reserve m for Nat;
reserve P,PP,P1,P2 for Instruction-Sequence of SCM+FSA;

theorem
  for s being State of SCM+FSA holds IExec(Stop SCM+FSA,P,s) = Initialized s
proof
  let s be State of SCM+FSA;
  set D = Data-Locations SCM+FSA;
  set s1 = Initialize Initialized s,
      P1 = P +* Stop SCM+FSA;
A1: Stop SCM+FSA c= P1 by FUNCT_4:25;
A2: s1 = Comput(P1, s1,0);
A3:  P1/.IC s1 = P1.IC s1 by PBOOLE:143;
A4:  0 in dom Stop SCM+FSA by COMPOS_1:3;
A5: s +*Initialize((intloc 0).-->1) = s1 by MEMSTR_0:44;
A6: CurInstr(P1,s1) = P1. 0 by A3,MEMSTR_0:28
    .= (Stop SCM+FSA). 0 by A4,A1,GRFUNC_1:2;
  then P1 halts_on s1 by A2,EXTPRO_1:29;
  then
A7: IExec(Stop SCM+FSA,P,s) = s1 by A5,A6,A2,EXTPRO_1:def 9;
  then
A8: DataPart IExec(Stop SCM+FSA,P,s) = DataPart s1
    .= DataPart Initialized s by MEMSTR_0:79;
  hereby
A9: now
      let x be object;
      assume
A10:   x in dom IExec(Stop SCM+FSA,P,s);
      per cases by A10,SCMFSA_M:1;
      suppose
A11:    x is Int-Location;
        IExec(Stop SCM+FSA,P,s).x = (Initialized s).x by A8,A11,SCMFSA_M:2;
        hence IExec(Stop SCM+FSA,P,s).x = (Initialized s).x;
      end;
      suppose
A12:    x is FinSeq-Location;
        IExec(Stop SCM+FSA,P,s).x = (Initialized s).x by A8,A12,SCMFSA_M:2;
        hence IExec(Stop SCM+FSA,P,s).x = (Initialized s).x;
      end;
      suppose
A13:    x = IC SCM+FSA;
        then x in {IC SCM+FSA} by TARSKI:def 1;
        then
A14:    x in dom SA0;
        thus IExec(Stop SCM+FSA,P,s).x
           = s1.IC SCM+FSA by A7,A13
          .= SA0.IC SCM+FSA by A13,A14,FUNCT_4:13
          .= (s +* ((intloc 0) .--> 1) +* SA0).x by A13,A14,FUNCT_4:13
          .= (s +* Initialize ((intloc 0) .--> 1)).x by FUNCT_4:14
          .= (Initialized s).x;
      end;
    end;
    dom IExec(Stop SCM+FSA,P,s) = the carrier of SCM+FSA by PARTFUN1:def 2
      .= dom Initialized s by PARTFUN1:def 2;
    hence thesis by A9,FUNCT_1:2;
  end;
end;
