let s be State of SCM+FSA; :: thesis: for I being Program of SCM+FSA
for a being Int-Location
for k being Element of NAT st I is_closed_on Initialized s & I is_halting_on Initialized s & not I destroys a holds
(IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a
set A = NAT ;
let I be Program of SCM+FSA; :: thesis: for a being Int-Location
for k being Element of NAT st I is_closed_on Initialized s & I is_halting_on Initialized s & not I destroys a holds
(IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a
let a be Int-Location ; :: thesis: for k being Element of NAT st I is_closed_on Initialized s & I is_halting_on Initialized s & not I destroys a holds
(IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a
let k be Element of NAT ; :: thesis: ( I is_closed_on Initialized s & I is_halting_on Initialized s & not I destroys a implies (IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a )
assume A1: I is_closed_on Initialized s ; :: thesis: ( not I is_halting_on Initialized s or I destroys a or (IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a )
not a in NAT by SCMFSA_2:84;
then not a in (dom s) /\ NAT by XBOOLE_0:def 4;
then A3: not a in dom (s | NAT) by RELAT_1:90;
set s0 = Initialized s;
set s1 = (Initialized s) +* (I +* (Start-At (0,SCM+FSA)));
assume I is_halting_on Initialized s ; :: thesis: ( I destroys a or (IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a )
then A4: ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))) halts_on (Initialized s) +* (I +* (Start-At (0,SCM+FSA))) by SCMFSA7B:def 8;
assume A5: not I destroys a ; :: thesis: (IExec (I,s)) . a = (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a
s +* (Initialized I) = (Initialized s) +* (I +* (Start-At (0,SCM+FSA))) by SCMFSA8A:13;
hence (IExec (I,s)) . a = ((Result ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))))) +* (s | NAT)) . a by SCMFSA6B:def 1
.= (Result ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))))) . a by A3, FUNCT_4:12
.= (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),(LifeSpan ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))))))) . a by A4, EXTPRO_1:23
.= (Initialized s) . a by A1, A5, SCMFSA7B:27
.= (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) . a by A1, A5, SCMFSA7B:27 ;
:: thesis: verum