set b = DataLoc ((F1() . F4()),F5());
set FR = for-down (F4(),F5(),F6(),F2());
defpred S1[ Nat] means for t being State of SCMPDS
for Q being the Instructions of SCMPDS -valued ManySortedSet of NAT st t . (DataLoc ((F1() . F4()),F5())) <= $1 & t . F4() = F1() . F4() & P1[ Dstate t] holds
( (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t))] );
A4:
S1[ 0 ]
proof
let t be
State of
SCMPDS;
for Q being the Instructions of SCMPDS -valued ManySortedSet of NAT st t . (DataLoc ((F1() . F4()),F5())) <= 0 & t . F4() = F1() . F4() & P1[ Dstate t] holds
( (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t))] )let Q be the
Instructions of
SCMPDS -valued ManySortedSet of
NAT ;
( t . (DataLoc ((F1() . F4()),F5())) <= 0 & t . F4() = F1() . F4() & P1[ Dstate t] implies ( (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t))] ) )
assume that A5:
(
t . (DataLoc ((F1() . F4()),F5())) <= 0 &
t . F4()
= F1()
. F4() )
and A6:
P1[
Dstate t]
;
( (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t))] )
thus
(IExec ((for-down (F4(),F5(),F6(),F2())),Q,t)) . (DataLoc ((F1() . F4()),F5())) <= 0
by A5, SCMPDS_7:66;
P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t))]
for
x being
Int_position holds
(IExec ((for-down (F4(),F5(),F6(),F2())),Q,t)) . x = t . x
by A5, SCMPDS_7:66;
hence
P1[
Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),Q,t))]
by A6, Th5;
verum
end;
A7:
now let k be
Element of
NAT ;
( S1[k] implies S1[k + 1] )assume A8:
S1[
k]
;
S1[k + 1]now let u be
State of
SCMPDS;
for U being the Instructions of SCMPDS -valued ManySortedSet of NAT st u . (DataLoc ((F1() . F4()),F5())) <= k + 1 & u . F4() = F1() . F4() & P1[ Dstate u] holds
( (IExec ((for-down (F4(),F5(),F6(),F2())),b3,b2)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),b3,b2))] )let U be the
Instructions of
SCMPDS -valued ManySortedSet of
NAT ;
( u . (DataLoc ((F1() . F4()),F5())) <= k + 1 & u . F4() = F1() . F4() & P1[ Dstate u] implies ( (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1))] ) )assume that A9:
u . (DataLoc ((F1() . F4()),F5())) <= k + 1
and A10:
u . F4()
= F1()
. F4()
and A11:
P1[
Dstate u]
;
( (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1))] )per cases
( u . (DataLoc ((F1() . F4()),F5())) <= 0 or u . (DataLoc ((F1() . F4()),F5())) > 0 )
;
suppose
u . (DataLoc ((F1() . F4()),F5())) <= 0
;
( (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1))] )hence
(
(IExec ((for-down (F4(),F5(),F6(),F2())),U,u)) . (DataLoc ((F1() . F4()),F5())) <= 0 &
P1[
Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),U,u))] )
by A4, A10, A11;
verum end; suppose A12:
u . (DataLoc ((F1() . F4()),F5())) > 0
;
( (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1)) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),b2,b1))] )set Ad =
AddTo (
F4(),
F5(),
(- F6()));
set Iu =
IExec (
(F2() ';' (AddTo (F4(),F5(),(- F6())))),
U,
u);
A13:
(
(IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u)) . F4()
= F1()
. F4() &
P1[
Dstate (IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u))] )
by A3, A10, A11, A12;
(IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u)) . (DataLoc ((F1() . F4()),F5())) = (u . (DataLoc ((F1() . F4()),F5()))) - F6()
by A3, A10, A11, A12;
then
((IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u)) . (DataLoc ((F1() . F4()),F5()))) + 1
<= u . (DataLoc ((F1() . F4()),F5()))
by A1, INT_1:20, XREAL_1:46;
then
((IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u)) . (DataLoc ((F1() . F4()),F5()))) + 1
<= k + 1
by A9, XXREAL_0:2;
then A14:
(IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u)) . (DataLoc ((F1() . F4()),F5())) <= k
by XREAL_1:8;
A15:
P1[
Dstate u]
by A11;
A16:
for
t being
State of
SCMPDS for
Q being the
Instructions of
SCMPDS -valued ManySortedSet of
NAT st
P1[
Dstate t] &
t . F4()
= u . F4() &
t . (DataLoc ((u . F4()),F5())) > 0 holds
(
(IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),Q,t)) . F4()
= t . F4() &
(IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),Q,t)) . (DataLoc ((u . F4()),F5())) = (t . (DataLoc ((u . F4()),F5()))) - F6() &
F2()
is_closed_on t,
Q &
F2()
is_halting_on t,
Q &
P1[
Dstate (IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),Q,t))] )
by A3, A10;
A17:
u . (DataLoc ((u . F4()),F5())) > 0
by A10, A12;
( (
P1[
u] or not
P1[
u] ) &
IExec (
(for-down (F4(),F5(),F6(),F2())),
U,
u)
= IExec (
(for-down (F4(),F5(),F6(),F2())),
U,
(IExec ((F2() ';' (AddTo (F4(),F5(),(- F6())))),U,u))) )
from SCPISORT:sch 2(A1, A17, A15, A16);
hence
(
(IExec ((for-down (F4(),F5(),F6(),F2())),U,u)) . (DataLoc ((F1() . F4()),F5())) <= 0 &
P1[
Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),U,u))] )
by A8, A14, A13;
verum end; end; hence
S1[
k + 1]
;
verum end;
A18:
for k being Element of NAT holds S1[k]
from NAT_1:sch 1(A4, A7);
thus
( P1[F1()] or not P1[F1()] )
; ( (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1())) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1()))] )
per cases
( F1() . (DataLoc ((F1() . F4()),F5())) > 0 or F1() . (DataLoc ((F1() . F4()),F5())) <= 0 )
;
suppose
F1()
. (DataLoc ((F1() . F4()),F5())) > 0
;
( (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1())) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1()))] )then reconsider m =
F1()
. (DataLoc ((F1() . F4()),F5())) as
Element of
NAT by INT_1:16;
S1[
m]
by A18;
hence
(
(IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1())) . (DataLoc ((F1() . F4()),F5())) <= 0 &
P1[
Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1()))] )
by A2;
verum end; suppose
F1()
. (DataLoc ((F1() . F4()),F5())) <= 0
;
( (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1())) . (DataLoc ((F1() . F4()),F5())) <= 0 & P1[ Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1()))] )hence
(
(IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1())) . (DataLoc ((F1() . F4()),F5())) <= 0 &
P1[
Dstate (IExec ((for-down (F4(),F5(),F6(),F2())),F3(),F1()))] )
by A2, A4;
verum end;