let s be State of SCM+FSA; :: thesis: for p being Instruction-Sequence of SCM+FSA
for k being Nat
for a being read-write Int-Location
for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 & J is_halting_on (StepTimes (a,J,p,s)) . k,p +* (Times (a,J)) holds
( ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 & ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 ) )
let p be Instruction-Sequence of SCM+FSA; :: thesis: for k being Nat
for a being read-write Int-Location
for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 & J is_halting_on (StepTimes (a,J,p,s)) . k,p +* (Times (a,J)) holds
( ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 & ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 ) )
let k be Nat; :: thesis: for a being read-write Int-Location
for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 & J is_halting_on (StepTimes (a,J,p,s)) . k,p +* (Times (a,J)) holds
( ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 & ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 ) )
let a be read-write Int-Location; :: thesis: for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 & J is_halting_on (StepTimes (a,J,p,s)) . k,p +* (Times (a,J)) holds
( ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 & ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 ) )
let J be good really-closed MacroInstruction of SCM+FSA ; :: thesis: ( not J destroys a & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 & J is_halting_on (StepTimes (a,J,p,s)) . k,p +* (Times (a,J)) implies ( ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 & ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 ) ) )
set I = J;
assume that
A1: not J destroys a and
A2: ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 and
A3: J is_halting_on (StepTimes (a,J,p,s)) . k,p +* (Times (a,J)) ; :: thesis: ( ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 & ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 ) )
set ST = StepTimes (a,J,p,s);
A4: J is_halting_on Initialized ((StepTimes (a,J,p,s)) . k),p +* (Times (a,J)) by A2, A3, SCMFSA8B:42;
set SW = StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s));
Macro (SubFrom (a,(intloc 0))) is_halting_on IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k)),p +* (Times (a,J)) by SCMFSA7B:19;
then A5: J ";" (SubFrom (a,(intloc 0))) is_halting_on Initialized ((StepTimes (a,J,p,s)) . k),p +* (Times (a,J)) by A4, SFMASTR1:3;
hereby :: thesis: ( ((StepTimes (a,J,p,s)) . k) . a > 0 implies ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1 )
per cases ( ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . k) . a <= 0 or ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . k) . a > 0 ) ;
suppose ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . k) . a <= 0 ; :: thesis: ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
then DataPart ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . (k + 1)) = DataPart ((StepTimes (a,J,p,s)) . k) by Th31;
hence ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 by A2, SCMFSA_M:2; :: thesis: verum
end;
suppose ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . k) . a > 0 ; :: thesis: ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
then DataPart ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . (k + 1)) = DataPart (IExec ((J ";" (SubFrom (a,(intloc 0)))),(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) by A2, A5, Th32;
hence ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = (IExec ((J ";" (SubFrom (a,(intloc 0)))),(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) . (intloc 0) by SCMFSA_M:2
.= (Exec ((SubFrom (a,(intloc 0))),(IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))))) . (intloc 0) by A4, SFMASTR1:11
.= (IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) . (intloc 0) by SCMFSA_2:65
.= 1 by A4, SCMFSA8C:67 ;
:: thesis: verum
end;
end;
end;
assume ((StepTimes (a,J,p,s)) . k) . a > 0 ; :: thesis: ((StepTimes (a,J,p,s)) . (k + 1)) . a = (((StepTimes (a,J,p,s)) . k) . a) - 1
then DataPart ((StepWhile>0 (a,(J ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . (k + 1)) = DataPart (IExec ((J ";" (SubFrom (a,(intloc 0)))),(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) by A2, A5, Th32;
hence ((StepTimes (a,J,p,s)) . (k + 1)) . a = (IExec ((J ";" (SubFrom (a,(intloc 0)))),(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) . a by SCMFSA_M:2
.= (Exec ((SubFrom (a,(intloc 0))),(IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))))) . a by A4, SFMASTR1:11
.= ((IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) . a) - ((IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) . (intloc 0)) by SCMFSA_2:65
.= ((IExec (J,(p +* (Times (a,J))),((StepTimes (a,J,p,s)) . k))) . a) - 1 by A4, SCMFSA8C:67
.= ((Initialized ((StepTimes (a,J,p,s)) . k)) . a) - 1 by A4, A1, SCMFSA8C:95
.= (((StepTimes (a,J,p,s)) . k) . a) - 1 by SCMFSA_M:37 ;
:: thesis: verum