let s1, s2 be State of SCM+FSA ; :: thesis: for I being Program of SCM+FSA st I +* (Start-At (insloc 0 )) c= s1 & I is_pseudo-closed_on s1 holds
for n being Element of NAT st ProgramPart (Relocated I,n) c= s2 & IC s2 = insloc n & DataPart s1 = DataPart s2 holds
( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) )
let I be Program of SCM+FSA ; :: thesis: ( I +* (Start-At (insloc 0 )) c= s1 & I is_pseudo-closed_on s1 implies for n being Element of NAT st ProgramPart (Relocated I,n) c= s2 & IC s2 = insloc n & DataPart s1 = DataPart s2 holds
( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) ) )
assume A1:
I +* (Start-At (insloc 0 )) c= s1
; :: thesis: ( not I is_pseudo-closed_on s1 or for n being Element of NAT st ProgramPart (Relocated I,n) c= s2 & IC s2 = insloc n & DataPart s1 = DataPart s2 holds
( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) ) )
assume A2:
I is_pseudo-closed_on s1
; :: thesis: for n being Element of NAT st ProgramPart (Relocated I,n) c= s2 & IC s2 = insloc n & DataPart s1 = DataPart s2 holds
( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) )
let n be Element of NAT ; :: thesis: ( ProgramPart (Relocated I,n) c= s2 & IC s2 = insloc n & DataPart s1 = DataPart s2 implies ( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) ) )
assume A3:
ProgramPart (Relocated I,n) c= s2
; :: thesis: ( not IC s2 = insloc n or not DataPart s1 = DataPart s2 or ( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) ) )
defpred S1[ Element of NAT ] means ( $1 <= pseudo-LifeSpan s1,I implies ( (IC (Computation s1,$1)) + n = IC (Computation s2,$1) & DataPart (Computation s1,$1) = DataPart (Computation s2,$1) ) );
assume A4:
IC s2 = insloc n
; :: thesis: ( not DataPart s1 = DataPart s2 or ( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) ) )
assume A5:
DataPart s1 = DataPart s2
; :: thesis: ( ( for i being Element of NAT st i < pseudo-LifeSpan s1,I holds
IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) ) & ( for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) ) )
hereby :: thesis: for i being Element of NAT st i <= pseudo-LifeSpan s1,I holds
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) )
defpred S2[
Element of
NAT ]
means ( $1
< pseudo-LifeSpan s1,
I implies (
(IC (Computation s1,$1)) + n = IC (Computation s2,$1) &
IncAddr (CurInstr (Computation s1,$1)),
n = CurInstr (Computation s2,$1) &
DataPart (Computation s1,$1) = DataPart (Computation s2,$1) ) );
let i be
Element of
NAT ;
:: thesis: ( i < pseudo-LifeSpan s1,I implies IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i) )assume A7:
i < pseudo-LifeSpan s1,
I
;
:: thesis: IncAddr (CurInstr (Computation s1,i)),n = CurInstr (Computation s2,i)A8:
for
k being
Element of
NAT st
S2[
k] holds
S2[
k + 1]
proof
A9:
I c= I +* (Start-At (insloc 0 ))
by SCMFSA8A:9;
then A10:
dom I c= dom (I +* (Start-At (insloc 0 )))
by GRFUNC_1:8;
let k be
Element of
NAT ;
:: thesis: ( S2[k] implies S2[k + 1] )
assume A11:
S2[
k]
;
:: thesis: S2[k + 1]
reconsider l =
IC (Computation s1,(k + 1)) as
Element of
NAT by ORDINAL1:def 13;
reconsider j =
CurInstr (Computation s1,(k + 1)) as
Instruction of
SCM+FSA ;
assume A12:
k + 1
< pseudo-LifeSpan s1,
I
;
:: thesis: ( (IC (Computation s1,(k + 1))) + n = IC (Computation s2,(k + 1)) & IncAddr (CurInstr (Computation s1,(k + 1))),n = CurInstr (Computation s2,(k + 1)) & DataPart (Computation s1,(k + 1)) = DataPart (Computation s2,(k + 1)) )
A13:
IC (Computation s2,(k + 1)) in NAT
by AMI_1:def 4;
A14:
Computation s1,
(k + 1) =
Following (Computation s1,k)
by AMI_1:14
.=
Exec (CurInstr (Computation s1,k)),
(Computation s1,k)
;
s1 +* (I +* (Start-At (insloc 0 ))) = s1
by A1, FUNCT_4:79;
then A15:
IC (Computation s1,(k + 1)) in dom I
by A2, A12, SCMFSA8A:def 5;
dom (ProgramPart I) = (dom I) /\ NAT
by RELAT_1:90;
then A16:
l in dom (ProgramPart I)
by A15, XBOOLE_0:def 4;
A17:
Computation s2,
(k + 1) =
Following (Computation s2,k)
by AMI_1:14
.=
Exec (CurInstr (Computation s2,k)),
(Computation s2,k)
;
A18:
k + 0 < k + 1
by XREAL_1:8;
hence A19:
(IC (Computation s1,(k + 1))) + n = IC (Computation s2,(k + 1))
by A11, A12, A14, A17, SCMFSA6A:41, XXREAL_0:2;
:: thesis: ( IncAddr (CurInstr (Computation s1,(k + 1))),n = CurInstr (Computation s2,(k + 1)) & DataPart (Computation s1,(k + 1)) = DataPart (Computation s2,(k + 1)) )
then
IC (Computation s2,(k + 1)) in dom (Relocated I,n)
by A15, SCMFSA_5:4;
then
IC (Computation s2,(k + 1)) in (dom (Relocated I,n)) /\ NAT
by A13, XBOOLE_0:def 4;
then A20:
IC (Computation s2,(k + 1)) in dom (ProgramPart (Relocated I,n))
by RELAT_1:90;
j =
s1 . (IC (Computation s1,(k + 1)))
by AMI_1:54
.=
(I +* (Start-At (insloc 0 ))) . (IC (Computation s1,(k + 1)))
by A1, A10, A15, GRFUNC_1:8
.=
I . l
by A9, A15, GRFUNC_1:8
;
hence IncAddr (CurInstr (Computation s1,(k + 1))),
n =
(Relocated I,n) . (l + n)
by A16, SCMFSA_5:7
.=
(ProgramPart (Relocated I,n)) . (IC (Computation s2,(k + 1)))
by A19, FUNCT_1:72
.=
s2 . (IC (Computation s2,(k + 1)))
by A3, A20, GRFUNC_1:8
.=
CurInstr (Computation s2,(k + 1))
by AMI_1:54
;
:: thesis: DataPart (Computation s1,(k + 1)) = DataPart (Computation s2,(k + 1))
thus
DataPart (Computation s1,(k + 1)) = DataPart (Computation s2,(k + 1))
by A11, A12, A18, A14, A17, SCMFSA6A:41, XXREAL_0:2;
:: thesis: verum
end; A21:
S2[
0 ]
proof
A22:
IC (Computation (s1 +* (I +* (Start-At (insloc 0 )))),0 ) =
IC (s1 +* (I +* (Start-At (insloc 0 ))))
by AMI_1:13
.=
IC ((s1 +* I) +* (Start-At (insloc 0 )))
by FUNCT_4:15
.=
insloc 0
by AMI_1:111
;
assume
0 < pseudo-LifeSpan s1,
I
;
:: thesis: ( (IC (Computation s1,0 )) + n = IC (Computation s2,0 ) & IncAddr (CurInstr (Computation s1,0 )),n = CurInstr (Computation s2,0 ) & DataPart (Computation s1,0 ) = DataPart (Computation s2,0 ) )
then A23:
insloc 0 in dom I
by A2, A22, SCMFSA8A:def 5;
then A24:
insloc 0 in dom (ProgramPart I)
by AMI_1:105;
A25:
IC SCM+FSA in dom (I +* (Start-At (insloc 0 )))
by SF_MASTR:65;
IC (Computation s1,0 ) =
s1 . (IC SCM+FSA )
by AMI_1:13
.=
(I +* (Start-At (insloc 0 ))) . (IC SCM+FSA )
by A1, A25, GRFUNC_1:8
.=
insloc 0
by SF_MASTR:66
;
hence
(IC (Computation s1,0 )) + n = IC (Computation s2,0 )
by A4, AMI_1:13;
:: thesis: ( IncAddr (CurInstr (Computation s1,0 )),n = CurInstr (Computation s2,0 ) & DataPart (Computation s1,0 ) = DataPart (Computation s2,0 ) )
A26:
I c= I +* (Start-At (insloc 0 ))
by SCMFSA8A:9;
then A27:
dom I c= dom (I +* (Start-At (insloc 0 )))
by GRFUNC_1:8;
(insloc 0 ) + n in dom (Relocated I,n)
by A23, SCMFSA_5:4;
then A28:
insloc (0 + n) in dom (ProgramPart (Relocated I,n))
by AMI_1:106;
IC SCM+FSA in dom (I +* (Start-At (insloc 0 )))
by SF_MASTR:65;
then A29:
s1 . (IC s1) =
s1 . ((I +* (Start-At (insloc 0 ))) . (IC SCM+FSA ))
by A1, GRFUNC_1:8
.=
s1 . (insloc 0 )
by SF_MASTR:66
.=
(I +* (Start-At (insloc 0 ))) . (insloc 0 )
by A1, A27, A23, GRFUNC_1:8
.=
I . (insloc 0 )
by A26, A23, GRFUNC_1:8
;
thus IncAddr (CurInstr (Computation s1,0 )),
n =
IncAddr (CurInstr s1),
n
by AMI_1:13
.=
(Relocated I,n) . (insloc (0 + n))
by A29, A24, SCMFSA_5:7
.=
(ProgramPart (Relocated I,n)) . (insloc n)
by FUNCT_1:72
.=
CurInstr s2
by A3, A4, A28, GRFUNC_1:8
.=
CurInstr (Computation s2,0 )
by AMI_1:13
;
:: thesis: DataPart (Computation s1,0 ) = DataPart (Computation s2,0 )
thus DataPart (Computation s1,0 ) =
DataPart s2
by A5, AMI_1:13
.=
DataPart (Computation s2,0 )
by AMI_1:13
;
:: thesis: verum
end;
for
k being
Element of
NAT holds
S2[
k]
from NAT_1:sch 1(A21, A8);
hence
IncAddr (CurInstr (Computation s1,i)),
n = CurInstr (Computation s2,i)
by A7;
:: thesis: verum
end;
A30:
for k being Element of NAT st S1[k] holds
S1[k + 1]
proof
let k be
Element of
NAT ;
:: thesis: ( S1[k] implies S1[k + 1] )
assume A31:
S1[
k]
;
:: thesis: S1[k + 1]
set i =
CurInstr (Computation s1,k);
A32:
Computation s2,
(k + 1) =
Following (Computation s2,k)
by AMI_1:14
.=
Exec (CurInstr (Computation s2,k)),
(Computation s2,k)
;
assume A33:
k + 1
<= pseudo-LifeSpan s1,
I
;
:: thesis: ( (IC (Computation s1,(k + 1))) + n = IC (Computation s2,(k + 1)) & DataPart (Computation s1,(k + 1)) = DataPart (Computation s2,(k + 1)) )
then A34:
k + 1
<= (pseudo-LifeSpan s1,I) + 1
by NAT_1:12;
A35:
k < pseudo-LifeSpan s1,
I
by A33, NAT_1:13;
A36:
Computation s1,
(k + 1) =
Following (Computation s1,k)
by AMI_1:14
.=
Exec (CurInstr (Computation s1,k)),
(Computation s1,k)
;
hence (IC (Computation s1,(k + 1))) + n =
IC (Exec (IncAddr (CurInstr (Computation s1,k)),n),(Computation s2,k))
by A31, A34, SCMFSA6A:41, XREAL_1:8
.=
IC (Computation s2,(k + 1))
by A6, A35, A32
;
:: thesis: DataPart (Computation s1,(k + 1)) = DataPart (Computation s2,(k + 1))
thus DataPart (Computation s1,(k + 1)) =
DataPart (Exec (IncAddr (CurInstr (Computation s1,k)),n),(Computation s2,k))
by A31, A34, A36, SCMFSA6A:41, XREAL_1:8
.=
DataPart (Computation s2,(k + 1))
by A6, A35, A32
;
:: thesis: verum
end;
let i be Element of NAT ; :: thesis: ( i <= pseudo-LifeSpan s1,I implies ( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) ) )
assume A37:
i <= pseudo-LifeSpan s1,I
; :: thesis: ( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) )
A38:
S1[ 0 ]
proof
assume
0 <= pseudo-LifeSpan s1,
I
;
:: thesis: ( (IC (Computation s1,0 )) + n = IC (Computation s2,0 ) & DataPart (Computation s1,0 ) = DataPart (Computation s2,0 ) )
A39:
IC SCM+FSA in dom (I +* (Start-At (insloc 0 )))
by SF_MASTR:65;
IC (Computation s1,0 ) =
s1 . (IC SCM+FSA )
by AMI_1:13
.=
(I +* (Start-At (insloc 0 ))) . (IC SCM+FSA )
by A1, A39, GRFUNC_1:8
.=
insloc 0
by SF_MASTR:66
;
hence
(IC (Computation s1,0 )) + n = IC (Computation s2,0 )
by A4, AMI_1:13;
:: thesis: DataPart (Computation s1,0 ) = DataPart (Computation s2,0 )
thus DataPart (Computation s1,0 ) =
DataPart s2
by A5, AMI_1:13
.=
DataPart (Computation s2,0 )
by AMI_1:13
;
:: thesis: verum
end;
for k being Element of NAT holds S1[k]
from NAT_1:sch 1(A38, A30);
hence
( (IC (Computation s1,i)) + n = IC (Computation s2,i) & DataPart (Computation s1,i) = DataPart (Computation s2,i) )
by A37; :: thesis: verum