%% PVS Version 3.1 %% 6.2 [Linux (x86)] (Feb 14, 2003 18:46) $$$top.pvs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % Lee Pike % leepike @ galois.com % Formal Methods Group, NASA Langley Research Center % % PVS Version 3.1 % % Proofs for TPHOLs 2004 paper % % ("Sec." refers the to section from the paper, "Abstractions for % Fault-Tolerant Distributed System Verification" formalized. The % paper is available at % .) % % abstract_msg : The message datatype (Sec. 4.2) % (imported by send.pvs) % % send : A formalization of the send function % (Sec. 5.3) % % fault_masking_vote : fundamental results of bags including % the equivalence of mid_val selection and % majority selection (Sec. 6.2) % % single_stage_bag_maj : proves validity and agreement results % of majority voting over bags after a % round of exact communication (Sec. 7.3) % % single_stage_bag_mid_val : proves validity and agreement results % of middle value selection over bags after a % round of inexact communiction (Sec. 7.4) %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% top: THEORY BEGIN IMPORTING send, structures@fault_masking_vote, single_stage_bag_maj, single_stage_bag_mid_val END top $$$min_max_ineq.pvs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % NASA Langley Formal Methods % http://shemesh.larc.nasa.gov/fm/spider/fm-now-spider.html % % PVS 3.1 % % Design : SPIDER Version 2 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% min_max_ineq : THEORY BEGIN a, b, c, d: VAR real min_le : LEMMA min(a,b) <= c IFF (a <= c OR b <= c) min_lt : LEMMA min(a,b) < c IFF (a < c OR b < c) min_ge : LEMMA min(a,b) >= c IFF (a >= c AND b >= c) min_gt : LEMMA min(a,b) > c IFF (a > c AND b > c) le_min : LEMMA a <= min(b,c) IFF (a <= b AND a <= c) lt_min : LEMMA a < min(b,c) IFF (a < b AND a < c) ge_min : LEMMA a >= min(b,c) IFF (a >= b OR a >= c) gt_min : LEMMA a > min(b,c) IFF (a > b OR a > c) max_le : LEMMA max(a,b) <= c IFF (a <= c AND b <= c) max_lt : LEMMA max(a,b) < c IFF (a < c AND b < c) max_ge : LEMMA max(a,b) >= c IFF (a >= c OR b >= c) max_gt : LEMMA max(a,b) > c IFF (a > c OR b > c) le_max : LEMMA a <= max(b,c) IFF (a <= b OR a <= c) lt_max : LEMMA a < max(b,c) IFF (a < b OR a < c) ge_max : LEMMA a >= max(b,c) IFF (a >= b AND a >= c) gt_max : LEMMA a > max(b,c) IFF (a > b AND a > c) max_triangle: LEMMA max(a+c,b+d) <= max(a,b) + max(c,d) min_commutative: LEMMA min(a,b) = min(b,a) max_commutative: LEMMA max(a,b) = max(b,a) END min_max_ineq $$$min_max_ineq.prf (min_max_ineq (min_le 0 (min_le-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (min_lt 0 (min_lt-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (min_ge 0 (min_ge-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (min_gt 0 (min_gt-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (le_min 0 (le_min-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (lt_min 0 (lt_min-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (ge_min 0 (ge_min-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (gt_min 0 (gt_min-1 nil 3276016566 nil ("" (grind) nil nil) unchecked nil nil nil nil nil)) (max_le 0 (max_le-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "a!1 < b!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (max_lt 0 (max_lt-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "a!1 < b!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (max_ge 0 (max_ge-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "a!1 < b!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (max_gt 0 (max_gt-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "a!1 < b!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (le_max 0 (le_max-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "b!1 < c!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (lt_max 0 (lt_max-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "b!1 < c!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (ge_max 0 (ge_max-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "b!1 < c!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (gt_max 0 (gt_max-1 nil 3276016566 nil ("" (skosimp*) (("" (expand "max") (("" (case "b!1 < c!1") (("1" (assert) (("1" (prop) (("1" (assert) nil nil)) nil)) nil) ("2" (assert) (("2" (prop) (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked nil nil nil nil nil)) (max_triangle 0 (max_triangle-1 nil 3276016567 3276017067 ("" (skosimp*) (("" (expand "max") (("" (lift-if) (("" (lift-if) (("" (lift-if) (("" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) unchecked ((max const-decl "{p: real | p >= m AND p >= n}" real_defs nil)) 63219 1060 t shostak)) (min_commutative 0 (min_commutative-1 nil 3276018406 3276018450 ("" (skosimp*) (("" (expand "min") (("" (lift-if) (("" (assert) (("" (lift-if) (("" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) proved ((min const-decl "{p: real | p <= m AND p <= n}" real_defs nil)) 18043 900 t shostak)) (max_commutative 0 (max_commutative-1 nil 3276018453 3276018464 ("" (skosimp*) (("" (expand "max") (("" (lift-if) (("" (assert) (("" (lift-if) (("" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) proved ((max const-decl "{p: real | p >= m AND p >= n}" real_defs nil)) 10869 900 t shostak))) $$$abs_props.pvs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % NASA Langley Formal Methods % http://shemesh.larc.nasa.gov/fm/spider/fm-now-spider.html % % PVS 3.1 % % Design : SPIDER Version 2 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% abs_props: THEORY BEGIN IMPORTING min_max_ineq x, y: VAR real nny: VAR nnreal abs_max: LEMMA abs(x) = max(-x,x) abs_add: LEMMA x*y >= 0 IMPLIES abs(x+y) = abs(x) + abs(y) abs_le_nonneg: LEMMA abs(x) <= nny IFF -nny <= x AND x <= nny abs_diff_commutes: LEMMA abs(x-y) = abs(y-x) % from hacks END abs_props $$$abs_props.prf (abs_props (abs_max 0 (abs_max-1 nil 3276280183 3276280186 ("" (grind) nil nil) proved ((boolean nonempty-type-decl nil booleans nil) (bool nonempty-type-eq-decl nil booleans nil) (NOT const-decl "[bool -> bool]" booleans nil) (number nonempty-type-decl nil numbers nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (abs const-decl "{n: nonneg_real | n >= m}" real_defs nil) (max const-decl "{p: real | p >= m AND p >= n}" real_defs nil)) 3703 650 t shostak)) (abs_add 0 (abs_add-1 nil 3276280191 3276280752 ("" (skosimp*) (("" (expand "abs") (("" (rewrite "pos_times_ge" -1) (("" (prop) (("1" (assert) (("1" (case "x!1 = 0 OR y!1 = 0") (("1" (split -) (("1" (replace*) (("1" (assert) nil nil)) nil) ("2" (replace*) (("2" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (assert) nil nil)) nil)) nil)) nil) ("2" (assert) nil nil)) nil)) nil)) nil)) nil) proved ((abs const-decl "{n: nonneg_real | n >= m}" real_defs nil) (= const-decl "[T, T -> boolean]" equalities nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (bool nonempty-type-eq-decl nil booleans nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (pos_times_ge formula-decl nil real_props nil)) 45992 6930 t shostak)) (abs_le_nonneg 0 (abs_le_nonneg-1 nil 3276280210 3276280213 ("" (grind) nil nil) proved ((boolean nonempty-type-decl nil booleans nil) (bool nonempty-type-eq-decl nil booleans nil) (NOT const-decl "[bool -> bool]" booleans nil) (number nonempty-type-decl nil numbers nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (>= const-decl "bool" reals nil) (nnreal type-eq-decl nil real_types nil) (abs const-decl "{n: nonneg_real | n >= m}" real_defs nil)) 2243 660 t shostak)) (abs_diff_commutes 0 (abs_diff_commutes-1 nil 3276018898 3276279807 ("" (skosimp*) (("" (expand "abs") (("" (lift-if) (("" (assert) (("" (lift-if) (("" (assert) nil nil)) nil)) nil)) nil)) nil)) nil) proved ((abs const-decl "{n: nonneg_real | n >= m}" real_defs nil)) 156 150 t shostak))) $$$aux.pvs % Lee Pike % Formal Methods Group % NASA Langley % leepike @ galois.com % Auxillary results aux[T, R: TYPE, zero:R, +:[R,R -> R] ]: THEORY BEGIN ASSUMING r,r1,r2,r3 : VAR R zero_identity: ASSUMPTION identity?(+)(zero) plus_ac: ASSUMPTION associative?(+) AND commutative?(+) ENDASSUMING IMPORTING finite_sets@finite_sets_sum[T, R, zero, +] f,g: VAR [T -> R] S, A, B: VAR finite_set x,t: VAR T sum_particular2: THEOREM sum(S,f) = sum(S, LAMBDA t: IF t = x THEN zero ELSE f(t) ENDIF) + IF S(x) THEN f(x) ELSE zero ENDIF END aux $$$aux.prf (aux (IMP_finite_sets_sum_TCC1 0 (IMP_finite_sets_sum_TCC1-1 nil 3292682981 3292683005 ("" (use "zero_identity") nil nil) proved ((zero_identity formula-decl nil aux nil)) 9952 280 t shostak)) (IMP_finite_sets_sum_TCC2 0 (IMP_finite_sets_sum_TCC2-1 nil 3292682981 3292683019 ("" (use "plus_ac") nil nil) proved ((plus_ac formula-decl nil aux nil)) 8586 260 t shostak)) (sum_particular2 0 (sum_particular2-1 nil 3292683078 3292683094 ("" (auto-rewrite "plus_zero_right" "plus_zero_left") (("" (skolem!) (("" (smash) (("1" (use "sum_x") (("1" (use "sum_x" ("f" "LAMBDA t: IF t = x!1 THEN zero ELSE f!1(t) ENDIF")) (("1" (assert) (("1" (rewrite "plus_comm" -2) (("1" (use "sum_f_g" ("S" "remove(x!1, S!1)" "f" "f!1")) (("1" (assert) (("1" (delete -1 -2 -3 2) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (rewrite "sum_f_g") nil nil)) nil)) nil)) nil) proved ((sum_x formula-decl nil finite_sets_sum "finite_sets/") (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (bool nonempty-type-eq-decl nil booleans nil) (boolean nonempty-type-decl nil booleans nil) (plus_zero_left formula-decl nil finite_sets_sum "finite_sets/") (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (NOT const-decl "[bool -> bool]" booleans nil) (/= const-decl "boolean" notequal nil) (member const-decl "bool" sets nil) (plus_comm formula-decl nil finite_sets_sum "finite_sets/") (sum def-decl "R" finite_sets_sum "finite_sets/") (remove const-decl "set" sets nil) (IF const-decl "[boolean, T, T -> T]" if_def nil) (= const-decl "[T, T -> boolean]" equalities nil) (plus_zero_right formula-decl nil finite_sets_sum "finite_sets/") (T formal-type-decl nil aux nil) (R formal-type-decl nil aux nil) (zero formal-const-decl "R" aux nil) (+ formal-const-decl "[R, R -> R]" aux nil)) 10163 3380 t nil))) $$$mid_val_equiv.pvs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % Lee Pike % leepike @ galois.com % Formal Methods Group, NASA Langley Research Center % % PVS Version 3.1 % % PURPOSE: Prove the equivalence between middle value selection % over bags and over vectors (functions). %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% mid_val_equiv[S: posnat, T: NONEMPTY_TYPE, leq: (total_order?[T])]: THEORY BEGIN IMPORTING make_bag[S, T], middle_value_index[S, T, leq], structures@middle_value_select[T, leq], aux[T, real, 0, +] good_senders : VAR finite_set[below(S)] eligible_set : VAR non_empty_finite_set[below(S)] actual : VAR [below(S) -> T] s,a : VAR below(S) Set : VAR finite_set[below(S)] t : VAR T P : VAR pred[below(S)] mid_val_l: LEMMA middle_value(eligible_set)(actual)(s) AND t = actual(s) IMPLIES 2 * card(l_filter(make_bag(eligible_set, actual), t)) > card(make_bag(eligible_set, actual)) mid_val_u: LEMMA middle_value(eligible_set)(actual)(s) AND t = actual(s) IMPLIES 2 * card(u_filter(make_bag(eligible_set, actual), t)) >= card(make_bag(eligible_set, actual)) exists_mid_val: LEMMA (EXISTS (s: ({s | middle_value(eligible_set)(actual)(s)})): t = actual(s) ) IMPLIES mid_val?(make_bag(eligible_set, actual))(t) nonempty_choose: COROLLARY 2 * card(l_filter(make_bag(eligible_set, actual), t)) > card(make_bag(eligible_set, actual)) AND 2 * card(u_filter(make_bag(eligible_set, actual), t)) >= card(make_bag(eligible_set, actual)) IMPLIES nonempty?({s: (eligible_set) | actual(s) = t}) filter_l: LEMMA 2 * card(l_filter(make_bag(eligible_set, actual), t)) > card(make_bag(eligible_set, actual)) AND 2 * card(u_filter(make_bag(eligible_set, actual), t)) >= card(make_bag(eligible_set, actual)) IMPLIES 2 * card(filter(leq)(eligible_set)(actual) (choose({s: (eligible_set) | actual(s) = t}))) > card(eligible_set) filter_u: LEMMA 2 * card(l_filter(make_bag(eligible_set, actual), t)) > card(make_bag(eligible_set, actual)) AND 2 * card(u_filter(make_bag(eligible_set, actual), t)) >= card(make_bag(eligible_set, actual)) IMPLIES 2 * card(filter(geq)(eligible_set)(actual) (choose({s: (eligible_set) | actual(s) = t}))) >= card(eligible_set) choose_eligible: LEMMA 2 * card(l_filter(make_bag(eligible_set, actual), t)) > card(make_bag(eligible_set, actual)) AND 2 * card(u_filter(make_bag(eligible_set, actual), t)) >= card(make_bag(eligible_set, actual)) IMPLIES eligible_set(choose({s: (eligible_set) | actual(s) = t})) mid_val_exists: LEMMA mid_val?(make_bag(eligible_set, actual))(t) IMPLIES (EXISTS (s: ({s | middle_value(eligible_set)(actual)(s)})): t = actual(s)) restrict_actual: LEMMA image(actual, {s | middle_value(eligible_set)(actual)(s)}) = mid_val?(make_bag(eligible_set, actual)) mid_val_is_middle_value: LEMMA middle_value(eligible_set, actual) = mid_val(make_bag(eligible_set, actual)) END mid_val_equiv $$$mid_val_equiv.prf (mid_val_equiv (IMP_aux_TCC1 0 (IMP_aux_TCC1-1 nil 3292683126 3292683252 ("" (grind) nil nil) proved ((restrict const-decl "R" restrict nil) (identity? const-decl "bool" operator_defs nil)) 3080 290 t shostak)) (IMP_aux_TCC2 0 (IMP_aux_TCC2-1 nil 3292683126 3292683261 ("" (grind) nil nil) proved ((associative? const-decl "bool" operator_defs nil) (commutative? const-decl "bool" operator_defs nil) (restrict const-decl "R" restrict nil)) 1701 330 t shostak)) (mid_val_l 0 (mid_val_l-4 nil 3287344908 3292683142 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): l_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil nil)) nil)) nil)) nil) ("2" (skosimp*) (("2" (use "finite_empty") nil nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2 -1) (("2" (grind) nil nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = l_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(l_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (flatten) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 -3 2) (("2" (grind) nil nil)) nil)) nil)) nil) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((card_make_bag formula-decl nil make_bag nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (below type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (= const-decl "[T, T -> boolean]" equalities nil) (bag type-eq-decl nil bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (card const-decl "nat" finite_bags "structures/") (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (l_filter const-decl "bag" bag_filters "structures/") (make_bag const-decl "finite_bag[T]" make_bag nil) (Card const-decl "nat" finite_sets nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (filter const-decl "bool" index_filters nil) (bag_to_set const-decl "set[T]" bags_to_sets "structures/") (sum def-decl "R" finite_sets_sum "finite_sets/") (+ const-decl "[numfield, numfield -> numfield]" number_fields nil) (restrict const-decl "R" restrict nil) (numfield nonempty-type-eq-decl nil number_fields nil) (card_add formula-decl nil finite_sets nil) (sum_x formula-decl nil finite_sets_sum "finite_sets/") (sum_particular2 formula-decl nil aux nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (finite_intersect formula-decl nil make_bag nil) (finite_add formula-decl nil make_bag nil) (nonempty_card formula-decl nil finite_sets nil) (below type-eq-decl nil nat_types nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (remove const-decl "set" sets nil) (S!1 skolem-const-decl "finite_set[below(S)]" mid_val_equiv nil) (e!1 skolem-const-decl "below(S)" mid_val_equiv nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (/= const-decl "boolean" notequal nil) (card_one formula-decl nil finite_sets nil) (singleton const-decl "(singleton?)" sets nil) (nonempty? const-decl "bool" sets nil) (add const-decl "(nonempty?)" sets nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (reflexive? const-decl "bool" relations nil) (transitive? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (antisymmetric? const-decl "bool" relations nil) (partial_order? const-decl "bool" orders nil) (dichotomous? const-decl "bool" orders nil) (card_empty? formula-decl nil finite_sets nil) (IF const-decl "[boolean, T, T -> T]" if_def nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (sum_emptyset formula-decl nil finite_sets_sum "finite_sets/") (finite_empty formula-decl nil make_bag nil) (card_emptyset formula-decl nil finite_sets nil) (member const-decl "bool" sets nil) (injective? const-decl "bool" functions nil) (s!1 skolem-const-decl "below(S)" mid_val_equiv nil) (f skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (emptyset const-decl "set" sets nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (finite_set_ind_modified formula-decl nil finite_sets_inductions "finite_sets/") (middle_value const-decl "bool" middle_value_index nil)) 15715 11960 t nil) (mid_val_l-3 nil 3287343585 3287344891 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): l_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = l_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(l_filter(make_bag(S!1, f), f(s!1))))") (("1" (postpone) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (postpone) nil))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (postpone) nil))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (postpone) nil))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 20259 4280 t nil) (mid_val_l-2 nil 3287342858 3287343563 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): l_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = l_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(l_filter(make_bag(S!1, f), f(s!1))))") (("1" (postpone) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (postpone) nil))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (postpone) nil))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (postpone) nil))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 9459 290 t nil) (mid_val_l-1 nil 3287341697 3287342318 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): l_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil nil)) nil)) nil)) nil) ("2" (skosimp*) (("2" (use "finite_empty") nil nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2 -1) (("2" (grind) nil nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = l_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): l_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(l_filter(make_bag(S!1, f), f(s!1))))") (("1" (postpone) nil nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (flatten) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (postpone) nil nil)) nil)) nil) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(l_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (postpone) nil nil)) nil) ("2" (hide -1 -2 -3 2) (("2" (grind) nil nil)) nil)) nil)) nil) ("2" (flatten) (("2" (assert) (("2" (postpone) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unchecked nil 620668 102730 t shostak)) (mid_val_u 0 (mid_val_u-8 nil 3287751459 3292683160 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -2) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(geq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(geq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND geq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(f(s!1), t) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil nil)) nil)) nil)) nil) ("2" (skosimp*) (("2" (use "finite_empty") nil nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2 -1) (("2" (grind) nil nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (hide 4) (("3" (case "geq(f(e!1), f(s!1))") (("1" (case-replace "card(filter(geq)(add(e!1, S!1))(f)(s!1)) = card(filter(geq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (expand "geq") (("1" (assert) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (expand "geq") (("2" (flatten) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (expand "geq") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (expand "geq") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(s!1), f(j))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(s!1), f(j)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(s!1), f(j))" "e!1") (("1" (replace -) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (case-replace "filter(geq)(add(e!1, S!1))(f)(s!1) = filter(geq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 -3 2) (("2" (grind) nil nil)) nil)) nil)) nil) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((card_make_bag formula-decl nil make_bag nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (below type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (= const-decl "[T, T -> boolean]" equalities nil) (bag type-eq-decl nil bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (card const-decl "nat" finite_bags "structures/") (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (u_filter const-decl "bag" bag_filters "structures/") (make_bag const-decl "finite_bag[T]" make_bag nil) (Card const-decl "nat" finite_sets nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (filter const-decl "bool" index_filters nil) (geq const-decl "bool" index_select nil) (bag_to_set const-decl "set[T]" bags_to_sets "structures/") (sum def-decl "R" finite_sets_sum "finite_sets/") (+ const-decl "[numfield, numfield -> numfield]" number_fields nil) (restrict const-decl "R" restrict nil) (numfield nonempty-type-eq-decl nil number_fields nil) (card_add formula-decl nil finite_sets nil) (sum_x formula-decl nil finite_sets_sum "finite_sets/") (sum_particular2 formula-decl nil aux nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (finite_intersect formula-decl nil make_bag nil) (finite_add formula-decl nil make_bag nil) (nonempty_card formula-decl nil finite_sets nil) (below type-eq-decl nil nat_types nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (remove const-decl "set" sets nil) (S!1 skolem-const-decl "finite_set[below(S)]" mid_val_equiv nil) (e!1 skolem-const-decl "below(S)" mid_val_equiv nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (/= const-decl "boolean" notequal nil) (card_one formula-decl nil finite_sets nil) (singleton const-decl "(singleton?)" sets nil) (nonempty? const-decl "bool" sets nil) (add const-decl "(nonempty?)" sets nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (reflexive? const-decl "bool" relations nil) (transitive? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (antisymmetric? const-decl "bool" relations nil) (partial_order? const-decl "bool" orders nil) (dichotomous? const-decl "bool" orders nil) (card_empty? formula-decl nil finite_sets nil) (IF const-decl "[boolean, T, T -> T]" if_def nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (sum_emptyset formula-decl nil finite_sets_sum "finite_sets/") (finite_empty formula-decl nil make_bag nil) (card_emptyset formula-decl nil finite_sets nil) (member const-decl "bool" sets nil) (injective? const-decl "bool" functions nil) (s!1 skolem-const-decl "below(S)" mid_val_equiv nil) (f skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (emptyset const-decl "set" sets nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (finite_set_ind_modified formula-decl nil finite_sets_inductions "finite_sets/") (middle_value const-decl "bool" middle_value_index nil)) 18272 12790 t nil) (mid_val_u-7 nil 3287749755 3287751448 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(f(s!1), t) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1), f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 632312 30410 t nil) (mid_val_u-6 nil 3287529218 3287749682 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(s!1),f(e!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 1418601 89620 t nil) (mid_val_u-5 nil 3287526869 3287529085 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(f(s!1), t) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 2070314 159840 t nil) (mid_val_u-4 nil 3287526690 3287526818 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(f(s!1), t) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(s!1),f(e!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 123432 17740 t nil) (mid_val_u-3 nil 3287526151 3287526652 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(s!1), f(j)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(f(s!1), t) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(s!1),f(e!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(s!1), f(j))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(s!1), f(j)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(s!1), f(j))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 264201 16810 t nil) (mid_val_u-2 nil 3287525464 3287525732 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 117474 9810 t nil) (mid_val_u-1 nil 3287342429 3287511800 ("" (skolem + ("f" "e" _ "t")) (("" (skosimp*) (("" (expand "middle_value") (("" (flatten) (("" (hide -3) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(s!1))") (("" (hide -2 2) (("" (expand "card") (("" (typepred! "e") (("" (replace -3 :hide? t) (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(leq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND leq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(t, f(s!1)) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "leq(f(e!1),f(s!1))") (("1" (case-replace "card(filter(leq)(add(e!1, S!1))(f)(s!1)) = card(filter(leq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (postpone) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (postpone) nil))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(j), f(s!1))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(j), f(s!1))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!1, S!1))(f)(s!1) = filter(leq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (postpone) nil))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (postpone) nil))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))))))))) nil) untried nil 22888 16430 nil nil)) (exists_mid_val 0 (exists_mid_val-1 nil 3287311926 3292683161 ("" (skolem + ("f" "e" "t")) (("" (flatten) (("" (skosimp*) (("" (expand "mid_val?") (("" (typepred! "s!1") (("" (hide -1) (("" (split) (("1" (use "mid_val_l") (("1" (assert) nil nil)) nil) ("2" (use "mid_val_u") (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((mid_val? const-decl "bool" middle_value_select "structures/") (mid_val_u formula-decl nil mid_val_equiv nil) (mid_val_l formula-decl nil mid_val_equiv nil) (boolean nonempty-type-decl nil booleans nil) (bool nonempty-type-eq-decl nil booleans nil) (NOT const-decl "[bool -> bool]" booleans nil) (number nonempty-type-decl nil numbers nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (< const-decl "bool" reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (middle_value const-decl "bool" middle_value_index nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil)) 448 390 t shostak)) (nonempty_choose 0 (nonempty_choose-1 nil 3287413145 3292683163 ("" (skosimp*) (("" (case "NOT empty?(intersection(l_filter(make_bag(eligible_set!1, actual!1), t!1), u_filter(make_bag(eligible_set!1, actual!1), t!1)))") (("1" (hide -1 -2) (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "intersection") (("1" (expand "l_filter") (("1" (expand "u_filter") (("1" (expand "make_bag") (("1" (lift-if) (("1" (lift-if) (("1" (prop) (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "antisymmetric?") (("1" (flatten) (("1" (inst?) (("1" (assert) (("1" (replace -3) (("1" (expand "min") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | eligible_set!1(s) AND actual!1(s) = t!1}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (inst?) (("1" (expand "member") (("1" (flatten) nil nil)) nil) ("2" (expand "member") (("2" (flatten) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (expand "min") (("2" (grind) nil nil)) nil) ("3" (grind) nil nil) ("4" (expand "min") (("4" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "maj_pigeonhole") (("2" (assert) (("2" (split) (("1" (hide -3 -4) (("1" (skosimp*) (("1" (expand "empty?") (("1" (inst?) (("1" (grind) nil nil)) nil)) nil)) nil)) nil) ("2" (use "l_filter_subbag") nil nil) ("3" (use "u_filter_subbag") nil nil)) nil)) nil)) nil)) nil)) nil) proved ((u_filter const-decl "bag" bag_filters "structures/") (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (make_bag const-decl "finite_bag[T]" make_bag nil) (finite_bag type-eq-decl nil finite_bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (below type-eq-decl nil naturalnumbers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (l_filter const-decl "bag" bag_filters "structures/") (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (total_order? const-decl "bool" orders nil) (pred type-eq-decl nil defined_types nil) (intersection const-decl "bag" bags "structures/") (empty? const-decl "bool" bags "structures/") (bag type-eq-decl nil bags "structures/") (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number nonempty-type-decl nil numbers nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (NOT const-decl "[bool -> bool]" booleans nil) (bool nonempty-type-eq-decl nil booleans nil) (boolean nonempty-type-decl nil booleans nil) (preorder? const-decl "bool" orders nil) (min const-decl "{p: real | p <= m AND p <= n}" real_defs nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (eligible_set!1 skolem-const-decl "non_empty_finite_set[below(S)]" mid_val_equiv nil) (= const-decl "[T, T -> boolean]" equalities nil) (actual!1 skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (t!1 skolem-const-decl "T" mid_val_equiv nil) (nonempty? const-decl "bool" sets nil) (member const-decl "bool" sets nil) (x!2 skolem-const-decl "below(S)" mid_val_equiv nil) (finite_intersect formula-decl nil make_bag nil) (nonempty_card formula-decl nil finite_sets nil) (antisymmetric? const-decl "bool" relations nil) (partial_order? const-decl "bool" orders nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (below type-eq-decl nil nat_types nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (Card const-decl "nat" finite_sets nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (injective? const-decl "bool" functions nil) (u_filter_subbag formula-decl nil bag_filters "structures/") (l_filter_subbag formula-decl nil bag_filters "structures/") (member const-decl "bool" bags "structures/") (x!1 skolem-const-decl "T" mid_val_equiv nil) (maj_pigeonhole formula-decl nil bag_filters "structures/")) 2474 2140 t shostak)) (filter_l_TCC1 0 (filter_l_TCC1-1 nil 3287487763 3289836914 ("" (skosimp*) (("" (use "nonempty_choose") (("" (assert) (("" (hide -2 -3) (("" (grind) nil nil)) nil)) nil)) nil)) nil) proved-complete ((nonempty_choose formula-decl nil mid_val_equiv nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil)) 350 340 t shostak)) (filter_l 0 (filter_l-4 nil 3287492626 3292683180 ("" (skolem + ("f!1" "e!1" "t!1")) (("" (flatten) (("" (use "nonempty_choose") (("" (assert) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e!1, f!1), t!1)) = card(filter(leq)(e!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (hide -2 -3 2) (("" (expand "card") (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f!1), t!1)), LAMBDA (t: T): l_filter(make_bag(ee, f!1), t!1)(t)) = card(filter(leq)(ee)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (split) (("1" (inst?) nil nil) ("2" (hide 2) (("2" (expand "sum") (("2" (lift-if) (("2" (prop) (("1" (expand "filter") (("1" (expand "emptyset") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (inst?) (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (expand "emptyset") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil) ("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (hide 3) (("3" (case "leq(f!1(e!2),t!1)") (("1" (case-replace "card(filter(leq)(add(e!2, S!1))(f!1)(choose({s: (e!1) | f!1(s) = t!1}))) = card(filter(leq)(S!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1}))) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))(f!1(e!2))") (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = l_filter(make_bag(S!1, f!1), t!1)(f!1(e!2)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)" "f!1(e!2)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)") (("2" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = remove(f!1(e!2), bag_to_set(l_filter(make_bag(S!1, f!1), t!1)))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) nil nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)} = add(e!2, {s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}" "e!2") (("1" (replace -1) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (flatten) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f!1(e!2)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) nil nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!2 = j OR S!1(j)) AND leq(f!1(j), f!1(choose({s: (e!1) | f!1(s) = t!1})))) = add(e!2, LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s: (e!1) | f!1(s) = t!1}))))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s: (e!1) | f!1(s) = t!1})))" "e!2") (("1" (replace -) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (use "epsilon_ax[(e!1)]") (("1" (split) (("1" (replace*) nil nil) ("2" (inst + "x!2") nil nil)) nil) ("2" (inst + "x!2") nil nil)) nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "0") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (case-replace "filter(leq)(add(e!2, S!1))(f!1)(choose({s: (e!1) | f!1(s) = t!1})) = filter(leq)(S!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1}))") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f!1(e!2)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 -3 2) (("2" (grind) nil nil)) nil)) nil)) nil) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f!1(e!2)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (use "epsilon_ax[(e!1)]") (("1" (split) (("1" (replace*) nil nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "x!2") nil nil)) nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "0") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((finite_set_ind_modified formula-decl nil finite_sets_inductions "finite_sets/") (emptyset const-decl "set" sets nil) (member const-decl "bool" sets nil) (empty_card formula-decl nil finite_sets nil) (FALSE const-decl "bool" booleans nil) (finite_empty formula-decl nil make_bag nil) (dichotomous? const-decl "bool" orders nil) (partial_order? const-decl "bool" orders nil) (antisymmetric? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (transitive? const-decl "bool" relations nil) (reflexive? const-decl "bool" relations nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (add const-decl "(nonempty?)" sets nil) (singleton const-decl "(singleton?)" sets nil) (card_one formula-decl nil finite_sets nil) (/= const-decl "boolean" notequal nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (e!2 skolem-const-decl "below(S)" mid_val_equiv nil) (S!1 skolem-const-decl "finite_set[below(S)]" mid_val_equiv nil) (f!1 skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (t!1 skolem-const-decl "T" mid_val_equiv nil) (remove const-decl "set" sets nil) (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (IF const-decl "[boolean, T, T -> T]" if_def nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (below type-eq-decl nil nat_types nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (injective? const-decl "bool" functions nil) (nonempty_card formula-decl nil finite_sets nil) (finite_add formula-decl nil make_bag nil) (finite_intersect formula-decl nil make_bag nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (sum_particular2 formula-decl nil aux nil) (sum_x formula-decl nil finite_sets_sum "finite_sets/") (card_add formula-decl nil finite_sets nil) (epsilon_ax formula-decl nil epsilons nil) (TRUE const-decl "bool" booleans nil) (e!1 skolem-const-decl "non_empty_finite_set[below(S)]" mid_val_equiv nil) (bag_to_set const-decl "set[T]" bags_to_sets "structures/") (sum def-decl "R" finite_sets_sum "finite_sets/") (+ const-decl "[numfield, numfield -> numfield]" number_fields nil) (restrict const-decl "R" restrict nil) (numfield nonempty-type-eq-decl nil number_fields nil) (choose const-decl "(p)" sets nil) (nonempty? const-decl "bool" sets nil) (filter const-decl "bool" index_filters nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (Card const-decl "nat" finite_sets nil) (make_bag const-decl "finite_bag[T]" make_bag nil) (l_filter const-decl "bag" bag_filters "structures/") (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (total_order? const-decl "bool" orders nil) (pred type-eq-decl nil defined_types nil) (card const-decl "nat" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (bag type-eq-decl nil bags "structures/") (= const-decl "[T, T -> boolean]" equalities nil) (card_make_bag formula-decl nil make_bag nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (nonempty_choose formula-decl nil mid_val_equiv nil)) 16671 12530 t nil) (filter_l-3 nil 3287491310 3287492524 ("" (skolem + ("f!1" "e!1" "t!1")) (("" (flatten) (("" (use "nonempty_choose") (("" (assert) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e!1, f!1), t!1)) = card(filter(leq)(e!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (hide -2 -3 2) (("" (expand "card") (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f!1), t!1)), LAMBDA (t: T): l_filter(make_bag(ee, f!1), t!1)(t)) = card(filter(leq)(ee)(f!1)(choose({s: (ee) | f!1(s) = t!1})))") (("" (split) (("1" (inst?) nil) ("2" (hide 2) (("2" (expand "sum") (("2" (lift-if) (("2" (prop) (("1" (expand "filter") (("1" (expand "emptyset") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (inst?) (("1" (expand "member") (("1" (propax) nil))))))))))) ("2" (use "finite_empty") nil))))))))))))))))) ("2" (hide 2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (expand "emptyset") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (propax) nil))))))))) ("2" (use "finite_empty") nil))))) ("2" (assert) nil))))))))))))))))))))))))))))) ("3" (skosimp*) (("3" (hide 3) (("3" (case "leq(f!1(e!2),t!1)") (("1" (case-replace "card(filter(leq)(add(e!2, S!1))(f!1)(choose({s: (S!1) | f!1(s) = t!1}))) = card(filter(leq)(S!1)(f!1)(choose({s: (S!1) | f!1(s) = t!1}))) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))(f!1(e!2))") (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = l_filter(make_bag(S!1, f!1), t!1)(f!1(e!2)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)" "f!1(e!2)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)") (("2" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = remove(f!1(e!2), bag_to_set(l_filter(make_bag(S!1, f!1), t!1)))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)} = add(e!2, {s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}" "e!2") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f!1(e!2)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!2 = j OR S!1(j)) AND leq(f!1(j), f!1(choose({s: (S!1) | f!1(s) = t!1})))) = add(e!2, LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s: (S!1) | f!1(s) = t!1}))))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s: (S!1) | f!1(s) = t!1})))" "e!2") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (replace -) (("1" (propax) nil))) ("2" (inst?) nil))) ("2" (inst + "0") nil))))))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!2, S!1))(f!1)(choose({s: (S!1) | f!1(s) = t!1})) = filter(leq)(S!1)(f!1)(choose({s: (S!1) | f!1(s) = t!1}))") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f!1(e!2)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f!1(e!2)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (replace -) (("1" (propax) nil))) ("2" (inst?) nil))) ("2" (inst + "0") nil)))))))))))))))))))))))))))))))))))))))) nil) unfinished ((nonempty_choose formula-decl nil mid_val_equiv nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (card_make_bag formula-decl nil make_bag nil) (= const-decl "[T, T -> boolean]" equalities nil) (bag type-eq-decl nil bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (card const-decl "nat" finite_bags "structures/") (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (l_filter const-decl "bag" bag_filters "structures/") (make_bag const-decl "finite_bag[T]" make_bag nil) (Card const-decl "nat" finite_sets nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (filter const-decl "bool" index_filters nil) (nonempty? const-decl "bool" sets nil) (choose const-decl "(p)" sets nil) (bag_to_set const-decl "set[T]" bags_to_sets "structures/") (sum def-decl "R" finite_sets_sum "finite_sets/") (+ const-decl "[numfield, numfield -> numfield]" number_fields nil) (restrict const-decl "R" restrict nil) (numfield nonempty-type-eq-decl nil number_fields nil) (TRUE const-decl "bool" booleans nil) (epsilon_ax formula-decl nil epsilons nil) (card_add formula-decl nil finite_sets nil) (sum_x formula-decl nil finite_sets_sum "finite_sets/") nil (finite_intersect formula-decl nil make_bag nil) (finite_add formula-decl nil make_bag nil) (nonempty_card formula-decl nil finite_sets nil) (injective? const-decl "bool" functions nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (below type-eq-decl nil nat_types nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (IF const-decl "[boolean, T, T -> T]" if_def nil) (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (remove const-decl "set" sets nil) (/= const-decl "boolean" notequal nil) (card_one formula-decl nil finite_sets nil) (singleton const-decl "(singleton?)" sets nil) (add const-decl "(nonempty?)" sets nil) (reflexive? const-decl "bool" relations nil) (transitive? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (antisymmetric? const-decl "bool" relations nil) (partial_order? const-decl "bool" orders nil) (dichotomous? const-decl "bool" orders nil) (finite_empty formula-decl nil make_bag nil) (FALSE const-decl "bool" booleans nil) (empty_card formula-decl nil finite_sets nil) (member const-decl "bool" sets nil) (emptyset const-decl "set" sets nil) (finite_set_ind_modified formula-decl nil finite_sets_inductions "finite_sets/")) 248747 29570 t nil) (filter_l-2 nil 3287487721 3287491260 ("" (skolem + ("f!1" "e!1" "t!1")) (("" (flatten) (("" (use "nonempty_choose") (("" (assert) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e!1, f!1), t!1)) = card(filter(leq)(e!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (hide -2 -3 2) (("" (expand "card") (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f!1), t!1)), LAMBDA (t: T): l_filter(make_bag(ee, f!1), t!1)(t)) = card(filter(leq)(ee)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (split) (("1" (inst?) nil) ("2" (hide 2) (("2" (expand "sum") (("2" (lift-if) (("2" (prop) (("1" (expand "filter") (("1" (expand "emptyset") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (inst?) (("1" (expand "member") (("1" (propax) nil))))))))))) ("2" (use "finite_empty") nil))))))))))))))))) ("2" (hide 2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (expand "emptyset") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (propax) nil))))))))) ("2" (use "finite_empty") nil))))) ("2" (assert) nil))))))))))))))))))))))))))))) ("3" (skosimp*) (("3" (hide 3) (("3" (case "leq(f!1(e!2),t!1)") (("1" (case-replace "card(filter(leq)(add(e!2, S!1))(f!1)(choose({s: (e!1) | f!1(s) = t!1}))) = card(filter(leq)(S!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1}))) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))(f!1(e!2))") (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = l_filter(make_bag(S!1, f!1), t!1)(f!1(e!2)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)" "f!1(e!2)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)") (("2" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = remove(f!1(e!2), bag_to_set(l_filter(make_bag(S!1, f!1), t!1)))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)} = add(e!2, {s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}" "e!2") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (flatten) nil))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f!1(e!2)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))) ("2" (use "finite_add") nil))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!2 = j OR S!1(j)) AND leq(f!1(j), f!1(choose({s: (e!1) | f!1(s) = t!1})))) = add(e!2, LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s: (e!1) | f!1(s) = t!1}))))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s: (e!1) | f!1(s) = t!1})))" "e!2") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (replace -) (("1" (propax) nil))) ("2" (inst?) nil))) ("2" (inst + "0") nil))))))))))))))))))))) ("2" (case-replace "filter(leq)(add(e!2, S!1))(f!1)(choose({s: (e!1) | f!1(s) = t!1})) = filter(leq)(S!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1}))") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f!1(e!2)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f!1(e!2)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (replace -) (("1" (propax) nil))) ("2" (inst?) nil))) ("2" (inst + "0") nil)))))))))))))))))))))))))))))))))))))))) nil) unfinished nil 83189 3820 t nil) (filter_l-1 nil 3287406767 3287426843 ("" (skolem + ("f!1" "e!1" "t!1")) (("" (flatten) (("" (use "nonempty_choose") (("" (assert) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e!1, f!1), t!1)) = card(filter(leq)(e!1)(f!1)(choose({s | f!1(s) = t!1})))") (("" (hide -2 -3 2) (("" (expand "card") (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(l_filter(make_bag(ee, f!1), t!1)), LAMBDA (t: T): l_filter(make_bag(ee, f!1), t!1)(t)) = card(filter(leq)(ee)(f!1)(choose({s | f!1(s) = t!1})))") (("" (split) (("1" (inst?) nil nil) ("2" (hide 2) (("2" (expand "sum") (("2" (lift-if) (("2" (prop) (("1" (expand "filter") (("1" (expand "emptyset") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "l_filter") (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (inst?) (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (expand "emptyset") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil) ("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (hide 3) (("3" (case "leq(f!1(e!2),t!1)") (("1" (case-replace "card(filter(leq)(add(e!2, S!1))(f!1)(choose({s | f!1(s) = t!1}))) = card(filter(leq)(S!1)(f!1)(choose({s | f!1(s) = t!1}))) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))(f!1(e!2))") (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = l_filter(make_bag(S!1, f!1), t!1)(f!1(e!2)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (inst - "bag_to_set(l_filter(make_bag(S!1, f!1), t!1))" "LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)" "f!1(e!2)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)))" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)") (("2" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = remove(f!1(e!2), bag_to_set(l_filter(make_bag(S!1, f!1), t!1)))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "l_filter") (("1" (lift-if) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) nil nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 3) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)} = add(e!2, {s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}" "e!2") (("1" (replace -1) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (flatten) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f!1(e!2)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f!1(e!2), bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1))) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (inst - "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) nil nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (case-replace "(LAMBDA (j: below(S)): (e!2 = j OR S!1(j)) AND leq(f!1(j), f!1(choose({s | f!1(s) = t!1})))) = add(e!2, LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s | f!1(s) = t!1}))))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f!1(j), f!1(choose({s | f!1(s) = t!1})))" "e!2") (("1" (replace -) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (replace -) (("1" (propax) nil nil)) nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "0") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (case-replace "filter(leq)(add(e!2, S!1))(f!1)(choose({s | f!1(s) = t!1})) = filter(leq)(S!1)(f!1)(choose({s | f!1(s) = t!1}))") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(l_filter(make_bag(add(e!2, S!1), f!1), t!1)) = bag_to_set(l_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f!1(e!2)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "l_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 -3 2) (("2" (grind) nil nil)) nil)) nil)) nil) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE l_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): l_filter(make_bag(S!1, f!1), t!1)(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "l_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f!1(e!2)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (replace -) (("1" (propax) nil nil)) nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "0") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unchecked ((finite_set_ind_modified formula-decl nil finite_sets_inductions "finite_sets/") (emptyset const-decl "set" sets nil) (member const-decl "bool" sets nil) (empty_card formula-decl nil finite_sets nil) (FALSE const-decl "bool" booleans nil) (finite_empty formula-decl nil make_bag nil) (dichotomous? const-decl "bool" orders nil) (partial_order? const-decl "bool" orders nil) (antisymmetric? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (transitive? const-decl "bool" relations nil) (reflexive? const-decl "bool" relations nil) (add const-decl "(nonempty?)" sets nil) (singleton const-decl "(singleton?)" sets nil) (card_one formula-decl nil finite_sets nil) (/= const-decl "boolean" notequal nil) (remove const-decl "set" sets nil) (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (IF const-decl "[boolean, T, T -> T]" if_def nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (below type-eq-decl nil nat_types nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (injective? const-decl "bool" functions nil) (nonempty_card formula-decl nil finite_sets nil) (finite_add formula-decl nil make_bag nil) (finite_intersect formula-decl nil make_bag nil) nil (sum_x formula-decl nil finite_sets_sum "finite_sets/") (card_add formula-decl nil finite_sets nil) (epsilon_ax formula-decl nil epsilons nil) (TRUE const-decl "bool" booleans nil) (numfield nonempty-type-eq-decl nil number_fields nil) (restrict const-decl "R" restrict nil) (+ const-decl "[numfield, numfield -> numfield]" number_fields nil) (sum def-decl "R" finite_sets_sum "finite_sets/") (bag_to_set const-decl "set[T]" bags_to_sets "structures/") (choose const-decl "(p)" sets nil) (nonempty? const-decl "bool" sets nil) (filter const-decl "bool" index_filters nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (Card const-decl "nat" finite_sets nil) (make_bag const-decl "finite_bag[T]" make_bag nil) (l_filter const-decl "bag" bag_filters "structures/") (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (total_order? const-decl "bool" orders nil) (pred type-eq-decl nil defined_types nil) (card const-decl "nat" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (bag type-eq-decl nil bags "structures/") (= const-decl "[T, T -> boolean]" equalities nil) (card_make_bag formula-decl nil make_bag nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (nonempty_choose formula-decl nil mid_val_equiv nil)) 2760942 125930 t shostak)) (filter_u 0 (filter_u-2 nil 3287757611 3292683194 ("" (skolem + ("f!1" "e!1" "t!1")) (("" (flatten) (("" (use "nonempty_choose") (("" (assert) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(u_filter(make_bag(e!1, f!1), t!1)) = card(filter(geq)(e!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (hide -2 -3 2) (("" (expand "card") (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f!1), t!1)), LAMBDA (t: T): u_filter(make_bag(ee, f!1), t!1)(t)) = card(filter(geq)(ee)(f!1)(choose({s: (e!1) | f!1(s) = t!1})))") (("" (split) (("1" (inst?) nil nil) ("2" (hide 2) (("2" (expand "sum") (("2" (lift-if) (("2" (prop) (("1" (expand "filter") (("1" (expand "emptyset") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (inst?) (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (expand "emptyset") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (use "empty_card[below(S)]") (("1" (assert) (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_empty") nil nil)) nil)) nil) ("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (hide 3) (("3" (case "geq(f!1(e!2),t!1)") (("1" (case-replace "card(filter(geq)(add(e!2, S!1))(f!1)(choose({s: (e!1) | f!1(s) = t!1}))) = card(filter(geq)(S!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1}))) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f!1), t!1))(f!1(e!2))") (("1" (case "u_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = u_filter(make_bag(S!1, f!1), t!1)(f!1(e!2)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!2, S!1), f!1), t!1))" "LAMBDA (t: T): u_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f!1), t!1))" "LAMBDA (t: T): u_filter(make_bag(S!1, f!1), t!1)(t)" "f!1(e!2)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f!1(e!2), bag_to_set(u_filter(make_bag(add(e!2, S!1), f!1), t!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)" "f!1(e!2)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!2, S!1), f!1), t!1)(t)") (("2" (case-replace "remove(f!1(e!2), bag_to_set(u_filter(make_bag(add(e!2, S!1), f!1), t!1))) = remove(f!1(e!2), bag_to_set(u_filter(make_bag(S!1, f!1), t!1)))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (expand "geq") (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (inst - "x!2") (("1" (expand "member") (("1" (expand "add") (("1" (expand "member") (("1" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)} = add(e!2, {s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}" "e!2") (("1" (replace -1) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (flatten) (("2" (expand "geq") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f!1(e!2)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f!1(e!2), bag_to_set(u_filter(make_bag(add(e!2, S!1), f!1), t!1))) = bag_to_set(u_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE u_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (expand "geq") (("1" (assert) (("1" (inst - "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil) ("2" (use "finite_add") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (use "finite_intersect") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = f!1(e!2)}") (("1" (assert) (("1" (inst?) nil nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (expand "geq") (("2" (case-replace "(LAMBDA (j: below(S)): (e!2 = j OR S!1(j)) AND leq(f!1(choose({s: (e!1) | f!1(s) = t!1})), f!1(j))) = add(e!2, LAMBDA (j: below(S)): S!1(j) AND leq(f!1(choose({s: (e!1) | f!1(s) = t!1})), f!1(j)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f!1(choose({s: (e!1) | f!1(s) = t!1})), f!1(j))" "e!2") (("1" (replace -) (("1" (assert) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (use "epsilon_ax[(e!1)]") (("1" (split) (("1" (replace*) nil nil) ("2" (inst + "x!2") nil nil)) nil) ("2" (inst + "x!2") nil nil)) nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "0") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (case-replace "filter(geq)(add(e!2, S!1))(f!1)(choose({s: (e!1) | f!1(s) = t!1})) = filter(geq)(S!1)(f!1)(choose({s: (e!1) | f!1(s) = t!1}))") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!2, S!1), f!1), t!1)) = bag_to_set(u_filter(make_bag(S!1, f!1), t!1))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f!1(e!2)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!2, S!1), f!1), t!1)(f!1(e!2)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE u_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f!1), t!1)(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil nil)) nil) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!2, S!1)(s) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 -3 2) (("2" (grind) nil nil)) nil)) nil)) nil) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f!1(e!2) THEN 0 ELSE u_filter(make_bag(add(e!2, S!1), f!1), t!1)(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f!1), t!1)(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil nil)) nil)) nil) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1} = {s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f!1(e!2)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil nil) ("2" (inst - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f!1(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!2 = s OR S!1(s)) AND f!1(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1" "e!2") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f!1(s) = x!1" "S!1") (("2" (grind) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("2" (use "epsilon_ax[below(S)]") (("1" (split) (("1" (use "epsilon_ax[(e!1)]") (("1" (split) (("1" (replace*) nil nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "x!2") nil nil)) nil) ("2" (inst?) nil nil)) nil) ("2" (inst + "0") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((finite_set_ind_modified formula-decl nil finite_sets_inductions "finite_sets/") (emptyset const-decl "set" sets nil) (member const-decl "bool" sets nil) (empty_card formula-decl nil finite_sets nil) (FALSE const-decl "bool" booleans nil) (finite_empty formula-decl nil make_bag nil) (dichotomous? const-decl "bool" orders nil) (partial_order? const-decl "bool" orders nil) (antisymmetric? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (transitive? const-decl "bool" relations nil) (reflexive? const-decl "bool" relations nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (add const-decl "(nonempty?)" sets nil) (singleton const-decl "(singleton?)" sets nil) (card_one formula-decl nil finite_sets nil) (/= const-decl "boolean" notequal nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (e!2 skolem-const-decl "below(S)" mid_val_equiv nil) (S!1 skolem-const-decl "finite_set[below(S)]" mid_val_equiv nil) (f!1 skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (t!1 skolem-const-decl "T" mid_val_equiv nil) (remove const-decl "set" sets nil) (sum_f_g formula-decl nil finite_sets_sum "finite_sets/") (IF const-decl "[boolean, T, T -> T]" if_def nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (OR const-decl "[bool, bool -> bool]" booleans nil) (below type-eq-decl nil nat_types nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (injective? const-decl "bool" functions nil) (x!1 skolem-const-decl "T" mid_val_equiv nil) (finite_intersect formula-decl nil make_bag nil) (finite_add formula-decl nil make_bag nil) (nonempty_card formula-decl nil finite_sets nil) (sum_particular2 formula-decl nil aux nil) (sum_x formula-decl nil finite_sets_sum "finite_sets/") (card_add formula-decl nil finite_sets nil) (e!1 skolem-const-decl "non_empty_finite_set[below(S)]" mid_val_equiv nil) (TRUE const-decl "bool" booleans nil) (epsilon_ax formula-decl nil epsilons nil) (bag_to_set const-decl "set[T]" bags_to_sets "structures/") (sum def-decl "R" finite_sets_sum "finite_sets/") (+ const-decl "[numfield, numfield -> numfield]" number_fields nil) (restrict const-decl "R" restrict nil) (numfield nonempty-type-eq-decl nil number_fields nil) (choose const-decl "(p)" sets nil) (nonempty? const-decl "bool" sets nil) (geq const-decl "bool" index_select nil) (filter const-decl "bool" index_filters nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (Card const-decl "nat" finite_sets nil) (make_bag const-decl "finite_bag[T]" make_bag nil) (u_filter const-decl "bag" bag_filters "structures/") (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (total_order? const-decl "bool" orders nil) (pred type-eq-decl nil defined_types nil) (card const-decl "nat" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (bag type-eq-decl nil bags "structures/") (= const-decl "[T, T -> boolean]" equalities nil) (card_make_bag formula-decl nil make_bag nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (nonempty_choose formula-decl nil mid_val_equiv nil)) 14364 12640 t nil) (filter_u-1 nil 3287754220 3287757485 ("" (skolem + ("f" "e" "t")) (("" (flatten) (("" (use "nonempty_choose") (("" (assert) (("" (use "card_make_bag") (("" (replace -1 :hide? t) (("" (case-replace "card(l_filter(make_bag(e, f), t)) = card(filter(leq)(e)(f)(choose({s: (e) | f!1(s) = t})))") (("" (hide -2 -3 2) (("" (expand "card") (("" (lemma "finite_set_ind_modified[below(S)]") (("" (inst - "LAMBDA (ee: finite_set[below(S)]): sum(bag_to_set(u_filter(make_bag(ee, f), f(s!1))), LAMBDA (t: T): u_filter(make_bag(ee, f), f(s!1))(t)) = card(filter(geq)(ee)(f)(s!1))") (("" (split) (("1" (inst?) nil) ("2" (hide 3) (("2" (expand "filter") (("2" (lemma "card_empty?[below(S)]") (("2" (inst?) (("1" (case "empty?[below(S)] (LAMBDA (j: below(S)): emptyset(j) AND geq(f(j), f(s!1)))") (("1" (assert) (("1" (replace -2 :hide? t) (("1" (expand "bag_to_set") (("1" (expand "make_bag") (("1" (expand "u_filter") (("1" (case "{t: T | IF leq(f(s!1), t) THEN card({s: below(S) | emptyset(s) AND f(s) = t}) ELSE 0 ENDIF > 0} = emptyset[T]") (("1" (replace -1 :hide? t) (("1" (use "sum_emptyset[T,real,0,+]") (("1" (skosimp*) (("1" (use "finite_empty") nil))))))) ("2" (hide 2) (("2" (decompose-equality +) (("1" (grind) (("1" (use "card_emptyset[below(S)]") (("1" (expand "emptyset") (("1" (assert) nil))))))) ("2" (skosimp*) (("2" (use "finite_empty") nil))))))) ("3" (skosimp*) (("3" (use "finite_empty") nil))))))))))))))) ("2" (hide 2 -1) (("2" (grind) nil))))) ("2" (use "finite_empty") nil))))))))) ("3" (skosimp*) (("3" (hide 4) (("3" (case "geq(f(e!1), f(s!1))") (("1" (case-replace "card(filter(geq)(add(e!1, S!1))(f)(s!1)) = card(filter(geq)(S!1)(f)(s!1)) + 1") (("1" (replace -3 :dir rl :hide? t) (("1" (hide -1) (("1" (case "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))(f(e!1))") (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = u_filter(make_bag(S!1, f), f(s!1))(f(e!1)) + 1") (("1" (lemma "sum_x[T,real,0,+]") (("1" (inst-cp - "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (inst - "bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))" "LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)" "f(e!1)") (("1" (replace*) (("1" (hide -1 -2 -3) (("1" (assert) (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst - "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))))" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)" "f(e!1)") (("1" (replace - :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (hide-all-but -1) (("1" (grind) nil))))) ("2" (flatten) (("2" (hide 1) (("2" (assert) (("2" (name-replace "g" "LAMBDA (t: T): u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t)") (("2" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = remove(f(e!1), bag_to_set(u_filter(make_bag(S!1, f), f(s!1))))") (("1" (hide -1) (("1" (use "sum_f_g[T,real,0,+]") (("1" (split) (("1" (propax) nil) ("2" (skosimp*) (("2" (hide 2) (("2" (lift-if) (("2" (typepred! "x!1") (("2" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (hide -4 -5 4) (("2" (grind) (("2" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("2" (hide 3) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))))))))))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (expand "remove") (("2" (iff) (("2" (prop) (("1" (expand "member") (("1" (expand "bag_to_set") (("1" (expand "u_filter") (("1" (lift-if) (("1" (expand "geq") (("1" (assert) (("1" (prop) (("1" (expand "make_bag") (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (expand "add") (("1" (flatten) (("1" (split) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) nil) ("2" (use "finite_intersect") nil))))) ("2" (expand "member") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (grind) nil))) ("2" (use "finite_intersect") nil))))))))))))))))))))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst?) (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 3) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (prop) (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (skosimp*) (("1" (expand "member") (("1" (flatten) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | add[below(S)](e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (grind) nil))))) ("2" (use "finite_add") nil))))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))) ("2" (hide 3) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)} = add(e!1, {s: below(S) | S!1(s) AND f(s) = f(e!1)})") (("1" (lemma "card_add[below(S)]") (("1" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}" "e!1") (("1" (replace -1) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide -2 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))) ("2" (expand "geq") (("2" (flatten) nil))))))))))))) ("2" (lemma "sum_x[T,real,0,+]") (("2" (inst?) (("2" (inst - "f(e!1)") (("1" (replace - :hide? t) (("1" (case-replace "remove(f(e!1), bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1)))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst?) (("1" (replace -1 :hide? t) (("1" (assert) (("1" (case "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 1") (("1" (replace - :hide? t) (("1" (assert) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 4) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (expand "make_bag") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (lemma "card_one[below(S)]") (("1" (expand "geq") (("1" (inst - "{s: below(S) | add(e!1, S!1)(s) AND f(s) = f(e!1)}") (("1" (assert) (("1" (assert) (("1" (inst?) (("1" (expand "singleton") (("1" (decompose-equality +) (("1" (grind) nil))))))))))) ("2" (use "finite_add") nil))))))))))))))) ("2" (use "finite_intersect") nil))))))))))))))))))))))))) ("2" (hide 4) (("2" (decompose-equality +) (("2" (iff) (("2" (grind) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (split) (("1" (propax) nil) ("2" (propax) nil))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (lemma "nonempty_card[below(S)]") (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (prop) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))))) ("2" (use "finite_intersect") (("2" (grind) nil))))))))))))))))))) ("2" (hide 4) (("2" (grind) (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = f(e!1)}") (("1" (assert) (("1" (inst?) nil))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (grind) nil))))))))))))))))))))))))) ("2" (hide -2 3) (("2" (expand "filter") (("2" (expand "add") (("2" (expand "member") (("2" (expand "geq") (("2" (case-replace "(LAMBDA (j: below(S)): (e!1 = j OR S!1(j)) AND leq(f(s!1), f(j))) = add(e!1, LAMBDA (j: below(S)): S!1(j) AND leq(f(s!1), f(j)))") (("1" (lemma "card_add[below(S)]") (("1" (inst - "LAMBDA (j: below(S)): S!1(j) AND leq(f(s!1), f(j))" "e!1") (("1" (replace -) (("1" (assert) nil))) ("2" (use "finite_intersect") nil))))) ("2" (hide 2) (("2" (decompose-equality +) (("2" (grind) nil))))))))))))))))))) ("2" (case-replace "filter(geq)(add(e!1, S!1))(f)(s!1) = filter(geq)(S!1)(f)(s!1)") (("1" (replace -2 :dir rl :hide? t) (("1" (case-replace "bag_to_set(u_filter(make_bag(add(e!1, S!1), f), f(s!1))) = bag_to_set(u_filter(make_bag(S!1, f), f(s!1)))") (("1" (lemma "sum_particular2[T,real,0,+]") (("1" (inst?) (("1" (inst - "f(e!1)") (("1" (replace -1 :hide? t) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (case-replace "u_filter(make_bag(add(e!1, S!1), f), f(s!1))(f(e!1)) = 0") (("1" (assert) (("1" (hide -2 -3 -4) (("1" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("1" (hide 2) (("1" (decompose-equality +) (("1" (lift-if) (("1" (split) (("1" (flatten) (("1" (grind) nil))) ("2" (flatten) (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (case-replace "{s: below(S) | add(e!1, S!1)(s) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (iff) (("1" (grind) nil))))))))))))) ("2" (propax) nil))))))))))))))))))))))) ("2" (hide -1 -2 -3 2) (("2" (grind) nil))))))) ("2" (flatten) (("2" (assert) (("2" (case-replace "(LAMBDA (t_1: T): IF t_1 = f(e!1) THEN 0 ELSE u_filter(make_bag(add(e!1, S!1), f), f(s!1))(t_1) ENDIF) = LAMBDA (t: T): u_filter(make_bag(S!1, f), f(s!1))(t)") (("2" (hide 3) (("2" (decompose-equality +) (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "bag_to_set") (("1" (assert) nil))))) ("2" (flatten) (("2" (hide -1 -2) (("2" (expand "bag_to_set") (("2" (expand "u_filter") (("2" (lift-if) (("2" (split) (("1" (flatten) (("1" (expand "make_bag") (("1" (expand "add") (("1" (expand "member") (("1" (case-replace "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1} = {s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (hide 2) (("1" (decompose-equality +) (("1" (grind) nil))))))))))))))) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) (("1" (case "x!1 = f(e!1)") (("1" (hide-all-but (-1 -4 2)) (("1" (typepred! "leq") (("1" (grind) nil))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (split) (("1" (replace*) nil) ("2" (inst - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (lemma "nonempty_card[below(S)]") (("2" (inst-cp - "{s: below(S) | S!1(s) AND f(s) = x!1}") (("1" (assert) (("1" (skosimp*) (("1" (inst - "{s: below(S) | (e!1 = s OR S!1(s)) AND f(s) = x!1}") (("1" (assert) (("1" (inst?) (("1" (assert) nil))))) ("2" (hide-all-but 1) (("2" (use "finite_add") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1" "e!1") (("2" (grind) nil))))))))))))) ("2" (hide-all-but 1) (("2" (use "finite_intersect") (("2" (inst - "LAMBDA (s: below(S)): f(s) = x!1" "S!1") (("2" (grind) nil))))))))))))))))))))) ("2" (hide -1 4) (("2" (decompose-equality +) (("2" (grind) nil)))))))))))))))))))))))))))))))))))) nil) unfinished nil 298870 4410 t nil)) (choose_eligible 0 (choose_eligible-1 nil 3287484554 3292683195 ("" (skosimp*) (("" (use "filter_l") (("" (use "filter_u") (("" (assert) nil nil)) nil)) nil)) nil) proved ((filter_l formula-decl nil mid_val_equiv nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (filter_u formula-decl nil mid_val_equiv nil)) 660 640 t shostak)) (mid_val_exists 0 (mid_val_exists-2 nil 3287920448 3292683196 ("" (skolem + ("f" "e" "t")) (("" (flatten) (("" (expand "mid_val?") (("" (flatten) (("" (inst + "choose({ss: (e) | f(ss) = t})") (("1" (hide-all-but 1) (("1" (typepred! "choose({ss: (e) | f(ss) = t})") (("1" (assert) nil nil) ("2" (reveal -1 -2) (("2" (use "nonempty_choose") (("2" (assert) nil nil)) nil)) nil)) nil)) nil) ("2" (expand "middle_value") (("2" (split) (("1" (use "filter_l") (("1" (assert) nil nil)) nil) ("2" (use "filter_u") (("2" (assert) nil nil)) nil)) nil)) nil) ("3" (use "filter_l") (("3" (assert) (("3" (use "nonempty_choose") (("3" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((filter_u formula-decl nil mid_val_equiv nil) (filter_l formula-decl nil mid_val_equiv nil) (nonempty_choose formula-decl nil mid_val_equiv nil) (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (middle_value const-decl "bool" middle_value_index nil) (choose const-decl "(p)" sets nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (e skolem-const-decl "non_empty_finite_set[below(S)]" mid_val_equiv nil) (nonempty? const-decl "bool" sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (= const-decl "[T, T -> boolean]" equalities nil) (f skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (t skolem-const-decl "T" mid_val_equiv nil) (mid_val? const-decl "bool" middle_value_select "structures/")) 1527 1390 t nil) (mid_val_exists-1 nil 3287312077 3287920437 ("" (skolem + ("f" "e" "t")) (("" (flatten) (("" (expand "middle_value?") (("" (flatten) (("" (inst + "choose({ss: (e) | f(ss) = t})") (("1" (hide-all-but 1) (("1" (typepred! "choose({ss: (e) | f(ss) = t})") (("1" (assert) nil nil) ("2" (reveal -1 -2) (("2" (use "nonempty_choose") (("2" (assert) nil nil)) nil)) nil)) nil)) nil) ("2" (expand "middle_value") (("2" (split) (("1" (use "filter_l") (("1" (assert) nil nil)) nil) ("2" (use "filter_u") (("2" (assert) nil nil)) nil)) nil)) nil) ("3" (use "filter_l") (("3" (assert) (("3" (use "nonempty_choose") (("3" (assert) (("3" (expand "nonempty?") (("3" (expand "empty?") (("3" (skosimp*) (("3" (inst?) (("1" (expand "member") (("1" (expand "extend") (("1" (split) (("1" (flatten) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil) ("2" (expand "member") (("2" (expand "extend") (("2" (split) (("1" (flatten) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unfinished ((filter_u formula-decl nil mid_val_equiv nil) (filter_l formula-decl nil mid_val_equiv nil) (nonempty_choose formula-decl nil mid_val_equiv nil) (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (middle_value const-decl "bool" middle_value_index nil) (choose const-decl "(p)" sets nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (nonempty? const-decl "bool" sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (= const-decl "[T, T -> boolean]" equalities nil)) 12758 750 t shostak)) (restrict_actual 0 (restrict_actual-1 nil 3287236173 3292683197 ("" (skolem + ("f" "e")) (("" (expand "image") (("" (decompose-equality +) (("" (iff) (("" (prop) (("1" (use "exists_mid_val") (("1" (assert) nil nil)) nil) ("2" (use "mid_val_exists") (("2" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((image const-decl "set[R]" function_image nil) (mid_val_exists formula-decl nil mid_val_equiv nil) (exists_mid_val formula-decl nil mid_val_equiv nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (boolean nonempty-type-decl nil booleans nil) (make_bag const-decl "finite_bag[T]" make_bag nil) (mid_val? const-decl "bool" middle_value_select "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (bag type-eq-decl nil bags "structures/") (= const-decl "[T, T -> boolean]" equalities nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (middle_value const-decl "bool" middle_value_index nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (total_order? const-decl "bool" orders nil) (pred type-eq-decl nil defined_types nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (below type-eq-decl nil naturalnumbers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number nonempty-type-decl nil numbers nil)) 130 110 t shostak)) (mid_val_is_middle_value 0 (mid_val_is_middle_value-2 nil 3287920660 3292683198 ("" (skolem + ("f" "e")) (("" (expand "mid_val") (("" (expand "middle_value") (("" (use "restrict_actual") (("" (use "mid_val_singleton") (("" (split) (("1" (expand "middle_index") (("1" (expand "image") (("1" (case "member(f(choose({i: below(S) | middle_value(e)(f)(i)})), mid_val?(make_bag(e, f)))") (("1" (expand "member") (("1" (expand "singleton?") (("1" (skosimp*) (("1" (inst-cp - "f(choose({i: below(S) | middle_value(e)(f)(i)}))") (("1" (inst - "epsilon(mid_val?(make_bag(e, f)))") (("1" (replace*) nil nil) ("2" (hide 2) (("2" (use "epsilon_ax[T]") (("2" (split) (("1" (propax) nil nil) ("2" (inst + "(f(choose({i: below(S) | middle_value(e)(f)(i)})))") (("2" (hide 2) (("2" (hide -1 -2 -3) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (skosimp*) (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 2) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (skosimp*) (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (expand "member") (("2" (use "exists_mid_val") (("1" (split) (("1" (propax) nil nil) ("2" (inst?) (("2" (hide -1 -2 2) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (skosimp*) (("2" (expand "empty?") (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 2) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (skosimp*) (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (hide -1 -2 2) (("3" (use "middle_value_exists") (("3" (expand "nonempty?") (("3" (expand "empty?") (("3" (skosimp*) (("3" (inst?) (("3" (expand "member") (("3" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 1) (("2" (typepred! "e") (("2" (expand "make_bag") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (inst - "f(x!1)") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | e(s) AND f(s) = f(x!1)}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((mid_val const-decl "T" middle_value_select "structures/") (restrict_actual formula-decl nil mid_val_equiv nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (image const-decl "set[R]" function_image nil) (exists_mid_val formula-decl nil mid_val_equiv nil) (epsilon const-decl "T" epsilons nil) (epsilon_ax formula-decl nil epsilons nil) (middle_value_exists formula-decl nil middle_value_index nil) (f skolem-const-decl "[below(S) -> T]" mid_val_equiv nil) (e skolem-const-decl "non_empty_finite_set[below(S)]" mid_val_equiv nil) (singleton? const-decl "bool" sets nil) (mid_val? const-decl "bool" middle_value_select "structures/") (middle_value const-decl "bool" middle_value_index nil) (choose const-decl "(p)" sets nil) (nonempty? const-decl "bool" sets nil) (member const-decl "bool" sets nil) (middle_index const-decl "below(N)" middle_value_index nil) (empty? const-decl "bool" bags "structures/") (nonempty_card formula-decl nil finite_sets nil) (finite_intersect formula-decl nil make_bag nil) (injective? const-decl "bool" functions nil) (x!1 skolem-const-decl "below(S)" mid_val_equiv nil) (= const-decl "[T, T -> boolean]" equalities nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (make_bag const-decl "finite_bag[T]" make_bag nil) (finite_bag type-eq-decl nil finite_bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (bag type-eq-decl nil bags "structures/") (mid_val_singleton formula-decl nil middle_value_select "structures/") (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (middle_value const-decl "T" middle_value_index nil)) 1201 1030 t nil) (mid_val_is_middle_value-1 nil 3287146976 3287920510 ("" (skolem + ("f" "e")) (("" (expand "middle_value") (("" (use "restrict_actual") (("" (use "mid_val_singleton") (("" (split) (("1" (expand "middle_index") (("1" (expand "image") (("1" (case "member(f(choose({i: below(S) | middle_value(e)(f)(i)})), middle_value?(make_bag(e, f)))") (("1" (expand "member") (("1" (expand "singleton?") (("1" (skosimp*) (("1" (inst-cp - "f(choose({i: below(S) | middle_value(e)(f)(i)}))") (("1" (inst - "epsilon(middle_value?(make_bag(e, f)))") (("1" (replace*) nil nil) ("2" (hide 2) (("2" (use "epsilon_ax[T]") (("2" (split) (("1" (propax) nil nil) ("2" (inst + "(f(choose({i: below(S) | middle_value(e)(f)(i)})))") (("2" (hide 2) (("2" (hide -1 -2 -3) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (skosimp*) (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 2) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (skosimp*) (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide 2) (("2" (expand "member") (("2" (use "exists_mid_val") (("1" (split) (("1" (propax) nil nil) ("2" (inst?) (("2" (hide -1 -2 2) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (skosimp*) (("2" (expand "empty?") (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -1 -2 2) (("2" (use "middle_value_exists") (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (skosimp*) (("2" (inst?) (("2" (expand "member") (("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (hide -1 -2 2) (("3" (use "middle_value_exists") (("3" (expand "nonempty?") (("3" (expand "empty?") (("3" (skosimp*) (("3" (inst?) (("3" (expand "member") (("3" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (hide -2 1) (("2" (typepred! "e") (("2" (expand "make_bag") (("2" (expand "empty?") (("2" (skosimp*) (("2" (expand "member") (("2" (inst - "f(x!1)") (("2" (lemma "nonempty_card[below(S)]") (("2" (inst - "{s: below(S) | e(s) AND f(s) = f(x!1)}") (("1" (assert) (("1" (grind) nil nil)) nil) ("2" (use "finite_intersect") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unfinished ((middle_value const-decl "T" middle_value_index nil) (leq formal-const-decl "(total_order?[T])" mid_val_equiv nil) (total_order? const-decl "bool" orders nil) (pred type-eq-decl nil defined_types nil) (bag type-eq-decl nil bags "structures/") (is_finite const-decl "bool" finite_bags "structures/") (finite_bag type-eq-decl nil finite_bags "structures/") (make_bag const-decl "finite_bag[T]" make_bag nil) (AND const-decl "[bool, bool -> bool]" booleans nil) (= const-decl "[T, T -> boolean]" equalities nil) (injective? const-decl "bool" functions nil) (finite_intersect formula-decl nil make_bag nil) (nonempty_card formula-decl nil finite_sets nil) (empty? const-decl "bool" bags "structures/") (middle_index const-decl "below(N)" middle_value_index nil) (member const-decl "bool" sets nil) (nonempty? const-decl "bool" sets nil) (choose const-decl "(p)" sets nil) (middle_value const-decl "bool" middle_value_index nil) (singleton? const-decl "bool" sets nil) (middle_value_exists formula-decl nil middle_value_index nil) (epsilon_ax formula-decl nil epsilons nil) (epsilon const-decl "T" epsilons nil) (exists_mid_val formula-decl nil mid_val_equiv nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (S formal-const-decl "posnat" mid_val_equiv nil) (below type-eq-decl nil naturalnumbers nil) (T formal-nonempty-type-decl nil mid_val_equiv nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (non_empty_finite_set type-eq-decl nil finite_sets nil) (restrict_actual formula-decl nil mid_val_equiv nil)) 43893 1240 t shostak))) $$$index_filters.pvs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % NASA Langley Formal Methods % http://shemesh.larc.nasa.gov/fm/spider/fm-now-spider.html % % PVS 3.1 % % Design : SPIDER Version 2 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% index_filters[N: posnat, T: TYPE]: THEORY BEGIN IMPORTING finite_sets@finite_sets_below[N] good, select: var finite_set[below(N)] f: var [below(N) -> T] i, j: var below(N) rel: VAR [T,T -> bool] filter(rel)(select)(f)(i)(j): bool = select(j) AND rel(f(j),f(i)) filter_finite: JUDGEMENT filter(rel)(select)(f)(i) HAS_TYPE finite_set[below(N)] subset_filter: LEMMA subset?(filter(rel)(select)(f)(i),select) filter_remove: LEMMA filter(rel)(remove(j,select))(f)(i) = remove(j,filter(rel)(select)(f)(i)) END index_filters $$$index_filters.prf (index_filters (filter_finite 0 (filter_finite-1 nil 3265035253 nil ("" (skosimp*) (("" (rewrite "finite_below") nil nil)) nil) proved-complete ((finite_below formula-decl nil finite_sets_below "finite_sets/") (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (below type-eq-decl nil naturalnumbers nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (M formal-const-decl "posnat" index_filters nil)) nil nil nil nil)) (subset_filter 0 (subset_filter-1 nil 3265035253 3265035274 ("" (skosimp*) (("" (expand* "subset?" "filter" "member") (("" (skosimp*) nil nil)) nil)) nil) proved ((filter const-decl "bool" index_filters nil) (member const-decl "bool" sets nil) (subset? const-decl "bool" sets nil)) 355 90 nil nil)) (filter_remove 0 (filter_remove-1 nil 3265035285 3265035343 ("" (auto-rewrite-defs) (("" (skosimp*) (("" (apply-extensionality :hide? t) nil nil)) nil)) nil) proved ((below type-eq-decl nil naturalnumbers nil) (M formal-const-decl "posnat" index_filters nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (/= const-decl "boolean" notequal nil) (member const-decl "bool" sets nil) (remove const-decl "set" sets nil) (filter const-decl "bool" index_filters nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil)) 30005 1390 t shostak))) $$$index_select.pvs %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% % NASA Langley Formal Methods % http://shemesh.larc.nasa.gov/fm/spider/fm-now-spider.html % % PVS 3.1 % % Design : SPIDER Version 2 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% index_select[N: posnat, T: TYPE, leq: (total_order?[T])]: THEORY BEGIN IMPORTING index_filters[N, T], pigeonhole[below(N)] t1, t2: VAR T geq(t1,t2): bool = leq(t2, t1) good, eligible: var finite_set[below(N)] % subsets of indices f, f1, f2 : var [below(N) -> T] i, j, k, l : var below(N) n: var subrange(1,N) index_value(eligible, k ,f)(i): bool = eligible(i) AND card(filter(leq)(eligible)(f)(i)) > k AND card(filter(geq)(eligible)(f)(i)) >= card(eligible) - k index_min: LEMMA index_value(eligible, 0, f)(i) AND eligible(j) IMPLIES leq(f(i), f(j)) index_max: LEMMA eligible(j) AND index_value(eligible, card(eligible) - 1, f)(i) IMPLIES leq(f(j), f(i)) least_index_exists: LEMMA card(eligible) = n IMPLIES EXISTS i: index_value(eligible, 0, f)(i) index_exists_induct: LEMMA card(eligible) = n AND k < card(eligible) IMPLIES EXISTS i : index_value(eligible, k, f)(i) index_exists: LEMMA k < card(eligible) IMPLIES EXISTS i: index_value(eligible, k, f)(i) index_order: LEMMA k < l AND index_value(eligible, k, f)(i) AND index_value(eligible, l, f)(j) IMPLIES leq(f(i), f(j)) index_value_overlap: LEMMA index_value(eligible, k, f1)(i) AND index_value(eligible, k, f2)(l) IMPLIES EXISTS j: eligible(j) AND leq(f1(j), f1(i)) AND leq(f2(l), f2(j)) END index_select $$$index_select.prf (index_select (index_min_TCC1 0 (index_min_TCC1-1 nil 3264854173 3276349873 ("" (subtype-tcc) nil nil) proved nil 88 90 nil shostak)) (index_min 0 (index_min-4 nil 3276341041 3276349873 ("" (skosimp*) (("" (expand "index_value") (("" (flatten) (("" (hide -2) (("" (use "subset_filter") (("" (forward-chain "card_subset") (("" (use "same_card_subset[below(N)]") (("" (assert) (("" (replace -1 :dir rl) (("" (hide-all-but (-6 1)) (("" (expand "filter") (("" (expand "geq") (("" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((index_value const-decl "bool" index_select nil) (card_subset formula-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (same_card_subset formula-decl nil finite_sets nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (below type-eq-decl nil naturalnumbers nil) (geq const-decl "bool" index_select nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (T formal-type-decl nil index_select nil) (N formal-const-decl "posnat" index_select nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (subset_filter formula-decl nil index_filters nil)) 425 330 t nil) (index_min-3 nil 3275837333 3276339186 ("" (skosimp*) (("" (expand "index_value") (("" (flatten) (("" (hide -2) (("" (use "subset_filter") (("" (forward-chain "card_subset") (("" (use "same_card_subset[below(M)]") (("" (assert) (("" (replace -1 :dir rl) (("" (hide-all-but (-6 1)) (("" (expand "filter") (("" (expand "geq") (("" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unfinished ((subset_filter formula-decl nil index_filters nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (T formal-type-decl nil index_select nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (geq const-decl "bool" index_select nil) (below type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (same_card_subset formula-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (card_subset formula-decl nil finite_sets nil) (index_value const-decl "bool" index_select nil)) 140 100 t nil) (index_min-2 nil 3264930592 3275837307 ("" (skosimp*) (("" (expand "index_value") (("" (flatten) (("" (hide -2) (("" (use "subset_filter") (("" (forward-chain "card_subset") (("" (use "same_card_subset[below(M)]") (("" (assert) (("" (replace -1 :dir rl) (("" (hide-all-but (-6 1)) (("" (expand "filter") (("" (expand ">=") (("" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unfinished ((index_value const-decl "bool" index_select nil) (card_subset formula-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (same_card_subset formula-decl nil finite_sets nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (below type-eq-decl nil naturalnumbers nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (T formal-type-decl nil index_select nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (subset_filter formula-decl nil index_filters nil)) 195 170 t nil) (index_min-1 nil 3264930563 3264930570 ("" (postpone) nil nil) unfinished nil 6645 410 t shostak)) (index_max_TCC1 0 (index_max_TCC1-1 nil 3264854173 3276352560 ("" (skosimp*) (("" (use "card_below") (("" (assert) (("" (use "nonempty_card[below(N)]") (("" (assert) (("" (expand "nonempty?") (("" (expand "empty?") (("" (expand "member") (("" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((card_below formula-decl nil finite_sets_below "finite_sets/") (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (N formal-const-decl "posnat" index_select nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (below type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (nonempty_card formula-decl nil finite_sets nil) (nonempty? const-decl "bool" sets nil) (member const-decl "bool" sets nil) (empty? const-decl "bool" sets nil)) 23653 4610 t shostak)) (index_max 0 (index_max-2 nil 3276341063 3276349874 ("" (skosimp*) (("" (expand "index_value") (("" (flatten) (("" (hide -4) (("" (use "subset_filter") (("" (forward-chain "card_subset") (("" (use "same_card_subset[below(N)]") (("" (assert) (("" (replace -1 :dir rl) (("" (rewrite "filter") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) proved ((index_value const-decl "bool" index_select nil) (card_subset formula-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (same_card_subset formula-decl nil finite_sets nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (below type-eq-decl nil naturalnumbers nil) (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" index_select nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (T formal-type-decl nil index_select nil) (N formal-const-decl "posnat" index_select nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (subset_filter formula-decl nil index_filters nil)) 490 390 t nil) (index_max-1 nil 3264852248 3276339187 ("" (skosimp*) (("" (expand "index_value") (("" (flatten) (("" (hide -4) (("" (use "subset_filter") (("" (forward-chain "card_subset") (("" (use "same_card_subset[below(M)]") (("" (assert) (("" (replace -1 :dir rl) (("" (rewrite "filter") nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) unfinished ((index_value const-decl "bool" index_select nil) (card_subset formula-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (same_card_subset formula-decl nil finite_sets nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (below type-eq-decl nil naturalnumbers nil) (pred type-eq-decl nil defined_types nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" index_select nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (T formal-type-decl nil index_select nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (subset_filter formula-decl nil index_filters nil)) 182 130 t shostak)) (least_index_exists 0 (least_index_exists-6 nil 3276345315 3276349878 ("" (induct "n") (("1" (skosimp*) (("1" (rewrite "card_one") (("1" (skosimp*) (("1" (replace -1) (("1" (expand "index_value") (("1" (inst + "x!1") (("1" (rewrite "singleton") (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "filter") (("1" (inst?) (("1" (assert) (("1" (expand "singleton") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (swap-rel 1) (("2" (rewrite "card_subset") (("2" (hide 2) (("2" (expand "subset?") (("2" (expand "member") (("2" (skosimp*) (("2" (expand "filter") (("2" (assert) (("2" (expand "singleton") (("2" (expand "geq") (("2" (replace -1) (("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (skosimp*) (("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (skosimp*) (("2" (inst - "remove(x!1,eligible!1)" "f!1") (("2" (rewrite "card_remove") (("2" (assert) (("2" (skosimp*) (("2" (case "leq(f!1(x!1), f!1(i!1))") (("1" (inst + "x!1") (("1" (rewrite "index_value" +) (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (inst - "x!1") (("1" (rewrite "filter") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (swap-rel +) (("2" (rewrite "card_subset") (("2" (expand "subset?") (("2" (skosimp*) (("2" (expand "member") (("2" (rewrite "filter") (("2" (assert) (("2" (lemma "index_min") (("2" (inst - "remove(x!1,eligible!1)" "f!1" "i!1" "x!2") (("2" (assert) (("2" (rewrite "remove") (("2" (expand "member") (("2" (expand "geq") (("2" (typepred! "leq") (("2" (case "x!1 /= x!2") (("1" (assert) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "transitive?") (("1" (flatten) (("1" (inst -2 "f!1(x!1)" "f!1(i!1)" "f!1(x!2)") (("1" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (prop) (("1" (replace -2) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (replace -1) (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (inst + "i!1") (("2" (rewrite "index_value" +) (("2" (prop) (("1" (rewrite "index_value") (("1" (flatten) (("1" (rewrite "remove") (("1" (expand "member") (("1" (flatten) nil nil)) nil)) nil)) nil)) nil) ("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (inst - "i!1") (("2" (expand "filter") (("2" (expand "index_value") (("2" (flatten) (("2" (expand "remove") (("2" (expand "member") (("2" (flatten) (("2" (split 1) (("1" (propax) nil nil) ("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (swap-rel 1) (("3" (rewrite "card_subset") (("3" (expand "subset?") (("3" (expand "member") (("3" (skosimp*) (("3" (rewrite "filter") (("3" (expand "geq") (("3" (assert) (("3" (use "index_min") (("3" (assert) (("3" (rewrite "remove") (("3" (rewrite "member") (("3" (prop) (("3" (replace -1) (("3" (typepred! "leq") (("3" (expand "total_order?") (("3" (expand "dichotomous?") (("3" (flatten) (("3" (inst?) (("3" (split -2) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (expand "index_value") (("3" (rewrite "filter") (("3" (grind) nil nil)) nil)) nil)) nil)) nil) proved ((card_remove formula-decl nil finite_sets nil) (dichotomous? const-decl "bool" orders nil) (index_min formula-decl nil index_select nil) (transitive? const-decl "bool" relations nil) (/= const-decl "boolean" notequal nil) (remove const-decl "set" sets nil) (singleton const-decl "(singleton?)" sets nil) (geq const-decl "bool" index_select nil) (IFF const-decl "[bool, bool -> bool]" booleans nil) (subset? const-decl "bool" sets nil) (card_subset formula-decl nil finite_sets nil) (nonempty_card formula-decl nil finite_sets nil) (filter const-decl "bool" index_filters nil) (total_order? const-decl "bool" orders nil) (leq formal-const-decl "(total_order?[T])" index_select nil) (singleton? const-decl "bool" sets nil) (nonempty? const-decl "bool" sets nil) (member const-decl "bool" sets nil) (preorder? const-decl "bool" orders nil) (reflexive? const-decl "bool" relations nil) (partial_order? const-decl "bool" orders nil) (NOT const-decl "[bool -> bool]" booleans nil) (empty? const-decl "bool" sets nil) (card_one formula-decl nil finite_sets nil) (subrange_induction formula-decl nil subrange_inductions nil) (number nonempty-type-decl nil numbers nil) (boolean nonempty-type-decl nil booleans nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (number_field nonempty-type-from-decl nil number_fields nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (real nonempty-type-from-decl nil reals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (rational nonempty-type-from-decl nil rationals nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (int nonempty-type-eq-decl nil integers nil) (bool nonempty-type-eq-decl nil booleans nil) (>= const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (posnat nonempty-type-eq-decl nil integers nil) (N formal-const-decl "posnat" index_select nil) (index_value const-decl "bool" index_select nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (Card const-decl "nat" finite_sets nil) (= const-decl "[T, T -> boolean]" equalities nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (T formal-type-decl nil index_select nil) (finite_set type-eq-decl nil finite_sets nil) (is_finite const-decl "bool" finite_sets nil) (set type-eq-decl nil sets nil) (below type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (pred type-eq-decl nil defined_types nil) (subrange type-eq-decl nil integers nil) (<= const-decl "bool" reals nil) (AND const-decl "[bool, bool -> bool]" booleans nil)) 4184 3240 t nil) (least_index_exists-5 nil 3276341220 3276345265 ("" (induct "n") (("1" (skosimp*) (("1" (rewrite "card_one") (("1" (skosimp*) (("1" (replace -1) (("1" (expand "index_value") (("1" (inst + "x!1") (("1" (rewrite "singleton") (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "filter") (("1" (inst?) (("1" (assert) (("1" (expand "singleton") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (swap-rel 1) (("2" (rewrite "card_subset") (("2" (hide 2) (("2" (expand "subset?") (("2" (expand "member") (("2" (skosimp*) (("2" (expand "filter") (("2" (assert) (("2" (expand "singleton") (("2" (expand "geq") (("2" (replace -1) (("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (skosimp*) (("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (skosimp*) (("2" (inst - "remove(x!1,eligible!1)" "f!1") (("2" (rewrite "card_remove") (("2" (assert) (("2" (skosimp*) (("2" (case "leq(f!1(x!1), f!1(n1!1))") (("1" (inst + "x!1") (("1" (rewrite "index_value" +) (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (inst - "x!1") (("1" (rewrite "filter") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (swap-rel +) (("2" (rewrite "card_subset") (("2" (expand "subset?") (("2" (skosimp*) (("2" (expand "member") (("2" (rewrite "filter") (("2" (assert) (("2" (lemma "index_min") (("2" (inst - "remove(x!1,eligible!1)" "f!1" "n1!1" "x!2") (("2" (assert) (("2" (rewrite "remove") (("2" (expand "member") (("2" (expand "geq") (("2" (typepred! "leq") (("2" (case "x!1 /= x!2") (("1" (assert) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "transitive?") (("1" (flatten) (("1" (inst -2 "f!1(x!1)" "f!1(n1!1)" "f!1(x!2)") (("1" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (prop) (("1" (replace -2) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (replace -1) (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (inst + "n1!1") (("2" (rewrite "index_value" +) (("2" (prop) (("1" (rewrite "index_value") (("1" (flatten) (("1" (rewrite "remove") (("1" (expand "member") (("1" (flatten) nil nil)) nil)) nil)) nil)) nil) ("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (inst - "n1!1") (("2" (expand "filter") (("2" (expand "index_value") (("2" (flatten) (("2" (expand "remove") (("2" (expand "member") (("2" (flatten) (("2" (split 1) (("1" (propax) nil nil) ("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (swap-rel 1) (("3" (rewrite "card_subset") (("3" (expand "subset?") (("3" (expand "member") (("3" (skosimp*) (("3" (rewrite "filter") (("3" (expand "geq") (("3" (assert) (("3" (use "index_min") (("3" (assert) (("3" (rewrite "remove") (("3" (rewrite "member") (("3" (prop) (("3" (replace -1) (("3" (typepred! "leq") (("3" (expand "total_order?") (("3" (expand "dichotomous?") (("3" (flatten) (("3" (inst?) (("3" (split -2) (("1" (propax) nil nil) ("2" (propax) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("3" (skosimp*) (("3" (expand "index_value") (("3" (rewrite "filter") (("3" (grind) nil nil)) nil)) nil)) nil)) nil) unfinished ((AND const-decl "[bool, bool -> bool]" booleans nil) (<= const-decl "bool" reals nil) (subrange type-eq-decl nil integers nil) (pred type-eq-decl nil defined_types nil) (nat nonempty-type-eq-decl nil naturalnumbers nil) (< const-decl "bool" reals nil) (below type-eq-decl nil naturalnumbers nil) (set type-eq-decl nil sets nil) (is_finite const-decl "bool" finite_sets nil) (finite_set type-eq-decl nil finite_sets nil) (T formal-type-decl nil index_select nil) (IMPLIES const-decl "[bool, bool -> bool]" booleans nil) (= const-decl "[T, T -> boolean]" equalities nil) (Card const-decl "nat" finite_sets nil) (card const-decl "{n: nat | n = Card(S)}" finite_sets nil) (index_value const-decl "bool" index_select nil) (N formal-const-decl "posnat" index_select nil) (posnat nonempty-type-eq-decl nil integers nil) (> const-decl "bool" reals nil) (nonneg_int nonempty-type-eq-decl nil integers nil) (>= const-decl "bool" reals nil) (bool nonempty-type-eq-decl nil booleans nil) (int nonempty-type-eq-decl nil integers nil) (integer_pred const-decl "[rational -> boolean]" integers nil) (rational nonempty-type-from-decl nil rationals nil) (rational_pred const-decl "[real -> boolean]" rationals nil) (real nonempty-type-from-decl nil reals nil) (real_pred const-decl "[number_field -> boolean]" reals nil) (number_field nonempty-type-from-decl nil number_fields nil) (number_field_pred const-decl "[number -> boolean]" number_fields nil) (boolean nonempty-type-decl nil booleans nil) (number nonempty-type-decl nil numbers nil) (subrange_induction formula-decl nil subrange_inductions nil) (card_one formula-decl nil finite_sets nil) (empty? const-decl "bool" sets nil) (NOT const-decl "[bool -> bool]" booleans nil) (partial_order? const-decl "bool" orders nil) (reflexive? const-decl "bool" relations nil) (preorder? const-decl "bool" orders nil) (member const-decl "bool" sets nil) (nonempty? const-decl "bool" sets nil) (singleton? const-decl "bool" sets nil) (leq formal-const-decl "(total_order?[T])" index_select nil) (total_order? const-decl "bool" orders nil) (filter const-decl "bool" index_filters nil) (nonempty_card formula-decl nil finite_sets nil) (card_subset formula-decl nil finite_sets nil) (subset? const-decl "bool" sets nil) (IFF const-decl "[bool, bool -> bool]" booleans nil) (geq const-decl "bool" index_select nil) (singleton const-decl "(singleton?)" sets nil) (remove const-decl "set" sets nil) (/= const-decl "boolean" notequal nil) (transitive? const-decl "bool" relations nil) (index_min formula-decl nil index_select nil) (dichotomous? const-decl "bool" orders nil) (card_remove formula-decl nil finite_sets nil)) 4418 840 nil nil) (least_index_exists-4 nil 3276341161 3276341185 ("" (induct "n") (("1" (skosimp*) (("1" (rewrite "card_one") (("1" (skosimp*) (("1" (replace -1) (("1" (expand "index_value") (("1" (inst + "x!1") (("1" (rewrite "singleton") (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "filter") (("1" (inst?) (("1" (assert) (("1" (expand "singleton") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil))))))))))))))))))))))))))))))) ("2" (swap-rel 1) (("2" (rewrite "card_subset") (("2" (hide 2) (("2" (expand "subset?") (("2" (expand "member") (("2" (skosimp*) (("2" (expand "filter") (("2" (assert) (("2" (expand "singleton") (("2" (expand "geq") (("2" (replace -1) (("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (skosimp*) (("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (skosimp*) (("2" (inst - "remove(x!1,eligible!1)" "f!1") (("2" (rewrite "card_remove") (("2" (assert) (("2" (skosimp*) (("2" (case "leq(f!1(x!1), f!1(n1!1))") (("1" (inst + "x!1") (("1" (rewrite "index_value" +) (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (inst - "x!1") (("1" (rewrite "filter") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil))))))))))))))))))))))))))) ("2" (swap-rel +) (("2" (rewrite "card_subset") (("2" (expand "subset?") (("2" (skosimp*) (("2" (expand "member") (("2" (rewrite "filter") (("2" (assert) (("2" (lemma "index_min") (("2" (inst - "remove(x!1,eligible!1)" "f!1" "n1!1" "x!2") (("2" (assert) (("2" (rewrite "remove") (("2" (expand "member") (("2" (expand "geq") (("2" (typepred! "leq") (("2" (case "x!1 /= x!2") (("1" (assert) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "transitive?") (("1" (flatten) (("1" (inst -2 "f!1(x!1)" "f!1(i!1)" "f!1(x!2)") (("1" (assert) nil))))))))))))))) ("2" (prop) (("1" (replace -2) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil))))))))))))) ("2" (replace -1) (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (inst + "n1!1") (("2" (rewrite "index_value" +) (("2" (prop) (("1" (rewrite "index_value") (("1" (flatten) (("1" (rewrite "remove") (("1" (expand "member") (("1" (flatten) nil))))))))) ("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (inst - "n1!1") (("2" (expand "filter") (("2" (expand "index_value") (("2" (flatten) (("2" (expand "remove") (("2" (expand "member") (("2" (flatten) (("2" (split 1) (("1" (propax) nil) ("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil))))))))))))))))))))))))))))))))))))))) ("3" (swap-rel 1) (("3" (rewrite "card_subset") (("3" (expand "subset?") (("3" (expand "member") (("3" (skosimp*) (("3" (rewrite "filter") (("3" (expand "geq") (("3" (assert) (("3" (use "index_min") (("3" (assert) (("3" (rewrite "remove") (("3" (rewrite "member") (("3" (prop) (("3" (replace -1) (("3" (typepred! "leq") (("3" (expand "total_order?") (("3" (expand "dichotomous?") (("3" (flatten) (("3" (inst?) (("3" (split -2) (("1" (propax) nil) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) ("3" (skosimp*) (("3" (expand "index_value") (("3" (rewrite "filter") (("3" (grind) nil)))))))) nil) unfinished nil 20779 2690 t nil) (least_index_exists-3 nil 3276341130 3276341145 ("" (induct "n") (("1" (skosimp*) (("1" (rewrite "card_one") (("1" (skosimp*) (("1" (replace -1) (("1" (expand "index_value") (("1" (inst + "x!1") (("1" (rewrite "singleton") (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "filter") (("1" (inst?) (("1" (assert) (("1" (expand "singleton") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil))))))))))))))))))))))))))))))) ("2" (swap-rel 1) (("2" (rewrite "card_subset") (("2" (hide 2) (("2" (expand "subset?") (("2" (expand "member") (("2" (skosimp*) (("2" (expand "filter") (("2" (assert) (("2" (expand "singleton") (("2" (expand "geq") (("2" (replace -1) (("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (skosimp*) (("2" (use "nonempty_card[below(M)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (skosimp*) (("2" (inst - "remove(x!1,eligible!1)" "f!1") (("2" (rewrite "card_remove") (("2" (assert) (("2" (skosimp*) (("2" (case "leq(f!1(x!1), f!1(n1!1))") (("1" (inst + "x!1") (("1" (rewrite "index_value" +) (("1" (prop) (("1" (use "nonempty_card[below(N)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (inst - "x!1") (("1" (rewrite "filter") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil))))))))))))))))))))))))))) ("2" (swap-rel +) (("2" (rewrite "card_subset") (("2" (expand "subset?") (("2" (skosimp*) (("2" (expand "member") (("2" (rewrite "filter") (("2" (assert) (("2" (lemma "index_min") (("2" (inst - "remove(x!1,eligible!1)" "f!1" "n1!1" "x!2") (("2" (assert) (("2" (rewrite "remove") (("2" (expand "member") (("2" (expand "geq") (("2" (typepred! "leq") (("2" (case "x!1 /= x!2") (("1" (assert) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "transitive?") (("1" (flatten) (("1" (inst -2 "f!1(x!1)" "f!1(i!1)" "f!1(x!2)") (("1" (assert) nil))))))))))))))) ("2" (prop) (("1" (replace -2) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil))))))))))))) ("2" (replace -1) (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil))))))))))))))))))))))))))))))))))))))))))))))))))) ("2" (inst + "n1!1") (("2" (rewrite "index_value" +) (("2" (prop) (("1" (rewrite "index_value") (("1" (flatten) (("1" (rewrite "remove") (("1" (expand "member") (("1" (flatten) nil))))))))) ("2" (use "nonempty_card[below(N)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (inst - "n1!1") (("2" (expand "filter") (("2" (expand "index_value") (("2" (flatten) (("2" (expand "remove") (("2" (expand "member") (("2" (flatten) (("2" (split 1) (("1" (propax) nil) ("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil))))))))))))))))))))))))))))))))))))))) ("3" (swap-rel 1) (("3" (rewrite "card_subset") (("3" (expand "subset?") (("3" (expand "member") (("3" (skosimp*) (("3" (rewrite "filter") (("3" (expand "geq") (("3" (assert) (("3" (use "index_min") (("3" (assert) (("3" (rewrite "remove") (("3" (rewrite "member") (("3" (prop) (("3" (replace -1) (("3" (typepred! "leq") (("3" (expand "total_order?") (("3" (expand "dichotomous?") (("3" (flatten) (("3" (inst?) (("3" (split -2) (("1" (propax) nil) ("2" (propax) nil))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) ("3" (skosimp*) (("3" (expand "index_value") (("3" (rewrite "filter") (("3" (grind) nil)))))))) nil) unfinished nil 14241 870 t nil) (least_index_exists-2 nil 3275837439 3276339187 ("" (induct "n") (("1" (skosimp*) (("1" (rewrite "card_one") (("1" (skosimp*) (("1" (replace -1) (("1" (expand "index_value") (("1" (inst + "x!1") (("1" (rewrite "singleton") (("1" (prop) (("1" (use "nonempty_card[below(M)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (expand "filter") (("1" (inst?) (("1" (assert) (("1" (expand "singleton") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (swap-rel 1) (("2" (rewrite "card_subset") (("2" (hide 2) (("2" (expand "subset?") (("2" (expand "member") (("2" (skosimp*) (("2" (expand "filter") (("2" (assert) (("2" (expand "singleton") (("2" (expand "geq") (("2" (replace -1) (("2" (typepred! "leq") (("2" (expand "total_order?") (("2" (expand "partial_order?") (("2" (expand "preorder?") (("2" (expand "reflexive?") (("2" (flatten) (("2" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (skosimp*) (("2" (use "nonempty_card[below(M)]") (("2" (assert) (("2" (expand "nonempty?") (("2" (expand "empty?") (("2" (expand "member") (("2" (skosimp*) (("2" (inst - "remove(x!1,eligible!1)" "f!1") (("2" (rewrite "card_remove") (("2" (assert) (("2" (skosimp*) (("2" (case "leq(f!1(x!1), f!1(i!1))") (("1" (inst + "x!1") (("1" (rewrite "index_value" +) (("1" (prop) (("1" (use "nonempty_card[below(M)]") (("1" (assert) (("1" (expand "nonempty?") (("1" (expand "empty?") (("1" (expand "member") (("1" (inst - "x!1") (("1" (rewrite "filter") (("1" (typepred! "leq") (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "reflexive?") (("1" (flatten) (("1" (inst?) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (swap-rel +) (("2" (rewrite "card_subset") (("2" (expand "subset?") (("2" (skosimp*) (("2" (expand "member") (("2" (rewrite "filter") (("2" (assert) (("2" (lemma "index_min") (("2" (inst - "remove(x!1,eligible!1)" "f!1" "i!1" "x!2") (("2" (assert) (("2" (rewrite "remove") (("2" (expand "member") (("2" (expand "geq") (("2" (typepred! "leq") (("2" (case "x!1 /= x!2") (("1" (assert) (("1" (expand "total_order?") (("1" (expand "partial_order?") (("1" (expand "preorder?") (("1" (expand "transitive?") (("1" (flatten) (("1" (inst -2 "f!1(x!1)" "f!1(i!1)" "f!1(x!2)") (("1" (assert) nil nil)) nil)) nil)) nil)) nil)) nil)) nil)) nil) ("2" (prop) (("1" (replace -2) (("1" (expand "total_order?") (("1" (expand "partial_order?")