let A be non empty finite real-membered set ;
synonym min A for lower_bound A;

let A be non empty finite real-membered set ;
redefine func lower_bound A means :Def1: :: SFMASTR3:def 1
( it in A & ( for k being real number st k in A holds
it <= k ) );
compatibility
for b₁ being set holds
( b₁ = min A iff ( b₁ in A & ( for k being real number st k in A holds
b₁ <= k ) ) )

let X be non empty finite natural-membered set ;
cluster min X -> integer ;
coherence
min X is integer

let F be FinSequence of INT ;
let m, n be Nat;
assume A1: ( 1 <= m & m <= n & n <= len F ) ;
canceled;
func min_at F,m,n -> Nat means :Def3: :: SFMASTR3:def 3
ex X being non empty finite Subset of INT st
( X = rng (m,n -cut F) & it + 1 = ((min X) .. (m,n -cut F)) + m );
existence
ex b₁ being Nat ex X being non empty finite Subset of INT st
( X = rng (m,n -cut F) & b₁ + 1 = ((min X) .. (m,n -cut F)) + m ) uniqueness
for b₁, b₂ being Nat st ex X being non empty finite Subset of INT st
( X = rng (m,n -cut F) & b₁ + 1 = ((min X) .. (m,n -cut F)) + m ) & ex X being non empty finite Subset of INT st
( X = rng (m,n -cut F) & b₂ + 1 = ((min X) .. (m,n -cut F)) + m ) holds
b₁ = b₂ ;

let F be FinSequence of INT ;
let m, n be Nat;
pred F is_non_decreasing_on m,n means :Def4: :: SFMASTR3:def 4
for i, j being Nat st m <= i & i <= j & j <= n holds
F . i <= F . j;

let F be FinSequence of INT ;
let n be Nat;
pred F is_split_at n means :Def5: :: SFMASTR3:def 5
for i, j being Nat st 1 <= i & i <= n & n < j & j <= len F holds
F . i <= F . j;

let a be read-write Int-Location ;
let b be Int-Location ;
let I, J be good Macro-Instruction;
cluster if>0 a,b,I,J -> good ;
coherence
if>0 a,b,I,J is good

let a, b, c be Int-Location ;
let I be Macro-Instruction;
let s be State of SCM+FSA ;
func StepForUp a,b,c,I,s -> Function of NAT , product the Object-Kind of SCM+FSA equals :: SFMASTR3:def 6
StepWhile>0 (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(intloc 0))),((s +* (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(((s . c) - (s . b)) + 1)) +* a,(s . b));
coherence
StepWhile>0 (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(intloc 0))),((s +* (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(((s . c) - (s . b)) + 1)) +* a,(s . b)) is Function of NAT , product the Object-Kind of SCM+FSA ;

let a, b, c be Int-Location ;
let I be Macro-Instruction;
let s be State of SCM+FSA ;
pred ProperForUpBody a,b,c,I,s means :Def7: :: SFMASTR3:def 7
for i being Nat st i < ((s . c) - (s . b)) + 1 holds
( I is_closed_on (StepForUp a,b,c,I,s) . i & I is_halting_on (StepForUp a,b,c,I,s) . i );

let a, b, c be Int-Location ;
let I be Macro-Instruction;
set aux = 1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I));
func for-up a,b,c,I -> Macro-Instruction equals :: SFMASTR3:def 8
(((((1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))) := c) ';' (SubFrom (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),b)) ';' (AddTo (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := b)) ';' (while>0 (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(intloc 0))));
coherence
(((((1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))) := c) ';' (SubFrom (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),b)) ';' (AddTo (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := b)) ';' (while>0 (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,b,c} \/ (UsedIntLoc I))),(intloc 0)))) is Macro-Instruction ;

let a be read-write Int-Location ;
let b, c be Int-Location ;
let I be good Macro-Instruction;
cluster for-up a,b,c,I -> good ;
coherence
for-up a,b,c,I is good ;

let s be State of SCM+FSA ; :: thesis: for a being read-write Int-Location
for bb, cc being Int-Location
for I being good Macro-Instruction st s . (intloc 0) = 1 & ( ProperForUpBody a,bb,cc,I,s or I is parahalting ) holds
( ProperBodyWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s & WithVariantWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s )
let a be read-write Int-Location ; :: thesis: for bb, cc being Int-Location
for I being good Macro-Instruction st s . (intloc 0) = 1 & ( ProperForUpBody a,bb,cc,I,s or I is parahalting ) holds
( ProperBodyWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s & WithVariantWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s )
let bb, cc be Int-Location ;
set D = Int-Locations \/ FinSeq-Locations ;
let I be good Macro-Instruction; :: thesis: ( s . (intloc 0) = 1 & ( ProperForUpBody a,bb,cc,I,s or I is parahalting ) implies ( ProperBodyWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s & WithVariantWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s ) )
assume that
A1: s . (intloc 0) = 1 and
A2: ( ProperForUpBody a,bb,cc,I,s or I is parahalting ) ; :: thesis: ( ProperBodyWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s & WithVariantWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s )
A3: ProperForUpBody a,bb,cc,I,s by A2, Th23;
set aux = 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I));
set i0 = (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc;
set i1 = SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb;
set i2 = AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0);
set i3 = a := bb;
set IB = (I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0));
set s1 = IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s;
set s2 = (s +* (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(((s . cc) - (s . bb)) + 1)) +* a,(s . bb);
A4: (IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s) | (Int-Locations \/ FinSeq-Locations ) = ((s +* (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(((s . cc) - (s . bb)) + 1)) +* a,(s . bb)) | (Int-Locations \/ FinSeq-Locations ) by A1, Th22;
set IB2 = (AddTo a,(intloc 0)) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0));
set SW1 = StepWhile>0 (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))),(IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s);
set SW2 = StepWhile>0 (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))),((s +* (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(((s . cc) - (s . bb)) + 1)) +* a,(s . bb));
set SF = StepForUp a,bb,cc,I,s;
set scb1 = ((s . cc) - (s . bb)) + 1;
A5: (I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)) = I ';' ((AddTo a,(intloc 0)) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) by SCMFSA6A:65;
A6: StepForUp a,bb,cc,I,s = StepWhile>0 (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))),((s +* (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(((s . cc) - (s . bb)) + 1)) +* a,(s . bb)) ;
A7: ProperBodyWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)),(s +* (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(((s . cc) - (s . bb)) + 1)) +* a,(s . bb) thus ProperBodyWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s :: thesis: WithVariantWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s deffunc H₁( Element of product the Object-Kind of SCM+FSA ) -> Element of NAT = abs ($1 . (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))));
consider f being Function of product the Object-Kind of SCM+FSA , NAT such that
A20: for x being Element of product the Object-Kind of SCM+FSA holds f . x = H₁(x) from FUNCT_2:sch 4( product the Object-Kind of SCM+FSA NAT );
A21: for k being Nat holds
( f . ((StepWhile>0 (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))),(IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s)) . (k + 1)) < f . ((StepWhile>0 (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))),(IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s)) . k) or ((StepWhile>0 (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),((I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))),(IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s)) . k) . (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) <= 0 ) thus WithVariantWhile>0 1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I)),(I ';' (AddTo a,(intloc 0))) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0)), IExec (((((1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))) := cc) ';' (SubFrom (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),bb)) ';' (AddTo (1 -stRWNotIn ({a,bb,cc} \/ (UsedIntLoc I))),(intloc 0))) ';' (a := bb)),s :: thesis: verum