let A be preIfWhileAlgebra; :: thesis: for S being non empty set
for T being Subset of S
for s being Element of S
for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let S be non empty set ; :: thesis: for T being Subset of S
for s being Element of S
for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let T be Subset of S; :: thesis: for s being Element of S
for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let s be Element of S; :: thesis: for f being ExecutionFunction of A,S,T
for P being set
for C, I being Element of A st C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let f be ExecutionFunction of A,S,T; :: thesis: for P being set
for C, I being Element of A st C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let P be set ; :: thesis: for C, I being Element of A st C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P holds
[s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
let C, I be Element of A; :: thesis: ( C is_terminating_wrt f,P & I is_terminating_wrt f,P & P is_invariant_wrt C,f & P is_invariant_wrt I,f & f iteration_terminates_for I \; C,f . (s,C) & s in P implies [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) )
assume that
A1: C is_terminating_wrt f,P and
A2: I is_terminating_wrt f,P and
A3: P is_invariant_wrt C,f and
A4: P is_invariant_wrt I,f ; :: thesis: ( not f iteration_terminates_for I \; C,f . (s,C) or not s in P or [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) )
given r being non empty FinSequence of S such that A5: r . 1 = f . (s,C) and
A6: r . (len r) nin T and
A7: for i being Nat st 1 <= i & i < len r holds
( r . i in T & r . (i + 1) = f . ((r . i),(I \; C)) ) ; :: according to AOFA_000:def 33 :: thesis: ( not s in P or [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) )
assume A8: s in P ; :: thesis: [s,(while (C,I))] in TerminatingPrograms (A,S,T,f)
defpred S1[ Nat] means ( $1 < len r implies r . ($1 + 1) in P );
A9: S1[ 0 ] by A3, A5, A8;
A10: for i being Nat st S1[i] holds
S1[i + 1]
proof
let i be Nat; :: thesis: ( S1[i] implies S1[i + 1] )
assume that
A11: S1[i] and
A12: i + 1 < len r ; :: thesis: r . ((i + 1) + 1) in P
A13: i + 1 >= 1 by NAT_1:11;
then A14: r . (i + 1) in T by A7, A12;
A15: r . ((i + 1) + 1) = f . ((r . (i + 1)),(I \; C)) by A7, A12, A13;
reconsider s = r . (i + 1) as Element of S by A14;
f . (s,I) in P by A4, A11, A12, NAT_1:13;
then f . ((f . (s,I)),C) in P by A3;
hence r . ((i + 1) + 1) in P by A15, Def29; :: thesis: verum
end;
A16: for i being Nat holds S1[i] from NAT_1:sch 2(A9, A10);
A17: now :: thesis: for i being Nat st 1 <= i & i < len r holds
( r . i in T & [(r . i),(I \; C)] in TerminatingPrograms (A,S,T,f) & r . (i + 1) = f . ((r . i),(I \; C)) )
let i be Nat; :: thesis: ( 1 <= i & i < len r implies ( r . i in T & [(r . i),(I \; C)] in TerminatingPrograms (A,S,T,f) & r . (i + 1) = f . ((r . i),(I \; C)) ) )
assume that
A18: 1 <= i and
A19: i < len r ; :: thesis: ( r . i in T & [(r . i),(I \; C)] in TerminatingPrograms (A,S,T,f) & r . (i + 1) = f . ((r . i),(I \; C)) )
thus r . i in T by A7, A18, A19; :: thesis: ( [(r . i),(I \; C)] in TerminatingPrograms (A,S,T,f) & r . (i + 1) = f . ((r . i),(I \; C)) )
then reconsider s = r . i as Element of S ;
A20: i -' 1 <= i by NAT_D:35;
A21: i = (i -' 1) + 1 by A18, XREAL_1:235;
i -' 1 < len r by A19, A20, XXREAL_0:2;
then A22: s in P by A16, A21;
then A23: [s,I] in TerminatingPrograms (A,S,T,f) by A2;
f . (s,I) in P by A4, A22;
then [(f . (s,I)),C] in TerminatingPrograms (A,S,T,f) by A1;
hence ( [(r . i),(I \; C)] in TerminatingPrograms (A,S,T,f) & r . (i + 1) = f . ((r . i),(I \; C)) ) by A7, A18, A19, A23, Def35; :: thesis: verum
end;
[s,C] in TerminatingPrograms (A,S,T,f) by A1, A8;
hence [s,(while (C,I))] in TerminatingPrograms (A,S,T,f) by A5, A6, A17, Def35; :: thesis: verum