set a = intloc 0 ;
let s be State of SCM+FSA ; :: thesis: for I being good Program of SCM+FSA st I is_halting_on Initialized s & I is_closed_on Initialized s holds
( (IExec I,s) . (intloc 0 ) = 1 & ( for k being Element of NAT holds (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1 ) )
set A = NAT ;
let I be good Program of SCM+FSA ; :: thesis: ( I is_halting_on Initialized s & I is_closed_on Initialized s implies ( (IExec I,s) . (intloc 0 ) = 1 & ( for k being Element of NAT holds (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1 ) ) )
set s0 = Initialized s;
set s1 = (Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ));
defpred S1[ Nat] means for n being Element of NAT st n <= $1 holds
(Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 );
assume I is_halting_on Initialized s ; :: thesis: ( not I is_closed_on Initialized s or ( (IExec I,s) . (intloc 0 ) = 1 & ( for k being Element of NAT holds (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1 ) ) )
then A1: ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))) halts_on (Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )) by SCMFSA7B:def 8;
A2: S1[ 0 ]
proof
let n be Element of NAT ; :: thesis: ( n <= 0 implies (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 ) )
A3: for i being Element of NAT st i < 0 holds
IC (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),i) in dom I ;
assume n <= 0 ; :: thesis: (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 )
hence (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 ) by A3, Th95; :: thesis: verum
end;
assume A4: I is_closed_on Initialized s ; :: thesis: ( (IExec I,s) . (intloc 0 ) = 1 & ( for k being Element of NAT holds (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1 ) )
A5: for k being Element of NAT st S1[k] holds
S1[k + 1]
proof
let k be Element of NAT ; :: thesis: ( S1[k] implies S1[k + 1] )
assume S1[k] ; :: thesis: S1[k + 1]
let n be Element of NAT ; :: thesis: ( n <= k + 1 implies (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 ) )
assume A6: n <= k + 1 ; :: thesis: (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 )
for i being Element of NAT st i < k + 1 holds
IC (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),i) in dom I by A4, SCMFSA7B:def 7;
hence (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),n) . (intloc 0 ) = (Initialized s) . (intloc 0 ) by A6, Th95; :: thesis: verum
end;
A7: for k being Element of NAT holds S1[k] from NAT_1:sch 1(A2, A5);
A8: now
let k be Element of NAT ; :: thesis: (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1
thus (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = (Initialized s) . (intloc 0 ) by A7
.= 1 by SCMFSA6C:3 ; :: thesis: verum
end;
not intloc 0 in NAT by SCMFSA_2:84;
then not intloc 0 in (dom s) /\ NAT by XBOOLE_0:def 4;
then A10: not intloc 0 in dom (s | NAT ) by RELAT_1:90;
s +* (Initialized I) = (Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )) by SCMFSA8A:13;
hence (IExec I,s) . (intloc 0 ) = ((Result (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))) +* (s | NAT )) . (intloc 0 ) by SCMFSA6B:def 1
.= (Result (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))) . (intloc 0 ) by A10, FUNCT_4:12
.= (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),(LifeSpan (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))))) . (intloc 0 ) by A1, AMI_1:122
.= 1 by A8 ;
:: thesis: for k being Element of NAT holds (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1
thus for k being Element of NAT holds (Comput (ProgramPart ((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA )))),((Initialized s) +* (I +* (Start-At 0 ,SCM+FSA ))),k) . (intloc 0 ) = 1 by A8; :: thesis: verum