let s be State of SCM+FSA; :: thesis: for I being Program of SCM+FSA
for a being read-write Int-Location st I is_closed_onInit s & I is_halting_onInit s & s . a > 0 holds
for k being Element of NAT st k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 holds
IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I))
let I be Program of SCM+FSA; :: thesis: for a being read-write Int-Location st I is_closed_onInit s & I is_halting_onInit s & s . a > 0 holds
for k being Element of NAT st k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 holds
IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I))
let a be read-write Int-Location ; :: thesis: ( I is_closed_onInit s & I is_halting_onInit s & s . a > 0 implies for k being Element of NAT st k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 holds
IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I)) )
set s0 = Initialized s;
set IA = I +* (Start-At (0,SCM+FSA));
assume A1: I is_closed_onInit s ; :: thesis: ( not I is_halting_onInit s or not s . a > 0 or for k being Element of NAT st k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 holds
IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I)) )
now
let k be Element of NAT ; :: thesis: IC (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) in dom I
s +* (Initialized I) = (Initialized s) +* (I +* (Start-At (0,SCM+FSA))) by SCMFSA8A:13;
hence IC (Comput ((ProgramPart ((Initialized s) +* (I +* (Start-At (0,SCM+FSA))))),((Initialized s) +* (I +* (Start-At (0,SCM+FSA)))),k)) in dom I by A1, SCM_HALT:def 4; :: thesis: verum
end;
then A2: I is_closed_on Initialized s by SCMFSA7B:def 7;
assume I is_halting_onInit s ; :: thesis: ( not s . a > 0 or for k being Element of NAT st k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 holds
IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I)) )
then X: ProgramPart (s +* (Initialized I)) halts_on s +* (Initialized I) by SCM_HALT:def 5;
s +* (Initialized I) = (Initialized s) +* (I +* (Start-At (0,SCM+FSA))) by SCMFSA8A:13;
then A3: I is_halting_on Initialized s by X, SCMFSA7B:def 8;
assume s . a > 0 ; :: thesis: for k being Element of NAT st k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 holds
IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I))
then A4: (Initialized s) . a > 0 by SCMFSA6C:3;
hereby :: thesis: verum
let k be Element of NAT ; :: thesis: ( k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 implies IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I)) )
X: s +* (Initialized (while>0 (a,I))) = (Initialized s) +* ((while>0 (a,I)) +* (Start-At (0,SCM+FSA))) by SCMFSA8A:13;
XX: s +* (Initialized I) = (Initialized s) +* (I +* (Start-At (0,SCM+FSA))) by SCMFSA8A:13;
assume k <= (LifeSpan ((ProgramPart (s +* (Initialized I))),(s +* (Initialized I)))) + 3 ; :: thesis: IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I))
hence IC (Comput ((ProgramPart (s +* (Initialized (while>0 (a,I))))),(s +* (Initialized (while>0 (a,I)))),k)) in dom (while>0 (a,I)) by X, A2, A3, A4, XX, SCMFSA_9:47; :: thesis: verum
end;