Re: [isabelle] Isabelle2021-1-RC3: verit errors



Hi Mathias.

On Mon, 2021-11-15 at 13:25 +0100, Mathias Fleury wrote:
> 
> supply [[smt_trace]]

Thanks.

> 
> 
> Do you have any example with a failure?

Here you go.

--
Peter


theory Scratch
imports Main "Word_Lib.Word_Lib_Sumo"
begin


lemma msb_shiftr_word [simp]: 
  "r < LENGTH('a) ⟹ msb ((x :: 'a :: {len} word) >> r) ⟷ ((r = 0 ∧ msb
x))"
  supply [[smt_trace]]
  sledgehammer [provers=verit]
  
  ⌦‹
Sledgehammering... 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       0 < LENGTH('a signed)
       0 < LENGTH('a)
       1 = Suc 0
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (x >> 0 = x)
       ∀w. nat (uint w) = unat w
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀m. possible_bit TYPE('a signed word) m = (m < LENGTH('a
signed))
       ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a. (a ≠ 0) = (0 < a)
       LENGTH('a signed) ≠ 0
       LENGTH('a) ≠ 0
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a signed) - 1))
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - 1))
       ∀n. (n ≠ 0) = (0 < n)
       ∀a b. (∀n<LENGTH('a signed). a !! n = b !! n) ⟶ a = b
       ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
       ∀n. (n < 0) = False
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb x = (x < 0))
       ∀n. (¬ 0 < n) = (n = 0)
       ∀w n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (w !! n = (n < LENGTH('a signed) ∧ uint w !! n))
       ∀w n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (w !! n = (n < LENGTH('a) ∧ uint w !! n))
       ∀n x. rev (replicate n x) = replicate n x
       ∀w v. LENGTH('a signed) = 0 ⟶ w = v
       ∀w v. LENGTH('a) = 0 ⟶ w = v
       ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a signed) ⟶ x >> n <
2 ^ m
       ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       ∀w k n. w < k ⟶ w >> n < k
       to_bl 0 = replicate LENGTH('a signed) False
       to_bl 0 = replicate LENGTH('a) False
       ∀a. ¬ a < 0
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀uu. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of uu = 0)
       ∀n. (2 ^ n = 0) = (LENGTH('a signed) ≤ n)
       ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
       ∀n. possible_bit TYPE(int) n
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (¬ msb x ⟶ sint x = uint x)
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a signed) - Suc 0))
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - Suc 0))
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀n. ¬ n < 0
       ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a signed) ⟶ x >> n < 2 ^ m
       ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
       ∀x. length (to_bl x) = LENGTH('a signed)
       ∀x. length (to_bl x) = LENGTH('a)
       ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
       ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
       ∀n. n < n ⟶ False
       ∀a b. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((a < b) = (unat a < unat b))
       ∀s t. s < t ⟶ s ≠ t
       ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
       ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
       ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
       ∀n m. n < m ⟶ m ≠ n
       ∀m. ¬ of_nat m < 0
       ∀m. ¬ int m < 0
       ∀n x. length (replicate n x) = n
       ∀n. ¬ n < n
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (size w = LENGTH('a signed))
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (size w = LENGTH('a))
       ∀m n. (m ≠ n) = (m < n ∨ n < m)
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀n. (0 < n) = (n ≠ 0)
       ∀n. of_bl (replicate n False) = 0
       ∀m n. m < n ⟶ n ≠ 0
       ∀f g x.
          SMT.trigger
           (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((f ∘ g) x))
SMT.Symb_Nil) SMT.Symb_Nil)
           ((f ∘ g) x = f (g x))
       ∀w n. w !! n ⟶ n < LENGTH('a signed)
       ∀w n. w !! n ⟶ n < LENGTH('a)
       ∀n. (n = 0 ⟶ False) ⟶ 0 < n
       ∀x n. x < 2 ^ n ⟶ x && mask n = x
       ∀x. (uint x < 0) = False
       ∀w. length (to_bl w) = LENGTH('a signed)
       ∀w. length (to_bl w) = LENGTH('a)
       ∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀a. 0 ≤ a
       ∀m n. m < n ⟶ n ≠ 0
       ∀x. of_bl (to_bl x) = x
       ∀n<0. False
       ∀n<LENGTH('a signed). uint (2 ^ n) = 2 ^ n
       ∀n<LENGTH('a). uint (2 ^ n) = 2 ^ n
       ∀n. ¬ n < 0
       ∀n. (¬ 0 < n) = (n = 0)
       ∀n. unat (2 ^ n) = (if n < LENGTH('a signed) then 2 ^ n else 0)
       ∀n. unat (2 ^ n) = (if n < LENGTH('a) then 2 ^ n else 0)
       ∀n. (n = 0 ⟶ False) ⟶ 0 < n
       ∀b c a q.
          LENGTH('a signed) + b ≤ c + a ∧ c < LENGTH('a signed) ⟶
          unat ((q >> a << b) && ~~ mask c) = 0
       ∀b c a q.
          LENGTH('a) + b ≤ c + a ∧ c < LENGTH('a) ⟶ unat ((q >> a << b)
&& ~~ mask c) = 0
       ∀y. 0 < y ∨ 0 = y
       ∀x. ¬ x < 0
       ∀n<LENGTH('a signed). unat (2 ^ n) = 2 ^ n
       ∀n<LENGTH('a). unat (2 ^ n) = 2 ^ n
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0 signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0))
       ¬ 0 < 0
       ¬ 0 < 0
       ∀x. to_bl x ≠ []
       ∀z n. 0 ≤ z ⟶ nat (z ^ n) = nat z ^ n
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = (w >> LENGTH('a signed) - 1 ≠ 0))
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = (w >> LENGTH('a) - 1 ≠ 0))
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
       ∀a b n. (a && b) !! n = (a !! n ∧ b !! n)
       ∀a. (0 = - a) = (0 = a)
       ∀a. (0 = - a) = (0 = a)
       ∀n. (LENGTH('a signed) - Suc 0 < n) = (LENGTH('a signed) ≤ n)
       ∀n. (LENGTH('a) - Suc 0 < n) = (LENGTH('a) ≤ n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (push_bit n a = a * 2 ^ n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (push_bit n a = a * 2 ^ n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (push_bit n a = a * 2 ^ n)
       ∀n. (0 < of_nat n) = (0 < n)
       ∀n. (0 < int n) = (0 < n)
       ∀x y. (¬ x < y) = (y ≤ x)
       ∀x y. (¬ x < y) = (y ≤ x)
       ∀x y. (¬ x < y) = (y ≤ x)
       ∀x. ¬ x < x
       ∀x. ¬ x < x
       ∀x. ¬ x < x
       ¬ msb 0
       ∀a. a + 0 = a
       ∀a. a + 0 = a
       ∀a. a + 0 = a
       ∀m n. (of_nat m = of_nat n) = (m = n)
       ∀m n. (int m = int n) = (m = n)
       ∀m n. mask m !! n = (possible_bit TYPE(nat) n ∧ n < m)
       ∀m n. mask m !! n = (possible_bit TYPE('a word) n ∧ n < m)
       ∀m n. mask m !! n = (possible_bit TYPE(int) n ∧ n < m)
       word_of_nat 0 = 0
       of_nat 0 = 0
       int 0 = 0
       ∀n. (0 = of_nat n) = (0 = n)
       ∀n. (0 = int n) = (0 = n)
       ∀a b. a * b = b * a
       ∀a b. a * b = b * a
       ∀a b. a * b = b * a
       ∀m. (of_nat m = 0) = (m = 0)
       ∀m. (int m = 0) = (m = 0)
       ∀p n. (p < 2 ^ n) =
             (n < LENGTH('a signed) ∧ (∀n'. n ≤ n' ∧ n' < LENGTH('a
signed) ⟶ ¬ p !! n'))
       ∀p n. (p < 2 ^ n) = (n < LENGTH('a) ∧ (∀n'. n ≤ n' ∧ n' <
LENGTH('a) ⟶ ¬ p !! n'))
       ∀m n. (of_nat m < of_nat n) = (m < n)
       ∀m n. (int m < int n) = (m < n)
       ∀x. LENGTH('a signed) = LENGTH('a signed) ⟶
           msb (UCAST('a signed → 'a signed) x) = msb x
       ∀x. LENGTH('a signed) = LENGTH('a) ⟶ msb (UCAST('a → 'a signed)
x) = msb x
       ∀x. LENGTH('a) = LENGTH('a signed) ⟶ msb (UCAST('a signed → 'a)
x) = msb x
       ∀x. LENGTH('a) = LENGTH('a) ⟶ msb (UCAST('a → 'a) x) = msb x
       ∀x y. (unat x * unat y < 2 ^ LENGTH('a signed)) = (unat (x * y)
= unat x * unat y)
       ∀x y. (unat x * unat y < 2 ^ LENGTH('a)) = (unat (x * y) = unat
x * unat y)
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = (sint w < 0))
       ∀a b. a + b = b + a
       ∀a b. a + b = b + a
       ∀a. ¬ a < 0
       uint 0 = 0
       unat 0 = 0
       UCAST('a → 'a) 0 = 0
       ∀n. (n ≤ LENGTH('a signed) - Suc 0) = (n < LENGTH('a signed))
       ∀n. (n ≤ LENGTH('a) - Suc 0) = (n < LENGTH('a))
       ∀y. (0 < y) = (0 ≠ y)
       ∀w. (drop_bit (LENGTH('a signed) - Suc 0) w = 0) = (¬ w !!
(LENGTH('a signed) - Suc 0))
       ∀w. (drop_bit (LENGTH('a) - Suc 0) w = 0) = (¬ w !! (LENGTH('a)
- Suc 0))
       ∀w. (w ≠ 0) = (0 < w)
       ∀w. int (unat w) = uint w
       ∀w. of_nat (unat w) = unat w
       ∀w. word_of_nat (unat w) = UCAST('a → 'a) w
       ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
       ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
       ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
       ∀a. (0 < a) = (a ≠ 0)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (take_bit n a = a && mask n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (take_bit n a = a AND mask n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (take_bit n a = a AND mask n)
       0 = word_of_nat 0
       ∀n≥LENGTH('a signed). 2 ^ n = 0
       ∀n≥LENGTH('a). 2 ^ n = 0
       ∀w n. unat (w >> n) = unat w div 2 ^ n
       ∀m n. m < n ⟶ of_nat m < of_nat n
       ∀m n. m < n ⟶ int m < int n
       ∀m n. of_nat m < of_nat n ⟶ m < n
       ∀m n. int m < int n ⟶ m < n
       SCAST('a → 'a) 0 = 0
       sint 0 = 0
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = hd (to_bl w))
       ∀k. word_of_nat k ≠ 0 ⟶ 0 < k
       ∀k. of_nat k ≠ 0 ⟶ 0 < k
       ∀k. int k ≠ 0 ⟶ 0 < k
       ∀x xs.
          SMT.trigger
           (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x # xs))
SMT.Symb_Nil) SMT.Symb_Nil)
           (length (x # xs) = Suc (length xs))
       ∀ty. possible_bit ty 0
       ∀ty. possible_bit ty 0
       ∀z. (0 < nat z) = (0 < z)
       ∀n w. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (LENGTH('a signed) ≤ n ⟶ w >> n = 0)
       ∀n w. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (LENGTH('a) ≤ n ⟶ w >> n = 0)
       ∀n. possible_bit TYPE(nat) n
       ∀n. possible_bit TYPE(int) n
       ∀n w. n < LENGTH('a signed) ⟶ w && mask n < 2 ^ n
       ∀n w. n < LENGTH('a) ⟶ w && mask n < 2 ^ n
       ∀a n. a < n ⟶ 0 < n
       ∀x z n. limited_and x z ⟶ limited_and (x >> n) (z >> n)
       ∀k. 0 < k ∧ (∀n. k = int n ∧ 0 < n ⟶ False) ⟶ False
       bot = False
       ∀k>0. ∃n>0. k = int n
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb a = (2 ^ (LENGTH('a signed) - Suc 0) ≤ a))
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb a = (2 ^ (LENGTH('a) - Suc 0) ≤ a))
       (CHAR('a word) = 0) = (∀n>0. word_of_nat n ≠ 0)
       (CHAR(nat) = 0) = (∀n>0. of_nat n ≠ 0)
       (CHAR(int) = 0) = (∀n>0. int n ≠ 0)
       ∀n. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (mask n))
SMT.Symb_Nil) SMT.Symb_Nil)
            (mask n = 2 ^ n - 1)
       ∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
           CHAR('a word) = c
       ∀c. 0 < c ∧ of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ of_nat x ≠ 0) ⟶
CHAR(nat) = c
       ∀c. 0 < c ∧ int c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ int x ≠ 0) ⟶
CHAR(int) = c
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (SCAST('a → 'a) x))
SMT.Symb_Nil)
              SMT.Symb_Nil)
            (¬ msb x ⟶ SCAST('a → 'a) x = UCAST('a → 'a) x)
       ∀z z'. 0 ≤ z ⟶ nat (z * z') = nat z * nat z'
       ∀m n. (int m = int n) = (m = n)
       ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
       ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
       ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
       CHAR(nat) = 0
       CHAR(int) = 0
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb a = (bin_sign (signed_take_bit (LENGTH('a signed) - 1)
(uint a)) = - 1))
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb a = (bin_sign (signed_take_bit (LENGTH('a) - 1) (uint
a)) = - 1))
       word_of_nat CHAR('a word) = 0
       of_nat CHAR(nat) = 0
       int CHAR(int) = 0
       (0 < 0) = False
       ∀a. 0 - a = - a
       ∀a. 0 - a = - a
       (0 < CHAR('a word)) = (∃n>0. word_of_nat n = 0)
       (0 < CHAR(nat)) = (∃n>0. of_nat n = 0)
       (0 < CHAR(int)) = (∃n>0. int n = 0)
       ∀x. (x < 1) = (x = 0)
       ∀a b. (a < b) = (int a < int b)
       int 0 = 0
       ∀a. (a ≠ 0) = (0 < a)
       ∀x y. (int x = int y) = (x = y)
       ∀a b. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a ≤ b))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((a ≤ b) = (unat a ≤ unat b))
       ∀k. k < 0 ∧ (∀n. k = - int n ∧ 0 < n ⟶ False) ⟶ False
       ∀m n. (word_of_nat m < word_of_nat n) = (take_bit LENGTH('a) m <
take_bit LENGTH('a) n)
       ∀x y. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x ≤s y))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((x ≤s y) = ((msb y ⟶ msb x) ∧ (msb x ∧ ¬ msb y ∨ x ≤
y)))
       ∀a. - (- a) = a
       ∀a. 0 * a = 0
       ∀a. 0 * a = 0
       ∀a b. (- a = - b) = (a = b)
       ∀b. - (- b) = b
       ∀n w. n < LENGTH('a) ⟶ to_bl w ! n = w !! (LENGTH('a) - Suc n)
       0 = 0
       ∀n bnd x. 2 ^ (LENGTH('a) - n) - 1 ≤ bnd ∧ 0 < n ⟶ unat (x >> n)
≤ bnd
       neg_numeral_class.sub num.One num.One = 0
       ∀a. (- a = 0) = (a = 0)
       ∀n k. (drop_bit n k < 0) = (k < 0)
       ∀a. (a = - a) = (a = 0)
       ∀a. 0 + a = a
       ∀a. 0 + a = a
       ∀a. (- a = a) = (a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a ^ 0 = 1)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a ^ 0 = 1)
       ∀b a. (- b < - a) = (a < b)
       ∀n. take_bit n 0 = 0
       ∀n. take_bit n 0 = 0
       ∀x r. msb (x >> r) = msb x
       ∀a. (a < - a) = (a < 0)
       ∀a. (- a < a) = (0 < a)
       ∀a. (0 < - a) = (a < 0)
       ∀a. (- a < 0) = (0 < a)
       ∀x. 0 ≤ x
       ∀m. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((*) m))
SMT.Symb_Nil) SMT.Symb_Nil)
            (m * 0 = 0)
       ∀n m. (- int n = int m) = (n = 0 ∧ m = 0)
       Numeral1 = 1
       ∀n m. take_bit n (int m) = int (take_bit n m) 
SMT: Names:
       sorts:
         Nat$ = nat
         Num$ = num
         A_word$ = 'a word
         A_itself$ = 'a itself
         Bool_list$ = bool list
         Int_itself$ = int itself
         Nat_itself$ = nat itself
         Nat_int_fun$ = nat ⇒ int
         Nat_nat_fun$ = nat ⇒ nat
         Num0_itself$ = 0 itself
         Nat_bool_fun$ = nat ⇒ bool
         A_signed_word$ = 'a signed word
         A_word_itself$ = 'a word itself
         Nat_a_word_fun$ = nat ⇒ 'a word
         A_signed_itself$ = 'a signed itself
         Num0_signed_itself$ = 0 signed itself
         A_signed_word_itself$ = 'a signed word itself
         A_signed_signed_itself$ = 'a signed signed itself
         Num0_signed_signed_itself$ = 0 signed signed itself
       functions:
         r$ = r
         x$ = x
         hd$ = hd
         and$ = (&&)
         bit$ = (!!)
         bot$ = bot
         msb$ = msb
         nat$ = nat
         nil$ = []
         not$ = wordNOT
         nth$ = (!)
         one$ = 1
         rev$ = rev
         sub$ = neg_numeral_class.sub
         suc$ = Suc
         and$a = (&&)
         and$b = (AND)
         and$c = (AND)
         bit$a = (!!)
         bit$b = (!!)
         bit$c = (!!)
         bit0$ = num.Bit0
         comp$ = (∘)
         cons$ = (#)
         less$ = (<)
         mask$ = mask
         msb$a = msb
         msb$b = msb
         not$a = wordNOT
         one$a = num.One
         one$b = 1
         plus$ = (+)
         size$ = length
         type$ = TYPE('a)
         zero$ = 0
         less$a = (<)
         less$b = (<)
         mask$a = mask
         mask$b = mask
         mask$c = mask
         minus$ = (-)
         of_bl$ = of_bl
         plus$a = (+)
         power$ = (^)
         size$a = size
         size$b = size
         times$ = (*)
         to_bl$ = to_bl
         type$a = TYPE('a signed)
         type$b = TYPE('a signed word)
         type$c = TYPE('a word)
         type$d = TYPE(int)
         type$e = TYPE(nat)
         type$f = TYPE(0 signed)
         type$g = TYPE(0)
         zero$a = 0
         zero$b = 0
         divide$ = (div)
         len_of$ = len_of
         minus$a = (-)
         of_nat$ = of_nat
         power$a = (^)
         power$b = (^)
         power$c = (^)
         shiftl$ = (<<)
         shiftr$ = (>>)
         signed$ = sint
         times$a = (*)
         times$b = (*)
         times$c = (*)
         to_bl$a = to_bl
         uminus$ = uminus
         fun_app$ = SMT.fun_app
         len_of$a = len_of
         len_of$b = len_of
         len_of$c = len_of
         len_of$d = len_of
         len_of$e = len_of
         less_eq$ = (≤)
         numeral$ = numeral
         of_nat$a = int
         of_nat$b = word_of_nat
         shiftl$a = (<<)
         shiftl$b = (<<)
         shiftl$c = (<<)
         shiftr$a = (>>)
         shiftr$b = (>>)
         shiftr$c = (>>)
         signed$a = SCAST('a → 'a)
         bin_sign$ = bin_sign
         drop_bit$ = drop_bit
         fun_app$a = SMT.fun_app
         fun_app$b = SMT.fun_app
         fun_app$c = SMT.fun_app
         less_eq$a = (≤)
         less_eq$b = (≤)
         numeral$a = numeral
         numeral$b = numeral
         push_bit$ = push_bit
         take_bit$ = take_bit
         unsigned$ = uint
         word_sle$ = (≤s)
         drop_bit$a = drop_bit
         drop_bit$b = drop_bit
         drop_bit$c = drop_bit
         push_bit$a = push_bit
         push_bit$b = push_bit
         replicate$ = replicate
         take_bit$a = take_bit
         take_bit$b = take_bit
         unsigned$a = unat
         unsigned$b = uint
         unsigned$c = UCAST('a → 'a)
         unsigned$d = unat
         unsigned$e = UCAST('a signed → 'a signed)
         unsigned$f = UCAST('a → 'a signed)
         unsigned$g = UCAST('a signed → 'a)
         limited_and$ = limited_and
         possible_bit$ = possible_bit
         possible_bit$a = possible_bit
         possible_bit$b = possible_bit
         possible_bit$c = possible_bit
         semiring_char$ = semiring_char
         semiring_char$a = semiring_char
         semiring_char$b = semiring_char
         signed_take_bit$ = signed_take_bit 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9990
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort Num$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Bool_list$ 0)
       (declare-sort Int_itself$ 0)
       (declare-sort Nat_itself$ 0)
       (declare-sort Nat_int_fun$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort Num0_itself$ 0)
       (declare-sort Nat_bool_fun$ 0)
       (declare-sort A_signed_word$ 0)
       (declare-sort A_word_itself$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-sort A_signed_itself$ 0)
       (declare-sort Num0_signed_itself$ 0)
       (declare-sort A_signed_word_itself$ 0)
       (declare-sort A_signed_signed_itself$ 0)
       (declare-sort Num0_signed_signed_itself$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun hd$ (Bool_list$) Bool)
       (declare-fun and$ (A_signed_word$ A_signed_word$)
A_signed_word$)
       (declare-fun bit$ (A_signed_word$) Nat_bool_fun$)
       (declare-fun bot$ () Bool)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun nat$ (Int) Nat$)
       (declare-fun nil$ () Bool_list$)
       (declare-fun not$ (A_signed_word$) A_signed_word$)
       (declare-fun nth$ (Bool_list$) Nat_bool_fun$)
       (declare-fun one$ () Nat$)
       (declare-fun rev$ (Bool_list$) Bool_list$)
       (declare-fun sub$ (Num$ Num$) Int)
       (declare-fun suc$ () Nat_nat_fun$)
       (declare-fun and$a (A_word$ A_word$) A_word$)
       (declare-fun and$b (Int Int) Int)
       (declare-fun and$c (Nat$) Nat_nat_fun$)
       (declare-fun bit$a (A_word$) Nat_bool_fun$)
       (declare-fun bit$b (Int) Nat_bool_fun$)
       (declare-fun bit$c (Nat$) Nat_bool_fun$)
       (declare-fun bit0$ (Num$) Num$)
       (declare-fun comp$ (Nat_bool_fun$ Nat_nat_fun$) Nat_bool_fun$)
       (declare-fun cons$ (Bool Bool_list$) Bool_list$)
       (declare-fun less$ (Nat$) Nat_bool_fun$)
       (declare-fun mask$ (Nat$) A_signed_word$)
       (declare-fun msb$a (A_signed_word$) Bool)
       (declare-fun msb$b (Int) Bool)
       (declare-fun not$a (A_word$) A_word$)
       (declare-fun one$a () Num$)
       (declare-fun one$b () A_word$)
       (declare-fun plus$ (Nat$) Nat_nat_fun$)
       (declare-fun size$ (Bool_list$) Nat$)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun less$a (A_signed_word$ A_signed_word$) Bool)
       (declare-fun less$b (A_word$ A_word$) Bool)
       (declare-fun mask$a (Nat$) A_word$)
       (declare-fun mask$b () Nat_nat_fun$)
       (declare-fun mask$c (Nat$) Int)
       (declare-fun minus$ (Nat$) Nat_nat_fun$)
       (declare-fun of_bl$ (Bool_list$) A_word$)
       (declare-fun plus$a (A_word$ A_word$) A_word$)
       (declare-fun power$ (A_signed_word$ Nat$) A_signed_word$)
       (declare-fun size$a (A_word$) Nat$)
       (declare-fun size$b (A_signed_word$) Nat$)
       (declare-fun times$ (A_word$ A_word$) A_word$)
       (declare-fun to_bl$ (A_signed_word$) Bool_list$)
       (declare-fun type$a () A_signed_itself$)
       (declare-fun type$b () A_signed_word_itself$)
       (declare-fun type$c () A_word_itself$)
       (declare-fun type$d () Int_itself$)
       (declare-fun type$e () Nat_itself$)
       (declare-fun type$f () Num0_signed_itself$)
       (declare-fun type$g () Num0_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun zero$b () A_signed_word$)
       (declare-fun divide$ (Nat$) Nat_nat_fun$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun minus$a (A_word$ A_word$) A_word$)
       (declare-fun of_nat$ () Nat_nat_fun$)
       (declare-fun power$a (A_word$ Nat$) A_word$)
       (declare-fun power$b (Int) Nat_int_fun$)
       (declare-fun power$c (Nat$) Nat_nat_fun$)
       (declare-fun shiftl$ (Nat$) Nat_nat_fun$)
       (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
       (declare-fun signed$ (A_word$) Int)
       (declare-fun times$a (Int Int) Int)
       (declare-fun times$b (Nat$) Nat_nat_fun$)
       (declare-fun times$c (A_signed_word$ A_signed_word$)
A_signed_word$)
       (declare-fun to_bl$a (A_word$) Bool_list$)
       (declare-fun uminus$ (A_word$) A_word$)
       (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun len_of$a (A_signed_itself$) Nat$)
       (declare-fun len_of$b (Num0_itself$) Nat$)
       (declare-fun len_of$c (Num0_signed_signed_itself$) Nat$)
       (declare-fun len_of$d (Num0_signed_itself$) Nat$)
       (declare-fun len_of$e (A_signed_signed_itself$) Nat$)
       (declare-fun less_eq$ (A_word$ A_word$) Bool)
       (declare-fun numeral$ (Num$) A_signed_word$)
       (declare-fun of_nat$a (Nat$) Int)
       (declare-fun of_nat$b (Nat$) A_word$)
       (declare-fun shiftl$a (Int Nat$) Int)
       (declare-fun shiftl$b (A_word$ Nat$) A_word$)
       (declare-fun shiftl$c (A_signed_word$ Nat$) A_signed_word$)
       (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
       (declare-fun shiftr$b (Int) Nat_int_fun$)
       (declare-fun shiftr$c (A_signed_word$ Nat$) A_signed_word$)
       (declare-fun signed$a (A_word$) A_word$)
       (declare-fun bin_sign$ (Int) Int)
       (declare-fun drop_bit$ (Nat$) Nat_nat_fun$)
       (declare-fun fun_app$a (Nat_bool_fun$ Nat$) Bool)
       (declare-fun fun_app$b (Nat_nat_fun$ Nat$) Nat$)
       (declare-fun fun_app$c (Nat_int_fun$ Nat$) Int)
       (declare-fun less_eq$a (Nat$) Nat_bool_fun$)
       (declare-fun less_eq$b (A_signed_word$ A_signed_word$) Bool)
       (declare-fun numeral$a (Num$) A_word$)
       (declare-fun numeral$b (Num$) Nat$)
       (declare-fun push_bit$ (Nat$) Nat_nat_fun$)
       (declare-fun take_bit$ (Nat$ Int) Int)
       (declare-fun unsigned$ (A_word$) Int)
       (declare-fun word_sle$ (A_word$ A_word$) Bool)
       (declare-fun drop_bit$a (Nat$ A_word$) A_word$)
       (declare-fun drop_bit$b (Nat$ Int) Int)
       (declare-fun drop_bit$c (Nat$ A_signed_word$) A_signed_word$)
       (declare-fun push_bit$a (Nat$ Int) Int)
       (declare-fun push_bit$b (Nat$ A_word$) A_word$)
       (declare-fun replicate$ (Nat$ Bool) Bool_list$)
       (declare-fun take_bit$a (Nat$ A_word$) A_word$)
       (declare-fun take_bit$b (Nat$) Nat_nat_fun$)
       (declare-fun unsigned$a (A_word$) Nat$)
       (declare-fun unsigned$b (A_signed_word$) Int)
       (declare-fun unsigned$c (A_word$) A_word$)
       (declare-fun unsigned$d (A_signed_word$) Nat$)
       (declare-fun unsigned$e (A_signed_word$) A_signed_word$)
       (declare-fun unsigned$f (A_word$) A_signed_word$)
       (declare-fun unsigned$g (A_signed_word$) A_word$)
       (declare-fun limited_and$ (A_word$ A_word$) Bool)
       (declare-fun possible_bit$ (A_signed_word_itself$)
Nat_bool_fun$)
       (declare-fun possible_bit$a (A_word_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$b (Int_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$c (Nat_itself$) Nat_bool_fun$)
       (declare-fun semiring_char$ (A_word_itself$) Nat$)
       (declare-fun semiring_char$a (Nat_itself$) Nat$)
       (declare-fun semiring_char$b (Int_itself$) Nat$)
       (declare-fun signed_take_bit$ (Nat$ Int) Int)
       (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
       (assert (! (fun_app$a (less$ r$) (len_of$ type$)) :named a1))
       (assert (! (fun_app$a (less$ zero$) (len_of$a type$a)) :named
a2))
       (assert (! (fun_app$a (less$ zero$) (len_of$ type$)) :named a3))
       (assert (! (= one$ (fun_app$b suc$ zero$)) :named a4))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a5))
       (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a6))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a7))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a8))
       (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a9))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$a zero$)
?v0) zero$)) :named a10))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a11))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$c (shiftr$b 0) ?v0)
0)) :named a12))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (possible_bit$
type$b) ?v0) (fun_app$a (less$ ?v0) (len_of$a type$a)))) :named a13))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (possible_bit$a
type$c) ?v0) (fun_app$a (less$ ?v0) (len_of$ type$)))) :named a14))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(shiftr$a ?v0) ?v1) (fun_app$b (drop_bit$ ?v1) ?v0)) :pattern
((fun_app$b (shiftr$a ?v0) ?v1)))) :named a15))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(shiftr$ ?v0) ?v1) (drop_bit$a ?v1 ?v0)) :pattern ((fun_app$ (shiftr$
?v0) ?v1)))) :named a16))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (fun_app$c
(shiftr$b ?v0) ?v1) (drop_bit$b ?v1 ?v0)) :pattern ((fun_app$c
(shiftr$b ?v0) ?v1)))) :named a17))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a18))
       (assert (! (not (= (len_of$a type$a) zero$)) :named a19))
       (assert (! (not (= (len_of$ type$) zero$)) :named a20))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0)
(fun_app$a (bit$ ?v0) (fun_app$b (minus$ (len_of$a type$a)) one$)))
:pattern ((msb$a ?v0)))) :named a21))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$a ?v0) (fun_app$b (minus$ (len_of$ type$)) one$))) :pattern ((msb$
?v0)))) :named a22))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a23))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (forall ((?v2 Nat$)) (=> (fun_app$a (less$ ?v2) (len_of$a type$a))
(= (fun_app$a (bit$ ?v0) ?v2) (fun_app$a (bit$ ?v1) ?v2)))) (= ?v0
?v1))) :named a24))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (fun_app$a (less$ ?v2) (len_of$ type$)) (= (fun_app$a
(bit$a ?v0) ?v2) (fun_app$a (bit$a ?v1) ?v2)))) (= ?v0 ?v1))) :named
a25))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ ?v0) zero$)
false)) :named a26))
       (assert (! (forall ((?v0 Int)) (! (= (msb$b ?v0) (< ?v0 0))
:pattern ((msb$b ?v0)))) :named a27))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a28))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$)) (! (=
(fun_app$a (bit$ ?v0) ?v1) (and (fun_app$a (less$ ?v1) (len_of$a
type$a)) (fun_app$a (bit$b (unsigned$b ?v0)) ?v1))) :pattern
((fun_app$a (bit$ ?v0) ?v1)))) :named a29))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$a
(bit$a ?v0) ?v1) (and (fun_app$a (less$ ?v1) (len_of$ type$))
(fun_app$a (bit$b (unsigned$ ?v0)) ?v1))) :pattern ((fun_app$a (bit$a
?v0) ?v1)))) :named a30))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a31))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (= (len_of$a type$a) zero$) (= ?v0 ?v1))) :named a32))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a33))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$) (?v2 Nat$))
(=> (and (= (and$ ?v0 (mask$ (fun_app$b (plus$ ?v1) ?v2))) ?v0)
(fun_app$a (less$ ?v2) (len_of$a type$a))) (less$a (shiftr$c ?v0 ?v1)
(power$ (numeral$ (bit0$ one$a)) ?v2)))) :named a34))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$a ?v0 (mask$a (fun_app$b (plus$ ?v1) ?v2))) ?v0)
(fun_app$a (less$ ?v2) (len_of$ type$))) (less$b (fun_app$ (shiftr$
?v0) ?v1) (power$a (numeral$a (bit0$ one$a)) ?v2)))) :named a35))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(less$b ?v0 ?v1) (less$b (fun_app$ (shiftr$ ?v0) ?v2) ?v1))) :named
a36))
       (assert (! (= (to_bl$ zero$b) (replicate$ (len_of$a type$a)
false)) :named a37))
       (assert (! (= (to_bl$a zero$a) (replicate$ (len_of$ type$)
false)) :named a38))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a39))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$b ?v1 ?v2)) (less$b ?v0 ?v2))) :named
a40))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(fun_app$a (less_eq$a ?v0) ?v1) (fun_app$a (less$ ?v1) ?v2)) (fun_app$a
(less$ ?v0) ?v2))) :named a41))
       (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a42))
       (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$b ?v0)
zero$) :pattern ((len_of$b ?v0)))) :named a43))
       (assert (! (forall ((?v0 Nat$)) (= (= (power$ (numeral$ (bit0$
one$a)) ?v0) zero$b) (fun_app$a (less_eq$a (len_of$a type$a)) ?v0)))
:named a44))
       (assert (! (forall ((?v0 Nat$)) (= (= (power$a (numeral$a (bit0$
one$a)) ?v0) zero$a) (fun_app$a (less_eq$a (len_of$ type$)) ?v0)))
:named a45))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$b
type$d) ?v0)) :named a46))
       (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a47))
       (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a48))
       (assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a49))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (less_eq$a ?v0) ?v0))
:named a50))
       (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a51))
       (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a52))
       (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a53))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0)
(fun_app$a (bit$ ?v0) (fun_app$b (minus$ (len_of$a type$a)) (fun_app$b
suc$ zero$)))) :pattern ((msb$a ?v0)))) :named a54))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$a ?v0) (fun_app$b (minus$ (len_of$ type$)) (fun_app$b suc$
zero$)))) :pattern ((msb$ ?v0)))) :named a55))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$b ?v1 ?v0))) :named a56))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$a
(less_eq$a ?v0) ?v1)) (fun_app$a (less$ ?v1) ?v0))) :named a57))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a58))
       (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a59))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(shiftl$ ?v0) ?v1) (fun_app$b (push_bit$ ?v1) ?v0)) :pattern
((fun_app$b (shiftl$ ?v0) ?v1)))) :named a60))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a61))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$b
?v0 ?v1) (push_bit$b ?v1 ?v0)) :pattern ((shiftl$b ?v0 ?v1)))) :named
a62))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a63))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_signed_word$))
(=> (and (= (power$ (numeral$ (bit0$ one$a)) (fun_app$b (plus$ ?v0)
?v1)) zero$b) (fun_app$a (less$ ?v1) (len_of$a type$a))) (less$a
(shiftr$c ?v2 ?v0) (power$ (numeral$ (bit0$ one$a)) ?v1)))) :named
a64))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (power$a (numeral$a (bit0$ one$a)) (fun_app$b (plus$ ?v0) ?v1))
zero$a) (fun_app$a (less$ ?v1) (len_of$ type$))) (less$b (fun_app$
(shiftr$ ?v2) ?v0) (power$a (numeral$a (bit0$ one$a)) ?v1)))) :named
a65))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$a (less$ ?v0) ?v1) false) (=> (fun_app$a (less$
?v1) ?v0) false))) false)) :named a66))
       (assert (! (forall ((?v0 A_signed_word$)) (= (size$ (to_bl$
?v0)) (len_of$a type$a))) :named a67))
       (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$a ?v0))
(len_of$ type$))) :named a68))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$a ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3)))))) (fun_app$a
?v0 ?v1))) :named a69))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$a (less$ ?v3) ?v2)
(fun_app$a ?v0 ?v3))) (fun_app$a ?v0 ?v2))) (fun_app$a ?v0 ?v1)))
:named a70))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$b ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0
(unsigned$ ?v1))))) :named a71))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0) ?v0)
false)) :named a72))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less$b
?v0 ?v1) (fun_app$a (less$ (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less$b ?v0 ?v1)))) :named a73))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a74))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$c (unsigned$a ?v0)) ?v1) (and (fun_app$a (possible_bit$c type$e)
?v1) (fun_app$a (bit$a ?v0) ?v1)))) :named a75))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$b (unsigned$ ?v0)) ?v1) (and (fun_app$a (possible_bit$b type$d)
?v1) (fun_app$a (bit$a ?v0) ?v1)))) :named a76))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$a (unsigned$c ?v0)) ?v1) (and (fun_app$a (possible_bit$a type$c)
?v1) (fun_app$a (bit$a ?v0) ?v1)))) :named a77))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a78))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$
(fun_app$b of_nat$ ?v0)) zero$))) :named a79))
       (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a80))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a81))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a82))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (size$b ?v0)
(len_of$a type$a)) :pattern ((size$b ?v0)))) :named a83))
       (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a84))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$a (less$ ?v0) ?v1) (fun_app$a (less$ ?v1) ?v0)))) :named
a85))
       (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a86))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (minus$ ?v0)
zero$) ?v0)) :named a87))
       (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a88))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a89))
       (assert (! (forall ((?v0 Nat$)) (= (of_bl$ (replicate$ ?v0
false)) zero$a)) :named a90))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a91))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat_nat_fun$) (?v2
Nat$)) (! (= (fun_app$a (comp$ ?v0 ?v1) ?v2) (fun_app$a ?v0 (fun_app$b
?v1 ?v2))) :pattern ((fun_app$a (comp$ ?v0 ?v1) ?v2)))) :named a92))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$)) (=>
(fun_app$a (bit$ ?v0) ?v1) (fun_app$a (less$ ?v1) (len_of$a type$a))))
:named a93))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (fun_app$a
(bit$a ?v0) ?v1) (fun_app$a (less$ ?v1) (len_of$ type$)))) :named a94))
       (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a95))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (less$b ?v0
(power$a (numeral$a (bit0$ one$a)) ?v1)) (= (and$a ?v0 (mask$a ?v1))
?v0))) :named a96))
       (assert (! (forall ((?v0 A_word$)) (= (< (unsigned$ ?v0) 0)
false)) :named a97))
       (assert (! (forall ((?v0 A_signed_word$)) (= (size$ (to_bl$
?v0)) (len_of$a type$a))) :named a98))
       (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$a ?v0))
(len_of$ type$))) :named a99))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (and
(fun_app$a ?v0 zero$) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v2) (not (fun_app$a ?v0 ?v2))) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3))))))) (fun_app$a
?v0 ?v1))) :named a100))
       (assert (! (forall ((?v0 A_word$)) (less_eq$ zero$a ?v0)) :named
a101))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a102))
       (assert (! (forall ((?v0 A_word$)) (= (of_bl$ (to_bl$a ?v0))
?v0)) :named a103))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
zero$) false)) :named a104))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$a type$a)) (= (unsigned$b (power$ (numeral$ (bit0$ one$a))
?v0)) (fun_app$c (power$b 2) ?v0)))) :named a105))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$ type$)) (= (unsigned$ (power$a (numeral$a (bit0$ one$a)) ?v0))
(fun_app$c (power$b 2) ?v0)))) :named a106))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a107))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a108))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$d (power$ (numeral$
(bit0$ one$a)) ?v0)) (ite (fun_app$a (less$ ?v0) (len_of$a type$a))
(fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0) zero$))) :named
a109))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$a (power$a
(numeral$a (bit0$ one$a)) ?v0)) (ite (fun_app$a (less$ ?v0) (len_of$
type$)) (fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0) zero$)))
:named a110))
       (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a111))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$) (?v3
A_signed_word$)) (=> (and (fun_app$a (less_eq$a (fun_app$b (plus$
(len_of$a type$a)) ?v0)) (fun_app$b (plus$ ?v1) ?v2)) (fun_app$a (less$
?v1) (len_of$a type$a))) (= (unsigned$d (and$ (shiftl$c (shiftr$c ?v3
?v2) ?v0) (not$ (mask$ ?v1)))) zero$))) :named a112))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$) (?v3
A_word$)) (=> (and (fun_app$a (less_eq$a (fun_app$b (plus$ (len_of$
type$)) ?v0)) (fun_app$b (plus$ ?v1) ?v2)) (fun_app$a (less$ ?v1)
(len_of$ type$))) (= (unsigned$a (and$a (shiftl$b (fun_app$ (shiftr$
?v3) ?v2) ?v0) (not$a (mask$a ?v1)))) zero$))) :named a113))
       (assert (! (forall ((?v0 Nat$)) (or (fun_app$a (less$ zero$)
?v0) (= zero$ ?v0))) :named a114))
       (assert (! (forall ((?v0 A_word$)) (not (less$b ?v0 zero$a)))
:named a115))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$a type$a)) (= (unsigned$d (power$ (numeral$ (bit0$ one$a))
?v0)) (fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0)))) :named
a116))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$ type$)) (= (unsigned$a (power$a (numeral$a (bit0$ one$a))
?v0)) (fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0)))) :named
a117))
       (assert (! (forall ((?v0 Num0_signed_signed_itself$)) (! (=
(len_of$c ?v0) (len_of$d type$f)) :pattern ((len_of$c ?v0)))) :named
a118))
       (assert (! (forall ((?v0 A_signed_signed_itself$)) (! (=
(len_of$e ?v0) (len_of$a type$a)) :pattern ((len_of$e ?v0)))) :named
a119))
       (assert (! (forall ((?v0 A_signed_itself$)) (! (= (len_of$a ?v0)
(len_of$ type$)) :pattern ((len_of$a ?v0)))) :named a120))
       (assert (! (forall ((?v0 Num0_signed_itself$)) (! (= (len_of$d
?v0) (len_of$b type$g)) :pattern ((len_of$d ?v0)))) :named a121))
       (assert (! (not (fun_app$a (less$ zero$) zero$)) :named a122))
       (assert (! (not (< 0 0)) :named a123))
       (assert (! (forall ((?v0 A_word$)) (not (= (to_bl$a ?v0) nil$)))
:named a124))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (=> (<= 0 ?v0) (=
(nat$ (fun_app$c (power$b ?v0) ?v1)) (fun_app$b (power$c (nat$ ?v0))
?v1)))) :named a125))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0) (not
(= (shiftr$c ?v0 (fun_app$b (minus$ (len_of$a type$a)) one$)) zero$b)))
:pattern ((msb$a ?v0)))) :named a126))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (not (=
(fun_app$ (shiftr$ ?v0) (fun_app$b (minus$ (len_of$ type$)) one$))
zero$a))) :pattern ((msb$ ?v0)))) :named a127))
       (assert (! (forall ((?v0 A_word$)) (! (= (take_bit$a zero$ ?v0)
zero$a) :pattern ((take_bit$a zero$ ?v0)))) :named a128))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (take_bit$b
zero$) ?v0) zero$) :pattern ((fun_app$b (take_bit$b zero$) ?v0))))
:named a129))
       (assert (! (forall ((?v0 Int)) (! (= (take_bit$ zero$ ?v0) 0)
:pattern ((take_bit$ zero$ ?v0)))) :named a130))
       (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Nat$)) (=
(fun_app$a (bit$b (and$b ?v0 ?v1)) ?v2) (and (fun_app$a (bit$b ?v0)
?v2) (fun_app$a (bit$b ?v1) ?v2)))) :named a131))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=
(fun_app$a (bit$a (and$a ?v0 ?v1)) ?v2) (and (fun_app$a (bit$a ?v0)
?v2) (fun_app$a (bit$a ?v1) ?v2)))) :named a132))
       (assert (! (forall ((?v0 A_word$)) (= (= zero$a (uminus$ ?v0))
(= zero$a ?v0))) :named a133))
       (assert (! (forall ((?v0 Int)) (= (= 0 (- ?v0)) (= 0 ?v0)))
:named a134))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ (fun_app$b
(minus$ (len_of$a type$a)) (fun_app$b suc$ zero$))) ?v0) (fun_app$a
(less_eq$a (len_of$a type$a)) ?v0))) :named a135))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ (fun_app$b
(minus$ (len_of$ type$)) (fun_app$b suc$ zero$))) ?v0) (fun_app$a
(less_eq$a (len_of$ type$)) ?v0))) :named a136))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (push_bit$b
?v0 ?v1) (times$ ?v1 (power$a (numeral$a (bit0$ one$a)) ?v0))) :pattern
((push_bit$b ?v0 ?v1)))) :named a137))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (push_bit$a ?v0
?v1) (times$a ?v1 (fun_app$c (power$b 2) ?v0))) :pattern ((push_bit$a
?v0 ?v1)))) :named a138))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(push_bit$ ?v0) ?v1) (fun_app$b (times$b ?v1) (fun_app$b (power$c
(numeral$b (bit0$ one$a))) ?v0))) :pattern ((fun_app$b (push_bit$ ?v0)
?v1)))) :named a139))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$)
(fun_app$b of_nat$ ?v0)) (fun_app$a (less$ zero$) ?v0))) :named a140))
       (assert (! (forall ((?v0 Nat$)) (= (< 0 (of_nat$a ?v0))
(fun_app$a (less$ zero$) ?v0))) :named a141))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not (less$b
?v0 ?v1)) (less_eq$ ?v1 ?v0))) :named a142))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$a
(less$ ?v0) ?v1)) (fun_app$a (less_eq$a ?v1) ?v0))) :named a143))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (< ?v0 ?v1))
(<= ?v1 ?v0))) :named a144))
       (assert (! (forall ((?v0 A_word$)) (not (less$b ?v0 ?v0)))
:named a145))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a146))
       (assert (! (forall ((?v0 Int)) (not (< ?v0 ?v0))) :named a147))
       (assert (! (not (msb$ zero$a)) :named a148))
       (assert (! (forall ((?v0 A_word$)) (= (plus$a ?v0 zero$a) ?v0))
:named a149))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (plus$ ?v0) zero$)
?v0)) :named a150))
       (assert (! (forall ((?v0 Int)) (= (+ ?v0 0) ?v0)) :named a151))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (fun_app$b
of_nat$ ?v0) (fun_app$b of_nat$ ?v1)) (= ?v0 ?v1))) :named a152))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a153))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (bit$c
(fun_app$b mask$b ?v0)) ?v1) (and (fun_app$a (possible_bit$c type$e)
?v1) (fun_app$a (less$ ?v1) ?v0)))) :named a154))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (bit$a
(mask$a ?v0)) ?v1) (and (fun_app$a (possible_bit$a type$c) ?v1)
(fun_app$a (less$ ?v1) ?v0)))) :named a155))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (bit$b
(mask$c ?v0)) ?v1) (and (fun_app$a (possible_bit$b type$d) ?v1)
(fun_app$a (less$ ?v1) ?v0)))) :named a156))
       (assert (! (= (of_nat$b zero$) zero$a) :named a157))
       (assert (! (= (fun_app$b of_nat$ zero$) zero$) :named a158))
       (assert (! (= (of_nat$a zero$) 0) :named a159))
       (assert (! (forall ((?v0 Nat$)) (= (= zero$ (fun_app$b of_nat$
?v0)) (= zero$ ?v0))) :named a160))
       (assert (! (forall ((?v0 Nat$)) (= (= 0 (of_nat$a ?v0)) (= zero$
?v0))) :named a161))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (times$ ?v0
?v1) (times$ ?v1 ?v0))) :named a162))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (times$a ?v0 ?v1)
(times$a ?v1 ?v0))) :named a163))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b
(times$b ?v0) ?v1) (fun_app$b (times$b ?v1) ?v0))) :named a164))
       (assert (! (forall ((?v0 Nat$)) (= (= (fun_app$b of_nat$ ?v0)
zero$) (= ?v0 zero$))) :named a165))
       (assert (! (forall ((?v0 Nat$)) (= (= (of_nat$a ?v0) 0) (= ?v0
zero$))) :named a166))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$)) (= (less$a
?v0 (power$ (numeral$ (bit0$ one$a)) ?v1)) (and (fun_app$a (less$ ?v1)
(len_of$a type$a)) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less_eq$a
?v1) ?v2) (fun_app$a (less$ ?v2) (len_of$a type$a))) (not (fun_app$a
(bit$ ?v0) ?v2))))))) :named a167))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (less$b ?v0
(power$a (numeral$a (bit0$ one$a)) ?v1)) (and (fun_app$a (less$ ?v1)
(len_of$ type$)) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less_eq$a
?v1) ?v2) (fun_app$a (less$ ?v2) (len_of$ type$))) (not (fun_app$a
(bit$a ?v0) ?v2))))))) :named a168))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (less$
(fun_app$b of_nat$ ?v0)) (fun_app$b of_nat$ ?v1)) (fun_app$a (less$
?v0) ?v1))) :named a169))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$a (less$ ?v0) ?v1))) :named a170))
       (assert (! (forall ((?v0 A_signed_word$)) (=> (= (len_of$a
type$a) (len_of$a type$a)) (= (msb$a (unsigned$e ?v0)) (msb$a ?v0))))
:named a171))
       (assert (! (forall ((?v0 A_word$)) (=> (= (len_of$a type$a)
(len_of$ type$)) (= (msb$a (unsigned$f ?v0)) (msb$ ?v0)))) :named
a172))
       (assert (! (forall ((?v0 A_signed_word$)) (=> (= (len_of$ type$)
(len_of$a type$a)) (= (msb$ (unsigned$g ?v0)) (msb$a ?v0)))) :named
a173))
       (assert (! (forall ((?v0 A_word$)) (=> (= (len_of$ type$)
(len_of$ type$)) (= (msb$ (unsigned$c ?v0)) (msb$ ?v0)))) :named a174))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(= (fun_app$a (less$ (fun_app$b (times$b (unsigned$d ?v0)) (unsigned$d
?v1))) (fun_app$b (power$c (numeral$b (bit0$ one$a))) (len_of$a
type$a))) (= (unsigned$d (times$c ?v0 ?v1)) (fun_app$b (times$b
(unsigned$d ?v0)) (unsigned$d ?v1))))) :named a175))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (fun_app$a
(less$ (fun_app$b (times$b (unsigned$a ?v0)) (unsigned$a ?v1)))
(fun_app$b (power$c (numeral$b (bit0$ one$a))) (len_of$ type$))) (=
(unsigned$a (times$ ?v0 ?v1)) (fun_app$b (times$b (unsigned$a ?v0))
(unsigned$a ?v1))))) :named a176))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (< (signed$
?v0) 0)) :pattern ((msb$ ?v0)))) :named a177))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b (plus$
?v0) ?v1) (fun_app$b (plus$ ?v1) ?v0))) :named a178))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (+ ?v0 ?v1) (+ ?v1
?v0))) :named a179))
       (assert (! (forall ((?v0 A_word$)) (not (less$b ?v0 zero$a)))
:named a180))
       (assert (! (= (unsigned$ zero$a) 0) :named a181))
       (assert (! (= (unsigned$a zero$a) zero$) :named a182))
       (assert (! (= (unsigned$c zero$a) zero$a) :named a183))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less_eq$a ?v0)
(fun_app$b (minus$ (len_of$a type$a)) (fun_app$b suc$ zero$)))
(fun_app$a (less$ ?v0) (len_of$a type$a)))) :named a184))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less_eq$a ?v0)
(fun_app$b (minus$ (len_of$ type$)) (fun_app$b suc$ zero$))) (fun_app$a
(less$ ?v0) (len_of$ type$)))) :named a185))
       (assert (! (forall ((?v0 A_word$)) (= (less$b zero$a ?v0) (not
(= zero$a ?v0)))) :named a186))
       (assert (! (forall ((?v0 A_signed_word$)) (= (= (drop_bit$c
(fun_app$b (minus$ (len_of$a type$a)) (fun_app$b suc$ zero$)) ?v0)
zero$b) (not (fun_app$a (bit$ ?v0) (fun_app$b (minus$ (len_of$a
type$a)) (fun_app$b suc$ zero$)))))) :named a187))
       (assert (! (forall ((?v0 A_word$)) (= (= (drop_bit$a (fun_app$b
(minus$ (len_of$ type$)) (fun_app$b suc$ zero$)) ?v0) zero$a) (not
(fun_app$a (bit$a ?v0) (fun_app$b (minus$ (len_of$ type$)) (fun_app$b
suc$ zero$)))))) :named a188))
       (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(less$b zero$a ?v0))) :named a189))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$a (unsigned$a
?v0)) (unsigned$ ?v0))) :named a190))
       (assert (! (forall ((?v0 A_word$)) (= (fun_app$b of_nat$
(unsigned$a ?v0)) (unsigned$a ?v0))) :named a191))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$b (unsigned$a
?v0)) (unsigned$c ?v0))) :named a192))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (bit$c (fun_app$b
(shiftr$a ?v0) ?v1)) (comp$ (bit$c ?v0) (plus$ ?v1)))) :named a193))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$a
(fun_app$ (shiftr$ ?v0) ?v1)) (comp$ (bit$a ?v0) (plus$ ?v1)))) :named
a194))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (bit$b (fun_app$c
(shiftr$b ?v0) ?v1)) (comp$ (bit$b ?v0) (plus$ ?v1)))) :named a195))
       (assert (! (forall ((?v0 A_word$)) (= (less$b zero$a ?v0) (not
(= ?v0 zero$a)))) :named a196))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (take_bit$a
?v0 ?v1) (and$a ?v1 (mask$a ?v0))) :pattern ((take_bit$a ?v0 ?v1))))
:named a197))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (take_bit$ ?v0
?v1) (and$b ?v1 (mask$c ?v0))) :pattern ((take_bit$ ?v0 ?v1)))) :named
a198))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(take_bit$b ?v0) ?v1) (fun_app$b (and$c ?v1) (fun_app$b mask$b ?v0)))
:pattern ((fun_app$b (take_bit$b ?v0) ?v1)))) :named a199))
       (assert (! (= zero$a (of_nat$b zero$)) :named a200))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less_eq$a
(len_of$a type$a)) ?v0) (= (power$ (numeral$ (bit0$ one$a)) ?v0)
zero$b))) :named a201))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less_eq$a
(len_of$ type$)) ?v0) (= (power$a (numeral$a (bit0$ one$a)) ?v0)
zero$a))) :named a202))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (unsigned$a
(fun_app$ (shiftr$ ?v0) ?v1)) (fun_app$b (divide$ (unsigned$a ?v0))
(fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v1)))) :named a203))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (fun_app$a (less$ (fun_app$b of_nat$ ?v0)) (fun_app$b of_nat$
?v1)))) :named a204))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a205))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
(fun_app$b of_nat$ ?v0)) (fun_app$b of_nat$ ?v1)) (fun_app$a (less$
?v0) ?v1))) :named a206))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$a (less$ ?v0) ?v1))) :named a207))
       (assert (! (= (signed$a zero$a) zero$a) :named a208))
       (assert (! (= (signed$ zero$a) 0) :named a209))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (hd$
(to_bl$a ?v0))) :pattern ((msb$ ?v0)))) :named a210))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$b ?v0)
zero$a)) (fun_app$a (less$ zero$) ?v0))) :named a211))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (fun_app$b of_nat$
?v0) zero$)) (fun_app$a (less$ zero$) ?v0))) :named a212))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$a ?v0) 0))
(fun_app$a (less$ zero$) ?v0))) :named a213))
       (assert (! (forall ((?v0 Bool) (?v1 Bool_list$)) (! (= (size$
(cons$ ?v0 ?v1)) (fun_app$b suc$ (size$ ?v1))) :pattern ((cons$ ?v0
?v1)))) :named a214))
       (assert (! (forall ((?v0 A_word_itself$)) (fun_app$a
(possible_bit$a ?v0) zero$)) :named a215))
       (assert (! (forall ((?v0 Int_itself$)) (fun_app$a
(possible_bit$b ?v0) zero$)) :named a216))
       (assert (! (forall ((?v0 Int)) (= (fun_app$a (less$ zero$) (nat$
?v0)) (< 0 ?v0))) :named a217))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (! (=>
(fun_app$a (less_eq$a (len_of$a type$a)) ?v0) (= (shiftr$c ?v1 ?v0)
zero$b)) :pattern ((shiftr$c ?v1 ?v0)))) :named a218))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (=> (fun_app$a
(less_eq$a (len_of$ type$)) ?v0) (= (fun_app$ (shiftr$ ?v1) ?v0)
zero$a)) :pattern ((fun_app$ (shiftr$ ?v1) ?v0)))) :named a219))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$c
type$e) ?v0)) :named a220))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$b
type$d) ?v0)) :named a221))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=>
(fun_app$a (less$ ?v0) (len_of$a type$a)) (less$a (and$ ?v1 (mask$
?v0)) (power$ (numeral$ (bit0$ one$a)) ?v0)))) :named a222))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$a
(less$ ?v0) (len_of$ type$)) (less$b (and$a ?v1 (mask$a ?v0)) (power$a
(numeral$a (bit0$ one$a)) ?v0)))) :named a223))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (less$b ?v0
?v1) (less$b zero$a ?v1))) :named a224))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(limited_and$ ?v0 ?v1) (limited_and$ (fun_app$ (shiftr$ ?v0) ?v2)
(fun_app$ (shiftr$ ?v1) ?v2)))) :named a225))
       (assert (! (forall ((?v0 Int)) (=> (and (< 0 ?v0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (of_nat$a ?v1)) (fun_app$a (less$ zero$) ?v1))
false))) false)) :named a226))
       (assert (! (= bot$ false) :named a227))
       (assert (! (forall ((?v0 Int)) (=> (< 0 ?v0) (exists ((?v1
Nat$)) (and (fun_app$a (less$ zero$) ?v1) (= ?v0 (of_nat$a ?v1))))))
:named a228))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0)
(less_eq$b (power$ (numeral$ (bit0$ one$a)) (fun_app$b (minus$
(len_of$a type$a)) (fun_app$b suc$ zero$))) ?v0)) :pattern ((msb$a
?v0)))) :named a229))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (less_eq$
(power$a (numeral$a (bit0$ one$a)) (fun_app$b (minus$ (len_of$ type$))
(fun_app$b suc$ zero$))) ?v0)) :pattern ((msb$ ?v0)))) :named a230))
       (assert (! (= (= (semiring_char$ type$c) zero$) (forall ((?v0
Nat$)) (=> (fun_app$a (less$ zero$) ?v0) (not (= (of_nat$b ?v0)
zero$a))))) :named a231))
       (assert (! (= (= (semiring_char$a type$e) zero$) (forall ((?v0
Nat$)) (=> (fun_app$a (less$ zero$) ?v0) (not (= (fun_app$b of_nat$
?v0) zero$))))) :named a232))
       (assert (! (= (= (semiring_char$b type$d) zero$) (forall ((?v0
Nat$)) (=> (fun_app$a (less$ zero$) ?v0) (not (= (of_nat$a ?v0) 0)))))
:named a233))
       (assert (! (forall ((?v0 Nat$)) (! (= (mask$a ?v0) (minus$a
(power$a (numeral$a (bit0$ one$a)) ?v0) one$b)) :pattern ((mask$a
?v0)))) :named a234))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v0) (and (= (of_nat$b ?v0) zero$a) (forall ((?v1 Nat$)) (=>
(and (fun_app$a (less$ zero$) ?v1) (fun_app$a (less$ ?v1) ?v0)) (not (=
(of_nat$b ?v1) zero$a)))))) (= (semiring_char$ type$c) ?v0))) :named
a235))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v0) (and (= (fun_app$b of_nat$ ?v0) zero$) (forall ((?v1 Nat$))
(=> (and (fun_app$a (less$ zero$) ?v1) (fun_app$a (less$ ?v1) ?v0))
(not (= (fun_app$b of_nat$ ?v1) zero$)))))) (= (semiring_char$a type$e)
?v0))) :named a236))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v0) (and (= (of_nat$a ?v0) 0) (forall ((?v1 Nat$)) (=> (and
(fun_app$a (less$ zero$) ?v1) (fun_app$a (less$ ?v1) ?v0)) (not (=
(of_nat$a ?v1) 0)))))) (= (semiring_char$b type$d) ?v0))) :named a237))
       (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$a ?v0) (unsigned$c ?v0))) :pattern ((signed$a ?v0)))) :named
a238))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (<= 0 ?v0) (= (nat$
(times$a ?v0 ?v1)) (fun_app$b (times$b (nat$ ?v0)) (nat$ ?v1)))))
:named a239))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a240))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (= (take_bit$a
?v0 ?v1) ?v1) (= (drop_bit$a ?v0 ?v1) zero$a))) :named a241))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (fun_app$b
(take_bit$b ?v0) ?v1) ?v1) (= (fun_app$b (drop_bit$ ?v0) ?v1) zero$)))
:named a242))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (= (take_bit$ ?v0
?v1) ?v1) (= (drop_bit$b ?v0 ?v1) 0))) :named a243))
       (assert (! (= (semiring_char$a type$e) zero$) :named a244))
       (assert (! (= (semiring_char$b type$d) zero$) :named a245))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0) (=
(bin_sign$ (signed_take_bit$ (fun_app$b (minus$ (len_of$a type$a))
one$) (unsigned$b ?v0))) (- 1))) :pattern ((msb$a ?v0)))) :named a246))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (=
(bin_sign$ (signed_take_bit$ (fun_app$b (minus$ (len_of$ type$)) one$)
(unsigned$ ?v0))) (- 1))) :pattern ((msb$ ?v0)))) :named a247))
       (assert (! (= (of_nat$b (semiring_char$ type$c)) zero$a) :named
a248))
       (assert (! (= (fun_app$b of_nat$ (semiring_char$a type$e))
zero$) :named a249))
       (assert (! (= (of_nat$a (semiring_char$b type$d)) 0) :named
a250))
       (assert (! (= (< 0 0) false) :named a251))
       (assert (! (forall ((?v0 A_word$)) (= (minus$a zero$a ?v0)
(uminus$ ?v0))) :named a252))
       (assert (! (forall ((?v0 Int)) (= (- 0 ?v0) (- ?v0))) :named
a253))
       (assert (! (= (fun_app$a (less$ zero$) (semiring_char$ type$c))
(exists ((?v0 Nat$)) (and (fun_app$a (less$ zero$) ?v0) (= (of_nat$b
?v0) zero$a)))) :named a254))
       (assert (! (= (fun_app$a (less$ zero$) (semiring_char$a type$e))
(exists ((?v0 Nat$)) (and (fun_app$a (less$ zero$) ?v0) (= (fun_app$b
of_nat$ ?v0) zero$)))) :named a255))
       (assert (! (= (fun_app$a (less$ zero$) (semiring_char$b type$d))
(exists ((?v0 Nat$)) (and (fun_app$a (less$ zero$) ?v0) (= (of_nat$a
?v0) 0)))) :named a256))
       (assert (! (forall ((?v0 A_word$)) (= (less$b ?v0 one$b) (= ?v0
zero$a))) :named a257))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a258))
       (assert (! (= (of_nat$a zero$) 0) :named a259))
       (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(less$b zero$a ?v0))) :named a260))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a261))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less_eq$
?v0 ?v1) (fun_app$a (less_eq$a (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less_eq$ ?v0 ?v1)))) :named a262))
       (assert (! (forall ((?v0 Int)) (=> (and (< ?v0 0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (- (of_nat$a ?v1))) (fun_app$a (less$ zero$)
?v1)) false))) false)) :named a263))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (less$b (of_nat$b
?v0) (of_nat$b ?v1)) (fun_app$a (less$ (fun_app$b (take_bit$b (len_of$
type$)) ?v0)) (fun_app$b (take_bit$b (len_of$ type$)) ?v1)))) :named
a264))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (=
(word_sle$ ?v0 ?v1) (and (=> (msb$ ?v1) (msb$ ?v0)) (or (and (msb$ ?v0)
(not (msb$ ?v1))) (less_eq$ ?v0 ?v1)))) :pattern ((word_sle$ ?v0
?v1)))) :named a265))
       (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a266))
       (assert (! (forall ((?v0 Int)) (= (* 0 ?v0) 0)) :named a267))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (times$b zero$)
?v0) zero$)) :named a268))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) (- ?v1))
(= ?v0 ?v1))) :named a269))
       (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a270))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$a
(less$ ?v0) (len_of$ type$)) (= (fun_app$a (nth$ (to_bl$a ?v1)) ?v0)
(fun_app$a (bit$a ?v1) (fun_app$b (minus$ (len_of$ type$)) (fun_app$b
suc$ ?v0)))))) :named a271))
       (assert (! (= 0 0) :named a272))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (fun_app$a (less_eq$a (fun_app$b (minus$ (fun_app$b (power$c
(numeral$b (bit0$ one$a))) (fun_app$b (minus$ (len_of$ type$)) ?v0)))
one$)) ?v1) (fun_app$a (less$ zero$) ?v0)) (fun_app$a (less_eq$a
(unsigned$a (fun_app$ (shiftr$ ?v2) ?v0))) ?v1))) :named a273))
       (assert (! (= (sub$ one$a one$a) 0) :named a274))
       (assert (! (forall ((?v0 Int)) (= (= (- ?v0) 0) (= ?v0 0)))
:named a275))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (< (drop_bit$b ?v0
?v1) 0) (< ?v1 0))) :named a276))
       (assert (! (forall ((?v0 Int)) (= (= ?v0 (- ?v0)) (= ?v0 0)))
:named a277))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (plus$ zero$) ?v0)
?v0)) :named a278))
       (assert (! (forall ((?v0 Int)) (= (+ 0 ?v0) ?v0)) :named a279))
       (assert (! (forall ((?v0 Int)) (= (= (- ?v0) ?v0) (= ?v0 0)))
:named a280))
       (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (power$b ?v0)
zero$) 1) :pattern ((power$b ?v0)))) :named a281))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (power$c ?v0)
zero$) one$) :pattern ((power$c ?v0)))) :named a282))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) (- ?v1))
(< ?v1 ?v0))) :named a283))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (take_bit$b ?v0)
zero$) zero$)) :named a284))
       (assert (! (forall ((?v0 Nat$)) (= (take_bit$ ?v0 0) 0)) :named
a285))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (msb$b (fun_app$c
(shiftr$b ?v0) ?v1)) (msb$b ?v0))) :named a286))
       (assert (! (forall ((?v0 Int)) (= (< ?v0 (- ?v0)) (< ?v0 0)))
:named a287))
       (assert (! (forall ((?v0 Int)) (= (< (- ?v0) ?v0) (< 0 ?v0)))
:named a288))
       (assert (! (forall ((?v0 Int)) (= (< 0 (- ?v0)) (< ?v0 0)))
:named a289))
       (assert (! (forall ((?v0 Int)) (= (< (- ?v0) 0) (< 0 ?v0)))
:named a290))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (less_eq$a zero$)
?v0)) :named a291))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (times$b ?v0)
zero$) zero$) :pattern ((times$b ?v0)))) :named a292))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (- (of_nat$a
?v0)) (of_nat$a ?v1)) (and (= ?v0 zero$) (= ?v1 zero$)))) :named a293))
       (assert (! (= (numeral$b one$a) one$) :named a294))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$ ?v0
(of_nat$a ?v1)) (of_nat$a (fun_app$b (take_bit$b ?v0) ?v1)))) :named
a295))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.006s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       0 < LENGTH('a signed signed)
       0 < LENGTH('a signed)
       0 < LENGTH('a)
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (x >> 0 = x)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀a. (a ≠ 0) = (0 < a)
       ∀n. (n ≠ 0) = (0 < n)
       ∀n. (n < 0) = False
       ∀n. (¬ 0 < n) = (n = 0)
       LENGTH('a signed signed) ≠ 0
       LENGTH('a signed) ≠ 0
       LENGTH('a) ≠ 0
       ∀w v. LENGTH('a signed signed) = 0 ⟶ w = v
       ∀w v. LENGTH('a signed) = 0 ⟶ w = v
       ∀w v. LENGTH('a) = 0 ⟶ w = v
       ∀a. ¬ a < 0
       ∀uu. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of uu = 0)
       ∀w k n. w < k ⟶ w >> n < k
       ∀w k n. w < k ⟶ w >> n < k
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
       ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
       ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
       ∀n. n < n ⟶ False
       ∀s t. s < t ⟶ s ≠ t
       ∀n m. n < m ⟶ m ≠ n
       ∀n. ¬ n < n
       ∀m n. (m ≠ n) = (m < n ∨ n < m)
       ∀n. (0 < n) = (n ≠ 0)
       ∀m n. m < n ⟶ n ≠ 0
       ∀n. ¬ n < 0
       ∀n. (n = 0 ⟶ False) ⟶ 0 < n
       ∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀m n. m < n ⟶ n ≠ 0
       ∀n<0. False
       ∀n. ¬ n < 0
       ∀n. (¬ 0 < n) = (n = 0)
       ∀n. (n = 0 ⟶ False) ⟶ 0 < n
       ∀y. 0 < y ∨ 0 = y
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a signed signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0 signed signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0 signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0))
       ¬ 0 < 0
       ¬ 0 < 0
       ∀n. (0 < of_nat n) = (0 < n)
       ∀n. (0 < int n) = (0 < n)
       ∀m. possible_bit TYPE('a signed signed word) m = (m < LENGTH('a
signed signed))
       ∀m. possible_bit TYPE('a signed word) m = (m < LENGTH('a
signed))
       ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
       ¬ msb 0
       ∀m n. (of_nat m = of_nat n) = (m = n)
       ∀m n. (int m = int n) = (m = n)
       word_of_nat 0 = 0
       word_of_nat 0 = 0
       of_nat 0 = 0
       int 0 = 0
       ∀n. (0 = of_nat n) = (0 = n)
       ∀n. (0 = int n) = (0 = n)
       ∀m. (of_nat m = 0) = (m = 0)
       ∀m. (int m = 0) = (m = 0)
       ∀m n. (of_nat m < of_nat n) = (m < n)
       ∀m n. (int m < int n) = (m < n)
       ∀x. ¬ x < 0
       ∀x. ¬ x < 0
       ∀a. ¬ a < 0
       ∀a. ¬ a < 0
       ∀y. (0 < y) = (0 ≠ y)
       ∀y. (0 < y) = (0 ≠ y)
       ∀w. (w ≠ 0) = (0 < w)
       ∀w. (w ≠ 0) = (0 < w)
       ∀a. (0 < a) = (a ≠ 0)
       ∀a. (0 < a) = (a ≠ 0)
       0 = word_of_nat 0
       0 = word_of_nat 0
       ∀m. ¬ of_nat m < 0
       ∀m. ¬ int m < 0
       ∀m n. m < n ⟶ of_nat m < of_nat n
       ∀m n. m < n ⟶ int m < int n
       ∀m n. of_nat m < of_nat n ⟶ m < n
       ∀m n. int m < int n ⟶ m < n
       ∀k. word_of_nat k ≠ 0 ⟶ 0 < k
       ∀k. word_of_nat k ≠ 0 ⟶ 0 < k
       ∀k. of_nat k ≠ 0 ⟶ 0 < k
       ∀k. int k ≠ 0 ⟶ 0 < k
       ∀ty. possible_bit ty 0
       ∀ty. possible_bit ty 0
       ∀ty. possible_bit ty 0
       ∀ty. possible_bit ty 0
       ∀n. possible_bit TYPE(int) n
       ∀n. possible_bit TYPE(nat) n
       ∀a n. a < n ⟶ 0 < n
       ∀a n. a < n ⟶ 0 < n
       ∀k. 0 < k ∧ (∀n. k = int n ∧ 0 < n ⟶ False) ⟶ False
       ∀k>0. ∃n>0. k = int n
       (CHAR('a signed word) = 0) = (∀n>0. word_of_nat n ≠ 0)
       (CHAR('a word) = 0) = (∀n>0. word_of_nat n ≠ 0)
       (CHAR(nat) = 0) = (∀n>0. of_nat n ≠ 0)
       (CHAR(int) = 0) = (∀n>0. int n ≠ 0)
       ∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
           CHAR('a signed word) = c
       ∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
           CHAR('a word) = c
       ∀c. 0 < c ∧ of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ of_nat x ≠ 0) ⟶
CHAR(nat) = c
       ∀c. 0 < c ∧ int c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ int x ≠ 0) ⟶
CHAR(int) = c
       ∀m n. (int m = int n) = (m = n)
       CHAR(int) = 0
       CHAR(nat) = 0
       word_of_nat CHAR('a signed word) = 0
       word_of_nat CHAR('a word) = 0
       of_nat CHAR(nat) = 0
       int CHAR(int) = 0
       (0 < 0) = False
       (0 < CHAR('a signed word)) = (∃n>0. word_of_nat n = 0)
       (0 < CHAR('a word)) = (∃n>0. word_of_nat n = 0)
       (0 < CHAR(nat)) = (∃n>0. of_nat n = 0)
       (0 < CHAR(int)) = (∃n>0. int n = 0)
       ∀a b. (a < b) = (int a < int b)
       int 0 = 0
       ∀x y. (int x = int y) = (x = y)
       ∀k. k < 0 ∧ (∀n. k = - int n ∧ 0 < n ⟶ False) ⟶ False
       ∀m n. (word_of_nat m < word_of_nat n) =
             (take_bit LENGTH('a signed signed) m < take_bit LENGTH('a
signed signed) n)
       ∀m n. (word_of_nat m < word_of_nat n) =
             (take_bit LENGTH('a signed) m < take_bit LENGTH('a signed)
n)
       ∀m n. (word_of_nat m < word_of_nat n) = (take_bit LENGTH('a) m <
take_bit LENGTH('a) n)
       ∀a. - (- a) = a
       ∀a. - (- a) = a
       ∀a b. (- a = - b) = (a = b)
       ∀a b. (- a = - b) = (a = b)
       ∀b. - (- b) = b
       ∀b. - (- b) = b
       - 0 = 0
       0 = 0
       ∀a. (0 = - a) = (0 = a)
       ∀a. (0 = - a) = (0 = a)
       ∀a. (- a = 0) = (a = 0)
       ∀a. (- a = 0) = (a = 0)
       ∀a. (a = - a) = (a = 0)
       ∀a. (- a = a) = (a = 0)
       ∀b a. (- b < - a) = (a < b)
       ∀n. take_bit n 0 = 0
       ∀n. take_bit n 0 = 0
       ∀n. take_bit n 0 = 0
       ∀n. take_bit n 0 = 0
       ∀a. (a < - a) = (a < 0)
       ∀a. (- a < a) = (0 < a)
       ∀a. (0 < - a) = (a < 0)
       ∀a. (- a < 0) = (0 < a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (take_bit 0 a = 0)
       ∀n m. (- int n = int m) = (n = 0 ∧ m = 0)
       ∀n m. take_bit n (word_of_nat m) = word_of_nat (take_bit n m)
       ∀n m. take_bit n (of_nat m) = of_nat (take_bit n m)
       ∀n m. take_bit n (word_of_nat m) = word_of_nat (take_bit n m)
       ∀n m. take_bit n (int m) = int (take_bit n m)
       ∀a b. a < b ⟶ - b < - a
       ∀a b. (a = - b) = (b = - a)
       ∀a b. (a = - b) = (b = - a)
       ∀a b. (- a = b) = (- b = a)
       ∀a b. (- a = b) = (- b = a)
       ∀a b. a = b ⟶ - a = - b
       ∀a b. (a < - b) = (b < - a)
       ∀a b. (- a < b) = (- b < a)
       0 = 0
       ∀z. (∀n. z = int n ⟶ False) ∧ (∀n. z = - int n ⟶ False) ⟶ False
       ∀n m. ¬ int n < - int m
       ∀m. (∀n. m = int n ⟶ False) ∧ (∀n. 0 < n ∧ m = - int n ⟶ False)
⟶ False
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            ((a < a) = False)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            ((a < a) = False)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            ((a < a) = False)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            ((a < a) = False)
       ∀a b. (a = b) = (int a = int b)
       ∀x y. int x = int y ⟶ x = y
       ∀P a b. int (if P then a else b) = (if P then int a else int b)
       ∀k. (k = 0 ⟶ False) ∧
           (∀n. k = int n ∧ 0 < n ⟶ False) ∧ (∀n. k = - int n ∧ 0 < n ⟶
False) ⟶
           False
       ∀m n. (word_of_nat m = word_of_nat n) =
             (take_bit LENGTH('a signed signed) m = take_bit LENGTH('a
signed signed) n)
       ∀m n. (word_of_nat m = word_of_nat n) =
             (take_bit LENGTH('a signed) m = take_bit LENGTH('a signed)
n)
       ∀m n. (word_of_nat m = word_of_nat n) = (take_bit LENGTH('a) m =
take_bit LENGTH('a) n)
       ∀w. take_bit LENGTH('a signed signed) w = w
       ∀w. take_bit LENGTH('a signed) w = w
       ∀w. take_bit LENGTH('a) w = w
       ∀n k. take_bit n (- take_bit n k) = take_bit n (- k)
       ∀n k. ¬ take_bit n k < 0
       ∀k n. (k < take_bit n k) = (k < 0)
       take_bit LENGTH('a signed signed) 0 = take_bit LENGTH('a signed
signed) 0
       take_bit LENGTH('a signed) 0 = take_bit LENGTH('a signed) 0
       take_bit LENGTH('a) 0 = take_bit LENGTH('a) 0
       ∀n. uint (word_of_nat n) = int (take_bit LENGTH('a) n)
       ∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a) n)
       ∀n. UCAST('a → 'a) (word_of_nat n) = word_of_nat (take_bit
LENGTH('a) n)
       ∀n. uint (word_of_nat n) = int (take_bit LENGTH('a signed) n)
       ∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a signed) n)
       ∀n. UCAST('a signed → 'a) (word_of_nat n) = word_of_nat
(take_bit LENGTH('a signed) n)
       ∀n. UCAST('a → 'a signed) (word_of_nat n) = word_of_nat
(take_bit LENGTH('a) n)
       ∀n. uint (word_of_nat n) = int (take_bit LENGTH('a signed
signed) n)
       ∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a signed
signed) n)
       ∀n. UCAST('a signed → 'a signed) (word_of_nat n) =
           word_of_nat (take_bit LENGTH('a signed) n)
       ∀z. (0 < nat z) = (0 < z)
       ∀n w. sint (take_bit n w) =
             (if n < LENGTH('a signed signed) then take_bit n (sint w)
else sint w)
       ∀n w. SCAST('a signed signed → 'a) (take_bit n w) =
             (if n < LENGTH('a signed signed) then take_bit n (SCAST('a
signed signed → 'a) w)
              else SCAST('a signed signed → 'a) w)
       ∀n w. SCAST('a signed signed → 'a signed) (take_bit n w) =
             (if n < LENGTH('a signed signed)
              then take_bit n (SCAST('a signed signed → 'a signed) w)
              else SCAST('a signed signed → 'a signed) w)
       ∀n w. SCAST('a → 'a signed) (take_bit n w) =
             (if n < LENGTH('a) then take_bit n (SCAST('a → 'a signed)
w)
              else SCAST('a → 'a signed) w)
       ∀n w. SCAST('a signed → 'a signed) (take_bit n w) =
             (if n < LENGTH('a signed) then take_bit n (SCAST('a signed
→ 'a signed) w)
              else SCAST('a signed → 'a signed) w)
       ∀n w. sint (take_bit n w) =
             (if n < LENGTH('a signed) then take_bit n (sint w) else
sint w)
       ∀n w. SCAST('a signed → 'a) (take_bit n w) =
             (if n < LENGTH('a signed) then take_bit n (SCAST('a signed
→ 'a) w)
              else SCAST('a signed → 'a) w)
       ∀n w. SCAST('a → 'a) (take_bit n w) =
             (if n < LENGTH('a) then take_bit n (SCAST('a → 'a) w) else
SCAST('a → 'a) w)
       ∀n w. sint (take_bit n w) = (if n < LENGTH('a) then take_bit n
(sint w) else sint w)
       ∀x. SCAST('a signed → 'a signed signed) (word_of_nat x) =
word_of_nat x
       ∀x. SCAST('a → 'a signed) (word_of_nat x) = word_of_nat x
       ∀x. SCAST('a signed signed → 'a signed) (word_of_nat x) =
word_of_nat x
       ∀x. SCAST('a signed → 'a) (word_of_nat x) = word_of_nat x
       ∀x. word_of_nat (unat x) = x
       ∀x. word_of_nat (unat x) = x
       ∀w. int (unat w) = uint w
       ∀w. word_of_nat (unat w) = UCAST('a → 'a signed) w
       ∀w. word_of_nat (unat w) = UCAST('a → 'a) w
       ∀w. of_nat (unat w) = unat w
       ∀w. int (unat w) = uint w
       ∀x. (uint x < 0) = False 
SMT: Names:
       sorts:
         Nat$ = nat
         A_word$ = 'a word
         A_itself$ = 'a itself
         Int_itself$ = int itself
         Nat_itself$ = nat itself
         Nat_int_fun$ = nat ⇒ int
         Nat_nat_fun$ = nat ⇒ nat
         Num0_itself$ = 0 itself
         Int_bool_fun$ = int ⇒ bool
         Nat_bool_fun$ = nat ⇒ bool
         A_signed_word$ = 'a signed word
         A_word_itself$ = 'a word itself
         Nat_a_word_fun$ = nat ⇒ 'a word
         A_signed_itself$ = 'a signed itself
         A_word_bool_fun$ = 'a word ⇒ bool
         Num0_signed_itself$ = 0 signed itself
         A_signed_signed_word$ = 'a signed signed word
         A_signed_word_itself$ = 'a signed word itself
         A_signed_signed_itself$ = 'a signed signed itself
         A_signed_word_bool_fun$ = 'a signed word ⇒ bool
         Num0_signed_signed_itself$ = 0 signed signed itself
         A_signed_signed_word_itself$ = 'a signed signed word itself
         A_signed_signed_signed_itself$ = 'a signed signed signed
itself
         Num0_signed_signed_signed_itself$ = 0 signed signed signed
itself
       functions:
         r$ = r
         x$ = x
         uu$ = uu
         msb$ = msb
         nat$ = nat
         less$ = (<)
         type$ = TYPE('a)
         zero$ = 0
         less$a = (<)
         less$b = (<)
         less$c = (<)
         type$a = TYPE('a signed signed)
         type$b = TYPE('a signed)
         type$c = TYPE(0 signed signed)
         type$d = TYPE(0 signed)
         type$e = TYPE(0)
         type$f = TYPE('a signed signed word)
         type$g = TYPE('a signed word)
         type$h = TYPE('a word)
         type$i = TYPE(int)
         type$j = TYPE(nat)
         zero$a = 0
         zero$b = 0
         len_of$ = len_of
         of_nat$ = of_nat
         shiftr$ = (>>)
         signed$ = sint
         uminus$ = uminus
         fun_app$ = SMT.fun_app
         len_of$a = len_of
         len_of$b = len_of
         len_of$c = len_of
         len_of$d = len_of
         len_of$e = len_of
         len_of$f = len_of
         len_of$g = len_of
         of_nat$a = int
         of_nat$b = word_of_nat
         of_nat$c = word_of_nat
         of_nat$d = word_of_nat
         shiftr$a = (>>)
         shiftr$b = (>>)
         shiftr$c = (>>)
         signed$a = SCAST('a signed signed → 'a)
         signed$b = SCAST('a signed signed → 'a signed)
         signed$c = SCAST('a → 'a signed)
         signed$d = SCAST('a signed → 'a signed)
         signed$e = sint
         signed$f = SCAST('a signed → 'a)
         signed$g = SCAST('a → 'a)
         signed$h = sint
         signed$i = SCAST('a signed → 'a signed signed)
         fun_app$a = SMT.fun_app
         fun_app$b = SMT.fun_app
         fun_app$c = SMT.fun_app
         fun_app$d = SMT.fun_app
         fun_app$e = SMT.fun_app
         fun_app$f = SMT.fun_app
         take_bit$ = take_bit
         unsigned$ = uint
         take_bit$a = take_bit
         take_bit$b = take_bit
         take_bit$c = take_bit
         take_bit$d = take_bit
         unsigned$a = unat
         unsigned$b = UCAST('a → 'a)
         unsigned$c = uint
         unsigned$d = unat
         unsigned$e = UCAST('a signed → 'a)
         unsigned$f = UCAST('a → 'a signed)
         unsigned$g = uint
         unsigned$h = unat
         unsigned$i = UCAST('a signed → 'a signed)
         possible_bit$ = possible_bit
         possible_bit$a = possible_bit
         possible_bit$b = possible_bit
         possible_bit$c = possible_bit
         possible_bit$d = possible_bit
         semiring_char$ = semiring_char
         semiring_char$a = semiring_char
         semiring_char$b = semiring_char
         semiring_char$c = semiring_char 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9955
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Int_itself$ 0)
       (declare-sort Nat_itself$ 0)
       (declare-sort Nat_int_fun$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort Num0_itself$ 0)
       (declare-sort Int_bool_fun$ 0)
       (declare-sort Nat_bool_fun$ 0)
       (declare-sort A_signed_word$ 0)
       (declare-sort A_word_itself$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-sort A_signed_itself$ 0)
       (declare-sort A_word_bool_fun$ 0)
       (declare-sort Num0_signed_itself$ 0)
       (declare-sort A_signed_signed_word$ 0)
       (declare-sort A_signed_word_itself$ 0)
       (declare-sort A_signed_signed_itself$ 0)
       (declare-sort A_signed_word_bool_fun$ 0)
       (declare-sort Num0_signed_signed_itself$ 0)
       (declare-sort A_signed_signed_word_itself$ 0)
       (declare-sort A_signed_signed_signed_itself$ 0)
       (declare-sort Num0_signed_signed_signed_itself$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun uu$ (Int) Int_bool_fun$)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun nat$ (Int) Nat$)
       (declare-fun less$ (Nat$) Nat_bool_fun$)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun less$a (A_signed_word$) A_signed_word_bool_fun$)
       (declare-fun less$b (A_word$) A_word_bool_fun$)
       (declare-fun less$c (A_signed_signed_word$
A_signed_signed_word$) Bool)
       (declare-fun type$a () A_signed_signed_itself$)
       (declare-fun type$b () A_signed_itself$)
       (declare-fun type$c () Num0_signed_signed_itself$)
       (declare-fun type$d () Num0_signed_itself$)
       (declare-fun type$e () Num0_itself$)
       (declare-fun type$f () A_signed_signed_word_itself$)
       (declare-fun type$g () A_signed_word_itself$)
       (declare-fun type$h () A_word_itself$)
       (declare-fun type$i () Int_itself$)
       (declare-fun type$j () Nat_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun zero$b () A_signed_word$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun of_nat$ (Nat$) Nat$)
       (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
       (declare-fun signed$ (A_signed_signed_word$) Int)
       (declare-fun uminus$ (A_word$) A_word$)
       (declare-fun fun_app$ (Int_bool_fun$ Int) Bool)
       (declare-fun len_of$a (A_signed_signed_itself$) Nat$)
       (declare-fun len_of$b (A_signed_itself$) Nat$)
       (declare-fun len_of$c (Num0_itself$) Nat$)
       (declare-fun len_of$d (A_signed_signed_signed_itself$) Nat$)
       (declare-fun len_of$e (Num0_signed_signed_signed_itself$) Nat$)
       (declare-fun len_of$f (Num0_signed_signed_itself$) Nat$)
       (declare-fun len_of$g (Num0_signed_itself$) Nat$)
       (declare-fun of_nat$a (Nat$) Int)
       (declare-fun of_nat$b (Nat$) A_signed_word$)
       (declare-fun of_nat$c (Nat$) A_word$)
       (declare-fun of_nat$d (Nat$) A_signed_signed_word$)
       (declare-fun shiftr$a (Int) Nat_int_fun$)
       (declare-fun shiftr$b (Nat$) Nat_nat_fun$)
       (declare-fun shiftr$c (A_signed_word$ Nat$) A_signed_word$)
       (declare-fun signed$a (A_signed_signed_word$) A_word$)
       (declare-fun signed$b (A_signed_signed_word$) A_signed_word$)
       (declare-fun signed$c (A_word$) A_signed_word$)
       (declare-fun signed$d (A_signed_word$) A_signed_word$)
       (declare-fun signed$e (A_signed_word$) Int)
       (declare-fun signed$f (A_signed_word$) A_word$)
       (declare-fun signed$g (A_word$) A_word$)
       (declare-fun signed$h (A_word$) Int)
       (declare-fun signed$i (A_signed_word$) A_signed_signed_word$)
       (declare-fun fun_app$a (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun fun_app$b (Nat_bool_fun$ Nat$) Bool)
       (declare-fun fun_app$c (Nat_int_fun$ Nat$) Int)
       (declare-fun fun_app$d (Nat_nat_fun$ Nat$) Nat$)
       (declare-fun fun_app$e (A_signed_word_bool_fun$ A_signed_word$)
Bool)
       (declare-fun fun_app$f (A_word_bool_fun$ A_word$) Bool)
       (declare-fun take_bit$ (Nat$ Nat$) Nat$)
       (declare-fun unsigned$ (A_word$) Int)
       (declare-fun take_bit$a (Nat$ A_signed_word$) A_signed_word$)
       (declare-fun take_bit$b (Nat$ A_word$) A_word$)
       (declare-fun take_bit$c (Nat$ Int) Int)
       (declare-fun take_bit$d (Nat$ A_signed_signed_word$)
A_signed_signed_word$)
       (declare-fun unsigned$a (A_word$) Nat$)
       (declare-fun unsigned$b (A_word$) A_word$)
       (declare-fun unsigned$c (A_signed_word$) Int)
       (declare-fun unsigned$d (A_signed_word$) Nat$)
       (declare-fun unsigned$e (A_signed_word$) A_word$)
       (declare-fun unsigned$f (A_word$) A_signed_word$)
       (declare-fun unsigned$g (A_signed_signed_word$) Int)
       (declare-fun unsigned$h (A_signed_signed_word$) Nat$)
       (declare-fun unsigned$i (A_signed_word$) A_signed_word$)
       (declare-fun possible_bit$ (A_signed_signed_word_itself$)
Nat_bool_fun$)
       (declare-fun possible_bit$a (A_signed_word_itself$)
Nat_bool_fun$)
       (declare-fun possible_bit$b (A_word_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$c (Nat_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$d (Int_itself$) Nat_bool_fun$)
       (declare-fun semiring_char$ (A_signed_word_itself$) Nat$)
       (declare-fun semiring_char$a (A_word_itself$) Nat$)
       (declare-fun semiring_char$b (Nat_itself$) Nat$)
       (declare-fun semiring_char$c (Int_itself$) Nat$)
       (assert (! (forall ((?v0 Int) (?v1 Int)) (! (= (fun_app$ (uu$
?v0) ?v1) (< ?v0 ?v1)) :pattern ((fun_app$ (uu$ ?v0) ?v1)))) :named
a0))
       (assert (! (not (= (msb$ (fun_app$a (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a1))
       (assert (! (fun_app$b (less$ r$) (len_of$ type$)) :named a2))
       (assert (! (fun_app$b (less$ zero$) (len_of$a type$a)) :named
a3))
       (assert (! (fun_app$b (less$ zero$) (len_of$b type$b)) :named
a4))
       (assert (! (fun_app$b (less$ zero$) (len_of$ type$)) :named a5))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$a (shiftr$
?v0) zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a6))
       (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a7))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$d (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a8))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$a (shiftr$
?v0) zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a9))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$d (shiftr$b zero$)
?v0) zero$)) :named a10))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$c (shiftr$a 0) ?v0)
0)) :named a11))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (shiftr$ zero$a)
?v0) zero$a)) :named a12))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$b (less$ zero$) ?v0))) :named a13))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$b (less$ zero$) ?v0))) :named a14))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (less$ ?v0) zero$)
false)) :named a15))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$b (less$ zero$)
?v0)) (= ?v0 zero$))) :named a16))
       (assert (! (not (= (len_of$a type$a) zero$)) :named a17))
       (assert (! (not (= (len_of$b type$b) zero$)) :named a18))
       (assert (! (not (= (len_of$ type$) zero$)) :named a19))
       (assert (! (forall ((?v0 A_signed_signed_word$) (?v1
A_signed_signed_word$)) (=> (= (len_of$a type$a) zero$) (= ?v0 ?v1)))
:named a20))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (= (len_of$b type$b) zero$) (= ?v0 ?v1))) :named a21))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a22))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
zero$))) :named a23))
       (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$c ?v0)
zero$) :pattern ((len_of$c ?v0)))) :named a24))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$)
(?v2 Nat$)) (=> (fun_app$e (less$a ?v0) ?v1) (fun_app$e (less$a
(shiftr$c ?v0 ?v2)) ?v1))) :named a25))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(fun_app$f (less$b ?v0) ?v1) (fun_app$f (less$b (fun_app$a (shiftr$
?v0) ?v2)) ?v1))) :named a26))
       (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a27))
       (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a28))
       (assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a29))
       (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a30))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$b (less$ ?v0) ?v1) false) (=> (fun_app$b (less$
?v1) ?v0) false))) false)) :named a31))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$b ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$b (less$ ?v3) ?v2) (not (fun_app$b ?v0 ?v3)))))) (fun_app$b
?v0 ?v1))) :named a32))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$b (less$ ?v3) ?v2)
(fun_app$b ?v0 ?v3))) (fun_app$b ?v0 ?v2))) (fun_app$b ?v0 ?v1)))
:named a33))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$b (less$ ?v0) ?v0)
false)) :named a34))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a35))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a36))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
?v0))) :named a37))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$b (less$ ?v0) ?v1) (fun_app$b (less$ ?v1) ?v0)))) :named
a38))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a39))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a40))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
zero$))) :named a41))
       (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$b (less$ zero$) ?v0))) :named a42))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (and
(fun_app$b ?v0 zero$) (forall ((?v2 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v2) (not (fun_app$b ?v0 ?v2))) (exists ((?v3 Nat$)) (and
(fun_app$b (less$ ?v3) ?v2) (not (fun_app$b ?v0 ?v3))))))) (fun_app$b
?v0 ?v1))) :named a43))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a44))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$b (less$ ?v0)
zero$) false)) :named a45))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
zero$))) :named a46))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$b (less$ zero$)
?v0)) (= ?v0 zero$))) :named a47))
       (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$b (less$ zero$) ?v0))) :named a48))
       (assert (! (forall ((?v0 Nat$)) (or (fun_app$b (less$ zero$)
?v0) (= zero$ ?v0))) :named a49))
       (assert (! (forall ((?v0 A_signed_signed_signed_itself$)) (! (=
(len_of$d ?v0) (len_of$a type$a)) :pattern ((len_of$d ?v0)))) :named
a50))
       (assert (! (forall ((?v0 Num0_signed_signed_signed_itself$)) (!
(= (len_of$e ?v0) (len_of$f type$c)) :pattern ((len_of$e ?v0)))) :named
a51))
       (assert (! (forall ((?v0 Num0_signed_signed_itself$)) (! (=
(len_of$f ?v0) (len_of$g type$d)) :pattern ((len_of$f ?v0)))) :named
a52))
       (assert (! (forall ((?v0 A_signed_signed_itself$)) (! (=
(len_of$a ?v0) (len_of$b type$b)) :pattern ((len_of$a ?v0)))) :named
a53))
       (assert (! (forall ((?v0 A_signed_itself$)) (! (= (len_of$b ?v0)
(len_of$ type$)) :pattern ((len_of$b ?v0)))) :named a54))
       (assert (! (forall ((?v0 Num0_signed_itself$)) (! (= (len_of$g
?v0) (len_of$c type$e)) :pattern ((len_of$g ?v0)))) :named a55))
       (assert (! (not (fun_app$b (less$ zero$) zero$)) :named a56))
       (assert (! (not (< 0 0)) :named a57))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (less$ zero$)
(of_nat$ ?v0)) (fun_app$b (less$ zero$) ?v0))) :named a58))
       (assert (! (forall ((?v0 Nat$)) (= (< 0 (of_nat$a ?v0))
(fun_app$b (less$ zero$) ?v0))) :named a59))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (possible_bit$
type$f) ?v0) (fun_app$b (less$ ?v0) (len_of$a type$a)))) :named a60))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (possible_bit$a
type$g) ?v0) (fun_app$b (less$ ?v0) (len_of$b type$b)))) :named a61))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (possible_bit$b
type$h) ?v0) (fun_app$b (less$ ?v0) (len_of$ type$)))) :named a62))
       (assert (! (not (msb$ zero$a)) :named a63))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$ ?v0)
(of_nat$ ?v1)) (= ?v0 ?v1))) :named a64))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a65))
       (assert (! (= (of_nat$b zero$) zero$b) :named a66))
       (assert (! (= (of_nat$c zero$) zero$a) :named a67))
       (assert (! (= (of_nat$ zero$) zero$) :named a68))
       (assert (! (= (of_nat$a zero$) 0) :named a69))
       (assert (! (forall ((?v0 Nat$)) (= (= zero$ (of_nat$ ?v0)) (=
zero$ ?v0))) :named a70))
       (assert (! (forall ((?v0 Nat$)) (= (= 0 (of_nat$a ?v0)) (= zero$
?v0))) :named a71))
       (assert (! (forall ((?v0 Nat$)) (= (= (of_nat$ ?v0) zero$) (=
?v0 zero$))) :named a72))
       (assert (! (forall ((?v0 Nat$)) (= (= (of_nat$a ?v0) 0) (= ?v0
zero$))) :named a73))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b (less$
(of_nat$ ?v0)) (of_nat$ ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named
a74))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named a75))
       (assert (! (forall ((?v0 A_signed_word$)) (not (fun_app$e
(less$a ?v0) zero$b))) :named a76))
       (assert (! (forall ((?v0 A_word$)) (not (fun_app$f (less$b ?v0)
zero$a))) :named a77))
       (assert (! (forall ((?v0 A_signed_word$)) (not (fun_app$e
(less$a ?v0) zero$b))) :named a78))
       (assert (! (forall ((?v0 A_word$)) (not (fun_app$f (less$b ?v0)
zero$a))) :named a79))
       (assert (! (forall ((?v0 A_signed_word$)) (= (fun_app$e (less$a
zero$b) ?v0) (not (= zero$b ?v0)))) :named a80))
       (assert (! (forall ((?v0 A_word$)) (= (fun_app$f (less$b zero$a)
?v0) (not (= zero$a ?v0)))) :named a81))
       (assert (! (forall ((?v0 A_signed_word$)) (= (not (= ?v0
zero$b)) (fun_app$e (less$a zero$b) ?v0))) :named a82))
       (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(fun_app$f (less$b zero$a) ?v0))) :named a83))
       (assert (! (forall ((?v0 A_signed_word$)) (= (fun_app$e (less$a
zero$b) ?v0) (not (= ?v0 zero$b)))) :named a84))
       (assert (! (forall ((?v0 A_word$)) (= (fun_app$f (less$b zero$a)
?v0) (not (= ?v0 zero$a)))) :named a85))
       (assert (! (= zero$b (of_nat$b zero$)) :named a86))
       (assert (! (= zero$a (of_nat$c zero$)) :named a87))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ (of_nat$
?v0)) zero$))) :named a88))
       (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a89))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (fun_app$b (less$ (of_nat$ ?v0)) (of_nat$ ?v1)))) :named
a90))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a91))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
(of_nat$ ?v0)) (of_nat$ ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named
a92))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named a93))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$b ?v0)
zero$b)) (fun_app$b (less$ zero$) ?v0))) :named a94))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$c ?v0)
zero$a)) (fun_app$b (less$ zero$) ?v0))) :named a95))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$ ?v0)
zero$)) (fun_app$b (less$ zero$) ?v0))) :named a96))
       (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$a ?v0) 0))
(fun_app$b (less$ zero$) ?v0))) :named a97))
       (assert (! (forall ((?v0 A_signed_word_itself$)) (fun_app$b
(possible_bit$a ?v0) zero$)) :named a98))
       (assert (! (forall ((?v0 Nat_itself$)) (fun_app$b
(possible_bit$c ?v0) zero$)) :named a99))
       (assert (! (forall ((?v0 Int_itself$)) (fun_app$b
(possible_bit$d ?v0) zero$)) :named a100))
       (assert (! (forall ((?v0 A_word_itself$)) (fun_app$b
(possible_bit$b ?v0) zero$)) :named a101))
       (assert (! (forall ((?v0 Nat$)) (fun_app$b (possible_bit$d
type$i) ?v0)) :named a102))
       (assert (! (forall ((?v0 Nat$)) (fun_app$b (possible_bit$c
type$j) ?v0)) :named a103))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (fun_app$e (less$a ?v0) ?v1) (fun_app$e (less$a zero$b) ?v1)))
:named a104))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (fun_app$f
(less$b ?v0) ?v1) (fun_app$f (less$b zero$a) ?v1))) :named a105))
       (assert (! (forall ((?v0 Int)) (=> (and (< 0 ?v0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (of_nat$a ?v1)) (fun_app$b (less$ zero$) ?v1))
false))) false)) :named a106))
       (assert (! (forall ((?v0 Int)) (=> (< 0 ?v0) (exists ((?v1
Nat$)) (and (fun_app$b (less$ zero$) ?v1) (= ?v0 (of_nat$a ?v1))))))
:named a107))
       (assert (! (= (= (semiring_char$ type$g) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$b ?v0)
zero$b))))) :named a108))
       (assert (! (= (= (semiring_char$a type$h) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$c ?v0)
zero$a))))) :named a109))
       (assert (! (= (= (semiring_char$b type$j) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$ ?v0)
zero$))))) :named a110))
       (assert (! (= (= (semiring_char$c type$i) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$a ?v0) 0)))))
:named a111))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$b ?v0) zero$b) (forall ((?v1 Nat$)) (=>
(and (fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$b ?v1) zero$b)))))) (= (semiring_char$ type$g) ?v0))) :named
a112))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$c ?v0) zero$a) (forall ((?v1 Nat$)) (=>
(and (fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$c ?v1) zero$a)))))) (= (semiring_char$a type$h) ?v0))) :named
a113))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$ ?v0) zero$) (forall ((?v1 Nat$)) (=> (and
(fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$ ?v1) zero$)))))) (= (semiring_char$b type$j) ?v0))) :named
a114))
       (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$a ?v0) 0) (forall ((?v1 Nat$)) (=> (and
(fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$a ?v1) 0)))))) (= (semiring_char$c type$i) ?v0))) :named a115))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a116))
       (assert (! (= (semiring_char$c type$i) zero$) :named a117))
       (assert (! (= (semiring_char$b type$j) zero$) :named a118))
       (assert (! (= (of_nat$b (semiring_char$ type$g)) zero$b) :named
a119))
       (assert (! (= (of_nat$c (semiring_char$a type$h)) zero$a) :named
a120))
       (assert (! (= (of_nat$ (semiring_char$b type$j)) zero$) :named
a121))
       (assert (! (= (of_nat$a (semiring_char$c type$i)) 0) :named
a122))
       (assert (! (= (< 0 0) false) :named a123))
       (assert (! (= (fun_app$b (less$ zero$) (semiring_char$ type$g))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$b
?v0) zero$b)))) :named a124))
       (assert (! (= (fun_app$b (less$ zero$) (semiring_char$a type$h))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$c
?v0) zero$a)))) :named a125))
       (assert (! (= (fun_app$b (less$ zero$) (semiring_char$b type$j))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$
?v0) zero$)))) :named a126))
       (assert (! (= (fun_app$b (less$ zero$) (semiring_char$c type$i))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$a
?v0) 0)))) :named a127))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a128))
       (assert (! (= (of_nat$a zero$) 0) :named a129))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a130))
       (assert (! (forall ((?v0 Int)) (=> (and (< ?v0 0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (- (of_nat$a ?v1))) (fun_app$b (less$ zero$)
?v1)) false))) false)) :named a131))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (less$c (of_nat$d
?v0) (of_nat$d ?v1)) (fun_app$b (less$ (take_bit$ (len_of$a type$a)
?v0)) (take_bit$ (len_of$a type$a) ?v1)))) :named a132))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$e (less$a
(of_nat$b ?v0)) (of_nat$b ?v1)) (fun_app$b (less$ (take_bit$ (len_of$b
type$b) ?v0)) (take_bit$ (len_of$b type$b) ?v1)))) :named a133))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$f (less$b
(of_nat$c ?v0)) (of_nat$c ?v1)) (fun_app$b (less$ (take_bit$ (len_of$
type$) ?v0)) (take_bit$ (len_of$ type$) ?v1)))) :named a134))
       (assert (! (forall ((?v0 A_word$)) (= (uminus$ (uminus$ ?v0))
?v0)) :named a135))
       (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a136))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (= (uminus$
?v0) (uminus$ ?v1)) (= ?v0 ?v1))) :named a137))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) (- ?v1))
(= ?v0 ?v1))) :named a138))
       (assert (! (forall ((?v0 A_word$)) (= (uminus$ (uminus$ ?v0))
?v0)) :named a139))
       (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a140))
       (assert (! (= (uminus$ zero$a) zero$a) :named a141))
       (assert (! (= 0 0) :named a142))
       (assert (! (forall ((?v0 A_word$)) (= (= zero$a (uminus$ ?v0))
(= zero$a ?v0))) :named a143))
       (assert (! (forall ((?v0 Int)) (= (= 0 (- ?v0)) (= 0 ?v0)))
:named a144))
       (assert (! (forall ((?v0 A_word$)) (= (= (uminus$ ?v0) zero$a)
(= ?v0 zero$a))) :named a145))
       (assert (! (forall ((?v0 Int)) (= (= (- ?v0) 0) (= ?v0 0)))
:named a146))
       (assert (! (forall ((?v0 Int)) (= (= ?v0 (- ?v0)) (= ?v0 0)))
:named a147))
       (assert (! (forall ((?v0 Int)) (= (= (- ?v0) ?v0) (= ?v0 0)))
:named a148))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) (- ?v1))
(< ?v1 ?v0))) :named a149))
       (assert (! (forall ((?v0 Nat$)) (= (take_bit$a ?v0 zero$b)
zero$b)) :named a150))
       (assert (! (forall ((?v0 Nat$)) (= (take_bit$b ?v0 zero$a)
zero$a)) :named a151))
       (assert (! (forall ((?v0 Nat$)) (= (take_bit$ ?v0 zero$) zero$))
:named a152))
       (assert (! (forall ((?v0 Nat$)) (= (take_bit$c ?v0 0) 0)) :named
a153))
       (assert (! (forall ((?v0 Int)) (= (< ?v0 (- ?v0)) (< ?v0 0)))
:named a154))
       (assert (! (forall ((?v0 Int)) (= (< (- ?v0) ?v0) (< 0 ?v0)))
:named a155))
       (assert (! (forall ((?v0 Int)) (= (< 0 (- ?v0)) (< ?v0 0)))
:named a156))
       (assert (! (forall ((?v0 Int)) (= (< (- ?v0) 0) (< 0 ?v0)))
:named a157))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (take_bit$a
zero$ ?v0) zero$b) :pattern ((take_bit$a zero$ ?v0)))) :named a158))
       (assert (! (forall ((?v0 A_word$)) (! (= (take_bit$b zero$ ?v0)
zero$a) :pattern ((take_bit$b zero$ ?v0)))) :named a159))
       (assert (! (forall ((?v0 Nat$)) (! (= (take_bit$ zero$ ?v0)
zero$) :pattern ((take_bit$ zero$ ?v0)))) :named a160))
       (assert (! (forall ((?v0 Int)) (! (= (take_bit$c zero$ ?v0) 0)
:pattern ((take_bit$c zero$ ?v0)))) :named a161))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (- (of_nat$a
?v0)) (of_nat$a ?v1)) (and (= ?v0 zero$) (= ?v1 zero$)))) :named a162))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$a ?v0
(of_nat$b ?v1)) (of_nat$b (take_bit$ ?v0 ?v1)))) :named a163))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$ ?v0
(of_nat$ ?v1)) (of_nat$ (take_bit$ ?v0 ?v1)))) :named a164))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$b ?v0
(of_nat$c ?v1)) (of_nat$c (take_bit$ ?v0 ?v1)))) :named a165))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$c ?v0
(of_nat$a ?v1)) (of_nat$a (take_bit$ ?v0 ?v1)))) :named a166))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (< ?v0 ?v1) (< (-
?v1) (- ?v0)))) :named a167))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (= ?v0
(uminus$ ?v1)) (= ?v1 (uminus$ ?v0)))) :named a168))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= ?v0 (- ?v1)) (=
?v1 (- ?v0)))) :named a169))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (= (uminus$
?v0) ?v1) (= (uminus$ ?v1) ?v0))) :named a170))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) ?v1) (=
(- ?v1) ?v0))) :named a171))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (= ?v0 ?v1) (= (-
?v0) (- ?v1)))) :named a172))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< ?v0 (- ?v1)) (<
?v1 (- ?v0)))) :named a173))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) ?v1) (<
(- ?v1) ?v0))) :named a174))
       (assert (! (= 0 0) :named a175))
       (assert (! (forall ((?v0 Int)) (=> (and (forall ((?v1 Nat$)) (=>
(= ?v0 (of_nat$a ?v1)) false)) (forall ((?v1 Nat$)) (=> (= ?v0 (-
(of_nat$a ?v1))) false))) false)) :named a176))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (not (< (of_nat$a
?v0) (- (of_nat$a ?v1))))) :named a177))
       (assert (! (forall ((?v0 Int)) (=> (and (forall ((?v1 Nat$)) (=>
(= ?v0 (of_nat$a ?v1)) false)) (forall ((?v1 Nat$)) (=> (and (fun_app$b
(less$ zero$) ?v1) (= ?v0 (- (of_nat$a ?v1)))) false))) false)) :named
a178))
       (assert (! (forall ((?v0 A_signed_word$)) (! (= (fun_app$e
(less$a ?v0) ?v0) false) :pattern ((less$a ?v0)))) :named a179))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$f (less$b ?v0)
?v0) false) :pattern ((less$b ?v0)))) :named a180))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (less$ ?v0)
?v0) false) :pattern ((less$ ?v0)))) :named a181))
       (assert (! (forall ((?v0 Int)) (! (= (< ?v0 ?v0) false) :pattern
((uu$ ?v0)))) :named a182))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= ?v0 ?v1) (=
(of_nat$a ?v0) (of_nat$a ?v1)))) :named a183))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a184))
       (assert (! (forall ((?v0 Bool) (?v1 Nat$) (?v2 Nat$)) (=
(of_nat$a (ite ?v0 ?v1 ?v2)) (ite ?v0 (of_nat$a ?v1) (of_nat$a ?v2))))
:named a185))
       (assert (! (forall ((?v0 Int)) (=> (and (=> (= ?v0 0) false)
(and (forall ((?v1 Nat$)) (=> (and (= ?v0 (of_nat$a ?v1)) (fun_app$b
(less$ zero$) ?v1)) false)) (forall ((?v1 Nat$)) (=> (and (= ?v0 (-
(of_nat$a ?v1))) (fun_app$b (less$ zero$) ?v1)) false)))) false))
:named a186))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$d ?v0)
(of_nat$d ?v1)) (= (take_bit$ (len_of$a type$a) ?v0) (take_bit$
(len_of$a type$a) ?v1)))) :named a187))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$b ?v0)
(of_nat$b ?v1)) (= (take_bit$ (len_of$b type$b) ?v0) (take_bit$
(len_of$b type$b) ?v1)))) :named a188))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$c ?v0)
(of_nat$c ?v1)) (= (take_bit$ (len_of$ type$) ?v0) (take_bit$ (len_of$
type$) ?v1)))) :named a189))
       (assert (! (forall ((?v0 A_signed_signed_word$)) (= (take_bit$d
(len_of$a type$a) ?v0) ?v0)) :named a190))
       (assert (! (forall ((?v0 A_signed_word$)) (= (take_bit$a
(len_of$b type$b) ?v0) ?v0)) :named a191))
       (assert (! (forall ((?v0 A_word$)) (= (take_bit$b (len_of$
type$) ?v0) ?v0)) :named a192))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (take_bit$c ?v0 (-
(take_bit$c ?v0 ?v1))) (take_bit$c ?v0 (- ?v1)))) :named a193))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (not (< (take_bit$c
?v0 ?v1) 0))) :named a194))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (< ?v0 (take_bit$c
?v1 ?v0)) (< ?v0 0))) :named a195))
       (assert (! (= (take_bit$c (len_of$a type$a) 0) (take_bit$c
(len_of$a type$a) 0)) :named a196))
       (assert (! (= (take_bit$c (len_of$b type$b) 0) (take_bit$c
(len_of$b type$b) 0)) :named a197))
       (assert (! (= (take_bit$c (len_of$ type$) 0) (take_bit$c
(len_of$ type$) 0)) :named a198))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$ (of_nat$c ?v0))
(of_nat$a (take_bit$ (len_of$ type$) ?v0)))) :named a199))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$a (of_nat$c ?v0))
(of_nat$ (take_bit$ (len_of$ type$) ?v0)))) :named a200))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$b (of_nat$c ?v0))
(of_nat$c (take_bit$ (len_of$ type$) ?v0)))) :named a201))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$c (of_nat$b ?v0))
(of_nat$a (take_bit$ (len_of$b type$b) ?v0)))) :named a202))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$d (of_nat$b ?v0))
(of_nat$ (take_bit$ (len_of$b type$b) ?v0)))) :named a203))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$e (of_nat$b ?v0))
(of_nat$c (take_bit$ (len_of$b type$b) ?v0)))) :named a204))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$f (of_nat$c ?v0))
(of_nat$b (take_bit$ (len_of$ type$) ?v0)))) :named a205))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$g (of_nat$d ?v0))
(of_nat$a (take_bit$ (len_of$a type$a) ?v0)))) :named a206))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$h (of_nat$d ?v0))
(of_nat$ (take_bit$ (len_of$a type$a) ?v0)))) :named a207))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$i (of_nat$b ?v0))
(of_nat$b (take_bit$ (len_of$b type$b) ?v0)))) :named a208))
       (assert (! (forall ((?v0 Int)) (= (fun_app$b (less$ zero$) (nat$
?v0)) (< 0 ?v0))) :named a209))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_signed_word$)) (=
(signed$ (take_bit$d ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$a
type$a)) (take_bit$c ?v0 (signed$ ?v1)) (signed$ ?v1)))) :named a210))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_signed_word$)) (=
(signed$a (take_bit$d ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$a
type$a)) (take_bit$b ?v0 (signed$a ?v1)) (signed$a ?v1)))) :named
a211))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_signed_word$)) (=
(signed$b (take_bit$d ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$a
type$a)) (take_bit$a ?v0 (signed$b ?v1)) (signed$b ?v1)))) :named
a212))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (signed$c
(take_bit$b ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$ type$))
(take_bit$a ?v0 (signed$c ?v1)) (signed$c ?v1)))) :named a213))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=
(signed$d (take_bit$a ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$b
type$b)) (take_bit$a ?v0 (signed$d ?v1)) (signed$d ?v1)))) :named
a214))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=
(signed$e (take_bit$a ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$b
type$b)) (take_bit$c ?v0 (signed$e ?v1)) (signed$e ?v1)))) :named
a215))
       (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=
(signed$f (take_bit$a ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$b
type$b)) (take_bit$b ?v0 (signed$f ?v1)) (signed$f ?v1)))) :named
a216))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (signed$g
(take_bit$b ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$ type$))
(take_bit$b ?v0 (signed$g ?v1)) (signed$g ?v1)))) :named a217))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (signed$h
(take_bit$b ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$ type$))
(take_bit$c ?v0 (signed$h ?v1)) (signed$h ?v1)))) :named a218))
       (assert (! (forall ((?v0 Nat$)) (= (signed$i (of_nat$b ?v0))
(of_nat$d ?v0))) :named a219))
       (assert (! (forall ((?v0 Nat$)) (= (signed$c (of_nat$c ?v0))
(of_nat$b ?v0))) :named a220))
       (assert (! (forall ((?v0 Nat$)) (= (signed$b (of_nat$d ?v0))
(of_nat$b ?v0))) :named a221))
       (assert (! (forall ((?v0 Nat$)) (= (signed$f (of_nat$b ?v0))
(of_nat$c ?v0))) :named a222))
       (assert (! (forall ((?v0 A_signed_word$)) (= (of_nat$b
(unsigned$d ?v0)) ?v0)) :named a223))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$c (unsigned$a
?v0)) ?v0)) :named a224))
       (assert (! (forall ((?v0 A_signed_word$)) (= (of_nat$a
(unsigned$d ?v0)) (unsigned$c ?v0))) :named a225))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$b (unsigned$a
?v0)) (unsigned$f ?v0))) :named a226))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$c (unsigned$a
?v0)) (unsigned$b ?v0))) :named a227))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$ (unsigned$a ?v0))
(unsigned$a ?v0))) :named a228))
       (assert (! (forall ((?v0 A_word$)) (= (of_nat$a (unsigned$a
?v0)) (unsigned$ ?v0))) :named a229))
       (assert (! (forall ((?v0 A_word$)) (= (< (unsigned$ ?v0) 0)
false)) :named a230))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.006s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       1 = Suc 0
       0 < LENGTH('a)
       ∀w. nat (uint w) = unat w
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - 1))
       ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb x = (x < 0))
       ∀w n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (w !! n = (n < LENGTH('a) ∧ uint w !! n))
       ∀n x. rev (replicate n x) = replicate n x
       ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       to_bl 0 = replicate LENGTH('a) False
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
       ∀n. possible_bit TYPE(int) n
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - Suc 0))
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       ∀x. length (to_bl x) = LENGTH('a)
       ∀xs. rev (rev xs) = xs
       ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (¬ msb x ⟶ sint x = uint x)
       ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
       ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
       ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
       ∀n x. length (replicate n x) = n
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (size w = LENGTH('a))
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀n. of_bl (replicate n False) = 0
       ∀f g x.
          SMT.trigger
           (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((f ∘ g) x))
SMT.Symb_Nil) SMT.Symb_Nil)
           ((f ∘ g) x = f (g x))
       ∀w n. w !! n ⟶ n < LENGTH('a)
       ∀x n. x < 2 ^ n ⟶ x && mask n = x
       ∀w. length (to_bl w) = LENGTH('a)
       ∀a. 0 ≤ a
       ∀x. of_bl (to_bl x) = x
       ∀n<LENGTH('a). uint (2 ^ n) = 2 ^ n
       ∀a b. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((a < b) = (unat a < unat b))
       ∀n. unat (2 ^ n) = (if n < LENGTH('a) then 2 ^ n else 0)
       ∀b c a q.
          LENGTH('a) + b ≤ c + a ∧ c < LENGTH('a) ⟶ unat ((q >> a << b)
&& ~~ mask c) = 0
       ∀n<LENGTH('a). unat (2 ^ n) = 2 ^ n
       LENGTH('a) ≠ 0
       ∀x. to_bl x ≠ []
       ∀z n. 0 ≤ z ⟶ nat (z ^ n) = nat z ^ n
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = (w >> LENGTH('a) - 1 ≠ 0))
       ∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
       ∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
       ∀a b n. (a && b) !! n = (a !! n ∧ b !! n)
       ∀n. (LENGTH('a) - Suc 0 < n) = (LENGTH('a) ≤ n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (push_bit n a = a * 2 ^ n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (push_bit n a = a * 2 ^ n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (push_bit n a = a * 2 ^ n)
       ∀x y. (¬ x < y) = (y ≤ x)
       ∀x y. (¬ x < y) = (y ≤ x)
       ∀x y. (¬ x < y) = (y ≤ x)
       ∀x. ¬ x < x
       ∀x. ¬ x < x
       ∀x. ¬ x < x
       ∀a. a + 0 = a
       ∀a. a + 0 = a
       ∀a. a + 0 = a
       ∀m n. mask m !! n = (possible_bit TYPE(nat) n ∧ n < m)
       ∀m n. mask m !! n = (possible_bit TYPE('a word) n ∧ n < m)
       ∀m n. mask m !! n = (possible_bit TYPE(int) n ∧ n < m)
       ∀a b. a * b = b * a
       ∀a b. a * b = b * a
       ∀a b. a * b = b * a
       ∀p n. (p < 2 ^ n) = (n < LENGTH('a) ∧ (∀n'. n ≤ n' ∧ n' <
LENGTH('a) ⟶ ¬ p !! n'))
       ∀x y. (unat x * unat y < 2 ^ LENGTH('a)) = (unat (x * y) = unat
x * unat y)
       ∀a b. a + b = b + a
       ∀a b. a + b = b + a
       ∀a b. a + b = b + a
       ∀n. (n ≤ LENGTH('a) - Suc 0) = (n < LENGTH('a))
       ∀w. (drop_bit (LENGTH('a) - Suc 0) w = 0) = (¬ w !! (LENGTH('a)
- Suc 0))
       ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
       ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
       ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (take_bit n a = a && mask n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (take_bit n a = a AND mask n)
       ∀n a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
              (take_bit n a = a AND mask n)
       ∀n≥LENGTH('a). 2 ^ n = 0
       ∀w n. unat (w >> n) = unat w div 2 ^ n
       ∀x. (uint x < 0) = False
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = hd (to_bl w))
       ∀x xs.
          SMT.trigger
           (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x # xs))
SMT.Symb_Nil) SMT.Symb_Nil)
           (length (x # xs) = Suc (length xs))
       ∀n w. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (LENGTH('a) ≤ n ⟶ w >> n = 0)
       ∀n w. n < LENGTH('a) ⟶ w && mask n < 2 ^ n
       ∀x z n. limited_and x z ⟶ limited_and (x >> n) (z >> n)
       bot = False
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb a = (2 ^ (LENGTH('a) - Suc 0) ≤ a))
       ∀n. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (mask n))
SMT.Symb_Nil) SMT.Symb_Nil)
            (mask n = 2 ^ n - 1)
       ∀z z'. 0 ≤ z ⟶ nat (z * z') = nat z * nat z'
       ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
       ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
       ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb a = (bin_sign (signed_take_bit (LENGTH('a) - 1) (uint
a)) = - 1))
       ∀a. 0 - a = - a
       ∀a. 0 - a = - a
       ∀x. (x < 1) = (x = 0)
       ∀m. ¬ of_nat m < 0
       ∀m. ¬ int m < 0
       ∀a. (a ≠ 0) = (0 < a)
       ∀a b. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a ≤ b))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((a ≤ b) = (unat a ≤ unat b))
       ∀a. (a ≤ 0) = (a = 0)
       ∀x y. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x ≤s y))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((x ≤s y) = ((msb y ⟶ msb x) ∧ (msb x ∧ ¬ msb y ∨ x ≤
y)))
       ∀a. 0 * a = 0
       ∀a. 0 * a = 0
       ∀a. 0 * a = 0
       ∀b a. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (b ≤ a))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((b ≤ a) = (¬ a < b))
       ∀n w. n < LENGTH('a) ⟶ to_bl w ! n = w !! (LENGTH('a) - Suc n)
       ∀n bnd x. 2 ^ (LENGTH('a) - n) - 1 ≤ bnd ∧ 0 < n ⟶ unat (x >> n)
≤ bnd
       neg_numeral_class.sub num.One num.One = 0
       neg_numeral_class.sub num.One num.One = 0
       ∀n k. (drop_bit n k < 0) = (k < 0)
       ∀a. 0 + a = a
       ∀a. 0 + a = a
       ∀a. 0 + a = a
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a ^ 0 = 1)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a ^ 0 = 1)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a ^ 0 = 1) 
SMT: Names:
       sorts:
         Nat$ = nat
         Num$ = num
         A_word$ = 'a word
         A_itself$ = 'a itself
         Bool_list$ = bool list
         Int_itself$ = int itself
         Nat_itself$ = nat itself
         Nat_int_fun$ = nat ⇒ int
         Nat_nat_fun$ = nat ⇒ nat
         Nat_bool_fun$ = nat ⇒ bool
         A_word_itself$ = 'a word itself
         Nat_a_word_fun$ = nat ⇒ 'a word
       functions:
         r$ = r
         x$ = x
         hd$ = hd
         and$ = (&&)
         bit$ = (!!)
         bot$ = bot
         msb$ = msb
         nat$ = nat
         nil$ = []
         not$ = wordNOT
         nth$ = (!)
         one$ = 1
         rev$ = rev
         sub$ = neg_numeral_class.sub
         suc$ = Suc
         and$a = (AND)
         and$b = (AND)
         bit$a = (!!)
         bit$b = (!!)
         bit0$ = num.Bit0
         comp$ = (∘)
         cons$ = (#)
         less$ = (<)
         mask$ = mask
         msb$a = msb
         one$a = num.One
         one$b = 1
         plus$ = (+)
         size$ = length
         sub$a = neg_numeral_class.sub
         type$ = TYPE('a)
         zero$ = 0
         less$a = (<)
         mask$a = mask
         mask$b = mask
         minus$ = (-)
         of_bl$ = of_bl
         plus$a = (+)
         power$ = (^)
         size$a = size
         times$ = (*)
         to_bl$ = to_bl
         type$a = TYPE('a word)
         type$b = TYPE(int)
         type$c = TYPE(nat)
         zero$a = 0
         divide$ = (div)
         len_of$ = len_of
         minus$a = (-)
         of_nat$ = of_nat
         power$a = (^)
         power$b = (^)
         shiftl$ = (<<)
         shiftr$ = (>>)
         signed$ = sint
         times$a = (*)
         times$b = (*)
         uminus$ = uminus
         fun_app$ = SMT.fun_app
         less_eq$ = (≤)
         numeral$ = numeral
         of_nat$a = int
         shiftl$a = (<<)
         shiftl$b = (<<)
         shiftr$a = (>>)
         shiftr$b = (>>)
         bin_sign$ = bin_sign
         drop_bit$ = drop_bit
         fun_app$a = SMT.fun_app
         fun_app$b = SMT.fun_app
         fun_app$c = SMT.fun_app
         less_eq$a = (≤)
         numeral$a = numeral
         push_bit$ = push_bit
         take_bit$ = take_bit
         unsigned$ = uint
         word_sle$ = (≤s)
         drop_bit$a = drop_bit
         drop_bit$b = drop_bit
         push_bit$a = push_bit
         push_bit$b = push_bit
         replicate$ = replicate
         take_bit$a = take_bit
         take_bit$b = take_bit
         unsigned$a = unat
         unsigned$b = UCAST('a → 'a)
         limited_and$ = limited_and
         possible_bit$ = possible_bit
         possible_bit$a = possible_bit
         possible_bit$b = possible_bit
         signed_take_bit$ = signed_take_bit 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9923
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort Num$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Bool_list$ 0)
       (declare-sort Int_itself$ 0)
       (declare-sort Nat_itself$ 0)
       (declare-sort Nat_int_fun$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort Nat_bool_fun$ 0)
       (declare-sort A_word_itself$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun hd$ (Bool_list$) Bool)
       (declare-fun and$ (A_word$ A_word$) A_word$)
       (declare-fun bit$ (A_word$) Nat_bool_fun$)
       (declare-fun bot$ () Bool)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun nat$ (Int) Nat$)
       (declare-fun nil$ () Bool_list$)
       (declare-fun not$ (A_word$) A_word$)
       (declare-fun nth$ (Bool_list$) Nat_bool_fun$)
       (declare-fun one$ () Nat$)
       (declare-fun rev$ (Bool_list$) Bool_list$)
       (declare-fun sub$ (Num$ Num$) A_word$)
       (declare-fun suc$ () Nat_nat_fun$)
       (declare-fun and$a (Nat$) Nat_nat_fun$)
       (declare-fun and$b (Int Int) Int)
       (declare-fun bit$a (Int) Nat_bool_fun$)
       (declare-fun bit$b (Nat$) Nat_bool_fun$)
       (declare-fun bit0$ (Num$) Num$)
       (declare-fun comp$ (Nat_bool_fun$ Nat_nat_fun$) Nat_bool_fun$)
       (declare-fun cons$ (Bool Bool_list$) Bool_list$)
       (declare-fun less$ (Nat$) Nat_bool_fun$)
       (declare-fun mask$ (Nat$) A_word$)
       (declare-fun msb$a (Int) Bool)
       (declare-fun one$a () Num$)
       (declare-fun one$b () A_word$)
       (declare-fun plus$ (Nat$) Nat_nat_fun$)
       (declare-fun size$ (Bool_list$) Nat$)
       (declare-fun sub$a (Num$ Num$) Int)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun less$a (A_word$ A_word$) Bool)
       (declare-fun mask$a () Nat_nat_fun$)
       (declare-fun mask$b (Nat$) Int)
       (declare-fun minus$ (Nat$) Nat_nat_fun$)
       (declare-fun of_bl$ (Bool_list$) A_word$)
       (declare-fun plus$a (A_word$ A_word$) A_word$)
       (declare-fun power$ (A_word$) Nat_a_word_fun$)
       (declare-fun size$a (A_word$) Nat$)
       (declare-fun times$ (A_word$ A_word$) A_word$)
       (declare-fun to_bl$ (A_word$) Bool_list$)
       (declare-fun type$a () A_word_itself$)
       (declare-fun type$b () Int_itself$)
       (declare-fun type$c () Nat_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun divide$ (Nat$) Nat_nat_fun$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun minus$a (A_word$ A_word$) A_word$)
       (declare-fun of_nat$ () Nat_nat_fun$)
       (declare-fun power$a (Int) Nat_int_fun$)
       (declare-fun power$b (Nat$) Nat_nat_fun$)
       (declare-fun shiftl$ (Nat$) Nat_nat_fun$)
       (declare-fun shiftr$ (A_word$ Nat$) A_word$)
       (declare-fun signed$ (A_word$) Int)
       (declare-fun times$a (Int Int) Int)
       (declare-fun times$b (Nat$) Nat_nat_fun$)
       (declare-fun uminus$ (A_word$) A_word$)
       (declare-fun fun_app$ (Nat_bool_fun$ Nat$) Bool)
       (declare-fun less_eq$ (A_word$ A_word$) Bool)
       (declare-fun numeral$ (Num$) A_word$)
       (declare-fun of_nat$a (Nat$) Int)
       (declare-fun shiftl$a (Int Nat$) Int)
       (declare-fun shiftl$b (A_word$ Nat$) A_word$)
       (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
       (declare-fun shiftr$b (Int Nat$) Int)
       (declare-fun bin_sign$ (Int) Int)
       (declare-fun drop_bit$ (Nat$) Nat_nat_fun$)
       (declare-fun fun_app$a (Nat_nat_fun$ Nat$) Nat$)
       (declare-fun fun_app$b (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun fun_app$c (Nat_int_fun$ Nat$) Int)
       (declare-fun less_eq$a (Nat$) Nat_bool_fun$)
       (declare-fun numeral$a (Num$) Nat$)
       (declare-fun push_bit$ (Nat$) Nat_nat_fun$)
       (declare-fun take_bit$ (Nat$ Int) Int)
       (declare-fun unsigned$ (A_word$) Int)
       (declare-fun word_sle$ (A_word$ A_word$) Bool)
       (declare-fun drop_bit$a (Nat$ Int) Int)
       (declare-fun drop_bit$b (Nat$ A_word$) A_word$)
       (declare-fun push_bit$a (Nat$ Int) Int)
       (declare-fun push_bit$b (Nat$ A_word$) A_word$)
       (declare-fun replicate$ (Nat$ Bool) Bool_list$)
       (declare-fun take_bit$a (Nat$ A_word$) A_word$)
       (declare-fun take_bit$b (Nat$) Nat_nat_fun$)
       (declare-fun unsigned$a (A_word$) Nat$)
       (declare-fun unsigned$b (A_word$) A_word$)
       (declare-fun limited_and$ (A_word$ A_word$) Bool)
       (declare-fun possible_bit$ (A_word_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$a (Int_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$b (Nat_itself$) Nat_bool_fun$)
       (declare-fun signed_take_bit$ (Nat$ Int) Int)
       (assert (! (not (= (msb$ (shiftr$ x$ r$)) (and (= r$ zero$)
(msb$ x$)))) :named a0))
       (assert (! (fun_app$ (less$ r$) (len_of$ type$)) :named a1))
       (assert (! (= one$ (fun_app$a suc$ zero$)) :named a2))
       (assert (! (fun_app$ (less$ zero$) (len_of$ type$)) :named a3))
       (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a4))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(shiftr$a ?v0) ?v1) (fun_app$a (drop_bit$ ?v1) ?v0)) :pattern
((fun_app$a (shiftr$a ?v0) ?v1)))) :named a5))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftr$b ?v0
?v1) (drop_bit$a ?v1 ?v0)) :pattern ((shiftr$b ?v0 ?v1)))) :named a6))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftr$ ?v0
?v1) (drop_bit$b ?v1 ?v0)) :pattern ((shiftr$ ?v0 ?v1)))) :named a7))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (possible_bit$
type$a) ?v0) (fun_app$ (less$ ?v0) (len_of$ type$)))) :named a8))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$
(bit$ ?v0) (fun_app$a (minus$ (len_of$ type$)) one$))) :pattern ((msb$
?v0)))) :named a9))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (fun_app$ (less$ ?v2) (len_of$ type$)) (= (fun_app$
(bit$ ?v0) ?v2) (fun_app$ (bit$ ?v1) ?v2)))) (= ?v0 ?v1))) :named a10))
       (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a11))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(bit$ ?v0) ?v1) (and (fun_app$ (less$ ?v1) (len_of$ type$)) (fun_app$
(bit$a (unsigned$ ?v0)) ?v1))) :pattern ((fun_app$ (bit$ ?v0) ?v1))))
:named a12))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a13))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$ ?v0 (mask$ (fun_app$a (plus$ ?v1) ?v2))) ?v0) (fun_app$
(less$ ?v2) (len_of$ type$))) (less$a (shiftr$ ?v0 ?v1) (fun_app$b
(power$ (numeral$ (bit0$ one$a))) ?v2)))) :named a14))
       (assert (! (= (to_bl$ zero$a) (replicate$ (len_of$ type$)
false)) :named a15))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$a ?v1 ?v2)) (less$a ?v0 ?v2))) :named
a16))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(fun_app$ (less_eq$a ?v0) ?v1) (fun_app$ (less$ ?v1) ?v2)) (fun_app$
(less$ ?v0) ?v2))) :named a17))
       (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a18))
       (assert (! (forall ((?v0 Nat$)) (= (= (fun_app$b (power$
(numeral$ (bit0$ one$a))) ?v0) zero$a) (fun_app$ (less_eq$a (len_of$
type$)) ?v0))) :named a19))
       (assert (! (forall ((?v0 Nat$)) (fun_app$ (possible_bit$a
type$b) ?v0)) :named a20))
       (assert (! (forall ((?v0 Nat$)) (fun_app$ (less_eq$a ?v0) ?v0))
:named a21))
       (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a22))
       (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a23))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$
(bit$ ?v0) (fun_app$a (minus$ (len_of$ type$)) (fun_app$a suc$
zero$)))) :pattern ((msb$ ?v0)))) :named a24))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$a ?v1 ?v0))) :named a25))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$
(less_eq$a ?v0) ?v1)) (fun_app$ (less$ ?v1) ?v0))) :named a26))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a27))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(shiftl$ ?v0) ?v1) (fun_app$a (push_bit$ ?v1) ?v0)) :pattern
((fun_app$a (shiftl$ ?v0) ?v1)))) :named a28))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a29))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$b
?v0 ?v1) (push_bit$b ?v1 ?v0)) :pattern ((shiftl$b ?v0 ?v1)))) :named
a30))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (fun_app$b (power$ (numeral$ (bit0$ one$a))) (fun_app$a (plus$
?v0) ?v1)) zero$a) (fun_app$ (less$ ?v1) (len_of$ type$))) (less$a
(shiftr$ ?v2 ?v0) (fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v1))))
:named a31))
       (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a32))
       (assert (! (forall ((?v0 Bool_list$)) (= (rev$ (rev$ ?v0)) ?v0))
:named a33))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$b ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0
(unsigned$ ?v1))))) :named a34))
       (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a35))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$
(bit$b (unsigned$a ?v0)) ?v1) (and (fun_app$ (possible_bit$b type$c)
?v1) (fun_app$ (bit$ ?v0) ?v1)))) :named a36))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$
(bit$a (unsigned$ ?v0)) ?v1) (and (fun_app$ (possible_bit$a type$b)
?v1) (fun_app$ (bit$ ?v0) ?v1)))) :named a37))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$ (bit$
(unsigned$b ?v0)) ?v1) (and (fun_app$ (possible_bit$ type$a) ?v1)
(fun_app$ (bit$ ?v0) ?v1)))) :named a38))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a39))
       (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a40))
       (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a41))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (minus$ ?v0)
zero$) ?v0)) :named a42))
       (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a43))
       (assert (! (forall ((?v0 Nat$)) (= (of_bl$ (replicate$ ?v0
false)) zero$a)) :named a44))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat_nat_fun$) (?v2
Nat$)) (! (= (fun_app$ (comp$ ?v0 ?v1) ?v2) (fun_app$ ?v0 (fun_app$a
?v1 ?v2))) :pattern ((fun_app$ (comp$ ?v0 ?v1) ?v2)))) :named a45))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (fun_app$
(bit$ ?v0) ?v1) (fun_app$ (less$ ?v1) (len_of$ type$)))) :named a46))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (less$a ?v0
(fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v1)) (= (and$ ?v0 (mask$
?v1)) ?v0))) :named a47))
       (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a48))
       (assert (! (forall ((?v0 A_word$)) (less_eq$ zero$a ?v0)) :named
a49))
       (assert (! (forall ((?v0 A_word$)) (= (of_bl$ (to_bl$ ?v0))
?v0)) :named a50))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$ (less$ ?v0)
(len_of$ type$)) (= (unsigned$ (fun_app$b (power$ (numeral$ (bit0$
one$a))) ?v0)) (fun_app$c (power$a 2) ?v0)))) :named a51))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less$a
?v0 ?v1) (fun_app$ (less$ (unsigned$a ?v0)) (unsigned$a ?v1))) :pattern
((less$a ?v0 ?v1)))) :named a52))
       (assert (! (forall ((?v0 Nat$)) (= (unsigned$a (fun_app$b
(power$ (numeral$ (bit0$ one$a))) ?v0)) (ite (fun_app$ (less$ ?v0)
(len_of$ type$)) (fun_app$a (power$b (numeral$a (bit0$ one$a))) ?v0)
zero$))) :named a53))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$) (?v3
A_word$)) (=> (and (fun_app$ (less_eq$a (fun_app$a (plus$ (len_of$
type$)) ?v0)) (fun_app$a (plus$ ?v1) ?v2)) (fun_app$ (less$ ?v1)
(len_of$ type$))) (= (unsigned$a (and$ (shiftl$b (shiftr$ ?v3 ?v2) ?v0)
(not$ (mask$ ?v1)))) zero$))) :named a54))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$ (less$ ?v0)
(len_of$ type$)) (= (unsigned$a (fun_app$b (power$ (numeral$ (bit0$
one$a))) ?v0)) (fun_app$a (power$b (numeral$a (bit0$ one$a))) ?v0))))
:named a55))
       (assert (! (not (= (len_of$ type$) zero$)) :named a56))
       (assert (! (forall ((?v0 A_word$)) (not (= (to_bl$ ?v0) nil$)))
:named a57))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (=> (<= 0 ?v0) (=
(nat$ (fun_app$c (power$a ?v0) ?v1)) (fun_app$a (power$b (nat$ ?v0))
?v1)))) :named a58))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (not (=
(shiftr$ ?v0 (fun_app$a (minus$ (len_of$ type$)) one$)) zero$a)))
:pattern ((msb$ ?v0)))) :named a59))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=
(fun_app$ (bit$b (fun_app$a (and$a ?v0) ?v1)) ?v2) (and (fun_app$
(bit$b ?v0) ?v2) (fun_app$ (bit$b ?v1) ?v2)))) :named a60))
       (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Nat$)) (= (fun_app$
(bit$a (and$b ?v0 ?v1)) ?v2) (and (fun_app$ (bit$a ?v0) ?v2) (fun_app$
(bit$a ?v1) ?v2)))) :named a61))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=
(fun_app$ (bit$ (and$ ?v0 ?v1)) ?v2) (and (fun_app$ (bit$ ?v0) ?v2)
(fun_app$ (bit$ ?v1) ?v2)))) :named a62))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (less$ (fun_app$a
(minus$ (len_of$ type$)) (fun_app$a suc$ zero$))) ?v0) (fun_app$
(less_eq$a (len_of$ type$)) ?v0))) :named a63))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (push_bit$b
?v0 ?v1) (times$ ?v1 (fun_app$b (power$ (numeral$ (bit0$ one$a)))
?v0))) :pattern ((push_bit$b ?v0 ?v1)))) :named a64))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (push_bit$a ?v0
?v1) (times$a ?v1 (fun_app$c (power$a 2) ?v0))) :pattern ((push_bit$a
?v0 ?v1)))) :named a65))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(push_bit$ ?v0) ?v1) (fun_app$a (times$b ?v1) (fun_app$a (power$b
(numeral$a (bit0$ one$a))) ?v0))) :pattern ((fun_app$a (push_bit$ ?v0)
?v1)))) :named a66))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not (less$a
?v0 ?v1)) (less_eq$ ?v1 ?v0))) :named a67))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$
(less$ ?v0) ?v1)) (fun_app$ (less_eq$a ?v1) ?v0))) :named a68))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (< ?v0 ?v1))
(<= ?v1 ?v0))) :named a69))
       (assert (! (forall ((?v0 A_word$)) (not (less$a ?v0 ?v0)))
:named a70))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$ (less$ ?v0)
?v0))) :named a71))
       (assert (! (forall ((?v0 Int)) (not (< ?v0 ?v0))) :named a72))
       (assert (! (forall ((?v0 A_word$)) (= (plus$a ?v0 zero$a) ?v0))
:named a73))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (plus$ ?v0) zero$)
?v0)) :named a74))
       (assert (! (forall ((?v0 Int)) (= (+ ?v0 0) ?v0)) :named a75))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$ (bit$b
(fun_app$a mask$a ?v0)) ?v1) (and (fun_app$ (possible_bit$b type$c)
?v1) (fun_app$ (less$ ?v1) ?v0)))) :named a76))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$ (bit$
(mask$ ?v0)) ?v1) (and (fun_app$ (possible_bit$ type$a) ?v1) (fun_app$
(less$ ?v1) ?v0)))) :named a77))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$ (bit$a
(mask$b ?v0)) ?v1) (and (fun_app$ (possible_bit$a type$b) ?v1)
(fun_app$ (less$ ?v1) ?v0)))) :named a78))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (times$ ?v0
?v1) (times$ ?v1 ?v0))) :named a79))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (times$a ?v0 ?v1)
(times$a ?v1 ?v0))) :named a80))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a
(times$b ?v0) ?v1) (fun_app$a (times$b ?v1) ?v0))) :named a81))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (less$a ?v0
(fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v1)) (and (fun_app$
(less$ ?v1) (len_of$ type$)) (forall ((?v2 Nat$)) (=> (and (fun_app$
(less_eq$a ?v1) ?v2) (fun_app$ (less$ ?v2) (len_of$ type$))) (not
(fun_app$ (bit$ ?v0) ?v2))))))) :named a82))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (fun_app$
(less$ (fun_app$a (times$b (unsigned$a ?v0)) (unsigned$a ?v1)))
(fun_app$a (power$b (numeral$a (bit0$ one$a))) (len_of$ type$))) (=
(unsigned$a (times$ ?v0 ?v1)) (fun_app$a (times$b (unsigned$a ?v0))
(unsigned$a ?v1))))) :named a83))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (plus$a ?v0
?v1) (plus$a ?v1 ?v0))) :named a84))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (plus$
?v0) ?v1) (fun_app$a (plus$ ?v1) ?v0))) :named a85))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (+ ?v0 ?v1) (+ ?v1
?v0))) :named a86))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (less_eq$a ?v0)
(fun_app$a (minus$ (len_of$ type$)) (fun_app$a suc$ zero$))) (fun_app$
(less$ ?v0) (len_of$ type$)))) :named a87))
       (assert (! (forall ((?v0 A_word$)) (= (= (drop_bit$b (fun_app$a
(minus$ (len_of$ type$)) (fun_app$a suc$ zero$)) ?v0) zero$a) (not
(fun_app$ (bit$ ?v0) (fun_app$a (minus$ (len_of$ type$)) (fun_app$a
suc$ zero$)))))) :named a88))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (bit$b (fun_app$a
(shiftr$a ?v0) ?v1)) (comp$ (bit$b ?v0) (plus$ ?v1)))) :named a89))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (bit$a (shiftr$b
?v0 ?v1)) (comp$ (bit$a ?v0) (plus$ ?v1)))) :named a90))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$ (shiftr$
?v0 ?v1)) (comp$ (bit$ ?v0) (plus$ ?v1)))) :named a91))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (take_bit$a
?v0 ?v1) (and$ ?v1 (mask$ ?v0))) :pattern ((take_bit$a ?v0 ?v1))))
:named a92))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (take_bit$ ?v0
?v1) (and$b ?v1 (mask$b ?v0))) :pattern ((take_bit$ ?v0 ?v1)))) :named
a93))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(take_bit$b ?v0) ?v1) (fun_app$a (and$a ?v1) (fun_app$a mask$a ?v0)))
:pattern ((fun_app$a (take_bit$b ?v0) ?v1)))) :named a94))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$ (less_eq$a
(len_of$ type$)) ?v0) (= (fun_app$b (power$ (numeral$ (bit0$ one$a)))
?v0) zero$a))) :named a95))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (unsigned$a
(shiftr$ ?v0 ?v1)) (fun_app$a (divide$ (unsigned$a ?v0)) (fun_app$a
(power$b (numeral$a (bit0$ one$a))) ?v1)))) :named a96))
       (assert (! (forall ((?v0 A_word$)) (= (< (unsigned$ ?v0) 0)
false)) :named a97))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (hd$ (to_bl$
?v0))) :pattern ((msb$ ?v0)))) :named a98))
       (assert (! (forall ((?v0 Bool) (?v1 Bool_list$)) (! (= (size$
(cons$ ?v0 ?v1)) (fun_app$a suc$ (size$ ?v1))) :pattern ((cons$ ?v0
?v1)))) :named a99))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (=> (fun_app$
(less_eq$a (len_of$ type$)) ?v0) (= (shiftr$ ?v1 ?v0) zero$a)) :pattern
((shiftr$ ?v1 ?v0)))) :named a100))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$
(less$ ?v0) (len_of$ type$)) (less$a (and$ ?v1 (mask$ ?v0)) (fun_app$b
(power$ (numeral$ (bit0$ one$a))) ?v0)))) :named a101))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(limited_and$ ?v0 ?v1) (limited_and$ (shiftr$ ?v0 ?v2) (shiftr$ ?v1
?v2)))) :named a102))
       (assert (! (= bot$ false) :named a103))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (less_eq$
(fun_app$b (power$ (numeral$ (bit0$ one$a))) (fun_app$a (minus$
(len_of$ type$)) (fun_app$a suc$ zero$))) ?v0)) :pattern ((msb$ ?v0))))
:named a104))
       (assert (! (forall ((?v0 Nat$)) (! (= (mask$ ?v0) (minus$a
(fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v0) one$b)) :pattern
((mask$ ?v0)))) :named a105))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (<= 0 ?v0) (= (nat$
(times$a ?v0 ?v1)) (fun_app$a (times$b (nat$ ?v0)) (nat$ ?v1)))))
:named a106))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (= (take_bit$a
?v0 ?v1) ?v1) (= (drop_bit$b ?v0 ?v1) zero$a))) :named a107))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (fun_app$a
(take_bit$b ?v0) ?v1) ?v1) (= (fun_app$a (drop_bit$ ?v0) ?v1) zero$)))
:named a108))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (= (take_bit$ ?v0
?v1) ?v1) (= (drop_bit$a ?v0 ?v1) 0))) :named a109))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (=
(bin_sign$ (signed_take_bit$ (fun_app$a (minus$ (len_of$ type$)) one$)
(unsigned$ ?v0))) (- 1))) :pattern ((msb$ ?v0)))) :named a110))
       (assert (! (forall ((?v0 A_word$)) (= (minus$a zero$a ?v0)
(uminus$ ?v0))) :named a111))
       (assert (! (forall ((?v0 Int)) (= (- 0 ?v0) (- ?v0))) :named
a112))
       (assert (! (forall ((?v0 A_word$)) (= (less$a ?v0 one$b) (= ?v0
zero$a))) :named a113))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$ (less$ (fun_app$a
of_nat$ ?v0)) zero$))) :named a114))
       (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a115))
       (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(less$a zero$a ?v0))) :named a116))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less_eq$
?v0 ?v1) (fun_app$ (less_eq$a (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less_eq$ ?v0 ?v1)))) :named a117))
       (assert (! (forall ((?v0 A_word$)) (= (less_eq$ ?v0 zero$a) (=
?v0 zero$a))) :named a118))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (=
(word_sle$ ?v0 ?v1) (and (=> (msb$ ?v1) (msb$ ?v0)) (or (and (msb$ ?v0)
(not (msb$ ?v1))) (less_eq$ ?v0 ?v1)))) :pattern ((word_sle$ ?v0
?v1)))) :named a119))
       (assert (! (forall ((?v0 A_word$)) (= (times$ zero$a ?v0)
zero$a)) :named a120))
       (assert (! (forall ((?v0 Int)) (= (* 0 ?v0) 0)) :named a121))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (times$b zero$)
?v0) zero$)) :named a122))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less_eq$
?v0 ?v1) (not (less$a ?v1 ?v0))) :pattern ((less_eq$ ?v0 ?v1)))) :named
a123))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$
(less$ ?v0) (len_of$ type$)) (= (fun_app$ (nth$ (to_bl$ ?v1)) ?v0)
(fun_app$ (bit$ ?v1) (fun_app$a (minus$ (len_of$ type$)) (fun_app$a
suc$ ?v0)))))) :named a124))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (fun_app$ (less_eq$a (fun_app$a (minus$ (fun_app$a (power$b
(numeral$a (bit0$ one$a))) (fun_app$a (minus$ (len_of$ type$)) ?v0)))
one$)) ?v1) (fun_app$ (less$ zero$) ?v0)) (fun_app$ (less_eq$a
(unsigned$a (shiftr$ ?v2 ?v0))) ?v1))) :named a125))
       (assert (! (= (sub$ one$a one$a) zero$a) :named a126))
       (assert (! (= (sub$a one$a one$a) 0) :named a127))
       (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (< (drop_bit$a ?v0
?v1) 0) (< ?v1 0))) :named a128))
       (assert (! (forall ((?v0 A_word$)) (= (plus$a zero$a ?v0) ?v0))
:named a129))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (plus$ zero$) ?v0)
?v0)) :named a130))
       (assert (! (forall ((?v0 Int)) (= (+ 0 ?v0) ?v0)) :named a131))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$b (power$ ?v0)
zero$) one$b) :pattern ((power$ ?v0)))) :named a132))
       (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (power$a ?v0)
zero$) 1) :pattern ((power$a ?v0)))) :named a133))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$a (power$b ?v0)
zero$) one$) :pattern ((power$b ?v0)))) :named a134))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.006s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       0 < LENGTH('a)
       1 = Suc 0
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (x >> 0 = x)
       ∀w. nat (uint w) = unat w
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a. (a ≠ 0) = (0 < a)
       LENGTH('a) ≠ 0
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - 1))
       ∀n. (n ≠ 0) = (0 < n)
       ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
       ∀n. (n < 0) = False
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb x = (x < 0))
       ∀n. (¬ 0 < n) = (n = 0)
       ∀w n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (w !! n = (n < LENGTH('a) ∧ uint w !! n))
       ∀n x. rev (replicate n x) = replicate n x
       ∀w v. LENGTH('a) = 0 ⟶ w = v
       ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       ∀w k n. w < k ⟶ w >> n < k
       to_bl 0 = replicate LENGTH('a) False
       ∀a. ¬ a < 0
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀uu. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of uu = 0)
       ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
       ∀n. possible_bit TYPE(int) n
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (¬ msb x ⟶ sint x = uint x)
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - Suc 0))
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀n. ¬ n < 0
       ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
       ∀x. length (to_bl x) = LENGTH('a)
       ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀xs. rev (rev xs) = xs
       ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
       ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
       ∀n. n < n ⟶ False
       ∀a b. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
              ((a < b) = (unat a < unat b))
       ∀s t. s < t ⟶ s ≠ t
       ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
       ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
       ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
       ∀n m. n < m ⟶ m ≠ n
       ∀m. ¬ of_nat m < 0
       ∀m. ¬ int m < 0
       ∀n x. length (replicate n x) = n
       ∀n. ¬ n < n
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (size w = LENGTH('a))
       ∀m n. (m ≠ n) = (m < n ∨ n < m)
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀n. (0 < n) = (n ≠ 0)
       ∀n. of_bl (replicate n False) = 0
       ∀m n. m < n ⟶ n ≠ 0 
SMT: Names:
       sorts:
         Nat$ = nat
         Num$ = num
         A_word$ = 'a word
         A_itself$ = 'a itself
         Bool_list$ = bool list
         Int_itself$ = int itself
         Nat_itself$ = nat itself
         Nat_int_fun$ = nat ⇒ int
         Nat_nat_fun$ = nat ⇒ nat
         Num0_itself$ = 0 itself
         Nat_bool_fun$ = nat ⇒ bool
         A_word_itself$ = 'a word itself
         Nat_a_word_fun$ = nat ⇒ 'a word
       functions:
         r$ = r
         x$ = x
         and$ = (&&)
         bit$ = (!!)
         msb$ = msb
         nat$ = nat
         one$ = 1
         rev$ = rev
         suc$ = Suc
         bit$a = (!!)
         bit$b = (!!)
         bit0$ = num.Bit0
         less$ = (<)
         mask$ = mask
         msb$a = msb
         one$a = num.One
         plus$ = (+)
         size$ = length
         type$ = TYPE('a)
         zero$ = 0
         less$a = (<)
         minus$ = (-)
         of_bl$ = of_bl
         power$ = (^)
         size$a = size
         to_bl$ = to_bl
         type$a = TYPE('a word)
         type$b = TYPE(int)
         type$c = TYPE(nat)
         zero$a = 0
         len_of$ = len_of
         minus$a = (-)
         of_nat$ = of_nat
         shiftl$ = (<<)
         shiftr$ = (>>)
         signed$ = sint
         fun_app$ = SMT.fun_app
         len_of$a = len_of
         less_eq$ = (≤)
         numeral$ = numeral
         of_nat$a = int
         shiftl$a = (<<)
         shiftr$a = (>>)
         shiftr$b = (>>)
         drop_bit$ = drop_bit
         fun_app$a = SMT.fun_app
         fun_app$b = SMT.fun_app
         fun_app$c = SMT.fun_app
         less_eq$a = (≤)
         push_bit$ = push_bit
         take_bit$ = take_bit
         unsigned$ = uint
         drop_bit$a = drop_bit
         drop_bit$b = drop_bit
         push_bit$a = push_bit
         replicate$ = replicate
         unsigned$a = unat
         unsigned$b = UCAST('a → 'a)
         possible_bit$ = possible_bit
         possible_bit$a = possible_bit
         possible_bit$b = possible_bit 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9904
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort Num$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Bool_list$ 0)
       (declare-sort Int_itself$ 0)
       (declare-sort Nat_itself$ 0)
       (declare-sort Nat_int_fun$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort Num0_itself$ 0)
       (declare-sort Nat_bool_fun$ 0)
       (declare-sort A_word_itself$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun and$ (A_word$ A_word$) A_word$)
       (declare-fun bit$ (A_word$) Nat_bool_fun$)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun nat$ (Int) Nat$)
       (declare-fun one$ () Nat$)
       (declare-fun rev$ (Bool_list$) Bool_list$)
       (declare-fun suc$ (Nat$) Nat$)
       (declare-fun bit$a (Int) Nat_bool_fun$)
       (declare-fun bit$b (Nat$) Nat_bool_fun$)
       (declare-fun bit0$ (Num$) Num$)
       (declare-fun less$ (Nat$) Nat_bool_fun$)
       (declare-fun mask$ (Nat$) A_word$)
       (declare-fun msb$a (Int) Bool)
       (declare-fun one$a () Num$)
       (declare-fun plus$ (Nat$ Nat$) Nat$)
       (declare-fun size$ (Bool_list$) Nat$)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun less$a (A_word$ A_word$) Bool)
       (declare-fun minus$ (Nat$ Nat$) Nat$)
       (declare-fun of_bl$ (Bool_list$) A_word$)
       (declare-fun power$ (A_word$ Nat$) A_word$)
       (declare-fun size$a (A_word$) Nat$)
       (declare-fun to_bl$ (A_word$) Bool_list$)
       (declare-fun type$a () A_word_itself$)
       (declare-fun type$b () Int_itself$)
       (declare-fun type$c () Nat_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun minus$a (A_word$ A_word$) A_word$)
       (declare-fun of_nat$ (Nat$) Nat$)
       (declare-fun shiftl$ (A_word$ Nat$) A_word$)
       (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
       (declare-fun signed$ (A_word$) Int)
       (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun len_of$a (Num0_itself$) Nat$)
       (declare-fun less_eq$ (A_word$ A_word$) Bool)
       (declare-fun numeral$ (Num$) A_word$)
       (declare-fun of_nat$a (Nat$) Int)
       (declare-fun shiftl$a (Int Nat$) Int)
       (declare-fun shiftr$a (Int) Nat_int_fun$)
       (declare-fun shiftr$b (Nat$) Nat_nat_fun$)
       (declare-fun drop_bit$ (Nat$ Int) Int)
       (declare-fun fun_app$a (Nat_bool_fun$ Nat$) Bool)
       (declare-fun fun_app$b (Nat_int_fun$ Nat$) Int)
       (declare-fun fun_app$c (Nat_nat_fun$ Nat$) Nat$)
       (declare-fun less_eq$a (Nat$) Nat_bool_fun$)
       (declare-fun push_bit$ (Nat$ A_word$) A_word$)
       (declare-fun take_bit$ (Nat$ Int) Int)
       (declare-fun unsigned$ (A_word$) Int)
       (declare-fun drop_bit$a (Nat$ Nat$) Nat$)
       (declare-fun drop_bit$b (Nat$ A_word$) A_word$)
       (declare-fun push_bit$a (Nat$ Int) Int)
       (declare-fun replicate$ (Nat$ Bool) Bool_list$)
       (declare-fun unsigned$a (A_word$) Nat$)
       (declare-fun unsigned$b (A_word$) A_word$)
       (declare-fun possible_bit$ (A_word_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$a (Int_itself$) Nat_bool_fun$)
       (declare-fun possible_bit$b (Nat_itself$) Nat_bool_fun$)
       (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
       (assert (! (fun_app$a (less$ r$) (len_of$ type$)) :named a1))
       (assert (! (fun_app$a (less$ zero$) (len_of$ type$)) :named a2))
       (assert (! (= one$ (suc$ zero$)) :named a3))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a4))
       (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a5))
       (assert (! (forall ((?v0 Int)) (! (= (fun_app$b (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a6))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$c (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a7))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a8))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$c (shiftr$b zero$)
?v0) zero$)) :named a9))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$a 0) ?v0)
0)) :named a10))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a11))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (possible_bit$
type$a) ?v0) (fun_app$a (less$ ?v0) (len_of$ type$)))) :named a12))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (fun_app$b
(shiftr$a ?v0) ?v1) (drop_bit$ ?v1 ?v0)) :pattern ((fun_app$b (shiftr$a
?v0) ?v1)))) :named a13))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$c
(shiftr$b ?v0) ?v1) (drop_bit$a ?v1 ?v0)) :pattern ((fun_app$c
(shiftr$b ?v0) ?v1)))) :named a14))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(shiftr$ ?v0) ?v1) (drop_bit$b ?v1 ?v0)) :pattern ((fun_app$ (shiftr$
?v0) ?v1)))) :named a15))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a16))
       (assert (! (not (= (len_of$ type$) zero$)) :named a17))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$ ?v0) (minus$ (len_of$ type$) one$))) :pattern ((msb$ ?v0))))
:named a18))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a19))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (fun_app$a (less$ ?v2) (len_of$ type$)) (= (fun_app$a
(bit$ ?v0) ?v2) (fun_app$a (bit$ ?v1) ?v2)))) (= ?v0 ?v1))) :named
a20))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ ?v0) zero$)
false)) :named a21))
       (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a22))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a23))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$a
(bit$ ?v0) ?v1) (and (fun_app$a (less$ ?v1) (len_of$ type$)) (fun_app$a
(bit$a (unsigned$ ?v0)) ?v1))) :pattern ((fun_app$a (bit$ ?v0) ?v1))))
:named a24))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a25))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a26))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$ ?v0 (mask$ (plus$ ?v1 ?v2))) ?v0) (fun_app$a (less$ ?v2)
(len_of$ type$))) (less$a (fun_app$ (shiftr$ ?v0) ?v1) (power$
(numeral$ (bit0$ one$a)) ?v2)))) :named a27))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(less$a ?v0 ?v1) (less$a (fun_app$ (shiftr$ ?v0) ?v2) ?v1))) :named
a28))
       (assert (! (= (to_bl$ zero$a) (replicate$ (len_of$ type$)
false)) :named a29))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a30))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$a ?v1 ?v2)) (less$a ?v0 ?v2))) :named
a31))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(fun_app$a (less_eq$a ?v0) ?v1) (fun_app$a (less$ ?v1) ?v2)) (fun_app$a
(less$ ?v0) ?v2))) :named a32))
       (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a33))
       (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$a ?v0)
zero$) :pattern ((len_of$a ?v0)))) :named a34))
       (assert (! (forall ((?v0 Nat$)) (= (= (power$ (numeral$ (bit0$
one$a)) ?v0) zero$a) (fun_app$a (less_eq$a (len_of$ type$)) ?v0)))
:named a35))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$a
type$b) ?v0)) :named a36))
       (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a37))
       (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a38))
       (assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a39))
       (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a40))
       (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a41))
       (assert (! (forall ((?v0 Nat$)) (fun_app$a (less_eq$a ?v0) ?v0))
:named a42))
       (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a43))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$ ?v0) (minus$ (len_of$ type$) (suc$ zero$)))) :pattern ((msb$
?v0)))) :named a44))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$a ?v1 ?v0))) :named a45))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$a
(less_eq$a ?v0) ?v1)) (fun_app$a (less$ ?v1) ?v0))) :named a46))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a47))
       (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a48))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$ ?v0
?v1) (push_bit$ ?v1 ?v0)) :pattern ((shiftl$ ?v0 ?v1)))) :named a49))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a50))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a51))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (power$ (numeral$ (bit0$ one$a)) (plus$ ?v0 ?v1)) zero$a)
(fun_app$a (less$ ?v1) (len_of$ type$))) (less$a (fun_app$ (shiftr$
?v2) ?v0) (power$ (numeral$ (bit0$ one$a)) ?v1)))) :named a52))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$a (less$ ?v0) ?v1) false) (=> (fun_app$a (less$
?v1) ?v0) false))) false)) :named a53))
       (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a54))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$a ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3)))))) (fun_app$a
?v0 ?v1))) :named a55))
       (assert (! (forall ((?v0 Bool_list$)) (= (rev$ (rev$ ?v0)) ?v0))
:named a56))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$a (less$ ?v3) ?v2)
(fun_app$a ?v0 ?v3))) (fun_app$a ?v0 ?v2))) (fun_app$a ?v0 ?v1)))
:named a57))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$ ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0 (unsigned$
?v1))))) :named a58))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0) ?v0)
false)) :named a59))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less$a
?v0 ?v1) (fun_app$a (less$ (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less$a ?v0 ?v1)))) :named a60))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a61))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$b (unsigned$a ?v0)) ?v1) (and (fun_app$a (possible_bit$b type$c)
?v1) (fun_app$a (bit$ ?v0) ?v1)))) :named a62))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$a (unsigned$ ?v0)) ?v1) (and (fun_app$a (possible_bit$a type$b)
?v1) (fun_app$a (bit$ ?v0) ?v1)))) :named a63))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$ (unsigned$b ?v0)) ?v1) (and (fun_app$a (possible_bit$ type$a)
?v1) (fun_app$a (bit$ ?v0) ?v1)))) :named a64))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a65))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ (of_nat$
?v0)) zero$))) :named a66))
       (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a67))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a68))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a69))
       (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a70))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$a (less$ ?v0) ?v1) (fun_app$a (less$ ?v1) ?v0)))) :named
a71))
       (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a72))
       (assert (! (forall ((?v0 Nat$)) (= (minus$ ?v0 zero$) ?v0))
:named a73))
       (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a74))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a75))
       (assert (! (forall ((?v0 Nat$)) (= (of_bl$ (replicate$ ?v0
false)) zero$a)) :named a76))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a77))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.006s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       0 < LENGTH('a signed signed)
       0 < LENGTH('a signed)
       0 < LENGTH('a)
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (x >> 0 = x)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀a. (a ≠ 0) = (0 < a)
       ∀n. (n ≠ 0) = (0 < n)
       ∀n. (n < 0) = False
       ∀n. (¬ 0 < n) = (n = 0)
       LENGTH('a signed signed) ≠ 0
       LENGTH('a signed) ≠ 0
       LENGTH('a) ≠ 0
       ∀w v. LENGTH('a signed signed) = 0 ⟶ w = v
       ∀w v. LENGTH('a signed) = 0 ⟶ w = v
       ∀w v. LENGTH('a) = 0 ⟶ w = v
       ∀a. ¬ a < 0
       ∀uu. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of uu = 0)
       ∀w k n. w < k ⟶ w >> n < k
       ∀x. (0 = x) = (x = 0)
       ∀x. (0 = x) = (x = 0)
       ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
       ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
       ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
       ∀n. n < n ⟶ False
       ∀s t. s < t ⟶ s ≠ t
       ∀n m. n < m ⟶ m ≠ n
       ∀n. ¬ n < n
       ∀m n. (m ≠ n) = (m < n ∨ n < m)
       ∀n. (0 < n) = (n ≠ 0)
       ∀m n. m < n ⟶ n ≠ 0
       ∀n. ¬ n < 0
       ∀n. (n = 0 ⟶ False) ⟶ 0 < n
       ∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
       ∀m n. m < n ⟶ n ≠ 0
       ∀n<0. False
       ∀n. ¬ n < 0
       ∀n. (¬ 0 < n) = (n = 0)
       ∀n. (n = 0 ⟶ False) ⟶ 0 < n
       ∀y. 0 < y ∨ 0 = y
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a signed signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0 signed signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0 signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a signed))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH('a))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (len_of x = LENGTH(0))
       ¬ 0 < 0 
SMT: Names:
       sorts:
         Nat$ = nat
         A_word$ = 'a word
         A_itself$ = 'a itself
         Nat_nat_fun$ = nat ⇒ nat
         Num0_itself$ = 0 itself
         Nat_bool_fun$ = nat ⇒ bool
         A_signed_word$ = 'a signed word
         Nat_a_word_fun$ = nat ⇒ 'a word
         A_signed_itself$ = 'a signed itself
         Num0_signed_itself$ = 0 signed itself
         A_signed_signed_word$ = 'a signed signed word
         A_signed_signed_itself$ = 'a signed signed itself
         Num0_signed_signed_itself$ = 0 signed signed itself
         A_signed_signed_signed_itself$ = 'a signed signed signed
itself
         Num0_signed_signed_signed_itself$ = 0 signed signed signed
itself
       functions:
         r$ = r
         x$ = x
         msb$ = msb
         less$ = (<)
         type$ = TYPE('a)
         zero$ = 0
         less$a = (<)
         type$a = TYPE('a signed signed)
         type$b = TYPE('a signed)
         type$c = TYPE(0 signed signed)
         type$d = TYPE(0 signed)
         type$e = TYPE(0)
         zero$a = 0
         len_of$ = len_of
         shiftr$ = (>>)
         fun_app$ = SMT.fun_app
         len_of$a = len_of
         len_of$b = len_of
         len_of$c = len_of
         len_of$d = len_of
         len_of$e = len_of
         len_of$f = len_of
         len_of$g = len_of
         shiftr$a = (>>)
         fun_app$a = SMT.fun_app
         fun_app$b = SMT.fun_app 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9892
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort Num0_itself$ 0)
       (declare-sort Nat_bool_fun$ 0)
       (declare-sort A_signed_word$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-sort A_signed_itself$ 0)
       (declare-sort Num0_signed_itself$ 0)
       (declare-sort A_signed_signed_word$ 0)
       (declare-sort A_signed_signed_itself$ 0)
       (declare-sort Num0_signed_signed_itself$ 0)
       (declare-sort A_signed_signed_signed_itself$ 0)
       (declare-sort Num0_signed_signed_signed_itself$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun less$ (Nat$) Nat_bool_fun$)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun less$a (A_word$ A_word$) Bool)
       (declare-fun type$a () A_signed_signed_itself$)
       (declare-fun type$b () A_signed_itself$)
       (declare-fun type$c () Num0_signed_signed_itself$)
       (declare-fun type$d () Num0_signed_itself$)
       (declare-fun type$e () Num0_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
       (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun len_of$a (A_signed_signed_itself$) Nat$)
       (declare-fun len_of$b (A_signed_itself$) Nat$)
       (declare-fun len_of$c (Num0_itself$) Nat$)
       (declare-fun len_of$d (A_signed_signed_signed_itself$) Nat$)
       (declare-fun len_of$e (Num0_signed_signed_signed_itself$) Nat$)
       (declare-fun len_of$f (Num0_signed_signed_itself$) Nat$)
       (declare-fun len_of$g (Num0_signed_itself$) Nat$)
       (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
       (declare-fun fun_app$a (Nat_bool_fun$ Nat$) Bool)
       (declare-fun fun_app$b (Nat_nat_fun$ Nat$) Nat$)
       (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
       (assert (! (fun_app$a (less$ r$) (len_of$ type$)) :named a1))
       (assert (! (fun_app$a (less$ zero$) (len_of$a type$a)) :named
a2))
       (assert (! (fun_app$a (less$ zero$) (len_of$b type$b)) :named
a3))
       (assert (! (fun_app$a (less$ zero$) (len_of$ type$)) :named a4))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a5))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a6))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a7))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$a zero$)
?v0) zero$)) :named a8))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a9))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a10))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a11))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ ?v0) zero$)
false)) :named a12))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a13))
       (assert (! (not (= (len_of$a type$a) zero$)) :named a14))
       (assert (! (not (= (len_of$b type$b) zero$)) :named a15))
       (assert (! (not (= (len_of$ type$) zero$)) :named a16))
       (assert (! (forall ((?v0 A_signed_signed_word$) (?v1
A_signed_signed_word$)) (=> (= (len_of$a type$a) zero$) (= ?v0 ?v1)))
:named a17))
       (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (= (len_of$b type$b) zero$) (= ?v0 ?v1))) :named a18))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a19))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a20))
       (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$c ?v0)
zero$) :pattern ((len_of$c ?v0)))) :named a21))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(less$a ?v0 ?v1) (less$a (fun_app$ (shiftr$ ?v0) ?v2) ?v1))) :named
a22))
       (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a23))
       (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a24))
       (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a25))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$a (less$ ?v0) ?v1) false) (=> (fun_app$a (less$
?v1) ?v0) false))) false)) :named a26))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$a ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3)))))) (fun_app$a
?v0 ?v1))) :named a27))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$a (less$ ?v3) ?v2)
(fun_app$a ?v0 ?v3))) (fun_app$a ?v0 ?v2))) (fun_app$a ?v0 ?v1)))
:named a28))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0) ?v0)
false)) :named a29))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a30))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a31))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a32))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$a (less$ ?v0) ?v1) (fun_app$a (less$ ?v1) ?v0)))) :named
a33))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a34))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a35))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a36))
       (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a37))
       (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (and
(fun_app$a ?v0 zero$) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v2) (not (fun_app$a ?v0 ?v2))) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3))))))) (fun_app$a
?v0 ?v1))) :named a38))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a39))
       (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
zero$) false)) :named a40))
       (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a41))
       (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a42))
       (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a43))
       (assert (! (forall ((?v0 Nat$)) (or (fun_app$a (less$ zero$)
?v0) (= zero$ ?v0))) :named a44))
       (assert (! (forall ((?v0 A_signed_signed_signed_itself$)) (! (=
(len_of$d ?v0) (len_of$a type$a)) :pattern ((len_of$d ?v0)))) :named
a45))
       (assert (! (forall ((?v0 Num0_signed_signed_signed_itself$)) (!
(= (len_of$e ?v0) (len_of$f type$c)) :pattern ((len_of$e ?v0)))) :named
a46))
       (assert (! (forall ((?v0 Num0_signed_signed_itself$)) (! (=
(len_of$f ?v0) (len_of$g type$d)) :pattern ((len_of$f ?v0)))) :named
a47))
       (assert (! (forall ((?v0 A_signed_signed_itself$)) (! (=
(len_of$a ?v0) (len_of$b type$b)) :pattern ((len_of$a ?v0)))) :named
a48))
       (assert (! (forall ((?v0 A_signed_itself$)) (! (= (len_of$b ?v0)
(len_of$ type$)) :pattern ((len_of$b ?v0)))) :named a49))
       (assert (! (forall ((?v0 Num0_signed_itself$)) (! (= (len_of$g
?v0) (len_of$c type$e)) :pattern ((len_of$g ?v0)))) :named a50))
       (assert (! (not (fun_app$a (less$ zero$) zero$)) :named a51))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.007s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       1 = Suc 0
       0 < LENGTH('a)
       ∀w. nat (uint w) = unat w
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - 1))
       ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb x = (x < 0))
       ∀w n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (w !! n = (n < LENGTH('a) ∧ uint w !! n))
       ∀n x. rev (replicate n x) = replicate n x
       ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       to_bl 0 = replicate LENGTH('a) False
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀x y z. x ≤ y ∧ y < z ⟶ x < z
       ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
       ∀n. possible_bit TYPE(int) n
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀a. a ≤ a
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - Suc 0))
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀x y. (¬ x ≤ y) = (y < x)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a << n = push_bit n a)
       ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
       ∀x. length (to_bl x) = LENGTH('a)
       ∀xs. rev (rev xs) = xs
       ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (¬ msb x ⟶ sint x = uint x)
       ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
       ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
       ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
       ∀n x. length (replicate n x) = n
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (size w = LENGTH('a))
       ∀a. a - 0 = a
       ∀a. a - 0 = a
       ∀a. a - 0 = a 
SMT: Names:
       sorts:
         Nat$ = nat
         Num$ = num
         A_word$ = 'a word
         A_itself$ = 'a itself
         Bool_list$ = bool list
         Int_itself$ = int itself
         Nat_itself$ = nat itself
         A_word_itself$ = 'a word itself
       functions:
         r$ = r
         x$ = x
         and$ = (&&)
         bit$ = (!!)
         msb$ = msb
         nat$ = nat
         one$ = 1
         rev$ = rev
         suc$ = Suc
         bit$a = (!!)
         bit$b = (!!)
         bit0$ = num.Bit0
         less$ = (<)
         mask$ = mask
         msb$a = msb
         one$a = num.One
         plus$ = (+)
         size$ = length
         type$ = TYPE('a)
         zero$ = 0
         less$a = (<)
         minus$ = (-)
         power$ = (^)
         size$a = size
         to_bl$ = to_bl
         type$a = TYPE('a word)
         type$b = TYPE(int)
         type$c = TYPE(nat)
         zero$a = 0
         len_of$ = len_of
         minus$a = (-)
         shiftl$ = (<<)
         shiftr$ = (>>)
         signed$ = sint
         less_eq$ = (≤)
         numeral$ = numeral
         shiftl$a = (<<)
         drop_bit$ = drop_bit
         less_eq$a = (≤)
         push_bit$ = push_bit
         take_bit$ = take_bit
         unsigned$ = uint
         push_bit$a = push_bit
         replicate$ = replicate
         unsigned$a = unat
         unsigned$b = UCAST('a → 'a)
         possible_bit$ = possible_bit
         possible_bit$a = possible_bit
         possible_bit$b = possible_bit 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9885
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort Num$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Bool_list$ 0)
       (declare-sort Int_itself$ 0)
       (declare-sort Nat_itself$ 0)
       (declare-sort A_word_itself$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun and$ (A_word$ A_word$) A_word$)
       (declare-fun bit$ (A_word$ Nat$) Bool)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun nat$ (Int) Nat$)
       (declare-fun one$ () Nat$)
       (declare-fun rev$ (Bool_list$) Bool_list$)
       (declare-fun suc$ (Nat$) Nat$)
       (declare-fun bit$a (Int Nat$) Bool)
       (declare-fun bit$b (Nat$ Nat$) Bool)
       (declare-fun bit0$ (Num$) Num$)
       (declare-fun less$ (Nat$ Nat$) Bool)
       (declare-fun mask$ (Nat$) A_word$)
       (declare-fun msb$a (Int) Bool)
       (declare-fun one$a () Num$)
       (declare-fun plus$ (Nat$ Nat$) Nat$)
       (declare-fun size$ (Bool_list$) Nat$)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun less$a (A_word$ A_word$) Bool)
       (declare-fun minus$ (Nat$ Nat$) Nat$)
       (declare-fun power$ (A_word$ Nat$) A_word$)
       (declare-fun size$a (A_word$) Nat$)
       (declare-fun to_bl$ (A_word$) Bool_list$)
       (declare-fun type$a () A_word_itself$)
       (declare-fun type$b () Int_itself$)
       (declare-fun type$c () Nat_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun minus$a (A_word$ A_word$) A_word$)
       (declare-fun shiftl$ (A_word$ Nat$) A_word$)
       (declare-fun shiftr$ (A_word$ Nat$) A_word$)
       (declare-fun signed$ (A_word$) Int)
       (declare-fun less_eq$ (A_word$ A_word$) Bool)
       (declare-fun numeral$ (Num$) A_word$)
       (declare-fun shiftl$a (Int Nat$) Int)
       (declare-fun drop_bit$ (Nat$ A_word$) A_word$)
       (declare-fun less_eq$a (Nat$ Nat$) Bool)
       (declare-fun push_bit$ (Nat$ A_word$) A_word$)
       (declare-fun take_bit$ (Nat$ Int) Int)
       (declare-fun unsigned$ (A_word$) Int)
       (declare-fun push_bit$a (Nat$ Int) Int)
       (declare-fun replicate$ (Nat$ Bool) Bool_list$)
       (declare-fun unsigned$a (A_word$) Nat$)
       (declare-fun unsigned$b (A_word$) A_word$)
       (declare-fun possible_bit$ (A_word_itself$ Nat$) Bool)
       (declare-fun possible_bit$a (Int_itself$ Nat$) Bool)
       (declare-fun possible_bit$b (Nat_itself$ Nat$) Bool)
       (assert (! (not (= (msb$ (shiftr$ x$ r$)) (and (= r$ zero$)
(msb$ x$)))) :named a0))
       (assert (! (less$ r$ (len_of$ type$)) :named a1))
       (assert (! (= one$ (suc$ zero$)) :named a2))
       (assert (! (less$ zero$ (len_of$ type$)) :named a3))
       (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a4))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftr$ ?v0
?v1) (drop_bit$ ?v1 ?v0)) :pattern ((shiftr$ ?v0 ?v1)))) :named a5))
       (assert (! (forall ((?v0 Nat$)) (= (possible_bit$ type$a ?v0)
(less$ ?v0 (len_of$ type$)))) :named a6))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (bit$ ?v0
(minus$ (len_of$ type$) one$))) :pattern ((msb$ ?v0)))) :named a7))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (less$ ?v2 (len_of$ type$)) (= (bit$ ?v0 ?v2) (bit$
?v1 ?v2)))) (= ?v0 ?v1))) :named a8))
       (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a9))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (bit$ ?v0
?v1) (and (less$ ?v1 (len_of$ type$)) (bit$a (unsigned$ ?v0) ?v1)))
:pattern ((bit$ ?v0 ?v1)))) :named a10))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a11))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$ ?v0 (mask$ (plus$ ?v1 ?v2))) ?v0) (less$ ?v2 (len_of$
type$))) (less$a (shiftr$ ?v0 ?v1) (power$ (numeral$ (bit0$ one$a))
?v2)))) :named a12))
       (assert (! (= (to_bl$ zero$a) (replicate$ (len_of$ type$)
false)) :named a13))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$a ?v1 ?v2)) (less$a ?v0 ?v2))) :named
a14))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(less_eq$a ?v0 ?v1) (less$ ?v1 ?v2)) (less$ ?v0 ?v2))) :named a15))
       (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a16))
       (assert (! (forall ((?v0 Nat$)) (= (= (power$ (numeral$ (bit0$
one$a)) ?v0) zero$a) (less_eq$a (len_of$ type$) ?v0))) :named a17))
       (assert (! (forall ((?v0 Nat$)) (possible_bit$a type$b ?v0))
:named a18))
       (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a19))
       (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a20))
       (assert (! (forall ((?v0 Nat$)) (less_eq$a ?v0 ?v0)) :named
a21))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (bit$ ?v0
(minus$ (len_of$ type$) (suc$ zero$)))) :pattern ((msb$ ?v0)))) :named
a22))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$a ?v1 ?v0))) :named a23))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (less_eq$a
?v0 ?v1)) (less$ ?v1 ?v0))) :named a24))
       (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a25))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$ ?v0
?v1) (push_bit$ ?v1 ?v0)) :pattern ((shiftl$ ?v0 ?v1)))) :named a26))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a27))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (power$ (numeral$ (bit0$ one$a)) (plus$ ?v0 ?v1)) zero$a)
(less$ ?v1 (len_of$ type$))) (less$a (shiftr$ ?v2 ?v0) (power$
(numeral$ (bit0$ one$a)) ?v1)))) :named a28))
       (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a29))
       (assert (! (forall ((?v0 Bool_list$)) (= (rev$ (rev$ ?v0)) ?v0))
:named a30))
       (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$ ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0 (unsigned$
?v1))))) :named a31))
       (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a32))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$b
(unsigned$a ?v0) ?v1) (and (possible_bit$b type$c ?v1) (bit$ ?v0
?v1)))) :named a33))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$a
(unsigned$ ?v0) ?v1) (and (possible_bit$a type$b ?v1) (bit$ ?v0 ?v1))))
:named a34))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$
(unsigned$b ?v0) ?v1) (and (possible_bit$ type$a ?v1) (bit$ ?v0 ?v1))))
:named a35))
       (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a36))
       (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a37))
       (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a38))
       (assert (! (forall ((?v0 Nat$)) (= (minus$ ?v0 zero$) ?v0))
:named a39))
       (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a40))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.007s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       0 < LENGTH('a)
       1 = Suc 0
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (x >> 0 = x)
       ∀w. nat (uint w) = unat w
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (a >> n = drop_bit n a)
       ∀a. (a ≠ 0) = (0 < a)
       LENGTH('a) ≠ 0
       ∀w. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb w = w !! (LENGTH('a) - 1))
       ∀n. (n ≠ 0) = (0 < n)
       ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
       ∀n. (n < 0) = False
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (msb x = (x < 0))
       ∀n. (¬ 0 < n) = (n = 0)
       ∀w n. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
              (w !! n = (n < LENGTH('a) ∧ uint w !! n))
       ∀w v. LENGTH('a) = 0 ⟶ w = v 
SMT: Names:
       sorts:
         Nat$ = nat
         A_word$ = 'a word
         A_itself$ = 'a itself
         Nat_int_fun$ = nat ⇒ int
         Nat_nat_fun$ = nat ⇒ nat
         A_word_itself$ = 'a word itself
         Nat_a_word_fun$ = nat ⇒ 'a word
       functions:
         r$ = r
         x$ = x
         bit$ = (!!)
         msb$ = msb
         nat$ = nat
         one$ = 1
         suc$ = Suc
         bit$a = (!!)
         less$ = (<)
         msb$a = msb
         type$ = TYPE('a)
         zero$ = 0
         minus$ = (-)
         type$a = TYPE('a word)
         zero$a = 0
         len_of$ = len_of
         shiftr$ = (>>)
         fun_app$ = SMT.fun_app
         shiftr$a = (>>)
         shiftr$b = (>>)
         drop_bit$ = drop_bit
         fun_app$a = SMT.fun_app
         fun_app$b = SMT.fun_app
         unsigned$ = uint
         drop_bit$a = drop_bit
         drop_bit$b = drop_bit
         unsigned$a = unat
         possible_bit$ = possible_bit 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9877
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Nat_int_fun$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort A_word_itself$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun bit$ (A_word$ Nat$) Bool)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun nat$ (Int) Nat$)
       (declare-fun one$ () Nat$)
       (declare-fun suc$ (Nat$) Nat$)
       (declare-fun bit$a (Int Nat$) Bool)
       (declare-fun less$ (Nat$ Nat$) Bool)
       (declare-fun msb$a (Int) Bool)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun minus$ (Nat$ Nat$) Nat$)
       (declare-fun type$a () A_word_itself$)
       (declare-fun zero$a () A_word$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
       (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun shiftr$a (Int) Nat_int_fun$)
       (declare-fun shiftr$b (Nat$) Nat_nat_fun$)
       (declare-fun drop_bit$ (Nat$ Int) Int)
       (declare-fun fun_app$a (Nat_int_fun$ Nat$) Int)
       (declare-fun fun_app$b (Nat_nat_fun$ Nat$) Nat$)
       (declare-fun unsigned$ (A_word$) Int)
       (declare-fun drop_bit$a (Nat$ Nat$) Nat$)
       (declare-fun drop_bit$b (Nat$ A_word$) A_word$)
       (declare-fun unsigned$a (A_word$) Nat$)
       (declare-fun possible_bit$ (A_word_itself$ Nat$) Bool)
       (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
       (assert (! (less$ r$ (len_of$ type$)) :named a1))
       (assert (! (less$ zero$ (len_of$ type$)) :named a2))
       (assert (! (= one$ (suc$ zero$)) :named a3))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a4))
       (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a5))
       (assert (! (forall ((?v0 Int)) (! (= (fun_app$a (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a6))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a7))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a8))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$b zero$)
?v0) zero$)) :named a9))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (shiftr$a 0) ?v0)
0)) :named a10))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a11))
       (assert (! (forall ((?v0 Nat$)) (= (possible_bit$ type$a ?v0)
(less$ ?v0 (len_of$ type$)))) :named a12))
       (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (fun_app$a
(shiftr$a ?v0) ?v1) (drop_bit$ ?v1 ?v0)) :pattern ((fun_app$a (shiftr$a
?v0) ?v1)))) :named a13))
       (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(shiftr$b ?v0) ?v1) (drop_bit$a ?v1 ?v0)) :pattern ((fun_app$b
(shiftr$b ?v0) ?v1)))) :named a14))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(shiftr$ ?v0) ?v1) (drop_bit$b ?v1 ?v0)) :pattern ((fun_app$ (shiftr$
?v0) ?v1)))) :named a15))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a16))
       (assert (! (not (= (len_of$ type$) zero$)) :named a17))
       (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (bit$ ?v0
(minus$ (len_of$ type$) one$))) :pattern ((msb$ ?v0)))) :named a18))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a19))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (less$ ?v2 (len_of$ type$)) (= (bit$ ?v0 ?v2) (bit$
?v1 ?v2)))) (= ?v0 ?v1))) :named a20))
       (assert (! (forall ((?v0 Nat$)) (= (less$ ?v0 zero$) false))
:named a21))
       (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a22))
       (assert (! (forall ((?v0 Nat$)) (= (not (less$ zero$ ?v0)) (=
?v0 zero$))) :named a23))
       (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (bit$ ?v0
?v1) (and (less$ ?v1 (len_of$ type$)) (bit$a (unsigned$ ?v0) ?v1)))
:pattern ((bit$ ?v0 ?v1)))) :named a24))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a25))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.006s 
SMT: Assertions:
       msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
       r < LENGTH('a)
       0 < LENGTH('a)
       ∀x. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            (x >> 0 = x)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀a. SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
            (a >> 0 = a)
       ∀n. 0 >> n = 0
       ∀n. 0 >> n = 0
       ∀a. (a ≠ 0) = (0 < a)
       ∀n. (n ≠ 0) = (0 < n)
       ∀n. (n < 0) = False
       ∀n. (¬ 0 < n) = (n = 0)
       LENGTH('a) ≠ 0
       ∀w v. LENGTH('a) = 0 ⟶ w = v
       ∀a. ¬ a < 0
       ∀uu. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of uu = 0) 
SMT: Names:
       sorts:
         Nat$ = nat
         A_word$ = 'a word
         A_itself$ = 'a itself
         Nat_nat_fun$ = nat ⇒ nat
         Num0_itself$ = 0 itself
         Nat_a_word_fun$ = nat ⇒ 'a word
       functions:
         r$ = r
         x$ = x
         msb$ = msb
         less$ = (<)
         type$ = TYPE('a)
         zero$ = 0
         zero$a = 0
         len_of$ = len_of
         shiftr$ = (>>)
         fun_app$ = SMT.fun_app
         len_of$a = len_of
         shiftr$a = (>>)
         fun_app$a = SMT.fun_app 
SMT: Problem:
       ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=29646
       (set-option :produce-proofs true)
       (declare-sort Nat$ 0)
       (declare-sort A_word$ 0)
       (declare-sort A_itself$ 0)
       (declare-sort Nat_nat_fun$ 0)
       (declare-sort Num0_itself$ 0)
       (declare-sort Nat_a_word_fun$ 0)
       (declare-fun r$ () Nat$)
       (declare-fun x$ () A_word$)
       (declare-fun msb$ (A_word$) Bool)
       (declare-fun less$ (Nat$ Nat$) Bool)
       (declare-fun type$ () A_itself$)
       (declare-fun zero$ () Nat$)
       (declare-fun zero$a () A_word$)
       (declare-fun len_of$ (A_itself$) Nat$)
       (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
       (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
       (declare-fun len_of$a (Num0_itself$) Nat$)
       (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
       (declare-fun fun_app$a (Nat_nat_fun$ Nat$) Nat$)
       (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
       (assert (! (less$ r$ (len_of$ type$)) :named a1))
       (assert (! (less$ zero$ (len_of$ type$)) :named a2))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a3))
       (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$a (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a4))
       (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a5))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (shiftr$a zero$)
?v0) zero$)) :named a6))
       (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a7))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a8))
       (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a9))
       (assert (! (forall ((?v0 Nat$)) (= (less$ ?v0 zero$) false))
:named a10))
       (assert (! (forall ((?v0 Nat$)) (= (not (less$ zero$ ?v0)) (=
?v0 zero$))) :named a11))
       (assert (! (not (= (len_of$ type$) zero$)) :named a12))
       (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a13))
       (assert (! (forall ((?v0 Nat$)) (not (less$ ?v0 zero$))) :named
a14))
       (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$a ?v0)
zero$) :pattern ((len_of$a ?v0)))) :named a15))
       (check-sat)
       (get-proof)
        
SMT: Invoking SMT solver "verit" ... 
SMT: Solver: 
SMT: Result:
       (error "set-logic not issued") 
SMT: Time:
       0.006s 
"verit": Prover error:
Solver "verit" failed -- enable tracing using the "smt_trace" option
for details  
  
  ›
  
  oops



> 
> 
> Mathias
> 
> 
> On 14/11/2021 13:54, Peter Lammich wrote:
> > I get a lot of verit errors from sledgehammer.
> > 
> > "verit": Prover error:
> > Solver "verit" failed -- enable tracing using the "smt_trace"
> > option
> > for details
> > 
> > And there is no smt_trace option to sledgehammer, at least
> > sledgehammer
> > [smt_trace] tells me so, and the sledgehammer manual does not
> > contain
> > the string smt_trace!
> > 
> > --
> >    Peter
> > 
> > 
> > On Fri, 2021-11-12 at 21:26 +0100, Makarius wrote:
> > > Dear Isabelle users,
> > > 
> > > please see https://isabelle.sketis.net/website-Isabelle2021-1-RC3
> > >  and
> > > https://isabelle-dev.sketis.net/phame/post/view/53/release_candidates_for_isabelle2021-1
> > > for further progress on the release process.
> > > 
> > > There is now a proper download for Linux (ARM), and the "isabelle
> > > build_docker" tools works for it (relevant on Apple M1 hardware).
> > > 
> > > This is also the fork-point of the isabelle-dev repository, which
> > > continues
> > > for the time after this release:
> > > https://isabelle.sketis.net/repos/isabelle/rev/4f1c1c7eb95f
> > > 
> > > 
> > > Reminder: Any feedback about release candidates should be posted
> > > with
> > > a meaningful
> > > Subject (not just a clone of the announcement).
> > > 
> > > We have approx. 4 weeks left until final lift-off: afterwards
> > > there
> > > will be no
> > > more changes on this line.
> > > 
> > > 
> > > 	Makarius
> > > 





This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.