import Mt.Thread.Traced import Mt.System.Basic import Mt.System.BasicAux import Mt.Utils.List namespace Mt.Traced structureTracedSystem (TracedSystem: Spec → Type 1spec :spec: SpecSpec) whereSpec: Type 1state :state: {spec : Spec} → TracedSystem spec → spec.Statespec.spec: SpecStateState: Spec → Typethreads :threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)List (List: Type ?u.8 → Type ?u.8TracedThreadTracedThread: Spec → Type 1spec) namespace TracedSystem variable {spec: Specspec :spec: SpecSpec} localSpec: Type 1instance :instance: {spec : Spec} → IsReservation spec.ReservationIsReservationIsReservation: Type → Typespec.spec: SpecReservation :=Reservation: Spec → Typespec.spec: Specis_reservation defis_reservation: (self : Spec) → IsReservation self.ReservationThreadIndex (ThreadIndex: TracedSystem spec → Types :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) :spec: SpecType :=Type: Type 1FinFin: Nat → Types.s: TracedSystem specthreads.length defthreads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)done (done: TracedSystem spec → Bools :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) :spec: SpecBool :=Bool: Types.s: TracedSystem specthreads.length =threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)0 def0: ?m.435iterate (iterate: (s : TracedSystem spec) → ThreadIndex s → Thread.IterationResult specs :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) (spec: Specidx :idx: ThreadIndex ss.s: TracedSystem specThreadIndex) :ThreadIndex: {spec : Spec} → TracedSystem spec → TypeThread.IterationResultThread.IterationResult: Spec → Type 1spec := (spec: Specs.s: TracedSystem specthreads.threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)getget: {α : Type ?u.537} → (as : List α) → Fin (List.length as) → αidx).idx: ThreadIndex siterateiterate: {spec : Spec} → TracedThread spec → spec.State → Thread.IterationResult specs.s: TracedSystem specstate defstate: {spec : Spec} → TracedSystem spec → spec.Stateupdate_thread (update_thread: TracedSystem spec → Nat → spec.State → spec.Reservation → Thread spec → TracedSystem specs :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) (spec: Specidx :idx: NatNat) (Nat: Typestate :state: spec.Statespec.spec: SpecState) (State: Spec → Typer :r: spec.Reservationspec.spec: SpecReservation) (Reservation: Spec → Typecont :cont: Thread specThreadThread: Spec → Type 1spec) :spec: SpecTracedSystemTracedSystem: Spec → Type 1spec :={spec: Specstate threads :=state: spec.States.s: TracedSystem specthreads.setthreads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)idx ⟨idx: Natcont,cont: Thread specr⟩ } defr: spec.Reservationremove_thread (remove_thread: TracedSystem spec → Nat → spec.State → TracedSystem specs :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) (spec: Specidx :idx: NatNat) (Nat: Typestate :state: spec.Statespec.spec: SpecState) :State: Spec → TypeTracedSystemTracedSystem: Spec → Type 1spec :={spec: Specstate threads :=state: spec.States.s: TracedSystem specthreads.eraseIdxthreads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)idx } defidx: Natreservations (reservations: {spec : Spec} → TracedSystem spec → spec.Reservations :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) :spec: Specspec.spec: SpecReservation :=Reservation: Spec → Types.s: TracedSystem specthreads.threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)foldl (λfoldl: {α : Type ?u.739} → {β : Type ?u.738} → (α → β → α) → α → List β → αenv_renv_r: ?m.748thread =>thread: ?m.751env_r +env_r: ?m.748thread.thread: ?m.751reservation)reservation: {spec : Spec} → TracedThread spec → spec.Reservationspec.spec: Specis_reservation.is_reservation: (self : Spec) → IsReservation self.Reservationempty defempty: {T : Type} → [self : IsReservation T] → Tother_reservations (other_reservations: TracedSystem spec → Nat → spec.Reservations :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) (spec: Specidx :idx: NatNat) :Nat: Typespec.spec: SpecReservation := (Reservation: Spec → Types.s: TracedSystem specthreads.eraseIdxthreads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)idx).idx: Natfoldl (λfoldl: {α : Type ?u.938} → {β : Type ?u.937} → (α → β → α) → α → List β → αenv_renv_r: ?m.947thread =>thread: ?m.950env_r +env_r: ?m.947thread.thread: ?m.950reservation)reservation: {spec : Spec} → TracedThread spec → spec.Reservationspec.spec: Specis_reservation.is_reservation: (self : Spec) → IsReservation self.Reservationempty theoremempty: {T : Type} → [self : IsReservation T] → Tdecompose_reservations (decompose_reservations: ∀ (s : TracedSystem spec) (idx : ThreadIndex s), reservations s = other_reservations s idx.val + (List.get s.threads idx).reservations :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) (spec: Specidx :idx: ThreadIndex ss.s: TracedSystem specThreadIndex) :ThreadIndex: {spec : Spec} → TracedSystem spec → Types.s: TracedSystem specreservations =reservations: {spec : Spec} → TracedSystem spec → spec.Reservations.s: TracedSystem specother_reservationsother_reservations: {spec : Spec} → TracedSystem spec → Nat → spec.Reservationidx.val + (idx: ThreadIndex ss.s: TracedSystem specthreads.threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)getget: {α : Type ?u.1100} → (as : List α) → Fin (List.length as) → αidx).idx: ThreadIndex sreservation :=reservation: {spec : Spec} → TracedThread spec → spec.ReservationSystem.Traced.decompose_reservationSystem.Traced.decompose_reservation: ∀ {spec : Spec} (l : List (TracedThread spec)) (idx : Fin (List.length l)) (t : TracedThread spec), t = List.get l idx → System.Traced.sum_reservations l = System.Traced.sum_reservations (List.eraseIdx l idx.val) + t.reservations.s: TracedSystem specthreadsthreads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)idxidx: ThreadIndex s__: TracedThread ?m.1152rfl structurerfl: ∀ {α : Sort ?u.1181} {a : α}, a = avalid (valid: {spec : Spec} → TracedSystem spec → Props :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) :spec: SpecProp whereProp: Typecurrently_valid :currently_valid: ∀ {spec : Spec} {s : TracedSystem spec}, valid s → Spec.validate spec (reservations s) s.statespec.spec: Specvalidatevalidate: (self : Spec) → self.Reservation → self.State → Props.s: TracedSystem specreservationsreservations: {spec : Spec} → TracedSystem spec → spec.Reservations.s: TracedSystem specstatestate: {spec : Spec} → TracedSystem spec → spec.Statethreads_valid : ∀threads_valid: ∀ {spec : Spec} {s : TracedSystem spec}, valid s → ∀ (t : TracedThread spec), t ∈ s.threads → TracedThread.valid tt,t: ?m.1214t ∈t: ?m.1214s.s: TracedSystem specthreads →threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)t.t: ?m.1214valid defvalid: {spec : Spec} → TracedThread spec → Propto_system (to_system: TracedSystem spec → System specs :s: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec) :spec: SpecSystemSystem: Spec → Type 1spec :={ state :=spec: Specs.s: TracedSystem specstate threads :=state: {spec : Spec} → TracedSystem spec → spec.States.s: TracedSystem specthreads.map λ ⟨threads: {spec : Spec} → TracedSystem spec → List (TracedThread spec)t, _⟩ =>t: Thread spect panics :=t: Thread spec0 } def0: ?m.1279mk_initial (mk_initial: System spec → TracedSystem specs :s: System specSystemSystem: Spec → Type 1spec) :spec: SpecTracedSystemTracedSystem: Spec → Type 1spec :={ state :=spec: Specs.state threads :=s: System specs.threads.map λs: System spect => ⟨t: ?m.1493t,t: ?m.1493IsReservation.empty⟩ } theoremIsReservation.empty: {T : Type} → [self : IsReservation T] → Tmk_initial.valid (mk_initial.valid: ∀ {spec : Spec} (s : System spec), Spec.validate spec IsReservation.empty s.state → (∀ (t : Thread spec), t ∈ s.threads → Thread.valid t) → TracedSystem.valid (mk_initial s)s :s: System specSystemSystem: Spec → Type 1spec) (spec: Specinitial_valid :initial_valid: Spec.validate spec IsReservation.empty s.statespec.spec: Specvalidatevalidate: (self : Spec) → self.Reservation → self.State → PropIsReservation.emptyIsReservation.empty: {T : Type} → [self : IsReservation T] → Ts.state) (s: System specthreads_valid : ∀threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid tt,t: ?m.1583t ∈t: ?m.1583s.threads →s: System spect.valid) : (t: ?m.1583mk_initialmk_initial: {spec : Spec} → System spec → TracedSystem specs).s: System specvalid :=valid: {spec : Spec} → TracedSystem spec → Propspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations (mk_initial s)) (mk_initial s).statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations (mk_initial s)) (mk_initial s).statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations (mk_initial s)) (mk_initial s).statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations (mk_initial s)) (mk_initial s).statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_valid.nilSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) [] }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head✝: Thread spec
tail✝: List (Thread spec)
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head✝ :: tail✝) }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations (mk_initial s)) (mk_initial s).statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_valid.nilSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) [] }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_valid.nilSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) [] }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head✝: Thread spec
tail✝: List (Thread spec)
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head✝ :: tail✝) }) s.stateGoals accomplished! 🐙spec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
currently_validSpec.validate spec (reservations (mk_initial s)) (mk_initial s).statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head✝: Thread spec
tail✝: List (Thread spec)
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head✝ :: tail✝) }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head✝: Thread spec
tail✝: List (Thread spec)
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head✝ :: tail✝) }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head: Thread spec
tail: List (Thread spec)
IH: Spec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) tail }) s.state
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head :: tail) }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head✝: Thread spec
tail✝: List (Thread spec)
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head✝ :: tail✝) }) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head: Thread spec
tail: List (Thread spec)
IH: Spec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) tail }) s.state
currently_valid.consSpec.validate spec (List.foldl (fun env_r thread => env_r + thread.reservation) IsReservation.empty (List.map (fun t => { thread := t, reservation := IsReservation.empty }) tail)) s.statespec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
head✝: Thread spec
tail✝: List (Thread spec)
currently_valid.consSpec.validate spec (reservations { state := s.state, threads := List.map (fun t => { thread := t, reservation := IsReservation.empty }) (head✝ :: tail✝) }) s.stateGoals accomplished! 🐙spec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ (mk_initial s).threads
threads_validspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads
threads_validspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads
w✝: Thread spec
threads_valid.introspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads
t_orig: Thread spec
t_orig_hyp: t_orig ∈ s.threads ∧ t = { thread := t_orig, reservation := IsReservation.empty }
threads_valid.introspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid tspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads
t_orig: Thread spec
t_orig_hyp: t_orig ∈ s.threads ∧ t = { thread := t_orig, reservation := IsReservation.empty }
threads_valid.introspec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads
t_orig: Thread spec
t_orig_hyp: t_orig ∈ s.threads ∧ t = { thread := t_orig, reservation := IsReservation.empty }
threads_valid.introTracedThread.valid { thread := t_orig, reservation := IsReservation.empty }spec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
t: TracedThread spec
t_hyp: t ∈ List.map (fun t => { thread := t, reservation := IsReservation.empty }) s.threads
t_orig: Thread spec
t_orig_hyp: t_orig ∈ s.threads ∧ t = { thread := t_orig, reservation := IsReservation.empty }
threads_valid.introTracedThread.valid { thread := t_orig, reservation := IsReservation.empty }spec: Spec
s: System spec
initial_valid: Spec.validate spec IsReservation.empty s.state
threads_valid: ∀ (t : Thread spec), t ∈ s.threads → Thread.valid t
threads_valid∀ (t : TracedThread spec), t ∈ (mk_initial s).threads → TracedThread.valid ttheoremGoals accomplished! 🐙mk_initial.cancels_to_system {s :s: System specSystemSystem: Spec → Type 1spec} (spec: Specno_panics_yet :no_panics_yet: s.panics = 0s.panics =s: System spec0) : (0: ?m.2978mk_initialmk_initial: {spec : Spec} → System spec → TracedSystem specs).s: System specto_system =to_system: {spec : Spec} → TracedSystem spec → System specs :=s: System specGoals accomplished! 🐙
right.left.nil
right.left.cons
right.left.nil
right.left.consGoals accomplished! 🐙Goals accomplished! 🐙theoremGoals accomplished! 🐙valid_by_iteration (valid_by_iteration: ∀ (s s' : System spec) {idx : System.ThreadIndex s} {ts : TracedSystem spec}, s = to_system ts → valid ts → System.iterate s idx = s' → ∃ ts', to_system ts' = s' ∧ valid ts'ss: System specs' :s': System specSystemSystem: Spec → Type 1spec) {spec: Specidx :idx: System.ThreadIndex ss.ThreadIndex} {s: System spects :ts: TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec} (has_traced_system :spec: Specs =s: System spects.ts: TracedSystem specto_system) (to_system: {spec : Spec} → TracedSystem spec → System spects_valid :ts_valid: valid tsts.ts: TracedSystem specvalid) (valid: {spec : Spec} → TracedSystem spec → Propiteration :iteration: System.iterate s idx = s's.s: System speciterateiterate: {spec : Spec} → (s : System spec) → System.ThreadIndex s → System specidx =idx: System.ThreadIndex ss') : ∃s': System spects' :ts': TracedSystem specTracedSystemTracedSystem: Spec → Type 1spec,spec: Spects'.ts': TracedSystem specto_system =to_system: {spec : Spec} → TracedSystem spec → System specs' ∧s': System spects'.ts': TracedSystem specvalid :=valid: {spec : Spec} → TracedSystem spec → Propspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'
blocked_until: Thread.block_until (List.get s.threads idx) s.state = false
falsespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'
blocked_until: Thread.block_until (List.get s.threads idx) s.state = false
falsespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: (if Thread.block_until (List.get s.threads idx) s.state = true then match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics } else s) = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = false
iteration: s = s'
falsespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = false
iteration: s = s'
falsespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
trueGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'ts.state = s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'ts.state = s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'ts.state = s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'ts.state = s.stateGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.stateList.length s.threads = List.length ts.threadsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.stateList.length s.threads = List.length ts.threadsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.stateList.length (to_system ts).threads = List.length ts.threadsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.stateList.length (to_system ts).threads = List.length ts.threadsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.stateList.length s.threads = List.length ts.threadsGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex tsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
this: s.threads = (to_system ts).threadsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex tsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
this: s.threads = (to_system ts).threadsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
this: s.threads = (to_system ts).threads(List.get ts.threads idx').thread = List.get (to_system ts).threads (Utils.Fin.cast idx (_ : List.length s.threads = List.length (to_system ts).threads))spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
this: s.threads = (to_system ts).threads(List.get ts.threads idx').thread = List.get (to_system ts).threads (Utils.Fin.cast idx (_ : List.length s.threads = List.length (to_system ts).threads))spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex tsspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
this: s.threads = (to_system ts).threads(List.get ts.threads (Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads))).thread = (List.get ts.threads (Utils.Fin.cast (Utils.Fin.cast idx (_ : List.length s.threads = List.length (to_system ts).threads)) (_ : List.length (List.map (fun x => x.thread) ts.threads) = List.length ts.threads))).threadspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex tsGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationTracedThread.block_until (List.get ts.threads idx') s.state = truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationThread.block_until (List.get s.threads idx) s.state = truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationTracedThread.block_until (List.get ts.threads idx') s.state = trueGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (env_r + (List.get ts.threads idx').reservation) s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (env_r + (List.get ts.threads idx').reservation) s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (reservations ts) s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (env_r + (List.get ts.threads idx').reservation) s.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (reservations ts) ts.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (reservations ts) ts.statespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservationSpec.validate spec (env_r + (List.get ts.threads idx').reservation) s.stateGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
t_valid: ∃ r', let _discr := TracedThread.iterate (List.get ts.threads idx') s.state; match TracedThread.iterate (List.get ts.threads idx') s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
truespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
w✝: spec.Reservation
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := TracedThread.iterate (List.get ts.threads idx') s.state; match TracedThread.iterate (List.get ts.threads idx') s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := TracedThread.iterate (List.get ts.threads idx') s.state; match TracedThread.iterate (List.get ts.threads idx') s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get ts.threads idx').thread s.state; match Thread.iterate (List.get ts.threads idx').thread s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := TracedThread.iterate (List.get ts.threads idx') s.state; match TracedThread.iterate (List.get ts.threads idx') s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Panic a✝
true.intro.Panicspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Panic a✝
true.intro.Panicspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
true.introspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Panic a✝
true.intro.Panicspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
iteration: (match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } | Thread.IterationResult.Panic state => { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics + 1 } | Thread.IterationResult.Running state thread => { state := state, threads := List.set s.threads idx.val thread, panics := s.panics }) = s'
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
t_valid: let _discr := Thread.iterate (List.get s.threads idx) s.state; match Thread.iterate (List.get s.threads idx) s.state with | Thread.IterationResult.Done s' => Spec.validate spec (env_r + r') s' ∧ r' = IsReservation.empty | Thread.IterationResult.Panic a => False | Thread.IterationResult.Running s' cont => Spec.validate spec (env_r + r') s' ∧ TracedThread.valid { thread := cont, reservation := r' }
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Panic a✝
true.intro.Panicspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
iteration: { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
iteration: { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system (remove_thread ts idx.val state) = s' ∧ valid (remove_thread ts idx.val state)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
iteration: { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system (remove_thread ts idx.val state) = s' ∧ valid (remove_thread ts idx.val state)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
iteration: { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system (remove_thread ts idx.val state) = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } ∧ valid (remove_thread ts idx.val state)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
iteration: { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system (remove_thread ts idx.val state) = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } ∧ valid (remove_thread ts idx.val state)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
iteration: { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system (remove_thread ts idx.val state) = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } ∧ valid (remove_thread ts idx.val state)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system (remove_thread ts idx.val state) = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } ∧ valid (remove_thread ts idx.val state)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Doneto_system { state := state, threads := List.eraseIdx ts.threads idx.val } = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics } ∧ valid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.leftto_system { state := state, threads := List.eraseIdx ts.threads idx.val } = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.leftto_system { state := state, threads := List.eraseIdx ts.threads idx.val } = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.leftto_system { state := state, threads := List.eraseIdx ts.threads idx.val } = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.leftList.map (fun x => x.thread) (List.eraseIdx ts.threads idx.val) = List.eraseIdx (List.map (fun x => x.thread) ts.threads) idx.valspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.leftto_system { state := state, threads := List.eraseIdx ts.threads idx.val } = { state := state, threads := List.eraseIdx s.threads idx.val, panics := s.panics }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }Goals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done a✝
iteration: { state := a✝, threads := List.eraseIdx s.threads idx.val, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝ ∧ r' = IsReservation.empty
true.intro.Donespec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + IsReservation.empty) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (IsReservation.empty + other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.currently_validSpec.validate spec (reservations { state := state, threads := List.eraseIdx ts.threads idx.val }) { state := state, threads := List.eraseIdx ts.threads idx.val }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.eraseIdx ts.threads idx.val }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.currently_validSpec.validate spec (reservations { state := state, threads := List.eraseIdx ts.threads idx.val }) { state := state, threads := List.eraseIdx ts.threads idx.val }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.currently_validSpec.validate spec (reservations { state := state, threads := List.eraseIdx ts.threads idx.val }) { state := state, threads := List.eraseIdx ts.threads idx.val }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.eraseIdx ts.threads idx.val }.threads → TracedThread.valid tGoals accomplished! 🐙spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ r' = IsReservation.empty
true.intro.Done.rightvalid { state := state, threads := List.eraseIdx ts.threads idx.val }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.eraseIdx ts.threads idx.val }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.eraseIdx ts.threads idx.val }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
t: TracedThread spec
t_hyp: t ∈ List.eraseIdx ts.threads idx.val
true.intro.Done.right.threads_validspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Done state
t_valid: Spec.validate spec (other_reservations ts idx.val) state ∧ IsReservation.empty = IsReservation.empty
true.intro.Done.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.eraseIdx ts.threads idx.val }.threads → TracedThread.valid tGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
iteration: System.iterate s idx = s'spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
iteration: { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
iteration: { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningto_system (update_thread ts idx.val state r' cont) = s' ∧ valid (update_thread ts idx.val state r' cont)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
iteration: { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningto_system (update_thread ts idx.val state r' cont) = s' ∧ valid (update_thread ts idx.val state r' cont)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
iteration: { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningto_system (update_thread ts idx.val state r' cont) = { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } ∧ valid (update_thread ts idx.val state r' cont)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
iteration: { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningto_system (update_thread ts idx.val state r' cont) = { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } ∧ valid (update_thread ts idx.val state r' cont)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
iteration: { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningto_system (update_thread ts idx.val state r' cont) = { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } ∧ valid (update_thread ts idx.val state r' cont)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningto_system (update_thread ts idx.val state r' cont) = { state := state, threads := List.set s.threads idx.val cont, panics := s.panics } ∧ valid (update_thread ts idx.val state r' cont)spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Runningspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.leftspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightspec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.leftspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.leftspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.leftspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.leftspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightGoals accomplished! 🐙spec: Spec
s, s': System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
a✝¹: spec.State
a✝: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running a✝¹ a✝
iteration: { state := a✝¹, threads := List.set s.threads idx.val a✝, panics := s.panics } = s'
t_valid: Spec.validate spec (other_reservations ts idx.val + r') a✝¹ ∧ TracedThread.valid { thread := a✝, reservation := r' }
true.intro.Runningspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
true.intro.Running.right.currently_validSpec.validate spec (reservations ts') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
true.intro.Running.right.currently_validSpec.validate spec (reservations ts') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem specidx.val < List.length ts'.threadsGoals accomplished! 🐙spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
true.intro.Running.right.currently_validSpec.validate spec (reservations ts') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservation
true.intro.Running.right.currently_validSpec.validate spec (reservations ts') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationenv_rspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservation
true.intro.Running.right.currently_validSpec.validate spec (reservations ts') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationother_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationreservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationother_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationother_reservations ts' idx''.valspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationother_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationList.foldl (fun env_r thread => env_r + thread.reservation) IsReservation.empty (List.eraseIdx ts.threads idx.val)spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationreservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationList.foldl (fun env_r thread => env_r + thread.reservation) IsReservation.empty (List.eraseIdx ts.threads idx.val) + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservation(List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationList.foldl (fun env_r thread => env_r + thread.reservation) IsReservation.empty (List.eraseIdx ts.threads idx.val) + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationr'spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationreservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationList.foldl (fun env_r thread => env_r + thread.reservation) IsReservation.empty (List.eraseIdx ts.threads idx.val)spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationreservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = other_reservations ts' idx''.val + (List.get ts'.threads idx'').reservationenv_rspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = env_r + r'
true.intro.Running.right.currently_validSpec.validate spec (reservations ts') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = env_r + r'
true.intro.Running.right.currently_validSpec.validate spec (env_r + r') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
ts':= update_thread ts idx.val state r' cont: TracedSystem spec
idx'':= { val := idx.val, isLt := (_ : idx.val < List.length ts'.threads) }: ThreadIndex ts'
decompose': reservations ts' = env_r + r'
true.intro.Running.right.currently_validSpec.validate spec (env_r + r') ts'.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.currently_validSpec.validate spec (reservations { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }) { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.statespec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tGoals accomplished! 🐙spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.rightspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_validspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inrspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_validspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inrspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ List.set ts.threads idx.val { thread := cont, reservation := r' }
true.intro.Running.right.threads_validspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ ts.threads
true.intro.Running.right.threads_valid.inrspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t = { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t = { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ ts.threads
true.intro.Running.right.threads_valid.inrspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t = { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t = { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlTracedThread.valid { thread := cont, reservation := r' }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t = { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlTracedThread.valid { thread := cont, reservation := r' }spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t = { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid.inlspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ ts.threads
true.intro.Running.right.threads_valid.inrGoals accomplished! 🐙spec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
true.intro.Running.right.threads_valid∀ (t : TracedThread spec), t ∈ { state := state, threads := List.set ts.threads idx.val { thread := cont, reservation := r' } }.threads → TracedThread.valid tspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ ts.threads
true.intro.Running.right.threads_valid.inrspec: Spec
s: System spec
idx: System.ThreadIndex s
ts: TracedSystem spec
has_traced_system: s = to_system ts
ts_valid: valid ts
blocked_until: Thread.block_until (List.get s.threads idx) s.state = true
ts_state_eq: ts.state = s.state
idx':= Utils.Fin.cast idx (_ : List.length s.threads = List.length ts.threads): ThreadIndex ts
get_idx': (List.get ts.threads idx').thread = List.get s.threads idx
env_r:= other_reservations ts idx.val: spec.Reservation
decompose: reservations ts = env_r + (List.get ts.threads idx').reservation
r': spec.Reservation
state: spec.State
cont: Thread spec
h: Thread.iterate (List.get s.threads idx) s.state = Thread.IterationResult.Running state cont
t_valid: Spec.validate spec (other_reservations ts idx.val + r') state ∧ TracedThread.valid { thread := cont, reservation := r' }
t: TracedThread spec
t_hyp: t ∈ ts.threads
true.intro.Running.right.threads_valid.inrend TracedSystem end Mt.TracedGoals accomplished! 🐙