:: Memory handling for SCM+FSA
:: by Piotr Rudnicki and Andrzej Trybulec
::
:: Received July 18, 1996
:: Copyright (c) 1996-2011 Association of Mizar Users


begin

registration
cluster Int-Locations -> non empty ;
coherence
not Int-Locations is empty ;
end;

begin

theorem :: SF_MASTR:1
canceled;

theorem :: SF_MASTR:2
canceled;

theorem :: SF_MASTR:3
canceled;

theorem :: SF_MASTR:4
canceled;

theorem Th5: :: SF_MASTR:5
for a1, b1, a2, b2 being Int-Location st a1 := b1 = a2 := b2 holds
( a1 = a2 & b1 = b2 )
proof end;

theorem Th6: :: SF_MASTR:6
for a1, b1, a2, b2 being Int-Location st AddTo (a1,b1) = AddTo (a2,b2) holds
( a1 = a2 & b1 = b2 )
proof end;

theorem Th7: :: SF_MASTR:7
for a1, b1, a2, b2 being Int-Location st SubFrom (a1,b1) = SubFrom (a2,b2) holds
( a1 = a2 & b1 = b2 )
proof end;

theorem Th8: :: SF_MASTR:8
for a1, b1, a2, b2 being Int-Location st MultBy (a1,b1) = MultBy (a2,b2) holds
( a1 = a2 & b1 = b2 )
proof end;

theorem Th9: :: SF_MASTR:9
for a1, b1, a2, b2 being Int-Location st Divide (a1,b1) = Divide (a2,b2) holds
( a1 = a2 & b1 = b2 )
proof end;

theorem :: SF_MASTR:10
for l1, l2 being Element of NAT st goto l1 = goto l2 holds
l1 = l2
proof end;

theorem Th11: :: SF_MASTR:11
for a1, a2 being Int-Location
for l1, l2 being Element of NAT st a1 =0_goto l1 = a2 =0_goto l2 holds
( a1 = a2 & l1 = l2 )
proof end;

theorem Th12: :: SF_MASTR:12
for a1, a2 being Int-Location
for l1, l2 being Element of NAT st a1 >0_goto l1 = a2 >0_goto l2 holds
( a1 = a2 & l1 = l2 )
proof end;

theorem Th13: :: SF_MASTR:13
for b1, a1, b2, a2 being Int-Location
for f1, f2 being FinSeq-Location st b1 := (f1,a1) = b2 := (f2,a2) holds
( a1 = a2 & b1 = b2 & f1 = f2 )
proof end;

theorem Th14: :: SF_MASTR:14
for a1, b1, a2, b2 being Int-Location
for f1, f2 being FinSeq-Location st (f1,a1) := b1 = (f2,a2) := b2 holds
( a1 = a2 & b1 = b2 & f1 = f2 )
proof end;

theorem Th15: :: SF_MASTR:15
for a1, a2 being Int-Location
for f1, f2 being FinSeq-Location st a1 :=len f1 = a2 :=len f2 holds
( a1 = a2 & f1 = f2 )
proof end;

theorem Th16: :: SF_MASTR:16
for a1, a2 being Int-Location
for f1, f2 being FinSeq-Location st f1 :=<0,...,0> a1 = f2 :=<0,...,0> a2 holds
( a1 = a2 & f1 = f2 )
proof end;

Lm16: for a1, a2 being Int-Location st a1 :==1 = a2 :==1 holds
a1 = a2
proof end;

begin

definition
let i be Instruction of SCM+FSA;
func UsedIntLoc i -> Element of Fin Int-Locations means :Def1: :: SF_MASTR:def 1
 ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & it = {a,b} ) if InsCode i in {1,2,3,4,5}
ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & it = {a} ) if ( InsCode i = 7 or InsCode i = 8 )
ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & it = {a,b} ) if ( InsCode i = 9 or InsCode i = 10 )
ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & it = {a} ) if ( InsCode i = 11 or InsCode i = 12 )
ex a being Int-Location st
( i = a :==1 & it = {a} ) if InsCode i = 13
otherwise it = {} ;
existence
( ( InsCode i in {1,2,3,4,5} implies ex b1 being Element of Fin Int-Locations ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b1 = {a,b} ) ) & ( ( InsCode i = 7 or InsCode i = 8 ) implies ex b1 being Element of Fin Int-Locations ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b1 = {a} ) ) & ( ( InsCode i = 9 or InsCode i = 10 ) implies ex b1 being Element of Fin Int-Locations ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {a,b} ) ) & ( ( InsCode i = 11 or InsCode i = 12 ) implies ex b1 being Element of Fin Int-Locations ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {a} ) ) & ( InsCode i = 13 implies ex b1 being Element of Fin Int-Locations ex a being Int-Location st
( i = a :==1 & b1 = {a} ) ) & ( InsCode i in {1,2,3,4,5} or InsCode i = 7 or InsCode i = 8 or InsCode i = 9 or InsCode i = 10 or InsCode i = 11 or InsCode i = 12 or InsCode i = 13 or ex b1 being Element of Fin Int-Locations st b1 = {} ) )
proof end;
uniqueness
for b1, b2 being Element of Fin Int-Locations holds
( ( InsCode i in {1,2,3,4,5} & ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b1 = {a,b} ) & ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b2 = {a,b} ) implies b1 = b2 ) & ( ( InsCode i = 7 or InsCode i = 8 ) & ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b1 = {a} ) & ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b2 = {a} ) implies b1 = b2 ) & ( ( InsCode i = 9 or InsCode i = 10 ) & ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {a,b} ) & ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b2 = {a,b} ) implies b1 = b2 ) & ( ( InsCode i = 11 or InsCode i = 12 ) & ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {a} ) & ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b2 = {a} ) implies b1 = b2 ) & ( InsCode i = 13 & ex a being Int-Location st
( i = a :==1 & b1 = {a} ) & ex a being Int-Location st
( i = a :==1 & b2 = {a} ) implies b1 = b2 ) & ( InsCode i in {1,2,3,4,5} or InsCode i = 7 or InsCode i = 8 or InsCode i = 9 or InsCode i = 10 or InsCode i = 11 or InsCode i = 12 or InsCode i = 13 or not b1 = {} or not b2 = {} or b1 = b2 ) )
proof end;
consistency
for b1 being Element of Fin Int-Locations holds
( ( InsCode i in {1,2,3,4,5} & ( InsCode i = 7 or InsCode i = 8 ) implies ( ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b1 = {a,b} ) iff ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b1 = {a} ) ) ) & ( InsCode i in {1,2,3,4,5} & ( InsCode i = 9 or InsCode i = 10 ) implies ( ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b1 = {a,b} ) iff ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {a,b} ) ) ) & ( InsCode i in {1,2,3,4,5} & ( InsCode i = 11 or InsCode i = 12 ) implies ( ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b1 = {a,b} ) iff ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {a} ) ) ) & ( InsCode i in {1,2,3,4,5} & InsCode i = 13 implies ( ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b1 = {a,b} ) iff ex a being Int-Location st
( i = a :==1 & b1 = {a} ) ) ) & ( ( InsCode i = 7 or InsCode i = 8 ) & ( InsCode i = 9 or InsCode i = 10 ) implies ( ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b1 = {a} ) iff ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {a,b} ) ) ) & ( ( InsCode i = 7 or InsCode i = 8 ) & ( InsCode i = 11 or InsCode i = 12 ) implies ( ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b1 = {a} ) iff ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {a} ) ) ) & ( ( InsCode i = 7 or InsCode i = 8 ) & InsCode i = 13 implies ( ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b1 = {a} ) iff ex a being Int-Location st
( i = a :==1 & b1 = {a} ) ) ) & ( ( InsCode i = 9 or InsCode i = 10 ) & ( InsCode i = 11 or InsCode i = 12 ) implies ( ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {a,b} ) iff ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {a} ) ) ) & ( ( InsCode i = 9 or InsCode i = 10 ) & InsCode i = 13 implies ( ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {a,b} ) iff ex a being Int-Location st
( i = a :==1 & b1 = {a} ) ) ) & ( ( InsCode i = 11 or InsCode i = 12 ) & InsCode i = 13 implies ( ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {a} ) iff ex a being Int-Location st
( i = a :==1 & b1 = {a} ) ) ) ) by ENUMSET1:def 3;
end;

:: deftheorem Def1 defines UsedIntLoc SF_MASTR:def 1 :
for i being Instruction of SCM+FSA
for b2 being Element of Fin Int-Locations holds
( ( InsCode i in {1,2,3,4,5} implies ( b2 = UsedIntLoc i iff ex a, b being Int-Location st
( ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) & b2 = {a,b} ) ) ) & ( ( InsCode i = 7 or InsCode i = 8 ) implies ( b2 = UsedIntLoc i iff ex a being Int-Location ex l being Element of NAT st
( ( i = a =0_goto l or i = a >0_goto l ) & b2 = {a} ) ) ) & ( ( InsCode i = 9 or InsCode i = 10 ) implies ( b2 = UsedIntLoc i iff ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b2 = {a,b} ) ) ) & ( ( InsCode i = 11 or InsCode i = 12 ) implies ( b2 = UsedIntLoc i iff ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b2 = {a} ) ) ) & ( InsCode i = 13 implies ( b2 = UsedIntLoc i iff ex a being Int-Location st
( i = a :==1 & b2 = {a} ) ) ) & ( InsCode i in {1,2,3,4,5} or InsCode i = 7 or InsCode i = 8 or InsCode i = 9 or InsCode i = 10 or InsCode i = 11 or InsCode i = 12 or InsCode i = 13 or ( b2 = UsedIntLoc i iff b2 = {} ) ) );

theorem Th17: :: SF_MASTR:17
UsedIntLoc (halt SCM+FSA) = {}
proof end;

theorem Th18: :: SF_MASTR:18
for a, b being Int-Location
for i being Instruction of SCM+FSA st ( i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) ) holds
UsedIntLoc i = {a,b}
proof end;

theorem Th19: :: SF_MASTR:19
for l being Element of NAT holds UsedIntLoc (goto l) = {}
proof end;

theorem Th20: :: SF_MASTR:20
for a being Int-Location
for l being Element of NAT
for i being Instruction of SCM+FSA st ( i = a =0_goto l or i = a >0_goto l ) holds
UsedIntLoc i = {a}
proof end;

theorem Th21: :: SF_MASTR:21
for b, a being Int-Location
for f being FinSeq-Location
for i being Instruction of SCM+FSA st ( i = b := (f,a) or i = (f,a) := b ) holds
UsedIntLoc i = {a,b}
proof end;

theorem Th22: :: SF_MASTR:22
for a being Int-Location
for f being FinSeq-Location
for i being Instruction of SCM+FSA st ( i = a :=len f or i = f :=<0,...,0> a ) holds
UsedIntLoc i = {a}
proof end;

Lm22: for a being Int-Location
for i being Instruction of SCM+FSA st i = a :==1 holds
UsedIntLoc i = {a}
proof end;

definition
let p be Function;
func UsedIntLoc p -> Subset of Int-Locations means :Def2: :: SF_MASTR:def 2
 ex UIL being Function of the Instructions of SCM+FSA,(Fin Int-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedIntLoc i ) & it = Union (UIL * p) );
existence
ex b1 being Subset of Int-Locations ex UIL being Function of the Instructions of SCM+FSA,(Fin Int-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedIntLoc i ) & b1 = Union (UIL * p) )
proof end;
uniqueness
for b1, b2 being Subset of Int-Locations st ex UIL being Function of the Instructions of SCM+FSA,(Fin Int-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedIntLoc i ) & b1 = Union (UIL * p) ) & ex UIL being Function of the Instructions of SCM+FSA,(Fin Int-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedIntLoc i ) & b2 = Union (UIL * p) ) holds
b1 = b2
proof end;
end;

:: deftheorem Def2 defines UsedIntLoc SF_MASTR:def 2 :
for p being Function
for b2 being Subset of Int-Locations holds
( b2 = UsedIntLoc p iff ex UIL being Function of the Instructions of SCM+FSA,(Fin Int-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedIntLoc i ) & b2 = Union (UIL * p) ) );

registration
let p be preProgram of SCM+FSA;
cluster UsedIntLoc p -> finite ;
coherence
UsedIntLoc p is finite
proof end;
end;

theorem Th23: :: SF_MASTR:23
for i being Instruction of SCM+FSA
for p being preProgram of SCM+FSA st i in rng p holds
UsedIntLoc i c= UsedIntLoc p
proof end;

theorem :: SF_MASTR:24
for p, r being preProgram of SCM+FSA holds UsedIntLoc (p +* r) c= (UsedIntLoc p) \/ (UsedIntLoc r)
proof end;

theorem Th25: :: SF_MASTR:25
for p, r being preProgram of SCM+FSA st dom p misses dom r holds
UsedIntLoc (p +* r) = (UsedIntLoc p) \/ (UsedIntLoc r)
proof end;

theorem Th26: :: SF_MASTR:26
for p being preProgram of SCM+FSA
for k being Element of NAT holds UsedIntLoc p = UsedIntLoc (Shift (p,k))
proof end;

theorem Th27: :: SF_MASTR:27
for i being Instruction of SCM+FSA
for k being Element of NAT holds UsedIntLoc i = UsedIntLoc (IncAddr (i,k))
proof end;

theorem Th28: :: SF_MASTR:28
for p being preProgram of SCM+FSA
for k being Element of NAT holds UsedIntLoc p = UsedIntLoc (IncAddr (p,k))
proof end;

theorem Th29: :: SF_MASTR:29
for I being Program of {INT,(INT *)}
for k being Element of NAT holds UsedIntLoc I = UsedIntLoc (Reloc ((ProgramPart I),k))
proof end;

theorem Th30: :: SF_MASTR:30
for I being Program of {INT,(INT *)} holds UsedIntLoc I = UsedIntLoc (Directed I)
proof end;

theorem Th31: :: SF_MASTR:31
for I, J being Program of {INT,(INT *)} holds UsedIntLoc (I ';' J) = (UsedIntLoc I) \/ (UsedIntLoc J)
proof end;

theorem Th32: :: SF_MASTR:32
for i being Instruction of SCM+FSA holds UsedIntLoc (Macro i) = UsedIntLoc i
proof end;

theorem :: SF_MASTR:33
for i being Instruction of SCM+FSA
for J being Program of {INT,(INT *)} holds UsedIntLoc (i ';' J) = (UsedIntLoc i) \/ (UsedIntLoc J)
proof end;

theorem :: SF_MASTR:34
for j being Instruction of SCM+FSA
for I being Program of {INT,(INT *)} holds UsedIntLoc (I ';' j) = (UsedIntLoc I) \/ (UsedIntLoc j)
proof end;

theorem :: SF_MASTR:35
for i, j being Instruction of SCM+FSA holds UsedIntLoc (i ';' j) = (UsedIntLoc i) \/ (UsedIntLoc j)
proof end;

begin

definition
let i be Instruction of SCM+FSA;
func UsedInt*Loc i -> Element of Fin FinSeq-Locations means :Def3: :: SF_MASTR:def 3
 ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & it = {f} ) if ( InsCode i = 9 or InsCode i = 10 )
ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & it = {f} ) if ( InsCode i = 11 or InsCode i = 12 )
otherwise it = {} ;
existence
( ( ( InsCode i = 9 or InsCode i = 10 ) implies ex b1 being Element of Fin FinSeq-Locations ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {f} ) ) & ( ( InsCode i = 11 or InsCode i = 12 ) implies ex b1 being Element of Fin FinSeq-Locations ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {f} ) ) & ( InsCode i = 9 or InsCode i = 10 or InsCode i = 11 or InsCode i = 12 or ex b1 being Element of Fin FinSeq-Locations st b1 = {} ) )
proof end;
uniqueness
for b1, b2 being Element of Fin FinSeq-Locations holds
( ( ( InsCode i = 9 or InsCode i = 10 ) & ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {f} ) & ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b2 = {f} ) implies b1 = b2 ) & ( ( InsCode i = 11 or InsCode i = 12 ) & ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {f} ) & ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b2 = {f} ) implies b1 = b2 ) & ( InsCode i = 9 or InsCode i = 10 or InsCode i = 11 or InsCode i = 12 or not b1 = {} or not b2 = {} or b1 = b2 ) )
proof end;
consistency
for b1 being Element of Fin FinSeq-Locations st ( InsCode i = 9 or InsCode i = 10 ) & ( InsCode i = 11 or InsCode i = 12 ) holds
( ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b1 = {f} ) iff ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b1 = {f} ) ) ;
end;

:: deftheorem Def3 defines UsedInt*Loc SF_MASTR:def 3 :
for i being Instruction of SCM+FSA
for b2 being Element of Fin FinSeq-Locations holds
( ( ( InsCode i = 9 or InsCode i = 10 ) implies ( b2 = UsedInt*Loc i iff ex a, b being Int-Location ex f being FinSeq-Location st
( ( i = b := (f,a) or i = (f,a) := b ) & b2 = {f} ) ) ) & ( ( InsCode i = 11 or InsCode i = 12 ) implies ( b2 = UsedInt*Loc i iff ex a being Int-Location ex f being FinSeq-Location st
( ( i = a :=len f or i = f :=<0,...,0> a ) & b2 = {f} ) ) ) & ( InsCode i = 9 or InsCode i = 10 or InsCode i = 11 or InsCode i = 12 or ( b2 = UsedInt*Loc i iff b2 = {} ) ) );

theorem Th36: :: SF_MASTR:36
for a, b being Int-Location
for l being Element of NAT
for i being Instruction of SCM+FSA st ( i = halt SCM+FSA or i = a := b or i = AddTo (a,b) or i = SubFrom (a,b) or i = MultBy (a,b) or i = Divide (a,b) or i = goto l or i = a =0_goto l or i = a >0_goto l ) holds
UsedInt*Loc i = {}
proof end;

theorem Th37: :: SF_MASTR:37
for b, a being Int-Location
for f being FinSeq-Location
for i being Instruction of SCM+FSA st ( i = b := (f,a) or i = (f,a) := b ) holds
UsedInt*Loc i = {f}
proof end;

theorem Th38: :: SF_MASTR:38
for a being Int-Location
for f being FinSeq-Location
for i being Instruction of SCM+FSA st ( i = a :=len f or i = f :=<0,...,0> a ) holds
UsedInt*Loc i = {f}
proof end;

Lm38: for a being Int-Location
for i being Instruction of SCM+FSA st i = a :==1 holds
UsedInt*Loc i = {}
proof end;

definition
let p be Function;
func UsedInt*Loc p -> Subset of FinSeq-Locations means :Def4: :: SF_MASTR:def 4
 ex UIL being Function of the Instructions of SCM+FSA,(Fin FinSeq-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedInt*Loc i ) & it = Union (UIL * p) );
existence
ex b1 being Subset of FinSeq-Locations ex UIL being Function of the Instructions of SCM+FSA,(Fin FinSeq-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedInt*Loc i ) & b1 = Union (UIL * p) )
proof end;
uniqueness
for b1, b2 being Subset of FinSeq-Locations st ex UIL being Function of the Instructions of SCM+FSA,(Fin FinSeq-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedInt*Loc i ) & b1 = Union (UIL * p) ) & ex UIL being Function of the Instructions of SCM+FSA,(Fin FinSeq-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedInt*Loc i ) & b2 = Union (UIL * p) ) holds
b1 = b2
proof end;
end;

:: deftheorem Def4 defines UsedInt*Loc SF_MASTR:def 4 :
for p being Function
for b2 being Subset of FinSeq-Locations holds
( b2 = UsedInt*Loc p iff ex UIL being Function of the Instructions of SCM+FSA,(Fin FinSeq-Locations) st
( ( for i being Instruction of SCM+FSA holds UIL . i = UsedInt*Loc i ) & b2 = Union (UIL * p) ) );

registration
let p be preProgram of SCM+FSA;
cluster UsedInt*Loc p -> finite ;
coherence
UsedInt*Loc p is finite
proof end;
end;

theorem Th39: :: SF_MASTR:39
for i being Instruction of SCM+FSA
for p being preProgram of SCM+FSA st i in rng p holds
UsedInt*Loc i c= UsedInt*Loc p
proof end;

theorem :: SF_MASTR:40
for p, r being preProgram of SCM+FSA holds UsedInt*Loc (p +* r) c= (UsedInt*Loc p) \/ (UsedInt*Loc r)
proof end;

theorem Th41: :: SF_MASTR:41
for p, r being preProgram of SCM+FSA st dom p misses dom r holds
UsedInt*Loc (p +* r) = (UsedInt*Loc p) \/ (UsedInt*Loc r)
proof end;

theorem Th42: :: SF_MASTR:42
for p being preProgram of SCM+FSA
for k being Element of NAT holds UsedInt*Loc p = UsedInt*Loc (Shift (p,k))
proof end;

theorem Th43: :: SF_MASTR:43
for i being Instruction of SCM+FSA
for k being Element of NAT holds UsedInt*Loc i = UsedInt*Loc (IncAddr (i,k))
proof end;

theorem Th44: :: SF_MASTR:44
for p being preProgram of SCM+FSA
for k being Element of NAT holds UsedInt*Loc p = UsedInt*Loc (IncAddr (p,k))
proof end;

theorem Th45: :: SF_MASTR:45
for I being Program of {INT,(INT *)}
for k being Element of NAT holds UsedInt*Loc I = UsedInt*Loc (Reloc ((ProgramPart I),k))
proof end;

theorem Th46: :: SF_MASTR:46
for I being Program of {INT,(INT *)} holds UsedInt*Loc I = UsedInt*Loc (Directed I)
proof end;

theorem Th47: :: SF_MASTR:47
for I, J being Program of {INT,(INT *)} holds UsedInt*Loc (I ';' J) = (UsedInt*Loc I) \/ (UsedInt*Loc J)
proof end;

theorem Th48: :: SF_MASTR:48
for i being Instruction of SCM+FSA holds UsedInt*Loc (Macro i) = UsedInt*Loc i
proof end;

theorem :: SF_MASTR:49
for i being Instruction of SCM+FSA
for J being Program of {INT,(INT *)} holds UsedInt*Loc (i ';' J) = (UsedInt*Loc i) \/ (UsedInt*Loc J)
proof end;

theorem :: SF_MASTR:50
for j being Instruction of SCM+FSA
for I being Program of {INT,(INT *)} holds UsedInt*Loc (I ';' j) = (UsedInt*Loc I) \/ (UsedInt*Loc j)
proof end;

theorem :: SF_MASTR:51
for i, j being Instruction of SCM+FSA holds UsedInt*Loc (i ';' j) = (UsedInt*Loc i) \/ (UsedInt*Loc j)
proof end;

begin

definition
let IT be Int-Location ;
attr IT is read-only means :Def5: :: SF_MASTR:def 5
IT = intloc 0;
end;

:: deftheorem Def5 defines read-only SF_MASTR:def 5 :
for IT being Int-Location holds
( IT is read-only iff IT = intloc 0 );

notation
let IT be Int-Location ;
antonym read-write IT for read-only ;
end;

registration
cluster intloc 0 -> read-only ;
coherence
intloc 0 is read-only by Def5;
end;

registration
cluster read-write Int-Location ;
existence
not for b1 being Int-Location holds b1 is read-only
proof end;
end;

definition
let L be finite Subset of Int-Locations;
func FirstNotIn L -> Int-Location means :Def6: :: SF_MASTR:def 6
 ex sn being non empty Subset of NAT st
( it = intloc (min sn) & sn = { k where k is Element of NAT : not intloc k in L } );
existence
ex b1 being Int-Location ex sn being non empty Subset of NAT st
( b1 = intloc (min sn) & sn = { k where k is Element of NAT : not intloc k in L } )
proof end;
uniqueness
for b1, b2 being Int-Location st ex sn being non empty Subset of NAT st
( b1 = intloc (min sn) & sn = { k where k is Element of NAT : not intloc k in L } ) & ex sn being non empty Subset of NAT st
( b2 = intloc (min sn) & sn = { k where k is Element of NAT : not intloc k in L } ) holds
b1 = b2 ;
end;

:: deftheorem Def6 defines FirstNotIn SF_MASTR:def 6 :
for L being finite Subset of Int-Locations
for b2 being Int-Location holds
( b2 = FirstNotIn L iff ex sn being non empty Subset of NAT st
( b2 = intloc (min sn) & sn = { k where k is Element of NAT : not intloc k in L } ) );

theorem Th52: :: SF_MASTR:52
for L being finite Subset of Int-Locations holds not FirstNotIn L in L
proof end;

theorem :: SF_MASTR:53
for m, n being Element of NAT
for L being finite Subset of Int-Locations st FirstNotIn L = intloc m & not intloc n in L holds
m <= n
proof end;

definition
let p be preProgram of SCM+FSA;
func FirstNotUsed p -> Int-Location means :Def7: :: SF_MASTR:def 7
 ex sil being finite Subset of Int-Locations st
( sil = (UsedIntLoc p) \/ {(intloc 0)} & it = FirstNotIn sil );
existence
ex b1 being Int-Location ex sil being finite Subset of Int-Locations st
( sil = (UsedIntLoc p) \/ {(intloc 0)} & b1 = FirstNotIn sil )
proof end;
uniqueness
for b1, b2 being Int-Location st ex sil being finite Subset of Int-Locations st
( sil = (UsedIntLoc p) \/ {(intloc 0)} & b1 = FirstNotIn sil ) & ex sil being finite Subset of Int-Locations st
( sil = (UsedIntLoc p) \/ {(intloc 0)} & b2 = FirstNotIn sil ) holds
b1 = b2 ;
end;

:: deftheorem Def7 defines FirstNotUsed SF_MASTR:def 7 :
for p being preProgram of SCM+FSA
for b2 being Int-Location holds
( b2 = FirstNotUsed p iff ex sil being finite Subset of Int-Locations st
( sil = (UsedIntLoc p) \/ {(intloc 0)} & b2 = FirstNotIn sil ) );

registration
let p be preProgram of SCM+FSA;
cluster FirstNotUsed p -> read-write ;
coherence
not FirstNotUsed p is read-only
proof end;
end;

theorem Th54: :: SF_MASTR:54
for p being preProgram of SCM+FSA holds not FirstNotUsed p in UsedIntLoc p
proof end;

theorem :: SF_MASTR:55
for a, b being Int-Location
for p being preProgram of SCM+FSA st ( a := b in rng p or AddTo (a,b) in rng p or SubFrom (a,b) in rng p or MultBy (a,b) in rng p or Divide (a,b) in rng p ) holds
( FirstNotUsed p <> a & FirstNotUsed p <> b )
proof end;

theorem :: SF_MASTR:56
for a being Int-Location
for l being Element of NAT
for p being preProgram of SCM+FSA st ( a =0_goto l in rng p or a >0_goto l in rng p ) holds
FirstNotUsed p <> a
proof end;

theorem :: SF_MASTR:57
for b, a being Int-Location
for f being FinSeq-Location
for p being preProgram of SCM+FSA st ( b := (f,a) in rng p or (f,a) := b in rng p ) holds
( FirstNotUsed p <> a & FirstNotUsed p <> b )
proof end;

theorem :: SF_MASTR:58
for a being Int-Location
for f being FinSeq-Location
for p being preProgram of SCM+FSA st ( a :=len f in rng p or f :=<0,...,0> a in rng p ) holds
FirstNotUsed p <> a
proof end;

begin

definition
let L be finite Subset of FinSeq-Locations;
func First*NotIn L -> FinSeq-Location means :Def8: :: SF_MASTR:def 8
 ex sn being non empty Subset of NAT st
( it = fsloc (min sn) & sn = { k where k is Element of NAT : not fsloc k in L } );
existence
ex b1 being FinSeq-Location ex sn being non empty Subset of NAT st
( b1 = fsloc (min sn) & sn = { k where k is Element of NAT : not fsloc k in L } )
proof end;
uniqueness
for b1, b2 being FinSeq-Location st ex sn being non empty Subset of NAT st
( b1 = fsloc (min sn) & sn = { k where k is Element of NAT : not fsloc k in L } ) & ex sn being non empty Subset of NAT st
( b2 = fsloc (min sn) & sn = { k where k is Element of NAT : not fsloc k in L } ) holds
b1 = b2 ;
end;

:: deftheorem Def8 defines First*NotIn SF_MASTR:def 8 :
for L being finite Subset of FinSeq-Locations
for b2 being FinSeq-Location holds
( b2 = First*NotIn L iff ex sn being non empty Subset of NAT st
( b2 = fsloc (min sn) & sn = { k where k is Element of NAT : not fsloc k in L } ) );

theorem Th59: :: SF_MASTR:59
for L being finite Subset of FinSeq-Locations holds not First*NotIn L in L
proof end;

theorem :: SF_MASTR:60
for m, n being Element of NAT
for L being finite Subset of FinSeq-Locations st First*NotIn L = fsloc m & not fsloc n in L holds
m <= n
proof end;

definition
let p be preProgram of SCM+FSA;
func First*NotUsed p -> FinSeq-Location means :Def9: :: SF_MASTR:def 9
 ex sil being finite Subset of FinSeq-Locations st
( sil = UsedInt*Loc p & it = First*NotIn sil );
existence
ex b1 being FinSeq-Location ex sil being finite Subset of FinSeq-Locations st
( sil = UsedInt*Loc p & b1 = First*NotIn sil )
proof end;
uniqueness
for b1, b2 being FinSeq-Location st ex sil being finite Subset of FinSeq-Locations st
( sil = UsedInt*Loc p & b1 = First*NotIn sil ) & ex sil being finite Subset of FinSeq-Locations st
( sil = UsedInt*Loc p & b2 = First*NotIn sil ) holds
b1 = b2 ;
end;

:: deftheorem Def9 defines First*NotUsed SF_MASTR:def 9 :
for p being preProgram of SCM+FSA
for b2 being FinSeq-Location holds
( b2 = First*NotUsed p iff ex sil being finite Subset of FinSeq-Locations st
( sil = UsedInt*Loc p & b2 = First*NotIn sil ) );

theorem Th61: :: SF_MASTR:61
for p being preProgram of SCM+FSA holds not First*NotUsed p in UsedInt*Loc p
proof end;

theorem :: SF_MASTR:62
for b, a being Int-Location
for f being FinSeq-Location
for p being preProgram of SCM+FSA st ( b := (f,a) in rng p or (f,a) := b in rng p ) holds
First*NotUsed p <> f
proof end;

theorem :: SF_MASTR:63
for a being Int-Location
for f being FinSeq-Location
for p being preProgram of SCM+FSA st ( a :=len f in rng p or f :=<0,...,0> a in rng p ) holds
First*NotUsed p <> f
proof end;

begin

theorem :: SF_MASTR:64
canceled;

theorem :: SF_MASTR:65
canceled;

theorem :: SF_MASTR:66
canceled;

theorem :: SF_MASTR:67
canceled;

theorem Th68: :: SF_MASTR:68
for c being Int-Location
for i being Instruction of SCM+FSA
for s being State of SCM+FSA st not c in UsedIntLoc i holds
(Exec (i,s)) . c = s . c
proof end;

theorem :: SF_MASTR:69
for a being Int-Location
for I being Program of {INT,(INT *)}
for n being Element of NAT
for s being State of SCM+FSA
for P being the Instructions of SCM+FSA -valued ManySortedSet of NAT st Start-At (0,SCM+FSA) c= s & I c= P & ( for m being Element of NAT st m < n holds
IC (Comput (P,s,m)) in dom I ) & not a in UsedIntLoc I holds
(Comput (P,s,n)) . a = s . a
proof end;

theorem Th70: :: SF_MASTR:70
for f being FinSeq-Location
for i being Instruction of SCM+FSA
for s being State of SCM+FSA st not f in UsedInt*Loc i holds
(Exec (i,s)) . f = s . f
proof end;

theorem :: SF_MASTR:71
for f being FinSeq-Location
for I being Program of {INT,(INT *)}
for n being Element of NAT
for s being State of SCM+FSA
for P being the Instructions of SCM+FSA -valued ManySortedSet of NAT st Start-At (0,SCM+FSA) c= s & I c= P & ( for m being Element of NAT st m < n holds
IC (Comput (P,s,m)) in dom I ) & not f in UsedInt*Loc I holds
(Comput (P,s,n)) . f = s . f
proof end;

theorem Th72: :: SF_MASTR:72
for i being Instruction of SCM+FSA
for s, t being State of SCM+FSA st s | (UsedIntLoc i) = t | (UsedIntLoc i) & s | (UsedInt*Loc i) = t | (UsedInt*Loc i) & IC s = IC t holds
( IC (Exec (i,s)) = IC (Exec (i,t)) & (Exec (i,s)) | (UsedIntLoc i) = (Exec (i,t)) | (UsedIntLoc i) & (Exec (i,s)) | (UsedInt*Loc i) = (Exec (i,t)) | (UsedInt*Loc i) )
proof end;

theorem :: SF_MASTR:73
for I being Program of {INT,(INT *)}
for n being Element of NAT
for s, t being State of SCM+FSA
for P, Q being the Instructions of SCM+FSA -valued ManySortedSet of NAT st I c= P & I c= Q & Start-At (0,SCM+FSA) c= s & Start-At (0,SCM+FSA) c= t & s | (UsedIntLoc I) = t | (UsedIntLoc I) & s | (UsedInt*Loc I) = t | (UsedInt*Loc I) & ( for m being Element of NAT st m < n holds
IC (Comput (P,s,m)) in dom I ) holds
( ( for m being Element of NAT st m < n holds
IC (Comput (Q,t,m)) in dom I ) & ( for m being Element of NAT st m <= n holds
( IC (Comput (P,s,m)) = IC (Comput (Q,t,m)) & ( for a being Int-Location st a in UsedIntLoc I holds
(Comput (P,s,m)) . a = (Comput (Q,t,m)) . a ) & ( for f being FinSeq-Location st f in UsedInt*Loc I holds
(Comput (P,s,m)) . f = (Comput (Q,t,m)) . f ) ) ) )
proof end;

theorem :: SF_MASTR:74
for a1, a2 being Int-Location st a1 :==1 = a2 :==1 holds
a1 = a2 by Lm16;

theorem :: SF_MASTR:75
for a being Int-Location
for i being Instruction of SCM+FSA st i = a :==1 holds
UsedIntLoc i = {a} by Lm22;