let c0 be Element of NAT ; :: thesis: for s being c0 -started State of SCM+FSA
for a being Int-Location
for k being Integer st ( for c being Element of NAT st c < len (aSeq (a,k)) holds
(aSeq (a,k)) . c = s . (c0 + c) ) holds
for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
let s be c0 -started State of SCM+FSA; :: thesis: for a being Int-Location
for k being Integer st ( for c being Element of NAT st c < len (aSeq (a,k)) holds
(aSeq (a,k)) . c = s . (c0 + c) ) holds
for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
A1: IC s = c0 by COMPOS_1:def 20;
let a be Int-Location ; :: thesis: for k being Integer st ( for c being Element of NAT st c < len (aSeq (a,k)) holds
(aSeq (a,k)) . c = s . (c0 + c) ) holds
for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
let k be Integer; :: thesis: ( ( for c being Element of NAT st c < len (aSeq (a,k)) holds
(aSeq (a,k)) . c = s . (c0 + c) ) implies for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i )
assume A2: for c being Element of NAT st c < len (aSeq (a,k)) holds
(aSeq (a,k)) . c = s . (c0 + c) ; :: thesis: for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
S4: for c being Element of NAT st c in dom (aSeq (a,k)) holds
(aSeq (a,k)) . c = s . (c0 + c)
proof
let c be Element of NAT ; :: thesis: ( c in dom (aSeq (a,k)) implies (aSeq (a,k)) . c = s . (c0 + c) )
assume c in dom (aSeq (a,k)) ; :: thesis: (aSeq (a,k)) . c = s . (c0 + c)
then c < len (aSeq (a,k)) by AFINSQ_1:70;
hence (aSeq (a,k)) . c = s . (c0 + c) by A2; :: thesis: verum
end;
per cases ( k > 0 or k <= 0 ) ;
suppose A3: k > 0 ; :: thesis: for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
then reconsider k9 = k as Element of NAT by INT_1:16;
consider k1 being Element of NAT such that
A4: k1 + 1 = k9 and
A5: aSeq (a,k9) = <%(a := (intloc 0))%> ^ (k1 --> (AddTo (a,(intloc 0)))) by A3, SCMFSA_7:def 3;
defpred S1[ Nat] means ( $1 <= k9 implies IC (Comput ((ProgramPart s),s,$1)) = c0 + $1 );
A6: len (aSeq (a,k9)) = (len <%(a := (intloc 0))%>) + (len (k1 --> (AddTo (a,(intloc 0))))) by A5, AFINSQ_1:20
.= 1 + (len (k1 --> (AddTo (a,(intloc 0))))) by AFINSQ_1:38
.= k9 by A4, CARD_1:106 ;
for i being Element of NAT st i <= len (aSeq (a,k9)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
proof
A7: now
let i be Element of NAT ; :: thesis: ( 1 <= i & i < k9 implies (aSeq (a,k9)) . i = AddTo (a,(intloc 0)) )
assume that
A17: 1 <= i and
A18: i < k9 ; :: thesis: (aSeq (a,k9)) . i = AddTo (a,(intloc 0))
reconsider i1 = i - 1 as Element of NAT by A17, INT_1:18;
i = i1 + 1 ;
then i1 < k1 by A18, A4, XREAL_1:8;
then A20: i1 in k1 by NAT_1:45;
TT: len (k1 --> (AddTo (a,(intloc 0)))) = k1 by CARD_1:106;
len <%(a := (intloc 0))%> = 1 by AFINSQ_1:36;
hence (aSeq (a,k9)) . i = (k1 --> (AddTo (a,(intloc 0)))) . (i - 1) by A17, A5, TT, A4, A18, AFINSQ_1:21
.= AddTo (a,(intloc 0)) by A20, FUNCOP_1:13 ;
:: thesis: verum
end;
S10: for i being Element of NAT st i < k9 holds
i in dom (aSeq (a,k9)) by A6, NAT_1:45;
A12: now
let i be Element of NAT ; :: thesis: ( 0 < i & i < k9 implies s . (c0 + i) = AddTo (a,(intloc 0)) )
assume that
A22: 0 < i and
A23: i < k9 ; :: thesis: s . (c0 + i) = AddTo (a,(intloc 0))
A24: 0 + 1 <= i by A22, NAT_1:13;
thus s . (c0 + i) = (aSeq (a,k9)) . i by S4, S10, A23
.= AddTo (a,(intloc 0)) by A7, A24, A23 ; :: thesis: verum
end;
A16: s . (c0 + 0) = (aSeq (a,k9)) . 0 by A2, A3, A6
.= a := (intloc 0) by A5, AFINSQ_1:39 ;
A17: now
let n be Element of NAT ; :: thesis: ( n = 0 implies ( Comput ((ProgramPart s),s,n) = s & CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) ) )
assume n = 0 ; :: thesis: ( Comput ((ProgramPart s),s,n) = s & CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) )
hence A18: Comput ((ProgramPart s),s,n) = s by EXTPRO_1:3; :: thesis: ( CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) )
hence CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) by A1, A16, COMPOS_1:38; :: thesis: Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s)
thus Comput ((ProgramPart s),s,(n + 1)) = Following ((ProgramPart s),(Comput ((ProgramPart s),s,n))) by EXTPRO_1:4
.= Exec ((a := (intloc 0)),s) by A18, A1, A16, COMPOS_1:38 ; :: thesis: verum
end;
A20: for n being Element of NAT st S1[n] holds
S1[n + 1]
proof
let n be Element of NAT ; :: thesis: ( S1[n] implies S1[n + 1] )
assume A21: S1[n] ; :: thesis: S1[n + 1]
assume A22: n + 1 <= k9 ; :: thesis: IC (Comput ((ProgramPart s),s,(n + 1))) = c0 + (n + 1)
per cases ( n = 0 or n > 0 ) ;
suppose A23: n = 0 ; :: thesis: IC (Comput ((ProgramPart s),s,(n + 1))) = c0 + (n + 1)
hence IC (Comput ((ProgramPart s),s,(n + 1))) = (Exec ((a := (intloc 0)),s)) . (IC SCM+FSA) by A17
.= (succ c0) + n by A1, A23, SCMFSA_2:89
.= (c0 + 1) + n by NAT_1:39
.= c0 + (n + 1) ;
:: thesis: verum
end;
suppose A24: n > 0 ; :: thesis: IC (Comput ((ProgramPart s),s,(n + 1))) = c0 + (n + 1)
A25: n < k9 by A22, NAT_1:13;
A26: n + 0 <= n + 1 by XREAL_1:9;
then A27: CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = (Comput ((ProgramPart s),s,n)) . (c0 + n) by A21, A22, COMPOS_1:38, XXREAL_0:2
.= s . (c0 + n) by AMI_1:54
.= AddTo (a,(intloc 0)) by A12, A24, A25 ;
A28: Comput ((ProgramPart s),s,(n + 1)) = Following ((ProgramPart s),(Comput ((ProgramPart s),s,n))) by EXTPRO_1:4
.= Exec ((AddTo (a,(intloc 0))),(Comput ((ProgramPart s),s,n))) by A27, AMI_1:123 ;
thus IC (Comput ((ProgramPart s),s,(n + 1))) = succ (IC (Comput ((ProgramPart s),s,n))) by A28, SCMFSA_2:90
.= (c0 + n) + 1 by A21, A22, A26, NAT_1:39, XXREAL_0:2
.= c0 + (n + 1) ; :: thesis: verum
end;
end;
end;
let i be Element of NAT ; :: thesis: ( i <= len (aSeq (a,k9)) implies IC (Comput ((ProgramPart s),s,i)) = c0 + i )
assume A29: i <= len (aSeq (a,k9)) ; :: thesis: IC (Comput ((ProgramPart s),s,i)) = c0 + i
A30: S1[ 0 ] by A1, EXTPRO_1:3;
for i being Element of NAT holds S1[i] from NAT_1:sch 1(A30, A20);
 hence IC (Comput ((ProgramPart s),s,i)) = c0 + i by A6, A29; :: thesis: verum
end;
hence for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i ; :: thesis: verum
end;
suppose A31: k <= 0 ; :: thesis: for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
then reconsider mk = - k as Element of NAT by INT_1:16;
defpred S1[ Nat] means ( $1 <= (mk + 1) + 1 implies IC (Comput ((ProgramPart s),s,$1)) = c0 + $1 );
consider k1 being Element of NAT such that
A32: k1 + k = 1 and
A33: aSeq (a,k) = <%(a := (intloc 0))%> ^ (k1 --> (SubFrom (a,(intloc 0)))) by A31, SCMFSA_7:def 3;
A34: len (aSeq (a,k)) = (len <%(a := (intloc 0))%>) + (len (k1 --> (SubFrom (a,(intloc 0))))) by A33, AFINSQ_1:20
.= 1 + (len (k1 --> (SubFrom (a,(intloc 0))))) by AFINSQ_1:38
.= (mk + 1) + 1 by A32, CARD_1:106 ;
for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i
proof
A35: now
let i be Element of NAT ; :: thesis: ( 1 <= i & i < (mk + 1) + 1 implies (aSeq (a,k)) . i = SubFrom (a,(intloc 0)) )
assume that
A51: 1 <= i and
A52: i < (mk + 1) + 1 ; :: thesis: (aSeq (a,k)) . i = SubFrom (a,(intloc 0))
A53: i - 1 < ((mk + 1) + 1) - 1 by A52, XREAL_1:11;
reconsider i1 = i - 1 as Element of NAT by A51, INT_1:18;
A55: i1 in k1 by A32, A53, NAT_1:45;
TT: len (k1 --> (SubFrom (a,(intloc 0)))) = k1 by CARD_1:106;
len <%(a := (intloc 0))%> = 1 by AFINSQ_1:36;
hence (aSeq (a,k)) . i = (k1 --> (SubFrom (a,(intloc 0)))) . (i - 1) by A33, A51, TT, A32, A52, AFINSQ_1:21
.= SubFrom (a,(intloc 0)) by A55, FUNCOP_1:13 ;
:: thesis: verum
end;
S44: for i being Element of NAT st i < (mk + 1) + 1 holds
i in dom (aSeq (a,k)) by A34, NAT_1:45;
A41: now
let i be Element of NAT ; :: thesis: ( 0 < i & i < (mk + 1) + 1 implies s . (c0 + i) = SubFrom (a,(intloc 0)) )
assume that
A57: 0 < i and
A58: i < (mk + 1) + 1 ; :: thesis: s . (c0 + i) = SubFrom (a,(intloc 0))
A59: 0 + 1 <= i by A57, NAT_1:13;
thus s . (c0 + i) = (aSeq (a,k)) . i by S4, S44, A58
.= SubFrom (a,(intloc 0)) by A35, A59, A58 ; :: thesis: verum
end;
A45: s . (c0 + 0) = (aSeq (a,k)) . 0 by A2, A34
.= a := (intloc 0) by A33, AFINSQ_1:39 ;
A46: for n being Element of NAT st n = 0 holds
( Comput ((ProgramPart s),s,n) = s & CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) )
proof
let n be Element of NAT ; :: thesis: ( n = 0 implies ( Comput ((ProgramPart s),s,n) = s & CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) ) )
assume n = 0 ; :: thesis: ( Comput ((ProgramPart s),s,n) = s & CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) )
hence A47: Comput ((ProgramPart s),s,n) = s by EXTPRO_1:3; :: thesis: ( CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) & Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s) )
hence CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = a := (intloc 0) by A1, A45, COMPOS_1:38; :: thesis: Comput ((ProgramPart s),s,(n + 1)) = Exec ((a := (intloc 0)),s)
thus Comput ((ProgramPart s),s,(n + 1)) = Following ((ProgramPart s),(Comput ((ProgramPart s),s,n))) by EXTPRO_1:4
.= Exec ((a := (intloc 0)),s) by A47, A1, A45, COMPOS_1:38 ; :: thesis: verum
end;
A49: for n being Element of NAT st S1[n] holds
S1[n + 1]
proof
let n be Element of NAT ; :: thesis: ( S1[n] implies S1[n + 1] )
assume A50: S1[n] ; :: thesis: S1[n + 1]
assume A51: n + 1 <= (mk + 1) + 1 ; :: thesis: IC (Comput ((ProgramPart s),s,(n + 1))) = c0 + (n + 1)
per cases ( n = 0 or n > 0 ) ;
suppose A52: n = 0 ; :: thesis: IC (Comput ((ProgramPart s),s,(n + 1))) = c0 + (n + 1)
hence IC (Comput ((ProgramPart s),s,(n + 1))) = (Exec ((a := (intloc 0)),s)) . (IC SCM+FSA) by A46
.= succ (c0 + n) by A1, A52, SCMFSA_2:89
.= (c0 + n) + 1 by NAT_1:39
.= c0 + (n + 1) ;
:: thesis: verum
end;
suppose A53: n > 0 ; :: thesis: IC (Comput ((ProgramPart s),s,(n + 1))) = c0 + (n + 1)
A54: n < (mk + 1) + 1 by A51, NAT_1:13;
A55: n + 0 <= n + 1 by XREAL_1:9;
then A56: CurInstr ((ProgramPart (Comput ((ProgramPart s),s,n))),(Comput ((ProgramPart s),s,n))) = (Comput ((ProgramPart s),s,n)) . (c0 + n) by A50, A51, COMPOS_1:38, XXREAL_0:2
.= s . (c0 + n) by AMI_1:54
.= SubFrom (a,(intloc 0)) by A41, A53, A54 ;
A57: Comput ((ProgramPart s),s,(n + 1)) = Following ((ProgramPart s),(Comput ((ProgramPart s),s,n))) by EXTPRO_1:4
.= Exec ((SubFrom (a,(intloc 0))),(Comput ((ProgramPart s),s,n))) by A56, AMI_1:123 ;
thus IC (Comput ((ProgramPart s),s,(n + 1))) = succ (IC (Comput ((ProgramPart s),s,n))) by A57, SCMFSA_2:91
.= (c0 + n) + 1 by A50, A51, A55, NAT_1:39, XXREAL_0:2
.= c0 + (n + 1) ; :: thesis: verum
end;
end;
end;
let i be Element of NAT ; :: thesis: ( i <= len (aSeq (a,k)) implies IC (Comput ((ProgramPart s),s,i)) = c0 + i )
assume A58: i <= len (aSeq (a,k)) ; :: thesis: IC (Comput ((ProgramPart s),s,i)) = c0 + i
A59: S1[ 0 ] by A1, EXTPRO_1:3;
for i being Element of NAT holds S1[i] from NAT_1:sch 1(A59, A49);
 hence IC (Comput ((ProgramPart s),s,i)) = c0 + i by A34, A58; :: thesis: verum
end;
hence for i being Element of NAT st i <= len (aSeq (a,k)) holds
IC (Comput ((ProgramPart s),s,i)) = c0 + i ; :: thesis: verum
end;
end;