Nuprl - mb automata 4 LEMMAs for vc trace correctness

mb automata 4 Sections GenAutomata Doc

Rank	Theorem	Name
13			Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) guarded_trace(A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) closed_pred(I) single_valued_decls(A.ds) let M = [[A]] rho de e in (s:M.state, tr:([[A.da]] rho) List. (M -tr- > s) [[VCs(A;I)]] rho A.ds A.da de e s mk_trace_env(tr, te)) (M \|= always s,tr.[[I]] rho A.ds < > de e s mk_trace_env(tr, te))	[vc_trace_correctness]
cites
2			Thm* M:sm{i:l}(), I:(M.state(M.action List)Prop). (x:M.state. M.init(x) I(x,nil)) (s0,x:M.state, act:M.action, x':M.state, l:M.action List. M.init(s0) trace_reachable(M;s0;l;x) I(x,l) M.trans(x,act,x') I(x',l @ [act])) (M \|= always s,t.I(s,t))	[trace_inv_induction]
0			Thm* r:rel(), te:(LabelLabel), rho,ds,da,de,e,s,a:Top. [[r]] rho ds da de e s a mk_trace_env(nil, te) ~ [[r]] rho ds da de e s a niltrace()	[rel_mng_nil]
10			Thm* A:ioa{i:l}(), de:sig(). tc_ioa(A;de) ioa_mentions_trace(A) (Q:Fmla, rho:Decl, e:{[[de]] rho}, a:[[A]] rho de e.action, tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;tr.proj;Q) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc_pred(Q;A.ds; < > ;de) closed_pred(Q) covers_pred(A;Q) [[A]] rho de e.trans(s,a,x') ([[Q]] rho A.ds < > de e x' tr [[wp(A;kind(a);Q)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr)))	[wp_correctness]
1			Thm* r:rel(), rho,ds,da1,da2,de,s,e,a1,a2,tr:Top. closed_rel(r) ([[r]] rho ds da1 de e s a1 tr ~ [[r]] rho ds da2 de e s a2 tr)	[closed_rel_mng_sq]
1			Thm* r:rel(), rho,ds,da,de,e,s,a,tr,tr':Top. rel_mentions_trace(r) ([[r]] rho ds da de e s a tr' ~ [[r]] rho ds da de e s a tr)	[rel_mng_static]
12			Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) guarded_trace(A.da;te;I) closed_pred(I) single_valued_decls(A.ds) (s0,x:[[A]] rho de e.state, act:[[A]] rho de e.action, x':[[A]] rho de e.state, tr:([[A.da]] rho) List. [[A]] rho de e.init(s0) trace_reachable([[A]] rho de e;s0;mk_trace_env(tr, te).trace;x) [[I]] rho A.ds < > de e x mk_trace_env(tr, te) [[A]] rho de e.trans(x,act,x') ((t:dec(). t A.da & t.lbl = kind(act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act))	[vc_trace_correct_action_decl_lemma]
0			Thm* v:Top, rho:Decl. v [[ < > ]] rho	[empty_sts_mng]
5			Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) (vVCs(A;I).trace_consistent_vc(rho;A.da;te;v))	[trace_consistent_ioa_inv_vc]

mb automata 4 Sections GenAutomata Doc