:: SCMISORT semantic presentation begin theorem :: SCMISORT:1 for p being preProgram of SCM+FSA for l being Element of NAT for ic being Instruction of SCM+FSA st l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedIntLoc pc = UsedIntLoc ic ) holds UsedIntLoc p = UsedIntLoc (p +* (l .--> ic)) proof let p be preProgram of SCM+FSA; ::_thesis: for l being Element of NAT for ic being Instruction of SCM+FSA st l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedIntLoc pc = UsedIntLoc ic ) holds UsedIntLoc p = UsedIntLoc (p +* (l .--> ic)) let l be Element of NAT ; ::_thesis: for ic being Instruction of SCM+FSA st l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedIntLoc pc = UsedIntLoc ic ) holds UsedIntLoc p = UsedIntLoc (p +* (l .--> ic)) let ic be Instruction of SCM+FSA; ::_thesis: ( l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedIntLoc pc = UsedIntLoc ic ) implies UsedIntLoc p = UsedIntLoc (p +* (l .--> ic)) ) set pl = p +* (l .--> ic); assume that A1: l in dom p and A2: ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedIntLoc pc = UsedIntLoc ic ) ; ::_thesis: UsedIntLoc p = UsedIntLoc (p +* (l .--> ic)) consider UIL being Function of the InstructionsF of SCM+FSA,(Fin Int-Locations) such that A3: for i being Instruction of SCM+FSA holds UIL . i = UsedIntLoc i and A4: UsedIntLoc p = Union (UIL * p) by SF_MASTR:def_2; set f = UIL * p; set g = UIL * (p +* (l .--> ic)); consider UIL2 being Function of the InstructionsF of SCM+FSA,(Fin Int-Locations) such that A5: for i being Instruction of SCM+FSA holds UIL2 . i = UsedIntLoc i and A6: UsedIntLoc (p +* (l .--> ic)) = Union (UIL2 * (p +* (l .--> ic))) by SF_MASTR:def_2; for c being Element of the InstructionsF of SCM+FSA holds UIL . c = UIL2 . c proof let c be Element of the InstructionsF of SCM+FSA; ::_thesis: UIL . c = UIL2 . c reconsider d = c as Instruction of SCM+FSA ; thus UIL . c = UsedIntLoc d by A3 .= UIL2 . c by A5 ; ::_thesis: verum end; then A7: UIL = UIL2 by FUNCT_2:63; A8: (p +* (l .--> ic)) . l = (p +* (l,ic)) . l by A1, FUNCT_7:def_3 .= ic by A1, FUNCT_7:31 ; now__::_thesis:_(_dom_(UIL_*_p)_=_dom_(UIL_*_(p_+*_(l_.-->_ic)))_&_(_for_x_being_set_st_x_in_dom_(UIL_*_p)_holds_ (UIL_*_p)_._x_=_(UIL_*_(p_+*_(l_.-->_ic)))_._x_)_) A9: dom UIL = the InstructionsF of SCM+FSA by FUNCT_2:def_1; then rng p c= dom UIL by RELAT_1:def_19; then A10: dom (UIL * p) = dom p by RELAT_1:27; A11: dom p = dom (p +* (l .--> ic)) by A1, FUNCT_7:112; A12: rng (p +* (l .--> ic)) c= dom UIL by A9, RELAT_1:def_19; hence dom (UIL * p) = dom (UIL * (p +* (l .--> ic))) by A11, A10, RELAT_1:27; ::_thesis: for x being set st x in dom (UIL * p) holds (UIL * p) . b2 = (UIL * (p +* (l .--> ic))) . b2 let x be set ; ::_thesis: ( x in dom (UIL * p) implies (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 ) assume A13: x in dom (UIL * p) ; ::_thesis: (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 then (p +* (l .--> ic)) . x in rng (p +* (l .--> ic)) by A11, A10, FUNCT_1:def_3; then reconsider plx = (p +* (l .--> ic)) . x as Instruction of SCM+FSA by A12, FUNCT_2:def_1; percases ( x <> l or x = l ) ; suppose x <> l ; ::_thesis: (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 then not x in {l} by TARSKI:def_1; then not x in dom (l .--> ic) by FUNCOP_1:13; then p . x = (p +* (l .--> ic)) . x by FUNCT_4:11; hence (UIL * p) . x = UIL . plx by A13, FUNCT_1:12 .= (UIL * (p +* (l .--> ic))) . x by A11, A10, A13, FUNCT_1:13 ; ::_thesis: verum end; supposeA14: x = l ; ::_thesis: (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 thus (UIL * p) . x = UIL . (p . x) by A13, FUNCT_1:12 .= UsedIntLoc plx by A2, A8, A3, A14 .= UIL . plx by A5, A7 .= (UIL * (p +* (l .--> ic))) . x by A11, A10, A13, FUNCT_1:13 ; ::_thesis: verum end; end; end; hence UsedIntLoc p = UsedIntLoc (p +* (l .--> ic)) by A4, A6, A7, FUNCT_1:2; ::_thesis: verum end; theorem :: SCMISORT:2 for a being Int-Location for I being Program of SCM+FSA holds (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) . ((card I) + 4) = goto ((card I) + 4) proof let a be Int-Location; ::_thesis: for I being Program of SCM+FSA holds (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) . ((card I) + 4) = goto ((card I) + 4) let I be Program of SCM+FSA; ::_thesis: (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) . ((card I) + 4) = goto ((card I) + 4) set I4 = (card I) + 4; set Lc4 = (card I) + 4; set Gi = Goto 0; set SS = Stop SCM+FSA; set I1 = I ";" (Goto 0); set F = if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA)); set i = a >0_goto ((card (Stop SCM+FSA)) + 3); set MM = (((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I; set GS = (Goto 0) ";" (Stop SCM+FSA); A1: (card I) + 4 < (card I) + 6 by XREAL_1:6; card (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) = (card I) + 6 by SCMFSA_9:2; then A2: (card I) + 4 in dom (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) by A1, AFINSQ_1:66; A3: 0 + ((card I) + 4) = 0 + ((card I) + 4) ; A4: (Goto 0) . 0 = goto 0 by SCMFSA8A:31; A5: 0 in dom (Goto 0) by SCMFSA8A:31; then A6: ((Goto 0) ";" (Stop SCM+FSA)) . 0 = (Directed (Goto 0)) . 0 by SCMFSA8A:14 .= goto 0 by A5, A4, SCMFSA8A:16 ; A7: card (Stop SCM+FSA) = 1 by COMPOS_1:4; card ((Goto 0) ";" (Stop SCM+FSA)) = (card (Goto 0)) + (card (Stop SCM+FSA)) by SCMFSA6A:21 .= 1 + 1 by A7, SCMFSA8A:15 .= 2 ; then A8: 0 in dom ((Goto 0) ";" (Stop SCM+FSA)) by AFINSQ_1:66; then 0 + ((card I) + 4) in { (il + ((card I) + 4)) where il is Element of NAT : il in dom ((Goto 0) ";" (Stop SCM+FSA)) } ; then A9: (card I) + 4 in dom (Shift (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))) by VALUED_1:def_12; then A10: (Shift (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))) /. ((card I) + 4) = (Shift (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))) . (0 + ((card I) + 4)) by PARTFUN1:def_6 .= goto 0 by A6, A8, VALUED_1:def_12 ; A11: card (Stop SCM+FSA) = 1 by COMPOS_1:4; A12: card ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I) = (card (((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1)))) + (card I) by SCMFSA6A:21 .= ((card ((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA))) + (card (Goto ((card (I ";" (Goto 0))) + 1)))) + (card I) by SCMFSA6A:21 .= ((card ((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA))) + 1) + (card I) by SCMFSA8A:15 .= ((2 + 1) + 1) + (card I) by A11, SCMFSA6A:33 .= (card I) + 4 ; then A13: not (card I) + 4 in dom ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I) by AFINSQ_1:66; A14: Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4)) = IncAddr ((Shift (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))),((card I) + 4)) by COMPOS_1:34; A15: CutLastLoc (stop ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I)) = (((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I ; A16: if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA)) = ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" (I ";" (Goto 0))) ";" (Stop SCM+FSA) by SCMFSA8B:def_2 .= (((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I) ";" (Goto 0)) ";" (Stop SCM+FSA) by SCMFSA6A:25 .= ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I) ";" ((Goto 0) ";" (Stop SCM+FSA)) by SCMFSA6A:25 .= (Directed ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I)) +* (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))) by A12, A15, SCMFSA6A:def_4 ; then A17: dom (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) = (dom (Directed ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I))) \/ (dom (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4)))) by FUNCT_4:def_1; then dom (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) = (dom (Directed (((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I),(card ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I))))) \/ (dom (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4)))) by SCMFSA6A:def_2 .= (dom (((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I) +~ ((halt SCM+FSA),(goto (card ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I)))))) \/ (dom (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4)))) by SCMFSA6A:def_1 .= (dom ((((a >0_goto ((card (Stop SCM+FSA)) + 3)) ";" (Stop SCM+FSA)) ";" (Goto ((card (I ";" (Goto 0))) + 1))) ";" I)) \/ (dom (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4)))) by FUNCT_4:99 ; then (card I) + 4 in dom (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))) by A2, A13, XBOOLE_0:def_3; hence (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) . ((card I) + 4) = (Reloc (((Goto 0) ";" (Stop SCM+FSA)),((card I) + 4))) . ((card I) + 4) by A2, A16, A17, FUNCT_4:def_1 .= IncAddr ((goto 0),((card I) + 4)) by A9, A10, A14, COMPOS_1:def_21 .= goto ((card I) + 4) by A3, SCMFSA_4:1 ; ::_thesis: verum end; theorem :: SCMISORT:3 for p being preProgram of SCM+FSA for l being Element of NAT for ic being Instruction of SCM+FSA st l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedInt*Loc pc = UsedInt*Loc ic ) holds UsedInt*Loc p = UsedInt*Loc (p +* (l .--> ic)) proof let p be preProgram of SCM+FSA; ::_thesis: for l being Element of NAT for ic being Instruction of SCM+FSA st l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedInt*Loc pc = UsedInt*Loc ic ) holds UsedInt*Loc p = UsedInt*Loc (p +* (l .--> ic)) let l be Element of NAT ; ::_thesis: for ic being Instruction of SCM+FSA st l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedInt*Loc pc = UsedInt*Loc ic ) holds UsedInt*Loc p = UsedInt*Loc (p +* (l .--> ic)) let ic be Instruction of SCM+FSA; ::_thesis: ( l in dom p & ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedInt*Loc pc = UsedInt*Loc ic ) implies UsedInt*Loc p = UsedInt*Loc (p +* (l .--> ic)) ) set pl = p +* (l .--> ic); assume that A1: l in dom p and A2: ex pc being Instruction of SCM+FSA st ( pc = p . l & UsedInt*Loc pc = UsedInt*Loc ic ) ; ::_thesis: UsedInt*Loc p = UsedInt*Loc (p +* (l .--> ic)) consider UIL being Function of the InstructionsF of SCM+FSA,(Fin FinSeq-Locations) such that A3: for i being Instruction of SCM+FSA holds UIL . i = UsedInt*Loc i and A4: UsedInt*Loc p = Union (UIL * p) by SF_MASTR:def_4; set f = UIL * p; set g = UIL * (p +* (l .--> ic)); consider UIL2 being Function of the InstructionsF of SCM+FSA,(Fin FinSeq-Locations) such that A5: for i being Instruction of SCM+FSA holds UIL2 . i = UsedInt*Loc i and A6: UsedInt*Loc (p +* (l .--> ic)) = Union (UIL2 * (p +* (l .--> ic))) by SF_MASTR:def_4; for c being Element of the InstructionsF of SCM+FSA holds UIL . c = UIL2 . c proof let c be Element of the InstructionsF of SCM+FSA; ::_thesis: UIL . c = UIL2 . c reconsider d = c as Instruction of SCM+FSA ; thus UIL . c = UsedInt*Loc d by A3 .= UIL2 . c by A5 ; ::_thesis: verum end; then A7: UIL = UIL2 by FUNCT_2:63; A8: (p +* (l .--> ic)) . l = (p +* (l,ic)) . l by A1, FUNCT_7:def_3 .= ic by A1, FUNCT_7:31 ; now__::_thesis:_(_dom_(UIL_*_p)_=_dom_(UIL_*_(p_+*_(l_.-->_ic)))_&_(_for_x_being_set_st_x_in_dom_(UIL_*_p)_holds_ (UIL_*_p)_._x_=_(UIL_*_(p_+*_(l_.-->_ic)))_._x_)_) A9: dom UIL = the InstructionsF of SCM+FSA by FUNCT_2:def_1; then rng p c= dom UIL by RELAT_1:def_19; then A10: dom (UIL * p) = dom p by RELAT_1:27; A11: dom p = dom (p +* (l .--> ic)) by A1, FUNCT_7:112; A12: rng (p +* (l .--> ic)) c= dom UIL by A9, RELAT_1:def_19; hence dom (UIL * p) = dom (UIL * (p +* (l .--> ic))) by A11, A10, RELAT_1:27; ::_thesis: for x being set st x in dom (UIL * p) holds (UIL * p) . b2 = (UIL * (p +* (l .--> ic))) . b2 let x be set ; ::_thesis: ( x in dom (UIL * p) implies (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 ) assume A13: x in dom (UIL * p) ; ::_thesis: (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 then (p +* (l .--> ic)) . x in rng (p +* (l .--> ic)) by A11, A10, FUNCT_1:def_3; then reconsider plx = (p +* (l .--> ic)) . x as Instruction of SCM+FSA by A12, FUNCT_2:def_1; percases ( x <> l or x = l ) ; suppose x <> l ; ::_thesis: (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 then not x in {l} by TARSKI:def_1; then not x in dom (l .--> ic) by FUNCOP_1:13; then p . x = (p +* (l .--> ic)) . x by FUNCT_4:11; hence (UIL * p) . x = UIL . plx by A13, FUNCT_1:12 .= (UIL * (p +* (l .--> ic))) . x by A11, A10, A13, FUNCT_1:13 ; ::_thesis: verum end; supposeA14: x = l ; ::_thesis: (UIL * p) . b1 = (UIL * (p +* (l .--> ic))) . b1 thus (UIL * p) . x = UIL . (p . x) by A13, FUNCT_1:12 .= UsedInt*Loc plx by A2, A8, A3, A14 .= UIL . plx by A5, A7 .= (UIL * (p +* (l .--> ic))) . x by A11, A10, A13, FUNCT_1:13 ; ::_thesis: verum end; end; end; hence UsedInt*Loc p = UsedInt*Loc (p +* (l .--> ic)) by A4, A6, A7, FUNCT_1:2; ::_thesis: verum end; theorem Th4: :: SCMISORT:4 for I being Program of SCM+FSA for a, b being Int-Location st not I destroys b holds not while>0 (a,I) destroys b proof let I be Program of SCM+FSA; ::_thesis: for a, b being Int-Location st not I destroys b holds not while>0 (a,I) destroys b let a, b be Int-Location; ::_thesis: ( not I destroys b implies not while>0 (a,I) destroys b ) set J = ((card I) + 4) .--> (goto 0); set Gi = Goto 0; set SS = Stop SCM+FSA; set F = if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA)); A1: not Goto 0 destroys b by SCMFSA8C:57; A2: not Stop SCM+FSA destroys b by SCMFSA8C:56; assume not I destroys b ; ::_thesis: not while>0 (a,I) destroys b then not I ";" (Goto 0) destroys b by A1, SCMFSA8C:52; then A3: not if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA)) destroys b by A2, SCMFSA8C:88; A4: while>0 (a,I) = (if>0 (a,(I ";" (Goto 0)),(Stop SCM+FSA))) +* (((card I) + 4) .--> (goto 0)) by SCMFSA_9:def_2; not ((card I) + 4) .--> (goto 0) destroys b by SCMFSA_9:30; hence not while>0 (a,I) destroys b by A3, A4, SCMFSA8A:11; ::_thesis: verum end; theorem Th5: :: SCMISORT:5 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA st I is_halting_on Initialized s,P holds for a being Int-Location holds (IExec (I,P,s)) . a = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA st I is_halting_on Initialized s,P holds for a being Int-Location holds (IExec (I,P,s)) . a = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA st I is_halting_on Initialized s,P holds for a being Int-Location holds (IExec (I,P,s)) . a = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a let I be Program of SCM+FSA; ::_thesis: ( I is_halting_on Initialized s,P implies for a being Int-Location holds (IExec (I,P,s)) . a = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a ) set s0 = Initialized s; set s1 = Initialize (Initialized s); set A = NAT ; set P1 = P +* I; assume I is_halting_on Initialized s,P ; ::_thesis: for a being Int-Location holds (IExec (I,P,s)) . a = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a then A1: P +* I halts_on Initialize (Initialized s) by SCMFSA7B:def_7; hereby ::_thesis: verum let a be Int-Location; ::_thesis: (IExec (I,P,s)) . a = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a Initialized s = Initialize (Initialized s) by MEMSTR_0:44; hence (IExec (I,P,s)) . a = (Result ((P +* I),(Initialize (Initialized s)))) . a by SCMFSA6B:def_1 .= (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . a by A1, EXTPRO_1:23 ; ::_thesis: verum end; end; theorem Th6: :: SCMISORT:6 for P1, P2 being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 holds for k being Element of NAT holds ( Comput (P1,s,k) = Comput (P2,s,k) & CurInstr (P1,(Comput (P1,s,k))) = CurInstr (P2,(Comput (P2,s,k))) ) proof let P1, P2 be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 holds for k being Element of NAT holds ( Comput (P1,s,k) = Comput (P2,s,k) & CurInstr (P1,(Comput (P1,s,k))) = CurInstr (P2,(Comput (P2,s,k))) ) let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 holds for k being Element of NAT holds ( Comput (P1,s,k) = Comput (P2,s,k) & CurInstr (P1,(Comput (P1,s,k))) = CurInstr (P2,(Comput (P2,s,k))) ) let I be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 implies for k being Element of NAT holds ( Comput (P1,s,k) = Comput (P2,s,k) & CurInstr (P1,(Comput (P1,s,k))) = CurInstr (P2,(Comput (P2,s,k))) ) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s and A2: I c= P1 and A3: I c= P2 ; ::_thesis: for k being Element of NAT holds ( Comput (P1,s,k) = Comput (P2,s,k) & CurInstr (P1,(Comput (P1,s,k))) = CurInstr (P2,(Comput (P2,s,k))) ) hereby ::_thesis: verum let k be Element of NAT ; ::_thesis: ( Comput (P1,s,k) = Comput (P2,s,k) & CurInstr (P2,(Comput (P2,s,k))) = CurInstr (P1,(Comput (P1,s,k))) ) A4: IC (Comput (P1,s,k)) in dom I by A1, A2, SCM_HALT:def_1; A5: IC (Comput (P2,s,k)) in dom I by A1, A3, SCM_HALT:def_1; for m being Element of NAT st m < k holds IC (Comput (P2,s,m)) in dom I by A1, A3, SCM_HALT:def_1; hence Comput (P1,s,k) = Comput (P2,s,k) by A2, A3, AMISTD_2:10; ::_thesis: CurInstr (P2,(Comput (P2,s,k))) = CurInstr (P1,(Comput (P1,s,k))) then A6: IC (Comput (P1,s,k)) = IC (Comput (P2,s,k)) ; thus CurInstr (P2,(Comput (P2,s,k))) = P2 . (IC (Comput (P2,s,k))) by PBOOLE:143 .= I . (IC (Comput (P2,s,k))) by A5, A3, GRFUNC_1:2 .= P1 . (IC (Comput (P1,s,k))) by A6, A4, A2, GRFUNC_1:2 .= CurInstr (P1,(Comput (P1,s,k))) by PBOOLE:143 ; ::_thesis: verum end; end; theorem Th7: :: SCMISORT:7 for P1, P2 being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 holds ( LifeSpan (P1,s) = LifeSpan (P2,s) & Result (P1,s) = Result (P2,s) ) proof let P1, P2 be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 holds ( LifeSpan (P1,s) = LifeSpan (P2,s) & Result (P1,s) = Result (P2,s) ) let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA st Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 holds ( LifeSpan (P1,s) = LifeSpan (P2,s) & Result (P1,s) = Result (P2,s) ) let I be InitHalting Program of SCM+FSA; ::_thesis: ( Initialize ((intloc 0) .--> 1) c= s & I c= P1 & I c= P2 implies ( LifeSpan (P1,s) = LifeSpan (P2,s) & Result (P1,s) = Result (P2,s) ) ) assume that A1: Initialize ((intloc 0) .--> 1) c= s and A2: I c= P1 and A3: I c= P2 ; ::_thesis: ( LifeSpan (P1,s) = LifeSpan (P2,s) & Result (P1,s) = Result (P2,s) ) A4: P2 halts_on s by A1, A3, SCM_HALT:def_2; A5: P1 halts_on s by A1, A2, SCM_HALT:def_2; A6: now__::_thesis:_for_l_being_Element_of_NAT_st_CurInstr_(P2,(Comput_(P2,s,l)))_=_halt_SCM+FSA_holds_ LifeSpan_(P1,s)_<=_l let l be Element of NAT ; ::_thesis: ( CurInstr (P2,(Comput (P2,s,l))) = halt SCM+FSA implies LifeSpan (P1,s) <= l ) assume A7: CurInstr (P2,(Comput (P2,s,l))) = halt SCM+FSA ; ::_thesis: LifeSpan (P1,s) <= l CurInstr (P1,(Comput (P1,s,l))) = CurInstr (P2,(Comput (P2,s,l))) by A1, Th6, A2, A3; hence LifeSpan (P1,s) <= l by A5, A7, EXTPRO_1:def_15; ::_thesis: verum end; CurInstr (P2,(Comput (P2,s,(LifeSpan (P1,s))))) = CurInstr (P1,(Comput (P1,s,(LifeSpan (P1,s))))) by A1, Th6, A2, A3 .= halt SCM+FSA by A5, EXTPRO_1:def_15 ; hence A8: LifeSpan (P1,s) = LifeSpan (P2,s) by A6, A4, EXTPRO_1:def_15; ::_thesis: Result (P1,s) = Result (P2,s) P2 halts_on s by A1, A3, SCM_HALT:def_2; then A9: Result (P2,s) = Comput (P2,s,(LifeSpan (P1,s))) by A8, EXTPRO_1:23; P1 halts_on s by A1, A2, SCM_HALT:def_2; then Result (P1,s) = Comput (P1,s,(LifeSpan (P1,s))) by EXTPRO_1:23; hence Result (P1,s) = Result (P2,s) by A1, A9, Th6, A2, A3; ::_thesis: verum end; begin theorem Th8: :: SCMISORT:8 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a <= 0 holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) let a be read-write Int-Location; ::_thesis: ( s . a <= 0 implies ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) ) set s0 = Initialized s; assume s . a <= 0 ; ::_thesis: ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) then A1: (Initialized s) . a <= 0 by SCMFSA_M:37; then A2: while>0 (a,I) is_closed_on Initialized s,P by SCMFSA_9:38; while>0 (a,I) is_halting_on Initialized s,P by A1, SCMFSA_9:38; hence ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) by A2, SCM_HALT:30, SCM_HALT:31; ::_thesis: verum end; theorem :: SCMISORT:9 for P being Instruction-Sequence of SCM+FSA for a being Int-Location for I being Program of SCM+FSA for s being State of SCM+FSA for k being Element of NAT st I is_closed_onInit s,P & I is_halting_onInit s,P & k < LifeSpan ((P +* I),(Initialized s)) & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for a being Int-Location for I being Program of SCM+FSA for s being State of SCM+FSA for k being Element of NAT st I is_closed_onInit s,P & I is_halting_onInit s,P & k < LifeSpan ((P +* I),(Initialized s)) & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) let a be Int-Location; ::_thesis: for I being Program of SCM+FSA for s being State of SCM+FSA for k being Element of NAT st I is_closed_onInit s,P & I is_halting_onInit s,P & k < LifeSpan ((P +* I),(Initialized s)) & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) let I be Program of SCM+FSA; ::_thesis: for s being State of SCM+FSA for k being Element of NAT st I is_closed_onInit s,P & I is_halting_onInit s,P & k < LifeSpan ((P +* I),(Initialized s)) & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) set D = Data-Locations ; let s be State of SCM+FSA; ::_thesis: for k being Element of NAT st I is_closed_onInit s,P & I is_halting_onInit s,P & k < LifeSpan ((P +* I),(Initialized s)) & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) let k be Element of NAT ; ::_thesis: ( I is_closed_onInit s,P & I is_halting_onInit s,P & k < LifeSpan ((P +* I),(Initialized s)) & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) implies ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) ) set s0 = Initialized s; set Pw = P +* (while>0 (a,I)); set PI = P +* I; set s0I = Initialize (Initialized s); set sK1 = Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k)); set sK2 = Comput ((P +* I),(Initialized s),k); set l3 = IC (Comput ((P +* I),(Initialized s),k)); A1: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; assume I is_closed_onInit s,P ; ::_thesis: ( not I is_halting_onInit s,P or not k < LifeSpan ((P +* I),(Initialized s)) or not IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 or not DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) ) then A2: I is_closed_on Initialized s,P by SCM_HALT:30; assume I is_halting_onInit s,P ; ::_thesis: ( not k < LifeSpan ((P +* I),(Initialized s)) or not IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 or not DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) ) then A3: I is_halting_on Initialized s,P by SCM_HALT:31; assume A4: k < LifeSpan ((P +* I),(Initialized s)) ; ::_thesis: ( not IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 or not DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) ) assume A5: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = (IC (Comput ((P +* I),(Initialized s),k))) + 4 ; ::_thesis: ( not DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) ) assume A6: DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + k))) = DataPart (Comput ((P +* I),(Initialized s),k)) ; ::_thesis: ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) ) hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialized s),(k + 1)))) + 4 by A4, A5, A2, A3, A1, SCMFSA_9:39; ::_thesis: DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) thus DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialized s),(k + 1))) by A4, A5, A6, A2, A3, A1, SCMFSA_9:39; ::_thesis: verum end; theorem :: SCMISORT:10 for P being Instruction-Sequence of SCM+FSA for a being Int-Location for I being Program of SCM+FSA for s being State of SCM+FSA st I is_closed_onInit s,P & I is_halting_onInit s,P & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 holds CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for a being Int-Location for I being Program of SCM+FSA for s being State of SCM+FSA st I is_closed_onInit s,P & I is_halting_onInit s,P & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 holds CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) let a be Int-Location; ::_thesis: for I being Program of SCM+FSA for s being State of SCM+FSA st I is_closed_onInit s,P & I is_halting_onInit s,P & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 holds CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) let I be Program of SCM+FSA; ::_thesis: for s being State of SCM+FSA st I is_closed_onInit s,P & I is_halting_onInit s,P & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 holds CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) let s be State of SCM+FSA; ::_thesis: ( I is_closed_onInit s,P & I is_halting_onInit s,P & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 implies CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) ) set s0 = Initialized s; set sw = Initialized s; set Pw = P +* (while>0 (a,I)); set PI = P +* I; set s0I = Initialize (Initialized s); A1: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; assume I is_closed_onInit s,P ; ::_thesis: ( not I is_halting_onInit s,P or not IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 or CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) ) then A2: I is_closed_on Initialized s,P by SCM_HALT:30; assume I is_halting_onInit s,P ; ::_thesis: ( not IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 or CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) ) then A3: I is_halting_on Initialized s,P by SCM_HALT:31; assume IC (Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s)))))) = (IC (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) + 4 ; ::_thesis: CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) hence CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),(1 + (LifeSpan ((P +* I),(Initialized s))))))) = goto ((card I) + 4) by A2, A3, A1, SCMFSA_9:40; ::_thesis: verum end; theorem Th11: :: SCMISORT:11 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) let a be read-write Int-Location; ::_thesis: ( I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 implies ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) ) set s0 = Initialized s; set sw = Initialized s; set Pw = P +* (while>0 (a,I)); set PI = P +* I; set s0I = Initialize (Initialized s); A1: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; assume I is_closed_onInit s,P ; ::_thesis: ( not I is_halting_onInit s,P or not s . a > 0 or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) ) then A2: I is_closed_on Initialized s,P by SCM_HALT:30; assume I is_halting_onInit s,P ; ::_thesis: ( not s . a > 0 or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) ) then A3: I is_halting_on Initialized s,P by SCM_HALT:31; assume s . a > 0 ; ::_thesis: ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & ( for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) ) then A4: (Initialized s) . a > 0 by SCMFSA_M:37; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 by A2, A3, A1, SCMFSA_9:42; ::_thesis: for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) thus for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) by A2, A3, A4, A1, SCMFSA_9:42; ::_thesis: verum end; theorem :: SCMISORT:12 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) let a be read-write Int-Location; ::_thesis: ( I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 implies for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) set s0 = Initialized s; set IA = Start-At (0,SCM+FSA); assume A1: I is_closed_onInit s,P ; ::_thesis: ( not I is_halting_onInit s,P or not s . a > 0 or for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) A2: Initialize (Initialized s) = Initialize (Initialized s) .= Initialize (Initialized s) .= Initialized s by MEMSTR_0:44 ; for k being Element of NAT holds IC (Comput ((P +* I),(Initialize (Initialized s)),k)) in dom I by A1, A2, SCM_HALT:def_4; then A3: I is_closed_on Initialized s,P by SCMFSA7B:def_6; assume I is_halting_onInit s,P ; ::_thesis: ( not s . a > 0 or for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) then A4: P +* I halts_on Initialized s by SCM_HALT:def_5; Initialized s = Initialize (Initialized s) by MEMSTR_0:44; then A5: I is_halting_on Initialized s,P by A4, SCMFSA7B:def_7; assume s . a > 0 ; ::_thesis: for k being Element of NAT st k <= (LifeSpan ((P +* I),(Initialized s))) + 3 holds IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) then A6: (Initialized s) . a > 0 by SCMFSA_M:37; hereby ::_thesis: verum let k be Element of NAT ; ::_thesis: ( k <= (LifeSpan ((P +* I),(Initialized s))) + 3 implies IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) ) A7: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; assume k <= (LifeSpan ((P +* I),(Initialized s))) + 3 ; ::_thesis: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) in dom (while>0 (a,I)) by A7, A3, A5, A6, SCMFSA_9:42; ::_thesis: verum end; end; theorem Th13: :: SCMISORT:13 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 holds ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) let a be read-write Int-Location; ::_thesis: ( I is_closed_onInit s,P & I is_halting_onInit s,P & s . a > 0 implies ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) ) set D = Data-Locations ; set s0 = Initialized s; set s1 = Initialize (Initialized s); set P1 = P +* (while>0 (a,I)); set PI = P +* I; set s2 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1); set i = a >0_goto 4; A1: while>0 (a,I) c= P +* (while>0 (a,I)) by FUNCT_4:25; defpred S1[ Nat] means ( $1 <= LifeSpan ((P +* I),(Initialize (Initialized s))) implies ( IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + $1))) = (IC (Comput ((P +* I),(Initialize (Initialized s)),$1))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + $1))) = DataPart (Comput ((P +* I),(Initialize (Initialized s)),$1)) ) ); set loc4 = (card I) + 4; set s3 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1)); A2: (card I) + 4 in dom (while>0 (a,I)) by SCMFSA_9:33; assume A3: I is_closed_onInit s,P ; ::_thesis: ( not I is_halting_onInit s,P or not s . a > 0 or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) ) A4: Initialize (Initialized s) = Initialize (Initialized s) .= Initialize (Initialized s) .= Initialized s by MEMSTR_0:44 ; for k being Element of NAT holds IC (Comput ((P +* I),(Initialize (Initialized s)),k)) in dom I by A3, A4, SCM_HALT:def_4; then A5: I is_closed_on Initialized s,P by SCMFSA7B:def_6; assume I is_halting_onInit s,P ; ::_thesis: ( not s . a > 0 or ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) ) then A6: P +* I halts_on Initialized s by SCM_HALT:def_5; A7: I is_halting_on Initialized s,P by A6, A4, SCMFSA7B:def_7; A8: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A9: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_(_k_+_1_<=_LifeSpan_((P_+*_I),(Initialize_(Initialized_s)))_implies_(_IC_(Comput_((P_+*_(while>0_(a,I))),(Initialize_(Initialized_s)),((1_+_k)_+_1)))_=_(IC_(Comput_((P_+*_I),(Initialize_(Initialized_s)),(k_+_1))))_+_4_&_DataPart_(Comput_((P_+*_(while>0_(a,I))),(Initialize_(Initialized_s)),((1_+_k)_+_1)))_=_DataPart_(Comput_((P_+*_I),(Initialize_(Initialized_s)),(k_+_1)))_)_) A10: k + 0 < k + 1 by XREAL_1:6; assume k + 1 <= LifeSpan ((P +* I),(Initialize (Initialized s))) ; ::_thesis: ( IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialize (Initialized s)),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialize (Initialized s)),(k + 1))) ) then k < LifeSpan ((P +* I),(Initialize (Initialized s))) by A10, XXREAL_0:2; hence ( IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + k) + 1))) = (IC (Comput ((P +* I),(Initialize (Initialized s)),(k + 1)))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + k) + 1))) = DataPart (Comput ((P +* I),(Initialize (Initialized s)),(k + 1))) ) by A5, A7, A9, SCMFSA_9:39; ::_thesis: verum end; hence S1[k + 1] ; ::_thesis: verum end; 0 in dom (while>0 (a,I)) by SCMFSA_9:10; then A11: (P +* (while>0 (a,I))) . 0 = (while>0 (a,I)) . 0 by A1, GRFUNC_1:2 .= a >0_goto 4 by SCMFSA_9:11 ; IC in dom (Start-At (0,SCM+FSA)) by MEMSTR_0:15; then A12: IC (Initialize (Initialized s)) = IC (Start-At (0,SCM+FSA)) by FUNCT_4:13 .= 0 by FUNCOP_1:72 ; A13: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(0 + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),0))) by EXTPRO_1:3 .= Following ((P +* (while>0 (a,I))),(Initialize (Initialized s))) .= Exec ((a >0_goto 4),(Initialize (Initialized s))) by A12, A11, PBOOLE:143 ; then A14: for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1)) . f = (Initialize (Initialized s)) . f by SCMFSA_2:71; for c being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1)) . c = (Initialize (Initialized s)) . c by A13, SCMFSA_2:71; then A15: DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1)) = DataPart (Initialize (Initialized s)) by A14, SCMFSA_M:2 .= DataPart (Initialize (Initialized s)) ; set s4 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1) + 1)); set s2 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + (LifeSpan ((P +* I),(Initialize (Initialized s)))))); not a in dom (Start-At (0,SCM+FSA)) by SCMFSA_2:102; then A16: (Initialize (Initialized s)) . a = (Initialized s) . a by FUNCT_4:11; assume s . a > 0 ; ::_thesis: ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ) then A17: (Initialized s) . a > 0 by SCMFSA_M:37; A18: S1[ 0 ] proof assume 0 <= LifeSpan ((P +* I),(Initialize (Initialized s))) ; ::_thesis: ( IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + 0))) = (IC (Comput ((P +* I),(Initialize (Initialized s)),0))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + 0))) = DataPart (Comput ((P +* I),(Initialize (Initialized s)),0)) ) A19: IC in dom (Start-At (0,SCM+FSA)) by MEMSTR_0:15; IC (Comput ((P +* I),(Initialize (Initialized s)),0)) = IC (Initialize (Initialized s)) .= IC (Start-At (0,SCM+FSA)) by A19, FUNCT_4:13 .= 0 by FUNCOP_1:72 ; hence ( IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + 0))) = (IC (Comput ((P +* I),(Initialize (Initialized s)),0))) + 4 & DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + 0))) = DataPart (Comput ((P +* I),(Initialize (Initialized s)),0)) ) by A17, A13, A16, A15, SCMFSA_2:71; ::_thesis: verum end; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A18, A8); then A20: S1[ LifeSpan ((P +* I),(Initialize (Initialized s)))] ; A21: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + (LifeSpan ((P +* I),(Initialize (Initialized s)))))))) by EXTPRO_1:3 .= Exec ((goto ((card I) + 4)),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + (LifeSpan ((P +* I),(Initialize (Initialized s)))))))) by A5, A7, A20, SCMFSA_9:40 ; then A22: for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1))) . f = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))))) . f by SCMFSA_2:69; A23: (P +* (while>0 (a,I))) . ((card I) + 4) = (while>0 (a,I)) . ((card I) + 4) by A2, A1, GRFUNC_1:2 .= goto 0 by SCMFSA_9:41 ; A24: (P +* (while>0 (a,I))) /. (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1)))) = (P +* (while>0 (a,I))) . (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1)))) by PBOOLE:143; A25: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1) + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1)))) by EXTPRO_1:3 .= Exec ((goto 0),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1)))) by A21, A23, A24, SCMFSA_2:69 ; then A26: for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1) + 1))) . f = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1))) . f by SCMFSA_2:69; for c being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1))) . c = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))))) . c by A21, SCMFSA_2:69; then A27: DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1))) = DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))))) by A22, SCMFSA_M:2; A28: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)) = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1) + 1)) by A28; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 by A25, SCMFSA_2:69; ::_thesis: DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) A29: Initialize (Initialized s) = Initialized s by MEMSTR_0:44; for c being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1) + 1))) . c = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),((1 + (LifeSpan ((P +* I),(Initialize (Initialized s))))) + 1))) . c by A25, SCMFSA_2:69; hence DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) by A29, A20, A27, A26, SCMFSA_M:2; ::_thesis: verum end; theorem :: SCMISORT:14 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being read-write Int-Location st s . a > 0 holds ex s2 being State of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),s2,k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . f = (IExec (I,P,s)) . f ) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting Program of SCM+FSA for a being read-write Int-Location st s . a > 0 holds ex s2 being State of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),s2,k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . f = (IExec (I,P,s)) . f ) ) let s be State of SCM+FSA; ::_thesis: for I being InitHalting Program of SCM+FSA for a being read-write Int-Location st s . a > 0 holds ex s2 being State of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),s2,k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . f = (IExec (I,P,s)) . f ) ) let I be InitHalting Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a > 0 holds ex s2 being State of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),s2,k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . f = (IExec (I,P,s)) . f ) ) set D = Data-Locations ; let a be read-write Int-Location; ::_thesis: ( s . a > 0 implies ex s2 being State of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),s2,k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . f = (IExec (I,P,s)) . f ) ) ) assume A1: s . a > 0 ; ::_thesis: ex s2 being State of SCM+FSA ex k being Element of NAT st ( s2 = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),s2,k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),s2,k)) . f = (IExec (I,P,s)) . f ) ) set Is = Initialize (Initialized s); set Q = while>0 (a,I); set s1 = Initialized s; set P1 = P +* I; take Initialized s ; ::_thesis: ex k being Element of NAT st ( Initialized s = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (IExec (I,P,s)) . f ) ) set P2 = P +* (while>0 (a,I)); take k = (LifeSpan ((P +* I),(Initialized s))) + 3; ::_thesis: ( Initialized s = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 & IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (IExec (I,P,s)) . f ) ) thus ( Initialized s = Initialized s & k = (LifeSpan ((P +* I),(Initialized s))) + 3 ) ; ::_thesis: ( IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) = 0 & ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (IExec (I,P,s)) . f ) ) A2: I is_halting_onInit s,P by SCM_HALT:26; then A3: P +* I halts_on Initialized s by SCM_HALT:def_5; Initialized s = Initialize (Initialized s) by MEMSTR_0:44 .= Initialize (Initialized s) .= Initialize (Initialized s) ; then P +* I halts_on Initialize (Initialized s) by A3; then A4: I is_halting_on Initialized s,P by SCMFSA7B:def_7; A5: I is_closed_onInit s,P by SCM_HALT:25; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) = 0 by A1, A2, Th13; ::_thesis: ( ( for b being Int-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . b = (IExec (I,P,s)) . b ) & ( for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (IExec (I,P,s)) . f ) ) set s4 = Comput ((P +* (while>0 (a,I))),(Initialized s),k); set s3 = Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))); A6: Initialized s = Initialize (Initialized s) by MEMSTR_0:44; A7: Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))) = Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s))))) by A6; A8: DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) by A1, A2, A5, Th13; hereby ::_thesis: for f being FinSeq-Location holds (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (IExec (I,P,s)) . f let b be Int-Location; ::_thesis: (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . b = (IExec (I,P,s)) . b thus (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . b = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . b by A7, A8, SCMFSA_M:2 .= (IExec (I,P,s)) . b by A4, Th5 ; ::_thesis: verum end; hereby ::_thesis: verum let f be FinSeq-Location ; ::_thesis: (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (IExec (I,P,s)) . f thus (Comput ((P +* (while>0 (a,I))),(Initialized s),k)) . f = (Comput ((P +* I),(Initialize (Initialized s)),(LifeSpan ((P +* I),(Initialize (Initialized s)))))) . f by A7, A8, SCMFSA_M:2 .= (IExec (I,P,s)) . f by A4, SCMFSA8C:58 ; ::_thesis: verum end; end; definition let s be State of SCM+FSA; let I be Program of SCM+FSA; let a be read-write Int-Location; let P be Instruction-Sequence of SCM+FSA; deffunc H1( Nat, Element of product (the_Values_of SCM+FSA)) -> set = Comput ((P +* (while>0 (a,I))),(Initialized $2),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized $2))) + 3)); deffunc H2( Nat, Element of product (the_Values_of SCM+FSA)) -> Element of product (the_Values_of SCM+FSA) = down H1($1,$2); func StepWhile>0 (a,P,s,I) -> Function of NAT,(product (the_Values_of SCM+FSA)) means :Def1: :: SCMISORT:def 1 ( it . 0 = s & ( for i being Nat holds it . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (it . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (it . i)))) + 3)) ) ); existence ex b1 being Function of NAT,(product (the_Values_of SCM+FSA)) st ( b1 . 0 = s & ( for i being Nat holds b1 . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (b1 . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (b1 . i)))) + 3)) ) ) proof reconsider ss = s as Element of product (the_Values_of SCM+FSA) by CARD_3:107; consider f being Function of NAT,(product (the_Values_of SCM+FSA)) such that A1: f . 0 = ss and A2: for i being Nat holds f . (i + 1) = H2(i,f . i) from NAT_1:sch_12(); take f ; ::_thesis: ( f . 0 = s & ( for i being Nat holds f . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (f . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (f . i)))) + 3)) ) ) thus f . 0 = s by A1; ::_thesis: for i being Nat holds f . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (f . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (f . i)))) + 3)) let i be Nat; ::_thesis: f . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (f . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (f . i)))) + 3)) f . (i + 1) = H2(i,f . i) by A2; hence f . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (f . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (f . i)))) + 3)) ; ::_thesis: verum end; uniqueness for b1, b2 being Function of NAT,(product (the_Values_of SCM+FSA)) st b1 . 0 = s & ( for i being Nat holds b1 . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (b1 . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (b1 . i)))) + 3)) ) & b2 . 0 = s & ( for i being Nat holds b2 . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (b2 . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (b2 . i)))) + 3)) ) holds b1 = b2 proof let F1, F2 be Function of NAT,(product (the_Values_of SCM+FSA)); ::_thesis: ( F1 . 0 = s & ( for i being Nat holds F1 . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (F1 . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (F1 . i)))) + 3)) ) & F2 . 0 = s & ( for i being Nat holds F2 . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (F2 . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (F2 . i)))) + 3)) ) implies F1 = F2 ) assume that A3: F1 . 0 = s and A4: for i being Nat holds F1 . (i + 1) = H1(i,F1 . i) and A5: F2 . 0 = s and A6: for i being Nat holds F2 . (i + 1) = H1(i,F2 . i) ; ::_thesis: F1 = F2 reconsider s = s as Element of product (the_Values_of SCM+FSA) by CARD_3:107; A7: F1 . 0 = s by A3; A8: for i being Nat holds F1 . (i + 1) = H2(i,F1 . i) by A4; A9: F2 . 0 = s by A5; A10: for i being Nat holds F2 . (i + 1) = H2(i,F2 . i) by A6; F1 = F2 from NAT_1:sch_16(A7, A8, A9, A10); hence F1 = F2 ; ::_thesis: verum end; end; :: deftheorem Def1 defines StepWhile>0 SCMISORT:def_1_:_ for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location for P being Instruction-Sequence of SCM+FSA for b5 being Function of NAT,(product (the_Values_of SCM+FSA)) holds ( b5 = StepWhile>0 (a,P,s,I) iff ( b5 . 0 = s & ( for i being Nat holds b5 . (i + 1) = Comput ((P +* (while>0 (a,I))),(Initialized (b5 . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized (b5 . i)))) + 3)) ) ) ); theorem :: SCMISORT:15 for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location for k being Element of NAT for P being Instruction-Sequence of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (k + 1) = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 proof let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location for k being Element of NAT for P being Instruction-Sequence of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (k + 1) = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location for k being Element of NAT for P being Instruction-Sequence of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (k + 1) = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 let a be read-write Int-Location; ::_thesis: for k being Element of NAT for P being Instruction-Sequence of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (k + 1) = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 let k be Element of NAT ; ::_thesis: for P being Instruction-Sequence of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (k + 1) = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 let P be Instruction-Sequence of SCM+FSA; ::_thesis: (StepWhile>0 (a,P,s,I)) . (k + 1) = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 set sk = (StepWhile>0 (a,P,s,I)) . k; set sk0 = (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 0; (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 0 = (StepWhile>0 (a,P,s,I)) . k by Def1; hence (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 0)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 0)))) + 3)) by Def1 .= (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . (0 + 1) by Def1 .= (StepWhile>0 (a,P,((StepWhile>0 (a,P,s,I)) . k),I)) . 1 ; ::_thesis: verum end; theorem Th16: :: SCMISORT:16 for P being Instruction-Sequence of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3)) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3)) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location for s being State of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3)) let a be read-write Int-Location; ::_thesis: for s being State of SCM+FSA holds (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3)) let s be State of SCM+FSA; ::_thesis: (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3)) A1: (StepWhile>0 (a,P,s,I)) . 0 = s by Def1; thus (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,s,I)) . 0)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . 0)))) + 3)) by Def1 .= Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3)) by A1 ; ::_thesis: verum end; theorem Th17: :: SCMISORT:17 for P being Instruction-Sequence of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA for k, n being Element of NAT st IC ((StepWhile>0 (a,P,s,I)) . k) = 0 & (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) & ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 holds ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA for k, n being Element of NAT st IC ((StepWhile>0 (a,P,s,I)) . k) = 0 & (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) & ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 holds ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location for s being State of SCM+FSA for k, n being Element of NAT st IC ((StepWhile>0 (a,P,s,I)) . k) = 0 & (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) & ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 holds ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) let a be read-write Int-Location; ::_thesis: for s being State of SCM+FSA for k, n being Element of NAT st IC ((StepWhile>0 (a,P,s,I)) . k) = 0 & (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) & ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 holds ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) let s be State of SCM+FSA; ::_thesis: for k, n being Element of NAT st IC ((StepWhile>0 (a,P,s,I)) . k) = 0 & (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) & ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 holds ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) let k, n be Element of NAT ; ::_thesis: ( IC ((StepWhile>0 (a,P,s,I)) . k) = 0 & (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) & ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 implies ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) ) set D = Data-Locations ; set s1 = Initialized s; set P1 = P +* (while>0 (a,I)); set sk = (StepWhile>0 (a,P,s,I)) . k; set s0k = Initialized ((StepWhile>0 (a,P,s,I)) . k); set s2 = Initialize (Initialized ((StepWhile>0 (a,P,s,I)) . k)); set s3 = Initialized ((StepWhile>0 (a,P,s,I)) . k); assume A1: IC ((StepWhile>0 (a,P,s,I)) . k) = 0 ; ::_thesis: ( not (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) or not ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 or ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) ) assume A2: (StepWhile>0 (a,P,s,I)) . k = Comput ((P +* (while>0 (a,I))),(Initialized s),n) ; ::_thesis: ( not ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 or ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) ) assume A3: ((StepWhile>0 (a,P,s,I)) . k) . (intloc 0) = 1 ; ::_thesis: ( (StepWhile>0 (a,P,s,I)) . k = Initialized ((StepWhile>0 (a,P,s,I)) . k) & (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) ) thus Initialized ((StepWhile>0 (a,P,s,I)) . k) = Initialized ((StepWhile>0 (a,P,s,I)) . k) .= (StepWhile>0 (a,P,s,I)) . k by A3, A1, SCMFSA_M:8 ; ::_thesis: (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) hence (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),((StepWhile>0 (a,P,s,I)) . k),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3)) by Def1 .= Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3))) by A2, EXTPRO_1:4 ; ::_thesis: verum end; theorem :: SCMISORT:18 for P being Instruction-Sequence of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st ex f being Function of (product (the_Values_of SCM+FSA)),NAT st for k being Element of NAT holds ( ( f . ((StepWhile>0 (a,P,s,I)) . k) <> 0 implies ( f . ((StepWhile>0 (a,P,s,I)) . (k + 1)) < f . ((StepWhile>0 (a,P,s,I)) . k) & I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) ) ) & ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 & ( f . ((StepWhile>0 (a,P,s,I)) . k) = 0 implies ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 ) & ( ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 implies f . ((StepWhile>0 (a,P,s,I)) . k) = 0 ) ) holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st ex f being Function of (product (the_Values_of SCM+FSA)),NAT st for k being Element of NAT holds ( ( f . ((StepWhile>0 (a,P,s,I)) . k) <> 0 implies ( f . ((StepWhile>0 (a,P,s,I)) . (k + 1)) < f . ((StepWhile>0 (a,P,s,I)) . k) & I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) ) ) & ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 & ( f . ((StepWhile>0 (a,P,s,I)) . k) = 0 implies ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 ) & ( ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 implies f . ((StepWhile>0 (a,P,s,I)) . k) = 0 ) ) holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location for s being State of SCM+FSA st ex f being Function of (product (the_Values_of SCM+FSA)),NAT st for k being Element of NAT holds ( ( f . ((StepWhile>0 (a,P,s,I)) . k) <> 0 implies ( f . ((StepWhile>0 (a,P,s,I)) . (k + 1)) < f . ((StepWhile>0 (a,P,s,I)) . k) & I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) ) ) & ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 & ( f . ((StepWhile>0 (a,P,s,I)) . k) = 0 implies ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 ) & ( ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 implies f . ((StepWhile>0 (a,P,s,I)) . k) = 0 ) ) holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) let a be read-write Int-Location; ::_thesis: for s being State of SCM+FSA st ex f being Function of (product (the_Values_of SCM+FSA)),NAT st for k being Element of NAT holds ( ( f . ((StepWhile>0 (a,P,s,I)) . k) <> 0 implies ( f . ((StepWhile>0 (a,P,s,I)) . (k + 1)) < f . ((StepWhile>0 (a,P,s,I)) . k) & I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) ) ) & ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 & ( f . ((StepWhile>0 (a,P,s,I)) . k) = 0 implies ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 ) & ( ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 implies f . ((StepWhile>0 (a,P,s,I)) . k) = 0 ) ) holds ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) let s be State of SCM+FSA; ::_thesis: ( ex f being Function of (product (the_Values_of SCM+FSA)),NAT st for k being Element of NAT holds ( ( f . ((StepWhile>0 (a,P,s,I)) . k) <> 0 implies ( f . ((StepWhile>0 (a,P,s,I)) . (k + 1)) < f . ((StepWhile>0 (a,P,s,I)) . k) & I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) ) ) & ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 & ( f . ((StepWhile>0 (a,P,s,I)) . k) = 0 implies ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 ) & ( ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 implies f . ((StepWhile>0 (a,P,s,I)) . k) = 0 ) ) implies ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) ) set D = Data-Locations ; given f being Function of (product (the_Values_of SCM+FSA)),NAT such that A1: for k being Element of NAT holds ( ( f . ((StepWhile>0 (a,P,s,I)) . k) <> 0 implies ( f . ((StepWhile>0 (a,P,s,I)) . (k + 1)) < f . ((StepWhile>0 (a,P,s,I)) . k) & I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) ) ) & ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 & ( f . ((StepWhile>0 (a,P,s,I)) . k) = 0 implies ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 ) & ( ((StepWhile>0 (a,P,s,I)) . k) . a <= 0 implies f . ((StepWhile>0 (a,P,s,I)) . k) = 0 ) ) ; ::_thesis: ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) set s1 = Initialized s; set P1 = P +* (while>0 (a,I)); A2: (P +* (while>0 (a,I))) +* (while>0 (a,I)) = P +* (while>0 (a,I)) ; deffunc H1( Nat) -> Element of NAT = f . ((StepWhile>0 (a,P,s,I)) . $1); A3: for k being Nat holds ( H1(k + 1) < H1(k) or H1(k) = 0 ) proof let k be Nat; ::_thesis: ( H1(k + 1) < H1(k) or H1(k) = 0 ) k in NAT by ORDINAL1:def_12; hence ( H1(k + 1) < H1(k) or H1(k) = 0 ) by A1; ::_thesis: verum end; consider m being Nat such that A4: H1(m) = 0 and A5: for n being Nat st H1(n) = 0 holds m <= n from NAT_1:sch_17(A3); reconsider m = m as Element of NAT by ORDINAL1:def_12; defpred S1[ Element of NAT ] means ( $1 + 1 <= m implies ex k being Element of NAT st (StepWhile>0 (a,P,s,I)) . ($1 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),k) ); A6: S1[ 0 ] proof assume 0 + 1 <= m ; ::_thesis: ex k being Element of NAT st (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),k) take n = (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3; ::_thesis: (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),n) thus (StepWhile>0 (a,P,s,I)) . (0 + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),n) by Th16; ::_thesis: verum end; A7: now__::_thesis:_for_i_being_Element_of_NAT_st_i_<_m_holds_ (_I_is_closed_onInit_(StepWhile>0_(a,P,s,I))_._i,P_+*_(while>0_(a,I))_&_I_is_halting_onInit_(StepWhile>0_(a,P,s,I))_._i,P_+*_(while>0_(a,I))_) let i be Element of NAT ; ::_thesis: ( i < m implies ( I is_closed_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) ) ) assume i < m ; ::_thesis: ( I is_closed_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) ) then H1(i) <> 0 by A5; hence ( I is_closed_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) & I is_halting_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) ) by A1; ::_thesis: verum end; A8: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A9: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_(_(k_+_1)_+_1_<=_m_implies_ex_m_being_Element_of_NAT_st_(StepWhile>0_(a,P,s,I))_._((k_+_1)_+_1)_=_Comput_((P_+*_(while>0_(a,I))),(Initialized_s),m)_) set sk = (StepWhile>0 (a,P,s,I)) . k; set sk1 = (StepWhile>0 (a,P,s,I)) . (k + 1); assume A10: (k + 1) + 1 <= m ; ::_thesis: ex m being Element of NAT st (StepWhile>0 (a,P,s,I)) . ((k + 1) + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),m) (k + 1) + 0 < (k + 1) + 1 by XREAL_1:6; then consider n being Element of NAT such that A11: (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),n) by A9, A10, XXREAL_0:2; A12: ((StepWhile>0 (a,P,s,I)) . (k + 1)) . (intloc 0) = 1 by A1; k + 0 < k + (1 + 1) by XREAL_1:6; then A13: k < m by A10, XXREAL_0:2; then A14: I is_halting_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) by A7; H1(k) <> 0 by A5, A13; then A15: ((StepWhile>0 (a,P,s,I)) . k) . a > 0 by A1; take m = n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . (k + 1))))) + 3); ::_thesis: (StepWhile>0 (a,P,s,I)) . ((k + 1) + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),m) A16: (P +* (while>0 (a,I))) +* (while>0 (a,I)) = P +* (while>0 (a,I)) ; A17: (StepWhile>0 (a,P,s,I)) . (k + 1) = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,s,I)) . k)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . k)))) + 3)) by Def1; I is_closed_onInit (StepWhile>0 (a,P,s,I)) . k,P +* (while>0 (a,I)) by A7, A13; then IC ((StepWhile>0 (a,P,s,I)) . (k + 1)) = 0 by A17, A14, A15, Th11, A16; then (StepWhile>0 (a,P,s,I)) . ((k + 1) + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),(n + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . (k + 1))))) + 3))) by A11, A12, Th17; hence (StepWhile>0 (a,P,s,I)) . ((k + 1) + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),m) ; ::_thesis: verum end; hence S1[k + 1] ; ::_thesis: verum end; A18: for k being Element of NAT holds S1[k] from NAT_1:sch_1(A6, A8); percases ( m = 0 or m <> 0 ) ; suppose m = 0 ; ::_thesis: ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) then ((StepWhile>0 (a,P,s,I)) . 0) . a <= 0 by A1, A4; then s . a <= 0 by Def1; hence ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) by Th8; ::_thesis: verum end; supposeA19: m <> 0 ; ::_thesis: ( while>0 (a,I) is_halting_onInit s,P & while>0 (a,I) is_closed_onInit s,P ) then consider i being Nat such that A20: m = i + 1 by NAT_1:6; reconsider i = i as Element of NAT by ORDINAL1:def_12; set si = (StepWhile>0 (a,P,s,I)) . i; set sm = (StepWhile>0 (a,P,s,I)) . m; set sm1 = Initialized ((StepWhile>0 (a,P,s,I)) . m); set sm2 = Initialize ((StepWhile>0 (a,P,s,I)) . m); A21: i < m by A20, XREAL_1:29; then A22: I is_closed_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) by A7; i < m by A20, NAT_1:13; then H1(i) <> 0 by A5; then A23: ((StepWhile>0 (a,P,s,I)) . i) . a > 0 by A1; A24: I is_halting_onInit (StepWhile>0 (a,P,s,I)) . i,P +* (while>0 (a,I)) by A7, A21; (StepWhile>0 (a,P,s,I)) . m = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,s,I)) . i)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . i)))) + 3)) by A20, Def1; then IC ((StepWhile>0 (a,P,s,I)) . m) = 0 by A22, A24, A23, Th11, A2; then A25: Start-At (0,SCM+FSA) c= (StepWhile>0 (a,P,s,I)) . m by MEMSTR_0:30; ((StepWhile>0 (a,P,s,I)) . (i + 1)) . (intloc 0) = 1 by A1; then A26: Initialized ((StepWhile>0 (a,P,s,I)) . m) = Initialize ((StepWhile>0 (a,P,s,I)) . m) by A20, SCMFSA_M:18; set p = (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3; m = i + 1 by A20; then consider n being Element of NAT such that A27: (StepWhile>0 (a,P,s,I)) . m = Comput ((P +* (while>0 (a,I))),(Initialized s),n) by A18; A28: Initialized ((StepWhile>0 (a,P,s,I)) . m) = (StepWhile>0 (a,P,s,I)) . m by A26, A25, FUNCT_4:98; A29: ((StepWhile>0 (a,P,s,I)) . m) . a <= 0 by A1, A4; then while>0 (a,I) is_halting_onInit (StepWhile>0 (a,P,s,I)) . m,P +* (while>0 (a,I)) by Th8; then P +* (while>0 (a,I)) halts_on Initialized ((StepWhile>0 (a,P,s,I)) . m) by A2, SCM_HALT:def_5; then consider j being Element of NAT such that A30: CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),((StepWhile>0 (a,P,s,I)) . m),j))) = halt SCM+FSA by A28, EXTPRO_1:29; A31: Comput ((P +* (while>0 (a,I))),(Initialized s),(j + n)) = Comput ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),n)),j) by EXTPRO_1:4; P +* (while>0 (a,I)) halts_on Initialized s by A27, A30, A31, EXTPRO_1:29; hence while>0 (a,I) is_halting_onInit s,P by SCM_HALT:def_5; ::_thesis: while>0 (a,I) is_closed_onInit s,P now__::_thesis:_for_q_being_Element_of_NAT_holds_IC_(Comput_((P_+*_(while>0_(a,I))),(Initialized_s),q))_in_dom_(while>0_(a,I)) let q be Element of NAT ; ::_thesis: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),b1)) in dom (while>0 (a,I)) percases ( q <= (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3 or q > (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3 ) ; supposeA32: q <= (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3 ; ::_thesis: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),b1)) in dom (while>0 (a,I)) A33: (StepWhile>0 (a,P,s,I)) . 0 = s by Def1; then A34: I is_halting_onInit s,P +* (while>0 (a,I)) by A7, A19; H1( 0 ) <> 0 by A5, A19; then A35: s . a > 0 by A1, A33; I is_closed_onInit s,P +* (while>0 (a,I)) by A7, A19, A33; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),q)) in dom (while>0 (a,I)) by A32, A35, A34, Th11, A2; ::_thesis: verum end; supposeA36: q > (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3 ; ::_thesis: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),b1)) in dom (while>0 (a,I)) A37: now__::_thesis:_ex_k_being_Element_of_NAT_st_ (_(StepWhile>0_(a,P,s,I))_._1_=_Comput_((P_+*_(while>0_(a,I))),(Initialized_s),k)_&_k_<=_q_) take k = (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized s))) + 3; ::_thesis: ( (StepWhile>0 (a,P,s,I)) . 1 = Comput ((P +* (while>0 (a,I))),(Initialized s),k) & k <= q ) thus ( (StepWhile>0 (a,P,s,I)) . 1 = Comput ((P +* (while>0 (a,I))),(Initialized s),k) & k <= q ) by A36, Th16; ::_thesis: verum end; defpred S2[ Nat] means ( $1 <= m & $1 <> 0 & ex k being Element of NAT st ( (StepWhile>0 (a,P,s,I)) . $1 = Comput ((P +* (while>0 (a,I))),(Initialized s),k) & k <= q ) ); A38: for i being Nat st S2[i] holds i <= m ; 0 + 1 < m + 1 by A19, XREAL_1:6; then 1 <= m by NAT_1:13; then A39: ex t being Nat st S2[t] by A37; consider t being Nat such that A40: ( S2[t] & ( for i being Nat st S2[i] holds i <= t ) ) from NAT_1:sch_6(A38, A39); reconsider t = t as Element of NAT by ORDINAL1:def_12; now__::_thesis:_IC_(Comput_((P_+*_(while>0_(a,I))),(Initialized_s),q))_in_dom_(while>0_(a,I)) percases ( t = m or t <> m ) ; suppose t = m ; ::_thesis: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),q)) in dom (while>0 (a,I)) then consider r being Element of NAT such that A41: (StepWhile>0 (a,P,s,I)) . m = Comput ((P +* (while>0 (a,I))),(Initialized s),r) and A42: r <= q by A40; consider x being Nat such that A43: q = r + x by A42, NAT_1:10; A44: while>0 (a,I) is_closed_onInit (StepWhile>0 (a,P,s,I)) . m,P +* (while>0 (a,I)) by A29, Th8; reconsider x = x as Element of NAT by ORDINAL1:def_12; Comput ((P +* (while>0 (a,I))),(Initialized s),q) = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,s,I)) . m)),x) by A28, A41, A43, EXTPRO_1:4; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),q)) in dom (while>0 (a,I)) by A44, A2, SCM_HALT:def_4; ::_thesis: verum end; supposeA45: t <> m ; ::_thesis: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),q)) in dom (while>0 (a,I)) set Dt = (StepWhile>0 (a,P,s,I)) . t; A46: t < m by A40, A45, XXREAL_0:1; then A47: I is_closed_onInit (StepWhile>0 (a,P,s,I)) . t,P +* (while>0 (a,I)) by A7; A48: I is_halting_onInit (StepWhile>0 (a,P,s,I)) . t,P +* (while>0 (a,I)) by A7, A46; consider y being Nat such that A49: t = y + 1 by A40, NAT_1:6; reconsider y = y as Element of NAT by ORDINAL1:def_12; t = y + 1 by A49; then A50: ((StepWhile>0 (a,P,s,I)) . t) . (intloc 0) = 1 by A1; H1(t) <> 0 by A5, A46; then A51: ((StepWhile>0 (a,P,s,I)) . t) . a > 0 by A1; consider z being Element of NAT such that A52: (StepWhile>0 (a,P,s,I)) . t = Comput ((P +* (while>0 (a,I))),(Initialized s),z) and A53: z <= q by A40; set z2 = z + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . t)))) + 3); consider w being Nat such that A54: q = z + w by A53, NAT_1:10; set Dy = (StepWhile>0 (a,P,s,I)) . y; y + 0 < t by A49, XREAL_1:6; then A55: y < m by A40, XXREAL_0:2; then A56: I is_closed_onInit (StepWhile>0 (a,P,s,I)) . y,P +* (while>0 (a,I)) by A7; H1(y) <> 0 by A5, A55; then A57: ((StepWhile>0 (a,P,s,I)) . y) . a > 0 by A1; A58: I is_halting_onInit (StepWhile>0 (a,P,s,I)) . y,P +* (while>0 (a,I)) by A7, A55; reconsider w = w as Element of NAT by ORDINAL1:def_12; (StepWhile>0 (a,P,s,I)) . t = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,s,I)) . y)),((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . y)))) + 3)) by A49, Def1; then A59: IC ((StepWhile>0 (a,P,s,I)) . t) = 0 by A56, A58, A57, Th11, A2; A60: (StepWhile>0 (a,P,s,I)) . t = Initialized ((StepWhile>0 (a,P,s,I)) . t) by A50, A52, A59, Th17; now__::_thesis:_not_z_+_((LifeSpan_(((P_+*_(while>0_(a,I)))_+*_I),(Initialized_((StepWhile>0_(a,P,s,I))_._t))))_+_3)_<=_q assume A61: z + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . t)))) + 3) <= q ; ::_thesis: contradiction A62: now__::_thesis:_ex_k_being_Element_of_NAT_st_ (_(StepWhile>0_(a,P,s,I))_._(t_+_1)_=_Comput_((P_+*_(while>0_(a,I))),(Initialized_s),k)_&_k_<=_q_) take k = z + ((LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . t)))) + 3); ::_thesis: ( (StepWhile>0 (a,P,s,I)) . (t + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),k) & k <= q ) thus (StepWhile>0 (a,P,s,I)) . (t + 1) = Comput ((P +* (while>0 (a,I))),(Initialized s),k) by A50, A52, A59, Th17; ::_thesis: k <= q thus k <= q by A61; ::_thesis: verum end; t + 1 <= m by A46, NAT_1:13; hence contradiction by A40, A62, XREAL_1:29; ::_thesis: verum end; then A63: w < (LifeSpan (((P +* (while>0 (a,I))) +* I),(Initialized ((StepWhile>0 (a,P,s,I)) . t)))) + 3 by A54, XREAL_1:6; Comput ((P +* (while>0 (a,I))),(Initialized s),q) = Comput ((P +* (while>0 (a,I))),(Initialized ((StepWhile>0 (a,P,s,I)) . t)),w) by A60, A52, A54, EXTPRO_1:4; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),q)) in dom (while>0 (a,I)) by A63, A47, A48, A51, Th11, A2; ::_thesis: verum end; end; end; hence IC (Comput ((P +* (while>0 (a,I))),(Initialized s),q)) in dom (while>0 (a,I)) ; ::_thesis: verum end; end; end; hence while>0 (a,I) is_closed_onInit s,P by SCM_HALT:def_4; ::_thesis: verum end; end; end; theorem Th19: :: SCMISORT:19 for I being InitHalting good Program of SCM+FSA for a being read-write Int-Location st ( for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . a > 0 holds (IExec (I,P,s)) . a < s . a ) holds while>0 (a,I) is InitHalting proof let I be InitHalting good Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st ( for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . a > 0 holds (IExec (I,P,s)) . a < s . a ) holds while>0 (a,I) is InitHalting let a be read-write Int-Location; ::_thesis: ( ( for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . a > 0 holds (IExec (I,P,s)) . a < s . a ) implies while>0 (a,I) is InitHalting ) set D = Data-Locations ; defpred S1[ Element of NAT ] means for t being State of SCM+FSA for Q being Instruction-Sequence of SCM+FSA st t . a <= $1 holds while>0 (a,I) is_halting_onInit t,Q; assume A1: for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . a > 0 holds (IExec (I,P,s)) . a < s . a ; ::_thesis: while>0 (a,I) is InitHalting A2: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A3: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_for_t_being_State_of_SCM+FSA for_Q_being_Instruction-Sequence_of_SCM+FSA_st_t_._a_<=_k_+_1_holds_ while>0_(a,I)_is_halting_onInit_t,Q let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st t . a <= k + 1 holds while>0 (a,I) is_halting_onInit b2,b3 let Q be Instruction-Sequence of SCM+FSA; ::_thesis: ( t . a <= k + 1 implies while>0 (a,I) is_halting_onInit b1,b2 ) assume A4: t . a <= k + 1 ; ::_thesis: while>0 (a,I) is_halting_onInit b1,b2 percases ( t . a <> k + 1 or t . a = k + 1 ) ; suppose t . a <> k + 1 ; ::_thesis: while>0 (a,I) is_halting_onInit b1,b2 then t . a < k + 1 by A4, XXREAL_0:1; hence while>0 (a,I) is_halting_onInit t,Q by A3, INT_1:7; ::_thesis: verum end; supposeA5: t . a = k + 1 ; ::_thesis: while>0 (a,I) is_halting_onInit b1,b2 set l0 = intloc 0; set tW0 = Initialized t; set QW = Q +* (while>0 (a,I)); set t1 = Initialized t; set Q1 = Q +* I; set Wt = Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3)); set A = NAT ; set It = Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t)))); A6: I is_halting_onInit t,Q by SCM_HALT:26; then Q +* I halts_on Initialized t by SCM_HALT:def_5; then A7: Q +* I halts_on Initialized t ; A8: I is_closed_onInit t,Q by SCM_HALT:25; then A9: DataPart (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = DataPart (Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t))))) by A5, A6, Th13; then A10: (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) . (intloc 0) = (Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t))))) . (intloc 0) by SCMFSA_M:2 .= (Result ((Q +* I),(Initialized t))) . (intloc 0) by A7, EXTPRO_1:23 .= (Result ((Q +* I),(Initialized t))) . (intloc 0) .= (IExec (I,Q,t)) . (intloc 0) by SCMFSA6B:def_1 .= 1 by SCM_HALT:9 ; (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) . a = (Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t))))) . a by A9, SCMFSA_M:2 .= (Result ((Q +* I),(Initialized t))) . a by A7, EXTPRO_1:23 .= (Result ((Q +* I),(Initialized t))) . a .= (IExec (I,Q,t)) . a by SCMFSA6B:def_1 ; then (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) . a < k + 1 by A1, A5; then while>0 (a,I) is_halting_onInit Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3)),Q +* (while>0 (a,I)) by A3, INT_1:7; then (Q +* (while>0 (a,I))) +* (while>0 (a,I)) halts_on Initialized (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) by SCM_HALT:def_5; then A11: (Q +* (while>0 (a,I))) +* (while>0 (a,I)) halts_on Initialized (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) ; IC (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = 0 by A5, A8, A6, Th13; then A12: Initialized (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3)) by A10, SCMFSA_M:8; now__::_thesis:_ex_mm_being_Element_of_NAT_st_CurInstr_((Q_+*_(while>0_(a,I))),(Comput_((Q_+*_(while>0_(a,I))),(Initialized_t),mm)))_=_halt_SCM+FSA consider m being Element of NAT such that A13: CurInstr ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))),m))) = halt SCM+FSA by A12, A11, EXTPRO_1:29; take mm = ((LifeSpan ((Q +* I),(Initialized t))) + 3) + m; ::_thesis: CurInstr ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Initialized t),mm))) = halt SCM+FSA thus CurInstr ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Initialized t),mm))) = halt SCM+FSA by A13, EXTPRO_1:4; ::_thesis: verum end; then Q +* (while>0 (a,I)) halts_on Initialized t by EXTPRO_1:29; then Q +* (while>0 (a,I)) halts_on Initialized t ; hence while>0 (a,I) is_halting_onInit t,Q by SCM_HALT:def_5; ::_thesis: verum end; end; end; hence S1[k + 1] ; ::_thesis: verum end; A14: S1[ 0 ] by Th8; A15: for k being Element of NAT holds S1[k] from NAT_1:sch_1(A14, A2); now__::_thesis:_for_t_being_State_of_SCM+FSA for_Q_being_Instruction-Sequence_of_SCM+FSA_holds_while>0_(a,I)_is_halting_onInit_t,Q let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit Q,b2 percases ( t . a <= 0 or t . a > 0 ) ; suppose t . a <= 0 ; ::_thesis: for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit Q,b2 hence for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit t,Q by Th8; ::_thesis: verum end; suppose t . a > 0 ; ::_thesis: for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit Q,b2 then reconsider n = t . a as Element of NAT by INT_1:3; S1[n] by A15; hence for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit t,Q ; ::_thesis: verum end; end; end; hence while>0 (a,I) is InitHalting by SCM_HALT:26; ::_thesis: verum end; theorem Th20: :: SCMISORT:20 for I being InitHalting good Program of SCM+FSA for a being read-write Int-Location st ( for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( (IExec (I,P,s)) . a < s . a or (IExec (I,P,s)) . a <= 0 ) ) holds while>0 (a,I) is InitHalting proof let I be InitHalting good Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st ( for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( (IExec (I,P,s)) . a < s . a or (IExec (I,P,s)) . a <= 0 ) ) holds while>0 (a,I) is InitHalting let a be read-write Int-Location; ::_thesis: ( ( for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( (IExec (I,P,s)) . a < s . a or (IExec (I,P,s)) . a <= 0 ) ) implies while>0 (a,I) is InitHalting ) assume A1: for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( (IExec (I,P,s)) . a < s . a or (IExec (I,P,s)) . a <= 0 ) ; ::_thesis: while>0 (a,I) is InitHalting now__::_thesis:_for_t_being_State_of_SCM+FSA for_Q_being_Instruction-Sequence_of_SCM+FSA_st_t_._a_>_0_holds_ (IExec_(I,Q,t))_._a_<_t_._a let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st t . a > 0 holds (IExec (I,b3,b2)) . a < b2 . a let Q be Instruction-Sequence of SCM+FSA; ::_thesis: ( t . a > 0 implies (IExec (I,b2,b1)) . a < b1 . a ) assume A2: t . a > 0 ; ::_thesis: (IExec (I,b2,b1)) . a < b1 . a percases ( (IExec (I,Q,t)) . a < t . a or (IExec (I,Q,t)) . a <= 0 ) by A1; suppose (IExec (I,Q,t)) . a < t . a ; ::_thesis: (IExec (I,b2,b1)) . a < b1 . a hence (IExec (I,Q,t)) . a < t . a ; ::_thesis: verum end; suppose (IExec (I,Q,t)) . a <= 0 ; ::_thesis: (IExec (I,b2,b1)) . a < b1 . a hence (IExec (I,Q,t)) . a < t . a by A2; ::_thesis: verum end; end; end; hence while>0 (a,I) is InitHalting by Th19; ::_thesis: verum end; theorem :: SCMISORT:21 for I being InitHalting good Program of SCM+FSA for a being read-write Int-Location st ex f being Function of (product (the_Values_of SCM+FSA)),INT st for s, t being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( ( f . s > 0 implies f . (IExec (I,P,s)) < f . s ) & ( DataPart s = DataPart t implies f . s = f . t ) & ( f . s <= 0 implies s . a <= 0 ) & ( s . a <= 0 implies f . s <= 0 ) ) holds while>0 (a,I) is InitHalting proof let I be InitHalting good Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st ex f being Function of (product (the_Values_of SCM+FSA)),INT st for s, t being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( ( f . s > 0 implies f . (IExec (I,P,s)) < f . s ) & ( DataPart s = DataPart t implies f . s = f . t ) & ( f . s <= 0 implies s . a <= 0 ) & ( s . a <= 0 implies f . s <= 0 ) ) holds while>0 (a,I) is InitHalting let a be read-write Int-Location; ::_thesis: ( ex f being Function of (product (the_Values_of SCM+FSA)),INT st for s, t being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( ( f . s > 0 implies f . (IExec (I,P,s)) < f . s ) & ( DataPart s = DataPart t implies f . s = f . t ) & ( f . s <= 0 implies s . a <= 0 ) & ( s . a <= 0 implies f . s <= 0 ) ) implies while>0 (a,I) is InitHalting ) set D = Data-Locations ; given f being Function of (product (the_Values_of SCM+FSA)),INT such that A1: for s, t being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( ( f . s > 0 implies f . (IExec (I,P,s)) < f . s ) & ( DataPart s = DataPart t implies f . s = f . t ) & ( f . s <= 0 implies s . a <= 0 ) & ( s . a <= 0 implies f . s <= 0 ) ) ; ::_thesis: while>0 (a,I) is InitHalting defpred S1[ Element of NAT ] means for t being State of SCM+FSA for Q being Instruction-Sequence of SCM+FSA st f . t <= $1 holds while>0 (a,I) is_halting_onInit t,Q; A2: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A3: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_for_t_being_State_of_SCM+FSA for_Q_being_Instruction-Sequence_of_SCM+FSA_st_f_._t_<=_k_+_1_holds_ while>0_(a,I)_is_halting_onInit_t,Q let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st f . t <= k + 1 holds while>0 (a,I) is_halting_onInit b2,b3 let Q be Instruction-Sequence of SCM+FSA; ::_thesis: ( f . t <= k + 1 implies while>0 (a,I) is_halting_onInit b1,b2 ) assume A4: f . t <= k + 1 ; ::_thesis: while>0 (a,I) is_halting_onInit b1,b2 percases ( f . t <> k + 1 or f . t = k + 1 ) ; suppose f . t <> k + 1 ; ::_thesis: while>0 (a,I) is_halting_onInit b1,b2 then f . t < k + 1 by A4, XXREAL_0:1; hence while>0 (a,I) is_halting_onInit t,Q by A3, INT_1:7; ::_thesis: verum end; supposeA5: f . t = k + 1 ; ::_thesis: while>0 (a,I) is_halting_onInit b1,b2 set l0 = intloc 0; set tW0 = Initialized t; set QW = Q +* (while>0 (a,I)); set t1 = Initialized t; set Q1 = Q +* I; set Wt = Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3)); set It = Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t)))); A6: I is_closed_onInit t,Q by SCM_HALT:25; A7: I is_halting_onInit t,Q by SCM_HALT:26; then A8: Q +* I halts_on Initialized t by SCM_HALT:def_5; A9: not t . a <= 0 by A1, A5; then A10: DataPart (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = DataPart (Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t))))) by A6, A7, Th13; then A11: (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) . (intloc 0) = (Comput ((Q +* I),(Initialized t),(LifeSpan ((Q +* I),(Initialized t))))) . (intloc 0) by SCMFSA_M:2 .= (Result ((Q +* I),(Initialized t))) . (intloc 0) by A8, EXTPRO_1:23 .= (Result ((Q +* I),(Initialized t))) . (intloc 0) .= (IExec (I,Q,t)) . (intloc 0) by SCMFSA6B:def_1 .= 1 by SCM_HALT:9 ; DataPart (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = DataPart (Result ((Q +* I),(Initialized t))) by A10, A8, EXTPRO_1:23 .= DataPart (Result ((Q +* I),(Initialized t))) .= DataPart (IExec (I,Q,t)) by SCMFSA6B:def_1 ; then f . (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = f . (IExec (I,Q,t)) by A1; then f . (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) < k + 1 by A1, A5; then while>0 (a,I) is_halting_onInit Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3)),Q +* (while>0 (a,I)) by A3, INT_1:7; then A12: (Q +* (while>0 (a,I))) +* (while>0 (a,I)) halts_on Initialized (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) by SCM_HALT:def_5; IC (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = 0 by A9, A6, A7, Th13; then A13: Initialized (Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))) = Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3)) by A11, SCMFSA_M:8; now__::_thesis:_ex_mm_being_Element_of_NAT_st_CurInstr_((Q_+*_(while>0_(a,I))),(Comput_((Q_+*_(while>0_(a,I))),(Initialized_t),mm)))_=_halt_SCM+FSA consider m being Element of NAT such that A14: CurInstr ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Initialized t),((LifeSpan ((Q +* I),(Initialized t))) + 3))),m))) = halt SCM+FSA by A13, A12, EXTPRO_1:29; take mm = ((LifeSpan ((Q +* I),(Initialized t))) + 3) + m; ::_thesis: CurInstr ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Initialized t),mm))) = halt SCM+FSA thus CurInstr ((Q +* (while>0 (a,I))),(Comput ((Q +* (while>0 (a,I))),(Initialized t),mm))) = halt SCM+FSA by A14, EXTPRO_1:4; ::_thesis: verum end; then Q +* (while>0 (a,I)) halts_on Initialized t by EXTPRO_1:29; hence while>0 (a,I) is_halting_onInit t,Q by SCM_HALT:def_5; ::_thesis: verum end; end; end; hence S1[k + 1] ; ::_thesis: verum end; A15: S1[ 0 ] proof let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st f . t <= 0 holds while>0 (a,I) is_halting_onInit t,Q let Q be Instruction-Sequence of SCM+FSA; ::_thesis: ( f . t <= 0 implies while>0 (a,I) is_halting_onInit t,Q ) assume f . t <= 0 ; ::_thesis: while>0 (a,I) is_halting_onInit t,Q then t . a <= 0 by A1; hence while>0 (a,I) is_halting_onInit t,Q by Th8; ::_thesis: verum end; A16: for k being Element of NAT holds S1[k] from NAT_1:sch_1(A15, A2); now__::_thesis:_for_t_being_State_of_SCM+FSA for_Q_being_Instruction-Sequence_of_SCM+FSA_holds_while>0_(a,I)_is_halting_onInit_t,Q let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit Q,b2 percases ( f . t <= 0 or f . t > 0 ) ; suppose f . t <= 0 ; ::_thesis: for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit Q,b2 then t . a <= 0 by A1; hence for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit t,Q by Th8; ::_thesis: verum end; suppose f . t > 0 ; ::_thesis: for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit Q,b2 then reconsider n = f . t as Element of NAT by INT_1:3; S1[n] by A16; hence for Q being Instruction-Sequence of SCM+FSA holds while>0 (a,I) is_halting_onInit t,Q ; ::_thesis: verum end; end; end; hence while>0 (a,I) is InitHalting by SCM_HALT:26; ::_thesis: verum end; theorem Th22: :: SCMISORT:22 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Initialized s) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Initialized s) let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for a being read-write Int-Location st s . a <= 0 holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Initialized s) let I be Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a <= 0 holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Initialized s) let a be read-write Int-Location; ::_thesis: ( s . a <= 0 implies DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Initialized s) ) set D = Data-Locations ; set Is = Initialized s; set s1 = Initialize (Initialized s); set P1 = P +* (while>0 (a,I)); A1: while>0 (a,I) c= P +* (while>0 (a,I)) by FUNCT_4:25; set s2 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1); set s3 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2); set s4 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3); set s5 = Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4); set i = a >0_goto 4; A2: 1 in dom (while>0 (a,I)) by SCMFSA_9:10; A3: (P +* (while>0 (a,I))) . 1 = (while>0 (a,I)) . 1 by A2, A1, GRFUNC_1:2 .= goto 2 by SCMFSA_9:11 ; IC in dom (Start-At (0,SCM+FSA)) by MEMSTR_0:15; then A4: IC (Initialize (Initialized s)) = IC (Start-At (0,SCM+FSA)) by FUNCT_4:13 .= 0 by FUNCOP_1:72 ; 0 in dom (while>0 (a,I)) by SCMFSA_9:10; then A5: (P +* (while>0 (a,I))) . 0 = (while>0 (a,I)) . 0 by A1, GRFUNC_1:2 .= a >0_goto 4 by SCMFSA_9:11 ; then A6: CurInstr ((P +* (while>0 (a,I))),(Initialize (Initialized s))) = a >0_goto 4 by A4, PBOOLE:143; A7: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(0 + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),0))) by EXTPRO_1:3 .= Following ((P +* (while>0 (a,I))),(Initialize (Initialized s))) .= Exec ((a >0_goto 4),(Initialize (Initialized s))) by A4, A5, PBOOLE:143 ; set loc5 = (card I) + 5; A8: 2 in dom (while>0 (a,I)) by SCMFSA_9:32; A9: (P +* (while>0 (a,I))) . 2 = (while>0 (a,I)) . 2 by A8, A1, GRFUNC_1:2 .= goto 3 by SCMFSA_9:36 ; A10: (card I) + 5 in dom (while>0 (a,I)) by SCMFSA_9:33; not a in dom (Start-At (0,SCM+FSA)) by SCMFSA_2:102; then A11: (Initialize (Initialized s)) . a = (Initialized s) . a by FUNCT_4:11; A12: 3 in dom (while>0 (a,I)) by SCMFSA_9:32; assume s . a <= 0 ; ::_thesis: DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Initialized s) then (Initialized s) . a <= 0 by SCMFSA_M:37; then A13: IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1)) = succ 0 by A4, A7, A11, SCMFSA_2:71 .= 0 + 1 ; A14: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(1 + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1))) by EXTPRO_1:3 .= Exec ((goto 2),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1))) by A13, A3, PBOOLE:143 ; then A15: IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2)) = 2 by SCMFSA_2:69; A16: (P +* (while>0 (a,I))) /. (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2))) = (P +* (while>0 (a,I))) . (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2))) by PBOOLE:143; A17: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(2 + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2))) by EXTPRO_1:3 .= Exec ((goto 3),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2))) by A14, A9, A16, SCMFSA_2:69 ; A18: (P +* (while>0 (a,I))) . 3 = (while>0 (a,I)) . 3 by A12, A1, GRFUNC_1:2 .= goto ((card I) + 5) by SCMFSA_9:35 ; A19: (P +* (while>0 (a,I))) /. (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) = (P +* (while>0 (a,I))) . (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) by PBOOLE:143; A20: Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),(3 + 1)) = Following ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) by EXTPRO_1:3 .= Exec ((goto ((card I) + 5)),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) by A17, A18, A19, SCMFSA_2:69 ; A21: (P +* (while>0 (a,I))) /. (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4))) = (P +* (while>0 (a,I))) . (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4))) by PBOOLE:143; (P +* (while>0 (a,I))) . ((card I) + 5) = (while>0 (a,I)) . ((card I) + 5) by A10, A1, GRFUNC_1:2 .= halt SCM+FSA by SCMFSA_9:34 ; then A22: CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4))) = halt SCM+FSA by A20, A21, SCMFSA_2:69; then A23: P +* (while>0 (a,I)) halts_on Initialize (Initialized s) by EXTPRO_1:29; A24: (P +* (while>0 (a,I))) /. (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) = (P +* (while>0 (a,I))) . (IC (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) by PBOOLE:143; A25: CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3))) = goto ((card I) + 5) by A17, A18, A24, SCMFSA_2:69; now__::_thesis:_for_k_being_Element_of_NAT_st_CurInstr_((P_+*_(while>0_(a,I))),(Comput_((P_+*_(while>0_(a,I))),(Initialize_(Initialized_s)),k)))_=_halt_SCM+FSA_holds_ 3_+_1_<=_k let k be Element of NAT ; ::_thesis: ( CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),k))) = halt SCM+FSA implies 3 + 1 <= k ) assume A26: CurInstr ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),k))) = halt SCM+FSA ; ::_thesis: 3 + 1 <= k then A27: k <> 2 by A15, A9, PBOOLE:143; A28: k <> 0 by A26, A6, EXTPRO_1:2; A29: k <> 1 by A13, A3, A26, PBOOLE:143; 3 < k by A28, A27, A29, A25, A26, NAT_1:27; hence 3 + 1 <= k by INT_1:7; ::_thesis: verum end; then A30: LifeSpan ((P +* (while>0 (a,I))),(Initialize (Initialized s))) = 4 by A22, A23, EXTPRO_1:def_15; A31: Initialized (Initialized s) = Initialize (Initialized (Initialized s)) by MEMSTR_0:44 .= Initialize (Initialized s) ; A32: Initialize (Initialized s) = Initialized s by A31; A33: now__::_thesis:_for_a_being_Int-Location_holds_(Initialized_s)_._a_=_(Comput_((P_+*_(while>0_(a,I))),(Initialize_(Initialized_s)),4))_._a let a be Int-Location; ::_thesis: (Initialized s) . a = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4)) . a thus (Initialized s) . a = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1)) . a by A7, A32, SCMFSA_2:71 .= (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2)) . a by A14, SCMFSA_2:69 .= (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3)) . a by A17, SCMFSA_2:69 .= (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4)) . a by A20, SCMFSA_2:69 ; ::_thesis: verum end; A34: now__::_thesis:_for_f_being_FinSeq-Location_holds_(Initialized_s)_._f_=_(Comput_((P_+*_(while>0_(a,I))),(Initialize_(Initialized_s)),4))_._f let f be FinSeq-Location ; ::_thesis: (Initialized s) . f = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4)) . f thus (Initialized s) . f = (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),1)) . f by A7, A32, SCMFSA_2:71 .= (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),2)) . f by A14, SCMFSA_2:69 .= (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),3)) . f by A17, SCMFSA_2:69 .= (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4)) . f by A20, SCMFSA_2:69 ; ::_thesis: verum end; thus DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(Initialized s))) by SCMFSA8C:3 .= DataPart (Result ((P +* (while>0 (a,I))),(Initialized (Initialized s)))) by SCMFSA6B:def_1 .= DataPart (Result ((P +* (while>0 (a,I))),(Initialize (Initialized s)))) by A31 .= DataPart (Comput ((P +* (while>0 (a,I))),(Initialize (Initialized s)),4)) by A23, A30, EXTPRO_1:23 .= DataPart (Initialized s) by A33, A34, SCMFSA_M:2 ; ::_thesis: verum end; theorem Th23: :: SCMISORT:23 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting good Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting good Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) let s be State of SCM+FSA; ::_thesis: for I being InitHalting good Program of SCM+FSA for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) let I be InitHalting good Program of SCM+FSA; ::_thesis: for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) let a be read-write Int-Location; ::_thesis: ( s . a > 0 & while>0 (a,I) is InitHalting implies DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) ) set D = Data-Locations ; assume that A1: s . a > 0 and A2: while>0 (a,I) is InitHalting ; ::_thesis: DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) set sI = Initialized s; set PI = P +* I; set PW = P +* (while>0 (a,I)); set s3 = Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))); set P3 = (P +* I) +* (while>0 (a,I)); set m1 = LifeSpan ((P +* I),(Initialized s)); set m3 = LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))); A3: I c= P +* I by FUNCT_4:25; A4: while>0 (a,I) c= (P +* I) +* (while>0 (a,I)) by FUNCT_4:25; A5: while>0 (a,I) c= P +* (while>0 (a,I)) by FUNCT_4:25; Initialize ((intloc 0) .--> 1) c= Initialized s by SCMFSA_M:13; then A6: P +* (while>0 (a,I)) halts_on Initialized s by A2, A5, SCM_HALT:def_2; set mW = LifeSpan ((P +* (while>0 (a,I))),(Initialized s)); A7: Initialize ((intloc 0) .--> 1) c= Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) by SCMFSA_M:13; then A8: (P +* I) +* (while>0 (a,I)) halts_on Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) by A2, A4, SCM_HALT:def_2; A9: DataPart (Comput ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))),((LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))) + (LifeSpan ((P +* (while>0 (a,I))),(Initialized s)))))) = DataPart (Comput (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))),(LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))))) proof reconsider Wg = while>0 (a,I) as InitHalting good Program of SCM+FSA by A2; set Cm3 = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)); A10: I is_halting_onInit s,P by SCM_HALT:26; A11: I is_closed_onInit s,P by SCM_HALT:25; then A12: IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = 0 by A1, A10, Th13; A13: DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) by A1, A11, A10, Th13 .= DataPart (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) ; A14: now__::_thesis:_for_f_being_FinSeq-Location_holds_(Initialized_(Comput_((P_+*_I),(Initialized_s),(LifeSpan_((P_+*_I),(Initialized_s))))))_._f_=_(Comput_((P_+*_(while>0_(a,I))),(Initialized_s),((LifeSpan_((P_+*_I),(Initialized_s)))_+_3)))_._f let f be FinSeq-Location ; ::_thesis: (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . f = (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . f A15: dom (Initialize ((intloc 0) .--> 1)) = {(intloc 0),(IC )} by SCMFSA_M:11; ( f <> intloc 0 & f <> IC ) by SCMFSA_2:57, SCMFSA_2:58; then not f in dom (Initialize ((intloc 0) .--> 1)) by A15, TARSKI:def_2; hence (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . f = (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) . f by FUNCT_4:11 .= (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . f by A13, SCMFSA_M:2 ; ::_thesis: verum end; A16: Initialize ((intloc 0) .--> 1) c= Initialized s by SCMFSA_M:13; A17: (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . (intloc 0) = 1 by A16, A5, A2, SCM_HALT:def_3; A18: now__::_thesis:_for_b_being_Int-Location_holds_(Initialized_(Comput_((P_+*_I),(Initialized_s),(LifeSpan_((P_+*_I),(Initialized_s))))))_._b_=_(Comput_((P_+*_(while>0_(a,I))),(Initialized_s),((LifeSpan_((P_+*_I),(Initialized_s)))_+_3)))_._b let b be Int-Location; ::_thesis: (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . b1 = (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . b1 percases ( b <> intloc 0 or b = intloc 0 ) ; supposeA19: b <> intloc 0 ; ::_thesis: (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . b1 = (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . b1 A20: dom (Initialize ((intloc 0) .--> 1)) = {(intloc 0),(IC )} by SCMFSA_M:11; b <> IC by SCMFSA_2:56; then not b in dom (Initialize ((intloc 0) .--> 1)) by A19, A20, TARSKI:def_2; hence (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . b = (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) . b by FUNCT_4:11 .= (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . b by A13, SCMFSA_M:2 ; ::_thesis: verum end; suppose b = intloc 0 ; ::_thesis: (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . b1 = (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . b1 hence (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) . b = (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) . b by A17, SCMFSA_M:13, SCMFSA_M:30; ::_thesis: verum end; end; end; Initialized (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)) by A12, A17, SCMFSA_M:8; then Initialize ((intloc 0) .--> 1) c= Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)) by SCMFSA_M:13; then A21: P +* (while>0 (a,I)) halts_on Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)) by A2, A5, SCM_HALT:def_2; IC (Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))) = IC (Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))) by A12, MEMSTR_0:28, SCMFSA_M:13; then A22: Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)) = Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))) by A14, A18, SCMFSA_2:61; then A23: Result ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)))) = Result (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))) by A2, A7, Th7, A5, A4; LifeSpan ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3)))) = LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))) by A2, A7, Th7, A5, A4, A22; hence DataPart (Comput ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))),((LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))) + (LifeSpan ((P +* (while>0 (a,I))),(Initialized s)))))) = DataPart (Comput ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))),(LifeSpan ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))))))) by A21, EXTPRO_1:25, NAT_1:11 .= DataPart (Result ((P +* (while>0 (a,I))),(Comput ((P +* (while>0 (a,I))),(Initialized s),((LifeSpan ((P +* I),(Initialized s))) + 3))))) by A21, EXTPRO_1:23 .= DataPart (Result (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))) by A23 .= DataPart (Comput (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))),(LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))))) by A8, EXTPRO_1:23 ; ::_thesis: verum end; Initialize ((intloc 0) .--> 1) c= Initialized s by SCMFSA_M:13; then A24: P +* I halts_on Initialized s by A3, SCM_HALT:def_2; IExec (I,P,s) = Result ((P +* I),(Initialized s)) by SCMFSA6B:def_1 .= Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))) by A24, EXTPRO_1:23 ; then Result ((P +* (while>0 (a,I))),(Initialized (IExec (I,P,s)))) = Result (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))) by A2, A7, Th7, A5, A4; then A25: Result ((P +* (while>0 (a,I))),(Initialized (IExec (I,P,s)))) = Result (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))) ; A26: IExec ((while>0 (a,I)),P,(IExec (I,P,s))) = Result ((P +* (while>0 (a,I))),(Initialized (IExec (I,P,s)))) by SCMFSA6B:def_1 .= Comput (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))),(LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))))) by A8, A25, EXTPRO_1:23 ; A27: LifeSpan ((P +* (while>0 (a,I))),(Initialized s)) <= (((LifeSpan ((P +* I),(Initialized s))) + 3) + (LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s))))))))) + (LifeSpan ((P +* (while>0 (a,I))),(Initialized s))) by NAT_1:11; IExec ((while>0 (a,I)),P,s) = Result ((P +* (while>0 (a,I))),(Initialized s)) by SCMFSA6B:def_1 .= Comput ((P +* (while>0 (a,I))),(Initialized s),(LifeSpan ((P +* (while>0 (a,I))),(Initialized s)))) by A6, EXTPRO_1:23 .= Comput ((P +* (while>0 (a,I))),(Initialized s),(((LifeSpan ((P +* I),(Initialized s))) + 3) + ((LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))) + (LifeSpan ((P +* (while>0 (a,I))),(Initialized s)))))) by A6, A27, EXTPRO_1:25 ; then DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (Comput ((P +* (while>0 (a,I))),(Initialized s),(((LifeSpan ((P +* I),(Initialized s))) + 3) + ((LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))) + (LifeSpan ((P +* (while>0 (a,I))),(Initialized s))))))) .= DataPart (Comput (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))),(LifeSpan (((P +* I) +* (while>0 (a,I))),(Initialized (Comput ((P +* I),(Initialized s),(LifeSpan ((P +* I),(Initialized s)))))))))) by A9, EXTPRO_1:4 .= DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) by A26 ; hence DataPart (IExec ((while>0 (a,I)),P,s)) = DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) ; ::_thesis: verum end; theorem Th24: :: SCMISORT:24 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . f = s . f proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . f = s . f let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . f = s . f let I be Program of SCM+FSA; ::_thesis: for f being FinSeq-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . f = s . f let f be FinSeq-Location ; ::_thesis: for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . f = s . f let a be read-write Int-Location; ::_thesis: ( s . a <= 0 implies (IExec ((while>0 (a,I)),P,s)) . f = s . f ) set D = Data-Locations ; assume A1: s . a <= 0 ; ::_thesis: (IExec ((while>0 (a,I)),P,s)) . f = s . f f in FinSeq-Locations by SCMFSA_2:def_5; then A2: f in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; hence (IExec ((while>0 (a,I)),P,s)) . f = (DataPart (IExec ((while>0 (a,I)),P,s))) . f by FUNCT_1:49 .= (DataPart (Initialized s)) . f by A1, Th22 .= (Initialized s) . f by A2, FUNCT_1:49 .= s . f by SCMFSA_M:37 ; ::_thesis: verum end; theorem Th25: :: SCMISORT:25 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b let s be State of SCM+FSA; ::_thesis: for I being Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b let I be Program of SCM+FSA; ::_thesis: for b being Int-Location for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b let b be Int-Location; ::_thesis: for a being read-write Int-Location st s . a <= 0 holds (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b let a be read-write Int-Location; ::_thesis: ( s . a <= 0 implies (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b ) set D = Data-Locations ; assume A1: s . a <= 0 ; ::_thesis: (IExec ((while>0 (a,I)),P,s)) . b = (Initialized s) . b b in Int-Locations by AMI_2:def_16; then A2: b in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; hence (IExec ((while>0 (a,I)),P,s)) . b = (DataPart (IExec ((while>0 (a,I)),P,s))) . b by FUNCT_1:49 .= (DataPart (Initialized s)) . b by A1, Th22 .= (Initialized s) . b by A2, FUNCT_1:49 ; ::_thesis: verum end; theorem Th26: :: SCMISORT:26 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting good Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting good Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f let s be State of SCM+FSA; ::_thesis: for I being InitHalting good Program of SCM+FSA for f being FinSeq-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f let I be InitHalting good Program of SCM+FSA; ::_thesis: for f being FinSeq-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f let f be FinSeq-Location ; ::_thesis: for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f let a be read-write Int-Location; ::_thesis: ( s . a > 0 & while>0 (a,I) is InitHalting implies (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f ) set D = Data-Locations ; assume that A1: s . a > 0 and A2: while>0 (a,I) is InitHalting ; ::_thesis: (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f f in FinSeq-Locations by SCMFSA_2:def_5; then A3: f in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; then (IExec ((while>0 (a,I)),P,s)) . f = (DataPart (IExec ((while>0 (a,I)),P,s))) . f by FUNCT_1:49 .= (DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s))))) . f by A1, A2, Th23 ; hence (IExec ((while>0 (a,I)),P,s)) . f = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . f by A3, FUNCT_1:49; ::_thesis: verum end; theorem Th27: :: SCMISORT:27 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA for I being InitHalting good Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA for I being InitHalting good Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b let s be State of SCM+FSA; ::_thesis: for I being InitHalting good Program of SCM+FSA for b being Int-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b let I be InitHalting good Program of SCM+FSA; ::_thesis: for b being Int-Location for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b let b be Int-Location; ::_thesis: for a being read-write Int-Location st s . a > 0 & while>0 (a,I) is InitHalting holds (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b let a be read-write Int-Location; ::_thesis: ( s . a > 0 & while>0 (a,I) is InitHalting implies (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b ) set D = Data-Locations ; assume that A1: s . a > 0 and A2: while>0 (a,I) is InitHalting ; ::_thesis: (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b b in Int-Locations by AMI_2:def_16; then A3: b in Data-Locations by SCMFSA_2:100, XBOOLE_0:def_3; then (IExec ((while>0 (a,I)),P,s)) . b = (DataPart (IExec ((while>0 (a,I)),P,s))) . b by FUNCT_1:49 .= (DataPart (IExec ((while>0 (a,I)),P,(IExec (I,P,s))))) . b by A1, A2, Th23 ; hence (IExec ((while>0 (a,I)),P,s)) . b = (IExec ((while>0 (a,I)),P,(IExec (I,P,s)))) . b by A3, FUNCT_1:49; ::_thesis: verum end; begin set a0 = intloc 0; set a1 = intloc 1; set a2 = intloc 2; set a3 = intloc 3; set a4 = intloc 4; set a5 = intloc 5; set a6 = intloc 6; set initializeWorkMem = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)); definition let f be FinSeq-Location ; func insert-sort f -> Program of SCM+FSA equals :: SCMISORT:def 2 ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0)))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))))); coherence ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0)))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))))) is Program of SCM+FSA ; end; :: deftheorem defines insert-sort SCMISORT:def_2_:_ for f being FinSeq-Location holds insert-sort f = ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0)))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))))); definition func Insert-Sort-Algorithm -> Program of SCM+FSA equals :: SCMISORT:def 3 insert-sort (fsloc 0); coherence insert-sort (fsloc 0) is Program of SCM+FSA ; end; :: deftheorem defines Insert-Sort-Algorithm SCMISORT:def_3_:_ Insert-Sort-Algorithm = insert-sort (fsloc 0); theorem Th28: :: SCMISORT:28 for f being FinSeq-Location holds UsedIntLoc (insert-sort f) = {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} proof set m0 = SubFrom ((intloc 2),(intloc 2)); set m1 = Macro (SubFrom ((intloc 2),(intloc 2))); set m2 = AddTo ((intloc 4),(intloc 0)); set m3 = SubFrom ((intloc 2),(intloc 0)); set IF = if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))); set UIF = UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))); set k2 = (intloc 2) := (intloc 0); set k3 = (intloc 3) := (intloc 0); set k4 = (intloc 4) := (intloc 0); set k5 = (intloc 5) := (intloc 0); let f be FinSeq-Location ; ::_thesis: UsedIntLoc (insert-sort f) = {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} set i1 = (intloc 2) := (intloc 3); set i2 = SubFrom ((intloc 3),(intloc 0)); set i3 = (intloc 5) := (f,(intloc 2)); set i4 = (intloc 6) := (f,(intloc 3)); set i5 = (f,(intloc 2)) := (intloc 6); set i6 = (f,(intloc 3)) := (intloc 5); set body3 = ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)); set Ui123 = UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))); set Ui12 = UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))); set Ub3 = UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))); A1: UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))) = (UsedIntLoc ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6)))) \/ (UsedIntLoc ((f,(intloc 3)) := (intloc 5))) by SF_MASTR:30 .= (UsedIntLoc ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6)))) \/ {(intloc 3),(intloc 5)} by SF_MASTR:17 .= ((UsedIntLoc (((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ (UsedIntLoc ((f,(intloc 2)) := (intloc 6)))) \/ {(intloc 3),(intloc 5)} by SF_MASTR:30 .= ((UsedIntLoc (((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 3),(intloc 5)} by SF_MASTR:17 .= (((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ (UsedIntLoc ((intloc 6) := (f,(intloc 3))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 3),(intloc 5)} by SF_MASTR:30 .= (((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 3)}) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 3),(intloc 5)} by SF_MASTR:17 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ ({(intloc 6),(intloc 3)} \/ {(intloc 2),(intloc 6)})) \/ {(intloc 3),(intloc 5)} by XBOOLE_1:4 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 3),(intloc 2),(intloc 6)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:5 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 6),(intloc 2),(intloc 3)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:64 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 2),(intloc 3)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:31 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ ({(intloc 6),(intloc 2)} \/ {(intloc 3)})) \/ {(intloc 3),(intloc 5)} by ENUMSET1:3 .= (((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 2)}) \/ {(intloc 3)}) \/ {(intloc 3),(intloc 5)} by XBOOLE_1:4 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 2)}) \/ ({(intloc 3)} \/ {(intloc 3),(intloc 5)}) by XBOOLE_1:4 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 2)}) \/ {(intloc 3),(intloc 3),(intloc 5)} by ENUMSET1:2 .= ((UsedIntLoc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 2)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:30 .= (((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ (UsedIntLoc ((intloc 5) := (f,(intloc 2))))) \/ {(intloc 6),(intloc 2)}) \/ {(intloc 3),(intloc 5)} by SF_MASTR:30 .= (((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 5),(intloc 2)}) \/ {(intloc 6),(intloc 2)}) \/ {(intloc 3),(intloc 5)} by SF_MASTR:17 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ ({(intloc 5),(intloc 2)} \/ {(intloc 6),(intloc 2)})) \/ {(intloc 3),(intloc 5)} by XBOOLE_1:4 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 5),(intloc 2),(intloc 6),(intloc 2)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:5 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 2),(intloc 6),(intloc 5)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:75 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6),(intloc 5)}) \/ {(intloc 3),(intloc 5)} by ENUMSET1:31 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ ({(intloc 2),(intloc 6)} \/ {(intloc 5)})) \/ {(intloc 3),(intloc 5)} by ENUMSET1:3 .= (((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5)}) \/ {(intloc 3),(intloc 5)} by XBOOLE_1:4 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ ({(intloc 5)} \/ {(intloc 3),(intloc 5)}) by XBOOLE_1:4 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3),(intloc 5)} by ENUMSET1:3 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 5),(intloc 3)} by ENUMSET1:57 .= ((UsedIntLoc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:30 .= (((UsedIntLoc ((intloc 2) := (intloc 3))) \/ (UsedIntLoc (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by SF_MASTR:31 .= (({(intloc 2),(intloc 3)} \/ (UsedIntLoc (SubFrom ((intloc 3),(intloc 0))))) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by SF_MASTR:14 .= (({(intloc 2),(intloc 3)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by SF_MASTR:14 .= ({(intloc 2),(intloc 3),(intloc 3),(intloc 0)} \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:5 .= ({(intloc 3),(intloc 3),(intloc 2),(intloc 0)} \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:71 .= ({(intloc 3),(intloc 2),(intloc 0)} \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:31 .= (({(intloc 3)} \/ {(intloc 2),(intloc 0)}) \/ {(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:2 .= ({(intloc 3)} \/ ({(intloc 2),(intloc 0)} \/ {(intloc 2),(intloc 6)})) \/ {(intloc 5),(intloc 3)} by XBOOLE_1:4 .= ({(intloc 3)} \/ {(intloc 2),(intloc 0),(intloc 2),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:5 .= ({(intloc 3)} \/ {(intloc 2),(intloc 2),(intloc 0),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:62 .= ({(intloc 3)} \/ {(intloc 2),(intloc 0),(intloc 6)}) \/ {(intloc 5),(intloc 3)} by ENUMSET1:31 .= ({(intloc 3)} \/ {(intloc 5),(intloc 3)}) \/ {(intloc 2),(intloc 0),(intloc 6)} by XBOOLE_1:4 .= {(intloc 3),(intloc 5),(intloc 3)} \/ {(intloc 2),(intloc 0),(intloc 6)} by ENUMSET1:3 .= {(intloc 3),(intloc 3),(intloc 5)} \/ {(intloc 2),(intloc 0),(intloc 6)} by ENUMSET1:57 .= {(intloc 3),(intloc 5)} \/ {(intloc 2),(intloc 0),(intloc 6)} by ENUMSET1:30 ; set n1 = (intloc 5) := (f,(intloc 2)); set n2 = SubFrom ((intloc 5),(intloc 6)); set body2 = (((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))); set Ub2 = UsedIntLoc ((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))); A2: UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))) = ({(intloc 5)} \/ (UsedIntLoc (Macro (SubFrom ((intloc 2),(intloc 2)))))) \/ (UsedIntLoc ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))) by SCMBSORT:16 .= ({(intloc 5)} \/ (UsedIntLoc (SubFrom ((intloc 2),(intloc 2))))) \/ (UsedIntLoc ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:28 .= ({(intloc 5)} \/ {(intloc 2),(intloc 2)}) \/ (UsedIntLoc ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:14 .= ({(intloc 5)} \/ {(intloc 2),(intloc 2)}) \/ ((UsedIntLoc (AddTo ((intloc 4),(intloc 0)))) \/ (UsedIntLoc (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:31 .= ({(intloc 5)} \/ {(intloc 2),(intloc 2)}) \/ ({(intloc 4),(intloc 0)} \/ (UsedIntLoc (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:14 .= ({(intloc 5)} \/ {(intloc 2),(intloc 2)}) \/ ({(intloc 4),(intloc 0)} \/ {(intloc 2),(intloc 0)}) by SF_MASTR:14 .= ({(intloc 5)} \/ {(intloc 2)}) \/ ({(intloc 4),(intloc 0)} \/ {(intloc 2),(intloc 0)}) by ENUMSET1:29 .= (({(intloc 5)} \/ {(intloc 2)}) \/ {(intloc 2),(intloc 0)}) \/ {(intloc 4),(intloc 0)} by XBOOLE_1:4 .= ({(intloc 2),(intloc 5)} \/ {(intloc 2),(intloc 0)}) \/ {(intloc 4),(intloc 0)} by ENUMSET1:1 .= {(intloc 2),(intloc 5),(intloc 2),(intloc 0)} \/ {(intloc 4),(intloc 0)} by ENUMSET1:5 .= {(intloc 2),(intloc 2),(intloc 5),(intloc 0)} \/ {(intloc 4),(intloc 0)} by ENUMSET1:62 .= {(intloc 2),(intloc 5),(intloc 0)} \/ {(intloc 4),(intloc 0)} by ENUMSET1:31 .= {(intloc 2),(intloc 5),(intloc 0),(intloc 4),(intloc 0)} by ENUMSET1:9 .= {(intloc 2)} \/ {(intloc 5),(intloc 0),(intloc 4),(intloc 0)} by ENUMSET1:7 .= {(intloc 2)} \/ {(intloc 0),(intloc 0),(intloc 4),(intloc 5)} by ENUMSET1:75 .= {(intloc 2)} \/ {(intloc 0),(intloc 4),(intloc 5)} by ENUMSET1:31 .= {(intloc 2),(intloc 0),(intloc 4),(intloc 5)} by ENUMSET1:4 .= {(intloc 2),(intloc 5),(intloc 4),(intloc 0)} by ENUMSET1:64 .= {(intloc 2),(intloc 5)} \/ {(intloc 4),(intloc 0)} by ENUMSET1:5 ; set WM = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)); set j1 = (intloc 1) :=len f; set j2 = SubFrom ((intloc 1),(intloc 0)); set Uj1 = UsedIntLoc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)); A3: UsedIntLoc ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) = (UsedIntLoc (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0)))) \/ (UsedIntLoc ((intloc 6) := (intloc 0))) by SF_MASTR:30 .= (UsedIntLoc (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0)))) \/ {(intloc 6),(intloc 0)} by SF_MASTR:14 .= ((UsedIntLoc ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0)))) \/ (UsedIntLoc ((intloc 5) := (intloc 0)))) \/ {(intloc 6),(intloc 0)} by SF_MASTR:30 .= ((UsedIntLoc ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0)))) \/ {(intloc 5),(intloc 0)}) \/ {(intloc 6),(intloc 0)} by SF_MASTR:14 .= (((UsedIntLoc (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0)))) \/ (UsedIntLoc ((intloc 4) := (intloc 0)))) \/ {(intloc 5),(intloc 0)}) \/ {(intloc 6),(intloc 0)} by SF_MASTR:30 .= (((UsedIntLoc (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0)))) \/ {(intloc 4),(intloc 0)}) \/ {(intloc 5),(intloc 0)}) \/ {(intloc 6),(intloc 0)} by SF_MASTR:14 .= ((((UsedIntLoc ((intloc 2) := (intloc 0))) \/ (UsedIntLoc ((intloc 3) := (intloc 0)))) \/ {(intloc 4),(intloc 0)}) \/ {(intloc 5),(intloc 0)}) \/ {(intloc 6),(intloc 0)} by SF_MASTR:31 .= ((((UsedIntLoc ((intloc 2) := (intloc 0))) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 4),(intloc 0)}) \/ {(intloc 5),(intloc 0)}) \/ {(intloc 6),(intloc 0)} by SF_MASTR:14 .= ((({(intloc 2),(intloc 0)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 4),(intloc 0)}) \/ {(intloc 5),(intloc 0)}) \/ {(intloc 6),(intloc 0)} by SF_MASTR:14 .= (({(intloc 2),(intloc 0)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 4),(intloc 0)}) \/ ({(intloc 5),(intloc 0)} \/ {(intloc 6),(intloc 0)}) by XBOOLE_1:4 .= (({(intloc 2),(intloc 0)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 4),(intloc 0)}) \/ {(intloc 0),(intloc 5),(intloc 6)} by ENUMSET1:87 .= ({(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 4),(intloc 0)}) \/ {(intloc 0),(intloc 5),(intloc 6)} by ENUMSET1:87 .= ({(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 4),(intloc 0)}) \/ ({(intloc 0)} \/ {(intloc 5),(intloc 6)}) by ENUMSET1:2 .= (({(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 4),(intloc 0)}) \/ {(intloc 0)}) \/ {(intloc 5),(intloc 6)} by XBOOLE_1:4 .= ({(intloc 0),(intloc 2),(intloc 3)} \/ ({(intloc 4),(intloc 0)} \/ {(intloc 0)})) \/ {(intloc 5),(intloc 6)} by XBOOLE_1:4 .= ({(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 4),(intloc 0),(intloc 0)}) \/ {(intloc 5),(intloc 6)} by ENUMSET1:3 .= ({(intloc 0),(intloc 2),(intloc 3)} \/ ({(intloc 0),(intloc 0)} \/ {(intloc 4)})) \/ {(intloc 5),(intloc 6)} by ENUMSET1:2 .= (({(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 0),(intloc 0)}) \/ {(intloc 4)}) \/ {(intloc 5),(intloc 6)} by XBOOLE_1:4 .= ({(intloc 0),(intloc 0),(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 4)}) \/ {(intloc 5),(intloc 6)} by ENUMSET1:8 .= ({(intloc 0),(intloc 2),(intloc 3)} \/ {(intloc 4)}) \/ {(intloc 5),(intloc 6)} by ENUMSET1:38 .= {(intloc 0),(intloc 2),(intloc 3),(intloc 4)} \/ {(intloc 5),(intloc 6)} by ENUMSET1:6 .= {(intloc 0),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by ENUMSET1:14 .= {(intloc 0)} \/ {(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by ENUMSET1:11 ; set T3 = Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))); set t1 = (intloc 2) :=len f; set t2 = SubFrom ((intloc 2),(intloc 1)); set t3 = (intloc 3) := (intloc 2); set t4 = AddTo ((intloc 3),(intloc 0)); set t5 = (intloc 6) := (f,(intloc 3)); set t6 = SubFrom ((intloc 4),(intloc 4)); set Wg = while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))); set t16 = ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))); set body1 = ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))); set Ub1 = UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))); set Ut16 = UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))); A4: UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) = (UsedIntLoc ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ (UsedIntLoc (SubFrom ((intloc 4),(intloc 4)))) by SF_MASTR:30 .= (UsedIntLoc ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ {(intloc 4),(intloc 4)} by SF_MASTR:14 .= ((UsedIntLoc (((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0))))) \/ (UsedIntLoc ((intloc 6) := (f,(intloc 3))))) \/ {(intloc 4),(intloc 4)} by SF_MASTR:30 .= ((UsedIntLoc (((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0))))) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:17 .= (((UsedIntLoc ((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2)))) \/ (UsedIntLoc (AddTo ((intloc 3),(intloc 0))))) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:30 .= (((UsedIntLoc ((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2)))) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:14 .= ((((UsedIntLoc (((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1))))) \/ (UsedIntLoc ((intloc 3) := (intloc 2)))) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:30 .= ((((UsedIntLoc (((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1))))) \/ {(intloc 3),(intloc 2)}) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:14 .= (((((UsedIntLoc ((intloc 2) :=len f)) \/ (UsedIntLoc (SubFrom ((intloc 2),(intloc 1))))) \/ {(intloc 3),(intloc 2)}) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:31 .= (((({(intloc 2)} \/ (UsedIntLoc (SubFrom ((intloc 2),(intloc 1))))) \/ {(intloc 3),(intloc 2)}) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:18 .= (((({(intloc 2)} \/ {(intloc 2),(intloc 1)}) \/ {(intloc 3),(intloc 2)}) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by SF_MASTR:14 .= ((({(intloc 2),(intloc 2),(intloc 1)} \/ {(intloc 3),(intloc 2)}) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:2 .= ((({(intloc 2),(intloc 1)} \/ {(intloc 3),(intloc 2)}) \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:30 .= (({(intloc 2),(intloc 1),(intloc 3),(intloc 2)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:5 .= (({(intloc 2),(intloc 2),(intloc 3),(intloc 1)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:64 .= (({(intloc 2),(intloc 3),(intloc 1)} \/ {(intloc 3),(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:31 .= ({(intloc 2),(intloc 3),(intloc 1),(intloc 3),(intloc 0)} \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:9 .= (({(intloc 2),(intloc 3),(intloc 1),(intloc 3)} \/ {(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:10 .= (({(intloc 3),(intloc 3),(intloc 1),(intloc 2)} \/ {(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:75 .= (({(intloc 3),(intloc 1),(intloc 2)} \/ {(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4),(intloc 4)} by ENUMSET1:31 .= (({(intloc 3),(intloc 1),(intloc 2)} \/ {(intloc 0)}) \/ {(intloc 3),(intloc 6)}) \/ {(intloc 4)} by ENUMSET1:29 .= (({(intloc 3),(intloc 1),(intloc 2)} \/ {(intloc 3),(intloc 6)}) \/ {(intloc 0)}) \/ {(intloc 4)} by XBOOLE_1:4 .= ({(intloc 3),(intloc 1),(intloc 2),(intloc 3),(intloc 6)} \/ {(intloc 0)}) \/ {(intloc 4)} by ENUMSET1:9 .= (({(intloc 3),(intloc 1),(intloc 2),(intloc 3)} \/ {(intloc 6)}) \/ {(intloc 0)}) \/ {(intloc 4)} by ENUMSET1:10 .= (({(intloc 3),(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6)}) \/ {(intloc 0)}) \/ {(intloc 4)} by ENUMSET1:64 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6)}) \/ {(intloc 0)}) \/ {(intloc 4)} by ENUMSET1:31 .= ({(intloc 3),(intloc 2),(intloc 1)} \/ ({(intloc 6)} \/ {(intloc 0)})) \/ {(intloc 4)} by XBOOLE_1:4 .= ({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 0)}) \/ {(intloc 4)} by ENUMSET1:1 .= {(intloc 3),(intloc 2),(intloc 1)} \/ ({(intloc 6),(intloc 0)} \/ {(intloc 4)}) by XBOOLE_1:4 .= {(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 0),(intloc 4)} by ENUMSET1:3 .= {(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)} by ENUMSET1:57 ; A5: UsedIntLoc ((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) = (UsedIntLoc (((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6))))) \/ (UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:27 .= ((UsedIntLoc ((intloc 5) := (f,(intloc 2)))) \/ (UsedIntLoc (SubFrom ((intloc 5),(intloc 6))))) \/ (UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:31 .= ({(intloc 2),(intloc 5)} \/ (UsedIntLoc (SubFrom ((intloc 5),(intloc 6))))) \/ (UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:17 .= ({(intloc 2),(intloc 5)} \/ {(intloc 5),(intloc 6)}) \/ (UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:14 .= {(intloc 2),(intloc 5),(intloc 5),(intloc 6)} \/ (UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by ENUMSET1:5 .= {(intloc 5),(intloc 5),(intloc 2),(intloc 6)} \/ (UsedIntLoc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by ENUMSET1:71 .= {(intloc 5),(intloc 2),(intloc 6)} \/ ({(intloc 2),(intloc 5)} \/ {(intloc 4),(intloc 0)}) by A2, ENUMSET1:31 .= ({(intloc 5),(intloc 2),(intloc 6)} \/ {(intloc 2),(intloc 5)}) \/ {(intloc 4),(intloc 0)} by XBOOLE_1:4 .= {(intloc 2),(intloc 5),(intloc 5),(intloc 2),(intloc 6)} \/ {(intloc 4),(intloc 0)} by ENUMSET1:8 .= ({(intloc 2),(intloc 5),(intloc 5),(intloc 2)} \/ {(intloc 6)}) \/ {(intloc 4),(intloc 0)} by ENUMSET1:10 .= ({(intloc 2),(intloc 2),(intloc 5),(intloc 5)} \/ {(intloc 6)}) \/ {(intloc 4),(intloc 0)} by ENUMSET1:64 .= ({(intloc 2),(intloc 5),(intloc 5)} \/ {(intloc 6)}) \/ {(intloc 4),(intloc 0)} by ENUMSET1:31 .= ({(intloc 5),(intloc 5),(intloc 2)} \/ {(intloc 6)}) \/ {(intloc 4),(intloc 0)} by ENUMSET1:60 .= ({(intloc 5),(intloc 2)} \/ {(intloc 6)}) \/ {(intloc 4),(intloc 0)} by ENUMSET1:30 .= {(intloc 5),(intloc 2),(intloc 6)} \/ {(intloc 4),(intloc 0)} by ENUMSET1:3 .= {(intloc 5),(intloc 2),(intloc 6),(intloc 4),(intloc 0)} by ENUMSET1:9 ; A6: UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) = (UsedIntLoc ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) \/ (UsedIntLoc (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by SF_MASTR:27 .= (UsedIntLoc ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by SCMBSORT:18 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ (UsedIntLoc (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by SF_MASTR:27 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ ({(intloc 5),(intloc 2),(intloc 6),(intloc 4),(intloc 0)} \/ {(intloc 2)})) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by A5, SCMFSA9A:24 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ {(intloc 2),(intloc 5),(intloc 2),(intloc 6),(intloc 4),(intloc 0)}) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by ENUMSET1:11 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ ({(intloc 2),(intloc 5),(intloc 2),(intloc 6)} \/ {(intloc 4),(intloc 0)})) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by ENUMSET1:14 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ ({(intloc 2),(intloc 2),(intloc 5),(intloc 6)} \/ {(intloc 4),(intloc 0)})) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by ENUMSET1:62 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ ({(intloc 2),(intloc 5),(intloc 6)} \/ {(intloc 4),(intloc 0)})) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by ENUMSET1:31 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ {(intloc 2),(intloc 5),(intloc 6),(intloc 4),(intloc 0)}) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by ENUMSET1:9 .= ((UsedIntLoc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ ({(intloc 6),(intloc 4),(intloc 0)} \/ {(intloc 2),(intloc 5)})) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by ENUMSET1:8 .= ((({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by A4, XBOOLE_1:4 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ ({(intloc 6),(intloc 4),(intloc 0)} \/ {(intloc 6),(intloc 4),(intloc 0)})) \/ {(intloc 2),(intloc 5)}) \/ ((UsedIntLoc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))) \/ {(intloc 4),(intloc 0)}) by XBOOLE_1:4 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ({(intloc 3),(intloc 5)} \/ ({(intloc 2),(intloc 0),(intloc 6)} \/ {(intloc 4),(intloc 0)})) by A1, XBOOLE_1:4 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ({(intloc 3),(intloc 5)} \/ {(intloc 2),(intloc 0),(intloc 6),(intloc 4),(intloc 0)}) by ENUMSET1:9 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ({(intloc 3),(intloc 5)} \/ ({(intloc 2)} \/ {(intloc 0),(intloc 6),(intloc 4),(intloc 0)})) by ENUMSET1:7 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ({(intloc 3),(intloc 5)} \/ ({(intloc 2)} \/ {(intloc 0),(intloc 0),(intloc 4),(intloc 6)})) by ENUMSET1:64 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ({(intloc 3),(intloc 5)} \/ ({(intloc 2)} \/ {(intloc 0),(intloc 4),(intloc 6)})) by ENUMSET1:31 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ ({(intloc 3),(intloc 5)} \/ {(intloc 2),(intloc 0),(intloc 4),(intloc 6)}) by ENUMSET1:4 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 6),(intloc 4),(intloc 0)}) \/ {(intloc 2),(intloc 5)}) \/ {(intloc 3),(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} by ENUMSET1:12 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 5),(intloc 2)}) \/ {(intloc 3),(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} by ENUMSET1:60 .= ({(intloc 3),(intloc 2),(intloc 1)} \/ ({(intloc 0),(intloc 4),(intloc 6)} \/ {(intloc 5),(intloc 2)})) \/ {(intloc 3),(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} by XBOOLE_1:4 .= ({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3),(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} by ENUMSET1:8 .= ({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)}) \/ ({(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} \/ {(intloc 3)}) by ENUMSET1:11 .= (({(intloc 3),(intloc 2),(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by XBOOLE_1:4 .= ({(intloc 3),(intloc 2),(intloc 1)} \/ ({(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} \/ {(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)})) \/ {(intloc 3)} by XBOOLE_1:4 .= {(intloc 3),(intloc 2),(intloc 1),(intloc 5),(intloc 2),(intloc 0),(intloc 4),(intloc 6)} \/ {(intloc 3)} by ENUMSET1:24 .= ({(intloc 3),(intloc 2),(intloc 1),(intloc 5),(intloc 2)} \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:26 .= (({(intloc 3)} \/ {(intloc 2),(intloc 1),(intloc 5),(intloc 2)}) \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:7 .= (({(intloc 3)} \/ {(intloc 2),(intloc 2),(intloc 5),(intloc 1)}) \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:64 .= (({(intloc 3)} \/ {(intloc 2),(intloc 5),(intloc 1)}) \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:31 .= ({(intloc 3),(intloc 2),(intloc 5),(intloc 1)} \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:4 .= ({(intloc 1),(intloc 5),(intloc 2),(intloc 3)} \/ {(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:76 .= {(intloc 1),(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4),(intloc 6)} \/ {(intloc 3)} by ENUMSET1:19 .= ({(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4),(intloc 6)}) \/ {(intloc 3)} by ENUMSET1:16 .= ({(intloc 1)} \/ ({(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4)} \/ {(intloc 6)})) \/ {(intloc 3)} by ENUMSET1:15 .= (({(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4)}) \/ {(intloc 6)}) \/ {(intloc 3)} by XBOOLE_1:4 .= (({(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4)}) \/ {(intloc 3)}) \/ {(intloc 6)} by XBOOLE_1:4 .= ({(intloc 1)} \/ ({(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4)} \/ {(intloc 3)})) \/ {(intloc 6)} by XBOOLE_1:4 .= ({(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 0),(intloc 4),(intloc 3)}) \/ {(intloc 6)} by ENUMSET1:15 .= ({(intloc 1)} \/ ({(intloc 5),(intloc 2)} \/ {(intloc 3),(intloc 0),(intloc 4),(intloc 3)})) \/ {(intloc 6)} by ENUMSET1:12 .= ({(intloc 1)} \/ ({(intloc 5),(intloc 2)} \/ {(intloc 3),(intloc 3),(intloc 4),(intloc 0)})) \/ {(intloc 6)} by ENUMSET1:64 .= ({(intloc 1)} \/ ({(intloc 5),(intloc 2)} \/ {(intloc 3),(intloc 4),(intloc 0)})) \/ {(intloc 6)} by ENUMSET1:31 .= ({(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 4),(intloc 0)}) \/ {(intloc 6)} by ENUMSET1:8 .= ({(intloc 1)} \/ ({(intloc 0)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 4)})) \/ {(intloc 6)} by ENUMSET1:10 .= (({(intloc 1)} \/ {(intloc 0)}) \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 4)}) \/ {(intloc 6)} by XBOOLE_1:4 .= ({(intloc 0),(intloc 1)} \/ {(intloc 5),(intloc 2),(intloc 3),(intloc 4)}) \/ {(intloc 6)} by ENUMSET1:1 .= ({(intloc 0),(intloc 1)} \/ {(intloc 2),(intloc 3),(intloc 4),(intloc 5)}) \/ {(intloc 6)} by ENUMSET1:68 .= {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5)} \/ {(intloc 6)} by ENUMSET1:12 .= {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by ENUMSET1:21 ; thus UsedIntLoc (insert-sort f) = (UsedIntLoc ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0))))) \/ (UsedIntLoc (Times ((intloc 1),(((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))))) by SF_MASTR:27 .= (UsedIntLoc ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0))))) \/ ((UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) \/ {(intloc 1),(intloc 0)}) by SCMBSORT:18 .= ((UsedIntLoc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) \/ (UsedIntLoc (SubFrom ((intloc 1),(intloc 0))))) \/ ((UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) \/ {(intloc 1),(intloc 0)}) by SF_MASTR:30 .= ((UsedIntLoc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) \/ {(intloc 1),(intloc 0)}) \/ ((UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) \/ {(intloc 1),(intloc 0)}) by SF_MASTR:14 .= (((UsedIntLoc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) \/ {(intloc 1),(intloc 0)}) \/ {(intloc 1),(intloc 0)}) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by XBOOLE_1:4 .= ((UsedIntLoc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) \/ ({(intloc 1),(intloc 0)} \/ {(intloc 1),(intloc 0)})) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by XBOOLE_1:4 .= (((UsedIntLoc ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)))) \/ (UsedIntLoc ((intloc 1) :=len f))) \/ {(intloc 1),(intloc 0)}) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by SF_MASTR:30 .= ((({(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} \/ {(intloc 0)}) \/ {(intloc 1)}) \/ {(intloc 1),(intloc 0)}) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by A3, SF_MASTR:18 .= (({(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} \/ ({(intloc 0)} \/ {(intloc 1)})) \/ {(intloc 1),(intloc 0)}) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by XBOOLE_1:4 .= (({(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} \/ {(intloc 1),(intloc 0)}) \/ {(intloc 1),(intloc 0)}) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by ENUMSET1:1 .= ({(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} \/ ({(intloc 1),(intloc 0)} \/ {(intloc 1),(intloc 0)})) \/ (UsedIntLoc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))) by XBOOLE_1:4 .= {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} \/ {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by A6, ENUMSET1:17 .= {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} ; ::_thesis: verum end; theorem Th29: :: SCMISORT:29 for f being FinSeq-Location holds UsedInt*Loc (insert-sort f) = {f} proof set m0 = SubFrom ((intloc 2),(intloc 2)); set m1 = Macro (SubFrom ((intloc 2),(intloc 2))); set m2 = AddTo ((intloc 4),(intloc 0)); set m3 = SubFrom ((intloc 2),(intloc 0)); set IF = if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))); set UIF = UsedInt*Loc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))); set k2 = (intloc 2) := (intloc 0); set k3 = (intloc 3) := (intloc 0); set k4 = (intloc 4) := (intloc 0); set k5 = (intloc 5) := (intloc 0); let f be FinSeq-Location ; ::_thesis: UsedInt*Loc (insert-sort f) = {f} set i1 = (intloc 2) := (intloc 3); set i2 = SubFrom ((intloc 3),(intloc 0)); set i3 = (intloc 5) := (f,(intloc 2)); set i4 = (intloc 6) := (f,(intloc 3)); set i5 = (f,(intloc 2)) := (intloc 6); set i6 = (f,(intloc 3)) := (intloc 5); set body3 = ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)); set Ub3 = UsedInt*Loc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))); A1: UsedInt*Loc (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))) = (UsedInt*Loc ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6)))) \/ (UsedInt*Loc ((f,(intloc 3)) := (intloc 5))) by SF_MASTR:46 .= (UsedInt*Loc ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6)))) \/ {f} by SF_MASTR:33 .= ((UsedInt*Loc (((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ (UsedInt*Loc ((f,(intloc 2)) := (intloc 6)))) \/ {f} by SF_MASTR:46 .= ((UsedInt*Loc (((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ {f}) \/ {f} by SF_MASTR:33 .= (((UsedInt*Loc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ (UsedInt*Loc ((intloc 6) := (f,(intloc 3))))) \/ {f}) \/ {f} by SF_MASTR:46 .= (((UsedInt*Loc ((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2))))) \/ {f}) \/ {f}) \/ {f} by SF_MASTR:33 .= ((((UsedInt*Loc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ (UsedInt*Loc ((intloc 5) := (f,(intloc 2))))) \/ {f}) \/ {f}) \/ {f} by SF_MASTR:46 .= ((((UsedInt*Loc (((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0))))) \/ {f}) \/ {f}) \/ {f}) \/ {f} by SF_MASTR:33 .= (((((UsedInt*Loc ((intloc 2) := (intloc 3))) \/ (UsedInt*Loc (SubFrom ((intloc 3),(intloc 0))))) \/ {f}) \/ {f}) \/ {f}) \/ {f} by SF_MASTR:47 .= (((({} \/ (UsedInt*Loc (SubFrom ((intloc 3),(intloc 0))))) \/ {f}) \/ {f}) \/ {f}) \/ {f} by SF_MASTR:32 .= ((({} \/ {f}) \/ {f}) \/ {f}) \/ {f} by SF_MASTR:32 .= {f} ; set n1 = (intloc 5) := (f,(intloc 2)); set n2 = SubFrom ((intloc 5),(intloc 6)); set body2 = (((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))); set Ub2 = UsedInt*Loc ((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))); A2: UsedInt*Loc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))) = (UsedInt*Loc (Macro (SubFrom ((intloc 2),(intloc 2))))) \/ (UsedInt*Loc ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))) by SCMFSA9A:10 .= (UsedInt*Loc (SubFrom ((intloc 2),(intloc 2)))) \/ (UsedInt*Loc ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:44 .= {} \/ (UsedInt*Loc ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:32 .= {} \/ ((UsedInt*Loc (AddTo ((intloc 4),(intloc 0)))) \/ (UsedInt*Loc (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:47 .= {} \/ ({} \/ (UsedInt*Loc (SubFrom ((intloc 2),(intloc 0))))) by SF_MASTR:32 .= {} by SF_MASTR:32 ; set WM = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)); set j1 = (intloc 1) :=len f; set j2 = SubFrom ((intloc 1),(intloc 0)); A3: UsedInt*Loc ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) = (UsedInt*Loc (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0)))) \/ (UsedInt*Loc ((intloc 6) := (intloc 0))) by SF_MASTR:46 .= (UsedInt*Loc (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0)))) \/ {} by SF_MASTR:32 .= (UsedInt*Loc ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0)))) \/ (UsedInt*Loc ((intloc 5) := (intloc 0))) by SF_MASTR:46 .= (UsedInt*Loc ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0)))) \/ {} by SF_MASTR:32 .= (UsedInt*Loc (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0)))) \/ (UsedInt*Loc ((intloc 4) := (intloc 0))) by SF_MASTR:46 .= (UsedInt*Loc (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0)))) \/ {} by SF_MASTR:32 .= (UsedInt*Loc ((intloc 2) := (intloc 0))) \/ (UsedInt*Loc ((intloc 3) := (intloc 0))) by SF_MASTR:47 .= (UsedInt*Loc ((intloc 2) := (intloc 0))) \/ {} by SF_MASTR:32 .= {} by SF_MASTR:32 ; set T3 = Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))); set t1 = (intloc 2) :=len f; set t2 = SubFrom ((intloc 2),(intloc 1)); set t3 = (intloc 3) := (intloc 2); set t4 = AddTo ((intloc 3),(intloc 0)); set t5 = (intloc 6) := (f,(intloc 3)); set t6 = SubFrom ((intloc 4),(intloc 4)); set Wg = while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))); set t16 = ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))); set body1 = ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))); set Ub1 = UsedInt*Loc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))); set Ut16 = UsedInt*Loc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))); A4: UsedInt*Loc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) = (UsedInt*Loc ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ (UsedInt*Loc (SubFrom ((intloc 4),(intloc 4)))) by SF_MASTR:46 .= (UsedInt*Loc ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3))))) \/ {} by SF_MASTR:32 .= ((UsedInt*Loc (((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0))))) \/ (UsedInt*Loc ((intloc 6) := (f,(intloc 3))))) \/ {} by SF_MASTR:46 .= ((UsedInt*Loc (((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0))))) \/ {f}) \/ {} by SF_MASTR:33 .= (((UsedInt*Loc ((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2)))) \/ (UsedInt*Loc (AddTo ((intloc 3),(intloc 0))))) \/ {f}) \/ {} by SF_MASTR:46 .= (((UsedInt*Loc ((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2)))) \/ {}) \/ {f}) \/ {} by SF_MASTR:32 .= ((((UsedInt*Loc (((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1))))) \/ (UsedInt*Loc ((intloc 3) := (intloc 2)))) \/ {}) \/ {f}) \/ {} by SF_MASTR:46 .= ((((UsedInt*Loc (((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1))))) \/ {}) \/ {}) \/ {f}) \/ {} by SF_MASTR:32 .= (((((UsedInt*Loc ((intloc 2) :=len f)) \/ (UsedInt*Loc (SubFrom ((intloc 2),(intloc 1))))) \/ {}) \/ {}) \/ {f}) \/ {} by SF_MASTR:47 .= (((({f} \/ (UsedInt*Loc (SubFrom ((intloc 2),(intloc 1))))) \/ {}) \/ {}) \/ {f}) \/ {} by SF_MASTR:34 .= ({f} \/ {f}) \/ {} by SF_MASTR:32 .= {f} ; A5: UsedInt*Loc ((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) = (UsedInt*Loc (((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6))))) \/ (UsedInt*Loc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:43 .= ((UsedInt*Loc ((intloc 5) := (f,(intloc 2)))) \/ (UsedInt*Loc (SubFrom ((intloc 5),(intloc 6))))) \/ (UsedInt*Loc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:47 .= ({f} \/ (UsedInt*Loc (SubFrom ((intloc 5),(intloc 6))))) \/ (UsedInt*Loc (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SF_MASTR:33 .= {f} \/ {} by A2, SF_MASTR:32 .= {f} ; A6: UsedInt*Loc (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) = (UsedInt*Loc ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) \/ (UsedInt*Loc (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by SF_MASTR:43 .= (UsedInt*Loc ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) \/ {f} by A1, SCMBSORT:20 .= ((UsedInt*Loc (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) \/ (UsedInt*Loc (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) \/ {f} by SF_MASTR:43 .= {f} \/ {f} by A5, A4, SCMFSA9A:25 .= {f} ; thus UsedInt*Loc (insert-sort f) = (UsedInt*Loc ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0))))) \/ (UsedInt*Loc (Times ((intloc 1),(((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))))) by SF_MASTR:43 .= (UsedInt*Loc ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0))))) \/ {f} by A6, SCMBSORT:20 .= ((UsedInt*Loc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) \/ (UsedInt*Loc (SubFrom ((intloc 1),(intloc 0))))) \/ {f} by SF_MASTR:46 .= ((UsedInt*Loc (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) \/ {}) \/ {f} by SF_MASTR:32 .= (((UsedInt*Loc ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)))) \/ (UsedInt*Loc ((intloc 1) :=len f))) \/ {}) \/ {f} by SF_MASTR:46 .= {f} \/ {f} by A3, SF_MASTR:34 .= {f} ; ::_thesis: verum end; theorem Th30: :: SCMISORT:30 for k1, k2, k3, k4 being Instruction of SCM+FSA holds card (((k1 ";" k2) ";" k3) ";" k4) = 8 proof let k1, k2, k3, k4 be Instruction of SCM+FSA; ::_thesis: card (((k1 ";" k2) ";" k3) ";" k4) = 8 thus card (((k1 ";" k2) ";" k3) ";" k4) = (card ((k1 ";" k2) ";" k3)) + 2 by SCMFSA6A:34 .= 6 + 2 by SCMBSORT:23 .= 8 ; ::_thesis: verum end; theorem Th31: :: SCMISORT:31 for k1, k2, k3, k4, k5 being Instruction of SCM+FSA holds card ((((k1 ";" k2) ";" k3) ";" k4) ";" k5) = 10 proof let k1, k2, k3, k4, k5 be Instruction of SCM+FSA; ::_thesis: card ((((k1 ";" k2) ";" k3) ";" k4) ";" k5) = 10 thus card ((((k1 ";" k2) ";" k3) ";" k4) ";" k5) = (card (((k1 ";" k2) ";" k3) ";" k4)) + 2 by SCMFSA6A:34 .= 8 + 2 by Th30 .= 10 ; ::_thesis: verum end; theorem Th32: :: SCMISORT:32 for f being FinSeq-Location holds card (insert-sort f) = 82 proof set m1 = Macro (SubFrom ((intloc 2),(intloc 2))); set m2 = AddTo ((intloc 4),(intloc 0)); set m3 = SubFrom ((intloc 2),(intloc 0)); set IF = if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))); let f be FinSeq-Location ; ::_thesis: card (insert-sort f) = 82 set i1 = (intloc 2) := (intloc 3); set i2 = SubFrom ((intloc 3),(intloc 0)); set i3 = (intloc 5) := (f,(intloc 2)); set i4 = (intloc 6) := (f,(intloc 3)); set i5 = (f,(intloc 2)) := (intloc 6); set i6 = (f,(intloc 3)) := (intloc 5); set body3 = ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)); A1: card (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))) = ((card (Macro (SubFrom ((intloc 2),(intloc 2))))) + (card ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))) + 4 by SCMFSA8B:12 .= (2 + (card ((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))) + 4 by COMPOS_1:56 .= (2 + (2 + 2)) + 4 by SCMFSA6A:35 .= 10 ; set n1 = (intloc 5) := (f,(intloc 2)); set n2 = SubFrom ((intloc 5),(intloc 6)); set body2 = (((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))); A2: card ((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) = (card (((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6))))) + (card (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))) by SCMFSA6A:21 .= (2 + 2) + 10 by A1, SCMFSA6A:35 .= 14 ; set WM = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)); set j1 = (intloc 1) :=len f; set j2 = SubFrom ((intloc 1),(intloc 0)); set T3 = Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))); set t1 = (intloc 2) :=len f; set t2 = SubFrom ((intloc 2),(intloc 1)); set t3 = (intloc 3) := (intloc 2); set t4 = AddTo ((intloc 3),(intloc 0)); set t5 = (intloc 6) := (f,(intloc 3)); set t6 = SubFrom ((intloc 4),(intloc 4)); set Wg = while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))); set t16 = ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))); set body1 = ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))); A3: card (((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))) = (card ((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6)))) + 2 by SCMFSA6A:34 .= 10 + 2 by Th31 .= 12 ; A4: card (((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) = (card ((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) + (card (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by SCMFSA6A:21 .= ((card (((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4))))) + (card (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) + (card (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by SCMFSA6A:21 .= (((card ((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3))))) + 2) + (card (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) + (card (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by SCMFSA6A:34 .= ((10 + 2) + (card (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0))))))))))) + (card (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by Th31 .= ((10 + 2) + (14 + 6)) + (card (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5)))))) by A2, SCMFSA_9:5 .= ((10 + 2) + (14 + 6)) + (12 + 12) by A3, SCMBSORT:22 .= 56 ; thus card (insert-sort f) = (card ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0))))) + (card (Times ((intloc 1),(((((((((intloc 2) :=len f) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := (f,(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := (f,(intloc 2)))) ";" ((intloc 6) := (f,(intloc 3)))) ";" ((f,(intloc 2)) := (intloc 6))) ";" ((f,(intloc 3)) := (intloc 5))))))))) by SCMFSA6A:21 .= (card ((((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f)) ";" (SubFrom ((intloc 1),(intloc 0))))) + (56 + 12) by A4, SCMBSORT:22 .= ((card (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len f))) + 2) + (56 + 12) by SCMFSA6A:34 .= (((card ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)))) + 2) + 2) + (56 + 12) by SCMFSA6A:34 .= ((10 + 2) + 2) + 68 by Th31 .= 82 ; ::_thesis: verum end; theorem Th33: :: SCMISORT:33 for f being FinSeq-Location for k being Element of NAT st k < 82 holds k in dom (insert-sort f) proof let f be FinSeq-Location ; ::_thesis: for k being Element of NAT st k < 82 holds k in dom (insert-sort f) let k be Element of NAT ; ::_thesis: ( k < 82 implies k in dom (insert-sort f) ) assume A1: k < 82 ; ::_thesis: k in dom (insert-sort f) card (insert-sort f) = 82 by Th32; hence k in dom (insert-sort f) by A1, AFINSQ_1:66; ::_thesis: verum end; Lm1: for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds ( P . 0 = (intloc 2) := (intloc 0) & P . 1 = goto 2 & P . 2 = (intloc 3) := (intloc 0) & P . 3 = goto 4 & P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) proof set f0 = fsloc 0; set TT = Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))); set q = Insert-Sort-Algorithm ; set q0 = insert-sort (fsloc 0); set W2 = (intloc 2) := (intloc 0); set W3 = (intloc 3) := (intloc 0); set W4 = (intloc 4) := (intloc 0); set W5 = (intloc 5) := (intloc 0); set W6 = (intloc 6) := (intloc 0); set W7 = (intloc 1) :=len (fsloc 0); set W8 = SubFrom ((intloc 1),(intloc 0)); set T8 = (SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))); set T7 = ((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))); set T6 = ((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))))); set T5 = ((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))); set T4 = ((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))))))); set T3 = ((intloc 3) := (intloc 0)) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))))); set X3 = ((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0)); set X4 = (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0)); set X5 = ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0)); set X6 = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)); A1: dom (Macro ((intloc 2) := (intloc 0))) = {0,1} by COMPOS_1:61; then A2: 0 in dom (Macro ((intloc 2) := (intloc 0))) by TARSKI:def_2; A3: 1 in dom (Macro ((intloc 2) := (intloc 0))) by A1, TARSKI:def_2; A4: card (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) = 4 by SCMFSA6A:35; A5: insert-sort (fsloc 0) = (((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" ((intloc 1) :=len (fsloc 0))) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))) by SCMFSA6A:27; then A6: insert-sort (fsloc 0) = ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))))) by SCMFSA6A:27; then A7: insert-sort (fsloc 0) = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))) by SCMFSA6A:27; then A8: insert-sort (fsloc 0) = ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))))))) by SCMFSA6A:27; then A9: insert-sort (fsloc 0) = (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))))) by SCMFSA6A:27 .= ((Macro ((intloc 2) := (intloc 0))) ";" ((intloc 3) := (intloc 0))) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))))) by SCMFSA6A:19 ; insert-sort (fsloc 0) = (((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))))) by A8, SCMFSA6A:27; then A10: insert-sort (fsloc 0) = ((intloc 2) := (intloc 0)) ";" (((intloc 3) := (intloc 0)) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))))))))) by SCMFSA6A:31 .= (Macro ((intloc 2) := (intloc 0))) ";" (((intloc 3) := (intloc 0)) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5)))))))))))))) by SCMFSA6A:def_5 ; let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( Insert-Sort-Algorithm c= P implies ( P . 0 = (intloc 2) := (intloc 0) & P . 1 = goto 2 & P . 2 = (intloc 3) := (intloc 0) & P . 3 = goto 4 & P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) ) assume A11: Insert-Sort-Algorithm c= P ; ::_thesis: ( P . 0 = (intloc 2) := (intloc 0) & P . 1 = goto 2 & P . 2 = (intloc 3) := (intloc 0) & P . 3 = goto 4 & P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) A12: now__::_thesis:_for_i_being_Element_of_NAT_st_i_<_82_holds_ (insert-sort_(fsloc_0))_._i_=_P_._i let i be Element of NAT ; ::_thesis: ( i < 82 implies (insert-sort (fsloc 0)) . i = P . i ) assume i < 82 ; ::_thesis: (insert-sort (fsloc 0)) . i = P . i then i in dom (insert-sort (fsloc 0)) by Th33; hence (insert-sort (fsloc 0)) . i = P . i by A11, GRFUNC_1:2; ::_thesis: verum end; hence P . 0 = ((Macro ((intloc 2) := (intloc 0))) ";" (((intloc 3) := (intloc 0)) ";" (((intloc 4) := (intloc 0)) ";" (((intloc 5) := (intloc 0)) ";" (((intloc 6) := (intloc 0)) ";" (((intloc 1) :=len (fsloc 0)) ";" ((SubFrom ((intloc 1),(intloc 0))) ";" (Times ((intloc 1),(((((((((intloc 2) :=len (fsloc 0)) ";" (SubFrom ((intloc 2),(intloc 1)))) ";" ((intloc 3) := (intloc 2))) ";" (AddTo ((intloc 3),(intloc 0)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (SubFrom ((intloc 4),(intloc 4)))) ";" (while>0 ((intloc 2),((((intloc 5) := ((fsloc 0),(intloc 2))) ";" (SubFrom ((intloc 5),(intloc 6)))) ";" (if>0 ((intloc 5),(Macro (SubFrom ((intloc 2),(intloc 2)))),((AddTo ((intloc 4),(intloc 0))) ";" (SubFrom ((intloc 2),(intloc 0)))))))))) ";" (Times ((intloc 4),(((((((intloc 2) := (intloc 3)) ";" (SubFrom ((intloc 3),(intloc 0)))) ";" ((intloc 5) := ((fsloc 0),(intloc 2)))) ";" ((intloc 6) := ((fsloc 0),(intloc 3)))) ";" (((fsloc 0),(intloc 2)) := (intloc 6))) ";" (((fsloc 0),(intloc 3)) := (intloc 5))))))))))))))) . 0 by A10 .= (Directed (Macro ((intloc 2) := (intloc 0)))) . 0 by A2, SCMFSA8A:14 .= (intloc 2) := (intloc 0) by SCMFSA7B:1 ; ::_thesis: ( P . 1 = goto 2 & P . 2 = (intloc 3) := (intloc 0) & P . 3 = goto 4 & P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) A13: card (Macro ((intloc 2) := (intloc 0))) = 2 by COMPOS_1:56; A14: card ((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) = 6 by SCMBSORT:23; then A15: card (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) = 6 + 2 by SCMFSA6A:34 .= 8 ; then A16: card ((((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0))) = 8 + 2 by SCMFSA6A:34 .= 10 ; thus P . 1 = (insert-sort (fsloc 0)) . 1 by A12 .= (Directed (Macro ((intloc 2) := (intloc 0)))) . 1 by A10, A3, SCMFSA8A:14 .= goto 2 by SCMFSA7B:2 ; ::_thesis: ( P . 2 = (intloc 3) := (intloc 0) & P . 3 = goto 4 & P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 2 = (insert-sort (fsloc 0)) . 2 by A12 .= (intloc 3) := (intloc 0) by A9, A13, SCMBSORT:27 ; ::_thesis: ( P . 3 = goto 4 & P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 3 = (insert-sort (fsloc 0)) . (2 + 1) by A12 .= goto (2 + 2) by A9, A13, SCMBSORT:28 .= goto 4 ; ::_thesis: ( P . 4 = (intloc 4) := (intloc 0) & P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 4 = (insert-sort (fsloc 0)) . 4 by A12 .= (intloc 4) := (intloc 0) by A8, A4, SCMBSORT:27 ; ::_thesis: ( P . 5 = goto 6 & P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 5 = (insert-sort (fsloc 0)) . (4 + 1) by A12 .= goto (4 + 2) by A8, A4, SCMBSORT:28 .= goto 6 ; ::_thesis: ( P . 6 = (intloc 5) := (intloc 0) & P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 6 = (insert-sort (fsloc 0)) . 6 by A12 .= (intloc 5) := (intloc 0) by A7, A14, SCMBSORT:27 ; ::_thesis: ( P . 7 = goto 8 & P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 7 = (insert-sort (fsloc 0)) . (6 + 1) by A12 .= goto (6 + 2) by A7, A14, SCMBSORT:28 .= goto 8 ; ::_thesis: ( P . 8 = (intloc 6) := (intloc 0) & P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 8 = (insert-sort (fsloc 0)) . 8 by A12 .= (intloc 6) := (intloc 0) by A6, A15, SCMBSORT:27 ; ::_thesis: ( P . 9 = goto 10 & P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 9 = (insert-sort (fsloc 0)) . (8 + 1) by A12 .= goto (8 + 2) by A6, A15, SCMBSORT:28 .= goto 10 ; ::_thesis: ( P . 10 = (intloc 1) :=len (fsloc 0) & P . 11 = goto 12 ) thus P . 10 = (insert-sort (fsloc 0)) . 10 by A12 .= (intloc 1) :=len (fsloc 0) by A5, A16, SCMBSORT:27 ; ::_thesis: P . 11 = goto 12 thus P . 11 = (insert-sort (fsloc 0)) . (10 + 1) by A12 .= goto (10 + 2) by A5, A16, SCMBSORT:28 .= goto 12 ; ::_thesis: verum end; set f0 = fsloc 0; set b1 = intloc (0 + 1); set b2 = intloc (1 + 1); set b3 = intloc (2 + 1); set b4 = intloc (3 + 1); set b5 = intloc (4 + 1); set b6 = intloc (5 + 1); set i1 = (intloc (1 + 1)) := (intloc (2 + 1)); set i2 = SubFrom ((intloc (2 + 1)),(intloc 0)); set i3 = (intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))); set i4 = (intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))); set i5 = ((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)); set i6 = ((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)); set body3 = ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))); set w2 = (intloc (1 + 1)) := (intloc 0); set w3 = (intloc (2 + 1)) := (intloc 0); set w4 = (intloc (3 + 1)) := (intloc 0); set w5 = (intloc (4 + 1)) := (intloc 0); set w6 = (intloc (5 + 1)) := (intloc 0); set T3 = Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))); set m0 = SubFrom ((intloc (1 + 1)),(intloc (1 + 1))); set m1 = Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))); set m2 = AddTo ((intloc (3 + 1)),(intloc 0)); set m3 = SubFrom ((intloc (1 + 1)),(intloc 0)); set IF = if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))); set n1 = (intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))); set n2 = SubFrom ((intloc (4 + 1)),(intloc (5 + 1))); set body2 = (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))); set t1 = (intloc (1 + 1)) :=len (fsloc 0); set t2 = SubFrom ((intloc (1 + 1)),(intloc (0 + 1))); set t3 = (intloc (2 + 1)) := (intloc (1 + 1)); set t4 = AddTo ((intloc (2 + 1)),(intloc 0)); set t5 = (intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))); set t6 = SubFrom ((intloc (3 + 1)),(intloc (3 + 1))); set Wg = while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))); set t16 = ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))); set body1 = ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))); set WM = (((((intloc 2) := (intloc 0)) ";" ((intloc 3) := (intloc 0))) ";" ((intloc 4) := (intloc 0))) ";" ((intloc 5) := (intloc 0))) ";" ((intloc 6) := (intloc 0)); set j1 = (intloc (0 + 1)) :=len (fsloc 0); set j2 = SubFrom ((intloc (0 + 1)),(intloc 0)); Lm2: for s being 0 -started State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds ( ( for k being Element of NAT st k > 0 & k < 12 holds ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) ) & (Comput (P,s,11)) . (intloc 1) = len (s . (fsloc 0)) & (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) proof let s be 0 -started State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds ( ( for k being Element of NAT st k > 0 & k < 12 holds ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) ) & (Comput (P,s,11)) . (intloc 1) = len (s . (fsloc 0)) & (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( Insert-Sort-Algorithm c= P implies ( ( for k being Element of NAT st k > 0 & k < 12 holds ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) ) & (Comput (P,s,11)) . (intloc 1) = len (s . (fsloc 0)) & (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) ) assume A1: Insert-Sort-Algorithm c= P ; ::_thesis: ( ( for k being Element of NAT st k > 0 & k < 12 holds ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) ) & (Comput (P,s,11)) . (intloc 1) = len (s . (fsloc 0)) & (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) A2: IC (Comput (P,s,0)) = 0 by MEMSTR_0:def_11; then A3: Comput (P,s,(0 + 1)) = Exec ((P . 0),(Comput (P,s,0))) by EXTPRO_1:6 .= Exec (((intloc 2) := (intloc 0)),(Comput (P,s,0))) by A1, Lm1 ; then A4: (Comput (P,s,1)) . (IC ) = succ (IC (Comput (P,s,0))) by SCMFSA_2:63 .= 1 by A2 ; then IC (Comput (P,s,1)) = 1 ; then A5: Comput (P,s,(1 + 1)) = Exec ((P . 1),(Comput (P,s,1))) by EXTPRO_1:6 .= Exec ((goto 2),(Comput (P,s,1))) by A1, Lm1 ; then A6: (Comput (P,s,2)) . (IC ) = 2 by SCMFSA_2:69; IC (Comput (P,s,2)) = 2 by A5, SCMFSA_2:69; then A7: Comput (P,s,(2 + 1)) = Exec ((P . 2),(Comput (P,s,2))) by EXTPRO_1:6 .= Exec (((intloc 3) := (intloc 0)),(Comput (P,s,2))) by A1, Lm1 ; then A8: (Comput (P,s,3)) . (IC ) = succ (IC (Comput (P,s,2))) by SCMFSA_2:63 .= 3 by A6 ; then IC (Comput (P,s,3)) = 3 ; then A9: Comput (P,s,(3 + 1)) = Exec ((P . 3),(Comput (P,s,3))) by EXTPRO_1:6 .= Exec ((goto 4),(Comput (P,s,3))) by A1, Lm1 ; then A10: (Comput (P,s,4)) . (IC ) = 4 by SCMFSA_2:69; A11: intloc 2 <> intloc 0 by SCMFSA_2:101; then A12: (Comput (P,s,1)) . (intloc 0) = s . (intloc 0) by A3, SCMFSA_2:63; then A13: (Comput (P,s,2)) . (intloc 0) = s . (intloc 0) by A5, SCMFSA_2:69; then (Comput (P,s,3)) . (intloc 3) = s . (intloc 0) by A7, SCMFSA_2:63; then A14: (Comput (P,s,4)) . (intloc 3) = s . (intloc 0) by A9, SCMFSA_2:69; IC (Comput (P,s,4)) = 4 by A9, SCMFSA_2:69; then A15: Comput (P,s,(4 + 1)) = Exec ((P . 4),(Comput (P,s,4))) by EXTPRO_1:6 .= Exec (((intloc 4) := (intloc 0)),(Comput (P,s,4))) by A1, Lm1 ; then A16: (Comput (P,s,5)) . (IC ) = succ (IC (Comput (P,s,4))) by SCMFSA_2:63 .= 5 by A10 ; then IC (Comput (P,s,5)) = 5 ; then A17: Comput (P,s,(5 + 1)) = Exec ((P . 5),(Comput (P,s,5))) by EXTPRO_1:6 .= Exec ((goto 6),(Comput (P,s,5))) by A1, Lm1 ; then A18: (Comput (P,s,6)) . (IC ) = 6 by SCMFSA_2:69; IC (Comput (P,s,6)) = 6 by A17, SCMFSA_2:69; then A19: Comput (P,s,(6 + 1)) = Exec ((P . 6),(Comput (P,s,6))) by EXTPRO_1:6 .= Exec (((intloc 5) := (intloc 0)),(Comput (P,s,6))) by A1, Lm1 ; then A20: (Comput (P,s,7)) . (IC ) = succ (IC (Comput (P,s,6))) by SCMFSA_2:63 .= 7 by A18 ; then IC (Comput (P,s,7)) = 7 ; then A21: Comput (P,s,(7 + 1)) = Exec ((P . 7),(Comput (P,s,7))) by EXTPRO_1:6 .= Exec ((goto 8),(Comput (P,s,7))) by A1, Lm1 ; then A22: (Comput (P,s,8)) . (IC ) = 8 by SCMFSA_2:69; IC (Comput (P,s,8)) = 8 by A21, SCMFSA_2:69; then A23: Comput (P,s,(8 + 1)) = Exec ((P . 8),(Comput (P,s,8))) by EXTPRO_1:6 .= Exec (((intloc 6) := (intloc 0)),(Comput (P,s,8))) by A1, Lm1 ; then A24: (Comput (P,s,9)) . (IC ) = succ (IC (Comput (P,s,8))) by SCMFSA_2:63 .= 9 by A22 ; then IC (Comput (P,s,9)) = 9 ; then A25: Comput (P,s,(9 + 1)) = Exec ((P . 9),(Comput (P,s,9))) by EXTPRO_1:6 .= Exec ((goto 10),(Comput (P,s,9))) by A1, Lm1 ; then A26: (Comput (P,s,10)) . (IC ) = 10 by SCMFSA_2:69; A27: (Comput (P,s,1)) . (fsloc 0) = s . (fsloc 0) by A3, SCMFSA_2:63; then A28: (Comput (P,s,2)) . (fsloc 0) = s . (fsloc 0) by A5, SCMFSA_2:69; then A29: (Comput (P,s,3)) . (fsloc 0) = s . (fsloc 0) by A7, SCMFSA_2:63; then A30: (Comput (P,s,4)) . (fsloc 0) = s . (fsloc 0) by A9, SCMFSA_2:69; then A31: (Comput (P,s,5)) . (fsloc 0) = s . (fsloc 0) by A15, SCMFSA_2:63; then A32: (Comput (P,s,6)) . (fsloc 0) = s . (fsloc 0) by A17, SCMFSA_2:69; then A33: (Comput (P,s,7)) . (fsloc 0) = s . (fsloc 0) by A19, SCMFSA_2:63; then A34: (Comput (P,s,8)) . (fsloc 0) = s . (fsloc 0) by A21, SCMFSA_2:69; then A35: (Comput (P,s,9)) . (fsloc 0) = s . (fsloc 0) by A23, SCMFSA_2:63; then A36: (Comput (P,s,10)) . (fsloc 0) = s . (fsloc 0) by A25, SCMFSA_2:69; A37: (Comput (P,s,3)) . (intloc 0) = s . (intloc 0) by A13, A7, SCMFSA_2:63; then A38: (Comput (P,s,4)) . (intloc 0) = s . (intloc 0) by A9, SCMFSA_2:69; then (Comput (P,s,5)) . (intloc 4) = s . (intloc 0) by A15, SCMFSA_2:63; then A39: (Comput (P,s,6)) . (intloc 4) = s . (intloc 0) by A17, SCMFSA_2:69; A40: intloc 4 <> intloc 0 by SCMFSA_2:101; then A41: (Comput (P,s,5)) . (intloc 0) = s . (intloc 0) by A38, A15, SCMFSA_2:63; then A42: (Comput (P,s,6)) . (intloc 0) = s . (intloc 0) by A17, SCMFSA_2:69; then (Comput (P,s,7)) . (intloc 5) = s . (intloc 0) by A19, SCMFSA_2:63; then A43: (Comput (P,s,8)) . (intloc 5) = s . (intloc 0) by A21, SCMFSA_2:69; intloc 4 <> intloc 5 by SCMFSA_2:101; then (Comput (P,s,7)) . (intloc 4) = s . (intloc 0) by A39, A19, SCMFSA_2:63; then A44: (Comput (P,s,8)) . (intloc 4) = s . (intloc 0) by A21, SCMFSA_2:69; intloc 4 <> intloc 6 by SCMFSA_2:101; then (Comput (P,s,9)) . (intloc 4) = s . (intloc 0) by A44, A23, SCMFSA_2:63; then A45: (Comput (P,s,10)) . (intloc 4) = s . (intloc 0) by A25, SCMFSA_2:69; intloc 5 <> intloc 6 by SCMFSA_2:101; then (Comput (P,s,9)) . (intloc 5) = s . (intloc 0) by A43, A23, SCMFSA_2:63; then A46: (Comput (P,s,10)) . (intloc 5) = s . (intloc 0) by A25, SCMFSA_2:69; A47: intloc 5 <> intloc 0 by SCMFSA_2:101; then A48: (Comput (P,s,7)) . (intloc 0) = s . (intloc 0) by A42, A19, SCMFSA_2:63; then A49: (Comput (P,s,8)) . (intloc 0) = s . (intloc 0) by A21, SCMFSA_2:69; then (Comput (P,s,9)) . (intloc 6) = s . (intloc 0) by A23, SCMFSA_2:63; then A50: (Comput (P,s,10)) . (intloc 6) = s . (intloc 0) by A25, SCMFSA_2:69; IC (Comput (P,s,10)) = 10 by A25, SCMFSA_2:69; then A51: Comput (P,s,(10 + 1)) = Exec ((P . 10),(Comput (P,s,10))) by EXTPRO_1:6 .= Exec (((intloc 1) :=len (fsloc 0)),(Comput (P,s,10))) by A1, Lm1 ; then A52: (Comput (P,s,11)) . (IC ) = succ (IC (Comput (P,s,10))) by SCMFSA_2:74 .= 11 by A26 ; A53: intloc 6 <> intloc 0 by SCMFSA_2:101; then A54: (Comput (P,s,9)) . (intloc 0) = s . (intloc 0) by A49, A23, SCMFSA_2:63; then A55: (Comput (P,s,10)) . (intloc 0) = s . (intloc 0) by A25, SCMFSA_2:69; hereby ::_thesis: ( (Comput (P,s,11)) . (intloc 1) = len (s . (fsloc 0)) & (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) let k be Element of NAT ; ::_thesis: ( k > 0 & k < 12 implies ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) ) assume that A56: k > 0 and A57: k < 12 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) set c1 = (Comput (P,s,k)) . (IC ); set d1 = k; set c2 = (Comput (P,s,k)) . (intloc 0); set d2 = s . (intloc 0); set c3 = (Comput (P,s,k)) . (fsloc 0); set d3 = s . (fsloc 0); k < 11 + 1 by A57; then A58: k <= 11 by NAT_1:13; percases ( k = 1 or k = 2 or k = 3 or k = 4 or k = 5 or k = 6 or k = 7 or k = 8 or k = 9 or k = 10 or k = 11 ) by A56, A58, NAT_1:35; suppose k = 1 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A3, A4, A11, SCMFSA_2:63; ::_thesis: verum end; suppose k = 2 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A12, A27, A5, SCMFSA_2:69; ::_thesis: verum end; suppose k = 3 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A13, A28, A7, A8, SCMFSA_2:63; ::_thesis: verum end; suppose k = 4 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A37, A29, A9, SCMFSA_2:69; ::_thesis: verum end; suppose k = 5 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A38, A30, A15, A16, A40, SCMFSA_2:63; ::_thesis: verum end; suppose k = 6 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A41, A31, A17, SCMFSA_2:69; ::_thesis: verum end; suppose k = 7 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A42, A32, A19, A20, A47, SCMFSA_2:63; ::_thesis: verum end; suppose k = 8 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A48, A33, A21, SCMFSA_2:69; ::_thesis: verum end; suppose k = 9 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A49, A34, A23, A24, A53, SCMFSA_2:63; ::_thesis: verum end; suppose k = 10 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence ( (Comput (P,s,k)) . (IC ) = k & (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) by A54, A35, A25, SCMFSA_2:69; ::_thesis: verum end; supposeA59: k = 11 ; ::_thesis: ( (Comput (P,s,b1)) . (IC ) = b1 & (Comput (P,s,b1)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,b1)) . (fsloc 0) = s . (fsloc 0) ) hence (Comput (P,s,k)) . (IC ) = k by A52; ::_thesis: ( (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) & (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) ) thus (Comput (P,s,k)) . (intloc 0) = s . (intloc 0) by A55, A51, A59, SCMFSA_2:74; ::_thesis: (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) thus (Comput (P,s,k)) . (fsloc 0) = s . (fsloc 0) by A36, A51, A59, SCMFSA_2:74; ::_thesis: verum end; end; end; thus (Comput (P,s,11)) . (intloc 1) = len (s . (fsloc 0)) by A36, A51, SCMFSA_2:74; ::_thesis: ( (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) (Comput (P,s,1)) . (intloc 2) = s . (intloc 0) by A3, SCMFSA_2:63; then A60: (Comput (P,s,2)) . (intloc 2) = s . (intloc 0) by A5, SCMFSA_2:69; intloc 2 <> intloc 3 by SCMFSA_2:101; then (Comput (P,s,3)) . (intloc 2) = s . (intloc 0) by A60, A7, SCMFSA_2:63; then A61: (Comput (P,s,4)) . (intloc 2) = s . (intloc 0) by A9, SCMFSA_2:69; intloc 2 <> intloc 4 by SCMFSA_2:101; then (Comput (P,s,5)) . (intloc 2) = s . (intloc 0) by A61, A15, SCMFSA_2:63; then A62: (Comput (P,s,6)) . (intloc 2) = s . (intloc 0) by A17, SCMFSA_2:69; intloc 2 <> intloc 5 by SCMFSA_2:101; then (Comput (P,s,7)) . (intloc 2) = s . (intloc 0) by A62, A19, SCMFSA_2:63; then A63: (Comput (P,s,8)) . (intloc 2) = s . (intloc 0) by A21, SCMFSA_2:69; intloc 2 <> intloc 6 by SCMFSA_2:101; then (Comput (P,s,9)) . (intloc 2) = s . (intloc 0) by A63, A23, SCMFSA_2:63; then A64: (Comput (P,s,10)) . (intloc 2) = s . (intloc 0) by A25, SCMFSA_2:69; intloc 3 <> intloc 4 by SCMFSA_2:101; then (Comput (P,s,5)) . (intloc 3) = s . (intloc 0) by A14, A15, SCMFSA_2:63; then A65: (Comput (P,s,6)) . (intloc 3) = s . (intloc 0) by A17, SCMFSA_2:69; intloc 3 <> intloc 5 by SCMFSA_2:101; then (Comput (P,s,7)) . (intloc 3) = s . (intloc 0) by A65, A19, SCMFSA_2:63; then A66: (Comput (P,s,8)) . (intloc 3) = s . (intloc 0) by A21, SCMFSA_2:69; intloc 3 <> intloc 6 by SCMFSA_2:101; then (Comput (P,s,9)) . (intloc 3) = s . (intloc 0) by A66, A23, SCMFSA_2:63; then A67: (Comput (P,s,10)) . (intloc 3) = s . (intloc 0) by A25, SCMFSA_2:69; intloc 2 <> intloc 1 by SCMFSA_2:101; hence (Comput (P,s,11)) . (intloc 2) = s . (intloc 0) by A64, A51, SCMFSA_2:74; ::_thesis: ( (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) intloc 3 <> intloc 1 by SCMFSA_2:101; hence (Comput (P,s,11)) . (intloc 3) = s . (intloc 0) by A67, A51, SCMFSA_2:74; ::_thesis: ( (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) intloc 4 <> intloc 1 by SCMFSA_2:101; hence (Comput (P,s,11)) . (intloc 4) = s . (intloc 0) by A45, A51, SCMFSA_2:74; ::_thesis: ( (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) & (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) ) intloc 5 <> intloc 1 by SCMFSA_2:101; hence (Comput (P,s,11)) . (intloc 5) = s . (intloc 0) by A46, A51, SCMFSA_2:74; ::_thesis: (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) intloc 6 <> intloc 1 by SCMFSA_2:101; hence (Comput (P,s,11)) . (intloc 6) = s . (intloc 0) by A50, A51, SCMFSA_2:74; ::_thesis: verum end; Lm3: for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA holds ( ( s . (intloc (4 + 1)) > 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = 0 ) & ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 ) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds ( ( s . (intloc (4 + 1)) > 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = 0 ) & ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 ) ) let s be State of SCM+FSA; ::_thesis: ( ( s . (intloc (4 + 1)) > 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = 0 ) & ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 ) ) set s0 = Initialized s; set s1 = Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s)); hereby ::_thesis: ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 ) assume s . (intloc (4 + 1)) > 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = 0 hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . (intloc (1 + 1)) by SCM_HALT:44 .= (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . (intloc (1 + 1)) .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . (intloc (1 + 1)) by SCMFSA6C:5 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . (intloc (1 + 1)) .= ((Initialized s) . (intloc (1 + 1))) - ((Initialized s) . (intloc (1 + 1))) by SCMFSA_2:65 .= 0 ; ::_thesis: verum end; intloc (1 + 1) <> intloc (3 + 1) by SCMFSA_2:101; then A1: (Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))) . (intloc (1 + 1)) = (Initialized s) . (intloc (1 + 1)) by SCMFSA_2:64 .= s . (intloc (1 + 1)) by SCMFSA_M:37 ; A2: (Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))) . (intloc 0) = (Initialized s) . (intloc 0) by SCMFSA_2:64 .= 1 by SCMFSA_M:9 ; hereby ::_thesis: verum assume s . (intloc (4 + 1)) <= 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (1 + 1)) = (IExec (((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))),P,s)) . (intloc (1 + 1)) by SCM_HALT:44 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc 0))),(Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))))) . (intloc (1 + 1)) by SCMFSA6C:8 .= (s . (intloc (1 + 1))) - 1 by A1, A2, SCMFSA_2:65 ; ::_thesis: verum end; end; Lm4: for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) proof let s be State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA holds ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) set s0 = Initialized s; set s1 = Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s)); set s2 = IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s); A1: intloc (4 + 1) <> intloc (1 + 1) by SCMFSA_2:101; A2: (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (1 + 1)) = (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (intloc (1 + 1)) by SCMFSA6C:8 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (intloc (1 + 1)) by A1, SCMFSA_2:65 .= (Initialized s) . (intloc (1 + 1)) by A1, SCMFSA_2:72 .= s . (intloc (1 + 1)) by SCMFSA_M:37 ; percases ( (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (4 + 1)) > 0 or (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (4 + 1)) <= 0 ) ; supposeA3: (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (4 + 1)) > 0 ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (1 + 1)) by SCM_HALT:20 .= 0 by A3, Lm3 ; hence ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) ; ::_thesis: verum end; supposeA4: (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (4 + 1)) <= 0 ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (1 + 1)) by SCM_HALT:20 .= (s . (intloc (1 + 1))) - 1 by A2, A4, Lm3 ; hence ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < s . (intloc (1 + 1)) or (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= 0 ) by XREAL_1:146; ::_thesis: verum end; end; end; then Lm5: while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))) is InitHalting good Program of SCM+FSA by Th20; Lm6: not ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))) destroys intloc (3 + 1) proof A1: intloc (3 + 1) <> intloc (5 + 1) by SCMFSA_2:101; A2: not (intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))) destroys intloc (3 + 1) by SCMFSA7B:14, SCMFSA_2:101; A3: not SubFrom ((intloc (2 + 1)),(intloc 0)) destroys intloc (3 + 1) by SCMFSA7B:8, SCMFSA_2:101; not (intloc (1 + 1)) := (intloc (2 + 1)) destroys intloc (3 + 1) by SCMFSA7B:6, SCMFSA_2:101; then not (((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) destroys intloc (3 + 1) by A3, A2, SCMFSA8C:54, SCMFSA8C:55; then not ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))) destroys intloc (3 + 1) by A1, SCMFSA7B:14, SCMFSA8C:54; then not (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1))) destroys intloc (3 + 1) by SCMFSA7B:15, SCMFSA8C:54; hence not ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))) destroys intloc (3 + 1) by SCMFSA7B:15, SCMFSA8C:54; ::_thesis: verum end; Lm7: not ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))) destroys intloc (0 + 1) proof A1: intloc (0 + 1) <> intloc (5 + 1) by SCMFSA_2:101; A2: not (intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))) destroys intloc (0 + 1) by SCMFSA7B:14, SCMFSA_2:101; A3: not SubFrom ((intloc (2 + 1)),(intloc 0)) destroys intloc (0 + 1) by SCMFSA7B:8, SCMFSA_2:101; not (intloc (1 + 1)) := (intloc (2 + 1)) destroys intloc (0 + 1) by SCMFSA7B:6, SCMFSA_2:101; then not (((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) destroys intloc (0 + 1) by A3, A2, SCMFSA8C:54, SCMFSA8C:55; then not ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))) destroys intloc (0 + 1) by A1, SCMFSA7B:14, SCMFSA8C:54; then not (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1))) destroys intloc (0 + 1) by SCMFSA7B:15, SCMFSA8C:54; hence not ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))) destroys intloc (0 + 1) by SCMFSA7B:15, SCMFSA8C:54; ::_thesis: verum end; Lm8: not (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))) destroys intloc (0 + 1) proof intloc (0 + 1) <> intloc (1 + 1) by SCMFSA_2:101; then A1: not Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))) destroys intloc (0 + 1) by SCMFSA7B:8, SCMFSA8C:48; A2: not SubFrom ((intloc (1 + 1)),(intloc 0)) destroys intloc (0 + 1) by SCMFSA7B:8, SCMFSA_2:101; not AddTo ((intloc (3 + 1)),(intloc 0)) destroys intloc (0 + 1) by SCMFSA7B:7, SCMFSA_2:101; then not (AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))) destroys intloc (0 + 1) by A2, SCMFSA8C:55; then A3: not if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))) destroys intloc (0 + 1) by A1, SCMFSA8C:88; A4: not SubFrom ((intloc (4 + 1)),(intloc (5 + 1))) destroys intloc (0 + 1) by SCMFSA7B:8, SCMFSA_2:101; not (intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))) destroys intloc (0 + 1) by SCMFSA7B:14, SCMFSA_2:101; then not ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))) destroys intloc (0 + 1) by A4, SCMFSA8C:55; hence not (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))) destroys intloc (0 + 1) by A3, SCMFSA8C:52; ::_thesis: verum end; Lm9: not ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) destroys intloc (0 + 1) proof A1: not (intloc (2 + 1)) := (intloc (1 + 1)) destroys intloc (0 + 1) by SCMFSA7B:6, SCMFSA_2:101; A2: intloc (0 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A3: not SubFrom ((intloc (1 + 1)),(intloc (0 + 1))) destroys intloc (0 + 1) by SCMFSA7B:8, SCMFSA_2:101; not (intloc (1 + 1)) :=len (fsloc 0) destroys intloc (0 + 1) by SCMFSA7B:16, SCMFSA_2:101; then not (((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1))) destroys intloc (0 + 1) by A3, A1, SCMFSA8C:54, SCMFSA8C:55; then A4: not ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0))) destroys intloc (0 + 1) by A2, SCMFSA7B:7, SCMFSA8C:54; A5: intloc (0 + 1) <> intloc (3 + 1) by SCMFSA_2:101; intloc (0 + 1) <> intloc (5 + 1) by SCMFSA_2:101; then not (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))) destroys intloc (0 + 1) by A4, SCMFSA7B:14, SCMFSA8C:54; then A6: not ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))) destroys intloc (0 + 1) by A5, SCMFSA7B:8, SCMFSA8C:54; not while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))) destroys intloc (0 + 1) by Lm8, Th4; then A7: not (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))) destroys intloc (0 + 1) by A6, SCMFSA8C:52; not Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) destroys intloc (0 + 1) by Lm7, SCMBSORT:1, SCMFSA_2:101; hence not ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) destroys intloc (0 + 1) by A7, SCMFSA8C:52; ::_thesis: verum end; Lm10: ( Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) is good & Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) is InitHalting ) proof thus Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) is good ; ::_thesis: Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) is InitHalting let s be State of SCM+FSA; :: according to SCM_HALT:def_2 ::_thesis: ( not Initialize K555((intloc 0),1) c= s or for b1 being set holds ( not Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) c= b1 or b1 halts_on s ) ) assume A1: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for b1 being set holds ( not Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) c= b1 or b1 halts_on s ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( not Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) c= P or P halts_on s ) assume A2: Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) c= P ; ::_thesis: P halts_on s A3: P +* (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) = P by A2, FUNCT_4:98; Start-At (0,SCM+FSA) c= Initialize ((intloc 0) .--> 1) by FUNCT_4:25; then Start-At (0,SCM+FSA) c= s by A1, XBOOLE_1:1; then A4: Initialize s = s by FUNCT_4:98; A5: not ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))) destroys intloc (3 + 1) by Lm6; dom ((intloc 0) .--> 1) = {(intloc 0)} by FUNCOP_1:13; then A6: intloc 0 in dom ((intloc 0) .--> 1) by TARSKI:def_1; A7: IC <> intloc 0 by SCMFSA_2:56; dom (Start-At (0,SCM+FSA)) = {(IC )} by FUNCOP_1:13; then A8: not intloc 0 in dom (Start-At (0,SCM+FSA)) by A7, TARSKI:def_1; dom (Initialize ((intloc 0) .--> 1)) = (dom ((intloc 0) .--> 1)) \/ (dom (Start-At (0,SCM+FSA))) by FUNCT_4:def_1; then intloc 0 in dom (Initialize ((intloc 0) .--> 1)) by A6, XBOOLE_0:def_3; then s . (intloc 0) = (Initialize ((intloc 0) .--> 1)) . (intloc 0) by A1, GRFUNC_1:2 .= ((intloc 0) .--> 1) . (intloc 0) by A8, FUNCT_4:11 .= 1 by FUNCOP_1:72 ; then Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) is_halting_on s,P by A5, SCM_HALT:62; then P +* (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) halts_on Initialize s by SCMFSA7B:def_7; hence P halts_on s by A3, A4; ::_thesis: verum end; Lm11: ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) is InitHalting good Program of SCM+FSA proof reconsider TT = Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))) as InitHalting good Program of SCM+FSA by Lm10; reconsider WT = while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))) as InitHalting good Program of SCM+FSA by Lm4, Th20; reconsider t14 = ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0))) as InitHalting good Program of SCM+FSA ; reconsider t16 = (t14 ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))) as InitHalting good Program of SCM+FSA ; ( (t16 ";" WT) ";" TT is good & (t16 ";" WT) ";" TT is InitHalting ) ; hence ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) is InitHalting good Program of SCM+FSA ; ::_thesis: verum end; Lm12: ( Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) is good & Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) is InitHalting ) proof thus Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) is good ; ::_thesis: Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) is InitHalting let s be State of SCM+FSA; :: according to SCM_HALT:def_2 ::_thesis: ( not Initialize K555((intloc 0),1) c= s or for b1 being set holds ( not Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) c= b1 or b1 halts_on s ) ) assume A1: Initialize ((intloc 0) .--> 1) c= s ; ::_thesis: for b1 being set holds ( not Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) c= b1 or b1 halts_on s ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( not Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) c= P or P halts_on s ) assume A2: Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) c= P ; ::_thesis: P halts_on s A3: P +* (Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))) = P by A2, FUNCT_4:98; Start-At (0,SCM+FSA) c= Initialize ((intloc 0) .--> 1) by FUNCT_4:25; then Start-At (0,SCM+FSA) c= s by A1, XBOOLE_1:1; then A4: Initialize s = s by FUNCT_4:98; A5: not ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) destroys intloc (0 + 1) by Lm9; dom ((intloc 0) .--> 1) = {(intloc 0)} by FUNCOP_1:13; then A6: intloc 0 in dom ((intloc 0) .--> 1) by TARSKI:def_1; A7: IC <> intloc 0 by SCMFSA_2:56; dom (Start-At (0,SCM+FSA)) = {(IC )} by FUNCOP_1:13; then A8: not intloc 0 in dom (Start-At (0,SCM+FSA)) by A7, TARSKI:def_1; A9: ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))) is InitHalting good Program of SCM+FSA by Lm11; dom (Initialize ((intloc 0) .--> 1)) = (dom ((intloc 0) .--> 1)) \/ (dom (Start-At (0,SCM+FSA))) by FUNCT_4:def_1; then intloc 0 in dom (Initialize ((intloc 0) .--> 1)) by A6, XBOOLE_0:def_3; then s . (intloc 0) = (Initialize ((intloc 0) .--> 1)) . (intloc 0) by A1, GRFUNC_1:2 .= ((intloc 0) .--> 1) . (intloc 0) by A8, FUNCT_4:11 .= 1 by FUNCOP_1:72 ; then Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))) is_halting_on s,P by A5, A9, SCM_HALT:62; then P +* (Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))) halts_on Initialize s by SCMFSA7B:def_7; hence P halts_on s by A3, A4; ::_thesis: verum end; theorem :: SCMISORT:34 ( insert-sort (fsloc 0) is keepInt0_1 & insert-sort (fsloc 0) is InitHalting ) by Lm12; Lm13: for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA holds (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = s . (fsloc 0) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = s . (fsloc 0) let s be State of SCM+FSA; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = s . (fsloc 0) set s0 = Initialized s; percases ( s . (intloc (4 + 1)) > 0 or s . (intloc (4 + 1)) <= 0 ) ; suppose s . (intloc (4 + 1)) > 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = s . (fsloc 0) hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . (fsloc 0) by SCM_HALT:44 .= (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . (fsloc 0) .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . (fsloc 0) by SCMFSA6C:5 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . (fsloc 0) .= (Initialized s) . (fsloc 0) by SCMFSA_2:65 .= s . (fsloc 0) by SCMFSA_M:37 ; ::_thesis: verum end; suppose s . (intloc (4 + 1)) <= 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = s . (fsloc 0) hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (fsloc 0) = (IExec (((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))),P,s)) . (fsloc 0) by SCM_HALT:44 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc 0))),(Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))))) . (fsloc 0) by SCMFSA6C:9 .= (Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))) . (fsloc 0) by SCMFSA_2:65 .= (Initialized s) . (fsloc 0) by SCMFSA_2:64 .= s . (fsloc 0) by SCMFSA_M:37 ; ::_thesis: verum end; end; end; Lm14: for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA holds ( ( s . (intloc (4 + 1)) > 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) & ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds ( ( s . (intloc (4 + 1)) > 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) & ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) let s be State of SCM+FSA; ::_thesis: ( ( s . (intloc (4 + 1)) > 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) & ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) set s0 = Initialized s; A1: intloc (1 + 1) <> intloc (3 + 1) by SCMFSA_2:101; hereby ::_thesis: ( s . (intloc (4 + 1)) <= 0 implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) assume s . (intloc (4 + 1)) > 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . (intloc (3 + 1)) by SCM_HALT:44 .= (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . (intloc (3 + 1)) .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . (intloc (3 + 1)) by SCMFSA6C:5 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . (intloc (3 + 1)) .= (Initialized s) . (intloc (3 + 1)) by A1, SCMFSA_2:65 .= s . (intloc (3 + 1)) by SCMFSA_M:37 ; ::_thesis: verum end; assume s . (intloc (4 + 1)) <= 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . (intloc (3 + 1)) = (IExec (((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))),P,s)) . (intloc (3 + 1)) by SCM_HALT:44 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc 0))),(Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))))) . (intloc (3 + 1)) by SCMFSA6C:8 .= (Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))) . (intloc (3 + 1)) by A1, SCMFSA_2:65 .= ((Initialized s) . (intloc (3 + 1))) + ((Initialized s) . (intloc 0)) by SCMFSA_2:64 .= ((Initialized s) . (intloc (3 + 1))) + 1 by SCMFSA_M:9 .= (s . (intloc (3 + 1))) + 1 by SCMFSA_M:37 ; ::_thesis: verum end; Lm15: for P being Instruction-Sequence of SCM+FSA for a being read-write Int-Location for s being State of SCM+FSA st a <> intloc (3 + 1) & a <> intloc (1 + 1) holds (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for a being read-write Int-Location for s being State of SCM+FSA st a <> intloc (3 + 1) & a <> intloc (1 + 1) holds (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a let a be read-write Int-Location; ::_thesis: for s being State of SCM+FSA st a <> intloc (3 + 1) & a <> intloc (1 + 1) holds (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a let s be State of SCM+FSA; ::_thesis: ( a <> intloc (3 + 1) & a <> intloc (1 + 1) implies (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a ) assume that A1: a <> intloc (3 + 1) and A2: a <> intloc (1 + 1) ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a set s1 = Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s)); set s2 = IExec (((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))),P,s); A3: (Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))) . a = (Initialized s) . a by A1, SCMFSA_2:64 .= s . a by SCMFSA_M:37 ; A4: (IExec (((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))),P,s)) . a = (Exec ((SubFrom ((intloc (1 + 1)),(intloc 0))),(Exec ((AddTo ((intloc (3 + 1)),(intloc 0))),(Initialized s))))) . a by SCMFSA6C:8 .= s . a by A2, A3, SCMFSA_2:65 ; percases ( s . (intloc (4 + 1)) > 0 or s . (intloc (4 + 1)) <= 0 ) ; suppose s . (intloc (4 + 1)) > 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . a by SCM_HALT:44 .= (IExec ((Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),P,s)) . a .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . a by SCMFSA6C:5 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (1 + 1)))),(Initialized s))) . a .= (Initialized s) . a by A2, SCMFSA_2:65 .= s . a by SCMFSA_M:37 ; ::_thesis: verum end; suppose s . (intloc (4 + 1)) <= 0 ; ::_thesis: (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a hence (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,s)) . a = s . a by A4, SCM_HALT:44; ::_thesis: verum end; end; end; Lm16: for t being State of SCM+FSA for Q being Instruction-Sequence of SCM+FSA st t . (intloc (1 + 1)) >= 1 & t . (intloc (1 + 1)) <= len (t . (fsloc 0)) holds ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (intloc (2 + 1)) = t . (intloc (2 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (intloc (5 + 1)) = t . (intloc (5 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (fsloc 0) = t . (fsloc 0) & ex x1 being Integer st ( x1 = (t . (fsloc 0)) . (t . (intloc (1 + 1))) & ( x1 - (t . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (intloc (3 + 1)) = t . (intloc (3 + 1)) ) ) & ( x1 - (t . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (intloc (1 + 1)) = (t . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,t)) . (intloc (3 + 1)) = (t . (intloc (3 + 1))) + 1 ) ) ) ) proof let s be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st s . (intloc (1 + 1)) >= 1 & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) holds ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (intloc (5 + 1)) = s . (intloc (5 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (fsloc 0) = s . (fsloc 0) & ex x1 being Integer st ( x1 = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( x1 - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( x1 - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),Q,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( s . (intloc (1 + 1)) >= 1 & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) = s . (intloc (5 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & ex x1 being Integer st ( x1 = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( x1 - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( x1 - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) ) ) assume that A1: s . (intloc (1 + 1)) >= 1 and A2: s . (intloc (1 + 1)) <= len (s . (fsloc 0)) ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) = s . (intloc (5 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & ex x1 being Integer st ( x1 = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( x1 - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( x1 - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) ) A3: abs (s . (intloc (1 + 1))) = s . (intloc (1 + 1)) by A1, ABSVALUE:def_1; set s0 = Initialized s; set s1 = Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s)); set s2 = IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s); A4: intloc (3 + 1) <> intloc (2 + 1) by SCMFSA_2:101; reconsider k1 = s . (intloc (1 + 1)) as Element of NAT by A1, INT_1:3; reconsider n = (s . (fsloc 0)) . k1 as Integer ; A5: (s . (fsloc 0)) /. k1 = n by A1, A2, FINSEQ_4:15; A6: (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (intloc (4 + 1)) = ((Initialized s) . (fsloc 0)) /. (abs ((Initialized s) . (intloc (1 + 1)))) by SCMBSORT:2 .= ((Initialized s) . (fsloc 0)) /. (abs (s . (intloc (1 + 1)))) by SCMFSA_M:37 .= n by A3, A5, SCMFSA_M:37 ; A7: intloc (1 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A8: intloc (4 + 1) <> intloc (5 + 1) by SCMFSA_2:101; then A9: (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (intloc (5 + 1)) = (Initialized s) . (intloc (5 + 1)) by SCMFSA_2:72 .= s . (intloc (5 + 1)) by SCMFSA_M:37 ; A10: intloc (4 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A11: (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (4 + 1)) = (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (intloc (4 + 1)) by SCMFSA6C:8 .= n - (s . (intloc (5 + 1))) by A9, A6, SCMFSA_2:65 ; thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (2 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (2 + 1)) by SCM_HALT:20 .= (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (2 + 1)) by A4, A7, Lm15 .= (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (intloc (2 + 1)) by SCMFSA6C:8 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (intloc (2 + 1)) by A10, SCMFSA_2:65 .= (Initialized s) . (intloc (2 + 1)) by A10, SCMFSA_2:72 .= s . (intloc (2 + 1)) by SCMFSA_M:37 ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) = s . (intloc (5 + 1)) & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & ex x1 being Integer st ( x1 = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( x1 - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( x1 - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) ) A12: intloc (3 + 1) <> intloc (5 + 1) by SCMFSA_2:101; A13: intloc (1 + 1) <> intloc (5 + 1) by SCMFSA_2:101; thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (5 + 1)) by SCM_HALT:20 .= (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (5 + 1)) by A12, A13, Lm15 .= (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (intloc (5 + 1)) by SCMFSA6C:8 .= s . (intloc (5 + 1)) by A8, A9, SCMFSA_2:65 ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & ex x1 being Integer st ( x1 = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( x1 - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( x1 - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) ) A14: intloc (4 + 1) <> intloc (3 + 1) by SCMFSA_2:101; thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (fsloc 0) by SCM_HALT:21 .= (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (fsloc 0) by Lm13 .= (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (fsloc 0) by SCMFSA6C:9 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (fsloc 0) by SCMFSA_2:65 .= (Initialized s) . (fsloc 0) by SCMFSA_2:72 .= s . (fsloc 0) by SCMFSA_M:37 ; ::_thesis: ex x1 being Integer st ( x1 = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( x1 - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( x1 - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) take n ; ::_thesis: ( n = (s . (fsloc 0)) . (s . (intloc (1 + 1))) & ( n - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( n - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) A15: intloc (4 + 1) <> intloc (1 + 1) by SCMFSA_2:101; thus n = (s . (fsloc 0)) . (s . (intloc (1 + 1))) ; ::_thesis: ( ( n - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) & ( n - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) ) A16: (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (3 + 1)) = (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (intloc (3 + 1)) by SCMFSA6C:8 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (intloc (3 + 1)) by A14, SCMFSA_2:65 .= (Initialized s) . (intloc (3 + 1)) by A14, SCMFSA_2:72 .= s . (intloc (3 + 1)) by SCMFSA_M:37 ; hereby ::_thesis: ( n - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) assume A17: n - (s . (intloc (5 + 1))) > 0 ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (1 + 1)) by SCM_HALT:20 .= 0 by A11, A17, Lm3 ; ::_thesis: (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (3 + 1)) by SCM_HALT:20 .= s . (intloc (3 + 1)) by A16, A11, A17, Lm14 ; ::_thesis: verum end; A18: (IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)) . (intloc (1 + 1)) = (Exec ((SubFrom ((intloc (4 + 1)),(intloc (5 + 1)))),(Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))))) . (intloc (1 + 1)) by SCMFSA6C:8 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(Initialized s))) . (intloc (1 + 1)) by A15, SCMFSA_2:65 .= (Initialized s) . (intloc (1 + 1)) by A15, SCMFSA_2:72 .= s . (intloc (1 + 1)) by SCMFSA_M:37 ; assume A19: n - (s . (intloc (5 + 1))) <= 0 ; ::_thesis: ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (1 + 1)) by SCM_HALT:20 .= (s . (intloc (1 + 1))) - 1 by A18, A11, A19, Lm3 ; ::_thesis: (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 thus (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (IExec ((if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))),P,(IExec ((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))),P,s)))) . (intloc (3 + 1)) by SCM_HALT:20 .= (s . (intloc (3 + 1))) + 1 by A16, A11, A19, Lm14 ; ::_thesis: verum end; Lm17: for P being Instruction-Sequence of SCM+FSA for k being Element of NAT for s being State of SCM+FSA st s . (intloc (1 + 1)) = k & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) & s . (intloc (2 + 1)) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) & ( k = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k & ( k - n >= 1 implies ( x1 = (s . (fsloc 0)) . (k - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > k - n & i < k + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for k being Element of NAT for s being State of SCM+FSA st s . (intloc (1 + 1)) = k & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) & s . (intloc (2 + 1)) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) & ( k = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k & ( k - n >= 1 implies ( x1 = (s . (fsloc 0)) . (k - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > k - n & i < k + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) defpred S1[ Element of NAT ] means for s being State of SCM+FSA st s . (intloc (1 + 1)) = $1 & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) holds ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & ( $1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= $1 & ( $1 - n >= 1 implies ( x1 = (s . (fsloc 0)) . ($1 - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > $1 - n & i < $1 + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ); A1: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A2: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_for_s_being_State_of_SCM+FSA_st_s_._(intloc_(1_+_1))_=_k_+_1_&_s_._(intloc_(1_+_1))_<=_len_(s_._(fsloc_0))_holds_ (_(IExec_((while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))),P,s))_._(fsloc_0)_=_s_._(fsloc_0)_&_(IExec_((while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))),P,s))_._(intloc_(2_+_1))_=_s_._(intloc_(2_+_1))_&_(_k_+_1_=_0_or_ex_n_being_Element_of_NAT_ex_x1_being_Integer_st_ (_n_=_((IExec_((while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))),P,s))_._(intloc_(3_+_1)))_-_(s_._(intloc_(3_+_1)))_&_n_<=_k_+_1_&_(_(k_+_1)_-_n_>=_1_implies_(_x1_=_(s_._(fsloc_0))_._((k_+_1)_-_n)_&_x1_>=_s_._(intloc_(5_+_1))_)_)_&_(_for_i_being_Element_of_NAT_st_i_>_(k_+_1)_-_n_&_i_<_(k_+_1)_+_1_holds_ ex_x2_being_Integer_st_ (_x2_=_(s_._(fsloc_0))_._i_&_x2_<=_s_._(intloc_(5_+_1))_)_)_)_)_) let s be State of SCM+FSA; ::_thesis: ( s . (intloc (1 + 1)) = k + 1 & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) implies ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (fsloc 0) = b1 . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (intloc (2 + 1)) = b1 . (intloc (2 + 1)) & ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( x1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,n)) . (intloc (3 + 1))) - (n . (intloc (3 + 1))) & x1 <= k + 1 & ( (k + 1) - x1 >= 1 implies ( b3 = (n . (fsloc 0)) . ((k + 1) - x1) & b3 >= n . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st b4 > (k + 1) - x1 & b4 < (k + 1) + 1 holds ex x2 being Integer st ( b5 = (n . (fsloc 0)) . x2 & b5 <= n . (intloc (5 + 1)) ) ) ) ) ) ) assume that A3: s . (intloc (1 + 1)) = k + 1 and A4: s . (intloc (1 + 1)) <= len (s . (fsloc 0)) ; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (fsloc 0) = b1 . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (intloc (2 + 1)) = b1 . (intloc (2 + 1)) & ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( x1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,n)) . (intloc (3 + 1))) - (n . (intloc (3 + 1))) & x1 <= k + 1 & ( (k + 1) - x1 >= 1 implies ( b3 = (n . (fsloc 0)) . ((k + 1) - x1) & b3 >= n . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st b4 > (k + 1) - x1 & b4 < (k + 1) + 1 holds ex x2 being Integer st ( b5 = (n . (fsloc 0)) . x2 & b5 <= n . (intloc (5 + 1)) ) ) ) ) ) set bs = IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s); set bs0 = Initialized (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)); A5: s . (intloc (1 + 1)) >= 1 + 0 by A3, INT_1:7; then consider m being Integer such that A6: m = (s . (fsloc 0)) . (s . (intloc (1 + 1))) and A7: ( m - (s . (intloc (5 + 1))) > 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = 0 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = s . (intloc (3 + 1)) ) ) and A8: ( m - (s . (intloc (5 + 1))) <= 0 implies ( (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) = (s . (intloc (1 + 1))) - 1 & (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + 1 ) ) by A4, Lm16; reconsider WT = while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))) as InitHalting good Program of SCM+FSA by Lm4, Th20; percases ( m - (s . (intloc (5 + 1))) > 0 or m - (s . (intloc (5 + 1))) <= 0 ) ; supposeA9: m - (s . (intloc (5 + 1))) > 0 ; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (fsloc 0) = b1 . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (intloc (2 + 1)) = b1 . (intloc (2 + 1)) & ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( x1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,n)) . (intloc (3 + 1))) - (n . (intloc (3 + 1))) & x1 <= k + 1 & ( (k + 1) - x1 >= 1 implies ( b3 = (n . (fsloc 0)) . ((k + 1) - x1) & b3 >= n . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st b4 > (k + 1) - x1 & b4 < (k + 1) + 1 holds ex x2 being Integer st ( b5 = (n . (fsloc 0)) . x2 & b5 <= n . (intloc (5 + 1)) ) ) ) ) ) thus (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) = (IExec (WT,P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (fsloc 0) by A3, Th26 .= (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) by A7, A9, Th24 .= s . (fsloc 0) by A4, A5, Lm16 ; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) thus (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = (IExec (WT,P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (intloc (2 + 1)) by A3, Th27 .= (Initialized (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s))) . (intloc (2 + 1)) by A7, A9, Th25 .= (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (2 + 1)) by SCMFSA_M:37 .= s . (intloc (2 + 1)) by A4, A5, Lm16 ; ::_thesis: ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) A10: (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1)) = (IExec (WT,P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (intloc (3 + 1)) by A3, Th27 .= (Initialized (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s))) . (intloc (3 + 1)) by A7, A9, Th25 .= s . (intloc (3 + 1)) by A7, A9, SCMFSA_M:37 ; now__::_thesis:_ex_n_being_Element_of_NAT_ex_x1_being_Integer_st_ (_n_=_((IExec_((while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))),P,s))_._(intloc_(3_+_1)))_-_(s_._(intloc_(3_+_1)))_&_n_<=_k_+_1_&_(_(k_+_1)_-_n_>=_1_implies_(_x1_=_(s_._(fsloc_0))_._((k_+_1)_-_n)_&_x1_>=_0_+_(s_._(intloc_(5_+_1)))_)_)_&_(_for_i_being_Element_of_NAT_st_i_>_(k_+_1)_-_n_&_i_<_(k_+_1)_+_1_holds_ ex_x2_being_Integer_st_ (_x2_=_(s_._(fsloc_0))_._i_&_x2_<=_s_._(intloc_(5_+_1))_)_)_) take n = 0 ; ::_thesis: ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= 0 + (s . (intloc (5 + 1))) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) take x1 = m; ::_thesis: ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= 0 + (s . (intloc (5 + 1))) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) by A10; ::_thesis: ( n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= 0 + (s . (intloc (5 + 1))) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus n <= k + 1 ; ::_thesis: ( ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= 0 + (s . (intloc (5 + 1))) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= 0 + (s . (intloc (5 + 1))) ) ) by A3, A6, A9, XREAL_1:19; ::_thesis: for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) thus for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) by INT_1:7; ::_thesis: verum end; hence ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ; ::_thesis: verum end; supposeA11: m - (s . (intloc (5 + 1))) <= 0 ; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (fsloc 0) = b1 . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,b1)) . (intloc (2 + 1)) = b1 . (intloc (2 + 1)) & ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( x1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,n)) . (intloc (3 + 1))) - (n . (intloc (3 + 1))) & x1 <= k + 1 & ( (k + 1) - x1 >= 1 implies ( b3 = (n . (fsloc 0)) . ((k + 1) - x1) & b3 >= n . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st b4 > (k + 1) - x1 & b4 < (k + 1) + 1 holds ex x2 being Integer st ( b5 = (n . (fsloc 0)) . x2 & b5 <= n . (intloc (5 + 1)) ) ) ) ) ) (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) < k + 1 by A3, A7, A8, XREAL_1:29; then A12: (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (1 + 1)) <= len (s . (fsloc 0)) by A3, A4, XXREAL_0:2; A13: (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0) = s . (fsloc 0) by A4, A5, Lm16; thus (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) = (IExec (WT,P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (fsloc 0) by A3, Th26 .= s . (fsloc 0) by A2, A3, A8, A11, A13, A12 ; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) thus (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = (IExec (WT,P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (intloc (2 + 1)) by A3, Th27 .= (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (2 + 1)) by A2, A3, A8, A11, A13, A12 .= s . (intloc (2 + 1)) by A4, A5, Lm16 ; ::_thesis: ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) hereby ::_thesis: verum percases ( k <> 0 or k = 0 ) ; suppose k <> 0 ; ::_thesis: ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) then consider n being Element of NAT , x1 being Integer such that A14: n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (intloc (3 + 1))) - ((IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (3 + 1))) and A15: n <= k and A16: ( k - n >= 1 implies ( x1 = ((IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0)) . (k - n) & x1 >= (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) ) ) and A17: for i being Element of NAT st i > k - n & i < k + 1 holds ex x2 being Integer st ( x2 = ((IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0)) . i & x2 <= (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) ) by A2, A3, A8, A11, A13, A12; A18: (IExec (WT,P,s)) . (intloc (3 + 1)) = (s . (intloc (3 + 1))) + (1 + n) by A3, A8, A11, A14, Th27; now__::_thesis:_ex_n1_being_Element_of_NAT_ex_y1_being_Integer_st_ (_n1_=_((IExec_((while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))),P,s))_._(intloc_(3_+_1)))_-_(s_._(intloc_(3_+_1)))_&_n1_<=_k_+_1_&_(_(k_+_1)_-_n1_>=_1_implies_(_y1_=_(s_._(fsloc_0))_._((k_+_1)_-_n1)_&_y1_>=_s_._(intloc_(5_+_1))_)_)_&_(_for_i_being_Element_of_NAT_st_i_>_(k_+_1)_-_n1_&_i_<_(k_+_1)_+_1_holds_ ex_x2_being_Integer_st_ (_x2_=_(s_._(fsloc_0))_._i_&_x2_<=_s_._(intloc_(5_+_1))_)_)_) take n1 = 1 + n; ::_thesis: ex y1 being Integer st ( n1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n1 <= k + 1 & ( (k + 1) - n1 >= 1 implies ( y1 = (s . (fsloc 0)) . ((k + 1) - n1) & y1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) take y1 = x1; ::_thesis: ( n1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n1 <= k + 1 & ( (k + 1) - n1 >= 1 implies ( y1 = (s . (fsloc 0)) . ((k + 1) - n1) & y1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus n1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) by A18; ::_thesis: ( n1 <= k + 1 & ( (k + 1) - n1 >= 1 implies ( y1 = (s . (fsloc 0)) . ((k + 1) - n1) & y1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus n1 <= k + 1 by A15, XREAL_1:6; ::_thesis: ( ( (k + 1) - n1 >= 1 implies ( y1 = (s . (fsloc 0)) . ((k + 1) - n1) & y1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus ( (k + 1) - n1 >= 1 implies ( y1 = (s . (fsloc 0)) . ((k + 1) - n1) & y1 >= s . (intloc (5 + 1)) ) ) by A4, A5, A16, Lm16; ::_thesis: for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) now__::_thesis:_for_i_being_Element_of_NAT_st_i_>_(k_+_1)_-_n1_&_i_<_(k_+_1)_+_1_holds_ ex_x2_being_Integer_st_ (_x2_=_(s_._(fsloc_0))_._i_&_x2_<=_s_._(intloc_(5_+_1))_) let i be Element of NAT ; ::_thesis: ( i > (k + 1) - n1 & i < (k + 1) + 1 implies ex x2 being Integer st ( b2 = (s . (fsloc 0)) . x2 & b2 <= s . (intloc (5 + 1)) ) ) assume that A19: i > (k + 1) - n1 and A20: i < (k + 1) + 1 ; ::_thesis: ex x2 being Integer st ( b2 = (s . (fsloc 0)) . x2 & b2 <= s . (intloc (5 + 1)) ) percases ( i = k + 1 or i <> k + 1 ) ; supposeA21: i = k + 1 ; ::_thesis: ex x2 being Integer st ( b2 = (s . (fsloc 0)) . x2 & b2 <= s . (intloc (5 + 1)) ) take x2 = m; ::_thesis: ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) thus x2 = (s . (fsloc 0)) . i by A3, A6, A21; ::_thesis: x2 <= s . (intloc (5 + 1)) x2 <= 0 + (s . (intloc (5 + 1))) by A11, XREAL_1:20; hence x2 <= s . (intloc (5 + 1)) ; ::_thesis: verum end; supposeA22: i <> k + 1 ; ::_thesis: ex x2 being Integer st ( b2 = (s . (fsloc 0)) . x2 & b2 <= s . (intloc (5 + 1)) ) i <= k + 1 by A20, INT_1:7; then i < k + 1 by A22, XXREAL_0:1; then consider y2 being Integer such that A23: y2 = ((IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (fsloc 0)) . i and A24: y2 <= (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)) . (intloc (5 + 1)) by A17, A19; take x2 = y2; ::_thesis: ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) thus x2 = (s . (fsloc 0)) . i by A4, A5, A23, Lm16; ::_thesis: x2 <= s . (intloc (5 + 1)) thus x2 <= s . (intloc (5 + 1)) by A4, A5, A24, Lm16; ::_thesis: verum end; end; end; hence for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ; ::_thesis: verum end; hence ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ; ::_thesis: verum end; supposeA25: k = 0 ; ::_thesis: ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) A26: (IExec (WT,P,s)) . (intloc (3 + 1)) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,(IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s)))) . (intloc (3 + 1)) by A3, Th27 .= (Initialized (IExec (((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))),P,s))) . (intloc (3 + 1)) by A3, A7, A8, A25, Th25 .= (s . (intloc (3 + 1))) + 1 by A8, A11, SCMFSA_M:37 ; now__::_thesis:_ex_n1_being_Element_of_NAT_ex_x1_being_Element_of_NAT_st_ (_n1_=_((IExec_((while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))),P,s))_._(intloc_(3_+_1)))_-_(s_._(intloc_(3_+_1)))_&_n1_<=_k_+_1_&_(_(k_+_1)_-_n1_>=_1_implies_(_x1_=_(s_._(fsloc_0))_._((k_+_1)_-_n1)_&_x1_>=_s_._(intloc_(5_+_1))_)_)_&_(_for_i_being_Element_of_NAT_st_i_>_(k_+_1)_-_n1_&_i_<_(k_+_1)_+_1_holds_ ex_x2_being_Integer_st_ (_x2_=_(s_._(fsloc_0))_._i_&_x2_<=_s_._(intloc_(5_+_1))_)_)_) take n1 = 1; ::_thesis: ex x1 being Element of NAT st ( n1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n1 <= k + 1 & ( (k + 1) - n1 >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n1) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) take x1 = 0 ; ::_thesis: ( n1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n1 <= k + 1 & ( (k + 1) - n1 >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n1) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus n1 = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) by A26; ::_thesis: ( n1 <= k + 1 & ( (k + 1) - n1 >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n1) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus n1 <= k + 1 by A25; ::_thesis: ( ( (k + 1) - n1 >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n1) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) thus ( (k + 1) - n1 >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n1) & x1 >= s . (intloc (5 + 1)) ) ) by A25; ::_thesis: for i being Element of NAT st i > (k + 1) - n1 & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) hereby ::_thesis: verum let i be Element of NAT ; ::_thesis: ( i > (k + 1) - n1 & i < (k + 1) + 1 implies ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) assume that A27: i > (k + 1) - n1 and A28: i < (k + 1) + 1 ; ::_thesis: ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) take x2 = m; ::_thesis: ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) A29: i >= 0 + 1 by A27, INT_1:7; i <= 1 by A25, A28, INT_1:7; hence x2 = (s . (fsloc 0)) . i by A3, A6, A25, A29, XXREAL_0:1; ::_thesis: x2 <= s . (intloc (5 + 1)) x2 <= 0 + (s . (intloc (5 + 1))) by A11, XREAL_1:20; hence x2 <= s . (intloc (5 + 1)) ; ::_thesis: verum end; end; hence ( k + 1 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k + 1 & ( (k + 1) - n >= 1 implies ( x1 = (s . (fsloc 0)) . ((k + 1) - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > (k + 1) - n & i < (k + 1) + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ; ::_thesis: verum end; end; end; end; end; end; hence S1[k + 1] ; ::_thesis: verum end; A30: S1[ 0 ] proof let s be State of SCM+FSA; ::_thesis: ( s . (intloc (1 + 1)) = 0 & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) implies ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & ( 0 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= 0 & ( 0 - n >= 1 implies ( x1 = (s . (fsloc 0)) . (0 - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > 0 - n & i < 0 + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) ) set s0 = Initialized s; assume that A31: s . (intloc (1 + 1)) = 0 and s . (intloc (1 + 1)) <= len (s . (fsloc 0)) ; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & ( 0 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= 0 & ( 0 - n >= 1 implies ( x1 = (s . (fsloc 0)) . (0 - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > 0 - n & i < 0 + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) thus (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) = s . (fsloc 0) by A31, Th24; ::_thesis: ( (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = s . (intloc (2 + 1)) & ( 0 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= 0 & ( 0 - n >= 1 implies ( x1 = (s . (fsloc 0)) . (0 - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > 0 - n & i < 0 + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) thus (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) = (Initialized s) . (intloc (2 + 1)) by A31, Th25 .= s . (intloc (2 + 1)) by SCMFSA_M:37 ; ::_thesis: ( 0 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= 0 & ( 0 - n >= 1 implies ( x1 = (s . (fsloc 0)) . (0 - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > 0 - n & i < 0 + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) thus ( 0 = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= 0 & ( 0 - n >= 1 implies ( x1 = (s . (fsloc 0)) . (0 - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > 0 - n & i < 0 + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ; ::_thesis: verum end; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A30, A1); hence for k being Element of NAT for s being State of SCM+FSA st s . (intloc (1 + 1)) = k & s . (intloc (1 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (fsloc 0) & s . (intloc (2 + 1)) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (2 + 1)) & ( k = 0 or ex n being Element of NAT ex x1 being Integer st ( n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),P,s)) . (intloc (3 + 1))) - (s . (intloc (3 + 1))) & n <= k & ( k - n >= 1 implies ( x1 = (s . (fsloc 0)) . (k - n) & x1 >= s . (intloc (5 + 1)) ) ) & ( for i being Element of NAT st i > k - n & i < k + 1 holds ex x2 being Integer st ( x2 = (s . (fsloc 0)) . i & x2 <= s . (intloc (5 + 1)) ) ) ) ) ) ; ::_thesis: verum end; Lm18: for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA holds ( (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 1 & (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) = ((s . (fsloc 0)) +* ((abs (s . (intloc (2 + 1)))),((s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1))))) +* ((abs ((s . (intloc (2 + 1))) - 1)),((s . (fsloc 0)) /. (abs (s . (intloc (2 + 1)))))) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds ( (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 1 & (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) = ((s . (fsloc 0)) +* ((abs (s . (intloc (2 + 1)))),((s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1))))) +* ((abs ((s . (intloc (2 + 1))) - 1)),((s . (fsloc 0)) /. (abs (s . (intloc (2 + 1)))))) ) let s be State of SCM+FSA; ::_thesis: ( (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 1 & (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) = ((s . (fsloc 0)) +* ((abs (s . (intloc (2 + 1)))),((s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1))))) +* ((abs ((s . (intloc (2 + 1))) - 1)),((s . (fsloc 0)) /. (abs (s . (intloc (2 + 1)))))) ) set s0 = Initialized s; set s1 = Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s)); set s2 = IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s); set s3 = IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s); set s4 = IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s); set s5 = IExec (((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))),P,s); set s6 = IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s); A1: intloc (5 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A2: (Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))) . (intloc 0) = (Initialized s) . (intloc 0) by SCMFSA_2:63 .= 1 by SCMFSA_M:9 ; A3: intloc (5 + 1) <> intloc (1 + 1) by SCMFSA_2:101; A4: intloc (1 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A5: intloc (5 + 1) <> intloc (4 + 1) by SCMFSA_2:101; A6: intloc (4 + 1) <> intloc (1 + 1) by SCMFSA_2:101; A7: (IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)) . (intloc (1 + 1)) = (Exec ((SubFrom ((intloc (2 + 1)),(intloc 0))),(Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))))) . (intloc (1 + 1)) by SCMFSA6C:8 .= (Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))) . (intloc (1 + 1)) by A4, SCMFSA_2:65 .= (Initialized s) . (intloc (2 + 1)) by SCMFSA_2:63 .= s . (intloc (2 + 1)) by SCMFSA_M:37 ; A8: (IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (1 + 1)) = (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)))) . (intloc (1 + 1)) by SCMFSA6C:6 .= (IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)) . (intloc (1 + 1)) by A3, SCMFSA_2:72 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (intloc (1 + 1)) by SCMFSA6C:6 .= s . (intloc (2 + 1)) by A6, A7, SCMFSA_2:72 ; A9: intloc (4 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A10: (IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)) . (intloc (2 + 1)) = (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= (IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1)) by A9, SCMFSA_2:72 .= (Exec ((SubFrom ((intloc (2 + 1)),(intloc 0))),(Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))))) . (intloc (2 + 1)) by SCMFSA6C:8 .= ((Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))) . (intloc (2 + 1))) - ((Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))) . (intloc 0)) by SCMFSA_2:65 .= ((Initialized s) . (intloc (2 + 1))) - ((Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))) . (intloc 0)) by A4, SCMFSA_2:63 .= (s . (intloc (2 + 1))) - 1 by A2, SCMFSA_M:37 ; A11: (IExec (((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))),P,s)) . (intloc (2 + 1)) = (Exec ((((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1))),(IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= (IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (2 + 1)) by SCMFSA_2:73 .= (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= (s . (intloc (2 + 1))) - 1 by A1, A10, SCMFSA_2:72 ; thus (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (2 + 1)) = (Exec ((((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))),(IExec (((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= (s . (intloc (2 + 1))) - 1 by A11, SCMFSA_2:73 ; ::_thesis: (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) = ((s . (fsloc 0)) +* ((abs (s . (intloc (2 + 1)))),((s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1))))) +* ((abs ((s . (intloc (2 + 1))) - 1)),((s . (fsloc 0)) /. (abs (s . (intloc (2 + 1)))))) A12: (IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)) . (fsloc 0) = (Exec ((SubFrom ((intloc (2 + 1)),(intloc 0))),(Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))))) . (fsloc 0) by SCMFSA6C:9 .= (Exec (((intloc (1 + 1)) := (intloc (2 + 1))),(Initialized s))) . (fsloc 0) by SCMFSA_2:65 .= (Initialized s) . (fsloc 0) by SCMFSA_2:63 .= s . (fsloc 0) by SCMFSA_M:37 ; A13: (IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)) . (fsloc 0) = (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= s . (fsloc 0) by A12, SCMFSA_2:72 ; A14: (IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (fsloc 0) = (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= s . (fsloc 0) by A13, SCMFSA_2:72 ; A15: (IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (5 + 1)) = (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)))) . (intloc (5 + 1)) by SCMFSA6C:6 .= (s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1)) by A10, A13, SCMBSORT:2 ; A16: (IExec (((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))),P,s)) . (fsloc 0) = (Exec ((((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1))),(IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (s . (fsloc 0)) +* ((abs (s . (intloc (2 + 1)))),((s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1)))) by A14, A8, A15, SCMBSORT:3 ; A17: (IExec (((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))),P,s)) . (intloc (4 + 1)) = (Exec ((((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1))),(IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (intloc (4 + 1)) by SCMFSA6C:6 .= (IExec ((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (4 + 1)) by SCMFSA_2:73 .= (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)))) . (intloc (4 + 1)) by SCMFSA6C:6 .= (IExec (((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))),P,s)) . (intloc (4 + 1)) by A5, SCMFSA_2:72 .= (Exec (((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))),(IExec ((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (intloc (4 + 1)) by SCMFSA6C:6 .= (s . (fsloc 0)) /. (abs (s . (intloc (2 + 1)))) by A12, A7, SCMBSORT:2 ; thus (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) = (Exec ((((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))),(IExec (((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= ((s . (fsloc 0)) +* ((abs (s . (intloc (2 + 1)))),((s . (fsloc 0)) /. (abs ((s . (intloc (2 + 1))) - 1))))) +* ((abs ((s . (intloc (2 + 1))) - 1)),((s . (fsloc 0)) /. (abs (s . (intloc (2 + 1)))))) by A11, A17, A16, SCMBSORT:3 ; ::_thesis: verum end; Lm19: for k being Element of NAT for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . (intloc (3 + 1)) = k & k < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - k & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - k) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - k < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - k holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) proof defpred S1[ Element of NAT ] means for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . (intloc (3 + 1)) = $1 & $1 < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - $1 & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - $1) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - $1 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - $1 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ); A1: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] set s4 = SubFrom ((intloc (3 + 1)),(intloc 0)); let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A2: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_for_s_being_State_of_SCM+FSA for_P_being_Instruction-Sequence_of_SCM+FSA_st_s_._(intloc_(3_+_1))_=_k_+_1_&_k_+_1_<_s_._(intloc_(2_+_1))_&_s_._(intloc_(2_+_1))_<=_len_(s_._(fsloc_0))_holds_ (_s_._(fsloc_0),(IExec_((Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))),P,s))_._(fsloc_0)_are_fiberwise_equipotent_&_(IExec_((Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))),P,s))_._(intloc_(2_+_1))_=_(s_._(intloc_(2_+_1)))_-_(k_+_1)_&_((IExec_((Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))),P,s))_._(fsloc_0))_._((s_._(intloc_(2_+_1)))_-_(k_+_1))_=_(s_._(fsloc_0))_._(s_._(intloc_(2_+_1)))_&_(_for_i_being_Element_of_NAT_st_(s_._(intloc_(2_+_1)))_-_(k_+_1)_<_i_&_i_<=_s_._(intloc_(2_+_1))_holds_ ((IExec_((Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))),P,s))_._(fsloc_0))_._i_=_(s_._(fsloc_0))_._(i_-_1)_)_&_(_for_i_being_Element_of_NAT_st_s_._(intloc_(2_+_1))_<_i_&_i_<=_len_(s_._(fsloc_0))_holds_ ((IExec_((Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))),P,s))_._(fsloc_0))_._i_=_(s_._(fsloc_0))_._i_)_&_(_for_i_being_Element_of_NAT_st_1_<=_i_&_i_<_(s_._(intloc_(2_+_1)))_-_(k_+_1)_holds_ ((IExec_((Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))),P,s))_._(fsloc_0))_._i_=_(s_._(fsloc_0))_._i_)_) A3: intloc (3 + 1) <> intloc (2 + 1) by SCMFSA_2:101; let s be State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA st s . (intloc (3 + 1)) = k + 1 & k + 1 < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - (k + 1) & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - (k + 1)) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( s . (intloc (3 + 1)) = k + 1 & k + 1 < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) implies ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - (k + 1) & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - (k + 1)) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) ) assume that A4: s . (intloc (3 + 1)) = k + 1 and A5: k + 1 < s . (intloc (2 + 1)) and A6: s . (intloc (2 + 1)) <= len (s . (fsloc 0)) ; ::_thesis: ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - (k + 1) & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - (k + 1)) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) A7: (k + 1) - 1 < (s . (intloc (2 + 1))) - 1 by A5, XREAL_1:9; then reconsider n = (s . (intloc (2 + 1))) - 1 as Element of NAT by INT_1:3; A8: n <= len (s . (fsloc 0)) by A6, XREAL_1:146, XXREAL_0:2; set b3s = IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s); set bds = IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s); set ff = s . (fsloc 0); set gg = (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0); A9: (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (3 + 1)) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc 0))),(IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)))) . (intloc (3 + 1)) by SCMFSA6C:6 .= ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (3 + 1))) - ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc 0)) by SCMFSA_2:65 .= ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (3 + 1))) - 1 by SCMFSA6B:11 .= ((Initialized s) . (intloc (3 + 1))) - 1 by Lm6, SCMFSA8C:62 .= (k + 1) - 1 by A4, SCMFSA_M:37 .= k ; reconsider m = s . (intloc (2 + 1)) as Element of NAT by A5, INT_1:3; A10: 0 + 1 <= k + 1 by XREAL_1:6; then A11: 1 <= m by A5, XXREAL_0:2; A12: abs (s . (intloc (2 + 1))) = m by ABSVALUE:def_1; (k + 1) + 1 <= m by A5, INT_1:7; then ((k + 1) + 1) - 1 <= n by XREAL_1:9; then A13: 1 <= n by A10, XXREAL_0:2; A14: (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) = (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0) by A4, Lm6, SCM_HALT:69; A15: (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1)) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc 0))),(IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (intloc (2 + 1)) by A3, SCMFSA_2:65 .= (s . (intloc (2 + 1))) - 1 by Lm18 ; then A16: ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1))) - k = (s . (intloc (2 + 1))) - (k + 1) ; abs ((s . (intloc (2 + 1))) - 1) = n by ABSVALUE:def_1; then A17: (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) = ((s . (fsloc 0)) +* (m,((s . (fsloc 0)) /. n))) +* (n,((s . (fsloc 0)) /. m)) by A12, Lm18; then A18: (s . (fsloc 0)) . m = ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0)) . n by A6, A11, A13, A8, FUNCT_7:113; A19: (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (fsloc 0) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc 0))),(IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) by SCMFSA_2:65 ; then A20: s . (fsloc 0),(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (fsloc 0) are_fiberwise_equipotent by A6, A11, A13, A8, A17, FUNCT_7:113; then A21: n <= len ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (fsloc 0)) by A8, RFINSEQ:3; then (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0) are_fiberwise_equipotent by A2, A9, A15, A7; hence s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent by A20, A14, CLASSES1:76; ::_thesis: ( (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - (k + 1) & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - (k + 1)) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) s . (fsloc 0),(IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0) are_fiberwise_equipotent by A6, A11, A13, A8, A17, FUNCT_7:113; then A22: len (s . (fsloc 0)) = len ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (fsloc 0)) by A19, RFINSEQ:3; (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (intloc (2 + 1)) = ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1))) - k by A2, A9, A15, A7, A21; hence (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - (k + 1) by A4, A15, Lm6, SCM_HALT:70; ::_thesis: ( ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - (k + 1)) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0)) . (((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1))) - k) = ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (fsloc 0)) . ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1))) by A2, A9, A15, A7, A21; hence ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - (k + 1)) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) by A4, A15, A19, A18, Lm6, SCM_HALT:69; ::_thesis: ( ( for i being Element of NAT st (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) A23: (s . (fsloc 0)) . n = ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0)) . m by A6, A11, A13, A8, A17, FUNCT_7:113; hereby ::_thesis: ( ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) let i be Element of NAT ; ::_thesis: ( (s . (intloc (2 + 1))) - (k + 1) < i & i <= s . (intloc (2 + 1)) implies ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . b1 = (s . (fsloc 0)) . (b1 - 1) ) assume that A24: (s . (intloc (2 + 1))) - (k + 1) < i and A25: i <= s . (intloc (2 + 1)) ; ::_thesis: ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . b1 = (s . (fsloc 0)) . (b1 - 1) percases ( i = s . (intloc (2 + 1)) or i <> s . (intloc (2 + 1)) ) ; supposeA26: i = s . (intloc (2 + 1)) ; ::_thesis: ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . b1 = (s . (fsloc 0)) . (b1 - 1) then A27: (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1)) < i by A15, XREAL_1:146; thus ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0)) . i by A4, Lm6, SCM_HALT:69 .= (s . (fsloc 0)) . (i - 1) by A2, A6, A9, A15, A7, A19, A8, A23, A22, A26, A27 ; ::_thesis: verum end; suppose i <> s . (intloc (2 + 1)) ; ::_thesis: ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . b1 = (s . (fsloc 0)) . (b1 - 1) then i < s . (intloc (2 + 1)) by A25, XXREAL_0:1; then A28: i + 1 <= s . (intloc (2 + 1)) by INT_1:7; then A29: i <= (s . (intloc (2 + 1))) - 1 by XREAL_1:19; A30: i <= (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1)) by A15, A28, XREAL_1:19; ((s . (intloc (2 + 1))) - (k + 1)) + 1 <= i by A24, INT_1:7; then A31: (((s . (intloc (2 + 1))) - (k + 1)) + 1) - 1 <= i - 1 by XREAL_1:9; A32: (k + 1) - (k + 1) < (s . (intloc (2 + 1))) - (k + 1) by A5, XREAL_1:9; then reconsider i1 = i - 1 as Element of NAT by A31, INT_1:3; i - 1 < s . (intloc (2 + 1)) by A25, XREAL_1:146, XXREAL_0:2; then A33: i1 <= len (s . (fsloc 0)) by A6, XXREAL_0:2; 1 + 0 <= (s . (intloc (2 + 1))) - (k + 1) by A32, INT_1:7; then 1 <= i - 1 by A31, XXREAL_0:2; then A34: i1 in dom (s . (fsloc 0)) by A33, FINSEQ_3:25; A35: i - 1 < i by XREAL_1:146; thus ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0)) . i by A4, Lm6, SCM_HALT:69 .= ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0)) . (i - 1) by A2, A9, A7, A19, A8, A22, A16, A24, A30 .= (s . (fsloc 0)) . (i - 1) by A6, A11, A13, A8, A17, A25, A29, A35, A34, FUNCT_7:113 ; ::_thesis: verum end; end; end; hereby ::_thesis: for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i A36: 1 <= k + 1 by NAT_1:11; let i be Element of NAT ; ::_thesis: ( s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) implies ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) assume that A37: s . (intloc (2 + 1)) < i and A38: i <= len (s . (fsloc 0)) ; ::_thesis: ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i A39: n <> i by A37, XREAL_1:146; k + 1 < i by A5, A37, XXREAL_0:2; then 1 <= i by A36, XXREAL_0:2; then A40: i in dom (s . (fsloc 0)) by A38, FINSEQ_3:25; A41: (IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1)) < i by A15, A37, XREAL_1:146, XXREAL_0:2; thus ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0)) . i by A4, Lm6, SCM_HALT:69 .= ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0)) . i by A2, A9, A15, A7, A19, A8, A22, A38, A41 .= (s . (fsloc 0)) . i by A6, A11, A13, A8, A17, A37, A39, A40, FUNCT_7:113 ; ::_thesis: verum end; hereby ::_thesis: verum let i be Element of NAT ; ::_thesis: ( 1 <= i & i < (s . (intloc (2 + 1))) - (k + 1) implies ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) assume that A42: 1 <= i and A43: i < (s . (intloc (2 + 1))) - (k + 1) ; ::_thesis: ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i A44: ((s . (intloc (2 + 1))) - 1) - k <= ((s . (intloc (2 + 1))) - 1) - 0 by XREAL_1:13; then A45: i <> m by A43, XREAL_1:146, XXREAL_0:2; i < (s . (intloc (2 + 1))) - 1 by A43, A44, XXREAL_0:2; then i < s . (intloc (2 + 1)) by XREAL_1:146, XXREAL_0:2; then i <= len (s . (fsloc 0)) by A6, XXREAL_0:2; then A46: i in dom (s . (fsloc 0)) by A42, FINSEQ_3:25; A47: i < ((IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1))) - k by A15, A43; thus ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))) ";" (SubFrom ((intloc (3 + 1)),(intloc 0)))),P,s)))) . (fsloc 0)) . i by A4, Lm6, SCM_HALT:69 .= ((IExec ((((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))),P,s)) . (fsloc 0)) . i by A2, A9, A15, A7, A19, A8, A22, A42, A47 .= (s . (fsloc 0)) . i by A6, A11, A13, A8, A17, A43, A44, A45, A46, FUNCT_7:113 ; ::_thesis: verum end; end; hence S1[k + 1] ; ::_thesis: verum end; A48: S1[ 0 ] proof let s be State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA st s . (intloc (3 + 1)) = 0 & 0 < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 0 & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - 0) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( s . (intloc (3 + 1)) = 0 & 0 < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) implies ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 0 & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - 0) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) ) assume that A49: s . (intloc (3 + 1)) = 0 and 0 < s . (intloc (2 + 1)) and s . (intloc (2 + 1)) <= len (s . (fsloc 0)) ; ::_thesis: ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 0 & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - 0) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) thus s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent by A49, SCM_HALT:67; ::_thesis: ( (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - 0 & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - 0) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) thus (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (Initialized s) . (intloc (2 + 1)) by A49, SCM_HALT:68 .= (s . (intloc (2 + 1))) - 0 by SCMFSA_M:37 ; ::_thesis: ( ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - 0) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) thus ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - 0) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) by A49, SCM_HALT:67; ::_thesis: ( ( for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) thus for i being Element of NAT st (s . (intloc (2 + 1))) - 0 < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ; ::_thesis: ( ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) thus for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i by A49, SCM_HALT:67; ::_thesis: for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i thus for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - 0 holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i by A49, SCM_HALT:67; ::_thesis: verum end; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A48, A1); hence for k being Element of NAT for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . (intloc (3 + 1)) = k & k < s . (intloc (2 + 1)) & s . (intloc (2 + 1)) <= len (s . (fsloc 0)) holds ( s . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (intloc (2 + 1)) = (s . (intloc (2 + 1))) - k & ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . ((s . (intloc (2 + 1))) - k) = (s . (fsloc 0)) . (s . (intloc (2 + 1))) & ( for i being Element of NAT st (s . (intloc (2 + 1))) - k < i & i <= s . (intloc (2 + 1)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . (i - 1) ) & ( for i being Element of NAT st s . (intloc (2 + 1)) < i & i <= len (s . (fsloc 0)) holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) & ( for i being Element of NAT st 1 <= i & i < (s . (intloc (2 + 1))) - k holds ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),P,s)) . (fsloc 0)) . i = (s . (fsloc 0)) . i ) ) ; ::_thesis: verum end; Lm20: for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA holds ( (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (1 + 1)) = (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (2 + 1)) = ((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = 0 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) ) proof let s be State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA holds ( (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (1 + 1)) = (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (2 + 1)) = ((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = 0 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (1 + 1)) = (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (2 + 1)) = ((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = 0 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) ) set s0 = Initialized s; set s1 = Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s)); set s2 = IExec ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))),P,s); set s3 = IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s); set s4 = IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s); set s5 = IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s); set s6 = IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s); A1: intloc (3 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A2: intloc (3 + 1) <> intloc (1 + 1) by SCMFSA_2:101; A3: intloc (5 + 1) <> intloc (1 + 1) by SCMFSA_2:101; A4: intloc (5 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A5: intloc (1 + 1) <> intloc (0 + 1) by SCMFSA_2:101; A6: intloc (1 + 1) <> intloc (2 + 1) by SCMFSA_2:101; A7: (IExec ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))),P,s)) . (intloc (1 + 1)) = (Exec ((SubFrom ((intloc (1 + 1)),(intloc (0 + 1)))),(Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s))))) . (intloc (1 + 1)) by SCMFSA6C:8 .= ((Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s))) . (intloc (1 + 1))) - ((Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s))) . (intloc (0 + 1))) by SCMFSA_2:65 .= (len ((Initialized s) . (fsloc 0))) - ((Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s))) . (intloc (0 + 1))) by SCMFSA_2:74 .= (len ((Initialized s) . (fsloc 0))) - ((Initialized s) . (intloc (0 + 1))) by A5, SCMFSA_2:74 .= (len (s . (fsloc 0))) - ((Initialized s) . (intloc (0 + 1))) by SCMFSA_M:37 .= (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) by SCMFSA_M:37 ; thus (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (1 + 1)) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))),(IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (intloc (1 + 1)) by SCMFSA6C:6 .= (IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (1 + 1)) by A2, SCMFSA_2:65 .= (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (intloc (1 + 1)) by SCMFSA6C:6 .= (IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)) . (intloc (1 + 1)) by A3, SCMFSA_2:72 .= (Exec ((AddTo ((intloc (2 + 1)),(intloc 0))),(IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)))) . (intloc (1 + 1)) by SCMFSA6C:6 .= (IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)) . (intloc (1 + 1)) by A6, SCMFSA_2:64 .= (Exec (((intloc (2 + 1)) := (intloc (1 + 1))),(IExec ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))),P,s)))) . (intloc (1 + 1)) by SCMFSA6C:6 .= (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) by A6, A7, SCMFSA_2:63 ; ::_thesis: ( (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (2 + 1)) = ((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = 0 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) ) A8: (IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)) . (intloc 0) = 1 by SCMFSA6B:11; A9: (IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)) . (intloc (2 + 1)) = (Exec ((AddTo ((intloc (2 + 1)),(intloc 0))),(IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= ((IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)) . (intloc (2 + 1))) + 1 by A8, SCMFSA_2:64 .= ((Exec (((intloc (2 + 1)) := (intloc (1 + 1))),(IExec ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))),P,s)))) . (intloc (2 + 1))) + 1 by SCMFSA6C:6 .= ((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1 by A7, SCMFSA_2:63 ; thus (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (2 + 1)) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))),(IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= (IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (2 + 1)) by A1, SCMFSA_2:65 .= (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (intloc (2 + 1)) by SCMFSA6C:6 .= ((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1 by A4, A9, SCMFSA_2:72 ; ::_thesis: ( (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (fsloc 0) = s . (fsloc 0) & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = 0 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) ) A10: intloc (5 + 1) <> intloc (3 + 1) by SCMFSA_2:101; A11: (IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)) . (fsloc 0) = (Exec ((AddTo ((intloc (2 + 1)),(intloc 0))),(IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec (((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))),P,s)) . (fsloc 0) by SCMFSA_2:64 .= (Exec (((intloc (2 + 1)) := (intloc (1 + 1))),(IExec ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))),P,s)) . (fsloc 0) by SCMFSA_2:63 .= (Exec ((SubFrom ((intloc (1 + 1)),(intloc (0 + 1)))),(Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s))))) . (fsloc 0) by SCMFSA6C:9 .= (Exec (((intloc (1 + 1)) :=len (fsloc 0)),(Initialized s))) . (fsloc 0) by SCMFSA_2:65 .= (Initialized s) . (fsloc 0) by SCMFSA_2:74 .= s . (fsloc 0) by SCMFSA_M:37 ; thus (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (fsloc 0) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))),(IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (fsloc 0) by SCMFSA_2:65 .= (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= s . (fsloc 0) by A11, SCMFSA_2:72 ; ::_thesis: ( (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = 0 & (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) ) thus (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (3 + 1)) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))),(IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (intloc (3 + 1)) by SCMFSA6C:6 .= ((IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (3 + 1))) - ((IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (3 + 1))) by SCMFSA_2:65 .= 0 ; ::_thesis: (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) thus (IExec ((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))),P,s)) . (intloc (5 + 1)) = (Exec ((SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))),(IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)))) . (intloc (5 + 1)) by SCMFSA6C:6 .= (IExec (((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))),P,s)) . (intloc (5 + 1)) by A10, SCMFSA_2:65 .= (Exec (((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1)))),(IExec ((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))),P,s)))) . (intloc (5 + 1)) by SCMFSA6C:6 .= (s . (fsloc 0)) /. (abs (((len (s . (fsloc 0))) - (s . (intloc (0 + 1)))) + 1)) by A9, A11, SCMBSORT:2 ; ::_thesis: verum end; set T1 = Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))))); Lm21: for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st s . (intloc (0 + 1)) = (len (s . (fsloc 0))) - 1 holds ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) proof reconsider t14 = ((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0))) as InitHalting good Program of SCM+FSA ; reconsider t16 = (t14 ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1)))) as InitHalting good Program of SCM+FSA ; reconsider Wt = while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))) as InitHalting good Program of SCM+FSA by Lm4, Th20; let s be State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA st s . (intloc (0 + 1)) = (len (s . (fsloc 0))) - 1 holds ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( s . (intloc (0 + 1)) = (len (s . (fsloc 0))) - 1 implies ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) assume A1: s . (intloc (0 + 1)) = (len (s . (fsloc 0))) - 1 ; ::_thesis: ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) A2: t16 ";" Wt is InitHalting good Program of SCM+FSA ; percases ( len (s . (fsloc 0)) <= 1 or len (s . (fsloc 0)) > 1 ) ; supposeA3: len (s . (fsloc 0)) <= 1 ; ::_thesis: ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) hence s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent by A1, Lm11, SCM_HALT:67, XREAL_1:47; ::_thesis: for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 now__::_thesis:_for_i,_j_being_Element_of_NAT_st_i_>=_1_&_j_<=_len_(s_._(fsloc_0))_holds_ not_i_<_j let i, j be Element of NAT ; ::_thesis: ( i >= 1 & j <= len (s . (fsloc 0)) implies not i < j ) assume that A4: i >= 1 and A5: j <= len (s . (fsloc 0)) and A6: i < j ; ::_thesis: contradiction j <= 1 by A3, A5, XXREAL_0:2; hence contradiction by A4, A6, XXREAL_0:2; ::_thesis: verum end; hence for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ; ::_thesis: verum end; suppose len (s . (fsloc 0)) > 1 ; ::_thesis: ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) then 1 - 1 < (len (s . (fsloc 0))) - 1 by XREAL_1:9; then reconsider m = (len (s . (fsloc 0))) - 1 as Element of NAT by INT_1:3; defpred S1[ Element of NAT ] means for t being State of SCM+FSA for Q being Instruction-Sequence of SCM+FSA st t . (intloc (0 + 1)) = $1 & t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 & ( for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ) holds ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ); A7: now__::_thesis:_for_k_being_Element_of_NAT_st_S1[k]_holds_ S1[k_+_1] let k be Element of NAT ; ::_thesis: ( S1[k] implies S1[k + 1] ) assume A8: S1[k] ; ::_thesis: S1[k + 1] now__::_thesis:_for_t_being_State_of_SCM+FSA for_Q_being_Instruction-Sequence_of_SCM+FSA_st_t_._(intloc_(0_+_1))_=_k_+_1_&_t_._(intloc_(0_+_1))_<=_(len_(t_._(fsloc_0)))_-_1_&_(_for_i,_j_being_Element_of_NAT_st_i_>=_1_&_j_<=_(len_(t_._(fsloc_0)))_-_(t_._(intloc_(0_+_1)))_&_i_<_j_holds_ for_x1,_x2_being_Integer_st_x1_=_(t_._(fsloc_0))_._i_&_x2_=_(t_._(fsloc_0))_._j_holds_ x1_>=_x2_)_holds_ (_t_._(fsloc_0),(IExec_((Times_((intloc_(0_+_1)),(((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1))))))))),Q,t))_._(fsloc_0)_are_fiberwise_equipotent_&_(_for_i,_j_being_Element_of_NAT_st_i_>=_1_&_j_<=_len_(t_._(fsloc_0))_&_i_<_j_holds_ for_x1,_x2_being_Integer_st_x1_=_((IExec_((Times_((intloc_(0_+_1)),(((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1))))))))),Q,t))_._(fsloc_0))_._i_&_x2_=_((IExec_((Times_((intloc_(0_+_1)),(((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1))))))))),Q,t))_._(fsloc_0))_._j_holds_ x1_>=_x2_)_) let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st t . (intloc (0 + 1)) = k + 1 & t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 & ( for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ) holds ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) let Q be Instruction-Sequence of SCM+FSA; ::_thesis: ( t . (intloc (0 + 1)) = k + 1 & t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 & ( for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ) implies ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) assume that A9: t . (intloc (0 + 1)) = k + 1 and A10: t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 ; ::_thesis: ( ( for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ) implies ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) len (t . (fsloc 0)) < (len (t . (fsloc 0))) + (t . (intloc (0 + 1))) by A9, XREAL_1:29; then A11: (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) < ((len (t . (fsloc 0))) + (t . (intloc (0 + 1)))) - (t . (intloc (0 + 1))) by XREAL_1:9; then A12: ((len (t . (fsloc 0))) - (t . (intloc (0 + 1)))) + 1 <= len (t . (fsloc 0)) by INT_1:7; - ((len (t . (fsloc 0))) - 1) <= - (t . (intloc (0 + 1))) by A10, XREAL_1:24; then A13: (len (t . (fsloc 0))) + (- ((len (t . (fsloc 0))) - 1)) <= (len (t . (fsloc 0))) + (- (t . (intloc (0 + 1)))) by XREAL_1:6; then reconsider k1 = (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) as Element of NAT by INT_1:3; set IW = IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t); set ts = IExec (t16,Q,t); set B1 = SubFrom ((intloc (0 + 1)),(intloc 0)); set IB = IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t); A14: (IExec (t16,Q,t)) . (fsloc 0) = t . (fsloc 0) by Lm20; A15: (IExec (t16,Q,t)) . (intloc (1 + 1)) = (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) by Lm20; then (IExec (t16,Q,t)) . (intloc (1 + 1)) <= len ((IExec (t16,Q,t)) . (fsloc 0)) by A11, Lm20; then consider n being Element of NAT , x1 being Integer such that A16: n = ((IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),Q,(IExec (t16,Q,t)))) . (intloc (3 + 1))) - ((IExec (t16,Q,t)) . (intloc (3 + 1))) and A17: n <= k1 and A18: ( k1 - n >= 1 implies ( x1 = ((IExec (t16,Q,t)) . (fsloc 0)) . (k1 - n) & x1 >= (IExec (t16,Q,t)) . (intloc (5 + 1)) ) ) and A19: for i being Element of NAT st i > k1 - n & i < k1 + 1 holds ex x2 being Integer st ( x2 = ((IExec (t16,Q,t)) . (fsloc 0)) . i & x2 <= (IExec (t16,Q,t)) . (intloc (5 + 1)) ) by A15, A13, Lm17; A20: k1 < k1 + 1 by XREAL_1:29; then A21: n < k1 + 1 by A17, XXREAL_0:2; then A22: n - n < (k1 + 1) - n by XREAL_1:9; reconsider n3 = (t . (fsloc 0)) . (k1 + 1) as Integer ; A23: 1 + 0 <= k1 + 1 by INT_1:7; A24: (IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0) = (Exec ((SubFrom ((intloc (0 + 1)),(intloc 0))),(IExec ((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))),Q,t)))) . (fsloc 0) by Lm11, SCM_HALT:24 .= (IExec ((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))),Q,t)) . (fsloc 0) by SCMFSA_2:65 .= (IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),Q,(IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)))) . (fsloc 0) by A2, Lm10, SCM_HALT:21 ; set mm = (k1 + 1) - n; abs (k1 + 1) = k1 + 1 by ABSVALUE:def_1; then A25: (IExec (t16,Q,t)) . (intloc (5 + 1)) = (t . (fsloc 0)) /. (k1 + 1) by Lm20 .= n3 by A12, A23, FINSEQ_4:15 ; then A26: ( k1 - n >= 1 implies ( x1 = (t . (fsloc 0)) . (k1 - n) & x1 >= n3 ) ) by A18, Lm20; A27: (IExec (t16,Q,t)) . (intloc (1 + 1)) = k1 by Lm20; A28: (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (fsloc 0) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),Q,(IExec (t16,Q,t)))) . (fsloc 0) by Lm5, SCM_HALT:21 .= t . (fsloc 0) by A14, A11, A27, Lm17 ; A29: (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (intloc (2 + 1)) = (IExec ((while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0))))))))),Q,(IExec (t16,Q,t)))) . (intloc (2 + 1)) by Lm5, SCM_HALT:20 .= (IExec (t16,Q,t)) . (intloc (2 + 1)) by A14, A11, A27, Lm17 .= k1 + 1 by Lm20 ; then A30: (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (intloc (2 + 1)) <= len ((IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (fsloc 0)) by A11, A28, INT_1:7; A31: (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (intloc (3 + 1)) = n + ((IExec (t16,Q,t)) . (intloc (3 + 1))) by A16, Lm5, SCM_HALT:20 .= n + 0 by Lm20 .= n ; then A32: (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (fsloc 0),(IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),Q,(IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)))) . (fsloc 0) are_fiberwise_equipotent by A28, A29, A21, A12, Lm19; A33: n < (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (intloc (2 + 1)) by A17, A29, A20, XXREAL_0:2; then (IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (fsloc 0),(IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0) are_fiberwise_equipotent by A28, A24, A31, A29, A12, Lm19; then A34: len ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) = len (t . (fsloc 0)) by A28, RFINSEQ:3; A35: (IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (intloc (0 + 1)) = (k + 1) - 1 by A9, Lm9, Lm11, SCM_HALT:66 .= k ; then (IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (intloc (0 + 1)) < t . (intloc (0 + 1)) by A9, XREAL_1:29; then A36: (IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (intloc (0 + 1)) <= (len ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0))) - 1 by A10, A34, XXREAL_0:2; A37: ((IExec ((Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1)))))),Q,(IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)))) . (fsloc 0)) . ((k1 + 1) - n) = ((IExec ((t16 ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))),Q,t)) . (fsloc 0)) . (k1 + 1) by A28, A31, A29, A21, A12, Lm19; hereby ::_thesis: verum A38: (IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) = (IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,(IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)))) . (fsloc 0) by A9, Lm9, Lm11, SCM_HALT:69; assume A39: for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ; ::_thesis: ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) A40: now__::_thesis:_for_i,_j_being_Element_of_NAT_st_i_>=_1_&_j_<=_(len_((IExec_(((((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))))_";"_(SubFrom_((intloc_(0_+_1)),(intloc_0)))),Q,t))_._(fsloc_0)))_-_((IExec_(((((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))))_";"_(SubFrom_((intloc_(0_+_1)),(intloc_0)))),Q,t))_._(intloc_(0_+_1)))_&_i_<_j_holds_ for_y1,_y2_being_Integer_st_y1_=_((IExec_(((((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))))_";"_(SubFrom_((intloc_(0_+_1)),(intloc_0)))),Q,t))_._(fsloc_0))_._i_&_y2_=_((IExec_(((((((((((intloc_(1_+_1))_:=len_(fsloc_0))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_(0_+_1)))))_";"_((intloc_(2_+_1))_:=_(intloc_(1_+_1))))_";"_(AddTo_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(SubFrom_((intloc_(3_+_1)),(intloc_(3_+_1)))))_";"_(while>0_((intloc_(1_+_1)),((((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1))))_";"_(SubFrom_((intloc_(4_+_1)),(intloc_(5_+_1)))))_";"_(if>0_((intloc_(4_+_1)),(Macro_(SubFrom_((intloc_(1_+_1)),(intloc_(1_+_1))))),((AddTo_((intloc_(3_+_1)),(intloc_0)))_";"_(SubFrom_((intloc_(1_+_1)),(intloc_0))))))))))_";"_(Times_((intloc_(3_+_1)),(((((((intloc_(1_+_1))_:=_(intloc_(2_+_1)))_";"_(SubFrom_((intloc_(2_+_1)),(intloc_0))))_";"_((intloc_(4_+_1))_:=_((fsloc_0),(intloc_(1_+_1)))))_";"_((intloc_(5_+_1))_:=_((fsloc_0),(intloc_(2_+_1)))))_";"_(((fsloc_0),(intloc_(1_+_1)))_:=_(intloc_(5_+_1))))_";"_(((fsloc_0),(intloc_(2_+_1)))_:=_(intloc_(4_+_1)))))))_";"_(SubFrom_((intloc_(0_+_1)),(intloc_0)))),Q,t))_._(fsloc_0))_._j_holds_ y1_>=_y2 A41: (k1 + 1) - n <= (k1 + 1) - 0 by XREAL_1:13; then (k1 - n) + 1 <= k1 + 1 ; then A42: k1 - n <= k1 by XREAL_1:6; let i, j be Element of NAT ; ::_thesis: ( i >= 1 & j <= (len ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0))) - ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (intloc (0 + 1))) & i < j implies for y1, y2 being Integer st y1 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . i & y2 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . j holds b5 >= b6 ) assume that A43: i >= 1 and A44: j <= (len ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0))) - ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (intloc (0 + 1))) and A45: i < j ; ::_thesis: for y1, y2 being Integer st y1 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . i & y2 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . j holds b5 >= b6 A46: 1 <= j by A43, A45, XXREAL_0:2; (len ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0))) - ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (intloc (0 + 1))) = k1 + 1 by A9, A35, A34; then A47: j - 1 <= k1 by A44, XREAL_1:20; A48: 1 - 1 <= i - 1 by A43, XREAL_1:9; then reconsider i1 = i - 1 as Element of NAT by INT_1:3; A49: i - 1 < j - 1 by A45, XREAL_1:9; then reconsider j1 = j - 1 as Element of NAT by A48, INT_1:3; let y1, y2 be Integer; ::_thesis: ( y1 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . i & y2 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . j implies b3 >= b4 ) assume that A50: y1 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . i and A51: y2 = ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) . j ; ::_thesis: b3 >= b4 percases ( i < (k1 + 1) - n or i > (k1 + 1) - n or i = (k1 + 1) - n ) by XXREAL_0:1; supposeA52: i < (k1 + 1) - n ; ::_thesis: b3 >= b4 then A53: y1 = (t . (fsloc 0)) . i by A28, A24, A31, A29, A21, A30, A43, A50, Lm19; hereby ::_thesis: verum percases ( j < (k1 + 1) - n or j > (k1 + 1) - n or j = (k1 + 1) - n ) by XXREAL_0:1; supposeA54: j < (k1 + 1) - n ; ::_thesis: y1 >= y2 then j < k1 + 1 by A41, XXREAL_0:2; then A55: j <= k1 by INT_1:7; y2 = (t . (fsloc 0)) . j by A28, A24, A31, A29, A21, A30, A51, A46, A54, Lm19; hence y1 >= y2 by A39, A43, A45, A53, A55; ::_thesis: verum end; supposeA56: j > (k1 + 1) - n ; ::_thesis: y1 >= y2 then ((k1 + 1) - n) + 1 <= j by INT_1:7; then (k1 + 1) - n <= j1 by XREAL_1:19; then A57: i < j1 by A52, XXREAL_0:2; y2 = (t . (fsloc 0)) . j1 by A9, A35, A28, A24, A31, A29, A21, A30, A34, A44, A51, A56, Lm19; hence y1 >= y2 by A39, A43, A47, A53, A57; ::_thesis: verum end; supposeA58: j = (k1 + 1) - n ; ::_thesis: y1 >= y2 A59: i < (k1 - n) + 1 by A52; then A60: i <= k1 - n by INT_1:7; A61: y2 = (t . (fsloc 0)) . (k1 + 1) by A28, A24, A31, A29, A33, A12, A51, A58, Lm19; hereby ::_thesis: verum reconsider kn = k1 - n as Element of NAT by A59, INT_1:3, INT_1:7; A62: (t . (fsloc 0)) . kn = x1 by A18, A43, A60, Lm20, XXREAL_0:2; percases ( i = kn or i <> kn ) ; suppose i = kn ; ::_thesis: y1 >= y2 hence y1 >= y2 by A18, A28, A24, A31, A29, A21, A12, A25, A43, A50, A52, A61, A62, Lm19; ::_thesis: verum end; suppose i <> kn ; ::_thesis: y1 >= y2 then i < kn by A60, XXREAL_0:1; then y1 >= x1 by A26, A39, A43, A42, A53, XXREAL_0:2; hence y1 >= y2 by A18, A28, A24, A25, A37, A43, A51, A58, A60, XXREAL_0:2; ::_thesis: verum end; end; end; end; end; end; end; supposeA63: i > (k1 + 1) - n ; ::_thesis: b3 >= b4 then ((k1 + 1) - n) + 1 <= i by INT_1:7; then 0 < i1 by A22, XREAL_1:19; then A64: 1 + 0 <= i1 by INT_1:7; (k1 + 1) - n < j by A45, A63, XXREAL_0:2; then A65: y2 = (t . (fsloc 0)) . j1 by A9, A35, A28, A24, A31, A29, A21, A30, A34, A44, A51, Lm19; i <= k1 + 1 by A9, A35, A34, A44, A45, XXREAL_0:2; then y1 = (t . (fsloc 0)) . i1 by A28, A24, A31, A29, A21, A30, A50, A63, Lm19; hence y1 >= y2 by A39, A47, A49, A65, A64; ::_thesis: verum end; supposeA66: i = (k1 + 1) - n ; ::_thesis: b3 >= b4 k1 < k1 + 1 by XREAL_1:29; then A67: j1 < k1 + 1 by A47, XXREAL_0:2; ((k1 + 1) - n) - 1 < j1 by A45, A66, XREAL_1:9; then A68: ex yy being Integer st ( yy = (t . (fsloc 0)) . j1 & yy <= n3 ) by A14, A19, A25, A67; y2 = (t . (fsloc 0)) . j1 by A9, A35, A28, A24, A31, A29, A33, A30, A34, A44, A45, A51, A66, Lm19; hence y1 >= y2 by A28, A24, A31, A29, A33, A30, A50, A66, A68, Lm19; ::_thesis: verum end; end; end; then (IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,(IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)))) . (fsloc 0) are_fiberwise_equipotent by A8, A35, A36; hence t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent by A28, A24, A32, A38, CLASSES1:76; ::_thesis: for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 let i, j be Element of NAT ; ::_thesis: ( i >= 1 & j <= len (t . (fsloc 0)) & i < j implies for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) assume that A69: i >= 1 and A70: j <= len (t . (fsloc 0)) and A71: i < j ; ::_thesis: for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 let x1, x2 be Integer; ::_thesis: ( x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j implies x1 >= x2 ) assume that A72: x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i and A73: x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j ; ::_thesis: x1 >= x2 j <= len ((IExec (((((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),Q,t)) . (fsloc 0)) by A28, A24, A32, A70, RFINSEQ:3; hence x1 >= x2 by A8, A35, A36, A40, A38, A69, A71, A72, A73; ::_thesis: verum end; end; hence S1[k + 1] ; ::_thesis: verum end; A74: S1[ 0 ] proof let t be State of SCM+FSA; ::_thesis: for Q being Instruction-Sequence of SCM+FSA st t . (intloc (0 + 1)) = 0 & t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 & ( for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ) holds ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) let Q be Instruction-Sequence of SCM+FSA; ::_thesis: ( t . (intloc (0 + 1)) = 0 & t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 & ( for i, j being Element of NAT st i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j holds x1 >= x2 ) implies ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) assume that A75: t . (intloc (0 + 1)) = 0 and t . (intloc (0 + 1)) <= (len (t . (fsloc 0))) - 1 ; ::_thesis: ( ex i, j being Element of NAT st ( i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j & ex x1, x2 being Integer st ( x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j & not x1 >= x2 ) ) or ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) (IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) = t . (fsloc 0) by A75, Lm11, SCM_HALT:67; hence ( ex i, j being Element of NAT st ( i >= 1 & j <= (len (t . (fsloc 0))) - (t . (intloc (0 + 1))) & i < j & ex x1, x2 being Integer st ( x1 = (t . (fsloc 0)) . i & x2 = (t . (fsloc 0)) . j & not x1 >= x2 ) ) or ( t . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (t . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),Q,t)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) by A75; ::_thesis: verum end; for k being Element of NAT holds S1[k] from NAT_1:sch_1(A74, A7); then A76: S1[m] ; then ( ( for i, j being Element of NAT st i >= 1 & j <= (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (s . (fsloc 0)) . i & x2 = (s . (fsloc 0)) . j holds x1 >= x2 ) implies ( s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) ) by A1; hence s . (fsloc 0),(IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0) are_fiberwise_equipotent by A1, XXREAL_0:2; ::_thesis: for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 for i, j being Element of NAT st i >= 1 & j <= (len (s . (fsloc 0))) - (s . (intloc (0 + 1))) & i < j holds for x1, x2 being Integer st x1 = (s . (fsloc 0)) . i & x2 = (s . (fsloc 0)) . j holds x1 >= x2 by A1, XXREAL_0:2; hence for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,s)) . (fsloc 0)) . j holds x1 >= x2 by A1, A76; ::_thesis: verum end; end; end; theorem Th35: :: SCMISORT:35 for P being Instruction-Sequence of SCM+FSA for s being State of SCM+FSA holds ( s . (fsloc 0),(IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) proof let P be Instruction-Sequence of SCM+FSA; ::_thesis: for s being State of SCM+FSA holds ( s . (fsloc 0),(IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) let s be State of SCM+FSA; ::_thesis: ( s . (fsloc 0),(IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) are_fiberwise_equipotent & ( for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) ) set WJ = (((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0))); set s0 = Initialized s; set s1 = Exec (((intloc (1 + 1)) := (intloc 0)),(Initialized s)); set s2 = IExec ((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))),P,s); set s3 = IExec (((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))),P,s); set s4 = IExec ((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))),P,s); set s5 = IExec (((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))),P,s); set s6 = IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s); set s7 = IExec (((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),P,s); A1: (IExec (((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))),P,s)) . (fsloc 0) = (Exec (((intloc (5 + 1)) := (intloc 0)),(IExec ((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec ((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))),P,s)) . (fsloc 0) by SCMFSA_2:63 .= (Exec (((intloc (4 + 1)) := (intloc 0)),(IExec (((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec (((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))),P,s)) . (fsloc 0) by SCMFSA_2:63 .= (Exec (((intloc (3 + 1)) := (intloc 0)),(IExec ((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= (IExec ((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))),P,s)) . (fsloc 0) by SCMFSA_2:63 .= (Exec (((intloc (2 + 1)) := (intloc 0)),(Exec (((intloc (1 + 1)) := (intloc 0)),(Initialized s))))) . (fsloc 0) by SCMFSA6C:9 .= (Exec (((intloc (1 + 1)) := (intloc 0)),(Initialized s))) . (fsloc 0) by SCMFSA_2:63 .= (Initialized s) . (fsloc 0) by SCMFSA_2:63 .= s . (fsloc 0) by SCMFSA_M:37 ; A2: (IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s)) . (fsloc 0) = (Exec (((intloc (0 + 1)) :=len (fsloc 0)),(IExec (((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= s . (fsloc 0) by A1, SCMFSA_2:74 ; A3: (IExec (((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),P,s)) . (fsloc 0) = (Exec ((SubFrom ((intloc (0 + 1)),(intloc 0))),(IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s)))) . (fsloc 0) by SCMFSA6C:7 .= s . (fsloc 0) by A2, SCMFSA_2:65 ; A4: (IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) = (IExec ((Times ((intloc (0 + 1)),(((((((((intloc (1 + 1)) :=len (fsloc 0)) ";" (SubFrom ((intloc (1 + 1)),(intloc (0 + 1))))) ";" ((intloc (2 + 1)) := (intloc (1 + 1)))) ";" (AddTo ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (SubFrom ((intloc (3 + 1)),(intloc (3 + 1))))) ";" (while>0 ((intloc (1 + 1)),((((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1)))) ";" (SubFrom ((intloc (4 + 1)),(intloc (5 + 1))))) ";" (if>0 ((intloc (4 + 1)),(Macro (SubFrom ((intloc (1 + 1)),(intloc (1 + 1))))),((AddTo ((intloc (3 + 1)),(intloc 0))) ";" (SubFrom ((intloc (1 + 1)),(intloc 0)))))))))) ";" (Times ((intloc (3 + 1)),(((((((intloc (1 + 1)) := (intloc (2 + 1))) ";" (SubFrom ((intloc (2 + 1)),(intloc 0)))) ";" ((intloc (4 + 1)) := ((fsloc 0),(intloc (1 + 1))))) ";" ((intloc (5 + 1)) := ((fsloc 0),(intloc (2 + 1))))) ";" (((fsloc 0),(intloc (1 + 1))) := (intloc (5 + 1)))) ";" (((fsloc 0),(intloc (2 + 1))) := (intloc (4 + 1))))))))),P,(IExec (((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),P,s)))) . (fsloc 0) by Lm12, SCM_HALT:21; A5: (IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s)) . (intloc (0 + 1)) = (Exec (((intloc (0 + 1)) :=len (fsloc 0)),(IExec (((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))),P,s)))) . (intloc (0 + 1)) by SCMFSA6C:6 .= len ((IExec (((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),P,s)) . (fsloc 0)) by A1, A3, SCMFSA_2:74 ; A6: (IExec (((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),P,s)) . (intloc (0 + 1)) = (Exec ((SubFrom ((intloc (0 + 1)),(intloc 0))),(IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s)))) . (intloc (0 + 1)) by SCMFSA6C:6 .= ((IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s)) . (intloc (0 + 1))) - ((IExec ((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))),P,s)) . (intloc 0)) by SCMFSA_2:65 .= (len ((IExec (((((((((intloc (1 + 1)) := (intloc 0)) ";" ((intloc (2 + 1)) := (intloc 0))) ";" ((intloc (3 + 1)) := (intloc 0))) ";" ((intloc (4 + 1)) := (intloc 0))) ";" ((intloc (5 + 1)) := (intloc 0))) ";" ((intloc (0 + 1)) :=len (fsloc 0))) ";" (SubFrom ((intloc (0 + 1)),(intloc 0)))),P,s)) . (fsloc 0))) - 1 by A5, SCM_HALT:9 ; hence s . (fsloc 0),(IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) are_fiberwise_equipotent by A3, A4, Lm21; ::_thesis: for i, j being Element of NAT st i >= 1 & j <= len (s . (fsloc 0)) & i < j holds for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 let i, j be Element of NAT ; ::_thesis: ( i >= 1 & j <= len (s . (fsloc 0)) & i < j implies for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 ) assume that A7: i >= 1 and A8: j <= len (s . (fsloc 0)) and A9: i < j ; ::_thesis: for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 thus for x1, x2 being Integer st x1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i & x2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j holds x1 >= x2 by A3, A6, A4, A7, A8, A9, Lm21; ::_thesis: verum end; theorem Th36: :: SCMISORT:36 for i being Element of NAT for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds for w being FinSequence of INT st Initialized ((fsloc 0) .--> w) c= s holds IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm proof set Ba = Insert-Sort-Algorithm ; let i be Element of NAT ; ::_thesis: for s being State of SCM+FSA for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds for w being FinSequence of INT st Initialized ((fsloc 0) .--> w) c= s holds IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm let s be State of SCM+FSA; ::_thesis: for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds for w being FinSequence of INT st Initialized ((fsloc 0) .--> w) c= s holds IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( Insert-Sort-Algorithm c= P implies for w being FinSequence of INT st Initialized ((fsloc 0) .--> w) c= s holds IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm ) assume A1: Insert-Sort-Algorithm c= P ; ::_thesis: for w being FinSequence of INT st Initialized ((fsloc 0) .--> w) c= s holds IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm let w be FinSequence of INT ; ::_thesis: ( Initialized ((fsloc 0) .--> w) c= s implies IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm ) set x = (fsloc 0) .--> w; assume A2: Initialized ((fsloc 0) .--> w) c= s ; ::_thesis: IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm set BSA = Bubble-Sort-Algorithm ; Initialize ((intloc 0) .--> 1) c= Initialized ((fsloc 0) .--> w) by FUNCT_4:25; then Initialize ((intloc 0) .--> 1) c= s by A2, XBOOLE_1:1; hence IC (Comput (P,s,i)) in dom Insert-Sort-Algorithm by Lm12, A1, SCM_HALT:def_1; ::_thesis: verum end; theorem Th37: :: SCMISORT:37 for s being State of SCM+FSA for t being FinSequence of INT for P being Instruction-Sequence of SCM+FSA st (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t) c= s & Insert-Sort-Algorithm c= P holds ex u being FinSequence of REAL st ( t,u are_fiberwise_equipotent & u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) proof let s be State of SCM+FSA; ::_thesis: for t being FinSequence of INT for P being Instruction-Sequence of SCM+FSA st (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t) c= s & Insert-Sort-Algorithm c= P holds ex u being FinSequence of REAL st ( t,u are_fiberwise_equipotent & u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) let t be FinSequence of INT ; ::_thesis: for P being Instruction-Sequence of SCM+FSA st (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t) c= s & Insert-Sort-Algorithm c= P holds ex u being FinSequence of REAL st ( t,u are_fiberwise_equipotent & u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t) c= s & Insert-Sort-Algorithm c= P implies ex u being FinSequence of REAL st ( t,u are_fiberwise_equipotent & u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) ) set Ia = Insert-Sort-Algorithm ; set p = Initialize ((intloc 0) .--> 1); set x = (fsloc 0) .--> t; set z = (IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0); assume that A1: (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t) c= s and A2: Insert-Sort-Algorithm c= P ; ::_thesis: ex u being FinSequence of REAL st ( t,u are_fiberwise_equipotent & u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) A3: P +* Insert-Sort-Algorithm = P by A2, FUNCT_4:98; reconsider u = (IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) as FinSequence of REAL by FINSEQ_3:117; take u ; ::_thesis: ( t,u are_fiberwise_equipotent & u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) A4: dom ((fsloc 0) .--> t) = {(fsloc 0)} by FUNCOP_1:13; then A5: fsloc 0 in dom ((fsloc 0) .--> t) by TARSKI:def_1; then fsloc 0 in dom ((Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t)) by FUNCT_4:12; then s . (fsloc 0) = ((Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t)) . (fsloc 0) by A1, GRFUNC_1:2 .= ((fsloc 0) .--> t) . (fsloc 0) by A5, FUNCT_4:13 .= t by FUNCOP_1:72 ; hence t,u are_fiberwise_equipotent by Th35; ::_thesis: ( u is non-increasing & u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) s . (fsloc 0),(IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0) are_fiberwise_equipotent by Th35; then A6: dom (s . (fsloc 0)) = dom u by RFINSEQ:3; now__::_thesis:_for_i,_j_being_Element_of_NAT_st_i_in_dom_u_&_j_in_dom_u_&_i_<_j_holds_ u_._i_>=_u_._j let i, j be Element of NAT ; ::_thesis: ( i in dom u & j in dom u & i < j implies u . i >= u . j ) assume that A7: i in dom u and A8: j in dom u and A9: i < j ; ::_thesis: u . i >= u . j A10: i >= 1 by A7, FINSEQ_3:25; j <= len (s . (fsloc 0)) by A6, A8, FINSEQ_3:25; hence u . i >= u . j by A9, A10, Th35; ::_thesis: verum reconsider y2 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . j as Integer ; reconsider y1 = ((IExec ((insert-sort (fsloc 0)),P,s)) . (fsloc 0)) . i as Integer ; end; hence u is non-increasing by RFINSEQ:19; ::_thesis: ( u is FinSequence of INT & (Result (P,s)) . (fsloc 0) = u ) thus u is FinSequence of INT ; ::_thesis: (Result (P,s)) . (fsloc 0) = u A11: dom (Initialize ((intloc 0) .--> 1)) = {(intloc 0),(IC )} by SCMFSA_M:11; ( fsloc 0 <> intloc 0 & fsloc 0 <> IC ) by SCMFSA_2:57, SCMFSA_2:58; then not fsloc 0 in dom (Initialize ((intloc 0) .--> 1)) by A11, TARSKI:def_2; then dom (Initialize ((intloc 0) .--> 1)) misses dom ((fsloc 0) .--> t) by A4, ZFMISC_1:50; then Initialize ((intloc 0) .--> 1) c= (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> t) by FUNCT_4:32; then A12: Initialize ((intloc 0) .--> 1) c= s by A1, XBOOLE_1:1; Initialize ((intloc 0) .--> 1) c= s by A12; then s = s +* (Initialize ((intloc 0) .--> 1)) by FUNCT_4:98; then A13: s = Initialized s ; (Result ((P +* Insert-Sort-Algorithm),(Initialized s))) . (fsloc 0) = (IExec (Insert-Sort-Algorithm,P,s)) . (fsloc 0) by SCMBSORT:33; hence (Result (P,s)) . (fsloc 0) = u by A3, A13; ::_thesis: verum end; theorem Th38: :: SCMISORT:38 for w being FinSequence of INT holds Initialized ((fsloc 0) .--> w) is Insert-Sort-Algorithm -autonomic proof set DD = {(intloc 0),(IC ),(fsloc 0)}; let w be FinSequence of INT ; ::_thesis: Initialized ((fsloc 0) .--> w) is Insert-Sort-Algorithm -autonomic set p = Initialized ((fsloc 0) .--> w); set q = Insert-Sort-Algorithm ; set UD = {(fsloc 0),(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)}; set Us = (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm); A1: UsedIntLoc Insert-Sort-Algorithm = {(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by Th28; A2: UsedInt*Loc Insert-Sort-Algorithm = {(fsloc 0)} by Th29; then A3: (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) = {(fsloc 0),(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by A1, ENUMSET1:22; A4: for i being Element of NAT for s1, s2 being State of SCM+FSA for P1, P2 being Instruction-Sequence of SCM+FSA st 11 <= i & Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 holds ( (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) ) proof let i be Element of NAT ; ::_thesis: for s1, s2 being State of SCM+FSA for P1, P2 being Instruction-Sequence of SCM+FSA st 11 <= i & Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 holds ( (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) ) let s1, s2 be State of SCM+FSA; ::_thesis: for P1, P2 being Instruction-Sequence of SCM+FSA st 11 <= i & Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 holds ( (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) ) let P1, P2 be Instruction-Sequence of SCM+FSA; ::_thesis: ( 11 <= i & Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 implies ( (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) ) ) assume that A5: 11 <= i and A6: Initialized ((fsloc 0) .--> w) c= s1 and A7: Initialized ((fsloc 0) .--> w) c= s2 and A8: Insert-Sort-Algorithm c= P1 and A9: Insert-Sort-Algorithm c= P2 ; ::_thesis: ( (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) ) A10: s1 . (intloc 0) = 1 by A6, SCMFSA_M:33 .= s2 . (intloc 0) by A7, SCMFSA_M:33 ; A11: s2 is 0 -started by A7, MEMSTR_0:17; set Cs11 = Comput (P1,s1,11); set Cs21 = Comput (P2,s2,11); A12: s1 is 0 -started by A6, MEMSTR_0:17; A13: s1 . (fsloc 0) = w by A6, SCMFSA_M:33 .= s2 . (fsloc 0) by A7, SCMFSA_M:33 ; A14: now__::_thesis:_for_x_being_set_st_x_in_(UsedInt*Loc_Insert-Sort-Algorithm)_\/_(UsedIntLoc_Insert-Sort-Algorithm)_holds_ (Comput_(P1,s1,11))_._x_=_(Comput_(P2,s2,11))_._x let x be set ; ::_thesis: ( x in (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) implies (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 ) assume x in (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 then A15: x in {(fsloc 0),(intloc 0),(intloc 1),(intloc 2),(intloc 3),(intloc 4),(intloc 5),(intloc 6)} by A2, A1, ENUMSET1:22; percases ( x = fsloc 0 or x = intloc 0 or x = intloc 1 or x = intloc 2 or x = intloc 3 or x = intloc 4 or x = intloc 5 or x = intloc 6 ) by A15, ENUMSET1:def_6; supposeA16: x = fsloc 0 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (fsloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A13, A16, Lm2, A9 ; ::_thesis: verum end; supposeA17: x = intloc 0 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (intloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A10, A17, Lm2, A9 ; ::_thesis: verum end; supposeA18: x = intloc 1 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = len (s1 . (fsloc 0)) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A13, A18, Lm2, A9 ; ::_thesis: verum end; supposeA19: x = intloc 2 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (intloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A10, A19, Lm2, A9 ; ::_thesis: verum end; supposeA20: x = intloc 3 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (intloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A10, A20, Lm2, A9 ; ::_thesis: verum end; supposeA21: x = intloc 4 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (intloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A10, A21, Lm2, A9 ; ::_thesis: verum end; supposeA22: x = intloc 5 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (intloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A10, A22, Lm2, A9 ; ::_thesis: verum end; supposeA23: x = intloc 6 ; ::_thesis: (Comput (P1,s1,11)) . b1 = (Comput (P2,s2,11)) . b1 hence (Comput (P1,s1,11)) . x = s1 . (intloc 0) by A12, Lm2, A8 .= (Comput (P2,s2,11)) . x by A11, A10, A23, Lm2, A9 ; ::_thesis: verum end; end; end; A24: for i being Element of NAT holds IC (Comput (P2,s2,i)) in dom Insert-Sort-Algorithm by A7, Th36, A9; A25: for i being Element of NAT holds IC (Comput (P1,s1,i)) in dom Insert-Sort-Algorithm by A6, Th36, A8; A26: (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) c= dom (Comput (P2,s2,11)) by SCMBSORT:32; (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) c= dom (Comput (P1,s1,11)) by SCMBSORT:32; then A27: (Comput (P1,s1,11)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,11)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) by A26, A14, FUNCT_1:95; (Comput (P1,s1,11)) . (IC ) = 11 by A12, Lm2, A8 .= (Comput (P2,s2,11)) . (IC ) by A11, Lm2, A9 ; hence ( (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) ) by A5, A27, A25, A24, A8, A9, SCMBSORT:15; ::_thesis: verum end; A28: for s1, s2 being State of SCM+FSA for P1, P2 being Instruction-Sequence of SCM+FSA for i being Element of NAT st Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 & i <= 10 holds ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) proof let s1, s2 be State of SCM+FSA; ::_thesis: for P1, P2 being Instruction-Sequence of SCM+FSA for i being Element of NAT st Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 & i <= 10 holds ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) let P1, P2 be Instruction-Sequence of SCM+FSA; ::_thesis: for i being Element of NAT st Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 & i <= 10 holds ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) let i be Element of NAT ; ::_thesis: ( Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 & Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 & i <= 10 implies ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) ) assume that A29: Initialized ((fsloc 0) .--> w) c= s1 and A30: Initialized ((fsloc 0) .--> w) c= s2 and A31: Insert-Sort-Algorithm c= P1 and A32: Insert-Sort-Algorithm c= P2 and A33: i <= 10 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) A34: s2 is 0 -started by A30, MEMSTR_0:17; A35: s1 . (fsloc 0) = w by A29, SCMFSA_M:33 .= s2 . (fsloc 0) by A30, SCMFSA_M:33 ; A36: s1 . (intloc 0) = 1 by A29, SCMFSA_M:33 .= s2 . (intloc 0) by A30, SCMFSA_M:33 ; A37: Comput (P1,s1,0) = s1 ; A38: s1 is 0 -started by A29, MEMSTR_0:17; then A39: IC s1 = 0 by MEMSTR_0:def_11 .= IC s2 by A34, MEMSTR_0:def_11 ; percases ( i = 0 or i = 1 or i = 2 or i = 3 or i = 4 or i = 5 or i = 6 or i = 7 or i = 8 or i = 9 or i = 10 ) by A33, NAT_1:34; supposeA40: i = 0 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) by A37, A36, EXTPRO_1:2; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) by A37, A39, A40, EXTPRO_1:2; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) by A37, A35, A40, EXTPRO_1:2; ::_thesis: verum end; supposeA41: i = 1 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A41, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 1 by A38, A41, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A41, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A41, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A41, Lm2, A32 ; ::_thesis: verum end; supposeA42: i = 2 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A42, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 2 by A38, A42, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A42, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A42, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A42, Lm2, A32 ; ::_thesis: verum end; supposeA43: i = 3 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A43, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 3 by A38, A43, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A43, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A43, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A43, Lm2, A32 ; ::_thesis: verum end; supposeA44: i = 4 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A44, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 4 by A38, A44, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A44, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A44, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A44, Lm2, A32 ; ::_thesis: verum end; supposeA45: i = 5 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A45, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 5 by A38, A45, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A45, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A45, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A45, Lm2, A32 ; ::_thesis: verum end; supposeA46: i = 6 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A46, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 6 by A38, A46, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A46, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A46, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A46, Lm2, A32 ; ::_thesis: verum end; supposeA47: i = 7 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A47, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 7 by A38, A47, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A47, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A47, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A47, Lm2, A32 ; ::_thesis: verum end; supposeA48: i = 8 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A48, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 8 by A38, A48, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A48, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A48, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A48, Lm2, A32 ; ::_thesis: verum end; supposeA49: i = 9 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A49, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 9 by A38, A49, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A49, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A49, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A49, Lm2, A32 ; ::_thesis: verum end; supposeA50: i = 10 ; ::_thesis: ( (Comput (P1,s1,i)) . (intloc 0) = (Comput (P2,s2,i)) . (intloc 0) & (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) hence (Comput (P1,s1,i)) . (intloc 0) = s1 . (intloc 0) by A38, Lm2, A31 .= (Comput (P2,s2,i)) . (intloc 0) by A34, A36, A50, Lm2, A32 ; ::_thesis: ( (Comput (P1,s1,i)) . (IC ) = (Comput (P2,s2,i)) . (IC ) & (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) ) thus (Comput (P1,s1,i)) . (IC ) = 10 by A38, A50, Lm2, A31 .= (Comput (P2,s2,i)) . (IC ) by A34, A50, Lm2, A32 ; ::_thesis: (Comput (P1,s1,i)) . (fsloc 0) = (Comput (P2,s2,i)) . (fsloc 0) thus (Comput (P1,s1,i)) . (fsloc 0) = s1 . (fsloc 0) by A38, A50, Lm2, A31 .= (Comput (P2,s2,i)) . (fsloc 0) by A34, A35, A50, Lm2, A32 ; ::_thesis: verum end; end; end; A51: dom (Initialized ((fsloc 0) .--> w)) = {(intloc 0),(IC ),(fsloc 0)} by SCMFSA_M:31; reconsider ini = (intloc 0) .--> 1 as data-only FinPartState of SCM+FSA ; for P, Q being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P & Insert-Sort-Algorithm c= Q holds for s1, s2 being State of SCM+FSA st Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 holds for i being Element of NAT holds (Comput (P,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (Q,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) proof let P1, P2 be Instruction-Sequence of SCM+FSA; ::_thesis: ( Insert-Sort-Algorithm c= P1 & Insert-Sort-Algorithm c= P2 implies for s1, s2 being State of SCM+FSA st Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 holds for i being Element of NAT holds (Comput (P1,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (P2,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) ) assume that A52: Insert-Sort-Algorithm c= P1 and A53: Insert-Sort-Algorithm c= P2 ; ::_thesis: for s1, s2 being State of SCM+FSA st Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 holds for i being Element of NAT holds (Comput (P1,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (P2,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) let s1, s2 be State of SCM+FSA; ::_thesis: ( Initialized ((fsloc 0) .--> w) c= s1 & Initialized ((fsloc 0) .--> w) c= s2 implies for i being Element of NAT holds (Comput (P1,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (P2,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) ) assume that A54: Initialized ((fsloc 0) .--> w) c= s1 and A55: Initialized ((fsloc 0) .--> w) c= s2 ; ::_thesis: for i being Element of NAT holds (Comput (P1,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (P2,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) let i be Element of NAT ; ::_thesis: (Comput (P1,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (P2,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) set Cs1i = Comput (P1,s1,i); set Cs2i = Comput (P2,s2,i); A56: (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) c= dom (Comput (P1,s1,i)) by SCMBSORT:32; A57: fsloc 0 in (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) by A3, ENUMSET1:def_6; A58: (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) c= dom (Comput (P2,s2,i)) by SCMBSORT:32; A59: ( i > 10 implies 10 + 1 < i + 1 ) by XREAL_1:6; A60: intloc 0 in (UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm) by A3, ENUMSET1:def_6; A61: now__::_thesis:_for_x_being_set_st_x_in_{(intloc_0),(IC_),(fsloc_0)}_holds_ (Comput_(P1,s1,i))_._x_=_(Comput_(P2,s2,i))_._x let x be set ; ::_thesis: ( x in {(intloc 0),(IC ),(fsloc 0)} implies (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 ) assume A62: x in {(intloc 0),(IC ),(fsloc 0)} ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 percases ( x = intloc 0 or x = IC or x = fsloc 0 ) by A62, ENUMSET1:def_1; supposeA63: x = intloc 0 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 percases ( i <= 10 or i > 10 ) ; suppose i <= 10 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 hence (Comput (P1,s1,i)) . x = (Comput (P2,s2,i)) . x by A28, A54, A55, A63, A52, A53; ::_thesis: verum end; suppose i > 10 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 then 11 <= i by A59, NAT_1:13; then (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) by A4, A54, A55, A52, A53; hence (Comput (P1,s1,i)) . x = (Comput (P2,s2,i)) . x by A60, A56, A58, A63, FUNCT_1:95; ::_thesis: verum end; end; end; supposeA64: x = IC ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 percases ( i <= 10 or i > 10 ) ; suppose i <= 10 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 hence (Comput (P1,s1,i)) . x = (Comput (P2,s2,i)) . x by A28, A54, A55, A64, A52, A53; ::_thesis: verum end; suppose i > 10 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 then 11 <= i by A59, NAT_1:13; hence (Comput (P1,s1,i)) . x = (Comput (P2,s2,i)) . x by A4, A54, A55, A64, A52, A53; ::_thesis: verum end; end; end; supposeA65: x = fsloc 0 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 percases ( i <= 10 or i > 10 ) ; suppose i <= 10 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 hence (Comput (P1,s1,i)) . x = (Comput (P2,s2,i)) . x by A28, A54, A55, A65, A52, A53; ::_thesis: verum end; suppose i > 10 ; ::_thesis: (Comput (P1,s1,i)) . b1 = (Comput (P2,s2,i)) . b1 then 11 <= i by A59, NAT_1:13; then (Comput (P1,s1,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) = (Comput (P2,s2,i)) | ((UsedInt*Loc Insert-Sort-Algorithm) \/ (UsedIntLoc Insert-Sort-Algorithm)) by A4, A54, A55, A52, A53; hence (Comput (P1,s1,i)) . x = (Comput (P2,s2,i)) . x by A57, A56, A58, A65, FUNCT_1:95; ::_thesis: verum end; end; end; end; end; A66: {(intloc 0),(IC ),(fsloc 0)} c= dom (Comput (P2,s2,i)) by SCMFSA_M:34; {(intloc 0),(IC ),(fsloc 0)} c= dom (Comput (P1,s1,i)) by SCMFSA_M:34; then (Comput (P1,s1,i)) | {(intloc 0),(IC ),(fsloc 0)} = (Comput (P2,s2,i)) | {(intloc 0),(IC ),(fsloc 0)} by A66, A61, FUNCT_1:95; hence (Comput (P1,s1,i)) | (dom (Initialized ((fsloc 0) .--> w))) = (Comput (P2,s2,i)) | (dom (Initialized ((fsloc 0) .--> w))) by A51; ::_thesis: verum end; hence Initialized ((fsloc 0) .--> w) is Insert-Sort-Algorithm -autonomic by EXTPRO_1:def_10; ::_thesis: verum end; registration cluster Insert-Sort-Algorithm -> non halt-free ; coherence not Insert-Sort-Algorithm is halt-free ; end; theorem :: SCMISORT:39 Insert-Sort-Algorithm , Initialize ((intloc 0) .--> 1) computes Sorting-Function proof set q = Insert-Sort-Algorithm ; set p = Initialize ((intloc 0) .--> 1); let x be set ; :: according to EXTPRO_1:def_14 ::_thesis: ( not x in dom Sorting-Function or ex b1 being set st ( x = b1 & (Initialize ((intloc 0) .--> 1)) +* b1 is Autonomy of Insert-Sort-Algorithm & Sorting-Function . b1 c= Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* b1)) ) ) assume x in dom Sorting-Function ; ::_thesis: ex b1 being set st ( x = b1 & (Initialize ((intloc 0) .--> 1)) +* b1 is Autonomy of Insert-Sort-Algorithm & Sorting-Function . b1 c= Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* b1)) ) then consider w being FinSequence of INT such that A1: x = (fsloc 0) .--> w by SCMFSA_M:35; reconsider d = x as data-only FinPartState of SCM+FSA by A1; A2: dom d = {(fsloc 0)} by A1, FUNCOP_1:13; consider t being State of SCM+FSA such that A3: (Initialize ((intloc 0) .--> 1)) +* d c= t by PBOOLE:141; consider P being Instruction-Sequence of SCM+FSA such that A4: Insert-Sort-Algorithm c= P by PBOOLE:145; fsloc 0 <> IC by SCMFSA_2:57; then A5: dom d misses {(IC )} by A2, ZFMISC_1:11; fsloc 0 <> intloc 0 by SCMFSA_2:58; then A6: dom d misses {(intloc 0)} by A2, ZFMISC_1:11; dom (Initialize ((intloc 0) .--> 1)) = (dom ((intloc 0) .--> 1)) \/ {(IC )} by MEMSTR_0:42 .= {(IC )} \/ {(intloc 0)} by FUNCOP_1:13 ; then A7: dom d misses dom (Initialize ((intloc 0) .--> 1)) by A5, A6, XBOOLE_1:70; A8: d +* (Initialize ((intloc 0) .--> 1)) = (Initialize ((intloc 0) .--> 1)) +* d by A7, FUNCT_4:35; A9: now__::_thesis:_for_t_being_State_of_SCM+FSA_st_(Initialize_((intloc_0)_.-->_1))_+*_d_c=_t_holds_ for_P_being_Instruction-Sequence_of_SCM+FSA_st_Insert-Sort-Algorithm_c=_P_holds_ P_halts_on_t let t be State of SCM+FSA; ::_thesis: ( (Initialize ((intloc 0) .--> 1)) +* d c= t implies for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds P halts_on t ) assume A10: (Initialize ((intloc 0) .--> 1)) +* d c= t ; ::_thesis: for P being Instruction-Sequence of SCM+FSA st Insert-Sort-Algorithm c= P holds P halts_on t let P be Instruction-Sequence of SCM+FSA; ::_thesis: ( Insert-Sort-Algorithm c= P implies P halts_on t ) assume A11: Insert-Sort-Algorithm c= P ; ::_thesis: P halts_on t set bf = insert-sort (fsloc 0); Initialize ((intloc 0) .--> 1) c= (Initialize ((intloc 0) .--> 1)) +* d by A8, FUNCT_4:25; then Initialize ((intloc 0) .--> 1) c= t by A10, XBOOLE_1:1; hence P halts_on t by Lm12, A11, SCM_HALT:def_2; ::_thesis: verum end; take d ; ::_thesis: ( x = d & (Initialize ((intloc 0) .--> 1)) +* d is Autonomy of Insert-Sort-Algorithm & Sorting-Function . d c= Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* d)) ) thus x = d ; ::_thesis: ( (Initialize ((intloc 0) .--> 1)) +* d is Autonomy of Insert-Sort-Algorithm & Sorting-Function . d c= Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* d)) ) Initialized d = d +* (Initialize ((intloc 0) .--> 1)) .= (Initialize ((intloc 0) .--> 1)) +* d by A7, FUNCT_4:35 .= (Initialize ((intloc 0) .--> 1)) +* d .= (Initialize ((intloc 0) .--> 1)) +* d ; then ( (Initialize ((intloc 0) .--> 1)) +* d is Insert-Sort-Algorithm -halted & (Initialize ((intloc 0) .--> 1)) +* d is Insert-Sort-Algorithm -autonomic ) by A1, A9, Th38, EXTPRO_1:def_11; hence A12: (Initialize ((intloc 0) .--> 1)) +* d is Autonomy of Insert-Sort-Algorithm by EXTPRO_1:def_12; ::_thesis: Sorting-Function . d c= Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* d)) fsloc 0 in the carrier of SCM+FSA ; then A13: fsloc 0 in dom (Result (P,t)) by PARTFUN1:def_2; (Initialize ((intloc 0) .--> 1)) +* d c= t by A3; then A14: Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* d)) = (Result (P,t)) | (dom ((Initialize ((intloc 0) .--> 1)) +* d)) by A12, A4, EXTPRO_1:def_13; (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> w) c= (Initialize ((intloc 0) .--> 1)) +* d by A1; then (Initialize ((intloc 0) .--> 1)) +* ((fsloc 0) .--> w) c= t by A3, XBOOLE_1:1; then consider u being FinSequence of REAL such that A15: w,u are_fiberwise_equipotent and A16: u is non-increasing and u is FinSequence of INT and A17: (Result (P,t)) . (fsloc 0) = u by Th37, A4; consider z being FinSequence of REAL such that A18: w,z are_fiberwise_equipotent and A19: z is non-increasing and z is FinSequence of INT and A20: Sorting-Function . d = (fsloc 0) .--> z by A1, SCMFSA_M:36; d c= (Initialize ((intloc 0) .--> 1)) +* d by FUNCT_4:25; then A21: dom d c= dom ((Initialize ((intloc 0) .--> 1)) +* d) by RELAT_1:11; A22: dom ((fsloc 0) .--> z) = {(fsloc 0)} by FUNCOP_1:13; A23: u = z by A18, A19, A15, A16, CLASSES1:76, RFINSEQ:23; A24: (fsloc 0) .--> u c= Result (P,t) by A17, A13, FUNCT_4:85; dom ((fsloc 0) .--> z) c= dom ((Initialize ((intloc 0) .--> 1)) +* d) by A1, A22, A21, FUNCOP_1:13; then (fsloc 0) .--> z c= (Result (P,t)) | (dom ((Initialize ((intloc 0) .--> 1)) +* d)) by A24, A23, RELAT_1:151; hence Sorting-Function . d c= Result (Insert-Sort-Algorithm,((Initialize ((intloc 0) .--> 1)) +* d)) by A20, A14; ::_thesis: verum end;