let s be State of ; :: thesis: for I being Program of
for a being Int-Location st I does_not_destroy a holds
for k being Element of NAT st IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k) in dom I holds
(Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a
let I be Program of ; :: thesis: for a being Int-Location st I does_not_destroy a holds
for k being Element of NAT st IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k) in dom I holds
(Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a
let a be Int-Location ; :: thesis: ( I does_not_destroy a implies for k being Element of NAT st IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k) in dom I holds
(Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a )
assume A1: I does_not_destroy a ; :: thesis: for k being Element of NAT st IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k) in dom I holds
(Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a
set s1 = s +* (I +* (Start-At (insloc 0 )));
let k be Element of NAT ; :: thesis: ( IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k) in dom I implies (Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a )
assume A2: IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k) in dom I ; :: thesis: (Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a
dom I misses dom (Start-At (insloc 0 )) by SF_MASTR:64;
then A3: I c= I +* (Start-At (insloc 0 )) by FUNCT_4:33;
set l = IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k);
I +* (Start-At (insloc 0 )) c= s +* (I +* (Start-At (insloc 0 ))) by FUNCT_4:26;
then I c= s +* (I +* (Start-At (insloc 0 ))) by A3, XBOOLE_1:1;
then (s +* (I +* (Start-At (insloc 0 )))) . (IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k)) = I . (IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k)) by A2, GRFUNC_1:8;
then (s +* (I +* (Start-At (insloc 0 )))) . (IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k)) in rng I by A2, FUNCT_1:def 5;
then A4: (s +* (I +* (Start-At (insloc 0 )))) . (IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k)) does_not_destroy a by A1, SCMFSA7B:def 4;
thus (Computation (s +* (I +* (Start-At (insloc 0 )))),(k + 1)) . a = (Following (Computation (s +* (I +* (Start-At (insloc 0 )))),k)) . a by AMI_1:14
.= (Exec ((s +* (I +* (Start-At (insloc 0 )))) . (IC (Computation (s +* (I +* (Start-At (insloc 0 )))),k))),(Computation (s +* (I +* (Start-At (insloc 0 )))),k)) . a by AMI_1:54
.= (Computation (s +* (I +* (Start-At (insloc 0 )))),k) . a by A4, SCMFSA7B:26 ; :: thesis: verum