Thm*  A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(Label  Label ). tc_ioa(A;de)    ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) guarded_trace(A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) closed_pred(I) single_valued_decls(A.ds) let M = [[A]] rho de e in (s:M.state, tr:( [[A.da]] rho) List. (M -tr- > s) [[VCs(A;I)]] rho A.ds A.da de e s mk_trace_env(tr, te)) (M |= always s,tr.[[I]] rho A.ds < > de e s  mk_trace_env(tr, te)) | [vc_trace_correctness] |
Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) (v VCs(A;I).trace_consistent_vc(rho;A.da;te;v)) | [trace_consistent_ioa_inv_vc] |
Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) guarded_trace(A.da;te;I) closed_pred(I) single_valued_decls(A.ds) (s0,x:[[A]] rho de e.state, act:[[A]] rho de e.action, x':[[A]] rho de e.state, tr:([[A.da]] rho) List. [[A]] rho de e.init(s0) trace_reachable([[A]] rho de e;s0;mk_trace_env(tr, te).trace;x) [[I]] rho A.ds < > de e x mk_trace_env(tr, te) [[A]] rho de e.trans(x,act,x') (( t:dec(). t A.da & t.lbl = kind(act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act)) | [vc_trace_correct_action_decl_lemma] |
| Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp(A;k;Q)) | [trace_consistent_wp] |
| Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp2(A;k;Q)) | [trace_consistent_wp2] |
| Thm* da:Collection(dec()), P:Fmla, rho:Decl, te:(LabelLabel). trace_consistent_pred(rho;da;te;P) trace_consistent_pred(rho;da;te;(P)') | [trace_consistent_pred_addprime] |
| Thm* da:Collection(dec()), P:Fmla, rho:Decl, te:(LabelLabel). trace_consistent_pred(rho;da;te;P) trace_consistent_pred(rho;da;te;pred_unprime(P)) | [trace_consistent_pred_unprime] |
| Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel), a:dec(). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) a A.da trace_consistent_pred(rho;A.da;te;smts_eff_pred(action_effect(a.lbl;A.eff;A.frame);I)) | [trace_consistent_action_effect] |
| Thm* A:ioa{i:l}(), rho:Decl, r:rel(), R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;R;r) trace_consistent_pred(rho;A.da;R;wp2_rel(A;k;r)) | [trace_consistent_wp2_rel] |
| Thm* A:ioa{i:l}(), rho:Decl, r:rel(), R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;R;r) trace_consistent_pred(rho;A.da;R;wp_rel(A;k;r)) | [trace_consistent_wp_rel] |
| Thm* A:ioa{i:l}(), rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;A.init) | [trace_consistent_init] |
| Thm* A:ioa{i:l}(), rho:Decl, te:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;action_pre(k;A.pre)) | [trace_consistent_action_pre] |
Thm* p,q:Fmla, rho:Decl, da:Collection(dec()), R:(LabelLabel). trace_consistent_pred(rho;da;R;p  q)  trace_consistent_pred(rho;da;R;p) & trace_consistent_pred(rho;da;R;q) | [trace_consistent_pred_and] |
| Thm* p:Fmla, rho:Decl, da:Collection(dec()), R:(LabelLabel). trace_consistent_pred(rho;da;R;p) Prop | [trace_consistent_pred_wf] |
Thm* r:rel(), as:(Label Term) List, daa:Collection(dec()), rho:Decl, te:(LabelLabel). trace_consistent_rel(rho;daa;te;r) subst_mentions_trace(as) trace_consistent_rel(rho;daa;te;rel_subst2(as;r)) | [trace_consistent_rel_subst2] |
| Thm* r:rel(), as:(LabelTerm) List, daa:Collection(dec()), rho:Decl, te:(LabelLabel). trace_consistent_rel(rho;daa;te;r) subst_mentions_trace(as) trace_consistent_rel(rho;daa;te;rel_subst(as;r)) | [trace_consistent_rel_subst] |