let s be State of SCM+FSA ; :: thesis: for I being good InitHalting Program of SCM+FSA
for a being read-write Int-Location st I does_not_destroy a & s . a > 0 holds
ex s2 being State of SCM+FSA ex k being Element of NAT st
( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
let I be good InitHalting Program of SCM+FSA ; :: thesis: for a being read-write Int-Location st I does_not_destroy a & s . a > 0 holds
ex s2 being State of SCM+FSA ex k being Element of NAT st
( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
let a be read-write Int-Location ; :: thesis: ( I does_not_destroy a & s . a > 0 implies ex s2 being State of SCM+FSA ex k being Element of NAT st
( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) ) )
assume A1: I does_not_destroy a ; :: thesis: ( not s . a > 0 or ex s2 being State of SCM+FSA ex k being Element of NAT st
( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) ) )
assume A2: s . a > 0 ; :: thesis: ex s2 being State of SCM+FSA ex k being Element of NAT st
( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
set P = if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )));
reconsider I1 = I ';' (SubFrom a,(intloc 0 )) as InitHalting Program of SCM+FSA ;
set s1 = s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))));
take s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))); :: thesis: ex k being Element of NAT st
( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
take k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1; :: thesis: ( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 & (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
thus ( s2 = s +* (Initialized (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) & k = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 ) ; :: thesis: ( (Computation s2,k) . a = (s . a) - 1 & (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
( I1 is_closed_onInit s & I1 is_halting_onInit s ) by Th35, Th36;
then A3: ( if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_closed_onInit s & if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_halting_onInit s ) by A2, Th45;
Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1) = Following (Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) by AMI_1:14
.= Exec (CurInstr (Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))))),(Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) ;
then A4: Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1) = Exec (goto (insloc 0 )),(Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) by A3, Th71;
then A5: IC (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) = insloc 0 by SCMFSA_2:95;
A6: (Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) = s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) by SCMFSA8A:8;
set Is = (Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))));
A7: now
let b be Int-Location ; :: thesis: (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . b = (Computation ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . b
( Computation (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))), Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) equal_outside NAT & (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . b = (Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . b ) by A3, A4, Th68, SCMFSA_2:95;
hence (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . b = (Computation ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . b by A6, SCMFSA6A:30; :: thesis: verum
end;
Initialize (Initialize s) = Initialize s by SCMFSA8C:15;
then A8: (Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) = (Initialize s) +* ((if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))) +* (Start-At (insloc 0 ))) by SCMFSA8A:13;
A9: I1 is_halting_onInit s by Th36;
then A10: I1 is_halting_on Initialize s by Th41;
( I1 is_closed_onInit s & I1 is_halting_onInit s ) by Th35, Th36;
then ( if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_halting_onInit s & if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_closed_onInit s ) by A2, Th45;
then A11: ( if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_halting_on Initialize s & if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_closed_on Initialize s ) by Th40, Th41;
A12: now
thus (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . a = (Computation ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . a by A7
.= (IExec (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))),s) . a by A8, A11, SCMFSA8C:87 ; :: thesis: (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . (intloc 0 ) = 1
A13: if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is good by SCMFSA8C:115;
thus (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . (intloc 0 ) = (Computation ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . (intloc 0 ) by A7
.= 1 by A8, A11, A13, SCMFSA8C:96 ; :: thesis: verum
end;
( s . a <> 0 & I1 is_closed_onInit s ) by A2, Th35;
then A14: IExec (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))),s = (IExec I1,s) +* (Start-At (insloc (((card (Goto (insloc 2))) + (card I1)) + 3))) by A9, Th46;
then (IExec (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))),s) . a = (IExec I1,s) . a by SCMFSA_3:11;
hence (Computation s2,k) . a = (Computation ((Initialize s) +* (I1 +* (Start-At (insloc 0 )))),(LifeSpan ((Initialize s) +* (I1 +* (Start-At (insloc 0 )))))) . a by A10, A12, SCMFSA8C:87
.= (s . a) - 1 by A1, Th64 ;
:: thesis: ( (Computation s2,k) . (intloc 0 ) = 1 & ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
thus (Computation s2,k) . (intloc 0 ) = 1 by A12; :: thesis: ( ( for b being read-write Int-Location st b <> a holds
(Computation s2,k) . b = (IExec I,s) . b ) & ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
hereby :: thesis: ( ( for f being FinSeq-Location holds (Computation s2,k) . f = (IExec I,s) . f ) & IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
let b be read-write Int-Location ; :: thesis: ( b <> a implies (Computation s2,k) . b = (IExec I,s) . b )
assume A15: b <> a ; :: thesis: (Computation s2,k) . b = (IExec I,s) . b
thus (Computation s2,k) . b = (Computation ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . b by A7
.= (IExec (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))),s) . b by A8, A11, SCMFSA8C:87
.= (IExec I1,s) . b by A14, SCMFSA_3:11
.= (Exec (SubFrom a,(intloc 0 )),(IExec I,s)) . b by Th33
.= (IExec I,s) . b by A15, SCMFSA_2:91 ; :: thesis: verum
end;
hereby :: thesis: ( IC (Computation s2,k) = insloc 0 & ( for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) ) )
let f be FinSeq-Location ; :: thesis: (Computation s2,k) . f = (IExec I,s) . f
( Computation (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))), Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) equal_outside NAT & (Computation s2,((LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1)) . f = (Computation s2,(LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . f ) by A3, A4, Th68, SCMFSA_2:95;
hence (Computation s2,k) . f = (Computation ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),(LifeSpan ((Initialize s) +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))))) . f by A6, SCMFSA6A:31
.= (IExec (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))),s) . f by A8, A11, SCMFSA8C:87
.= (IExec I1,s) . f by A14, SCMFSA_3:12
.= (Exec (SubFrom a,(intloc 0 )),(IExec I,s)) . f by Th34
.= (IExec I,s) . f by SCMFSA_2:91 ;
:: thesis: verum
end;
thus IC (Computation s2,k) = insloc 0 by A4, SCMFSA_2:95; :: thesis: for n being Element of NAT st n <= k holds
IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))
hereby :: thesis: verum
let n be Element of NAT ; :: thesis: ( n <= k implies IC (Computation s2,b1) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) )
assume A16: n <= k ; :: thesis: IC (Computation s2,b1) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))
per cases ( n <= LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) or n = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 ) by A16, NAT_1:8;
suppose A17: n <= LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) ; :: thesis: IC (Computation s2,b1) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))
( I1 is_closed_onInit s & I1 is_halting_onInit s ) by Th35, Th36;
then A18: ( if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_closed_onInit s & if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))) is_halting_onInit s ) by A2, Th45;
then Computation (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),n, Computation s2,n equal_outside NAT by A17, Th68;
then A19: IC (Computation s2,n) = IC (Computation (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),n) by SCMFSA8A:6;
IC (Computation (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))),n) in dom (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))) by A18, Def4;
hence IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) by A19, FUNCT_4:105; :: thesis: verum
end;
suppose A20: n = (LifeSpan (s +* (Initialized (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))))) + 1 ; :: thesis: IC (Computation s2,b1) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))
A21: card (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) = card (dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))))) by CARD_1:104
.= card (dom (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) by FUNCT_4:105
.= card (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))) by CARD_1:104 ;
card (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 )))) = ((card (Goto (insloc 2))) + (card I1)) + 4 by SCMFSA8B:14
.= ((card I1) + 1) + 4 by SCMFSA8A:29
.= ((card I1) + 3) + 2 ;
hence IC (Computation s2,n) in dom (loop (if=0 a,(Goto (insloc 2)),(I ';' (SubFrom a,(intloc 0 ))))) by A5, A20, A21, SCMFSA6A:15; :: thesis: verum
end;
end;
end;