reserve p,P,P1,P2 for Instruction-Sequence of SCM+FSA;

theorem
  for a being Int-Location, I being Program of SCM+FSA st not a in
  UsedILoc I holds I does not destroy a
proof
  let aa be Int-Location, I be Program of SCM+FSA such that
A1: not aa in UsedILoc I;
  let i be Instruction of SCM+FSA;
  assume i in rng I;
  then UsedIntLoc i c= UsedILoc I by SF_MASTR:19;
  then
A2: not aa in UsedIntLoc i by A1;
 InsCode i <= 12 by SCMFSA_2:16;
  then InsCode i = 0 or ... or InsCode i = 12;
  then per cases;
  suppose
    InsCode i = 0;
    then i = halt SCM+FSA by SCMFSA_2:95;
    hence thesis;
  end;
  suppose
    InsCode i = 1;
    then consider a, b be Int-Location such that
A3: i = a:=b by SCMFSA_2:30;
    UsedIntLoc i = {a, b} by A3,SF_MASTR:14;
    then a in UsedIntLoc i by TARSKI:def 2;
    hence thesis by A2,A3,SCMFSA7B:6;
  end;
  suppose
    InsCode i = 2;
    then consider a, b be Int-Location such that
A4: i = AddTo(a,b) by SCMFSA_2:31;
    UsedIntLoc i = {a, b} by A4,SF_MASTR:14;
    then a in UsedIntLoc i by TARSKI:def 2;
    hence thesis by A2,A4,SCMFSA7B:7;
  end;
  suppose
    InsCode i = 3;
    then consider a, b be Int-Location such that
A5: i = SubFrom(a, b) by SCMFSA_2:32;
    UsedIntLoc i = {a, b} by A5,SF_MASTR:14;
    then a in UsedIntLoc i by TARSKI:def 2;
    hence thesis by A2,A5,SCMFSA7B:8;
  end;
  suppose
    InsCode i = 4;
    then consider a, b be Int-Location such that
A6: i = MultBy(a, b) by SCMFSA_2:33;
    UsedIntLoc i = {a, b} by A6,SF_MASTR:14;
    then a in UsedIntLoc i by TARSKI:def 2;
    hence thesis by A2,A6,SCMFSA7B:9;
  end;
  suppose
    InsCode i = 5;
    then consider a, b be Int-Location such that
A7: i = Divide(a, b) by SCMFSA_2:34;
A8: UsedIntLoc i = {a, b} by A7,SF_MASTR:14;
    then
A9: b in UsedIntLoc i by TARSKI:def 2;
    a in UsedIntLoc i by A8,TARSKI:def 2;
    hence thesis by A2,A7,A9,SCMFSA7B:10;
  end;
  suppose
    InsCode i = 6;
    then ex l be Nat st i = goto l by SCMFSA_2:35;
    hence thesis;
  end;
  suppose
    InsCode i = 7;
    then
    ex l be Nat, a being Int-Location st i =
    a=0_goto l by SCMFSA_2:36;
    hence thesis;
  end;
  suppose
    InsCode i = 8;
    then
    ex l be Nat, a being Int-Location st i =
    a>0_goto l by SCMFSA_2:37;
    hence thesis;
  end;
  suppose
    InsCode i = 9;
    then consider a, b be Int-Location, f be FinSeq-Location such that
A10: i = b:=(f,a) by SCMFSA_2:38;
    UsedIntLoc i = {a, b} by A10,SF_MASTR:17;
    then b in UsedIntLoc i by TARSKI:def 2;
    hence thesis by A2,A10,SCMFSA7B:14;
  end;
  suppose
    InsCode i = 10;
    then ex a, b be Int-Location, f be FinSeq-Location st i = (f,a) :=b by
SCMFSA_2:39;
    hence thesis by SCMFSA7B:15;
  end;
  suppose
    InsCode i = 11;
    then consider a be Int-Location, f be FinSeq-Location such that
A11: i = a:=len f by SCMFSA_2:40;
    UsedIntLoc i = {a} by A11,SF_MASTR:18;
    then a in UsedIntLoc i by TARSKI:def 1;
    hence thesis by A2,A11,SCMFSA7B:16;
  end;
  suppose
    InsCode i = 12;
    then
    ex a be Int-Location, f be FinSeq-Location st i = f :=<0,...,0>a by
SCMFSA_2:41;
    hence thesis by SCMFSA7B:17;
  end;
end;
