-----------------------------------------------------------------------------
-- |
-- Module    : Documentation.SBV.Examples.TP.ConstFold
-- Copyright : (c) Levent Erkok
-- License   : BSD3
-- Maintainer: erkokl@gmail.com
-- Stability : experimental
--
-- Correctness of constant folding for a simple expression language.
-----------------------------------------------------------------------------

{-# LANGUAGE CPP                 #-}
{-# LANGUAGE DataKinds           #-}
{-# LANGUAGE QuasiQuotes         #-}
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE TypeAbstractions    #-}
{-# LANGUAGE TypeApplications    #-}

{-# OPTIONS_GHC -Wall -Werror #-}

module Documentation.SBV.Examples.TP.ConstFold where

import Prelude hiding ((++), snd)

import Data.SBV
import Data.SBV.List  as SL
import Data.SBV.Tuple as ST
import Data.SBV.TP

-- Get the expression language definitions
import Documentation.SBV.Examples.TP.VM

#ifdef DOCTEST
-- $setup
-- >>> import Data.SBV
-- >>> import Data.SBV.TP
-- >>> :set -XTypeApplications
#endif

-- | Base expression type (used in quantifiers).
type Exp = Expr String Integer

-- | Base environment-list type (used in quantifiers).
type EL = [(String, Integer)]

-- | Symbolic expression over strings and integers.
type SE = SExpr String Integer

-- | Symbolic environment over strings and integers.
type E = Env String Integer

-- * Simplification

-- | Simplify an expression at the top level, assuming sub-expressions are already folded.
-- The rules are:
--
--   * @Sqr (Con v)         → Con (v*v)@
--   * @Inc (Con v)         → Con (v+1)@
--   * @Add (Con 0) x       → x@
--   * @Add x (Con 0)       → x@
--   * @Add (Con a) (Con b) → Con (a+b)@
--   * @Mul (Con 0) x       → Con 0@
--   * @Mul x (Con 0)       → Con 0@
--   * @Mul (Con 1) x       → x@
--   * @Mul x (Con 1)       → x@
--   * @Mul (Con a) (Con b) → Con (a*b)@
--   * @Let nm (Con v) b    → subst nm v b@
simplify :: SE -> SE
simplify :: SE -> SE
simplify = String -> (SE -> SE) -> SE -> SE
forall a.
(SMTDefinable a, Typeable a, Lambda Symbolic a) =>
String -> a -> a
smtFunction String
"simplify" ((SE -> SE) -> SE -> SE) -> (SE -> SE) -> SE -> SE
forall a b. (a -> b) -> a -> b
$ \SE
expr ->
  [sCase|Expr expr of
    Sqr (Con v)         -> sCon (v * v)

    Inc (Con v)         -> sCon (v + 1)

    Add (Con 0) r       -> r
    Add l       (Con 0) -> l
    Add (Con a) (Con b) -> sCon (a + b)

    Mul (Con 0) _       -> sCon 0
    Mul _       (Con 0) -> sCon 0
    Mul (Con 1) r       -> r
    Mul l       (Con 1) -> l
    Mul (Con a) (Con b) -> sCon (a * b)

    Let nm (Con v) b    -> subst nm v b

    -- fall-thru
    _                   -> expr
  |]

-- * Substitution

-- | Substitute a variable with a value in an expression. Capture-avoiding:
-- if a @Let@-bound variable shadows the target, we do not substitute in the body.
--
--   * @Var x         → if x == nm then Con v else Var x@
--   * @Con c         → Con c@
--   * @Sqr a         → Sqr (subst nm v a)@
--   * @Inc a         → Inc (subst nm v a)@
--   * @Add a b       → Add (subst nm v a) (subst nm v b)@
--   * @Mul a b       → Mul (subst nm v a) (subst nm v b)@
--   * @Let x a b     → Let x (subst nm v a) (if x == nm then b else subst nm v b)@
subst :: SString -> SInteger -> SE -> SE
subst :: SBV String -> SBV Integer -> SE -> SE
subst = String
-> (SBV String -> SBV Integer -> SE -> SE)
-> SBV String
-> SBV Integer
-> SE
-> SE
forall a.
(SMTDefinable a, Typeable a, Lambda Symbolic a) =>
String -> a -> a
smtFunction String
"subst" ((SBV String -> SBV Integer -> SE -> SE)
 -> SBV String -> SBV Integer -> SE -> SE)
-> (SBV String -> SBV Integer -> SE -> SE)
-> SBV String
-> SBV Integer
-> SE
-> SE
forall a b. (a -> b) -> a -> b
$ \SBV String
nm SBV Integer
v SE
expr ->
  [sCase|Expr expr of

    -- Substitute for vars if name matches
    Var x | x .== nm -> sCon v
          | True     -> sVar x

    -- pass thru
    Con c   -> sCon c
    Sqr a   -> sSqr (subst nm v a)
    Inc a   -> sInc (subst nm v a)
    Add a b -> sAdd (subst nm v a) (subst nm v b)
    Mul a b -> sMul (subst nm v a) (subst nm v b)

    -- substitute in the definition, but only substitute in the body if the name is not shadowing
    Let x a b | x .== nm -> sLet x (subst nm v a) b
              | True     -> sLet x (subst nm v a) (subst nm v b)
  |]

-- * Constant folding

-- | Constant fold an expression bottom-up: first fold sub-expressions, then simplify.
cfold :: SE -> SE
cfold :: SE -> SE
cfold = String -> (SE -> SE) -> SE -> SE
forall a.
(SMTDefinable a, Typeable a, Lambda Symbolic a) =>
String -> a -> a
smtFunction String
"cfold" ((SE -> SE) -> SE -> SE) -> (SE -> SE) -> SE -> SE
forall a b. (a -> b) -> a -> b
$ \SE
expr ->
  [sCase|Expr expr of
    Var nm     -> sVar nm
    Con v      -> sCon v
    Sqr a      -> simplify (sSqr (cfold a))
    Inc a      -> simplify (sInc (cfold a))
    Add a b    -> simplify (sAdd (cfold a) (cfold b))
    Mul a b    -> simplify (sMul (cfold a) (cfold b))
    Let nm a b -> simplify (sLet nm (cfold a) (cfold b))
  |]

-- * Correctness

-- | The size measure is always non-negative.
--
-- >>> runTP measureNonNeg
-- Lemma: measureNonNeg                    Q.E.D.
-- [Proven] measureNonNeg :: Ɐe ∷ (Expr [Char] Integer) → Bool
measureNonNeg :: TP (Proof (Forall "e" Exp -> SBool))
measureNonNeg :: TP (Proof (Forall "e" Exp -> SBool))
measureNonNeg = String
-> (Forall "e" Exp -> SBool)
-> [ProofObj]
-> TP (Proof (Forall "e" Exp -> SBool))
forall a. Inductive a => String -> a -> [ProofObj] -> TP (Proof a)
inductiveLemma String
"measureNonNeg"
                               (\(Forall @"e" (SE
e :: SE)) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SExpr nm val -> SBV Integer
size SE
e SBV Integer -> SBV Integer -> SBool
forall a. OrdSymbolic a => a -> a -> SBool
.>= SBV Integer
0)
                               []

-- | Congruence for squaring: if @a == b@ then @a*a == b*b@.
--
-- >>> runTP sqrCong
-- Lemma: sqrCong                          Q.E.D.
-- [Proven] sqrCong :: Ɐa ∷ Integer → Ɐb ∷ Integer → Bool
sqrCong :: TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong :: TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong = String
-> (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> [ProofObj]
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"sqrCong"
                (\(Forall @"a" (SBV Integer
a :: SInteger)) (Forall @"b" SBV Integer
b) ->
                      SBV Integer
a SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
b SBool -> SBool -> SBool
.=> SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SBV Integer
a SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
b SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SBV Integer
b) []

-- | Congruence for addition on the left: if @a == b@ then @a+c == b+c@.
--
-- >>> runTP addCongL
-- Lemma: addCongL                         Q.E.D.
-- [Proven] addCongL :: Ɐa ∷ Integer → Ɐb ∷ Integer → Ɐc ∷ Integer → Bool
addCongL :: TP (Proof (Forall "a" Integer -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongL :: TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongL = String
-> (Forall "a" Integer
    -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"addCongL"
                 (\(Forall @"a" (SBV Integer
a :: SInteger)) (Forall @"b" SBV Integer
b) (Forall @"c" SBV Integer
c) ->
                       SBV Integer
a SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
b SBool -> SBool -> SBool
.=> SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SBV Integer
c SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
b SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SBV Integer
c) []

-- | Congruence for addition on the right: if @b == c@ then @a+b == a+c@.
--
-- >>> runTP addCongR
-- Lemma: addCongR                         Q.E.D.
-- [Proven] addCongR :: Ɐa ∷ Integer → Ɐb ∷ Integer → Ɐc ∷ Integer → Bool
addCongR :: TP (Proof (Forall "a" Integer -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongR :: TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongR = String
-> (Forall "a" Integer
    -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"addCongR"
                 (\(Forall @"a" (SBV Integer
a :: SInteger)) (Forall @"b" SBV Integer
b) (Forall @"c" SBV Integer
c) ->
                       SBV Integer
b SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
c SBool -> SBool -> SBool
.=> SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SBV Integer
b SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SBV Integer
c) []

-- | Congruence for multiplication on the left: if @a == b@ then @a*c == b*c@.
--
-- >>> runTP mulCongL
-- Lemma: mulCongL                         Q.E.D.
-- [Proven] mulCongL :: Ɐa ∷ Integer → Ɐb ∷ Integer → Ɐc ∷ Integer → Bool
mulCongL :: TP (Proof (Forall "a" Integer -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL :: TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL = String
-> (Forall "a" Integer
    -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"mulCongL"
                 (\(Forall @"a" (SBV Integer
a :: SInteger)) (Forall @"b" SBV Integer
b) (Forall @"c" SBV Integer
c) ->
                       SBV Integer
a SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
b SBool -> SBool -> SBool
.=> SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SBV Integer
c SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
b SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SBV Integer
c) []

-- | Congruence for multiplication on the right: if @b == c@ then @a*b == a*c@.
--
-- >>> runTP mulCongR
-- Lemma: mulCongR                         Q.E.D.
-- [Proven] mulCongR :: Ɐa ∷ Integer → Ɐb ∷ Integer → Ɐc ∷ Integer → Bool
mulCongR :: TP (Proof (Forall "a" Integer -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR :: TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR = String
-> (Forall "a" Integer
    -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"mulCongR"
                 (\(Forall @"a" (SBV Integer
a :: SInteger)) (Forall @"b" SBV Integer
b) (Forall @"c" SBV Integer
c) ->
                       SBV Integer
b SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
c SBool -> SBool -> SBool
.=> SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SBV Integer
b SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV Integer
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SBV Integer
c) []

-- | Unfolding @interpInEnv@ over @Sqr@.
--
-- >>> runTP sqrHelper
-- Lemma: sqrHelper                        Q.E.D.
-- [Proven] sqrHelper :: Ɐenv ∷ [([Char], Integer)] → Ɐa ∷ (Expr [Char] Integer) → Bool
sqrHelper :: TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper :: TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper = String
-> (Forall "env" EL -> Forall "a" Exp -> SBool)
-> [ProofObj]
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"sqrHelper"
                  (\(Forall @"env" (SList (String, Integer)
env :: E)) (Forall @"a" SE
a) ->
                        SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
a) []

-- | Unfolding @interpInEnv@ over @Add@.
--
-- >>> runTP addHelper
-- Lemma: addHelper                        Q.E.D.
-- [Proven] addHelper :: Ɐenv ∷ [([Char], Integer)] → Ɐa ∷ (Expr [Char] Integer) → Ɐb ∷ (Expr [Char] Integer) → Bool
addHelper :: TP (Proof (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
addHelper :: TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
addHelper = String
-> (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"addHelper"
                  (\(Forall @"env" (SList (String, Integer)
env :: E)) (Forall @"a" SE
a) (Forall @"b" SE
b) ->
                        SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
b) []

-- | Unfolding @interpInEnv@ over @Mul@.
--
-- >>> runTP mulHelper
-- Lemma: mulHelper                        Q.E.D.
-- [Proven] mulHelper :: Ɐenv ∷ [([Char], Integer)] → Ɐa ∷ (Expr [Char] Integer) → Ɐb ∷ (Expr [Char] Integer) → Bool
mulHelper :: TP (Proof (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper :: TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper = String
-> (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"mulHelper"
                  (\(Forall @"env" (SList (String, Integer)
env :: E)) (Forall @"a" SE
a) (Forall @"b" SE
b) ->
                        SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
b) []

-- | Unfolding @interpInEnv@ over @Let@.
--
-- >>> runTP letHelper
-- Lemma: letHelper                        Q.E.D.
-- [Proven] letHelper :: Ɐenv ∷ [([Char], Integer)] → Ɐnm ∷ [Char] → Ɐa ∷ (Expr [Char] Integer) → Ɐb ∷ (Expr [Char] Integer) → Bool
letHelper :: TP (Proof (Forall "env" EL -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool))
letHelper :: TP
  (Proof
     (Forall "env" EL
      -> Forall "nm" String
      -> Forall "a" Exp
      -> Forall "b" Exp
      -> SBool))
letHelper = String
-> (Forall "env" EL
    -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"letHelper"
                  (\(Forall @"env" (SList (String, Integer)
env :: E)) (Forall @"nm" SBV String
nm) (Forall @"a" SE
a) (Forall @"b" SE
b) ->
                        SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
nm SE
a SE
b) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
a) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
b) []

-- * Environment lemmas

-- | Swapping two adjacent bindings with distinct keys does not affect lookup.
--
-- >>> runTP lookupSwap
-- Lemma: lookupSwap
--   Step: 1 (2 way case split)
--     Step: 1.1                           Q.E.D.
--     Step: 1.2.1                         Q.E.D.
--     Step: 1.2.2                         Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] lookupSwap :: Ɐk ∷ [Char] → Ɐb1 ∷ ([Char], Integer) → Ɐb2 ∷ ([Char], Integer) → Ɐenv ∷ [([Char], Integer)] → Bool
lookupSwap :: TP (Proof (Forall "k" String -> Forall "b1" (String, Integer)
                      -> Forall "b2" (String, Integer) -> Forall "env" EL -> SBool))
lookupSwap :: TP
  (Proof
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupSwap = String
-> (Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> StepArgs
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
     Integer
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall t.
(Proposition
   (Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool),
 SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> StepArgs
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
     t
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a t.
(Calc a, Proposition a, SymVal t, EqSymbolic (SBV t)) =>
String -> a -> StepArgs a t -> TP (Proof a)
calc String
"lookupSwap"
                  (\(Forall @"k" (SBV String
k :: SString)) (Forall @"b1" (SBV (String, Integer)
b1 :: STuple String Integer))
                    (Forall @"b2" (SBV (String, Integer)
b2 :: STuple String Integer)) (Forall @"env" (SList (String, Integer)
env :: E)) ->
                      let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
                          (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
                      in  SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
y SBool -> SBool -> SBool
.=> SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)) (StepArgs
   (Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
   Integer
 -> TP
      (Proof
         (Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)))
-> StepArgs
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
     Integer
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a b. (a -> b) -> a -> b
$
                  \SBV String
k SBV (String, Integer)
b1 SBV (String, Integer)
b2 SList (String, Integer)
env ->
                      let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
                          (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
                      in [SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
y]
                      [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SBV String
k SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
x
                                 SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                                  SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                                  SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                               , SBV String
k SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
x
                                 SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                                  SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                                  SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                                  SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                               ]

-- | Generalized swap: swapping two adjacent distinct-keyed bindings behind
-- a prefix does not affect lookup.
--
-- >>> runTP lookupSwapPfx
-- Lemma: lookupSwap                       Q.E.D.
-- Inductive lemma (strong): lookupSwapPfx
--   Step: Measure is non-negative         Q.E.D.
--   Step: 1 (2 way case split)
--     Step: 1.1 (base)                    Q.E.D.
--     Step: 1.2.1 (cons)                  Q.E.D.
--     Step: 1.2.2                         Q.E.D.
--     Step: 1.2.3                         Q.E.D.
--     Step: 1.2.4                         Q.E.D.
--     Step: 1.2.5                         Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] lookupSwapPfx :: Ɐpfx ∷ [([Char], Integer)] → Ɐk ∷ [Char] → Ɐb1 ∷ ([Char], Integer) → Ɐb2 ∷ ([Char], Integer) → Ɐenv ∷ [([Char], Integer)] → Bool
lookupSwapPfx :: TP (Proof (Forall "pfx" EL -> Forall "k" String -> Forall "b1" (String, Integer)
                         -> Forall "b2" (String, Integer) -> Forall "env" EL -> SBool))
lookupSwapPfx :: TP
  (Proof
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupSwapPfx = do
   Proof
  (Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkS <- String
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"lookupSwap" TP
  (Proof
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupSwap
   String
-> (Forall "pfx" EL
    -> Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> (MeasureArgs
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
      Integer,
    [ProofObj])
-> (Proof
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a m t.
(SInductive a, Proposition a, Zero m, SymVal t,
 EqSymbolic (SBV t)) =>
String
-> a
-> (MeasureArgs a m, [ProofObj])
-> (Proof a -> StepArgs a t)
-> TP (Proof a)
forall m t.
(Proposition
   (Forall "pfx" EL
    -> Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool),
 Zero m, SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "pfx" EL
    -> Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> (MeasureArgs
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
      m,
    [ProofObj])
-> (Proof
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)
         t)
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
sInduct String
"lookupSwapPfx"
     (\(Forall @"pfx" (SList (String, Integer)
pfx :: E)) (Forall @"k" (SBV String
k :: SString)) (Forall @"b1" (SBV (String, Integer)
b1 :: STuple String Integer))
       (Forall @"b2" (SBV (String, Integer)
b2 :: STuple String Integer)) (Forall @"env" (SList (String, Integer)
env :: E)) ->
         let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
             (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
         in  SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
y SBool -> SBool -> SBool
.=>    SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                         SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
     (\SList (String, Integer)
pfx SBV String
_ SBV (String, Integer)
_ SBV (String, Integer)
_ SList (String, Integer)
_ -> SList (String, Integer) -> SBV Integer
forall a. SymVal a => SList a -> SBV Integer
SL.length SList (String, Integer)
pfx :: SInteger, []) ((Proof
    (Forall "pfx" EL
     -> Forall "k" String
     -> Forall "b1" (String, Integer)
     -> Forall "b2" (String, Integer)
     -> Forall "env" EL
     -> SBool)
  -> StepArgs
       (Forall "pfx" EL
        -> Forall "k" String
        -> Forall "b1" (String, Integer)
        -> Forall "b2" (String, Integer)
        -> Forall "env" EL
        -> SBool)
       Integer)
 -> TP
      (Proof
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)))
-> (Proof
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a b. (a -> b) -> a -> b
$
     \Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
ih SList (String, Integer)
pfx SBV String
k SBV (String, Integer)
b1 SBV (String, Integer)
b2 SList (String, Integer)
env ->
       let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
           (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
       in [SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
y]
       [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SList (String, Integer) -> SBool
forall a. SymVal a => SList a -> SBool
SL.null SList (String, Integer)
pfx
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                   SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"base"
                   TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkS Proof
  (Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"k" SBV String
k, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                   Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                   SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                , SBool -> SBool
sNot (SList (String, Integer) -> SBool
forall a. SymVal a => SList a -> SBool
SL.null SList (String, Integer)
pfx)
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let h :: SBV (String, Integer)
h      = SList (String, Integer) -> SBV (String, Integer)
forall a. SymVal a => SList a -> SBV a
SL.head SList (String, Integer)
pfx
                          t :: SList (String, Integer)
t      = SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a
SL.tail SList (String, Integer)
pfx
                          (SBV String
hk, SBV Integer
hv) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
h
                       in SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                       SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"cons"
                       TPProofRaw (SBV Integer)
-> SBool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? SList (String, Integer)
pfx SList (String, Integer) -> SList (String, Integer) -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV (String, Integer)
h SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
t
                       Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
h SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBool -> SBV Integer -> SBV Integer -> SBV Integer
forall a. Mergeable a => SBool -> a -> a -> a
ite (SBV String
k SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
hk) SBV Integer
hv (SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
t, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"k" SBV String
k, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                       TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBool -> SBV Integer -> SBV Integer -> SBV Integer
forall a. Mergeable a => SBool -> a -> a -> a
ite (SBV String
k SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
hk) SBV Integer
hv (SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
h SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                ]

-- | A shadowed binding does not affect lookup: if the same key appears first, the second is irrelevant.
--
-- >>> runTP lookupShadow
-- Lemma: lookupShadow                     Q.E.D.
-- [Proven] lookupShadow :: Ɐk ∷ [Char] → Ɐb1 ∷ ([Char], Integer) → Ɐb2 ∷ ([Char], Integer) → Ɐenv ∷ [([Char], Integer)] → Bool
lookupShadow :: TP (Proof (Forall "k" String -> Forall "b1" (String, Integer)
                        -> Forall "b2" (String, Integer) -> Forall "env" EL -> SBool))
lookupShadow :: TP
  (Proof
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupShadow = String
-> (Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> [ProofObj]
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"lookupShadow"
                     (\(Forall @"k" (SBV String
k :: SString)) (Forall @"b1" (SBV (String, Integer)
b1 :: STuple String Integer))
                       (Forall @"b2" (SBV (String, Integer)
b2 :: STuple String Integer)) (Forall @"env" (SList (String, Integer)
env :: E)) ->
                         let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
                             (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
                         in  SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
y SBool -> SBool -> SBool
.=>    SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                                        SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                     []

-- | Generalized shadow: a shadowed binding behind a prefix does not affect lookup.
--
-- >>> runTP lookupShadowPfx
-- Lemma: lookupShadow                     Q.E.D.
-- Inductive lemma (strong): lookupShadowPfx
--   Step: Measure is non-negative         Q.E.D.
--   Step: 1 (2 way case split)
--     Step: 1.1 (base)                    Q.E.D.
--     Step: 1.2.1 (cons)                  Q.E.D.
--     Step: 1.2.2                         Q.E.D.
--     Step: 1.2.3                         Q.E.D.
--     Step: 1.2.4                         Q.E.D.
--     Step: 1.2.5                         Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] lookupShadowPfx :: Ɐpfx ∷ [([Char], Integer)] → Ɐk ∷ [Char] → Ɐb1 ∷ ([Char], Integer) → Ɐb2 ∷ ([Char], Integer) → Ɐenv ∷ [([Char], Integer)] → Bool
lookupShadowPfx :: TP (Proof (Forall "pfx" EL -> Forall "k" String -> Forall "b1" (String, Integer)
                           -> Forall "b2" (String, Integer) -> Forall "env" EL -> SBool))
lookupShadowPfx :: TP
  (Proof
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupShadowPfx = do
   Proof
  (Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkSh <- String
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
-> TP
     (Proof
        (Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"lookupShadow" TP
  (Proof
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupShadow
   String
-> (Forall "pfx" EL
    -> Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> (MeasureArgs
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
      Integer,
    [ProofObj])
-> (Proof
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a m t.
(SInductive a, Proposition a, Zero m, SymVal t,
 EqSymbolic (SBV t)) =>
String
-> a
-> (MeasureArgs a m, [ProofObj])
-> (Proof a -> StepArgs a t)
-> TP (Proof a)
forall m t.
(Proposition
   (Forall "pfx" EL
    -> Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool),
 Zero m, SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "pfx" EL
    -> Forall "k" String
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> Forall "env" EL
    -> SBool)
-> (MeasureArgs
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
      m,
    [ProofObj])
-> (Proof
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)
         t)
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
sInduct String
"lookupShadowPfx"
     (\(Forall @"pfx" (SList (String, Integer)
pfx :: E)) (Forall @"k" (SBV String
k :: SString)) (Forall @"b1" (SBV (String, Integer)
b1 :: STuple String Integer))
       (Forall @"b2" (SBV (String, Integer)
b2 :: STuple String Integer)) (Forall @"env" (SList (String, Integer)
env :: E)) ->
         let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
             (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
         in  SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
y SBool -> SBool -> SBool
.=>    SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                         SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
     (\SList (String, Integer)
pfx SBV String
_ SBV (String, Integer)
_ SBV (String, Integer)
_ SList (String, Integer)
_ -> SList (String, Integer) -> SBV Integer
forall a. SymVal a => SList a -> SBV Integer
SL.length SList (String, Integer)
pfx :: SInteger, []) ((Proof
    (Forall "pfx" EL
     -> Forall "k" String
     -> Forall "b1" (String, Integer)
     -> Forall "b2" (String, Integer)
     -> Forall "env" EL
     -> SBool)
  -> StepArgs
       (Forall "pfx" EL
        -> Forall "k" String
        -> Forall "b1" (String, Integer)
        -> Forall "b2" (String, Integer)
        -> Forall "env" EL
        -> SBool)
       Integer)
 -> TP
      (Proof
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)))
-> (Proof
      (Forall "pfx" EL
       -> Forall "k" String
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "pfx" EL
          -> Forall "k" String
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> Forall "env" EL
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a b. (a -> b) -> a -> b
$
     \Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
ih SList (String, Integer)
pfx SBV String
k SBV (String, Integer)
b1 SBV (String, Integer)
b2 SList (String, Integer)
env ->
       let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
           (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
       in [SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
y]
       [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SList (String, Integer) -> SBool
forall a. SymVal a => SList a -> SBool
SL.null SList (String, Integer)
pfx
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                   SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"base"
                   TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkSh Proof
  (Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"k" SBV String
k, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                   Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                   SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                , SBool -> SBool
sNot (SList (String, Integer) -> SBool
forall a. SymVal a => SList a -> SBool
SL.null SList (String, Integer)
pfx)
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let h :: SBV (String, Integer)
h  = SList (String, Integer) -> SBV (String, Integer)
forall a. SymVal a => SList a -> SBV a
SL.head SList (String, Integer)
pfx
                          t :: SList (String, Integer)
t  = SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a
SL.tail SList (String, Integer)
pfx
                          (SBV String
hk, SBV Integer
hv) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
h
                       in SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                       SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"cons"
                       TPProofRaw (SBV Integer)
-> SBool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? SList (String, Integer)
pfx SList (String, Integer) -> SList (String, Integer) -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV (String, Integer)
h SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
t
                       Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
h SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBool -> SBV Integer -> SBV Integer -> SBV Integer
forall a. Mergeable a => SBool -> a -> a -> a
ite (SBV String
k SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
hk) SBV Integer
hv (SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
t, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"k" SBV String
k, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                       TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBool -> SBV Integer -> SBV Integer -> SBV Integer
forall a. Mergeable a => SBool -> a -> a -> a
ite (SBV String
k SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
hk) SBV Integer
hv (SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SBV (String, Integer)
h SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: (SList (String, Integer)
t SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
k (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env)
                       SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                ]

-- | Swapping two adjacent distinct-keyed bindings in the environment
-- does not affect interpretation. The @pfx@ parameter allows the swap
-- to happen at any depth in the environment.
--
-- >>> runTPWith cvc5 envSwap
-- Lemma: measureNonNeg                    Q.E.D.
-- Lemma: lookupSwapPfx                    Q.E.D.
-- Lemma: sqrCong                          Q.E.D.
-- Lemma: sqrHelper                        Q.E.D.
-- Lemma: addCongL                         Q.E.D.
-- Lemma: addCongR                         Q.E.D.
-- Lemma: addHelper                        Q.E.D.
-- Lemma: mulCongL                         Q.E.D.
-- Lemma: mulCongR                         Q.E.D.
-- Lemma: mulHelper                        Q.E.D.
-- Lemma: letHelper                        Q.E.D.
-- Inductive lemma (strong): envSwap
--   Step: Measure is non-negative         Q.E.D.
--   Step: 1 (7 way case split)
--     Step: 1.1 (Var)                     Q.E.D.
--     Step: 1.2 (Con)                     Q.E.D.
--     Step: 1.3.1 (Sqr)                   Q.E.D.
--     Step: 1.3.2                         Q.E.D.
--     Step: 1.3.3                         Q.E.D.
--     Step: 1.4 (Inc)                     Q.E.D.
--     Step: 1.5.1 (Add)                   Q.E.D.
--     Step: 1.5.2                         Q.E.D.
--     Step: 1.5.3                         Q.E.D.
--     Step: 1.5.4                         Q.E.D.
--     Step: 1.6.1 (Mul)                   Q.E.D.
--     Step: 1.6.2                         Q.E.D.
--     Step: 1.6.3                         Q.E.D.
--     Step: 1.6.4                         Q.E.D.
--     Step: 1.7.1 (Let)                   Q.E.D.
--     Step: 1.7.2                         Q.E.D.
--     Step: 1.7.3                         Q.E.D.
--     Step: 1.7.4                         Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] envSwap :: Ɐe ∷ (Expr [Char] Integer) → Ɐpfx ∷ [([Char], Integer)] → Ɐenv ∷ [([Char], Integer)] → Ɐb1 ∷ ([Char], Integer) → Ɐb2 ∷ ([Char], Integer) → Bool
envSwap :: TP (Proof (Forall "e" Exp -> Forall "pfx" EL -> Forall "env" EL
                   -> Forall "b1" (String, Integer) -> Forall "b2" (String, Integer) -> SBool))
envSwap :: TP
  (Proof
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool))
envSwap = do
   Proof (Forall "e" Exp -> SBool)
mnn   <- String
-> TP (Proof (Forall "e" Exp -> SBool))
-> TP (Proof (Forall "e" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"measureNonNeg" TP (Proof (Forall "e" Exp -> SBool))
measureNonNeg
   Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkSP  <- String
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"lookupSwapPfx" TP
  (Proof
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupSwapPfx
   Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC  <- String
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrCong"       TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong
   Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH  <- String
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrHelper"     TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addCongL"      TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addCongR"      TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addHelper"     TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
addHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongL"      TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongR"      TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulHelper"     TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper
   Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH  <- String
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"letHelper"     TP
  (Proof
     (Forall "env" EL
      -> Forall "nm" String
      -> Forall "a" Exp
      -> Forall "b" Exp
      -> SBool))
letHelper

   String
-> (Forall "e" Exp
    -> Forall "pfx" EL
    -> Forall "env" EL
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> SBool)
-> (MeasureArgs
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
      Integer,
    [ProofObj])
-> (Proof
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
forall a m t.
(SInductive a, Proposition a, Zero m, SymVal t,
 EqSymbolic (SBV t)) =>
String
-> a
-> (MeasureArgs a m, [ProofObj])
-> (Proof a -> StepArgs a t)
-> TP (Proof a)
forall m t.
(Proposition
   (Forall "e" Exp
    -> Forall "pfx" EL
    -> Forall "env" EL
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> SBool),
 Zero m, SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "e" Exp
    -> Forall "pfx" EL
    -> Forall "env" EL
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> SBool)
-> (MeasureArgs
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
      m,
    [ProofObj])
-> (Proof
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)
         t)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
sInduct String
"envSwap"
     (\(Forall @"e" (SE
e :: SE)) (Forall @"pfx" (SList (String, Integer)
pfx :: E)) (Forall @"env" (SList (String, Integer)
env :: E))
       (Forall @"b1" (SBV (String, Integer)
b1 :: STuple String Integer)) (Forall @"b2" (SBV (String, Integer)
b2 :: STuple String Integer)) ->
       let (SBV String
x, SBV Integer
_)  = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
           (SBV String
y, SBV Integer
_)  = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
       in SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
y SBool -> SBool -> SBool
.=> SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
e SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
e)
     (\SE
e SList (String, Integer)
_ SList (String, Integer)
_ SBV (String, Integer)
_ SBV (String, Integer)
_ -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SExpr nm val -> SBV Integer
size SE
e :: SInteger, [Proof (Forall "e" Exp -> SBool) -> ProofObj
forall a. Proof a -> ProofObj
proofOf Proof (Forall "e" Exp -> SBool)
mnn]) ((Proof
    (Forall "e" Exp
     -> Forall "pfx" EL
     -> Forall "env" EL
     -> Forall "b1" (String, Integer)
     -> Forall "b2" (String, Integer)
     -> SBool)
  -> StepArgs
       (Forall "e" Exp
        -> Forall "pfx" EL
        -> Forall "env" EL
        -> Forall "b1" (String, Integer)
        -> Forall "b2" (String, Integer)
        -> SBool)
       Integer)
 -> TP
      (Proof
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)))
-> (Proof
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
forall a b. (a -> b) -> a -> b
$
     \Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih SE
e SList (String, Integer)
pfx SList (String, Integer)
env SBV (String, Integer)
b1 SBV (String, Integer)
b2 ->
       let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
           (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
           env1 :: SList (String, Integer)
env1 = SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env
           env2 :: SList (String, Integer)
env2 = SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env
       in [SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
y]
       [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isVar SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let nm :: SBV String
nm = SE -> SBV String
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV nm
svar SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Var"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkSP Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"k" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isCon SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let v :: SBV Integer
v = SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV val
scon SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
v)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Con"
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
v)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isSqr SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
ssqrVal SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Sqr"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
-> IArgs (Forall "env" EL -> Forall "a" Exp -> SBool) -> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> IArgs (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
-> IArgs (Forall "env" EL -> Forall "a" Exp -> SBool) -> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isInc SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sincVal SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sInc SE
a)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Inc"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sInc SE
a)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isAdd SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sadd1 SE
e
                          b :: SE
b = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sadd2 SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Add"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCL Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCR Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isMul SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
smul1 SE
e
                          b :: SE
b = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
smul2 SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Mul"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isLet SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let nm :: SBV String
nm = SE -> SBV String
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV nm
slvar  SE
e
                          a :: SE
a  = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
slval  SE
e
                          b :: SE
b  = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
slbody SE
e
                          val1 :: SBV Integer
val1 = SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a
                          val2 :: SBV Integer
val2 = SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
nm SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Let"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val1) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env1) SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val2) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env1) SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val2) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
pfx), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val2) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env2) SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
nm SE
a SE
b)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                ]

-- | A shadowed binding in the environment does not affect interpretation.
-- The @pfx@ parameter allows the shadow to occur at any depth.
--
-- >>> runTPWith cvc5 envShadow
-- Lemma: measureNonNeg                    Q.E.D.
-- Lemma: lookupShadowPfx                  Q.E.D.
-- Lemma: sqrCong                          Q.E.D.
-- Lemma: sqrHelper                        Q.E.D.
-- Lemma: addCongL                         Q.E.D.
-- Lemma: addCongR                         Q.E.D.
-- Lemma: addHelper                        Q.E.D.
-- Lemma: mulCongL                         Q.E.D.
-- Lemma: mulCongR                         Q.E.D.
-- Lemma: mulHelper                        Q.E.D.
-- Lemma: letHelper                        Q.E.D.
-- Inductive lemma (strong): envShadow
--   Step: Measure is non-negative         Q.E.D.
--   Step: 1 (7 way case split)
--     Step: 1.1 (Var)                     Q.E.D.
--     Step: 1.2 (Con)                     Q.E.D.
--     Step: 1.3.1 (Sqr)                   Q.E.D.
--     Step: 1.3.2                         Q.E.D.
--     Step: 1.3.3                         Q.E.D.
--     Step: 1.4 (Inc)                     Q.E.D.
--     Step: 1.5.1 (Add)                   Q.E.D.
--     Step: 1.5.2                         Q.E.D.
--     Step: 1.5.3                         Q.E.D.
--     Step: 1.5.4                         Q.E.D.
--     Step: 1.6.1 (Mul)                   Q.E.D.
--     Step: 1.6.2                         Q.E.D.
--     Step: 1.6.3                         Q.E.D.
--     Step: 1.6.4                         Q.E.D.
--     Step: 1.7.1 (Let)                   Q.E.D.
--     Step: 1.7.2                         Q.E.D.
--     Step: 1.7.3                         Q.E.D.
--     Step: 1.7.4                         Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] envShadow :: Ɐe ∷ (Expr [Char] Integer) → Ɐpfx ∷ [([Char], Integer)] → Ɐenv ∷ [([Char], Integer)] → Ɐb1 ∷ ([Char], Integer) → Ɐb2 ∷ ([Char], Integer) → Bool
envShadow :: TP (Proof (Forall "e" Exp -> Forall "pfx" EL -> Forall "env" EL
                     -> Forall "b1" (String, Integer) -> Forall "b2" (String, Integer) -> SBool))
envShadow :: TP
  (Proof
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool))
envShadow = do
   Proof (Forall "e" Exp -> SBool)
mnn   <- String
-> TP (Proof (Forall "e" Exp -> SBool))
-> TP (Proof (Forall "e" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"measureNonNeg"   TP (Proof (Forall "e" Exp -> SBool))
measureNonNeg
   Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkShP <- String
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
-> TP
     (Proof
        (Forall "pfx" EL
         -> Forall "k" String
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> Forall "env" EL
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"lookupShadowPfx" TP
  (Proof
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool))
lookupShadowPfx
   Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC  <- String
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrCong"         TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong
   Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH  <- String
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrHelper"       TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addCongL"        TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addCongR"        TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
addCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addHelper"       TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
addHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongL"        TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongR"        TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulHelper"       TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper
   Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH  <- String
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"letHelper"       TP
  (Proof
     (Forall "env" EL
      -> Forall "nm" String
      -> Forall "a" Exp
      -> Forall "b" Exp
      -> SBool))
letHelper

   String
-> (Forall "e" Exp
    -> Forall "pfx" EL
    -> Forall "env" EL
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> SBool)
-> (MeasureArgs
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
      Integer,
    [ProofObj])
-> (Proof
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
forall a m t.
(SInductive a, Proposition a, Zero m, SymVal t,
 EqSymbolic (SBV t)) =>
String
-> a
-> (MeasureArgs a m, [ProofObj])
-> (Proof a -> StepArgs a t)
-> TP (Proof a)
forall m t.
(Proposition
   (Forall "e" Exp
    -> Forall "pfx" EL
    -> Forall "env" EL
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> SBool),
 Zero m, SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "e" Exp
    -> Forall "pfx" EL
    -> Forall "env" EL
    -> Forall "b1" (String, Integer)
    -> Forall "b2" (String, Integer)
    -> SBool)
-> (MeasureArgs
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
      m,
    [ProofObj])
-> (Proof
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)
         t)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
sInduct String
"envShadow"
     (\(Forall @"e" (SE
e :: SE)) (Forall @"pfx" (SList (String, Integer)
pfx :: E)) (Forall @"env" (SList (String, Integer)
env :: E))
       (Forall @"b1" (SBV (String, Integer)
b1 :: STuple String Integer)) (Forall @"b2" (SBV (String, Integer)
b2 :: STuple String Integer)) ->
       let (SBV String
x, SBV Integer
_)  = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
           (SBV String
y, SBV Integer
_)  = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
       in SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
y SBool -> SBool -> SBool
.=> SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
e SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
e)
     (\SE
e SList (String, Integer)
_ SList (String, Integer)
_ SBV (String, Integer)
_ SBV (String, Integer)
_ -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SExpr nm val -> SBV Integer
size SE
e :: SInteger, [Proof (Forall "e" Exp -> SBool) -> ProofObj
forall a. Proof a -> ProofObj
proofOf Proof (Forall "e" Exp -> SBool)
mnn]) ((Proof
    (Forall "e" Exp
     -> Forall "pfx" EL
     -> Forall "env" EL
     -> Forall "b1" (String, Integer)
     -> Forall "b2" (String, Integer)
     -> SBool)
  -> StepArgs
       (Forall "e" Exp
        -> Forall "pfx" EL
        -> Forall "env" EL
        -> Forall "b1" (String, Integer)
        -> Forall "b2" (String, Integer)
        -> SBool)
       Integer)
 -> TP
      (Proof
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)))
-> (Proof
      (Forall "e" Exp
       -> Forall "pfx" EL
       -> Forall "env" EL
       -> Forall "b1" (String, Integer)
       -> Forall "b2" (String, Integer)
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "pfx" EL
          -> Forall "env" EL
          -> Forall "b1" (String, Integer)
          -> Forall "b2" (String, Integer)
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
forall a b. (a -> b) -> a -> b
$
     \Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih SE
e SList (String, Integer)
pfx SList (String, Integer)
env SBV (String, Integer)
b1 SBV (String, Integer)
b2 ->
       let (SBV String
x, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b1
           (SBV String
y, SBV Integer
_) = SBV (String, Integer) -> (SBV String, SBV Integer)
forall tup a. Tuple tup a => SBV tup -> a
ST.untuple SBV (String, Integer)
b2
           env1 :: SList (String, Integer)
env1 = SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
b2 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env
           env2 :: SList (String, Integer)
env2 = SList (String, Integer)
pfx SList (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SList a -> SList a -> SList a
++ SBV (String, Integer)
b1 SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env
       in [SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
y]
       [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isVar SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let nm :: SBV String
nm = SE -> SBV String
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV nm
svar SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Var"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
lkShP Proof
  (Forall "pfx" EL
   -> Forall "k" String
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "pfx" EL
      -> Forall "k" String
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"k" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isCon SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let v :: SBV Integer
v = SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV val
scon SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
v)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Con"
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
v)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isSqr SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
ssqrVal SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Sqr"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
-> IArgs (Forall "env" EL -> Forall "a" Exp -> SBool) -> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> IArgs (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
-> IArgs (Forall "env" EL -> Forall "a" Exp -> SBool) -> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isInc SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sincVal SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sInc SE
a)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Inc"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sInc SE
a)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isAdd SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sadd1 SE
e
                          b :: SE
b = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sadd2 SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Add"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCL Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
addCR Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isMul SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
smul1 SE
e
                          b :: SE
b = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
smul2 SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Mul"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isLet SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let nm :: SBV String
nm = SE -> SBV String
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV nm
slvar  SE
e
                          a :: SE
a  = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
slval  SE
e
                          b :: SE
b  = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
slbody SE
e
                          val1 :: SBV Integer
val1 = SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a
                          val2 :: SBV Integer
val2 = SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 SE
a
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
nm SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Let"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val1) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env1) SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" SList (String, Integer)
pfx, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val2) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env1) SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val2) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
pfx), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
b1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
b2)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
val2) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env2) SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env2, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env2 (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
nm SE
a SE
b)
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                ]

-- * Substitution correctness

-- | Unfolding @interpInEnv@ over @Var@.
--
-- >>> runTP varHelper
-- Lemma: varHelper                        Q.E.D.
-- [Proven] varHelper :: Ɐenv ∷ [([Char], Integer)] → Ɐnm ∷ [Char] → Bool
varHelper :: TP (Proof (Forall "env" EL -> Forall "nm" String -> SBool))
varHelper :: TP (Proof (Forall "env" EL -> Forall "nm" String -> SBool))
varHelper = String
-> (Forall "env" EL -> Forall "nm" String -> SBool)
-> [ProofObj]
-> TP (Proof (Forall "env" EL -> Forall "nm" String -> SBool))
forall a.
Proposition a =>
String -> a -> [ProofObj] -> TP (Proof a)
lemma String
"varHelper"
                  (\(Forall @"env" (SList (String, Integer)
env :: E)) (Forall @"nm" SBV String
nm) ->
                        SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
nm SList (String, Integer)
env) []

-- | Substitution preserves semantics: interpreting in an extended environment
-- is the same as substituting and interpreting in the original environment.
--
-- >>> runTPWith cvc5 substCorrect
-- Lemma: measureNonNeg                    Q.E.D.
-- Lemma: sqrCong                          Q.E.D.
-- Lemma: sqrHelper                        Q.E.D.
-- Lemma: addHelper                        Q.E.D.
-- Lemma: mulCongL                         Q.E.D.
-- Lemma: mulCongR                         Q.E.D.
-- Lemma: mulHelper                        Q.E.D.
-- Lemma: letHelper                        Q.E.D.
-- Lemma: varHelper                        Q.E.D.
-- Lemma: envSwap                          Q.E.D.
-- Lemma: envShadow                        Q.E.D.
-- Inductive lemma (strong): substCorrect
--   Step: Measure is non-negative         Q.E.D.
--   Step: 1 (7 way case split)
--     Step: 1.1 (2 way case split)
--       Step: 1.1.1.1 (Var)               Q.E.D.
--       Step: 1.1.1.2                     Q.E.D.
--       Step: 1.1.1.3                     Q.E.D.
--       Step: 1.1.1.4                     Q.E.D.
--       Step: 1.1.1.5                     Q.E.D.
--       Step: 1.1.2.1 (Var)               Q.E.D.
--       Step: 1.1.2.2                     Q.E.D.
--       Step: 1.1.2.3                     Q.E.D.
--       Step: 1.1.2.4                     Q.E.D.
--       Step: 1.1.2.5                     Q.E.D.
--       Step: 1.1.Completeness            Q.E.D.
--     Step: 1.2 (Con)                     Q.E.D.
--     Step: 1.3.1 (Sqr)                   Q.E.D.
--     Step: 1.3.2                         Q.E.D.
--     Step: 1.3.3                         Q.E.D.
--     Step: 1.3.4                         Q.E.D.
--     Step: 1.4 (Inc)                     Q.E.D.
--     Step: 1.5.1 (Add)                   Q.E.D.
--     Step: 1.5.2                         Q.E.D.
--     Step: 1.5.3                         Q.E.D.
--     Step: 1.5.4                         Q.E.D.
--     Step: 1.6.1 (Mul)                   Q.E.D.
--     Step: 1.6.2                         Q.E.D.
--     Step: 1.6.3                         Q.E.D.
--     Step: 1.6.4                         Q.E.D.
--     Step: 1.6.5                         Q.E.D.
--     Step: 1.7.1 (Let)                   Q.E.D.
--     Step: 1.7.2 (2 way case split)
--       Step: 1.7.2.1.1                   Q.E.D.
--       Step: 1.7.2.1.2 (shadow)          Q.E.D.
--       Step: 1.7.2.1.3                   Q.E.D.
--       Step: 1.7.2.1.4                   Q.E.D.
--       Step: 1.7.2.1.5                   Q.E.D.
--       Step: 1.7.2.2.1                   Q.E.D.
--       Step: 1.7.2.2.2 (swap)            Q.E.D.
--       Step: 1.7.2.2.3                   Q.E.D.
--       Step: 1.7.2.2.4                   Q.E.D.
--       Step: 1.7.2.2.5                   Q.E.D.
--       Step: 1.7.2.2.6                   Q.E.D.
--       Step: 1.7.2.Completeness          Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] substCorrect :: Ɐe ∷ (Expr [Char] Integer) → Ɐnm ∷ [Char] → Ɐv ∷ Integer → Ɐenv ∷ [([Char], Integer)] → Bool
substCorrect :: TP (Proof (Forall "e" Exp -> Forall "nm" String -> Forall "v" Integer -> Forall "env" EL -> SBool))
substCorrect :: TP
  (Proof
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool))
substCorrect = do
   Proof (Forall "e" Exp -> SBool)
mnn   <- String
-> TP (Proof (Forall "e" Exp -> SBool))
-> TP (Proof (Forall "e" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"measureNonNeg" TP (Proof (Forall "e" Exp -> SBool))
measureNonNeg
   Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC  <- String
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrCong"       TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong
   Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH  <- String
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrHelper"     TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addHelper"     TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
addHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongL"      TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongR"      TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulHelper"     TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper
   Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH  <- String
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"letHelper"     TP
  (Proof
     (Forall "env" EL
      -> Forall "nm" String
      -> Forall "a" Exp
      -> Forall "b" Exp
      -> SBool))
letHelper
   Proof (Forall "env" EL -> Forall "nm" String -> SBool)
varH  <- String
-> TP (Proof (Forall "env" EL -> Forall "nm" String -> SBool))
-> TP (Proof (Forall "env" EL -> Forall "nm" String -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"varHelper"     TP (Proof (Forall "env" EL -> Forall "nm" String -> SBool))
varHelper
   Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
eSwp  <- String
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"envSwap"       TP
  (Proof
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool))
envSwap
   Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
eShd  <- String
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "pfx" EL
         -> Forall "env" EL
         -> Forall "b1" (String, Integer)
         -> Forall "b2" (String, Integer)
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"envShadow"     TP
  (Proof
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool))
envShadow

   String
-> (Forall "e" Exp
    -> Forall "nm" String
    -> Forall "v" Integer
    -> Forall "env" EL
    -> SBool)
-> (MeasureArgs
      (Forall "e" Exp
       -> Forall "nm" String
       -> Forall "v" Integer
       -> Forall "env" EL
       -> SBool)
      Integer,
    [ProofObj])
-> (Proof
      (Forall "e" Exp
       -> Forall "nm" String
       -> Forall "v" Integer
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "nm" String
          -> Forall "v" Integer
          -> Forall "env" EL
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "nm" String
         -> Forall "v" Integer
         -> Forall "env" EL
         -> SBool))
forall a m t.
(SInductive a, Proposition a, Zero m, SymVal t,
 EqSymbolic (SBV t)) =>
String
-> a
-> (MeasureArgs a m, [ProofObj])
-> (Proof a -> StepArgs a t)
-> TP (Proof a)
forall m t.
(Proposition
   (Forall "e" Exp
    -> Forall "nm" String
    -> Forall "v" Integer
    -> Forall "env" EL
    -> SBool),
 Zero m, SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "e" Exp
    -> Forall "nm" String
    -> Forall "v" Integer
    -> Forall "env" EL
    -> SBool)
-> (MeasureArgs
      (Forall "e" Exp
       -> Forall "nm" String
       -> Forall "v" Integer
       -> Forall "env" EL
       -> SBool)
      m,
    [ProofObj])
-> (Proof
      (Forall "e" Exp
       -> Forall "nm" String
       -> Forall "v" Integer
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "nm" String
          -> Forall "v" Integer
          -> Forall "env" EL
          -> SBool)
         t)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "nm" String
         -> Forall "v" Integer
         -> Forall "env" EL
         -> SBool))
sInduct String
"substCorrect"
     (\(Forall @"e" (SE
e :: SE)) (Forall @"nm" (SBV String
nm :: SString)) (Forall @"v" (SBV Integer
v :: SInteger)) (Forall @"env" (SList (String, Integer)
env :: E)) ->
         SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
v) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
e SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
e))
     (\SE
e SBV String
_ SBV Integer
_ SList (String, Integer)
_ -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SExpr nm val -> SBV Integer
size SE
e :: SInteger, [Proof (Forall "e" Exp -> SBool) -> ProofObj
forall a. Proof a -> ProofObj
proofOf Proof (Forall "e" Exp -> SBool)
mnn]) ((Proof
    (Forall "e" Exp
     -> Forall "nm" String
     -> Forall "v" Integer
     -> Forall "env" EL
     -> SBool)
  -> StepArgs
       (Forall "e" Exp
        -> Forall "nm" String
        -> Forall "v" Integer
        -> Forall "env" EL
        -> SBool)
       Integer)
 -> TP
      (Proof
         (Forall "e" Exp
          -> Forall "nm" String
          -> Forall "v" Integer
          -> Forall "env" EL
          -> SBool)))
-> (Proof
      (Forall "e" Exp
       -> Forall "nm" String
       -> Forall "v" Integer
       -> Forall "env" EL
       -> SBool)
    -> StepArgs
         (Forall "e" Exp
          -> Forall "nm" String
          -> Forall "v" Integer
          -> Forall "env" EL
          -> SBool)
         Integer)
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "nm" String
         -> Forall "v" Integer
         -> Forall "env" EL
         -> SBool))
forall a b. (a -> b) -> a -> b
$
     \Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih SE
e SBV String
nm SBV Integer
v SList (String, Integer)
env ->
       let nmv :: SBV (String, Integer)
nmv  = (SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
nm, SBV Integer
v)
           env1 :: SList (String, Integer)
env1 = SBV (String, Integer)
nmv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env
       in []
       [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isVar SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let x :: SBV String
x = SE -> SBV String
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV nm
svar SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
x)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Var"
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
nm
                               SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm)
                                SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "nm" String -> SBool)
varH Proof (Forall "env" EL -> Forall "nm" String -> SBool)
-> IArgs (Forall "env" EL -> Forall "nm" String -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm)
                                TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
nm SList (String, Integer)
env1
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV Integer
v
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
v)
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
nm))
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                             , SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
nm
                               SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
x)
                                SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "nm" String -> SBool)
varH Proof (Forall "env" EL -> Forall "nm" String -> SBool)
-> IArgs (Forall "env" EL -> Forall "nm" String -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
x)
                                TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
x SList (String, Integer)
env1
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SBV String -> SList (String, Integer) -> SBV Integer
forall k v. (SymVal k, SymVal v) => SBV k -> SList (k, v) -> SBV v
SL.lookup SBV String
x SList (String, Integer)
env
                                SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "nm" String -> SBool)
varH Proof (Forall "env" EL -> Forall "nm" String -> SBool)
-> IArgs (Forall "env" EL -> Forall "nm" String -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
x)
                                TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
x)
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SBV String -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm -> SBV (Expr nm val)
sVar SBV String
x))
                                SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                             ]

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isCon SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let c :: SBV Integer
c = SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV val
scon SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
c)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Con"
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SBV Integer -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV val -> SBV (Expr nm val)
sCon SBV Integer
c))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isSqr SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
ssqrVal SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Sqr"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
-> IArgs (Forall "env" EL -> Forall "a" Exp -> SBool) -> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> IArgs (Forall "a" Integer -> Forall "b" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a)))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a)
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
-> IArgs (Forall "env" EL -> Forall "a" Exp -> SBool) -> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a))
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sSqr SE
a))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isInc SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sincVal SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sInc SE
a)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Inc"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sInc SE
a))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isAdd SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sadd1 SE
e
                          b :: SE
b = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
sadd2 SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Add"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
+ SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b)
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b))
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sAdd SE
a SE
b))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isMul SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let a :: SE
a = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
smul1 SE
e
                          b :: SE
b = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
smul2 SE
e
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Mul"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a)), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> IArgs
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a)), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
b), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"c" (SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b)))
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) SBV Integer -> SBV Integer -> SBV Integer
forall a. Num a => a -> a -> a
* SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b)
                    SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b))
                    TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sMul SE
a SE
b))
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed

                , SE -> SBool
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBool
isLet SE
e
                  SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let x :: SBV String
x   = SE -> SBV String
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV nm
slvar  SE
e
                          a :: SE
a   = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
slval  SE
e
                          b :: SE
b   = SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV (Expr nm val) -> SBV (Expr nm val)
slbody SE
e
                          val :: SBV Integer
val = SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 SE
a
                    in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env1 (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
x SE
a SE
b)
                    SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"Let"
                    TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env1, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
x, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                    Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
x, SBV Integer
val) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env1) SE
b
                    SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: [(SBool, TPProofRaw (SBV Integer))] -> TPProofRaw (SBV Integer)
forall a. [(SBool, TPProofRaw a)] -> TPProofRaw a
cases [ SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SBV String
nm
                               SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let xv :: SBV (String, Integer)
xv = (SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
x, SBV Integer
val)
                                 in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SBV (String, Integer)
xv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
nmv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
b
                                 SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"shadow"
                                 TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
eShd Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" (SList (String, Integer)
forall a. SymVal a => SList a
SL.nil :: E), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
xv, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
nmv)
                                 Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SBV (String, Integer)
xv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
b
                                 SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                                 TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
x, SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a)) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
b
                                 SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
x, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" SE
b)
                                 TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
x (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) SE
b)
                                 SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
x SE
a SE
b))
                                 SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                             , SBV String
x SBV String -> SBV String -> SBool
forall a. EqSymbolic a => a -> a -> SBool
./= SBV String
nm
                               SBool
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. SBool -> TPProofRaw a -> (SBool, TPProofRaw a)
==> let xv :: SBV (String, Integer)
xv = (SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
x, SBV Integer
val)
                                 in SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SBV (String, Integer)
xv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
nmv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
b
                                 SBV Integer -> String -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? String
"swap"
                                 TPProofRaw (SBV Integer)
-> Proof Bool -> Hinted (TPProofRaw (SBV Integer))
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
eSwp Proof
  (Forall "e" Exp
   -> Forall "pfx" EL
   -> Forall "env" EL
   -> Forall "b1" (String, Integer)
   -> Forall "b2" (String, Integer)
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "pfx" EL
      -> Forall "env" EL
      -> Forall "b1" (String, Integer)
      -> Forall "b2" (String, Integer)
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"pfx" (SList (String, Integer)
forall a. SymVal a => SList a
SL.nil :: E), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b1" SBV (String, Integer)
xv, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b2" SBV (String, Integer)
nmv)
                                 Hinted (TPProofRaw (SBV Integer))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
-> ChainsTo (Hinted (TPProofRaw (SBV Integer)))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SBV (String, Integer)
nmv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SBV (String, Integer)
xv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) SE
b
                                 SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
b, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" (SBV (String, Integer)
xv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env))
                                 TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv (SBV (String, Integer)
xv SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b)
                                 SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
ih Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
-> IArgs
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"e" SE
a, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
nm, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"v" SBV Integer
v, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env)
                                 TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv ((SBV String, SBV Integer) -> SBV (String, Integer)
forall tup a. Tuple tup a => a -> SBV tup
ST.tuple (SBV String
x, SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a)) SBV (String, Integer)
-> SList (String, Integer) -> SList (String, Integer)
forall a. SymVal a => SBV a -> SList a -> SList a
.: SList (String, Integer)
env) (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b)
                                 SBV Integer -> Proof Bool -> Hinted (SBV Integer)
forall a b. HintsTo a b => a -> b -> Hinted a
?? Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> IArgs
     (Forall "env" EL
      -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
-> Proof Bool
forall a. Instantiatable a => Proof a -> IArgs a -> Proof Bool
`at` (forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"env" SList (String, Integer)
env, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"nm" SBV String
x, forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"a" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a), forall (nm :: Symbol) a. SBV a -> Inst nm a
Inst @"b" (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b))
                                 TPProofRaw (SBV Integer)
-> ChainsTo (TPProofRaw (SBV Integer))
-> ChainsTo (TPProofRaw (SBV Integer))
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
x (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
a) (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v SE
b))
                                 SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SBV String -> SBV Integer -> SE -> SE
subst SBV String
nm SBV Integer
v (SBV String -> SE -> SE -> SE
forall nm val.
(SymVal nm, SymVal val) =>
SBV nm
-> SBV (Expr nm val) -> SBV (Expr nm val) -> SBV (Expr nm val)
sLet SBV String
x SE
a SE
b))
                                 SBV Integer -> ChainsTo (SBV Integer) -> ChainsTo (SBV Integer)
forall a. ChainStep a (ChainsTo a) => a -> ChainsTo a -> ChainsTo a
=: ChainsTo (SBV Integer)
TPProofRaw (SBV Integer)
forall a. TPProofRaw a
qed
                             ]
                ]

-- | Simplification preserves semantics.
--
-- >>> runTPWith cvc5 simpCorrect
-- Lemma: sqrCong                          Q.E.D.
-- Lemma: sqrHelper                        Q.E.D.
-- Lemma: addHelper                        Q.E.D.
-- Lemma: mulCongL                         Q.E.D.
-- Lemma: mulCongR                         Q.E.D.
-- Lemma: mulHelper                        Q.E.D.
-- Lemma: letHelper                        Q.E.D.
-- Lemma: substCorrect                     Q.E.D.
-- Lemma: simpCorrect
--   Step: 1 (7 way case split)
--     Step: 1.1.1 (Var)                   Q.E.D.
--     Step: 1.1.2                         Q.E.D.
--     Step: 1.1.3                         Q.E.D.
--     Step: 1.2.1 (Con)                   Q.E.D.
--     Step: 1.2.2                         Q.E.D.
--     Step: 1.2.3                         Q.E.D.
--     Step: 1.3.1 (Sqr)                   Q.E.D.
--     Step: 1.3.2 (2 way case split)
--       Step: 1.3.2.1.1                   Q.E.D.
--       Step: 1.3.2.1.2 (Sqr Con)         Q.E.D.
--       Step: 1.3.2.1.3                   Q.E.D.
--       Step: 1.3.2.1.4                   Q.E.D.
--       Step: 1.3.2.1.5                   Q.E.D.
--       Step: 1.3.2.2.1                   Q.E.D.
--       Step: 1.3.2.2.2 (Sqr _)           Q.E.D.
--       Step: 1.3.2.Completeness          Q.E.D.
--     Step: 1.4.1 (Inc)                   Q.E.D.
--     Step: 1.4.2 (2 way case split)
--       Step: 1.4.2.1.1                   Q.E.D.
--       Step: 1.4.2.1.2 (Inc Con)         Q.E.D.
--       Step: 1.4.2.1.3                   Q.E.D.
--       Step: 1.4.2.2.1                   Q.E.D.
--       Step: 1.4.2.2.2 (Inc _)           Q.E.D.
--       Step: 1.4.2.Completeness          Q.E.D.
--     Step: 1.5.1 (Add)                   Q.E.D.
--     Step: 1.5.2 (6 way case split)
--       Step: 1.5.2.1.1                   Q.E.D.
--       Step: 1.5.2.1.2 (Add 0+b)         Q.E.D.
--       Step: 1.5.2.1.3                   Q.E.D.
--       Step: 1.5.2.2.1                   Q.E.D.
--       Step: 1.5.2.2.2 (Add a+0)         Q.E.D.
--       Step: 1.5.2.2.3                   Q.E.D.
--       Step: 1.5.2.3.1                   Q.E.D.
--       Step: 1.5.2.3.2 (Add Con)         Q.E.D.
--       Step: 1.5.2.3.3                   Q.E.D.
--       Step: 1.5.2.4 (2 way case split)
--         Step: 1.5.2.4.1.1               Q.E.D.
--         Step: 1.5.2.4.1.2 (Add 0,_)     Q.E.D.
--         Step: 1.5.2.4.1.3               Q.E.D.
--         Step: 1.5.2.4.2.1               Q.E.D.
--         Step: 1.5.2.4.2.2 (Add C,_)     Q.E.D.
--         Step: 1.5.2.4.Completeness      Q.E.D.
--       Step: 1.5.2.5 (2 way case split)
--         Step: 1.5.2.5.1.1               Q.E.D.
--         Step: 1.5.2.5.1.2 (Add _,0)     Q.E.D.
--         Step: 1.5.2.5.1.3               Q.E.D.
--         Step: 1.5.2.5.2.1               Q.E.D.
--         Step: 1.5.2.5.2.2 (Add _,C)     Q.E.D.
--         Step: 1.5.2.5.Completeness      Q.E.D.
--       Step: 1.5.2.6.1                   Q.E.D.
--       Step: 1.5.2.6.2 (Add _,_)         Q.E.D.
--       Step: 1.5.2.Completeness          Q.E.D.
--     Step: 1.6.1 (Mul)                   Q.E.D.
--     Step: 1.6.2 (8 way case split)
--       Step: 1.6.2.1.1                   Q.E.D.
--       Step: 1.6.2.1.2 (Mul 0*b)         Q.E.D.
--       Step: 1.6.2.1.3                   Q.E.D.
--       Step: 1.6.2.2.1                   Q.E.D.
--       Step: 1.6.2.2.2 (Mul a*0)         Q.E.D.
--       Step: 1.6.2.2.3                   Q.E.D.
--       Step: 1.6.2.3.1                   Q.E.D.
--       Step: 1.6.2.3.2 (Mul 1*b)         Q.E.D.
--       Step: 1.6.2.3.3                   Q.E.D.
--       Step: 1.6.2.3.4                   Q.E.D.
--       Step: 1.6.2.3.5                   Q.E.D.
--       Step: 1.6.2.4.1                   Q.E.D.
--       Step: 1.6.2.4.2 (Mul a*1)         Q.E.D.
--       Step: 1.6.2.4.3                   Q.E.D.
--       Step: 1.6.2.4.4                   Q.E.D.
--       Step: 1.6.2.4.5                   Q.E.D.
--       Step: 1.6.2.5.1                   Q.E.D.
--       Step: 1.6.2.5.2 (Mul Con)         Q.E.D.
--       Step: 1.6.2.5.3                   Q.E.D.
--       Step: 1.6.2.5.4                   Q.E.D.
--       Step: 1.6.2.5.5                   Q.E.D.
--       Step: 1.6.2.5.6                   Q.E.D.
--       Step: 1.6.2.6 (3 way case split)
--         Step: 1.6.2.6.1.1               Q.E.D.
--         Step: 1.6.2.6.1.2 (Mul 0,_)     Q.E.D.
--         Step: 1.6.2.6.1.3               Q.E.D.
--         Step: 1.6.2.6.2.1               Q.E.D.
--         Step: 1.6.2.6.2.2 (Mul 1,_)     Q.E.D.
--         Step: 1.6.2.6.2.3               Q.E.D.
--         Step: 1.6.2.6.2.4               Q.E.D.
--         Step: 1.6.2.6.2.5               Q.E.D.
--         Step: 1.6.2.6.3.1               Q.E.D.
--         Step: 1.6.2.6.3.2 (Mul C,_)     Q.E.D.
--         Step: 1.6.2.6.Completeness      Q.E.D.
--       Step: 1.6.2.7 (3 way case split)
--         Step: 1.6.2.7.1.1               Q.E.D.
--         Step: 1.6.2.7.1.2 (Mul _,0)     Q.E.D.
--         Step: 1.6.2.7.1.3               Q.E.D.
--         Step: 1.6.2.7.2.1               Q.E.D.
--         Step: 1.6.2.7.2.2 (Mul _,1)     Q.E.D.
--         Step: 1.6.2.7.2.3               Q.E.D.
--         Step: 1.6.2.7.2.4               Q.E.D.
--         Step: 1.6.2.7.2.5               Q.E.D.
--         Step: 1.6.2.7.3.1               Q.E.D.
--         Step: 1.6.2.7.3.2 (Mul _,C)     Q.E.D.
--         Step: 1.6.2.7.Completeness      Q.E.D.
--       Step: 1.6.2.8.1                   Q.E.D.
--       Step: 1.6.2.8.2 (Mul _,_)         Q.E.D.
--       Step: 1.6.2.Completeness          Q.E.D.
--     Step: 1.7.1 (Let)                   Q.E.D.
--     Step: 1.7.2 (2 way case split)
--       Step: 1.7.2.1.1                   Q.E.D.
--       Step: 1.7.2.1.2 (Let Con)         Q.E.D.
--       Step: 1.7.2.1.3                   Q.E.D.
--       Step: 1.7.2.1.4                   Q.E.D.
--       Step: 1.7.2.2.1                   Q.E.D.
--       Step: 1.7.2.2.2 (Let _)           Q.E.D.
--       Step: 1.7.2.Completeness          Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] simpCorrect :: Ɐe ∷ (Expr [Char] Integer) → Ɐenv ∷ [([Char], Integer)] → Bool
simpCorrect :: TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
simpCorrect :: TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
simpCorrect = do
   Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC  <- String
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrCong"      TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong
   Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH  <- String
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrHelper"    TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
addH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"addHelper"    TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
addHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongL"     TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongR"     TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH  <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulHelper"    TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper
   Proof
  (Forall "env" EL
   -> Forall "nm" String -> Forall "a" Exp -> Forall "b" Exp -> SBool)
letH  <- String
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
-> TP
     (Proof
        (Forall "env" EL
         -> Forall "nm" String
         -> Forall "a" Exp
         -> Forall "b" Exp
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"letHelper"    TP
  (Proof
     (Forall "env" EL
      -> Forall "nm" String
      -> Forall "a" Exp
      -> Forall "b" Exp
      -> SBool))
letHelper
   Proof
  (Forall "e" Exp
   -> Forall "nm" String
   -> Forall "v" Integer
   -> Forall "env" EL
   -> SBool)
subC  <- String
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "nm" String
         -> Forall "v" Integer
         -> Forall "env" EL
         -> SBool))
-> TP
     (Proof
        (Forall "e" Exp
         -> Forall "nm" String
         -> Forall "v" Integer
         -> Forall "env" EL
         -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"substCorrect" TP
  (Proof
     (Forall "e" Exp
      -> Forall "nm" String
      -> Forall "v" Integer
      -> Forall "env" EL
      -> SBool))
substCorrect

   String
-> (Forall "e" Exp -> Forall "env" EL -> SBool)
-> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) Integer
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
forall t.
(Proposition (Forall "e" Exp -> Forall "env" EL -> SBool),
 SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "e" Exp -> Forall "env" EL -> SBool)
-> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) t
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
forall a t.
(Calc a, Proposition a, SymVal t, EqSymbolic (SBV t)) =>
String -> a -> StepArgs a t -> TP (Proof a)
calc String
"simpCorrect"
     (\(Forall @"e" (SE
e :: SE)) (Forall @"env" (SList (String, Integer)
env :: E)) -> SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE
simplify SE
e) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
e) (StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) Integer
 -> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool)))
-> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) Integer
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
forall a b. (a -> b) -> a -> b
$
     \SE
e SList (String, Integer)
env -> []
     [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [pCase|Expr e of
          Var nm     -> interpInEnv env (simplify e)
                     ?? "Var"
                     =: interpInEnv env (simplify (sVar nm))
                     =: interpInEnv env (sVar nm)
                     =: interpInEnv env e
                     =: qed

          Con c      -> interpInEnv env (simplify e)
                     ?? "Con"
                     =: interpInEnv env (simplify (sCon c))
                     =: interpInEnv env (sCon c)
                     =: interpInEnv env e
                     =: qed

          Sqr a      -> interpInEnv env (simplify e)
                     ?? "Sqr"
                     =: interpInEnv env (simplify (sSqr a))
                     =: cases [ isCon a
                                 ==> let v = scon a
                                   in interpInEnv env (simplify (sSqr (sCon v)))
                                   ?? "Sqr Con"
                                   =: interpInEnv env (sCon (v * v))
                                   ?? interpInEnv env (sCon (v * v)) .== v * v
                                   =: v * v
                                   ?? sqrC `at` (Inst @"a" (interpInEnv env (sCon v)), Inst @"b" v)
                                   =: interpInEnv env (sCon v) * interpInEnv env (sCon v)
                                   ?? sqrH `at` (Inst @"env" env, Inst @"a" (sCon v))
                                   =: interpInEnv env (sSqr (sCon v))
                                   =: qed
                               , sNot (isCon a)
                                 ==> interpInEnv env (simplify (sSqr a))
                                   ?? "Sqr _"
                                   =: interpInEnv env (sSqr a)
                                   =: qed
                               ]

          Inc a      -> interpInEnv env (simplify e)
                     ?? "Inc"
                     =: interpInEnv env (simplify (sInc a))
                     =: cases [ isCon a
                                 ==> let v = scon a
                                   in interpInEnv env (simplify (sInc (sCon v)))
                                   ?? "Inc Con"
                                   =: interpInEnv env (sCon (v + 1))
                                   =: interpInEnv env (sInc (sCon v))
                                   =: qed
                               , sNot (isCon a)
                                 ==> interpInEnv env (simplify (sInc a))
                                   ?? "Inc _"
                                   =: interpInEnv env (sInc a)
                                   =: qed
                               ]

          Add a b    -> interpInEnv env (simplify e)
                     ?? "Add"
                     =: interpInEnv env (simplify (sAdd a b))
                     =: cases [ isCon a .&& scon a .== 0
                                 ==> interpInEnv env (simplify (sAdd (sCon 0) b))
                                   ?? "Add 0+b"
                                   =: interpInEnv env b
                                   ?? addH `at` (Inst @"env" env, Inst @"a" (sCon 0), Inst @"b" b)
                                   =: interpInEnv env (sAdd (sCon 0) b)
                                   =: qed

                               , isCon b .&& scon b .== 0
                                 ==> interpInEnv env (simplify (sAdd a (sCon 0)))
                                   ?? "Add a+0"
                                   =: interpInEnv env a
                                   ?? addH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" (sCon 0))
                                   =: interpInEnv env (sAdd a (sCon 0))
                                   =: qed

                               , isCon a .&& isCon b
                                 ==> let va = scon a; vb = scon b
                                   in interpInEnv env (simplify (sAdd (sCon va) (sCon vb)))
                                   ?? "Add Con"
                                   =: interpInEnv env (sCon (va + vb))
                                   ?? addH `at` (Inst @"env" env, Inst @"a" (sCon va), Inst @"b" (sCon vb))
                                   =: interpInEnv env (sAdd (sCon va) (sCon vb))
                                   =: qed

                               , isCon a .&& sNot (isCon b)
                                 ==> let va = scon a
                                   in cases [ va .== 0
                                              ==> interpInEnv env (simplify (sAdd (sCon 0) b))
                                                ?? "Add 0,_"
                                                =: interpInEnv env b
                                                ?? addH `at` (Inst @"env" env, Inst @"a" (sCon 0), Inst @"b" b)
                                                =: interpInEnv env (sAdd (sCon 0) b)
                                                =: qed
                                            , va ./= 0
                                              ==> interpInEnv env (simplify (sAdd (sCon va) b))
                                                ?? "Add C,_"
                                                =: interpInEnv env (sAdd (sCon va) b)
                                                =: qed
                                            ]

                               , sNot (isCon a) .&& isCon b
                                 ==> let vb = scon b
                                   in cases [ vb .== 0
                                              ==> interpInEnv env (simplify (sAdd a (sCon 0)))
                                                ?? "Add _,0"
                                                =: interpInEnv env a
                                                ?? addH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" (sCon 0))
                                                =: interpInEnv env (sAdd a (sCon 0))
                                                =: qed
                                            , vb ./= 0
                                              ==> interpInEnv env (simplify (sAdd a (sCon vb)))
                                                ?? "Add _,C"
                                                =: interpInEnv env (sAdd a (sCon vb))
                                                =: qed
                                            ]

                               , sNot (isCon a) .&& sNot (isCon b)
                                 ==> interpInEnv env (simplify (sAdd a b))
                                   ?? "Add _,_"
                                   =: interpInEnv env (sAdd a b)
                                   =: qed
                               ]

          Mul a b    -> interpInEnv env (simplify e)
                     ?? "Mul"
                     =: interpInEnv env (simplify (sMul a b))
                     =: cases [ isCon a .&& scon a .== 0
                                 ==> interpInEnv env (simplify (sMul (sCon 0) b))
                                   ?? "Mul 0*b"
                                   =: interpInEnv env (sCon 0)
                                   ?? mulH `at` (Inst @"env" env, Inst @"a" (sCon 0), Inst @"b" b)
                                   =: interpInEnv env (sMul (sCon 0) b)
                                   =: qed

                               , isCon b .&& scon b .== 0
                                 ==> interpInEnv env (simplify (sMul a (sCon 0)))
                                   ?? "Mul a*0"
                                   =: interpInEnv env (sCon 0)
                                   ?? mulH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" (sCon 0))
                                   =: interpInEnv env (sMul a (sCon 0))
                                   =: qed

                               , isCon a .&& scon a .== 1
                                 ==> interpInEnv env (simplify (sMul (sCon 1) b))
                                   ?? "Mul 1*b"
                                   =: interpInEnv env b
                                   =: 1 * interpInEnv env b
                                   ?? interpInEnv env (sCon 1) .== 1
                                   =: interpInEnv env (sCon 1) * interpInEnv env b
                                   ?? mulH `at` (Inst @"env" env, Inst @"a" (sCon 1), Inst @"b" b)
                                   =: interpInEnv env (sMul (sCon 1) b)
                                   =: qed

                               , isCon b .&& scon b .== 1
                                 ==> interpInEnv env (simplify (sMul a (sCon 1)))
                                   ?? "Mul a*1"
                                   =: interpInEnv env a
                                   =: interpInEnv env a * 1
                                   ?? interpInEnv env (sCon 1) .== 1
                                   =: interpInEnv env a * interpInEnv env (sCon 1)
                                   ?? mulH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" (sCon 1))
                                   =: interpInEnv env (sMul a (sCon 1))
                                   =: qed

                               , isCon a .&& isCon b
                                 ==> let va = scon a; vb = scon b
                                   in interpInEnv env (simplify (sMul (sCon va) (sCon vb)))
                                   ?? "Mul Con"
                                   ?? simplify (sMul (sCon va) (sCon vb)) .== sCon (va * vb)
                                   =: interpInEnv env (sCon (va * vb))
                                   ?? interpInEnv env (sCon (va * vb)) .== va * vb
                                   =: va * vb
                                   ?? mulCL `at` (Inst @"a" (interpInEnv env (sCon va)), Inst @"b" va, Inst @"c" vb)
                                   =: interpInEnv env (sCon va) * vb
                                   ?? mulCR `at` (Inst @"a" (interpInEnv env (sCon va)), Inst @"b" (interpInEnv env (sCon vb)), Inst @"c" vb)
                                   =: interpInEnv env (sCon va) * interpInEnv env (sCon vb)
                                   ?? mulH `at` (Inst @"env" env, Inst @"a" (sCon va), Inst @"b" (sCon vb))
                                   =: interpInEnv env (sMul (sCon va) (sCon vb))
                                   =: qed

                               , isCon a .&& sNot (isCon b)
                                 ==> let va = scon a
                                   in cases [ va .== 0
                                              ==> interpInEnv env (simplify (sMul (sCon 0) b))
                                                ?? "Mul 0,_"
                                                =: interpInEnv env (sCon 0)
                                                ?? mulH `at` (Inst @"env" env, Inst @"a" (sCon 0), Inst @"b" b)
                                                =: interpInEnv env (sMul (sCon 0) b)
                                                =: qed
                                            , va .== 1
                                              ==> interpInEnv env (simplify (sMul (sCon 1) b))
                                                ?? "Mul 1,_"
                                                =: interpInEnv env b
                                                =: 1 * interpInEnv env b
                                                ?? interpInEnv env (sCon 1) .== 1
                                                =: interpInEnv env (sCon 1) * interpInEnv env b
                                                ?? mulH `at` (Inst @"env" env, Inst @"a" (sCon 1), Inst @"b" b)
                                                =: interpInEnv env (sMul (sCon 1) b)
                                                =: qed
                                            , va ./= 0 .&& va ./= 1
                                              ==> interpInEnv env (simplify (sMul (sCon va) b))
                                                ?? "Mul C,_"
                                                =: interpInEnv env (sMul (sCon va) b)
                                                =: qed
                                            ]

                               , sNot (isCon a) .&& isCon b
                                 ==> let vb = scon b
                                   in cases [ vb .== 0
                                              ==> interpInEnv env (simplify (sMul a (sCon 0)))
                                                ?? "Mul _,0"
                                                =: interpInEnv env (sCon 0)
                                                ?? mulH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" (sCon 0))
                                                =: interpInEnv env (sMul a (sCon 0))
                                                =: qed
                                            , vb .== 1
                                              ==> interpInEnv env (simplify (sMul a (sCon 1)))
                                                ?? "Mul _,1"
                                                =: interpInEnv env a
                                                =: interpInEnv env a * 1
                                                ?? interpInEnv env (sCon 1) .== 1
                                                =: interpInEnv env a * interpInEnv env (sCon 1)
                                                ?? mulH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" (sCon 1))
                                                =: interpInEnv env (sMul a (sCon 1))
                                                =: qed
                                            , vb ./= 0 .&& vb ./= 1
                                              ==> interpInEnv env (simplify (sMul a (sCon vb)))
                                                ?? "Mul _,C"
                                                =: interpInEnv env (sMul a (sCon vb))
                                                =: qed
                                            ]

                               , sNot (isCon a) .&& sNot (isCon b)
                                 ==> interpInEnv env (simplify (sMul a b))
                                   ?? "Mul _,_"
                                   =: interpInEnv env (sMul a b)
                                   =: qed
                               ]

          Let nm a b -> interpInEnv env (simplify e)
                     ?? "Let"
                     =: interpInEnv env (simplify (sLet nm a b))
                     =: cases [ isCon a
                                 ==> let v = scon a
                                   in interpInEnv env (simplify (sLet nm (sCon v) b))
                                   ?? "Let Con"
                                   =: interpInEnv env (subst nm v b)
                                   ?? subC `at` (Inst @"e" b, Inst @"nm" nm, Inst @"v" v, Inst @"env" env)
                                   =: interpInEnv (ST.tuple (nm, v) .: env) b
                                   ?? letH `at` (Inst @"env" env, Inst @"nm" nm, Inst @"a" (sCon v), Inst @"b" b)
                                   =: interpInEnv env (sLet nm (sCon v) b)
                                   =: qed
                               , sNot (isCon a)
                                 ==> interpInEnv env (simplify (sLet nm a b))
                                   ?? "Let _"
                                   =: interpInEnv env (sLet nm a b)
                                   =: qed
                               ]
        |]

-- | Constant folding preserves the semantics: interpreting an expression
-- is the same as constant-folding it first and then interpreting the result.
--
-- >>> runTPWith cvc5 cfoldCorrect
-- Lemma: measureNonNeg                    Q.E.D.
-- Lemma: simpCorrect                      Q.E.D.
-- Lemma: sqrCong                          Q.E.D.
-- Lemma: sqrHelper                        Q.E.D.
-- Lemma: mulCongL                         Q.E.D.
-- Lemma: mulCongR                         Q.E.D.
-- Lemma: mulHelper                        Q.E.D.
-- Inductive lemma (strong): cfoldCorrect
--   Step: Measure is non-negative         Q.E.D.
--   Step: 1 (7 way case split)
--     Step: 1.1.1 (case Var)              Q.E.D.
--     Step: 1.1.2                         Q.E.D.
--     Step: 1.1.3                         Q.E.D.
--     Step: 1.2.1 (case Con)              Q.E.D.
--     Step: 1.2.2                         Q.E.D.
--     Step: 1.2.3                         Q.E.D.
--     Step: 1.3.1 (case Sqr)              Q.E.D.
--     Step: 1.3.2                         Q.E.D.
--     Step: 1.3.3                         Q.E.D.
--     Step: 1.3.4                         Q.E.D.
--     Step: 1.3.5                         Q.E.D.
--     Step: 1.3.6                         Q.E.D.
--     Step: 1.3.7                         Q.E.D.
--     Step: 1.4.1 (case Inc)              Q.E.D.
--     Step: 1.4.2                         Q.E.D.
--     Step: 1.4.3                         Q.E.D.
--     Step: 1.4.4                         Q.E.D.
--     Step: 1.4.5                         Q.E.D.
--     Step: 1.5.1 (case Add)              Q.E.D.
--     Step: 1.5.2                         Q.E.D.
--     Step: 1.5.3                         Q.E.D.
--     Step: 1.5.4                         Q.E.D.
--     Step: 1.5.5                         Q.E.D.
--     Step: 1.6.1 (case Mul)              Q.E.D.
--     Step: 1.6.2                         Q.E.D.
--     Step: 1.6.3                         Q.E.D.
--     Step: 1.6.4                         Q.E.D.
--     Step: 1.6.5                         Q.E.D.
--     Step: 1.6.6                         Q.E.D.
--     Step: 1.6.7                         Q.E.D.
--     Step: 1.6.8                         Q.E.D.
--     Step: 1.7.1 (case Let)              Q.E.D.
--     Step: 1.7.2                         Q.E.D.
--     Step: 1.7.3                         Q.E.D.
--     Step: 1.7.4                         Q.E.D.
--     Step: 1.7.5                         Q.E.D.
--     Step: 1.Completeness                Q.E.D.
--   Result:                               Q.E.D.
-- [Proven] cfoldCorrect :: Ɐe ∷ (Expr [Char] Integer) → Ɐenv ∷ [([Char], Integer)] → Bool
cfoldCorrect :: TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
cfoldCorrect :: TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
cfoldCorrect = do
   Proof (Forall "e" Exp -> SBool)
mnn  <- String
-> TP (Proof (Forall "e" Exp -> SBool))
-> TP (Proof (Forall "e" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"measureNonNeg" TP (Proof (Forall "e" Exp -> SBool))
measureNonNeg
   Proof (Forall "e" Exp -> Forall "env" EL -> SBool)
sc   <- String
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"simpCorrect"   TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
simpCorrect
   Proof (Forall "a" Integer -> Forall "b" Integer -> SBool)
sqrC <- String
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
-> TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrCong"       TP (Proof (Forall "a" Integer -> Forall "b" Integer -> SBool))
sqrCong
   Proof (Forall "env" EL -> Forall "a" Exp -> SBool)
sqrH <- String
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
-> TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"sqrHelper"     TP (Proof (Forall "env" EL -> Forall "a" Exp -> SBool))
sqrHelper
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCL <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongL"     TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongL
   Proof
  (Forall "a" Integer
   -> Forall "b" Integer -> Forall "c" Integer -> SBool)
mulCR <- String
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
-> TP
     (Proof
        (Forall "a" Integer
         -> Forall "b" Integer -> Forall "c" Integer -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulCongR"     TP
  (Proof
     (Forall "a" Integer
      -> Forall "b" Integer -> Forall "c" Integer -> SBool))
mulCongR
   Proof
  (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool)
mulH <- String
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
-> TP
     (Proof
        (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
forall a. String -> TP (Proof a) -> TP (Proof a)
recall String
"mulHelper"     TP
  (Proof
     (Forall "env" EL -> Forall "a" Exp -> Forall "b" Exp -> SBool))
mulHelper

   String
-> (Forall "e" Exp -> Forall "env" EL -> SBool)
-> (MeasureArgs
      (Forall "e" Exp -> Forall "env" EL -> SBool) Integer,
    [ProofObj])
-> (Proof (Forall "e" Exp -> Forall "env" EL -> SBool)
    -> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) Integer)
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
forall a m t.
(SInductive a, Proposition a, Zero m, SymVal t,
 EqSymbolic (SBV t)) =>
String
-> a
-> (MeasureArgs a m, [ProofObj])
-> (Proof a -> StepArgs a t)
-> TP (Proof a)
forall m t.
(Proposition (Forall "e" Exp -> Forall "env" EL -> SBool), Zero m,
 SymVal t, EqSymbolic (SBV t)) =>
String
-> (Forall "e" Exp -> Forall "env" EL -> SBool)
-> (MeasureArgs (Forall "e" Exp -> Forall "env" EL -> SBool) m,
    [ProofObj])
-> (Proof (Forall "e" Exp -> Forall "env" EL -> SBool)
    -> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) t)
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
sInduct String
"cfoldCorrect"
     (\(Forall @"e" (SE
e :: SE)) (Forall @"env" (SList (String, Integer)
env :: E)) -> SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env (SE -> SE
cfold SE
e) SBV Integer -> SBV Integer -> SBool
forall a. EqSymbolic a => a -> a -> SBool
.== SList (String, Integer) -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val, Num (SBV val)) =>
Env nm val -> SExpr nm val -> SBV val
interpInEnv SList (String, Integer)
env SE
e)
     (\SE
e SList (String, Integer)
_ -> SE -> SBV Integer
forall nm val.
(SymVal nm, SymVal val) =>
SExpr nm val -> SBV Integer
size SE
e, [Proof (Forall "e" Exp -> SBool) -> ProofObj
forall a. Proof a -> ProofObj
proofOf Proof (Forall "e" Exp -> SBool)
mnn]) ((Proof (Forall "e" Exp -> Forall "env" EL -> SBool)
  -> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) Integer)
 -> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool)))
-> (Proof (Forall "e" Exp -> Forall "env" EL -> SBool)
    -> StepArgs (Forall "e" Exp -> Forall "env" EL -> SBool) Integer)
-> TP (Proof (Forall "e" Exp -> Forall "env" EL -> SBool))
forall a b. (a -> b) -> a -> b
$
     \Proof (Forall "e" Exp -> Forall "env" EL -> SBool)
ih SE
e SList (String, Integer)
env -> []
       [SBool]
-> TPProofRaw (SBV Integer) -> (SBool, TPProofRaw (SBV Integer))
forall a. [SBool] -> TPProofRaw a -> (SBool, TPProofRaw a)
|- [pCase|Expr e of
            Var nm     -> interpInEnv env (cfold e)
                       ?? "case Var"
                       =: interpInEnv env (cfold (sVar nm))
                       =: interpInEnv env (sVar nm)
                       =: interpInEnv env e
                       =: qed

            Con v      -> interpInEnv env (cfold e)
                       ?? "case Con"
                       =: interpInEnv env (cfold (sCon v))
                       =: interpInEnv env (sCon v)
                       =: interpInEnv env e
                       =: qed

            Sqr a      -> interpInEnv env (cfold e)
                       ?? "case Sqr"
                       =: interpInEnv env (cfold (sSqr a))
                       =: interpInEnv env (simplify (sSqr (cfold a)))
                       ?? sc `at` (Inst @"e" (sSqr (cfold a)), Inst @"env" env)
                       =: interpInEnv env (sSqr (cfold a))
                       ?? sqrH `at` (Inst @"env" env, Inst @"a" (cfold a))
                       =: interpInEnv env (cfold a) * interpInEnv env (cfold a)
                       ?? ih `at` (Inst @"e" a, Inst @"env" env)
                       ?? sqrC `at` (Inst @"a" (interpInEnv env (cfold a)), Inst @"b" (interpInEnv env a))
                       =: interpInEnv env a * interpInEnv env a
                       ?? sqrH `at` (Inst @"env" env, Inst @"a" a)
                       =: interpInEnv env (sSqr a)
                       =: interpInEnv env e
                       =: qed

            Inc a      -> interpInEnv env (cfold e)
                       ?? "case Inc"
                       =: interpInEnv env (cfold (sInc a))
                       =: interpInEnv env (simplify (sInc (cfold a)))
                       ?? sc `at` (Inst @"e" (sInc (cfold a)), Inst @"env" env)
                       =: interpInEnv env (sInc (cfold a))
                       ?? ih `at` (Inst @"e" a, Inst @"env" env)
                       =: interpInEnv env (sInc a)
                       =: interpInEnv env e
                       =: qed

            Add a b    -> interpInEnv env (cfold e)
                       ?? "case Add"
                       =: interpInEnv env (cfold (sAdd a b))
                       =: interpInEnv env (simplify (sAdd (cfold a) (cfold b)))
                       ?? sc `at` (Inst @"e" (sAdd (cfold a) (cfold b)), Inst @"env" env)
                       =: interpInEnv env (sAdd (cfold a) (cfold b))
                       ?? ih `at` (Inst @"e" a, Inst @"env" env)
                       ?? ih `at` (Inst @"e" b, Inst @"env" env)
                       =: interpInEnv env (sAdd a b)
                       =: interpInEnv env e
                       =: qed

            Mul a b    -> interpInEnv env (cfold e)
                       ?? "case Mul"
                       =: interpInEnv env (cfold (sMul a b))
                       =: interpInEnv env (simplify (sMul (cfold a) (cfold b)))
                       ?? sc `at` (Inst @"e" (sMul (cfold a) (cfold b)), Inst @"env" env)
                       =: interpInEnv env (sMul (cfold a) (cfold b))
                       ?? mulH `at` (Inst @"env" env, Inst @"a" (cfold a), Inst @"b" (cfold b))
                       =: interpInEnv env (cfold a) * interpInEnv env (cfold b)
                       ?? ih `at` (Inst @"e" a, Inst @"env" env)
                       ?? mulCL `at` (Inst @"a" (interpInEnv env (cfold a)), Inst @"b" (interpInEnv env a), Inst @"c" (interpInEnv env (cfold b)))
                       =: interpInEnv env a * interpInEnv env (cfold b)
                       ?? ih `at` (Inst @"e" b, Inst @"env" env)
                       ?? mulCR `at` (Inst @"a" (interpInEnv env a), Inst @"b" (interpInEnv env (cfold b)), Inst @"c" (interpInEnv env b))
                       =: interpInEnv env a * interpInEnv env b
                       ?? mulH `at` (Inst @"env" env, Inst @"a" a, Inst @"b" b)
                       =: interpInEnv env (sMul a b)
                       =: interpInEnv env e
                       =: qed

            Let nm a b -> interpInEnv env (cfold e)
                       ?? "case Let"
                       =: interpInEnv env (cfold (sLet nm a b))
                       =: interpInEnv env (simplify (sLet nm (cfold a) (cfold b)))
                       ?? sc `at` (Inst @"e" (sLet nm (cfold a) (cfold b)), Inst @"env" env)
                       =: interpInEnv env (sLet nm (cfold a) (cfold b))
                       ?? ih `at` (Inst @"e" a, Inst @"env" env)
                       ?? ih `at` (Inst @"e" b, Inst @"env" (ST.tuple (nm, interpInEnv env a) .: env))
                       =: interpInEnv env (sLet nm a b)
                       =: interpInEnv env e
                       =: qed
          |]

{-# ANN simpCorrect  ("HLint: ignore Evaluate" :: String) #-}
{-# ANN cfoldCorrect ("HLint: ignore Evaluate" :: String) #-}