:: SCM_HALT semantic presentation begin set SA0 = Start-At (0,SCM+FSA); set iS = Initialize ((intloc 0) .--> 1); reconsider EP = {} as PartState of SCM+FSA by FUNCT_1:104, RELAT_1:171; Lm1: IC (Initialize ((intloc 0) .--> 1)) = 0 by MEMSTR_0:def_11; Lm2: Start-At (0,SCM+FSA) c= Initialize ((intloc 0) .--> 1) by FUNCT_4:25; Lm3: dom (Initialize ((intloc 0) .--> 1)) = (dom ((intloc 0) .--> 1)) \/ (dom (Start-At (0,SCM+FSA))) by FUNCT_4:def_1 .= {(intloc 0)} \/ (dom (Start-At (0,SCM+FSA))) by FUNCOP_1:13 .= {(intloc 0)} \/ {(IC )} by FUNCOP_1:13 ; definition let I be Program of SCM+FSA; attrI is InitClosed means :Def1: :: SCM_HALT:def 1 for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st I c= P holds for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I; attrI is InitHalting means :Def2: :: SCM_HALT:def 2 for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s holds for P being Instruction-Sequence of SCM+FSA st I c= P holds P halts_on s; attrI is keepInt0_1 means :Def3: :: SCM_HALT:def 3 for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s holds for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1; end; :: deftheorem Def1 defines InitClosed SCM_HALT:def_1_:_ for I being Program of SCM+FSA holds ( I is InitClosed iff for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st I c= P holds for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I ); :: deftheorem Def2 defines InitHalting SCM_HALT:def_2_:_ for I being Program of SCM+FSA holds ( I is InitHalting iff for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s holds for P being Instruction-Sequence of SCM+FSA st I c= P holds P halts_on s ); :: deftheorem Def3 defines keepInt0_1 SCM_HALT:def_3_:_ for I being Program of SCM+FSA holds ( I is keepInt0_1 iff for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s holds for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ); theorem :: SCM_HALT:1 canceled; theorem Th2: :: SCM_HALT:2 Macro (halt SCM+FSA) is InitHalting proof let s be State of SCM+FSA; :: according to SCM_HALT:def_2 ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for P being Instruction-Sequence of SCM+FSA st Macro (halt SCM+FSA) c= P holds P halts_on s ) set m = Macro (halt SCM+FSA); set m1 = Macro (halt SCM+FSA); assume A1: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for P being Instruction-Sequence of SCM+FSA st Macro (halt SCM+FSA) c= P holds P halts_on s let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( Macro (halt SCM+FSA) c= p implies p halts_on s ) assume A2: Macro (halt SCM+FSA) c= p ; ::_thesis: p halts_on s A3: IC in dom (Initialize ((intloc 0) .--> 1)) by MEMSTR_0:48; take 0 ; :: according to EXTPRO_1:def_8 ::_thesis: ( IC (Comput (p,s,0)) in dom p & CurInstr (p,(Comput (p,s,0))) = halt SCM+FSA ) IC (Comput (p,s,0)) in NAT ; hence IC (Comput (p,s,0)) in dom p by PARTFUN1:def_2; ::_thesis: CurInstr (p,(Comput (p,s,0))) = halt SCM+FSA A4: (Macro (halt SCM+FSA)) . 0 = halt SCM+FSA by COMPOS_1:58; dom (Macro (halt SCM+FSA)) = {0,1} by COMPOS_1:61; then A5: 0 in dom (Macro (halt SCM+FSA)) by TARSKI:def_2; A6: p /. (IC s) = p . (IC s) by PBOOLE:143; CurInstr (p,(Comput (p,s,0))) = CurInstr (p,s) .= p . 0 by Lm1, A1, A6, A3, GRFUNC_1:2 .= halt SCM+FSA by A4, A2, A5, GRFUNC_1:2 ; hence CurInstr (p,(Comput (p,s,0))) = halt SCM+FSA ; ::_thesis: verum end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() V162() InitHalting for set ; existence ex b1 being Program of SCM+FSA st b1 is InitHalting by Th2; end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() paraclosed -> InitClosed for set ; coherence for b1 being Program of SCM+FSA st b1 is paraclosed holds b1 is InitClosed proof let I be Program of SCM+FSA; ::_thesis: ( I is paraclosed implies I is InitClosed ) assume A1: I is paraclosed ; ::_thesis: I is InitClosed let s be State of SCM+FSA; :: according to SCM_HALT:def_1 ::_thesis: for P being Instruction-Sequence of SCM+FSA st I c= P holds for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= P implies for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I ) assume A2: I c= P ; ::_thesis: for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I let n be Element of NAT ; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies IC (Comput (P,s,n)) in dom I ) assume A3: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: IC (Comput (P,s,n)) in dom I Start-At (0,SCM+FSA) c= Initialize ((intloc 0) .--> 1) by FUNCT_4:25; then Start-At (0,SCM+FSA) c= s by A3, XBOOLE_1:1; then s is 0 -started by MEMSTR_0:29; hence IC (Comput (P,s,n)) in dom I by A1, A2, AMISTD_1:def_10; ::_thesis: verum end; end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() parahalting -> InitHalting for set ; coherence for b1 being Program of SCM+FSA st b1 is parahalting holds b1 is InitHalting proof let I be Program of SCM+FSA; ::_thesis: ( I is parahalting implies I is InitHalting ) assume A1: I is parahalting ; ::_thesis: I is InitHalting let s be State of SCM+FSA; :: according to SCM_HALT:def_2 ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for P being Instruction-Sequence of SCM+FSA st I c= P holds P halts_on s ) assume A2: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for P being Instruction-Sequence of SCM+FSA st I c= P holds P halts_on s let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= P implies P halts_on s ) assume A3: I c= P ; ::_thesis: P halts_on s Start-At (0,SCM+FSA) c= Initialize ((intloc 0) .--> 1) by FUNCT_4:25; then Start-At (0,SCM+FSA) c= s by A2, XBOOLE_1:1; then s is 0 -started by MEMSTR_0:29; hence P halts_on s by A1, A3, AMISTD_1:def_11; ::_thesis: verum end; end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() InitHalting -> InitClosed for set ; coherence for b1 being Program of SCM+FSA st b1 is InitHalting holds b1 is InitClosed proof let I be Program of SCM+FSA; ::_thesis: ( I is InitHalting implies I is InitClosed ) assume A1: I is InitHalting ; ::_thesis: I is InitClosed let s be State of SCM+FSA; :: according to SCM_HALT:def_1 ::_thesis: for P being Instruction-Sequence of SCM+FSA st I c= P holds for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= P implies for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I ) assume A2: I c= P ; ::_thesis: for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I let n be Element of NAT ; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies IC (Comput (P,s,n)) in dom I ) assume A3: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: IC (Comput (P,s,n)) in dom I defpred S1[ Nat] means not IC (Comput (P,s,c1)) in dom I; assume not IC (Comput (P,s,n)) in dom I ; ::_thesis: contradiction then A4: ex n being Nat st S1[n] ; consider n being Nat such that A5: S1[n] and A6: for m being Nat st S1[m] holds n <= m from NAT_1:sch_5(A4); reconsider n = n as Element of NAT by ORDINAL1:def_12; A7: for m being Element of NAT st m < n holds IC (Comput (P,s,m)) in dom I by A6; set s2 = Comput (P,s,n); set p2 = P; set s0 = s; set p0 = P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n))))); set s1 = Comput (P,s,n); set p1 = P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n))))); A8: I c= P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n))))) by A2, A5, FUNCT_7:89; then A9: Comput ((P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n)))))),s,n) = Comput (P,s,n) by A7, A2, AMISTD_2:10; P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n))))) halts_on s by A1, Def2, A3, A8; then P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n))))) halts_on Comput ((P +* ((IC (Comput (P,s,n))),(goto (IC (Comput (P,s,n)))))),s,n) by EXTPRO_1:22; hence contradiction by A9, SCMFSA6B:21; ::_thesis: verum end; cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() keepInt0_1 -> InitClosed for set ; coherence for b1 being Program of SCM+FSA st b1 is keepInt0_1 holds b1 is InitClosed proof let I be Program of SCM+FSA; ::_thesis: ( I is keepInt0_1 implies I is InitClosed ) assume A10: I is keepInt0_1 ; ::_thesis: I is InitClosed set FI = FirstNotUsed I; let s be State of SCM+FSA; :: according to SCM_HALT:def_1 ::_thesis: for P being Instruction-Sequence of SCM+FSA st I c= P holds for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (P,s,n)) in dom I let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= p implies for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,n)) in dom I ) assume A11: I c= p ; ::_thesis: for n being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,n)) in dom I let n be Element of NAT ; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies IC (Comput (p,s,n)) in dom I ) assume A12: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: IC (Comput (p,s,n)) in dom I then A13: Start-At (0,SCM+FSA) c= s by Lm2, XBOOLE_1:1; defpred S1[ Nat] means not IC (Comput (p,s,c1)) in dom I; assume not IC (Comput (p,s,n)) in dom I ; ::_thesis: contradiction then A14: ex n being Nat st S1[n] ; consider n being Nat such that A15: S1[n] and A16: for m being Nat st S1[m] holds n <= m from NAT_1:sch_5(A14); reconsider n = n as Element of NAT by ORDINAL1:def_12; set s2 = Comput (p,s,n); set p0 = p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I))); set s0 = s +* ((FirstNotUsed I),((s . (intloc 0)) + 1)); reconsider s = s as State of SCM+FSA ; reconsider s0 = s +* ((FirstNotUsed I),((s . (intloc 0)) + 1)) as State of SCM+FSA ; not I is keepInt0_1 proof FirstNotUsed I <> IC by SCMFSA_2:56; then A17: not FirstNotUsed I in {(IC )} by TARSKI:def_1; set s02 = Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,n); set iIC = {(intloc 0)} \/ {(IC )}; take s0 ; :: according to SCM_HALT:def_3 ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s0 & ex p being Instruction-Sequence of SCM+FSA st ( I c= p & not for k being Element of NAT holds (Comput (p,s0,k)) . (intloc 0) = 1 ) ) FirstNotUsed I in dom s by SCMFSA_2:42; then A18: s0 . (FirstNotUsed I) = (s . (intloc 0)) + 1 by FUNCT_7:31; A19: s . (intloc 0) = 1 by A12, SCMFSA_M:30; A20: not FirstNotUsed I in UsedIntLoc I by SF_MASTR:50; not FirstNotUsed I in {(intloc 0)} by TARSKI:def_1; then not FirstNotUsed I in dom (Initialize ((intloc 0) .--> 1)) by Lm3, A17, XBOOLE_0:def_3; hence Initialize ((intloc 0) .--> 1) c= s0 by A12, FUNCT_7:89; ::_thesis: ex p being Instruction-Sequence of SCM+FSA st ( I c= p & not for k being Element of NAT holds (Comput (p,s0,k)) . (intloc 0) = 1 ) then A21: Start-At (0,SCM+FSA) c= s0 by Lm2, XBOOLE_1:1; take p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I))) ; ::_thesis: ( I c= p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I))) & not for k being Element of NAT holds (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,k)) . (intloc 0) = 1 ) thus A22: I c= p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I))) by A11, A15, FUNCT_7:89; ::_thesis: not for k being Element of NAT holds (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,k)) . (intloc 0) = 1 not FirstNotUsed I in UsedInt*Loc I proof assume FirstNotUsed I in UsedInt*Loc I ; ::_thesis: contradiction then FirstNotUsed I is FinSeq-Location by SCMFSA_2:def_5; hence contradiction by SCMFSA_2:58; ::_thesis: verum end; then A23: s0 | (UsedInt*Loc I) = s | (UsedInt*Loc I) by FUNCT_7:92; A24: s0 | (UsedIntLoc I) = s | (UsedIntLoc I) by FUNCT_7:92, SF_MASTR:50; A25: for m being Element of NAT st m < n holds IC (Comput (p,s,m)) in dom I by A16; A26: IC (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,n)) = IC (Comput (p,s,n)) by A24, A23, A11, A22, A21, A25, A13, SF_MASTR:65; take k = n + 1; ::_thesis: not (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,k)) . (intloc 0) = 1 IC (Comput (p,s,n)) in NAT ; then A27: IC (Comput (p,s,n)) in dom p by PARTFUN1:def_2; A28: (p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))) . (IC (Comput (p,s,n))) = (intloc 0) := (FirstNotUsed I) by A27, FUNCT_7:31; A29: Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,k) = Following ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),(Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,n))) by EXTPRO_1:3 .= Exec (((intloc 0) := (FirstNotUsed I)),(Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,n))) by A26, A28, PBOOLE:143 ; for m being Element of NAT st m < n holds IC (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,m)) in dom I by A25, A24, A23, A11, A22, A21, A13, SF_MASTR:65; then (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,n)) . (FirstNotUsed I) = 1 + 1 by A20, A18, A11, A15, A19, FUNCT_7:89, SF_MASTR:61; hence not (Comput ((p +* ((IC (Comput (p,s,n))),((intloc 0) := (FirstNotUsed I)))),s0,k)) . (intloc 0) = 1 by A29, SCMFSA_2:63; ::_thesis: verum end; hence contradiction by A10; ::_thesis: verum end; cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() keeping_0 -> keepInt0_1 for set ; coherence for b1 being Program of SCM+FSA st b1 is keeping_0 holds b1 is keepInt0_1 proof let I be Program of SCM+FSA; ::_thesis: ( I is keeping_0 implies I is keepInt0_1 ) assume A30: I is keeping_0 ; ::_thesis: I is keepInt0_1 let s be State of SCM+FSA; :: according to SCM_HALT:def_3 ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ) assume A31: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= p implies for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ) assume A32: I c= p ; ::_thesis: for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 let k be Element of NAT ; ::_thesis: (Comput (p,s,k)) . (intloc 0) = 1 Start-At (0,SCM+FSA) c= Initialize ((intloc 0) .--> 1) by FUNCT_4:25; then Start-At (0,SCM+FSA) c= s by A31, XBOOLE_1:1; then A33: s is 0 -started by MEMSTR_0:29; s . (intloc 0) = 1 by A31, SCMFSA_M:30; hence (Comput (p,s,k)) . (intloc 0) = 1 by A30, A32, A33, SCMFSA6B:def_4; ::_thesis: verum end; end; theorem :: SCM_HALT:3 canceled; theorem :: SCM_HALT:4 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA for a being read-write Int-Location st not a in UsedIntLoc I holds (IExec (I,p,s)) . a = s . a proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA for a being read-write Int-Location st not a in UsedIntLoc I holds (IExec (I,p,s)) . a = s . a let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA for a being read-write Int-Location st not a in UsedIntLoc I holds (IExec (I,p,s)) . a = s . a let I be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not a in UsedIntLoc I holds (IExec (I,p,s)) . a = s . a let a be read-write Int-Location; ::_thesis: ( not a in UsedIntLoc I implies (IExec (I,p,s)) . a = s . a ) ( a <> intloc 0 & a <> IC ) by SCMFSA_2:56; then A1: not a in dom (Initialize ((intloc 0) .--> 1)) by SCMFSA_M:11, TARSKI:def_2; A2: (IExec (I,p,s)) . a = (Result ((p +* I),(Initialized s))) . a by SCMFSA6B:def_1; A3: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; I c= p +* I by FUNCT_4:25; then p +* I halts_on Initialized s by Def2, A3; then consider n being Element of NAT such that A4: Result ((p +* I),(Initialized s)) = Comput ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))),n) and CurInstr ((p +* I),(Result ((p +* I),(Initialized s)))) = halt SCM+FSA by EXTPRO_1:def_9; A5: I c= p +* I by FUNCT_4:25; A6: for m being Element of NAT st m < n holds IC (Comput ((p +* I),(Initialized s),m)) in dom I by Def1, A5, A3; assume not a in UsedIntLoc I ; ::_thesis: (IExec (I,p,s)) . a = s . a hence (IExec (I,p,s)) . a = (Initialized s) . a by A2, A4, A6, FUNCT_4:25, SF_MASTR:61 .= s . a by A1, FUNCT_4:11 ; ::_thesis: verum end; theorem :: SCM_HALT:5 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA for f being FinSeq-Location st not f in UsedInt*Loc I holds (IExec (I,p,s)) . f = s . f proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA for f being FinSeq-Location st not f in UsedInt*Loc I holds (IExec (I,p,s)) . f = s . f let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA for f being FinSeq-Location st not f in UsedInt*Loc I holds (IExec (I,p,s)) . f = s . f let I be InitHalting Program of SCM+FSA; ::_thesis: for f being FinSeq-Location st not f in UsedInt*Loc I holds (IExec (I,p,s)) . f = s . f let f be FinSeq-Location ; ::_thesis: ( not f in UsedInt*Loc I implies (IExec (I,p,s)) . f = s . f ) ( f <> intloc 0 & f <> IC ) by SCMFSA_2:57, SCMFSA_2:58; then A1: not f in dom (Initialize ((intloc 0) .--> 1)) by SCMFSA_M:11, TARSKI:def_2; A2: (IExec (I,p,s)) . f = (Result ((p +* I),(Initialized s))) . f by SCMFSA6B:def_1; A3: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; I c= p +* I by FUNCT_4:25; then p +* I halts_on Initialized s by Def2, A3; then consider n being Element of NAT such that A4: Result ((p +* I),(Initialized s)) = Comput ((p +* I),(Initialized s),n) and CurInstr ((p +* I),(Result ((p +* I),(Initialized s)))) = halt SCM+FSA by EXTPRO_1:def_9; A5: I c= p +* I by FUNCT_4:25; A6: for m being Element of NAT st m < n holds IC (Comput ((p +* I),(Initialized s),m)) in dom I by Def1, A5, A3; assume not f in UsedInt*Loc I ; ::_thesis: (IExec (I,p,s)) . f = s . f hence (IExec (I,p,s)) . f = (Initialized s) . f by A2, A4, A6, FUNCT_4:25, SF_MASTR:63 .= s . f by A1, FUNCT_4:11 ; ::_thesis: verum end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() InitHalting -> for set ; coherence for b1 being Program of SCM+FSA st b1 is InitHalting holds not b1 is empty ; end; theorem Th6: :: SCM_HALT:6 for s1, s2 being State of SCM+FSA for p1, p2 being Instruction-Sequence of SCM+FSA for J being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & J c= p1 holds for n being Element of NAT st Reloc (J,n) c= p2 & IC s2 = n & DataPart s1 = DataPart s2 holds for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) proof let s1, s2 be State of SCM+FSA; ::_thesis: for p1, p2 being Instruction-Sequence of SCM+FSA for J being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & J c= p1 holds for n being Element of NAT st Reloc (J,n) c= p2 & IC s2 = n & DataPart s1 = DataPart s2 holds for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) let p1, p2 be Instruction-Sequence of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & J c= p1 holds for n being Element of NAT st Reloc (J,n) c= p2 & IC s2 = n & DataPart s1 = DataPart s2 holds for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) let J be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s1 & J c= p1 implies for n being Element of NAT st Reloc (J,n) c= p2 & IC s2 = n & DataPart s1 = DataPart s2 holds for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s1 and A2: J c= p1 ; ::_thesis: for n being Element of NAT st Reloc (J,n) c= p2 & IC s2 = n & DataPart s1 = DataPart s2 holds for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) let n be Element of NAT ; ::_thesis: ( Reloc (J,n) c= p2 & IC s2 = n & DataPart s1 = DataPart s2 implies for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) ) assume that A3: Reloc (J,n) c= p2 and A4: IC s2 = n and A5: DataPart s1 = DataPart s2 ; ::_thesis: for i being Element of NAT holds ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) A6: DataPart (Comput (p1,s1,0)) = DataPart s2 by A5 .= DataPart (Comput (p2,s2,0)) ; defpred S1[ Nat] means ( (IC (Comput (p1,s1,$1))) + n = IC (Comput (p2,s2,$1)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,$1)))),n) = CurInstr (p2,(Comput (p2,s2,$1))) & DataPart (Comput (p1,s1,$1)) = DataPart (Comput (p2,s2,$1)) ); A7: for k being Element of NAT st S1[k] holds S1[k + 1] proof let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) A8: Comput (p1,s1,(k + 1)) = Following (p1,(Comput (p1,s1,k))) by EXTPRO_1:3 .= Exec ((CurInstr (p1,(Comput (p1,s1,k)))),(Comput (p1,s1,k))) ; reconsider l = IC (Comput (p1,s1,(k + 1))) as Element of NAT ; reconsider j = CurInstr (p1,(Comput (p1,s1,(k + 1)))) as Instruction of SCM+FSA ; A9: Comput (p2,s2,(k + 1)) = Following (p2,(Comput (p2,s2,k))) by EXTPRO_1:3 .= Exec ((CurInstr (p2,(Comput (p2,s2,k)))),(Comput (p2,s2,k))) ; A10: IC (Comput (p1,s1,(k + 1))) in dom J by A1, Def1, A2; assume A11: S1[k] ; ::_thesis: S1[k + 1] hence (IC (Comput (p1,s1,(k + 1)))) + n = IC (Comput (p2,s2,(k + 1))) by A8, A9, SCMFSA6A:8; ::_thesis: ( IncAddr ((CurInstr (p1,(Comput (p1,s1,(k + 1))))),n) = CurInstr (p2,(Comput (p2,s2,(k + 1)))) & DataPart (Comput (p1,s1,(k + 1))) = DataPart (Comput (p2,s2,(k + 1))) ) then A12: IC (Comput (p2,s2,(k + 1))) in dom (Reloc (J,n)) by A10, COMPOS_1:46; A13: l in dom J by A1, Def1, A2; j = p1 . (IC (Comput (p1,s1,(k + 1)))) by PBOOLE:143 .= J . l by A10, A2, GRFUNC_1:2 ; hence IncAddr ((CurInstr (p1,(Comput (p1,s1,(k + 1))))),n) = (Reloc (J,n)) . (l + n) by A13, COMPOS_1:35 .= (Reloc (J,n)) . (IC (Comput (p2,s2,(k + 1)))) by A11, A8, A9, SCMFSA6A:8 .= p2 . (IC (Comput (p2,s2,(k + 1)))) by A12, A3, GRFUNC_1:2 .= CurInstr (p2,(Comput (p2,s2,(k + 1)))) by PBOOLE:143 ; ::_thesis: DataPart (Comput (p1,s1,(k + 1))) = DataPart (Comput (p2,s2,(k + 1))) thus DataPart (Comput (p1,s1,(k + 1))) = DataPart (Comput (p2,s2,(k + 1))) by A11, A8, A9, SCMFSA6A:8; ::_thesis: verum end; A14: 0 in dom J by AFINSQ_1:65; A15: 0 in dom J by AFINSQ_1:65; A16: IC in dom (Initialize ((intloc 0) .--> 1)) by MEMSTR_0:48; then A17: p1 . (IC s1) = p1 . (IC (Initialize ((intloc 0) .--> 1))) by A1, GRFUNC_1:2 .= J . 0 by A15, A2, Lm1, GRFUNC_1:2 ; let i be Element of NAT ; ::_thesis: ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) 0 in dom J by AFINSQ_1:65; then A18: 0 + n in dom (Reloc (J,n)) by COMPOS_1:46; A19: IC (Comput (p1,s1,0)) = s1 . (IC ) .= 0 by Lm1, A1, A16, GRFUNC_1:2 ; A20: p2 /. (IC s2) = p2 . (IC s2) by PBOOLE:143; A21: p1 /. (IC s1) = p1 . (IC s1) by PBOOLE:143; IncAddr ((CurInstr (p1,(Comput (p1,s1,0)))),n) = IncAddr ((CurInstr (p1,s1)),n) .= (Reloc (J,n)) . (0 + n) by A17, A14, A21, COMPOS_1:35 .= CurInstr (p2,s2) by A4, A18, A20, A3, GRFUNC_1:2 .= CurInstr (p2,(Comput (p2,s2,0))) ; then A22: S1[ 0 ] by A4, A19, A6; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A22, A7); hence ( (IC (Comput (p1,s1,i))) + n = IC (Comput (p2,s2,i)) & IncAddr ((CurInstr (p1,(Comput (p1,s1,i)))),n) = CurInstr (p2,(Comput (p2,s2,i))) & DataPart (Comput (p1,s1,i)) = DataPart (Comput (p2,s2,i)) ) ; ::_thesis: verum end; theorem Th7: :: SCM_HALT:7 for s1, s2 being State of SCM+FSA for p1, p2 being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 holds for k being Element of NAT holds ( Comput (p1,s1,k) = Comput (p2,s2,k) & CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) ) proof let s1, s2 be State of SCM+FSA; ::_thesis: for p1, p2 being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 holds for k being Element of NAT holds ( Comput (p1,s1,k) = Comput (p2,s2,k) & CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) ) let p1, p2 be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 holds for k being Element of NAT holds ( Comput (p1,s1,k) = Comput (p2,s2,k) & CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) ) let I be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 implies for k being Element of NAT holds ( Comput (p1,s1,k) = Comput (p2,s2,k) & CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) ) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s1 and A2: Initialize ((intloc 0) .--> 1) c= s2 and A3: I c= p1 and A4: I c= p2 and A5: s1 = s2 ; ::_thesis: for k being Element of NAT holds ( Comput (p1,s1,k) = Comput (p2,s2,k) & CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) ) let k be Element of NAT ; ::_thesis: ( Comput (p1,s1,k) = Comput (p2,s2,k) & CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) ) A6: IC (Comput (p1,s1,k)) in dom I by A1, Def1, A3; A7: IC (Comput (p2,s2,k)) in dom I by A2, Def1, A4; for m being Element of NAT st m < k holds IC (Comput (p2,s2,m)) in dom I by A2, Def1, A4; hence A8: Comput (p1,s1,k) = Comput (p2,s2,k) by A5, A3, A4, AMISTD_2:10; ::_thesis: CurInstr (p1,(Comput (p1,s1,k))) = CurInstr (p2,(Comput (p2,s2,k))) thus CurInstr (p2,(Comput (p2,s2,k))) = p2 . (IC (Comput (p2,s2,k))) by PBOOLE:143 .= I . (IC (Comput (p2,s2,k))) by A7, A4, GRFUNC_1:2 .= p1 . (IC (Comput (p1,s1,k))) by A8, A6, A3, GRFUNC_1:2 .= CurInstr (p1,(Comput (p1,s1,k))) by PBOOLE:143 ; ::_thesis: verum end; theorem Th8: :: SCM_HALT:8 for s1, s2 being State of SCM+FSA for p1, p2 being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 holds ( LifeSpan (p1,s1) = LifeSpan (p2,s2) & Result (p1,s1) = Result (p2,s2) ) proof let s1, s2 be State of SCM+FSA; ::_thesis: for p1, p2 being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 holds ( LifeSpan (p1,s1) = LifeSpan (p2,s2) & Result (p1,s1) = Result (p2,s2) ) let p1, p2 be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 holds ( LifeSpan (p1,s1) = LifeSpan (p2,s2) & Result (p1,s1) = Result (p2,s2) ) let I be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s1 & Initialize ((intloc 0) .--> 1) c= s2 & I c= p1 & I c= p2 & s1 = s2 implies ( LifeSpan (p1,s1) = LifeSpan (p2,s2) & Result (p1,s1) = Result (p2,s2) ) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s1 and A2: Initialize ((intloc 0) .--> 1) c= s2 and A3: I c= p1 and A4: I c= p2 and A5: s1 = s2 ; ::_thesis: ( LifeSpan (p1,s1) = LifeSpan (p2,s2) & Result (p1,s1) = Result (p2,s2) ) A6: p2 halts_on s2 by A2, Def2, A4; A7: p1 halts_on s1 by A1, Def2, A3; A8: now__::_thesis:_for_l_being_Element_of_NAT_st_CurInstr_(p2,(Comput_(p2,s2,l)))_=_halt_SCM+FSA_holds_ LifeSpan_(p1,s1)_<=_l let l be Element of NAT ; ::_thesis: ( CurInstr (p2,(Comput (p2,s2,l))) = halt SCM+FSA implies LifeSpan (p1,s1) <= l ) assume A9: CurInstr (p2,(Comput (p2,s2,l))) = halt SCM+FSA ; ::_thesis: LifeSpan (p1,s1) <= l CurInstr (p1,(Comput (p1,s1,l))) = CurInstr (p2,(Comput (p2,s2,l))) by A1, A5, Th7, A3, A4; hence LifeSpan (p1,s1) <= l by A7, A9, EXTPRO_1:def_15; ::_thesis: verum end; CurInstr (p2,(Comput (p2,s2,(LifeSpan (p1,s1))))) = CurInstr (p1,(Comput (p1,s1,(LifeSpan (p1,s1))))) by A1, A5, Th7, A3, A4 .= halt SCM+FSA by A7, EXTPRO_1:def_15 ; hence A10: LifeSpan (p1,s1) = LifeSpan (p2,s2) by A8, A6, EXTPRO_1:def_15; ::_thesis: Result (p1,s1) = Result (p2,s2) p2 halts_on s2 by A2, Def2, A4; then A11: Result (p2,s2) = Comput (p2,s2,(LifeSpan (p1,s1))) by A10, EXTPRO_1:23; p1 halts_on s1 by A1, Def2, A3; then Result (p1,s1) = Comput (p1,s1,(LifeSpan (p1,s1))) by EXTPRO_1:23; hence Result (p1,s1) = Result (p2,s2) by A1, A5, A11, Th7, A3, A4; ::_thesis: verum end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() keeping_0 V162() InitHalting for set ; existence ex b1 being Program of SCM+FSA st ( b1 is keeping_0 & b1 is InitHalting ) proof take Macro (halt SCM+FSA) ; ::_thesis: ( Macro (halt SCM+FSA) is keeping_0 & Macro (halt SCM+FSA) is InitHalting ) thus ( Macro (halt SCM+FSA) is keeping_0 & Macro (halt SCM+FSA) is InitHalting ) ; ::_thesis: verum end; end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() V162() InitHalting keepInt0_1 for set ; existence ex b1 being Program of SCM+FSA st ( b1 is keepInt0_1 & b1 is InitHalting ) proof take Macro (halt SCM+FSA) ; ::_thesis: ( Macro (halt SCM+FSA) is keepInt0_1 & Macro (halt SCM+FSA) is InitHalting ) thus ( Macro (halt SCM+FSA) is keepInt0_1 & Macro (halt SCM+FSA) is InitHalting ) ; ::_thesis: verum end; end; theorem Th9: :: SCM_HALT:9 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA holds (IExec (I,p,s)) . (intloc 0) = 1 proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA holds (IExec (I,p,s)) . (intloc 0) = 1 let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA holds (IExec (I,p,s)) . (intloc 0) = 1 let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: (IExec (I,p,s)) . (intloc 0) = 1 A1: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; A2: I c= p +* I by FUNCT_4:25; then p +* I halts_on Initialized s by Def2, A1; then A3: ( Initialize ((intloc 0) .--> 1) c= Initialized s & ex n being Element of NAT st ( Result ((p +* I),(Initialized s)) = Comput ((p +* I),(Initialized s),n) & CurInstr ((p +* I),(Result ((p +* I),(Initialized s)))) = halt SCM+FSA ) ) by EXTPRO_1:def_9, FUNCT_4:25; thus (IExec (I,p,s)) . (intloc 0) = (Result ((p +* I),(Initialized s))) . (intloc 0) by SCMFSA6B:def_1 .= 1 by A3, A2, Def3 ; ::_thesis: verum end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() V162() InitClosed for set ; existence ex b1 being Program of SCM+FSA st b1 is InitClosed proof take the paraclosed Program of SCM+FSA ; ::_thesis: the paraclosed Program of SCM+FSA is InitClosed thus the paraclosed Program of SCM+FSA is InitClosed ; ::_thesis: verum end; end; theorem Th10: :: SCM_HALT:10 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA for J being Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA for J being Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitClosed Program of SCM+FSA for J being Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) let I be InitClosed Program of SCM+FSA; ::_thesis: for J being Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) let J be Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s implies for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s and A2: I c= p and A3: p halts_on s ; ::_thesis: for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) defpred S1[ Nat] means ( $1 <= LifeSpan (p,s) implies Comput (p,s,$1) = Comput ((p +* (I ";" J)),s,$1) ); A4: for m being Element of NAT st S1[m] holds S1[m + 1] proof set px = p +* (I ";" J); let m be Element of NAT ; ::_thesis: ( S1[m] implies S1[m + 1] ) A5: I ";" J c= p +* (I ";" J) by FUNCT_4:25; assume A6: ( m <= LifeSpan (p,s) implies Comput (p,s,m) = Comput ((p +* (I ";" J)),s,m) ) ; ::_thesis: S1[m + 1] dom (I ";" J) = (dom (Directed I)) \/ (dom (Reloc (J,(card I)))) by FUNCT_4:def_1 .= (dom I) \/ (dom (Reloc (J,(card I)))) by FUNCT_4:99 ; then A7: ( {} c= Comput ((p +* (I ";" J)),s,m) & dom I c= dom (I ";" J) ) by XBOOLE_1:2, XBOOLE_1:7; A8: Comput (p,s,(m + 1)) = Following (p,(Comput (p,s,m))) by EXTPRO_1:3 .= Exec ((CurInstr (p,(Comput (p,s,m)))),(Comput (p,s,m))) ; A9: Comput ((p +* (I ";" J)),s,(m + 1)) = Following ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),s,m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),s,m)))),(Comput ((p +* (I ";" J)),s,m))) ; A10: IC (Comput (p,s,m)) in dom I by A1, Def1, A2; A11: p /. (IC (Comput (p,s,m))) = p . (IC (Comput (p,s,m))) by PBOOLE:143; A12: CurInstr (p,(Comput (p,s,m))) = I . (IC (Comput (p,s,m))) by A10, A11, A2, GRFUNC_1:2; assume A13: m + 1 <= LifeSpan (p,s) ; ::_thesis: Comput (p,s,(m + 1)) = Comput ((p +* (I ";" J)),s,(m + 1)) A14: (p +* (I ";" J)) /. (IC (Comput ((p +* (I ";" J)),s,m))) = (p +* (I ";" J)) . (IC (Comput ((p +* (I ";" J)),s,m))) by PBOOLE:143; m < LifeSpan (p,s) by A13, NAT_1:13; then I . (IC (Comput (p,s,m))) <> halt SCM+FSA by A3, A12, EXTPRO_1:def_15; then CurInstr (p,(Comput (p,s,m))) = (I ";" J) . (IC (Comput (p,s,m))) by A10, A12, SCMFSA6A:15 .= CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),s,m))) by A13, A10, A7, A14, A5, A6, GRFUNC_1:2, NAT_1:13 ; hence Comput (p,s,(m + 1)) = Comput ((p +* (I ";" J)),s,(m + 1)) by A6, A13, A8, A9, NAT_1:13; ::_thesis: verum end; A15: S1[ 0 ] ; thus for m being Element of NAT holds S1[m] from NAT_1:sch_1(A15, A4); ::_thesis: verum end; theorem Th11: :: SCM_HALT:11 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA st p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA st p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitClosed Program of SCM+FSA st p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I set A = NAT ; let I be InitClosed Program of SCM+FSA; ::_thesis: ( p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s implies IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I ) assume that A1: p +* I halts_on s and A2: Directed I c= p and A3: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I set sISA0 = s +* (Initialize ((intloc 0) .--> 1)); set pISA0 = p +* I; set s1 = (s +* (Initialize ((intloc 0) .--> 1))) +* EP; set p1 = (p +* I) +* (I ";" I); A4: s +* (Initialize ((intloc 0) .--> 1)) = s by A3, FUNCT_4:98; then A5: (s +* (Initialize ((intloc 0) .--> 1))) +* EP = s by FUNCT_4:21; A6: Initialize ((intloc 0) .--> 1) c= s +* (Initialize ((intloc 0) .--> 1)) by A3, FUNCT_4:98; A7: I c= p +* I by FUNCT_4:25; reconsider sISA0 = s +* (Initialize ((intloc 0) .--> 1)) as State of SCM+FSA ; set m = LifeSpan ((p +* I),sISA0); set l1 = IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0)))); A8: I c= p +* I by FUNCT_4:25; A9: IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0)))) in dom I by A6, Def1, A8; set s2 = sISA0 +* EP; set p2 = (p +* I) +* (Directed I); A10: Directed I c= (p +* I) +* (Directed I) by FUNCT_4:25; now__::_thesis:_for_k_being_Element_of_NAT_st_k_<=_LifeSpan_((p_+*_I),sISA0)_holds_ Comput_((p_+*_I),sISA0,k)_=_Comput_(((p_+*_I)_+*_(Directed_I)),(sISA0_+*_EP),k) let k be Element of NAT ; ::_thesis: ( k <= LifeSpan ((p +* I),sISA0) implies Comput ((p +* I),sISA0,k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) ) defpred S1[ Nat] means ( $1 <= k implies Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),$1) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),$1) ); assume A11: k <= LifeSpan ((p +* I),sISA0) ; ::_thesis: Comput ((p +* I),sISA0,k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) A12: for n being Element of NAT st S1[n] holds S1[n + 1] proof let n be Element of NAT ; ::_thesis: ( S1[n] implies S1[n + 1] ) assume A13: ( n <= k implies Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n) ) ; ::_thesis: S1[n + 1] A14: Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(n + 1)) = Following (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) by EXTPRO_1:3 .= Exec ((CurInstr (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n)))),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) ; A15: Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),(n + 1)) = Following (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n))) by EXTPRO_1:3 .= Exec ((CurInstr (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n)))),(Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n))) ; A16: n <= n + 1 by NAT_1:12; assume A17: n + 1 <= k ; ::_thesis: Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),(n + 1)) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(n + 1)) A18: I c= p +* I by FUNCT_4:25; n <= k by A17, A16, XXREAL_0:2; then IC (Comput ((p +* I),sISA0,n)) = IC (Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n)) by A1, A3, Th10, A7, A4, A5, A11, XXREAL_0:2; then A19: IC (Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n)) in dom I by A6, Def1, A18; then A20: IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n)) in dom (Directed I) by A17, A13, A16, FUNCT_4:99, XXREAL_0:2; A21: CurInstr (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) = ((p +* I) +* (Directed I)) . (IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) by PBOOLE:143 .= (Directed I) . (IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) by A20, FUNCT_4:13 ; ( dom I c= dom (I ";" I) & CurInstr (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n))) = ((p +* I) +* (I ";" I)) . (IC (Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n))) ) by PBOOLE:143, SCMFSA6A:17; then ( Directed I c= I ";" I & CurInstr (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n))) = (I ";" I) . (IC (Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),n))) ) by A19, FUNCT_4:13, SCMFSA6A:16; hence Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),(n + 1)) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(n + 1)) by A13, A17, A16, A21, A15, A14, A20, GRFUNC_1:2, XXREAL_0:2; ::_thesis: verum end; A22: S1[ 0 ] ; for n being Element of NAT holds S1[n] from NAT_1:sch_1(A22, A12); then Comput (((p +* I) +* (I ";" I)),((s +* (Initialize ((intloc 0) .--> 1))) +* EP),k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) ; hence Comput ((p +* I),sISA0,k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) by A1, A3, A11, Th10, A7, A4, A5; ::_thesis: verum end; then A23: Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0))) ; A24: I . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) = (p +* I) . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) by A9, A7, GRFUNC_1:2 .= CurInstr ((p +* I),(Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) by PBOOLE:143 .= halt SCM+FSA by A1, A4, EXTPRO_1:def_15 ; IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0)))) in dom (Directed I) by A9, A23, FUNCT_4:99; then A25: ((p +* I) +* (Directed I)) . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) = (Directed I) . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) by A23, A10, GRFUNC_1:2 .= goto (card I) by A9, A24, FUNCT_4:106 ; A26: Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),((LifeSpan ((p +* I),sISA0)) + 1)) = Following (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0))))) by EXTPRO_1:3 .= Exec ((goto (card I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0))))) by A23, A25, PBOOLE:143 ; set m = LifeSpan ((p +* I),sISA0); dom (Directed I) = dom I by FUNCT_4:99; then A27: (p +* I) +* (Directed I) = p +* (Directed I) by FUNCT_4:74 .= p by A2, FUNCT_4:98 ; sISA0 +* EP = sISA0 by FUNCT_4:21 .= s by A3, FUNCT_4:98 ; hence IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),((LifeSpan ((p +* I),sISA0)) + 1))) by A27, FUNCT_4:21 .= card I by A26, SCMFSA_2:69 ; ::_thesis: verum end; theorem Th12: :: SCM_HALT:12 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA st p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s holds DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA st p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s holds DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitClosed Program of SCM+FSA st p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s holds DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) set A = NAT ; let I be InitClosed Program of SCM+FSA; ::_thesis: ( p +* I halts_on s & Directed I c= p & Initialize ((intloc 0) .--> 1) c= s implies DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) ) assume that A1: p +* I halts_on s and A2: Directed I c= p and A3: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) A4: s = s +* {} ; set sISA0 = s +* (Initialize ((intloc 0) .--> 1)); set pISA0 = p +* I; set s2 = (s +* (Initialize ((intloc 0) .--> 1))) +* EP; set p2 = (p +* I) +* (Directed I); A5: Initialize ((intloc 0) .--> 1) c= s +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; A6: I c= p +* I by FUNCT_4:25; A7: s +* (Initialize ((intloc 0) .--> 1)) = s by A3, FUNCT_4:98; reconsider sISA0 = s +* (Initialize ((intloc 0) .--> 1)) as State of SCM+FSA ; set m = LifeSpan ((p +* I),sISA0); set l1 = IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0)))); A8: IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0)))) in dom I by A5, Def1, A6; set s2 = sISA0 +* EP; set p2 = (p +* I) +* (Directed I); now__::_thesis:_for_k_being_Element_of_NAT_st_k_<=_LifeSpan_((p_+*_I),sISA0)_holds_ Comput_((p_+*_I),sISA0,k)_=_Comput_(((p_+*_I)_+*_(Directed_I)),(sISA0_+*_EP),k) set s1 = sISA0 +* EP; set p1 = (p +* I) +* (I ";" I); let k be Element of NAT ; ::_thesis: ( k <= LifeSpan ((p +* I),sISA0) implies Comput ((p +* I),sISA0,k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) ) defpred S1[ Nat] means ( $1 <= k implies Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),$1) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),$1) ); assume A9: k <= LifeSpan ((p +* I),sISA0) ; ::_thesis: Comput ((p +* I),sISA0,k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) A10: for n being Element of NAT st S1[n] holds S1[n + 1] proof A11: Directed I c= I ";" I by SCMFSA6A:16; let n be Element of NAT ; ::_thesis: ( S1[n] implies S1[n + 1] ) A12: dom I c= dom (I ";" I) by SCMFSA6A:17; assume A13: ( n <= k implies Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n) ) ; ::_thesis: S1[n + 1] A14: Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(n + 1)) = Following (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) by EXTPRO_1:3 .= Exec ((CurInstr (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n)))),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) ; A15: Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),(n + 1)) = Following (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n))) by EXTPRO_1:3 .= Exec ((CurInstr (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n)))),(Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n))) ; A16: n <= n + 1 by NAT_1:12; assume A17: n + 1 <= k ; ::_thesis: Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),(n + 1)) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(n + 1)) n <= k by A17, A16, XXREAL_0:2; then Comput ((p +* I),sISA0,n) = Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n) by A1, A5, Th10, A6, A4, A7, A9, XXREAL_0:2; then A18: IC (Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n)) in dom I by A5, Def1, A6; then A19: IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n)) in dom (Directed I) by A17, A13, A16, FUNCT_4:99, XXREAL_0:2; A20: CurInstr (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) = ((p +* I) +* (Directed I)) . (IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) by PBOOLE:143 .= (Directed I) . (IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),n))) by A19, FUNCT_4:13 ; CurInstr (((p +* I) +* (I ";" I)),(Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n))) = ((p +* I) +* (I ";" I)) . (IC (Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n))) by PBOOLE:143 .= (I ";" I) . (IC (Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n))) by A12, A18, FUNCT_4:13 .= (Directed I) . (IC (Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),n))) by A11, A17, A19, A13, A16, GRFUNC_1:2, XXREAL_0:2 ; hence Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),(n + 1)) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(n + 1)) by A13, A17, A16, A20, A15, A14, XXREAL_0:2; ::_thesis: verum end; A21: S1[ 0 ] ; for n being Element of NAT holds S1[n] from NAT_1:sch_1(A21, A10); then Comput (((p +* I) +* (I ";" I)),(sISA0 +* EP),k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) ; hence Comput ((p +* I),sISA0,k) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),k) by A1, A5, A7, A9, Th10, A6, A4; ::_thesis: verum end; then A22: Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))) = Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0))) ; A23: I . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) = (p +* I) . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) by A8, A6, GRFUNC_1:2 .= CurInstr ((p +* I),(Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) by PBOOLE:143 .= halt SCM+FSA by A1, A7, EXTPRO_1:def_15 ; IC (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0)))) in dom (Directed I) by A8, A22, FUNCT_4:99; then A24: ((p +* I) +* (Directed I)) . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) = (Directed I) . (IC (Comput ((p +* I),sISA0,(LifeSpan ((p +* I),sISA0))))) by A22, FUNCT_4:13 .= goto (card I) by A8, A23, FUNCT_4:106 ; Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),((LifeSpan ((p +* I),sISA0)) + 1)) = Following (((p +* I) +* (Directed I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0))))) by EXTPRO_1:3 .= Exec ((goto (card I)),(Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0))))) by A22, A24, PBOOLE:143 ; then A25: ( ( for a being Int-Location holds (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),((LifeSpan ((p +* I),sISA0)) + 1))) . a = (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0)))) . a ) & ( for f being FinSeq-Location holds (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),((LifeSpan ((p +* I),sISA0)) + 1))) . f = (Comput (((p +* I) +* (Directed I)),(sISA0 +* EP),(LifeSpan ((p +* I),sISA0)))) . f ) ) by SCMFSA_2:69; dom (Directed I) = dom I by FUNCT_4:99; then (p +* I) +* (Directed I) = p +* (Directed I) by FUNCT_4:74 .= p by A2, FUNCT_4:98 ; hence DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) by A7, A25, A4, SCMFSA_M:2; ::_thesis: verum end; theorem Th13: :: SCM_HALT:13 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA set A = NAT ; let I be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I c= p implies for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA ) set s2 = s +* EP; set p2 = p +* (Directed I); set m = LifeSpan (p,s); A1: s +* EP = s by FUNCT_4:21; assume A2: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: ( not I c= p or for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA ) assume A3: I c= p ; ::_thesis: for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA then A4: p halts_on s by A2, Def2; A5: now__::_thesis:_for_k_being_Element_of_NAT_st_k_<=_LifeSpan_(p,s)_holds_ Comput_(p,s,k)_=_Comput_((p_+*_(Directed_I)),(s_+*_EP),k) set s1 = s +* EP; set p1 = p +* (I ";" I); A6: s = s +* EP by FUNCT_4:21; let k be Element of NAT ; ::_thesis: ( k <= LifeSpan (p,s) implies Comput (p,s,k) = Comput ((p +* (Directed I)),(s +* EP),k) ) defpred S1[ Nat] means ( $1 <= k implies Comput ((p +* (I ";" I)),(s +* EP),$1) = Comput ((p +* (Directed I)),(s +* EP),$1) ); assume A7: k <= LifeSpan (p,s) ; ::_thesis: Comput (p,s,k) = Comput ((p +* (Directed I)),(s +* EP),k) A8: for n being Element of NAT st S1[n] holds S1[n + 1] proof A9: Directed I c= I ";" I by SCMFSA6A:16; let n be Element of NAT ; ::_thesis: ( S1[n] implies S1[n + 1] ) A10: dom I c= dom (I ";" I) by SCMFSA6A:17; assume A11: ( n <= k implies Comput ((p +* (I ";" I)),(s +* EP),n) = Comput ((p +* (Directed I)),(s +* EP),n) ) ; ::_thesis: S1[n + 1] A12: Comput ((p +* (Directed I)),(s +* EP),(n + 1)) = Following ((p +* (Directed I)),(Comput ((p +* (Directed I)),(s +* EP),n))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),(s +* EP),n)))),(Comput ((p +* (Directed I)),(s +* EP),n))) ; A13: Comput ((p +* (I ";" I)),(s +* EP),(n + 1)) = Following ((p +* (I ";" I)),(Comput ((p +* (I ";" I)),(s +* EP),n))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (I ";" I)),(Comput ((p +* (I ";" I)),(s +* EP),n)))),(Comput ((p +* (I ";" I)),(s +* EP),n))) ; A14: n <= n + 1 by NAT_1:12; assume A15: n + 1 <= k ; ::_thesis: Comput ((p +* (I ";" I)),(s +* EP),(n + 1)) = Comput ((p +* (Directed I)),(s +* EP),(n + 1)) n <= k by A15, A14, XXREAL_0:2; then Comput (p,s,n) = Comput ((p +* (I ";" I)),(s +* EP),n) by A2, A4, Th10, A3, A6, A7, XXREAL_0:2; then A16: IC (Comput ((p +* (I ";" I)),(s +* EP),n)) in dom I by A2, Def1, A3; then A17: IC (Comput ((p +* (Directed I)),(s +* EP),n)) in dom (Directed I) by A15, A11, A14, FUNCT_4:99, XXREAL_0:2; A18: CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),(s +* EP),n))) = (p +* (Directed I)) . (IC (Comput ((p +* (Directed I)),(s +* EP),n))) by PBOOLE:143 .= (Directed I) . (IC (Comput ((p +* (Directed I)),(s +* EP),n))) by A17, FUNCT_4:13 ; CurInstr ((p +* (I ";" I)),(Comput ((p +* (I ";" I)),(s +* EP),n))) = (p +* (I ";" I)) . (IC (Comput ((p +* (I ";" I)),(s +* EP),n))) by PBOOLE:143 .= (I ";" I) . (IC (Comput ((p +* (I ";" I)),(s +* EP),n))) by A10, A16, FUNCT_4:13 .= (Directed I) . (IC (Comput ((p +* (I ";" I)),(s +* EP),n))) by A9, A15, A17, A11, A14, GRFUNC_1:2, XXREAL_0:2 ; hence Comput ((p +* (I ";" I)),(s +* EP),(n + 1)) = Comput ((p +* (Directed I)),(s +* EP),(n + 1)) by A11, A15, A14, A18, A13, A12, XXREAL_0:2; ::_thesis: verum end; A19: S1[ 0 ] ; for n being Element of NAT holds S1[n] from NAT_1:sch_1(A19, A8); then Comput ((p +* (I ";" I)),(s +* EP),k) = Comput ((p +* (Directed I)),(s +* EP),k) ; hence Comput (p,s,k) = Comput ((p +* (Directed I)),(s +* EP),k) by A2, A4, A7, Th10, A3, A6; ::_thesis: verum end; let k be Element of NAT ; ::_thesis: ( k <= LifeSpan (p,s) implies CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA ) set lk = IC (Comput (p,s,k)); A20: ( IC (Comput (p,s,k)) in dom I & dom I = dom (Directed I) ) by A2, A3, Def1, FUNCT_4:99; then A21: (Directed I) . (IC (Comput (p,s,k))) in rng (Directed I) by FUNCT_1:def_3; assume k <= LifeSpan (p,s) ; ::_thesis: CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) <> halt SCM+FSA then IC (Comput (p,s,k)) = IC (Comput ((p +* (Directed I)),(s +* EP),k)) by A5; then A22: CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),(s +* EP),k))) = (p +* (Directed I)) . (IC (Comput (p,s,k))) by PBOOLE:143 .= (Directed I) . (IC (Comput (p,s,k))) by A20, FUNCT_4:13 ; assume CurInstr ((p +* (Directed I)),(Comput ((p +* (Directed I)),s,k))) = halt SCM+FSA ; ::_thesis: contradiction hence contradiction by A22, A21, A1, SCMFSA6A:1; ::_thesis: verum end; theorem Th14: :: SCM_HALT:14 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA st p +* I halts_on Initialized s holds for J being Program of SCM+FSA for k being Element of NAT st k <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitClosed Program of SCM+FSA st p +* I halts_on Initialized s holds for J being Program of SCM+FSA for k being Element of NAT st k <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitClosed Program of SCM+FSA st p +* I halts_on Initialized s holds for J being Program of SCM+FSA for k being Element of NAT st k <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) let I be InitClosed Program of SCM+FSA; ::_thesis: ( p +* I halts_on Initialized s implies for J being Program of SCM+FSA for k being Element of NAT st k <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) ) assume A1: p +* I halts_on Initialized s ; ::_thesis: for J being Program of SCM+FSA for k being Element of NAT st k <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) set s1 = Initialized s; set p1 = p +* I; A2: I c= p +* I by FUNCT_4:25; let J be Program of SCM+FSA; ::_thesis: for k being Element of NAT st k <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) set s2 = Initialized s; set p2 = p +* (I ";" J); defpred S1[ Nat] means ( $1 <= LifeSpan ((p +* I),(Initialized s)) implies Comput ((p +* I),(Initialized s),$1) = Comput ((p +* (I ";" J)),(Initialized s),$1) ); A3: for m being Element of NAT st S1[m] holds S1[m + 1] proof dom (I ";" J) = (dom (Directed I)) \/ (dom (Reloc (J,(card I)))) by FUNCT_4:def_1 .= (dom I) \/ (dom (Reloc (J,(card I)))) by FUNCT_4:99 ; then A4: dom I c= dom (I ";" J) by XBOOLE_1:7; set sx = Initialized s; set px = p +* (I ";" J); A5: I ";" J c= p +* (I ";" J) by FUNCT_4:25; let m be Element of NAT ; ::_thesis: ( S1[m] implies S1[m + 1] ) assume A6: ( m <= LifeSpan ((p +* I),(Initialized s)) implies Comput ((p +* I),(Initialized s),m) = Comput ((p +* (I ";" J)),(Initialized s),m) ) ; ::_thesis: S1[m + 1] assume A7: m + 1 <= LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: Comput ((p +* I),(Initialized s),(m + 1)) = Comput ((p +* (I ";" J)),(Initialized s),(m + 1)) A8: Comput ((p +* I),(Initialized s),(m + 1)) = Following ((p +* I),(Comput ((p +* I),(Initialized s),m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m)))),(Comput ((p +* I),(Initialized s),m))) ; A9: Comput ((p +* (I ";" J)),(Initialized s),(m + 1)) = Following ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),m)))),(Comput ((p +* (I ";" J)),(Initialized s),m))) ; Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; then A10: IC (Comput ((p +* I),(Initialized s),m)) in dom I by Def1, A2; A11: (p +* I) /. (IC (Comput ((p +* I),(Initialized s),m))) = (p +* I) . (IC (Comput ((p +* I),(Initialized s),m))) by PBOOLE:143; A12: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = I . (IC (Comput ((p +* I),(Initialized s),m))) by A10, A11, A2, GRFUNC_1:2; A13: (p +* (I ";" J)) /. (IC (Comput ((p +* (I ";" J)),(Initialized s),m))) = (p +* (I ";" J)) . (IC (Comput ((p +* (I ";" J)),(Initialized s),m))) by PBOOLE:143; m < LifeSpan ((p +* I),(Initialized s)) by A7, NAT_1:13; then I . (IC (Comput ((p +* I),(Initialized s),m))) <> halt SCM+FSA by A1, A12, EXTPRO_1:def_15; then CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = (I ";" J) . (IC (Comput ((p +* I),(Initialized s),m))) by A10, A12, SCMFSA6A:15 .= CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),m))) by A13, A7, A10, A4, A5, A6, GRFUNC_1:2, NAT_1:13 ; hence Comput ((p +* I),(Initialized s),(m + 1)) = Comput ((p +* (I ";" J)),(Initialized s),(m + 1)) by A6, A7, A8, A9, NAT_1:13; ::_thesis: verum end; A14: S1[ 0 ] ; thus for k being Element of NAT holds S1[k] from NAT_1:sch_1(A14, A3); ::_thesis: verum end; theorem Th15: :: SCM_HALT:15 for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) set D = Data-Locations ; let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) let J be InitHalting Program of SCM+FSA; ::_thesis: for s being State of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) let s be State of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p implies ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) ) set s1 = s +* EP; set p1 = p +* I; set s3 = (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)); set p3 = (p +* I) +* J; set m1 = LifeSpan ((p +* I),s); set m3 = LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)))); A1: J c= (p +* I) +* J by FUNCT_4:25; assume A2: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: ( not I ";" J c= p or ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) ) then A3: s = Initialized s by FUNCT_4:98; assume A4: I ";" J c= p ; ::_thesis: ( IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I & DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) then A5: p +* (I ";" J) = p by FUNCT_4:98; A6: I c= p +* I by FUNCT_4:25; set s4 = Comput (p,s,((LifeSpan ((p +* I),s)) + 1)); set p4 = p; A7: Directed I c= I ";" J by SCMFSA6A:16; then A8: Directed I c= p by A4, XBOOLE_1:1; A9: p = p +* (Directed I) by A4, A7, FUNCT_4:98, XBOOLE_1:1; reconsider m = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))) as Element of NAT ; A10: dom (Directed I) = dom I by FUNCT_4:99; A11: (p +* I) +* (Directed I) = p +* (I +* (Directed I)) by FUNCT_4:14 .= p by A9, A10, FUNCT_4:19 ; A12: Initialize ((intloc 0) .--> 1) c= (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; then dom (Initialize ((intloc 0) .--> 1)) c= dom ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by GRFUNC_1:2; then A13: dom (Initialize ((intloc 0) .--> 1)) c= the carrier of SCM+FSA by PARTFUN1:def_2; A14: Reloc (J,(card I)) c= I ";" J by FUNCT_4:25; A15: I c= p +* I by FUNCT_4:25; then A16: p +* I halts_on s by Def2, A2; hence A17: IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I by A2, Th11, A8; ::_thesis: ( DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) & Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) A18: now__::_thesis:_for_x_being_set_st_x_in_dom_(DataPart_(Initialize_((intloc_0)_.-->_1)))_holds_ (DataPart_(Initialize_((intloc_0)_.-->_1)))_._x_=_(DataPart_(Comput_((p_+*_I),s,(LifeSpan_((p_+*_I),s)))))_._x let x be set ; ::_thesis: ( x in dom (DataPart (Initialize ((intloc 0) .--> 1))) implies (DataPart (Initialize ((intloc 0) .--> 1))) . b1 = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 ) assume x in dom (DataPart (Initialize ((intloc 0) .--> 1))) ; ::_thesis: (DataPart (Initialize ((intloc 0) .--> 1))) . b1 = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 then A19: x in (dom (Initialize ((intloc 0) .--> 1))) /\ (Data-Locations ) by RELAT_1:61; then x in dom (Initialize ((intloc 0) .--> 1)) by XBOOLE_0:def_4; then A20: x in {(IC ),(intloc 0)} by Lm3, ENUMSET1:1; A21: x in Data-Locations by A19, XBOOLE_0:def_4; percases ( x = intloc 0 or x = IC ) by A20, TARSKI:def_2; supposeA22: x = intloc 0 ; ::_thesis: (DataPart (Initialize ((intloc 0) .--> 1))) . b1 = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 thus (DataPart (Initialize ((intloc 0) .--> 1))) . x = 1 by A22, A21, FUNCT_1:49, SCMFSA_M:12 .= (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) . x by A22, Def3, A6, A2 .= (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . x by A21, FUNCT_1:49 ; ::_thesis: verum end; suppose x = IC ; ::_thesis: (DataPart (Initialize ((intloc 0) .--> 1))) . b1 = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 then not x in Data-Locations by STRUCT_0:3; hence (DataPart (Initialize ((intloc 0) .--> 1))) . x = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . x by A19, XBOOLE_0:def_4; ::_thesis: verum end; end; end; A23: (p +* I) +* J halts_on (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by Def2, A1, A12; dom (DataPart (Initialize ((intloc 0) .--> 1))) = (dom (Initialize ((intloc 0) .--> 1))) /\ (Data-Locations ) by RELAT_1:61; then dom (DataPart (Initialize ((intloc 0) .--> 1))) c= the carrier of SCM+FSA /\ (Data-Locations ) by A13, XBOOLE_1:26; then dom (DataPart (Initialize ((intloc 0) .--> 1))) c= (dom (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) /\ (Data-Locations ) by PARTFUN1:def_2; then A24: dom (DataPart (Initialize ((intloc 0) .--> 1))) c= dom (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) by RELAT_1:61; A25: DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) +* (DataPart (Initialize ((intloc 0) .--> 1))) by FUNCT_4:71; A26: DataPart (Initialize ((intloc 0) .--> 1)) c= DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) by A18, A24, GRFUNC_1:2; A27: DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by A26, A25, FUNCT_4:98; A28: p +* I halts_on s by A2, Def2, A15; DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by A27, A3, A16, Th14, A5; hence A29: DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by A2, Th12, A8, A28; ::_thesis: ( Reloc (J,(card I)) c= p & (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) thus Reloc (J,(card I)) c= p by A4, A14, XBOOLE_1:1; ::_thesis: ( (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = 1 & p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) A30: Reloc (J,(card I)) c= p by A14, A4, XBOOLE_1:1; intloc 0 in Int-Locations by AMI_2:def_16; then A31: intloc 0 in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; hence (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) . (intloc 0) = (DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)))) . (intloc 0) by A29, FUNCT_1:49 .= ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) . (intloc 0) by A31, FUNCT_1:49 .= 1 by FUNCT_4:13, SCMFSA_M:10, SCMFSA_M:12 ; ::_thesis: ( p halts_on s & LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) A32: Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))) = Comput (p,(Comput (p,s,((LifeSpan ((p +* I),s)) + 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)))))) by EXTPRO_1:4; A33: Initialize ((intloc 0) .--> 1) c= (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; then IncAddr ((CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))))),(card I)) = CurInstr (p,(Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))))) by A32, A17, A29, Th6, A1, A30; then A34: CurInstr (p,(Comput (p,s,m))) = IncAddr ((halt SCM+FSA),(card I)) by A23, EXTPRO_1:def_15 .= halt SCM+FSA by COMPOS_0:4 ; hence A35: p halts_on s by EXTPRO_1:29; ::_thesis: ( LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) & ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) ) A36: now__::_thesis:_for_k_being_Element_of_NAT_st_((LifeSpan_((p_+*_I),s))_+_1)_+_k_<_m_holds_ not_CurInstr_(p,(Comput_(p,s,(((LifeSpan_((p_+*_I),s))_+_1)_+_k))))_=_halt_SCM+FSA let k be Element of NAT ; ::_thesis: ( ((LifeSpan ((p +* I),s)) + 1) + k < m implies not CurInstr (p,(Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + k)))) = halt SCM+FSA ) assume ((LifeSpan ((p +* I),s)) + 1) + k < m ; ::_thesis: not CurInstr (p,(Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + k)))) = halt SCM+FSA then A37: k < LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)))) by XREAL_1:6; assume A38: CurInstr (p,(Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + k)))) = halt SCM+FSA ; ::_thesis: contradiction A39: IncAddr ((CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I)) = CurInstr (p,(Comput (p,(Comput (p,s,((LifeSpan ((p +* I),s)) + 1))),k))) by A17, A29, A33, Th6, A1, A30 .= halt SCM+FSA by A38, EXTPRO_1:4 ; InsCode (halt SCM+FSA) = 0 by COMPOS_1:70; then InsCode (CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),k)))) = 0 by COMPOS_0:def_9, A39; then CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),k))) = halt SCM+FSA by SCMFSA_2:95; hence contradiction by A23, A37, EXTPRO_1:def_15; ::_thesis: verum end; now__::_thesis:_for_k_being_Element_of_NAT_st_k_<_m_holds_ CurInstr_(p,(Comput_(p,s,k)))_<>_halt_SCM+FSA let k be Element of NAT ; ::_thesis: ( k < m implies CurInstr (p,(Comput (p,s,b1))) <> halt SCM+FSA ) assume A40: k < m ; ::_thesis: CurInstr (p,(Comput (p,s,b1))) <> halt SCM+FSA percases ( k <= LifeSpan ((p +* I),s) or LifeSpan ((p +* I),s) < k ) ; suppose k <= LifeSpan ((p +* I),s) ; ::_thesis: CurInstr (p,(Comput (p,s,b1))) <> halt SCM+FSA hence CurInstr (p,(Comput (p,s,k))) <> halt SCM+FSA by Th13, A11, A2, FUNCT_4:25; ::_thesis: verum end; suppose LifeSpan ((p +* I),s) < k ; ::_thesis: CurInstr (p,(Comput (p,s,b1))) <> halt SCM+FSA then (LifeSpan ((p +* I),s)) + 1 <= k by NAT_1:13; then consider kk being Nat such that A41: ((LifeSpan ((p +* I),s)) + 1) + kk = k by NAT_1:10; reconsider kk = kk as Element of NAT by ORDINAL1:def_12; ((LifeSpan ((p +* I),s)) + 1) + kk = k by A41; hence CurInstr (p,(Comput (p,s,k))) <> halt SCM+FSA by A36, A40; ::_thesis: verum end; end; end; then A42: for k being Element of NAT st CurInstr (p,(Comput (p,s,k))) = halt SCM+FSA holds m <= k ; then A43: LifeSpan (p,s) = m by A34, A35, EXTPRO_1:def_15; I c= p +* I by FUNCT_4:25; then A44: p +* I halts_on s by Def2, A2; Comput ((p +* I),s,(LifeSpan ((p +* I),s))) = Result ((p +* I),s) by A44, EXTPRO_1:23; hence LifeSpan (p,s) = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))))) by A42, A34, A35, EXTPRO_1:def_15; ::_thesis: ( J is keeping_0 implies (Result (p,s)) . (intloc 0) = 1 ) A45: Initialize ((intloc 0) .--> 1) c= (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; A46: DataPart (Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))) = DataPart (Comput (p,(Comput (p,s,((LifeSpan ((p +* I),s)) + 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))) by A17, A29, A33, Th6, A1, A30; assume A47: J is keeping_0 ; ::_thesis: (Result (p,s)) . (intloc 0) = 1 thus (Result (p,s)) . (intloc 0) = (Comput (p,s,m)) . (intloc 0) by A35, A43, EXTPRO_1:23 .= (Comput (p,(Comput (p,s,((LifeSpan ((p +* I),s)) + 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))) . (intloc 0) by EXTPRO_1:4 .= (Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))) . (intloc 0) by A46, SCMFSA_M:2 .= ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) . (intloc 0) by A47, A1, SCMFSA6B:def_4 .= 1 by A45, GRFUNC_1:2, SCMFSA_M:10, SCMFSA_M:12 ; ::_thesis: verum end; registration let I be InitHalting keepInt0_1 Program of SCM+FSA; let J be InitHalting Program of SCM+FSA; clusterI ";" J -> InitHalting ; coherence I ";" J is InitHalting proof set D = Data-Locations ; let s be State of SCM+FSA; :: according to SCM_HALT:def_2 ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for P being Instruction-Sequence of SCM+FSA st I ";" J c= P holds P halts_on s ) assume A1: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for P being Instruction-Sequence of SCM+FSA st I ";" J c= P holds P halts_on s then A2: s = Initialized s by FUNCT_4:98; let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I ";" J c= p implies p halts_on s ) assume A3: I ";" J c= p ; ::_thesis: p halts_on s A4: p = p +* (I ";" J) by A3, FUNCT_4:98; set p1 = p +* I; set s3 = (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)); set p3 = (p +* I) +* J; A5: J c= (p +* I) +* J by FUNCT_4:25; set m1 = LifeSpan ((p +* I),s); set s4 = Comput (p,s,((LifeSpan ((p +* I),s)) + 1)); A6: I c= p +* I by FUNCT_4:25; A7: Reloc (J,(card I)) c= I ";" J by FUNCT_4:25; set m3 = LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)))); A8: dom (DataPart (Initialize ((intloc 0) .--> 1))) = (dom (Initialize ((intloc 0) .--> 1))) /\ (Data-Locations ) by RELAT_1:61; reconsider m = ((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))) as Element of NAT ; A9: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; I c= p +* I by FUNCT_4:25; then A10: p +* I halts_on Initialized s by Def2, A9; A11: now__::_thesis:_for_x_being_set_st_x_in_dom_(DataPart_(Initialize_((intloc_0)_.-->_1)))_holds_ (DataPart_(Comput_((p_+*_I),s,(LifeSpan_((p_+*_I),s)))))_._x_=_(DataPart_(Initialize_((intloc_0)_.-->_1)))_._x let x be set ; ::_thesis: ( x in dom (DataPart (Initialize ((intloc 0) .--> 1))) implies (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 = (DataPart (Initialize ((intloc 0) .--> 1))) . b1 ) DataPart (Initialize ((intloc 0) .--> 1)) c= Initialize ((intloc 0) .--> 1) by RELAT_1:59; then A12: dom (DataPart (Initialize ((intloc 0) .--> 1))) c= dom (Initialize ((intloc 0) .--> 1)) by RELAT_1:11; assume A13: x in dom (DataPart (Initialize ((intloc 0) .--> 1))) ; ::_thesis: (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 = (DataPart (Initialize ((intloc 0) .--> 1))) . b1 then x in dom (Initialize ((intloc 0) .--> 1)) by A12; then A14: x in {(intloc 0),(IC )} by Lm3, ENUMSET1:1; percases ( x = intloc 0 or x = IC ) by A14, TARSKI:def_2; supposeA15: x = intloc 0 ; ::_thesis: (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 = (DataPart (Initialize ((intloc 0) .--> 1))) . b1 then x in Int-Locations by AMI_2:def_16; then A16: x in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; hence (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . x = (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) . x by FUNCT_1:49 .= 1 by A1, A15, Def3, A6 .= (DataPart (Initialize ((intloc 0) .--> 1))) . x by A16, A15, FUNCT_1:49, SCMFSA_M:12 ; ::_thesis: verum end; supposeA17: x = IC ; ::_thesis: (DataPart (Initialize ((intloc 0) .--> 1))) . b1 = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . b1 dom (DataPart (Initialize ((intloc 0) .--> 1))) c= Data-Locations by RELAT_1:58; hence (DataPart (Initialize ((intloc 0) .--> 1))) . x = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) . x by A17, A13, STRUCT_0:3; ::_thesis: verum end; end; end; take m ; :: according to EXTPRO_1:def_8 ::_thesis: ( IC (Comput (p,s,m)) in dom p & CurInstr (p,(Comput (p,s,m))) = halt SCM+FSA ) IC (Comput (p,s,m)) in NAT ; hence IC (Comput (p,s,m)) in dom p by PARTFUN1:def_2; ::_thesis: CurInstr (p,(Comput (p,s,m))) = halt SCM+FSA Directed I c= I ";" J by SCMFSA6A:16; then A18: Directed I c= p by A3, XBOOLE_1:1; Initialize ((intloc 0) .--> 1) c= (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; then dom (Initialize ((intloc 0) .--> 1)) c= dom ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by GRFUNC_1:2; then dom (Initialize ((intloc 0) .--> 1)) c= the carrier of SCM+FSA by PARTFUN1:def_2; then dom (DataPart (Initialize ((intloc 0) .--> 1))) c= the carrier of SCM+FSA /\ (Data-Locations ) by A8, XBOOLE_1:26; then dom (DataPart (Initialize ((intloc 0) .--> 1))) c= (dom (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) /\ (Data-Locations ) by PARTFUN1:def_2; then dom (DataPart (Initialize ((intloc 0) .--> 1))) c= dom (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) by RELAT_1:61; then DataPart (Initialize ((intloc 0) .--> 1)) c= DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) by A11, GRFUNC_1:2; then A19: DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) = (DataPart (Comput ((p +* I),s,(LifeSpan ((p +* I),s))))) +* (DataPart (Initialize ((intloc 0) .--> 1))) by FUNCT_4:98 .= DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by FUNCT_4:71 ; A20: DataPart (Comput (p,s,(LifeSpan ((p +* I),s)))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by A19, A2, A4, A10, Th14; I c= p +* I by FUNCT_4:25; then A21: p +* I halts_on s by A1, Def2; then A22: DataPart (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = DataPart ((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))) by A1, Th12, A20, A18; A23: Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))) = Comput (p,(Comput (p,s,((LifeSpan ((p +* I),s)) + 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)))))) by EXTPRO_1:4; A24: Reloc (J,(card I)) c= p by A7, A3, XBOOLE_1:1; A25: Initialize ((intloc 0) .--> 1) c= (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; A26: IC (Comput (p,s,((LifeSpan ((p +* I),s)) + 1))) = card I by A21, A18, Th11, A1; A27: IncAddr ((CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))),(LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))))),(card I)) = CurInstr (p,(Comput (p,s,(((LifeSpan ((p +* I),s)) + 1) + (LifeSpan (((p +* I) +* J),((Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1))))))))) by A23, A25, A5, A24, Th6, A26, A22; (p +* I) +* J halts_on (Comput ((p +* I),s,(LifeSpan ((p +* I),s)))) +* (Initialize ((intloc 0) .--> 1)) by A5, Def2, A25; then CurInstr (p,(Comput (p,s,m))) = IncAddr ((halt SCM+FSA),(card I)) by A27, EXTPRO_1:def_15 .= halt SCM+FSA by COMPOS_0:4 ; hence CurInstr (p,(Comput (p,s,m))) = halt SCM+FSA ; ::_thesis: verum end; end; theorem Th16: :: SCM_HALT:16 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being keepInt0_1 Program of SCM+FSA st p +* I halts_on s holds for J being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being keepInt0_1 Program of SCM+FSA st p +* I halts_on s holds for J being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being keepInt0_1 Program of SCM+FSA st p +* I halts_on s holds for J being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) let I be keepInt0_1 Program of SCM+FSA; ::_thesis: ( p +* I halts_on s implies for J being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) ) assume A1: p +* I halts_on s ; ::_thesis: for J being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p holds for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) let J be InitClosed Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I ";" J c= p implies for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) ) set sISA0 = s +* (Initialize ((intloc 0) .--> 1)); set pISA0 = p +* I; A2: I c= p +* I by FUNCT_4:25; A3: Initialize ((intloc 0) .--> 1) c= s +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; set RI = Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1)))); set pRI = p +* I; set RIJ = (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)); set pRIJ = (p +* I) +* J; set sIJSA0 = Initialized s; set pIJSA0 = p +* (I ";" J); defpred S1[ Nat] means (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),$1)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),$1))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + $1)); assume A4: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: ( not I ";" J c= p or for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) ) then A5: s = Initialized s by FUNCT_4:98; assume A6: I ";" J c= p ; ::_thesis: for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) then A7: p +* (I ";" J) = p by FUNCT_4:98; A8: for k being Element of NAT st S1[k] holds S1[k + 1] proof let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) set k1 = k + 1; set CRk = Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k); set CRSk = IncIC ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)),(card I)); set CIJk = Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)); set CRk1 = Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)); set CRSk1 = (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA)); set CIJk1 = Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1))); assume A9: (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)) ; ::_thesis: S1[k + 1] A10: IncAddr ((CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I)) = CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) proof A11: J c= (p +* I) +* J by FUNCT_4:25; A12: Initialize ((intloc 0) .--> 1) c= (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; A13: Reloc (J,(card I)) c= I ";" J by FUNCT_4:25; I ";" J c= p +* (I ";" J) by FUNCT_4:25; then A14: Reloc (J,(card I)) c= p +* (I ";" J) by A13, XBOOLE_1:1; A15: (p +* (I ";" J)) /. (IC (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) = (p +* (I ";" J)) . (IC (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) by PBOOLE:143; A16: CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) = (p +* (I ";" J)) . ((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)) by A9, A15, FUNCT_4:113; reconsider ii = IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)) as Element of NAT ; A17: IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)) in dom J by Def1, A11, A12; then A18: ii in dom (IncAddr (J,(card I))) by COMPOS_1:def_21; then A19: (Shift ((IncAddr (J,(card I))),(card I))) . ((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)) = (IncAddr (J,(card I))) . ii by VALUED_1:def_12 .= IncAddr ((J /. ii),(card I)) by A17, COMPOS_1:def_21 ; dom (Shift ((IncAddr (J,(card I))),(card I))) = { (il + (card I)) where il is Element of NAT : il in dom (IncAddr (J,(card I))) } by VALUED_1:def_12; then A20: (IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I) in dom (Shift ((IncAddr (J,(card I))),(card I))) by A18; A21: J /. ii = J . (IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) by A17, PARTFUN1:def_6 .= ((p +* I) +* J) . (IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) by A17, A11, GRFUNC_1:2 ; CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) = ((p +* I) +* J) . (IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))) by PBOOLE:143; hence IncAddr ((CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I)) = CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) by A16, A19, A20, A21, A14, GRFUNC_1:2; ::_thesis: verum end; A22: Exec ((CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k))))),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) = Exec ((IncAddr ((CurInstr (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I))),(IncIC ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)),(card I)))) by A9, A10; then A23: Exec ((CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k))))),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) = IncIC ((Following (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I)) by AMISTD_5:4; Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1))) = Comput ((p +* (I ";" J)),(Initialized s),((((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k) + 1)) ; then A24: Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1))) = Following ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + k)))) by EXTPRO_1:3; A25: now__::_thesis:_for_a_being_Int-Location_holds_((Comput_(((p_+*_I)_+*_J),((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(k_+_1)))_+*_(Start-At_(((IC_(Comput_(((p_+*_I)_+*_J),((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(k_+_1))))_+_(card_I)),SCM+FSA)))_._a_=_(Comput_((p_+*_(I_";"_J)),(Initialized_s),(((LifeSpan_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+_1)_+_(k_+_1))))_._a let a be Int-Location; ::_thesis: ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA))) . a = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1)))) . a thus ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA))) . a = (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) . a by SCMFSA_3:3 .= (Following (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))) . a by EXTPRO_1:3 .= (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1)))) . a by A24, A23, SCMFSA_3:3 ; ::_thesis: verum end; A26: now__::_thesis:_for_f_being_FinSeq-Location_holds_((Comput_(((p_+*_I)_+*_J),((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(k_+_1)))_+*_(Start-At_(((IC_(Comput_(((p_+*_I)_+*_J),((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(k_+_1))))_+_(card_I)),SCM+FSA)))_._f_=_(Comput_((p_+*_(I_";"_J)),(Initialized_s),(((LifeSpan_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+_1)_+_(k_+_1))))_._f let f be FinSeq-Location ; ::_thesis: ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA))) . f = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1)))) . f thus ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA))) . f = (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) . f by SCMFSA_3:4 .= (Following (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))) . f by EXTPRO_1:3 .= (IncIC ((Following (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I))) . f by SCMFSA_3:4 .= (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1)))) . f by A24, A22, AMISTD_5:4 ; ::_thesis: verum end; IC ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA))) = (IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I) by FUNCT_4:113 .= (IC (Following (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k))))) + (card I) by EXTPRO_1:3 ; then IC ((Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1))) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(k + 1)))) + (card I)),SCM+FSA))) = IC (IncIC ((Following (((p +* I) +* J),(Comput (((p +* I) +* J),((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),k)))),(card I))) by FUNCT_4:113 .= IC (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (k + 1)))) by A24, A22, AMISTD_5:4 ; hence S1[k + 1] by A25, A26, SCMFSA_2:61; ::_thesis: verum end; A27: s +* (Initialize ((intloc 0) .--> 1)) = s by A4, FUNCT_4:98; A28: Directed I c= I ";" J by SCMFSA6A:16; A29: Directed I c= p by A28, A6, XBOOLE_1:1; A30: now__::_thesis:_(_IC_(IncIC_(((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(card_I)))_=_IC_(Comput_((p_+*_(I_";"_J)),(Initialized_s),(((LifeSpan_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+_1)_+_0)))_&_(_for_a_being_Int-Location_holds_(IncIC_(((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(card_I)))_._a_=_(Comput_((p_+*_(I_";"_J)),(Initialized_s),(((LifeSpan_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+_1)_+_0)))_._a_)_&_(_for_f_being_FinSeq-Location_holds_(IncIC_(((Result_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+*_(Initialize_((intloc_0)_.-->_1))),(card_I)))_._f_=_(Comput_((p_+*_(I_";"_J)),(Initialized_s),(((LifeSpan_((p_+*_I),(s_+*_(Initialize_((intloc_0)_.-->_1)))))_+_1)_+_0)))_._f_)_) set s2 = Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0)); set s1 = IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I)); reconsider RIJ1 = (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* ((intloc 0) .--> 1) as State of SCM+FSA ; A31: (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)) = Initialize RIJ1 by FUNCT_4:14; thus IC (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) = (IC ((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)))) + (card I) by FUNCT_4:113 .= 0 + (card I) by A31, FUNCT_4:113 .= IC (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) by A1, A27, Th11, A29, A7, FUNCT_4:25 ; ::_thesis: ( ( for a being Int-Location holds (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . a = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . a ) & ( for f being FinSeq-Location holds (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . f = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . f ) ) A32: DataPart (Comput (p,s,(LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))))) = DataPart (Comput (p,s,((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1))) by A1, A5, Th12, A29, FUNCT_4:25; hereby ::_thesis: for f being FinSeq-Location holds (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . f = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . f let a be Int-Location; ::_thesis: (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . b1 = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . b1 not a in dom (Start-At (((IC ((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)))) + (card I)),SCM+FSA)) by SCMFSA_2:102; then A33: (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . a = ((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))) . a by FUNCT_4:11; A34: (Comput ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))),(LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))))) . a = (Comput ((p +* (I ";" J)),(Initialized s),(LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))))) . a by A1, A27, Th14 .= (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . a by A5, A32, A7, SCMFSA_M:2 ; percases ( a <> intloc 0 or a = intloc 0 ) ; supposeA35: a <> intloc 0 ; ::_thesis: (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . b1 = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . b1 a <> IC by SCMFSA_2:56; then not a in dom (Initialize ((intloc 0) .--> 1)) by A35, SCMFSA_M:11, TARSKI:def_2; hence (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . a = (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) . a by A33, FUNCT_4:11 .= (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . a by A1, A27, A34, EXTPRO_1:23 ; ::_thesis: verum end; supposeA36: a = intloc 0 ; ::_thesis: (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . b1 = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . b1 then a in dom (Initialize ((intloc 0) .--> 1)) by SCMFSA_M:11, TARSKI:def_2; hence (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . a = 1 by A36, A33, FUNCT_4:13, SCMFSA_M:12 .= (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . a by A34, A36, Def3, A2, A3 ; ::_thesis: verum end; end; end; let f be FinSeq-Location ; ::_thesis: (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . f = (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . f ( f <> intloc 0 & f <> IC ) by SCMFSA_2:57, SCMFSA_2:58; then A37: not f in dom (Initialize ((intloc 0) .--> 1)) by SCMFSA_M:11, TARSKI:def_2; not f in dom (Start-At (((IC ((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)))) + (card I)),SCM+FSA)) by SCMFSA_2:103; hence (IncIC (((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))),(card I))) . f = ((Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))) . f by FUNCT_4:11 .= (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) . f by A37, FUNCT_4:11 .= (Comput ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))),(LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))))) . f by A1, A27, EXTPRO_1:23 .= (Comput ((p +* (I ";" J)),(Initialized s),(LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))))) . f by A1, A27, Th14 .= (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + 0))) . f by A5, A32, A7, SCMFSA_M:2 ; ::_thesis: verum end; A38: S1[ 0 ] by A30, SCMFSA_2:61; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A38, A8); hence for k being Element of NAT holds (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),k))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),s)) + 1) + k)) by A27; ::_thesis: verum end; theorem Th17: :: SCM_HALT:17 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being keepInt0_1 Program of SCM+FSA st not p +* I halts_on Initialized s holds for J being Program of SCM+FSA for k being Element of NAT holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being keepInt0_1 Program of SCM+FSA st not p +* I halts_on Initialized s holds for J being Program of SCM+FSA for k being Element of NAT holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being keepInt0_1 Program of SCM+FSA st not p +* I halts_on Initialized s holds for J being Program of SCM+FSA for k being Element of NAT holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) let I be keepInt0_1 Program of SCM+FSA; ::_thesis: ( not p +* I halts_on Initialized s implies for J being Program of SCM+FSA for k being Element of NAT holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) ) assume A1: not p +* I halts_on Initialized s ; ::_thesis: for J being Program of SCM+FSA for k being Element of NAT holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) set s1 = Initialized s; set p1 = p +* I; A2: I c= p +* I by FUNCT_4:25; A3: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; let J be Program of SCM+FSA; ::_thesis: for k being Element of NAT holds Comput ((p +* I),(Initialized s),k) = Comput ((p +* (I ";" J)),(Initialized s),k) set s2 = Initialized s; set p2 = p +* (I ";" J); A4: I ";" J c= p +* (I ";" J) by FUNCT_4:25; defpred S1[ Nat] means Comput ((p +* I),(Initialized s),$1) = Comput ((p +* (I ";" J)),(Initialized s),$1); A5: for m being Element of NAT st S1[m] holds S1[m + 1] proof dom (I ";" J) = (dom (Directed I)) \/ (dom (Reloc (J,(card I)))) by FUNCT_4:def_1 .= (dom I) \/ (dom (Reloc (J,(card I)))) by FUNCT_4:99 ; then A6: dom I c= dom (I ";" J) by XBOOLE_1:7; set sx = Initialized s; set px = p +* (I ";" J); let m be Element of NAT ; ::_thesis: ( S1[m] implies S1[m + 1] ) A7: Comput ((p +* I),(Initialized s),(m + 1)) = Following ((p +* I),(Comput ((p +* I),(Initialized s),m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m)))),(Comput ((p +* I),(Initialized s),m))) ; A8: Comput ((p +* (I ";" J)),(Initialized s),(m + 1)) = Following ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),m)))),(Comput ((p +* (I ";" J)),(Initialized s),m))) ; assume A9: Comput ((p +* I),(Initialized s),m) = Comput ((p +* (I ";" J)),(Initialized s),m) ; ::_thesis: S1[m + 1] A10: IC (Comput ((p +* I),(Initialized s),m)) in dom I by Def1, A2, A3; A11: (p +* I) /. (IC (Comput ((p +* I),(Initialized s),m))) = (p +* I) . (IC (Comput ((p +* I),(Initialized s),m))) by PBOOLE:143; A12: (p +* (I ";" J)) /. (IC (Comput ((p +* (I ";" J)),(Initialized s),m))) = (p +* (I ";" J)) . (IC (Comput ((p +* (I ";" J)),(Initialized s),m))) by PBOOLE:143; A13: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = I . (IC (Comput ((p +* I),(Initialized s),m))) by A10, A11, A2, GRFUNC_1:2; then I . (IC (Comput ((p +* I),(Initialized s),m))) <> halt SCM+FSA by A1, EXTPRO_1:29; then CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = (I ";" J) . (IC (Comput ((p +* I),(Initialized s),m))) by A10, A13, SCMFSA6A:15 .= CurInstr ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),m))) by A9, A10, A6, A12, A4, GRFUNC_1:2 ; hence S1[m + 1] by A9, A7, A8; ::_thesis: verum end; A14: S1[ 0 ] ; thus for k being Element of NAT holds S1[k] from NAT_1:sch_1(A14, A5); ::_thesis: verum end; theorem Th18: :: SCM_HALT:18 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds LifeSpan ((p +* (I ";" J)),(Initialized s)) = ((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1))))) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds LifeSpan ((p +* (I ";" J)),(Initialized s)) = ((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1))))) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds LifeSpan ((p +* (I ";" J)),(Initialized s)) = ((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1))))) let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA holds LifeSpan ((p +* (I ";" J)),(Initialized s)) = ((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1))))) let J be InitHalting Program of SCM+FSA; ::_thesis: LifeSpan ((p +* (I ";" J)),(Initialized s)) = ((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1))))) set inI = Initialize ((intloc 0) .--> 1); set inIJ = Initialize ((intloc 0) .--> 1); set inJ = Initialize ((intloc 0) .--> 1); A1: ( Initialize ((intloc 0) .--> 1) c= (Result (((p +* (I ";" J)) +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)) & Initialize ((intloc 0) .--> 1) c= (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)) ) by FUNCT_4:25; A2: ( J c= ((p +* (I ";" J)) +* I) +* J & J c= (p +* I) +* J ) by FUNCT_4:25; A3: ( Initialize ((intloc 0) .--> 1) c= s +* (Initialize ((intloc 0) .--> 1)) & Initialize ((intloc 0) .--> 1) c= s +* (Initialize ((intloc 0) .--> 1)) ) by FUNCT_4:25; A4: ( I c= p +* I & I c= (p +* (I ";" J)) +* I ) by FUNCT_4:25; then A5: (Result (((p +* (I ";" J)) +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)) = (Result ((p +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1)) by Th8, A3; A6: I ";" J c= p +* (I ";" J) by FUNCT_4:25; Initialize ((intloc 0) .--> 1) c= s +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; then A7: LifeSpan ((p +* (I ";" J)),(s +* (Initialize ((intloc 0) .--> 1)))) = ((LifeSpan (((p +* (I ";" J)) +* I),(s +* (Initialize ((intloc 0) .--> 1))))) + 1) + (LifeSpan ((((p +* (I ";" J)) +* I) +* J),((Result (((p +* (I ";" J)) +* I),(s +* (Initialize ((intloc 0) .--> 1))))) +* (Initialize ((intloc 0) .--> 1))))) by Th15, A6; LifeSpan ((p +* I),(s +* (Initialize ((intloc 0) .--> 1)))) = LifeSpan (((p +* (I ";" J)) +* I),(s +* (Initialize ((intloc 0) .--> 1)))) by A3, Th8, A4; hence LifeSpan ((p +* (I ";" J)),(Initialized s)) = ((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),((Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1))))) by A7, A1, A5, Th8, A2; ::_thesis: verum end; theorem Th19: :: SCM_HALT:19 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) set D = Data-Locations ; set A = NAT ; let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA holds IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) let J be InitHalting Program of SCM+FSA; ::_thesis: IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) set s1 = Initialized s; set p1 = p +* I; A1: I c= p +* I by FUNCT_4:25; set p2 = p +* (I ";" J); A2: I ";" J c= p +* (I ";" J) by FUNCT_4:25; set s3 = Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))); set p3 = (p +* I) +* J; A3: Initialize ((intloc 0) .--> 1) c= Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by FUNCT_4:25; A4: J c= (p +* I) +* J by FUNCT_4:25; set m1 = LifeSpan ((p +* I),(Initialized s)); set m3 = LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))); A5: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; A6: I ";" J c= p +* (I ";" J) by FUNCT_4:25; A7: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; I c= p +* I by FUNCT_4:25; then A8: p +* I halts_on Initialized s by Def2, A7; A9: Initialize ((intloc 0) .--> 1) c= Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by FUNCT_4:25; A10: ( IExec (I,p,s) = Result ((p +* I),(Initialized s)) & Initialize ((intloc 0) .--> 1) c= (Result ((p +* I),(Initialized s))) +* (Initialize ((intloc 0) .--> 1)) ) by FUNCT_4:25, SCMFSA6B:def_1; A11: J c= p +* J by FUNCT_4:25; A12: ( Initialize ((intloc 0) .--> 1) c= Initialized (IExec (I,p,s)) & Initialize ((intloc 0) .--> 1) c= Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) ) by FUNCT_4:25; A13: ( J c= p +* J & J c= (p +* I) +* J ) by FUNCT_4:25; A14: Initialize ((intloc 0) .--> 1) c= Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by FUNCT_4:25; A15: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; A16: I c= p +* I by FUNCT_4:25; p +* I halts_on Initialized s by A15, Def2, A16; then A17: Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) = Initialized (Result ((p +* I),(Initialized s))) by EXTPRO_1:23; A18: IC (Result (((p +* I) +* J),(Initialized (Result ((p +* I),(Initialized s)))))) = IC (Result ((p +* J),(Initialized (IExec (I,p,s))))) by A10, Th8, A11, A4; A19: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; A20: I c= (p +* (I ";" J)) +* I by FUNCT_4:25; A21: LifeSpan (((p +* (I ";" J)) +* I),(Initialized s)) = LifeSpan ((p +* I),(Initialized s)) by A19, Th8, A16, A20; Reloc (J,(card I)) c= I ";" J by FUNCT_4:25; then A22: Reloc (J,(card I)) c= p +* (I ";" J) by A2, XBOOLE_1:1; A23: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; A24: ((p +* (I ";" J)) +* I) +* (I ";" J) = (p +* (I ";" J)) +* (I +* (I ";" J)) by FUNCT_4:14 .= (p +* (I ";" J)) +* (I ";" J) by SCMFSA6A:18 .= p +* (I ";" J) .= p +* (I +* (I ";" J)) by SCMFSA6A:18 .= (p +* I) +* (I ";" J) by FUNCT_4:14 ; I c= (p +* (I ";" J)) +* I by FUNCT_4:25; then (p +* (I ";" J)) +* I halts_on Initialized s by Def2, A23; then DataPart (Comput (((p +* (I ";" J)) +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) = DataPart (Comput ((((p +* (I ";" J)) +* I) +* (I ";" J)),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by A19, A21, Th10, A20 .= DataPart (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by A15, A8, Th10, A1, A24 ; then A25: DataPart ((Comput (((p +* (I ";" J)) +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) +* (Initialize ((intloc 0) .--> 1))) = (DataPart (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) +* (DataPart (Initialize ((intloc 0) .--> 1))) by FUNCT_4:71 .= DataPart ((Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) +* (Initialize ((intloc 0) .--> 1))) by FUNCT_4:71 ; A26: ( IC (Comput ((p +* (I ";" J)),(Initialized s),((LifeSpan ((p +* I),(Initialized s))) + 1))) = card I & DataPart (Comput ((p +* (I ";" J)),(Initialized s),((LifeSpan ((p +* I),(Initialized s))) + 1))) = DataPart ((Comput (((p +* (I ";" J)) +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) +* (Initialize ((intloc 0) .--> 1))) ) by A5, A21, Th15, A6; then A27: DataPart (Comput ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),((LifeSpan ((p +* I),(Initialized s))) + 1))),(LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))))))) = DataPart (Comput (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))),(LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))))))) by A9, A25, Th6, A4, A22; A28: IC (Comput ((p +* (I ";" J)),(Comput ((p +* (I ";" J)),(Initialized s),((LifeSpan ((p +* I),(Initialized s))) + 1))),(LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))))))) = (IC (Comput (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))),(LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))))))) + (card I) by A26, A9, A25, Th6, A4, A22; A29: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; I ";" J c= p +* (I ";" J) by FUNCT_4:25; then A30: p +* (I ";" J) halts_on Initialized s by Def2, A29; A31: IExec ((I ";" J),p,s) = Result ((p +* (I ";" J)),(Initialized s)) by SCMFSA6B:def_1 .= Comput ((p +* (I ";" J)),(Initialized s),(LifeSpan ((p +* (I ";" J)),(Initialized s)))) by A30, EXTPRO_1:23 .= Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))))))) by A17, Th18 ; A32: p +* I halts_on Initialized s by A15, Def2, A1; IExec (I,p,s) = Result ((p +* I),(Initialized s)) by SCMFSA6B:def_1 .= Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))) by A32, EXTPRO_1:23 ; then A33: Result ((p +* J),((IExec (I,p,s)) +* (Initialize ((intloc 0) .--> 1)))) = Result (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))) by A12, Th8, A13; A34: (p +* I) +* J halts_on Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by Def2, A3, A4; A35: IExec (J,p,(IExec (I,p,s))) = Result ((p +* J),(Initialized (IExec (I,p,s)))) by SCMFSA6B:def_1 .= Comput (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))),(LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))))) by A33, A34, EXTPRO_1:23 ; A36: DataPart (IExec ((I ";" J),p,s)) = DataPart (IExec (J,p,(IExec (I,p,s)))) by A35, A27, A31, EXTPRO_1:4; A37: (p +* I) +* J halts_on Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by A14, Def2, A4; A38: p +* (I ";" J) halts_on Initialized s by A5, Def2, A2; p +* I halts_on Initialized s by A15, Def2, A1; then A39: Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) = Initialized (Result ((p +* I),(Initialized s))) by EXTPRO_1:23; A40: IC (IExec ((I ";" J),p,s)) = IC (Result ((p +* (I ";" J)),(Initialized s))) by SCMFSA6B:def_1 .= IC (Comput ((p +* (I ";" J)),(Initialized s),(LifeSpan ((p +* (I ";" J)),(Initialized s))))) by A38, EXTPRO_1:23 .= IC (Comput ((p +* (I ";" J)),(Initialized s),(((LifeSpan ((p +* I),(Initialized s))) + 1) + (LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))))))) by A17, Th18 .= (IC (Comput (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))),(LifeSpan (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))))))) + (card I) by A28, EXTPRO_1:4 .= (IC (Result (((p +* I) +* J),(Initialized (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))))))) + (card I) by A37, EXTPRO_1:23 .= (IC (IExec (J,p,(IExec (I,p,s))))) + (card I) by A18, A39, SCMFSA6B:def_1 ; hereby ::_thesis: verum reconsider l = (IC (IExec (J,p,(IExec (I,p,s))))) + (card I) as Element of NAT ; A41: dom (Start-At (l,SCM+FSA)) = {(IC )} by FUNCOP_1:13; A42: now__::_thesis:_for_x_being_set_st_x_in_dom_(IExec_((I_";"_J),p,s))_holds_ (IExec_((I_";"_J),p,s))_._x_=_(IncIC_((IExec_(J,p,(IExec_(I,p,s)))),(card_I)))_._x let x be set ; ::_thesis: ( x in dom (IExec ((I ";" J),p,s)) implies (IExec ((I ";" J),p,s)) . b1 = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . b1 ) assume A43: x in dom (IExec ((I ";" J),p,s)) ; ::_thesis: (IExec ((I ";" J),p,s)) . b1 = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . b1 percases ( x is Int-Location or x is FinSeq-Location or x = IC ) by A43, SCMFSA_M:1; supposeA44: x is Int-Location ; ::_thesis: (IExec ((I ";" J),p,s)) . b1 = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . b1 then x <> IC by SCMFSA_2:56; then A45: not x in dom (Start-At (l,SCM+FSA)) by A41, TARSKI:def_1; (IExec ((I ";" J),p,s)) . x = (IExec (J,p,(IExec (I,p,s)))) . x by A36, A44, SCMFSA_M:2; hence (IExec ((I ";" J),p,s)) . x = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . x by A45, FUNCT_4:11; ::_thesis: verum end; supposeA46: x is FinSeq-Location ; ::_thesis: (IExec ((I ";" J),p,s)) . b1 = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . b1 then x <> IC by SCMFSA_2:57; then A47: not x in dom (Start-At (l,SCM+FSA)) by A41, TARSKI:def_1; (IExec ((I ";" J),p,s)) . x = (IExec (J,p,(IExec (I,p,s)))) . x by A36, A46, SCMFSA_M:2; hence (IExec ((I ";" J),p,s)) . x = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . x by A47, FUNCT_4:11; ::_thesis: verum end; supposeA48: x = IC ; ::_thesis: (IExec ((I ";" J),p,s)) . b1 = (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . b1 then x in {(IC )} by TARSKI:def_1; then A49: x in dom (Start-At (l,SCM+FSA)) by FUNCOP_1:13; thus (IExec ((I ";" J),p,s)) . x = (Start-At (l,SCM+FSA)) . (IC ) by A40, A48, FUNCOP_1:72 .= (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) . x by A48, A49, FUNCT_4:13 ; ::_thesis: verum end; end; end; dom (IExec ((I ";" J),p,s)) = the carrier of SCM+FSA by PARTFUN1:def_2 .= dom (IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I))) by PARTFUN1:def_2 ; hence IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) by A42, FUNCT_1:2; ::_thesis: verum end; end; registration let i be parahalting Instruction of SCM+FSA; cluster Macro i -> InitHalting ; coherence Macro i is InitHalting ; end; registration let i be parahalting Instruction of SCM+FSA; let J be parahalting Program of SCM+FSA; clusteri ";" J -> InitHalting ; coherence i ";" J is InitHalting ; end; registration let i be parahalting keeping_0 Instruction of SCM+FSA; let J be InitHalting Program of SCM+FSA; clusteri ";" J -> InitHalting ; coherence i ";" J is InitHalting ; end; registration let I, J be keepInt0_1 Program of SCM+FSA; clusterI ";" J -> keepInt0_1 ; coherence I ";" J is keepInt0_1 proof let s be State of SCM+FSA; :: according to SCM_HALT:def_3 ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for p being Instruction-Sequence of SCM+FSA st I ";" J c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ) assume A1: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for p being Instruction-Sequence of SCM+FSA st I ";" J c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 then A2: Initialized s = s by FUNCT_4:98; let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I ";" J c= p implies for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ) assume A3: I ";" J c= p ; ::_thesis: for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 then A4: p +* (I ";" J) = p by FUNCT_4:98; A5: I c= p +* I by FUNCT_4:25; A6: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; percases ( p +* I halts_on Initialized s or not p +* I halts_on Initialized s ) ; supposeA7: p +* I halts_on Initialized s ; ::_thesis: for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 let k be Element of NAT ; ::_thesis: (Comput (p,s,k)) . (intloc 0) = 1 A8: Initialized s = s by A1, FUNCT_4:98; percases ( k <= LifeSpan ((p +* I),(Initialized s)) or k > LifeSpan ((p +* I),(Initialized s)) ) ; supposeA9: k <= LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: (Comput (p,s,k)) . (intloc 0) = 1 (Comput ((p +* I),(Initialized s),k)) . (intloc 0) = 1 by Def3, A5, A6; hence (Comput (p,s,k)) . (intloc 0) = 1 by A2, A7, A9, Th14, A4; ::_thesis: verum end; supposeA10: k > LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: (Comput (p,s,k)) . (intloc 0) = 1 set LS = LifeSpan ((p +* I),(Initialized s)); consider pp being Element of NAT such that A11: k = (LifeSpan ((p +* I),(Initialized s))) + pp and A12: 1 <= pp by A10, FINSEQ_4:84; consider r being Nat such that A13: pp = 1 + r by A12, NAT_1:10; reconsider r = r as Element of NAT by ORDINAL1:def_12; set Rr = Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r); set Sr = Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r))) + (card I)),SCM+FSA); A14: Initialize ((intloc 0) .--> 1) c= (Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:25; J c= (p +* I) +* J by FUNCT_4:25; then A15: (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r)) . (intloc 0) = 1 by Def3, A14; ( dom (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r))) + (card I)),SCM+FSA)) = {(IC )} & intloc 0 <> IC ) by FUNCOP_1:13, SCMFSA_2:56; then A16: not intloc 0 in dom (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r))) + (card I)),SCM+FSA)) by TARSKI:def_1; (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r)) +* (Start-At (((IC (Comput (((p +* I) +* J),((Result ((p +* I),s)) +* (Initialize ((intloc 0) .--> 1))),r))) + (card I)),SCM+FSA)) = Comput ((p +* (I ";" J)),s,(((LifeSpan ((p +* I),(Initialized s))) + 1) + r)) by A1, A7, A8, Th16, A3; hence (Comput (p,s,k)) . (intloc 0) = 1 by A11, A13, A15, A16, A4, FUNCT_4:11; ::_thesis: verum end; end; end; supposeA17: not p +* I halts_on Initialized s ; ::_thesis: for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 let k be Element of NAT ; ::_thesis: (Comput (p,s,k)) . (intloc 0) = 1 (Comput ((p +* I),(Initialized s),k)) . (intloc 0) = 1 by Def3, A5, A6; hence (Comput (p,s,k)) . (intloc 0) = 1 by A2, A4, A17, Th17; ::_thesis: verum end; end; end; end; registration let j be parahalting keeping_0 Instruction of SCM+FSA; let I be InitHalting keepInt0_1 Program of SCM+FSA; clusterI ";" j -> InitHalting keepInt0_1 ; coherence ( I ";" j is InitHalting & I ";" j is keepInt0_1 ) ; end; registration let i be parahalting keeping_0 Instruction of SCM+FSA; let J be InitHalting keepInt0_1 Program of SCM+FSA; clusteri ";" J -> InitHalting keepInt0_1 ; coherence ( i ";" J is InitHalting & i ";" J is keepInt0_1 ) ; end; registration let j be parahalting Instruction of SCM+FSA; let I be parahalting Program of SCM+FSA; clusterI ";" j -> InitHalting ; coherence I ";" j is InitHalting ; end; registration let i, j be parahalting Instruction of SCM+FSA; clusteri ";" j -> InitHalting ; coherence i ";" j is InitHalting ; end; theorem Th20: :: SCM_HALT:20 for s being State of SCM+FSA for a being Int-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a proof let s be State of SCM+FSA; ::_thesis: for a being Int-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a let a be Int-Location; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a let J be InitHalting Program of SCM+FSA; ::_thesis: (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a ( IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) & not a in dom (Start-At (((IC (IExec (J,p,(IExec (I,p,s))))) + (card I)),SCM+FSA)) ) by Th19, SCMFSA_2:102; hence (IExec ((I ";" J),p,s)) . a = (IExec (J,p,(IExec (I,p,s)))) . a by FUNCT_4:11; ::_thesis: verum end; theorem Th21: :: SCM_HALT:21 for s being State of SCM+FSA for f being FinSeq-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f proof let s be State of SCM+FSA; ::_thesis: for f being FinSeq-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f let f be FinSeq-Location ; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA holds (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f let J be InitHalting Program of SCM+FSA; ::_thesis: (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f ( IExec ((I ";" J),p,s) = IncIC ((IExec (J,p,(IExec (I,p,s)))),(card I)) & not f in dom (Start-At (((IC (IExec (J,p,(IExec (I,p,s))))) + (card I)),SCM+FSA)) ) by Th19, SCMFSA_2:103; hence (IExec ((I ";" J),p,s)) . f = (IExec (J,p,(IExec (I,p,s)))) . f by FUNCT_4:11; ::_thesis: verum end; theorem Th22: :: SCM_HALT:22 for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for s being State of SCM+FSA holds DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for s being State of SCM+FSA holds DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) set IF = Data-Locations ; let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) let s be State of SCM+FSA; ::_thesis: DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) set IE = IExec (I,p,s); now__::_thesis:_(_dom_(DataPart_(Initialized_(IExec_(I,p,s))))_=_(dom_(IExec_(I,p,s)))_/\_(Data-Locations_)_&_(_for_x_being_set_st_x_in_dom_(DataPart_(Initialized_(IExec_(I,p,s))))_holds_ (DataPart_(Initialized_(IExec_(I,p,s))))_._x_=_(IExec_(I,p,s))_._x_)_) A1: dom (Initialized (IExec (I,p,s))) = the carrier of SCM+FSA by PARTFUN1:def_2; A2: dom (Initialized (IExec (I,p,s))) = (Data-Locations ) \/ {(IC )} by MEMSTR_0:13; A3: dom (IExec (I,p,s)) = the carrier of SCM+FSA by PARTFUN1:def_2; hence dom (DataPart (Initialized (IExec (I,p,s)))) = (dom (IExec (I,p,s))) /\ (Data-Locations ) by A1, RELAT_1:61; ::_thesis: for x being set st x in dom (DataPart (Initialized (IExec (I,p,s)))) holds (DataPart (Initialized (IExec (I,p,s)))) . b2 = (IExec (I,p,s)) . b2 then A4: dom (DataPart (Initialized (IExec (I,p,s)))) = Data-Locations by A1, A3, A2, XBOOLE_1:21; let x be set ; ::_thesis: ( x in dom (DataPart (Initialized (IExec (I,p,s)))) implies (DataPart (Initialized (IExec (I,p,s)))) . b1 = (IExec (I,p,s)) . b1 ) assume A5: x in dom (DataPart (Initialized (IExec (I,p,s)))) ; ::_thesis: (DataPart (Initialized (IExec (I,p,s)))) . b1 = (IExec (I,p,s)) . b1 percases ( x in Int-Locations or x in FinSeq-Locations ) by A5, A4, SCMFSA_2:100, XBOOLE_0:def_3; suppose x in Int-Locations ; ::_thesis: (DataPart (Initialized (IExec (I,p,s)))) . b1 = (IExec (I,p,s)) . b1 then reconsider x9 = x as Int-Location by AMI_2:def_16; hereby ::_thesis: verum percases ( x9 is read-write or x9 is read-only ) ; supposeA6: x9 is read-write ; ::_thesis: (DataPart (Initialized (IExec (I,p,s)))) . x = (IExec (I,p,s)) . x thus (DataPart (Initialized (IExec (I,p,s)))) . x = (Initialized (IExec (I,p,s))) . x by A5, A4, FUNCT_1:49 .= (IExec (I,p,s)) . x by A6, SCMFSA_M:37 ; ::_thesis: verum end; suppose x9 is read-only ; ::_thesis: (DataPart (Initialized (IExec (I,p,s)))) . x = (IExec (I,p,s)) . x then A7: x9 = intloc 0 by SCMFSA_M:def_2; thus (DataPart (Initialized (IExec (I,p,s)))) . x = (Initialized (IExec (I,p,s))) . x9 by A5, A4, FUNCT_1:49 .= 1 by A7, SCMFSA_M:9 .= (IExec (I,p,s)) . x by A7, Th9 ; ::_thesis: verum end; end; end; end; suppose x in FinSeq-Locations ; ::_thesis: (DataPart (Initialized (IExec (I,p,s)))) . b1 = (IExec (I,p,s)) . b1 then reconsider x9 = x as FinSeq-Location by SCMFSA_2:def_5; thus (DataPart (Initialized (IExec (I,p,s)))) . x = (Initialized (IExec (I,p,s))) . x9 by A5, A4, FUNCT_1:49 .= (IExec (I,p,s)) . x by SCMFSA_M:37 ; ::_thesis: verum end; end; end; hence DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) by FUNCT_1:46; ::_thesis: verum end; theorem Th23: :: SCM_HALT:23 for s being State of SCM+FSA for a being Int-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . a = (Exec (j,(IExec (I,p,s)))) . a proof let s be State of SCM+FSA; ::_thesis: for a being Int-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . a = (Exec (j,(IExec (I,p,s)))) . a let a be Int-Location; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . a = (Exec (j,(IExec (I,p,s)))) . a let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . a = (Exec (j,(IExec (I,p,s)))) . a let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . a = (Exec (j,(IExec (I,p,s)))) . a let j be parahalting Instruction of SCM+FSA; ::_thesis: (IExec ((I ";" j),p,s)) . a = (Exec (j,(IExec (I,p,s)))) . a set Mj = Macro j; set SA = Start-At (((IC (IExec ((Macro j),p,(IExec (I,p,s))))) + (card I)),SCM+FSA); A1: not a in dom (Start-At (((IC (IExec ((Macro j),p,(IExec (I,p,s))))) + (card I)),SCM+FSA)) by SCMFSA_2:102; A2: DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) by Th22; a in Int-Locations by AMI_2:def_16; then A3: a in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; thus (IExec ((I ";" j),p,s)) . a = (IncIC ((IExec ((Macro j),p,(IExec (I,p,s)))),(card I))) . a by Th19 .= (IExec ((Macro j),p,(IExec (I,p,s)))) . a by A1, FUNCT_4:11 .= (Exec (j,(Initialized (IExec (I,p,s))))) . a by SCMFSA6C:5 .= (DataPart (Exec (j,(Initialized (IExec (I,p,s)))))) . a by A3, FUNCT_1:49 .= (DataPart (Exec (j,(IExec (I,p,s))))) . a by A2, SCMFSA6C:4 .= (Exec (j,(IExec (I,p,s)))) . a by A3, FUNCT_1:49 ; ::_thesis: verum end; theorem Th24: :: SCM_HALT:24 for s being State of SCM+FSA for f being FinSeq-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . f = (Exec (j,(IExec (I,p,s)))) . f proof let s be State of SCM+FSA; ::_thesis: for f being FinSeq-Location for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . f = (Exec (j,(IExec (I,p,s)))) . f let f be FinSeq-Location ; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . f = (Exec (j,(IExec (I,p,s)))) . f let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . f = (Exec (j,(IExec (I,p,s)))) . f let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for j being parahalting Instruction of SCM+FSA holds (IExec ((I ";" j),p,s)) . f = (Exec (j,(IExec (I,p,s)))) . f let j be parahalting Instruction of SCM+FSA; ::_thesis: (IExec ((I ";" j),p,s)) . f = (Exec (j,(IExec (I,p,s)))) . f set Mj = Macro j; set SA = Start-At (((IC (IExec ((Macro j),p,(IExec (I,p,s))))) + (card I)),SCM+FSA); A1: not f in dom (Start-At (((IC (IExec ((Macro j),p,(IExec (I,p,s))))) + (card I)),SCM+FSA)) by SCMFSA_2:103; A2: DataPart (Initialized (IExec (I,p,s))) = DataPart (IExec (I,p,s)) by Th22; f in FinSeq-Locations by SCMFSA_2:def_5; then A3: f in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; thus (IExec ((I ";" j),p,s)) . f = (IncIC ((IExec ((Macro j),p,(IExec (I,p,s)))),(card I))) . f by Th19 .= (IExec ((Macro j),p,(IExec (I,p,s)))) . f by A1, FUNCT_4:11 .= (Exec (j,(Initialized (IExec (I,p,s))))) . f by SCMFSA6C:5 .= (DataPart (Exec (j,(Initialized (IExec (I,p,s)))))) . f by A3, FUNCT_1:49 .= (DataPart (Exec (j,(IExec (I,p,s))))) . f by A2, SCMFSA6C:4 .= (Exec (j,(IExec (I,p,s)))) . f by A3, FUNCT_1:49 ; ::_thesis: verum end; definition let I be Program of SCM+FSA; let s be State of SCM+FSA; let p be Instruction-Sequence of SCM+FSA; predI is_closed_onInit s,p means :Def4: :: SCM_HALT:def 4 for k being Element of NAT holds IC (Comput ((p +* I),(Initialized s),k)) in dom I; predI is_halting_onInit s,p means :Def5: :: SCM_HALT:def 5 p +* I halts_on Initialized s; end; :: deftheorem Def4 defines is_closed_onInit SCM_HALT:def_4_:_ for I being Program of SCM+FSA for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds ( I is_closed_onInit s,p iff for k being Element of NAT holds IC (Comput ((p +* I),(Initialized s),k)) in dom I ); :: deftheorem Def5 defines is_halting_onInit SCM_HALT:def_5_:_ for I being Program of SCM+FSA for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds ( I is_halting_onInit s,p iff p +* I halts_on Initialized s ); theorem Th25: :: SCM_HALT:25 for I being Program of SCM+FSA holds ( I is InitClosed iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p ) proof let I be Program of SCM+FSA; ::_thesis: ( I is InitClosed iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p ) hereby ::_thesis: ( ( for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p ) implies I is InitClosed ) assume A1: I is InitClosed ; ::_thesis: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: I is_closed_onInit s,p A2: I c= p +* I by FUNCT_4:25; A3: Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; for k being Element of NAT holds IC (Comput ((p +* I),(Initialized s),k)) in dom I by A1, Def1, A2, A3; hence I is_closed_onInit s,p by Def4; ::_thesis: verum end; assume A4: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p ; ::_thesis: I is InitClosed now__::_thesis:_for_s_being_State_of_SCM+FSA for_p_being_Instruction-Sequence_of_SCM+FSA_st_I_c=_p_holds_ for_k_being_Element_of_NAT_st_Initialize_((intloc_0)_.-->_1)_c=_s_holds_ IC_(Comput_(p,s,k))_in_dom_I let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,k)) in dom I let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= p implies for k being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,k)) in dom I ) assume I c= p ; ::_thesis: for k being Element of NAT st Initialize ((intloc 0) .--> 1) c= s holds IC (Comput (p,s,k)) in dom I then A5: p +* I = p by FUNCT_4:98; let k be Element of NAT ; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies IC (Comput (p,s,k)) in dom I ) assume Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: IC (Comput (p,s,k)) in dom I then A6: s = Initialized s by FUNCT_4:98; I is_closed_onInit s,p by A4; hence IC (Comput (p,s,k)) in dom I by A6, Def4, A5; ::_thesis: verum end; hence I is InitClosed by Def1; ::_thesis: verum end; theorem Th26: :: SCM_HALT:26 for I being Program of SCM+FSA holds ( I is InitHalting iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p ) proof let I be Program of SCM+FSA; ::_thesis: ( I is InitHalting iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p ) hereby ::_thesis: ( ( for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p ) implies I is InitHalting ) assume A1: I is InitHalting ; ::_thesis: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: I is_halting_onInit s,p A2: I c= p +* I by FUNCT_4:25; Initialize ((intloc 0) .--> 1) c= Initialized s by FUNCT_4:25; then p +* I halts_on Initialized s by A2, Def2, A1; hence I is_halting_onInit s,p by Def5; ::_thesis: verum end; assume A3: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p ; ::_thesis: I is InitHalting now__::_thesis:_for_s_being_State_of_SCM+FSA_st_Initialize_((intloc_0)_.-->_1)_c=_s_holds_ for_p_being_Instruction-Sequence_of_SCM+FSA_st_I_c=_p_holds_ p_halts_on_s let s be State of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for p being Instruction-Sequence of SCM+FSA st I c= p holds p halts_on s ) assume Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for p being Instruction-Sequence of SCM+FSA st I c= p holds p halts_on s then A4: s = Initialized s by FUNCT_4:98; let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= p implies p halts_on s ) assume I c= p ; ::_thesis: p halts_on s then A5: p +* I = p by FUNCT_4:98; I is_halting_onInit s,p by A3; hence p halts_on s by A4, Def5, A5; ::_thesis: verum end; hence I is InitHalting by Def2; ::_thesis: verum end; theorem Th27: :: SCM_HALT:27 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for a being Int-Location st not I destroys a & I is_closed_onInit s,p & Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . a = s . a proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for a being Int-Location st not I destroys a & I is_closed_onInit s,p & Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . a = s . a let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being Int-Location st not I destroys a & I is_closed_onInit s,p & Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . a = s . a let I be Program of SCM+FSA; ::_thesis: for a being Int-Location st not I destroys a & I is_closed_onInit s,p & Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . a = s . a let a be Int-Location; ::_thesis: ( not I destroys a & I is_closed_onInit s,p & Initialize ((intloc 0) .--> 1) c= s & I c= p implies for k being Element of NAT holds (Comput (p,s,k)) . a = s . a ) assume A1: not I destroys a ; ::_thesis: ( not I is_closed_onInit s,p or not Initialize ((intloc 0) .--> 1) c= s or not I c= p or for k being Element of NAT holds (Comput (p,s,k)) . a = s . a ) defpred S1[ Nat] means (Comput (p,s,$1)) . a = s . a; assume A2: I is_closed_onInit s,p ; ::_thesis: ( not Initialize ((intloc 0) .--> 1) c= s or not I c= p or for k being Element of NAT holds (Comput (p,s,k)) . a = s . a ) assume Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: ( not I c= p or for k being Element of NAT holds (Comput (p,s,k)) . a = s . a ) then A3: Initialized s = s by FUNCT_4:98; assume A4: I c= p ; ::_thesis: for k being Element of NAT holds (Comput (p,s,k)) . a = s . a then A5: p +* I = p by FUNCT_4:98; A6: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A7: S1[k] ; ::_thesis: S1[k + 1] set l = IC (Comput (p,s,k)); A8: IC (Comput (p,s,k)) in dom I by A2, A3, Def4, A5; then p . (IC (Comput (p,s,k))) = I . (IC (Comput (p,s,k))) by A4, GRFUNC_1:2; then p . (IC (Comput (p,s,k))) in rng I by A8, FUNCT_1:def_3; then A9: not p . (IC (Comput (p,s,k))) destroys a by A1, SCMFSA7B:def_4; (Comput (p,s,(k + 1))) . a = (Following (p,(Comput (p,s,k)))) . a by EXTPRO_1:3 .= (Exec ((p . (IC (Comput (p,s,k)))),(Comput (p,s,k)))) . a by PBOOLE:143 .= s . a by A7, A9, SCMFSA7B:20 ; hence S1[k + 1] ; ::_thesis: verum end; A10: S1[ 0 ] ; thus for k being Element of NAT holds S1[k] from NAT_1:sch_1(A10, A6); ::_thesis: verum end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() good V162() InitHalting for set ; existence ex b1 being Program of SCM+FSA st ( b1 is InitHalting & b1 is good ) proof take Stop SCM+FSA ; ::_thesis: ( Stop SCM+FSA is InitHalting & Stop SCM+FSA is good ) thus ( Stop SCM+FSA is InitHalting & Stop SCM+FSA is good ) ; ::_thesis: verum end; end; registration cluster non empty Relation-like NAT -defined the InstructionsF of SCM+FSA -valued Function-like V30() V69() good InitClosed -> keepInt0_1 for set ; correctness coherence for b1 being Program of SCM+FSA st b1 is InitClosed & b1 is good holds b1 is keepInt0_1 ; proof let I be Program of SCM+FSA; ::_thesis: ( I is InitClosed & I is good implies I is keepInt0_1 ) assume A1: ( I is InitClosed & I is good ) ; ::_thesis: I is keepInt0_1 then A2: not I destroys intloc 0 by SCMFSA7B:def_5; now__::_thesis:_for_s_being_State_of_SCM+FSA_st_Initialize_((intloc_0)_.-->_1)_c=_s_holds_ for_p_being_Instruction-Sequence_of_SCM+FSA_st_I_c=_p_holds_ for_k_being_Element_of_NAT_holds_(Comput_(p,s,k))_._(intloc_0)_=_1 let s be State of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ) assume A3: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for p being Instruction-Sequence of SCM+FSA st I c= p holds for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( I c= p implies for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 ) assume A4: I c= p ; ::_thesis: for k being Element of NAT holds (Comput (p,s,k)) . (intloc 0) = 1 let k be Element of NAT ; ::_thesis: (Comput (p,s,k)) . (intloc 0) = 1 I is_closed_onInit s,p by A1, Th25; hence (Comput (p,s,k)) . (intloc 0) = s . (intloc 0) by A2, A3, Th27, A4 .= 1 by A3, SCMFSA_M:30 ; ::_thesis: verum end; hence I is keepInt0_1 by Def3; ::_thesis: verum end; end; registration cluster Stop SCM+FSA -> good InitHalting ; coherence ( Stop SCM+FSA is InitHalting & Stop SCM+FSA is good ) ; end; theorem :: SCM_HALT:28 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for i being parahalting keeping_0 Instruction of SCM+FSA for J being InitHalting Program of SCM+FSA for a being Int-Location holds (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(Exec (i,(Initialized s))))) . a proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for i being parahalting keeping_0 Instruction of SCM+FSA for J being InitHalting Program of SCM+FSA for a being Int-Location holds (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(Exec (i,(Initialized s))))) . a let s be State of SCM+FSA; ::_thesis: for i being parahalting keeping_0 Instruction of SCM+FSA for J being InitHalting Program of SCM+FSA for a being Int-Location holds (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(Exec (i,(Initialized s))))) . a let i be parahalting keeping_0 Instruction of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA for a being Int-Location holds (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(Exec (i,(Initialized s))))) . a let J be InitHalting Program of SCM+FSA; ::_thesis: for a being Int-Location holds (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(Exec (i,(Initialized s))))) . a let a be Int-Location; ::_thesis: (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(Exec (i,(Initialized s))))) . a thus (IExec ((i ";" J),p,s)) . a = (IExec (J,p,(IExec ((Macro i),p,s)))) . a by Th20 .= (IExec (J,p,(Exec (i,(Initialized s))))) . a by SCMFSA6C:5 ; ::_thesis: verum end; theorem :: SCM_HALT:29 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for i being parahalting keeping_0 Instruction of SCM+FSA for J being InitHalting Program of SCM+FSA for f being FinSeq-Location holds (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(Exec (i,(Initialized s))))) . f proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for i being parahalting keeping_0 Instruction of SCM+FSA for J being InitHalting Program of SCM+FSA for f being FinSeq-Location holds (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(Exec (i,(Initialized s))))) . f let s be State of SCM+FSA; ::_thesis: for i being parahalting keeping_0 Instruction of SCM+FSA for J being InitHalting Program of SCM+FSA for f being FinSeq-Location holds (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(Exec (i,(Initialized s))))) . f let i be parahalting keeping_0 Instruction of SCM+FSA; ::_thesis: for J being InitHalting Program of SCM+FSA for f being FinSeq-Location holds (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(Exec (i,(Initialized s))))) . f let J be InitHalting Program of SCM+FSA; ::_thesis: for f being FinSeq-Location holds (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(Exec (i,(Initialized s))))) . f let f be FinSeq-Location ; ::_thesis: (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(Exec (i,(Initialized s))))) . f thus (IExec ((i ";" J),p,s)) . f = (IExec (J,p,(IExec ((Macro i),p,s)))) . f by Th21 .= (IExec (J,p,(Exec (i,(Initialized s))))) . f by SCMFSA6C:5 ; ::_thesis: verum end; theorem Th30: :: SCM_HALT:30 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA holds ( I is_closed_onInit s,p iff I is_closed_on Initialized s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA holds ( I is_closed_onInit s,p iff I is_closed_on Initialized s,p ) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA holds ( I is_closed_onInit s,p iff I is_closed_on Initialized s,p ) let I be Program of SCM+FSA; ::_thesis: ( I is_closed_onInit s,p iff I is_closed_on Initialized s,p ) A1: Initialized s = s +* (Initialize (Initialize ((intloc 0) .--> 1))) .= Initialize (Initialized s) by FUNCT_4:14 ; hereby ::_thesis: ( I is_closed_on Initialized s,p implies I is_closed_onInit s,p ) assume A2: I is_closed_onInit s,p ; ::_thesis: I is_closed_on Initialized s,p thus I is_closed_on Initialized s,p ::_thesis: verum proof let k be Element of NAT ; :: according to SCMFSA7B:def_6 ::_thesis: IC (Comput ((p +* I),(Initialize (Initialized s)),k)) in K211(I) thus IC (Comput ((p +* I),(Initialize (Initialized s)),k)) in dom I by A1, A2, Def4; ::_thesis: verum end; end; assume A3: I is_closed_on Initialized s,p ; ::_thesis: I is_closed_onInit s,p let k be Element of NAT ; :: according to SCM_HALT:def_4 ::_thesis: IC (Comput ((p +* I),(Initialized s),k)) in dom I thus IC (Comput ((p +* I),(Initialized s),k)) in dom I by A1, A3, SCMFSA7B:def_6; ::_thesis: verum end; theorem Th31: :: SCM_HALT:31 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA holds ( I is_halting_onInit s,p iff I is_halting_on Initialized s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA holds ( I is_halting_onInit s,p iff I is_halting_on Initialized s,p ) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA holds ( I is_halting_onInit s,p iff I is_halting_on Initialized s,p ) let I be Program of SCM+FSA; ::_thesis: ( I is_halting_onInit s,p iff I is_halting_on Initialized s,p ) set s1 = Initialized s; set p1 = p +* I; A1: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; ( I is_halting_onInit s,p iff p +* I halts_on Initialized s ) by Def5; hence ( I is_halting_onInit s,p iff I is_halting_on Initialized s,p ) by A1, SCMFSA7B:def_7; ::_thesis: verum end; theorem :: SCM_HALT:32 for p being Instruction-Sequence of SCM+FSA for I being Program of SCM+FSA for s being State of SCM+FSA holds IExec (I,p,s) = IExec (I,p,(Initialized s)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for s being State of SCM+FSA holds IExec (I,p,s) = IExec (I,p,(Initialized s)) let I be Program of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds IExec (I,p,s) = IExec (I,p,(Initialized s)) let s be State of SCM+FSA; ::_thesis: IExec (I,p,s) = IExec (I,p,(Initialized s)) set sp = s | NAT; thus IExec (I,p,s) = Result ((p +* I),(Initialized (Initialized s))) by SCMFSA6B:def_1 .= IExec (I,p,(Initialized s)) by SCMFSA6B:def_1 ; ::_thesis: verum end; theorem Th33: :: SCM_HALT:33 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) let a be read-write Int-Location; ::_thesis: ( s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p implies ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) ) set Is = Initialized s; assume s . a = 0 ; ::_thesis: ( not I is_closed_onInit s,p or not I is_halting_onInit s,p or ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) ) then A1: (Initialized s) . a = 0 by SCMFSA_M:37; assume I is_closed_onInit s,p ; ::_thesis: ( not I is_halting_onInit s,p or ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) ) then A2: I is_closed_on Initialized s,p by Th30; assume I is_halting_onInit s,p ; ::_thesis: ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) then I is_halting_on Initialized s,p by Th31; then ( if=0 (a,I,J) is_closed_on Initialized s,p & if=0 (a,I,J) is_halting_on Initialized s,p ) by A1, A2, SCMFSA8B:13; hence ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) by Th30, Th31; ::_thesis: verum end; theorem Th34: :: SCM_HALT:34 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let a be read-write Int-Location; ::_thesis: ( s . a = 0 & I is_closed_onInit s,p & I is_halting_onInit s,p implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) assume A1: s . a = 0 ; ::_thesis: ( not I is_closed_onInit s,p or not I is_halting_onInit s,p or IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) set Is = Initialized s; assume I is_closed_onInit s,p ; ::_thesis: ( not I is_halting_onInit s,p or IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) then A2: I is_closed_on Initialized s,p by Th30; assume I is_halting_onInit s,p ; ::_thesis: IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) then I is_halting_on Initialized s,p by Th31; hence IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by A1, A2, SCMFSA8B:14; ::_thesis: verum end; theorem Th35: :: SCM_HALT:35 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) let a be read-write Int-Location; ::_thesis: ( s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p implies ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) ) set Is = Initialized s; assume s . a <> 0 ; ::_thesis: ( not J is_closed_onInit s,p or not J is_halting_onInit s,p or ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) ) then A1: (Initialized s) . a <> 0 by SCMFSA_M:37; assume J is_closed_onInit s,p ; ::_thesis: ( not J is_halting_onInit s,p or ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) ) then A2: J is_closed_on Initialized s,p by Th30; assume J is_halting_onInit s,p ; ::_thesis: ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) then J is_halting_on Initialized s,p by Th31; then ( if=0 (a,I,J) is_closed_on Initialized s,p & if=0 (a,I,J) is_halting_on Initialized s,p ) by A1, A2, SCMFSA8B:15; hence ( if=0 (a,I,J) is_closed_onInit s,p & if=0 (a,I,J) is_halting_onInit s,p ) by Th30, Th31; ::_thesis: verum end; theorem Th36: :: SCM_HALT:36 for p being Instruction-Sequence of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location for s being State of SCM+FSA st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let a be read-write Int-Location; ::_thesis: for s being State of SCM+FSA st s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: ( s . a <> 0 & J is_closed_onInit s,p & J is_halting_onInit s,p implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) assume A1: s . a <> 0 ; ::_thesis: ( not J is_closed_onInit s,p or not J is_halting_onInit s,p or IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) set Is = Initialized s; assume J is_closed_onInit s,p ; ::_thesis: ( not J is_halting_onInit s,p or IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) then A2: J is_closed_on Initialized s,p by Th30; assume J is_halting_onInit s,p ; ::_thesis: IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) then J is_halting_on Initialized s,p by Th31; hence IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by A1, A2, SCMFSA8B:16; ::_thesis: verum end; theorem Th37: :: SCM_HALT:37 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if=0 (a,I,J) is InitHalting & ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if=0 (a,I,J) is InitHalting & ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) let s be State of SCM+FSA; ::_thesis: for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if=0 (a,I,J) is InitHalting & ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) let I, J be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location holds ( if=0 (a,I,J) is InitHalting & ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) let a be read-write Int-Location; ::_thesis: ( if=0 (a,I,J) is InitHalting & ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) now__::_thesis:_for_s_being_State_of_SCM+FSA_st_Initialize_((intloc_0)_.-->_1)_c=_s_holds_ for_p_being_Instruction-Sequence_of_SCM+FSA_st_if=0_(a,I,J)_c=_p_holds_ p_halts_on_s let s be State of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for p being Instruction-Sequence of SCM+FSA st if=0 (a,I,J) c= p holds b3 halts_on b2 ) assume Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for p being Instruction-Sequence of SCM+FSA st if=0 (a,I,J) c= p holds b3 halts_on b2 then A1: s = Initialized s by FUNCT_4:98; let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( if=0 (a,I,J) c= p implies b2 halts_on b1 ) assume if=0 (a,I,J) c= p ; ::_thesis: b2 halts_on b1 then A2: p = p +* (if=0 (a,I,J)) by FUNCT_4:98; A3: ( J is_closed_onInit s,p & J is_halting_onInit s,p ) by Th25, Th26; A4: ( I is_closed_onInit s,p & I is_halting_onInit s,p ) by Th25, Th26; percases ( s . a = 0 or s . a <> 0 ) ; suppose s . a = 0 ; ::_thesis: b2 halts_on b1 then if=0 (a,I,J) is_halting_onInit s,p by A4, Th33; hence p halts_on s by A1, Def5, A2; ::_thesis: verum end; suppose s . a <> 0 ; ::_thesis: b2 halts_on b1 then if=0 (a,I,J) is_halting_onInit s,p by A3, Th35; hence p halts_on s by A1, Def5, A2; ::_thesis: verum end; end; end; hence if=0 (a,I,J) is InitHalting by Def2; ::_thesis: ( ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) ( I is_closed_onInit s,p & I is_halting_onInit s,p ) by Th25, Th26; hence ( s . a = 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) by Th34; ::_thesis: ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ( J is_closed_onInit s,p & J is_halting_onInit s,p ) by Th25, Th26; hence ( s . a <> 0 implies IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) by Th36; ::_thesis: verum end; theorem :: SCM_HALT:38 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a = 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a = 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) let s be State of SCM+FSA; ::_thesis: for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a = 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) let I, J be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location holds ( IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a = 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) let a be read-write Int-Location; ::_thesis: ( IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a = 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) hereby ::_thesis: ( ( s . a = 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) percases ( s . a = 0 or s . a <> 0 ) ; suppose s . a = 0 ; ::_thesis: IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 then IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th37; hence IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 by FUNCT_4:113; ::_thesis: verum end; suppose s . a <> 0 ; ::_thesis: IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 then IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th37; hence IC (IExec ((if=0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 by FUNCT_4:113; ::_thesis: verum end; end; end; hereby ::_thesis: ( s . a <> 0 implies ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) assume s . a = 0 ; ::_thesis: ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) then A1: IExec ((if=0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th37; hereby ::_thesis: for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f let d be Int-Location; ::_thesis: (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d not d in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:102; hence (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d by A1, FUNCT_4:11; ::_thesis: verum end; let f be FinSeq-Location ; ::_thesis: (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f not f in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:103; hence (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f by A1, FUNCT_4:11; ::_thesis: verum end; assume s . a <> 0 ; ::_thesis: ( ( for d being Int-Location holds (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) then A2: IExec ((if=0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th37; hereby ::_thesis: for f being FinSeq-Location holds (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f let d be Int-Location; ::_thesis: (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d not d in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:102; hence (IExec ((if=0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d by A2, FUNCT_4:11; ::_thesis: verum end; let f be FinSeq-Location ; ::_thesis: (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f not f in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:103; hence (IExec ((if=0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f by A2, FUNCT_4:11; ::_thesis: verum end; theorem Th39: :: SCM_HALT:39 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) let a be read-write Int-Location; ::_thesis: ( s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p implies ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) ) set Is = Initialized s; assume s . a > 0 ; ::_thesis: ( not I is_closed_onInit s,p or not I is_halting_onInit s,p or ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) ) then A1: (Initialized s) . a > 0 by SCMFSA_M:37; assume I is_closed_onInit s,p ; ::_thesis: ( not I is_halting_onInit s,p or ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) ) then A2: I is_closed_on Initialized s,p by Th30; assume I is_halting_onInit s,p ; ::_thesis: ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) then I is_halting_on Initialized s,p by Th31; then ( if>0 (a,I,J) is_closed_on Initialized s,p & if>0 (a,I,J) is_halting_on Initialized s,p ) by A1, A2, SCMFSA8B:19; hence ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) by Th30, Th31; ::_thesis: verum end; theorem Th40: :: SCM_HALT:40 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let a be read-write Int-Location; ::_thesis: ( s . a > 0 & I is_closed_onInit s,p & I is_halting_onInit s,p implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) assume A1: s . a > 0 ; ::_thesis: ( not I is_closed_onInit s,p or not I is_halting_onInit s,p or IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) set Is = Initialized s; assume I is_closed_onInit s,p ; ::_thesis: ( not I is_halting_onInit s,p or IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) then A2: I is_closed_on Initialized s,p by Th30; assume I is_halting_onInit s,p ; ::_thesis: IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) then I is_halting_on Initialized s,p by Th31; hence IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by A1, A2, SCMFSA8B:20; ::_thesis: verum end; theorem Th41: :: SCM_HALT:41 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) let a be read-write Int-Location; ::_thesis: ( s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p implies ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) ) set Is = Initialized s; assume s . a <= 0 ; ::_thesis: ( not J is_closed_onInit s,p or not J is_halting_onInit s,p or ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) ) then A1: (Initialized s) . a <= 0 by SCMFSA_M:37; assume J is_closed_onInit s,p ; ::_thesis: ( not J is_halting_onInit s,p or ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) ) then A2: J is_closed_on Initialized s,p by Th30; assume J is_halting_onInit s,p ; ::_thesis: ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) then J is_halting_on Initialized s,p by Th31; then ( if>0 (a,I,J) is_closed_on Initialized s,p & if>0 (a,I,J) is_halting_on Initialized s,p ) by A1, A2, SCMFSA8B:21; hence ( if>0 (a,I,J) is_closed_onInit s,p & if>0 (a,I,J) is_halting_onInit s,p ) by Th30, Th31; ::_thesis: verum end; theorem Th42: :: SCM_HALT:42 for p being Instruction-Sequence of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location for s being State of SCM+FSA st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let a be read-write Int-Location; ::_thesis: for s being State of SCM+FSA st s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: ( s . a <= 0 & J is_closed_onInit s,p & J is_halting_onInit s,p implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) assume A1: s . a <= 0 ; ::_thesis: ( not J is_closed_onInit s,p or not J is_halting_onInit s,p or IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) set Is = Initialized s; assume J is_closed_onInit s,p ; ::_thesis: ( not J is_halting_onInit s,p or IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) then A2: J is_closed_on Initialized s,p by Th30; assume J is_halting_onInit s,p ; ::_thesis: IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) then J is_halting_on Initialized s,p by Th31; hence IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by A1, A2, SCMFSA8B:22; ::_thesis: verum end; theorem Th43: :: SCM_HALT:43 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if>0 (a,I,J) is InitHalting & ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if>0 (a,I,J) is InitHalting & ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) let s be State of SCM+FSA; ::_thesis: for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if>0 (a,I,J) is InitHalting & ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) let I, J be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location holds ( if>0 (a,I,J) is InitHalting & ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) let a be read-write Int-Location; ::_thesis: ( if>0 (a,I,J) is InitHalting & ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) now__::_thesis:_for_s_being_State_of_SCM+FSA_st_Initialize_((intloc_0)_.-->_1)_c=_s_holds_ for_p_being_Instruction-Sequence_of_SCM+FSA_st_if>0_(a,I,J)_c=_p_holds_ p_halts_on_s let s be State of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s implies for p being Instruction-Sequence of SCM+FSA st if>0 (a,I,J) c= p holds b3 halts_on b2 ) assume Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for p being Instruction-Sequence of SCM+FSA st if>0 (a,I,J) c= p holds b3 halts_on b2 then A1: s = Initialized s by FUNCT_4:98; let p be Instruction-Sequence of SCM+FSA; ::_thesis: ( if>0 (a,I,J) c= p implies b2 halts_on b1 ) assume if>0 (a,I,J) c= p ; ::_thesis: b2 halts_on b1 then A2: p = p +* (if>0 (a,I,J)) by FUNCT_4:98; A3: ( J is_closed_onInit s,p & J is_halting_onInit s,p ) by Th25, Th26; A4: ( I is_closed_onInit s,p & I is_halting_onInit s,p ) by Th25, Th26; percases ( s . a > 0 or s . a <= 0 ) ; suppose s . a > 0 ; ::_thesis: b2 halts_on b1 then if>0 (a,I,J) is_halting_onInit s,p by A4, Th39; hence p halts_on s by A1, Def5, A2; ::_thesis: verum end; suppose s . a <= 0 ; ::_thesis: b2 halts_on b1 then if>0 (a,I,J) is_halting_onInit s,p by A3, Th41; hence p halts_on s by A1, Def5, A2; ::_thesis: verum end; end; end; hence if>0 (a,I,J) is InitHalting by Def2; ::_thesis: ( ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) & ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ) ( I is_closed_onInit s,p & I is_halting_onInit s,p ) by Th25, Th26; hence ( s . a > 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) by Th40; ::_thesis: ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) ( J is_closed_onInit s,p & J is_halting_onInit s,p ) by Th25, Th26; hence ( s . a <= 0 implies IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) ) by Th42; ::_thesis: verum end; theorem :: SCM_HALT:44 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a > 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a > 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) let s be State of SCM+FSA; ::_thesis: for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a > 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) let I, J be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location holds ( IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a > 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) let a be read-write Int-Location; ::_thesis: ( IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 & ( s . a > 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) hereby ::_thesis: ( ( s . a > 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) ) & ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) ) percases ( s . a > 0 or s . a <= 0 ) ; suppose s . a > 0 ; ::_thesis: IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 then IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th43; hence IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 by FUNCT_4:113; ::_thesis: verum end; suppose s . a <= 0 ; ::_thesis: IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 then IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th43; hence IC (IExec ((if>0 (a,I,J)),p,s)) = ((card I) + (card J)) + 3 by FUNCT_4:113; ::_thesis: verum end; end; end; hereby ::_thesis: ( s . a <= 0 implies ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) ) assume s . a > 0 ; ::_thesis: ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f ) ) then A1: IExec ((if>0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th43; hereby ::_thesis: for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f let d be Int-Location; ::_thesis: (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d not d in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:102; hence (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (I,p,s)) . d by A1, FUNCT_4:11; ::_thesis: verum end; let f be FinSeq-Location ; ::_thesis: (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f not f in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:103; hence (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (I,p,s)) . f by A1, FUNCT_4:11; ::_thesis: verum end; assume s . a <= 0 ; ::_thesis: ( ( for d being Int-Location holds (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d ) & ( for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f ) ) then A2: IExec ((if>0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by Th43; hereby ::_thesis: for f being FinSeq-Location holds (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f let d be Int-Location; ::_thesis: (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d not d in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:102; hence (IExec ((if>0 (a,I,J)),p,s)) . d = (IExec (J,p,s)) . d by A2, FUNCT_4:11; ::_thesis: verum end; let f be FinSeq-Location ; ::_thesis: (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f not f in dom (Start-At ((((card I) + (card J)) + 3),SCM+FSA)) by SCMFSA_2:103; hence (IExec ((if>0 (a,I,J)),p,s)) . f = (IExec (J,p,s)) . f by A2, FUNCT_4:11; ::_thesis: verum end; theorem Th45: :: SCM_HALT:45 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a < 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a < 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a < 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a < 0 & I is_closed_onInit s,p & I is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let a be read-write Int-Location; ::_thesis: ( s . a < 0 & I is_closed_onInit s,p & I is_halting_onInit s,p implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) assume A1: s . a < 0 ; ::_thesis: ( not I is_closed_onInit s,p or not I is_halting_onInit s,p or IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) set Is = Initialized s; assume I is_closed_onInit s,p ; ::_thesis: ( not I is_halting_onInit s,p or IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) then A2: I is_closed_on Initialized s,p by Th30; assume I is_halting_onInit s,p ; ::_thesis: IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) then I is_halting_on Initialized s,p by Th31; hence IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) by A1, A2, SCMFSA8B:26; ::_thesis: verum end; theorem Th46: :: SCM_HALT:46 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a = 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a = 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let a be read-write Int-Location; ::_thesis: ( s . a = 0 & J is_closed_onInit s,p & J is_halting_onInit s,p implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) assume A1: s . a = 0 ; ::_thesis: ( not J is_closed_onInit s,p or not J is_halting_onInit s,p or IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) set Is = Initialized s; assume J is_closed_onInit s,p ; ::_thesis: ( not J is_halting_onInit s,p or IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) then A2: J is_closed_on Initialized s,p by Th30; assume J is_halting_onInit s,p ; ::_thesis: IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) then J is_halting_on Initialized s,p by Th31; hence IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) by A1, A2, SCMFSA8B:28; ::_thesis: verum end; theorem Th47: :: SCM_HALT:47 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let s be State of SCM+FSA; ::_thesis: for I, J being Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let I, J be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a > 0 & J is_closed_onInit s,p & J is_halting_onInit s,p holds IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) let a be read-write Int-Location; ::_thesis: ( s . a > 0 & J is_closed_onInit s,p & J is_halting_onInit s,p implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) assume A1: s . a > 0 ; ::_thesis: ( not J is_closed_onInit s,p or not J is_halting_onInit s,p or IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) set Is = Initialized s; assume J is_closed_onInit s,p ; ::_thesis: ( not J is_halting_onInit s,p or IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) then A2: J is_closed_on Initialized s,p by Th30; assume J is_halting_onInit s,p ; ::_thesis: IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) then J is_halting_on Initialized s,p by Th31; hence IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) by A1, A2, SCMFSA8B:30; ::_thesis: verum end; theorem Th48: :: SCM_HALT:48 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if<0 (a,I,J) is InitHalting & ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) & ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if<0 (a,I,J) is InitHalting & ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) & ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) ) let s be State of SCM+FSA; ::_thesis: for I, J being InitHalting Program of SCM+FSA for a being read-write Int-Location holds ( if<0 (a,I,J) is InitHalting & ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) & ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) ) let I, J be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location holds ( if<0 (a,I,J) is InitHalting & ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) & ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) ) let a be read-write Int-Location; ::_thesis: ( if<0 (a,I,J) is InitHalting & ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) & ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) ) ( if<0 (a,I,J) = if=0 (a,J,(if>0 (a,J,I))) & if>0 (a,J,I) is InitHalting ) by Th43, SCMFSA8B:def_3; hence if<0 (a,I,J) is InitHalting by Th37; ::_thesis: ( ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) & ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) ) ( I is_closed_onInit s,p & I is_halting_onInit s,p ) by Th25, Th26; hence ( s . a < 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (I,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) by Th45; ::_thesis: ( s . a >= 0 implies IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) ) A1: ( J is_closed_onInit s,p & J is_halting_onInit s,p ) by Th25, Th26; hereby ::_thesis: verum assume A2: s . a >= 0 ; ::_thesis: IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) percases ( s . a = 0 or s . a <> 0 ) ; suppose s . a = 0 ; ::_thesis: IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) hence IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) by A1, Th46; ::_thesis: verum end; suppose s . a <> 0 ; ::_thesis: IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) hence IExec ((if<0 (a,I,J)),p,s) = (IExec (J,p,s)) +* (Start-At (((((card I) + (card J)) + (card J)) + 7),SCM+FSA)) by A1, A2, Th47; ::_thesis: verum end; end; end; end; registration let I, J be InitHalting Program of SCM+FSA; let a be read-write Int-Location; cluster if=0 (a,I,J) -> InitHalting ; correctness coherence if=0 (a,I,J) is InitHalting ; by Th37; cluster if>0 (a,I,J) -> InitHalting ; correctness coherence if>0 (a,I,J) is InitHalting ; by Th43; cluster if<0 (a,I,J) -> InitHalting ; correctness coherence if<0 (a,I,J) is InitHalting ; by Th48; end; theorem Th49: :: SCM_HALT:49 for I being Program of SCM+FSA holds ( I is InitHalting iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_on Initialized s,p ) proof let I be Program of SCM+FSA; ::_thesis: ( I is InitHalting iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_on Initialized s,p ) hereby ::_thesis: ( ( for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_on Initialized s,p ) implies I is InitHalting ) assume A1: I is InitHalting ; ::_thesis: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_on Initialized s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds I is_halting_on Initialized s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: I is_halting_on Initialized s,p I is_halting_onInit s,p by A1, Th26; hence I is_halting_on Initialized s,p by Th31; ::_thesis: verum end; assume A2: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_halting_on Initialized s,p ; ::_thesis: I is InitHalting now__::_thesis:_for_s_being_State_of_SCM+FSA for_p_being_Instruction-Sequence_of_SCM+FSA_holds_I_is_halting_onInit_s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds I is_halting_onInit s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: I is_halting_onInit s,p I is_halting_on Initialized s,p by A2; hence I is_halting_onInit s,p by Th31; ::_thesis: verum end; hence I is InitHalting by Th26; ::_thesis: verum end; theorem Th50: :: SCM_HALT:50 for I being Program of SCM+FSA holds ( I is InitClosed iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_on Initialized s,p ) proof let I be Program of SCM+FSA; ::_thesis: ( I is InitClosed iff for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_on Initialized s,p ) hereby ::_thesis: ( ( for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_on Initialized s,p ) implies I is InitClosed ) assume A1: I is InitClosed ; ::_thesis: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_on Initialized s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds I is_closed_on Initialized s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: I is_closed_on Initialized s,p I is_closed_onInit s,p by A1, Th25; hence I is_closed_on Initialized s,p by Th30; ::_thesis: verum end; assume A2: for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA holds I is_closed_on Initialized s,p ; ::_thesis: I is InitClosed now__::_thesis:_for_s_being_State_of_SCM+FSA for_p_being_Instruction-Sequence_of_SCM+FSA_holds_I_is_closed_onInit_s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds I is_closed_onInit s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: I is_closed_onInit s,p I is_closed_on Initialized s,p by A2; hence I is_closed_onInit s,p by Th30; ::_thesis: verum end; hence I is InitClosed by Th25; ::_thesis: verum end; theorem Th51: :: SCM_HALT:51 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being read-write Int-Location holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),(LifeSpan ((p +* I),(Initialize (Initialized s)))))) . a proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being read-write Int-Location holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),(LifeSpan ((p +* I),(Initialize (Initialized s)))))) . a let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA for a being read-write Int-Location holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),(LifeSpan ((p +* I),(Initialize (Initialized s)))))) . a let I be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),(LifeSpan ((p +* I),(Initialize (Initialized s)))))) . a let a be read-write Int-Location; ::_thesis: (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),(LifeSpan ((p +* I),(Initialize (Initialized s)))))) . a I is_halting_on Initialized s,p by Th49; hence (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),(LifeSpan ((p +* I),(Initialize (Initialized s)))))) . a by SCMFSA8C:58; ::_thesis: verum end; theorem Th52: :: SCM_HALT:52 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being Int-Location for k being Element of NAT st not I destroys a holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being Int-Location for k being Element of NAT st not I destroys a holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA for a being Int-Location for k being Element of NAT st not I destroys a holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a let I be InitHalting Program of SCM+FSA; ::_thesis: for a being Int-Location for k being Element of NAT st not I destroys a holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a let a be Int-Location; ::_thesis: for k being Element of NAT st not I destroys a holds (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a let k be Element of NAT ; ::_thesis: ( not I destroys a implies (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a ) assume A1: not I destroys a ; ::_thesis: (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a ( I is_halting_on Initialized s,p & I is_closed_on Initialized s,p ) by Th49, Th50; hence (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),k)) . a by A1, SCMFSA8C:60; ::_thesis: verum end; set A = NAT ; set D = Data-Locations ; theorem Th53: :: SCM_HALT:53 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being Int-Location st not I destroys a holds (IExec (I,p,s)) . a = (Initialized s) . a proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being Int-Location st not I destroys a holds (IExec (I,p,s)) . a = (Initialized s) . a let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA for a being Int-Location st not I destroys a holds (IExec (I,p,s)) . a = (Initialized s) . a let I be InitHalting Program of SCM+FSA; ::_thesis: for a being Int-Location st not I destroys a holds (IExec (I,p,s)) . a = (Initialized s) . a let a be Int-Location; ::_thesis: ( not I destroys a implies (IExec (I,p,s)) . a = (Initialized s) . a ) A1: Initialized s = s +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by FUNCT_4:93 .= (Initialized s) +* (Start-At (0,SCM+FSA)) by FUNCT_4:14 ; assume not I destroys a ; ::_thesis: (IExec (I,p,s)) . a = (Initialized s) . a hence (IExec (I,p,s)) . a = (Comput ((p +* I),(Initialize (Initialized s)),0)) . a by Th52 .= (Initialized s) . a by A1 ; ::_thesis: verum end; theorem Th54: :: SCM_HALT:54 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for a being read-write Int-Location st not I destroys a holds (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = (s . a) - 1 proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting keepInt0_1 Program of SCM+FSA for a being read-write Int-Location st not I destroys a holds (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = (s . a) - 1 let s be State of SCM+FSA; ::_thesis: for I being InitHalting keepInt0_1 Program of SCM+FSA for a being read-write Int-Location st not I destroys a holds (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = (s . a) - 1 let I be InitHalting keepInt0_1 Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a holds (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = (s . a) - 1 let a be read-write Int-Location; ::_thesis: ( not I destroys a implies (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = (s . a) - 1 ) assume A1: not I destroys a ; ::_thesis: (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = (s . a) - 1 set s0 = Initialized s; set p0 = p; set s1 = Initialize (Initialized s); set p1 = p +* (I ";" (SubFrom (a,(intloc 0)))); A2: a <> IC by SCMFSA_2:56; dom (Start-At (0,SCM+FSA)) = {(IC )} by FUNCOP_1:13; then A3: not a in dom (Start-At (0,SCM+FSA)) by A2, TARSKI:def_1; (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (Exec ((SubFrom (a,(intloc 0))),(IExec (I,p,s)))) . a by Th23 .= ((IExec (I,p,s)) . a) - ((IExec (I,p,s)) . (intloc 0)) by SCMFSA_2:65 .= ((IExec (I,p,s)) . a) - 1 by Th9 .= ((Comput ((p +* I),(Initialize (Initialized s)),0)) . a) - 1 by A1, Th52 .= ((Initialize (Initialized s)) . a) - 1 .= ((Initialized s) . a) - 1 by A3, FUNCT_4:11 ; hence (Comput ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)),(LifeSpan ((p +* (I ";" (SubFrom (a,(intloc 0))))),(Initialize (Initialized s)))))) . a = ((Initialized s) . a) - 1 by Th51 .= (s . a) - 1 by SCMFSA_M:37 ; ::_thesis: verum end; theorem Th55: :: SCM_HALT:55 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (loop I)),s,m) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (loop I)),s,m) let s be State of SCM+FSA; ::_thesis: for I being InitClosed Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s holds for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (loop I)),s,m) let I be InitClosed Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I c= p & p halts_on s implies for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (loop I)),s,m) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s and A2: I c= p ; ::_thesis: ( not p halts_on s or for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (loop I)),s,m) ) defpred S1[ Nat] means ( $1 <= LifeSpan (p,s) implies Comput (p,s,$1) = Comput ((p +* (loop I)),s,$1) ); assume A3: p halts_on s ; ::_thesis: for m being Element of NAT st m <= LifeSpan (p,s) holds Comput (p,s,m) = Comput ((p +* (loop I)),s,m) A4: for m being Element of NAT st S1[m] holds S1[m + 1] proof set sx = s; set px = p +* (loop I); A5: loop I c= p +* (loop I) by FUNCT_4:25; let m be Element of NAT ; ::_thesis: ( S1[m] implies S1[m + 1] ) assume A6: ( m <= LifeSpan (p,s) implies Comput (p,s,m) = Comput ((p +* (loop I)),s,m) ) ; ::_thesis: S1[m + 1] A7: Comput ((p +* (loop I)),s,(m + 1)) = Following ((p +* (loop I)),(Comput ((p +* (loop I)),s,m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,m)))),(Comput ((p +* (loop I)),s,m))) ; A8: Comput (p,s,(m + 1)) = Following (p,(Comput (p,s,m))) by EXTPRO_1:3 .= Exec ((CurInstr (p,(Comput (p,s,m)))),(Comput (p,s,m))) ; A9: IC (Comput (p,s,m)) in dom I by A1, Def1, A2; then A10: IC (Comput (p,s,m)) in dom (loop I) by FUNCT_4:99; A11: p /. (IC (Comput (p,s,m))) = p . (IC (Comput (p,s,m))) by PBOOLE:143; A12: CurInstr (p,(Comput (p,s,m))) = I . (IC (Comput (p,s,m))) by A9, A11, A2, GRFUNC_1:2; assume A13: m + 1 <= LifeSpan (p,s) ; ::_thesis: Comput (p,s,(m + 1)) = Comput ((p +* (loop I)),s,(m + 1)) A14: (p +* (loop I)) /. (IC (Comput ((p +* (loop I)),s,m))) = (p +* (loop I)) . (IC (Comput ((p +* (loop I)),s,m))) by PBOOLE:143; m < LifeSpan (p,s) by A13, NAT_1:13; then I . (IC (Comput (p,s,m))) <> halt SCM+FSA by A3, A12, EXTPRO_1:def_15; then CurInstr (p,(Comput (p,s,m))) = (loop I) . (IC (Comput (p,s,m))) by A12, FUNCT_4:105 .= CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,m))) by A13, A10, A14, A5, A6, GRFUNC_1:2, NAT_1:13 ; hence Comput (p,s,(m + 1)) = Comput ((p +* (loop I)),s,(m + 1)) by A6, A13, A8, A7, NAT_1:13; ::_thesis: verum end; A15: S1[ 0 ] ; thus for m being Element of NAT holds S1[m] from NAT_1:sch_1(A15, A4); ::_thesis: verum end; theorem :: SCM_HALT:56 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) <> halt SCM+FSA proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) <> halt SCM+FSA let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= p holds for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) <> halt SCM+FSA let I be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I c= p implies for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) <> halt SCM+FSA ) set s2 = s; set p2 = p +* (loop I); assume A1: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: ( not I c= p or for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) <> halt SCM+FSA ) assume A2: I c= p ; ::_thesis: for k being Element of NAT st k <= LifeSpan (p,s) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) <> halt SCM+FSA A3: p halts_on s by Def2, A1, A2; hereby ::_thesis: verum let k be Element of NAT ; ::_thesis: ( k <= LifeSpan (p,s) implies not CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) = halt SCM+FSA ) set lk = IC (Comput (p,s,k)); A4: ( IC (Comput (p,s,k)) in dom I & dom I = dom (loop I) ) by A1, Def1, A2, FUNCT_4:99; then A5: (loop I) . (IC (Comput (p,s,k))) in rng (loop I) by FUNCT_1:def_3; assume k <= LifeSpan (p,s) ; ::_thesis: not CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) = halt SCM+FSA then IC (Comput (p,s,k)) = IC (Comput ((p +* (loop I)),s,k)) by A1, A3, Th55, A2; then A6: CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) = (p +* (loop I)) . (IC (Comput (p,s,k))) by PBOOLE:143 .= (loop I) . (IC (Comput (p,s,k))) by A4, FUNCT_4:13 ; assume CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),s,k))) = halt SCM+FSA ; ::_thesis: contradiction hence contradiction by A6, A5, SCMFSA8C:75; ::_thesis: verum end; end; theorem Th57: :: SCM_HALT:57 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) let I be Program of SCM+FSA; ::_thesis: ( I is_closed_onInit s,p & I is_halting_onInit s,p implies for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) ) set s1 = Initialized s; set p1 = p +* I; A1: I c= p +* I by FUNCT_4:25; set s2 = Initialized s; set p2 = p +* (loop I); A2: loop I c= p +* (loop I) by FUNCT_4:25; assume A3: I is_closed_onInit s,p ; ::_thesis: ( not I is_halting_onInit s,p or for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) ) defpred S1[ Nat] means ( $1 <= LifeSpan ((p +* I),(Initialized s)) implies Comput ((p +* I),(Initialized s),$1) = Comput ((p +* (loop I)),(Initialized s),$1) ); assume I is_halting_onInit s,p ; ::_thesis: for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) then A4: p +* I halts_on Initialized s by Def5; A5: for m being Element of NAT st S1[m] holds S1[m + 1] proof let m be Element of NAT ; ::_thesis: ( S1[m] implies S1[m + 1] ) assume A6: ( m <= LifeSpan ((p +* I),(Initialized s)) implies Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) ) ; ::_thesis: S1[m + 1] A7: IC (Comput ((p +* I),(Initialized s),m)) in dom I by A3, Def4; then A8: IC (Comput ((p +* I),(Initialized s),m)) in dom (loop I) by FUNCT_4:99; A9: (p +* I) /. (IC (Comput ((p +* I),(Initialized s),m))) = (p +* I) . (IC (Comput ((p +* I),(Initialized s),m))) by PBOOLE:143; A10: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = I . (IC (Comput ((p +* I),(Initialized s),m))) by A7, A9, A1, GRFUNC_1:2; A11: Comput ((p +* (loop I)),(Initialized s),(m + 1)) = Following ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m)))),(Comput ((p +* (loop I)),(Initialized s),m))) ; A12: Comput ((p +* I),(Initialized s),(m + 1)) = Following ((p +* I),(Comput ((p +* I),(Initialized s),m))) by EXTPRO_1:3 .= Exec ((CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m)))),(Comput ((p +* I),(Initialized s),m))) ; assume A13: m + 1 <= LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: Comput ((p +* I),(Initialized s),(m + 1)) = Comput ((p +* (loop I)),(Initialized s),(m + 1)) then m < LifeSpan ((p +* I),(Initialized s)) by NAT_1:13; then I . (IC (Comput ((p +* I),(Initialized s),m))) <> halt SCM+FSA by A4, A10, EXTPRO_1:def_15; then A14: I . (IC (Comput ((p +* I),(Initialized s),m))) = (loop I) . (IC (Comput ((p +* I),(Initialized s),m))) by FUNCT_4:105; A15: (p +* (loop I)) /. (IC (Comput ((p +* (loop I)),(Initialized s),m))) = (p +* (loop I)) . (IC (Comput ((p +* (loop I)),(Initialized s),m))) by PBOOLE:143; thus Comput ((p +* I),(Initialized s),(m + 1)) = Comput ((p +* (loop I)),(Initialized s),(m + 1)) by A6, A13, A12, A11, A8, A10, A15, A14, A2, GRFUNC_1:2, NAT_1:13; ::_thesis: verum end; A16: S1[ 0 ] proof assume 0 <= LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: Comput ((p +* I),(Initialized s),0) = Comput ((p +* (loop I)),(Initialized s),0) thus Comput ((p +* I),(Initialized s),0) = Comput ((p +* (loop I)),(Initialized s),0) ; ::_thesis: verum end; thus for m being Element of NAT holds S1[m] from NAT_1:sch_1(A16, A5); ::_thesis: verum end; theorem Th58: :: SCM_HALT:58 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds for m being Element of NAT st m < LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds for m being Element of NAT st m < LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds for m being Element of NAT st m < LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) let I be Program of SCM+FSA; ::_thesis: ( I is_closed_onInit s,p & I is_halting_onInit s,p implies for m being Element of NAT st m < LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) ) set s1 = Initialized s; set p1 = p +* I; A1: I c= p +* I by FUNCT_4:25; set s2 = Initialized s; set p2 = p +* (loop I); A2: loop I c= p +* (loop I) by FUNCT_4:25; assume that A3: I is_closed_onInit s,p and A4: I is_halting_onInit s,p ; ::_thesis: for m being Element of NAT st m < LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) let m be Element of NAT ; ::_thesis: ( m < LifeSpan ((p +* I),(Initialized s)) implies CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) ) A5: IC (Comput ((p +* I),(Initialized s),m)) in dom I by A3, Def4; then A6: IC (Comput ((p +* I),(Initialized s),m)) in dom (loop I) by FUNCT_4:99; A7: (p +* I) /. (IC (Comput ((p +* I),(Initialized s),m))) = (p +* I) . (IC (Comput ((p +* I),(Initialized s),m))) by PBOOLE:143; A8: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = I . (IC (Comput ((p +* I),(Initialized s),m))) by A5, A7, A1, GRFUNC_1:2; assume A9: m < LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) A10: (p +* (loop I)) /. (IC (Comput ((p +* (loop I)),(Initialized s),m))) = (p +* (loop I)) . (IC (Comput ((p +* (loop I)),(Initialized s),m))) by PBOOLE:143; p +* I halts_on Initialized s by A4, Def5; then I . (IC (Comput ((p +* I),(Initialized s),m))) <> halt SCM+FSA by A9, A8, EXTPRO_1:def_15; then A11: I . (IC (Comput ((p +* I),(Initialized s),m))) = (loop I) . (IC (Comput ((p +* I),(Initialized s),m))) by FUNCT_4:105; Comput ((p +* I),(Initialized s),m) = Comput ((p +* (loop I)),(Initialized s),m) by A3, A4, A9, Th57; hence CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) = CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) by A6, A8, A11, A10, A2, GRFUNC_1:2; ::_thesis: verum end; theorem Th59: :: SCM_HALT:59 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds ( CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = goto 0 & ( for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds ( CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = goto 0 & ( for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA ) ) A1: dom (id the InstructionsF of SCM+FSA) = the InstructionsF of SCM+FSA ; let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA st I is_closed_onInit s,p & I is_halting_onInit s,p holds ( CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = goto 0 & ( for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA ) ) let I be Program of SCM+FSA; ::_thesis: ( I is_closed_onInit s,p & I is_halting_onInit s,p implies ( CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = goto 0 & ( for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA ) ) ) set s1 = Initialized s; set p1 = p +* I; set s2 = Initialized s; set p2 = p +* (loop I); A2: loop I c= p +* (loop I) by FUNCT_4:25; assume that A3: I is_closed_onInit s,p and A4: I is_halting_onInit s,p ; ::_thesis: ( CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = goto 0 & ( for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA ) ) set k = LifeSpan ((p +* I),(Initialized s)); A5: rng I c= the InstructionsF of SCM+FSA by RELAT_1:def_19; A6: IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) in dom I by A3, Def4; A7: dom (loop I) = dom I by FUNCT_4:99; A8: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = (p +* I) . (IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) by PBOOLE:143 .= I . (IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) by A6, FUNCT_4:13 ; A9: p +* I halts_on Initialized s by A4, Def5; then A10: CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = halt SCM+FSA by EXTPRO_1:def_15; IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) = IC (Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s))))) by A3, A4, Th57; hence A11: CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) = (p +* (loop I)) . (IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) by PBOOLE:143 .= (loop I) . (IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) by A2, A6, A7, GRFUNC_1:2 .= (((id the InstructionsF of SCM+FSA) +* ((halt SCM+FSA),(goto 0))) * I) . (IC (Comput ((p +* I),(Initialized s),(LifeSpan ((p +* I),(Initialized s)))))) by A5, FUNCT_7:116 .= ((id the InstructionsF of SCM+FSA) +* ((halt SCM+FSA),(goto 0))) . (halt SCM+FSA) by A10, A6, A8, FUNCT_1:13 .= goto 0 by A1, FUNCT_7:31 ; ::_thesis: for m being Element of NAT st m <= LifeSpan ((p +* I),(Initialized s)) holds CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA let m be Element of NAT ; ::_thesis: ( m <= LifeSpan ((p +* I),(Initialized s)) implies CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA ) assume A12: m <= LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA percases ( m < LifeSpan ((p +* I),(Initialized s)) or m = LifeSpan ((p +* I),(Initialized s)) ) by A12, XXREAL_0:1; supposeA13: m < LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA then CurInstr ((p +* I),(Comput ((p +* I),(Initialized s),m))) <> halt SCM+FSA by A9, EXTPRO_1:def_15; hence CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA by A3, A4, A13, Th58; ::_thesis: verum end; suppose m = LifeSpan ((p +* I),(Initialized s)) ; ::_thesis: CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA hence CurInstr ((p +* (loop I)),(Comput ((p +* (loop I)),(Initialized s),m))) <> halt SCM+FSA by A11; ::_thesis: verum end; end; end; theorem Th60: :: SCM_HALT:60 for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p proof let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p let p be Instruction-Sequence of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . (intloc 0) = 1 & s . a > 0 implies loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p ) set P = if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))); reconsider I1 = I ";" (SubFrom (a,(intloc 0))) as InitHalting Program of SCM+FSA ; set i = a =0_goto ((card I1) + 3); defpred S1[ Nat] means for s being State of SCM+FSA for p being Instruction-Sequence of SCM+FSA st s . (intloc 0) = 1 & s . a = $1 & s . a > 0 holds ( (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized s),((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1))) . a = (s . a) - 1 & (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized s),((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1))) . (intloc 0) = 1 & ex k being Element of NAT st ( IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized s),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized s),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ); assume A1: not I destroys a ; ::_thesis: ( not s . (intloc 0) = 1 or not s . a > 0 or loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p ) A2: for k being Element of NAT st S1[k] holds S1[k + 1] proof A3: now__::_thesis:_(_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))_._0_=_a_=0_goto_((card_I1)_+_3)_&_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))_._0_<>_halt_SCM+FSA_&_0_in_dom_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))_&_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))_._((card_I1)_+_3)_=_goto_(card_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))))_&_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))_._((card_I1)_+_3)_<>_halt_SCM+FSA_&_(card_I1)_+_3_in_dom_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))_) A4: ( 0 in dom (Macro (a =0_goto ((card I1) + 3))) & (Macro (a =0_goto ((card I1) + 3))) . 0 <> halt SCM+FSA ) by COMPOS_1:58, COMPOS_1:60; if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) = ((((a =0_goto ((card I1) + 3)) ";" I1) ";" (Goto ((card (Goto 2)) + 1))) ";" (Goto 2)) ";" (Stop SCM+FSA) by SCMFSA8B:def_1 .= (((a =0_goto ((card I1) + 3)) ";" (I1 ";" (Goto ((card (Goto 2)) + 1)))) ";" (Goto 2)) ";" (Stop SCM+FSA) by SCMFSA6A:29 .= ((a =0_goto ((card I1) + 3)) ";" ((I1 ";" (Goto ((card (Goto 2)) + 1))) ";" (Goto 2))) ";" (Stop SCM+FSA) by SCMFSA6A:29 .= (a =0_goto ((card I1) + 3)) ";" (((I1 ";" (Goto ((card (Goto 2)) + 1))) ";" (Goto 2)) ";" (Stop SCM+FSA)) by SCMFSA6A:29 .= (Macro (a =0_goto ((card I1) + 3))) ";" (((I1 ";" (Goto ((card (Goto 2)) + 1))) ";" (Goto 2)) ";" (Stop SCM+FSA)) ; hence (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . 0 = (Macro (a =0_goto ((card I1) + 3))) . 0 by A4, SCMFSA6A:15 .= a =0_goto ((card I1) + 3) by COMPOS_1:58 ; ::_thesis: ( (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . 0 <> halt SCM+FSA & 0 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) & (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) = goto (card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) & (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) <> halt SCM+FSA & (card I1) + 3 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) ) hence (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . 0 <> halt SCM+FSA ; ::_thesis: ( 0 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) & (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) = goto (card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) & (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) <> halt SCM+FSA & (card I1) + 3 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) ) A5: card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) = ((card (Goto 2)) + (card I1)) + 4 by SCMFSA8B:11 .= ((card I1) + 1) + 4 by SCMFSA8A:15 .= ((card I1) + 3) + 2 ; hence 0 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by AFINSQ_1:66; ::_thesis: ( (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) = goto (card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) & (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) <> halt SCM+FSA & (card I1) + 3 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) ) card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = card (dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by CARD_1:62 .= card (dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by FUNCT_4:99 .= card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by CARD_1:62 ; then card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = (card I1) + (3 + 2) by A5; hence (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) = goto (card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by SCMFSA8C:83; ::_thesis: ( (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) <> halt SCM+FSA & (card I1) + 3 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) ) hence (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card I1) + 3) <> halt SCM+FSA ; ::_thesis: (card I1) + 3 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) hereby ::_thesis: verum ((card I1) + 3) + 0 < card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by A5, XREAL_1:6; hence (card I1) + 3 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by AFINSQ_1:66; ::_thesis: verum end; end; let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A6: S1[k] ; ::_thesis: S1[k + 1] let ss be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA st ss . (intloc 0) = 1 & ss . a = k + 1 & ss . a > 0 holds ( (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 & ex k being Element of NAT st ( IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) let pp be Instruction-Sequence of SCM+FSA; ::_thesis: ( ss . (intloc 0) = 1 & ss . a = k + 1 & ss . a > 0 implies ( (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 & ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) ) assume ss . (intloc 0) = 1 ; ::_thesis: ( not ss . a = k + 1 or not ss . a > 0 or ( (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 & ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) ) set s2 = Initialized ss; set p2 = pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))); A7: loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) c= pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by FUNCT_4:25; set s1 = Initialized ss; set p1 = pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))); assume A8: ss . a = k + 1 ; ::_thesis: ( not ss . a > 0 or ( (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 & ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) ) A9: Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)) = Following ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)))))) by EXTPRO_1:3 .= Exec ((CurInstr ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)))))) ; set s3 = Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)); set p3 = pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))); assume A10: ss . a > 0 ; ::_thesis: ( (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 & ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) A11: ( I1 is_closed_onInit ss,pp & I1 is_halting_onInit ss,pp ) by Th25, Th26; then A12: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_onInit ss,pp by A10, Th35; if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit ss,pp by A10, A11, Th35; then A13: Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)) = Exec ((goto 0),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)))))) by A12, A9, Th59; A14: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit ss,pp by A10, A11, Th35; A15: card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) = ((card (Goto 2)) + (card I1)) + 4 by SCMFSA8B:11 .= ((card I1) + 1) + 4 by SCMFSA8A:15 .= ((card I1) + 3) + 2 ; A16: card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = card (dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by CARD_1:62 .= card (dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by FUNCT_4:99 .= card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by CARD_1:62 ; A17: now__::_thesis:_(_0_in_dom_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))_&_(card_I1)_+_3_in_dom_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))_&_Initialized_(Initialized_ss)_=_Initialized_ss_&_(Comput_((pp_+*_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))),(Initialized_ss),((LifeSpan_((pp_+*_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))),(Initialized_ss)))_+_1)))_._a_=_(ss_._a)_-_1_&_(Comput_((pp_+*_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))),(Initialized_ss),((LifeSpan_((pp_+*_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))),(Initialized_ss)))_+_1)))_._(intloc_0)_=_1_) A18: I1 is_halting_onInit ss,pp by Th26; then A19: I1 is_halting_on Initialized ss,pp by Th31; I1 is_closed_onInit ss,pp by Th25; then IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),pp,ss) = (IExec (I1,pp,ss)) +* (Start-At ((((card (Goto 2)) + (card I1)) + 3),SCM+FSA)) by A10, A18, Th36; then A20: (IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),pp,ss)) . a = (IExec (I1,pp,ss)) . a by SCMFSA_3:3; hereby ::_thesis: ( Initialized (Initialized ss) = Initialized ss & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 ) thus 0 in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A16, A15, AFINSQ_1:66; ::_thesis: (card I1) + 3 in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ((card I1) + 3) + (1 + 1) = (((card I1) + 3) + 1) + 1 ; then ((card I1) + 3) + 1 < card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by A15, NAT_1:13; then (card I1) + 3 < card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A16, NAT_1:13; hence (card I1) + 3 in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by AFINSQ_1:66; ::_thesis: verum end; consider Is being State of SCM+FSA such that A21: Is = Initialized (Initialized ss) ; A22: Is = (Initialized ss) +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by A21, FUNCT_4:93 .= ((Initialized ss) +* (Initialize ((intloc 0) .--> 1))) +* (Start-At (0,SCM+FSA)) by FUNCT_4:14 .= Initialize (Initialized ss) by FUNCT_4:93 ; I1 is_closed_onInit ss,pp by Th25; then A23: I1 is_closed_on Initialized ss,pp by Th30; I1 is_halting_onInit ss,pp by Th26; then A24: I1 is_halting_on Initialized ss,pp by Th31; A25: (Initialized ss) . a > 0 by A10, SCMFSA_M:37; then A26: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_on Initialized ss,pp by A23, A24, SCMFSA8B:15; thus Initialized (Initialized ss) = Initialized ss ; ::_thesis: ( (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 ) A27: now__::_thesis:_for_b_being_Int-Location_holds_(Comput_((pp_+*_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))),(Initialized_ss),((LifeSpan_((pp_+*_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))),(Initialized_ss)))_+_1)))_._b_=_(Comput_((pp_+*_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))),Is,(LifeSpan_((pp_+*_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0))))))),Is))))_._b let b be Int-Location; ::_thesis: (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . b = (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is,(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is)))) . b (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . b = (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))))) . b by A13, SCMFSA_2:69; hence (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . b = (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is,(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is)))) . b by A21, A12, A14, Th57; ::_thesis: verum end; then (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is,(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is)))) . a .= (IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),pp,ss)) . a by A26, A22, SCMFSA8C:58 ; hence (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (Comput ((pp +* I1),(Initialize (Initialized ss)),(LifeSpan ((pp +* I1),(Initialize (Initialized ss)))))) . a by A19, A20, SCMFSA8C:58 .= (ss . a) - 1 by A1, Th54 ; ::_thesis: (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 A28: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_on Initialized ss,pp by A25, A23, A24, SCMFSA8B:15; (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is,(LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),Is)))) . (intloc 0) by A27 .= 1 by A26, A28, A22, SCMFSA8C:67 ; hence (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 ; ::_thesis: verum end; hence ( (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . a = (ss . a) - 1 & (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) . (intloc 0) = 1 ) ; ::_thesis: ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) A29: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) = 0 by A13, SCMFSA_2:69; percases ( k = 0 or k > 0 ) ; supposeA30: k = 0 ; ::_thesis: ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) take m = (((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1) + 1; ::_thesis: ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),m)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < m holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) A31: CurInstr ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)))) = (pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) . 0 by A29, PBOOLE:143 .= (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) . 0 by A17, A7, GRFUNC_1:2 .= a =0_goto ((card I1) + 3) by A3, FUNCT_4:105 ; A32: Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1)) = Following ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)))) by EXTPRO_1:3 .= Exec ((a =0_goto ((card I1) + 3)),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)))) by A31 ; then IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1))) = (card I1) + 3 by A8, A17, A30, SCMFSA_2:70; then A33: CurInstr ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1)))) = (pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) . ((card I1) + 3) by PBOOLE:143 .= (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) . ((card I1) + 3) by A17, A7, GRFUNC_1:2 .= goto (card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by A3, FUNCT_4:105 ; Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),m) = Following ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1)))) by EXTPRO_1:3 .= Exec ((goto (card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),(((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1)))) by A33 ; hence IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),m)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by SCMFSA_2:69; ::_thesis: for n being Element of NAT st n < m holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) hereby ::_thesis: verum let n be Element of NAT ; ::_thesis: ( n < m implies IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) assume n < m ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) then n <= ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1 by NAT_1:13; then A34: ( n <= (LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1 or n = ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1 ) by NAT_1:8; percases ( n <= LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)) or n = (LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1 or n = ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1 ) by A34, NAT_1:8; supposeA35: n <= LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)) ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) A36: ( I1 is_closed_onInit ss,pp & I1 is_halting_onInit ss,pp ) by Th25, Th26; then A37: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit ss,pp by A10, Th35; if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_onInit ss,pp by A10, A36, Th35; then A38: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) = IC (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss),n)) by A35, A37, Th57; IC (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss),n)) in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by A37, Def4; hence IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A38, FUNCT_4:99; ::_thesis: verum end; suppose n = (LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1 ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) hence IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A13, A17, SCMFSA_2:69; ::_thesis: verum end; suppose n = ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + 1 ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) hence IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A8, A17, A30, A32, SCMFSA_2:70; ::_thesis: verum end; end; end; end; supposeA39: k > 0 ; ::_thesis: ex k being Element of NAT st ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) consider Is3 being State of SCM+FSA such that A40: Is3 = Initialized (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))) ; consider m0 being Element of NAT such that A41: IC (Comput (((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Is3 +* (Initialize ((intloc 0) .--> 1))),m0)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) and A42: for n being Element of NAT st n < m0 holds IC (Comput (((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized Is3),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A6, A39, A8, A17, A40; take m = ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) + m0; ::_thesis: ( IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),m)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < m holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) A43: Initialized (Initialized (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)))) = Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1)) by A29, A17, SCMFSA_M:8; thus IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),m)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A40, A41, A43, EXTPRO_1:4; ::_thesis: for n being Element of NAT st n < m holds IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) hereby ::_thesis: verum let n be Element of NAT ; ::_thesis: ( n < m implies IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) assume A44: n < m ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) A45: ( I1 is_closed_onInit ss,pp & I1 is_halting_onInit ss,pp ) by Th25, Th26; then A46: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit ss,pp by A10, Th35; A47: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_onInit ss,pp by A10, A45, Th35; percases ( n <= LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)) or (LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1 <= n ) by NAT_1:13; suppose n <= LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss)) ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) then A48: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) = IC (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss),n)) by A46, A47, Th57; IC (Comput ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss),n)) in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by A46, Def4; hence IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A48, FUNCT_4:99; ::_thesis: verum end; supposeA49: (LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1 <= n ; ::_thesis: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) consider mm being Element of NAT such that A50: mm = n -' ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) ; n - ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) >= 0 by A49, XREAL_1:48; then A51: mm = n - ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) by A50, XREAL_0:def_2; mm + ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) = n by A49, A50, XREAL_1:235; then A52: IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) = IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1))),mm)) by EXTPRO_1:4; m0 = m - ((LifeSpan ((pp +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized ss))) + 1) ; then mm < m0 by A44, A51, XREAL_1:9; hence IC (Comput ((pp +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized ss),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A40, A42, A43, A52; ::_thesis: verum end; end; end; end; end; end; assume A53: s . (intloc 0) = 1 ; ::_thesis: ( not s . a > 0 or loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p ) assume A54: s . a > 0 ; ::_thesis: loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p then reconsider sa = s . a as Element of NAT by INT_1:3; A55: S1[ 0 ] ; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A55, A2); then A56: S1[sa] ; A57: dom (Start-At (0,SCM+FSA)) = {(IC )} by FUNCOP_1:13; IC <> intloc 0 by SCMFSA_2:56; then not intloc 0 in dom (Start-At (0,SCM+FSA)) by A57, TARSKI:def_1; then A58: (Initialize s) . (intloc 0) = 1 by A53, FUNCT_4:11; IC in dom (Start-At (0,SCM+FSA)) by A57, TARSKI:def_1; then A59: IC (Initialize s) = IC (Start-At (0,SCM+FSA)) by FUNCT_4:13 .= 0 by FUNCOP_1:72 ; dom ((intloc 0) .--> 1) = {(intloc 0)} by FUNCOP_1:13; then A60: dom (Start-At (0,SCM+FSA)) misses dom ((intloc 0) .--> 1) by A57, SCMFSA_2:56, ZFMISC_1:11; Initialized s = s +* ((Start-At (0,SCM+FSA)) +* ((intloc 0) .--> 1)) by A60, FUNCT_4:35 .= (Initialize s) +* ((intloc 0) .--> 1) by FUNCT_4:14 .= ((Initialize s) +* ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA)) by A60, FUNCT_4:115 .= Initialized (Initialize s) by FUNCT_4:14 .= Initialize s by A58, A59, SCMFSA_M:8 ; then ex k being Element of NAT st ( IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialize s),k)) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & ( for n being Element of NAT st n < k holds IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialize s),n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) by A56, A53, A54; hence loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on s,p by SCMFSA8A:def_2; ::_thesis: verum end; theorem :: SCM_HALT:61 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a & s . a > 0 holds loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . a > 0 implies loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p ) assume A1: not I destroys a ; ::_thesis: ( not s . a > 0 or loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p ) A2: ( (Initialized s) . a = s . a & (Initialized s) . (intloc 0) = 1 ) by SCMFSA_M:9, SCMFSA_M:37; assume s . a > 0 ; ::_thesis: loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p hence loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p by A1, A2, Th60; ::_thesis: verum end; theorem :: SCM_HALT:62 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 holds ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 holds ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 holds ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a & s . (intloc 0) = 1 holds ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . (intloc 0) = 1 implies ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) ) assume A1: not I destroys a ; ::_thesis: ( not s . (intloc 0) = 1 or ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) ) assume A2: s . (intloc 0) = 1 ; ::_thesis: ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) percases ( s . a > 0 or s . a <= 0 ) ; supposeA3: s . a > 0 ; ::_thesis: ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by SCMFSA6A:22; then Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) is_pseudo-closed_on s,p by A1, A2, A3, Th60; hence ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) by A3, SCMFSA8C:39; ::_thesis: verum end; supposeA4: s . a <= 0 ; ::_thesis: ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) ( Stop SCM+FSA is_closed_on s,p & Stop SCM+FSA is_halting_on s,p ) by SCMFSA7B:18, SCMFSA7B:19; hence ( Times (a,I) is_closed_on s,p & Times (a,I) is_halting_on s,p ) by A4, SCMFSA8B:21; ::_thesis: verum end; end; end; theorem :: SCM_HALT:63 for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a holds Initialize ((intloc 0) .--> 1) is Times (a,I) -halted proof let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a holds Initialize ((intloc 0) .--> 1) is Times (a,I) -halted let a be read-write Int-Location; ::_thesis: ( not I destroys a implies Initialize ((intloc 0) .--> 1) is Times (a,I) -halted ) assume A1: not I destroys a ; ::_thesis: Initialize ((intloc 0) .--> 1) is Times (a,I) -halted now__::_thesis:_for_s_being_State_of_SCM+FSA for_p_being_Instruction-Sequence_of_SCM+FSA_holds_Times_(a,I)_is_halting_on_Initialized_s,p let s be State of SCM+FSA; ::_thesis: for p being Instruction-Sequence of SCM+FSA holds Times (a,I) is_halting_on Initialized b2,b3 let p be Instruction-Sequence of SCM+FSA; ::_thesis: Times (a,I) is_halting_on Initialized b1,b2 percases ( s . a > 0 or s . a <= 0 ) ; suppose s . a > 0 ; ::_thesis: Times (a,I) is_halting_on Initialized b1,b2 then A2: (Initialized s) . a > 0 by SCMFSA_M:37; ( (Initialized s) . (intloc 0) = 1 & Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) ) by SCMFSA6A:22, SCMFSA_M:9; then Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) is_pseudo-closed_on Initialized s,p by A1, A2, Th60; hence Times (a,I) is_halting_on Initialized s,p by A2, SCMFSA8C:39; ::_thesis: verum end; supposeA3: s . a <= 0 ; ::_thesis: Times (a,I) is_halting_on Initialized b1,b2 A4: ( Stop SCM+FSA is_closed_on Initialized s,p & Stop SCM+FSA is_halting_on Initialized s,p ) by SCMFSA7B:18, SCMFSA7B:19; (Initialized s) . a <= 0 by A3, SCMFSA_M:37; hence Times (a,I) is_halting_on Initialized s,p by A4, SCMFSA8B:21; ::_thesis: verum end; end; end; hence Initialize ((intloc 0) .--> 1) is Times (a,I) -halted by SCMFSA8C:6; ::_thesis: verum end; registration let a be read-write Int-Location; let I be good Program of SCM+FSA; cluster Times (a,I) -> good ; coherence Times (a,I) is good ; end; theorem Th64: :: SCM_HALT:64 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a & s . a > 0 holds ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . a > 0 implies ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) assume A1: not I destroys a ; ::_thesis: ( not s . a > 0 or ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) ) reconsider I1 = I ";" (SubFrom (a,(intloc 0))) as InitHalting Program of SCM+FSA ; set P = if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))); assume A2: s . a > 0 ; ::_thesis: ex s2 being State of SCM+FSA ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) set Is = Initialized (Initialized s); take s2 = Initialized s; ::_thesis: ex p2 being Instruction-Sequence of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) take p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))); ::_thesis: ex k being Element of NAT st ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) set s1 = Initialized s; set p1 = p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))); take k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1; ::_thesis: ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 & (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) thus ( s2 = Initialized s & p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) & k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 ) ; ::_thesis: ( (Comput (p2,s2,k)) . a = (s . a) - 1 & (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) A3: Initialized (Initialized s) = s +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by FUNCT_4:93 .= Initialize (Initialized s) by FUNCT_4:14 ; A4: I1 is_halting_onInit s,p by Th26; then A5: I1 is_halting_on Initialized s,p by Th31; I1 is_closed_onInit s,p by Th25; then A6: IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),p,s) = (IExec (I1,p,s)) +* (Start-At ((((card (Goto 2)) + (card I1)) + 3),SCM+FSA)) by A2, A4, Th36; then A7: (IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),p,s)) . a = (IExec (I1,p,s)) . a by SCMFSA_3:3; ( I1 is_closed_onInit s,p & I1 is_halting_onInit s,p ) by Th25, Th26; then A8: ( if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit s,p & if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_onInit s,p ) by A2, Th35; Comput (p2,s2,((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1)) = Following (p2,(Comput (p2,s2,(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s)))))) by EXTPRO_1:3 .= Exec ((CurInstr (p2,(Comput (p2,s2,(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))))))),(Comput (p2,s2,(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s)))))) ; then A9: Comput (p2,s2,((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1)) = Exec ((goto 0),(Comput (p2,s2,(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s)))))) by A8, Th59; A10: ( I1 is_closed_onInit s,p & I1 is_halting_onInit s,p ) by Th25, Th26; then if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit s,p by A2, Th35; then A11: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_on Initialized s,p by Th30; if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_onInit s,p by A2, A10, Th35; then A12: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_on Initialized s,p by Th31; A13: Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)),(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s))))) = Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialized (Initialized s)),(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s))))) by A8, Th57; (Comput (p2,s2,((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1))) . a = (Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)),(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)))))) . a by A13, A9, SCMFSA_2:69 .= (IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),p,s)) . a by A3, A12, SCMFSA8C:58 ; hence (Comput (p2,s2,k)) . a = (Comput ((p +* I1),(Initialize (Initialized s)),(LifeSpan ((p +* I1),(Initialize (Initialized s)))))) . a by A5, A7, SCMFSA8C:58 .= (s . a) - 1 by A1, Th54 ; ::_thesis: ( (Comput (p2,s2,k)) . (intloc 0) = 1 & ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) (Comput (p2,s2,((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1))) . (intloc 0) = (Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)),(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)))))) . (intloc 0) by A13, A9, SCMFSA_2:69 .= 1 by A12, A11, A3, SCMFSA8C:67 ; hence (Comput (p2,s2,k)) . (intloc 0) = 1 ; ::_thesis: ( ( for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) & ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) hereby ::_thesis: ( ( for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f ) & IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) let b be read-write Int-Location; ::_thesis: ( b <> a implies (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b ) assume A14: b <> a ; ::_thesis: (Comput (p2,s2,k)) . b = (IExec (I,p,s)) . b thus (Comput (p2,s2,k)) . b = (Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)),(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)))))) . b by A13, A9, SCMFSA_2:69 .= (IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),p,s)) . b by A3, A12, SCMFSA8C:58 .= (IExec (I1,p,s)) . b by A6, SCMFSA_3:3 .= (Exec ((SubFrom (a,(intloc 0))),(IExec (I,p,s)))) . b by Th23 .= (IExec (I,p,s)) . b by A14, SCMFSA_2:65 ; ::_thesis: verum end; hereby ::_thesis: ( IC (Comput (p2,s2,k)) = 0 & ( for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) ) let f be FinSeq-Location ; ::_thesis: (Comput (p2,s2,k)) . f = (IExec (I,p,s)) . f thus (Comput (p2,s2,k)) . f = (Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)),(LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized (Initialized s)))))) . f by A13, A9, SCMFSA_2:69 .= (IExec ((if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))),p,s)) . f by A3, A12, SCMFSA8C:58 .= (IExec (I1,p,s)) . f by A6, SCMFSA_3:4 .= (Exec ((SubFrom (a,(intloc 0))),(IExec (I,p,s)))) . f by Th24 .= (IExec (I,p,s)) . f by SCMFSA_2:65 ; ::_thesis: verum end; thus IC (Comput (p2,s2,k)) = 0 by A9, SCMFSA_2:69; ::_thesis: for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) A15: IC (Comput (p2,s2,((LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1))) = 0 by A9, SCMFSA_2:69; hereby ::_thesis: verum let n be Element of NAT ; ::_thesis: ( n <= k implies IC (Comput (p2,s2,b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ) assume A16: n <= k ; ::_thesis: IC (Comput (p2,s2,b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) percases ( n <= LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s)) or n = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 ) by A16, NAT_1:8; supposeA17: n <= LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s)) ; ::_thesis: IC (Comput (p2,s2,b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) A18: ( I1 is_closed_onInit s,p & I1 is_halting_onInit s,p ) by Th25, Th26; then A19: if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_closed_onInit s,p by A2, Th35; if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))) is_halting_onInit s,p by A2, A18, Th35; then A20: IC (Comput (p2,s2,n)) = IC (Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s),n)) by A17, A19, Th57; IC (Comput ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s),n)) in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by A19, Def4; hence IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A20, FUNCT_4:99; ::_thesis: verum end; supposeA21: n = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),(Initialized s))) + 1 ; ::_thesis: IC (Comput (p2,s2,b1)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) A22: card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) = ((card (Goto 2)) + (card I1)) + 4 by SCMFSA8B:11 .= ((card I1) + 1) + 4 by SCMFSA8A:15 .= ((card I1) + 3) + 2 ; card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = card (dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by CARD_1:62 .= card (dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by FUNCT_4:99 .= card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by CARD_1:62 ; hence IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A15, A21, A22, AFINSQ_1:66; ::_thesis: verum end; end; end; end; theorem Th65: :: SCM_HALT:65 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st s . (intloc 0) = 1 & s . a <= 0 holds DataPart (IExec ((Times (a,I)),p,s)) = DataPart s proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st s . (intloc 0) = 1 & s . a <= 0 holds DataPart (IExec ((Times (a,I)),p,s)) = DataPart s let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st s . (intloc 0) = 1 & s . a <= 0 holds DataPart (IExec ((Times (a,I)),p,s)) = DataPart s let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . (intloc 0) = 1 & s . a <= 0 holds DataPart (IExec ((Times (a,I)),p,s)) = DataPart s let a be read-write Int-Location; ::_thesis: ( s . (intloc 0) = 1 & s . a <= 0 implies DataPart (IExec ((Times (a,I)),p,s)) = DataPart s ) assume A1: s . (intloc 0) = 1 ; ::_thesis: ( not s . a <= 0 or DataPart (IExec ((Times (a,I)),p,s)) = DataPart s ) set s0 = Initialized s; set p0 = p; A2: ( Stop SCM+FSA is_closed_on Initialized s,p & Stop SCM+FSA is_halting_on Initialized s,p ) by SCMFSA7B:18, SCMFSA7B:19; A3: ( ( for a being read-write Int-Location holds (Initialized s) . a = s . a ) & ( for f being FinSeq-Location holds (Initialized s) . f = s . f ) ) by SCMFSA_M:37; A4: (Initialized s) . (intloc 0) = 1 by SCMFSA_M:9; assume s . a <= 0 ; ::_thesis: DataPart (IExec ((Times (a,I)),p,s)) = DataPart s then A5: (Initialized s) . a <= 0 by SCMFSA_M:37; A6: IExec (((Stop SCM+FSA) ";" (Stop SCM+FSA)),p,(Initialized s)) = IncIC ((IExec ((Stop SCM+FSA),p,(IExec ((Stop SCM+FSA),p,(Initialized s))))),(card (Stop SCM+FSA))) by SCMFSA6B:20; A7: DataPart (IExec ((Stop SCM+FSA),p,(Initialized s))) = DataPart (Initialized (Initialized s)) by SCMFSA8C:14 .= DataPart (Initialized s) ; A8: ( Stop SCM+FSA is_closed_on Initialized s,p & Stop SCM+FSA is_halting_on Initialized s,p ) by SCMFSA7B:18, SCMFSA7B:19; then ( Times (a,I) is_closed_on Initialized s,p & Times (a,I) is_halting_on Initialized s,p ) by A5, SCMFSA8B:21; then DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(Initialized s))) by A4, A3, SCMFSA8C:19 .= DataPart (IExec (((Stop SCM+FSA) ";" (Stop SCM+FSA)),p,(Initialized s))) by A5, A2, A4, SCMFSA8A:23, SCMFSA8C:44 ; hence DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Stop SCM+FSA),p,(IExec ((Stop SCM+FSA),p,(Initialized s))))) by A6, MEMSTR_0:79 .= DataPart (IExec ((Stop SCM+FSA),p,(Initialized s))) by A8, A4, A7, SCMFSA8C:20 .= DataPart s by A1, A7, SCMFSA_M:19 ; ::_thesis: verum end; theorem Th66: :: SCM_HALT:66 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for a being read-write Int-Location st not I destroys a & s . a > 0 holds ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) let I be good InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st not I destroys a & s . a > 0 holds ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . a > 0 implies ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) ) assume A1: not I destroys a ; ::_thesis: ( not s . a > 0 or ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) ) reconsider J3 = Macro (SubFrom (a,(intloc 0))) as good Program of SCM+FSA ; set I1 = I ";" (SubFrom (a,(intloc 0))); set ss = IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s); set pp = p; I ";" (SubFrom (a,(intloc 0))) is_closed_onInit s,p by Th25; then A2: I ";" (SubFrom (a,(intloc 0))) is_closed_on Initialized s,p by Th30; I ";" (SubFrom (a,(intloc 0))) is_halting_onInit s,p by Th26; then A3: ( I ";" (SubFrom (a,(intloc 0))) = I ";" J3 & I ";" (SubFrom (a,(intloc 0))) is_halting_on Initialized s,p ) by Th31; then A4: (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . (intloc 0) = 1 by A2, SCMFSA8C:67; set P = if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))); set s0 = Initialized s; set p0 = p; assume A5: s . a > 0 ; ::_thesis: ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (s . a) - 1 & DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) ) then A6: (Initialized s) . a > 0 by SCMFSA_M:37; then consider s2 being State of SCM+FSA, p2 being Instruction-Sequence of SCM+FSA, k being Element of NAT such that A7: s2 = Initialized (Initialized s) and A8: p2 = p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) and k = (LifeSpan ((p +* (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))),((Initialized s) +* (Initialize ((intloc 0) .--> 1))))) + 1 and A9: (Comput (p2,s2,k)) . a = ((Initialized s) . a) - 1 and A10: (Comput (p2,s2,k)) . (intloc 0) = 1 and A11: for b being read-write Int-Location st b <> a holds (Comput (p2,s2,k)) . b = (IExec (I,p,(Initialized s))) . b and A12: for f being FinSeq-Location holds (Comput (p2,s2,k)) . f = (IExec (I,p,(Initialized s))) . f and A13: IC (Comput (p2,s2,k)) = 0 and A14: for n being Element of NAT st n <= k holds IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A1, Th64; A15: loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) c= p2 by A8, FUNCT_4:25; A16: now__::_thesis:_for_f_being_FinSeq-Location_holds_(Comput_(p2,s2,k))_._f_=_(IExec_((I_";"_(SubFrom_(a,(intloc_0)))),p,s))_._f let f be FinSeq-Location ; ::_thesis: (Comput (p2,s2,k)) . f = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . f thus (Comput (p2,s2,k)) . f = (IExec (I,p,(Initialized s))) . f by A12 .= (Exec ((SubFrom (a,(intloc 0))),(IExec (I,p,(Initialized s))))) . f by SCMFSA_2:65 .= (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . f by Th24 .= (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . f by SCMFSA8C:3 ; ::_thesis: verum end; A17: Initialize (Initialized s) = ((Initialized s) +* (Initialize ((intloc 0) .--> 1))) +* (Start-At (0,SCM+FSA)) by FUNCT_4:93 .= (Initialized s) +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by FUNCT_4:14 .= s2 by A7, FUNCT_4:93 ; thus A18: (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = (Exec ((SubFrom (a,(intloc 0))),(IExec (I,p,s)))) . a by Th23 .= ((IExec (I,p,s)) . a) - ((IExec (I,p,s)) . (intloc 0)) by SCMFSA_2:65 .= ((IExec (I,p,s)) . a) - 1 by Th9 .= ((Initialized s) . a) - 1 by A1, Th53 .= (s . a) - 1 by SCMFSA_M:37 ; ::_thesis: DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) now__::_thesis:_for_b_being_Int-Location_holds_(Comput_(p2,s2,k))_._b_=_(IExec_((I_";"_(SubFrom_(a,(intloc_0)))),p,s))_._b let b be Int-Location; ::_thesis: (Comput (p2,s2,k)) . b1 = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b1 percases ( b = intloc 0 or b = a or ( b <> a & b <> intloc 0 ) ) ; suppose b = intloc 0 ; ::_thesis: (Comput (p2,s2,k)) . b1 = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b1 hence (Comput (p2,s2,k)) . b = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b by A10, A3, A2, SCMFSA8C:67; ::_thesis: verum end; suppose b = a ; ::_thesis: (Comput (p2,s2,k)) . b1 = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b1 hence (Comput (p2,s2,k)) . b = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b by A9, A18, SCMFSA_M:37; ::_thesis: verum end; supposeA19: ( b <> a & b <> intloc 0 ) ; ::_thesis: (Comput (p2,s2,k)) . b1 = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b1 then reconsider bb = b as read-write Int-Location by SCMFSA_M:def_2; thus (Comput (p2,s2,k)) . b = (IExec (I,p,(Initialized s))) . bb by A11, A19 .= (Exec ((SubFrom (a,(intloc 0))),(IExec (I,p,(Initialized s))))) . b by A19, SCMFSA_2:65 .= (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,(Initialized s))) . b by Th23 .= (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . b by SCMFSA8C:3 ; ::_thesis: verum end; end; end; then A20: DataPart (Comput (p2,s2,k)) = DataPart (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) by A16, SCMFSA_M:2; set s21 = Initialize (Initialized s); set p21 = p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)); set ss0 = Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)); set s31 = Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))); set p31 = p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)); 0 in dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by SCMFSA8C:25; then A21: 0 in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by FUNCT_4:99; A22: (Initialized s) . (intloc 0) = 1 by SCMFSA_M:9; then A23: loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) is_pseudo-closed_on Initialized s,p by A1, A6, Th60; A24: Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by SCMFSA6A:22; then A25: Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) is_pseudo-closed_on Initialized s,p by A1, A22, A6, Th60; A26: DataPart (IExec ((Times (a,I)),p,(Initialized s))) = DataPart (IExec (((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)),p,(Initialized s))) by A1, A22, A6, A24, Th60, SCMFSA8C:40; percases ( (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = 0 or (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a <> 0 ) ; supposeA27: (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a = 0 ; ::_thesis: DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) A28: (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) = goto ((card (I ";" (SubFrom (a,(intloc 0))))) + 5) by SCMFSA8C:36; A29: (card (I ";" (SubFrom (a,(intloc 0))))) + (3 + 2) = ((card (I ";" (SubFrom (a,(intloc 0))))) + 1) + 4 .= ((card (Goto 2)) + (card (I ";" (SubFrom (a,(intloc 0)))))) + 4 by SCMFSA8A:15 .= card (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by SCMFSA8B:11 .= card (dom (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by CARD_1:62 .= card (dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by FUNCT_4:99 .= card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by CARD_1:62 ; then ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) + 0 < card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by XREAL_1:6; then A30: (card (I ";" (SubFrom (a,(intloc 0))))) + 3 in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by AFINSQ_1:66; p2 . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) = (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) by A30, A15, GRFUNC_1:2; then A31: p2 . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) = goto ((card (I ";" (SubFrom (a,(intloc 0))))) + 5) by A28, FUNCT_4:105; A32: p2 . 0 = (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) . 0 by A21, A15, GRFUNC_1:2; A33: Comput (p2,s2,(k + 1)) = Following (p2,(Comput (p2,s2,k))) by EXTPRO_1:3 .= Exec ((p2 . 0),(Comput (p2,s2,k))) by A13, PBOOLE:143 ; A34: (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) . 0 = a =0_goto ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) by SCMFSA8C:26; A35: p2 . 0 = a =0_goto ((card (I ";" (SubFrom (a,(intloc 0))))) + 3) by A32, A34, FUNCT_4:105; then InsCode (p2 . 0) = 7 by SCMFSA_2:24; then InsCode (p2 . 0) in {0,6,7,8} by ENUMSET1:def_2; then A36: DataPart (Comput (p2,s2,k)) = DataPart (Comput (p2,s2,(k + 1))) by A33, SCMFSA8C:12; A37: (Comput (p2,s2,k)) . a = 0 by A9, A18, A27, SCMFSA_M:37; then A38: IC (Comput (p2,s2,(k + 1))) = (card (I ";" (SubFrom (a,(intloc 0))))) + 3 by A33, A35, SCMFSA_2:70; A39: now__::_thesis:_for_n_being_Element_of_NAT_st_not_IC_(Comput_(p2,s2,n))_in_dom_(loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))_holds_ k_+_(1_+_1)_<=_n let n be Element of NAT ; ::_thesis: ( not IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) implies k + (1 + 1) <= n ) assume A40: not IC (Comput (p2,s2,n)) in dom (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ; ::_thesis: k + (1 + 1) <= n then k < n by A14; then k + 1 <= n by INT_1:7; then k + 1 < n by A38, A30, A40, XXREAL_0:1; then (k + 1) + 1 <= n by INT_1:7; hence k + (1 + 1) <= n ; ::_thesis: verum end; A41: p2 /. (IC (Comput (p2,s2,(k + 1)))) = p2 . (IC (Comput (p2,s2,(k + 1)))) by PBOOLE:143; A42: Comput (p2,s2,(k + (1 + 1))) = Comput (p2,s2,((k + 1) + 1)) .= Following (p2,(Comput (p2,s2,(k + 1)))) by EXTPRO_1:3 .= Exec ((p2 . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3)),(Comput (p2,s2,(k + 1)))) by A37, A33, A35, A41, SCMFSA_2:70 ; then A43: IC (Comput ((p +* (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))),(Initialize (Initialized s)),(k + 2))) = card (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) by A8, A17, A29, A31, SCMFSA_2:69; A44: k + 2 = pseudo-LifeSpan ((Initialized s),p,(loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by A43, A8, A17, A23, A39, SCMFSA8A:def_4; InsCode (p2 . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3)) = 6 by A31, SCMFSA_2:23; then InsCode (p2 . ((card (I ";" (SubFrom (a,(intloc 0))))) + 3)) in {0,6,7,8} by ENUMSET1:def_2; then A45: DataPart (Comput (p2,s2,k)) = DataPart (Comput (p2,s2,(k + 2))) by A36, A42, SCMFSA8C:12; A46: Initialize (Initialized s) = s +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by FUNCT_4:14 .= Initialized s by FUNCT_4:93 ; A47: s2 = (Initialized s) +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by A7, FUNCT_4:93 .= ((Initialized s) +* (Initialize ((intloc 0) .--> 1))) +* (Start-At (0,SCM+FSA)) by FUNCT_4:14 .= (Initialized s) +* (Start-At (0,SCM+FSA)) by FUNCT_4:93 ; thus DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(Initialized s))) by SCMFSA8C:3 .= DataPart (IExec (((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)),p,s)) by A26, SCMFSA8C:3 .= DataPart (Result ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)))) by A46, SCMFSA6B:def_1 .= DataPart (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) by A20, A45, A47, A24, A1, A22, A6, Th60, A8, A44, SCMFSA8C:30 .= DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) by A4, A27, Th65 ; ::_thesis: verum end; supposeA48: (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a <> 0 ; ::_thesis: DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) s . a >= 0 + 1 by A5, INT_1:7; then A49: (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a > 0 by A18, A48, XREAL_1:19; A50: k < pseudo-LifeSpan ((Initialized s),p,(loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))))) by A14, A8, A22, A17, A1, A6, Th60, SCMFSA8C:1; then A51: DataPart (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) = DataPart (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) by A24, A25, A20, A17, A8, SCMFSA8C:29; A52: now__::_thesis:_(_(_for_a_being_Int-Location_holds_(Comput_((p_+*_((loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))_";"_(Stop_SCM+FSA))),(Initialize_(Initialized_s)),k))_._a_=_(Initialize_(Initialized_(IExec_((I_";"_(SubFrom_(a,(intloc_0)))),p,s))))_._a_)_&_(_for_f_being_FinSeq-Location_holds_(Comput_((p_+*_((loop_(if=0_(a,(Goto_2),(I_";"_(SubFrom_(a,(intloc_0)))))))_";"_(Stop_SCM+FSA))),(Initialize_(Initialized_s)),k))_._f_=_(Initialize_(Initialized_(IExec_((I_";"_(SubFrom_(a,(intloc_0)))),p,s))))_._f_)_) A53: DataPart (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))) = (DataPart (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) +* {} .= (DataPart (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) +* (DataPart (Start-At (0,SCM+FSA))) by MEMSTR_0:20 .= DataPart (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) by FUNCT_4:71 ; hereby ::_thesis: for f being FinSeq-Location holds (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . f = (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f let a be Int-Location; ::_thesis: (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . b1 = (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b1 percases ( a = intloc 0 or a <> intloc 0 ) ; supposeA54: a = intloc 0 ; ::_thesis: (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . b1 = (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b1 thus (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . a = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a by A51, SCMFSA_M:2 .= 1 by A54, Th9 .= (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))) . a by A54, SCMFSA_M:9 .= (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . a by A53, SCMFSA_M:2 ; ::_thesis: verum end; suppose a <> intloc 0 ; ::_thesis: (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . b1 = (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b1 then A55: a is read-write Int-Location by SCMFSA_M:def_2; thus (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . a = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . a by A51, SCMFSA_M:2 .= (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))) . a by A55, SCMFSA_M:37 .= (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . a by A53, SCMFSA_M:2 ; ::_thesis: verum end; end; end; let f be FinSeq-Location ; ::_thesis: (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . f = (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f thus (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) . f = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . f by A51, SCMFSA_M:2 .= (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))) . f by SCMFSA_M:37 .= (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f by A53, SCMFSA_M:2 ; ::_thesis: verum end; A56: IC (Comput ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)),k)) = IC (Comput (p2,s2,k)) by A24, A25, A50, A8, A17, SCMFSA8C:29 .= IC (Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) by A13, FUNCT_4:113 ; A57: (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) . (intloc 0) = 1 by A3, A2, SCMFSA8C:67; A58: DataPart (Initialized s) = (DataPart (Initialized s)) +* {} .= (DataPart (Initialized s)) +* (DataPart (Start-At (0,SCM+FSA))) by MEMSTR_0:20 .= DataPart (Initialize (Initialized s)) by FUNCT_4:71 ; Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) = loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0)))))) by SCMFSA6A:22; then Directed (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) is_pseudo-closed_on Initialize (Initialized s),p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)) by A1, A22, A6, Th60, A58, SCMFSA8C:23; then A59: ( (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA) is_closed_on Initialize (Initialized s),p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)) & (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA) is_halting_on Initialize (Initialized s),p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)) ) by SCMFSA8C:29; A60: Initialize (Initialized s) = s +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by FUNCT_4:14 .= Initialized s by FUNCT_4:93 ; A61: Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))) = (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) +* ((Initialize ((intloc 0) .--> 1)) +* (Start-At (0,SCM+FSA))) by FUNCT_4:14 .= Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)) by FUNCT_4:93 ; A62: ( (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA) c= p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)) & (loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA) c= p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)) ) by FUNCT_4:25; A63: Result ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s))) = Result ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))))) by A59, A56, A62, A52, SCMFSA8C:73, SCMFSA_2:61; DataPart (IExec (((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)),p,(Initialized s))) = DataPart (IExec (((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)),p,s)) by SCMFSA8C:3 .= DataPart (Result ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized s)))) by A60, SCMFSA6B:def_1 .= DataPart (Result ((p +* ((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA))),(Initialize (Initialized (IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))))) by A63 .= DataPart (IExec (((loop (if=0 (a,(Goto 2),(I ";" (SubFrom (a,(intloc 0))))))) ";" (Stop SCM+FSA)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) by A61, SCMFSA6B:def_1 .= DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) by A1, A24, A57, A49, Th60, SCMFSA8C:40 ; hence DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) by A26, SCMFSA8C:3; ::_thesis: verum end; end; end; theorem :: SCM_HALT:67 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . f = s . f proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . f = s . f set D = Data-Locations ; let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . f = s . f let I be good InitHalting Program of SCM+FSA; ::_thesis: for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . f = s . f let f be FinSeq-Location ; ::_thesis: for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . f = s . f let a be read-write Int-Location; ::_thesis: ( s . a <= 0 implies (IExec ((Times (a,I)),p,s)) . f = s . f ) assume A1: s . a <= 0 ; ::_thesis: (IExec ((Times (a,I)),p,s)) . f = s . f set s0 = Initialized s; set p0 = p; A2: ( (Initialized s) . a = s . a & (Initialized s) . (intloc 0) = 1 ) by SCMFSA_M:9, SCMFSA_M:37; f in FinSeq-Locations by SCMFSA_2:def_5; then A3: f in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(Initialized s))) by SCMFSA8C:3 .= DataPart (Initialized s) by A1, A2, Th65 ; hence (IExec ((Times (a,I)),p,s)) . f = (DataPart (Initialized s)) . f by A3, FUNCT_1:49 .= (Initialized s) . f by A3, FUNCT_1:49 .= s . f by SCMFSA_M:37 ; ::_thesis: verum end; theorem :: SCM_HALT:68 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b set D = Data-Locations ; let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b let I be good InitHalting Program of SCM+FSA; ::_thesis: for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b let b be Int-Location; ::_thesis: for a being read-write Int-Location st s . a <= 0 holds (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b let a be read-write Int-Location; ::_thesis: ( s . a <= 0 implies (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b ) assume A1: s . a <= 0 ; ::_thesis: (IExec ((Times (a,I)),p,s)) . b = (Initialized s) . b set s0 = Initialized s; set p0 = p; A2: ( (Initialized s) . a = s . a & (Initialized s) . (intloc 0) = 1 ) by SCMFSA_M:9, SCMFSA_M:37; b in Int-Locations by AMI_2:def_16; then A3: b in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; DataPart (IExec ((Times (a,I)),p,s)) = DataPart (IExec ((Times (a,I)),p,(Initialized s))) by SCMFSA8C:3 .= DataPart (Initialized s) by A1, A2, Th65 ; hence (IExec ((Times (a,I)),p,s)) . b = (DataPart (Initialized s)) . b by A3, FUNCT_1:49 .= (Initialized s) . b by A3, FUNCT_1:49 ; ::_thesis: verum end; theorem :: SCM_HALT:69 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f set D = Data-Locations ; let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f let I be good InitHalting Program of SCM+FSA; ::_thesis: for f being FinSeq-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f let f be FinSeq-Location ; ::_thesis: for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . a > 0 implies (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f ) assume A1: ( not I destroys a & s . a > 0 ) ; ::_thesis: (IExec ((Times (a,I)),p,s)) . f = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f set IT = IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))); f in FinSeq-Locations by SCMFSA_2:def_5; then A2: f in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; hence (IExec ((Times (a,I)),p,s)) . f = (DataPart (IExec ((Times (a,I)),p,s))) . f by FUNCT_1:49 .= (DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))))) . f by A1, Th66 .= (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . f by A2, FUNCT_1:49 ; ::_thesis: verum end; theorem :: SCM_HALT:70 for p being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b proof let p be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being good InitHalting Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b set D = Data-Locations ; let s be State of SCM+FSA; ::_thesis: for I being good InitHalting Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b let I be good InitHalting Program of SCM+FSA; ::_thesis: for b being Int-Location for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b let b be Int-Location; ::_thesis: for a being read-write Int-Location st not I destroys a & s . a > 0 holds (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b let a be read-write Int-Location; ::_thesis: ( not I destroys a & s . a > 0 implies (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b ) assume A1: ( not I destroys a & s . a > 0 ) ; ::_thesis: (IExec ((Times (a,I)),p,s)) . b = (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b set IT = IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))); b in Int-Locations by AMI_2:def_16; then A2: b in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; hence (IExec ((Times (a,I)),p,s)) . b = (DataPart (IExec ((Times (a,I)),p,s))) . b by FUNCT_1:49 .= (DataPart (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s))))) . b by A1, Th66 .= (IExec ((Times (a,I)),p,(IExec ((I ";" (SubFrom (a,(intloc 0)))),p,s)))) . b by A2, FUNCT_1:49 ; ::_thesis: verum end; definition let i be Instruction of SCM+FSA; redefine attr i is good means :: SCM_HALT:def 6 not i destroys intloc 0; compatibility ( i is good iff not i destroys intloc 0 ) proof rng (Macro i) = {i,(halt SCM+FSA)} by COMPOS_1:67; then i in rng (Macro i) by TARSKI:def_2; then A1: ( not Macro i destroys intloc 0 implies not i destroys intloc 0 ) by SCMFSA7B:def_4; A2: ( not i destroys intloc 0 implies not Macro i destroys intloc 0 ) by SCMFSA8C:48; ( Macro i is good iff i is good ) by SFMASTR1:def_1; hence ( i is good iff not i destroys intloc 0 ) by A2, A1, SCMFSA7B:def_5; ::_thesis: verum end; end; :: deftheorem defines good SCM_HALT:def_6_:_ for i being Instruction of SCM+FSA holds ( i is good iff not i destroys intloc 0 );