import Mt.Thread

namespace Mt

variable {spec: Spec
spec : Spec: Type 1
Spec}
local instance: {spec : Spec} → IsReservation spec.Reservation
instance : IsReservation: Type → Type
IsReservation spec: Spec
spec.Reservation: Spec → Type
Reservation :=spec: Spec
spec.is_reservation: (self : Spec) → IsReservation self.Reservation
is_reservation

/-- Describes a system of zero or more threads running in parallel

  Systems can be iterated one atomic step at a time by choosing
  one of its threads. They keep track of the number of threads
  which panicked during execution
-/
structure System: {spec : Spec} → spec.State → List (Thread spec) → Nat → System spec
System (spec: Spec
spec : Spec: Type 1
Spec) where
  state: {spec : Spec} → System spec → spec.State
state   : spec: Spec
spec.State: Spec → Type
State
  threads: {spec : Spec} → System spec → List (Thread spec)
threads : List: Type ?u.34 → Type ?u.34
List (Thread: Spec → Type 1
Thread spec: Spec
spec)
  panics: {spec : Spec} → System spec → Nat
panics  : Nat: Type
Nat

namespace System

def ThreadIndex: System spec → Type
ThreadIndex (s: System spec
s : System: Spec → Type 1
System spec: Spec
spec) : Type: Type 1
Type :=Fin: Nat → Type
Fin s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.length: {α : Type ?u.540} → List α → Nat
length
def done: System spec → Bool
done (s: System spec
s : System: Spec → Type 1
System spec: Spec
spec) : Bool: Type
Bool :=s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.length: {α : Type ?u.559} → List α → Nat
length = 0: ?m.565
0

def iterate: (s : System spec) → ThreadIndex s → System spec
iterate (s: System spec
s : System: Spec → Type 1
System spec: Spec
spec) : s: System spec
s.ThreadIndex: {spec : Spec} → System spec → Type
ThreadIndex -> System: Spec → Type 1
System spec: Spec
spec
  | thread_idx: ?m.670
thread_idx =>
    if (s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.get: {α : Type ?u.673} → (as : List α) → Fin (List.length as) → α
get thread_idx: ?m.670
thread_idx).block_until: {spec : Spec} → Thread spec → spec.State → Bool
block_until s: System spec
s.state: {spec : Spec} → System spec → spec.State
state then 
      match (s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.get: {α : Type ?u.763} → (as : List α) → Fin (List.length as) → α
get thread_idx: ?m.670
thread_idx).iterate: {spec : Spec} → Thread spec → spec.State → Thread.IterationResult spec
iterate s: System spec
s.state: {spec : Spec} → System spec → spec.State
state with
        | Thread.IterationResult.Done: {spec : Spec} → spec.State → Thread.IterationResult spec
Thread.IterationResult.Done state: spec.State
state =>
          {
            state: spec.State
state
            threads := s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.eraseIdx: {α : Type ?u.789} → List α → Nat → List α
eraseIdx thread_idx: ?m.670
thread_idx.val: {n : Nat} → Fin n → Nat
val
            panics := s: System spec
s.panics: {spec : Spec} → System spec → Nat
panics
          }
        | Thread.IterationResult.Panic: {spec : Spec} → spec.State → Thread.IterationResult spec
Thread.IterationResult.Panic state: spec.State
state =>
          {
            state: spec.State
state
            threads := s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.eraseIdx: {α : Type ?u.811} → List α → Nat → List α
eraseIdx thread_idx: ?m.670
thread_idx.val: {n : Nat} → Fin n → Nat
val
            panics := s: System spec
s.panics: {spec : Spec} → System spec → Nat
panics + 1: ?m.822
1
          }
        | Thread.IterationResult.Running: {spec : Spec} → spec.State → Thread spec → Thread.IterationResult spec
Thread.IterationResult.Running state: spec.State
state thread: Thread spec
thread =>
          {
            state: spec.State
state
            threads := s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.set: {α : Type ?u.890} → List α → Nat → α → List α
set thread_idx: ?m.670
thread_idx.val: {n : Nat} → Fin n → Nat
val thread: Thread spec
thread
            panics := s: System spec
s.panics: {spec : Spec} → System spec → Nat
panics
          }
    else
      s: System spec
s

theorem iterate_threads: ∀ (s : System spec) (thread_idx : ThreadIndex s),
  Thread.block_until (List.get s.threads thread_idx) s.state = true →
    (iterate s thread_idx).threads =       let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
      match Thread.iterate (List.get s.threads thread_idx) s.state with
      | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
      | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
      | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
iterate_threads (s: System spec
s : System: Spec → Type 1
System spec: Spec
spec) (thread_idx: ThreadIndex s
thread_idx : s: System spec
s.ThreadIndex: {spec : Spec} → System spec → Type
ThreadIndex)
  (blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true
blocked_until : (s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.get: {α : Type ?u.1259} → (as : List α) → Fin (List.length as) → α
get thread_idx: ThreadIndex s
thread_idx).block_until: {spec : Spec} → Thread spec → spec.State → Bool
block_until s: System spec
s.state: {spec : Spec} → System spec → spec.State
state) :
  (s: System spec
s.iterate: {spec : Spec} → (s : System spec) → ThreadIndex s → System spec
iterate thread_idx: ThreadIndex s
thread_idx).threads: {spec : Spec} → System spec → List (Thread spec)
threads =
    match (s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.get: {α : Type ?u.1293} → (as : List α) → Fin (List.length as) → α
get thread_idx: ThreadIndex s
thread_idx).iterate: {spec : Spec} → Thread spec → spec.State → Thread.IterationResult spec
iterate s: System spec
s.state: {spec : Spec} → System spec → spec.State
state with
      | Thread.IterationResult.Done: {spec : Spec} → spec.State → Thread.IterationResult spec
Thread.IterationResult.Done .. => s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.eraseIdx: {α : Type ?u.1327} → List α → Nat → List α
eraseIdx thread_idx: ThreadIndex s
thread_idx.val: {n : Nat} → Fin n → Nat
val
      | Thread.IterationResult.Panic: {spec : Spec} → spec.State → Thread.IterationResult spec
Thread.IterationResult.Panic .. => s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.eraseIdx: {α : Type ?u.1347} → List α → Nat → List α
eraseIdx thread_idx: ThreadIndex s
thread_idx.val: {n : Nat} → Fin n → Nat
val
      | Thread.IterationResult.Running: {spec : Spec} → spec.State → Thread spec → Thread.IterationResult spec
Thread.IterationResult.Running _ thread: Thread spec
thread => s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.set: {α : Type ?u.1372} → List α → Nat → α → List α
set thread_idx: ThreadIndex s
thread_idx.val: {n : Nat} → Fin n → Nat
val thread: Thread spec
thread :=by
  spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).threads =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val threadrw [spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).threads =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val threaditerate: {spec : Spec} → (s : System spec) → ThreadIndex s → System spec
iteratespec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(let thread_idx := thread_idx;
    if Thread.block_until (List.get s.threads thread_idx) s.state = true then
      match Thread.iterate (List.get s.threads thread_idx) s.state with
      | Thread.IterationResult.Done state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
      | Thread.IterationResult.Panic state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
      | Thread.IterationResult.Running state thread =>
        { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }
    else s).threads =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread]spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(let thread_idx := thread_idx;
    if Thread.block_until (List.get s.threads thread_idx) s.state = true then
      match Thread.iterate (List.get s.threads thread_idx) s.state with
      | Thread.IterationResult.Done state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
      | Thread.IterationResult.Panic state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
      | Thread.IterationResult.Running state thread =>
        { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }
    else s).threads =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
  spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).threads =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val threadsimp only [blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true
blocked_until, ite_true: ∀ {α : Sort ?u.1534} (a b : α), (if True then a else b) = a
ite_true]spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(match Thread.iterate (List.get s.threads thread_idx) s.state with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
  spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).threads =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val threadcases h : Thread.iterate: {spec : Spec} → Thread spec → spec.State → Thread.IterationResult spec
Thread.iterate (List.get: {α : Type ?u.2582} → (as : List α) → Fin (List.length as) → α
List.get s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads thread_idx: ThreadIndex s
thread_idx) s: System spec
s.state: {spec : Spec} → System spec → spec.State
statespec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Done a✝

Done(match Thread.IterationResult.Done a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.IterationResult.Done a✝ with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Panic a✝

Panic(match Thread.IterationResult.Panic a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.IterationResult.Panic a✝ with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝¹: spec.State

a✝: Thread spec

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Running a✝¹ a✝

Running(match Thread.IterationResult.Running a✝¹ a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.IterationResult.Running a✝¹ a✝ with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(match Thread.iterate (List.get s.threads thread_idx) s.state with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread<;>spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Done a✝

Done(match Thread.IterationResult.Done a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.IterationResult.Done a✝ with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Panic a✝

Panic(match Thread.IterationResult.Panic a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.IterationResult.Panic a✝ with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝¹: spec.State

a✝: Thread spec

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Running a✝¹ a✝

Running(match Thread.IterationResult.Running a✝¹ a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.IterationResult.Running a✝¹ a✝ with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val thread spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(match Thread.iterate (List.get s.threads thread_idx) s.state with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).threads =   match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Panic a => List.eraseIdx s.threads thread_idx.val
  | Thread.IterationResult.Running a thread => List.set s.threads thread_idx.val threadrfl
Goals accomplished! 🐙

theorem iterate_panics: ∀ {spec : Spec} (s : System spec) (thread_idx : ThreadIndex s),
  Thread.block_until (List.get s.threads thread_idx) s.state = true →
    (iterate s thread_idx).panics =       let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
      match Thread.iterate (List.get s.threads thread_idx) s.state with
      | Thread.IterationResult.Done a => s.panics
      | Thread.IterationResult.Panic a => s.panics + 1
      | Thread.IterationResult.Running a a_1 => s.panics
iterate_panics (s: System spec
s : System: Spec → Type 1
System spec: Spec
spec) (thread_idx: ThreadIndex s
thread_idx : s: System spec
s.ThreadIndex: {spec : Spec} → System spec → Type
ThreadIndex)
  (blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true
blocked_until : (s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.get: {α : Type ?u.2792} → (as : List α) → Fin (List.length as) → α
get thread_idx: ThreadIndex s
thread_idx).block_until: {spec : Spec} → Thread spec → spec.State → Bool
block_until s: System spec
s.state: {spec : Spec} → System spec → spec.State
state) :
  (s: System spec
s.iterate: {spec : Spec} → (s : System spec) → ThreadIndex s → System spec
iterate thread_idx: ThreadIndex s
thread_idx).panics: {spec : Spec} → System spec → Nat
panics =
    match (s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads.get: {α : Type ?u.2826} → (as : List α) → Fin (List.length as) → α
get thread_idx: ThreadIndex s
thread_idx).iterate: {spec : Spec} → Thread spec → spec.State → Thread.IterationResult spec
iterate s: System spec
s.state: {spec : Spec} → System spec → spec.State
state with
      | Thread.IterationResult.Done: {spec : Spec} → spec.State → Thread.IterationResult spec
Thread.IterationResult.Done .. => s: System spec
s.panics: {spec : Spec} → System spec → Nat
panics
      | Thread.IterationResult.Panic: {spec : Spec} → spec.State → Thread.IterationResult spec
Thread.IterationResult.Panic .. => s: System spec
s.panics: {spec : Spec} → System spec → Nat
panics + 1: ?m.2877
1
      | Thread.IterationResult.Running: {spec : Spec} → spec.State → Thread spec → Thread.IterationResult spec
Thread.IterationResult.Running .. => s: System spec
s.panics: {spec : Spec} → System spec → Nat
panics :=by
  spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).panics =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panicsrw [spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).panics =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panicsiterate: {spec : Spec} → (s : System spec) → ThreadIndex s → System spec
iteratespec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(let thread_idx := thread_idx;
    if Thread.block_until (List.get s.threads thread_idx) s.state = true then
      match Thread.iterate (List.get s.threads thread_idx) s.state with
      | Thread.IterationResult.Done state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
      | Thread.IterationResult.Panic state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
      | Thread.IterationResult.Running state thread =>
        { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }
    else s).panics =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics]spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(let thread_idx := thread_idx;
    if Thread.block_until (List.get s.threads thread_idx) s.state = true then
      match Thread.iterate (List.get s.threads thread_idx) s.state with
      | Thread.IterationResult.Done state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
      | Thread.IterationResult.Panic state =>
        { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
      | Thread.IterationResult.Running state thread =>
        { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }
    else s).panics =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics
  spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).panics =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panicssimp only [blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true
blocked_until, ite_true: ∀ {α : Sort ?u.3097} (a b : α), (if True then a else b) = a
ite_true]spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(match Thread.iterate (List.get s.threads thread_idx) s.state with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics
  spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(iterate s thread_idx).panics =   let _discr := Thread.iterate (List.get s.threads thread_idx) s.state;
  match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panicscases h : Thread.iterate: {spec : Spec} → Thread spec → spec.State → Thread.IterationResult spec
Thread.iterate (List.get: {α : Type ?u.3906} → (as : List α) → Fin (List.length as) → α
List.get s: System spec
s.threads: {spec : Spec} → System spec → List (Thread spec)
threads thread_idx: ThreadIndex s
thread_idx) s: System spec
s.state: {spec : Spec} → System spec → spec.State
statespec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Done a✝

Done(match Thread.IterationResult.Done a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.IterationResult.Done a✝ with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Panic a✝

Panic(match Thread.IterationResult.Panic a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.IterationResult.Panic a✝ with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝¹: spec.State

a✝: Thread spec

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Running a✝¹ a✝

Running(match Thread.IterationResult.Running a✝¹ a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.IterationResult.Running a✝¹ a✝ with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(match Thread.iterate (List.get s.threads thread_idx) s.state with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics<;>spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Done a✝

Done(match Thread.IterationResult.Done a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.IterationResult.Done a✝ with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝: spec.State

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Panic a✝

Panic(match Thread.IterationResult.Panic a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.IterationResult.Panic a✝ with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics
spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

a✝¹: spec.State

a✝: Thread spec

h: Thread.iterate (List.get s.threads thread_idx) s.state = Thread.IterationResult.Running a✝¹ a✝

Running(match Thread.IterationResult.Running a✝¹ a✝ with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.IterationResult.Running a✝¹ a✝ with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panics spec: Spec

s: System spec

thread_idx: ThreadIndex s

blocked_until: Thread.block_until (List.get s.threads thread_idx) s.state = true

(match Thread.iterate (List.get s.threads thread_idx) s.state with
    | Thread.IterationResult.Done state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics }
    | Thread.IterationResult.Panic state =>
      { state := state, threads := List.eraseIdx s.threads thread_idx.val, panics := s.panics + 1 }
    | Thread.IterationResult.Running state thread =>
      { state := state, threads := List.set s.threads thread_idx.val thread, panics := s.panics }).panics =   match Thread.iterate (List.get s.threads thread_idx) s.state with
  | Thread.IterationResult.Done a => s.panics
  | Thread.IterationResult.Panic a => s.panics + 1
  | Thread.IterationResult.Running a a_1 => s.panicsrfl
Goals accomplished! 🐙

inductive reduces_to: System spec → System spec → Prop
reduces_to : System: Spec → Type 1
System spec: Spec
spec -> System: Spec → Type 1
System spec: Spec
spec -> Prop: Type
Prop where
| single: ∀ {spec : Spec} {a b : System spec} (idx : ThreadIndex a), iterate a idx = b → reduces_to a b
single {a: ?m.4086
a b: ?m.4089
b} (idx: ?m.4092
idx : a: ?m.4086
a.ThreadIndex: {spec : Spec} → System spec → Type
ThreadIndex) (iteration: ?m.4098 = b
iteration : a: ?m.4086
a.iterate: {spec : Spec} → (s : System spec) → ThreadIndex s → System spec
iterate idx: ?m.4092
idx = b: ?m.4089
b) : reduces_to: System spec → System spec → Prop
reduces_to a: ?m.4086
a b: ?m.4089
b
| trans: ∀ {spec : Spec} {a b c : System spec}, reduces_to a b → reduces_to b c → reduces_to a c
trans {a: ?m.4119
a b: ?m.4122
b c: ?m.4125
c} (a_to_b: ?m.4128
a_to_b : a: ?m.4119
a.reduces_to: System spec → System spec → Prop
reduces_to b: ?m.4122
b) (b_to_c: ?m.4131
b_to_c : b: ?m.4122
b.reduces_to: System spec → System spec → Prop
reduces_to c: ?m.4125
c) : reduces_to: System spec → System spec → Prop
reduces_to a: ?m.4119
a c: ?m.4125
c

def reduces_to_or_eq: System spec → System spec → Prop
reduces_to_or_eq (a: System spec
a b: System spec
b : System: Spec → Type 1
System spec: Spec
spec) : Prop: Type
Prop :=a: System spec
a = b: System spec
b ∨ a: System spec
a.reduces_to: {spec : Spec} → System spec → System spec → Prop
reduces_to b: System spec
b

theorem reduces_to_or_eq.refl: ∀ (a : System spec), reduces_to_or_eq a a
reduces_to_or_eq.refl (a: System spec
a : System: Spec → Type 1
System spec: Spec
spec) : a: System spec
a.reduces_to_or_eq: {spec : Spec} → System spec → System spec → Prop
reduces_to_or_eq a: System spec
a :=Or.inl: ∀ {a b : Prop}, a → a ∨ b
Or.inl rfl: ∀ {α : Sort ?u.4389} {a : α}, a = a
rfl
theorem reduces_to_or_eq.trans: ∀ {spec : Spec} {a b c : System spec}, reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a c
reduces_to_or_eq.trans {a: System spec
a b: System spec
b c: System spec
c : System: Spec → Type 1
System spec: Spec
spec} :
  a: System spec
a.reduces_to_or_eq: {spec : Spec} → System spec → System spec → Prop
reduces_to_or_eq b: System spec
b → b: System spec
b.reduces_to_or_eq: {spec : Spec} → System spec → System spec → Prop
reduces_to_or_eq c: System spec
c → a: System spec
a.reduces_to_or_eq: {spec : Spec} → System spec → System spec → Prop
reduces_to_or_eq c: System spec
c :=by
  spec: Spec

a, b, c: System spec

reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a cintro ab: reduces_to_or_eq a b
ab bc: reduces_to_or_eq b c
bcspec: Spec

a, b, c: System spec

ab: reduces_to_or_eq a b

bc: reduces_to_or_eq b c

reduces_to_or_eq a c
  spec: Spec

a, b, c: System spec

reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a ccases ab: reduces_to_or_eq a b
abspec: Spec

a, b, c: System spec

bc: reduces_to_or_eq b c

inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

bc: reduces_to_or_eq b c

inrreduces_to_or_eq a c spec: Spec

a, b, c: System spec

ab: reduces_to_or_eq a b

bc: reduces_to_or_eq b c

reduces_to_or_eq a c<;>spec: Spec

a, b, c: System spec

bc: reduces_to_or_eq b c

inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

bc: reduces_to_or_eq b c

inrreduces_to_or_eq a c spec: Spec

a, b, c: System spec

ab: reduces_to_or_eq a b

bc: reduces_to_or_eq b c

reduces_to_or_eq a ccases bc: reduces_to_or_eq b c
bcspec: Spec

a, b, c: System spec

inl.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

inl.inrreduces_to_or_eq a c spec: Spec

a, b, c: System spec

bc: reduces_to_or_eq b c

inlreduces_to_or_eq a c<;>spec: Spec

a, b, c: System spec

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

inr.inrreduces_to_or_eq a c spec: Spec

a, b, c: System spec

bc: reduces_to_or_eq b c

inlreduces_to_or_eq a crename_i h₁: ?m.4457
h₁ h₂: ?m.4573
h₂spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
  spec: Spec

a, b, c: System spec

reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a c.spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq a c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a crw [spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq a ch₁: ?m.4456
h₁,spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq b c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq a ch₂: ?m.4513
h₂spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq c c]spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq c c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a c;spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq c c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: b = c

inl.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a cexact Or.inl: ∀ {a b : Prop}, a → a ∨ b
Or.inl rfl: ∀ {α : Sort ?u.4624} {a : α}, a = a
rfl
Goals accomplished! 🐙
  spec: Spec

a, b, c: System spec

reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a c.spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a crw [spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a ch₁: ?m.4456
h₁spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq b c]spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq b c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a c;spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq b c spec: Spec

a, b, c: System spec

h₁: a = b

h₂: reduces_to b c

inl.inrreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a cexact Or.inr: ∀ {a b : Prop}, b → a ∨ b
Or.inr h₂: ?m.4514
h₂
Goals accomplished! 🐙
  spec: Spec

a, b, c: System spec

reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a c.spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a crw [spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a ch₂: ?m.4572
h₂.symm: ∀ {α : Sort ?u.4634} {a b : α}, a = b → b = a
symmspec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a b]spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a b spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a c;spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a b spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: b = c

inr.inlreduces_to_or_eq a c
spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a cexact Or.inr: ∀ {a b : Prop}, b → a ∨ b
Or.inr h₁: ?m.4457
h₁
Goals accomplished! 🐙
  spec: Spec

a, b, c: System spec

reduces_to_or_eq a b → reduces_to_or_eq b c → reduces_to_or_eq a c.spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a c spec: Spec

a, b, c: System spec

h₁: reduces_to a b

h₂: reduces_to b c

inr.inrreduces_to_or_eq a cexact Or.inr: ∀ {a b : Prop}, b → a ∨ b
Or.inr <| h₁: ?m.4457
h₁.trans: ∀ {spec : Spec} {a b c : System spec}, reduces_to a b → reduces_to b c → reduces_to a c
trans h₂: ?m.4573
h₂
Goals accomplished! 🐙


end System

end Mt