Re: [isabelle] Isabelle2021-1-RC3: verit errors



Hi Peter,

I have a patch for that issue (`isabelle build -a` is torturing my computer for now...).

The problems comes from the fact that veriT does not support bit-vectors, but that they are generated by default by sledgehammer and smt.


Thanks for reporting,

Mathias


On 17/11/2021 10:19, Peter Lammich wrote:
Hi Mathias.

On Mon, 2021-11-15 at 13:25 +0100, Mathias Fleury wrote:
supply [[smt_trace]]
Thanks.


Do you have any example with a failure?
Here you go.

--
Peter


theory Scratch
imports Main "Word_Lib.Word_Lib_Sumo"
begin


lemma msb_shiftr_word [simp]:
   "r < LENGTH('a) ⟹ msb ((x :: 'a :: {len} word) >> r) ⟷ ((r = 0 ∧ msb
x))"
   supply [[smt_trace]]
   sledgehammer [provers=verit]
⌦‹
Sledgehammering...
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        0 < LENGTH('a signed)
        0 < LENGTH('a)
        1 = Suc 0
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (x >> 0 = x)
        ∀w. nat (uint w) = unat w
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀m. possible_bit TYPE('a signed word) m = (m < LENGTH('a
signed))
        ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a. (a ≠ 0) = (0 < a)
        LENGTH('a signed) ≠ 0
        LENGTH('a) ≠ 0
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a signed) - 1))
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - 1))
        ∀n. (n ≠ 0) = (0 < n)
        ∀a b. (∀n<LENGTH('a signed). a !! n = b !! n) ⟶ a = b
        ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
        ∀n. (n < 0) = False
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb x = (x < 0))
        ∀n. (¬ 0 < n) = (n = 0)
        ∀w n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (w !! n = (n < LENGTH('a signed) ∧ uint w !! n))
        ∀w n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (w !! n = (n < LENGTH('a) ∧ uint w !! n))
        ∀n x. rev (replicate n x) = replicate n x
        ∀w v. LENGTH('a signed) = 0 ⟶ w = v
        ∀w v. LENGTH('a) = 0 ⟶ w = v
        ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a signed) ⟶ x >> n <
2 ^ m
        ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        ∀w k n. w < k ⟶ w >> n < k
        to_bl 0 = replicate LENGTH('a signed) False
        to_bl 0 = replicate LENGTH('a) False
        ∀a. ¬ a < 0
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀uu. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
              (len_of uu = 0)
        ∀n. (2 ^ n = 0) = (LENGTH('a signed) ≤ n)
        ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
        ∀n. possible_bit TYPE(int) n
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (¬ msb x ⟶ sint x = uint x)
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a signed) - Suc 0))
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - Suc 0))
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀n. ¬ n < 0
        ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a signed) ⟶ x >> n < 2 ^ m
        ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
        ∀x. length (to_bl x) = LENGTH('a signed)
        ∀x. length (to_bl x) = LENGTH('a)
        ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
        ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
        ∀n. n < n ⟶ False
        ∀a b. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((a < b) = (unat a < unat b))
        ∀s t. s < t ⟶ s ≠ t
        ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
        ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
        ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
        ∀n m. n < m ⟶ m ≠ n
        ∀m. ¬ of_nat m < 0
        ∀m. ¬ int m < 0
        ∀n x. length (replicate n x) = n
        ∀n. ¬ n < n
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (size w = LENGTH('a signed))
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (size w = LENGTH('a))
        ∀m n. (m ≠ n) = (m < n ∨ n < m)
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀n. (0 < n) = (n ≠ 0)
        ∀n. of_bl (replicate n False) = 0
        ∀m n. m < n ⟶ n ≠ 0
        ∀f g x.
           SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((f ∘ g) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            ((f ∘ g) x = f (g x))
        ∀w n. w !! n ⟶ n < LENGTH('a signed)
        ∀w n. w !! n ⟶ n < LENGTH('a)
        ∀n. (n = 0 ⟶ False) ⟶ 0 < n
        ∀x n. x < 2 ^ n ⟶ x && mask n = x
        ∀x. (uint x < 0) = False
        ∀w. length (to_bl w) = LENGTH('a signed)
        ∀w. length (to_bl w) = LENGTH('a)
        ∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀a. 0 ≤ a
        ∀m n. m < n ⟶ n ≠ 0
        ∀x. of_bl (to_bl x) = x
        ∀n<0. False
        ∀n<LENGTH('a signed). uint (2 ^ n) = 2 ^ n
        ∀n<LENGTH('a). uint (2 ^ n) = 2 ^ n
        ∀n. ¬ n < 0
        ∀n. (¬ 0 < n) = (n = 0)
        ∀n. unat (2 ^ n) = (if n < LENGTH('a signed) then 2 ^ n else 0)
        ∀n. unat (2 ^ n) = (if n < LENGTH('a) then 2 ^ n else 0)
        ∀n. (n = 0 ⟶ False) ⟶ 0 < n
        ∀b c a q.
           LENGTH('a signed) + b ≤ c + a ∧ c < LENGTH('a signed) ⟶
           unat ((q >> a << b) && ~~ mask c) = 0
        ∀b c a q.
           LENGTH('a) + b ≤ c + a ∧ c < LENGTH('a) ⟶ unat ((q >> a << b)
&& ~~ mask c) = 0
        ∀y. 0 < y ∨ 0 = y
        ∀x. ¬ x < 0
        ∀n<LENGTH('a signed). unat (2 ^ n) = 2 ^ n
        ∀n<LENGTH('a). unat (2 ^ n) = 2 ^ n
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0 signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0))
        ¬ 0 < 0
        ¬ 0 < 0
        ∀x. to_bl x ≠ []
        ∀z n. 0 ≤ z ⟶ nat (z ^ n) = nat z ^ n
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = (w >> LENGTH('a signed) - 1 ≠ 0))
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = (w >> LENGTH('a) - 1 ≠ 0))
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
        ∀a b n. (a && b) !! n = (a !! n ∧ b !! n)
        ∀a. (0 = - a) = (0 = a)
        ∀a. (0 = - a) = (0 = a)
        ∀n. (LENGTH('a signed) - Suc 0 < n) = (LENGTH('a signed) ≤ n)
        ∀n. (LENGTH('a) - Suc 0 < n) = (LENGTH('a) ≤ n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (push_bit n a = a * 2 ^ n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (push_bit n a = a * 2 ^ n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (push_bit n a = a * 2 ^ n)
        ∀n. (0 < of_nat n) = (0 < n)
        ∀n. (0 < int n) = (0 < n)
        ∀x y. (¬ x < y) = (y ≤ x)
        ∀x y. (¬ x < y) = (y ≤ x)
        ∀x y. (¬ x < y) = (y ≤ x)
        ∀x. ¬ x < x
        ∀x. ¬ x < x
        ∀x. ¬ x < x
        ¬ msb 0
        ∀a. a + 0 = a
        ∀a. a + 0 = a
        ∀a. a + 0 = a
        ∀m n. (of_nat m = of_nat n) = (m = n)
        ∀m n. (int m = int n) = (m = n)
        ∀m n. mask m !! n = (possible_bit TYPE(nat) n ∧ n < m)
        ∀m n. mask m !! n = (possible_bit TYPE('a word) n ∧ n < m)
        ∀m n. mask m !! n = (possible_bit TYPE(int) n ∧ n < m)
        word_of_nat 0 = 0
        of_nat 0 = 0
        int 0 = 0
        ∀n. (0 = of_nat n) = (0 = n)
        ∀n. (0 = int n) = (0 = n)
        ∀a b. a * b = b * a
        ∀a b. a * b = b * a
        ∀a b. a * b = b * a
        ∀m. (of_nat m = 0) = (m = 0)
        ∀m. (int m = 0) = (m = 0)
        ∀p n. (p < 2 ^ n) =
              (n < LENGTH('a signed) ∧ (∀n'. n ≤ n' ∧ n' < LENGTH('a
signed) ⟶ ¬ p !! n'))
        ∀p n. (p < 2 ^ n) = (n < LENGTH('a) ∧ (∀n'. n ≤ n' ∧ n' <
LENGTH('a) ⟶ ¬ p !! n'))
        ∀m n. (of_nat m < of_nat n) = (m < n)
        ∀m n. (int m < int n) = (m < n)
        ∀x. LENGTH('a signed) = LENGTH('a signed) ⟶
            msb (UCAST('a signed → 'a signed) x) = msb x
        ∀x. LENGTH('a signed) = LENGTH('a) ⟶ msb (UCAST('a → 'a signed)
x) = msb x
        ∀x. LENGTH('a) = LENGTH('a signed) ⟶ msb (UCAST('a signed → 'a)
x) = msb x
        ∀x. LENGTH('a) = LENGTH('a) ⟶ msb (UCAST('a → 'a) x) = msb x
        ∀x y. (unat x * unat y < 2 ^ LENGTH('a signed)) = (unat (x * y)
= unat x * unat y)
        ∀x y. (unat x * unat y < 2 ^ LENGTH('a)) = (unat (x * y) = unat
x * unat y)
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = (sint w < 0))
        ∀a b. a + b = b + a
        ∀a b. a + b = b + a
        ∀a. ¬ a < 0
        uint 0 = 0
        unat 0 = 0
        UCAST('a → 'a) 0 = 0
        ∀n. (n ≤ LENGTH('a signed) - Suc 0) = (n < LENGTH('a signed))
        ∀n. (n ≤ LENGTH('a) - Suc 0) = (n < LENGTH('a))
        ∀y. (0 < y) = (0 ≠ y)
        ∀w. (drop_bit (LENGTH('a signed) - Suc 0) w = 0) = (¬ w !!
(LENGTH('a signed) - Suc 0))
        ∀w. (drop_bit (LENGTH('a) - Suc 0) w = 0) = (¬ w !! (LENGTH('a)
- Suc 0))
        ∀w. (w ≠ 0) = (0 < w)
        ∀w. int (unat w) = uint w
        ∀w. of_nat (unat w) = unat w
        ∀w. word_of_nat (unat w) = UCAST('a → 'a) w
        ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
        ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
        ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
        ∀a. (0 < a) = (a ≠ 0)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (take_bit n a = a && mask n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (take_bit n a = a AND mask n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (take_bit n a = a AND mask n)
        0 = word_of_nat 0
        ∀n≥LENGTH('a signed). 2 ^ n = 0
        ∀n≥LENGTH('a). 2 ^ n = 0
        ∀w n. unat (w >> n) = unat w div 2 ^ n
        ∀m n. m < n ⟶ of_nat m < of_nat n
        ∀m n. m < n ⟶ int m < int n
        ∀m n. of_nat m < of_nat n ⟶ m < n
        ∀m n. int m < int n ⟶ m < n
        SCAST('a → 'a) 0 = 0
        sint 0 = 0
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = hd (to_bl w))
        ∀k. word_of_nat k ≠ 0 ⟶ 0 < k
        ∀k. of_nat k ≠ 0 ⟶ 0 < k
        ∀k. int k ≠ 0 ⟶ 0 < k
        ∀x xs.
           SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x # xs))
SMT.Symb_Nil) SMT.Symb_Nil)
            (length (x # xs) = Suc (length xs))
        ∀ty. possible_bit ty 0
        ∀ty. possible_bit ty 0
        ∀z. (0 < nat z) = (0 < z)
        ∀n w. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (LENGTH('a signed) ≤ n ⟶ w >> n = 0)
        ∀n w. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (LENGTH('a) ≤ n ⟶ w >> n = 0)
        ∀n. possible_bit TYPE(nat) n
        ∀n. possible_bit TYPE(int) n
        ∀n w. n < LENGTH('a signed) ⟶ w && mask n < 2 ^ n
        ∀n w. n < LENGTH('a) ⟶ w && mask n < 2 ^ n
        ∀a n. a < n ⟶ 0 < n
        ∀x z n. limited_and x z ⟶ limited_and (x >> n) (z >> n)
        ∀k. 0 < k ∧ (∀n. k = int n ∧ 0 < n ⟶ False) ⟶ False
        bot = False
        ∀k>0. ∃n>0. k = int n
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb a = (2 ^ (LENGTH('a signed) - Suc 0) ≤ a))
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb a = (2 ^ (LENGTH('a) - Suc 0) ≤ a))
        (CHAR('a word) = 0) = (∀n>0. word_of_nat n ≠ 0)
        (CHAR(nat) = 0) = (∀n>0. of_nat n ≠ 0)
        (CHAR(int) = 0) = (∀n>0. int n ≠ 0)
        ∀n. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (mask n))
SMT.Symb_Nil) SMT.Symb_Nil)
             (mask n = 2 ^ n - 1)
        ∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
            CHAR('a word) = c
        ∀c. 0 < c ∧ of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ of_nat x ≠ 0) ⟶
CHAR(nat) = c
        ∀c. 0 < c ∧ int c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ int x ≠ 0) ⟶
CHAR(int) = c
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (SCAST('a → 'a) x))
SMT.Symb_Nil)
               SMT.Symb_Nil)
             (¬ msb x ⟶ SCAST('a → 'a) x = UCAST('a → 'a) x)
        ∀z z'. 0 ≤ z ⟶ nat (z * z') = nat z * nat z'
        ∀m n. (int m = int n) = (m = n)
        ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
        ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
        ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
        CHAR(nat) = 0
        CHAR(int) = 0
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb a = (bin_sign (signed_take_bit (LENGTH('a signed) - 1)
(uint a)) = - 1))
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb a = (bin_sign (signed_take_bit (LENGTH('a) - 1) (uint
a)) = - 1))
        word_of_nat CHAR('a word) = 0
        of_nat CHAR(nat) = 0
        int CHAR(int) = 0
        (0 < 0) = False
        ∀a. 0 - a = - a
        ∀a. 0 - a = - a
        (0 < CHAR('a word)) = (∃n>0. word_of_nat n = 0)
        (0 < CHAR(nat)) = (∃n>0. of_nat n = 0)
        (0 < CHAR(int)) = (∃n>0. int n = 0)
        ∀x. (x < 1) = (x = 0)
        ∀a b. (a < b) = (int a < int b)
        int 0 = 0
        ∀a. (a ≠ 0) = (0 < a)
        ∀x y. (int x = int y) = (x = y)
        ∀a b. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a ≤ b))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((a ≤ b) = (unat a ≤ unat b))
        ∀k. k < 0 ∧ (∀n. k = - int n ∧ 0 < n ⟶ False) ⟶ False
        ∀m n. (word_of_nat m < word_of_nat n) = (take_bit LENGTH('a) m <
take_bit LENGTH('a) n)
        ∀x y. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x ≤s y))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((x ≤s y) = ((msb y ⟶ msb x) ∧ (msb x ∧ ¬ msb y ∨ x ≤
y)))
        ∀a. - (- a) = a
        ∀a. 0 * a = 0
        ∀a. 0 * a = 0
        ∀a b. (- a = - b) = (a = b)
        ∀b. - (- b) = b
        ∀n w. n < LENGTH('a) ⟶ to_bl w ! n = w !! (LENGTH('a) - Suc n)
        0 = 0
        ∀n bnd x. 2 ^ (LENGTH('a) - n) - 1 ≤ bnd ∧ 0 < n ⟶ unat (x >> n)
≤ bnd
        neg_numeral_class.sub num.One num.One = 0
        ∀a. (- a = 0) = (a = 0)
        ∀n k. (drop_bit n k < 0) = (k < 0)
        ∀a. (a = - a) = (a = 0)
        ∀a. 0 + a = a
        ∀a. 0 + a = a
        ∀a. (- a = a) = (a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a ^ 0 = 1)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a ^ 0 = 1)
        ∀b a. (- b < - a) = (a < b)
        ∀n. take_bit n 0 = 0
        ∀n. take_bit n 0 = 0
        ∀x r. msb (x >> r) = msb x
        ∀a. (a < - a) = (a < 0)
        ∀a. (- a < a) = (0 < a)
        ∀a. (0 < - a) = (a < 0)
        ∀a. (- a < 0) = (0 < a)
        ∀x. 0 ≤ x
        ∀m. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((*) m))
SMT.Symb_Nil) SMT.Symb_Nil)
             (m * 0 = 0)
        ∀n m. (- int n = int m) = (n = 0 ∧ m = 0)
        Numeral1 = 1
        ∀n m. take_bit n (int m) = int (take_bit n m)
SMT: Names:
        sorts:
          Nat$ = nat
          Num$ = num
          A_word$ = 'a word
          A_itself$ = 'a itself
          Bool_list$ = bool list
          Int_itself$ = int itself
          Nat_itself$ = nat itself
          Nat_int_fun$ = nat ⇒ int
          Nat_nat_fun$ = nat ⇒ nat
          Num0_itself$ = 0 itself
          Nat_bool_fun$ = nat ⇒ bool
          A_signed_word$ = 'a signed word
          A_word_itself$ = 'a word itself
          Nat_a_word_fun$ = nat ⇒ 'a word
          A_signed_itself$ = 'a signed itself
          Num0_signed_itself$ = 0 signed itself
          A_signed_word_itself$ = 'a signed word itself
          A_signed_signed_itself$ = 'a signed signed itself
          Num0_signed_signed_itself$ = 0 signed signed itself
        functions:
          r$ = r
          x$ = x
          hd$ = hd
          and$ = (&&)
          bit$ = (!!)
          bot$ = bot
          msb$ = msb
          nat$ = nat
          nil$ = []
          not$ = wordNOT
          nth$ = (!)
          one$ = 1
          rev$ = rev
          sub$ = neg_numeral_class.sub
          suc$ = Suc
          and$a = (&&)
          and$b = (AND)
          and$c = (AND)
          bit$a = (!!)
          bit$b = (!!)
          bit$c = (!!)
          bit0$ = num.Bit0
          comp$ = (∘)
          cons$ = (#)
          less$ = (<)
          mask$ = mask
          msb$a = msb
          msb$b = msb
          not$a = wordNOT
          one$a = num.One
          one$b = 1
          plus$ = (+)
          size$ = length
          type$ = TYPE('a)
          zero$ = 0
          less$a = (<)
          less$b = (<)
          mask$a = mask
          mask$b = mask
          mask$c = mask
          minus$ = (-)
          of_bl$ = of_bl
          plus$a = (+)
          power$ = (^)
          size$a = size
          size$b = size
          times$ = (*)
          to_bl$ = to_bl
          type$a = TYPE('a signed)
          type$b = TYPE('a signed word)
          type$c = TYPE('a word)
          type$d = TYPE(int)
          type$e = TYPE(nat)
          type$f = TYPE(0 signed)
          type$g = TYPE(0)
          zero$a = 0
          zero$b = 0
          divide$ = (div)
          len_of$ = len_of
          minus$a = (-)
          of_nat$ = of_nat
          power$a = (^)
          power$b = (^)
          power$c = (^)
          shiftl$ = (<<)
          shiftr$ = (>>)
          signed$ = sint
          times$a = (*)
          times$b = (*)
          times$c = (*)
          to_bl$a = to_bl
          uminus$ = uminus
          fun_app$ = SMT.fun_app
          len_of$a = len_of
          len_of$b = len_of
          len_of$c = len_of
          len_of$d = len_of
          len_of$e = len_of
          less_eq$ = (≤)
          numeral$ = numeral
          of_nat$a = int
          of_nat$b = word_of_nat
          shiftl$a = (<<)
          shiftl$b = (<<)
          shiftl$c = (<<)
          shiftr$a = (>>)
          shiftr$b = (>>)
          shiftr$c = (>>)
          signed$a = SCAST('a → 'a)
          bin_sign$ = bin_sign
          drop_bit$ = drop_bit
          fun_app$a = SMT.fun_app
          fun_app$b = SMT.fun_app
          fun_app$c = SMT.fun_app
          less_eq$a = (≤)
          less_eq$b = (≤)
          numeral$a = numeral
          numeral$b = numeral
          push_bit$ = push_bit
          take_bit$ = take_bit
          unsigned$ = uint
          word_sle$ = (≤s)
          drop_bit$a = drop_bit
          drop_bit$b = drop_bit
          drop_bit$c = drop_bit
          push_bit$a = push_bit
          push_bit$b = push_bit
          replicate$ = replicate
          take_bit$a = take_bit
          take_bit$b = take_bit
          unsigned$a = unat
          unsigned$b = uint
          unsigned$c = UCAST('a → 'a)
          unsigned$d = unat
          unsigned$e = UCAST('a signed → 'a signed)
          unsigned$f = UCAST('a → 'a signed)
          unsigned$g = UCAST('a signed → 'a)
          limited_and$ = limited_and
          possible_bit$ = possible_bit
          possible_bit$a = possible_bit
          possible_bit$b = possible_bit
          possible_bit$c = possible_bit
          semiring_char$ = semiring_char
          semiring_char$a = semiring_char
          semiring_char$b = semiring_char
          signed_take_bit$ = signed_take_bit
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9990
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort Num$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Bool_list$ 0)
        (declare-sort Int_itself$ 0)
        (declare-sort Nat_itself$ 0)
        (declare-sort Nat_int_fun$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort Num0_itself$ 0)
        (declare-sort Nat_bool_fun$ 0)
        (declare-sort A_signed_word$ 0)
        (declare-sort A_word_itself$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-sort A_signed_itself$ 0)
        (declare-sort Num0_signed_itself$ 0)
        (declare-sort A_signed_word_itself$ 0)
        (declare-sort A_signed_signed_itself$ 0)
        (declare-sort Num0_signed_signed_itself$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun hd$ (Bool_list$) Bool)
        (declare-fun and$ (A_signed_word$ A_signed_word$)
A_signed_word$)
        (declare-fun bit$ (A_signed_word$) Nat_bool_fun$)
        (declare-fun bot$ () Bool)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun nat$ (Int) Nat$)
        (declare-fun nil$ () Bool_list$)
        (declare-fun not$ (A_signed_word$) A_signed_word$)
        (declare-fun nth$ (Bool_list$) Nat_bool_fun$)
        (declare-fun one$ () Nat$)
        (declare-fun rev$ (Bool_list$) Bool_list$)
        (declare-fun sub$ (Num$ Num$) Int)
        (declare-fun suc$ () Nat_nat_fun$)
        (declare-fun and$a (A_word$ A_word$) A_word$)
        (declare-fun and$b (Int Int) Int)
        (declare-fun and$c (Nat$) Nat_nat_fun$)
        (declare-fun bit$a (A_word$) Nat_bool_fun$)
        (declare-fun bit$b (Int) Nat_bool_fun$)
        (declare-fun bit$c (Nat$) Nat_bool_fun$)
        (declare-fun bit0$ (Num$) Num$)
        (declare-fun comp$ (Nat_bool_fun$ Nat_nat_fun$) Nat_bool_fun$)
        (declare-fun cons$ (Bool Bool_list$) Bool_list$)
        (declare-fun less$ (Nat$) Nat_bool_fun$)
        (declare-fun mask$ (Nat$) A_signed_word$)
        (declare-fun msb$a (A_signed_word$) Bool)
        (declare-fun msb$b (Int) Bool)
        (declare-fun not$a (A_word$) A_word$)
        (declare-fun one$a () Num$)
        (declare-fun one$b () A_word$)
        (declare-fun plus$ (Nat$) Nat_nat_fun$)
        (declare-fun size$ (Bool_list$) Nat$)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun less$a (A_signed_word$ A_signed_word$) Bool)
        (declare-fun less$b (A_word$ A_word$) Bool)
        (declare-fun mask$a (Nat$) A_word$)
        (declare-fun mask$b () Nat_nat_fun$)
        (declare-fun mask$c (Nat$) Int)
        (declare-fun minus$ (Nat$) Nat_nat_fun$)
        (declare-fun of_bl$ (Bool_list$) A_word$)
        (declare-fun plus$a (A_word$ A_word$) A_word$)
        (declare-fun power$ (A_signed_word$ Nat$) A_signed_word$)
        (declare-fun size$a (A_word$) Nat$)
        (declare-fun size$b (A_signed_word$) Nat$)
        (declare-fun times$ (A_word$ A_word$) A_word$)
        (declare-fun to_bl$ (A_signed_word$) Bool_list$)
        (declare-fun type$a () A_signed_itself$)
        (declare-fun type$b () A_signed_word_itself$)
        (declare-fun type$c () A_word_itself$)
        (declare-fun type$d () Int_itself$)
        (declare-fun type$e () Nat_itself$)
        (declare-fun type$f () Num0_signed_itself$)
        (declare-fun type$g () Num0_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun zero$b () A_signed_word$)
        (declare-fun divide$ (Nat$) Nat_nat_fun$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun minus$a (A_word$ A_word$) A_word$)
        (declare-fun of_nat$ () Nat_nat_fun$)
        (declare-fun power$a (A_word$ Nat$) A_word$)
        (declare-fun power$b (Int) Nat_int_fun$)
        (declare-fun power$c (Nat$) Nat_nat_fun$)
        (declare-fun shiftl$ (Nat$) Nat_nat_fun$)
        (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
        (declare-fun signed$ (A_word$) Int)
        (declare-fun times$a (Int Int) Int)
        (declare-fun times$b (Nat$) Nat_nat_fun$)
        (declare-fun times$c (A_signed_word$ A_signed_word$)
A_signed_word$)
        (declare-fun to_bl$a (A_word$) Bool_list$)
        (declare-fun uminus$ (A_word$) A_word$)
        (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun len_of$a (A_signed_itself$) Nat$)
        (declare-fun len_of$b (Num0_itself$) Nat$)
        (declare-fun len_of$c (Num0_signed_signed_itself$) Nat$)
        (declare-fun len_of$d (Num0_signed_itself$) Nat$)
        (declare-fun len_of$e (A_signed_signed_itself$) Nat$)
        (declare-fun less_eq$ (A_word$ A_word$) Bool)
        (declare-fun numeral$ (Num$) A_signed_word$)
        (declare-fun of_nat$a (Nat$) Int)
        (declare-fun of_nat$b (Nat$) A_word$)
        (declare-fun shiftl$a (Int Nat$) Int)
        (declare-fun shiftl$b (A_word$ Nat$) A_word$)
        (declare-fun shiftl$c (A_signed_word$ Nat$) A_signed_word$)
        (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
        (declare-fun shiftr$b (Int) Nat_int_fun$)
        (declare-fun shiftr$c (A_signed_word$ Nat$) A_signed_word$)
        (declare-fun signed$a (A_word$) A_word$)
        (declare-fun bin_sign$ (Int) Int)
        (declare-fun drop_bit$ (Nat$) Nat_nat_fun$)
        (declare-fun fun_app$a (Nat_bool_fun$ Nat$) Bool)
        (declare-fun fun_app$b (Nat_nat_fun$ Nat$) Nat$)
        (declare-fun fun_app$c (Nat_int_fun$ Nat$) Int)
        (declare-fun less_eq$a (Nat$) Nat_bool_fun$)
        (declare-fun less_eq$b (A_signed_word$ A_signed_word$) Bool)
        (declare-fun numeral$a (Num$) A_word$)
        (declare-fun numeral$b (Num$) Nat$)
        (declare-fun push_bit$ (Nat$) Nat_nat_fun$)
        (declare-fun take_bit$ (Nat$ Int) Int)
        (declare-fun unsigned$ (A_word$) Int)
        (declare-fun word_sle$ (A_word$ A_word$) Bool)
        (declare-fun drop_bit$a (Nat$ A_word$) A_word$)
        (declare-fun drop_bit$b (Nat$ Int) Int)
        (declare-fun drop_bit$c (Nat$ A_signed_word$) A_signed_word$)
        (declare-fun push_bit$a (Nat$ Int) Int)
        (declare-fun push_bit$b (Nat$ A_word$) A_word$)
        (declare-fun replicate$ (Nat$ Bool) Bool_list$)
        (declare-fun take_bit$a (Nat$ A_word$) A_word$)
        (declare-fun take_bit$b (Nat$) Nat_nat_fun$)
        (declare-fun unsigned$a (A_word$) Nat$)
        (declare-fun unsigned$b (A_signed_word$) Int)
        (declare-fun unsigned$c (A_word$) A_word$)
        (declare-fun unsigned$d (A_signed_word$) Nat$)
        (declare-fun unsigned$e (A_signed_word$) A_signed_word$)
        (declare-fun unsigned$f (A_word$) A_signed_word$)
        (declare-fun unsigned$g (A_signed_word$) A_word$)
        (declare-fun limited_and$ (A_word$ A_word$) Bool)
        (declare-fun possible_bit$ (A_signed_word_itself$)
Nat_bool_fun$)
        (declare-fun possible_bit$a (A_word_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$b (Int_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$c (Nat_itself$) Nat_bool_fun$)
        (declare-fun semiring_char$ (A_word_itself$) Nat$)
        (declare-fun semiring_char$a (Nat_itself$) Nat$)
        (declare-fun semiring_char$b (Int_itself$) Nat$)
        (declare-fun signed_take_bit$ (Nat$ Int) Int)
        (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
        (assert (! (fun_app$a (less$ r$) (len_of$ type$)) :named a1))
        (assert (! (fun_app$a (less$ zero$) (len_of$a type$a)) :named
a2))
        (assert (! (fun_app$a (less$ zero$) (len_of$ type$)) :named a3))
        (assert (! (= one$ (fun_app$b suc$ zero$)) :named a4))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a5))
        (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a6))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a7))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a8))
        (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a9))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$a zero$)
?v0) zero$)) :named a10))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a11))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$c (shiftr$b 0) ?v0)
0)) :named a12))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (possible_bit$
type$b) ?v0) (fun_app$a (less$ ?v0) (len_of$a type$a)))) :named a13))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (possible_bit$a
type$c) ?v0) (fun_app$a (less$ ?v0) (len_of$ type$)))) :named a14))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(shiftr$a ?v0) ?v1) (fun_app$b (drop_bit$ ?v1) ?v0)) :pattern
((fun_app$b (shiftr$a ?v0) ?v1)))) :named a15))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(shiftr$ ?v0) ?v1) (drop_bit$a ?v1 ?v0)) :pattern ((fun_app$ (shiftr$
?v0) ?v1)))) :named a16))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (fun_app$c
(shiftr$b ?v0) ?v1) (drop_bit$b ?v1 ?v0)) :pattern ((fun_app$c
(shiftr$b ?v0) ?v1)))) :named a17))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a18))
        (assert (! (not (= (len_of$a type$a) zero$)) :named a19))
        (assert (! (not (= (len_of$ type$) zero$)) :named a20))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0)
(fun_app$a (bit$ ?v0) (fun_app$b (minus$ (len_of$a type$a)) one$)))
:pattern ((msb$a ?v0)))) :named a21))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$a ?v0) (fun_app$b (minus$ (len_of$ type$)) one$))) :pattern ((msb$
?v0)))) :named a22))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a23))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (forall ((?v2 Nat$)) (=> (fun_app$a (less$ ?v2) (len_of$a type$a))
(= (fun_app$a (bit$ ?v0) ?v2) (fun_app$a (bit$ ?v1) ?v2)))) (= ?v0
?v1))) :named a24))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (fun_app$a (less$ ?v2) (len_of$ type$)) (= (fun_app$a
(bit$a ?v0) ?v2) (fun_app$a (bit$a ?v1) ?v2)))) (= ?v0 ?v1))) :named
a25))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ ?v0) zero$)
false)) :named a26))
        (assert (! (forall ((?v0 Int)) (! (= (msb$b ?v0) (< ?v0 0))
:pattern ((msb$b ?v0)))) :named a27))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a28))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$)) (! (=
(fun_app$a (bit$ ?v0) ?v1) (and (fun_app$a (less$ ?v1) (len_of$a
type$a)) (fun_app$a (bit$b (unsigned$b ?v0)) ?v1))) :pattern
((fun_app$a (bit$ ?v0) ?v1)))) :named a29))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$a
(bit$a ?v0) ?v1) (and (fun_app$a (less$ ?v1) (len_of$ type$))
(fun_app$a (bit$b (unsigned$ ?v0)) ?v1))) :pattern ((fun_app$a (bit$a
?v0) ?v1)))) :named a30))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a31))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (= (len_of$a type$a) zero$) (= ?v0 ?v1))) :named a32))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a33))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$) (?v2 Nat$))
(=> (and (= (and$ ?v0 (mask$ (fun_app$b (plus$ ?v1) ?v2))) ?v0)
(fun_app$a (less$ ?v2) (len_of$a type$a))) (less$a (shiftr$c ?v0 ?v1)
(power$ (numeral$ (bit0$ one$a)) ?v2)))) :named a34))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$a ?v0 (mask$a (fun_app$b (plus$ ?v1) ?v2))) ?v0)
(fun_app$a (less$ ?v2) (len_of$ type$))) (less$b (fun_app$ (shiftr$
?v0) ?v1) (power$a (numeral$a (bit0$ one$a)) ?v2)))) :named a35))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(less$b ?v0 ?v1) (less$b (fun_app$ (shiftr$ ?v0) ?v2) ?v1))) :named
a36))
        (assert (! (= (to_bl$ zero$b) (replicate$ (len_of$a type$a)
false)) :named a37))
        (assert (! (= (to_bl$a zero$a) (replicate$ (len_of$ type$)
false)) :named a38))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a39))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$b ?v1 ?v2)) (less$b ?v0 ?v2))) :named
a40))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(fun_app$a (less_eq$a ?v0) ?v1) (fun_app$a (less$ ?v1) ?v2)) (fun_app$a
(less$ ?v0) ?v2))) :named a41))
        (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a42))
        (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$b ?v0)
zero$) :pattern ((len_of$b ?v0)))) :named a43))
        (assert (! (forall ((?v0 Nat$)) (= (= (power$ (numeral$ (bit0$
one$a)) ?v0) zero$b) (fun_app$a (less_eq$a (len_of$a type$a)) ?v0)))
:named a44))
        (assert (! (forall ((?v0 Nat$)) (= (= (power$a (numeral$a (bit0$
one$a)) ?v0) zero$a) (fun_app$a (less_eq$a (len_of$ type$)) ?v0)))
:named a45))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$b
type$d) ?v0)) :named a46))
        (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a47))
        (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a48))
        (assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a49))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (less_eq$a ?v0) ?v0))
:named a50))
        (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a51))
        (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a52))
        (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a53))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0)
(fun_app$a (bit$ ?v0) (fun_app$b (minus$ (len_of$a type$a)) (fun_app$b
suc$ zero$)))) :pattern ((msb$a ?v0)))) :named a54))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$a ?v0) (fun_app$b (minus$ (len_of$ type$)) (fun_app$b suc$
zero$)))) :pattern ((msb$ ?v0)))) :named a55))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$b ?v1 ?v0))) :named a56))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$a
(less_eq$a ?v0) ?v1)) (fun_app$a (less$ ?v1) ?v0))) :named a57))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a58))
        (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a59))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(shiftl$ ?v0) ?v1) (fun_app$b (push_bit$ ?v1) ?v0)) :pattern
((fun_app$b (shiftl$ ?v0) ?v1)))) :named a60))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a61))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$b
?v0 ?v1) (push_bit$b ?v1 ?v0)) :pattern ((shiftl$b ?v0 ?v1)))) :named
a62))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a63))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_signed_word$))
(=> (and (= (power$ (numeral$ (bit0$ one$a)) (fun_app$b (plus$ ?v0)
?v1)) zero$b) (fun_app$a (less$ ?v1) (len_of$a type$a))) (less$a
(shiftr$c ?v2 ?v0) (power$ (numeral$ (bit0$ one$a)) ?v1)))) :named
a64))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (power$a (numeral$a (bit0$ one$a)) (fun_app$b (plus$ ?v0) ?v1))
zero$a) (fun_app$a (less$ ?v1) (len_of$ type$))) (less$b (fun_app$
(shiftr$ ?v2) ?v0) (power$a (numeral$a (bit0$ one$a)) ?v1)))) :named
a65))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$a (less$ ?v0) ?v1) false) (=> (fun_app$a (less$
?v1) ?v0) false))) false)) :named a66))
        (assert (! (forall ((?v0 A_signed_word$)) (= (size$ (to_bl$
?v0)) (len_of$a type$a))) :named a67))
        (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$a ?v0))
(len_of$ type$))) :named a68))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$a ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3)))))) (fun_app$a
?v0 ?v1))) :named a69))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$a (less$ ?v3) ?v2)
(fun_app$a ?v0 ?v3))) (fun_app$a ?v0 ?v2))) (fun_app$a ?v0 ?v1)))
:named a70))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$b ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0
(unsigned$ ?v1))))) :named a71))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0) ?v0)
false)) :named a72))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less$b
?v0 ?v1) (fun_app$a (less$ (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less$b ?v0 ?v1)))) :named a73))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a74))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$c (unsigned$a ?v0)) ?v1) (and (fun_app$a (possible_bit$c type$e)
?v1) (fun_app$a (bit$a ?v0) ?v1)))) :named a75))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$b (unsigned$ ?v0)) ?v1) (and (fun_app$a (possible_bit$b type$d)
?v1) (fun_app$a (bit$a ?v0) ?v1)))) :named a76))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$a (unsigned$c ?v0)) ?v1) (and (fun_app$a (possible_bit$a type$c)
?v1) (fun_app$a (bit$a ?v0) ?v1)))) :named a77))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a78))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$
(fun_app$b of_nat$ ?v0)) zero$))) :named a79))
        (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a80))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a81))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a82))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (size$b ?v0)
(len_of$a type$a)) :pattern ((size$b ?v0)))) :named a83))
        (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a84))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$a (less$ ?v0) ?v1) (fun_app$a (less$ ?v1) ?v0)))) :named
a85))
        (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a86))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (minus$ ?v0)
zero$) ?v0)) :named a87))
        (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a88))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a89))
        (assert (! (forall ((?v0 Nat$)) (= (of_bl$ (replicate$ ?v0
false)) zero$a)) :named a90))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a91))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat_nat_fun$) (?v2
Nat$)) (! (= (fun_app$a (comp$ ?v0 ?v1) ?v2) (fun_app$a ?v0 (fun_app$b
?v1 ?v2))) :pattern ((fun_app$a (comp$ ?v0 ?v1) ?v2)))) :named a92))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$)) (=>
(fun_app$a (bit$ ?v0) ?v1) (fun_app$a (less$ ?v1) (len_of$a type$a))))
:named a93))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (fun_app$a
(bit$a ?v0) ?v1) (fun_app$a (less$ ?v1) (len_of$ type$)))) :named a94))
        (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a95))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (less$b ?v0
(power$a (numeral$a (bit0$ one$a)) ?v1)) (= (and$a ?v0 (mask$a ?v1))
?v0))) :named a96))
        (assert (! (forall ((?v0 A_word$)) (= (< (unsigned$ ?v0) 0)
false)) :named a97))
        (assert (! (forall ((?v0 A_signed_word$)) (= (size$ (to_bl$
?v0)) (len_of$a type$a))) :named a98))
        (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$a ?v0))
(len_of$ type$))) :named a99))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (and
(fun_app$a ?v0 zero$) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v2) (not (fun_app$a ?v0 ?v2))) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3))))))) (fun_app$a
?v0 ?v1))) :named a100))
        (assert (! (forall ((?v0 A_word$)) (less_eq$ zero$a ?v0)) :named
a101))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a102))
        (assert (! (forall ((?v0 A_word$)) (= (of_bl$ (to_bl$a ?v0))
?v0)) :named a103))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
zero$) false)) :named a104))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$a type$a)) (= (unsigned$b (power$ (numeral$ (bit0$ one$a))
?v0)) (fun_app$c (power$b 2) ?v0)))) :named a105))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$ type$)) (= (unsigned$ (power$a (numeral$a (bit0$ one$a)) ?v0))
(fun_app$c (power$b 2) ?v0)))) :named a106))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a107))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a108))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$d (power$ (numeral$
(bit0$ one$a)) ?v0)) (ite (fun_app$a (less$ ?v0) (len_of$a type$a))
(fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0) zero$))) :named
a109))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$a (power$a
(numeral$a (bit0$ one$a)) ?v0)) (ite (fun_app$a (less$ ?v0) (len_of$
type$)) (fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0) zero$)))
:named a110))
        (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a111))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$) (?v3
A_signed_word$)) (=> (and (fun_app$a (less_eq$a (fun_app$b (plus$
(len_of$a type$a)) ?v0)) (fun_app$b (plus$ ?v1) ?v2)) (fun_app$a (less$
?v1) (len_of$a type$a))) (= (unsigned$d (and$ (shiftl$c (shiftr$c ?v3
?v2) ?v0) (not$ (mask$ ?v1)))) zero$))) :named a112))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$) (?v3
A_word$)) (=> (and (fun_app$a (less_eq$a (fun_app$b (plus$ (len_of$
type$)) ?v0)) (fun_app$b (plus$ ?v1) ?v2)) (fun_app$a (less$ ?v1)
(len_of$ type$))) (= (unsigned$a (and$a (shiftl$b (fun_app$ (shiftr$
?v3) ?v2) ?v0) (not$a (mask$a ?v1)))) zero$))) :named a113))
        (assert (! (forall ((?v0 Nat$)) (or (fun_app$a (less$ zero$)
?v0) (= zero$ ?v0))) :named a114))
        (assert (! (forall ((?v0 A_word$)) (not (less$b ?v0 zero$a)))
:named a115))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$a type$a)) (= (unsigned$d (power$ (numeral$ (bit0$ one$a))
?v0)) (fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0)))) :named
a116))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
(len_of$ type$)) (= (unsigned$a (power$a (numeral$a (bit0$ one$a))
?v0)) (fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v0)))) :named
a117))
        (assert (! (forall ((?v0 Num0_signed_signed_itself$)) (! (=
(len_of$c ?v0) (len_of$d type$f)) :pattern ((len_of$c ?v0)))) :named
a118))
        (assert (! (forall ((?v0 A_signed_signed_itself$)) (! (=
(len_of$e ?v0) (len_of$a type$a)) :pattern ((len_of$e ?v0)))) :named
a119))
        (assert (! (forall ((?v0 A_signed_itself$)) (! (= (len_of$a ?v0)
(len_of$ type$)) :pattern ((len_of$a ?v0)))) :named a120))
        (assert (! (forall ((?v0 Num0_signed_itself$)) (! (= (len_of$d
?v0) (len_of$b type$g)) :pattern ((len_of$d ?v0)))) :named a121))
        (assert (! (not (fun_app$a (less$ zero$) zero$)) :named a122))
        (assert (! (not (< 0 0)) :named a123))
        (assert (! (forall ((?v0 A_word$)) (not (= (to_bl$a ?v0) nil$)))
:named a124))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (=> (<= 0 ?v0) (=
(nat$ (fun_app$c (power$b ?v0) ?v1)) (fun_app$b (power$c (nat$ ?v0))
?v1)))) :named a125))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0) (not
(= (shiftr$c ?v0 (fun_app$b (minus$ (len_of$a type$a)) one$)) zero$b)))
:pattern ((msb$a ?v0)))) :named a126))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (not (=
(fun_app$ (shiftr$ ?v0) (fun_app$b (minus$ (len_of$ type$)) one$))
zero$a))) :pattern ((msb$ ?v0)))) :named a127))
        (assert (! (forall ((?v0 A_word$)) (! (= (take_bit$a zero$ ?v0)
zero$a) :pattern ((take_bit$a zero$ ?v0)))) :named a128))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (take_bit$b
zero$) ?v0) zero$) :pattern ((fun_app$b (take_bit$b zero$) ?v0))))
:named a129))
        (assert (! (forall ((?v0 Int)) (! (= (take_bit$ zero$ ?v0) 0)
:pattern ((take_bit$ zero$ ?v0)))) :named a130))
        (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Nat$)) (=
(fun_app$a (bit$b (and$b ?v0 ?v1)) ?v2) (and (fun_app$a (bit$b ?v0)
?v2) (fun_app$a (bit$b ?v1) ?v2)))) :named a131))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=
(fun_app$a (bit$a (and$a ?v0 ?v1)) ?v2) (and (fun_app$a (bit$a ?v0)
?v2) (fun_app$a (bit$a ?v1) ?v2)))) :named a132))
        (assert (! (forall ((?v0 A_word$)) (= (= zero$a (uminus$ ?v0))
(= zero$a ?v0))) :named a133))
        (assert (! (forall ((?v0 Int)) (= (= 0 (- ?v0)) (= 0 ?v0)))
:named a134))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ (fun_app$b
(minus$ (len_of$a type$a)) (fun_app$b suc$ zero$))) ?v0) (fun_app$a
(less_eq$a (len_of$a type$a)) ?v0))) :named a135))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ (fun_app$b
(minus$ (len_of$ type$)) (fun_app$b suc$ zero$))) ?v0) (fun_app$a
(less_eq$a (len_of$ type$)) ?v0))) :named a136))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (push_bit$b
?v0 ?v1) (times$ ?v1 (power$a (numeral$a (bit0$ one$a)) ?v0))) :pattern
((push_bit$b ?v0 ?v1)))) :named a137))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (push_bit$a ?v0
?v1) (times$a ?v1 (fun_app$c (power$b 2) ?v0))) :pattern ((push_bit$a
?v0 ?v1)))) :named a138))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(push_bit$ ?v0) ?v1) (fun_app$b (times$b ?v1) (fun_app$b (power$c
(numeral$b (bit0$ one$a))) ?v0))) :pattern ((fun_app$b (push_bit$ ?v0)
?v1)))) :named a139))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$)
(fun_app$b of_nat$ ?v0)) (fun_app$a (less$ zero$) ?v0))) :named a140))
        (assert (! (forall ((?v0 Nat$)) (= (< 0 (of_nat$a ?v0))
(fun_app$a (less$ zero$) ?v0))) :named a141))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not (less$b
?v0 ?v1)) (less_eq$ ?v1 ?v0))) :named a142))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$a
(less$ ?v0) ?v1)) (fun_app$a (less_eq$a ?v1) ?v0))) :named a143))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (< ?v0 ?v1))
(<= ?v1 ?v0))) :named a144))
        (assert (! (forall ((?v0 A_word$)) (not (less$b ?v0 ?v0)))
:named a145))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a146))
        (assert (! (forall ((?v0 Int)) (not (< ?v0 ?v0))) :named a147))
        (assert (! (not (msb$ zero$a)) :named a148))
        (assert (! (forall ((?v0 A_word$)) (= (plus$a ?v0 zero$a) ?v0))
:named a149))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (plus$ ?v0) zero$)
?v0)) :named a150))
        (assert (! (forall ((?v0 Int)) (= (+ ?v0 0) ?v0)) :named a151))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (fun_app$b
of_nat$ ?v0) (fun_app$b of_nat$ ?v1)) (= ?v0 ?v1))) :named a152))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a153))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (bit$c
(fun_app$b mask$b ?v0)) ?v1) (and (fun_app$a (possible_bit$c type$e)
?v1) (fun_app$a (less$ ?v1) ?v0)))) :named a154))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (bit$a
(mask$a ?v0)) ?v1) (and (fun_app$a (possible_bit$a type$c) ?v1)
(fun_app$a (less$ ?v1) ?v0)))) :named a155))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (bit$b
(mask$c ?v0)) ?v1) (and (fun_app$a (possible_bit$b type$d) ?v1)
(fun_app$a (less$ ?v1) ?v0)))) :named a156))
        (assert (! (= (of_nat$b zero$) zero$a) :named a157))
        (assert (! (= (fun_app$b of_nat$ zero$) zero$) :named a158))
        (assert (! (= (of_nat$a zero$) 0) :named a159))
        (assert (! (forall ((?v0 Nat$)) (= (= zero$ (fun_app$b of_nat$
?v0)) (= zero$ ?v0))) :named a160))
        (assert (! (forall ((?v0 Nat$)) (= (= 0 (of_nat$a ?v0)) (= zero$
?v0))) :named a161))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (times$ ?v0
?v1) (times$ ?v1 ?v0))) :named a162))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (times$a ?v0 ?v1)
(times$a ?v1 ?v0))) :named a163))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b
(times$b ?v0) ?v1) (fun_app$b (times$b ?v1) ?v0))) :named a164))
        (assert (! (forall ((?v0 Nat$)) (= (= (fun_app$b of_nat$ ?v0)
zero$) (= ?v0 zero$))) :named a165))
        (assert (! (forall ((?v0 Nat$)) (= (= (of_nat$a ?v0) 0) (= ?v0
zero$))) :named a166))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 Nat$)) (= (less$a
?v0 (power$ (numeral$ (bit0$ one$a)) ?v1)) (and (fun_app$a (less$ ?v1)
(len_of$a type$a)) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less_eq$a
?v1) ?v2) (fun_app$a (less$ ?v2) (len_of$a type$a))) (not (fun_app$a
(bit$ ?v0) ?v2))))))) :named a167))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (less$b ?v0
(power$a (numeral$a (bit0$ one$a)) ?v1)) (and (fun_app$a (less$ ?v1)
(len_of$ type$)) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less_eq$a
?v1) ?v2) (fun_app$a (less$ ?v2) (len_of$ type$))) (not (fun_app$a
(bit$a ?v0) ?v2))))))) :named a168))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (less$
(fun_app$b of_nat$ ?v0)) (fun_app$b of_nat$ ?v1)) (fun_app$a (less$
?v0) ?v1))) :named a169))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$a (less$ ?v0) ?v1))) :named a170))
        (assert (! (forall ((?v0 A_signed_word$)) (=> (= (len_of$a
type$a) (len_of$a type$a)) (= (msb$a (unsigned$e ?v0)) (msb$a ?v0))))
:named a171))
        (assert (! (forall ((?v0 A_word$)) (=> (= (len_of$a type$a)
(len_of$ type$)) (= (msb$a (unsigned$f ?v0)) (msb$ ?v0)))) :named
a172))
        (assert (! (forall ((?v0 A_signed_word$)) (=> (= (len_of$ type$)
(len_of$a type$a)) (= (msb$ (unsigned$g ?v0)) (msb$a ?v0)))) :named
a173))
        (assert (! (forall ((?v0 A_word$)) (=> (= (len_of$ type$)
(len_of$ type$)) (= (msb$ (unsigned$c ?v0)) (msb$ ?v0)))) :named a174))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(= (fun_app$a (less$ (fun_app$b (times$b (unsigned$d ?v0)) (unsigned$d
?v1))) (fun_app$b (power$c (numeral$b (bit0$ one$a))) (len_of$a
type$a))) (= (unsigned$d (times$c ?v0 ?v1)) (fun_app$b (times$b
(unsigned$d ?v0)) (unsigned$d ?v1))))) :named a175))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (fun_app$a
(less$ (fun_app$b (times$b (unsigned$a ?v0)) (unsigned$a ?v1)))
(fun_app$b (power$c (numeral$b (bit0$ one$a))) (len_of$ type$))) (=
(unsigned$a (times$ ?v0 ?v1)) (fun_app$b (times$b (unsigned$a ?v0))
(unsigned$a ?v1))))) :named a176))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (< (signed$
?v0) 0)) :pattern ((msb$ ?v0)))) :named a177))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b (plus$
?v0) ?v1) (fun_app$b (plus$ ?v1) ?v0))) :named a178))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (+ ?v0 ?v1) (+ ?v1
?v0))) :named a179))
        (assert (! (forall ((?v0 A_word$)) (not (less$b ?v0 zero$a)))
:named a180))
        (assert (! (= (unsigned$ zero$a) 0) :named a181))
        (assert (! (= (unsigned$a zero$a) zero$) :named a182))
        (assert (! (= (unsigned$c zero$a) zero$a) :named a183))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less_eq$a ?v0)
(fun_app$b (minus$ (len_of$a type$a)) (fun_app$b suc$ zero$)))
(fun_app$a (less$ ?v0) (len_of$a type$a)))) :named a184))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less_eq$a ?v0)
(fun_app$b (minus$ (len_of$ type$)) (fun_app$b suc$ zero$))) (fun_app$a
(less$ ?v0) (len_of$ type$)))) :named a185))
        (assert (! (forall ((?v0 A_word$)) (= (less$b zero$a ?v0) (not
(= zero$a ?v0)))) :named a186))
        (assert (! (forall ((?v0 A_signed_word$)) (= (= (drop_bit$c
(fun_app$b (minus$ (len_of$a type$a)) (fun_app$b suc$ zero$)) ?v0)
zero$b) (not (fun_app$a (bit$ ?v0) (fun_app$b (minus$ (len_of$a
type$a)) (fun_app$b suc$ zero$)))))) :named a187))
        (assert (! (forall ((?v0 A_word$)) (= (= (drop_bit$a (fun_app$b
(minus$ (len_of$ type$)) (fun_app$b suc$ zero$)) ?v0) zero$a) (not
(fun_app$a (bit$a ?v0) (fun_app$b (minus$ (len_of$ type$)) (fun_app$b
suc$ zero$)))))) :named a188))
        (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(less$b zero$a ?v0))) :named a189))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$a (unsigned$a
?v0)) (unsigned$ ?v0))) :named a190))
        (assert (! (forall ((?v0 A_word$)) (= (fun_app$b of_nat$
(unsigned$a ?v0)) (unsigned$a ?v0))) :named a191))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$b (unsigned$a
?v0)) (unsigned$c ?v0))) :named a192))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (bit$c (fun_app$b
(shiftr$a ?v0) ?v1)) (comp$ (bit$c ?v0) (plus$ ?v1)))) :named a193))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$a
(fun_app$ (shiftr$ ?v0) ?v1)) (comp$ (bit$a ?v0) (plus$ ?v1)))) :named
a194))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (bit$b (fun_app$c
(shiftr$b ?v0) ?v1)) (comp$ (bit$b ?v0) (plus$ ?v1)))) :named a195))
        (assert (! (forall ((?v0 A_word$)) (= (less$b zero$a ?v0) (not
(= ?v0 zero$a)))) :named a196))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (take_bit$a
?v0 ?v1) (and$a ?v1 (mask$a ?v0))) :pattern ((take_bit$a ?v0 ?v1))))
:named a197))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (take_bit$ ?v0
?v1) (and$b ?v1 (mask$c ?v0))) :pattern ((take_bit$ ?v0 ?v1)))) :named
a198))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(take_bit$b ?v0) ?v1) (fun_app$b (and$c ?v1) (fun_app$b mask$b ?v0)))
:pattern ((fun_app$b (take_bit$b ?v0) ?v1)))) :named a199))
        (assert (! (= zero$a (of_nat$b zero$)) :named a200))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less_eq$a
(len_of$a type$a)) ?v0) (= (power$ (numeral$ (bit0$ one$a)) ?v0)
zero$b))) :named a201))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less_eq$a
(len_of$ type$)) ?v0) (= (power$a (numeral$a (bit0$ one$a)) ?v0)
zero$a))) :named a202))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (unsigned$a
(fun_app$ (shiftr$ ?v0) ?v1)) (fun_app$b (divide$ (unsigned$a ?v0))
(fun_app$b (power$c (numeral$b (bit0$ one$a))) ?v1)))) :named a203))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (fun_app$a (less$ (fun_app$b of_nat$ ?v0)) (fun_app$b of_nat$
?v1)))) :named a204))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a205))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
(fun_app$b of_nat$ ?v0)) (fun_app$b of_nat$ ?v1)) (fun_app$a (less$
?v0) ?v1))) :named a206))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$a (less$ ?v0) ?v1))) :named a207))
        (assert (! (= (signed$a zero$a) zero$a) :named a208))
        (assert (! (= (signed$ zero$a) 0) :named a209))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (hd$
(to_bl$a ?v0))) :pattern ((msb$ ?v0)))) :named a210))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$b ?v0)
zero$a)) (fun_app$a (less$ zero$) ?v0))) :named a211))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (fun_app$b of_nat$
?v0) zero$)) (fun_app$a (less$ zero$) ?v0))) :named a212))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$a ?v0) 0))
(fun_app$a (less$ zero$) ?v0))) :named a213))
        (assert (! (forall ((?v0 Bool) (?v1 Bool_list$)) (! (= (size$
(cons$ ?v0 ?v1)) (fun_app$b suc$ (size$ ?v1))) :pattern ((cons$ ?v0
?v1)))) :named a214))
        (assert (! (forall ((?v0 A_word_itself$)) (fun_app$a
(possible_bit$a ?v0) zero$)) :named a215))
        (assert (! (forall ((?v0 Int_itself$)) (fun_app$a
(possible_bit$b ?v0) zero$)) :named a216))
        (assert (! (forall ((?v0 Int)) (= (fun_app$a (less$ zero$) (nat$
?v0)) (< 0 ?v0))) :named a217))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (! (=>
(fun_app$a (less_eq$a (len_of$a type$a)) ?v0) (= (shiftr$c ?v1 ?v0)
zero$b)) :pattern ((shiftr$c ?v1 ?v0)))) :named a218))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (=> (fun_app$a
(less_eq$a (len_of$ type$)) ?v0) (= (fun_app$ (shiftr$ ?v1) ?v0)
zero$a)) :pattern ((fun_app$ (shiftr$ ?v1) ?v0)))) :named a219))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$c
type$e) ?v0)) :named a220))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$b
type$d) ?v0)) :named a221))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=>
(fun_app$a (less$ ?v0) (len_of$a type$a)) (less$a (and$ ?v1 (mask$
?v0)) (power$ (numeral$ (bit0$ one$a)) ?v0)))) :named a222))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$a
(less$ ?v0) (len_of$ type$)) (less$b (and$a ?v1 (mask$a ?v0)) (power$a
(numeral$a (bit0$ one$a)) ?v0)))) :named a223))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (less$b ?v0
?v1) (less$b zero$a ?v1))) :named a224))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(limited_and$ ?v0 ?v1) (limited_and$ (fun_app$ (shiftr$ ?v0) ?v2)
(fun_app$ (shiftr$ ?v1) ?v2)))) :named a225))
        (assert (! (forall ((?v0 Int)) (=> (and (< 0 ?v0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (of_nat$a ?v1)) (fun_app$a (less$ zero$) ?v1))
false))) false)) :named a226))
        (assert (! (= bot$ false) :named a227))
        (assert (! (forall ((?v0 Int)) (=> (< 0 ?v0) (exists ((?v1
Nat$)) (and (fun_app$a (less$ zero$) ?v1) (= ?v0 (of_nat$a ?v1))))))
:named a228))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0)
(less_eq$b (power$ (numeral$ (bit0$ one$a)) (fun_app$b (minus$
(len_of$a type$a)) (fun_app$b suc$ zero$))) ?v0)) :pattern ((msb$a
?v0)))) :named a229))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (less_eq$
(power$a (numeral$a (bit0$ one$a)) (fun_app$b (minus$ (len_of$ type$))
(fun_app$b suc$ zero$))) ?v0)) :pattern ((msb$ ?v0)))) :named a230))
        (assert (! (= (= (semiring_char$ type$c) zero$) (forall ((?v0
Nat$)) (=> (fun_app$a (less$ zero$) ?v0) (not (= (of_nat$b ?v0)
zero$a))))) :named a231))
        (assert (! (= (= (semiring_char$a type$e) zero$) (forall ((?v0
Nat$)) (=> (fun_app$a (less$ zero$) ?v0) (not (= (fun_app$b of_nat$
?v0) zero$))))) :named a232))
        (assert (! (= (= (semiring_char$b type$d) zero$) (forall ((?v0
Nat$)) (=> (fun_app$a (less$ zero$) ?v0) (not (= (of_nat$a ?v0) 0)))))
:named a233))
        (assert (! (forall ((?v0 Nat$)) (! (= (mask$a ?v0) (minus$a
(power$a (numeral$a (bit0$ one$a)) ?v0) one$b)) :pattern ((mask$a
?v0)))) :named a234))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v0) (and (= (of_nat$b ?v0) zero$a) (forall ((?v1 Nat$)) (=>
(and (fun_app$a (less$ zero$) ?v1) (fun_app$a (less$ ?v1) ?v0)) (not (=
(of_nat$b ?v1) zero$a)))))) (= (semiring_char$ type$c) ?v0))) :named
a235))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v0) (and (= (fun_app$b of_nat$ ?v0) zero$) (forall ((?v1 Nat$))
(=> (and (fun_app$a (less$ zero$) ?v1) (fun_app$a (less$ ?v1) ?v0))
(not (= (fun_app$b of_nat$ ?v1) zero$)))))) (= (semiring_char$a type$e)
?v0))) :named a236))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v0) (and (= (of_nat$a ?v0) 0) (forall ((?v1 Nat$)) (=> (and
(fun_app$a (less$ zero$) ?v1) (fun_app$a (less$ ?v1) ?v0)) (not (=
(of_nat$a ?v1) 0)))))) (= (semiring_char$b type$d) ?v0))) :named a237))
        (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$a ?v0) (unsigned$c ?v0))) :pattern ((signed$a ?v0)))) :named
a238))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (<= 0 ?v0) (= (nat$
(times$a ?v0 ?v1)) (fun_app$b (times$b (nat$ ?v0)) (nat$ ?v1)))))
:named a239))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a240))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (= (take_bit$a
?v0 ?v1) ?v1) (= (drop_bit$a ?v0 ?v1) zero$a))) :named a241))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (fun_app$b
(take_bit$b ?v0) ?v1) ?v1) (= (fun_app$b (drop_bit$ ?v0) ?v1) zero$)))
:named a242))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (= (take_bit$ ?v0
?v1) ?v1) (= (drop_bit$b ?v0 ?v1) 0))) :named a243))
        (assert (! (= (semiring_char$a type$e) zero$) :named a244))
        (assert (! (= (semiring_char$b type$d) zero$) :named a245))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (msb$a ?v0) (=
(bin_sign$ (signed_take_bit$ (fun_app$b (minus$ (len_of$a type$a))
one$) (unsigned$b ?v0))) (- 1))) :pattern ((msb$a ?v0)))) :named a246))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (=
(bin_sign$ (signed_take_bit$ (fun_app$b (minus$ (len_of$ type$)) one$)
(unsigned$ ?v0))) (- 1))) :pattern ((msb$ ?v0)))) :named a247))
        (assert (! (= (of_nat$b (semiring_char$ type$c)) zero$a) :named
a248))
        (assert (! (= (fun_app$b of_nat$ (semiring_char$a type$e))
zero$) :named a249))
        (assert (! (= (of_nat$a (semiring_char$b type$d)) 0) :named
a250))
        (assert (! (= (< 0 0) false) :named a251))
        (assert (! (forall ((?v0 A_word$)) (= (minus$a zero$a ?v0)
(uminus$ ?v0))) :named a252))
        (assert (! (forall ((?v0 Int)) (= (- 0 ?v0) (- ?v0))) :named
a253))
        (assert (! (= (fun_app$a (less$ zero$) (semiring_char$ type$c))
(exists ((?v0 Nat$)) (and (fun_app$a (less$ zero$) ?v0) (= (of_nat$b
?v0) zero$a)))) :named a254))
        (assert (! (= (fun_app$a (less$ zero$) (semiring_char$a type$e))
(exists ((?v0 Nat$)) (and (fun_app$a (less$ zero$) ?v0) (= (fun_app$b
of_nat$ ?v0) zero$)))) :named a255))
        (assert (! (= (fun_app$a (less$ zero$) (semiring_char$b type$d))
(exists ((?v0 Nat$)) (and (fun_app$a (less$ zero$) ?v0) (= (of_nat$a
?v0) 0)))) :named a256))
        (assert (! (forall ((?v0 A_word$)) (= (less$b ?v0 one$b) (= ?v0
zero$a))) :named a257))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a258))
        (assert (! (= (of_nat$a zero$) 0) :named a259))
        (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(less$b zero$a ?v0))) :named a260))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a261))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less_eq$
?v0 ?v1) (fun_app$a (less_eq$a (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less_eq$ ?v0 ?v1)))) :named a262))
        (assert (! (forall ((?v0 Int)) (=> (and (< ?v0 0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (- (of_nat$a ?v1))) (fun_app$a (less$ zero$)
?v1)) false))) false)) :named a263))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (less$b (of_nat$b
?v0) (of_nat$b ?v1)) (fun_app$a (less$ (fun_app$b (take_bit$b (len_of$
type$)) ?v0)) (fun_app$b (take_bit$b (len_of$ type$)) ?v1)))) :named
a264))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (=
(word_sle$ ?v0 ?v1) (and (=> (msb$ ?v1) (msb$ ?v0)) (or (and (msb$ ?v0)
(not (msb$ ?v1))) (less_eq$ ?v0 ?v1)))) :pattern ((word_sle$ ?v0
?v1)))) :named a265))
        (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a266))
        (assert (! (forall ((?v0 Int)) (= (* 0 ?v0) 0)) :named a267))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (times$b zero$)
?v0) zero$)) :named a268))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) (- ?v1))
(= ?v0 ?v1))) :named a269))
        (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a270))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$a
(less$ ?v0) (len_of$ type$)) (= (fun_app$a (nth$ (to_bl$a ?v1)) ?v0)
(fun_app$a (bit$a ?v1) (fun_app$b (minus$ (len_of$ type$)) (fun_app$b
suc$ ?v0)))))) :named a271))
        (assert (! (= 0 0) :named a272))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (fun_app$a (less_eq$a (fun_app$b (minus$ (fun_app$b (power$c
(numeral$b (bit0$ one$a))) (fun_app$b (minus$ (len_of$ type$)) ?v0)))
one$)) ?v1) (fun_app$a (less$ zero$) ?v0)) (fun_app$a (less_eq$a
(unsigned$a (fun_app$ (shiftr$ ?v2) ?v0))) ?v1))) :named a273))
        (assert (! (= (sub$ one$a one$a) 0) :named a274))
        (assert (! (forall ((?v0 Int)) (= (= (- ?v0) 0) (= ?v0 0)))
:named a275))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (< (drop_bit$b ?v0
?v1) 0) (< ?v1 0))) :named a276))
        (assert (! (forall ((?v0 Int)) (= (= ?v0 (- ?v0)) (= ?v0 0)))
:named a277))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (plus$ zero$) ?v0)
?v0)) :named a278))
        (assert (! (forall ((?v0 Int)) (= (+ 0 ?v0) ?v0)) :named a279))
        (assert (! (forall ((?v0 Int)) (= (= (- ?v0) ?v0) (= ?v0 0)))
:named a280))
        (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (power$b ?v0)
zero$) 1) :pattern ((power$b ?v0)))) :named a281))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (power$c ?v0)
zero$) one$) :pattern ((power$c ?v0)))) :named a282))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) (- ?v1))
(< ?v1 ?v0))) :named a283))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (take_bit$b ?v0)
zero$) zero$)) :named a284))
        (assert (! (forall ((?v0 Nat$)) (= (take_bit$ ?v0 0) 0)) :named
a285))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (msb$b (fun_app$c
(shiftr$b ?v0) ?v1)) (msb$b ?v0))) :named a286))
        (assert (! (forall ((?v0 Int)) (= (< ?v0 (- ?v0)) (< ?v0 0)))
:named a287))
        (assert (! (forall ((?v0 Int)) (= (< (- ?v0) ?v0) (< 0 ?v0)))
:named a288))
        (assert (! (forall ((?v0 Int)) (= (< 0 (- ?v0)) (< ?v0 0)))
:named a289))
        (assert (! (forall ((?v0 Int)) (= (< (- ?v0) 0) (< 0 ?v0)))
:named a290))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (less_eq$a zero$)
?v0)) :named a291))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (times$b ?v0)
zero$) zero$) :pattern ((times$b ?v0)))) :named a292))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (- (of_nat$a
?v0)) (of_nat$a ?v1)) (and (= ?v0 zero$) (= ?v1 zero$)))) :named a293))
        (assert (! (= (numeral$b one$a) one$) :named a294))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$ ?v0
(of_nat$a ?v1)) (of_nat$a (fun_app$b (take_bit$b ?v0) ?v1)))) :named
a295))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.006s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        0 < LENGTH('a signed signed)
        0 < LENGTH('a signed)
        0 < LENGTH('a)
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (x >> 0 = x)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀a. (a ≠ 0) = (0 < a)
        ∀n. (n ≠ 0) = (0 < n)
        ∀n. (n < 0) = False
        ∀n. (¬ 0 < n) = (n = 0)
        LENGTH('a signed signed) ≠ 0
        LENGTH('a signed) ≠ 0
        LENGTH('a) ≠ 0
        ∀w v. LENGTH('a signed signed) = 0 ⟶ w = v
        ∀w v. LENGTH('a signed) = 0 ⟶ w = v
        ∀w v. LENGTH('a) = 0 ⟶ w = v
        ∀a. ¬ a < 0
        ∀uu. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
              (len_of uu = 0)
        ∀w k n. w < k ⟶ w >> n < k
        ∀w k n. w < k ⟶ w >> n < k
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
        ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
        ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
        ∀n. n < n ⟶ False
        ∀s t. s < t ⟶ s ≠ t
        ∀n m. n < m ⟶ m ≠ n
        ∀n. ¬ n < n
        ∀m n. (m ≠ n) = (m < n ∨ n < m)
        ∀n. (0 < n) = (n ≠ 0)
        ∀m n. m < n ⟶ n ≠ 0
        ∀n. ¬ n < 0
        ∀n. (n = 0 ⟶ False) ⟶ 0 < n
        ∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀m n. m < n ⟶ n ≠ 0
        ∀n<0. False
        ∀n. ¬ n < 0
        ∀n. (¬ 0 < n) = (n = 0)
        ∀n. (n = 0 ⟶ False) ⟶ 0 < n
        ∀y. 0 < y ∨ 0 = y
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a signed signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0 signed signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0 signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0))
        ¬ 0 < 0
        ¬ 0 < 0
        ∀n. (0 < of_nat n) = (0 < n)
        ∀n. (0 < int n) = (0 < n)
        ∀m. possible_bit TYPE('a signed signed word) m = (m < LENGTH('a
signed signed))
        ∀m. possible_bit TYPE('a signed word) m = (m < LENGTH('a
signed))
        ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
        ¬ msb 0
        ∀m n. (of_nat m = of_nat n) = (m = n)
        ∀m n. (int m = int n) = (m = n)
        word_of_nat 0 = 0
        word_of_nat 0 = 0
        of_nat 0 = 0
        int 0 = 0
        ∀n. (0 = of_nat n) = (0 = n)
        ∀n. (0 = int n) = (0 = n)
        ∀m. (of_nat m = 0) = (m = 0)
        ∀m. (int m = 0) = (m = 0)
        ∀m n. (of_nat m < of_nat n) = (m < n)
        ∀m n. (int m < int n) = (m < n)
        ∀x. ¬ x < 0
        ∀x. ¬ x < 0
        ∀a. ¬ a < 0
        ∀a. ¬ a < 0
        ∀y. (0 < y) = (0 ≠ y)
        ∀y. (0 < y) = (0 ≠ y)
        ∀w. (w ≠ 0) = (0 < w)
        ∀w. (w ≠ 0) = (0 < w)
        ∀a. (0 < a) = (a ≠ 0)
        ∀a. (0 < a) = (a ≠ 0)
        0 = word_of_nat 0
        0 = word_of_nat 0
        ∀m. ¬ of_nat m < 0
        ∀m. ¬ int m < 0
        ∀m n. m < n ⟶ of_nat m < of_nat n
        ∀m n. m < n ⟶ int m < int n
        ∀m n. of_nat m < of_nat n ⟶ m < n
        ∀m n. int m < int n ⟶ m < n
        ∀k. word_of_nat k ≠ 0 ⟶ 0 < k
        ∀k. word_of_nat k ≠ 0 ⟶ 0 < k
        ∀k. of_nat k ≠ 0 ⟶ 0 < k
        ∀k. int k ≠ 0 ⟶ 0 < k
        ∀ty. possible_bit ty 0
        ∀ty. possible_bit ty 0
        ∀ty. possible_bit ty 0
        ∀ty. possible_bit ty 0
        ∀n. possible_bit TYPE(int) n
        ∀n. possible_bit TYPE(nat) n
        ∀a n. a < n ⟶ 0 < n
        ∀a n. a < n ⟶ 0 < n
        ∀k. 0 < k ∧ (∀n. k = int n ∧ 0 < n ⟶ False) ⟶ False
        ∀k>0. ∃n>0. k = int n
        (CHAR('a signed word) = 0) = (∀n>0. word_of_nat n ≠ 0)
        (CHAR('a word) = 0) = (∀n>0. word_of_nat n ≠ 0)
        (CHAR(nat) = 0) = (∀n>0. of_nat n ≠ 0)
        (CHAR(int) = 0) = (∀n>0. int n ≠ 0)
        ∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
            CHAR('a signed word) = c
        ∀c. 0 < c ∧ word_of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ word_of_nat
x ≠ 0) ⟶
            CHAR('a word) = c
        ∀c. 0 < c ∧ of_nat c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ of_nat x ≠ 0) ⟶
CHAR(nat) = c
        ∀c. 0 < c ∧ int c = 0 ∧ (∀x. 0 < x ∧ x < c ⟶ int x ≠ 0) ⟶
CHAR(int) = c
        ∀m n. (int m = int n) = (m = n)
        CHAR(int) = 0
        CHAR(nat) = 0
        word_of_nat CHAR('a signed word) = 0
        word_of_nat CHAR('a word) = 0
        of_nat CHAR(nat) = 0
        int CHAR(int) = 0
        (0 < 0) = False
        (0 < CHAR('a signed word)) = (∃n>0. word_of_nat n = 0)
        (0 < CHAR('a word)) = (∃n>0. word_of_nat n = 0)
        (0 < CHAR(nat)) = (∃n>0. of_nat n = 0)
        (0 < CHAR(int)) = (∃n>0. int n = 0)
        ∀a b. (a < b) = (int a < int b)
        int 0 = 0
        ∀x y. (int x = int y) = (x = y)
        ∀k. k < 0 ∧ (∀n. k = - int n ∧ 0 < n ⟶ False) ⟶ False
        ∀m n. (word_of_nat m < word_of_nat n) =
              (take_bit LENGTH('a signed signed) m < take_bit LENGTH('a
signed signed) n)
        ∀m n. (word_of_nat m < word_of_nat n) =
              (take_bit LENGTH('a signed) m < take_bit LENGTH('a signed)
n)
        ∀m n. (word_of_nat m < word_of_nat n) = (take_bit LENGTH('a) m <
take_bit LENGTH('a) n)
        ∀a. - (- a) = a
        ∀a. - (- a) = a
        ∀a b. (- a = - b) = (a = b)
        ∀a b. (- a = - b) = (a = b)
        ∀b. - (- b) = b
        ∀b. - (- b) = b
        - 0 = 0
        0 = 0
        ∀a. (0 = - a) = (0 = a)
        ∀a. (0 = - a) = (0 = a)
        ∀a. (- a = 0) = (a = 0)
        ∀a. (- a = 0) = (a = 0)
        ∀a. (a = - a) = (a = 0)
        ∀a. (- a = a) = (a = 0)
        ∀b a. (- b < - a) = (a < b)
        ∀n. take_bit n 0 = 0
        ∀n. take_bit n 0 = 0
        ∀n. take_bit n 0 = 0
        ∀n. take_bit n 0 = 0
        ∀a. (a < - a) = (a < 0)
        ∀a. (- a < a) = (0 < a)
        ∀a. (0 < - a) = (a < 0)
        ∀a. (- a < 0) = (0 < a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit 0 a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (take_bit 0 a = 0)
        ∀n m. (- int n = int m) = (n = 0 ∧ m = 0)
        ∀n m. take_bit n (word_of_nat m) = word_of_nat (take_bit n m)
        ∀n m. take_bit n (of_nat m) = of_nat (take_bit n m)
        ∀n m. take_bit n (word_of_nat m) = word_of_nat (take_bit n m)
        ∀n m. take_bit n (int m) = int (take_bit n m)
        ∀a b. a < b ⟶ - b < - a
        ∀a b. (a = - b) = (b = - a)
        ∀a b. (a = - b) = (b = - a)
        ∀a b. (- a = b) = (- b = a)
        ∀a b. (- a = b) = (- b = a)
        ∀a b. a = b ⟶ - a = - b
        ∀a b. (a < - b) = (b < - a)
        ∀a b. (- a < b) = (- b < a)
        0 = 0
        ∀z. (∀n. z = int n ⟶ False) ∧ (∀n. z = - int n ⟶ False) ⟶ False
        ∀n m. ¬ int n < - int m
        ∀m. (∀n. m = int n ⟶ False) ∧ (∀n. 0 < n ∧ m = - int n ⟶ False)
⟶ False
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             ((a < a) = False)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             ((a < a) = False)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             ((a < a) = False)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((<) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             ((a < a) = False)
        ∀a b. (a = b) = (int a = int b)
        ∀x y. int x = int y ⟶ x = y
        ∀P a b. int (if P then a else b) = (if P then int a else int b)
        ∀k. (k = 0 ⟶ False) ∧
            (∀n. k = int n ∧ 0 < n ⟶ False) ∧ (∀n. k = - int n ∧ 0 < n ⟶
False) ⟶
            False
        ∀m n. (word_of_nat m = word_of_nat n) =
              (take_bit LENGTH('a signed signed) m = take_bit LENGTH('a
signed signed) n)
        ∀m n. (word_of_nat m = word_of_nat n) =
              (take_bit LENGTH('a signed) m = take_bit LENGTH('a signed)
n)
        ∀m n. (word_of_nat m = word_of_nat n) = (take_bit LENGTH('a) m =
take_bit LENGTH('a) n)
        ∀w. take_bit LENGTH('a signed signed) w = w
        ∀w. take_bit LENGTH('a signed) w = w
        ∀w. take_bit LENGTH('a) w = w
        ∀n k. take_bit n (- take_bit n k) = take_bit n (- k)
        ∀n k. ¬ take_bit n k < 0
        ∀k n. (k < take_bit n k) = (k < 0)
        take_bit LENGTH('a signed signed) 0 = take_bit LENGTH('a signed
signed) 0
        take_bit LENGTH('a signed) 0 = take_bit LENGTH('a signed) 0
        take_bit LENGTH('a) 0 = take_bit LENGTH('a) 0
        ∀n. uint (word_of_nat n) = int (take_bit LENGTH('a) n)
        ∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a) n)
        ∀n. UCAST('a → 'a) (word_of_nat n) = word_of_nat (take_bit
LENGTH('a) n)
        ∀n. uint (word_of_nat n) = int (take_bit LENGTH('a signed) n)
        ∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a signed) n)
        ∀n. UCAST('a signed → 'a) (word_of_nat n) = word_of_nat
(take_bit LENGTH('a signed) n)
        ∀n. UCAST('a → 'a signed) (word_of_nat n) = word_of_nat
(take_bit LENGTH('a) n)
        ∀n. uint (word_of_nat n) = int (take_bit LENGTH('a signed
signed) n)
        ∀n. unat (word_of_nat n) = of_nat (take_bit LENGTH('a signed
signed) n)
        ∀n. UCAST('a signed → 'a signed) (word_of_nat n) =
            word_of_nat (take_bit LENGTH('a signed) n)
        ∀z. (0 < nat z) = (0 < z)
        ∀n w. sint (take_bit n w) =
              (if n < LENGTH('a signed signed) then take_bit n (sint w)
else sint w)
        ∀n w. SCAST('a signed signed → 'a) (take_bit n w) =
              (if n < LENGTH('a signed signed) then take_bit n (SCAST('a
signed signed → 'a) w)
               else SCAST('a signed signed → 'a) w)
        ∀n w. SCAST('a signed signed → 'a signed) (take_bit n w) =
              (if n < LENGTH('a signed signed)
               then take_bit n (SCAST('a signed signed → 'a signed) w)
               else SCAST('a signed signed → 'a signed) w)
        ∀n w. SCAST('a → 'a signed) (take_bit n w) =
              (if n < LENGTH('a) then take_bit n (SCAST('a → 'a signed)
w)
               else SCAST('a → 'a signed) w)
        ∀n w. SCAST('a signed → 'a signed) (take_bit n w) =
              (if n < LENGTH('a signed) then take_bit n (SCAST('a signed
→ 'a signed) w)
               else SCAST('a signed → 'a signed) w)
        ∀n w. sint (take_bit n w) =
              (if n < LENGTH('a signed) then take_bit n (sint w) else
sint w)
        ∀n w. SCAST('a signed → 'a) (take_bit n w) =
              (if n < LENGTH('a signed) then take_bit n (SCAST('a signed
→ 'a) w)
               else SCAST('a signed → 'a) w)
        ∀n w. SCAST('a → 'a) (take_bit n w) =
              (if n < LENGTH('a) then take_bit n (SCAST('a → 'a) w) else
SCAST('a → 'a) w)
        ∀n w. sint (take_bit n w) = (if n < LENGTH('a) then take_bit n
(sint w) else sint w)
        ∀x. SCAST('a signed → 'a signed signed) (word_of_nat x) =
word_of_nat x
        ∀x. SCAST('a → 'a signed) (word_of_nat x) = word_of_nat x
        ∀x. SCAST('a signed signed → 'a signed) (word_of_nat x) =
word_of_nat x
        ∀x. SCAST('a signed → 'a) (word_of_nat x) = word_of_nat x
        ∀x. word_of_nat (unat x) = x
        ∀x. word_of_nat (unat x) = x
        ∀w. int (unat w) = uint w
        ∀w. word_of_nat (unat w) = UCAST('a → 'a signed) w
        ∀w. word_of_nat (unat w) = UCAST('a → 'a) w
        ∀w. of_nat (unat w) = unat w
        ∀w. int (unat w) = uint w
        ∀x. (uint x < 0) = False
SMT: Names:
        sorts:
          Nat$ = nat
          A_word$ = 'a word
          A_itself$ = 'a itself
          Int_itself$ = int itself
          Nat_itself$ = nat itself
          Nat_int_fun$ = nat ⇒ int
          Nat_nat_fun$ = nat ⇒ nat
          Num0_itself$ = 0 itself
          Int_bool_fun$ = int ⇒ bool
          Nat_bool_fun$ = nat ⇒ bool
          A_signed_word$ = 'a signed word
          A_word_itself$ = 'a word itself
          Nat_a_word_fun$ = nat ⇒ 'a word
          A_signed_itself$ = 'a signed itself
          A_word_bool_fun$ = 'a word ⇒ bool
          Num0_signed_itself$ = 0 signed itself
          A_signed_signed_word$ = 'a signed signed word
          A_signed_word_itself$ = 'a signed word itself
          A_signed_signed_itself$ = 'a signed signed itself
          A_signed_word_bool_fun$ = 'a signed word ⇒ bool
          Num0_signed_signed_itself$ = 0 signed signed itself
          A_signed_signed_word_itself$ = 'a signed signed word itself
          A_signed_signed_signed_itself$ = 'a signed signed signed
itself
          Num0_signed_signed_signed_itself$ = 0 signed signed signed
itself
        functions:
          r$ = r
          x$ = x
          uu$ = uu
          msb$ = msb
          nat$ = nat
          less$ = (<)
          type$ = TYPE('a)
          zero$ = 0
          less$a = (<)
          less$b = (<)
          less$c = (<)
          type$a = TYPE('a signed signed)
          type$b = TYPE('a signed)
          type$c = TYPE(0 signed signed)
          type$d = TYPE(0 signed)
          type$e = TYPE(0)
          type$f = TYPE('a signed signed word)
          type$g = TYPE('a signed word)
          type$h = TYPE('a word)
          type$i = TYPE(int)
          type$j = TYPE(nat)
          zero$a = 0
          zero$b = 0
          len_of$ = len_of
          of_nat$ = of_nat
          shiftr$ = (>>)
          signed$ = sint
          uminus$ = uminus
          fun_app$ = SMT.fun_app
          len_of$a = len_of
          len_of$b = len_of
          len_of$c = len_of
          len_of$d = len_of
          len_of$e = len_of
          len_of$f = len_of
          len_of$g = len_of
          of_nat$a = int
          of_nat$b = word_of_nat
          of_nat$c = word_of_nat
          of_nat$d = word_of_nat
          shiftr$a = (>>)
          shiftr$b = (>>)
          shiftr$c = (>>)
          signed$a = SCAST('a signed signed → 'a)
          signed$b = SCAST('a signed signed → 'a signed)
          signed$c = SCAST('a → 'a signed)
          signed$d = SCAST('a signed → 'a signed)
          signed$e = sint
          signed$f = SCAST('a signed → 'a)
          signed$g = SCAST('a → 'a)
          signed$h = sint
          signed$i = SCAST('a signed → 'a signed signed)
          fun_app$a = SMT.fun_app
          fun_app$b = SMT.fun_app
          fun_app$c = SMT.fun_app
          fun_app$d = SMT.fun_app
          fun_app$e = SMT.fun_app
          fun_app$f = SMT.fun_app
          take_bit$ = take_bit
          unsigned$ = uint
          take_bit$a = take_bit
          take_bit$b = take_bit
          take_bit$c = take_bit
          take_bit$d = take_bit
          unsigned$a = unat
          unsigned$b = UCAST('a → 'a)
          unsigned$c = uint
          unsigned$d = unat
          unsigned$e = UCAST('a signed → 'a)
          unsigned$f = UCAST('a → 'a signed)
          unsigned$g = uint
          unsigned$h = unat
          unsigned$i = UCAST('a signed → 'a signed)
          possible_bit$ = possible_bit
          possible_bit$a = possible_bit
          possible_bit$b = possible_bit
          possible_bit$c = possible_bit
          possible_bit$d = possible_bit
          semiring_char$ = semiring_char
          semiring_char$a = semiring_char
          semiring_char$b = semiring_char
          semiring_char$c = semiring_char
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9955
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Int_itself$ 0)
        (declare-sort Nat_itself$ 0)
        (declare-sort Nat_int_fun$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort Num0_itself$ 0)
        (declare-sort Int_bool_fun$ 0)
        (declare-sort Nat_bool_fun$ 0)
        (declare-sort A_signed_word$ 0)
        (declare-sort A_word_itself$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-sort A_signed_itself$ 0)
        (declare-sort A_word_bool_fun$ 0)
        (declare-sort Num0_signed_itself$ 0)
        (declare-sort A_signed_signed_word$ 0)
        (declare-sort A_signed_word_itself$ 0)
        (declare-sort A_signed_signed_itself$ 0)
        (declare-sort A_signed_word_bool_fun$ 0)
        (declare-sort Num0_signed_signed_itself$ 0)
        (declare-sort A_signed_signed_word_itself$ 0)
        (declare-sort A_signed_signed_signed_itself$ 0)
        (declare-sort Num0_signed_signed_signed_itself$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun uu$ (Int) Int_bool_fun$)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun nat$ (Int) Nat$)
        (declare-fun less$ (Nat$) Nat_bool_fun$)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun less$a (A_signed_word$) A_signed_word_bool_fun$)
        (declare-fun less$b (A_word$) A_word_bool_fun$)
        (declare-fun less$c (A_signed_signed_word$
A_signed_signed_word$) Bool)
        (declare-fun type$a () A_signed_signed_itself$)
        (declare-fun type$b () A_signed_itself$)
        (declare-fun type$c () Num0_signed_signed_itself$)
        (declare-fun type$d () Num0_signed_itself$)
        (declare-fun type$e () Num0_itself$)
        (declare-fun type$f () A_signed_signed_word_itself$)
        (declare-fun type$g () A_signed_word_itself$)
        (declare-fun type$h () A_word_itself$)
        (declare-fun type$i () Int_itself$)
        (declare-fun type$j () Nat_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun zero$b () A_signed_word$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun of_nat$ (Nat$) Nat$)
        (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
        (declare-fun signed$ (A_signed_signed_word$) Int)
        (declare-fun uminus$ (A_word$) A_word$)
        (declare-fun fun_app$ (Int_bool_fun$ Int) Bool)
        (declare-fun len_of$a (A_signed_signed_itself$) Nat$)
        (declare-fun len_of$b (A_signed_itself$) Nat$)
        (declare-fun len_of$c (Num0_itself$) Nat$)
        (declare-fun len_of$d (A_signed_signed_signed_itself$) Nat$)
        (declare-fun len_of$e (Num0_signed_signed_signed_itself$) Nat$)
        (declare-fun len_of$f (Num0_signed_signed_itself$) Nat$)
        (declare-fun len_of$g (Num0_signed_itself$) Nat$)
        (declare-fun of_nat$a (Nat$) Int)
        (declare-fun of_nat$b (Nat$) A_signed_word$)
        (declare-fun of_nat$c (Nat$) A_word$)
        (declare-fun of_nat$d (Nat$) A_signed_signed_word$)
        (declare-fun shiftr$a (Int) Nat_int_fun$)
        (declare-fun shiftr$b (Nat$) Nat_nat_fun$)
        (declare-fun shiftr$c (A_signed_word$ Nat$) A_signed_word$)
        (declare-fun signed$a (A_signed_signed_word$) A_word$)
        (declare-fun signed$b (A_signed_signed_word$) A_signed_word$)
        (declare-fun signed$c (A_word$) A_signed_word$)
        (declare-fun signed$d (A_signed_word$) A_signed_word$)
        (declare-fun signed$e (A_signed_word$) Int)
        (declare-fun signed$f (A_signed_word$) A_word$)
        (declare-fun signed$g (A_word$) A_word$)
        (declare-fun signed$h (A_word$) Int)
        (declare-fun signed$i (A_signed_word$) A_signed_signed_word$)
        (declare-fun fun_app$a (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun fun_app$b (Nat_bool_fun$ Nat$) Bool)
        (declare-fun fun_app$c (Nat_int_fun$ Nat$) Int)
        (declare-fun fun_app$d (Nat_nat_fun$ Nat$) Nat$)
        (declare-fun fun_app$e (A_signed_word_bool_fun$ A_signed_word$)
Bool)
        (declare-fun fun_app$f (A_word_bool_fun$ A_word$) Bool)
        (declare-fun take_bit$ (Nat$ Nat$) Nat$)
        (declare-fun unsigned$ (A_word$) Int)
        (declare-fun take_bit$a (Nat$ A_signed_word$) A_signed_word$)
        (declare-fun take_bit$b (Nat$ A_word$) A_word$)
        (declare-fun take_bit$c (Nat$ Int) Int)
        (declare-fun take_bit$d (Nat$ A_signed_signed_word$)
A_signed_signed_word$)
        (declare-fun unsigned$a (A_word$) Nat$)
        (declare-fun unsigned$b (A_word$) A_word$)
        (declare-fun unsigned$c (A_signed_word$) Int)
        (declare-fun unsigned$d (A_signed_word$) Nat$)
        (declare-fun unsigned$e (A_signed_word$) A_word$)
        (declare-fun unsigned$f (A_word$) A_signed_word$)
        (declare-fun unsigned$g (A_signed_signed_word$) Int)
        (declare-fun unsigned$h (A_signed_signed_word$) Nat$)
        (declare-fun unsigned$i (A_signed_word$) A_signed_word$)
        (declare-fun possible_bit$ (A_signed_signed_word_itself$)
Nat_bool_fun$)
        (declare-fun possible_bit$a (A_signed_word_itself$)
Nat_bool_fun$)
        (declare-fun possible_bit$b (A_word_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$c (Nat_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$d (Int_itself$) Nat_bool_fun$)
        (declare-fun semiring_char$ (A_signed_word_itself$) Nat$)
        (declare-fun semiring_char$a (A_word_itself$) Nat$)
        (declare-fun semiring_char$b (Nat_itself$) Nat$)
        (declare-fun semiring_char$c (Int_itself$) Nat$)
        (assert (! (forall ((?v0 Int) (?v1 Int)) (! (= (fun_app$ (uu$
?v0) ?v1) (< ?v0 ?v1)) :pattern ((fun_app$ (uu$ ?v0) ?v1)))) :named
a0))
        (assert (! (not (= (msb$ (fun_app$a (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a1))
        (assert (! (fun_app$b (less$ r$) (len_of$ type$)) :named a2))
        (assert (! (fun_app$b (less$ zero$) (len_of$a type$a)) :named
a3))
        (assert (! (fun_app$b (less$ zero$) (len_of$b type$b)) :named
a4))
        (assert (! (fun_app$b (less$ zero$) (len_of$ type$)) :named a5))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$a (shiftr$
?v0) zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a6))
        (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a7))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$d (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a8))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$a (shiftr$
?v0) zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a9))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$d (shiftr$b zero$)
?v0) zero$)) :named a10))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$c (shiftr$a 0) ?v0)
0)) :named a11))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (shiftr$ zero$a)
?v0) zero$a)) :named a12))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$b (less$ zero$) ?v0))) :named a13))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$b (less$ zero$) ?v0))) :named a14))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (less$ ?v0) zero$)
false)) :named a15))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$b (less$ zero$)
?v0)) (= ?v0 zero$))) :named a16))
        (assert (! (not (= (len_of$a type$a) zero$)) :named a17))
        (assert (! (not (= (len_of$b type$b) zero$)) :named a18))
        (assert (! (not (= (len_of$ type$) zero$)) :named a19))
        (assert (! (forall ((?v0 A_signed_signed_word$) (?v1
A_signed_signed_word$)) (=> (= (len_of$a type$a) zero$) (= ?v0 ?v1)))
:named a20))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (= (len_of$b type$b) zero$) (= ?v0 ?v1))) :named a21))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a22))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
zero$))) :named a23))
        (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$c ?v0)
zero$) :pattern ((len_of$c ?v0)))) :named a24))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$)
(?v2 Nat$)) (=> (fun_app$e (less$a ?v0) ?v1) (fun_app$e (less$a
(shiftr$c ?v0 ?v2)) ?v1))) :named a25))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(fun_app$f (less$b ?v0) ?v1) (fun_app$f (less$b (fun_app$a (shiftr$
?v0) ?v2)) ?v1))) :named a26))
        (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a27))
        (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a28))
        (assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a29))
        (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a30))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$b (less$ ?v0) ?v1) false) (=> (fun_app$b (less$
?v1) ?v0) false))) false)) :named a31))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$b ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$b (less$ ?v3) ?v2) (not (fun_app$b ?v0 ?v3)))))) (fun_app$b
?v0 ?v1))) :named a32))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$b (less$ ?v3) ?v2)
(fun_app$b ?v0 ?v3))) (fun_app$b ?v0 ?v2))) (fun_app$b ?v0 ?v1)))
:named a33))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$b (less$ ?v0) ?v0)
false)) :named a34))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a35))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a36))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
?v0))) :named a37))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$b (less$ ?v0) ?v1) (fun_app$b (less$ ?v1) ?v0)))) :named
a38))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a39))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a40))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
zero$))) :named a41))
        (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$b (less$ zero$) ?v0))) :named a42))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (and
(fun_app$b ?v0 zero$) (forall ((?v2 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v2) (not (fun_app$b ?v0 ?v2))) (exists ((?v3 Nat$)) (and
(fun_app$b (less$ ?v3) ?v2) (not (fun_app$b ?v0 ?v3))))))) (fun_app$b
?v0 ?v1))) :named a43))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a44))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$b (less$ ?v0)
zero$) false)) :named a45))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ ?v0)
zero$))) :named a46))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$b (less$ zero$)
?v0)) (= ?v0 zero$))) :named a47))
        (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$b (less$ zero$) ?v0))) :named a48))
        (assert (! (forall ((?v0 Nat$)) (or (fun_app$b (less$ zero$)
?v0) (= zero$ ?v0))) :named a49))
        (assert (! (forall ((?v0 A_signed_signed_signed_itself$)) (! (=
(len_of$d ?v0) (len_of$a type$a)) :pattern ((len_of$d ?v0)))) :named
a50))
        (assert (! (forall ((?v0 Num0_signed_signed_signed_itself$)) (!
(= (len_of$e ?v0) (len_of$f type$c)) :pattern ((len_of$e ?v0)))) :named
a51))
        (assert (! (forall ((?v0 Num0_signed_signed_itself$)) (! (=
(len_of$f ?v0) (len_of$g type$d)) :pattern ((len_of$f ?v0)))) :named
a52))
        (assert (! (forall ((?v0 A_signed_signed_itself$)) (! (=
(len_of$a ?v0) (len_of$b type$b)) :pattern ((len_of$a ?v0)))) :named
a53))
        (assert (! (forall ((?v0 A_signed_itself$)) (! (= (len_of$b ?v0)
(len_of$ type$)) :pattern ((len_of$b ?v0)))) :named a54))
        (assert (! (forall ((?v0 Num0_signed_itself$)) (! (= (len_of$g
?v0) (len_of$c type$e)) :pattern ((len_of$g ?v0)))) :named a55))
        (assert (! (not (fun_app$b (less$ zero$) zero$)) :named a56))
        (assert (! (not (< 0 0)) :named a57))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (less$ zero$)
(of_nat$ ?v0)) (fun_app$b (less$ zero$) ?v0))) :named a58))
        (assert (! (forall ((?v0 Nat$)) (= (< 0 (of_nat$a ?v0))
(fun_app$b (less$ zero$) ?v0))) :named a59))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (possible_bit$
type$f) ?v0) (fun_app$b (less$ ?v0) (len_of$a type$a)))) :named a60))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (possible_bit$a
type$g) ?v0) (fun_app$b (less$ ?v0) (len_of$b type$b)))) :named a61))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (possible_bit$b
type$h) ?v0) (fun_app$b (less$ ?v0) (len_of$ type$)))) :named a62))
        (assert (! (not (msb$ zero$a)) :named a63))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$ ?v0)
(of_nat$ ?v1)) (= ?v0 ?v1))) :named a64))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a65))
        (assert (! (= (of_nat$b zero$) zero$b) :named a66))
        (assert (! (= (of_nat$c zero$) zero$a) :named a67))
        (assert (! (= (of_nat$ zero$) zero$) :named a68))
        (assert (! (= (of_nat$a zero$) 0) :named a69))
        (assert (! (forall ((?v0 Nat$)) (= (= zero$ (of_nat$ ?v0)) (=
zero$ ?v0))) :named a70))
        (assert (! (forall ((?v0 Nat$)) (= (= 0 (of_nat$a ?v0)) (= zero$
?v0))) :named a71))
        (assert (! (forall ((?v0 Nat$)) (= (= (of_nat$ ?v0) zero$) (=
?v0 zero$))) :named a72))
        (assert (! (forall ((?v0 Nat$)) (= (= (of_nat$a ?v0) 0) (= ?v0
zero$))) :named a73))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b (less$
(of_nat$ ?v0)) (of_nat$ ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named
a74))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named a75))
        (assert (! (forall ((?v0 A_signed_word$)) (not (fun_app$e
(less$a ?v0) zero$b))) :named a76))
        (assert (! (forall ((?v0 A_word$)) (not (fun_app$f (less$b ?v0)
zero$a))) :named a77))
        (assert (! (forall ((?v0 A_signed_word$)) (not (fun_app$e
(less$a ?v0) zero$b))) :named a78))
        (assert (! (forall ((?v0 A_word$)) (not (fun_app$f (less$b ?v0)
zero$a))) :named a79))
        (assert (! (forall ((?v0 A_signed_word$)) (= (fun_app$e (less$a
zero$b) ?v0) (not (= zero$b ?v0)))) :named a80))
        (assert (! (forall ((?v0 A_word$)) (= (fun_app$f (less$b zero$a)
?v0) (not (= zero$a ?v0)))) :named a81))
        (assert (! (forall ((?v0 A_signed_word$)) (= (not (= ?v0
zero$b)) (fun_app$e (less$a zero$b) ?v0))) :named a82))
        (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(fun_app$f (less$b zero$a) ?v0))) :named a83))
        (assert (! (forall ((?v0 A_signed_word$)) (= (fun_app$e (less$a
zero$b) ?v0) (not (= ?v0 zero$b)))) :named a84))
        (assert (! (forall ((?v0 A_word$)) (= (fun_app$f (less$b zero$a)
?v0) (not (= ?v0 zero$a)))) :named a85))
        (assert (! (= zero$b (of_nat$b zero$)) :named a86))
        (assert (! (= zero$a (of_nat$c zero$)) :named a87))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$b (less$ (of_nat$
?v0)) zero$))) :named a88))
        (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a89))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (fun_app$b (less$ (of_nat$ ?v0)) (of_nat$ ?v1)))) :named
a90))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a91))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$b (less$
(of_nat$ ?v0)) (of_nat$ ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named
a92))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (< (of_nat$a ?v0)
(of_nat$a ?v1)) (fun_app$b (less$ ?v0) ?v1))) :named a93))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$b ?v0)
zero$b)) (fun_app$b (less$ zero$) ?v0))) :named a94))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$c ?v0)
zero$a)) (fun_app$b (less$ zero$) ?v0))) :named a95))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$ ?v0)
zero$)) (fun_app$b (less$ zero$) ?v0))) :named a96))
        (assert (! (forall ((?v0 Nat$)) (=> (not (= (of_nat$a ?v0) 0))
(fun_app$b (less$ zero$) ?v0))) :named a97))
        (assert (! (forall ((?v0 A_signed_word_itself$)) (fun_app$b
(possible_bit$a ?v0) zero$)) :named a98))
        (assert (! (forall ((?v0 Nat_itself$)) (fun_app$b
(possible_bit$c ?v0) zero$)) :named a99))
        (assert (! (forall ((?v0 Int_itself$)) (fun_app$b
(possible_bit$d ?v0) zero$)) :named a100))
        (assert (! (forall ((?v0 A_word_itself$)) (fun_app$b
(possible_bit$b ?v0) zero$)) :named a101))
        (assert (! (forall ((?v0 Nat$)) (fun_app$b (possible_bit$d
type$i) ?v0)) :named a102))
        (assert (! (forall ((?v0 Nat$)) (fun_app$b (possible_bit$c
type$j) ?v0)) :named a103))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (fun_app$e (less$a ?v0) ?v1) (fun_app$e (less$a zero$b) ?v1)))
:named a104))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (fun_app$f
(less$b ?v0) ?v1) (fun_app$f (less$b zero$a) ?v1))) :named a105))
        (assert (! (forall ((?v0 Int)) (=> (and (< 0 ?v0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (of_nat$a ?v1)) (fun_app$b (less$ zero$) ?v1))
false))) false)) :named a106))
        (assert (! (forall ((?v0 Int)) (=> (< 0 ?v0) (exists ((?v1
Nat$)) (and (fun_app$b (less$ zero$) ?v1) (= ?v0 (of_nat$a ?v1))))))
:named a107))
        (assert (! (= (= (semiring_char$ type$g) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$b ?v0)
zero$b))))) :named a108))
        (assert (! (= (= (semiring_char$a type$h) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$c ?v0)
zero$a))))) :named a109))
        (assert (! (= (= (semiring_char$b type$j) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$ ?v0)
zero$))))) :named a110))
        (assert (! (= (= (semiring_char$c type$i) zero$) (forall ((?v0
Nat$)) (=> (fun_app$b (less$ zero$) ?v0) (not (= (of_nat$a ?v0) 0)))))
:named a111))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$b ?v0) zero$b) (forall ((?v1 Nat$)) (=>
(and (fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$b ?v1) zero$b)))))) (= (semiring_char$ type$g) ?v0))) :named
a112))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$c ?v0) zero$a) (forall ((?v1 Nat$)) (=>
(and (fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$c ?v1) zero$a)))))) (= (semiring_char$a type$h) ?v0))) :named
a113))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$ ?v0) zero$) (forall ((?v1 Nat$)) (=> (and
(fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$ ?v1) zero$)))))) (= (semiring_char$b type$j) ?v0))) :named
a114))
        (assert (! (forall ((?v0 Nat$)) (=> (and (fun_app$b (less$
zero$) ?v0) (and (= (of_nat$a ?v0) 0) (forall ((?v1 Nat$)) (=> (and
(fun_app$b (less$ zero$) ?v1) (fun_app$b (less$ ?v1) ?v0)) (not (=
(of_nat$a ?v1) 0)))))) (= (semiring_char$c type$i) ?v0))) :named a115))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a116))
        (assert (! (= (semiring_char$c type$i) zero$) :named a117))
        (assert (! (= (semiring_char$b type$j) zero$) :named a118))
        (assert (! (= (of_nat$b (semiring_char$ type$g)) zero$b) :named
a119))
        (assert (! (= (of_nat$c (semiring_char$a type$h)) zero$a) :named
a120))
        (assert (! (= (of_nat$ (semiring_char$b type$j)) zero$) :named
a121))
        (assert (! (= (of_nat$a (semiring_char$c type$i)) 0) :named
a122))
        (assert (! (= (< 0 0) false) :named a123))
        (assert (! (= (fun_app$b (less$ zero$) (semiring_char$ type$g))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$b
?v0) zero$b)))) :named a124))
        (assert (! (= (fun_app$b (less$ zero$) (semiring_char$a type$h))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$c
?v0) zero$a)))) :named a125))
        (assert (! (= (fun_app$b (less$ zero$) (semiring_char$b type$j))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$
?v0) zero$)))) :named a126))
        (assert (! (= (fun_app$b (less$ zero$) (semiring_char$c type$i))
(exists ((?v0 Nat$)) (and (fun_app$b (less$ zero$) ?v0) (= (of_nat$a
?v0) 0)))) :named a127))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$b (less$
?v0) ?v1) (< (of_nat$a ?v0) (of_nat$a ?v1)))) :named a128))
        (assert (! (= (of_nat$a zero$) 0) :named a129))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a130))
        (assert (! (forall ((?v0 Int)) (=> (and (< ?v0 0) (forall ((?v1
Nat$)) (=> (and (= ?v0 (- (of_nat$a ?v1))) (fun_app$b (less$ zero$)
?v1)) false))) false)) :named a131))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (less$c (of_nat$d
?v0) (of_nat$d ?v1)) (fun_app$b (less$ (take_bit$ (len_of$a type$a)
?v0)) (take_bit$ (len_of$a type$a) ?v1)))) :named a132))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$e (less$a
(of_nat$b ?v0)) (of_nat$b ?v1)) (fun_app$b (less$ (take_bit$ (len_of$b
type$b) ?v0)) (take_bit$ (len_of$b type$b) ?v1)))) :named a133))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$f (less$b
(of_nat$c ?v0)) (of_nat$c ?v1)) (fun_app$b (less$ (take_bit$ (len_of$
type$) ?v0)) (take_bit$ (len_of$ type$) ?v1)))) :named a134))
        (assert (! (forall ((?v0 A_word$)) (= (uminus$ (uminus$ ?v0))
?v0)) :named a135))
        (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a136))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (= (uminus$
?v0) (uminus$ ?v1)) (= ?v0 ?v1))) :named a137))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) (- ?v1))
(= ?v0 ?v1))) :named a138))
        (assert (! (forall ((?v0 A_word$)) (= (uminus$ (uminus$ ?v0))
?v0)) :named a139))
        (assert (! (forall ((?v0 Int)) (= (- (- ?v0)) ?v0)) :named
a140))
        (assert (! (= (uminus$ zero$a) zero$a) :named a141))
        (assert (! (= 0 0) :named a142))
        (assert (! (forall ((?v0 A_word$)) (= (= zero$a (uminus$ ?v0))
(= zero$a ?v0))) :named a143))
        (assert (! (forall ((?v0 Int)) (= (= 0 (- ?v0)) (= 0 ?v0)))
:named a144))
        (assert (! (forall ((?v0 A_word$)) (= (= (uminus$ ?v0) zero$a)
(= ?v0 zero$a))) :named a145))
        (assert (! (forall ((?v0 Int)) (= (= (- ?v0) 0) (= ?v0 0)))
:named a146))
        (assert (! (forall ((?v0 Int)) (= (= ?v0 (- ?v0)) (= ?v0 0)))
:named a147))
        (assert (! (forall ((?v0 Int)) (= (= (- ?v0) ?v0) (= ?v0 0)))
:named a148))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) (- ?v1))
(< ?v1 ?v0))) :named a149))
        (assert (! (forall ((?v0 Nat$)) (= (take_bit$a ?v0 zero$b)
zero$b)) :named a150))
        (assert (! (forall ((?v0 Nat$)) (= (take_bit$b ?v0 zero$a)
zero$a)) :named a151))
        (assert (! (forall ((?v0 Nat$)) (= (take_bit$ ?v0 zero$) zero$))
:named a152))
        (assert (! (forall ((?v0 Nat$)) (= (take_bit$c ?v0 0) 0)) :named
a153))
        (assert (! (forall ((?v0 Int)) (= (< ?v0 (- ?v0)) (< ?v0 0)))
:named a154))
        (assert (! (forall ((?v0 Int)) (= (< (- ?v0) ?v0) (< 0 ?v0)))
:named a155))
        (assert (! (forall ((?v0 Int)) (= (< 0 (- ?v0)) (< ?v0 0)))
:named a156))
        (assert (! (forall ((?v0 Int)) (= (< (- ?v0) 0) (< 0 ?v0)))
:named a157))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (take_bit$a
zero$ ?v0) zero$b) :pattern ((take_bit$a zero$ ?v0)))) :named a158))
        (assert (! (forall ((?v0 A_word$)) (! (= (take_bit$b zero$ ?v0)
zero$a) :pattern ((take_bit$b zero$ ?v0)))) :named a159))
        (assert (! (forall ((?v0 Nat$)) (! (= (take_bit$ zero$ ?v0)
zero$) :pattern ((take_bit$ zero$ ?v0)))) :named a160))
        (assert (! (forall ((?v0 Int)) (! (= (take_bit$c zero$ ?v0) 0)
:pattern ((take_bit$c zero$ ?v0)))) :named a161))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (- (of_nat$a
?v0)) (of_nat$a ?v1)) (and (= ?v0 zero$) (= ?v1 zero$)))) :named a162))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$a ?v0
(of_nat$b ?v1)) (of_nat$b (take_bit$ ?v0 ?v1)))) :named a163))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$ ?v0
(of_nat$ ?v1)) (of_nat$ (take_bit$ ?v0 ?v1)))) :named a164))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$b ?v0
(of_nat$c ?v1)) (of_nat$c (take_bit$ ?v0 ?v1)))) :named a165))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (take_bit$c ?v0
(of_nat$a ?v1)) (of_nat$a (take_bit$ ?v0 ?v1)))) :named a166))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (< ?v0 ?v1) (< (-
?v1) (- ?v0)))) :named a167))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (= ?v0
(uminus$ ?v1)) (= ?v1 (uminus$ ?v0)))) :named a168))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= ?v0 (- ?v1)) (=
?v1 (- ?v0)))) :named a169))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (= (uminus$
?v0) ?v1) (= (uminus$ ?v1) ?v0))) :named a170))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (= (- ?v0) ?v1) (=
(- ?v1) ?v0))) :named a171))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (= ?v0 ?v1) (= (-
?v0) (- ?v1)))) :named a172))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< ?v0 (- ?v1)) (<
?v1 (- ?v0)))) :named a173))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (< (- ?v0) ?v1) (<
(- ?v1) ?v0))) :named a174))
        (assert (! (= 0 0) :named a175))
        (assert (! (forall ((?v0 Int)) (=> (and (forall ((?v1 Nat$)) (=>
(= ?v0 (of_nat$a ?v1)) false)) (forall ((?v1 Nat$)) (=> (= ?v0 (-
(of_nat$a ?v1))) false))) false)) :named a176))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (not (< (of_nat$a
?v0) (- (of_nat$a ?v1))))) :named a177))
        (assert (! (forall ((?v0 Int)) (=> (and (forall ((?v1 Nat$)) (=>
(= ?v0 (of_nat$a ?v1)) false)) (forall ((?v1 Nat$)) (=> (and (fun_app$b
(less$ zero$) ?v1) (= ?v0 (- (of_nat$a ?v1)))) false))) false)) :named
a178))
        (assert (! (forall ((?v0 A_signed_word$)) (! (= (fun_app$e
(less$a ?v0) ?v0) false) :pattern ((less$a ?v0)))) :named a179))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$f (less$b ?v0)
?v0) false) :pattern ((less$b ?v0)))) :named a180))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (less$ ?v0)
?v0) false) :pattern ((less$ ?v0)))) :named a181))
        (assert (! (forall ((?v0 Int)) (! (= (< ?v0 ?v0) false) :pattern
((uu$ ?v0)))) :named a182))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= ?v0 ?v1) (=
(of_nat$a ?v0) (of_nat$a ?v1)))) :named a183))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (= (of_nat$a ?v0)
(of_nat$a ?v1)) (= ?v0 ?v1))) :named a184))
        (assert (! (forall ((?v0 Bool) (?v1 Nat$) (?v2 Nat$)) (=
(of_nat$a (ite ?v0 ?v1 ?v2)) (ite ?v0 (of_nat$a ?v1) (of_nat$a ?v2))))
:named a185))
        (assert (! (forall ((?v0 Int)) (=> (and (=> (= ?v0 0) false)
(and (forall ((?v1 Nat$)) (=> (and (= ?v0 (of_nat$a ?v1)) (fun_app$b
(less$ zero$) ?v1)) false)) (forall ((?v1 Nat$)) (=> (and (= ?v0 (-
(of_nat$a ?v1))) (fun_app$b (less$ zero$) ?v1)) false)))) false))
:named a186))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$d ?v0)
(of_nat$d ?v1)) (= (take_bit$ (len_of$a type$a) ?v0) (take_bit$
(len_of$a type$a) ?v1)))) :named a187))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$b ?v0)
(of_nat$b ?v1)) (= (take_bit$ (len_of$b type$b) ?v0) (take_bit$
(len_of$b type$b) ?v1)))) :named a188))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (of_nat$c ?v0)
(of_nat$c ?v1)) (= (take_bit$ (len_of$ type$) ?v0) (take_bit$ (len_of$
type$) ?v1)))) :named a189))
        (assert (! (forall ((?v0 A_signed_signed_word$)) (= (take_bit$d
(len_of$a type$a) ?v0) ?v0)) :named a190))
        (assert (! (forall ((?v0 A_signed_word$)) (= (take_bit$a
(len_of$b type$b) ?v0) ?v0)) :named a191))
        (assert (! (forall ((?v0 A_word$)) (= (take_bit$b (len_of$
type$) ?v0) ?v0)) :named a192))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (take_bit$c ?v0 (-
(take_bit$c ?v0 ?v1))) (take_bit$c ?v0 (- ?v1)))) :named a193))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (not (< (take_bit$c
?v0 ?v1) 0))) :named a194))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (< ?v0 (take_bit$c
?v1 ?v0)) (< ?v0 0))) :named a195))
        (assert (! (= (take_bit$c (len_of$a type$a) 0) (take_bit$c
(len_of$a type$a) 0)) :named a196))
        (assert (! (= (take_bit$c (len_of$b type$b) 0) (take_bit$c
(len_of$b type$b) 0)) :named a197))
        (assert (! (= (take_bit$c (len_of$ type$) 0) (take_bit$c
(len_of$ type$) 0)) :named a198))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$ (of_nat$c ?v0))
(of_nat$a (take_bit$ (len_of$ type$) ?v0)))) :named a199))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$a (of_nat$c ?v0))
(of_nat$ (take_bit$ (len_of$ type$) ?v0)))) :named a200))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$b (of_nat$c ?v0))
(of_nat$c (take_bit$ (len_of$ type$) ?v0)))) :named a201))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$c (of_nat$b ?v0))
(of_nat$a (take_bit$ (len_of$b type$b) ?v0)))) :named a202))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$d (of_nat$b ?v0))
(of_nat$ (take_bit$ (len_of$b type$b) ?v0)))) :named a203))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$e (of_nat$b ?v0))
(of_nat$c (take_bit$ (len_of$b type$b) ?v0)))) :named a204))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$f (of_nat$c ?v0))
(of_nat$b (take_bit$ (len_of$ type$) ?v0)))) :named a205))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$g (of_nat$d ?v0))
(of_nat$a (take_bit$ (len_of$a type$a) ?v0)))) :named a206))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$h (of_nat$d ?v0))
(of_nat$ (take_bit$ (len_of$a type$a) ?v0)))) :named a207))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$i (of_nat$b ?v0))
(of_nat$b (take_bit$ (len_of$b type$b) ?v0)))) :named a208))
        (assert (! (forall ((?v0 Int)) (= (fun_app$b (less$ zero$) (nat$
?v0)) (< 0 ?v0))) :named a209))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_signed_word$)) (=
(signed$ (take_bit$d ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$a
type$a)) (take_bit$c ?v0 (signed$ ?v1)) (signed$ ?v1)))) :named a210))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_signed_word$)) (=
(signed$a (take_bit$d ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$a
type$a)) (take_bit$b ?v0 (signed$a ?v1)) (signed$a ?v1)))) :named
a211))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_signed_word$)) (=
(signed$b (take_bit$d ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$a
type$a)) (take_bit$a ?v0 (signed$b ?v1)) (signed$b ?v1)))) :named
a212))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (signed$c
(take_bit$b ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$ type$))
(take_bit$a ?v0 (signed$c ?v1)) (signed$c ?v1)))) :named a213))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=
(signed$d (take_bit$a ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$b
type$b)) (take_bit$a ?v0 (signed$d ?v1)) (signed$d ?v1)))) :named
a214))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=
(signed$e (take_bit$a ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$b
type$b)) (take_bit$c ?v0 (signed$e ?v1)) (signed$e ?v1)))) :named
a215))
        (assert (! (forall ((?v0 Nat$) (?v1 A_signed_word$)) (=
(signed$f (take_bit$a ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$b
type$b)) (take_bit$b ?v0 (signed$f ?v1)) (signed$f ?v1)))) :named
a216))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (signed$g
(take_bit$b ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$ type$))
(take_bit$b ?v0 (signed$g ?v1)) (signed$g ?v1)))) :named a217))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (signed$h
(take_bit$b ?v0 ?v1)) (ite (fun_app$b (less$ ?v0) (len_of$ type$))
(take_bit$c ?v0 (signed$h ?v1)) (signed$h ?v1)))) :named a218))
        (assert (! (forall ((?v0 Nat$)) (= (signed$i (of_nat$b ?v0))
(of_nat$d ?v0))) :named a219))
        (assert (! (forall ((?v0 Nat$)) (= (signed$c (of_nat$c ?v0))
(of_nat$b ?v0))) :named a220))
        (assert (! (forall ((?v0 Nat$)) (= (signed$b (of_nat$d ?v0))
(of_nat$b ?v0))) :named a221))
        (assert (! (forall ((?v0 Nat$)) (= (signed$f (of_nat$b ?v0))
(of_nat$c ?v0))) :named a222))
        (assert (! (forall ((?v0 A_signed_word$)) (= (of_nat$b
(unsigned$d ?v0)) ?v0)) :named a223))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$c (unsigned$a
?v0)) ?v0)) :named a224))
        (assert (! (forall ((?v0 A_signed_word$)) (= (of_nat$a
(unsigned$d ?v0)) (unsigned$c ?v0))) :named a225))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$b (unsigned$a
?v0)) (unsigned$f ?v0))) :named a226))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$c (unsigned$a
?v0)) (unsigned$b ?v0))) :named a227))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$ (unsigned$a ?v0))
(unsigned$a ?v0))) :named a228))
        (assert (! (forall ((?v0 A_word$)) (= (of_nat$a (unsigned$a
?v0)) (unsigned$ ?v0))) :named a229))
        (assert (! (forall ((?v0 A_word$)) (= (< (unsigned$ ?v0) 0)
false)) :named a230))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.006s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        1 = Suc 0
        0 < LENGTH('a)
        ∀w. nat (uint w) = unat w
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - 1))
        ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb x = (x < 0))
        ∀w n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (w !! n = (n < LENGTH('a) ∧ uint w !! n))
        ∀n x. rev (replicate n x) = replicate n x
        ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        to_bl 0 = replicate LENGTH('a) False
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
        ∀n. possible_bit TYPE(int) n
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - Suc 0))
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        ∀x. length (to_bl x) = LENGTH('a)
        ∀xs. rev (rev xs) = xs
        ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (¬ msb x ⟶ sint x = uint x)
        ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
        ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
        ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
        ∀n x. length (replicate n x) = n
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (size w = LENGTH('a))
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀n. of_bl (replicate n False) = 0
        ∀f g x.
           SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((f ∘ g) x))
SMT.Symb_Nil) SMT.Symb_Nil)
            ((f ∘ g) x = f (g x))
        ∀w n. w !! n ⟶ n < LENGTH('a)
        ∀x n. x < 2 ^ n ⟶ x && mask n = x
        ∀w. length (to_bl w) = LENGTH('a)
        ∀a. 0 ≤ a
        ∀x. of_bl (to_bl x) = x
        ∀n<LENGTH('a). uint (2 ^ n) = 2 ^ n
        ∀a b. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((a < b) = (unat a < unat b))
        ∀n. unat (2 ^ n) = (if n < LENGTH('a) then 2 ^ n else 0)
        ∀b c a q.
           LENGTH('a) + b ≤ c + a ∧ c < LENGTH('a) ⟶ unat ((q >> a << b)
&& ~~ mask c) = 0
        ∀n<LENGTH('a). unat (2 ^ n) = 2 ^ n
        LENGTH('a) ≠ 0
        ∀x. to_bl x ≠ []
        ∀z n. 0 ≤ z ⟶ nat (z ^ n) = nat z ^ n
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = (w >> LENGTH('a) - 1 ≠ 0))
        ∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
        ∀a b n. (a AND b) !! n = (a !! n ∧ b !! n)
        ∀a b n. (a && b) !! n = (a !! n ∧ b !! n)
        ∀n. (LENGTH('a) - Suc 0 < n) = (LENGTH('a) ≤ n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (push_bit n a = a * 2 ^ n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (push_bit n a = a * 2 ^ n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (push_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (push_bit n a = a * 2 ^ n)
        ∀x y. (¬ x < y) = (y ≤ x)
        ∀x y. (¬ x < y) = (y ≤ x)
        ∀x y. (¬ x < y) = (y ≤ x)
        ∀x. ¬ x < x
        ∀x. ¬ x < x
        ∀x. ¬ x < x
        ∀a. a + 0 = a
        ∀a. a + 0 = a
        ∀a. a + 0 = a
        ∀m n. mask m !! n = (possible_bit TYPE(nat) n ∧ n < m)
        ∀m n. mask m !! n = (possible_bit TYPE('a word) n ∧ n < m)
        ∀m n. mask m !! n = (possible_bit TYPE(int) n ∧ n < m)
        ∀a b. a * b = b * a
        ∀a b. a * b = b * a
        ∀a b. a * b = b * a
        ∀p n. (p < 2 ^ n) = (n < LENGTH('a) ∧ (∀n'. n ≤ n' ∧ n' <
LENGTH('a) ⟶ ¬ p !! n'))
        ∀x y. (unat x * unat y < 2 ^ LENGTH('a)) = (unat (x * y) = unat
x * unat y)
        ∀a b. a + b = b + a
        ∀a b. a + b = b + a
        ∀a b. a + b = b + a
        ∀n. (n ≤ LENGTH('a) - Suc 0) = (n < LENGTH('a))
        ∀w. (drop_bit (LENGTH('a) - Suc 0) w = 0) = (¬ w !! (LENGTH('a)
- Suc 0))
        ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
        ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
        ∀a n. (!!) (a >> n) = (!!) a ∘ (+) n
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (take_bit n a = a && mask n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (take_bit n a = a AND mask n)
        ∀n a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (take_bit n a))
SMT.Symb_Nil) SMT.Symb_Nil)
               (take_bit n a = a AND mask n)
        ∀n≥LENGTH('a). 2 ^ n = 0
        ∀w n. unat (w >> n) = unat w div 2 ^ n
        ∀x. (uint x < 0) = False
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = hd (to_bl w))
        ∀x xs.
           SMT.trigger
            (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x # xs))
SMT.Symb_Nil) SMT.Symb_Nil)
            (length (x # xs) = Suc (length xs))
        ∀n w. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (LENGTH('a) ≤ n ⟶ w >> n = 0)
        ∀n w. n < LENGTH('a) ⟶ w && mask n < 2 ^ n
        ∀x z n. limited_and x z ⟶ limited_and (x >> n) (z >> n)
        bot = False
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb a = (2 ^ (LENGTH('a) - Suc 0) ≤ a))
        ∀n. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (mask n))
SMT.Symb_Nil) SMT.Symb_Nil)
             (mask n = 2 ^ n - 1)
        ∀z z'. 0 ≤ z ⟶ nat (z * z') = nat z * nat z'
        ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
        ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
        ∀n a. (take_bit n a = a) = (drop_bit n a = 0)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb a = (bin_sign (signed_take_bit (LENGTH('a) - 1) (uint
a)) = - 1))
        ∀a. 0 - a = - a
        ∀a. 0 - a = - a
        ∀x. (x < 1) = (x = 0)
        ∀m. ¬ of_nat m < 0
        ∀m. ¬ int m < 0
        ∀a. (a ≠ 0) = (0 < a)
        ∀a b. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a ≤ b))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((a ≤ b) = (unat a ≤ unat b))
        ∀a. (a ≤ 0) = (a = 0)
        ∀x y. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (x ≤s y))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((x ≤s y) = ((msb y ⟶ msb x) ∧ (msb x ∧ ¬ msb y ∨ x ≤
y)))
        ∀a. 0 * a = 0
        ∀a. 0 * a = 0
        ∀a. 0 * a = 0
        ∀b a. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (b ≤ a))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((b ≤ a) = (¬ a < b))
        ∀n w. n < LENGTH('a) ⟶ to_bl w ! n = w !! (LENGTH('a) - Suc n)
        ∀n bnd x. 2 ^ (LENGTH('a) - n) - 1 ≤ bnd ∧ 0 < n ⟶ unat (x >> n)
≤ bnd
        neg_numeral_class.sub num.One num.One = 0
        neg_numeral_class.sub num.One num.One = 0
        ∀n k. (drop_bit n k < 0) = (k < 0)
        ∀a. 0 + a = a
        ∀a. 0 + a = a
        ∀a. 0 + a = a
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a ^ 0 = 1)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a ^ 0 = 1)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((^) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a ^ 0 = 1)
SMT: Names:
        sorts:
          Nat$ = nat
          Num$ = num
          A_word$ = 'a word
          A_itself$ = 'a itself
          Bool_list$ = bool list
          Int_itself$ = int itself
          Nat_itself$ = nat itself
          Nat_int_fun$ = nat ⇒ int
          Nat_nat_fun$ = nat ⇒ nat
          Nat_bool_fun$ = nat ⇒ bool
          A_word_itself$ = 'a word itself
          Nat_a_word_fun$ = nat ⇒ 'a word
        functions:
          r$ = r
          x$ = x
          hd$ = hd
          and$ = (&&)
          bit$ = (!!)
          bot$ = bot
          msb$ = msb
          nat$ = nat
          nil$ = []
          not$ = wordNOT
          nth$ = (!)
          one$ = 1
          rev$ = rev
          sub$ = neg_numeral_class.sub
          suc$ = Suc
          and$a = (AND)
          and$b = (AND)
          bit$a = (!!)
          bit$b = (!!)
          bit0$ = num.Bit0
          comp$ = (∘)
          cons$ = (#)
          less$ = (<)
          mask$ = mask
          msb$a = msb
          one$a = num.One
          one$b = 1
          plus$ = (+)
          size$ = length
          sub$a = neg_numeral_class.sub
          type$ = TYPE('a)
          zero$ = 0
          less$a = (<)
          mask$a = mask
          mask$b = mask
          minus$ = (-)
          of_bl$ = of_bl
          plus$a = (+)
          power$ = (^)
          size$a = size
          times$ = (*)
          to_bl$ = to_bl
          type$a = TYPE('a word)
          type$b = TYPE(int)
          type$c = TYPE(nat)
          zero$a = 0
          divide$ = (div)
          len_of$ = len_of
          minus$a = (-)
          of_nat$ = of_nat
          power$a = (^)
          power$b = (^)
          shiftl$ = (<<)
          shiftr$ = (>>)
          signed$ = sint
          times$a = (*)
          times$b = (*)
          uminus$ = uminus
          fun_app$ = SMT.fun_app
          less_eq$ = (≤)
          numeral$ = numeral
          of_nat$a = int
          shiftl$a = (<<)
          shiftl$b = (<<)
          shiftr$a = (>>)
          shiftr$b = (>>)
          bin_sign$ = bin_sign
          drop_bit$ = drop_bit
          fun_app$a = SMT.fun_app
          fun_app$b = SMT.fun_app
          fun_app$c = SMT.fun_app
          less_eq$a = (≤)
          numeral$a = numeral
          push_bit$ = push_bit
          take_bit$ = take_bit
          unsigned$ = uint
          word_sle$ = (≤s)
          drop_bit$a = drop_bit
          drop_bit$b = drop_bit
          push_bit$a = push_bit
          push_bit$b = push_bit
          replicate$ = replicate
          take_bit$a = take_bit
          take_bit$b = take_bit
          unsigned$a = unat
          unsigned$b = UCAST('a → 'a)
          limited_and$ = limited_and
          possible_bit$ = possible_bit
          possible_bit$a = possible_bit
          possible_bit$b = possible_bit
          signed_take_bit$ = signed_take_bit
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9923
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort Num$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Bool_list$ 0)
        (declare-sort Int_itself$ 0)
        (declare-sort Nat_itself$ 0)
        (declare-sort Nat_int_fun$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort Nat_bool_fun$ 0)
        (declare-sort A_word_itself$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun hd$ (Bool_list$) Bool)
        (declare-fun and$ (A_word$ A_word$) A_word$)
        (declare-fun bit$ (A_word$) Nat_bool_fun$)
        (declare-fun bot$ () Bool)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun nat$ (Int) Nat$)
        (declare-fun nil$ () Bool_list$)
        (declare-fun not$ (A_word$) A_word$)
        (declare-fun nth$ (Bool_list$) Nat_bool_fun$)
        (declare-fun one$ () Nat$)
        (declare-fun rev$ (Bool_list$) Bool_list$)
        (declare-fun sub$ (Num$ Num$) A_word$)
        (declare-fun suc$ () Nat_nat_fun$)
        (declare-fun and$a (Nat$) Nat_nat_fun$)
        (declare-fun and$b (Int Int) Int)
        (declare-fun bit$a (Int) Nat_bool_fun$)
        (declare-fun bit$b (Nat$) Nat_bool_fun$)
        (declare-fun bit0$ (Num$) Num$)
        (declare-fun comp$ (Nat_bool_fun$ Nat_nat_fun$) Nat_bool_fun$)
        (declare-fun cons$ (Bool Bool_list$) Bool_list$)
        (declare-fun less$ (Nat$) Nat_bool_fun$)
        (declare-fun mask$ (Nat$) A_word$)
        (declare-fun msb$a (Int) Bool)
        (declare-fun one$a () Num$)
        (declare-fun one$b () A_word$)
        (declare-fun plus$ (Nat$) Nat_nat_fun$)
        (declare-fun size$ (Bool_list$) Nat$)
        (declare-fun sub$a (Num$ Num$) Int)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun less$a (A_word$ A_word$) Bool)
        (declare-fun mask$a () Nat_nat_fun$)
        (declare-fun mask$b (Nat$) Int)
        (declare-fun minus$ (Nat$) Nat_nat_fun$)
        (declare-fun of_bl$ (Bool_list$) A_word$)
        (declare-fun plus$a (A_word$ A_word$) A_word$)
        (declare-fun power$ (A_word$) Nat_a_word_fun$)
        (declare-fun size$a (A_word$) Nat$)
        (declare-fun times$ (A_word$ A_word$) A_word$)
        (declare-fun to_bl$ (A_word$) Bool_list$)
        (declare-fun type$a () A_word_itself$)
        (declare-fun type$b () Int_itself$)
        (declare-fun type$c () Nat_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun divide$ (Nat$) Nat_nat_fun$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun minus$a (A_word$ A_word$) A_word$)
        (declare-fun of_nat$ () Nat_nat_fun$)
        (declare-fun power$a (Int) Nat_int_fun$)
        (declare-fun power$b (Nat$) Nat_nat_fun$)
        (declare-fun shiftl$ (Nat$) Nat_nat_fun$)
        (declare-fun shiftr$ (A_word$ Nat$) A_word$)
        (declare-fun signed$ (A_word$) Int)
        (declare-fun times$a (Int Int) Int)
        (declare-fun times$b (Nat$) Nat_nat_fun$)
        (declare-fun uminus$ (A_word$) A_word$)
        (declare-fun fun_app$ (Nat_bool_fun$ Nat$) Bool)
        (declare-fun less_eq$ (A_word$ A_word$) Bool)
        (declare-fun numeral$ (Num$) A_word$)
        (declare-fun of_nat$a (Nat$) Int)
        (declare-fun shiftl$a (Int Nat$) Int)
        (declare-fun shiftl$b (A_word$ Nat$) A_word$)
        (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
        (declare-fun shiftr$b (Int Nat$) Int)
        (declare-fun bin_sign$ (Int) Int)
        (declare-fun drop_bit$ (Nat$) Nat_nat_fun$)
        (declare-fun fun_app$a (Nat_nat_fun$ Nat$) Nat$)
        (declare-fun fun_app$b (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun fun_app$c (Nat_int_fun$ Nat$) Int)
        (declare-fun less_eq$a (Nat$) Nat_bool_fun$)
        (declare-fun numeral$a (Num$) Nat$)
        (declare-fun push_bit$ (Nat$) Nat_nat_fun$)
        (declare-fun take_bit$ (Nat$ Int) Int)
        (declare-fun unsigned$ (A_word$) Int)
        (declare-fun word_sle$ (A_word$ A_word$) Bool)
        (declare-fun drop_bit$a (Nat$ Int) Int)
        (declare-fun drop_bit$b (Nat$ A_word$) A_word$)
        (declare-fun push_bit$a (Nat$ Int) Int)
        (declare-fun push_bit$b (Nat$ A_word$) A_word$)
        (declare-fun replicate$ (Nat$ Bool) Bool_list$)
        (declare-fun take_bit$a (Nat$ A_word$) A_word$)
        (declare-fun take_bit$b (Nat$) Nat_nat_fun$)
        (declare-fun unsigned$a (A_word$) Nat$)
        (declare-fun unsigned$b (A_word$) A_word$)
        (declare-fun limited_and$ (A_word$ A_word$) Bool)
        (declare-fun possible_bit$ (A_word_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$a (Int_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$b (Nat_itself$) Nat_bool_fun$)
        (declare-fun signed_take_bit$ (Nat$ Int) Int)
        (assert (! (not (= (msb$ (shiftr$ x$ r$)) (and (= r$ zero$)
(msb$ x$)))) :named a0))
        (assert (! (fun_app$ (less$ r$) (len_of$ type$)) :named a1))
        (assert (! (= one$ (fun_app$a suc$ zero$)) :named a2))
        (assert (! (fun_app$ (less$ zero$) (len_of$ type$)) :named a3))
        (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a4))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(shiftr$a ?v0) ?v1) (fun_app$a (drop_bit$ ?v1) ?v0)) :pattern
((fun_app$a (shiftr$a ?v0) ?v1)))) :named a5))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftr$b ?v0
?v1) (drop_bit$a ?v1 ?v0)) :pattern ((shiftr$b ?v0 ?v1)))) :named a6))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftr$ ?v0
?v1) (drop_bit$b ?v1 ?v0)) :pattern ((shiftr$ ?v0 ?v1)))) :named a7))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (possible_bit$
type$a) ?v0) (fun_app$ (less$ ?v0) (len_of$ type$)))) :named a8))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$
(bit$ ?v0) (fun_app$a (minus$ (len_of$ type$)) one$))) :pattern ((msb$
?v0)))) :named a9))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (fun_app$ (less$ ?v2) (len_of$ type$)) (= (fun_app$
(bit$ ?v0) ?v2) (fun_app$ (bit$ ?v1) ?v2)))) (= ?v0 ?v1))) :named a10))
        (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a11))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(bit$ ?v0) ?v1) (and (fun_app$ (less$ ?v1) (len_of$ type$)) (fun_app$
(bit$a (unsigned$ ?v0)) ?v1))) :pattern ((fun_app$ (bit$ ?v0) ?v1))))
:named a12))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a13))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$ ?v0 (mask$ (fun_app$a (plus$ ?v1) ?v2))) ?v0) (fun_app$
(less$ ?v2) (len_of$ type$))) (less$a (shiftr$ ?v0 ?v1) (fun_app$b
(power$ (numeral$ (bit0$ one$a))) ?v2)))) :named a14))
        (assert (! (= (to_bl$ zero$a) (replicate$ (len_of$ type$)
false)) :named a15))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$a ?v1 ?v2)) (less$a ?v0 ?v2))) :named
a16))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(fun_app$ (less_eq$a ?v0) ?v1) (fun_app$ (less$ ?v1) ?v2)) (fun_app$
(less$ ?v0) ?v2))) :named a17))
        (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a18))
        (assert (! (forall ((?v0 Nat$)) (= (= (fun_app$b (power$
(numeral$ (bit0$ one$a))) ?v0) zero$a) (fun_app$ (less_eq$a (len_of$
type$)) ?v0))) :named a19))
        (assert (! (forall ((?v0 Nat$)) (fun_app$ (possible_bit$a
type$b) ?v0)) :named a20))
        (assert (! (forall ((?v0 Nat$)) (fun_app$ (less_eq$a ?v0) ?v0))
:named a21))
        (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a22))
        (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a23))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$
(bit$ ?v0) (fun_app$a (minus$ (len_of$ type$)) (fun_app$a suc$
zero$)))) :pattern ((msb$ ?v0)))) :named a24))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$a ?v1 ?v0))) :named a25))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$
(less_eq$a ?v0) ?v1)) (fun_app$ (less$ ?v1) ?v0))) :named a26))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a27))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(shiftl$ ?v0) ?v1) (fun_app$a (push_bit$ ?v1) ?v0)) :pattern
((fun_app$a (shiftl$ ?v0) ?v1)))) :named a28))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a29))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$b
?v0 ?v1) (push_bit$b ?v1 ?v0)) :pattern ((shiftl$b ?v0 ?v1)))) :named
a30))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (fun_app$b (power$ (numeral$ (bit0$ one$a))) (fun_app$a (plus$
?v0) ?v1)) zero$a) (fun_app$ (less$ ?v1) (len_of$ type$))) (less$a
(shiftr$ ?v2 ?v0) (fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v1))))
:named a31))
        (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a32))
        (assert (! (forall ((?v0 Bool_list$)) (= (rev$ (rev$ ?v0)) ?v0))
:named a33))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$b ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0
(unsigned$ ?v1))))) :named a34))
        (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a35))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$
(bit$b (unsigned$a ?v0)) ?v1) (and (fun_app$ (possible_bit$b type$c)
?v1) (fun_app$ (bit$ ?v0) ?v1)))) :named a36))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$
(bit$a (unsigned$ ?v0)) ?v1) (and (fun_app$ (possible_bit$a type$b)
?v1) (fun_app$ (bit$ ?v0) ?v1)))) :named a37))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$ (bit$
(unsigned$b ?v0)) ?v1) (and (fun_app$ (possible_bit$ type$a) ?v1)
(fun_app$ (bit$ ?v0) ?v1)))) :named a38))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a39))
        (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a40))
        (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a41))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (minus$ ?v0)
zero$) ?v0)) :named a42))
        (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a43))
        (assert (! (forall ((?v0 Nat$)) (= (of_bl$ (replicate$ ?v0
false)) zero$a)) :named a44))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat_nat_fun$) (?v2
Nat$)) (! (= (fun_app$ (comp$ ?v0 ?v1) ?v2) (fun_app$ ?v0 (fun_app$a
?v1 ?v2))) :pattern ((fun_app$ (comp$ ?v0 ?v1) ?v2)))) :named a45))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (fun_app$
(bit$ ?v0) ?v1) (fun_app$ (less$ ?v1) (len_of$ type$)))) :named a46))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (=> (less$a ?v0
(fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v1)) (= (and$ ?v0 (mask$
?v1)) ?v0))) :named a47))
        (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a48))
        (assert (! (forall ((?v0 A_word$)) (less_eq$ zero$a ?v0)) :named
a49))
        (assert (! (forall ((?v0 A_word$)) (= (of_bl$ (to_bl$ ?v0))
?v0)) :named a50))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$ (less$ ?v0)
(len_of$ type$)) (= (unsigned$ (fun_app$b (power$ (numeral$ (bit0$
one$a))) ?v0)) (fun_app$c (power$a 2) ?v0)))) :named a51))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less$a
?v0 ?v1) (fun_app$ (less$ (unsigned$a ?v0)) (unsigned$a ?v1))) :pattern
((less$a ?v0 ?v1)))) :named a52))
        (assert (! (forall ((?v0 Nat$)) (= (unsigned$a (fun_app$b
(power$ (numeral$ (bit0$ one$a))) ?v0)) (ite (fun_app$ (less$ ?v0)
(len_of$ type$)) (fun_app$a (power$b (numeral$a (bit0$ one$a))) ?v0)
zero$))) :named a53))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$) (?v3
A_word$)) (=> (and (fun_app$ (less_eq$a (fun_app$a (plus$ (len_of$
type$)) ?v0)) (fun_app$a (plus$ ?v1) ?v2)) (fun_app$ (less$ ?v1)
(len_of$ type$))) (= (unsigned$a (and$ (shiftl$b (shiftr$ ?v3 ?v2) ?v0)
(not$ (mask$ ?v1)))) zero$))) :named a54))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$ (less$ ?v0)
(len_of$ type$)) (= (unsigned$a (fun_app$b (power$ (numeral$ (bit0$
one$a))) ?v0)) (fun_app$a (power$b (numeral$a (bit0$ one$a))) ?v0))))
:named a55))
        (assert (! (not (= (len_of$ type$) zero$)) :named a56))
        (assert (! (forall ((?v0 A_word$)) (not (= (to_bl$ ?v0) nil$)))
:named a57))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (=> (<= 0 ?v0) (=
(nat$ (fun_app$c (power$a ?v0) ?v1)) (fun_app$a (power$b (nat$ ?v0))
?v1)))) :named a58))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (not (=
(shiftr$ ?v0 (fun_app$a (minus$ (len_of$ type$)) one$)) zero$a)))
:pattern ((msb$ ?v0)))) :named a59))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=
(fun_app$ (bit$b (fun_app$a (and$a ?v0) ?v1)) ?v2) (and (fun_app$
(bit$b ?v0) ?v2) (fun_app$ (bit$b ?v1) ?v2)))) :named a60))
        (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Nat$)) (= (fun_app$
(bit$a (and$b ?v0 ?v1)) ?v2) (and (fun_app$ (bit$a ?v0) ?v2) (fun_app$
(bit$a ?v1) ?v2)))) :named a61))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=
(fun_app$ (bit$ (and$ ?v0 ?v1)) ?v2) (and (fun_app$ (bit$ ?v0) ?v2)
(fun_app$ (bit$ ?v1) ?v2)))) :named a62))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (less$ (fun_app$a
(minus$ (len_of$ type$)) (fun_app$a suc$ zero$))) ?v0) (fun_app$
(less_eq$a (len_of$ type$)) ?v0))) :named a63))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (push_bit$b
?v0 ?v1) (times$ ?v1 (fun_app$b (power$ (numeral$ (bit0$ one$a)))
?v0))) :pattern ((push_bit$b ?v0 ?v1)))) :named a64))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (push_bit$a ?v0
?v1) (times$a ?v1 (fun_app$c (power$a 2) ?v0))) :pattern ((push_bit$a
?v0 ?v1)))) :named a65))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(push_bit$ ?v0) ?v1) (fun_app$a (times$b ?v1) (fun_app$a (power$b
(numeral$a (bit0$ one$a))) ?v0))) :pattern ((fun_app$a (push_bit$ ?v0)
?v1)))) :named a66))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not (less$a
?v0 ?v1)) (less_eq$ ?v1 ?v0))) :named a67))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$
(less$ ?v0) ?v1)) (fun_app$ (less_eq$a ?v1) ?v0))) :named a68))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (< ?v0 ?v1))
(<= ?v1 ?v0))) :named a69))
        (assert (! (forall ((?v0 A_word$)) (not (less$a ?v0 ?v0)))
:named a70))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$ (less$ ?v0)
?v0))) :named a71))
        (assert (! (forall ((?v0 Int)) (not (< ?v0 ?v0))) :named a72))
        (assert (! (forall ((?v0 A_word$)) (= (plus$a ?v0 zero$a) ?v0))
:named a73))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (plus$ ?v0) zero$)
?v0)) :named a74))
        (assert (! (forall ((?v0 Int)) (= (+ ?v0 0) ?v0)) :named a75))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$ (bit$b
(fun_app$a mask$a ?v0)) ?v1) (and (fun_app$ (possible_bit$b type$c)
?v1) (fun_app$ (less$ ?v1) ?v0)))) :named a76))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$ (bit$
(mask$ ?v0)) ?v1) (and (fun_app$ (possible_bit$ type$a) ?v1) (fun_app$
(less$ ?v1) ?v0)))) :named a77))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$ (bit$a
(mask$b ?v0)) ?v1) (and (fun_app$ (possible_bit$a type$b) ?v1)
(fun_app$ (less$ ?v1) ?v0)))) :named a78))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (times$ ?v0
?v1) (times$ ?v1 ?v0))) :named a79))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (times$a ?v0 ?v1)
(times$a ?v1 ?v0))) :named a80))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a
(times$b ?v0) ?v1) (fun_app$a (times$b ?v1) ?v0))) :named a81))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (less$a ?v0
(fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v1)) (and (fun_app$
(less$ ?v1) (len_of$ type$)) (forall ((?v2 Nat$)) (=> (and (fun_app$
(less_eq$a ?v1) ?v2) (fun_app$ (less$ ?v2) (len_of$ type$))) (not
(fun_app$ (bit$ ?v0) ?v2))))))) :named a82))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (fun_app$
(less$ (fun_app$a (times$b (unsigned$a ?v0)) (unsigned$a ?v1)))
(fun_app$a (power$b (numeral$a (bit0$ one$a))) (len_of$ type$))) (=
(unsigned$a (times$ ?v0 ?v1)) (fun_app$a (times$b (unsigned$a ?v0))
(unsigned$a ?v1))))) :named a83))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (plus$a ?v0
?v1) (plus$a ?v1 ?v0))) :named a84))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (fun_app$a (plus$
?v0) ?v1) (fun_app$a (plus$ ?v1) ?v0))) :named a85))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (+ ?v0 ?v1) (+ ?v1
?v0))) :named a86))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (less_eq$a ?v0)
(fun_app$a (minus$ (len_of$ type$)) (fun_app$a suc$ zero$))) (fun_app$
(less$ ?v0) (len_of$ type$)))) :named a87))
        (assert (! (forall ((?v0 A_word$)) (= (= (drop_bit$b (fun_app$a
(minus$ (len_of$ type$)) (fun_app$a suc$ zero$)) ?v0) zero$a) (not
(fun_app$ (bit$ ?v0) (fun_app$a (minus$ (len_of$ type$)) (fun_app$a
suc$ zero$)))))) :named a88))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (bit$b (fun_app$a
(shiftr$a ?v0) ?v1)) (comp$ (bit$b ?v0) (plus$ ?v1)))) :named a89))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (= (bit$a (shiftr$b
?v0 ?v1)) (comp$ (bit$a ?v0) (plus$ ?v1)))) :named a90))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$ (shiftr$
?v0 ?v1)) (comp$ (bit$ ?v0) (plus$ ?v1)))) :named a91))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (= (take_bit$a
?v0 ?v1) (and$ ?v1 (mask$ ?v0))) :pattern ((take_bit$a ?v0 ?v1))))
:named a92))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (! (= (take_bit$ ?v0
?v1) (and$b ?v1 (mask$b ?v0))) :pattern ((take_bit$ ?v0 ?v1)))) :named
a93))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$a
(take_bit$b ?v0) ?v1) (fun_app$a (and$a ?v1) (fun_app$a mask$a ?v0)))
:pattern ((fun_app$a (take_bit$b ?v0) ?v1)))) :named a94))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$ (less_eq$a
(len_of$ type$)) ?v0) (= (fun_app$b (power$ (numeral$ (bit0$ one$a)))
?v0) zero$a))) :named a95))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (unsigned$a
(shiftr$ ?v0 ?v1)) (fun_app$a (divide$ (unsigned$a ?v0)) (fun_app$a
(power$b (numeral$a (bit0$ one$a))) ?v1)))) :named a96))
        (assert (! (forall ((?v0 A_word$)) (= (< (unsigned$ ?v0) 0)
false)) :named a97))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (hd$ (to_bl$
?v0))) :pattern ((msb$ ?v0)))) :named a98))
        (assert (! (forall ((?v0 Bool) (?v1 Bool_list$)) (! (= (size$
(cons$ ?v0 ?v1)) (fun_app$a suc$ (size$ ?v1))) :pattern ((cons$ ?v0
?v1)))) :named a99))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (! (=> (fun_app$
(less_eq$a (len_of$ type$)) ?v0) (= (shiftr$ ?v1 ?v0) zero$a)) :pattern
((shiftr$ ?v1 ?v0)))) :named a100))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$
(less$ ?v0) (len_of$ type$)) (less$a (and$ ?v1 (mask$ ?v0)) (fun_app$b
(power$ (numeral$ (bit0$ one$a))) ?v0)))) :named a101))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(limited_and$ ?v0 ?v1) (limited_and$ (shiftr$ ?v0 ?v2) (shiftr$ ?v1
?v2)))) :named a102))
        (assert (! (= bot$ false) :named a103))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (less_eq$
(fun_app$b (power$ (numeral$ (bit0$ one$a))) (fun_app$a (minus$
(len_of$ type$)) (fun_app$a suc$ zero$))) ?v0)) :pattern ((msb$ ?v0))))
:named a104))
        (assert (! (forall ((?v0 Nat$)) (! (= (mask$ ?v0) (minus$a
(fun_app$b (power$ (numeral$ (bit0$ one$a))) ?v0) one$b)) :pattern
((mask$ ?v0)))) :named a105))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (=> (<= 0 ?v0) (= (nat$
(times$a ?v0 ?v1)) (fun_app$a (times$b (nat$ ?v0)) (nat$ ?v1)))))
:named a106))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (= (take_bit$a
?v0 ?v1) ?v1) (= (drop_bit$b ?v0 ?v1) zero$a))) :named a107))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (= (fun_app$a
(take_bit$b ?v0) ?v1) ?v1) (= (fun_app$a (drop_bit$ ?v0) ?v1) zero$)))
:named a108))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (= (take_bit$ ?v0
?v1) ?v1) (= (drop_bit$a ?v0 ?v1) 0))) :named a109))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (=
(bin_sign$ (signed_take_bit$ (fun_app$a (minus$ (len_of$ type$)) one$)
(unsigned$ ?v0))) (- 1))) :pattern ((msb$ ?v0)))) :named a110))
        (assert (! (forall ((?v0 A_word$)) (= (minus$a zero$a ?v0)
(uminus$ ?v0))) :named a111))
        (assert (! (forall ((?v0 Int)) (= (- 0 ?v0) (- ?v0))) :named
a112))
        (assert (! (forall ((?v0 A_word$)) (= (less$a ?v0 one$b) (= ?v0
zero$a))) :named a113))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$ (less$ (fun_app$a
of_nat$ ?v0)) zero$))) :named a114))
        (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a115))
        (assert (! (forall ((?v0 A_word$)) (= (not (= ?v0 zero$a))
(less$a zero$a ?v0))) :named a116))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less_eq$
?v0 ?v1) (fun_app$ (less_eq$a (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less_eq$ ?v0 ?v1)))) :named a117))
        (assert (! (forall ((?v0 A_word$)) (= (less_eq$ ?v0 zero$a) (=
?v0 zero$a))) :named a118))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (=
(word_sle$ ?v0 ?v1) (and (=> (msb$ ?v1) (msb$ ?v0)) (or (and (msb$ ?v0)
(not (msb$ ?v1))) (less_eq$ ?v0 ?v1)))) :pattern ((word_sle$ ?v0
?v1)))) :named a119))
        (assert (! (forall ((?v0 A_word$)) (= (times$ zero$a ?v0)
zero$a)) :named a120))
        (assert (! (forall ((?v0 Int)) (= (* 0 ?v0) 0)) :named a121))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (times$b zero$)
?v0) zero$)) :named a122))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less_eq$
?v0 ?v1) (not (less$a ?v1 ?v0))) :pattern ((less_eq$ ?v0 ?v1)))) :named
a123))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (=> (fun_app$
(less$ ?v0) (len_of$ type$)) (= (fun_app$ (nth$ (to_bl$ ?v1)) ?v0)
(fun_app$ (bit$ ?v1) (fun_app$a (minus$ (len_of$ type$)) (fun_app$a
suc$ ?v0)))))) :named a124))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (fun_app$ (less_eq$a (fun_app$a (minus$ (fun_app$a (power$b
(numeral$a (bit0$ one$a))) (fun_app$a (minus$ (len_of$ type$)) ?v0)))
one$)) ?v1) (fun_app$ (less$ zero$) ?v0)) (fun_app$ (less_eq$a
(unsigned$a (shiftr$ ?v2 ?v0))) ?v1))) :named a125))
        (assert (! (= (sub$ one$a one$a) zero$a) :named a126))
        (assert (! (= (sub$a one$a one$a) 0) :named a127))
        (assert (! (forall ((?v0 Nat$) (?v1 Int)) (= (< (drop_bit$a ?v0
?v1) 0) (< ?v1 0))) :named a128))
        (assert (! (forall ((?v0 A_word$)) (= (plus$a zero$a ?v0) ?v0))
:named a129))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (plus$ zero$) ?v0)
?v0)) :named a130))
        (assert (! (forall ((?v0 Int)) (= (+ 0 ?v0) ?v0)) :named a131))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$b (power$ ?v0)
zero$) one$b) :pattern ((power$ ?v0)))) :named a132))
        (assert (! (forall ((?v0 Int)) (! (= (fun_app$c (power$a ?v0)
zero$) 1) :pattern ((power$a ?v0)))) :named a133))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$a (power$b ?v0)
zero$) one$) :pattern ((power$b ?v0)))) :named a134))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.006s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        0 < LENGTH('a)
        1 = Suc 0
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (x >> 0 = x)
        ∀w. nat (uint w) = unat w
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a. (a ≠ 0) = (0 < a)
        LENGTH('a) ≠ 0
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - 1))
        ∀n. (n ≠ 0) = (0 < n)
        ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
        ∀n. (n < 0) = False
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb x = (x < 0))
        ∀n. (¬ 0 < n) = (n = 0)
        ∀w n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (w !! n = (n < LENGTH('a) ∧ uint w !! n))
        ∀n x. rev (replicate n x) = replicate n x
        ∀w v. LENGTH('a) = 0 ⟶ w = v
        ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        ∀w k n. w < k ⟶ w >> n < k
        to_bl 0 = replicate LENGTH('a) False
        ∀a. ¬ a < 0
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀uu. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
              (len_of uu = 0)
        ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
        ∀n. possible_bit TYPE(int) n
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (¬ msb x ⟶ sint x = uint x)
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - Suc 0))
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀n. ¬ n < 0
        ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
        ∀x. length (to_bl x) = LENGTH('a)
        ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀xs. rev (rev xs) = xs
        ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
        ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
        ∀n. n < n ⟶ False
        ∀a b. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a < b))
SMT.Symb_Nil) SMT.Symb_Nil)
               ((a < b) = (unat a < unat b))
        ∀s t. s < t ⟶ s ≠ t
        ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
        ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
        ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
        ∀n m. n < m ⟶ m ≠ n
        ∀m. ¬ of_nat m < 0
        ∀m. ¬ int m < 0
        ∀n x. length (replicate n x) = n
        ∀n. ¬ n < n
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (size w = LENGTH('a))
        ∀m n. (m ≠ n) = (m < n ∨ n < m)
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀n. (0 < n) = (n ≠ 0)
        ∀n. of_bl (replicate n False) = 0
        ∀m n. m < n ⟶ n ≠ 0
SMT: Names:
        sorts:
          Nat$ = nat
          Num$ = num
          A_word$ = 'a word
          A_itself$ = 'a itself
          Bool_list$ = bool list
          Int_itself$ = int itself
          Nat_itself$ = nat itself
          Nat_int_fun$ = nat ⇒ int
          Nat_nat_fun$ = nat ⇒ nat
          Num0_itself$ = 0 itself
          Nat_bool_fun$ = nat ⇒ bool
          A_word_itself$ = 'a word itself
          Nat_a_word_fun$ = nat ⇒ 'a word
        functions:
          r$ = r
          x$ = x
          and$ = (&&)
          bit$ = (!!)
          msb$ = msb
          nat$ = nat
          one$ = 1
          rev$ = rev
          suc$ = Suc
          bit$a = (!!)
          bit$b = (!!)
          bit0$ = num.Bit0
          less$ = (<)
          mask$ = mask
          msb$a = msb
          one$a = num.One
          plus$ = (+)
          size$ = length
          type$ = TYPE('a)
          zero$ = 0
          less$a = (<)
          minus$ = (-)
          of_bl$ = of_bl
          power$ = (^)
          size$a = size
          to_bl$ = to_bl
          type$a = TYPE('a word)
          type$b = TYPE(int)
          type$c = TYPE(nat)
          zero$a = 0
          len_of$ = len_of
          minus$a = (-)
          of_nat$ = of_nat
          shiftl$ = (<<)
          shiftr$ = (>>)
          signed$ = sint
          fun_app$ = SMT.fun_app
          len_of$a = len_of
          less_eq$ = (≤)
          numeral$ = numeral
          of_nat$a = int
          shiftl$a = (<<)
          shiftr$a = (>>)
          shiftr$b = (>>)
          drop_bit$ = drop_bit
          fun_app$a = SMT.fun_app
          fun_app$b = SMT.fun_app
          fun_app$c = SMT.fun_app
          less_eq$a = (≤)
          push_bit$ = push_bit
          take_bit$ = take_bit
          unsigned$ = uint
          drop_bit$a = drop_bit
          drop_bit$b = drop_bit
          push_bit$a = push_bit
          replicate$ = replicate
          unsigned$a = unat
          unsigned$b = UCAST('a → 'a)
          possible_bit$ = possible_bit
          possible_bit$a = possible_bit
          possible_bit$b = possible_bit
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9904
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort Num$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Bool_list$ 0)
        (declare-sort Int_itself$ 0)
        (declare-sort Nat_itself$ 0)
        (declare-sort Nat_int_fun$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort Num0_itself$ 0)
        (declare-sort Nat_bool_fun$ 0)
        (declare-sort A_word_itself$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun and$ (A_word$ A_word$) A_word$)
        (declare-fun bit$ (A_word$) Nat_bool_fun$)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun nat$ (Int) Nat$)
        (declare-fun one$ () Nat$)
        (declare-fun rev$ (Bool_list$) Bool_list$)
        (declare-fun suc$ (Nat$) Nat$)
        (declare-fun bit$a (Int) Nat_bool_fun$)
        (declare-fun bit$b (Nat$) Nat_bool_fun$)
        (declare-fun bit0$ (Num$) Num$)
        (declare-fun less$ (Nat$) Nat_bool_fun$)
        (declare-fun mask$ (Nat$) A_word$)
        (declare-fun msb$a (Int) Bool)
        (declare-fun one$a () Num$)
        (declare-fun plus$ (Nat$ Nat$) Nat$)
        (declare-fun size$ (Bool_list$) Nat$)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun less$a (A_word$ A_word$) Bool)
        (declare-fun minus$ (Nat$ Nat$) Nat$)
        (declare-fun of_bl$ (Bool_list$) A_word$)
        (declare-fun power$ (A_word$ Nat$) A_word$)
        (declare-fun size$a (A_word$) Nat$)
        (declare-fun to_bl$ (A_word$) Bool_list$)
        (declare-fun type$a () A_word_itself$)
        (declare-fun type$b () Int_itself$)
        (declare-fun type$c () Nat_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun minus$a (A_word$ A_word$) A_word$)
        (declare-fun of_nat$ (Nat$) Nat$)
        (declare-fun shiftl$ (A_word$ Nat$) A_word$)
        (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
        (declare-fun signed$ (A_word$) Int)
        (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun len_of$a (Num0_itself$) Nat$)
        (declare-fun less_eq$ (A_word$ A_word$) Bool)
        (declare-fun numeral$ (Num$) A_word$)
        (declare-fun of_nat$a (Nat$) Int)
        (declare-fun shiftl$a (Int Nat$) Int)
        (declare-fun shiftr$a (Int) Nat_int_fun$)
        (declare-fun shiftr$b (Nat$) Nat_nat_fun$)
        (declare-fun drop_bit$ (Nat$ Int) Int)
        (declare-fun fun_app$a (Nat_bool_fun$ Nat$) Bool)
        (declare-fun fun_app$b (Nat_int_fun$ Nat$) Int)
        (declare-fun fun_app$c (Nat_nat_fun$ Nat$) Nat$)
        (declare-fun less_eq$a (Nat$) Nat_bool_fun$)
        (declare-fun push_bit$ (Nat$ A_word$) A_word$)
        (declare-fun take_bit$ (Nat$ Int) Int)
        (declare-fun unsigned$ (A_word$) Int)
        (declare-fun drop_bit$a (Nat$ Nat$) Nat$)
        (declare-fun drop_bit$b (Nat$ A_word$) A_word$)
        (declare-fun push_bit$a (Nat$ Int) Int)
        (declare-fun replicate$ (Nat$ Bool) Bool_list$)
        (declare-fun unsigned$a (A_word$) Nat$)
        (declare-fun unsigned$b (A_word$) A_word$)
        (declare-fun possible_bit$ (A_word_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$a (Int_itself$) Nat_bool_fun$)
        (declare-fun possible_bit$b (Nat_itself$) Nat_bool_fun$)
        (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
        (assert (! (fun_app$a (less$ r$) (len_of$ type$)) :named a1))
        (assert (! (fun_app$a (less$ zero$) (len_of$ type$)) :named a2))
        (assert (! (= one$ (suc$ zero$)) :named a3))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a4))
        (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a5))
        (assert (! (forall ((?v0 Int)) (! (= (fun_app$b (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a6))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$c (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a7))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a8))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$c (shiftr$b zero$)
?v0) zero$)) :named a9))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$a 0) ?v0)
0)) :named a10))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a11))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (possible_bit$
type$a) ?v0) (fun_app$a (less$ ?v0) (len_of$ type$)))) :named a12))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (fun_app$b
(shiftr$a ?v0) ?v1) (drop_bit$ ?v1 ?v0)) :pattern ((fun_app$b (shiftr$a
?v0) ?v1)))) :named a13))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$c
(shiftr$b ?v0) ?v1) (drop_bit$a ?v1 ?v0)) :pattern ((fun_app$c
(shiftr$b ?v0) ?v1)))) :named a14))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(shiftr$ ?v0) ?v1) (drop_bit$b ?v1 ?v0)) :pattern ((fun_app$ (shiftr$
?v0) ?v1)))) :named a15))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a16))
        (assert (! (not (= (len_of$ type$) zero$)) :named a17))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$ ?v0) (minus$ (len_of$ type$) one$))) :pattern ((msb$ ?v0))))
:named a18))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a19))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (fun_app$a (less$ ?v2) (len_of$ type$)) (= (fun_app$a
(bit$ ?v0) ?v2) (fun_app$a (bit$ ?v1) ?v2)))) (= ?v0 ?v1))) :named
a20))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ ?v0) zero$)
false)) :named a21))
        (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a22))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a23))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$a
(bit$ ?v0) ?v1) (and (fun_app$a (less$ ?v1) (len_of$ type$)) (fun_app$a
(bit$a (unsigned$ ?v0)) ?v1))) :pattern ((fun_app$a (bit$ ?v0) ?v1))))
:named a24))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a25))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a26))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$ ?v0 (mask$ (plus$ ?v1 ?v2))) ?v0) (fun_app$a (less$ ?v2)
(len_of$ type$))) (less$a (fun_app$ (shiftr$ ?v0) ?v1) (power$
(numeral$ (bit0$ one$a)) ?v2)))) :named a27))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(less$a ?v0 ?v1) (less$a (fun_app$ (shiftr$ ?v0) ?v2) ?v1))) :named
a28))
        (assert (! (= (to_bl$ zero$a) (replicate$ (len_of$ type$)
false)) :named a29))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a30))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$a ?v1 ?v2)) (less$a ?v0 ?v2))) :named
a31))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(fun_app$a (less_eq$a ?v0) ?v1) (fun_app$a (less$ ?v1) ?v2)) (fun_app$a
(less$ ?v0) ?v2))) :named a32))
        (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a33))
        (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$a ?v0)
zero$) :pattern ((len_of$a ?v0)))) :named a34))
        (assert (! (forall ((?v0 Nat$)) (= (= (power$ (numeral$ (bit0$
one$a)) ?v0) zero$a) (fun_app$a (less_eq$a (len_of$ type$)) ?v0)))
:named a35))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (possible_bit$a
type$b) ?v0)) :named a36))
        (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a37))
        (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a38))
        (assert (! (forall ((?v0 Int)) (= (= 0 ?v0) (= ?v0 0))) :named
a39))
        (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a40))
        (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a41))
        (assert (! (forall ((?v0 Nat$)) (fun_app$a (less_eq$a ?v0) ?v0))
:named a42))
        (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a43))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (fun_app$a
(bit$ ?v0) (minus$ (len_of$ type$) (suc$ zero$)))) :pattern ((msb$
?v0)))) :named a44))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$a ?v1 ?v0))) :named a45))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (fun_app$a
(less_eq$a ?v0) ?v1)) (fun_app$a (less$ ?v1) ?v0))) :named a46))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a47))
        (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a48))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$ ?v0
?v1) (push_bit$ ?v1 ?v0)) :pattern ((shiftl$ ?v0 ?v1)))) :named a49))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a50))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a51))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (power$ (numeral$ (bit0$ one$a)) (plus$ ?v0 ?v1)) zero$a)
(fun_app$a (less$ ?v1) (len_of$ type$))) (less$a (fun_app$ (shiftr$
?v2) ?v0) (power$ (numeral$ (bit0$ one$a)) ?v1)))) :named a52))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$a (less$ ?v0) ?v1) false) (=> (fun_app$a (less$
?v1) ?v0) false))) false)) :named a53))
        (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a54))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$a ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3)))))) (fun_app$a
?v0 ?v1))) :named a55))
        (assert (! (forall ((?v0 Bool_list$)) (= (rev$ (rev$ ?v0)) ?v0))
:named a56))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$a (less$ ?v3) ?v2)
(fun_app$a ?v0 ?v3))) (fun_app$a ?v0 ?v2))) (fun_app$a ?v0 ?v1)))
:named a57))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$ ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0 (unsigned$
?v1))))) :named a58))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0) ?v0)
false)) :named a59))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (! (= (less$a
?v0 ?v1) (fun_app$a (less$ (unsigned$a ?v0)) (unsigned$a ?v1)))
:pattern ((less$a ?v0 ?v1)))) :named a60))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a61))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$b (unsigned$a ?v0)) ?v1) (and (fun_app$a (possible_bit$b type$c)
?v1) (fun_app$a (bit$ ?v0) ?v1)))) :named a62))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$a (unsigned$ ?v0)) ?v1) (and (fun_app$a (possible_bit$a type$b)
?v1) (fun_app$a (bit$ ?v0) ?v1)))) :named a63))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (fun_app$a
(bit$ (unsigned$b ?v0)) ?v1) (and (fun_app$a (possible_bit$ type$a)
?v1) (fun_app$a (bit$ ?v0) ?v1)))) :named a64))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a65))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ (of_nat$
?v0)) zero$))) :named a66))
        (assert (! (forall ((?v0 Nat$)) (not (< (of_nat$a ?v0) 0)))
:named a67))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a68))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a69))
        (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a70))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$a (less$ ?v0) ?v1) (fun_app$a (less$ ?v1) ?v0)))) :named
a71))
        (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a72))
        (assert (! (forall ((?v0 Nat$)) (= (minus$ ?v0 zero$) ?v0))
:named a73))
        (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a74))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a75))
        (assert (! (forall ((?v0 Nat$)) (= (of_bl$ (replicate$ ?v0
false)) zero$a)) :named a76))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a77))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.006s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        0 < LENGTH('a signed signed)
        0 < LENGTH('a signed)
        0 < LENGTH('a)
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (x >> 0 = x)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀a. (a ≠ 0) = (0 < a)
        ∀n. (n ≠ 0) = (0 < n)
        ∀n. (n < 0) = False
        ∀n. (¬ 0 < n) = (n = 0)
        LENGTH('a signed signed) ≠ 0
        LENGTH('a signed) ≠ 0
        LENGTH('a) ≠ 0
        ∀w v. LENGTH('a signed signed) = 0 ⟶ w = v
        ∀w v. LENGTH('a signed) = 0 ⟶ w = v
        ∀w v. LENGTH('a) = 0 ⟶ w = v
        ∀a. ¬ a < 0
        ∀uu. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
              (len_of uu = 0)
        ∀w k n. w < k ⟶ w >> n < k
        ∀x. (0 = x) = (x = 0)
        ∀x. (0 = x) = (x = 0)
        ∀nat. (nat = 0 ⟶ False) ∧ (nat ≠ 0 ⟶ False) ⟶ False
        ∀x y. x ≠ y ∧ (x < y ⟶ False) ∧ (y < x ⟶ False) ⟶ False
        ∀P n. (∀n. ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀P n. (∀n. (∀m<n. P m) ⟶ P n) ⟶ P n
        ∀n. n < n ⟶ False
        ∀s t. s < t ⟶ s ≠ t
        ∀n m. n < m ⟶ m ≠ n
        ∀n. ¬ n < n
        ∀m n. (m ≠ n) = (m < n ∨ n < m)
        ∀n. (0 < n) = (n ≠ 0)
        ∀m n. m < n ⟶ n ≠ 0
        ∀n. ¬ n < 0
        ∀n. (n = 0 ⟶ False) ⟶ 0 < n
        ∀P n. P 0 ∧ (∀n. 0 < n ∧ ¬ P n ⟶ (∃m<n. ¬ P m)) ⟶ P n
        ∀m n. m < n ⟶ n ≠ 0
        ∀n<0. False
        ∀n. ¬ n < 0
        ∀n. (¬ 0 < n) = (n = 0)
        ∀n. (n = 0 ⟶ False) ⟶ 0 < n
        ∀y. 0 < y ∨ 0 = y
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a signed signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0 signed signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0 signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a signed))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH('a))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (len_of x = LENGTH(0))
        ¬ 0 < 0
SMT: Names:
        sorts:
          Nat$ = nat
          A_word$ = 'a word
          A_itself$ = 'a itself
          Nat_nat_fun$ = nat ⇒ nat
          Num0_itself$ = 0 itself
          Nat_bool_fun$ = nat ⇒ bool
          A_signed_word$ = 'a signed word
          Nat_a_word_fun$ = nat ⇒ 'a word
          A_signed_itself$ = 'a signed itself
          Num0_signed_itself$ = 0 signed itself
          A_signed_signed_word$ = 'a signed signed word
          A_signed_signed_itself$ = 'a signed signed itself
          Num0_signed_signed_itself$ = 0 signed signed itself
          A_signed_signed_signed_itself$ = 'a signed signed signed
itself
          Num0_signed_signed_signed_itself$ = 0 signed signed signed
itself
        functions:
          r$ = r
          x$ = x
          msb$ = msb
          less$ = (<)
          type$ = TYPE('a)
          zero$ = 0
          less$a = (<)
          type$a = TYPE('a signed signed)
          type$b = TYPE('a signed)
          type$c = TYPE(0 signed signed)
          type$d = TYPE(0 signed)
          type$e = TYPE(0)
          zero$a = 0
          len_of$ = len_of
          shiftr$ = (>>)
          fun_app$ = SMT.fun_app
          len_of$a = len_of
          len_of$b = len_of
          len_of$c = len_of
          len_of$d = len_of
          len_of$e = len_of
          len_of$f = len_of
          len_of$g = len_of
          shiftr$a = (>>)
          fun_app$a = SMT.fun_app
          fun_app$b = SMT.fun_app
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9892
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort Num0_itself$ 0)
        (declare-sort Nat_bool_fun$ 0)
        (declare-sort A_signed_word$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-sort A_signed_itself$ 0)
        (declare-sort Num0_signed_itself$ 0)
        (declare-sort A_signed_signed_word$ 0)
        (declare-sort A_signed_signed_itself$ 0)
        (declare-sort Num0_signed_signed_itself$ 0)
        (declare-sort A_signed_signed_signed_itself$ 0)
        (declare-sort Num0_signed_signed_signed_itself$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun less$ (Nat$) Nat_bool_fun$)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun less$a (A_word$ A_word$) Bool)
        (declare-fun type$a () A_signed_signed_itself$)
        (declare-fun type$b () A_signed_itself$)
        (declare-fun type$c () Num0_signed_signed_itself$)
        (declare-fun type$d () Num0_signed_itself$)
        (declare-fun type$e () Num0_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
        (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun len_of$a (A_signed_signed_itself$) Nat$)
        (declare-fun len_of$b (A_signed_itself$) Nat$)
        (declare-fun len_of$c (Num0_itself$) Nat$)
        (declare-fun len_of$d (A_signed_signed_signed_itself$) Nat$)
        (declare-fun len_of$e (Num0_signed_signed_signed_itself$) Nat$)
        (declare-fun len_of$f (Num0_signed_signed_itself$) Nat$)
        (declare-fun len_of$g (Num0_signed_itself$) Nat$)
        (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
        (declare-fun fun_app$a (Nat_bool_fun$ Nat$) Bool)
        (declare-fun fun_app$b (Nat_nat_fun$ Nat$) Nat$)
        (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
        (assert (! (fun_app$a (less$ r$) (len_of$ type$)) :named a1))
        (assert (! (fun_app$a (less$ zero$) (len_of$a type$a)) :named
a2))
        (assert (! (fun_app$a (less$ zero$) (len_of$b type$b)) :named
a3))
        (assert (! (fun_app$a (less$ zero$) (len_of$ type$)) :named a4))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a5))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a6))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a7))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$a zero$)
?v0) zero$)) :named a8))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a9))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a10))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$))
(fun_app$a (less$ zero$) ?v0))) :named a11))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ ?v0) zero$)
false)) :named a12))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a13))
        (assert (! (not (= (len_of$a type$a) zero$)) :named a14))
        (assert (! (not (= (len_of$b type$b) zero$)) :named a15))
        (assert (! (not (= (len_of$ type$) zero$)) :named a16))
        (assert (! (forall ((?v0 A_signed_signed_word$) (?v1
A_signed_signed_word$)) (=> (= (len_of$a type$a) zero$) (= ?v0 ?v1)))
:named a17))
        (assert (! (forall ((?v0 A_signed_word$) (?v1 A_signed_word$))
(=> (= (len_of$b type$b) zero$) (= ?v0 ?v1))) :named a18))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a19))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a20))
        (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$c ?v0)
zero$) :pattern ((len_of$c ?v0)))) :named a21))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 Nat$)) (=>
(less$a ?v0 ?v1) (less$a (fun_app$ (shiftr$ ?v0) ?v2) ?v1))) :named
a22))
        (assert (! (forall ((?v0 A_word$)) (= (= zero$a ?v0) (= ?v0
zero$a))) :named a23))
        (assert (! (forall ((?v0 Nat$)) (= (= zero$ ?v0) (= ?v0 zero$)))
:named a24))
        (assert (! (forall ((?v0 Nat$)) (=> (and (=> (= ?v0 zero$)
false) (=> (not (= ?v0 zero$)) false)) false)) :named a25))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (and (not (= ?v0
?v1)) (and (=> (fun_app$a (less$ ?v0) ?v1) false) (=> (fun_app$a (less$
?v1) ?v0) false))) false)) :named a26))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (not (fun_app$a ?v0 ?v2)) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3)))))) (fun_app$a
?v0 ?v1))) :named a27))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (forall
((?v2 Nat$)) (=> (forall ((?v3 Nat$)) (=> (fun_app$a (less$ ?v3) ?v2)
(fun_app$a ?v0 ?v3))) (fun_app$a ?v0 ?v2))) (fun_app$a ?v0 ?v1)))
:named a28))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0) ?v0)
false)) :named a29))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v0 ?v1)))) :named a30))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 ?v0)))) :named a31))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
?v0))) :named a32))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (= ?v0 ?v1))
(or (fun_app$a (less$ ?v0) ?v1) (fun_app$a (less$ ?v1) ?v0)))) :named
a33))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (less$ zero$) ?v0)
(not (= ?v0 zero$)))) :named a34))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a35))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a36))
        (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a37))
        (assert (! (forall ((?v0 Nat_bool_fun$) (?v1 Nat$)) (=> (and
(fun_app$a ?v0 zero$) (forall ((?v2 Nat$)) (=> (and (fun_app$a (less$
zero$) ?v2) (not (fun_app$a ?v0 ?v2))) (exists ((?v3 Nat$)) (and
(fun_app$a (less$ ?v3) ?v2) (not (fun_app$a ?v0 ?v3))))))) (fun_app$a
?v0 ?v1))) :named a38))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (=> (fun_app$a (less$
?v0) ?v1) (not (= ?v1 zero$)))) :named a39))
        (assert (! (forall ((?v0 Nat$)) (=> (fun_app$a (less$ ?v0)
zero$) false)) :named a40))
        (assert (! (forall ((?v0 Nat$)) (not (fun_app$a (less$ ?v0)
zero$))) :named a41))
        (assert (! (forall ((?v0 Nat$)) (= (not (fun_app$a (less$ zero$)
?v0)) (= ?v0 zero$))) :named a42))
        (assert (! (forall ((?v0 Nat$)) (=> (=> (= ?v0 zero$) false)
(fun_app$a (less$ zero$) ?v0))) :named a43))
        (assert (! (forall ((?v0 Nat$)) (or (fun_app$a (less$ zero$)
?v0) (= zero$ ?v0))) :named a44))
        (assert (! (forall ((?v0 A_signed_signed_signed_itself$)) (! (=
(len_of$d ?v0) (len_of$a type$a)) :pattern ((len_of$d ?v0)))) :named
a45))
        (assert (! (forall ((?v0 Num0_signed_signed_signed_itself$)) (!
(= (len_of$e ?v0) (len_of$f type$c)) :pattern ((len_of$e ?v0)))) :named
a46))
        (assert (! (forall ((?v0 Num0_signed_signed_itself$)) (! (=
(len_of$f ?v0) (len_of$g type$d)) :pattern ((len_of$f ?v0)))) :named
a47))
        (assert (! (forall ((?v0 A_signed_signed_itself$)) (! (=
(len_of$a ?v0) (len_of$b type$b)) :pattern ((len_of$a ?v0)))) :named
a48))
        (assert (! (forall ((?v0 A_signed_itself$)) (! (= (len_of$b ?v0)
(len_of$ type$)) :pattern ((len_of$b ?v0)))) :named a49))
        (assert (! (forall ((?v0 Num0_signed_itself$)) (! (= (len_of$g
?v0) (len_of$c type$e)) :pattern ((len_of$g ?v0)))) :named a50))
        (assert (! (not (fun_app$a (less$ zero$) zero$)) :named a51))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.007s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        1 = Suc 0
        0 < LENGTH('a)
        ∀w. nat (uint w) = unat w
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - 1))
        ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb x = (x < 0))
        ∀w n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (w !! n = (n < LENGTH('a) ∧ uint w !! n))
        ∀n x. rev (replicate n x) = replicate n x
        ∀x n m. x && mask (n + m) = x ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        to_bl 0 = replicate LENGTH('a) False
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀x y z. x ≤ y ∧ y < z ⟶ x < z
        ∀n. (2 ^ n = 0) = (LENGTH('a) ≤ n)
        ∀n. possible_bit TYPE(int) n
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀a. a ≤ a
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - Suc 0))
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀x y. (¬ x ≤ y) = (y < x)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a << n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a << n = push_bit n a)
        ∀n m x. 2 ^ (n + m) = 0 ∧ m < LENGTH('a) ⟶ x >> n < 2 ^ m
        ∀x. length (to_bl x) = LENGTH('a)
        ∀xs. rev (rev xs) = xs
        ∀i n. uint (push_bit i n) = take_bit (size n) (push_bit i (uint
n))
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (sint x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (¬ msb x ⟶ sint x = uint x)
        ∀w n. unat w !! n = (possible_bit TYPE(nat) n ∧ w !! n)
        ∀w n. uint w !! n = (possible_bit TYPE(int) n ∧ w !! n)
        ∀w n. UCAST('a → 'a) w !! n = (possible_bit TYPE('a word) n ∧ w
!! n)
        ∀n x. length (replicate n x) = n
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (size w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (size w = LENGTH('a))
        ∀a. a - 0 = a
        ∀a. a - 0 = a
        ∀a. a - 0 = a
SMT: Names:
        sorts:
          Nat$ = nat
          Num$ = num
          A_word$ = 'a word
          A_itself$ = 'a itself
          Bool_list$ = bool list
          Int_itself$ = int itself
          Nat_itself$ = nat itself
          A_word_itself$ = 'a word itself
        functions:
          r$ = r
          x$ = x
          and$ = (&&)
          bit$ = (!!)
          msb$ = msb
          nat$ = nat
          one$ = 1
          rev$ = rev
          suc$ = Suc
          bit$a = (!!)
          bit$b = (!!)
          bit0$ = num.Bit0
          less$ = (<)
          mask$ = mask
          msb$a = msb
          one$a = num.One
          plus$ = (+)
          size$ = length
          type$ = TYPE('a)
          zero$ = 0
          less$a = (<)
          minus$ = (-)
          power$ = (^)
          size$a = size
          to_bl$ = to_bl
          type$a = TYPE('a word)
          type$b = TYPE(int)
          type$c = TYPE(nat)
          zero$a = 0
          len_of$ = len_of
          minus$a = (-)
          shiftl$ = (<<)
          shiftr$ = (>>)
          signed$ = sint
          less_eq$ = (≤)
          numeral$ = numeral
          shiftl$a = (<<)
          drop_bit$ = drop_bit
          less_eq$a = (≤)
          push_bit$ = push_bit
          take_bit$ = take_bit
          unsigned$ = uint
          push_bit$a = push_bit
          replicate$ = replicate
          unsigned$a = unat
          unsigned$b = UCAST('a → 'a)
          possible_bit$ = possible_bit
          possible_bit$a = possible_bit
          possible_bit$b = possible_bit
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9885
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort Num$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Bool_list$ 0)
        (declare-sort Int_itself$ 0)
        (declare-sort Nat_itself$ 0)
        (declare-sort A_word_itself$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun and$ (A_word$ A_word$) A_word$)
        (declare-fun bit$ (A_word$ Nat$) Bool)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun nat$ (Int) Nat$)
        (declare-fun one$ () Nat$)
        (declare-fun rev$ (Bool_list$) Bool_list$)
        (declare-fun suc$ (Nat$) Nat$)
        (declare-fun bit$a (Int Nat$) Bool)
        (declare-fun bit$b (Nat$ Nat$) Bool)
        (declare-fun bit0$ (Num$) Num$)
        (declare-fun less$ (Nat$ Nat$) Bool)
        (declare-fun mask$ (Nat$) A_word$)
        (declare-fun msb$a (Int) Bool)
        (declare-fun one$a () Num$)
        (declare-fun plus$ (Nat$ Nat$) Nat$)
        (declare-fun size$ (Bool_list$) Nat$)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun less$a (A_word$ A_word$) Bool)
        (declare-fun minus$ (Nat$ Nat$) Nat$)
        (declare-fun power$ (A_word$ Nat$) A_word$)
        (declare-fun size$a (A_word$) Nat$)
        (declare-fun to_bl$ (A_word$) Bool_list$)
        (declare-fun type$a () A_word_itself$)
        (declare-fun type$b () Int_itself$)
        (declare-fun type$c () Nat_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun minus$a (A_word$ A_word$) A_word$)
        (declare-fun shiftl$ (A_word$ Nat$) A_word$)
        (declare-fun shiftr$ (A_word$ Nat$) A_word$)
        (declare-fun signed$ (A_word$) Int)
        (declare-fun less_eq$ (A_word$ A_word$) Bool)
        (declare-fun numeral$ (Num$) A_word$)
        (declare-fun shiftl$a (Int Nat$) Int)
        (declare-fun drop_bit$ (Nat$ A_word$) A_word$)
        (declare-fun less_eq$a (Nat$ Nat$) Bool)
        (declare-fun push_bit$ (Nat$ A_word$) A_word$)
        (declare-fun take_bit$ (Nat$ Int) Int)
        (declare-fun unsigned$ (A_word$) Int)
        (declare-fun push_bit$a (Nat$ Int) Int)
        (declare-fun replicate$ (Nat$ Bool) Bool_list$)
        (declare-fun unsigned$a (A_word$) Nat$)
        (declare-fun unsigned$b (A_word$) A_word$)
        (declare-fun possible_bit$ (A_word_itself$ Nat$) Bool)
        (declare-fun possible_bit$a (Int_itself$ Nat$) Bool)
        (declare-fun possible_bit$b (Nat_itself$ Nat$) Bool)
        (assert (! (not (= (msb$ (shiftr$ x$ r$)) (and (= r$ zero$)
(msb$ x$)))) :named a0))
        (assert (! (less$ r$ (len_of$ type$)) :named a1))
        (assert (! (= one$ (suc$ zero$)) :named a2))
        (assert (! (less$ zero$ (len_of$ type$)) :named a3))
        (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a4))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftr$ ?v0
?v1) (drop_bit$ ?v1 ?v0)) :pattern ((shiftr$ ?v0 ?v1)))) :named a5))
        (assert (! (forall ((?v0 Nat$)) (= (possible_bit$ type$a ?v0)
(less$ ?v0 (len_of$ type$)))) :named a6))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (bit$ ?v0
(minus$ (len_of$ type$) one$))) :pattern ((msb$ ?v0)))) :named a7))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (less$ ?v2 (len_of$ type$)) (= (bit$ ?v0 ?v2) (bit$
?v1 ?v2)))) (= ?v0 ?v1))) :named a8))
        (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a9))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (bit$ ?v0
?v1) (and (less$ ?v1 (len_of$ type$)) (bit$a (unsigned$ ?v0) ?v1)))
:pattern ((bit$ ?v0 ?v1)))) :named a10))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (rev$ (replicate$
?v0 ?v1)) (replicate$ ?v0 ?v1))) :named a11))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$) (?v2 Nat$)) (=>
(and (= (and$ ?v0 (mask$ (plus$ ?v1 ?v2))) ?v0) (less$ ?v2 (len_of$
type$))) (less$a (shiftr$ ?v0 ?v1) (power$ (numeral$ (bit0$ one$a))
?v2)))) :named a12))
        (assert (! (= (to_bl$ zero$a) (replicate$ (len_of$ type$)
false)) :named a13))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$) (?v2 A_word$))
(=> (and (less_eq$ ?v0 ?v1) (less$a ?v1 ?v2)) (less$a ?v0 ?v2))) :named
a14))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 Nat$)) (=> (and
(less_eq$a ?v0 ?v1) (less$ ?v1 ?v2)) (less$ ?v0 ?v2))) :named a15))
        (assert (! (forall ((?v0 Int) (?v1 Int) (?v2 Int)) (=> (and (<=
?v0 ?v1) (< ?v1 ?v2)) (< ?v0 ?v2))) :named a16))
        (assert (! (forall ((?v0 Nat$)) (= (= (power$ (numeral$ (bit0$
one$a)) ?v0) zero$a) (less_eq$a (len_of$ type$) ?v0))) :named a17))
        (assert (! (forall ((?v0 Nat$)) (possible_bit$a type$b ?v0))
:named a18))
        (assert (! (forall ((?v0 A_word$)) (less_eq$ ?v0 ?v0)) :named
a19))
        (assert (! (forall ((?v0 Int)) (<= ?v0 ?v0)) :named a20))
        (assert (! (forall ((?v0 Nat$)) (less_eq$a ?v0 ?v0)) :named
a21))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (bit$ ?v0
(minus$ (len_of$ type$) (suc$ zero$)))) :pattern ((msb$ ?v0)))) :named
a22))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (= (not
(less_eq$ ?v0 ?v1)) (less$a ?v1 ?v0))) :named a23))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (= (not (less_eq$a
?v0 ?v1)) (less$ ?v1 ?v0))) :named a24))
        (assert (! (forall ((?v0 Int) (?v1 Int)) (= (not (<= ?v0 ?v1))
(< ?v1 ?v0))) :named a25))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (shiftl$ ?v0
?v1) (push_bit$ ?v1 ?v0)) :pattern ((shiftl$ ?v0 ?v1)))) :named a26))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (shiftl$a ?v0
?v1) (push_bit$a ?v1 ?v0)) :pattern ((shiftl$a ?v0 ?v1)))) :named a27))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$) (?v2 A_word$)) (=>
(and (= (power$ (numeral$ (bit0$ one$a)) (plus$ ?v0 ?v1)) zero$a)
(less$ ?v1 (len_of$ type$))) (less$a (shiftr$ ?v2 ?v0) (power$
(numeral$ (bit0$ one$a)) ?v1)))) :named a28))
        (assert (! (forall ((?v0 A_word$)) (= (size$ (to_bl$ ?v0))
(len_of$ type$))) :named a29))
        (assert (! (forall ((?v0 Bool_list$)) (= (rev$ (rev$ ?v0)) ?v0))
:named a30))
        (assert (! (forall ((?v0 Nat$) (?v1 A_word$)) (= (unsigned$
(push_bit$ ?v0 ?v1)) (take_bit$ (size$a ?v1) (push_bit$a ?v0 (unsigned$
?v1))))) :named a31))
        (assert (! (forall ((?v0 A_word$)) (! (=> (not (msb$ ?v0)) (=
(signed$ ?v0) (unsigned$ ?v0))) :pattern ((signed$ ?v0)))) :named a32))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$b
(unsigned$a ?v0) ?v1) (and (possible_bit$b type$c ?v1) (bit$ ?v0
?v1)))) :named a33))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$a
(unsigned$ ?v0) ?v1) (and (possible_bit$a type$b ?v1) (bit$ ?v0 ?v1))))
:named a34))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (= (bit$
(unsigned$b ?v0) ?v1) (and (possible_bit$ type$a ?v1) (bit$ ?v0 ?v1))))
:named a35))
        (assert (! (forall ((?v0 Nat$) (?v1 Bool)) (= (size$ (replicate$
?v0 ?v1)) ?v0)) :named a36))
        (assert (! (forall ((?v0 A_word$)) (! (= (size$a ?v0) (len_of$
type$)) :pattern ((size$a ?v0)))) :named a37))
        (assert (! (forall ((?v0 A_word$)) (= (minus$a ?v0 zero$a) ?v0))
:named a38))
        (assert (! (forall ((?v0 Nat$)) (= (minus$ ?v0 zero$) ?v0))
:named a39))
        (assert (! (forall ((?v0 Int)) (= (- ?v0 0) ?v0)) :named a40))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.007s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        0 < LENGTH('a)
        1 = Suc 0
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (x >> 0 = x)
        ∀w. nat (uint w) = unat w
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀m. possible_bit TYPE('a word) m = (m < LENGTH('a))
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (a >> n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (a >> n = drop_bit n a)
        ∀a. (a ≠ 0) = (0 < a)
        LENGTH('a) ≠ 0
        ∀w. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb w))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb w = w !! (LENGTH('a) - 1))
        ∀n. (n ≠ 0) = (0 < n)
        ∀a b. (∀n<LENGTH('a). a !! n = b !! n) ⟶ a = b
        ∀n. (n < 0) = False
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (msb x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (msb x = (x < 0))
        ∀n. (¬ 0 < n) = (n = 0)
        ∀w n. SMT.trigger
               (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (w !! n))
SMT.Symb_Nil) SMT.Symb_Nil)
               (w !! n = (n < LENGTH('a) ∧ uint w !! n))
        ∀w v. LENGTH('a) = 0 ⟶ w = v
SMT: Names:
        sorts:
          Nat$ = nat
          A_word$ = 'a word
          A_itself$ = 'a itself
          Nat_int_fun$ = nat ⇒ int
          Nat_nat_fun$ = nat ⇒ nat
          A_word_itself$ = 'a word itself
          Nat_a_word_fun$ = nat ⇒ 'a word
        functions:
          r$ = r
          x$ = x
          bit$ = (!!)
          msb$ = msb
          nat$ = nat
          one$ = 1
          suc$ = Suc
          bit$a = (!!)
          less$ = (<)
          msb$a = msb
          type$ = TYPE('a)
          zero$ = 0
          minus$ = (-)
          type$a = TYPE('a word)
          zero$a = 0
          len_of$ = len_of
          shiftr$ = (>>)
          fun_app$ = SMT.fun_app
          shiftr$a = (>>)
          shiftr$b = (>>)
          drop_bit$ = drop_bit
          fun_app$a = SMT.fun_app
          fun_app$b = SMT.fun_app
          unsigned$ = uint
          drop_bit$a = drop_bit
          drop_bit$b = drop_bit
          unsigned$a = unat
          possible_bit$ = possible_bit
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=9877
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Nat_int_fun$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort A_word_itself$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun bit$ (A_word$ Nat$) Bool)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun nat$ (Int) Nat$)
        (declare-fun one$ () Nat$)
        (declare-fun suc$ (Nat$) Nat$)
        (declare-fun bit$a (Int Nat$) Bool)
        (declare-fun less$ (Nat$ Nat$) Bool)
        (declare-fun msb$a (Int) Bool)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun minus$ (Nat$ Nat$) Nat$)
        (declare-fun type$a () A_word_itself$)
        (declare-fun zero$a () A_word$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
        (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun shiftr$a (Int) Nat_int_fun$)
        (declare-fun shiftr$b (Nat$) Nat_nat_fun$)
        (declare-fun drop_bit$ (Nat$ Int) Int)
        (declare-fun fun_app$a (Nat_int_fun$ Nat$) Int)
        (declare-fun fun_app$b (Nat_nat_fun$ Nat$) Nat$)
        (declare-fun unsigned$ (A_word$) Int)
        (declare-fun drop_bit$a (Nat$ Nat$) Nat$)
        (declare-fun drop_bit$b (Nat$ A_word$) A_word$)
        (declare-fun unsigned$a (A_word$) Nat$)
        (declare-fun possible_bit$ (A_word_itself$ Nat$) Bool)
        (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
        (assert (! (less$ r$ (len_of$ type$)) :named a1))
        (assert (! (less$ zero$ (len_of$ type$)) :named a2))
        (assert (! (= one$ (suc$ zero$)) :named a3))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a4))
        (assert (! (forall ((?v0 A_word$)) (= (nat$ (unsigned$ ?v0))
(unsigned$a ?v0))) :named a5))
        (assert (! (forall ((?v0 Int)) (! (= (fun_app$a (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a6))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$b (shiftr$b ?v0)
zero$) ?v0) :pattern ((shiftr$b ?v0)))) :named a7))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a8))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$b (shiftr$b zero$)
?v0) zero$)) :named a9))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (shiftr$a 0) ?v0)
0)) :named a10))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a11))
        (assert (! (forall ((?v0 Nat$)) (= (possible_bit$ type$a ?v0)
(less$ ?v0 (len_of$ type$)))) :named a12))
        (assert (! (forall ((?v0 Int) (?v1 Nat$)) (! (= (fun_app$a
(shiftr$a ?v0) ?v1) (drop_bit$ ?v1 ?v0)) :pattern ((fun_app$a (shiftr$a
?v0) ?v1)))) :named a13))
        (assert (! (forall ((?v0 Nat$) (?v1 Nat$)) (! (= (fun_app$b
(shiftr$b ?v0) ?v1) (drop_bit$a ?v1 ?v0)) :pattern ((fun_app$b
(shiftr$b ?v0) ?v1)))) :named a14))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (fun_app$
(shiftr$ ?v0) ?v1) (drop_bit$b ?v1 ?v0)) :pattern ((fun_app$ (shiftr$
?v0) ?v1)))) :named a15))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a16))
        (assert (! (not (= (len_of$ type$) zero$)) :named a17))
        (assert (! (forall ((?v0 A_word$)) (! (= (msb$ ?v0) (bit$ ?v0
(minus$ (len_of$ type$) one$))) :pattern ((msb$ ?v0)))) :named a18))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a19))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (forall
((?v2 Nat$)) (=> (less$ ?v2 (len_of$ type$)) (= (bit$ ?v0 ?v2) (bit$
?v1 ?v2)))) (= ?v0 ?v1))) :named a20))
        (assert (! (forall ((?v0 Nat$)) (= (less$ ?v0 zero$) false))
:named a21))
        (assert (! (forall ((?v0 Int)) (! (= (msb$a ?v0) (< ?v0 0))
:pattern ((msb$a ?v0)))) :named a22))
        (assert (! (forall ((?v0 Nat$)) (= (not (less$ zero$ ?v0)) (=
?v0 zero$))) :named a23))
        (assert (! (forall ((?v0 A_word$) (?v1 Nat$)) (! (= (bit$ ?v0
?v1) (and (less$ ?v1 (len_of$ type$)) (bit$a (unsigned$ ?v0) ?v1)))
:pattern ((bit$ ?v0 ?v1)))) :named a24))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a25))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.006s
SMT: Assertions:
        msb (x >> r) ≠ (r = 0 ∧ msb x)  [msb (x >> r) ≠ (r = 0 ∧ msb x)]
        r < LENGTH('a)
        0 < LENGTH('a)
        ∀x. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) x))
SMT.Symb_Nil) SMT.Symb_Nil)
             (x >> 0 = x)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀a. SMT.trigger
             (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat ((>>) a))
SMT.Symb_Nil) SMT.Symb_Nil)
             (a >> 0 = a)
        ∀n. 0 >> n = 0
        ∀n. 0 >> n = 0
        ∀a. (a ≠ 0) = (0 < a)
        ∀n. (n ≠ 0) = (0 < n)
        ∀n. (n < 0) = False
        ∀n. (¬ 0 < n) = (n = 0)
        LENGTH('a) ≠ 0
        ∀w v. LENGTH('a) = 0 ⟶ w = v
        ∀a. ¬ a < 0
        ∀uu. SMT.trigger
              (SMT.Symb_Cons (SMT.Symb_Cons (SMT.pat (len_of uu))
SMT.Symb_Nil) SMT.Symb_Nil)
              (len_of uu = 0)
SMT: Names:
        sorts:
          Nat$ = nat
          A_word$ = 'a word
          A_itself$ = 'a itself
          Nat_nat_fun$ = nat ⇒ nat
          Num0_itself$ = 0 itself
          Nat_a_word_fun$ = nat ⇒ 'a word
        functions:
          r$ = r
          x$ = x
          msb$ = msb
          less$ = (<)
          type$ = TYPE('a)
          zero$ = 0
          zero$a = 0
          len_of$ = len_of
          shiftr$ = (>>)
          fun_app$ = SMT.fun_app
          len_of$a = len_of
          shiftr$a = (>>)
          fun_app$a = SMT.fun_app
SMT: Problem:
        ; --proof-with-sharing --proof-define-skolems --proof-prune --
proof-merge --disable-print-success --disable-banner --index-sorts --
index-fresh-sorts --triggers-new --triggers-sel-rm-specific --max-
time=29646
        (set-option :produce-proofs true)
        (declare-sort Nat$ 0)
        (declare-sort A_word$ 0)
        (declare-sort A_itself$ 0)
        (declare-sort Nat_nat_fun$ 0)
        (declare-sort Num0_itself$ 0)
        (declare-sort Nat_a_word_fun$ 0)
        (declare-fun r$ () Nat$)
        (declare-fun x$ () A_word$)
        (declare-fun msb$ (A_word$) Bool)
        (declare-fun less$ (Nat$ Nat$) Bool)
        (declare-fun type$ () A_itself$)
        (declare-fun zero$ () Nat$)
        (declare-fun zero$a () A_word$)
        (declare-fun len_of$ (A_itself$) Nat$)
        (declare-fun shiftr$ (A_word$) Nat_a_word_fun$)
        (declare-fun fun_app$ (Nat_a_word_fun$ Nat$) A_word$)
        (declare-fun len_of$a (Num0_itself$) Nat$)
        (declare-fun shiftr$a (Nat$) Nat_nat_fun$)
        (declare-fun fun_app$a (Nat_nat_fun$ Nat$) Nat$)
        (assert (! (not (= (msb$ (fun_app$ (shiftr$ x$) r$)) (and (= r$
zero$) (msb$ x$)))) :named a0))
        (assert (! (less$ r$ (len_of$ type$)) :named a1))
        (assert (! (less$ zero$ (len_of$ type$)) :named a2))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a3))
        (assert (! (forall ((?v0 Nat$)) (! (= (fun_app$a (shiftr$a ?v0)
zero$) ?v0) :pattern ((shiftr$a ?v0)))) :named a4))
        (assert (! (forall ((?v0 A_word$)) (! (= (fun_app$ (shiftr$ ?v0)
zero$) ?v0) :pattern ((shiftr$ ?v0)))) :named a5))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$a (shiftr$a zero$)
?v0) zero$)) :named a6))
        (assert (! (forall ((?v0 Nat$)) (= (fun_app$ (shiftr$ zero$a)
?v0) zero$a)) :named a7))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a8))
        (assert (! (forall ((?v0 Nat$)) (= (not (= ?v0 zero$)) (less$
zero$ ?v0))) :named a9))
        (assert (! (forall ((?v0 Nat$)) (= (less$ ?v0 zero$) false))
:named a10))
        (assert (! (forall ((?v0 Nat$)) (= (not (less$ zero$ ?v0)) (=
?v0 zero$))) :named a11))
        (assert (! (not (= (len_of$ type$) zero$)) :named a12))
        (assert (! (forall ((?v0 A_word$) (?v1 A_word$)) (=> (= (len_of$
type$) zero$) (= ?v0 ?v1))) :named a13))
        (assert (! (forall ((?v0 Nat$)) (not (less$ ?v0 zero$))) :named
a14))
        (assert (! (forall ((?v0 Num0_itself$)) (! (= (len_of$a ?v0)
zero$) :pattern ((len_of$a ?v0)))) :named a15))
        (check-sat)
        (get-proof)
SMT: Invoking SMT solver "verit" ...
SMT: Solver:
SMT: Result:
        (error "set-logic not issued")
SMT: Time:
        0.006s
"verit": Prover error:
Solver "verit" failed -- enable tracing using the "smt_trace" option
for details
oops




Mathias


On 14/11/2021 13:54, Peter Lammich wrote:
I get a lot of verit errors from sledgehammer.

"verit": Prover error:
Solver "verit" failed -- enable tracing using the "smt_trace"
option
for details

And there is no smt_trace option to sledgehammer, at least
sledgehammer
[smt_trace] tells me so, and the sledgehammer manual does not
contain
the string smt_trace!

--
    Peter


On Fri, 2021-11-12 at 21:26 +0100, Makarius wrote:
Dear Isabelle users,

please see https://isabelle.sketis.net/website-Isabelle2021-1-RC3
  and
https://isabelle-dev.sketis.net/phame/post/view/53/release_candidates_for_isabelle2021-1
for further progress on the release process.

There is now a proper download for Linux (ARM), and the "isabelle
build_docker" tools works for it (relevant on Apple M1 hardware).

This is also the fork-point of the isabelle-dev repository, which
continues
for the time after this release:
https://isabelle.sketis.net/repos/isabelle/rev/4f1c1c7eb95f


Reminder: Any feedback about release candidates should be posted
with
a meaningful
Subject (not just a clone of the announcement).

We have approx. 4 weeks left until final lift-off: afterwards
there
will be no
more changes on this line.


	Makarius





This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.