let s be State of SCM+FSA; for p being Instruction-Sequence of SCM+FSA
for a being Int-Location
for J being really-closed good MacroInstruction of SCM+FSA st ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) holds
for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
let p be Instruction-Sequence of SCM+FSA; for a being Int-Location
for J being really-closed good MacroInstruction of SCM+FSA st ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) holds
for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
let a be Int-Location; for J being really-closed good MacroInstruction of SCM+FSA st ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) holds
for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
let J be really-closed good MacroInstruction of SCM+FSA ; ( ProperTimesBody a,J,s,p & 0 <= s . a & ( s . (intloc 0) = 1 or a is read-write ) implies for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 ) )
set I = J;
assume that
A1:
ProperTimesBody a,J,s,p
and
A2:
0 <= s . a
and
A3:
( s . (intloc 0) = 1 or a is read-write )
; for k being Nat st k >= s . a holds
( ((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 )
set au = 1 -stRWNotIn ({a} \/ (UsedILoc J));
set ST = StepTimes (a,J,p,s);
set SW = StepWhile>0 ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(J ";" (SubFrom ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(intloc 0)))),p,(Exec (((1 -stRWNotIn ({a} \/ (UsedILoc J))) := a),(Initialized s))));
defpred S1[ Nat] means ( $1 >= s . a implies ( ((StepTimes (a,J,p,s)) . $1) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . $1) . (intloc 0) = 1 ) );
A4:
for k being Nat st S1[k] holds
S1[k + 1]
proof
reconsider sa =
s . a as
Element of
NAT by A2, INT_1:3;
let k be
Nat;
( S1[k] implies S1[k + 1] )
assume that A5:
(
k >= s . a implies (
((StepTimes (a,J,p,s)) . k) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 &
((StepTimes (a,J,p,s)) . k) . (intloc 0) = 1 ) )
and A6:
k + 1
>= s . a
;
( ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 )
per cases
( k + 1 = sa or k + 1 > sa )
by A6, XXREAL_0:1;
suppose A7:
k + 1
= sa
;
( ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 )then
(((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J)))) + (k + 1) = s . a
by A1, A3, Th13;
hence
((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0
by A7;
((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1thus
((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
by A1, A7, Th12;
verum end; suppose A8:
k + 1
> sa
;
( ((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1 )then A9:
DataPart ((StepWhile>0 ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(J ";" (SubFrom ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(intloc 0)))),p,(Exec (((1 -stRWNotIn ({a} \/ (UsedILoc J))) := a),(Initialized s))))) . (k + 1)) = DataPart ((StepWhile>0 ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(J ";" (SubFrom ((1 -stRWNotIn ({a} \/ (UsedILoc J))),(intloc 0)))),p,(Exec (((1 -stRWNotIn ({a} \/ (UsedILoc J))) := a),(Initialized s))))) . k)
by A5, NAT_1:13, SCMFSA9A:31;
hence
((StepTimes (a,J,p,s)) . (k + 1)) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0
by A5, A8, NAT_1:13, SCMFSA_M:2;
((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1thus
((StepTimes (a,J,p,s)) . (k + 1)) . (intloc 0) = 1
by A5, A8, A9, NAT_1:13, SCMFSA_M:2;
verum end; end;
end;
A10:
S1[ 0 ]
proof
assume A11:
0 >= s . a
;
( ((StepTimes (a,J,p,s)) . 0) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) = 0 & ((StepTimes (a,J,p,s)) . 0) . (intloc 0) = 1 )
thus ((StepTimes (a,J,p,s)) . 0) . (1 -stRWNotIn ({a} \/ (UsedILoc J))) =
(((StepTimes (a,J,p,s)) . 0) . (1 -stRWNotIn ({a} \/ (UsedILoc J)))) + 0
.=
0
by A1, A2, A3, A11, Th13
;
((StepTimes (a,J,p,s)) . 0) . (intloc 0) = 1
thus
((StepTimes (a,J,p,s)) . 0) . (intloc 0) = 1
by A1, A2, Th12;
verum
end;
thus
for k being Nat holds S1[k]
from NAT_1:sch 2(A10, A4); verum