# Re: [isabelle] Isabelle2021-1-RC3: verit errors

```Hi Mathias.

On Mon, 2021-11-15 at 13:25 +0100, Mathias Fleury wrote:
>
> supply [[smt_trace]]

Thanks.

>
>
> Do you have any example with a failure?

Here you go.

--
Peter

theory Scratch
imports Main "Word_Lib.Word_Lib_Sumo"
begin

lemma msb_shiftr_word [simp]:
"r < LENGTH('a) ⟹ msb ((x :: 'a :: {len} word) >> r) ⟷ ((r = 0 ∧ msb
x))"
supply [[smt_trace]]
sledgehammer [provers=verit]

⌦‹
Sledgehammering...
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
0 < LENGTH('a signed)
0 < LENGTH('a)
1 = Suc 0
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
(x >> 0 = x)
∀w. nat (uint w) = unat w
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀m. possible_bit TYPE('a signed word) m = (m < LENGTH('a
signed))
∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a. (a ≠ 0) = (0 < a)
LENGTH('a signed) ≠ 0
LENGTH('a) ≠ 0
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a signed) - 1))
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - 1))
∀n. (n ≠ 0) = (0 < n)
∀a b. (∀n<LENGTH('a signed). a !! n = b !! n) ⟶ a = b
∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
∀n. (n < 0) = False
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb x = (x < 0))
∀n. (¬ 0 < n) = (n = 0)
∀w n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
(w !! n = (n < LENGTH('a signed) ∧ uint w !! n))
∀w n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
(w !! n = (n < LENGTH('a) ∧ uint w !! n))
∀n x. rev (replicate n x) = replicate n x
∀w v. LENGTH('a signed) = 0 ⟶ w = v
∀w v. LENGTH('a) = 0 ⟶ w = v
∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a signed) ⟶ x >> n <
2 ^ m
∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
∀w k n. w < k ⟶ w >> n < k
to_bl 0 = replicate LENGTH('a signed) False
to_bl 0 = replicate LENGTH('a) False
∀a. ¬ a < 0
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀uu. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of uu = 0)
∀n. (2 ^ n = 0) = (LENGTH('a signed) ≤ n)
∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
∀n. possible_bit TYPE(int) n
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀a. a ≤ a
∀a. a ≤ a
∀a. a ≤ a
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
(¬ msb x ⟶ sint x = uint x)
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a signed) - Suc 0))
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - Suc 0))
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀n. ¬ n < 0
∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a signed) ⟶ x >> n < 2 ^ m
∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
∀x. length (to_bl x) = LENGTH('a signed)
∀x. length (to_bl x) = LENGTH('a)
∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
∀n. n < n ⟶ False
∀a b. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < b) = (unat a < unat b))
∀s t. s < t ⟶ s ≠ t
∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
∀n m. n < m ⟶ m ≠ n
∀m. ¬ of_nat m < 0
∀m. ¬ int m < 0
∀n x. length (replicate n x) = n
∀n. ¬ n < n
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
(size w = LENGTH('a signed))
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
(size w = LENGTH('a))
∀m n. (m ≠ n) = (m < n ∨ n < m)
∀a. a - 0 = a
∀a. a - 0 = a
∀a. a - 0 = a
∀n. (0 < n) = (n ≠ 0)
∀n. of_bl (replicate n False) = 0
∀m n. m < n ⟶ n ≠ 0
∀f g x.
SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((f ∘ g) x))
SMT.Symb_Nil) SMT.Symb_Nil)
((f ∘ g) x = f (g x))
∀w n. w !! n ⟶ n < LENGTH('a signed)
∀w n. w !! n ⟶ n < LENGTH('a)
∀n. (n = 0 ⟶ False) ⟶ 0 < n
∀x n. x < 2 ^ n ⟶ x && mask n = x
∀x. (uint x < 0) = False
∀w. length (to_bl w) = LENGTH('a signed)
∀w. length (to_bl w) = LENGTH('a)
∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀a. 0 ≤ a
∀m n. m < n ⟶ n ≠ 0
∀x. of_bl (to_bl x) = x
∀n<0. False
∀n<LENGTH('a signed). uint (2 ^ n) = 2 ^ n
∀n<LENGTH('a). uint (2 ^ n) = 2 ^ n
∀n. ¬ n < 0
∀n. (¬ 0 < n) = (n = 0)
∀n. unat (2 ^ n) = (if n < LENGTH('a signed) then 2 ^ n else 0)
∀n. unat (2 ^ n) = (if n < LENGTH('a) then 2 ^ n else 0)
∀n. (n = 0 ⟶ False) ⟶ 0 < n
∀b c a q.
LENGTH('a signed) + b ≤ c + a ∧ c < LENGTH('a signed) ⟶
unat ((q >> a << b) && ~~ mask c) = 0
∀b c a q.
LENGTH('a) + b ≤ c + a ∧ c < LENGTH('a) ⟶ unat ((q >> a << b)
&& ~~ mask c) = 0
∀y. 0 < y ∨ 0 = y
∀x. ¬ x < 0
∀n<LENGTH('a signed). unat (2 ^ n) = 2 ^ n
∀n<LENGTH('a). unat (2 ^ n) = 2 ^ n
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0 signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0))
¬ 0 < 0
¬ 0 < 0
∀x. to_bl x ≠ []
∀z n. 0 ≤ z ⟶ nat (z ^ n) = nat z ^ n
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = (w >> LENGTH('a signed) - 1 ≠ 0))
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = (w >> LENGTH('a) - 1 ≠ 0))
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
∀a b n. (a && b) !! n = (a !! n ∧ b !! n)
∀a. (0 = - a) = (0 = a)
∀a. (0 = - a) = (0 = a)
∀n. (LENGTH('a signed) - Suc 0 < n) = (LENGTH('a signed) ≤ n)
∀n. (LENGTH('a) - Suc 0 < n) = (LENGTH('a) ≤ n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(push_bit n a = a * 2 ^ n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(push_bit n a = a * 2 ^ n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(push_bit n a = a * 2 ^ n)
∀n. (0 < of_nat n) = (0 < n)
∀n. (0 < int n) = (0 < n)
∀x y. (¬ x < y) = (y ≤ x)
∀x y. (¬ x < y) = (y ≤ x)
∀x y. (¬ x < y) = (y ≤ x)
∀x. ¬ x < x
∀x. ¬ x < x
∀x. ¬ x < x
¬ msb 0
∀a. a + 0 = a
∀a. a + 0 = a
∀a. a + 0 = a
∀m n. (of_nat m = of_nat n) = (m = n)
∀m n. (int m = int n) = (m = n)
∀m n. mask m !! n = (possible_bit TYPE(nat) n ∧ n < m)
∀m n. mask m !! n = (possible_bit TYPE('a word) n ∧ n < m)
∀m n. mask m !! n = (possible_bit TYPE(int) n ∧ n < m)
word_of_nat 0 = 0
of_nat 0 = 0
int 0 = 0
∀n. (0 = of_nat n) = (0 = n)
∀n. (0 = int n) = (0 = n)
∀a b. a * b = b * a
∀a b. a * b = b * a
∀a b. a * b = b * a
∀m. (of_nat m = 0) = (m = 0)
∀m. (int m = 0) = (m = 0)
∀p n. (p < 2 ^ n) =
(n < LENGTH('a signed) ∧ (∀n'. n ≤ n' ∧ n' < LENGTH('a
signed) ⟶ ¬ p !! n'))
∀p n. (p < 2 ^ n) = (n < LENGTH('a) ∧ (∀n'. n ≤ n' ∧ n' <
LENGTH('a) ⟶ ¬ p !! n'))
∀m n. (of_nat m < of_nat n) = (m < n)
∀m n. (int m < int n) = (m < n)
∀x. LENGTH('a signed) = LENGTH('a signed) ⟶
msb (UCAST('a signed → 'a signed) x) = msb x
∀x. LENGTH('a signed) = LENGTH('a) ⟶ msb (UCAST('a → 'a signed)
x) = msb x
∀x. LENGTH('a) = LENGTH('a signed) ⟶ msb (UCAST('a signed → 'a)
x) = msb x
∀x. LENGTH('a) = LENGTH('a) ⟶ msb (UCAST('a → 'a) x) = msb x
∀x y. (unat x * unat y < 2 ^ LENGTH('a signed)) = (unat (x * y)
= unat x * unat y)
∀x y. (unat x * unat y < 2 ^ LENGTH('a)) = (unat (x * y) = unat
x * unat y)
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = (sint w < 0))
∀a b. a + b = b + a
∀a b. a + b = b + a
∀a. ¬ a < 0
uint 0 = 0
unat 0 = 0
UCAST('a → 'a) 0 = 0
∀n. (n ≤ LENGTH('a signed) - Suc 0) = (n < LENGTH('a signed))
∀n. (n ≤ LENGTH('a) - Suc 0) = (n < LENGTH('a))
∀y. (0 < y) = (0 ≠ y)
∀w. (drop_bit (LENGTH('a signed) - Suc 0) w = 0) = (¬ w !!
(LENGTH('a signed) - Suc 0))
∀w. (drop_bit (LENGTH('a) - Suc 0) w = 0) = (¬ w !! (LENGTH('a)
- Suc 0))
∀w. (w ≠ 0) = (0 < w)
∀w. int (unat w) = uint w
∀w. of_nat (unat w) = unat w
∀w. word_of_nat (unat w) = UCAST('a → 'a) w
∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
∀a. (0 < a) = (a ≠ 0)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit n a = a && mask n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit n a = a AND mask n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit n a = a AND mask n)
0 = word_of_nat 0
∀n≥LENGTH('a signed). 2 ^ n = 0
∀n≥LENGTH('a). 2 ^ n = 0
∀w n. unat (w >> n) = unat w div 2 ^ n
∀m n. m < n ⟶ of_nat m < of_nat n
∀m n. m < n ⟶ int m < int n
∀m n. of_nat m < of_nat n ⟶ m < n
∀m n. int m < int n ⟶ m < n
SCAST('a → 'a) 0 = 0
sint 0 = 0
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = hd (to_bl w))
∀k. word_of_nat k ≠ 0 ⟶ 0 < k
∀k. of_nat k ≠ 0 ⟶ 0 < k
∀k. int k ≠ 0 ⟶ 0 < k
∀x xs.
SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x # xs))
SMT.Symb_Nil) SMT.Symb_Nil)
(length (x # xs) = Suc (length xs))
∀ty. possible_bit ty 0
∀ty. possible_bit ty 0
∀z. (0 < nat z) = (0 < z)
∀n w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(LENGTH('a signed) ≤ n ⟶ w >> n = 0)
∀n w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(LENGTH('a) ≤ n ⟶ w >> n = 0)
∀n. possible_bit TYPE(nat) n
∀n. possible_bit TYPE(int) n
∀n w. n < LENGTH('a signed) ⟶ w && mask n < 2 ^ n
∀n w. n < LENGTH('a) ⟶ w && mask n < 2 ^ n
∀a n. a < n ⟶ 0 < n
∀x z n. limited_and x z ⟶ limited_and (x >> n) (z >> n)
∀k. 0 < k ∧ (∀n. k = int n ∧ 0 < n ⟶ False) ⟶ False
bot = False
∀k>0. ∃n>0. k = int n
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb a = (2 ^ (LENGTH('a signed) - Suc 0) ≤ a))
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb a = (2 ^ (LENGTH('a) - Suc 0) ≤ a))
(CHAR('a word) = 0) = (∀n>0. word_of_nat n ≠ 0)
(CHAR(nat) = 0) = (∀n>0. of_nat n ≠ 0)
(CHAR(int) = 0) = (∀n>0. int n ≠ 0)
∀n. SMT.trigger
SMT.Symb_Nil) SMT.Symb_Nil)
(mask n = 2 ^ n - 1)
∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
CHAR('a word) = c
∀c. 0 < c ∧ of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ of_nat x ≠ 0) ⟶
CHAR(nat) = c
∀c. 0 < c ∧ int c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ int x ≠ 0) ⟶
CHAR(int) = c
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (SCAST('a → 'a) x))
SMT.Symb_Nil)
SMT.Symb_Nil)
(¬ msb x ⟶ SCAST('a → 'a) x = UCAST('a → 'a) x)
∀z z'. 0 ≤ z ⟶ nat (z * z') = nat z * nat z'
∀m n. (int m = int n) = (m = n)
∀n a. (take_bit n a = a) = (drop_bit n a = 0)
∀n a. (take_bit n a = a) = (drop_bit n a = 0)
∀n a. (take_bit n a = a) = (drop_bit n a = 0)
CHAR(nat) = 0
CHAR(int) = 0
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb a = (bin_sign (signed_take_bit (LENGTH('a signed) - 1)
(uint a)) = - 1))
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb a = (bin_sign (signed_take_bit (LENGTH('a) - 1) (uint
a)) = - 1))
word_of_nat CHAR('a word) = 0
of_nat CHAR(nat) = 0
int CHAR(int) = 0
(0 < 0) = False
∀a. 0 - a = - a
∀a. 0 - a = - a
(0 < CHAR('a word)) = (∃n>0. word_of_nat n = 0)
(0 < CHAR(nat)) = (∃n>0. of_nat n = 0)
(0 < CHAR(int)) = (∃n>0. int n = 0)
∀x. (x < 1) = (x = 0)
∀a b. (a < b) = (int a < int b)
int 0 = 0
∀a. (a ≠ 0) = (0 < a)
∀x y. (int x = int y) = (x = y)
∀a b. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a ≤ b))
SMT.Symb_Nil) SMT.Symb_Nil)
((a ≤ b) = (unat a ≤ unat b))
∀k. k < 0 ∧ (∀n. k = - int n ∧ 0 < n ⟶ False) ⟶ False
∀m n. (word_of_nat m < word_of_nat n) = (take_bit LENGTH('a) m <
take_bit LENGTH('a) n)
∀x y. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x ≤s y))
SMT.Symb_Nil) SMT.Symb_Nil)
((x ≤s y) = ((msb y ⟶ msb x) ∧ (msb x ∧ ¬ msb y ∨ x ≤
y)))
∀a. - (- a) = a
∀a. 0 * a = 0
∀a. 0 * a = 0
∀a b. (- a = - b) = (a = b)
∀b. - (- b) = b
∀n w. n < LENGTH('a) ⟶ to_bl w ! n = w !! (LENGTH('a) - Suc n)
0 = 0
∀n bnd x. 2 ^ (LENGTH('a) - n) - 1 ≤ bnd ∧ 0 < n ⟶ unat (x >> n)
≤ bnd
neg_numeral_class.sub num.One num.One = 0
∀a. (- a = 0) = (a = 0)
∀n k. (drop_bit n k < 0) = (k < 0)
∀a. (a = - a) = (a = 0)
∀a. 0 + a = a
∀a. 0 + a = a
∀a. (- a = a) = (a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a ^ 0 = 1)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a ^ 0 = 1)
∀b a. (- b < - a) = (a < b)
∀n. take_bit n 0 = 0
∀n. take_bit n 0 = 0
∀x r. msb (x >> r) = msb x
∀a. (a < - a) = (a < 0)
∀a. (- a < a) = (0 < a)
∀a. (0 < - a) = (a < 0)
∀a. (- a < 0) = (0 < a)
∀x. 0 ≤ x
∀m. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((*) m))
SMT.Symb_Nil) SMT.Symb_Nil)
(m * 0 = 0)
∀n m. (- int n = int m) = (n = 0 ∧ m = 0)
Numeral1 = 1
∀n m. take_bit n (int m) = int (take_bit n m)
SMT: Names:
sorts:
Nat\$ = nat
Num\$ = num
A_word\$ = 'a word
A_itself\$ = 'a itself
Bool_list\$ = bool list
Int_itself\$ = int itself
Nat_itself\$ = nat itself
Nat_int_fun\$ = nat ⇒ int
Nat_nat_fun\$ = nat ⇒ nat
Num0_itself\$ = 0 itself
Nat_bool_fun\$ = nat ⇒ bool
A_signed_word\$ = 'a signed word
A_word_itself\$ = 'a word itself
Nat_a_word_fun\$ = nat ⇒ 'a word
A_signed_itself\$ = 'a signed itself
Num0_signed_itself\$ = 0 signed itself
A_signed_word_itself\$ = 'a signed word itself
A_signed_signed_itself\$ = 'a signed signed itself
Num0_signed_signed_itself\$ = 0 signed signed itself
functions:
r\$ = r
x\$ = x
hd\$ = hd
and\$ = (&&)
bit\$ = (!!)
bot\$ = bot
msb\$ = msb
nat\$ = nat
nil\$ = []
not\$ = wordNOT
nth\$ = (!)
one\$ = 1
rev\$ = rev
sub\$ = neg_numeral_class.sub
suc\$ = Suc
and\$a = (&&)
and\$b = (AND)
and\$c = (AND)
bit\$a = (!!)
bit\$b = (!!)
bit\$c = (!!)
bit0\$ = num.Bit0
comp\$ = (∘)
cons\$ = (#)
less\$ = (<)
msb\$a = msb
msb\$b = msb
not\$a = wordNOT
one\$a = num.One
one\$b = 1
plus\$ = (+)
size\$ = length
type\$ = TYPE('a)
zero\$ = 0
less\$a = (<)
less\$b = (<)
minus\$ = (-)
of_bl\$ = of_bl
plus\$a = (+)
power\$ = (^)
size\$a = size
size\$b = size
times\$ = (*)
to_bl\$ = to_bl
type\$a = TYPE('a signed)
type\$b = TYPE('a signed word)
type\$c = TYPE('a word)
type\$d = TYPE(int)
type\$e = TYPE(nat)
type\$f = TYPE(0 signed)
type\$g = TYPE(0)
zero\$a = 0
zero\$b = 0
divide\$ = (div)
len_of\$ = len_of
minus\$a = (-)
of_nat\$ = of_nat
power\$a = (^)
power\$b = (^)
power\$c = (^)
shiftl\$ = (<<)
shiftr\$ = (>>)
signed\$ = sint
times\$a = (*)
times\$b = (*)
times\$c = (*)
to_bl\$a = to_bl
uminus\$ = uminus
fun_app\$ = SMT.fun_app
len_of\$a = len_of
len_of\$b = len_of
len_of\$c = len_of
len_of\$d = len_of
len_of\$e = len_of
less_eq\$ = (≤)
numeral\$ = numeral
of_nat\$a = int
of_nat\$b = word_of_nat
shiftl\$a = (<<)
shiftl\$b = (<<)
shiftl\$c = (<<)
shiftr\$a = (>>)
shiftr\$b = (>>)
shiftr\$c = (>>)
signed\$a = SCAST('a → 'a)
bin_sign\$ = bin_sign
drop_bit\$ = drop_bit
fun_app\$a = SMT.fun_app
fun_app\$b = SMT.fun_app
fun_app\$c = SMT.fun_app
less_eq\$a = (≤)
less_eq\$b = (≤)
numeral\$a = numeral
numeral\$b = numeral
push_bit\$ = push_bit
take_bit\$ = take_bit
unsigned\$ = uint
word_sle\$ = (≤s)
drop_bit\$a = drop_bit
drop_bit\$b = drop_bit
drop_bit\$c = drop_bit
push_bit\$a = push_bit
push_bit\$b = push_bit
replicate\$ = replicate
take_bit\$a = take_bit
take_bit\$b = take_bit
unsigned\$a = unat
unsigned\$b = uint
unsigned\$c = UCAST('a → 'a)
unsigned\$d = unat
unsigned\$e = UCAST('a signed → 'a signed)
unsigned\$f = UCAST('a → 'a signed)
unsigned\$g = UCAST('a signed → 'a)
limited_and\$ = limited_and
possible_bit\$ = possible_bit
possible_bit\$a = possible_bit
possible_bit\$b = possible_bit
possible_bit\$c = possible_bit
semiring_char\$ = semiring_char
semiring_char\$a = semiring_char
semiring_char\$b = semiring_char
signed_take_bit\$ = signed_take_bit
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9990
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort Num\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Bool_list\$ 0)
(declare-sort Int_itself\$ 0)
(declare-sort Nat_itself\$ 0)
(declare-sort Nat_int_fun\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort Num0_itself\$ 0)
(declare-sort Nat_bool_fun\$ 0)
(declare-sort A_signed_word\$ 0)
(declare-sort A_word_itself\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-sort A_signed_itself\$ 0)
(declare-sort Num0_signed_itself\$ 0)
(declare-sort A_signed_word_itself\$ 0)
(declare-sort A_signed_signed_itself\$ 0)
(declare-sort Num0_signed_signed_itself\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun hd\$ (Bool_list\$) Bool)
(declare-fun and\$ (A_signed_word\$ A_signed_word\$)
A_signed_word\$)
(declare-fun bit\$ (A_signed_word\$) Nat_bool_fun\$)
(declare-fun bot\$ () Bool)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun nat\$ (Int) Nat\$)
(declare-fun nil\$ () Bool_list\$)
(declare-fun not\$ (A_signed_word\$) A_signed_word\$)
(declare-fun nth\$ (Bool_list\$) Nat_bool_fun\$)
(declare-fun one\$ () Nat\$)
(declare-fun rev\$ (Bool_list\$) Bool_list\$)
(declare-fun sub\$ (Num\$ Num\$) Int)
(declare-fun suc\$ () Nat_nat_fun\$)
(declare-fun and\$a (A_word\$ A_word\$) A_word\$)
(declare-fun and\$b (Int Int) Int)
(declare-fun and\$c (Nat\$) Nat_nat_fun\$)
(declare-fun bit\$a (A_word\$) Nat_bool_fun\$)
(declare-fun bit\$b (Int) Nat_bool_fun\$)
(declare-fun bit\$c (Nat\$) Nat_bool_fun\$)
(declare-fun bit0\$ (Num\$) Num\$)
(declare-fun comp\$ (Nat_bool_fun\$ Nat_nat_fun\$) Nat_bool_fun\$)
(declare-fun cons\$ (Bool Bool_list\$) Bool_list\$)
(declare-fun less\$ (Nat\$) Nat_bool_fun\$)
(declare-fun msb\$a (A_signed_word\$) Bool)
(declare-fun msb\$b (Int) Bool)
(declare-fun not\$a (A_word\$) A_word\$)
(declare-fun one\$a () Num\$)
(declare-fun one\$b () A_word\$)
(declare-fun plus\$ (Nat\$) Nat_nat_fun\$)
(declare-fun size\$ (Bool_list\$) Nat\$)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun less\$a (A_signed_word\$ A_signed_word\$) Bool)
(declare-fun less\$b (A_word\$ A_word\$) Bool)
(declare-fun minus\$ (Nat\$) Nat_nat_fun\$)
(declare-fun of_bl\$ (Bool_list\$) A_word\$)
(declare-fun plus\$a (A_word\$ A_word\$) A_word\$)
(declare-fun power\$ (A_signed_word\$ Nat\$) A_signed_word\$)
(declare-fun size\$a (A_word\$) Nat\$)
(declare-fun size\$b (A_signed_word\$) Nat\$)
(declare-fun times\$ (A_word\$ A_word\$) A_word\$)
(declare-fun to_bl\$ (A_signed_word\$) Bool_list\$)
(declare-fun type\$a () A_signed_itself\$)
(declare-fun type\$b () A_signed_word_itself\$)
(declare-fun type\$c () A_word_itself\$)
(declare-fun type\$d () Int_itself\$)
(declare-fun type\$e () Nat_itself\$)
(declare-fun type\$f () Num0_signed_itself\$)
(declare-fun type\$g () Num0_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun zero\$b () A_signed_word\$)
(declare-fun divide\$ (Nat\$) Nat_nat_fun\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun minus\$a (A_word\$ A_word\$) A_word\$)
(declare-fun of_nat\$ () Nat_nat_fun\$)
(declare-fun power\$a (A_word\$ Nat\$) A_word\$)
(declare-fun power\$b (Int) Nat_int_fun\$)
(declare-fun power\$c (Nat\$) Nat_nat_fun\$)
(declare-fun shiftl\$ (Nat\$) Nat_nat_fun\$)
(declare-fun shiftr\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun signed\$ (A_word\$) Int)
(declare-fun times\$a (Int Int) Int)
(declare-fun times\$b (Nat\$) Nat_nat_fun\$)
(declare-fun times\$c (A_signed_word\$ A_signed_word\$)
A_signed_word\$)
(declare-fun to_bl\$a (A_word\$) Bool_list\$)
(declare-fun uminus\$ (A_word\$) A_word\$)
(declare-fun fun_app\$ (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun len_of\$a (A_signed_itself\$) Nat\$)
(declare-fun len_of\$b (Num0_itself\$) Nat\$)
(declare-fun len_of\$c (Num0_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$d (Num0_signed_itself\$) Nat\$)
(declare-fun len_of\$e (A_signed_signed_itself\$) Nat\$)
(declare-fun less_eq\$ (A_word\$ A_word\$) Bool)
(declare-fun numeral\$ (Num\$) A_signed_word\$)
(declare-fun of_nat\$a (Nat\$) Int)
(declare-fun of_nat\$b (Nat\$) A_word\$)
(declare-fun shiftl\$a (Int Nat\$) Int)
(declare-fun shiftl\$b (A_word\$ Nat\$) A_word\$)
(declare-fun shiftl\$c (A_signed_word\$ Nat\$) A_signed_word\$)
(declare-fun shiftr\$a (Nat\$) Nat_nat_fun\$)
(declare-fun shiftr\$b (Int) Nat_int_fun\$)
(declare-fun shiftr\$c (A_signed_word\$ Nat\$) A_signed_word\$)
(declare-fun signed\$a (A_word\$) A_word\$)
(declare-fun bin_sign\$ (Int) Int)
(declare-fun drop_bit\$ (Nat\$) Nat_nat_fun\$)
(declare-fun fun_app\$a (Nat_bool_fun\$ Nat\$) Bool)
(declare-fun fun_app\$b (Nat_nat_fun\$ Nat\$) Nat\$)
(declare-fun fun_app\$c (Nat_int_fun\$ Nat\$) Int)
(declare-fun less_eq\$a (Nat\$) Nat_bool_fun\$)
(declare-fun less_eq\$b (A_signed_word\$ A_signed_word\$) Bool)
(declare-fun numeral\$a (Num\$) A_word\$)
(declare-fun numeral\$b (Num\$) Nat\$)
(declare-fun push_bit\$ (Nat\$) Nat_nat_fun\$)
(declare-fun take_bit\$ (Nat\$ Int) Int)
(declare-fun unsigned\$ (A_word\$) Int)
(declare-fun word_sle\$ (A_word\$ A_word\$) Bool)
(declare-fun drop_bit\$a (Nat\$ A_word\$) A_word\$)
(declare-fun drop_bit\$b (Nat\$ Int) Int)
(declare-fun drop_bit\$c (Nat\$ A_signed_word\$) A_signed_word\$)
(declare-fun push_bit\$a (Nat\$ Int) Int)
(declare-fun push_bit\$b (Nat\$ A_word\$) A_word\$)
(declare-fun replicate\$ (Nat\$ Bool) Bool_list\$)
(declare-fun take_bit\$a (Nat\$ A_word\$) A_word\$)
(declare-fun take_bit\$b (Nat\$) Nat_nat_fun\$)
(declare-fun unsigned\$a (A_word\$) Nat\$)
(declare-fun unsigned\$b (A_signed_word\$) Int)
(declare-fun unsigned\$c (A_word\$) A_word\$)
(declare-fun unsigned\$d (A_signed_word\$) Nat\$)
(declare-fun unsigned\$e (A_signed_word\$) A_signed_word\$)
(declare-fun unsigned\$f (A_word\$) A_signed_word\$)
(declare-fun unsigned\$g (A_signed_word\$) A_word\$)
(declare-fun limited_and\$ (A_word\$ A_word\$) Bool)
(declare-fun possible_bit\$ (A_signed_word_itself\$)
Nat_bool_fun\$)
(declare-fun possible_bit\$a (A_word_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$b (Int_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$c (Nat_itself\$) Nat_bool_fun\$)
(declare-fun semiring_char\$ (A_word_itself\$) Nat\$)
(declare-fun semiring_char\$a (Nat_itself\$) Nat\$)
(declare-fun semiring_char\$b (Int_itself\$) Nat\$)
(declare-fun signed_take_bit\$ (Nat\$ Int) Int)
(assert (! (not (= (msb\$ (fun_app\$ (shiftr\$ x\$) r\$)) (and (= r\$
zero\$) (msb\$ x\$)))) :named a0))
(assert (! (fun_app\$a (less\$ r\$) (len_of\$ type\$)) :named a1))
(assert (! (fun_app\$a (less\$ zero\$) (len_of\$a type\$a)) :named
a2))
(assert (! (fun_app\$a (less\$ zero\$) (len_of\$ type\$)) :named a3))
(assert (! (= one\$ (fun_app\$b suc\$ zero\$)) :named a4))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a5))
(assert (! (forall ((?v0 A_word\$)) (= (nat\$ (unsigned\$ ?v0))
(unsigned\$a ?v0))) :named a6))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (shiftr\$a ?v0)
zero\$) ?v0) :pattern ((shiftr\$a ?v0)))) :named a7))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a8))
(assert (! (forall ((?v0 Int)) (! (= (fun_app\$c (shiftr\$b ?v0)
zero\$) ?v0) :pattern ((shiftr\$b ?v0)))) :named a9))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (shiftr\$a zero\$)
?v0) zero\$)) :named a10))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (shiftr\$ zero\$a)
?v0) zero\$a)) :named a11))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$c (shiftr\$b 0) ?v0)
0)) :named a12))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (possible_bit\$
type\$b) ?v0) (fun_app\$a (less\$ ?v0) (len_of\$a type\$a)))) :named a13))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (possible_bit\$a
type\$c) ?v0) (fun_app\$a (less\$ ?v0) (len_of\$ type\$)))) :named a14))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$b
(shiftr\$a ?v0) ?v1) (fun_app\$b (drop_bit\$ ?v1) ?v0)) :pattern
((fun_app\$b (shiftr\$a ?v0) ?v1)))) :named a15))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (fun_app\$
(shiftr\$ ?v0) ?v1) (drop_bit\$a ?v1 ?v0)) :pattern ((fun_app\$ (shiftr\$
?v0) ?v1)))) :named a16))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (fun_app\$c
(shiftr\$b ?v0) ?v1) (drop_bit\$b ?v1 ?v0)) :pattern ((fun_app\$c
(shiftr\$b ?v0) ?v1)))) :named a17))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$a (less\$ zero\$) ?v0))) :named a18))
(assert (! (not (= (len_of\$a type\$a) zero\$)) :named a19))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a20))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (msb\$a ?v0)
(fun_app\$a (bit\$ ?v0) (fun_app\$b (minus\$ (len_of\$a type\$a)) one\$)))
:pattern ((msb\$a ?v0)))) :named a21))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (fun_app\$a
(bit\$a ?v0) (fun_app\$b (minus\$ (len_of\$ type\$)) one\$))) :pattern ((msb\$
?v0)))) :named a22))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$a (less\$ zero\$) ?v0))) :named a23))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$))
(=> (forall ((?v2 Nat\$)) (=> (fun_app\$a (less\$ ?v2) (len_of\$a type\$a))
(= (fun_app\$a (bit\$ ?v0) ?v2) (fun_app\$a (bit\$ ?v1) ?v2)))) (= ?v0
?v1))) :named a24))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (forall
((?v2 Nat\$)) (=> (fun_app\$a (less\$ ?v2) (len_of\$ type\$)) (= (fun_app\$a
(bit\$a ?v0) ?v2) (fun_app\$a (bit\$a ?v1) ?v2)))) (= ?v0 ?v1))) :named
a25))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ ?v0) zero\$)
false)) :named a26))
(assert (! (forall ((?v0 Int)) (! (= (msb\$b ?v0) (< ?v0 0))
:pattern ((msb\$b ?v0)))) :named a27))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$a (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a28))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 Nat\$)) (! (=
(fun_app\$a (bit\$ ?v0) ?v1) (and (fun_app\$a (less\$ ?v1) (len_of\$a
type\$a)) (fun_app\$a (bit\$b (unsigned\$b ?v0)) ?v1))) :pattern
((fun_app\$a (bit\$ ?v0) ?v1)))) :named a29))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (fun_app\$a
(bit\$a ?v0) ?v1) (and (fun_app\$a (less\$ ?v1) (len_of\$ type\$))
(fun_app\$a (bit\$b (unsigned\$ ?v0)) ?v1))) :pattern ((fun_app\$a (bit\$a
?v0) ?v1)))) :named a30))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (rev\$ (replicate\$
?v0 ?v1)) (replicate\$ ?v0 ?v1))) :named a31))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$))
(=> (= (len_of\$a type\$a) zero\$) (= ?v0 ?v1))) :named a32))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (= (len_of\$
type\$) zero\$) (= ?v0 ?v1))) :named a33))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 Nat\$) (?v2 Nat\$))
(=> (and (= (and\$ ?v0 (mask\$ (fun_app\$b (plus\$ ?v1) ?v2))) ?v0)
(fun_app\$a (less\$ ?v2) (len_of\$a type\$a))) (less\$a (shiftr\$c ?v0 ?v1)
(power\$ (numeral\$ (bit0\$ one\$a)) ?v2)))) :named a34))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$) (?v2 Nat\$)) (=>
(and (= (and\$a ?v0 (mask\$a (fun_app\$b (plus\$ ?v1) ?v2))) ?v0)
(fun_app\$a (less\$ ?v2) (len_of\$ type\$))) (less\$b (fun_app\$ (shiftr\$
?v0) ?v1) (power\$a (numeral\$a (bit0\$ one\$a)) ?v2)))) :named a35))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=>
(less\$b ?v0 ?v1) (less\$b (fun_app\$ (shiftr\$ ?v0) ?v2) ?v1))) :named
a36))
(assert (! (= (to_bl\$ zero\$b) (replicate\$ (len_of\$a type\$a)
false)) :named a37))
(assert (! (= (to_bl\$a zero\$a) (replicate\$ (len_of\$ type\$)
false)) :named a38))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a39))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 A_word\$))
(=> (and (less_eq\$ ?v0 ?v1) (less\$b ?v1 ?v2)) (less\$b ?v0 ?v2))) :named
a40))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$)) (=> (and
(fun_app\$a (less_eq\$a ?v0) ?v1) (fun_app\$a (less\$ ?v1) ?v2)) (fun_app\$a
(less\$ ?v0) ?v2))) :named a41))
(assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a42))
(assert (! (forall ((?v0 Num0_itself\$)) (! (= (len_of\$b ?v0)
zero\$) :pattern ((len_of\$b ?v0)))) :named a43))
(assert (! (forall ((?v0 Nat\$)) (= (= (power\$ (numeral\$ (bit0\$
one\$a)) ?v0) zero\$b) (fun_app\$a (less_eq\$a (len_of\$a type\$a)) ?v0)))
:named a44))
(assert (! (forall ((?v0 Nat\$)) (= (= (power\$a (numeral\$a (bit0\$
one\$a)) ?v0) zero\$a) (fun_app\$a (less_eq\$a (len_of\$ type\$)) ?v0)))
:named a45))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (possible_bit\$b
type\$d) ?v0)) :named a46))
(assert (! (forall ((?v0 A_word\$)) (= (= zero\$a ?v0) (= ?v0
zero\$a))) :named a47))
(assert (! (forall ((?v0 Nat\$)) (= (= zero\$ ?v0) (= ?v0 zero\$)))
:named a48))
(assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a49))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (less_eq\$a ?v0) ?v0))
:named a50))
(assert (! (forall ((?v0 A_word\$)) (less_eq\$ ?v0 ?v0)) :named
a51))
(assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a52))
(assert (! (forall ((?v0 A_word\$)) (! (=> (not (msb\$ ?v0)) (=
(signed\$ ?v0) (unsigned\$ ?v0))) :pattern ((signed\$ ?v0)))) :named a53))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (msb\$a ?v0)
(fun_app\$a (bit\$ ?v0) (fun_app\$b (minus\$ (len_of\$a type\$a)) (fun_app\$b
suc\$ zero\$)))) :pattern ((msb\$a ?v0)))) :named a54))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (fun_app\$a
(bit\$a ?v0) (fun_app\$b (minus\$ (len_of\$ type\$)) (fun_app\$b suc\$
zero\$)))) :pattern ((msb\$ ?v0)))) :named a55))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (not
(less_eq\$ ?v0 ?v1)) (less\$b ?v1 ?v0))) :named a56))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (fun_app\$a
(less_eq\$a ?v0) ?v1)) (fun_app\$a (less\$ ?v1) ?v0))) :named a57))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a58))
(assert (! (forall ((?v0 Nat\$)) (=> (and (=> (= ?v0 zero\$)
false) (=> (not (= ?v0 zero\$)) false)) false)) :named a59))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$b
(shiftl\$ ?v0) ?v1) (fun_app\$b (push_bit\$ ?v1) ?v0)) :pattern
((fun_app\$b (shiftl\$ ?v0) ?v1)))) :named a60))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (shiftl\$a ?v0
?v1) (push_bit\$a ?v1 ?v0)) :pattern ((shiftl\$a ?v0 ?v1)))) :named a61))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (shiftl\$b
?v0 ?v1) (push_bit\$b ?v1 ?v0)) :pattern ((shiftl\$b ?v0 ?v1)))) :named
a62))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a63))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_signed_word\$))
(=> (and (= (power\$ (numeral\$ (bit0\$ one\$a)) (fun_app\$b (plus\$ ?v0)
?v1)) zero\$b) (fun_app\$a (less\$ ?v1) (len_of\$a type\$a))) (less\$a
(shiftr\$c ?v2 ?v0) (power\$ (numeral\$ (bit0\$ one\$a)) ?v1)))) :named
a64))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_word\$)) (=>
(and (= (power\$a (numeral\$a (bit0\$ one\$a)) (fun_app\$b (plus\$ ?v0) ?v1))
zero\$a) (fun_app\$a (less\$ ?v1) (len_of\$ type\$))) (less\$b (fun_app\$
(shiftr\$ ?v2) ?v0) (power\$a (numeral\$a (bit0\$ one\$a)) ?v1)))) :named
a65))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app\$a (less\$ ?v0) ?v1) false) (=> (fun_app\$a (less\$
?v1) ?v0) false))) false)) :named a66))
(assert (! (forall ((?v0 A_signed_word\$)) (= (size\$ (to_bl\$
?v0)) (len_of\$a type\$a))) :named a67))
(assert (! (forall ((?v0 A_word\$)) (= (size\$ (to_bl\$a ?v0))
(len_of\$ type\$))) :named a68))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (not (fun_app\$a ?v0 ?v2)) (exists ((?v3 Nat\$)) (and
(fun_app\$a (less\$ ?v3) ?v2) (not (fun_app\$a ?v0 ?v3)))))) (fun_app\$a
?v0 ?v1))) :named a69))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (forall ((?v3 Nat\$)) (=> (fun_app\$a (less\$ ?v3) ?v2)
(fun_app\$a ?v0 ?v3))) (fun_app\$a ?v0 ?v2))) (fun_app\$a ?v0 ?v1)))
:named a70))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (unsigned\$
(push_bit\$b ?v0 ?v1)) (take_bit\$ (size\$a ?v1) (push_bit\$a ?v0
(unsigned\$ ?v1))))) :named a71))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0) ?v0)
false)) :named a72))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (= (less\$b
?v0 ?v1) (fun_app\$a (less\$ (unsigned\$a ?v0)) (unsigned\$a ?v1)))
:pattern ((less\$b ?v0 ?v1)))) :named a73))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a74))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$a
(bit\$c (unsigned\$a ?v0)) ?v1) (and (fun_app\$a (possible_bit\$c type\$e)
?v1) (fun_app\$a (bit\$a ?v0) ?v1)))) :named a75))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$a
(bit\$b (unsigned\$ ?v0)) ?v1) (and (fun_app\$a (possible_bit\$b type\$d)
?v1) (fun_app\$a (bit\$a ?v0) ?v1)))) :named a76))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$a
(bit\$a (unsigned\$c ?v0)) ?v1) (and (fun_app\$a (possible_bit\$a type\$c)
?v1) (fun_app\$a (bit\$a ?v0) ?v1)))) :named a77))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a78))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$
(fun_app\$b of_nat\$ ?v0)) zero\$))) :named a79))
(assert (! (forall ((?v0 Nat\$)) (not (< (of_nat\$a ?v0) 0)))
:named a80))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (size\$ (replicate\$
?v0 ?v1)) ?v0)) :named a81))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
?v0))) :named a82))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (size\$b ?v0)
(len_of\$a type\$a)) :pattern ((size\$b ?v0)))) :named a83))
(assert (! (forall ((?v0 A_word\$)) (! (= (size\$a ?v0) (len_of\$
type\$)) :pattern ((size\$a ?v0)))) :named a84))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (= ?v0 ?v1))
(or (fun_app\$a (less\$ ?v0) ?v1) (fun_app\$a (less\$ ?v1) ?v0)))) :named
a85))
(assert (! (forall ((?v0 A_word\$)) (= (minus\$a ?v0 zero\$a) ?v0))
:named a86))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (minus\$ ?v0)
zero\$) ?v0)) :named a87))
(assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a88))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ zero\$) ?v0)
(not (= ?v0 zero\$)))) :named a89))
(assert (! (forall ((?v0 Nat\$)) (= (of_bl\$ (replicate\$ ?v0
false)) zero\$a)) :named a90))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a91))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat_nat_fun\$) (?v2
Nat\$)) (! (= (fun_app\$a (comp\$ ?v0 ?v1) ?v2) (fun_app\$a ?v0 (fun_app\$b
?v1 ?v2))) :pattern ((fun_app\$a (comp\$ ?v0 ?v1) ?v2)))) :named a92))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 Nat\$)) (=>
(fun_app\$a (bit\$ ?v0) ?v1) (fun_app\$a (less\$ ?v1) (len_of\$a type\$a))))
:named a93))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (=> (fun_app\$a
(bit\$a ?v0) ?v1) (fun_app\$a (less\$ ?v1) (len_of\$ type\$)))) :named a94))
(assert (! (forall ((?v0 Nat\$)) (=> (=> (= ?v0 zero\$) false)
(fun_app\$a (less\$ zero\$) ?v0))) :named a95))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (=> (less\$b ?v0
(power\$a (numeral\$a (bit0\$ one\$a)) ?v1)) (= (and\$a ?v0 (mask\$a ?v1))
?v0))) :named a96))
(assert (! (forall ((?v0 A_word\$)) (= (< (unsigned\$ ?v0) 0)
false)) :named a97))
(assert (! (forall ((?v0 A_signed_word\$)) (= (size\$ (to_bl\$
?v0)) (len_of\$a type\$a))) :named a98))
(assert (! (forall ((?v0 A_word\$)) (= (size\$ (to_bl\$a ?v0))
(len_of\$ type\$))) :named a99))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (and
(fun_app\$a ?v0 zero\$) (forall ((?v2 Nat\$)) (=> (and (fun_app\$a (less\$
zero\$) ?v2) (not (fun_app\$a ?v0 ?v2))) (exists ((?v3 Nat\$)) (and
(fun_app\$a (less\$ ?v3) ?v2) (not (fun_app\$a ?v0 ?v3))))))) (fun_app\$a
?v0 ?v1))) :named a100))
(assert (! (forall ((?v0 A_word\$)) (less_eq\$ zero\$a ?v0)) :named
a101))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a102))
(assert (! (forall ((?v0 A_word\$)) (= (of_bl\$ (to_bl\$a ?v0))
?v0)) :named a103))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0)
zero\$) false)) :named a104))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0)
(len_of\$a type\$a)) (= (unsigned\$b (power\$ (numeral\$ (bit0\$ one\$a))
?v0)) (fun_app\$c (power\$b 2) ?v0)))) :named a105))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0)
(len_of\$ type\$)) (= (unsigned\$ (power\$a (numeral\$a (bit0\$ one\$a)) ?v0))
(fun_app\$c (power\$b 2) ?v0)))) :named a106))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a107))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$a (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a108))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$d (power\$ (numeral\$
(bit0\$ one\$a)) ?v0)) (ite (fun_app\$a (less\$ ?v0) (len_of\$a type\$a))
(fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) ?v0) zero\$))) :named
a109))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$a (power\$a
(numeral\$a (bit0\$ one\$a)) ?v0)) (ite (fun_app\$a (less\$ ?v0) (len_of\$
type\$)) (fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) ?v0) zero\$)))
:named a110))
(assert (! (forall ((?v0 Nat\$)) (=> (=> (= ?v0 zero\$) false)
(fun_app\$a (less\$ zero\$) ?v0))) :named a111))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$) (?v3
A_signed_word\$)) (=> (and (fun_app\$a (less_eq\$a (fun_app\$b (plus\$
(len_of\$a type\$a)) ?v0)) (fun_app\$b (plus\$ ?v1) ?v2)) (fun_app\$a (less\$
?v1) (len_of\$a type\$a))) (= (unsigned\$d (and\$ (shiftl\$c (shiftr\$c ?v3
?v2) ?v0) (not\$ (mask\$ ?v1)))) zero\$))) :named a112))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$) (?v3
A_word\$)) (=> (and (fun_app\$a (less_eq\$a (fun_app\$b (plus\$ (len_of\$
type\$)) ?v0)) (fun_app\$b (plus\$ ?v1) ?v2)) (fun_app\$a (less\$ ?v1)
(len_of\$ type\$))) (= (unsigned\$a (and\$a (shiftl\$b (fun_app\$ (shiftr\$
?v3) ?v2) ?v0) (not\$a (mask\$a ?v1)))) zero\$))) :named a113))
(assert (! (forall ((?v0 Nat\$)) (or (fun_app\$a (less\$ zero\$)
?v0) (= zero\$ ?v0))) :named a114))
(assert (! (forall ((?v0 A_word\$)) (not (less\$b ?v0 zero\$a)))
:named a115))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0)
(len_of\$a type\$a)) (= (unsigned\$d (power\$ (numeral\$ (bit0\$ one\$a))
?v0)) (fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) ?v0)))) :named
a116))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0)
(len_of\$ type\$)) (= (unsigned\$a (power\$a (numeral\$a (bit0\$ one\$a))
?v0)) (fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) ?v0)))) :named
a117))
(assert (! (forall ((?v0 Num0_signed_signed_itself\$)) (! (=
(len_of\$c ?v0) (len_of\$d type\$f)) :pattern ((len_of\$c ?v0)))) :named
a118))
(assert (! (forall ((?v0 A_signed_signed_itself\$)) (! (=
(len_of\$e ?v0) (len_of\$a type\$a)) :pattern ((len_of\$e ?v0)))) :named
a119))
(assert (! (forall ((?v0 A_signed_itself\$)) (! (= (len_of\$a ?v0)
(len_of\$ type\$)) :pattern ((len_of\$a ?v0)))) :named a120))
(assert (! (forall ((?v0 Num0_signed_itself\$)) (! (= (len_of\$d
?v0) (len_of\$b type\$g)) :pattern ((len_of\$d ?v0)))) :named a121))
(assert (! (not (fun_app\$a (less\$ zero\$) zero\$)) :named a122))
(assert (! (not (< 0 0)) :named a123))
(assert (! (forall ((?v0 A_word\$)) (not (= (to_bl\$a ?v0) nil\$)))
:named a124))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (=> (<= 0 ?v0) (=
(nat\$ (fun_app\$c (power\$b ?v0) ?v1)) (fun_app\$b (power\$c (nat\$ ?v0))
?v1)))) :named a125))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (msb\$a ?v0) (not
(= (shiftr\$c ?v0 (fun_app\$b (minus\$ (len_of\$a type\$a)) one\$)) zero\$b)))
:pattern ((msb\$a ?v0)))) :named a126))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (not (=
(fun_app\$ (shiftr\$ ?v0) (fun_app\$b (minus\$ (len_of\$ type\$)) one\$))
zero\$a))) :pattern ((msb\$ ?v0)))) :named a127))
(assert (! (forall ((?v0 A_word\$)) (! (= (take_bit\$a zero\$ ?v0)
zero\$a) :pattern ((take_bit\$a zero\$ ?v0)))) :named a128))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (take_bit\$b
zero\$) ?v0) zero\$) :pattern ((fun_app\$b (take_bit\$b zero\$) ?v0))))
:named a129))
(assert (! (forall ((?v0 Int)) (! (= (take_bit\$ zero\$ ?v0) 0)
:pattern ((take_bit\$ zero\$ ?v0)))) :named a130))
(assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Nat\$)) (=
(fun_app\$a (bit\$b (and\$b ?v0 ?v1)) ?v2) (and (fun_app\$a (bit\$b ?v0)
?v2) (fun_app\$a (bit\$b ?v1) ?v2)))) :named a131))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=
(fun_app\$a (bit\$a (and\$a ?v0 ?v1)) ?v2) (and (fun_app\$a (bit\$a ?v0)
?v2) (fun_app\$a (bit\$a ?v1) ?v2)))) :named a132))
(assert (! (forall ((?v0 A_word\$)) (= (= zero\$a (uminus\$ ?v0))
(= zero\$a ?v0))) :named a133))
(assert (! (forall ((?v0 Int)) (= (= 0 (- ?v0)) (= 0 ?v0)))
:named a134))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ (fun_app\$b
(minus\$ (len_of\$a type\$a)) (fun_app\$b suc\$ zero\$))) ?v0) (fun_app\$a
(less_eq\$a (len_of\$a type\$a)) ?v0))) :named a135))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ (fun_app\$b
(minus\$ (len_of\$ type\$)) (fun_app\$b suc\$ zero\$))) ?v0) (fun_app\$a
(less_eq\$a (len_of\$ type\$)) ?v0))) :named a136))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (! (= (push_bit\$b
?v0 ?v1) (times\$ ?v1 (power\$a (numeral\$a (bit0\$ one\$a)) ?v0))) :pattern
((push_bit\$b ?v0 ?v1)))) :named a137))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (! (= (push_bit\$a ?v0
?v1) (times\$a ?v1 (fun_app\$c (power\$b 2) ?v0))) :pattern ((push_bit\$a
?v0 ?v1)))) :named a138))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$b
(push_bit\$ ?v0) ?v1) (fun_app\$b (times\$b ?v1) (fun_app\$b (power\$c
(numeral\$b (bit0\$ one\$a))) ?v0))) :pattern ((fun_app\$b (push_bit\$ ?v0)
?v1)))) :named a139))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ zero\$)
(fun_app\$b of_nat\$ ?v0)) (fun_app\$a (less\$ zero\$) ?v0))) :named a140))
(assert (! (forall ((?v0 Nat\$)) (= (< 0 (of_nat\$a ?v0))
(fun_app\$a (less\$ zero\$) ?v0))) :named a141))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (not (less\$b
?v0 ?v1)) (less_eq\$ ?v1 ?v0))) :named a142))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (fun_app\$a
(less\$ ?v0) ?v1)) (fun_app\$a (less_eq\$a ?v1) ?v0))) :named a143))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (< ?v0 ?v1))
(<= ?v1 ?v0))) :named a144))
(assert (! (forall ((?v0 A_word\$)) (not (less\$b ?v0 ?v0)))
:named a145))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
?v0))) :named a146))
(assert (! (forall ((?v0 Int)) (not (< ?v0 ?v0))) :named a147))
(assert (! (not (msb\$ zero\$a)) :named a148))
(assert (! (forall ((?v0 A_word\$)) (= (plus\$a ?v0 zero\$a) ?v0))
:named a149))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (plus\$ ?v0) zero\$)
?v0)) :named a150))
(assert (! (forall ((?v0 Int)) (= (+ ?v0 0) ?v0)) :named a151))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (fun_app\$b
of_nat\$ ?v0) (fun_app\$b of_nat\$ ?v1)) (= ?v0 ?v1))) :named a152))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a153))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a (bit\$c
(fun_app\$b mask\$b ?v0)) ?v1) (and (fun_app\$a (possible_bit\$c type\$e)
?v1) (fun_app\$a (less\$ ?v1) ?v0)))) :named a154))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a (bit\$a
(mask\$a ?v0)) ?v1) (and (fun_app\$a (possible_bit\$a type\$c) ?v1)
(fun_app\$a (less\$ ?v1) ?v0)))) :named a155))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a (bit\$b
(mask\$c ?v0)) ?v1) (and (fun_app\$a (possible_bit\$b type\$d) ?v1)
(fun_app\$a (less\$ ?v1) ?v0)))) :named a156))
(assert (! (= (of_nat\$b zero\$) zero\$a) :named a157))
(assert (! (= (fun_app\$b of_nat\$ zero\$) zero\$) :named a158))
(assert (! (= (of_nat\$a zero\$) 0) :named a159))
(assert (! (forall ((?v0 Nat\$)) (= (= zero\$ (fun_app\$b of_nat\$
?v0)) (= zero\$ ?v0))) :named a160))
(assert (! (forall ((?v0 Nat\$)) (= (= 0 (of_nat\$a ?v0)) (= zero\$
?v0))) :named a161))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (times\$ ?v0
?v1) (times\$ ?v1 ?v0))) :named a162))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (times\$a ?v0 ?v1)
(times\$a ?v1 ?v0))) :named a163))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$b
(times\$b ?v0) ?v1) (fun_app\$b (times\$b ?v1) ?v0))) :named a164))
(assert (! (forall ((?v0 Nat\$)) (= (= (fun_app\$b of_nat\$ ?v0)
zero\$) (= ?v0 zero\$))) :named a165))
(assert (! (forall ((?v0 Nat\$)) (= (= (of_nat\$a ?v0) 0) (= ?v0
zero\$))) :named a166))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 Nat\$)) (= (less\$a
?v0 (power\$ (numeral\$ (bit0\$ one\$a)) ?v1)) (and (fun_app\$a (less\$ ?v1)
(len_of\$a type\$a)) (forall ((?v2 Nat\$)) (=> (and (fun_app\$a (less_eq\$a
?v1) ?v2) (fun_app\$a (less\$ ?v2) (len_of\$a type\$a))) (not (fun_app\$a
(bit\$ ?v0) ?v2))))))) :named a167))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (less\$b ?v0
(power\$a (numeral\$a (bit0\$ one\$a)) ?v1)) (and (fun_app\$a (less\$ ?v1)
(len_of\$ type\$)) (forall ((?v2 Nat\$)) (=> (and (fun_app\$a (less_eq\$a
?v1) ?v2) (fun_app\$a (less\$ ?v2) (len_of\$ type\$))) (not (fun_app\$a
(bit\$a ?v0) ?v2))))))) :named a168))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a (less\$
(fun_app\$b of_nat\$ ?v0)) (fun_app\$b of_nat\$ ?v1)) (fun_app\$a (less\$
?v0) ?v1))) :named a169))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (< (of_nat\$a ?v0)
(of_nat\$a ?v1)) (fun_app\$a (less\$ ?v0) ?v1))) :named a170))
(assert (! (forall ((?v0 A_signed_word\$)) (=> (= (len_of\$a
type\$a) (len_of\$a type\$a)) (= (msb\$a (unsigned\$e ?v0)) (msb\$a ?v0))))
:named a171))
(assert (! (forall ((?v0 A_word\$)) (=> (= (len_of\$a type\$a)
(len_of\$ type\$)) (= (msb\$a (unsigned\$f ?v0)) (msb\$ ?v0)))) :named
a172))
(assert (! (forall ((?v0 A_signed_word\$)) (=> (= (len_of\$ type\$)
(len_of\$a type\$a)) (= (msb\$ (unsigned\$g ?v0)) (msb\$a ?v0)))) :named
a173))
(assert (! (forall ((?v0 A_word\$)) (=> (= (len_of\$ type\$)
(len_of\$ type\$)) (= (msb\$ (unsigned\$c ?v0)) (msb\$ ?v0)))) :named a174))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$))
(= (fun_app\$a (less\$ (fun_app\$b (times\$b (unsigned\$d ?v0)) (unsigned\$d
?v1))) (fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) (len_of\$a
type\$a))) (= (unsigned\$d (times\$c ?v0 ?v1)) (fun_app\$b (times\$b
(unsigned\$d ?v0)) (unsigned\$d ?v1))))) :named a175))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (fun_app\$a
(less\$ (fun_app\$b (times\$b (unsigned\$a ?v0)) (unsigned\$a ?v1)))
(fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) (len_of\$ type\$))) (=
(unsigned\$a (times\$ ?v0 ?v1)) (fun_app\$b (times\$b (unsigned\$a ?v0))
(unsigned\$a ?v1))))) :named a176))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (< (signed\$
?v0) 0)) :pattern ((msb\$ ?v0)))) :named a177))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$b (plus\$
?v0) ?v1) (fun_app\$b (plus\$ ?v1) ?v0))) :named a178))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (+ ?v0 ?v1) (+ ?v1
?v0))) :named a179))
(assert (! (forall ((?v0 A_word\$)) (not (less\$b ?v0 zero\$a)))
:named a180))
(assert (! (= (unsigned\$ zero\$a) 0) :named a181))
(assert (! (= (unsigned\$a zero\$a) zero\$) :named a182))
(assert (! (= (unsigned\$c zero\$a) zero\$a) :named a183))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less_eq\$a ?v0)
(fun_app\$b (minus\$ (len_of\$a type\$a)) (fun_app\$b suc\$ zero\$)))
(fun_app\$a (less\$ ?v0) (len_of\$a type\$a)))) :named a184))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less_eq\$a ?v0)
(fun_app\$b (minus\$ (len_of\$ type\$)) (fun_app\$b suc\$ zero\$))) (fun_app\$a
(less\$ ?v0) (len_of\$ type\$)))) :named a185))
(assert (! (forall ((?v0 A_word\$)) (= (less\$b zero\$a ?v0) (not
(= zero\$a ?v0)))) :named a186))
(assert (! (forall ((?v0 A_signed_word\$)) (= (= (drop_bit\$c
(fun_app\$b (minus\$ (len_of\$a type\$a)) (fun_app\$b suc\$ zero\$)) ?v0)
zero\$b) (not (fun_app\$a (bit\$ ?v0) (fun_app\$b (minus\$ (len_of\$a
type\$a)) (fun_app\$b suc\$ zero\$)))))) :named a187))
(assert (! (forall ((?v0 A_word\$)) (= (= (drop_bit\$a (fun_app\$b
(minus\$ (len_of\$ type\$)) (fun_app\$b suc\$ zero\$)) ?v0) zero\$a) (not
(fun_app\$a (bit\$a ?v0) (fun_app\$b (minus\$ (len_of\$ type\$)) (fun_app\$b
suc\$ zero\$)))))) :named a188))
(assert (! (forall ((?v0 A_word\$)) (= (not (= ?v0 zero\$a))
(less\$b zero\$a ?v0))) :named a189))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$a (unsigned\$a
?v0)) (unsigned\$ ?v0))) :named a190))
(assert (! (forall ((?v0 A_word\$)) (= (fun_app\$b of_nat\$
(unsigned\$a ?v0)) (unsigned\$a ?v0))) :named a191))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$b (unsigned\$a
?v0)) (unsigned\$c ?v0))) :named a192))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (bit\$c (fun_app\$b
(shiftr\$a ?v0) ?v1)) (comp\$ (bit\$c ?v0) (plus\$ ?v1)))) :named a193))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (bit\$a
(fun_app\$ (shiftr\$ ?v0) ?v1)) (comp\$ (bit\$a ?v0) (plus\$ ?v1)))) :named
a194))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (= (bit\$b (fun_app\$c
(shiftr\$b ?v0) ?v1)) (comp\$ (bit\$b ?v0) (plus\$ ?v1)))) :named a195))
(assert (! (forall ((?v0 A_word\$)) (= (less\$b zero\$a ?v0) (not
(= ?v0 zero\$a)))) :named a196))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (! (= (take_bit\$a
?v0 ?v1) (and\$a ?v1 (mask\$a ?v0))) :pattern ((take_bit\$a ?v0 ?v1))))
:named a197))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (! (= (take_bit\$ ?v0
?v1) (and\$b ?v1 (mask\$c ?v0))) :pattern ((take_bit\$ ?v0 ?v1)))) :named
a198))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$b
(take_bit\$b ?v0) ?v1) (fun_app\$b (and\$c ?v1) (fun_app\$b mask\$b ?v0)))
:pattern ((fun_app\$b (take_bit\$b ?v0) ?v1)))) :named a199))
(assert (! (= zero\$a (of_nat\$b zero\$)) :named a200))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less_eq\$a
(len_of\$a type\$a)) ?v0) (= (power\$ (numeral\$ (bit0\$ one\$a)) ?v0)
zero\$b))) :named a201))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less_eq\$a
(len_of\$ type\$)) ?v0) (= (power\$a (numeral\$a (bit0\$ one\$a)) ?v0)
zero\$a))) :named a202))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (unsigned\$a
(fun_app\$ (shiftr\$ ?v0) ?v1)) (fun_app\$b (divide\$ (unsigned\$a ?v0))
(fun_app\$b (power\$c (numeral\$b (bit0\$ one\$a))) ?v1)))) :named a203))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (fun_app\$a (less\$ (fun_app\$b of_nat\$ ?v0)) (fun_app\$b of_nat\$
?v1)))) :named a204))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (< (of_nat\$a ?v0) (of_nat\$a ?v1)))) :named a205))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
(fun_app\$b of_nat\$ ?v0)) (fun_app\$b of_nat\$ ?v1)) (fun_app\$a (less\$
?v0) ?v1))) :named a206))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (< (of_nat\$a ?v0)
(of_nat\$a ?v1)) (fun_app\$a (less\$ ?v0) ?v1))) :named a207))
(assert (! (= (signed\$a zero\$a) zero\$a) :named a208))
(assert (! (= (signed\$ zero\$a) 0) :named a209))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (hd\$
(to_bl\$a ?v0))) :pattern ((msb\$ ?v0)))) :named a210))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (of_nat\$b ?v0)
zero\$a)) (fun_app\$a (less\$ zero\$) ?v0))) :named a211))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (fun_app\$b of_nat\$
?v0) zero\$)) (fun_app\$a (less\$ zero\$) ?v0))) :named a212))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (of_nat\$a ?v0) 0))
(fun_app\$a (less\$ zero\$) ?v0))) :named a213))
(assert (! (forall ((?v0 Bool) (?v1 Bool_list\$)) (! (= (size\$
(cons\$ ?v0 ?v1)) (fun_app\$b suc\$ (size\$ ?v1))) :pattern ((cons\$ ?v0
?v1)))) :named a214))
(assert (! (forall ((?v0 A_word_itself\$)) (fun_app\$a
(possible_bit\$a ?v0) zero\$)) :named a215))
(assert (! (forall ((?v0 Int_itself\$)) (fun_app\$a
(possible_bit\$b ?v0) zero\$)) :named a216))
(assert (! (forall ((?v0 Int)) (= (fun_app\$a (less\$ zero\$) (nat\$
?v0)) (< 0 ?v0))) :named a217))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_word\$)) (! (=>
(fun_app\$a (less_eq\$a (len_of\$a type\$a)) ?v0) (= (shiftr\$c ?v1 ?v0)
zero\$b)) :pattern ((shiftr\$c ?v1 ?v0)))) :named a218))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (! (=> (fun_app\$a
(less_eq\$a (len_of\$ type\$)) ?v0) (= (fun_app\$ (shiftr\$ ?v1) ?v0)
zero\$a)) :pattern ((fun_app\$ (shiftr\$ ?v1) ?v0)))) :named a219))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (possible_bit\$c
type\$e) ?v0)) :named a220))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (possible_bit\$b
type\$d) ?v0)) :named a221))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_word\$)) (=>
(fun_app\$a (less\$ ?v0) (len_of\$a type\$a)) (less\$a (and\$ ?v1 (mask\$
?v0)) (power\$ (numeral\$ (bit0\$ one\$a)) ?v0)))) :named a222))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (=> (fun_app\$a
(less\$ ?v0) (len_of\$ type\$)) (less\$b (and\$a ?v1 (mask\$a ?v0)) (power\$a
(numeral\$a (bit0\$ one\$a)) ?v0)))) :named a223))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (less\$b ?v0
?v1) (less\$b zero\$a ?v1))) :named a224))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=>
(limited_and\$ ?v0 ?v1) (limited_and\$ (fun_app\$ (shiftr\$ ?v0) ?v2)
(fun_app\$ (shiftr\$ ?v1) ?v2)))) :named a225))
(assert (! (forall ((?v0 Int)) (=> (and (< 0 ?v0) (forall ((?v1
Nat\$)) (=> (and (= ?v0 (of_nat\$a ?v1)) (fun_app\$a (less\$ zero\$) ?v1))
false))) false)) :named a226))
(assert (! (= bot\$ false) :named a227))
(assert (! (forall ((?v0 Int)) (=> (< 0 ?v0) (exists ((?v1
Nat\$)) (and (fun_app\$a (less\$ zero\$) ?v1) (= ?v0 (of_nat\$a ?v1))))))
:named a228))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (msb\$a ?v0)
(less_eq\$b (power\$ (numeral\$ (bit0\$ one\$a)) (fun_app\$b (minus\$
(len_of\$a type\$a)) (fun_app\$b suc\$ zero\$))) ?v0)) :pattern ((msb\$a
?v0)))) :named a229))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (less_eq\$
(power\$a (numeral\$a (bit0\$ one\$a)) (fun_app\$b (minus\$ (len_of\$ type\$))
(fun_app\$b suc\$ zero\$))) ?v0)) :pattern ((msb\$ ?v0)))) :named a230))
(assert (! (= (= (semiring_char\$ type\$c) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$a (less\$ zero\$) ?v0) (not (= (of_nat\$b ?v0)
zero\$a))))) :named a231))
(assert (! (= (= (semiring_char\$a type\$e) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$a (less\$ zero\$) ?v0) (not (= (fun_app\$b of_nat\$
?v0) zero\$))))) :named a232))
(assert (! (= (= (semiring_char\$b type\$d) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$a (less\$ zero\$) ?v0) (not (= (of_nat\$a ?v0) 0)))))
:named a233))
(assert (! (forall ((?v0 Nat\$)) (! (= (mask\$a ?v0) (minus\$a
(power\$a (numeral\$a (bit0\$ one\$a)) ?v0) one\$b)) :pattern ((mask\$a
?v0)))) :named a234))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$a (less\$
zero\$) ?v0) (and (= (of_nat\$b ?v0) zero\$a) (forall ((?v1 Nat\$)) (=>
(and (fun_app\$a (less\$ zero\$) ?v1) (fun_app\$a (less\$ ?v1) ?v0)) (not (=
(of_nat\$b ?v1) zero\$a)))))) (= (semiring_char\$ type\$c) ?v0))) :named
a235))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$a (less\$
zero\$) ?v0) (and (= (fun_app\$b of_nat\$ ?v0) zero\$) (forall ((?v1 Nat\$))
(=> (and (fun_app\$a (less\$ zero\$) ?v1) (fun_app\$a (less\$ ?v1) ?v0))
(not (= (fun_app\$b of_nat\$ ?v1) zero\$)))))) (= (semiring_char\$a type\$e)
?v0))) :named a236))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$a (less\$
zero\$) ?v0) (and (= (of_nat\$a ?v0) 0) (forall ((?v1 Nat\$)) (=> (and
(fun_app\$a (less\$ zero\$) ?v1) (fun_app\$a (less\$ ?v1) ?v0)) (not (=
(of_nat\$a ?v1) 0)))))) (= (semiring_char\$b type\$d) ?v0))) :named a237))
(assert (! (forall ((?v0 A_word\$)) (! (=> (not (msb\$ ?v0)) (=
(signed\$a ?v0) (unsigned\$c ?v0))) :pattern ((signed\$a ?v0)))) :named
a238))
(assert (! (forall ((?v0 Int) (?v1 Int)) (=> (<= 0 ?v0) (= (nat\$
(times\$a ?v0 ?v1)) (fun_app\$b (times\$b (nat\$ ?v0)) (nat\$ ?v1)))))
:named a239))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a240))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (= (take_bit\$a
?v0 ?v1) ?v1) (= (drop_bit\$a ?v0 ?v1) zero\$a))) :named a241))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (fun_app\$b
(take_bit\$b ?v0) ?v1) ?v1) (= (fun_app\$b (drop_bit\$ ?v0) ?v1) zero\$)))
:named a242))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (= (= (take_bit\$ ?v0
?v1) ?v1) (= (drop_bit\$b ?v0 ?v1) 0))) :named a243))
(assert (! (= (semiring_char\$a type\$e) zero\$) :named a244))
(assert (! (= (semiring_char\$b type\$d) zero\$) :named a245))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (msb\$a ?v0) (=
(bin_sign\$ (signed_take_bit\$ (fun_app\$b (minus\$ (len_of\$a type\$a))
one\$) (unsigned\$b ?v0))) (- 1))) :pattern ((msb\$a ?v0)))) :named a246))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (=
(bin_sign\$ (signed_take_bit\$ (fun_app\$b (minus\$ (len_of\$ type\$)) one\$)
(unsigned\$ ?v0))) (- 1))) :pattern ((msb\$ ?v0)))) :named a247))
(assert (! (= (of_nat\$b (semiring_char\$ type\$c)) zero\$a) :named
a248))
(assert (! (= (fun_app\$b of_nat\$ (semiring_char\$a type\$e))
zero\$) :named a249))
(assert (! (= (of_nat\$a (semiring_char\$b type\$d)) 0) :named
a250))
(assert (! (= (< 0 0) false) :named a251))
(assert (! (forall ((?v0 A_word\$)) (= (minus\$a zero\$a ?v0)
(uminus\$ ?v0))) :named a252))
(assert (! (forall ((?v0 Int)) (= (- 0 ?v0) (- ?v0))) :named
a253))
(assert (! (= (fun_app\$a (less\$ zero\$) (semiring_char\$ type\$c))
(exists ((?v0 Nat\$)) (and (fun_app\$a (less\$ zero\$) ?v0) (= (of_nat\$b
?v0) zero\$a)))) :named a254))
(assert (! (= (fun_app\$a (less\$ zero\$) (semiring_char\$a type\$e))
(exists ((?v0 Nat\$)) (and (fun_app\$a (less\$ zero\$) ?v0) (= (fun_app\$b
of_nat\$ ?v0) zero\$)))) :named a255))
(assert (! (= (fun_app\$a (less\$ zero\$) (semiring_char\$b type\$d))
(exists ((?v0 Nat\$)) (and (fun_app\$a (less\$ zero\$) ?v0) (= (of_nat\$a
?v0) 0)))) :named a256))
(assert (! (forall ((?v0 A_word\$)) (= (less\$b ?v0 one\$b) (= ?v0
zero\$a))) :named a257))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a (less\$
?v0) ?v1) (< (of_nat\$a ?v0) (of_nat\$a ?v1)))) :named a258))
(assert (! (= (of_nat\$a zero\$) 0) :named a259))
(assert (! (forall ((?v0 A_word\$)) (= (not (= ?v0 zero\$a))
(less\$b zero\$a ?v0))) :named a260))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a261))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (= (less_eq\$
?v0 ?v1) (fun_app\$a (less_eq\$a (unsigned\$a ?v0)) (unsigned\$a ?v1)))
:pattern ((less_eq\$ ?v0 ?v1)))) :named a262))
(assert (! (forall ((?v0 Int)) (=> (and (< ?v0 0) (forall ((?v1
Nat\$)) (=> (and (= ?v0 (- (of_nat\$a ?v1))) (fun_app\$a (less\$ zero\$)
?v1)) false))) false)) :named a263))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (less\$b (of_nat\$b
?v0) (of_nat\$b ?v1)) (fun_app\$a (less\$ (fun_app\$b (take_bit\$b (len_of\$
type\$)) ?v0)) (fun_app\$b (take_bit\$b (len_of\$ type\$)) ?v1)))) :named
a264))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (=
(word_sle\$ ?v0 ?v1) (and (=> (msb\$ ?v1) (msb\$ ?v0)) (or (and (msb\$ ?v0)
(not (msb\$ ?v1))) (less_eq\$ ?v0 ?v1)))) :pattern ((word_sle\$ ?v0
?v1)))) :named a265))
(assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a266))
(assert (! (forall ((?v0 Int)) (= (* 0 ?v0) 0)) :named a267))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (times\$b zero\$)
?v0) zero\$)) :named a268))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) (- ?v1))
(= ?v0 ?v1))) :named a269))
(assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a270))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (=> (fun_app\$a
(less\$ ?v0) (len_of\$ type\$)) (= (fun_app\$a (nth\$ (to_bl\$a ?v1)) ?v0)
(fun_app\$a (bit\$a ?v1) (fun_app\$b (minus\$ (len_of\$ type\$)) (fun_app\$b
suc\$ ?v0)))))) :named a271))
(assert (! (= 0 0) :named a272))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_word\$)) (=>
(and (fun_app\$a (less_eq\$a (fun_app\$b (minus\$ (fun_app\$b (power\$c
(numeral\$b (bit0\$ one\$a))) (fun_app\$b (minus\$ (len_of\$ type\$)) ?v0)))
one\$)) ?v1) (fun_app\$a (less\$ zero\$) ?v0)) (fun_app\$a (less_eq\$a
(unsigned\$a (fun_app\$ (shiftr\$ ?v2) ?v0))) ?v1))) :named a273))
(assert (! (= (sub\$ one\$a one\$a) 0) :named a274))
(assert (! (forall ((?v0 Int)) (= (= (- ?v0) 0) (= ?v0 0)))
:named a275))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (= (< (drop_bit\$b ?v0
?v1) 0) (< ?v1 0))) :named a276))
(assert (! (forall ((?v0 Int)) (= (= ?v0 (- ?v0)) (= ?v0 0)))
:named a277))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (plus\$ zero\$) ?v0)
?v0)) :named a278))
(assert (! (forall ((?v0 Int)) (= (+ 0 ?v0) ?v0)) :named a279))
(assert (! (forall ((?v0 Int)) (= (= (- ?v0) ?v0) (= ?v0 0)))
:named a280))
(assert (! (forall ((?v0 Int)) (! (= (fun_app\$c (power\$b ?v0)
zero\$) 1) :pattern ((power\$b ?v0)))) :named a281))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (power\$c ?v0)
zero\$) one\$) :pattern ((power\$c ?v0)))) :named a282))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) (- ?v1))
(< ?v1 ?v0))) :named a283))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (take_bit\$b ?v0)
zero\$) zero\$)) :named a284))
(assert (! (forall ((?v0 Nat\$)) (= (take_bit\$ ?v0 0) 0)) :named
a285))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (= (msb\$b (fun_app\$c
(shiftr\$b ?v0) ?v1)) (msb\$b ?v0))) :named a286))
(assert (! (forall ((?v0 Int)) (= (< ?v0 (- ?v0)) (< ?v0 0)))
:named a287))
(assert (! (forall ((?v0 Int)) (= (< (- ?v0) ?v0) (< 0 ?v0)))
:named a288))
(assert (! (forall ((?v0 Int)) (= (< 0 (- ?v0)) (< ?v0 0)))
:named a289))
(assert (! (forall ((?v0 Int)) (= (< (- ?v0) 0) (< 0 ?v0)))
:named a290))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (less_eq\$a zero\$)
?v0)) :named a291))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (times\$b ?v0)
zero\$) zero\$) :pattern ((times\$b ?v0)))) :named a292))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (- (of_nat\$a
?v0)) (of_nat\$a ?v1)) (and (= ?v0 zero\$) (= ?v1 zero\$)))) :named a293))
(assert (! (= (numeral\$b one\$a) one\$) :named a294))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (take_bit\$ ?v0
(of_nat\$a ?v1)) (of_nat\$a (fun_app\$b (take_bit\$b ?v0) ?v1)))) :named
a295))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.006s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
0 < LENGTH('a signed signed)
0 < LENGTH('a signed)
0 < LENGTH('a)
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
(x >> 0 = x)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀a. (a ≠ 0) = (0 < a)
∀n. (n ≠ 0) = (0 < n)
∀n. (n < 0) = False
∀n. (¬ 0 < n) = (n = 0)
LENGTH('a signed signed) ≠ 0
LENGTH('a signed) ≠ 0
LENGTH('a) ≠ 0
∀w v. LENGTH('a signed signed) = 0 ⟶ w = v
∀w v. LENGTH('a signed) = 0 ⟶ w = v
∀w v. LENGTH('a) = 0 ⟶ w = v
∀a. ¬ a < 0
∀uu. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of uu = 0)
∀w k n. w < k ⟶ w >> n < k
∀w k n. w < k ⟶ w >> n < k
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
∀n. n < n ⟶ False
∀s t. s < t ⟶ s ≠ t
∀n m. n < m ⟶ m ≠ n
∀n. ¬ n < n
∀m n. (m ≠ n) = (m < n ∨ n < m)
∀n. (0 < n) = (n ≠ 0)
∀m n. m < n ⟶ n ≠ 0
∀n. ¬ n < 0
∀n. (n = 0 ⟶ False) ⟶ 0 < n
∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀m n. m < n ⟶ n ≠ 0
∀n<0. False
∀n. ¬ n < 0
∀n. (¬ 0 < n) = (n = 0)
∀n. (n = 0 ⟶ False) ⟶ 0 < n
∀y. 0 < y ∨ 0 = y
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a signed signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0 signed signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0 signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0))
¬ 0 < 0
¬ 0 < 0
∀n. (0 < of_nat n) = (0 < n)
∀n. (0 < int n) = (0 < n)
∀m. possible_bit TYPE('a signed signed word) m = (m < LENGTH('a
signed signed))
∀m. possible_bit TYPE('a signed word) m = (m < LENGTH('a
signed))
∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
¬ msb 0
∀m n. (of_nat m = of_nat n) = (m = n)
∀m n. (int m = int n) = (m = n)
word_of_nat 0 = 0
word_of_nat 0 = 0
of_nat 0 = 0
int 0 = 0
∀n. (0 = of_nat n) = (0 = n)
∀n. (0 = int n) = (0 = n)
∀m. (of_nat m = 0) = (m = 0)
∀m. (int m = 0) = (m = 0)
∀m n. (of_nat m < of_nat n) = (m < n)
∀m n. (int m < int n) = (m < n)
∀x. ¬ x < 0
∀x. ¬ x < 0
∀a. ¬ a < 0
∀a. ¬ a < 0
∀y. (0 < y) = (0 ≠ y)
∀y. (0 < y) = (0 ≠ y)
∀w. (w ≠ 0) = (0 < w)
∀w. (w ≠ 0) = (0 < w)
∀a. (0 < a) = (a ≠ 0)
∀a. (0 < a) = (a ≠ 0)
0 = word_of_nat 0
0 = word_of_nat 0
∀m. ¬ of_nat m < 0
∀m. ¬ int m < 0
∀m n. m < n ⟶ of_nat m < of_nat n
∀m n. m < n ⟶ int m < int n
∀m n. of_nat m < of_nat n ⟶ m < n
∀m n. int m < int n ⟶ m < n
∀k. word_of_nat k ≠ 0 ⟶ 0 < k
∀k. word_of_nat k ≠ 0 ⟶ 0 < k
∀k. of_nat k ≠ 0 ⟶ 0 < k
∀k. int k ≠ 0 ⟶ 0 < k
∀ty. possible_bit ty 0
∀ty. possible_bit ty 0
∀ty. possible_bit ty 0
∀ty. possible_bit ty 0
∀n. possible_bit TYPE(int) n
∀n. possible_bit TYPE(nat) n
∀a n. a < n ⟶ 0 < n
∀a n. a < n ⟶ 0 < n
∀k. 0 < k ∧ (∀n. k = int n ∧ 0 < n ⟶ False) ⟶ False
∀k>0. ∃n>0. k = int n
(CHAR('a signed word) = 0) = (∀n>0. word_of_nat n ≠ 0)
(CHAR('a word) = 0) = (∀n>0. word_of_nat n ≠ 0)
(CHAR(nat) = 0) = (∀n>0. of_nat n ≠ 0)
(CHAR(int) = 0) = (∀n>0. int n ≠ 0)
∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
CHAR('a signed word) = c
∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
CHAR('a word) = c
∀c. 0 < c ∧ of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ of_nat x ≠ 0) ⟶
CHAR(nat) = c
∀c. 0 < c ∧ int c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ int x ≠ 0) ⟶
CHAR(int) = c
∀m n. (int m = int n) = (m = n)
CHAR(int) = 0
CHAR(nat) = 0
word_of_nat CHAR('a signed word) = 0
word_of_nat CHAR('a word) = 0
of_nat CHAR(nat) = 0
int CHAR(int) = 0
(0 < 0) = False
(0 < CHAR('a signed word)) = (∃n>0. word_of_nat n = 0)
(0 < CHAR('a word)) = (∃n>0. word_of_nat n = 0)
(0 < CHAR(nat)) = (∃n>0. of_nat n = 0)
(0 < CHAR(int)) = (∃n>0. int n = 0)
∀a b. (a < b) = (int a < int b)
int 0 = 0
∀x y. (int x = int y) = (x = y)
∀k. k < 0 ∧ (∀n. k = - int n ∧ 0 < n ⟶ False) ⟶ False
∀m n. (word_of_nat m < word_of_nat n) =
(take_bit LENGTH('a signed signed) m < take_bit LENGTH('a
signed signed) n)
∀m n. (word_of_nat m < word_of_nat n) =
(take_bit LENGTH('a signed) m < take_bit LENGTH('a signed)
n)
∀m n. (word_of_nat m < word_of_nat n) = (take_bit LENGTH('a) m <
take_bit LENGTH('a) n)
∀a. - (- a) = a
∀a. - (- a) = a
∀a b. (- a = - b) = (a = b)
∀a b. (- a = - b) = (a = b)
∀b. - (- b) = b
∀b. - (- b) = b
- 0 = 0
0 = 0
∀a. (0 = - a) = (0 = a)
∀a. (0 = - a) = (0 = a)
∀a. (- a = 0) = (a = 0)
∀a. (- a = 0) = (a = 0)
∀a. (a = - a) = (a = 0)
∀a. (- a = a) = (a = 0)
∀b a. (- b < - a) = (a < b)
∀n. take_bit n 0 = 0
∀n. take_bit n 0 = 0
∀n. take_bit n 0 = 0
∀n. take_bit n 0 = 0
∀a. (a < - a) = (a < 0)
∀a. (- a < a) = (0 < a)
∀a. (0 < - a) = (a < 0)
∀a. (- a < 0) = (0 < a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit 0 a = 0)
∀n m. (- int n = int m) = (n = 0 ∧ m = 0)
∀n m. take_bit n (word_of_nat m) = word_of_nat (take_bit n m)
∀n m. take_bit n (of_nat m) = of_nat (take_bit n m)
∀n m. take_bit n (word_of_nat m) = word_of_nat (take_bit n m)
∀n m. take_bit n (int m) = int (take_bit n m)
∀a b. a < b ⟶ - b < - a
∀a b. (a = - b) = (b = - a)
∀a b. (a = - b) = (b = - a)
∀a b. (- a = b) = (- b = a)
∀a b. (- a = b) = (- b = a)
∀a b. a = b ⟶ - a = - b
∀a b. (a < - b) = (b < - a)
∀a b. (- a < b) = (- b < a)
0 = 0
∀z. (∀n. z = int n ⟶ False) ∧ (∀n. z = - int n ⟶ False) ⟶ False
∀n m. ¬ int n < - int m
∀m. (∀n. m = int n ⟶ False) ∧ (∀n. 0 < n ∧ m = - int n ⟶ False)
⟶ False
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < a) = False)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < a) = False)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < a) = False)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < a) = False)
∀a b. (a = b) = (int a = int b)
∀x y. int x = int y ⟶ x = y
∀P a b. int (if P then a else b) = (if P then int a else int b)
∀k. (k = 0 ⟶ False) ∧
(∀n. k = int n ∧ 0 < n ⟶ False) ∧ (∀n. k = - int n ∧ 0 < n ⟶
False) ⟶
False
∀m n. (word_of_nat m = word_of_nat n) =
(take_bit LENGTH('a signed signed) m = take_bit LENGTH('a
signed signed) n)
∀m n. (word_of_nat m = word_of_nat n) =
(take_bit LENGTH('a signed) m = take_bit LENGTH('a signed)
n)
∀m n. (word_of_nat m = word_of_nat n) = (take_bit LENGTH('a) m =
take_bit LENGTH('a) n)
∀w. take_bit LENGTH('a signed signed) w = w
∀w. take_bit LENGTH('a signed) w = w
∀w. take_bit LENGTH('a) w = w
∀n k. take_bit n (- take_bit n k) = take_bit n (- k)
∀n k. ¬ take_bit n k < 0
∀k n. (k < take_bit n k) = (k < 0)
take_bit LENGTH('a signed signed) 0 = take_bit LENGTH('a signed
signed) 0
take_bit LENGTH('a signed) 0 = take_bit LENGTH('a signed) 0
take_bit LENGTH('a) 0 = take_bit LENGTH('a) 0
∀n. uint (word_of_nat n) = int (take_bit LENGTH('a) n)
∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a) n)
∀n. UCAST('a → 'a) (word_of_nat n) = word_of_nat (take_bit
LENGTH('a) n)
∀n. uint (word_of_nat n) = int (take_bit LENGTH('a signed) n)
∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a signed) n)
∀n. UCAST('a signed → 'a) (word_of_nat n) = word_of_nat
(take_bit LENGTH('a signed) n)
∀n. UCAST('a → 'a signed) (word_of_nat n) = word_of_nat
(take_bit LENGTH('a) n)
∀n. uint (word_of_nat n) = int (take_bit LENGTH('a signed
signed) n)
∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a signed
signed) n)
∀n. UCAST('a signed → 'a signed) (word_of_nat n) =
word_of_nat (take_bit LENGTH('a signed) n)
∀z. (0 < nat z) = (0 < z)
∀n w. sint (take_bit n w) =
(if n < LENGTH('a signed signed) then take_bit n (sint w)
else sint w)
∀n w. SCAST('a signed signed → 'a) (take_bit n w) =
(if n < LENGTH('a signed signed) then take_bit n (SCAST('a
signed signed → 'a) w)
else SCAST('a signed signed → 'a) w)
∀n w. SCAST('a signed signed → 'a signed) (take_bit n w) =
(if n < LENGTH('a signed signed)
then take_bit n (SCAST('a signed signed → 'a signed) w)
else SCAST('a signed signed → 'a signed) w)
∀n w. SCAST('a → 'a signed) (take_bit n w) =
(if n < LENGTH('a) then take_bit n (SCAST('a → 'a signed)
w)
else SCAST('a → 'a signed) w)
∀n w. SCAST('a signed → 'a signed) (take_bit n w) =
(if n < LENGTH('a signed) then take_bit n (SCAST('a signed
→ 'a signed) w)
else SCAST('a signed → 'a signed) w)
∀n w. sint (take_bit n w) =
(if n < LENGTH('a signed) then take_bit n (sint w) else
sint w)
∀n w. SCAST('a signed → 'a) (take_bit n w) =
(if n < LENGTH('a signed) then take_bit n (SCAST('a signed
→ 'a) w)
else SCAST('a signed → 'a) w)
∀n w. SCAST('a → 'a) (take_bit n w) =
(if n < LENGTH('a) then take_bit n (SCAST('a → 'a) w) else
SCAST('a → 'a) w)
∀n w. sint (take_bit n w) = (if n < LENGTH('a) then take_bit n
(sint w) else sint w)
∀x. SCAST('a signed → 'a signed signed) (word_of_nat x) =
word_of_nat x
∀x. SCAST('a → 'a signed) (word_of_nat x) = word_of_nat x
∀x. SCAST('a signed signed → 'a signed) (word_of_nat x) =
word_of_nat x
∀x. SCAST('a signed → 'a) (word_of_nat x) = word_of_nat x
∀x. word_of_nat (unat x) = x
∀x. word_of_nat (unat x) = x
∀w. int (unat w) = uint w
∀w. word_of_nat (unat w) = UCAST('a → 'a signed) w
∀w. word_of_nat (unat w) = UCAST('a → 'a) w
∀w. of_nat (unat w) = unat w
∀w. int (unat w) = uint w
∀x. (uint x < 0) = False
SMT: Names:
sorts:
Nat\$ = nat
A_word\$ = 'a word
A_itself\$ = 'a itself
Int_itself\$ = int itself
Nat_itself\$ = nat itself
Nat_int_fun\$ = nat ⇒ int
Nat_nat_fun\$ = nat ⇒ nat
Num0_itself\$ = 0 itself
Int_bool_fun\$ = int ⇒ bool
Nat_bool_fun\$ = nat ⇒ bool
A_signed_word\$ = 'a signed word
A_word_itself\$ = 'a word itself
Nat_a_word_fun\$ = nat ⇒ 'a word
A_signed_itself\$ = 'a signed itself
A_word_bool_fun\$ = 'a word ⇒ bool
Num0_signed_itself\$ = 0 signed itself
A_signed_signed_word\$ = 'a signed signed word
A_signed_word_itself\$ = 'a signed word itself
A_signed_signed_itself\$ = 'a signed signed itself
A_signed_word_bool_fun\$ = 'a signed word ⇒ bool
Num0_signed_signed_itself\$ = 0 signed signed itself
A_signed_signed_word_itself\$ = 'a signed signed word itself
A_signed_signed_signed_itself\$ = 'a signed signed signed
itself
Num0_signed_signed_signed_itself\$ = 0 signed signed signed
itself
functions:
r\$ = r
x\$ = x
uu\$ = uu
msb\$ = msb
nat\$ = nat
less\$ = (<)
type\$ = TYPE('a)
zero\$ = 0
less\$a = (<)
less\$b = (<)
less\$c = (<)
type\$a = TYPE('a signed signed)
type\$b = TYPE('a signed)
type\$c = TYPE(0 signed signed)
type\$d = TYPE(0 signed)
type\$e = TYPE(0)
type\$f = TYPE('a signed signed word)
type\$g = TYPE('a signed word)
type\$h = TYPE('a word)
type\$i = TYPE(int)
type\$j = TYPE(nat)
zero\$a = 0
zero\$b = 0
len_of\$ = len_of
of_nat\$ = of_nat
shiftr\$ = (>>)
signed\$ = sint
uminus\$ = uminus
fun_app\$ = SMT.fun_app
len_of\$a = len_of
len_of\$b = len_of
len_of\$c = len_of
len_of\$d = len_of
len_of\$e = len_of
len_of\$f = len_of
len_of\$g = len_of
of_nat\$a = int
of_nat\$b = word_of_nat
of_nat\$c = word_of_nat
of_nat\$d = word_of_nat
shiftr\$a = (>>)
shiftr\$b = (>>)
shiftr\$c = (>>)
signed\$a = SCAST('a signed signed → 'a)
signed\$b = SCAST('a signed signed → 'a signed)
signed\$c = SCAST('a → 'a signed)
signed\$d = SCAST('a signed → 'a signed)
signed\$e = sint
signed\$f = SCAST('a signed → 'a)
signed\$g = SCAST('a → 'a)
signed\$h = sint
signed\$i = SCAST('a signed → 'a signed signed)
fun_app\$a = SMT.fun_app
fun_app\$b = SMT.fun_app
fun_app\$c = SMT.fun_app
fun_app\$d = SMT.fun_app
fun_app\$e = SMT.fun_app
fun_app\$f = SMT.fun_app
take_bit\$ = take_bit
unsigned\$ = uint
take_bit\$a = take_bit
take_bit\$b = take_bit
take_bit\$c = take_bit
take_bit\$d = take_bit
unsigned\$a = unat
unsigned\$b = UCAST('a → 'a)
unsigned\$c = uint
unsigned\$d = unat
unsigned\$e = UCAST('a signed → 'a)
unsigned\$f = UCAST('a → 'a signed)
unsigned\$g = uint
unsigned\$h = unat
unsigned\$i = UCAST('a signed → 'a signed)
possible_bit\$ = possible_bit
possible_bit\$a = possible_bit
possible_bit\$b = possible_bit
possible_bit\$c = possible_bit
possible_bit\$d = possible_bit
semiring_char\$ = semiring_char
semiring_char\$a = semiring_char
semiring_char\$b = semiring_char
semiring_char\$c = semiring_char
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9955
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Int_itself\$ 0)
(declare-sort Nat_itself\$ 0)
(declare-sort Nat_int_fun\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort Num0_itself\$ 0)
(declare-sort Int_bool_fun\$ 0)
(declare-sort Nat_bool_fun\$ 0)
(declare-sort A_signed_word\$ 0)
(declare-sort A_word_itself\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-sort A_signed_itself\$ 0)
(declare-sort A_word_bool_fun\$ 0)
(declare-sort Num0_signed_itself\$ 0)
(declare-sort A_signed_signed_word\$ 0)
(declare-sort A_signed_word_itself\$ 0)
(declare-sort A_signed_signed_itself\$ 0)
(declare-sort A_signed_word_bool_fun\$ 0)
(declare-sort Num0_signed_signed_itself\$ 0)
(declare-sort A_signed_signed_word_itself\$ 0)
(declare-sort A_signed_signed_signed_itself\$ 0)
(declare-sort Num0_signed_signed_signed_itself\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun uu\$ (Int) Int_bool_fun\$)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun nat\$ (Int) Nat\$)
(declare-fun less\$ (Nat\$) Nat_bool_fun\$)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun less\$a (A_signed_word\$) A_signed_word_bool_fun\$)
(declare-fun less\$b (A_word\$) A_word_bool_fun\$)
(declare-fun less\$c (A_signed_signed_word\$
A_signed_signed_word\$) Bool)
(declare-fun type\$a () A_signed_signed_itself\$)
(declare-fun type\$b () A_signed_itself\$)
(declare-fun type\$c () Num0_signed_signed_itself\$)
(declare-fun type\$d () Num0_signed_itself\$)
(declare-fun type\$e () Num0_itself\$)
(declare-fun type\$f () A_signed_signed_word_itself\$)
(declare-fun type\$g () A_signed_word_itself\$)
(declare-fun type\$h () A_word_itself\$)
(declare-fun type\$i () Int_itself\$)
(declare-fun type\$j () Nat_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun zero\$b () A_signed_word\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun of_nat\$ (Nat\$) Nat\$)
(declare-fun shiftr\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun signed\$ (A_signed_signed_word\$) Int)
(declare-fun uminus\$ (A_word\$) A_word\$)
(declare-fun fun_app\$ (Int_bool_fun\$ Int) Bool)
(declare-fun len_of\$a (A_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$b (A_signed_itself\$) Nat\$)
(declare-fun len_of\$c (Num0_itself\$) Nat\$)
(declare-fun len_of\$d (A_signed_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$e (Num0_signed_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$f (Num0_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$g (Num0_signed_itself\$) Nat\$)
(declare-fun of_nat\$a (Nat\$) Int)
(declare-fun of_nat\$b (Nat\$) A_signed_word\$)
(declare-fun of_nat\$c (Nat\$) A_word\$)
(declare-fun of_nat\$d (Nat\$) A_signed_signed_word\$)
(declare-fun shiftr\$a (Int) Nat_int_fun\$)
(declare-fun shiftr\$b (Nat\$) Nat_nat_fun\$)
(declare-fun shiftr\$c (A_signed_word\$ Nat\$) A_signed_word\$)
(declare-fun signed\$a (A_signed_signed_word\$) A_word\$)
(declare-fun signed\$b (A_signed_signed_word\$) A_signed_word\$)
(declare-fun signed\$c (A_word\$) A_signed_word\$)
(declare-fun signed\$d (A_signed_word\$) A_signed_word\$)
(declare-fun signed\$e (A_signed_word\$) Int)
(declare-fun signed\$f (A_signed_word\$) A_word\$)
(declare-fun signed\$g (A_word\$) A_word\$)
(declare-fun signed\$h (A_word\$) Int)
(declare-fun signed\$i (A_signed_word\$) A_signed_signed_word\$)
(declare-fun fun_app\$a (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun fun_app\$b (Nat_bool_fun\$ Nat\$) Bool)
(declare-fun fun_app\$c (Nat_int_fun\$ Nat\$) Int)
(declare-fun fun_app\$d (Nat_nat_fun\$ Nat\$) Nat\$)
(declare-fun fun_app\$e (A_signed_word_bool_fun\$ A_signed_word\$)
Bool)
(declare-fun fun_app\$f (A_word_bool_fun\$ A_word\$) Bool)
(declare-fun take_bit\$ (Nat\$ Nat\$) Nat\$)
(declare-fun unsigned\$ (A_word\$) Int)
(declare-fun take_bit\$a (Nat\$ A_signed_word\$) A_signed_word\$)
(declare-fun take_bit\$b (Nat\$ A_word\$) A_word\$)
(declare-fun take_bit\$c (Nat\$ Int) Int)
(declare-fun take_bit\$d (Nat\$ A_signed_signed_word\$)
A_signed_signed_word\$)
(declare-fun unsigned\$a (A_word\$) Nat\$)
(declare-fun unsigned\$b (A_word\$) A_word\$)
(declare-fun unsigned\$c (A_signed_word\$) Int)
(declare-fun unsigned\$d (A_signed_word\$) Nat\$)
(declare-fun unsigned\$e (A_signed_word\$) A_word\$)
(declare-fun unsigned\$f (A_word\$) A_signed_word\$)
(declare-fun unsigned\$g (A_signed_signed_word\$) Int)
(declare-fun unsigned\$h (A_signed_signed_word\$) Nat\$)
(declare-fun unsigned\$i (A_signed_word\$) A_signed_word\$)
(declare-fun possible_bit\$ (A_signed_signed_word_itself\$)
Nat_bool_fun\$)
(declare-fun possible_bit\$a (A_signed_word_itself\$)
Nat_bool_fun\$)
(declare-fun possible_bit\$b (A_word_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$c (Nat_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$d (Int_itself\$) Nat_bool_fun\$)
(declare-fun semiring_char\$ (A_signed_word_itself\$) Nat\$)
(declare-fun semiring_char\$a (A_word_itself\$) Nat\$)
(declare-fun semiring_char\$b (Nat_itself\$) Nat\$)
(declare-fun semiring_char\$c (Int_itself\$) Nat\$)
(assert (! (forall ((?v0 Int) (?v1 Int)) (! (= (fun_app\$ (uu\$
?v0) ?v1) (< ?v0 ?v1)) :pattern ((fun_app\$ (uu\$ ?v0) ?v1)))) :named
a0))
(assert (! (not (= (msb\$ (fun_app\$a (shiftr\$ x\$) r\$)) (and (= r\$
zero\$) (msb\$ x\$)))) :named a1))
(assert (! (fun_app\$b (less\$ r\$) (len_of\$ type\$)) :named a2))
(assert (! (fun_app\$b (less\$ zero\$) (len_of\$a type\$a)) :named
a3))
(assert (! (fun_app\$b (less\$ zero\$) (len_of\$b type\$b)) :named
a4))
(assert (! (fun_app\$b (less\$ zero\$) (len_of\$ type\$)) :named a5))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$a (shiftr\$
?v0) zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a6))
(assert (! (forall ((?v0 Int)) (! (= (fun_app\$c (shiftr\$a ?v0)
zero\$) ?v0) :pattern ((shiftr\$a ?v0)))) :named a7))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$d (shiftr\$b ?v0)
zero\$) ?v0) :pattern ((shiftr\$b ?v0)))) :named a8))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$a (shiftr\$
?v0) zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a9))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$d (shiftr\$b zero\$)
?v0) zero\$)) :named a10))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$c (shiftr\$a 0) ?v0)
0)) :named a11))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (shiftr\$ zero\$a)
?v0) zero\$a)) :named a12))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$b (less\$ zero\$) ?v0))) :named a13))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$b (less\$ zero\$) ?v0))) :named a14))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (less\$ ?v0) zero\$)
false)) :named a15))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$b (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a16))
(assert (! (not (= (len_of\$a type\$a) zero\$)) :named a17))
(assert (! (not (= (len_of\$b type\$b) zero\$)) :named a18))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a19))
(assert (! (forall ((?v0 A_signed_signed_word\$) (?v1
A_signed_signed_word\$)) (=> (= (len_of\$a type\$a) zero\$) (= ?v0 ?v1)))
:named a20))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$))
(=> (= (len_of\$b type\$b) zero\$) (= ?v0 ?v1))) :named a21))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (= (len_of\$
type\$) zero\$) (= ?v0 ?v1))) :named a22))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$b (less\$ ?v0)
zero\$))) :named a23))
(assert (! (forall ((?v0 Num0_itself\$)) (! (= (len_of\$c ?v0)
zero\$) :pattern ((len_of\$c ?v0)))) :named a24))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$)
(?v2 Nat\$)) (=> (fun_app\$e (less\$a ?v0) ?v1) (fun_app\$e (less\$a
(shiftr\$c ?v0 ?v2)) ?v1))) :named a25))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=>
(fun_app\$f (less\$b ?v0) ?v1) (fun_app\$f (less\$b (fun_app\$a (shiftr\$
?v0) ?v2)) ?v1))) :named a26))
(assert (! (forall ((?v0 A_word\$)) (= (= zero\$a ?v0) (= ?v0
zero\$a))) :named a27))
(assert (! (forall ((?v0 Nat\$)) (= (= zero\$ ?v0) (= ?v0 zero\$)))
:named a28))
(assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a29))
(assert (! (forall ((?v0 Nat\$)) (=> (and (=> (= ?v0 zero\$)
false) (=> (not (= ?v0 zero\$)) false)) false)) :named a30))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app\$b (less\$ ?v0) ?v1) false) (=> (fun_app\$b (less\$
?v1) ?v0) false))) false)) :named a31))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (not (fun_app\$b ?v0 ?v2)) (exists ((?v3 Nat\$)) (and
(fun_app\$b (less\$ ?v3) ?v2) (not (fun_app\$b ?v0 ?v3)))))) (fun_app\$b
?v0 ?v1))) :named a32))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (forall ((?v3 Nat\$)) (=> (fun_app\$b (less\$ ?v3) ?v2)
(fun_app\$b ?v0 ?v3))) (fun_app\$b ?v0 ?v2))) (fun_app\$b ?v0 ?v1)))
:named a33))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$b (less\$ ?v0) ?v0)
false)) :named a34))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a35))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a36))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$b (less\$ ?v0)
?v0))) :named a37))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (= ?v0 ?v1))
(or (fun_app\$b (less\$ ?v0) ?v1) (fun_app\$b (less\$ ?v1) ?v0)))) :named
a38))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (less\$ zero\$) ?v0)
(not (= ?v0 zero\$)))) :named a39))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a40))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$b (less\$ ?v0)
zero\$))) :named a41))
(assert (! (forall ((?v0 Nat\$)) (=> (=> (= ?v0 zero\$) false)
(fun_app\$b (less\$ zero\$) ?v0))) :named a42))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (and
(fun_app\$b ?v0 zero\$) (forall ((?v2 Nat\$)) (=> (and (fun_app\$b (less\$
zero\$) ?v2) (not (fun_app\$b ?v0 ?v2))) (exists ((?v3 Nat\$)) (and
(fun_app\$b (less\$ ?v3) ?v2) (not (fun_app\$b ?v0 ?v3))))))) (fun_app\$b
?v0 ?v1))) :named a43))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a44))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$b (less\$ ?v0)
zero\$) false)) :named a45))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$b (less\$ ?v0)
zero\$))) :named a46))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$b (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a47))
(assert (! (forall ((?v0 Nat\$)) (=> (=> (= ?v0 zero\$) false)
(fun_app\$b (less\$ zero\$) ?v0))) :named a48))
(assert (! (forall ((?v0 Nat\$)) (or (fun_app\$b (less\$ zero\$)
?v0) (= zero\$ ?v0))) :named a49))
(assert (! (forall ((?v0 A_signed_signed_signed_itself\$)) (! (=
(len_of\$d ?v0) (len_of\$a type\$a)) :pattern ((len_of\$d ?v0)))) :named
a50))
(assert (! (forall ((?v0 Num0_signed_signed_signed_itself\$)) (!
(= (len_of\$e ?v0) (len_of\$f type\$c)) :pattern ((len_of\$e ?v0)))) :named
a51))
(assert (! (forall ((?v0 Num0_signed_signed_itself\$)) (! (=
(len_of\$f ?v0) (len_of\$g type\$d)) :pattern ((len_of\$f ?v0)))) :named
a52))
(assert (! (forall ((?v0 A_signed_signed_itself\$)) (! (=
(len_of\$a ?v0) (len_of\$b type\$b)) :pattern ((len_of\$a ?v0)))) :named
a53))
(assert (! (forall ((?v0 A_signed_itself\$)) (! (= (len_of\$b ?v0)
(len_of\$ type\$)) :pattern ((len_of\$b ?v0)))) :named a54))
(assert (! (forall ((?v0 Num0_signed_itself\$)) (! (= (len_of\$g
?v0) (len_of\$c type\$e)) :pattern ((len_of\$g ?v0)))) :named a55))
(assert (! (not (fun_app\$b (less\$ zero\$) zero\$)) :named a56))
(assert (! (not (< 0 0)) :named a57))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (less\$ zero\$)
(of_nat\$ ?v0)) (fun_app\$b (less\$ zero\$) ?v0))) :named a58))
(assert (! (forall ((?v0 Nat\$)) (= (< 0 (of_nat\$a ?v0))
(fun_app\$b (less\$ zero\$) ?v0))) :named a59))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (possible_bit\$
type\$f) ?v0) (fun_app\$b (less\$ ?v0) (len_of\$a type\$a)))) :named a60))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (possible_bit\$a
type\$g) ?v0) (fun_app\$b (less\$ ?v0) (len_of\$b type\$b)))) :named a61))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (possible_bit\$b
type\$h) ?v0) (fun_app\$b (less\$ ?v0) (len_of\$ type\$)))) :named a62))
(assert (! (not (msb\$ zero\$a)) :named a63))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$ ?v0)
(of_nat\$ ?v1)) (= ?v0 ?v1))) :named a64))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a65))
(assert (! (= (of_nat\$b zero\$) zero\$b) :named a66))
(assert (! (= (of_nat\$c zero\$) zero\$a) :named a67))
(assert (! (= (of_nat\$ zero\$) zero\$) :named a68))
(assert (! (= (of_nat\$a zero\$) 0) :named a69))
(assert (! (forall ((?v0 Nat\$)) (= (= zero\$ (of_nat\$ ?v0)) (=
zero\$ ?v0))) :named a70))
(assert (! (forall ((?v0 Nat\$)) (= (= 0 (of_nat\$a ?v0)) (= zero\$
?v0))) :named a71))
(assert (! (forall ((?v0 Nat\$)) (= (= (of_nat\$ ?v0) zero\$) (=
?v0 zero\$))) :named a72))
(assert (! (forall ((?v0 Nat\$)) (= (= (of_nat\$a ?v0) 0) (= ?v0
zero\$))) :named a73))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$b (less\$
(of_nat\$ ?v0)) (of_nat\$ ?v1)) (fun_app\$b (less\$ ?v0) ?v1))) :named
a74))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (< (of_nat\$a ?v0)
(of_nat\$a ?v1)) (fun_app\$b (less\$ ?v0) ?v1))) :named a75))
(assert (! (forall ((?v0 A_signed_word\$)) (not (fun_app\$e
(less\$a ?v0) zero\$b))) :named a76))
(assert (! (forall ((?v0 A_word\$)) (not (fun_app\$f (less\$b ?v0)
zero\$a))) :named a77))
(assert (! (forall ((?v0 A_signed_word\$)) (not (fun_app\$e
(less\$a ?v0) zero\$b))) :named a78))
(assert (! (forall ((?v0 A_word\$)) (not (fun_app\$f (less\$b ?v0)
zero\$a))) :named a79))
(assert (! (forall ((?v0 A_signed_word\$)) (= (fun_app\$e (less\$a
zero\$b) ?v0) (not (= zero\$b ?v0)))) :named a80))
(assert (! (forall ((?v0 A_word\$)) (= (fun_app\$f (less\$b zero\$a)
?v0) (not (= zero\$a ?v0)))) :named a81))
(assert (! (forall ((?v0 A_signed_word\$)) (= (not (= ?v0
zero\$b)) (fun_app\$e (less\$a zero\$b) ?v0))) :named a82))
(assert (! (forall ((?v0 A_word\$)) (= (not (= ?v0 zero\$a))
(fun_app\$f (less\$b zero\$a) ?v0))) :named a83))
(assert (! (forall ((?v0 A_signed_word\$)) (= (fun_app\$e (less\$a
zero\$b) ?v0) (not (= ?v0 zero\$b)))) :named a84))
(assert (! (forall ((?v0 A_word\$)) (= (fun_app\$f (less\$b zero\$a)
?v0) (not (= ?v0 zero\$a)))) :named a85))
(assert (! (= zero\$b (of_nat\$b zero\$)) :named a86))
(assert (! (= zero\$a (of_nat\$c zero\$)) :named a87))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$b (less\$ (of_nat\$
?v0)) zero\$))) :named a88))
(assert (! (forall ((?v0 Nat\$)) (not (< (of_nat\$a ?v0) 0)))
:named a89))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
?v0) ?v1) (fun_app\$b (less\$ (of_nat\$ ?v0)) (of_nat\$ ?v1)))) :named
a90))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
?v0) ?v1) (< (of_nat\$a ?v0) (of_nat\$a ?v1)))) :named a91))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$b (less\$
(of_nat\$ ?v0)) (of_nat\$ ?v1)) (fun_app\$b (less\$ ?v0) ?v1))) :named
a92))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (< (of_nat\$a ?v0)
(of_nat\$a ?v1)) (fun_app\$b (less\$ ?v0) ?v1))) :named a93))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (of_nat\$b ?v0)
zero\$b)) (fun_app\$b (less\$ zero\$) ?v0))) :named a94))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (of_nat\$c ?v0)
zero\$a)) (fun_app\$b (less\$ zero\$) ?v0))) :named a95))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (of_nat\$ ?v0)
zero\$)) (fun_app\$b (less\$ zero\$) ?v0))) :named a96))
(assert (! (forall ((?v0 Nat\$)) (=> (not (= (of_nat\$a ?v0) 0))
(fun_app\$b (less\$ zero\$) ?v0))) :named a97))
(assert (! (forall ((?v0 A_signed_word_itself\$)) (fun_app\$b
(possible_bit\$a ?v0) zero\$)) :named a98))
(assert (! (forall ((?v0 Nat_itself\$)) (fun_app\$b
(possible_bit\$c ?v0) zero\$)) :named a99))
(assert (! (forall ((?v0 Int_itself\$)) (fun_app\$b
(possible_bit\$d ?v0) zero\$)) :named a100))
(assert (! (forall ((?v0 A_word_itself\$)) (fun_app\$b
(possible_bit\$b ?v0) zero\$)) :named a101))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$b (possible_bit\$d
type\$i) ?v0)) :named a102))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$b (possible_bit\$c
type\$j) ?v0)) :named a103))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$))
(=> (fun_app\$e (less\$a ?v0) ?v1) (fun_app\$e (less\$a zero\$b) ?v1)))
:named a104))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (fun_app\$f
(less\$b ?v0) ?v1) (fun_app\$f (less\$b zero\$a) ?v1))) :named a105))
(assert (! (forall ((?v0 Int)) (=> (and (< 0 ?v0) (forall ((?v1
Nat\$)) (=> (and (= ?v0 (of_nat\$a ?v1)) (fun_app\$b (less\$ zero\$) ?v1))
false))) false)) :named a106))
(assert (! (forall ((?v0 Int)) (=> (< 0 ?v0) (exists ((?v1
Nat\$)) (and (fun_app\$b (less\$ zero\$) ?v1) (= ?v0 (of_nat\$a ?v1))))))
:named a107))
(assert (! (= (= (semiring_char\$ type\$g) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$b (less\$ zero\$) ?v0) (not (= (of_nat\$b ?v0)
zero\$b))))) :named a108))
(assert (! (= (= (semiring_char\$a type\$h) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$b (less\$ zero\$) ?v0) (not (= (of_nat\$c ?v0)
zero\$a))))) :named a109))
(assert (! (= (= (semiring_char\$b type\$j) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$b (less\$ zero\$) ?v0) (not (= (of_nat\$ ?v0)
zero\$))))) :named a110))
(assert (! (= (= (semiring_char\$c type\$i) zero\$) (forall ((?v0
Nat\$)) (=> (fun_app\$b (less\$ zero\$) ?v0) (not (= (of_nat\$a ?v0) 0)))))
:named a111))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$b (less\$
zero\$) ?v0) (and (= (of_nat\$b ?v0) zero\$b) (forall ((?v1 Nat\$)) (=>
(and (fun_app\$b (less\$ zero\$) ?v1) (fun_app\$b (less\$ ?v1) ?v0)) (not (=
(of_nat\$b ?v1) zero\$b)))))) (= (semiring_char\$ type\$g) ?v0))) :named
a112))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$b (less\$
zero\$) ?v0) (and (= (of_nat\$c ?v0) zero\$a) (forall ((?v1 Nat\$)) (=>
(and (fun_app\$b (less\$ zero\$) ?v1) (fun_app\$b (less\$ ?v1) ?v0)) (not (=
(of_nat\$c ?v1) zero\$a)))))) (= (semiring_char\$a type\$h) ?v0))) :named
a113))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$b (less\$
zero\$) ?v0) (and (= (of_nat\$ ?v0) zero\$) (forall ((?v1 Nat\$)) (=> (and
(fun_app\$b (less\$ zero\$) ?v1) (fun_app\$b (less\$ ?v1) ?v0)) (not (=
(of_nat\$ ?v1) zero\$)))))) (= (semiring_char\$b type\$j) ?v0))) :named
a114))
(assert (! (forall ((?v0 Nat\$)) (=> (and (fun_app\$b (less\$
zero\$) ?v0) (and (= (of_nat\$a ?v0) 0) (forall ((?v1 Nat\$)) (=> (and
(fun_app\$b (less\$ zero\$) ?v1) (fun_app\$b (less\$ ?v1) ?v0)) (not (=
(of_nat\$a ?v1) 0)))))) (= (semiring_char\$c type\$i) ?v0))) :named a115))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a116))
(assert (! (= (semiring_char\$c type\$i) zero\$) :named a117))
(assert (! (= (semiring_char\$b type\$j) zero\$) :named a118))
(assert (! (= (of_nat\$b (semiring_char\$ type\$g)) zero\$b) :named
a119))
(assert (! (= (of_nat\$c (semiring_char\$a type\$h)) zero\$a) :named
a120))
(assert (! (= (of_nat\$ (semiring_char\$b type\$j)) zero\$) :named
a121))
(assert (! (= (of_nat\$a (semiring_char\$c type\$i)) 0) :named
a122))
(assert (! (= (< 0 0) false) :named a123))
(assert (! (= (fun_app\$b (less\$ zero\$) (semiring_char\$ type\$g))
(exists ((?v0 Nat\$)) (and (fun_app\$b (less\$ zero\$) ?v0) (= (of_nat\$b
?v0) zero\$b)))) :named a124))
(assert (! (= (fun_app\$b (less\$ zero\$) (semiring_char\$a type\$h))
(exists ((?v0 Nat\$)) (and (fun_app\$b (less\$ zero\$) ?v0) (= (of_nat\$c
?v0) zero\$a)))) :named a125))
(assert (! (= (fun_app\$b (less\$ zero\$) (semiring_char\$b type\$j))
(exists ((?v0 Nat\$)) (and (fun_app\$b (less\$ zero\$) ?v0) (= (of_nat\$
?v0) zero\$)))) :named a126))
(assert (! (= (fun_app\$b (less\$ zero\$) (semiring_char\$c type\$i))
(exists ((?v0 Nat\$)) (and (fun_app\$b (less\$ zero\$) ?v0) (= (of_nat\$a
?v0) 0)))) :named a127))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$b (less\$
?v0) ?v1) (< (of_nat\$a ?v0) (of_nat\$a ?v1)))) :named a128))
(assert (! (= (of_nat\$a zero\$) 0) :named a129))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a130))
(assert (! (forall ((?v0 Int)) (=> (and (< ?v0 0) (forall ((?v1
Nat\$)) (=> (and (= ?v0 (- (of_nat\$a ?v1))) (fun_app\$b (less\$ zero\$)
?v1)) false))) false)) :named a131))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (less\$c (of_nat\$d
?v0) (of_nat\$d ?v1)) (fun_app\$b (less\$ (take_bit\$ (len_of\$a type\$a)
?v0)) (take_bit\$ (len_of\$a type\$a) ?v1)))) :named a132))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$e (less\$a
(of_nat\$b ?v0)) (of_nat\$b ?v1)) (fun_app\$b (less\$ (take_bit\$ (len_of\$b
type\$b) ?v0)) (take_bit\$ (len_of\$b type\$b) ?v1)))) :named a133))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$f (less\$b
(of_nat\$c ?v0)) (of_nat\$c ?v1)) (fun_app\$b (less\$ (take_bit\$ (len_of\$
type\$) ?v0)) (take_bit\$ (len_of\$ type\$) ?v1)))) :named a134))
(assert (! (forall ((?v0 A_word\$)) (= (uminus\$ (uminus\$ ?v0))
?v0)) :named a135))
(assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a136))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (= (uminus\$
?v0) (uminus\$ ?v1)) (= ?v0 ?v1))) :named a137))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) (- ?v1))
(= ?v0 ?v1))) :named a138))
(assert (! (forall ((?v0 A_word\$)) (= (uminus\$ (uminus\$ ?v0))
?v0)) :named a139))
(assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a140))
(assert (! (= (uminus\$ zero\$a) zero\$a) :named a141))
(assert (! (= 0 0) :named a142))
(assert (! (forall ((?v0 A_word\$)) (= (= zero\$a (uminus\$ ?v0))
(= zero\$a ?v0))) :named a143))
(assert (! (forall ((?v0 Int)) (= (= 0 (- ?v0)) (= 0 ?v0)))
:named a144))
(assert (! (forall ((?v0 A_word\$)) (= (= (uminus\$ ?v0) zero\$a)
(= ?v0 zero\$a))) :named a145))
(assert (! (forall ((?v0 Int)) (= (= (- ?v0) 0) (= ?v0 0)))
:named a146))
(assert (! (forall ((?v0 Int)) (= (= ?v0 (- ?v0)) (= ?v0 0)))
:named a147))
(assert (! (forall ((?v0 Int)) (= (= (- ?v0) ?v0) (= ?v0 0)))
:named a148))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) (- ?v1))
(< ?v1 ?v0))) :named a149))
(assert (! (forall ((?v0 Nat\$)) (= (take_bit\$a ?v0 zero\$b)
zero\$b)) :named a150))
(assert (! (forall ((?v0 Nat\$)) (= (take_bit\$b ?v0 zero\$a)
zero\$a)) :named a151))
(assert (! (forall ((?v0 Nat\$)) (= (take_bit\$ ?v0 zero\$) zero\$))
:named a152))
(assert (! (forall ((?v0 Nat\$)) (= (take_bit\$c ?v0 0) 0)) :named
a153))
(assert (! (forall ((?v0 Int)) (= (< ?v0 (- ?v0)) (< ?v0 0)))
:named a154))
(assert (! (forall ((?v0 Int)) (= (< (- ?v0) ?v0) (< 0 ?v0)))
:named a155))
(assert (! (forall ((?v0 Int)) (= (< 0 (- ?v0)) (< ?v0 0)))
:named a156))
(assert (! (forall ((?v0 Int)) (= (< (- ?v0) 0) (< 0 ?v0)))
:named a157))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (take_bit\$a
zero\$ ?v0) zero\$b) :pattern ((take_bit\$a zero\$ ?v0)))) :named a158))
(assert (! (forall ((?v0 A_word\$)) (! (= (take_bit\$b zero\$ ?v0)
zero\$a) :pattern ((take_bit\$b zero\$ ?v0)))) :named a159))
(assert (! (forall ((?v0 Nat\$)) (! (= (take_bit\$ zero\$ ?v0)
zero\$) :pattern ((take_bit\$ zero\$ ?v0)))) :named a160))
(assert (! (forall ((?v0 Int)) (! (= (take_bit\$c zero\$ ?v0) 0)
:pattern ((take_bit\$c zero\$ ?v0)))) :named a161))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (- (of_nat\$a
?v0)) (of_nat\$a ?v1)) (and (= ?v0 zero\$) (= ?v1 zero\$)))) :named a162))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (take_bit\$a ?v0
(of_nat\$b ?v1)) (of_nat\$b (take_bit\$ ?v0 ?v1)))) :named a163))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (take_bit\$ ?v0
(of_nat\$ ?v1)) (of_nat\$ (take_bit\$ ?v0 ?v1)))) :named a164))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (take_bit\$b ?v0
(of_nat\$c ?v1)) (of_nat\$c (take_bit\$ ?v0 ?v1)))) :named a165))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (take_bit\$c ?v0
(of_nat\$a ?v1)) (of_nat\$a (take_bit\$ ?v0 ?v1)))) :named a166))
(assert (! (forall ((?v0 Int) (?v1 Int)) (=> (< ?v0 ?v1) (< (-
?v1) (- ?v0)))) :named a167))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (= ?v0
(uminus\$ ?v1)) (= ?v1 (uminus\$ ?v0)))) :named a168))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (= ?v0 (- ?v1)) (=
?v1 (- ?v0)))) :named a169))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (= (uminus\$
?v0) ?v1) (= (uminus\$ ?v1) ?v0))) :named a170))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) ?v1) (=
(- ?v1) ?v0))) :named a171))
(assert (! (forall ((?v0 Int) (?v1 Int)) (=> (= ?v0 ?v1) (= (-
?v0) (- ?v1)))) :named a172))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (< ?v0 (- ?v1)) (<
?v1 (- ?v0)))) :named a173))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) ?v1) (<
(- ?v1) ?v0))) :named a174))
(assert (! (= 0 0) :named a175))
(assert (! (forall ((?v0 Int)) (=> (and (forall ((?v1 Nat\$)) (=>
(= ?v0 (of_nat\$a ?v1)) false)) (forall ((?v1 Nat\$)) (=> (= ?v0 (-
(of_nat\$a ?v1))) false))) false)) :named a176))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (not (< (of_nat\$a
?v0) (- (of_nat\$a ?v1))))) :named a177))
(assert (! (forall ((?v0 Int)) (=> (and (forall ((?v1 Nat\$)) (=>
(= ?v0 (of_nat\$a ?v1)) false)) (forall ((?v1 Nat\$)) (=> (and (fun_app\$b
(less\$ zero\$) ?v1) (= ?v0 (- (of_nat\$a ?v1)))) false))) false)) :named
a178))
(assert (! (forall ((?v0 A_signed_word\$)) (! (= (fun_app\$e
(less\$a ?v0) ?v0) false) :pattern ((less\$a ?v0)))) :named a179))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$f (less\$b ?v0)
?v0) false) :pattern ((less\$b ?v0)))) :named a180))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (less\$ ?v0)
?v0) false) :pattern ((less\$ ?v0)))) :named a181))
(assert (! (forall ((?v0 Int)) (! (= (< ?v0 ?v0) false) :pattern
((uu\$ ?v0)))) :named a182))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= ?v0 ?v1) (=
(of_nat\$a ?v0) (of_nat\$a ?v1)))) :named a183))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (= (of_nat\$a ?v0)
(of_nat\$a ?v1)) (= ?v0 ?v1))) :named a184))
(assert (! (forall ((?v0 Bool) (?v1 Nat\$) (?v2 Nat\$)) (=
(of_nat\$a (ite ?v0 ?v1 ?v2)) (ite ?v0 (of_nat\$a ?v1) (of_nat\$a ?v2))))
:named a185))
(assert (! (forall ((?v0 Int)) (=> (and (=> (= ?v0 0) false)
(and (forall ((?v1 Nat\$)) (=> (and (= ?v0 (of_nat\$a ?v1)) (fun_app\$b
(less\$ zero\$) ?v1)) false)) (forall ((?v1 Nat\$)) (=> (and (= ?v0 (-
(of_nat\$a ?v1))) (fun_app\$b (less\$ zero\$) ?v1)) false)))) false))
:named a186))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$d ?v0)
(of_nat\$d ?v1)) (= (take_bit\$ (len_of\$a type\$a) ?v0) (take_bit\$
(len_of\$a type\$a) ?v1)))) :named a187))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$b ?v0)
(of_nat\$b ?v1)) (= (take_bit\$ (len_of\$b type\$b) ?v0) (take_bit\$
(len_of\$b type\$b) ?v1)))) :named a188))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (of_nat\$c ?v0)
(of_nat\$c ?v1)) (= (take_bit\$ (len_of\$ type\$) ?v0) (take_bit\$ (len_of\$
type\$) ?v1)))) :named a189))
(assert (! (forall ((?v0 A_signed_signed_word\$)) (= (take_bit\$d
(len_of\$a type\$a) ?v0) ?v0)) :named a190))
(assert (! (forall ((?v0 A_signed_word\$)) (= (take_bit\$a
(len_of\$b type\$b) ?v0) ?v0)) :named a191))
(assert (! (forall ((?v0 A_word\$)) (= (take_bit\$b (len_of\$
type\$) ?v0) ?v0)) :named a192))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (= (take_bit\$c ?v0 (-
(take_bit\$c ?v0 ?v1))) (take_bit\$c ?v0 (- ?v1)))) :named a193))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (not (< (take_bit\$c
?v0 ?v1) 0))) :named a194))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (= (< ?v0 (take_bit\$c
?v1 ?v0)) (< ?v0 0))) :named a195))
(assert (! (= (take_bit\$c (len_of\$a type\$a) 0) (take_bit\$c
(len_of\$a type\$a) 0)) :named a196))
(assert (! (= (take_bit\$c (len_of\$b type\$b) 0) (take_bit\$c
(len_of\$b type\$b) 0)) :named a197))
(assert (! (= (take_bit\$c (len_of\$ type\$) 0) (take_bit\$c
(len_of\$ type\$) 0)) :named a198))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$ (of_nat\$c ?v0))
(of_nat\$a (take_bit\$ (len_of\$ type\$) ?v0)))) :named a199))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$a (of_nat\$c ?v0))
(of_nat\$ (take_bit\$ (len_of\$ type\$) ?v0)))) :named a200))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$b (of_nat\$c ?v0))
(of_nat\$c (take_bit\$ (len_of\$ type\$) ?v0)))) :named a201))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$c (of_nat\$b ?v0))
(of_nat\$a (take_bit\$ (len_of\$b type\$b) ?v0)))) :named a202))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$d (of_nat\$b ?v0))
(of_nat\$ (take_bit\$ (len_of\$b type\$b) ?v0)))) :named a203))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$e (of_nat\$b ?v0))
(of_nat\$c (take_bit\$ (len_of\$b type\$b) ?v0)))) :named a204))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$f (of_nat\$c ?v0))
(of_nat\$b (take_bit\$ (len_of\$ type\$) ?v0)))) :named a205))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$g (of_nat\$d ?v0))
(of_nat\$a (take_bit\$ (len_of\$a type\$a) ?v0)))) :named a206))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$h (of_nat\$d ?v0))
(of_nat\$ (take_bit\$ (len_of\$a type\$a) ?v0)))) :named a207))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$i (of_nat\$b ?v0))
(of_nat\$b (take_bit\$ (len_of\$b type\$b) ?v0)))) :named a208))
(assert (! (forall ((?v0 Int)) (= (fun_app\$b (less\$ zero\$) (nat\$
?v0)) (< 0 ?v0))) :named a209))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_signed_word\$)) (=
(signed\$ (take_bit\$d ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$a
type\$a)) (take_bit\$c ?v0 (signed\$ ?v1)) (signed\$ ?v1)))) :named a210))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_signed_word\$)) (=
(signed\$a (take_bit\$d ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$a
type\$a)) (take_bit\$b ?v0 (signed\$a ?v1)) (signed\$a ?v1)))) :named
a211))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_signed_word\$)) (=
(signed\$b (take_bit\$d ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$a
type\$a)) (take_bit\$a ?v0 (signed\$b ?v1)) (signed\$b ?v1)))) :named
a212))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (signed\$c
(take_bit\$b ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$ type\$))
(take_bit\$a ?v0 (signed\$c ?v1)) (signed\$c ?v1)))) :named a213))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_word\$)) (=
(signed\$d (take_bit\$a ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$b
type\$b)) (take_bit\$a ?v0 (signed\$d ?v1)) (signed\$d ?v1)))) :named
a214))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_word\$)) (=
(signed\$e (take_bit\$a ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$b
type\$b)) (take_bit\$c ?v0 (signed\$e ?v1)) (signed\$e ?v1)))) :named
a215))
(assert (! (forall ((?v0 Nat\$) (?v1 A_signed_word\$)) (=
(signed\$f (take_bit\$a ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$b
type\$b)) (take_bit\$b ?v0 (signed\$f ?v1)) (signed\$f ?v1)))) :named
a216))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (signed\$g
(take_bit\$b ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$ type\$))
(take_bit\$b ?v0 (signed\$g ?v1)) (signed\$g ?v1)))) :named a217))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (signed\$h
(take_bit\$b ?v0 ?v1)) (ite (fun_app\$b (less\$ ?v0) (len_of\$ type\$))
(take_bit\$c ?v0 (signed\$h ?v1)) (signed\$h ?v1)))) :named a218))
(assert (! (forall ((?v0 Nat\$)) (= (signed\$i (of_nat\$b ?v0))
(of_nat\$d ?v0))) :named a219))
(assert (! (forall ((?v0 Nat\$)) (= (signed\$c (of_nat\$c ?v0))
(of_nat\$b ?v0))) :named a220))
(assert (! (forall ((?v0 Nat\$)) (= (signed\$b (of_nat\$d ?v0))
(of_nat\$b ?v0))) :named a221))
(assert (! (forall ((?v0 Nat\$)) (= (signed\$f (of_nat\$b ?v0))
(of_nat\$c ?v0))) :named a222))
(assert (! (forall ((?v0 A_signed_word\$)) (= (of_nat\$b
(unsigned\$d ?v0)) ?v0)) :named a223))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$c (unsigned\$a
?v0)) ?v0)) :named a224))
(assert (! (forall ((?v0 A_signed_word\$)) (= (of_nat\$a
(unsigned\$d ?v0)) (unsigned\$c ?v0))) :named a225))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$b (unsigned\$a
?v0)) (unsigned\$f ?v0))) :named a226))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$c (unsigned\$a
?v0)) (unsigned\$b ?v0))) :named a227))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$ (unsigned\$a ?v0))
(unsigned\$a ?v0))) :named a228))
(assert (! (forall ((?v0 A_word\$)) (= (of_nat\$a (unsigned\$a
?v0)) (unsigned\$ ?v0))) :named a229))
(assert (! (forall ((?v0 A_word\$)) (= (< (unsigned\$ ?v0) 0)
false)) :named a230))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.006s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
1 = Suc 0
0 < LENGTH('a)
∀w. nat (uint w) = unat w
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - 1))
∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb x = (x < 0))
∀w n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
(w !! n = (n < LENGTH('a) ∧ uint w !! n))
∀n x. rev (replicate n x) = replicate n x
∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
to_bl 0 = replicate LENGTH('a) False
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
∀n. possible_bit TYPE(int) n
∀a. a ≤ a
∀a. a ≤ a
∀a. a ≤ a
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - Suc 0))
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
∀x. length (to_bl x) = LENGTH('a)
∀xs. rev (rev xs) = xs
∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
(¬ msb x ⟶ sint x = uint x)
∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
∀n x. length (replicate n x) = n
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
(size w = LENGTH('a))
∀a. a - 0 = a
∀a. a - 0 = a
∀a. a - 0 = a
∀n. of_bl (replicate n False) = 0
∀f g x.
SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((f ∘ g) x))
SMT.Symb_Nil) SMT.Symb_Nil)
((f ∘ g) x = f (g x))
∀w n. w !! n ⟶ n < LENGTH('a)
∀x n. x < 2 ^ n ⟶ x && mask n = x
∀w. length (to_bl w) = LENGTH('a)
∀a. 0 ≤ a
∀x. of_bl (to_bl x) = x
∀n<LENGTH('a). uint (2 ^ n) = 2 ^ n
∀a b. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < b) = (unat a < unat b))
∀n. unat (2 ^ n) = (if n < LENGTH('a) then 2 ^ n else 0)
∀b c a q.
LENGTH('a) + b ≤ c + a ∧ c < LENGTH('a) ⟶ unat ((q >> a << b)
&& ~~ mask c) = 0
∀n<LENGTH('a). unat (2 ^ n) = 2 ^ n
LENGTH('a) ≠ 0
∀x. to_bl x ≠ []
∀z n. 0 ≤ z ⟶ nat (z ^ n) = nat z ^ n
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = (w >> LENGTH('a) - 1 ≠ 0))
∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
∀a b n. (a && b) !! n = (a !! n ∧ b !! n)
∀n. (LENGTH('a) - Suc 0 < n) = (LENGTH('a) ≤ n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(push_bit n a = a * 2 ^ n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(push_bit n a = a * 2 ^ n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(push_bit n a = a * 2 ^ n)
∀x y. (¬ x < y) = (y ≤ x)
∀x y. (¬ x < y) = (y ≤ x)
∀x y. (¬ x < y) = (y ≤ x)
∀x. ¬ x < x
∀x. ¬ x < x
∀x. ¬ x < x
∀a. a + 0 = a
∀a. a + 0 = a
∀a. a + 0 = a
∀m n. mask m !! n = (possible_bit TYPE(nat) n ∧ n < m)
∀m n. mask m !! n = (possible_bit TYPE('a word) n ∧ n < m)
∀m n. mask m !! n = (possible_bit TYPE(int) n ∧ n < m)
∀a b. a * b = b * a
∀a b. a * b = b * a
∀a b. a * b = b * a
∀p n. (p < 2 ^ n) = (n < LENGTH('a) ∧ (∀n'. n ≤ n' ∧ n' <
LENGTH('a) ⟶ ¬ p !! n'))
∀x y. (unat x * unat y < 2 ^ LENGTH('a)) = (unat (x * y) = unat
x * unat y)
∀a b. a + b = b + a
∀a b. a + b = b + a
∀a b. a + b = b + a
∀n. (n ≤ LENGTH('a) - Suc 0) = (n < LENGTH('a))
∀w. (drop_bit (LENGTH('a) - Suc 0) w = 0) = (¬ w !! (LENGTH('a)
- Suc 0))
∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit n a = a && mask n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit n a = a AND mask n)
∀n a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
(take_bit n a = a AND mask n)
∀n≥LENGTH('a). 2 ^ n = 0
∀w n. unat (w >> n) = unat w div 2 ^ n
∀x. (uint x < 0) = False
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = hd (to_bl w))
∀x xs.
SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x # xs))
SMT.Symb_Nil) SMT.Symb_Nil)
(length (x # xs) = Suc (length xs))
∀n w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(LENGTH('a) ≤ n ⟶ w >> n = 0)
∀n w. n < LENGTH('a) ⟶ w && mask n < 2 ^ n
∀x z n. limited_and x z ⟶ limited_and (x >> n) (z >> n)
bot = False
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb a = (2 ^ (LENGTH('a) - Suc 0) ≤ a))
∀n. SMT.trigger
SMT.Symb_Nil) SMT.Symb_Nil)
(mask n = 2 ^ n - 1)
∀z z'. 0 ≤ z ⟶ nat (z * z') = nat z * nat z'
∀n a. (take_bit n a = a) = (drop_bit n a = 0)
∀n a. (take_bit n a = a) = (drop_bit n a = 0)
∀n a. (take_bit n a = a) = (drop_bit n a = 0)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb a = (bin_sign (signed_take_bit (LENGTH('a) - 1) (uint
a)) = - 1))
∀a. 0 - a = - a
∀a. 0 - a = - a
∀x. (x < 1) = (x = 0)
∀m. ¬ of_nat m < 0
∀m. ¬ int m < 0
∀a. (a ≠ 0) = (0 < a)
∀a b. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a ≤ b))
SMT.Symb_Nil) SMT.Symb_Nil)
((a ≤ b) = (unat a ≤ unat b))
∀a. (a ≤ 0) = (a = 0)
∀x y. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x ≤s y))
SMT.Symb_Nil) SMT.Symb_Nil)
((x ≤s y) = ((msb y ⟶ msb x) ∧ (msb x ∧ ¬ msb y ∨ x ≤
y)))
∀a. 0 * a = 0
∀a. 0 * a = 0
∀a. 0 * a = 0
∀b a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (b ≤ a))
SMT.Symb_Nil) SMT.Symb_Nil)
((b ≤ a) = (¬ a < b))
∀n w. n < LENGTH('a) ⟶ to_bl w ! n = w !! (LENGTH('a) - Suc n)
∀n bnd x. 2 ^ (LENGTH('a) - n) - 1 ≤ bnd ∧ 0 < n ⟶ unat (x >> n)
≤ bnd
neg_numeral_class.sub num.One num.One = 0
neg_numeral_class.sub num.One num.One = 0
∀n k. (drop_bit n k < 0) = (k < 0)
∀a. 0 + a = a
∀a. 0 + a = a
∀a. 0 + a = a
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a ^ 0 = 1)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a ^ 0 = 1)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a ^ 0 = 1)
SMT: Names:
sorts:
Nat\$ = nat
Num\$ = num
A_word\$ = 'a word
A_itself\$ = 'a itself
Bool_list\$ = bool list
Int_itself\$ = int itself
Nat_itself\$ = nat itself
Nat_int_fun\$ = nat ⇒ int
Nat_nat_fun\$ = nat ⇒ nat
Nat_bool_fun\$ = nat ⇒ bool
A_word_itself\$ = 'a word itself
Nat_a_word_fun\$ = nat ⇒ 'a word
functions:
r\$ = r
x\$ = x
hd\$ = hd
and\$ = (&&)
bit\$ = (!!)
bot\$ = bot
msb\$ = msb
nat\$ = nat
nil\$ = []
not\$ = wordNOT
nth\$ = (!)
one\$ = 1
rev\$ = rev
sub\$ = neg_numeral_class.sub
suc\$ = Suc
and\$a = (AND)
and\$b = (AND)
bit\$a = (!!)
bit\$b = (!!)
bit0\$ = num.Bit0
comp\$ = (∘)
cons\$ = (#)
less\$ = (<)
msb\$a = msb
one\$a = num.One
one\$b = 1
plus\$ = (+)
size\$ = length
sub\$a = neg_numeral_class.sub
type\$ = TYPE('a)
zero\$ = 0
less\$a = (<)
minus\$ = (-)
of_bl\$ = of_bl
plus\$a = (+)
power\$ = (^)
size\$a = size
times\$ = (*)
to_bl\$ = to_bl
type\$a = TYPE('a word)
type\$b = TYPE(int)
type\$c = TYPE(nat)
zero\$a = 0
divide\$ = (div)
len_of\$ = len_of
minus\$a = (-)
of_nat\$ = of_nat
power\$a = (^)
power\$b = (^)
shiftl\$ = (<<)
shiftr\$ = (>>)
signed\$ = sint
times\$a = (*)
times\$b = (*)
uminus\$ = uminus
fun_app\$ = SMT.fun_app
less_eq\$ = (≤)
numeral\$ = numeral
of_nat\$a = int
shiftl\$a = (<<)
shiftl\$b = (<<)
shiftr\$a = (>>)
shiftr\$b = (>>)
bin_sign\$ = bin_sign
drop_bit\$ = drop_bit
fun_app\$a = SMT.fun_app
fun_app\$b = SMT.fun_app
fun_app\$c = SMT.fun_app
less_eq\$a = (≤)
numeral\$a = numeral
push_bit\$ = push_bit
take_bit\$ = take_bit
unsigned\$ = uint
word_sle\$ = (≤s)
drop_bit\$a = drop_bit
drop_bit\$b = drop_bit
push_bit\$a = push_bit
push_bit\$b = push_bit
replicate\$ = replicate
take_bit\$a = take_bit
take_bit\$b = take_bit
unsigned\$a = unat
unsigned\$b = UCAST('a → 'a)
limited_and\$ = limited_and
possible_bit\$ = possible_bit
possible_bit\$a = possible_bit
possible_bit\$b = possible_bit
signed_take_bit\$ = signed_take_bit
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9923
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort Num\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Bool_list\$ 0)
(declare-sort Int_itself\$ 0)
(declare-sort Nat_itself\$ 0)
(declare-sort Nat_int_fun\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort Nat_bool_fun\$ 0)
(declare-sort A_word_itself\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun hd\$ (Bool_list\$) Bool)
(declare-fun and\$ (A_word\$ A_word\$) A_word\$)
(declare-fun bit\$ (A_word\$) Nat_bool_fun\$)
(declare-fun bot\$ () Bool)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun nat\$ (Int) Nat\$)
(declare-fun nil\$ () Bool_list\$)
(declare-fun not\$ (A_word\$) A_word\$)
(declare-fun nth\$ (Bool_list\$) Nat_bool_fun\$)
(declare-fun one\$ () Nat\$)
(declare-fun rev\$ (Bool_list\$) Bool_list\$)
(declare-fun sub\$ (Num\$ Num\$) A_word\$)
(declare-fun suc\$ () Nat_nat_fun\$)
(declare-fun and\$a (Nat\$) Nat_nat_fun\$)
(declare-fun and\$b (Int Int) Int)
(declare-fun bit\$a (Int) Nat_bool_fun\$)
(declare-fun bit\$b (Nat\$) Nat_bool_fun\$)
(declare-fun bit0\$ (Num\$) Num\$)
(declare-fun comp\$ (Nat_bool_fun\$ Nat_nat_fun\$) Nat_bool_fun\$)
(declare-fun cons\$ (Bool Bool_list\$) Bool_list\$)
(declare-fun less\$ (Nat\$) Nat_bool_fun\$)
(declare-fun msb\$a (Int) Bool)
(declare-fun one\$a () Num\$)
(declare-fun one\$b () A_word\$)
(declare-fun plus\$ (Nat\$) Nat_nat_fun\$)
(declare-fun size\$ (Bool_list\$) Nat\$)
(declare-fun sub\$a (Num\$ Num\$) Int)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun less\$a (A_word\$ A_word\$) Bool)
(declare-fun minus\$ (Nat\$) Nat_nat_fun\$)
(declare-fun of_bl\$ (Bool_list\$) A_word\$)
(declare-fun plus\$a (A_word\$ A_word\$) A_word\$)
(declare-fun power\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun size\$a (A_word\$) Nat\$)
(declare-fun times\$ (A_word\$ A_word\$) A_word\$)
(declare-fun to_bl\$ (A_word\$) Bool_list\$)
(declare-fun type\$a () A_word_itself\$)
(declare-fun type\$b () Int_itself\$)
(declare-fun type\$c () Nat_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun divide\$ (Nat\$) Nat_nat_fun\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun minus\$a (A_word\$ A_word\$) A_word\$)
(declare-fun of_nat\$ () Nat_nat_fun\$)
(declare-fun power\$a (Int) Nat_int_fun\$)
(declare-fun power\$b (Nat\$) Nat_nat_fun\$)
(declare-fun shiftl\$ (Nat\$) Nat_nat_fun\$)
(declare-fun shiftr\$ (A_word\$ Nat\$) A_word\$)
(declare-fun signed\$ (A_word\$) Int)
(declare-fun times\$a (Int Int) Int)
(declare-fun times\$b (Nat\$) Nat_nat_fun\$)
(declare-fun uminus\$ (A_word\$) A_word\$)
(declare-fun fun_app\$ (Nat_bool_fun\$ Nat\$) Bool)
(declare-fun less_eq\$ (A_word\$ A_word\$) Bool)
(declare-fun numeral\$ (Num\$) A_word\$)
(declare-fun of_nat\$a (Nat\$) Int)
(declare-fun shiftl\$a (Int Nat\$) Int)
(declare-fun shiftl\$b (A_word\$ Nat\$) A_word\$)
(declare-fun shiftr\$a (Nat\$) Nat_nat_fun\$)
(declare-fun shiftr\$b (Int Nat\$) Int)
(declare-fun bin_sign\$ (Int) Int)
(declare-fun drop_bit\$ (Nat\$) Nat_nat_fun\$)
(declare-fun fun_app\$a (Nat_nat_fun\$ Nat\$) Nat\$)
(declare-fun fun_app\$b (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun fun_app\$c (Nat_int_fun\$ Nat\$) Int)
(declare-fun less_eq\$a (Nat\$) Nat_bool_fun\$)
(declare-fun numeral\$a (Num\$) Nat\$)
(declare-fun push_bit\$ (Nat\$) Nat_nat_fun\$)
(declare-fun take_bit\$ (Nat\$ Int) Int)
(declare-fun unsigned\$ (A_word\$) Int)
(declare-fun word_sle\$ (A_word\$ A_word\$) Bool)
(declare-fun drop_bit\$a (Nat\$ Int) Int)
(declare-fun drop_bit\$b (Nat\$ A_word\$) A_word\$)
(declare-fun push_bit\$a (Nat\$ Int) Int)
(declare-fun push_bit\$b (Nat\$ A_word\$) A_word\$)
(declare-fun replicate\$ (Nat\$ Bool) Bool_list\$)
(declare-fun take_bit\$a (Nat\$ A_word\$) A_word\$)
(declare-fun take_bit\$b (Nat\$) Nat_nat_fun\$)
(declare-fun unsigned\$a (A_word\$) Nat\$)
(declare-fun unsigned\$b (A_word\$) A_word\$)
(declare-fun limited_and\$ (A_word\$ A_word\$) Bool)
(declare-fun possible_bit\$ (A_word_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$a (Int_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$b (Nat_itself\$) Nat_bool_fun\$)
(declare-fun signed_take_bit\$ (Nat\$ Int) Int)
(assert (! (not (= (msb\$ (shiftr\$ x\$ r\$)) (and (= r\$ zero\$)
(msb\$ x\$)))) :named a0))
(assert (! (fun_app\$ (less\$ r\$) (len_of\$ type\$)) :named a1))
(assert (! (= one\$ (fun_app\$a suc\$ zero\$)) :named a2))
(assert (! (fun_app\$ (less\$ zero\$) (len_of\$ type\$)) :named a3))
(assert (! (forall ((?v0 A_word\$)) (= (nat\$ (unsigned\$ ?v0))
(unsigned\$a ?v0))) :named a4))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$a
(shiftr\$a ?v0) ?v1) (fun_app\$a (drop_bit\$ ?v1) ?v0)) :pattern
((fun_app\$a (shiftr\$a ?v0) ?v1)))) :named a5))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (shiftr\$b ?v0
?v1) (drop_bit\$a ?v1 ?v0)) :pattern ((shiftr\$b ?v0 ?v1)))) :named a6))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (shiftr\$ ?v0
?v1) (drop_bit\$b ?v1 ?v0)) :pattern ((shiftr\$ ?v0 ?v1)))) :named a7))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (possible_bit\$
type\$a) ?v0) (fun_app\$ (less\$ ?v0) (len_of\$ type\$)))) :named a8))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (fun_app\$
(bit\$ ?v0) (fun_app\$a (minus\$ (len_of\$ type\$)) one\$))) :pattern ((msb\$
?v0)))) :named a9))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (forall
((?v2 Nat\$)) (=> (fun_app\$ (less\$ ?v2) (len_of\$ type\$)) (= (fun_app\$
(bit\$ ?v0) ?v2) (fun_app\$ (bit\$ ?v1) ?v2)))) (= ?v0 ?v1))) :named a10))
(assert (! (forall ((?v0 Int)) (! (= (msb\$a ?v0) (< ?v0 0))
:pattern ((msb\$a ?v0)))) :named a11))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (fun_app\$
(bit\$ ?v0) ?v1) (and (fun_app\$ (less\$ ?v1) (len_of\$ type\$)) (fun_app\$
(bit\$a (unsigned\$ ?v0)) ?v1))) :pattern ((fun_app\$ (bit\$ ?v0) ?v1))))
:named a12))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (rev\$ (replicate\$
?v0 ?v1)) (replicate\$ ?v0 ?v1))) :named a13))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$) (?v2 Nat\$)) (=>
(and (= (and\$ ?v0 (mask\$ (fun_app\$a (plus\$ ?v1) ?v2))) ?v0) (fun_app\$
(less\$ ?v2) (len_of\$ type\$))) (less\$a (shiftr\$ ?v0 ?v1) (fun_app\$b
(power\$ (numeral\$ (bit0\$ one\$a))) ?v2)))) :named a14))
(assert (! (= (to_bl\$ zero\$a) (replicate\$ (len_of\$ type\$)
false)) :named a15))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 A_word\$))
(=> (and (less_eq\$ ?v0 ?v1) (less\$a ?v1 ?v2)) (less\$a ?v0 ?v2))) :named
a16))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$)) (=> (and
(fun_app\$ (less_eq\$a ?v0) ?v1) (fun_app\$ (less\$ ?v1) ?v2)) (fun_app\$
(less\$ ?v0) ?v2))) :named a17))
(assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a18))
(assert (! (forall ((?v0 Nat\$)) (= (= (fun_app\$b (power\$
(numeral\$ (bit0\$ one\$a))) ?v0) zero\$a) (fun_app\$ (less_eq\$a (len_of\$
type\$)) ?v0))) :named a19))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$ (possible_bit\$a
type\$b) ?v0)) :named a20))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$ (less_eq\$a ?v0) ?v0))
:named a21))
(assert (! (forall ((?v0 A_word\$)) (less_eq\$ ?v0 ?v0)) :named
a22))
(assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a23))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (fun_app\$
(bit\$ ?v0) (fun_app\$a (minus\$ (len_of\$ type\$)) (fun_app\$a suc\$
zero\$)))) :pattern ((msb\$ ?v0)))) :named a24))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (not
(less_eq\$ ?v0 ?v1)) (less\$a ?v1 ?v0))) :named a25))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (fun_app\$
(less_eq\$a ?v0) ?v1)) (fun_app\$ (less\$ ?v1) ?v0))) :named a26))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a27))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$a
(shiftl\$ ?v0) ?v1) (fun_app\$a (push_bit\$ ?v1) ?v0)) :pattern
((fun_app\$a (shiftl\$ ?v0) ?v1)))) :named a28))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (shiftl\$a ?v0
?v1) (push_bit\$a ?v1 ?v0)) :pattern ((shiftl\$a ?v0 ?v1)))) :named a29))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (shiftl\$b
?v0 ?v1) (push_bit\$b ?v1 ?v0)) :pattern ((shiftl\$b ?v0 ?v1)))) :named
a30))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_word\$)) (=>
(and (= (fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a))) (fun_app\$a (plus\$
?v0) ?v1)) zero\$a) (fun_app\$ (less\$ ?v1) (len_of\$ type\$))) (less\$a
(shiftr\$ ?v2 ?v0) (fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a))) ?v1))))
:named a31))
(assert (! (forall ((?v0 A_word\$)) (= (size\$ (to_bl\$ ?v0))
(len_of\$ type\$))) :named a32))
(assert (! (forall ((?v0 Bool_list\$)) (= (rev\$ (rev\$ ?v0)) ?v0))
:named a33))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (unsigned\$
(push_bit\$b ?v0 ?v1)) (take_bit\$ (size\$a ?v1) (push_bit\$a ?v0
(unsigned\$ ?v1))))) :named a34))
(assert (! (forall ((?v0 A_word\$)) (! (=> (not (msb\$ ?v0)) (=
(signed\$ ?v0) (unsigned\$ ?v0))) :pattern ((signed\$ ?v0)))) :named a35))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$
(bit\$b (unsigned\$a ?v0)) ?v1) (and (fun_app\$ (possible_bit\$b type\$c)
?v1) (fun_app\$ (bit\$ ?v0) ?v1)))) :named a36))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$
(bit\$a (unsigned\$ ?v0)) ?v1) (and (fun_app\$ (possible_bit\$a type\$b)
?v1) (fun_app\$ (bit\$ ?v0) ?v1)))) :named a37))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$ (bit\$
(unsigned\$b ?v0)) ?v1) (and (fun_app\$ (possible_bit\$ type\$a) ?v1)
(fun_app\$ (bit\$ ?v0) ?v1)))) :named a38))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (size\$ (replicate\$
?v0 ?v1)) ?v0)) :named a39))
(assert (! (forall ((?v0 A_word\$)) (! (= (size\$a ?v0) (len_of\$
type\$)) :pattern ((size\$a ?v0)))) :named a40))
(assert (! (forall ((?v0 A_word\$)) (= (minus\$a ?v0 zero\$a) ?v0))
:named a41))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (minus\$ ?v0)
zero\$) ?v0)) :named a42))
(assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a43))
(assert (! (forall ((?v0 Nat\$)) (= (of_bl\$ (replicate\$ ?v0
false)) zero\$a)) :named a44))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat_nat_fun\$) (?v2
Nat\$)) (! (= (fun_app\$ (comp\$ ?v0 ?v1) ?v2) (fun_app\$ ?v0 (fun_app\$a
?v1 ?v2))) :pattern ((fun_app\$ (comp\$ ?v0 ?v1) ?v2)))) :named a45))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (=> (fun_app\$
(bit\$ ?v0) ?v1) (fun_app\$ (less\$ ?v1) (len_of\$ type\$)))) :named a46))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (=> (less\$a ?v0
(fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a))) ?v1)) (= (and\$ ?v0 (mask\$
?v1)) ?v0))) :named a47))
(assert (! (forall ((?v0 A_word\$)) (= (size\$ (to_bl\$ ?v0))
(len_of\$ type\$))) :named a48))
(assert (! (forall ((?v0 A_word\$)) (less_eq\$ zero\$a ?v0)) :named
a49))
(assert (! (forall ((?v0 A_word\$)) (= (of_bl\$ (to_bl\$ ?v0))
?v0)) :named a50))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$ (less\$ ?v0)
(len_of\$ type\$)) (= (unsigned\$ (fun_app\$b (power\$ (numeral\$ (bit0\$
one\$a))) ?v0)) (fun_app\$c (power\$a 2) ?v0)))) :named a51))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (= (less\$a
?v0 ?v1) (fun_app\$ (less\$ (unsigned\$a ?v0)) (unsigned\$a ?v1))) :pattern
((less\$a ?v0 ?v1)))) :named a52))
(assert (! (forall ((?v0 Nat\$)) (= (unsigned\$a (fun_app\$b
(power\$ (numeral\$ (bit0\$ one\$a))) ?v0)) (ite (fun_app\$ (less\$ ?v0)
(len_of\$ type\$)) (fun_app\$a (power\$b (numeral\$a (bit0\$ one\$a))) ?v0)
zero\$))) :named a53))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$) (?v3
A_word\$)) (=> (and (fun_app\$ (less_eq\$a (fun_app\$a (plus\$ (len_of\$
type\$)) ?v0)) (fun_app\$a (plus\$ ?v1) ?v2)) (fun_app\$ (less\$ ?v1)
(len_of\$ type\$))) (= (unsigned\$a (and\$ (shiftl\$b (shiftr\$ ?v3 ?v2) ?v0)
(not\$ (mask\$ ?v1)))) zero\$))) :named a54))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$ (less\$ ?v0)
(len_of\$ type\$)) (= (unsigned\$a (fun_app\$b (power\$ (numeral\$ (bit0\$
one\$a))) ?v0)) (fun_app\$a (power\$b (numeral\$a (bit0\$ one\$a))) ?v0))))
:named a55))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a56))
(assert (! (forall ((?v0 A_word\$)) (not (= (to_bl\$ ?v0) nil\$)))
:named a57))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (=> (<= 0 ?v0) (=
(nat\$ (fun_app\$c (power\$a ?v0) ?v1)) (fun_app\$a (power\$b (nat\$ ?v0))
?v1)))) :named a58))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (not (=
(shiftr\$ ?v0 (fun_app\$a (minus\$ (len_of\$ type\$)) one\$)) zero\$a)))
:pattern ((msb\$ ?v0)))) :named a59))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$)) (=
(fun_app\$ (bit\$b (fun_app\$a (and\$a ?v0) ?v1)) ?v2) (and (fun_app\$
(bit\$b ?v0) ?v2) (fun_app\$ (bit\$b ?v1) ?v2)))) :named a60))
(assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Nat\$)) (= (fun_app\$
(bit\$a (and\$b ?v0 ?v1)) ?v2) (and (fun_app\$ (bit\$a ?v0) ?v2) (fun_app\$
(bit\$a ?v1) ?v2)))) :named a61))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=
(fun_app\$ (bit\$ (and\$ ?v0 ?v1)) ?v2) (and (fun_app\$ (bit\$ ?v0) ?v2)
(fun_app\$ (bit\$ ?v1) ?v2)))) :named a62))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (less\$ (fun_app\$a
(minus\$ (len_of\$ type\$)) (fun_app\$a suc\$ zero\$))) ?v0) (fun_app\$
(less_eq\$a (len_of\$ type\$)) ?v0))) :named a63))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (! (= (push_bit\$b
?v0 ?v1) (times\$ ?v1 (fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a)))
?v0))) :pattern ((push_bit\$b ?v0 ?v1)))) :named a64))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (! (= (push_bit\$a ?v0
?v1) (times\$a ?v1 (fun_app\$c (power\$a 2) ?v0))) :pattern ((push_bit\$a
?v0 ?v1)))) :named a65))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$a
(push_bit\$ ?v0) ?v1) (fun_app\$a (times\$b ?v1) (fun_app\$a (power\$b
(numeral\$a (bit0\$ one\$a))) ?v0))) :pattern ((fun_app\$a (push_bit\$ ?v0)
?v1)))) :named a66))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (not (less\$a
?v0 ?v1)) (less_eq\$ ?v1 ?v0))) :named a67))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (fun_app\$
(less\$ ?v0) ?v1)) (fun_app\$ (less_eq\$a ?v1) ?v0))) :named a68))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (< ?v0 ?v1))
(<= ?v1 ?v0))) :named a69))
(assert (! (forall ((?v0 A_word\$)) (not (less\$a ?v0 ?v0)))
:named a70))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$ (less\$ ?v0)
?v0))) :named a71))
(assert (! (forall ((?v0 Int)) (not (< ?v0 ?v0))) :named a72))
(assert (! (forall ((?v0 A_word\$)) (= (plus\$a ?v0 zero\$a) ?v0))
:named a73))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (plus\$ ?v0) zero\$)
?v0)) :named a74))
(assert (! (forall ((?v0 Int)) (= (+ ?v0 0) ?v0)) :named a75))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$ (bit\$b
(fun_app\$a mask\$a ?v0)) ?v1) (and (fun_app\$ (possible_bit\$b type\$c)
?v1) (fun_app\$ (less\$ ?v1) ?v0)))) :named a76))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$ (bit\$
(mask\$ ?v0)) ?v1) (and (fun_app\$ (possible_bit\$ type\$a) ?v1) (fun_app\$
(less\$ ?v1) ?v0)))) :named a77))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$ (bit\$a
(mask\$b ?v0)) ?v1) (and (fun_app\$ (possible_bit\$a type\$b) ?v1)
(fun_app\$ (less\$ ?v1) ?v0)))) :named a78))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (times\$ ?v0
?v1) (times\$ ?v1 ?v0))) :named a79))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (times\$a ?v0 ?v1)
(times\$a ?v1 ?v0))) :named a80))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a
(times\$b ?v0) ?v1) (fun_app\$a (times\$b ?v1) ?v0))) :named a81))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (less\$a ?v0
(fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a))) ?v1)) (and (fun_app\$
(less\$ ?v1) (len_of\$ type\$)) (forall ((?v2 Nat\$)) (=> (and (fun_app\$
(less_eq\$a ?v1) ?v2) (fun_app\$ (less\$ ?v2) (len_of\$ type\$))) (not
(fun_app\$ (bit\$ ?v0) ?v2))))))) :named a82))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (fun_app\$
(less\$ (fun_app\$a (times\$b (unsigned\$a ?v0)) (unsigned\$a ?v1)))
(fun_app\$a (power\$b (numeral\$a (bit0\$ one\$a))) (len_of\$ type\$))) (=
(unsigned\$a (times\$ ?v0 ?v1)) (fun_app\$a (times\$b (unsigned\$a ?v0))
(unsigned\$a ?v1))))) :named a83))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (plus\$a ?v0
?v1) (plus\$a ?v1 ?v0))) :named a84))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (fun_app\$a (plus\$
?v0) ?v1) (fun_app\$a (plus\$ ?v1) ?v0))) :named a85))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (+ ?v0 ?v1) (+ ?v1
?v0))) :named a86))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (less_eq\$a ?v0)
(fun_app\$a (minus\$ (len_of\$ type\$)) (fun_app\$a suc\$ zero\$))) (fun_app\$
(less\$ ?v0) (len_of\$ type\$)))) :named a87))
(assert (! (forall ((?v0 A_word\$)) (= (= (drop_bit\$b (fun_app\$a
(minus\$ (len_of\$ type\$)) (fun_app\$a suc\$ zero\$)) ?v0) zero\$a) (not
(fun_app\$ (bit\$ ?v0) (fun_app\$a (minus\$ (len_of\$ type\$)) (fun_app\$a
suc\$ zero\$)))))) :named a88))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (bit\$b (fun_app\$a
(shiftr\$a ?v0) ?v1)) (comp\$ (bit\$b ?v0) (plus\$ ?v1)))) :named a89))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (= (bit\$a (shiftr\$b
?v0 ?v1)) (comp\$ (bit\$a ?v0) (plus\$ ?v1)))) :named a90))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (bit\$ (shiftr\$
?v0 ?v1)) (comp\$ (bit\$ ?v0) (plus\$ ?v1)))) :named a91))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (! (= (take_bit\$a
?v0 ?v1) (and\$ ?v1 (mask\$ ?v0))) :pattern ((take_bit\$a ?v0 ?v1))))
:named a92))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (! (= (take_bit\$ ?v0
?v1) (and\$b ?v1 (mask\$b ?v0))) :pattern ((take_bit\$ ?v0 ?v1)))) :named
a93))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$a
(take_bit\$b ?v0) ?v1) (fun_app\$a (and\$a ?v1) (fun_app\$a mask\$a ?v0)))
:pattern ((fun_app\$a (take_bit\$b ?v0) ?v1)))) :named a94))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$ (less_eq\$a
(len_of\$ type\$)) ?v0) (= (fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a)))
?v0) zero\$a))) :named a95))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (unsigned\$a
(shiftr\$ ?v0 ?v1)) (fun_app\$a (divide\$ (unsigned\$a ?v0)) (fun_app\$a
(power\$b (numeral\$a (bit0\$ one\$a))) ?v1)))) :named a96))
(assert (! (forall ((?v0 A_word\$)) (= (< (unsigned\$ ?v0) 0)
false)) :named a97))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (hd\$ (to_bl\$
?v0))) :pattern ((msb\$ ?v0)))) :named a98))
(assert (! (forall ((?v0 Bool) (?v1 Bool_list\$)) (! (= (size\$
(cons\$ ?v0 ?v1)) (fun_app\$a suc\$ (size\$ ?v1))) :pattern ((cons\$ ?v0
?v1)))) :named a99))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (! (=> (fun_app\$
(less_eq\$a (len_of\$ type\$)) ?v0) (= (shiftr\$ ?v1 ?v0) zero\$a)) :pattern
((shiftr\$ ?v1 ?v0)))) :named a100))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (=> (fun_app\$
(less\$ ?v0) (len_of\$ type\$)) (less\$a (and\$ ?v1 (mask\$ ?v0)) (fun_app\$b
(power\$ (numeral\$ (bit0\$ one\$a))) ?v0)))) :named a101))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=>
(limited_and\$ ?v0 ?v1) (limited_and\$ (shiftr\$ ?v0 ?v2) (shiftr\$ ?v1
?v2)))) :named a102))
(assert (! (= bot\$ false) :named a103))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (less_eq\$
(fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a))) (fun_app\$a (minus\$
(len_of\$ type\$)) (fun_app\$a suc\$ zero\$))) ?v0)) :pattern ((msb\$ ?v0))))
:named a104))
(assert (! (forall ((?v0 Nat\$)) (! (= (mask\$ ?v0) (minus\$a
(fun_app\$b (power\$ (numeral\$ (bit0\$ one\$a))) ?v0) one\$b)) :pattern
(assert (! (forall ((?v0 Int) (?v1 Int)) (=> (<= 0 ?v0) (= (nat\$
(times\$a ?v0 ?v1)) (fun_app\$a (times\$b (nat\$ ?v0)) (nat\$ ?v1)))))
:named a106))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (= (take_bit\$a
?v0 ?v1) ?v1) (= (drop_bit\$b ?v0 ?v1) zero\$a))) :named a107))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (= (fun_app\$a
(take_bit\$b ?v0) ?v1) ?v1) (= (fun_app\$a (drop_bit\$ ?v0) ?v1) zero\$)))
:named a108))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (= (= (take_bit\$ ?v0
?v1) ?v1) (= (drop_bit\$a ?v0 ?v1) 0))) :named a109))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (=
(bin_sign\$ (signed_take_bit\$ (fun_app\$a (minus\$ (len_of\$ type\$)) one\$)
(unsigned\$ ?v0))) (- 1))) :pattern ((msb\$ ?v0)))) :named a110))
(assert (! (forall ((?v0 A_word\$)) (= (minus\$a zero\$a ?v0)
(uminus\$ ?v0))) :named a111))
(assert (! (forall ((?v0 Int)) (= (- 0 ?v0) (- ?v0))) :named
a112))
(assert (! (forall ((?v0 A_word\$)) (= (less\$a ?v0 one\$b) (= ?v0
zero\$a))) :named a113))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$ (less\$ (fun_app\$a
of_nat\$ ?v0)) zero\$))) :named a114))
(assert (! (forall ((?v0 Nat\$)) (not (< (of_nat\$a ?v0) 0)))
:named a115))
(assert (! (forall ((?v0 A_word\$)) (= (not (= ?v0 zero\$a))
(less\$a zero\$a ?v0))) :named a116))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (= (less_eq\$
?v0 ?v1) (fun_app\$ (less_eq\$a (unsigned\$a ?v0)) (unsigned\$a ?v1)))
:pattern ((less_eq\$ ?v0 ?v1)))) :named a117))
(assert (! (forall ((?v0 A_word\$)) (= (less_eq\$ ?v0 zero\$a) (=
?v0 zero\$a))) :named a118))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (=
(word_sle\$ ?v0 ?v1) (and (=> (msb\$ ?v1) (msb\$ ?v0)) (or (and (msb\$ ?v0)
(not (msb\$ ?v1))) (less_eq\$ ?v0 ?v1)))) :pattern ((word_sle\$ ?v0
?v1)))) :named a119))
(assert (! (forall ((?v0 A_word\$)) (= (times\$ zero\$a ?v0)
zero\$a)) :named a120))
(assert (! (forall ((?v0 Int)) (= (* 0 ?v0) 0)) :named a121))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (times\$b zero\$)
?v0) zero\$)) :named a122))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (= (less_eq\$
?v0 ?v1) (not (less\$a ?v1 ?v0))) :pattern ((less_eq\$ ?v0 ?v1)))) :named
a123))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (=> (fun_app\$
(less\$ ?v0) (len_of\$ type\$)) (= (fun_app\$ (nth\$ (to_bl\$ ?v1)) ?v0)
(fun_app\$ (bit\$ ?v1) (fun_app\$a (minus\$ (len_of\$ type\$)) (fun_app\$a
suc\$ ?v0)))))) :named a124))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_word\$)) (=>
(and (fun_app\$ (less_eq\$a (fun_app\$a (minus\$ (fun_app\$a (power\$b
(numeral\$a (bit0\$ one\$a))) (fun_app\$a (minus\$ (len_of\$ type\$)) ?v0)))
one\$)) ?v1) (fun_app\$ (less\$ zero\$) ?v0)) (fun_app\$ (less_eq\$a
(unsigned\$a (shiftr\$ ?v2 ?v0))) ?v1))) :named a125))
(assert (! (= (sub\$ one\$a one\$a) zero\$a) :named a126))
(assert (! (= (sub\$a one\$a one\$a) 0) :named a127))
(assert (! (forall ((?v0 Nat\$) (?v1 Int)) (= (< (drop_bit\$a ?v0
?v1) 0) (< ?v1 0))) :named a128))
(assert (! (forall ((?v0 A_word\$)) (= (plus\$a zero\$a ?v0) ?v0))
:named a129))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (plus\$ zero\$) ?v0)
?v0)) :named a130))
(assert (! (forall ((?v0 Int)) (= (+ 0 ?v0) ?v0)) :named a131))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$b (power\$ ?v0)
zero\$) one\$b) :pattern ((power\$ ?v0)))) :named a132))
(assert (! (forall ((?v0 Int)) (! (= (fun_app\$c (power\$a ?v0)
zero\$) 1) :pattern ((power\$a ?v0)))) :named a133))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$a (power\$b ?v0)
zero\$) one\$) :pattern ((power\$b ?v0)))) :named a134))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.006s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
0 < LENGTH('a)
1 = Suc 0
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
(x >> 0 = x)
∀w. nat (uint w) = unat w
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a. (a ≠ 0) = (0 < a)
LENGTH('a) ≠ 0
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - 1))
∀n. (n ≠ 0) = (0 < n)
∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
∀n. (n < 0) = False
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb x = (x < 0))
∀n. (¬ 0 < n) = (n = 0)
∀w n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
(w !! n = (n < LENGTH('a) ∧ uint w !! n))
∀n x. rev (replicate n x) = replicate n x
∀w v. LENGTH('a) = 0 ⟶ w = v
∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
∀w k n. w < k ⟶ w >> n < k
to_bl 0 = replicate LENGTH('a) False
∀a. ¬ a < 0
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀uu. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of uu = 0)
∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
∀n. possible_bit TYPE(int) n
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀a. a ≤ a
∀a. a ≤ a
∀a. a ≤ a
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
(¬ msb x ⟶ sint x = uint x)
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - Suc 0))
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀n. ¬ n < 0
∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
∀x. length (to_bl x) = LENGTH('a)
∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀xs. rev (rev xs) = xs
∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
∀n. n < n ⟶ False
∀a b. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
((a < b) = (unat a < unat b))
∀s t. s < t ⟶ s ≠ t
∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
∀n m. n < m ⟶ m ≠ n
∀m. ¬ of_nat m < 0
∀m. ¬ int m < 0
∀n x. length (replicate n x) = n
∀n. ¬ n < n
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
(size w = LENGTH('a))
∀m n. (m ≠ n) = (m < n ∨ n < m)
∀a. a - 0 = a
∀a. a - 0 = a
∀a. a - 0 = a
∀n. (0 < n) = (n ≠ 0)
∀n. of_bl (replicate n False) = 0
∀m n. m < n ⟶ n ≠ 0
SMT: Names:
sorts:
Nat\$ = nat
Num\$ = num
A_word\$ = 'a word
A_itself\$ = 'a itself
Bool_list\$ = bool list
Int_itself\$ = int itself
Nat_itself\$ = nat itself
Nat_int_fun\$ = nat ⇒ int
Nat_nat_fun\$ = nat ⇒ nat
Num0_itself\$ = 0 itself
Nat_bool_fun\$ = nat ⇒ bool
A_word_itself\$ = 'a word itself
Nat_a_word_fun\$ = nat ⇒ 'a word
functions:
r\$ = r
x\$ = x
and\$ = (&&)
bit\$ = (!!)
msb\$ = msb
nat\$ = nat
one\$ = 1
rev\$ = rev
suc\$ = Suc
bit\$a = (!!)
bit\$b = (!!)
bit0\$ = num.Bit0
less\$ = (<)
msb\$a = msb
one\$a = num.One
plus\$ = (+)
size\$ = length
type\$ = TYPE('a)
zero\$ = 0
less\$a = (<)
minus\$ = (-)
of_bl\$ = of_bl
power\$ = (^)
size\$a = size
to_bl\$ = to_bl
type\$a = TYPE('a word)
type\$b = TYPE(int)
type\$c = TYPE(nat)
zero\$a = 0
len_of\$ = len_of
minus\$a = (-)
of_nat\$ = of_nat
shiftl\$ = (<<)
shiftr\$ = (>>)
signed\$ = sint
fun_app\$ = SMT.fun_app
len_of\$a = len_of
less_eq\$ = (≤)
numeral\$ = numeral
of_nat\$a = int
shiftl\$a = (<<)
shiftr\$a = (>>)
shiftr\$b = (>>)
drop_bit\$ = drop_bit
fun_app\$a = SMT.fun_app
fun_app\$b = SMT.fun_app
fun_app\$c = SMT.fun_app
less_eq\$a = (≤)
push_bit\$ = push_bit
take_bit\$ = take_bit
unsigned\$ = uint
drop_bit\$a = drop_bit
drop_bit\$b = drop_bit
push_bit\$a = push_bit
replicate\$ = replicate
unsigned\$a = unat
unsigned\$b = UCAST('a → 'a)
possible_bit\$ = possible_bit
possible_bit\$a = possible_bit
possible_bit\$b = possible_bit
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9904
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort Num\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Bool_list\$ 0)
(declare-sort Int_itself\$ 0)
(declare-sort Nat_itself\$ 0)
(declare-sort Nat_int_fun\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort Num0_itself\$ 0)
(declare-sort Nat_bool_fun\$ 0)
(declare-sort A_word_itself\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun and\$ (A_word\$ A_word\$) A_word\$)
(declare-fun bit\$ (A_word\$) Nat_bool_fun\$)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun nat\$ (Int) Nat\$)
(declare-fun one\$ () Nat\$)
(declare-fun rev\$ (Bool_list\$) Bool_list\$)
(declare-fun suc\$ (Nat\$) Nat\$)
(declare-fun bit\$a (Int) Nat_bool_fun\$)
(declare-fun bit\$b (Nat\$) Nat_bool_fun\$)
(declare-fun bit0\$ (Num\$) Num\$)
(declare-fun less\$ (Nat\$) Nat_bool_fun\$)
(declare-fun msb\$a (Int) Bool)
(declare-fun one\$a () Num\$)
(declare-fun plus\$ (Nat\$ Nat\$) Nat\$)
(declare-fun size\$ (Bool_list\$) Nat\$)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun less\$a (A_word\$ A_word\$) Bool)
(declare-fun minus\$ (Nat\$ Nat\$) Nat\$)
(declare-fun of_bl\$ (Bool_list\$) A_word\$)
(declare-fun power\$ (A_word\$ Nat\$) A_word\$)
(declare-fun size\$a (A_word\$) Nat\$)
(declare-fun to_bl\$ (A_word\$) Bool_list\$)
(declare-fun type\$a () A_word_itself\$)
(declare-fun type\$b () Int_itself\$)
(declare-fun type\$c () Nat_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun minus\$a (A_word\$ A_word\$) A_word\$)
(declare-fun of_nat\$ (Nat\$) Nat\$)
(declare-fun shiftl\$ (A_word\$ Nat\$) A_word\$)
(declare-fun shiftr\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun signed\$ (A_word\$) Int)
(declare-fun fun_app\$ (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun len_of\$a (Num0_itself\$) Nat\$)
(declare-fun less_eq\$ (A_word\$ A_word\$) Bool)
(declare-fun numeral\$ (Num\$) A_word\$)
(declare-fun of_nat\$a (Nat\$) Int)
(declare-fun shiftl\$a (Int Nat\$) Int)
(declare-fun shiftr\$a (Int) Nat_int_fun\$)
(declare-fun shiftr\$b (Nat\$) Nat_nat_fun\$)
(declare-fun drop_bit\$ (Nat\$ Int) Int)
(declare-fun fun_app\$a (Nat_bool_fun\$ Nat\$) Bool)
(declare-fun fun_app\$b (Nat_int_fun\$ Nat\$) Int)
(declare-fun fun_app\$c (Nat_nat_fun\$ Nat\$) Nat\$)
(declare-fun less_eq\$a (Nat\$) Nat_bool_fun\$)
(declare-fun push_bit\$ (Nat\$ A_word\$) A_word\$)
(declare-fun take_bit\$ (Nat\$ Int) Int)
(declare-fun unsigned\$ (A_word\$) Int)
(declare-fun drop_bit\$a (Nat\$ Nat\$) Nat\$)
(declare-fun drop_bit\$b (Nat\$ A_word\$) A_word\$)
(declare-fun push_bit\$a (Nat\$ Int) Int)
(declare-fun replicate\$ (Nat\$ Bool) Bool_list\$)
(declare-fun unsigned\$a (A_word\$) Nat\$)
(declare-fun unsigned\$b (A_word\$) A_word\$)
(declare-fun possible_bit\$ (A_word_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$a (Int_itself\$) Nat_bool_fun\$)
(declare-fun possible_bit\$b (Nat_itself\$) Nat_bool_fun\$)
(assert (! (not (= (msb\$ (fun_app\$ (shiftr\$ x\$) r\$)) (and (= r\$
zero\$) (msb\$ x\$)))) :named a0))
(assert (! (fun_app\$a (less\$ r\$) (len_of\$ type\$)) :named a1))
(assert (! (fun_app\$a (less\$ zero\$) (len_of\$ type\$)) :named a2))
(assert (! (= one\$ (suc\$ zero\$)) :named a3))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a4))
(assert (! (forall ((?v0 A_word\$)) (= (nat\$ (unsigned\$ ?v0))
(unsigned\$a ?v0))) :named a5))
(assert (! (forall ((?v0 Int)) (! (= (fun_app\$b (shiftr\$a ?v0)
zero\$) ?v0) :pattern ((shiftr\$a ?v0)))) :named a6))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$c (shiftr\$b ?v0)
zero\$) ?v0) :pattern ((shiftr\$b ?v0)))) :named a7))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a8))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$c (shiftr\$b zero\$)
?v0) zero\$)) :named a9))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (shiftr\$a 0) ?v0)
0)) :named a10))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (shiftr\$ zero\$a)
?v0) zero\$a)) :named a11))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (possible_bit\$
type\$a) ?v0) (fun_app\$a (less\$ ?v0) (len_of\$ type\$)))) :named a12))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (fun_app\$b
(shiftr\$a ?v0) ?v1) (drop_bit\$ ?v1 ?v0)) :pattern ((fun_app\$b (shiftr\$a
?v0) ?v1)))) :named a13))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$c
(shiftr\$b ?v0) ?v1) (drop_bit\$a ?v1 ?v0)) :pattern ((fun_app\$c
(shiftr\$b ?v0) ?v1)))) :named a14))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (fun_app\$
(shiftr\$ ?v0) ?v1) (drop_bit\$b ?v1 ?v0)) :pattern ((fun_app\$ (shiftr\$
?v0) ?v1)))) :named a15))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$a (less\$ zero\$) ?v0))) :named a16))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a17))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (fun_app\$a
(bit\$ ?v0) (minus\$ (len_of\$ type\$) one\$))) :pattern ((msb\$ ?v0))))
:named a18))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$a (less\$ zero\$) ?v0))) :named a19))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (forall
((?v2 Nat\$)) (=> (fun_app\$a (less\$ ?v2) (len_of\$ type\$)) (= (fun_app\$a
(bit\$ ?v0) ?v2) (fun_app\$a (bit\$ ?v1) ?v2)))) (= ?v0 ?v1))) :named
a20))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ ?v0) zero\$)
false)) :named a21))
(assert (! (forall ((?v0 Int)) (! (= (msb\$a ?v0) (< ?v0 0))
:pattern ((msb\$a ?v0)))) :named a22))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$a (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a23))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (fun_app\$a
(bit\$ ?v0) ?v1) (and (fun_app\$a (less\$ ?v1) (len_of\$ type\$)) (fun_app\$a
(bit\$a (unsigned\$ ?v0)) ?v1))) :pattern ((fun_app\$a (bit\$ ?v0) ?v1))))
:named a24))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (rev\$ (replicate\$
?v0 ?v1)) (replicate\$ ?v0 ?v1))) :named a25))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (= (len_of\$
type\$) zero\$) (= ?v0 ?v1))) :named a26))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$) (?v2 Nat\$)) (=>
(and (= (and\$ ?v0 (mask\$ (plus\$ ?v1 ?v2))) ?v0) (fun_app\$a (less\$ ?v2)
(len_of\$ type\$))) (less\$a (fun_app\$ (shiftr\$ ?v0) ?v1) (power\$
(numeral\$ (bit0\$ one\$a)) ?v2)))) :named a27))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=>
(less\$a ?v0 ?v1) (less\$a (fun_app\$ (shiftr\$ ?v0) ?v2) ?v1))) :named
a28))
(assert (! (= (to_bl\$ zero\$a) (replicate\$ (len_of\$ type\$)
false)) :named a29))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a30))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 A_word\$))
(=> (and (less_eq\$ ?v0 ?v1) (less\$a ?v1 ?v2)) (less\$a ?v0 ?v2))) :named
a31))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$)) (=> (and
(fun_app\$a (less_eq\$a ?v0) ?v1) (fun_app\$a (less\$ ?v1) ?v2)) (fun_app\$a
(less\$ ?v0) ?v2))) :named a32))
(assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a33))
(assert (! (forall ((?v0 Num0_itself\$)) (! (= (len_of\$a ?v0)
zero\$) :pattern ((len_of\$a ?v0)))) :named a34))
(assert (! (forall ((?v0 Nat\$)) (= (= (power\$ (numeral\$ (bit0\$
one\$a)) ?v0) zero\$a) (fun_app\$a (less_eq\$a (len_of\$ type\$)) ?v0)))
:named a35))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (possible_bit\$a
type\$b) ?v0)) :named a36))
(assert (! (forall ((?v0 A_word\$)) (= (= zero\$a ?v0) (= ?v0
zero\$a))) :named a37))
(assert (! (forall ((?v0 Nat\$)) (= (= zero\$ ?v0) (= ?v0 zero\$)))
:named a38))
(assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a39))
(assert (! (forall ((?v0 A_word\$)) (less_eq\$ ?v0 ?v0)) :named
a40))
(assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a41))
(assert (! (forall ((?v0 Nat\$)) (fun_app\$a (less_eq\$a ?v0) ?v0))
:named a42))
(assert (! (forall ((?v0 A_word\$)) (! (=> (not (msb\$ ?v0)) (=
(signed\$ ?v0) (unsigned\$ ?v0))) :pattern ((signed\$ ?v0)))) :named a43))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (fun_app\$a
(bit\$ ?v0) (minus\$ (len_of\$ type\$) (suc\$ zero\$)))) :pattern ((msb\$
?v0)))) :named a44))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (not
(less_eq\$ ?v0 ?v1)) (less\$a ?v1 ?v0))) :named a45))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (fun_app\$a
(less_eq\$a ?v0) ?v1)) (fun_app\$a (less\$ ?v1) ?v0))) :named a46))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a47))
(assert (! (forall ((?v0 Nat\$)) (=> (and (=> (= ?v0 zero\$)
false) (=> (not (= ?v0 zero\$)) false)) false)) :named a48))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (shiftl\$ ?v0
?v1) (push_bit\$ ?v1 ?v0)) :pattern ((shiftl\$ ?v0 ?v1)))) :named a49))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (shiftl\$a ?v0
?v1) (push_bit\$a ?v1 ?v0)) :pattern ((shiftl\$a ?v0 ?v1)))) :named a50))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a51))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_word\$)) (=>
(and (= (power\$ (numeral\$ (bit0\$ one\$a)) (plus\$ ?v0 ?v1)) zero\$a)
(fun_app\$a (less\$ ?v1) (len_of\$ type\$))) (less\$a (fun_app\$ (shiftr\$
?v2) ?v0) (power\$ (numeral\$ (bit0\$ one\$a)) ?v1)))) :named a52))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app\$a (less\$ ?v0) ?v1) false) (=> (fun_app\$a (less\$
?v1) ?v0) false))) false)) :named a53))
(assert (! (forall ((?v0 A_word\$)) (= (size\$ (to_bl\$ ?v0))
(len_of\$ type\$))) :named a54))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (not (fun_app\$a ?v0 ?v2)) (exists ((?v3 Nat\$)) (and
(fun_app\$a (less\$ ?v3) ?v2) (not (fun_app\$a ?v0 ?v3)))))) (fun_app\$a
?v0 ?v1))) :named a55))
(assert (! (forall ((?v0 Bool_list\$)) (= (rev\$ (rev\$ ?v0)) ?v0))
:named a56))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (forall ((?v3 Nat\$)) (=> (fun_app\$a (less\$ ?v3) ?v2)
(fun_app\$a ?v0 ?v3))) (fun_app\$a ?v0 ?v2))) (fun_app\$a ?v0 ?v1)))
:named a57))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (unsigned\$
(push_bit\$ ?v0 ?v1)) (take_bit\$ (size\$a ?v1) (push_bit\$a ?v0 (unsigned\$
?v1))))) :named a58))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0) ?v0)
false)) :named a59))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (! (= (less\$a
?v0 ?v1) (fun_app\$a (less\$ (unsigned\$a ?v0)) (unsigned\$a ?v1)))
:pattern ((less\$a ?v0 ?v1)))) :named a60))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a61))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$a
(bit\$b (unsigned\$a ?v0)) ?v1) (and (fun_app\$a (possible_bit\$b type\$c)
?v1) (fun_app\$a (bit\$ ?v0) ?v1)))) :named a62))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$a
(bit\$a (unsigned\$ ?v0)) ?v1) (and (fun_app\$a (possible_bit\$a type\$b)
?v1) (fun_app\$a (bit\$ ?v0) ?v1)))) :named a63))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (fun_app\$a
(bit\$ (unsigned\$b ?v0)) ?v1) (and (fun_app\$a (possible_bit\$ type\$a)
?v1) (fun_app\$a (bit\$ ?v0) ?v1)))) :named a64))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a65))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ (of_nat\$
?v0)) zero\$))) :named a66))
(assert (! (forall ((?v0 Nat\$)) (not (< (of_nat\$a ?v0) 0)))
:named a67))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (size\$ (replicate\$
?v0 ?v1)) ?v0)) :named a68))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
?v0))) :named a69))
(assert (! (forall ((?v0 A_word\$)) (! (= (size\$a ?v0) (len_of\$
type\$)) :pattern ((size\$a ?v0)))) :named a70))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (= ?v0 ?v1))
(or (fun_app\$a (less\$ ?v0) ?v1) (fun_app\$a (less\$ ?v1) ?v0)))) :named
a71))
(assert (! (forall ((?v0 A_word\$)) (= (minus\$a ?v0 zero\$a) ?v0))
:named a72))
(assert (! (forall ((?v0 Nat\$)) (= (minus\$ ?v0 zero\$) ?v0))
:named a73))
(assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a74))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ zero\$) ?v0)
(not (= ?v0 zero\$)))) :named a75))
(assert (! (forall ((?v0 Nat\$)) (= (of_bl\$ (replicate\$ ?v0
false)) zero\$a)) :named a76))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a77))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.006s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
0 < LENGTH('a signed signed)
0 < LENGTH('a signed)
0 < LENGTH('a)
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
(x >> 0 = x)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀a. (a ≠ 0) = (0 < a)
∀n. (n ≠ 0) = (0 < n)
∀n. (n < 0) = False
∀n. (¬ 0 < n) = (n = 0)
LENGTH('a signed signed) ≠ 0
LENGTH('a signed) ≠ 0
LENGTH('a) ≠ 0
∀w v. LENGTH('a signed signed) = 0 ⟶ w = v
∀w v. LENGTH('a signed) = 0 ⟶ w = v
∀w v. LENGTH('a) = 0 ⟶ w = v
∀a. ¬ a < 0
∀uu. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of uu = 0)
∀w k n. w < k ⟶ w >> n < k
∀x. (0 = x) = (x = 0)
∀x. (0 = x) = (x = 0)
∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
∀n. n < n ⟶ False
∀s t. s < t ⟶ s ≠ t
∀n m. n < m ⟶ m ≠ n
∀n. ¬ n < n
∀m n. (m ≠ n) = (m < n ∨ n < m)
∀n. (0 < n) = (n ≠ 0)
∀m n. m < n ⟶ n ≠ 0
∀n. ¬ n < 0
∀n. (n = 0 ⟶ False) ⟶ 0 < n
∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
∀m n. m < n ⟶ n ≠ 0
∀n<0. False
∀n. ¬ n < 0
∀n. (¬ 0 < n) = (n = 0)
∀n. (n = 0 ⟶ False) ⟶ 0 < n
∀y. 0 < y ∨ 0 = y
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a signed signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0 signed signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0 signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a signed))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH('a))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of x = LENGTH(0))
¬ 0 < 0
SMT: Names:
sorts:
Nat\$ = nat
A_word\$ = 'a word
A_itself\$ = 'a itself
Nat_nat_fun\$ = nat ⇒ nat
Num0_itself\$ = 0 itself
Nat_bool_fun\$ = nat ⇒ bool
A_signed_word\$ = 'a signed word
Nat_a_word_fun\$ = nat ⇒ 'a word
A_signed_itself\$ = 'a signed itself
Num0_signed_itself\$ = 0 signed itself
A_signed_signed_word\$ = 'a signed signed word
A_signed_signed_itself\$ = 'a signed signed itself
Num0_signed_signed_itself\$ = 0 signed signed itself
A_signed_signed_signed_itself\$ = 'a signed signed signed
itself
Num0_signed_signed_signed_itself\$ = 0 signed signed signed
itself
functions:
r\$ = r
x\$ = x
msb\$ = msb
less\$ = (<)
type\$ = TYPE('a)
zero\$ = 0
less\$a = (<)
type\$a = TYPE('a signed signed)
type\$b = TYPE('a signed)
type\$c = TYPE(0 signed signed)
type\$d = TYPE(0 signed)
type\$e = TYPE(0)
zero\$a = 0
len_of\$ = len_of
shiftr\$ = (>>)
fun_app\$ = SMT.fun_app
len_of\$a = len_of
len_of\$b = len_of
len_of\$c = len_of
len_of\$d = len_of
len_of\$e = len_of
len_of\$f = len_of
len_of\$g = len_of
shiftr\$a = (>>)
fun_app\$a = SMT.fun_app
fun_app\$b = SMT.fun_app
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9892
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort Num0_itself\$ 0)
(declare-sort Nat_bool_fun\$ 0)
(declare-sort A_signed_word\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-sort A_signed_itself\$ 0)
(declare-sort Num0_signed_itself\$ 0)
(declare-sort A_signed_signed_word\$ 0)
(declare-sort A_signed_signed_itself\$ 0)
(declare-sort Num0_signed_signed_itself\$ 0)
(declare-sort A_signed_signed_signed_itself\$ 0)
(declare-sort Num0_signed_signed_signed_itself\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun less\$ (Nat\$) Nat_bool_fun\$)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun less\$a (A_word\$ A_word\$) Bool)
(declare-fun type\$a () A_signed_signed_itself\$)
(declare-fun type\$b () A_signed_itself\$)
(declare-fun type\$c () Num0_signed_signed_itself\$)
(declare-fun type\$d () Num0_signed_itself\$)
(declare-fun type\$e () Num0_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun shiftr\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun fun_app\$ (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun len_of\$a (A_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$b (A_signed_itself\$) Nat\$)
(declare-fun len_of\$c (Num0_itself\$) Nat\$)
(declare-fun len_of\$d (A_signed_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$e (Num0_signed_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$f (Num0_signed_signed_itself\$) Nat\$)
(declare-fun len_of\$g (Num0_signed_itself\$) Nat\$)
(declare-fun shiftr\$a (Nat\$) Nat_nat_fun\$)
(declare-fun fun_app\$a (Nat_bool_fun\$ Nat\$) Bool)
(declare-fun fun_app\$b (Nat_nat_fun\$ Nat\$) Nat\$)
(assert (! (not (= (msb\$ (fun_app\$ (shiftr\$ x\$) r\$)) (and (= r\$
zero\$) (msb\$ x\$)))) :named a0))
(assert (! (fun_app\$a (less\$ r\$) (len_of\$ type\$)) :named a1))
(assert (! (fun_app\$a (less\$ zero\$) (len_of\$a type\$a)) :named
a2))
(assert (! (fun_app\$a (less\$ zero\$) (len_of\$b type\$b)) :named
a3))
(assert (! (fun_app\$a (less\$ zero\$) (len_of\$ type\$)) :named a4))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a5))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (shiftr\$a ?v0)
zero\$) ?v0) :pattern ((shiftr\$a ?v0)))) :named a6))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a7))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (shiftr\$a zero\$)
?v0) zero\$)) :named a8))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (shiftr\$ zero\$a)
?v0) zero\$a)) :named a9))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$a (less\$ zero\$) ?v0))) :named a10))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$))
(fun_app\$a (less\$ zero\$) ?v0))) :named a11))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ ?v0) zero\$)
false)) :named a12))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$a (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a13))
(assert (! (not (= (len_of\$a type\$a) zero\$)) :named a14))
(assert (! (not (= (len_of\$b type\$b) zero\$)) :named a15))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a16))
(assert (! (forall ((?v0 A_signed_signed_word\$) (?v1
A_signed_signed_word\$)) (=> (= (len_of\$a type\$a) zero\$) (= ?v0 ?v1)))
:named a17))
(assert (! (forall ((?v0 A_signed_word\$) (?v1 A_signed_word\$))
(=> (= (len_of\$b type\$b) zero\$) (= ?v0 ?v1))) :named a18))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (= (len_of\$
type\$) zero\$) (= ?v0 ?v1))) :named a19))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a20))
(assert (! (forall ((?v0 Num0_itself\$)) (! (= (len_of\$c ?v0)
zero\$) :pattern ((len_of\$c ?v0)))) :named a21))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 Nat\$)) (=>
(less\$a ?v0 ?v1) (less\$a (fun_app\$ (shiftr\$ ?v0) ?v2) ?v1))) :named
a22))
(assert (! (forall ((?v0 A_word\$)) (= (= zero\$a ?v0) (= ?v0
zero\$a))) :named a23))
(assert (! (forall ((?v0 Nat\$)) (= (= zero\$ ?v0) (= ?v0 zero\$)))
:named a24))
(assert (! (forall ((?v0 Nat\$)) (=> (and (=> (= ?v0 zero\$)
false) (=> (not (= ?v0 zero\$)) false)) false)) :named a25))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app\$a (less\$ ?v0) ?v1) false) (=> (fun_app\$a (less\$
?v1) ?v0) false))) false)) :named a26))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (not (fun_app\$a ?v0 ?v2)) (exists ((?v3 Nat\$)) (and
(fun_app\$a (less\$ ?v3) ?v2) (not (fun_app\$a ?v0 ?v3)))))) (fun_app\$a
?v0 ?v1))) :named a27))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (forall
((?v2 Nat\$)) (=> (forall ((?v3 Nat\$)) (=> (fun_app\$a (less\$ ?v3) ?v2)
(fun_app\$a ?v0 ?v3))) (fun_app\$a ?v0 ?v2))) (fun_app\$a ?v0 ?v1)))
:named a28))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0) ?v0)
false)) :named a29))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a30))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a31))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
?v0))) :named a32))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (= ?v0 ?v1))
(or (fun_app\$a (less\$ ?v0) ?v1) (fun_app\$a (less\$ ?v1) ?v0)))) :named
a33))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (less\$ zero\$) ?v0)
(not (= ?v0 zero\$)))) :named a34))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a35))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a36))
(assert (! (forall ((?v0 Nat\$)) (=> (=> (= ?v0 zero\$) false)
(fun_app\$a (less\$ zero\$) ?v0))) :named a37))
(assert (! (forall ((?v0 Nat_bool_fun\$) (?v1 Nat\$)) (=> (and
(fun_app\$a ?v0 zero\$) (forall ((?v2 Nat\$)) (=> (and (fun_app\$a (less\$
zero\$) ?v2) (not (fun_app\$a ?v0 ?v2))) (exists ((?v3 Nat\$)) (and
(fun_app\$a (less\$ ?v3) ?v2) (not (fun_app\$a ?v0 ?v3))))))) (fun_app\$a
?v0 ?v1))) :named a38))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (=> (fun_app\$a (less\$
?v0) ?v1) (not (= ?v1 zero\$)))) :named a39))
(assert (! (forall ((?v0 Nat\$)) (=> (fun_app\$a (less\$ ?v0)
zero\$) false)) :named a40))
(assert (! (forall ((?v0 Nat\$)) (not (fun_app\$a (less\$ ?v0)
zero\$))) :named a41))
(assert (! (forall ((?v0 Nat\$)) (= (not (fun_app\$a (less\$ zero\$)
?v0)) (= ?v0 zero\$))) :named a42))
(assert (! (forall ((?v0 Nat\$)) (=> (=> (= ?v0 zero\$) false)
(fun_app\$a (less\$ zero\$) ?v0))) :named a43))
(assert (! (forall ((?v0 Nat\$)) (or (fun_app\$a (less\$ zero\$)
?v0) (= zero\$ ?v0))) :named a44))
(assert (! (forall ((?v0 A_signed_signed_signed_itself\$)) (! (=
(len_of\$d ?v0) (len_of\$a type\$a)) :pattern ((len_of\$d ?v0)))) :named
a45))
(assert (! (forall ((?v0 Num0_signed_signed_signed_itself\$)) (!
(= (len_of\$e ?v0) (len_of\$f type\$c)) :pattern ((len_of\$e ?v0)))) :named
a46))
(assert (! (forall ((?v0 Num0_signed_signed_itself\$)) (! (=
(len_of\$f ?v0) (len_of\$g type\$d)) :pattern ((len_of\$f ?v0)))) :named
a47))
(assert (! (forall ((?v0 A_signed_signed_itself\$)) (! (=
(len_of\$a ?v0) (len_of\$b type\$b)) :pattern ((len_of\$a ?v0)))) :named
a48))
(assert (! (forall ((?v0 A_signed_itself\$)) (! (= (len_of\$b ?v0)
(len_of\$ type\$)) :pattern ((len_of\$b ?v0)))) :named a49))
(assert (! (forall ((?v0 Num0_signed_itself\$)) (! (= (len_of\$g
?v0) (len_of\$c type\$e)) :pattern ((len_of\$g ?v0)))) :named a50))
(assert (! (not (fun_app\$a (less\$ zero\$) zero\$)) :named a51))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.007s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
1 = Suc 0
0 < LENGTH('a)
∀w. nat (uint w) = unat w
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - 1))
∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb x = (x < 0))
∀w n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
(w !! n = (n < LENGTH('a) ∧ uint w !! n))
∀n x. rev (replicate n x) = replicate n x
∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
to_bl 0 = replicate LENGTH('a) False
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀x y z. x ≤ y ∧ y < z ⟶ x < z
∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
∀n. possible_bit TYPE(int) n
∀a. a ≤ a
∀a. a ≤ a
∀a. a ≤ a
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - Suc 0))
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀x y. (¬ x ≤ y) = (y < x)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a << n = push_bit n a)
∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
∀x. length (to_bl x) = LENGTH('a)
∀xs. rev (rev xs) = xs
∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
(¬ msb x ⟶ sint x = uint x)
∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
∀n x. length (replicate n x) = n
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
(size w = LENGTH('a))
∀a. a - 0 = a
∀a. a - 0 = a
∀a. a - 0 = a
SMT: Names:
sorts:
Nat\$ = nat
Num\$ = num
A_word\$ = 'a word
A_itself\$ = 'a itself
Bool_list\$ = bool list
Int_itself\$ = int itself
Nat_itself\$ = nat itself
A_word_itself\$ = 'a word itself
functions:
r\$ = r
x\$ = x
and\$ = (&&)
bit\$ = (!!)
msb\$ = msb
nat\$ = nat
one\$ = 1
rev\$ = rev
suc\$ = Suc
bit\$a = (!!)
bit\$b = (!!)
bit0\$ = num.Bit0
less\$ = (<)
msb\$a = msb
one\$a = num.One
plus\$ = (+)
size\$ = length
type\$ = TYPE('a)
zero\$ = 0
less\$a = (<)
minus\$ = (-)
power\$ = (^)
size\$a = size
to_bl\$ = to_bl
type\$a = TYPE('a word)
type\$b = TYPE(int)
type\$c = TYPE(nat)
zero\$a = 0
len_of\$ = len_of
minus\$a = (-)
shiftl\$ = (<<)
shiftr\$ = (>>)
signed\$ = sint
less_eq\$ = (≤)
numeral\$ = numeral
shiftl\$a = (<<)
drop_bit\$ = drop_bit
less_eq\$a = (≤)
push_bit\$ = push_bit
take_bit\$ = take_bit
unsigned\$ = uint
push_bit\$a = push_bit
replicate\$ = replicate
unsigned\$a = unat
unsigned\$b = UCAST('a → 'a)
possible_bit\$ = possible_bit
possible_bit\$a = possible_bit
possible_bit\$b = possible_bit
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9885
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort Num\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Bool_list\$ 0)
(declare-sort Int_itself\$ 0)
(declare-sort Nat_itself\$ 0)
(declare-sort A_word_itself\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun and\$ (A_word\$ A_word\$) A_word\$)
(declare-fun bit\$ (A_word\$ Nat\$) Bool)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun nat\$ (Int) Nat\$)
(declare-fun one\$ () Nat\$)
(declare-fun rev\$ (Bool_list\$) Bool_list\$)
(declare-fun suc\$ (Nat\$) Nat\$)
(declare-fun bit\$a (Int Nat\$) Bool)
(declare-fun bit\$b (Nat\$ Nat\$) Bool)
(declare-fun bit0\$ (Num\$) Num\$)
(declare-fun less\$ (Nat\$ Nat\$) Bool)
(declare-fun msb\$a (Int) Bool)
(declare-fun one\$a () Num\$)
(declare-fun plus\$ (Nat\$ Nat\$) Nat\$)
(declare-fun size\$ (Bool_list\$) Nat\$)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun less\$a (A_word\$ A_word\$) Bool)
(declare-fun minus\$ (Nat\$ Nat\$) Nat\$)
(declare-fun power\$ (A_word\$ Nat\$) A_word\$)
(declare-fun size\$a (A_word\$) Nat\$)
(declare-fun to_bl\$ (A_word\$) Bool_list\$)
(declare-fun type\$a () A_word_itself\$)
(declare-fun type\$b () Int_itself\$)
(declare-fun type\$c () Nat_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun minus\$a (A_word\$ A_word\$) A_word\$)
(declare-fun shiftl\$ (A_word\$ Nat\$) A_word\$)
(declare-fun shiftr\$ (A_word\$ Nat\$) A_word\$)
(declare-fun signed\$ (A_word\$) Int)
(declare-fun less_eq\$ (A_word\$ A_word\$) Bool)
(declare-fun numeral\$ (Num\$) A_word\$)
(declare-fun shiftl\$a (Int Nat\$) Int)
(declare-fun drop_bit\$ (Nat\$ A_word\$) A_word\$)
(declare-fun less_eq\$a (Nat\$ Nat\$) Bool)
(declare-fun push_bit\$ (Nat\$ A_word\$) A_word\$)
(declare-fun take_bit\$ (Nat\$ Int) Int)
(declare-fun unsigned\$ (A_word\$) Int)
(declare-fun push_bit\$a (Nat\$ Int) Int)
(declare-fun replicate\$ (Nat\$ Bool) Bool_list\$)
(declare-fun unsigned\$a (A_word\$) Nat\$)
(declare-fun unsigned\$b (A_word\$) A_word\$)
(declare-fun possible_bit\$ (A_word_itself\$ Nat\$) Bool)
(declare-fun possible_bit\$a (Int_itself\$ Nat\$) Bool)
(declare-fun possible_bit\$b (Nat_itself\$ Nat\$) Bool)
(assert (! (not (= (msb\$ (shiftr\$ x\$ r\$)) (and (= r\$ zero\$)
(msb\$ x\$)))) :named a0))
(assert (! (less\$ r\$ (len_of\$ type\$)) :named a1))
(assert (! (= one\$ (suc\$ zero\$)) :named a2))
(assert (! (less\$ zero\$ (len_of\$ type\$)) :named a3))
(assert (! (forall ((?v0 A_word\$)) (= (nat\$ (unsigned\$ ?v0))
(unsigned\$a ?v0))) :named a4))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (shiftr\$ ?v0
?v1) (drop_bit\$ ?v1 ?v0)) :pattern ((shiftr\$ ?v0 ?v1)))) :named a5))
(assert (! (forall ((?v0 Nat\$)) (= (possible_bit\$ type\$a ?v0)
(less\$ ?v0 (len_of\$ type\$)))) :named a6))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (bit\$ ?v0
(minus\$ (len_of\$ type\$) one\$))) :pattern ((msb\$ ?v0)))) :named a7))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (forall
((?v2 Nat\$)) (=> (less\$ ?v2 (len_of\$ type\$)) (= (bit\$ ?v0 ?v2) (bit\$
?v1 ?v2)))) (= ?v0 ?v1))) :named a8))
(assert (! (forall ((?v0 Int)) (! (= (msb\$a ?v0) (< ?v0 0))
:pattern ((msb\$a ?v0)))) :named a9))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (bit\$ ?v0
?v1) (and (less\$ ?v1 (len_of\$ type\$)) (bit\$a (unsigned\$ ?v0) ?v1)))
:pattern ((bit\$ ?v0 ?v1)))) :named a10))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (rev\$ (replicate\$
?v0 ?v1)) (replicate\$ ?v0 ?v1))) :named a11))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$) (?v2 Nat\$)) (=>
(and (= (and\$ ?v0 (mask\$ (plus\$ ?v1 ?v2))) ?v0) (less\$ ?v2 (len_of\$
type\$))) (less\$a (shiftr\$ ?v0 ?v1) (power\$ (numeral\$ (bit0\$ one\$a))
?v2)))) :named a12))
(assert (! (= (to_bl\$ zero\$a) (replicate\$ (len_of\$ type\$)
false)) :named a13))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$) (?v2 A_word\$))
(=> (and (less_eq\$ ?v0 ?v1) (less\$a ?v1 ?v2)) (less\$a ?v0 ?v2))) :named
a14))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 Nat\$)) (=> (and
(less_eq\$a ?v0 ?v1) (less\$ ?v1 ?v2)) (less\$ ?v0 ?v2))) :named a15))
(assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a16))
(assert (! (forall ((?v0 Nat\$)) (= (= (power\$ (numeral\$ (bit0\$
one\$a)) ?v0) zero\$a) (less_eq\$a (len_of\$ type\$) ?v0))) :named a17))
(assert (! (forall ((?v0 Nat\$)) (possible_bit\$a type\$b ?v0))
:named a18))
(assert (! (forall ((?v0 A_word\$)) (less_eq\$ ?v0 ?v0)) :named
a19))
(assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a20))
(assert (! (forall ((?v0 Nat\$)) (less_eq\$a ?v0 ?v0)) :named
a21))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (bit\$ ?v0
(minus\$ (len_of\$ type\$) (suc\$ zero\$)))) :pattern ((msb\$ ?v0)))) :named
a22))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (= (not
(less_eq\$ ?v0 ?v1)) (less\$a ?v1 ?v0))) :named a23))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (= (not (less_eq\$a
?v0 ?v1)) (less\$ ?v1 ?v0))) :named a24))
(assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a25))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (shiftl\$ ?v0
?v1) (push_bit\$ ?v1 ?v0)) :pattern ((shiftl\$ ?v0 ?v1)))) :named a26))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (shiftl\$a ?v0
?v1) (push_bit\$a ?v1 ?v0)) :pattern ((shiftl\$a ?v0 ?v1)))) :named a27))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$) (?v2 A_word\$)) (=>
(and (= (power\$ (numeral\$ (bit0\$ one\$a)) (plus\$ ?v0 ?v1)) zero\$a)
(less\$ ?v1 (len_of\$ type\$))) (less\$a (shiftr\$ ?v2 ?v0) (power\$
(numeral\$ (bit0\$ one\$a)) ?v1)))) :named a28))
(assert (! (forall ((?v0 A_word\$)) (= (size\$ (to_bl\$ ?v0))
(len_of\$ type\$))) :named a29))
(assert (! (forall ((?v0 Bool_list\$)) (= (rev\$ (rev\$ ?v0)) ?v0))
:named a30))
(assert (! (forall ((?v0 Nat\$) (?v1 A_word\$)) (= (unsigned\$
(push_bit\$ ?v0 ?v1)) (take_bit\$ (size\$a ?v1) (push_bit\$a ?v0 (unsigned\$
?v1))))) :named a31))
(assert (! (forall ((?v0 A_word\$)) (! (=> (not (msb\$ ?v0)) (=
(signed\$ ?v0) (unsigned\$ ?v0))) :pattern ((signed\$ ?v0)))) :named a32))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (bit\$b
(unsigned\$a ?v0) ?v1) (and (possible_bit\$b type\$c ?v1) (bit\$ ?v0
?v1)))) :named a33))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (bit\$a
(unsigned\$ ?v0) ?v1) (and (possible_bit\$a type\$b ?v1) (bit\$ ?v0 ?v1))))
:named a34))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (= (bit\$
(unsigned\$b ?v0) ?v1) (and (possible_bit\$ type\$a ?v1) (bit\$ ?v0 ?v1))))
:named a35))
(assert (! (forall ((?v0 Nat\$) (?v1 Bool)) (= (size\$ (replicate\$
?v0 ?v1)) ?v0)) :named a36))
(assert (! (forall ((?v0 A_word\$)) (! (= (size\$a ?v0) (len_of\$
type\$)) :pattern ((size\$a ?v0)))) :named a37))
(assert (! (forall ((?v0 A_word\$)) (= (minus\$a ?v0 zero\$a) ?v0))
:named a38))
(assert (! (forall ((?v0 Nat\$)) (= (minus\$ ?v0 zero\$) ?v0))
:named a39))
(assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a40))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.007s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
0 < LENGTH('a)
1 = Suc 0
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
(x >> 0 = x)
∀w. nat (uint w) = unat w
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> n = drop_bit n a)
∀a. (a ≠ 0) = (0 < a)
LENGTH('a) ≠ 0
∀w. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb w = w !! (LENGTH('a) - 1))
∀n. (n ≠ 0) = (0 < n)
∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
∀n. (n < 0) = False
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
(msb x = (x < 0))
∀n. (¬ 0 < n) = (n = 0)
∀w n. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
(w !! n = (n < LENGTH('a) ∧ uint w !! n))
∀w v. LENGTH('a) = 0 ⟶ w = v
SMT: Names:
sorts:
Nat\$ = nat
A_word\$ = 'a word
A_itself\$ = 'a itself
Nat_int_fun\$ = nat ⇒ int
Nat_nat_fun\$ = nat ⇒ nat
A_word_itself\$ = 'a word itself
Nat_a_word_fun\$ = nat ⇒ 'a word
functions:
r\$ = r
x\$ = x
bit\$ = (!!)
msb\$ = msb
nat\$ = nat
one\$ = 1
suc\$ = Suc
bit\$a = (!!)
less\$ = (<)
msb\$a = msb
type\$ = TYPE('a)
zero\$ = 0
minus\$ = (-)
type\$a = TYPE('a word)
zero\$a = 0
len_of\$ = len_of
shiftr\$ = (>>)
fun_app\$ = SMT.fun_app
shiftr\$a = (>>)
shiftr\$b = (>>)
drop_bit\$ = drop_bit
fun_app\$a = SMT.fun_app
fun_app\$b = SMT.fun_app
unsigned\$ = uint
drop_bit\$a = drop_bit
drop_bit\$b = drop_bit
unsigned\$a = unat
possible_bit\$ = possible_bit
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9877
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Nat_int_fun\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort A_word_itself\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun bit\$ (A_word\$ Nat\$) Bool)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun nat\$ (Int) Nat\$)
(declare-fun one\$ () Nat\$)
(declare-fun suc\$ (Nat\$) Nat\$)
(declare-fun bit\$a (Int Nat\$) Bool)
(declare-fun less\$ (Nat\$ Nat\$) Bool)
(declare-fun msb\$a (Int) Bool)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun minus\$ (Nat\$ Nat\$) Nat\$)
(declare-fun type\$a () A_word_itself\$)
(declare-fun zero\$a () A_word\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun shiftr\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun fun_app\$ (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun shiftr\$a (Int) Nat_int_fun\$)
(declare-fun shiftr\$b (Nat\$) Nat_nat_fun\$)
(declare-fun drop_bit\$ (Nat\$ Int) Int)
(declare-fun fun_app\$a (Nat_int_fun\$ Nat\$) Int)
(declare-fun fun_app\$b (Nat_nat_fun\$ Nat\$) Nat\$)
(declare-fun unsigned\$ (A_word\$) Int)
(declare-fun drop_bit\$a (Nat\$ Nat\$) Nat\$)
(declare-fun drop_bit\$b (Nat\$ A_word\$) A_word\$)
(declare-fun unsigned\$a (A_word\$) Nat\$)
(declare-fun possible_bit\$ (A_word_itself\$ Nat\$) Bool)
(assert (! (not (= (msb\$ (fun_app\$ (shiftr\$ x\$) r\$)) (and (= r\$
zero\$) (msb\$ x\$)))) :named a0))
(assert (! (less\$ r\$ (len_of\$ type\$)) :named a1))
(assert (! (less\$ zero\$ (len_of\$ type\$)) :named a2))
(assert (! (= one\$ (suc\$ zero\$)) :named a3))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a4))
(assert (! (forall ((?v0 A_word\$)) (= (nat\$ (unsigned\$ ?v0))
(unsigned\$a ?v0))) :named a5))
(assert (! (forall ((?v0 Int)) (! (= (fun_app\$a (shiftr\$a ?v0)
zero\$) ?v0) :pattern ((shiftr\$a ?v0)))) :named a6))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$b (shiftr\$b ?v0)
zero\$) ?v0) :pattern ((shiftr\$b ?v0)))) :named a7))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a8))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$b (shiftr\$b zero\$)
?v0) zero\$)) :named a9))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (shiftr\$a 0) ?v0)
0)) :named a10))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (shiftr\$ zero\$a)
?v0) zero\$a)) :named a11))
(assert (! (forall ((?v0 Nat\$)) (= (possible_bit\$ type\$a ?v0)
(less\$ ?v0 (len_of\$ type\$)))) :named a12))
(assert (! (forall ((?v0 Int) (?v1 Nat\$)) (! (= (fun_app\$a
(shiftr\$a ?v0) ?v1) (drop_bit\$ ?v1 ?v0)) :pattern ((fun_app\$a (shiftr\$a
?v0) ?v1)))) :named a13))
(assert (! (forall ((?v0 Nat\$) (?v1 Nat\$)) (! (= (fun_app\$b
(shiftr\$b ?v0) ?v1) (drop_bit\$a ?v1 ?v0)) :pattern ((fun_app\$b
(shiftr\$b ?v0) ?v1)))) :named a14))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (fun_app\$
(shiftr\$ ?v0) ?v1) (drop_bit\$b ?v1 ?v0)) :pattern ((fun_app\$ (shiftr\$
?v0) ?v1)))) :named a15))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$)) (less\$
zero\$ ?v0))) :named a16))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a17))
(assert (! (forall ((?v0 A_word\$)) (! (= (msb\$ ?v0) (bit\$ ?v0
(minus\$ (len_of\$ type\$) one\$))) :pattern ((msb\$ ?v0)))) :named a18))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$)) (less\$
zero\$ ?v0))) :named a19))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (forall
((?v2 Nat\$)) (=> (less\$ ?v2 (len_of\$ type\$)) (= (bit\$ ?v0 ?v2) (bit\$
?v1 ?v2)))) (= ?v0 ?v1))) :named a20))
(assert (! (forall ((?v0 Nat\$)) (= (less\$ ?v0 zero\$) false))
:named a21))
(assert (! (forall ((?v0 Int)) (! (= (msb\$a ?v0) (< ?v0 0))
:pattern ((msb\$a ?v0)))) :named a22))
(assert (! (forall ((?v0 Nat\$)) (= (not (less\$ zero\$ ?v0)) (=
?v0 zero\$))) :named a23))
(assert (! (forall ((?v0 A_word\$) (?v1 Nat\$)) (! (= (bit\$ ?v0
?v1) (and (less\$ ?v1 (len_of\$ type\$)) (bit\$a (unsigned\$ ?v0) ?v1)))
:pattern ((bit\$ ?v0 ?v1)))) :named a24))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (= (len_of\$
type\$) zero\$) (= ?v0 ?v1))) :named a25))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.006s
SMT: Assertions:
msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
r < LENGTH('a)
0 < LENGTH('a)
∀x. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
(x >> 0 = x)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀a. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
(a >> 0 = a)
∀n. 0 >> n = 0
∀n. 0 >> n = 0
∀a. (a ≠ 0) = (0 < a)
∀n. (n ≠ 0) = (0 < n)
∀n. (n < 0) = False
∀n. (¬ 0 < n) = (n = 0)
LENGTH('a) ≠ 0
∀w v. LENGTH('a) = 0 ⟶ w = v
∀a. ¬ a < 0
∀uu. SMT.trigger
(SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
(len_of uu = 0)
SMT: Names:
sorts:
Nat\$ = nat
A_word\$ = 'a word
A_itself\$ = 'a itself
Nat_nat_fun\$ = nat ⇒ nat
Num0_itself\$ = 0 itself
Nat_a_word_fun\$ = nat ⇒ 'a word
functions:
r\$ = r
x\$ = x
msb\$ = msb
less\$ = (<)
type\$ = TYPE('a)
zero\$ = 0
zero\$a = 0
len_of\$ = len_of
shiftr\$ = (>>)
fun_app\$ = SMT.fun_app
len_of\$a = len_of
shiftr\$a = (>>)
fun_app\$a = SMT.fun_app
SMT: Problem:
; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=29646
(set-option :produce-proofs true)
(declare-sort Nat\$ 0)
(declare-sort A_word\$ 0)
(declare-sort A_itself\$ 0)
(declare-sort Nat_nat_fun\$ 0)
(declare-sort Num0_itself\$ 0)
(declare-sort Nat_a_word_fun\$ 0)
(declare-fun r\$ () Nat\$)
(declare-fun x\$ () A_word\$)
(declare-fun msb\$ (A_word\$) Bool)
(declare-fun less\$ (Nat\$ Nat\$) Bool)
(declare-fun type\$ () A_itself\$)
(declare-fun zero\$ () Nat\$)
(declare-fun zero\$a () A_word\$)
(declare-fun len_of\$ (A_itself\$) Nat\$)
(declare-fun shiftr\$ (A_word\$) Nat_a_word_fun\$)
(declare-fun fun_app\$ (Nat_a_word_fun\$ Nat\$) A_word\$)
(declare-fun len_of\$a (Num0_itself\$) Nat\$)
(declare-fun shiftr\$a (Nat\$) Nat_nat_fun\$)
(declare-fun fun_app\$a (Nat_nat_fun\$ Nat\$) Nat\$)
(assert (! (not (= (msb\$ (fun_app\$ (shiftr\$ x\$) r\$)) (and (= r\$
zero\$) (msb\$ x\$)))) :named a0))
(assert (! (less\$ r\$ (len_of\$ type\$)) :named a1))
(assert (! (less\$ zero\$ (len_of\$ type\$)) :named a2))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a3))
(assert (! (forall ((?v0 Nat\$)) (! (= (fun_app\$a (shiftr\$a ?v0)
zero\$) ?v0) :pattern ((shiftr\$a ?v0)))) :named a4))
(assert (! (forall ((?v0 A_word\$)) (! (= (fun_app\$ (shiftr\$ ?v0)
zero\$) ?v0) :pattern ((shiftr\$ ?v0)))) :named a5))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$a (shiftr\$a zero\$)
?v0) zero\$)) :named a6))
(assert (! (forall ((?v0 Nat\$)) (= (fun_app\$ (shiftr\$ zero\$a)
?v0) zero\$a)) :named a7))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$)) (less\$
zero\$ ?v0))) :named a8))
(assert (! (forall ((?v0 Nat\$)) (= (not (= ?v0 zero\$)) (less\$
zero\$ ?v0))) :named a9))
(assert (! (forall ((?v0 Nat\$)) (= (less\$ ?v0 zero\$) false))
:named a10))
(assert (! (forall ((?v0 Nat\$)) (= (not (less\$ zero\$ ?v0)) (=
?v0 zero\$))) :named a11))
(assert (! (not (= (len_of\$ type\$) zero\$)) :named a12))
(assert (! (forall ((?v0 A_word\$) (?v1 A_word\$)) (=> (= (len_of\$
type\$) zero\$) (= ?v0 ?v1))) :named a13))
(assert (! (forall ((?v0 Nat\$)) (not (less\$ ?v0 zero\$))) :named
a14))
(assert (! (forall ((?v0 Num0_itself\$)) (! (= (len_of\$a ?v0)
zero\$) :pattern ((len_of\$a ?v0)))) :named a15))
(check-sat)
(get-proof)

SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
(error "set-logic not issued")
SMT: Time:
0.006s
"verit": Prover error:
Solver "verit" failed -- enable tracing using the "smt_trace" option
for details

›

oops

>
>
> Mathias
>
>
> On 14/11/2021 13:54, Peter Lammich wrote:
> > I get a lot of verit errors from sledgehammer.
> >
> > "verit": Prover error:
> > Solver "verit" failed -- enable tracing using the "smt_trace"
> > option
> > for details
> >
> > And there is no smt_trace option to sledgehammer, at least
> > sledgehammer
> > [smt_trace] tells me so, and the sledgehammer manual does not
> > contain
> > the string smt_trace!
> >
> > --
> >    Peter
> >
> >
> > On Fri, 2021-11-12 at 21:26 +0100, Makarius wrote:
> > > Dear Isabelle users,
> > >
> > > please see https://isabelle.sketis.net/website-Isabelle2021-1-RC3
> > >  and
> > > https://isabelle-dev.sketis.net/phame/post/view/53/release_candidates_for_isabelle2021-1
> > > for further progress on the release process.
> > >
> > > There is now a proper download for Linux (ARM), and the "isabelle
> > > build_docker" tools works for it (relevant on Apple M1 hardware).
> > >
> > > This is also the fork-point of the isabelle-dev repository, which
> > > continues
> > > for the time after this release:
> > > https://isabelle.sketis.net/repos/isabelle/rev/4f1c1c7eb95f
> > >
> > >
> > > Reminder: Any feedback about release candidates should be posted
> > > with
> > > a meaningful
> > > Subject (not just a clone of the announcement).
> > >
> > > We have approx. 4 weeks left until final lift-off: afterwards
> > > there
> > > will be no
> > > more changes on this line.
> > >
> > >
> > > 	Makarius
> > >

```

This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.