let s be State of SCM+FSA ; :: thesis: for c0 being Element of NAT st IC s = insloc c0 holds
for a being Int-Location
for k being Integer st ( for c being Element of NAT st c < len (aSeq a,k) holds
(aSeq a,k) . (c + 1) = s . (insloc (c0 + c)) ) holds
for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
let c0 be Element of NAT ; :: thesis: ( IC s = insloc c0 implies for a being Int-Location
for k being Integer st ( for c being Element of NAT st c < len (aSeq a,k) holds
(aSeq a,k) . (c + 1) = s . (insloc (c0 + c)) ) holds
for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i) )
assume A1: IC s = insloc c0 ; :: thesis: for a being Int-Location
for k being Integer st ( for c being Element of NAT st c < len (aSeq a,k) holds
(aSeq a,k) . (c + 1) = s . (insloc (c0 + c)) ) holds
for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
let a be Int-Location ; :: thesis: for k being Integer st ( for c being Element of NAT st c < len (aSeq a,k) holds
(aSeq a,k) . (c + 1) = s . (insloc (c0 + c)) ) holds
for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
let k be Integer; :: thesis: ( ( for c being Element of NAT st c < len (aSeq a,k) holds
(aSeq a,k) . (c + 1) = s . (insloc (c0 + c)) ) implies for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i) )
assume A2: for c being Element of NAT st c < len (aSeq a,k) holds
(aSeq a,k) . (c + 1) = s . (insloc (c0 + c)) ; :: thesis: for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
per cases ( k > 0 or k <= 0 ) ;
suppose A3: k > 0 ; :: thesis: for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
then reconsider k' = k as Element of NAT by INT_1:16;
consider k1 being Element of NAT such that
A4: k1 + 1 = k' and
A5: aSeq a,k' = <*(a := (intloc 0 ))*> ^ (k1 |-> (AddTo a,(intloc 0 ))) by A3, SCMFSA_7:def 3;
defpred S1[ Element of NAT ] means ( $1 <= k' implies IC (Computation s,$1) = insloc (c0 + $1) );
A6: len (aSeq a,k') = (len <*(a := (intloc 0 ))*>) + (len (k1 |-> (AddTo a,(intloc 0 )))) by A5, FINSEQ_1:35
.= 1 + (len (k1 |-> (AddTo a,(intloc 0 )))) by FINSEQ_1:56
.= k' by A4, FINSEQ_1:def 18 ;
for i being Element of NAT st i <= len (aSeq a,k') holds
IC (Computation s,i) = insloc (c0 + i)
proof
A7: now
let i be Element of NAT ; :: thesis: ( 1 < i & i <= k' implies (aSeq a,k') . i = AddTo a,(intloc 0 ) )
assume that
A8: 1 < i and
A9: i <= k' ; :: thesis: (aSeq a,k') . i = AddTo a,(intloc 0 )
A10: 1 <= i - 1 by A8, INT_1:79;
then reconsider i1 = i - 1 as Element of NAT by INT_1:16;
i - 1 <= k' - 1 by A9, XREAL_1:11;
then A11: i1 in Seg k1 by A4, A10, FINSEQ_1:3;
len <*(a := (intloc 0 ))*> = 1 by FINSEQ_1:56;
hence (aSeq a,k') . i = (k1 |-> (AddTo a,(intloc 0 ))) . (i - 1) by A5, A6, A8, A9, FINSEQ_1:37
.= AddTo a,(intloc 0 ) by A11, FUNCOP_1:13 ;
:: thesis: verum
end;
A12: now
let i be Element of NAT ; :: thesis: ( 0 < i & i < k' implies s . (insloc (c0 + i)) = AddTo a,(intloc 0 ) )
assume that
A13: 0 < i and
A14: i < k' ; :: thesis: s . (insloc (c0 + i)) = AddTo a,(intloc 0 )
A15: ( 0 + 1 < i + 1 & i + 1 <= k' ) by A13, A14, NAT_1:13, XREAL_1:8;
thus s . (insloc (c0 + i)) = (aSeq a,k') . (i + 1) by A2, A6, A14
.= AddTo a,(intloc 0 ) by A7, A15 ; :: thesis: verum
end;
A16: s . (insloc (c0 + 0 )) = (aSeq a,k') . (0 + 1) by A2, A3, A6
.= a := (intloc 0 ) by A5, FINSEQ_1:58 ;
A17: now
let n be Element of NAT ; :: thesis: ( n = 0 implies ( Computation s,n = s & CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s ) )
assume n = 0 ; :: thesis: ( Computation s,n = s & CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s )
hence A18: Computation s,n = s by AMI_1:13; :: thesis: ( CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s )
hence A19: CurInstr (Computation s,n) = a := (intloc 0 ) by A1, A16, AMI_1:def 17; :: thesis: Computation s,(n + 1) = Exec (a := (intloc 0 )),s
thus Computation s,(n + 1) = Following (Computation s,n) by AMI_1:14
.= Exec (a := (intloc 0 )),s by A18, A19, AMI_1:def 18 ; :: thesis: verum
end;
A20: for n being Element of NAT st S1[n] holds
S1[n + 1]
proof
let n be Element of NAT ; :: thesis: ( S1[n] implies S1[n + 1] )
assume A21: S1[n] ; :: thesis: S1[n + 1]
assume A22: n + 1 <= k' ; :: thesis: IC (Computation s,(n + 1)) = insloc (c0 + (n + 1))
per cases ( n = 0 or n > 0 ) ;
suppose A23: n = 0 ; :: thesis: IC (Computation s,(n + 1)) = insloc (c0 + (n + 1))
hence IC (Computation s,(n + 1)) = IC (Exec (a := (intloc 0 )),s) by A17
.= (Exec (a := (intloc 0 )),s) . (IC SCM+FSA ) by AMI_1:def 15
.= Next (insloc (c0 + n)) by A1, A23, SCMFSA_2:89
.= insloc ((c0 + n) + 1) by NAT_1:39
.= insloc (c0 + (n + 1)) ;
:: thesis: verum
end;
suppose A24: n > 0 ; :: thesis: IC (Computation s,(n + 1)) = insloc (c0 + (n + 1))
A25: n < k' by A22, NAT_1:13;
A26: n + 0 <= n + 1 by XREAL_1:9;
then A27: CurInstr (Computation s,n) = (Computation s,n) . (insloc (c0 + n)) by A21, A22, AMI_1:def 17, XXREAL_0:2
.= s . (insloc (c0 + n)) by AMI_1:54
.= AddTo a,(intloc 0 ) by A12, A24, A25 ;
A28: Computation s,(n + 1) = Following (Computation s,n) by AMI_1:14
.= Exec (AddTo a,(intloc 0 )),(Computation s,n) by A27, AMI_1:def 18 ;
thus IC (Computation s,(n + 1)) = (Computation s,(n + 1)) . (IC SCM+FSA ) by AMI_1:def 15
.= Next (IC (Computation s,n)) by A28, SCMFSA_2:90
.= insloc ((c0 + n) + 1) by A21, A22, A26, NAT_1:39, XXREAL_0:2
.= insloc (c0 + (n + 1)) ; :: thesis: verum
end;
end;
end;
let i be Element of NAT ; :: thesis: ( i <= len (aSeq a,k') implies IC (Computation s,i) = insloc (c0 + i) )
assume A29: i <= len (aSeq a,k') ; :: thesis: IC (Computation s,i) = insloc (c0 + i)
A30: S1[ 0 ] by A1, AMI_1:13;
for i being Element of NAT holds S1[i] from NAT_1:sch 1(A30, A20);
 hence IC (Computation s,i) = insloc (c0 + i) by A6, A29; :: thesis: verum
end;
hence for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i) ; :: thesis: verum
end;
suppose A31: k <= 0 ; :: thesis: for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
then reconsider mk = - k as Element of NAT by INT_1:16;
defpred S1[ Element of NAT ] means ( $1 <= (mk + 1) + 1 implies IC (Computation s,$1) = insloc (c0 + $1) );
consider k1 being Element of NAT such that
A32: k1 + k = 1 and
A33: aSeq a,k = <*(a := (intloc 0 ))*> ^ (k1 |-> (SubFrom a,(intloc 0 ))) by A31, SCMFSA_7:def 3;
A34: len (aSeq a,k) = (len <*(a := (intloc 0 ))*>) + (len (k1 |-> (SubFrom a,(intloc 0 )))) by A33, FINSEQ_1:35
.= 1 + (len (k1 |-> (SubFrom a,(intloc 0 )))) by FINSEQ_1:56
.= (mk + 1) + 1 by A32, FINSEQ_1:def 18 ;
for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i)
proof
A35: now
let i be Element of NAT ; :: thesis: ( 1 < i & i <= (mk + 1) + 1 implies (aSeq a,k) . i = SubFrom a,(intloc 0 ) )
assume that
A36: 1 < i and
A37: i <= (mk + 1) + 1 ; :: thesis: (aSeq a,k) . i = SubFrom a,(intloc 0 )
A38: i - 1 <= ((mk + 1) + 1) - 1 by A37, XREAL_1:11;
A39: 1 - 1 < i - 1 by A36, XREAL_1:11;
then reconsider i1 = i - 1 as Element of NAT by INT_1:16;
(1 - 1) + 1 <= i - 1 by A39, INT_1:20;
then A40: i1 in Seg k1 by A32, A38, FINSEQ_1:3;
len <*(a := (intloc 0 ))*> = 1 by FINSEQ_1:56;
hence (aSeq a,k) . i = (k1 |-> (SubFrom a,(intloc 0 ))) . (i - 1) by A33, A34, A36, A37, FINSEQ_1:37
.= SubFrom a,(intloc 0 ) by A40, FUNCOP_1:13 ;
:: thesis: verum
end;
A41: now
let i be Element of NAT ; :: thesis: ( 0 < i & i < (mk + 1) + 1 implies s . (insloc (c0 + i)) = SubFrom a,(intloc 0 ) )
assume that
A42: 0 < i and
A43: i < (mk + 1) + 1 ; :: thesis: s . (insloc (c0 + i)) = SubFrom a,(intloc 0 )
A44: ( 0 + 1 < i + 1 & i + 1 <= (mk + 1) + 1 ) by A42, A43, NAT_1:13, XREAL_1:8;
thus s . (insloc (c0 + i)) = (aSeq a,k) . (i + 1) by A2, A34, A43
.= SubFrom a,(intloc 0 ) by A35, A44 ; :: thesis: verum
end;
A45: s . (insloc (c0 + 0 )) = (aSeq a,k) . (0 + 1) by A2, A34
.= a := (intloc 0 ) by A33, FINSEQ_1:58 ;
A46: for n being Element of NAT st n = 0 holds
( Computation s,n = s & CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s )
proof
let n be Element of NAT ; :: thesis: ( n = 0 implies ( Computation s,n = s & CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s ) )
assume n = 0 ; :: thesis: ( Computation s,n = s & CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s )
hence A47: Computation s,n = s by AMI_1:13; :: thesis: ( CurInstr (Computation s,n) = a := (intloc 0 ) & Computation s,(n + 1) = Exec (a := (intloc 0 )),s )
hence A48: CurInstr (Computation s,n) = a := (intloc 0 ) by A1, A45, AMI_1:def 17; :: thesis: Computation s,(n + 1) = Exec (a := (intloc 0 )),s
thus Computation s,(n + 1) = Following (Computation s,n) by AMI_1:14
.= Exec (a := (intloc 0 )),s by A47, A48, AMI_1:def 18 ; :: thesis: verum
end;
A49: for n being Element of NAT st S1[n] holds
S1[n + 1]
proof
let n be Element of NAT ; :: thesis: ( S1[n] implies S1[n + 1] )
assume A50: S1[n] ; :: thesis: S1[n + 1]
assume A51: n + 1 <= (mk + 1) + 1 ; :: thesis: IC (Computation s,(n + 1)) = insloc (c0 + (n + 1))
per cases ( n = 0 or n > 0 ) ;
suppose A52: n = 0 ; :: thesis: IC (Computation s,(n + 1)) = insloc (c0 + (n + 1))
hence IC (Computation s,(n + 1)) = IC (Exec (a := (intloc 0 )),s) by A46
.= (Exec (a := (intloc 0 )),s) . (IC SCM+FSA ) by AMI_1:def 15
.= Next (insloc (c0 + n)) by A1, A52, SCMFSA_2:89
.= insloc ((c0 + n) + 1) by NAT_1:39
.= insloc (c0 + (n + 1)) ;
:: thesis: verum
end;
suppose A53: n > 0 ; :: thesis: IC (Computation s,(n + 1)) = insloc (c0 + (n + 1))
A54: n < (mk + 1) + 1 by A51, NAT_1:13;
A55: n + 0 <= n + 1 by XREAL_1:9;
then A56: CurInstr (Computation s,n) = (Computation s,n) . (insloc (c0 + n)) by A50, A51, AMI_1:def 17, XXREAL_0:2
.= s . (insloc (c0 + n)) by AMI_1:54
.= SubFrom a,(intloc 0 ) by A41, A53, A54 ;
A57: Computation s,(n + 1) = Following (Computation s,n) by AMI_1:14
.= Exec (SubFrom a,(intloc 0 )),(Computation s,n) by A56, AMI_1:def 18 ;
thus IC (Computation s,(n + 1)) = (Computation s,(n + 1)) . (IC SCM+FSA ) by AMI_1:def 15
.= Next (IC (Computation s,n)) by A57, SCMFSA_2:91
.= insloc ((c0 + n) + 1) by A50, A51, A55, NAT_1:39, XXREAL_0:2
.= insloc (c0 + (n + 1)) ; :: thesis: verum
end;
end;
end;
let i be Element of NAT ; :: thesis: ( i <= len (aSeq a,k) implies IC (Computation s,i) = insloc (c0 + i) )
assume A58: i <= len (aSeq a,k) ; :: thesis: IC (Computation s,i) = insloc (c0 + i)
A59: S1[ 0 ] by A1, AMI_1:13;
for i being Element of NAT holds S1[i] from NAT_1:sch 1(A59, A49);
 hence IC (Computation s,i) = insloc (c0 + i) by A34, A58; :: thesis: verum
end;
hence for i being Element of NAT st i <= len (aSeq a,k) holds
IC (Computation s,i) = insloc (c0 + i) ; :: thesis: verum
end;
end;