Thm*  A:ioa{i:l}(), de:sig(). tc_ioa(A;de)    ioa_mentions_trace(A) (Q:Fmla, rho:Decl, e:{[[de]] rho}, a:[[A]] rho de e.action, tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;tr.proj;Q) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc_pred(Q;A.ds; < > ;de) closed_pred(Q) covers_pred(A;Q) [[A]] rho de e.trans(s,a,x') ([[Q]] rho A.ds < > de e x'  tr  [[wp(A;kind(a);Q)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr))) | [wp_correctness] |
Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(Label  Label ), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp(A;k;Q)) | [trace_consistent_wp] |
| Thm* A:ioa{i:l}(), Q:Fmla, de:sig(), a:Label. tc_ioa(A;de) single_valued_decls(A.ds) tc_pred(Q;A.ds;dec_lookup(A.da;a);de) tc_pred(wp(A;a;Q);A.ds;dec_lookup(A.da;a);de) | [tc_wp] |
| Thm* A:ioa{i:l}(), a:Label, P:Fmla. wp2(A;a;(P)') = wp(A;a;P) | [wp2_addprime] |