix R = fix R' /\ (nabla f x, app_subst smnil (R f x) (R' f x))
Subgoal 2 is:
exists R', M = fix R' /\
(nabla f x, app_subst (smcons (smap n1 V) (ML1 n1)) (R n1 f x) (R' f x))
app_subst_fix_comm < search.
Subgoal 2:
Variables: R M ML1 V
IH : forall ML R M', app_subst ML (fix R) M' * ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
H2 : app_subst (ML1 n1) (fix (R V)) M *
============================
exists R', M = fix R' /\
(nabla f x, app_subst (smcons (smap n1 V) (ML1 n1)) (R n1 f x) (R' f x))
app_subst_fix_comm < apply IH to H2.
Subgoal 2:
Variables: R ML1 V M1
IH : forall ML R M', app_subst ML (fix R) M' * ->
(exists R', M' = fix R' /\ (nabla f x, app_subst ML (R f x) (R' f x)))
H2 : app_subst (ML1 n1) (fix (R V)) (fix M1) *
H3 : app_subst (ML1 n1) (R V n2 n3) (M1 n2 n3)
============================
exists R', fix M1 = fix R' /\
(nabla f x, app_subst (smcons (smap n1 V) (ML1 n1)) (R n1 f x) (R' f x))
app_subst_fix_comm < search.
Proof completed.
Abella < Theorem app_subst_app_comm :
forall ML M1 M2 M', app_subst ML (app M1 M2) M' ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2').
============================
forall ML M1 M2 M', app_subst ML (app M1 M2) M' ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
app_subst_app_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
============================
forall ML M1 M2 M', app_subst ML (app M1 M2) M' @ ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
app_subst_app_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H1 : app_subst ML (app M1 M2) M' @
============================
exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2'
app_subst_app_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
============================
exists M1' M2', app M1 M2 = app M1' M2' /\ app_subst smnil M1 M1' /\
app_subst smnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = app M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_app_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (app (M1 V) (M2 V)) M *
============================
exists M1' M2', M = app M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_app_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M4 M3
IH : forall ML M1 M2 M', app_subst ML (app M1 M2) M' * ->
(exists M1' M2', M' = app M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (app (M1 V) (M2 V)) (app M3 M4) *
H3 : app_subst (ML1 n1) (M1 V) M3
H4 : app_subst (ML1 n1) (M2 V) M4
============================
exists M1' M2', app M3 M4 = app M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_app_comm < search.
Proof completed.
Abella < Theorem app_subst_plus_comm :
forall ML M1 M2 M', app_subst ML (plus M1 M2) M' ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2').
============================
forall ML M1 M2 M', app_subst ML (plus M1 M2) M' ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
app_subst_plus_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
============================
forall ML M1 M2 M', app_subst ML (plus M1 M2) M' @ ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
app_subst_plus_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H1 : app_subst ML (plus M1 M2) M' @
============================
exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2'
app_subst_plus_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
============================
exists M1' M2', plus M1 M2 = plus M1' M2' /\ app_subst smnil M1 M1' /\
app_subst smnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = plus M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_plus_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (plus (M1 V) (M2 V)) M *
============================
exists M1' M2', M = plus M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_plus_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M4 M3
IH : forall ML M1 M2 M', app_subst ML (plus M1 M2) M' * ->
(exists M1' M2', M' = plus M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (plus (M1 V) (M2 V)) (plus M3 M4) *
H3 : app_subst (ML1 n1) (M1 V) M3
H4 : app_subst (ML1 n1) (M2 V) M4
============================
exists M1' M2', plus M3 M4 = plus M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_plus_comm < search.
Proof completed.
Abella < Theorem app_subst_pair_comm :
forall ML M1 M2 M', app_subst ML (pair M1 M2) M' ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2').
============================
forall ML M1 M2 M', app_subst ML (pair M1 M2) M' ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
app_subst_pair_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
============================
forall ML M1 M2 M', app_subst ML (pair M1 M2) M' @ ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
app_subst_pair_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H1 : app_subst ML (pair M1 M2) M' @
============================
exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2'
app_subst_pair_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
============================
exists M1' M2', pair M1 M2 = pair M1' M2' /\ app_subst smnil M1 M1' /\
app_subst smnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = pair M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_pair_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (pair (M1 V) (M2 V)) M *
============================
exists M1' M2', M = pair M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_pair_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M4 M3
IH : forall ML M1 M2 M', app_subst ML (pair M1 M2) M' * ->
(exists M1' M2', M' = pair M1' M2' /\ app_subst ML M1 M1' /\
app_subst ML M2 M2')
H2 : app_subst (ML1 n1) (pair (M1 V) (M2 V)) (pair M3 M4) *
H3 : app_subst (ML1 n1) (M1 V) M3
H4 : app_subst (ML1 n1) (M2 V) M4
============================
exists M1' M2', pair M3 M4 = pair M1' M2' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M1 n1) M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M2 n1) M2'
app_subst_pair_comm < search.
Proof completed.
Abella < Theorem app_subst_fst_comm :
forall ML M M', app_subst ML (fst M) M' ->
(exists M1', M' = fst M1' /\ app_subst ML M M1').
============================
forall ML M M', app_subst ML (fst M) M' ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
app_subst_fst_comm < induction on 1.
IH : forall ML M M', app_subst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
============================
forall ML M M', app_subst ML (fst M) M' @ ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
app_subst_fst_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_subst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
H1 : app_subst ML (fst M) M' @
============================
exists M1', M' = fst M1' /\ app_subst ML M M1'
app_subst_fst_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_subst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
============================
exists M1', fst M = fst M1' /\ app_subst smnil M M1'
Subgoal 2 is:
exists M1', M1 = fst M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M1'
app_subst_fst_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
H2 : app_subst (ML1 n1) (fst (M V)) M1 *
============================
exists M1', M1 = fst M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M1'
app_subst_fst_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M2
IH : forall ML M M', app_subst ML (fst M) M' * ->
(exists M1', M' = fst M1' /\ app_subst ML M M1')
H2 : app_subst (ML1 n1) (fst (M V)) (fst M2) *
H3 : app_subst (ML1 n1) (M V) M2
============================
exists M1', fst M2 = fst M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M1'
app_subst_fst_comm < search.
Proof completed.
Abella < Theorem app_subst_snd_comm :
forall ML M M', app_subst ML (snd M) M' ->
(exists M1', M' = snd M1' /\ app_subst ML M M1').
============================
forall ML M M', app_subst ML (snd M) M' ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
app_subst_snd_comm < induction on 1.
IH : forall ML M M', app_subst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
============================
forall ML M M', app_subst ML (snd M) M' @ ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
app_subst_snd_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_subst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
H1 : app_subst ML (snd M) M' @
============================
exists M1', M' = snd M1' /\ app_subst ML M M1'
app_subst_snd_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_subst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
============================
exists M1', snd M = snd M1' /\ app_subst smnil M M1'
Subgoal 2 is:
exists M1', M1 = snd M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M1'
app_subst_snd_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
H2 : app_subst (ML1 n1) (snd (M V)) M1 *
============================
exists M1', M1 = snd M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M1'
app_subst_snd_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M2
IH : forall ML M M', app_subst ML (snd M) M' * ->
(exists M1', M' = snd M1' /\ app_subst ML M M1')
H2 : app_subst (ML1 n1) (snd (M V)) (snd M2) *
H3 : app_subst (ML1 n1) (M V) M2
============================
exists M1', snd M2 = snd M1' /\
app_subst (smcons (smap n1 V) (ML1 n1)) (M n1) M1'
app_subst_snd_comm < search.
Proof completed.
Abella < Define subst' : cmap_list -> prop by
subst' cmnil;
nabla x, subst' (cmcons (cmap x V) ML) := subst' ML /\ {val' V} /\ {tm' V}.
Abella < Define vars_of_subst' : cmap_list -> tm'_list -> prop by
vars_of_subst' cmnil cnil;
nabla x, vars_of_subst' (cmcons (cmap x V) ML) (ccons x L) := vars_of_subst' ML L.
Abella < Define app_subst' : cmap_list -> tm' -> tm' -> prop by
app_subst' cmnil M M;
nabla x, app_subst' (cmcons (cmap x V) ML) (R x) M := app_subst' ML (R V) M.
Abella < Theorem app_subst'_exists :
forall ML M, subst' ML -> (exists M', app_subst' ML M M').
============================
forall ML M, subst' ML -> (exists M', app_subst' ML M M')
app_subst'_exists < induction on 1.
IH : forall ML M, subst' ML * -> (exists M', app_subst' ML M M')
============================
forall ML M, subst' ML @ -> (exists M', app_subst' ML M M')
app_subst'_exists < intros.
Variables: ML M
IH : forall ML M, subst' ML * -> (exists M', app_subst' ML M M')
H1 : subst' ML @
============================
exists M', app_subst' ML M M'
app_subst'_exists < case H1.
Subgoal 1:
Variables: M
IH : forall ML M, subst' ML * -> (exists M', app_subst' ML M M')
============================
exists M', app_subst' cmnil M M'
Subgoal 2 is:
exists M', app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_exists < search.
Subgoal 2:
Variables: M ML1 V
IH : forall ML M, subst' ML * -> (exists M', app_subst' ML M M')
H2 : subst' ML1 *
H3 : {val' V}
H4 : {tm' V}
============================
exists M', app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_exists < apply IH to H2 with M = M V.
Subgoal 2:
Variables: M ML1 V M'
IH : forall ML M, subst' ML * -> (exists M', app_subst' ML M M')
H2 : subst' ML1 *
H3 : {val' V}
H4 : {tm' V}
H5 : app_subst' ML1 (M V) M'
============================
exists M', app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_exists < search.
Proof completed.
Abella < Define app_subst'_list : cmap_list -> tm'_list -> tm'_list -> prop by
app_subst'_list cmnil L L;
nabla x, app_subst'_list (cmcons (cmap x V) ML) (L x) L' := app_subst'_list ML (L V) L'.
Abella < Theorem app_subst'_islist :
forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' -> is_tm'_list L'.
============================
forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' -> is_tm'_list L'
app_subst'_islist < induction on 2.
IH : forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' * ->
is_tm'_list L'
============================
forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' @ -> is_tm'_list L'
app_subst'_islist < intros.
Variables: L L' ML
IH : forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' * ->
is_tm'_list L'
H1 : is_tm'_list L
H2 : app_subst'_list ML L L' @
============================
is_tm'_list L'
app_subst'_islist < case H2.
Subgoal 1:
Variables: L'
IH : forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' * ->
is_tm'_list L'
H1 : is_tm'_list L'
============================
is_tm'_list L'
Subgoal 2 is:
is_tm'_list L'1
app_subst'_islist < search.
Subgoal 2:
Variables: L L'1 ML1 V
IH : forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' * ->
is_tm'_list L'
H1 : is_tm'_list (L n1)
H3 : app_subst'_list ML1 (L V) L'1 *
============================
is_tm'_list L'1
app_subst'_islist < apply is_tm'_list_inst to H1 with V = V.
Subgoal 2:
Variables: L L'1 ML1 V
IH : forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' * ->
is_tm'_list L'
H1 : is_tm'_list (L n1)
H3 : app_subst'_list ML1 (L V) L'1 *
H4 : is_tm'_list (L V)
============================
is_tm'_list L'1
app_subst'_islist < apply IH to H4 H3.
Subgoal 2:
Variables: L L'1 ML1 V
IH : forall L L' ML, is_tm'_list L -> app_subst'_list ML L L' * ->
is_tm'_list L'
H1 : is_tm'_list (L n1)
H3 : app_subst'_list ML1 (L V) L'1 *
H4 : is_tm'_list (L V)
H5 : is_tm'_list L'1
============================
is_tm'_list L'1
app_subst'_islist < search.
Proof completed.
Abella < Theorem subst'_nabla :
forall ML, nabla x, subst' ML -> app_subst' ML x x.
============================
forall ML, nabla x, subst' ML -> app_subst' ML x x
subst'_nabla < induction on 1.
IH : forall ML, nabla x, subst' ML * -> app_subst' ML x x
============================
forall ML, nabla x, subst' ML @ -> app_subst' ML x x
subst'_nabla < intros.
Variables: ML
IH : forall ML, nabla x, subst' ML * -> app_subst' ML x x
H1 : subst' ML @
============================
app_subst' ML n1 n1
subst'_nabla < case H1.
Subgoal 1:
IH : forall ML, nabla x, subst' ML * -> app_subst' ML x x
============================
app_subst' cmnil n1 n1
Subgoal 2 is:
app_subst' (cmcons (cmap n2 V) ML1) n1 n1
subst'_nabla < search.
Subgoal 2:
Variables: ML1 V
IH : forall ML, nabla x, subst' ML * -> app_subst' ML x x
H2 : subst' ML1 *
H3 : {val' V}
H4 : {tm' V}
============================
app_subst' (cmcons (cmap n2 V) ML1) n1 n1
subst'_nabla < unfold.
Subgoal 2:
Variables: ML1 V
IH : forall ML, nabla x, subst' ML * -> app_subst' ML x x
H2 : subst' ML1 *
H3 : {val' V}
H4 : {tm' V}
============================
app_subst' ML1 n1 n1
subst'_nabla < backchain IH.
Proof completed.
Abella < Theorem subst'_result_closed_tm :
forall ML L M M' Vs, tm'_ctx L -> {L |- tm' M} -> vars_of_tm'_ctx L Vs ->
subst' ML -> vars_of_subst' ML Vs -> app_subst' ML M M' -> {tm' M'}.
============================
forall ML L M M' Vs, tm'_ctx L -> {L |- tm' M} -> vars_of_tm'_ctx L Vs ->
subst' ML -> vars_of_subst' ML Vs -> app_subst' ML M M' -> {tm' M'}
subst'_result_closed_tm < induction on 1.
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
============================
forall ML L M M' Vs, tm'_ctx L @ -> {L |- tm' M} -> vars_of_tm'_ctx L Vs ->
subst' ML -> vars_of_subst' ML Vs -> app_subst' ML M M' -> {tm' M'}
subst'_result_closed_tm < intros.
Variables: ML L M M' Vs
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H1 : tm'_ctx L @
H2 : {L |- tm' M}
H3 : vars_of_tm'_ctx L Vs
H4 : subst' ML
H5 : vars_of_subst' ML Vs
H6 : app_subst' ML M M'
============================
{tm' M'}
subst'_result_closed_tm < case H1.
Subgoal 1:
Variables: ML M M' Vs
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {tm' M}
H3 : vars_of_tm'_ctx nil Vs
H4 : subst' ML
H5 : vars_of_subst' ML Vs
H6 : app_subst' ML M M'
============================
{tm' M'}
Subgoal 2 is:
{tm' (M' n1)}
subst'_result_closed_tm < case H3.
Subgoal 1:
Variables: ML M M'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {tm' M}
H4 : subst' ML
H5 : vars_of_subst' ML cnil
H6 : app_subst' ML M M'
============================
{tm' M'}
Subgoal 2 is:
{tm' (M' n1)}
subst'_result_closed_tm < case H5.
Subgoal 1:
Variables: M M'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {tm' M}
H4 : subst' cmnil
H6 : app_subst' cmnil M M'
============================
{tm' M'}
Subgoal 2 is:
{tm' (M' n1)}
subst'_result_closed_tm < case H6.
Subgoal 1:
Variables: M'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {tm' M'}
H4 : subst' cmnil
============================
{tm' M'}
Subgoal 2 is:
{tm' (M' n1)}
subst'_result_closed_tm < search.
Subgoal 2:
Variables: ML M M' Vs L1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H3 : vars_of_tm'_ctx (tm' n1 :: L1) (Vs n1)
H4 : subst' (ML n1)
H5 : vars_of_subst' (ML n1) (Vs n1)
H6 : app_subst' (ML n1) (M n1) (M' n1)
H7 : tm'_ctx L1 *
============================
{tm' (M' n1)}
subst'_result_closed_tm < case H3.
Subgoal 2:
Variables: ML M M' L1 L'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H4 : subst' (ML n1)
H5 : vars_of_subst' (ML n1) (ccons n1 L')
H6 : app_subst' (ML n1) (M n1) (M' n1)
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
============================
{tm' (M' n1)}
subst'_result_closed_tm < case H5.
Subgoal 2:
Variables: M M' L1 L' ML1 V
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H4 : subst' (cmcons (cmap n1 V) ML1)
H6 : app_subst' (cmcons (cmap n1 V) ML1) (M n1) (M' n1)
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
============================
{tm' (M' n1)}
subst'_result_closed_tm < case H6.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H4 : subst' (cmcons (cmap n1 V) ML1)
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
============================
{tm' M1}
subst'_result_closed_tm < case H4.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
H11 : subst' ML1
H12 : {val' V}
H13 : {tm' V}
============================
{tm' M1}
subst'_result_closed_tm < inst H2 with n1 = V.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
H11 : subst' ML1
H12 : {val' V}
H13 : {tm' V}
H14 : {L1, tm' V |- tm' (M V)}
============================
{tm' M1}
subst'_result_closed_tm < cut H14 with H13.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm' M'}
H2 : {L1, tm' n1 |- tm' (M n1)}
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
H11 : subst' ML1
H12 : {val' V}
H13 : {tm' V}
H14 : {L1, tm' V |- tm' (M V)}
H15 : {L1 |- tm' (M V)}
============================
{tm' M1}
subst'_result_closed_tm < backchain IH with ML = ML1, L = L1, M = M V.
Proof completed.
Abella < Theorem subst'_result_closed_tm'' :
forall ML L M M' Vs, tm'_ctx L -> {L |- tm'' M} -> vars_of_tm'_ctx L Vs ->
subst' ML -> vars_of_subst' ML Vs -> app_subst' ML M M' -> {tm'' M'}.
============================
forall ML L M M' Vs, tm'_ctx L -> {L |- tm'' M} -> vars_of_tm'_ctx L Vs ->
subst' ML -> vars_of_subst' ML Vs -> app_subst' ML M M' -> {tm'' M'}
subst'_result_closed_tm'' < induction on 1.
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
============================
forall ML L M M' Vs, tm'_ctx L @ -> {L |- tm'' M} -> vars_of_tm'_ctx L Vs ->
subst' ML -> vars_of_subst' ML Vs -> app_subst' ML M M' -> {tm'' M'}
subst'_result_closed_tm'' < intros.
Variables: ML L M M' Vs
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H1 : tm'_ctx L @
H2 : {L |- tm'' M}
H3 : vars_of_tm'_ctx L Vs
H4 : subst' ML
H5 : vars_of_subst' ML Vs
H6 : app_subst' ML M M'
============================
{tm'' M'}
subst'_result_closed_tm'' < case H1.
Subgoal 1:
Variables: ML M M' Vs
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {tm'' M}
H3 : vars_of_tm'_ctx nil Vs
H4 : subst' ML
H5 : vars_of_subst' ML Vs
H6 : app_subst' ML M M'
============================
{tm'' M'}
Subgoal 2 is:
{tm'' (M' n1)}
subst'_result_closed_tm'' < case H3.
Subgoal 1:
Variables: ML M M'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {tm'' M}
H4 : subst' ML
H5 : vars_of_subst' ML cnil
H6 : app_subst' ML M M'
============================
{tm'' M'}
Subgoal 2 is:
{tm'' (M' n1)}
subst'_result_closed_tm'' < case H5.
Subgoal 1:
Variables: M M'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {tm'' M}
H4 : subst' cmnil
H6 : app_subst' cmnil M M'
============================
{tm'' M'}
Subgoal 2 is:
{tm'' (M' n1)}
subst'_result_closed_tm'' < case H6.
Subgoal 1:
Variables: M'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {tm'' M'}
H4 : subst' cmnil
============================
{tm'' M'}
Subgoal 2 is:
{tm'' (M' n1)}
subst'_result_closed_tm'' < search.
Subgoal 2:
Variables: ML M M' Vs L1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H3 : vars_of_tm'_ctx (tm' n1 :: L1) (Vs n1)
H4 : subst' (ML n1)
H5 : vars_of_subst' (ML n1) (Vs n1)
H6 : app_subst' (ML n1) (M n1) (M' n1)
H7 : tm'_ctx L1 *
============================
{tm'' (M' n1)}
subst'_result_closed_tm'' < case H3.
Subgoal 2:
Variables: ML M M' L1 L'
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H4 : subst' (ML n1)
H5 : vars_of_subst' (ML n1) (ccons n1 L')
H6 : app_subst' (ML n1) (M n1) (M' n1)
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
============================
{tm'' (M' n1)}
subst'_result_closed_tm'' < case H5.
Subgoal 2:
Variables: M M' L1 L' ML1 V
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H4 : subst' (cmcons (cmap n1 V) ML1)
H6 : app_subst' (cmcons (cmap n1 V) ML1) (M n1) (M' n1)
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
============================
{tm'' (M' n1)}
subst'_result_closed_tm'' < case H6.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H4 : subst' (cmcons (cmap n1 V) ML1)
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
============================
{tm'' M1}
subst'_result_closed_tm'' < case H4.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
H11 : subst' ML1
H12 : {val' V}
H13 : {tm' V}
============================
{tm'' M1}
subst'_result_closed_tm'' < inst H2 with n1 = V.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
H11 : subst' ML1
H12 : {val' V}
H13 : {tm' V}
H14 : {L1, tm' V |- tm'' (M V)}
============================
{tm'' M1}
subst'_result_closed_tm'' < cut H14 with H13.
Subgoal 2:
Variables: M L1 L' ML1 V M1
IH : forall ML L M M' Vs, tm'_ctx L * -> {L |- tm'' M} ->
vars_of_tm'_ctx L Vs -> subst' ML -> vars_of_subst' ML Vs ->
app_subst' ML M M' -> {tm'' M'}
H2 : {L1, tm' n1 |- tm'' (M n1)}
H7 : tm'_ctx L1 *
H8 : vars_of_tm'_ctx L1 L'
H9 : vars_of_subst' ML1 L'
H10 : app_subst' ML1 (M V) M1
H11 : subst' ML1
H12 : {val' V}
H13 : {tm' V}
H14 : {L1, tm' V |- tm'' (M V)}
H15 : {L1 |- tm'' (M V)}
============================
{tm'' M1}
subst'_result_closed_tm'' < backchain IH with ML = ML1, L = L1, M = M V.
Proof completed.
Abella < Theorem app_subst'_prune :
forall ML M M', nabla x, app_subst' ML M (M' x) -> (exists M'', M' = y\M'').
============================
forall ML M M', nabla x, app_subst' ML M (M' x) -> (exists M'', M' = y\M'')
app_subst'_prune < induction on 1.
IH : forall ML M M', nabla x, app_subst' ML M (M' x) * ->
(exists M'', M' = y\M'')
============================
forall ML M M', nabla x, app_subst' ML M (M' x) @ ->
(exists M'', M' = y\M'')
app_subst'_prune < intros.
Variables: ML M M'
IH : forall ML M M', nabla x, app_subst' ML M (M' x) * ->
(exists M'', M' = y\M'')
H1 : app_subst' ML M (M' n1) @
============================
exists M'', M' = y\M''
app_subst'_prune < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', nabla x, app_subst' ML M (M' x) * ->
(exists M'', M' = y\M'')
============================
exists M'', z1\M = y\M''
Subgoal 2 is:
exists M'', z2\M2 z2 = y\M''
app_subst'_prune < search.
Subgoal 2:
Variables: M M2 ML3 ML2
IH : forall ML M M', nabla x, app_subst' ML M (M' x) * ->
(exists M'', M' = y\M'')
H2 : app_subst' ML3 (M ML2) (M2 n1) *
============================
exists M'', z2\M2 z2 = y\M''
app_subst'_prune < apply IH to H2.
Subgoal 2:
Variables: M ML3 ML2 M''
IH : forall ML M M', nabla x, app_subst' ML M (M' x) * ->
(exists M'', M' = y\M'')
H2 : app_subst' ML3 (M ML2) M'' *
============================
exists M''1, z2\M'' = y\M''1
app_subst'_prune < search.
Proof completed.
Abella < Theorem subst'_mem :
forall ML E, subst' ML -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V}).
============================
forall ML E, subst' ML -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
subst'_mem < induction on 1.
IH : forall ML E, subst' ML * -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
============================
forall ML E, subst' ML @ -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
subst'_mem < intros.
Variables: ML E
IH : forall ML E, subst' ML * -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
H1 : subst' ML @
H2 : cmmember E ML
============================
exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V}
subst'_mem < case H1.
Subgoal 1:
Variables: E
IH : forall ML E, subst' ML * -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
H2 : cmmember E cmnil
============================
exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V}
Subgoal 2 is:
exists X V, E n1 = cmap X V /\ name' X /\ {val' V} /\ {tm' V}
subst'_mem < case H2.
Subgoal 2:
Variables: E ML1 V
IH : forall ML E, subst' ML * -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
H2 : cmmember (E n1) (cmcons (cmap n1 V) ML1)
H3 : subst' ML1 *
H4 : {val' V}
H5 : {tm' V}
============================
exists X V, E n1 = cmap X V /\ name' X /\ {val' V} /\ {tm' V}
subst'_mem < case H2.
Subgoal 2.1:
Variables: ML1 V
IH : forall ML E, subst' ML * -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
H3 : subst' ML1 *
H4 : {val' V}
H5 : {tm' V}
============================
exists X V1, cmap n1 V = cmap X V1 /\ name' X /\ {val' V1} /\ {tm' V1}
Subgoal 2.2 is:
exists X V, E n1 = cmap X V /\ name' X /\ {val' V} /\ {tm' V}
subst'_mem < search.
Subgoal 2.2:
Variables: E ML1 V
IH : forall ML E, subst' ML * -> cmmember E ML ->
(exists X V, E = cmap X V /\ name' X /\ {val' V} /\ {tm' V})
H3 : subst' ML1 *
H4 : {val' V}
H5 : {tm' V}
H6 : cmmember (E n1) ML1
============================
exists X V, E n1 = cmap X V /\ name' X /\ {val' V} /\ {tm' V}
subst'_mem < backchain IH.
Proof completed.
Abella < Theorem subst'_extend :
forall ML V, nabla x, subst' ML -> {tm' V} -> {val' V} ->
subst' (cmcons (cmap x V) ML).
============================
forall ML V, nabla x, subst' ML -> {tm' V} -> {val' V} ->
subst' (cmcons (cmap x V) ML)
subst'_extend < intros.
Variables: ML V
H1 : subst' ML
H2 : {tm' V}
H3 : {val' V}
============================
subst' (cmcons (cmap n1 V) ML)
subst'_extend < unfold.
Subgoal 1:
Variables: ML V
H1 : subst' ML
H2 : {tm' V}
H3 : {val' V}
============================
subst' ML
Subgoal 2 is:
{val' V}
Subgoal 3 is:
{tm' V}
subst'_extend < search.
Subgoal 2:
Variables: ML V
H1 : subst' ML
H2 : {tm' V}
H3 : {val' V}
============================
{val' V}
Subgoal 3 is:
{tm' V}
subst'_extend < search.
Subgoal 3:
Variables: ML V
H1 : subst' ML
H2 : {tm' V}
H3 : {val' V}
============================
{tm' V}
subst'_extend < search.
Proof completed.
Abella < Theorem subst'_closed_tm_eq :
forall M ML M', {tm' M} -> app_subst' ML M M' -> M = M'.
============================
forall M ML M', {tm' M} -> app_subst' ML M M' -> M = M'
subst'_closed_tm_eq < induction on 2.
IH : forall M ML M', {tm' M} -> app_subst' ML M M' * -> M = M'
============================
forall M ML M', {tm' M} -> app_subst' ML M M' @ -> M = M'
subst'_closed_tm_eq < intros.
Variables: M ML M'
IH : forall M ML M', {tm' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm' M}
H2 : app_subst' ML M M' @
============================
M = M'
subst'_closed_tm_eq < case H2.
Subgoal 1:
Variables: M'
IH : forall M ML M', {tm' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm' M'}
============================
M' = M'
Subgoal 2 is:
M n1 = M1
subst'_closed_tm_eq < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall M ML M', {tm' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm' (M n1)}
H3 : app_subst' ML1 (M V) M1 *
============================
M n1 = M1
subst'_closed_tm_eq < apply closed_tm'_prune to H1.
Subgoal 2:
Variables: M1 ML1 V M'1
IH : forall M ML M', {tm' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm' M'1}
H3 : app_subst' ML1 M'1 M1 *
============================
M'1 = M1
subst'_closed_tm_eq < apply IH to _ H3.
Subgoal 2:
Variables: M1 ML1 V
IH : forall M ML M', {tm' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm' M1}
H3 : app_subst' ML1 M1 M1 *
============================
M1 = M1
subst'_closed_tm_eq < search.
Proof completed.
Abella < Theorem subst'_closed_tm :
forall M ML, {tm' M} -> subst' ML -> app_subst' ML M M.
============================
forall M ML, {tm' M} -> subst' ML -> app_subst' ML M M
subst'_closed_tm < induction on 2.
IH : forall M ML, {tm' M} -> subst' ML * -> app_subst' ML M M
============================
forall M ML, {tm' M} -> subst' ML @ -> app_subst' ML M M
subst'_closed_tm < intros.
Variables: M ML
IH : forall M ML, {tm' M} -> subst' ML * -> app_subst' ML M M
H1 : {tm' M}
H2 : subst' ML @
============================
app_subst' ML M M
subst'_closed_tm < case H2.
Subgoal 1:
Variables: M
IH : forall M ML, {tm' M} -> subst' ML * -> app_subst' ML M M
H1 : {tm' M}
============================
app_subst' cmnil M M
Subgoal 2 is:
app_subst' (cmcons (cmap n1 V) ML1) (M n1) (M n1)
subst'_closed_tm < search.
Subgoal 2:
Variables: M ML1 V
IH : forall M ML, {tm' M} -> subst' ML * -> app_subst' ML M M
H1 : {tm' (M n1)}
H3 : subst' ML1 *
H4 : {val' V}
H5 : {tm' V}
============================
app_subst' (cmcons (cmap n1 V) ML1) (M n1) (M n1)
subst'_closed_tm < apply closed_tm'_prune to H1.
Subgoal 2:
Variables: ML1 V M'
IH : forall M ML, {tm' M} -> subst' ML * -> app_subst' ML M M
H1 : {tm' M'}
H3 : subst' ML1 *
H4 : {val' V}
H5 : {tm' V}
============================
app_subst' (cmcons (cmap n1 V) ML1) M' M'
subst'_closed_tm < apply IH to H1 H3.
Subgoal 2:
Variables: ML1 V M'
IH : forall M ML, {tm' M} -> subst' ML * -> app_subst' ML M M
H1 : {tm' M'}
H3 : subst' ML1 *
H4 : {val' V}
H5 : {tm' V}
H6 : app_subst' ML1 M' M'
============================
app_subst' (cmcons (cmap n1 V) ML1) M' M'
subst'_closed_tm < search.
Proof completed.
Abella < Theorem subst'_det :
forall ML M M' M'', app_subst' ML M M' -> app_subst' ML M M'' -> M' = M''.
============================
forall ML M M' M'', app_subst' ML M M' -> app_subst' ML M M'' -> M' = M''
subst'_det < induction on 1.
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
============================
forall ML M M' M'', app_subst' ML M M' @ -> app_subst' ML M M'' -> M' = M''
subst'_det < intros.
Variables: ML M M' M''
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
H1 : app_subst' ML M M' @
H2 : app_subst' ML M M''
============================
M' = M''
subst'_det < case H1.
Subgoal 1:
Variables: M' M''
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
H2 : app_subst' cmnil M' M''
============================
M' = M''
Subgoal 2 is:
M1 = M'' n1
subst'_det < case H2.
Subgoal 1:
Variables: M''
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
============================
M'' = M''
Subgoal 2 is:
M1 = M'' n1
subst'_det < search.
Subgoal 2:
Variables: M M'' M1 ML1 V
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
H2 : app_subst' (cmcons (cmap n1 V) ML1) (M n1) (M'' n1)
H3 : app_subst' ML1 (M V) M1 *
============================
M1 = M'' n1
subst'_det < case H2.
Subgoal 2:
Variables: M M1 ML1 V M2
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
H3 : app_subst' ML1 (M V) M1 *
H4 : app_subst' ML1 (M V) M2
============================
M1 = M2
subst'_det < apply IH to H3 H4.
Subgoal 2:
Variables: M ML1 V M2
IH : forall ML M M' M'', app_subst' ML M M' * -> app_subst' ML M M'' -> M' =
M''
H3 : app_subst' ML1 (M V) M2 *
H4 : app_subst' ML1 (M V) M2
============================
M2 = M2
subst'_det < search.
Proof completed.
Abella < Theorem subst'_var :
forall V ML X, subst' ML -> cmmember (cmap X V) ML -> app_subst' ML X V.
============================
forall V ML X, subst' ML -> cmmember (cmap X V) ML -> app_subst' ML X V
subst'_var < induction on 2.
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
============================
forall V ML X, subst' ML -> cmmember (cmap X V) ML @ -> app_subst' ML X V
subst'_var < intros.
Variables: V ML X
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H1 : subst' ML
H2 : cmmember (cmap X V) ML @
============================
app_subst' ML X V
subst'_var < case H2.
Subgoal 1:
Variables: V X L
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H1 : subst' (cmcons (cmap X V) L)
============================
app_subst' (cmcons (cmap X V) L) X V
Subgoal 2 is:
app_subst' (cmcons Y L) X V
subst'_var < case H1.
Subgoal 1:
Variables: ML1 V1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : subst' ML1
H4 : {val' V1}
H5 : {tm' V1}
============================
app_subst' (cmcons (cmap n1 V1) ML1) n1 V1
Subgoal 2 is:
app_subst' (cmcons Y L) X V
subst'_var < unfold.
Subgoal 1:
Variables: ML1 V1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : subst' ML1
H4 : {val' V1}
H5 : {tm' V1}
============================
app_subst' ML1 V1 V1
Subgoal 2 is:
app_subst' (cmcons Y L) X V
subst'_var < intros.
Subgoal 1:
Variables: ML1 V1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : subst' ML1
H4 : {val' V1}
H5 : {tm' V1}
============================
app_subst' ML1 V1 V1
Subgoal 2 is:
app_subst' (cmcons Y L) X V
subst'_var < backchain subst'_closed_tm.
Subgoal 2:
Variables: V X L Y
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H1 : subst' (cmcons Y L)
H3 : cmmember (cmap X V) L *
============================
app_subst' (cmcons Y L) X V
subst'_var < case H1.
Subgoal 2:
Variables: V X ML1 V1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : cmmember (cmap (X n1) (V n1)) ML1 *
H4 : subst' ML1
H5 : {val' V1}
H6 : {tm' V1}
============================
app_subst' (cmcons (cmap n1 V1) ML1) (X n1) (V n1)
subst'_var < apply cmmember_prune_tm' to H3.
Subgoal 2:
Variables: ML1 V1 M'2 M'1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : cmmember (cmap M'1 M'2) ML1 *
H4 : subst' ML1
H5 : {val' V1}
H6 : {tm' V1}
============================
app_subst' (cmcons (cmap n1 V1) ML1) M'1 M'2
subst'_var < unfold.
Subgoal 2:
Variables: ML1 V1 M'2 M'1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : cmmember (cmap M'1 M'2) ML1 *
H4 : subst' ML1
H5 : {val' V1}
H6 : {tm' V1}
============================
app_subst' ML1 M'1 M'2
subst'_var < intros.
Subgoal 2:
Variables: ML1 V1 M'2 M'1
IH : forall V ML X, subst' ML -> cmmember (cmap X V) ML * ->
app_subst' ML X V
H3 : cmmember (cmap M'1 M'2) ML1 *
H4 : subst' ML1
H5 : {val' V1}
H6 : {tm' V1}
============================
app_subst' ML1 M'1 M'2
subst'_var < backchain IH.
Proof completed.
Abella < Theorem subst'_var_eq :
forall V ML E X, subst' ML -> cmmember (cmap X V) ML -> app_subst' ML X E ->
E =
V.
============================
forall V ML E X, subst' ML -> cmmember (cmap X V) ML -> app_subst' ML X E ->
E =
V
subst'_var_eq < intros.
Variables: V ML E X
H1 : subst' ML
H2 : cmmember (cmap X V) ML
H3 : app_subst' ML X E
============================
E = V
subst'_var_eq < apply subst'_var to H1 H2.
Variables: V ML E X
H1 : subst' ML
H2 : cmmember (cmap X V) ML
H3 : app_subst' ML X E
H4 : app_subst' ML X V
============================
E = V
subst'_var_eq < apply subst'_det to H3 H4.
Variables: V ML X
H1 : subst' ML
H2 : cmmember (cmap X V) ML
H3 : app_subst' ML X V
H4 : app_subst' ML X V
============================
V = V
subst'_var_eq < search.
Proof completed.
Abella < Theorem subst'_inst :
forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) ->
app_subst' ML (M V) (M' V).
============================
forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) ->
app_subst' ML (M V) (M' V)
subst'_inst < induction on 2.
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
============================
forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) @ ->
app_subst' ML (M V) (M' V)
subst'_inst < intros.
Variables: ML M M' V
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
H1 : {tm' V}
H2 : app_subst' ML (M n1) (M' n1) @
============================
app_subst' ML (M V) (M' V)
subst'_inst < case H2.
Subgoal 1:
Variables: M' V
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
H1 : {tm' V}
============================
app_subst' cmnil (M' V) (M' V)
Subgoal 2 is:
app_subst' (cmcons (cmap n2 ML2) ML3) (M n2 (V n2)) (M2 (V n2))
subst'_inst < search.
Subgoal 2:
Variables: M V M2 ML3 ML2
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
H1 : {tm' (V n2)}
H3 : app_subst' ML3 (M ML2 n1) (M2 n1) *
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (M n2 (V n2)) (M2 (V n2))
subst'_inst < apply closed_tm'_prune to H1.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
H1 : {tm' M'1}
H3 : app_subst' ML3 (M ML2 n1) (M2 n1) *
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (M n2 M'1) (M2 M'1)
subst'_inst < unfold.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
H1 : {tm' M'1}
H3 : app_subst' ML3 (M ML2 n1) (M2 n1) *
============================
app_subst' ML3 (M ML2 M'1) (M2 M'1)
subst'_inst < apply IH to H1 H3.
Subgoal 2:
Variables: M M2 ML3 ML2 M'1
IH : forall ML M M' V, nabla x, {tm' V} -> app_subst' ML (M x) (M' x) * ->
app_subst' ML (M V) (M' V)
H1 : {tm' M'1}
H3 : app_subst' ML3 (M ML2 n1) (M2 n1) *
H4 : app_subst' ML3 (M ML2 M'1) (M2 M'1)
============================
app_subst' ML3 (M ML2 M'1) (M2 M'1)
subst'_inst < search.
Proof completed.
Abella < Theorem explct_meta_subst'_comm :
forall ML M E V, nabla n, {tm' V} -> app_subst' ML (M n) (E n) ->
app_subst' (cmcons (cmap n V) ML) (M n) (E V).
============================
forall ML M E V, nabla n, {tm' V} -> app_subst' ML (M n) (E n) ->
app_subst' (cmcons (cmap n V) ML) (M n) (E V)
explct_meta_subst'_comm < intros.
Variables: ML M E V
H1 : {tm' V}
H2 : app_subst' ML (M n1) (E n1)
============================
app_subst' (cmcons (cmap n1 V) ML) (M n1) (E V)
explct_meta_subst'_comm < unfold.
Variables: ML M E V
H1 : {tm' V}
H2 : app_subst' ML (M n1) (E n1)
============================
app_subst' ML (M V) (E V)
explct_meta_subst'_comm < intros.
Variables: ML M E V
H1 : {tm' V}
H2 : app_subst' ML (M n1) (E n1)
============================
app_subst' ML (M V) (E V)
explct_meta_subst'_comm < backchain subst'_inst with M = M, M' = E, x = n1.
Proof completed.
Abella < Theorem subst'_general_inst :
forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) -> app_subst' ML (M2 M1) (M2' M1').
============================
forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) -> app_subst' ML (M2 M1) (M2' M1')
subst'_general_inst < induction on 2.
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
============================
forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) @ -> app_subst' ML (M2 M1) (M2' M1')
subst'_general_inst < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
H1 : app_subst' ML M1 M1'
H2 : app_subst' ML (M2 n1) (M2' n1) @
============================
app_subst' ML (M2 M1) (M2' M1')
subst'_general_inst < case H2.
Subgoal 1:
Variables: M1 M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
H1 : app_subst' cmnil M1 M1'
============================
app_subst' cmnil (M2' M1) (M2' M1')
Subgoal 2 is:
app_subst' (cmcons (cmap n2 ML2) ML3) (M2 n2 (M1 n2)) (M3 (M1' n2))
subst'_general_inst < case H1.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
============================
app_subst' cmnil (M2' M1') (M2' M1')
Subgoal 2 is:
app_subst' (cmcons (cmap n2 ML2) ML3) (M2 n2 (M1 n2)) (M3 (M1' n2))
subst'_general_inst < search.
Subgoal 2:
Variables: M1 M2 M1' M3 ML3 ML2
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
H1 : app_subst' (cmcons (cmap n2 ML2) ML3) (M1 n2) (M1' n2)
H3 : app_subst' ML3 (M2 ML2 n1) (M3 n1) *
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (M2 n2 (M1 n2)) (M3 (M1' n2))
subst'_general_inst < case H1.
Subgoal 2:
Variables: M1 M2 M3 ML3 ML2 M
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
H3 : app_subst' ML3 (M2 ML2 n1) (M3 n1) *
H4 : app_subst' ML3 (M1 ML2) M
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (M2 n2 (M1 n2)) (M3 M)
subst'_general_inst < apply IH to H4 H3.
Subgoal 2:
Variables: M1 M2 M3 ML3 ML2 M
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) * -> app_subst' ML (M2 M1) (M2' M1')
H3 : app_subst' ML3 (M2 ML2 n1) (M3 n1) *
H4 : app_subst' ML3 (M1 ML2) M
H5 : app_subst' ML3 (M2 ML2 (M1 ML2)) (M3 M)
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (M2 n2 (M1 n2)) (M3 M)
subst'_general_inst < search.
Proof completed.
Abella < Theorem subst'_closed_tm''_eq :
forall M ML M', {tm'' M} -> app_subst' ML M M' -> M = M'.
============================
forall M ML M', {tm'' M} -> app_subst' ML M M' -> M = M'
subst'_closed_tm''_eq < induction on 2.
IH : forall M ML M', {tm'' M} -> app_subst' ML M M' * -> M = M'
============================
forall M ML M', {tm'' M} -> app_subst' ML M M' @ -> M = M'
subst'_closed_tm''_eq < intros.
Variables: M ML M'
IH : forall M ML M', {tm'' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm'' M}
H2 : app_subst' ML M M' @
============================
M = M'
subst'_closed_tm''_eq < case H2.
Subgoal 1:
Variables: M'
IH : forall M ML M', {tm'' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm'' M'}
============================
M' = M'
Subgoal 2 is:
M n1 = M1
subst'_closed_tm''_eq < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall M ML M', {tm'' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm'' (M n1)}
H3 : app_subst' ML1 (M V) M1 *
============================
M n1 = M1
subst'_closed_tm''_eq < apply closed_tm''_prune to H1.
Subgoal 2:
Variables: M1 ML1 V M'1
IH : forall M ML M', {tm'' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm'' M'1}
H3 : app_subst' ML1 M'1 M1 *
============================
M'1 = M1
subst'_closed_tm''_eq < apply IH to _ H3.
Subgoal 2:
Variables: M1 ML1 V
IH : forall M ML M', {tm'' M} -> app_subst' ML M M' * -> M = M'
H1 : {tm'' M1}
H3 : app_subst' ML1 M1 M1 *
============================
M1 = M1
subst'_closed_tm''_eq < search.
Proof completed.
Abella < Theorem subst'_closed_tm''_body_eq :
forall M ML M', {tm''_body M} -> app_subst' ML M M' -> M = M'.
============================
forall M ML M', {tm''_body M} -> app_subst' ML M M' -> M = M'
subst'_closed_tm''_body_eq < induction on 2.
IH : forall M ML M', {tm''_body M} -> app_subst' ML M M' * -> M = M'
============================
forall M ML M', {tm''_body M} -> app_subst' ML M M' @ -> M = M'
subst'_closed_tm''_body_eq < intros.
Variables: M ML M'
IH : forall M ML M', {tm''_body M} -> app_subst' ML M M' * -> M = M'
H1 : {tm''_body M}
H2 : app_subst' ML M M' @
============================
M = M'
subst'_closed_tm''_body_eq < case H2.
Subgoal 1:
Variables: M'
IH : forall M ML M', {tm''_body M} -> app_subst' ML M M' * -> M = M'
H1 : {tm''_body M'}
============================
M' = M'
Subgoal 2 is:
M n1 = M1
subst'_closed_tm''_body_eq < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall M ML M', {tm''_body M} -> app_subst' ML M M' * -> M = M'
H1 : {tm''_body (M n1)}
H3 : app_subst' ML1 (M V) M1 *
============================
M n1 = M1
subst'_closed_tm''_body_eq < apply closed_tm''_body_prune to H1.
Subgoal 2:
Variables: M1 ML1 V M'1
IH : forall M ML M', {tm''_body M} -> app_subst' ML M M' * -> M = M'
H1 : {tm''_body M'1}
H3 : app_subst' ML1 M'1 M1 *
============================
M'1 = M1
subst'_closed_tm''_body_eq < apply IH to _ H3.
Subgoal 2:
Variables: M1 ML1 V
IH : forall M ML M', {tm''_body M} -> app_subst' ML M M' * -> M = M'
H1 : {tm''_body M1}
H3 : app_subst' ML1 M1 M1 *
============================
M1 = M1
subst'_closed_tm''_body_eq < search.
Proof completed.
Abella < Theorem app_subst'_pred_comm :
forall ML M M', app_subst' ML (pred' M) M' ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'').
============================
forall ML M M', app_subst' ML (pred' M) M' ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
app_subst'_pred_comm < induction on 1.
IH : forall ML M M', app_subst' ML (pred' M) M' * ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
============================
forall ML M M', app_subst' ML (pred' M) M' @ ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
app_subst'_pred_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_subst' ML (pred' M) M' * ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
H1 : app_subst' ML (pred' M) M' @
============================
exists M'', M' = pred' M'' /\ app_subst' ML M M''
app_subst'_pred_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_subst' ML (pred' M) M' * ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
============================
exists M'', pred' M = pred' M'' /\ app_subst' cmnil M M''
Subgoal 2 is:
exists M'', M1 = pred' M'' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M''
app_subst'_pred_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst' ML (pred' M) M' * ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
H2 : app_subst' ML1 (pred' (M V)) M1 *
============================
exists M'', M1 = pred' M'' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M''
app_subst'_pred_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M''
IH : forall ML M M', app_subst' ML (pred' M) M' * ->
(exists M'', M' = pred' M'' /\ app_subst' ML M M'')
H2 : app_subst' ML1 (pred' (M V)) (pred' M'') *
H3 : app_subst' ML1 (M V) M''
============================
exists M''1, pred' M'' = pred' M''1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M''1
app_subst'_pred_comm < search.
Proof completed.
Abella < Theorem app_subst'_ifz_comm :
forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2').
============================
forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
app_subst'_ifz_comm < induction on 1.
IH : forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
============================
forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 @ ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
app_subst'_ifz_comm < intros.
Variables: ML M M1 M2 M3
IH : forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
H1 : app_subst' ML (ifz' M M1 M2) M3 @
============================
exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2'
app_subst'_ifz_comm < case H1.
Subgoal 1:
Variables: M M1 M2
IH : forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
============================
exists M' M1' M2', ifz' M M1 M2 = ifz' M' M1' M2' /\
app_subst' cmnil M M' /\ app_subst' cmnil M1 M1' /\
app_subst' cmnil M2 M2'
Subgoal 2 is:
exists M' M1' M2', M4 = ifz' M' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_ifz_comm < search.
Subgoal 2:
Variables: M M1 M2 M4 ML1 V
IH : forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
H2 : app_subst' ML1 (ifz' (M V) (M1 V) (M2 V)) M4 *
============================
exists M' M1' M2', M4 = ifz' M' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_ifz_comm < apply IH to H2.
Subgoal 2:
Variables: M M1 M2 ML1 V M' M1' M2'
IH : forall ML M M1 M2 M3, app_subst' ML (ifz' M M1 M2) M3 * ->
(exists M' M1' M2', M3 = ifz' M' M1' M2' /\ app_subst' ML M M' /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
H2 : app_subst' ML1 (ifz' (M V) (M1 V) (M2 V)) (ifz' M' M1' M2') *
H3 : app_subst' ML1 (M V) M'
H4 : app_subst' ML1 (M1 V) M1'
H5 : app_subst' ML1 (M2 V) M2'
============================
exists M'1 M1'1 M2'1, ifz' M' M1' M2' = ifz' M'1 M1'1 M2'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'1
app_subst'_ifz_comm < search.
Proof completed.
Abella < Theorem app_subst'_let_comm :
forall ML M R M', app_subst' ML (let' M R) M' ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x))).
============================
forall ML M R M', app_subst' ML (let' M R) M' ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
app_subst'_let_comm < induction on 1.
IH : forall ML M R M', app_subst' ML (let' M R) M' * ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
============================
forall ML M R M', app_subst' ML (let' M R) M' @ ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
app_subst'_let_comm < intros.
Variables: ML M R M'
IH : forall ML M R M', app_subst' ML (let' M R) M' * ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
H1 : app_subst' ML (let' M R) M' @
============================
exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x))
app_subst'_let_comm < case H1.
Subgoal 1:
Variables: M R
IH : forall ML M R M', app_subst' ML (let' M R) M' * ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
============================
exists M1 R1, let' M R = let' M1 R1 /\ app_subst' cmnil M M1 /\
(nabla x, app_subst' cmnil (R x) (R1 x))
Subgoal 2 is:
exists M2 R1, M1 = let' M2 R1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M2 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R1 x))
app_subst'_let_comm < search.
Subgoal 2:
Variables: M R M1 ML1 V
IH : forall ML M R M', app_subst' ML (let' M R) M' * ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
H2 : app_subst' ML1 (let' (M V) (R V)) M1 *
============================
exists M2 R1, M1 = let' M2 R1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M2 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R1 x))
app_subst'_let_comm < apply IH to H2.
Subgoal 2:
Variables: M R ML1 V M2 R1
IH : forall ML M R M', app_subst' ML (let' M R) M' * ->
(exists M1 R1, M' = let' M1 R1 /\ app_subst' ML M M1 /\
(nabla x, app_subst' ML (R x) (R1 x)))
H2 : app_subst' ML1 (let' (M V) (R V)) (let' M2 R1) *
H3 : app_subst' ML1 (M V) M2
H4 : app_subst' ML1 (R V n1) (R1 n1)
============================
exists M1 R2, let' M2 R1 = let' M1 R2 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R2 x))
app_subst'_let_comm < search.
Proof completed.
Abella < Theorem app_subst'_clos_comm :
forall ML F M M', app_subst' ML (clos' F M) M' ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1').
============================
forall ML F M M', app_subst' ML (clos' F M) M' ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
app_subst'_clos_comm < induction on 1.
IH : forall ML F M M', app_subst' ML (clos' F M) M' * ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
============================
forall ML F M M', app_subst' ML (clos' F M) M' @ ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
app_subst'_clos_comm < intros.
Variables: ML F M M'
IH : forall ML F M M', app_subst' ML (clos' F M) M' * ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
H1 : app_subst' ML (clos' F M) M' @
============================
exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1'
app_subst'_clos_comm < case H1.
Subgoal 1:
Variables: F M
IH : forall ML F M M', app_subst' ML (clos' F M) M' * ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
============================
exists F' M1', clos' F M = clos' F' M1' /\ app_subst' cmnil F F' /\
app_subst' cmnil M M1'
Subgoal 2 is:
exists F' M1', M1 = clos' F' M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (F n1) F' /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'
app_subst'_clos_comm < search.
Subgoal 2:
Variables: F M M1 ML1 V
IH : forall ML F M M', app_subst' ML (clos' F M) M' * ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
H2 : app_subst' ML1 (clos' (F V) (M V)) M1 *
============================
exists F' M1', M1 = clos' F' M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (F n1) F' /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'
app_subst'_clos_comm < apply IH to H2.
Subgoal 2:
Variables: F M ML1 V F' M1'
IH : forall ML F M M', app_subst' ML (clos' F M) M' * ->
(exists F' M1', M' = clos' F' M1' /\ app_subst' ML F F' /\
app_subst' ML M M1')
H2 : app_subst' ML1 (clos' (F V) (M V)) (clos' F' M1') *
H3 : app_subst' ML1 (F V) F'
H4 : app_subst' ML1 (M V) M1'
============================
exists F'1 M1'1, clos' F' M1' = clos' F'1 M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (F n1) F'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'1
app_subst'_clos_comm < search.
Proof completed.
Abella < Theorem app_subst'_open_comm :
forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' ->
(exists M1' M2', M' = open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2').
============================
forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' ->
(exists M1' M2', M' = open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
app_subst'_open_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' * ->
(exists M1' M2', M' =
open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
============================
forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' @ ->
(exists M1' M2', M' = open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
app_subst'_open_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' * ->
(exists M1' M2', M' =
open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
H1 : app_subst' ML (open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' @
============================
exists M1' M2', M' = open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2'
app_subst'_open_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' * ->
(exists M1' M2', M' =
open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
============================
exists M1' M2', open' M1 (f\e\app' f (pair' M1 (pair' M2 e))) =
open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' cmnil M1 M1' /\ app_subst' cmnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_open_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' * ->
(exists M1' M2', M' =
open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
H2 : app_subst' ML1
(open' (M1 V) (f\e\app' f (pair' (M1 V) (pair' (M2 V) e)))) M *
============================
exists M1' M2', M = open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_open_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_subst' ML
(open' M1 (f\e\app' f (pair' M1 (pair' M2 e)))) M' * ->
(exists M1' M2', M' =
open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) /\
app_subst' ML M1 M1' /\ app_subst' ML M2 M2')
H2 : app_subst' ML1
(open' (M1 V) (f\e\app' f (pair' (M1 V) (pair' (M2 V) e))))
(open' M1' (f\e\app' f (pair' M1' (pair' M2' e)))) *
H3 : app_subst' ML1 (M1 V) M1'
H4 : app_subst' ML1 (M2 V) M2'
============================
exists M1'1 M2'1, open' M1' (f\e\app' f (pair' M1' (pair' M2' e))) =
open' M1'1 (f\e\app' f (pair' M1'1 (pair' M2'1 e))) /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'1
app_subst'_open_comm < search.
Proof completed.
Abella < Theorem app_subst'_plus_comm :
forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2').
============================
forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
app_subst'_plus_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' * ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
============================
forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' @ ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
app_subst'_plus_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' * ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H1 : app_subst' ML (plus' M1 M2) M' @
============================
exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2'
app_subst'_plus_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' * ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
============================
exists M1' M2', plus' M1 M2 = plus' M1' M2' /\ app_subst' cmnil M1 M1' /\
app_subst' cmnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = plus' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_plus_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' * ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H2 : app_subst' ML1 (plus' (M1 V) (M2 V)) M *
============================
exists M1' M2', M = plus' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_plus_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_subst' ML (plus' M1 M2) M' * ->
(exists M1' M2', M' = plus' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H2 : app_subst' ML1 (plus' (M1 V) (M2 V)) (plus' M1' M2') *
H3 : app_subst' ML1 (M1 V) M1'
H4 : app_subst' ML1 (M2 V) M2'
============================
exists M1'1 M2'1, plus' M1' M2' = plus' M1'1 M2'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'1
app_subst'_plus_comm < search.
Proof completed.
Abella < Theorem app_subst'_pair_comm :
forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2').
============================
forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
app_subst'_pair_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' * ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
============================
forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' @ ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
app_subst'_pair_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' * ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H1 : app_subst' ML (pair' M1 M2) M' @
============================
exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2'
app_subst'_pair_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' * ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
============================
exists M1' M2', pair' M1 M2 = pair' M1' M2' /\ app_subst' cmnil M1 M1' /\
app_subst' cmnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = pair' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_pair_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' * ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H2 : app_subst' ML1 (pair' (M1 V) (M2 V)) M *
============================
exists M1' M2', M = pair' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_pair_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_subst' ML (pair' M1 M2) M' * ->
(exists M1' M2', M' = pair' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H2 : app_subst' ML1 (pair' (M1 V) (M2 V)) (pair' M1' M2') *
H3 : app_subst' ML1 (M1 V) M1'
H4 : app_subst' ML1 (M2 V) M2'
============================
exists M1'1 M2'1, pair' M1' M2' = pair' M1'1 M2'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'1
app_subst'_pair_comm < search.
Proof completed.
Abella < Theorem app_subst'_fst_comm :
forall ML M M', app_subst' ML (fst' M) M' ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1').
============================
forall ML M M', app_subst' ML (fst' M) M' ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
app_subst'_fst_comm < induction on 1.
IH : forall ML M M', app_subst' ML (fst' M) M' * ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
============================
forall ML M M', app_subst' ML (fst' M) M' @ ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
app_subst'_fst_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_subst' ML (fst' M) M' * ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
H1 : app_subst' ML (fst' M) M' @
============================
exists M1', M' = fst' M1' /\ app_subst' ML M M1'
app_subst'_fst_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_subst' ML (fst' M) M' * ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
============================
exists M1', fst' M = fst' M1' /\ app_subst' cmnil M M1'
Subgoal 2 is:
exists M1', M1 = fst' M1' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'
app_subst'_fst_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst' ML (fst' M) M' * ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
H2 : app_subst' ML1 (fst' (M V)) M1 *
============================
exists M1', M1 = fst' M1' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'
app_subst'_fst_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M1'
IH : forall ML M M', app_subst' ML (fst' M) M' * ->
(exists M1', M' = fst' M1' /\ app_subst' ML M M1')
H2 : app_subst' ML1 (fst' (M V)) (fst' M1') *
H3 : app_subst' ML1 (M V) M1'
============================
exists M1'1, fst' M1' = fst' M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'1
app_subst'_fst_comm < search.
Proof completed.
Abella < Theorem app_subst'_snd_comm :
forall ML M M', app_subst' ML (snd' M) M' ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1').
============================
forall ML M M', app_subst' ML (snd' M) M' ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
app_subst'_snd_comm < induction on 1.
IH : forall ML M M', app_subst' ML (snd' M) M' * ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
============================
forall ML M M', app_subst' ML (snd' M) M' @ ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
app_subst'_snd_comm < intros.
Variables: ML M M'
IH : forall ML M M', app_subst' ML (snd' M) M' * ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
H1 : app_subst' ML (snd' M) M' @
============================
exists M1', M' = snd' M1' /\ app_subst' ML M M1'
app_subst'_snd_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', app_subst' ML (snd' M) M' * ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
============================
exists M1', snd' M = snd' M1' /\ app_subst' cmnil M M1'
Subgoal 2 is:
exists M1', M1 = snd' M1' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'
app_subst'_snd_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst' ML (snd' M) M' * ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
H2 : app_subst' ML1 (snd' (M V)) M1 *
============================
exists M1', M1 = snd' M1' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'
app_subst'_snd_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M1'
IH : forall ML M M', app_subst' ML (snd' M) M' * ->
(exists M1', M' = snd' M1' /\ app_subst' ML M M1')
H2 : app_subst' ML1 (snd' (M V)) (snd' M1') *
H3 : app_subst' ML1 (M V) M1'
============================
exists M1'1, snd' M1' = snd' M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M1'1
app_subst'_snd_comm < search.
Proof completed.
Abella < Theorem app_subst'_abs_comm :
forall ML R M', app_subst' ML (abs' R) M' ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x))).
============================
forall ML R M', app_subst' ML (abs' R) M' ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
app_subst'_abs_comm < induction on 1.
IH : forall ML R M', app_subst' ML (abs' R) M' * ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
============================
forall ML R M', app_subst' ML (abs' R) M' @ ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
app_subst'_abs_comm < intros.
Variables: ML R M'
IH : forall ML R M', app_subst' ML (abs' R) M' * ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
H1 : app_subst' ML (abs' R) M' @
============================
exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x))
app_subst'_abs_comm < case H1.
Subgoal 1:
Variables: R
IH : forall ML R M', app_subst' ML (abs' R) M' * ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
============================
exists R', abs' R = abs' R' /\ (nabla x, app_subst' cmnil (R x) (R' x))
Subgoal 2 is:
exists R', M = abs' R' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x))
app_subst'_abs_comm < search.
Subgoal 2:
Variables: R M ML1 V
IH : forall ML R M', app_subst' ML (abs' R) M' * ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
H2 : app_subst' ML1 (abs' (R V)) M *
============================
exists R', M = abs' R' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x))
app_subst'_abs_comm < apply IH to H2.
Subgoal 2:
Variables: R ML1 V R'
IH : forall ML R M', app_subst' ML (abs' R) M' * ->
(exists R', M' = abs' R' /\ (nabla x, app_subst' ML (R x) (R' x)))
H2 : app_subst' ML1 (abs' (R V)) (abs' R') *
H3 : app_subst' ML1 (R V n1) (R' n1)
============================
exists R'1, abs' R' = abs' R'1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R'1 x))
app_subst'_abs_comm < search.
Proof completed.
Abella < Theorem app_subst'_unit_comm :
forall ML M', app_subst' ML unit' M' -> M' = unit'.
============================
forall ML M', app_subst' ML unit' M' -> M' = unit'
app_subst'_unit_comm < induction on 1.
IH : forall ML M', app_subst' ML unit' M' * -> M' = unit'
============================
forall ML M', app_subst' ML unit' M' @ -> M' = unit'
app_subst'_unit_comm < intros.
Variables: ML M'
IH : forall ML M', app_subst' ML unit' M' * -> M' = unit'
H1 : app_subst' ML unit' M' @
============================
M' = unit'
app_subst'_unit_comm < case H1.
Subgoal 1:
IH : forall ML M', app_subst' ML unit' M' * -> M' = unit'
============================
unit' = unit'
Subgoal 2 is:
M = unit'
app_subst'_unit_comm < search.
Subgoal 2:
Variables: M ML1 V
IH : forall ML M', app_subst' ML unit' M' * -> M' = unit'
H2 : app_subst' ML1 unit' M *
============================
M = unit'
app_subst'_unit_comm < apply IH to H2.
Subgoal 2:
Variables: ML1 V
IH : forall ML M', app_subst' ML unit' M' * -> M' = unit'
H2 : app_subst' ML1 unit' unit' *
============================
unit' = unit'
app_subst'_unit_comm < search.
Proof completed.
Abella < Theorem app_subst'_app_comm :
forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2').
============================
forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
app_subst'_app_comm < induction on 1.
IH : forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' * ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
============================
forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' @ ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
app_subst'_app_comm < intros.
Variables: ML M1 M2 M'
IH : forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' * ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H1 : app_subst' ML (app' M1 M2) M' @
============================
exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2'
app_subst'_app_comm < case H1.
Subgoal 1:
Variables: M1 M2
IH : forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' * ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
============================
exists M1' M2', app' M1 M2 = app' M1' M2' /\ app_subst' cmnil M1 M1' /\
app_subst' cmnil M2 M2'
Subgoal 2 is:
exists M1' M2', M = app' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_app_comm < search.
Subgoal 2:
Variables: M1 M2 M ML1 V
IH : forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' * ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H2 : app_subst' ML1 (app' (M1 V) (M2 V)) M *
============================
exists M1' M2', M = app' M1' M2' /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1' /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'
app_subst'_app_comm < apply IH to H2.
Subgoal 2:
Variables: M1 M2 ML1 V M1' M2'
IH : forall ML M1 M2 M', app_subst' ML (app' M1 M2) M' * ->
(exists M1' M2', M' = app' M1' M2' /\ app_subst' ML M1 M1' /\
app_subst' ML M2 M2')
H2 : app_subst' ML1 (app' (M1 V) (M2 V)) (app' M1' M2') *
H3 : app_subst' ML1 (M1 V) M1'
H4 : app_subst' ML1 (M2 V) M2'
============================
exists M1'1 M2'1, app' M1' M2' = app' M1'1 M2'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M1 n1) M1'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) M2'1
app_subst'_app_comm < search.
Proof completed.
Abella < Theorem app_subst'_meta_app_comm :
forall ML R M M1, app_subst' ML (R M) M1 ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M').
============================
forall ML R M M1, app_subst' ML (R M) M1 ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
app_subst'_meta_app_comm < induction on 1.
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
============================
forall ML R M M1, app_subst' ML (R M) M1 @ ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
app_subst'_meta_app_comm < intros.
Variables: ML R M M1
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
H1 : app_subst' ML (R M) M1 @
============================
exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M'
app_subst'_meta_app_comm < case H1.
Subgoal 1:
Variables: R M
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
============================
exists R' M', R M = R' M' /\ (nabla x, app_subst' cmnil (R x) (R' x)) /\
app_subst' cmnil M M'
Subgoal 2 is:
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_meta_app_comm < exists R.
Subgoal 1:
Variables: R M
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
============================
exists M', R M = R M' /\ (nabla x, app_subst' cmnil (R x) (R x)) /\
app_subst' cmnil M M'
Subgoal 2 is:
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_meta_app_comm < exists M.
Subgoal 1:
Variables: R M
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
============================
R M = R M /\ (nabla x, app_subst' cmnil (R x) (R x)) /\ app_subst' cmnil M M
Subgoal 2 is:
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_meta_app_comm < search.
Subgoal 2:
Variables: R M M2 ML1 V
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
H2 : app_subst' ML1 (R V (M V)) M2 *
============================
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_meta_app_comm < apply IH to H2 with R = R V, M = M V.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
H2 : app_subst' ML1 (R V (M V)) (R' M') *
H3 : app_subst' ML1 (R V n1) (R' n1)
H4 : app_subst' ML1 (M V) M'
============================
exists R'1 M'1, R' M' = R'1 M'1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R'1 x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'1
app_subst'_meta_app_comm < exists R'.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
H2 : app_subst' ML1 (R V (M V)) (R' M') *
H3 : app_subst' ML1 (R V n1) (R' n1)
H4 : app_subst' ML1 (M V) M'
============================
exists M'1, R' M' = R' M'1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'1
app_subst'_meta_app_comm < exists M'.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
app_subst' ML M M')
H2 : app_subst' ML1 (R V (M V)) (R' M') *
H3 : app_subst' ML1 (R V n1) (R' n1)
H4 : app_subst' ML1 (M V) M'
============================
R' M' = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_meta_app_comm < search.
Proof completed.
Abella < Theorem app_subst'_meta_app_abs_comm :
forall ML R M M1, app_subst' ML (R M) M1 ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y))).
============================
forall ML R M M1, app_subst' ML (R M) M1 ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
app_subst'_meta_app_abs_comm < induction on 1.
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
============================
forall ML R M M1, app_subst' ML (R M) M1 @ ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
app_subst'_meta_app_abs_comm < intros.
Variables: ML R M M1
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
H1 : app_subst' ML (R M) M1 @
============================
exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y))
app_subst'_meta_app_abs_comm < case H1.
Subgoal 1:
Variables: R M
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
============================
exists R' M', R M = R' M' /\ (nabla x, app_subst' cmnil (R x) (R' x)) /\
(nabla y, app_subst' cmnil (M y) (M' y))
Subgoal 2 is:
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M' y))
app_subst'_meta_app_abs_comm < exists R.
Subgoal 1:
Variables: R M
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
============================
exists M', R M = R M' /\ (nabla x, app_subst' cmnil (R x) (R x)) /\
(nabla y, app_subst' cmnil (M y) (M' y))
Subgoal 2 is:
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M' y))
app_subst'_meta_app_abs_comm < exists M.
Subgoal 1:
Variables: R M
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
============================
R M = R M /\ (nabla x, app_subst' cmnil (R x) (R x)) /\
(nabla y, app_subst' cmnil (M y) (M y))
Subgoal 2 is:
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M' y))
app_subst'_meta_app_abs_comm < search.
Subgoal 2:
Variables: R M M2 ML1 V
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
H2 : app_subst' ML1 (R V (M V)) M2 *
============================
exists R' M', M2 = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M' y))
app_subst'_meta_app_abs_comm < apply IH to H2 with R = R V, M = M V.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
H2 : app_subst' ML1 (R V (M V)) (R' M') *
H3 : app_subst' ML1 (R V n1) (R' n1)
H4 : app_subst' ML1 (M V n1) (M' n1)
============================
exists R'1 M'1, R' M' = R'1 M'1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R'1 x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M'1 y))
app_subst'_meta_app_abs_comm < exists R'.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
H2 : app_subst' ML1 (R V (M V)) (R' M') *
H3 : app_subst' ML1 (R V n1) (R' n1)
H4 : app_subst' ML1 (M V n1) (M' n1)
============================
exists M'1, R' M' = R' M'1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M'1 y))
app_subst'_meta_app_abs_comm < exists M'.
Subgoal 2:
Variables: R M ML1 V R' M'
IH : forall ML R M M1, app_subst' ML (R M) M1 * ->
(exists R' M', M1 = R' M' /\ (nabla x, app_subst' ML (R x) (R' x)) /\
(nabla y, app_subst' ML (M y) (M' y)))
H2 : app_subst' ML1 (R V (M V)) (R' M') *
H3 : app_subst' ML1 (R V n1) (R' n1)
H4 : app_subst' ML1 (M V n1) (M' n1)
============================
R' M' = R' M' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x)) /\
(nabla y, app_subst' (cmcons (cmap n1 V) ML1) (M n1 y) (M' y))
app_subst'_meta_app_abs_comm < search.
Proof completed.
Abella < Theorem app_subst'_hbase_comm :
forall ML M P, app_subst' ML (hbase M) P ->
(exists M', P = hbase M' /\ app_subst' ML M M').
============================
forall ML M P, app_subst' ML (hbase M) P ->
(exists M', P = hbase M' /\ app_subst' ML M M')
app_subst'_hbase_comm < induction on 1.
IH : forall ML M P, app_subst' ML (hbase M) P * ->
(exists M', P = hbase M' /\ app_subst' ML M M')
============================
forall ML M P, app_subst' ML (hbase M) P @ ->
(exists M', P = hbase M' /\ app_subst' ML M M')
app_subst'_hbase_comm < intros.
Variables: ML M P
IH : forall ML M P, app_subst' ML (hbase M) P * ->
(exists M', P = hbase M' /\ app_subst' ML M M')
H1 : app_subst' ML (hbase M) P @
============================
exists M', P = hbase M' /\ app_subst' ML M M'
app_subst'_hbase_comm < case H1.
Subgoal 1:
Variables: M
IH : forall ML M P, app_subst' ML (hbase M) P * ->
(exists M', P = hbase M' /\ app_subst' ML M M')
============================
exists M', hbase M = hbase M' /\ app_subst' cmnil M M'
Subgoal 2 is:
exists M', M1 = hbase M' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_hbase_comm < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M P, app_subst' ML (hbase M) P * ->
(exists M', P = hbase M' /\ app_subst' ML M M')
H2 : app_subst' ML1 (hbase (M V)) M1 *
============================
exists M', M1 = hbase M' /\ app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'
app_subst'_hbase_comm < apply IH to H2.
Subgoal 2:
Variables: M ML1 V M'
IH : forall ML M P, app_subst' ML (hbase M) P * ->
(exists M', P = hbase M' /\ app_subst' ML M M')
H2 : app_subst' ML1 (hbase (M V)) (hbase M') *
H3 : app_subst' ML1 (M V) M'
============================
exists M'1, hbase M' = hbase M'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M'1
app_subst'_hbase_comm < search.
Proof completed.
Abella < Theorem app_subst'_habs_comm :
forall ML R P, app_subst' ML (habs R) P ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x))).
============================
forall ML R P, app_subst' ML (habs R) P ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
app_subst'_habs_comm < induction on 1.
IH : forall ML R P, app_subst' ML (habs R) P * ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
============================
forall ML R P, app_subst' ML (habs R) P @ ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
app_subst'_habs_comm < intros.
Variables: ML R P
IH : forall ML R P, app_subst' ML (habs R) P * ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
H1 : app_subst' ML (habs R) P @
============================
exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x))
app_subst'_habs_comm < case H1.
Subgoal 1:
Variables: R
IH : forall ML R P, app_subst' ML (habs R) P * ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
============================
exists R', habs R = habs R' /\ (nabla x, app_subst' cmnil (R x) (R' x))
Subgoal 2 is:
exists R', M = habs R' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x))
app_subst'_habs_comm < search.
Subgoal 2:
Variables: R M ML1 V
IH : forall ML R P, app_subst' ML (habs R) P * ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
H2 : app_subst' ML1 (habs (R V)) M *
============================
exists R', M = habs R' /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R' x))
app_subst'_habs_comm < apply IH to H2.
Subgoal 2:
Variables: R ML1 V R'
IH : forall ML R P, app_subst' ML (habs R) P * ->
(exists R', P = habs R' /\ (nabla x, app_subst' ML (R x) (R' x)))
H2 : app_subst' ML1 (habs (R V)) (habs R') *
H3 : app_subst' ML1 (R V n1) (R' n1)
============================
exists R'1, habs R' = habs R'1 /\
(nabla x, app_subst' (cmcons (cmap n1 V) ML1) (R n1 x) (R'1 x))
app_subst'_habs_comm < search.
Proof completed.
Abella < Theorem app_subst'_htm_comm :
forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'.
============================
forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
app_subst'_htm_comm < induction on 1.
IH : forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') * ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
============================
forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') @ ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
app_subst'_htm_comm < intros.
Variables: ML FE FE' M M'
IH : forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') * ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
H1 : app_subst' ML (htm FE M) (htm FE' M') @
============================
app_subst'_list ML FE FE' /\ app_subst' ML M M'
app_subst'_htm_comm < case H1.
Subgoal 1:
Variables: FE' M'
IH : forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') * ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
============================
app_subst'_list cmnil FE' FE' /\ app_subst' cmnil M' M'
Subgoal 2 is:
app_subst'_list (cmcons (cmap n1 V) ML1) (FE n1) M2 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M3
app_subst'_htm_comm < search.
Subgoal 2:
Variables: FE M M3 M2 ML1 V
IH : forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') * ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
H2 : app_subst' ML1 (htm (FE V) (M V)) (htm M2 M3) *
============================
app_subst'_list (cmcons (cmap n1 V) ML1) (FE n1) M2 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M3
app_subst'_htm_comm < apply IH to H2.
Subgoal 2:
Variables: FE M M3 M2 ML1 V
IH : forall ML FE FE' M M', app_subst' ML (htm FE M) (htm FE' M') * ->
app_subst'_list ML FE FE' /\ app_subst' ML M M'
H2 : app_subst' ML1 (htm (FE V) (M V)) (htm M2 M3) *
H3 : app_subst'_list ML1 (FE V) M2
H4 : app_subst' ML1 (M V) M3
============================
app_subst'_list (cmcons (cmap n1 V) ML1) (FE n1) M2 /\
app_subst' (cmcons (cmap n1 V) ML1) (M n1) M3
app_subst'_htm_comm < search.
Proof completed.
Abella < Theorem app_subst'_list_nil_comm :
forall ML M, app_subst'_list ML cnil M -> M = cnil.
============================
forall ML M, app_subst'_list ML cnil M -> M = cnil
app_subst'_list_nil_comm < induction on 1.
IH : forall ML M, app_subst'_list ML cnil M * -> M = cnil
============================
forall ML M, app_subst'_list ML cnil M @ -> M = cnil
app_subst'_list_nil_comm < intros.
Variables: ML M
IH : forall ML M, app_subst'_list ML cnil M * -> M = cnil
H1 : app_subst'_list ML cnil M @
============================
M = cnil
app_subst'_list_nil_comm < case H1.
Subgoal 1:
IH : forall ML M, app_subst'_list ML cnil M * -> M = cnil
============================
cnil = cnil
Subgoal 2 is:
L' = cnil
app_subst'_list_nil_comm < search.
Subgoal 2:
Variables: L' ML1 V
IH : forall ML M, app_subst'_list ML cnil M * -> M = cnil
H2 : app_subst'_list ML1 cnil L' *
============================
L' = cnil
app_subst'_list_nil_comm < apply IH to H2.
Subgoal 2:
Variables: ML1 V
IH : forall ML M, app_subst'_list ML cnil M * -> M = cnil
H2 : app_subst'_list ML1 cnil cnil *
============================
cnil = cnil
app_subst'_list_nil_comm < search.
Proof completed.
Abella < Theorem app_subst'_list_comm :
forall ML X L M, app_subst'_list ML (ccons X L) M ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L').
============================
forall ML X L M, app_subst'_list ML (ccons X L) M ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
app_subst'_list_comm < induction on 1.
IH : forall ML X L M, app_subst'_list ML (ccons X L) M * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
============================
forall ML X L M, app_subst'_list ML (ccons X L) M @ ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
app_subst'_list_comm < intros.
Variables: ML X L M
IH : forall ML X L M, app_subst'_list ML (ccons X L) M * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
H1 : app_subst'_list ML (ccons X L) M @
============================
exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L'
app_subst'_list_comm < case H1.
Subgoal 1:
Variables: X L
IH : forall ML X L M, app_subst'_list ML (ccons X L) M * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
============================
exists X' L', ccons X L = ccons X' L' /\ app_subst' cmnil X X' /\
app_subst'_list cmnil L L'
Subgoal 2 is:
exists X' L'1, L' = ccons X' L'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (X n1) X' /\
app_subst'_list (cmcons (cmap n1 V) ML1) (L n1) L'1
app_subst'_list_comm < search.
Subgoal 2:
Variables: X L L' ML1 V
IH : forall ML X L M, app_subst'_list ML (ccons X L) M * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
H2 : app_subst'_list ML1 (ccons (X V) (L V)) L' *
============================
exists X' L'1, L' = ccons X' L'1 /\
app_subst' (cmcons (cmap n1 V) ML1) (X n1) X' /\
app_subst'_list (cmcons (cmap n1 V) ML1) (L n1) L'1
app_subst'_list_comm < apply IH to H2.
Subgoal 2:
Variables: X L ML1 V X' L'1
IH : forall ML X L M, app_subst'_list ML (ccons X L) M * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X X' /\
app_subst'_list ML L L')
H2 : app_subst'_list ML1 (ccons (X V) (L V)) (ccons X' L'1) *
H3 : app_subst' ML1 (X V) X'
H4 : app_subst'_list ML1 (L V) L'1
============================
exists X'1 L'2, ccons X' L'1 = ccons X'1 L'2 /\
app_subst' (cmcons (cmap n1 V) ML1) (X n1) X'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) (L n1) L'2
app_subst'_list_comm < search.
Proof completed.
Abella < Theorem app_subst'_list_comm1 :
forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L).
============================
forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
app_subst'_list_comm1 < induction on 2.
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
============================
forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) @ ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
app_subst'_list_comm1 < intros.
Variables: ML X L M
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H1 : is_tm'_list M
H2 : app_subst'_list ML M (ccons X L) @
============================
exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L
app_subst'_list_comm1 < case H2.
Subgoal 1:
Variables: X L
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H1 : is_tm'_list (ccons X L)
============================
exists X' L', ccons X L = ccons X' L' /\ app_subst' cmnil X' X /\
app_subst'_list cmnil L' L
Subgoal 2 is:
exists X' L', M n1 = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < search.
Subgoal 2:
Variables: M L'2 L'1 ML1 V
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H1 : is_tm'_list (M n1)
H3 : app_subst'_list ML1 (M V) (ccons L'1 L'2) *
============================
exists X' L', M n1 = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < apply is_tm'_list_inst to H1 with V = V.
Subgoal 2:
Variables: M L'2 L'1 ML1 V
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H1 : is_tm'_list (M n1)
H3 : app_subst'_list ML1 (M V) (ccons L'1 L'2) *
H4 : is_tm'_list (M V)
============================
exists X' L', M n1 = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < apply IH to _ H3.
Subgoal 2:
Variables: M L'2 L'1 ML1 V X' L'
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H1 : is_tm'_list (M n1)
H3 : app_subst'_list ML1 (M V) (ccons L'1 L'2) *
H4 : is_tm'_list (M V)
H5 : M V = ccons X' L'
H6 : app_subst' ML1 X' L'1
H7 : app_subst'_list ML1 L' L'2
============================
exists X' L', M n1 = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < case H1.
Subgoal 2.1:
Variables: L'2 L'1 ML1 V X' L'
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H3 : app_subst'_list ML1 cnil (ccons L'1 L'2) *
H4 : is_tm'_list cnil
H5 : cnil = ccons X' L'
H6 : app_subst' ML1 X' L'1
H7 : app_subst'_list ML1 L' L'2
============================
exists X' L', cnil = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
Subgoal 2.2 is:
exists X' L', ccons (X1 n1) (L1 n1) = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < case H5.
Subgoal 2.2:
Variables: L'2 L'1 ML1 V X' L' L1 X1
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H3 : app_subst'_list ML1 (ccons (X1 V) (L1 V)) (ccons L'1 L'2) *
H4 : is_tm'_list (ccons (X1 V) (L1 V))
H5 : ccons (X1 V) (L1 V) = ccons X' L'
H6 : app_subst' ML1 X' L'1
H7 : app_subst'_list ML1 L' L'2
H8 : is_tm'_list (L1 n1)
============================
exists X' L', ccons (X1 n1) (L1 n1) = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < case H5.
Subgoal 2.2:
Variables: L'2 L'1 ML1 V L1 X1
IH : forall ML X L M, is_tm'_list M -> app_subst'_list ML M (ccons X L) * ->
(exists X' L', M = ccons X' L' /\ app_subst' ML X' X /\
app_subst'_list ML L' L)
H3 : app_subst'_list ML1 (ccons (X1 V) (L1 V)) (ccons L'1 L'2) *
H4 : is_tm'_list (ccons (X1 V) (L1 V))
H6 : app_subst' ML1 (X1 V) L'1
H7 : app_subst'_list ML1 (L1 V) L'2
H8 : is_tm'_list (L1 n1)
============================
exists X' L', ccons (X1 n1) (L1 n1) = ccons X' L' /\
app_subst' (cmcons (cmap n1 V) ML1) X' L'1 /\
app_subst'_list (cmcons (cmap n1 V) ML1) L' L'2
app_subst'_list_comm1 < search.
Proof completed.
Abella < Theorem app_subst'_pair_compose :
forall ML M1 M2 M1' M2', app_subst' ML M1 M1' -> app_subst' ML M2 M2' ->
app_subst' ML (pair' M1 M2) (pair' M1' M2').
============================
forall ML M1 M2 M1' M2', app_subst' ML M1 M1' -> app_subst' ML M2 M2' ->
app_subst' ML (pair' M1 M2) (pair' M1' M2')
app_subst'_pair_compose < induction on 1.
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
============================
forall ML M1 M2 M1' M2', app_subst' ML M1 M1' @ -> app_subst' ML M2 M2' ->
app_subst' ML (pair' M1 M2) (pair' M1' M2')
app_subst'_pair_compose < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
H1 : app_subst' ML M1 M1' @
H2 : app_subst' ML M2 M2'
============================
app_subst' ML (pair' M1 M2) (pair' M1' M2')
app_subst'_pair_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2'
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
H2 : app_subst' cmnil M2 M2'
============================
app_subst' cmnil (pair' M1' M2) (pair' M1' M2')
Subgoal 2 is:
app_subst' (cmcons (cmap n1 V) ML1) (pair' (M1 n1) (M2 n1))
(pair' M (M2' n1))
app_subst'_pair_compose < case H2.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
============================
app_subst' cmnil (pair' M1' M2') (pair' M1' M2')
Subgoal 2 is:
app_subst' (cmcons (cmap n1 V) ML1) (pair' (M1 n1) (M2 n1))
(pair' M (M2' n1))
app_subst'_pair_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M ML1 V
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
H2 : app_subst' (cmcons (cmap n1 V) ML1) (M2 n1) (M2' n1)
H3 : app_subst' ML1 (M1 V) M *
============================
app_subst' (cmcons (cmap n1 V) ML1) (pair' (M1 n1) (M2 n1))
(pair' M (M2' n1))
app_subst'_pair_compose < case H2.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
H3 : app_subst' ML1 (M1 V) M *
H4 : app_subst' ML1 (M2 V) M3
============================
app_subst' (cmcons (cmap n1 V) ML1) (pair' (M1 n1) (M2 n1)) (pair' M M3)
app_subst'_pair_compose < unfold.
Subgoal 2:
Variables: M1 M2 M ML1 V M3
IH : forall ML M1 M2 M1' M2', app_subst' ML M1 M1' * ->
app_subst' ML M2 M2' -> app_subst' ML (pair' M1 M2) (pair' M1' M2')
H3 : app_subst' ML1 (M1 V) M *
H4 : app_subst' ML1 (M2 V) M3
============================
app_subst' ML1 (pair' (M1 V) (M2 V)) (pair' M M3)
app_subst'_pair_compose < backchain IH.
Proof completed.
Abella < Theorem app_subst'_abs_compose :
forall ML R R', nabla x, app_subst' ML (R x) (R' x) ->
app_subst' ML (abs' R) (abs' R').
============================
forall ML R R', nabla x, app_subst' ML (R x) (R' x) ->
app_subst' ML (abs' R) (abs' R')
app_subst'_abs_compose < induction on 1.
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (abs' R) (abs' R')
============================
forall ML R R', nabla x, app_subst' ML (R x) (R' x) @ ->
app_subst' ML (abs' R) (abs' R')
app_subst'_abs_compose < intros.
Variables: ML R R'
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (abs' R) (abs' R')
H1 : app_subst' ML (R n1) (R' n1) @
============================
app_subst' ML (abs' R) (abs' R')
app_subst'_abs_compose < case H1.
Subgoal 1:
Variables: R'
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (abs' R) (abs' R')
============================
app_subst' cmnil (abs' (z1\R' z1)) (abs' R')
Subgoal 2 is:
app_subst' (cmcons (cmap n2 ML2) ML3) (abs' (R n2)) (abs' (z2\M1 z2))
app_subst'_abs_compose < search.
Subgoal 2:
Variables: R M1 ML3 ML2
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (abs' R) (abs' R')
H2 : app_subst' ML3 (R ML2 n1) (M1 n1) *
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (abs' (R n2)) (abs' (z2\M1 z2))
app_subst'_abs_compose < apply IH to H2.
Subgoal 2:
Variables: R M1 ML3 ML2
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (abs' R) (abs' R')
H2 : app_subst' ML3 (R ML2 n1) (M1 n1) *
H3 : app_subst' ML3 (abs' (z2\R ML2 z2)) (abs' (z2\M1 z2))
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (abs' (R n2)) (abs' (z2\M1 z2))
app_subst'_abs_compose < search.
Proof completed.
Abella < Theorem app_subst'_let_compose :
forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) -> app_subst' ML (let' M1 M2) (let' M1' M2').
============================
forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' ->
app_subst' ML (M2 x) (M2' x) -> app_subst' ML (let' M1 M2) (let' M1' M2')
app_subst'_let_compose < induction on 1.
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
============================
forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' @ ->
app_subst' ML (M2 x) (M2' x) -> app_subst' ML (let' M1 M2) (let' M1' M2')
app_subst'_let_compose < intros.
Variables: ML M1 M2 M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
H1 : app_subst' ML M1 M1' @
H2 : app_subst' ML (M2 n1) (M2' n1)
============================
app_subst' ML (let' M1 M2) (let' M1' M2')
app_subst'_let_compose < case H1.
Subgoal 1:
Variables: M2 M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
H2 : app_subst' cmnil (M2 n1) (M2' n1)
============================
app_subst' cmnil (let' M1' M2) (let' M1' M2')
Subgoal 2 is:
app_subst' (cmcons (cmap n2 V) ML1) (let' (M1 n2) (M2 n2)) (let' M (M2' n2))
app_subst'_let_compose < case H2.
Subgoal 1:
Variables: M1' M2'
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
============================
app_subst' cmnil (let' M1' (z1\M2' z1)) (let' M1' M2')
Subgoal 2 is:
app_subst' (cmcons (cmap n2 V) ML1) (let' (M1 n2) (M2 n2)) (let' M (M2' n2))
app_subst'_let_compose < search.
Subgoal 2:
Variables: M1 M2 M2' M ML1 V
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
H2 : app_subst' (cmcons (cmap n2 V) ML1) (M2 n2 n1) (M2' n2 n1)
H3 : app_subst' ML1 (M1 V) M *
============================
app_subst' (cmcons (cmap n2 V) ML1) (let' (M1 n2) (M2 n2)) (let' M (M2' n2))
app_subst'_let_compose < case H2.
Subgoal 2:
Variables: M1 M2 M ML1 V M4
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
H3 : app_subst' ML1 (M1 V) M *
H4 : app_subst' ML1 (M2 V n1) (M4 n1)
============================
app_subst' (cmcons (cmap n2 V) ML1) (let' (M1 n2) (M2 n2))
(let' M (z2\M4 z2))
app_subst'_let_compose < unfold.
Subgoal 2:
Variables: M1 M2 M ML1 V M4
IH : forall ML M1 M2 M1' M2', nabla x, app_subst' ML M1 M1' * ->
app_subst' ML (M2 x) (M2' x) ->
app_subst' ML (let' M1 M2) (let' M1' M2')
H3 : app_subst' ML1 (M1 V) M *
H4 : app_subst' ML1 (M2 V n1) (M4 n1)
============================
app_subst' ML1 (let' (M1 V) (M2 V)) (let' M (z2\M4 z2))
app_subst'_let_compose < backchain IH with x = n1.
Proof completed.
Abella < Theorem app_subst'_hbase_compose :
forall ML M M', app_subst' ML M M' -> app_subst' ML (hbase M) (hbase M').
============================
forall ML M M', app_subst' ML M M' -> app_subst' ML (hbase M) (hbase M')
app_subst'_hbase_compose < induction on 1.
IH : forall ML M M', app_subst' ML M M' * ->
app_subst' ML (hbase M) (hbase M')
============================
forall ML M M', app_subst' ML M M' @ -> app_subst' ML (hbase M) (hbase M')
app_subst'_hbase_compose < intros.
Variables: ML M M'
IH : forall ML M M', app_subst' ML M M' * ->
app_subst' ML (hbase M) (hbase M')
H1 : app_subst' ML M M' @
============================
app_subst' ML (hbase M) (hbase M')
app_subst'_hbase_compose < case H1.
Subgoal 1:
Variables: M'
IH : forall ML M M', app_subst' ML M M' * ->
app_subst' ML (hbase M) (hbase M')
============================
app_subst' cmnil (hbase M') (hbase M')
Subgoal 2 is:
app_subst' (cmcons (cmap n1 V) ML1) (hbase (M n1)) (hbase M1)
app_subst'_hbase_compose < search.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst' ML M M' * ->
app_subst' ML (hbase M) (hbase M')
H2 : app_subst' ML1 (M V) M1 *
============================
app_subst' (cmcons (cmap n1 V) ML1) (hbase (M n1)) (hbase M1)
app_subst'_hbase_compose < unfold.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst' ML M M' * ->
app_subst' ML (hbase M) (hbase M')
H2 : app_subst' ML1 (M V) M1 *
============================
app_subst' ML1 (hbase (M V)) (hbase M1)
app_subst'_hbase_compose < apply IH to H2.
Subgoal 2:
Variables: M M1 ML1 V
IH : forall ML M M', app_subst' ML M M' * ->
app_subst' ML (hbase M) (hbase M')
H2 : app_subst' ML1 (M V) M1 *
H3 : app_subst' ML1 (hbase (M V)) (hbase M1)
============================
app_subst' ML1 (hbase (M V)) (hbase M1)
app_subst'_hbase_compose < search.
Proof completed.
Abella < Theorem app_subst'_habs_compose :
forall ML R R', nabla x, app_subst' ML (R x) (R' x) ->
app_subst' ML (habs R) (habs R').
============================
forall ML R R', nabla x, app_subst' ML (R x) (R' x) ->
app_subst' ML (habs R) (habs R')
app_subst'_habs_compose < induction on 1.
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (habs R) (habs R')
============================
forall ML R R', nabla x, app_subst' ML (R x) (R' x) @ ->
app_subst' ML (habs R) (habs R')
app_subst'_habs_compose < intros.
Variables: ML R R'
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (habs R) (habs R')
H1 : app_subst' ML (R n1) (R' n1) @
============================
app_subst' ML (habs R) (habs R')
app_subst'_habs_compose < case H1.
Subgoal 1:
Variables: R'
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (habs R) (habs R')
============================
app_subst' cmnil (habs (z1\R' z1)) (habs R')
Subgoal 2 is:
app_subst' (cmcons (cmap n2 ML2) ML3) (habs (R n2)) (habs (z2\M1 z2))
app_subst'_habs_compose < search.
Subgoal 2:
Variables: R M1 ML3 ML2
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (habs R) (habs R')
H2 : app_subst' ML3 (R ML2 n1) (M1 n1) *
============================
app_subst' (cmcons (cmap n2 ML2) ML3) (habs (R n2)) (habs (z2\M1 z2))
app_subst'_habs_compose < unfold.
Subgoal 2:
Variables: R M1 ML3 ML2
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (habs R) (habs R')
H2 : app_subst' ML3 (R ML2 n1) (M1 n1) *
============================
app_subst' ML3 (habs (R ML2)) (habs (z2\M1 z2))
app_subst'_habs_compose < apply IH to H2.
Subgoal 2:
Variables: R M1 ML3 ML2
IH : forall ML R R', nabla x, app_subst' ML (R x) (R' x) * ->
app_subst' ML (habs R) (habs R')
H2 : app_subst' ML3 (R ML2 n1) (M1 n1) *
H3 : app_subst' ML3 (habs (z2\R ML2 z2)) (habs (z2\M1 z2))
============================
app_subst' ML3 (habs (R ML2)) (habs (z2\M1 z2))
app_subst'_habs_compose < search.
Proof completed.
Abella < Theorem app_subst'_htm_compose :
forall ML L L' M M', app_subst'_list ML L L' -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M').
============================
forall ML L L' M M', app_subst'_list ML L L' -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
app_subst'_htm_compose < induction on 1.
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
============================
forall ML L L' M M', app_subst'_list ML L L' @ -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
app_subst'_htm_compose < intros.
Variables: ML L L' M M'
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
H1 : app_subst'_list ML L L' @
H2 : app_subst' ML M M'
============================
app_subst' ML (htm L M) (htm L' M')
app_subst'_htm_compose < case H1.
Subgoal 1:
Variables: L' M M'
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
H2 : app_subst' cmnil M M'
============================
app_subst' cmnil (htm L' M) (htm L' M')
Subgoal 2 is:
app_subst' (cmcons (cmap n1 V) ML1) (htm (L n1) (M n1)) (htm L'1 (M' n1))
app_subst'_htm_compose < case H2.
Subgoal 1:
Variables: L' M'
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
============================
app_subst' cmnil (htm L' M') (htm L' M')
Subgoal 2 is:
app_subst' (cmcons (cmap n1 V) ML1) (htm (L n1) (M n1)) (htm L'1 (M' n1))
app_subst'_htm_compose < search.
Subgoal 2:
Variables: L M M' L'1 ML1 V
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
H2 : app_subst' (cmcons (cmap n1 V) ML1) (M n1) (M' n1)
H3 : app_subst'_list ML1 (L V) L'1 *
============================
app_subst' (cmcons (cmap n1 V) ML1) (htm (L n1) (M n1)) (htm L'1 (M' n1))
app_subst'_htm_compose < case H2.
Subgoal 2:
Variables: L M L'1 ML1 V M1
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
H3 : app_subst'_list ML1 (L V) L'1 *
H4 : app_subst' ML1 (M V) M1
============================
app_subst' (cmcons (cmap n1 V) ML1) (htm (L n1) (M n1)) (htm L'1 M1)
app_subst'_htm_compose < apply IH to H3 H4.
Subgoal 2:
Variables: L M L'1 ML1 V M1
IH : forall ML L L' M M', app_subst'_list ML L L' * -> app_subst' ML M M' ->
app_subst' ML (htm L M) (htm L' M')
H3 : app_subst'_list ML1 (L V) L'1 *
H4 : app_subst' ML1 (M V) M1
H5 : app_subst' ML1 (htm (L V) (M V)) (htm L'1 M1)
============================
app_subst' (cmcons (cmap n1 V) ML1) (htm (L n1) (M n1)) (htm L'1 M1)
app_subst'_htm_compose < search.
Proof completed.
Abella < Theorem app_subst'_list_compose :
forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' ->
app_subst'_list ML (ccons X L) (ccons X' L').
============================
forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' ->
app_subst'_list ML (ccons X L) (ccons X' L')
app_subst'_list_compose < induction on 2.
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
============================
forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' @ ->
app_subst'_list ML (ccons X L) (ccons X' L')
app_subst'_list_compose < intros.
Variables: ML X X' L L'
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
H1 : app_subst' ML X X'
H2 : app_subst'_list ML L L' @
============================
app_subst'_list ML (ccons X L) (ccons X' L')
app_subst'_list_compose < case H2.
Subgoal 1:
Variables: X X' L'
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
H1 : app_subst' cmnil X X'
============================
app_subst'_list cmnil (ccons X L') (ccons X' L')
Subgoal 2 is:
app_subst'_list (cmcons (cmap n1 V) ML1) (ccons (X n1) (L n1))
(ccons (X' n1) L'1)
app_subst'_list_compose < case H1.
Subgoal 1:
Variables: X' L'
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
============================
app_subst'_list cmnil (ccons X' L') (ccons X' L')
Subgoal 2 is:
app_subst'_list (cmcons (cmap n1 V) ML1) (ccons (X n1) (L n1))
(ccons (X' n1) L'1)
app_subst'_list_compose < search.
Subgoal 2:
Variables: X X' L L'1 ML1 V
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
H1 : app_subst' (cmcons (cmap n1 V) ML1) (X n1) (X' n1)
H3 : app_subst'_list ML1 (L V) L'1 *
============================
app_subst'_list (cmcons (cmap n1 V) ML1) (ccons (X n1) (L n1))
(ccons (X' n1) L'1)
app_subst'_list_compose < case H1.
Subgoal 2:
Variables: X L L'1 ML1 V M
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
H3 : app_subst'_list ML1 (L V) L'1 *
H4 : app_subst' ML1 (X V) M
============================
app_subst'_list (cmcons (cmap n1 V) ML1) (ccons (X n1) (L n1)) (ccons M L'1)
app_subst'_list_compose < apply IH to H4 H3.
Subgoal 2:
Variables: X L L'1 ML1 V M
IH : forall ML X X' L L', app_subst' ML X X' -> app_subst'_list ML L L' * ->
app_subst'_list ML (ccons X L) (ccons X' L')
H3 : app_subst'_list ML1 (L V) L'1 *
H4 : app_subst' ML1 (X V) M
H5 : app_subst'_list ML1 (ccons (X V) (L V)) (ccons M L'1)
============================
app_subst'_list (cmcons (cmap n1 V) ML1) (ccons (X n1) (L n1)) (ccons M L'1)
app_subst'_list_compose < search.
Proof completed.
Abella < Theorem app_subst'_list_nil :
forall ML, subst' ML -> app_subst'_list ML cnil cnil.
============================
forall ML, subst' ML -> app_subst'_list ML cnil cnil
app_subst'_list_nil < induction on 1.
IH : forall ML, subst' ML * -> app_subst'_list ML cnil cnil
============================
forall ML, subst' ML @ -> app_subst'_list ML cnil cnil
app_subst'_list_nil < intros.
Variables: ML
IH : forall ML, subst' ML * -> app_subst'_list ML cnil cnil
H1 : subst' ML @
============================
app_subst'_list ML cnil cnil
app_subst'_list_nil < case H1.
Subgoal 1:
IH : forall ML, subst' ML * -> app_subst'_list ML cnil cnil
============================
app_subst'_list cmnil cnil cnil
Subgoal 2 is:
app_subst'_list (cmcons (cmap n1 V) ML1) cnil cnil
app_subst'_list_nil < search.
Subgoal 2:
Variables: ML1 V
IH : forall ML, subst' ML * -> app_subst'_list ML cnil cnil
H2 : subst' ML1 *
H3 : {val' V}
H4 : {tm' V}
============================
app_subst'_list (cmcons (cmap n1 V) ML1) cnil cnil
app_subst'_list_nil < apply IH to H2.
Subgoal 2:
Variables: ML1 V
IH : forall ML, subst' ML * -> app_subst'_list ML cnil cnil
H2 : subst' ML1 *
H3 : {val' V}
H4 : {tm' V}
H5 : app_subst'_list ML1 cnil cnil
============================
app_subst'_list (cmcons (cmap n1 V) ML1) cnil cnil
app_subst'_list_nil < search.
Proof completed.
Abella < Theorem app_subst'_list_nil1 :
forall ML L, is_tm'_list L -> app_subst'_list ML L cnil -> L = cnil.
============================
forall ML L, is_tm'_list L -> app_subst'_list ML L cnil -> L = cnil
app_subst'_list_nil1 < induction on 2.
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
============================
forall ML L, is_tm'_list L -> app_subst'_list ML L cnil @ -> L = cnil
app_subst'_list_nil1 < intros.
Variables: ML L
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
H1 : is_tm'_list L
H2 : app_subst'_list ML L cnil @
============================
L = cnil
app_subst'_list_nil1 < case H2.
Subgoal 1:
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
H1 : is_tm'_list cnil
============================
cnil = cnil
Subgoal 2 is:
L n1 = cnil
app_subst'_list_nil1 < search.
Subgoal 2:
Variables: L ML1 V
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
H1 : is_tm'_list (L n1)
H3 : app_subst'_list ML1 (L V) cnil *
============================
L n1 = cnil
app_subst'_list_nil1 < case H1.
Subgoal 2.1:
Variables: ML1 V
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
H3 : app_subst'_list ML1 cnil cnil *
============================
cnil = cnil
Subgoal 2.2 is:
ccons (X n1) (L1 n1) = cnil
app_subst'_list_nil1 < search.
Subgoal 2.2:
Variables: ML1 V L1 X
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
H3 : app_subst'_list ML1 (ccons (X V) (L1 V)) cnil *
H4 : is_tm'_list (L1 n1)
============================
ccons (X n1) (L1 n1) = cnil
app_subst'_list_nil1 < apply is_tm'_list_inst to H4 with V = V.
Subgoal 2.2:
Variables: ML1 V L1 X
IH : forall ML L, is_tm'_list L -> app_subst'_list ML L cnil * -> L = cnil
H3 : app_subst'_list ML1 (ccons (X V) (L1 V)) cnil *
H4 : is_tm'_list (L1 n1)
H5 : is_tm'_list (L1 V)
============================
ccons (X n1) (L1 n1) = cnil
app_subst'_list_nil1 < apply IH to _ H3.
Proof completed.
Abella < Theorem app_subst'_list_prune :
forall ML M M', nabla x, app_subst'_list ML M (M' x) ->
(exists M'', M' = y\M'').
============================
forall ML M M', nabla x, app_subst'_list ML M (M' x) ->
(exists M'', M' = y\M'')
app_subst'_list_prune < induction on 1.
IH : forall ML M M', nabla x, app_subst'_list ML M (M' x) * ->
(exists M'', M' = y\M'')
============================
forall ML M M', nabla x, app_subst'_list ML M (M' x) @ ->
(exists M'', M' = y\M'')
app_subst'_list_prune < intros.
Variables: ML M M'
IH : forall ML M M', nabla x, app_subst'_list ML M (M' x) * ->
(exists M'', M' = y\M'')
H1 : app_subst'_list ML M (M' n1) @
============================
exists M'', M' = y\M''
app_subst'_list_prune < case H1.
Subgoal 1:
Variables: M
IH : forall ML M M', nabla x, app_subst'_list ML M (M' x) * ->
(exists M'', M' = y\M'')
============================
exists M'', z1\M = y\M''
Subgoal 2 is:
exists M'', z2\L'1 z2 = y\M''
app_subst'_list_prune < search.
Subgoal 2:
Variables: M L'1 ML3 ML2
IH : forall ML M M', nabla x, app_subst'_list ML M (M' x) * ->
(exists M'', M' = y\M'')
H2 : app_subst'_list ML3 (M ML2) (L'1 n1) *
============================
exists M'', z2\L'1 z2 = y\M''
app_subst'_list_prune < apply IH to H2.
Subgoal 2:
Variables: M ML3 ML2 M''
IH : forall ML M M', nabla x, app_subst'_list ML M (M' x) * ->
(exists M'', M' = y\M'')
H2 : app_subst'_list ML3 (M ML2) M'' *
============================
exists M''1, z2\M'' = y\M''1
app_subst'_list_prune < search.
Proof completed.
Abella <