let s be State of SCM+FSA; :: thesis: for p being Instruction-Sequence of SCM+FSA
for a being Int-Location
for J being really-closed good MacroInstruction of SCM+FSA st ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) holds
for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
let p be Instruction-Sequence of SCM+FSA; :: thesis: for a being Int-Location
for J being really-closed good MacroInstruction of SCM+FSA st ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) holds
for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
let a be Int-Location; :: thesis: for J being really-closed good MacroInstruction of SCM+FSA st ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) holds
for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
let J be really-closed good MacroInstruction of SCM+FSA ; :: thesis: ( ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) implies for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 ) )
set I = J;
assume that
A1: ProperTimesBody a,J,s,p and
A2: 0 <= s . a and
A3: ( s . (intloc 0) = 1 or a is read-write ) ; :: thesis: for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
set au = 1 -stRWNotIn ({a} \/ (UsedILoc J));
set ST = StepTimes (a,J,p,s);
set SW = StepWhile>0 ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(J ";" (SubFrom ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(intloc 0)))),p,(Exec (((1 -stRWNotIn ({a} \/ (UsedILoc J))) := a),(Initialized s))));
defpred S1[ Nat] means ( $1 >= s . a implies ( ((StepTimes (a,J,p,s)) . $1) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . $1) . (intloc 0) = 1 ) );
A4: for k being Nat st S1[k] holds
S1[k + 1]
proof
reconsider sa = s . a as Element of NAT by A2, INT_1:3;
let k be Nat; :: thesis: ( S1[k] implies S1[k + 1] )
assume that
A5: ( k >= s . a implies ( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 ) ) and
A6: k + 1 >= s . a ; :: thesis: ( ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 )
per cases ( k + 1 = sa or k + 1 > sa ) by A6, XXREAL_0:1;
suppose A7: k + 1 = sa ; :: thesis: ( ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 )
then (((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J)))) + (k + 1) = s . a by A1, A3, Th13;
hence ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 by A7; :: thesis: ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
thus ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 by A1, A7, Th12; :: thesis: verum
end;
suppose A8: k + 1 > sa ; :: thesis: ( ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 )
then A9: DataPart ((StepWhile>0 ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(J ";" (SubFrom ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(intloc 0)))),p,(Exec (((1 -stRWNotIn ({a} \/ (UsedILoc J))) := a),(Initialized s))))) . (k + 1)) = DataPart ((StepWhile>0 ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(J ";" (SubFrom ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(intloc 0)))),p,(Exec (((1 -stRWNotIn ({a} \/ (UsedILoc J))) := a),(Initialized s))))) . k) by A5, NAT_1:13, SCMFSA9A:31;
hence ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 by A5, A8, NAT_1:13, SCMFSA_M:2; :: thesis: ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
thus ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 by A5, A8, A9, NAT_1:13, SCMFSA_M:2; :: thesis: verum
end;
end;
end;
A10: S1[ 0 ]
proof
assume A11: 0 >= s . a ; :: thesis: ( ((StepTimes (a,J,p,s)) . 0) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . 0) . (intloc 0) = 1 )
thus ((StepTimes (a,J,p,s)) . 0) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = (((StepTimes (a,J,p,s)) . 0) . (1 -stRWNotIn ({a} \/ (UsedILoc J)))) + 0
.= 0 by A1, A2, A3, A11, Th13 ; :: thesis: ((StepTimes (a,J,p,s)) . 0) . (intloc 0) = 1
thus ((StepTimes (a,J,p,s)) . 0) . (intloc 0) = 1 by A1, A2, Th12; :: thesis: verum
end;
thus for k being Nat holds S1[k] from NAT_1:sch 2(A10, A4); :: thesis: verum