let s be State of SCMPDS ; :: thesis: for I, J being Program of SCMPDS
for k being Element of NAT st I c= J & I is_closed_on s & I is_halting_on s & k <= LifeSpan (s +* (Initialized (stop I))) holds
Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k, Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k equal_outside NAT
let I, J be Program of SCMPDS ; :: thesis: for k being Element of NAT st I c= J & I is_closed_on s & I is_halting_on s & k <= LifeSpan (s +* (Initialized (stop I))) holds
Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k, Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k equal_outside NAT
let k be Element of NAT ; :: thesis: ( I c= J & I is_closed_on s & I is_halting_on s & k <= LifeSpan (s +* (Initialized (stop I))) implies Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k, Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k equal_outside NAT )
set IsI = Initialized (stop I);
set m = LifeSpan (s +* (Initialized (stop I)));
assume that
A1: I c= J and
A2: I is_closed_on s and
A3: I is_halting_on s and
A4: k <= LifeSpan (s +* (Initialized (stop I))) ; :: thesis: Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k, Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k equal_outside NAT
set iJ = Initialized J;
set s1 = s +* (Initialized J);
set s2 = s +* (Initialized (stop I));
defpred S1[ Element of NAT ] means ( $1 <= LifeSpan (s +* (Initialized (stop I))) implies Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),$1, Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),$1 equal_outside NAT );
A5: dom I c= dom J by A1, GRFUNC_1:8;
A6: now
let k be Element of NAT ; :: thesis: ( S1[k] implies S1[k + 1] )
assume A7: S1[k] ; :: thesis: S1[k + 1]
now
T: ProgramPart (s +* (Initialized (stop I))) = ProgramPart (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) by AMI_1:144;
A8: Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),(k + 1) = Following (ProgramPart (s +* (Initialized (stop I)))),(Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) by AMI_1:14
.= Exec (CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)),(Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)),(Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) by T ;
T: ProgramPart (s +* (Initialized J)) = ProgramPart (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k) by AMI_1:144;
A9: Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),(k + 1) = Following (ProgramPart (s +* (Initialized J))),(Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k) by AMI_1:14
.= Exec (CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k)),(Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k)),(Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k) by T ;
A10: k < k + 1 by XREAL_1:31;
assume A11: k + 1 <= LifeSpan (s +* (Initialized (stop I))) ; :: thesis: Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),(k + 1), Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),(k + 1) equal_outside NAT
then k < LifeSpan (s +* (Initialized (stop I))) by A10, XXREAL_0:2;
then A12: IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) in dom I by A2, A3, SCMPDS_6:40;
then A13: IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) in dom (stop I) by FUNCT_4:13;
Y: (ProgramPart (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k)) /. (IC (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k)) = (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k) . (IC (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k)) by AMI_1:150;
Z: (ProgramPart (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) /. (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) = (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by AMI_1:150;
CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k)),(Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k) = (Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k) . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by A7, A11, A10, AMI_1:121, XXREAL_0:2, Y
.= (s +* (Initialized J)) . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by AMI_1:54
.= J . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by A5, A12, Th10
.= I . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by A1, A12, GRFUNC_1:8
.= (stop I) . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by A12, SCMPDS_4:37
.= (s +* (Initialized (stop I))) . (IC (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)) by A13, Th10
.= CurInstr (ProgramPart (Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k)),(Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k) by AMI_1:54, Z ;
hence Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),(k + 1), Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),(k + 1) equal_outside NAT by A7, A11, A10, A9, A8, SCMPDS_4:15, XXREAL_0:2; :: thesis: verum
end;
hence S1[k + 1] ; :: thesis: verum
end;
A14: S1[ 0 ]
proof
assume 0 <= LifeSpan (s +* (Initialized (stop I))) ; :: thesis: Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),0 , Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),0 equal_outside NAT
A15: Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),0 = s +* (Initialized (stop I)) by AMI_1:13;
Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),0 = s +* (Initialized J) by AMI_1:13;
hence Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),0 , Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),0 equal_outside NAT by A15, SCMPDS_4:36; :: thesis: verum
end;
for k being Element of NAT holds S1[k] from NAT_1:sch 1(A14, A6);
 hence Comput (ProgramPart (s +* (Initialized J))),(s +* (Initialized J)),k, Comput (ProgramPart (s +* (Initialized (stop I)))),(s +* (Initialized (stop I))),k equal_outside NAT by A4; :: thesis: verum