let s be State of SCM+FSA ; :: thesis: for I being Program of SCM+FSA st I is_closed_onInit s & I is_halting_onInit s holds
for m being Element of NAT st m <= LifeSpan (s +* (Initialized I)) holds
Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m, Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m equal_outside NAT
let I be Program of SCM+FSA ; :: thesis: ( I is_closed_onInit s & I is_halting_onInit s implies for m being Element of NAT st m <= LifeSpan (s +* (Initialized I)) holds
Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m, Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m equal_outside NAT )
set s1 = s +* (Initialized I);
set s2 = s +* (Initialized (loop I));
assume A1: I is_closed_onInit s ; :: thesis: ( not I is_halting_onInit s or for m being Element of NAT st m <= LifeSpan (s +* (Initialized I)) holds
Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m, Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m equal_outside NAT )
defpred S1[ Nat] means ( $1 <= LifeSpan (s +* (Initialized I)) implies Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),$1, Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),$1 equal_outside NAT );
assume I is_halting_onInit s ; :: thesis: for m being Element of NAT st m <= LifeSpan (s +* (Initialized I)) holds
Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m, Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m equal_outside NAT
then A2: ProgramPart (s +* (Initialized I)) halts_on s +* (Initialized I) by Def5;
A3: for m being Element of NAT st S1[m] holds
S1[m + 1]
proof
let m be Element of NAT ; :: thesis: ( S1[m] implies S1[m + 1] )
assume A4: ( m <= LifeSpan (s +* (Initialized I)) implies Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m, Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m equal_outside NAT ) ; :: thesis: S1[m + 1]
A5: IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) in dom I by A1, Def4;
then A6: IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) in dom (loop I) by FUNCT_4:105;
Y: (ProgramPart (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) /. (IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) = (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) . (IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) by AMI_1:150;
I c= Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m by Th67, AMI_1:81;
then A7: CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)),(Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) = I . (IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) by A5, GRFUNC_1:8, Y;
T: ProgramPart (s +* (Initialized (loop I))) = ProgramPart (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m) by AMI_1:144;
A8: Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),(m + 1) = Following (ProgramPart (s +* (Initialized (loop I)))),(Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m) by AMI_1:14
.= Exec (CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m)),(Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m)),(Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m) by T ;
A9: loop I c= Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m by Th67, AMI_1:81;
T: ProgramPart (s +* (Initialized I)) = ProgramPart (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) by AMI_1:144;
A10: Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),(m + 1) = Following (ProgramPart (s +* (Initialized I))),(Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) by AMI_1:14
.= Exec (CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)),(Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)),(Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) by T ;
assume A11: m + 1 <= LifeSpan (s +* (Initialized I)) ; :: thesis: Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),(m + 1), Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),(m + 1) equal_outside NAT
then m < LifeSpan (s +* (Initialized I)) by NAT_1:13;
then I . (IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) <> halt SCM+FSA by A2, A7, AMI_1:def 46;
then A12: I . (IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) = (loop I) . (IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)) by FUNCT_4:111;
Z: (ProgramPart (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m)) /. (IC (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m)) = (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m) . (IC (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m)) by AMI_1:150;
IC (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) = IC (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m) by A4, A11, AMI_1:121, NAT_1:13;
then CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m)),(Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),m) = CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m)),(Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),m) by A9, A6, A7, Z, A12, GRFUNC_1:8;
hence Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),(m + 1), Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),(m + 1) equal_outside NAT by A4, A11, A10, A8, NAT_1:13, SCMFSA6A:32; :: thesis: verum
end;
A13: S1[ 0 ]
proof
assume 0 <= LifeSpan (s +* (Initialized I)) ; :: thesis: Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),0 , Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),0 equal_outside NAT
( s +* I,s equal_outside NAT & s,s +* (loop I) equal_outside NAT ) by AMI_1:120, FUNCT_7:28;
then s +* I,s +* (loop I) equal_outside NAT by FUNCT_7:29;
then (s +* I) +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA )),(s +* (loop I)) +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA )) equal_outside NAT by FUNCT_7:106;
then s +* (I +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA ))),(s +* (loop I)) +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA )) equal_outside NAT by FUNCT_4:15;
then s +* (I +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA ))),s +* ((loop I) +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA ))) equal_outside NAT by FUNCT_4:15;
then s +* (I +* (((intloc 0 ) .--> 1) +* (Start-At 0 ,SCM+FSA ))),s +* (Initialized (loop I)) equal_outside NAT by FUNCT_4:15;
then s +* (Initialized I),s +* (Initialized (loop I)) equal_outside NAT by FUNCT_4:15;
then s +* (Initialized I), Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),0 equal_outside NAT by AMI_1:13;
hence Comput (ProgramPart (s +* (Initialized I))),(s +* (Initialized I)),0 , Comput (ProgramPart (s +* (Initialized (loop I)))),(s +* (Initialized (loop I))),0 equal_outside NAT by AMI_1:13; :: thesis: verum
end;
thus for m being Element of NAT holds S1[m] from NAT_1:sch 1(A13, A3); :: thesis: verum