let s be State of SCM+FSA; for p being Instruction-Sequence of SCM+FSA
for a being read-write Int-Location
for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ProperTimesBody a,J,s,p holds
for k being Nat st k <= s . a holds
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1
let p be Instruction-Sequence of SCM+FSA; for a being read-write Int-Location
for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ProperTimesBody a,J,s,p holds
for k being Nat st k <= s . a holds
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1
let a be read-write Int-Location; for J being good really-closed MacroInstruction of SCM+FSA st not J destroys a & ProperTimesBody a,J,s,p holds
for k being Nat st k <= s . a holds
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1
let J be good really-closed MacroInstruction of SCM+FSA ; ( not J destroys a & ProperTimesBody a,J,s,p implies for k being Nat st k <= s . a holds
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
set I = J;
set ST = StepTimes (a,J,p,s);
set Is = Initialized s;
defpred S1[ Nat] means ( $1 <= s . a implies ((StepTimes (a,J,p,s)) . $1) . (intloc 0) = 1 );
assume A1:
not J destroys a
; ( not ProperTimesBody a,J,s,p or for k being Nat st k <= s . a holds
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
assume A2:
ProperTimesBody a,J,s,p
; for k being Nat st k <= s . a holds
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1
A3:
for k being Nat st S1[k] holds
S1[k + 1]
proof
let k be
Nat;
( S1[k] implies S1[k + 1] )
assume that A4:
(
k <= s . a implies
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
and A5:
k + 1
<= s . a
;
((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
reconsider sa =
s . a as
Element of
NAT by A5, INT_1:3;
A6:
k < sa
by A5, NAT_1:13;
then
J is_halting_on (StepTimes (a,J,p,s)) . k,
p +* (Times (a,J))
by A2;
hence
((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
by A4, A6, Th48, A1;
verum
end;
A7:
S1[ 0 ]
thus
for k being Nat holds S1[k]
from NAT_1:sch 2(A7, A3); verum