why3session.xml 42.7 KB
Newer Older
1 2 3
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE why3session PUBLIC "-//Why3//proof session v5//EN"
"http://why3.lri.fr/why3session.dtd">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
4
<why3session shape_version="6">
5
<prover id="0" name="Z3" version="4.6.0" timelimit="1" steplimit="0" memlimit="1000"/>
6
<prover id="2" name="Z3" version="4.5.0" timelimit="5" steplimit="0" memlimit="1000"/>
7
<prover id="3" name="CVC4" version="1.5" timelimit="1" steplimit="0" memlimit="1000"/>
8
<prover id="4" name="Alt-Ergo" version="2.0.0" timelimit="1" steplimit="0" memlimit="1000"/>
9
<prover id="5" name="Alt-Ergo" version="2.2.0" timelimit="5" steplimit="0" memlimit="1000"/>
Guillaume Melquiond's avatar
Guillaume Melquiond committed
10 11 12
<file proved="true">
<path name=".."/>
<path name="isqrt_von_neumann.mlw"/>
13
<theory name="VonNeumann16" proved="true">
14 15
 <goal name="sqr_add2" proved="true">
 <proof prover="2" timelimit="1"><result status="valid" time="0.16"/></proof>
16
 </goal>
MARCHE Claude's avatar
MARCHE Claude committed
17
 <goal name="VC isqrt16" expl="VC for isqrt16" proved="true">
18
 <transf name="split_goal_right" proved="true" >
MARCHE Claude's avatar
MARCHE Claude committed
19
  <goal name="VC isqrt16.0" expl="loop invariant init" proved="true">
20 21
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
22
  <goal name="VC isqrt16.1" expl="loop invariant init" proved="true">
23 24
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
25
  <goal name="VC isqrt16.2" expl="loop invariant init" proved="true">
26 27
  <proof prover="3"><result status="valid" time="0.02"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
28
  <goal name="VC isqrt16.3" expl="loop invariant init" proved="true">
29 30
  <proof prover="3"><result status="valid" time="0.02"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
31
  <goal name="VC isqrt16.4" expl="loop invariant init" proved="true">
32 33
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
34
  <goal name="VC isqrt16.5" expl="loop invariant init" proved="true">
35 36
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
37
  <goal name="VC isqrt16.6" expl="loop invariant init" proved="true">
38 39
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
40
  <goal name="VC isqrt16.7" expl="loop invariant init" proved="true">
41 42
  <proof prover="3"><result status="valid" time="0.02"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
43
  <goal name="VC isqrt16.8" expl="loop invariant init" proved="true">
44 45
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
46 47
  <goal name="VC isqrt16.9" expl="loop invariant init" proved="true">
  <proof prover="3"><result status="valid" time="0.01"/></proof>
48
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
49
  <goal name="VC isqrt16.10" expl="assertion" proved="true">
50
  <proof prover="3"><result status="valid" time="0.02"/></proof>
51
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
52
  <goal name="VC isqrt16.11" expl="assertion" proved="true">
53 54
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
55
  <goal name="VC isqrt16.12" expl="assertion" proved="true">
56 57
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
58
  <goal name="VC isqrt16.13" expl="assertion" proved="true">
59
  <proof prover="3"><result status="valid" time="0.01"/></proof>
60
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
61
  <goal name="VC isqrt16.14" expl="assertion" proved="true">
62
  <proof prover="3"><result status="valid" time="0.05"/></proof>
63
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
64
  <goal name="VC isqrt16.15" expl="assertion" proved="true">
65 66
  <proof prover="3"><result status="valid" time="0.08"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
67
  <goal name="VC isqrt16.16" expl="assertion" proved="true">
68
  <proof prover="3"><result status="valid" time="0.08"/></proof>
69
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
70
  <goal name="VC isqrt16.17" expl="assertion" proved="true">
71 72
  <proof prover="3"><result status="valid" time="0.06"/></proof>
  </goal>
73
  <goal name="VC isqrt16.18" expl="assertion" proved="true">
74 75
  <proof prover="3"><result status="valid" time="0.06"/></proof>
  </goal>
76 77 78
  <goal name="VC isqrt16.19" expl="loop variant decrease" proved="true">
  <proof prover="3"><result status="valid" time="0.08"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
79
  <goal name="VC isqrt16.20" expl="loop invariant preservation" proved="true">
80
  <proof prover="3"><result status="valid" time="0.06"/></proof>
81
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
82
  <goal name="VC isqrt16.21" expl="loop invariant preservation" proved="true">
83
  <proof prover="3"><result status="valid" time="0.05"/></proof>
84
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
85
  <goal name="VC isqrt16.22" expl="loop invariant preservation" proved="true">
86
  <proof prover="3"><result status="valid" time="0.08"/></proof>
87
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
88
  <goal name="VC isqrt16.23" expl="loop invariant preservation" proved="true">
89
  <proof prover="3"><result status="valid" time="0.06"/></proof>
90
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
91
  <goal name="VC isqrt16.24" expl="loop invariant preservation" proved="true">
92
  <proof prover="3"><result status="valid" time="0.05"/></proof>
93
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
94
  <goal name="VC isqrt16.25" expl="loop invariant preservation" proved="true">
95
  <proof prover="3"><result status="valid" time="0.01"/></proof>
96
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
97
  <goal name="VC isqrt16.26" expl="loop invariant preservation" proved="true">
98
  <proof prover="3"><result status="valid" time="0.02"/></proof>
99
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
100
  <goal name="VC isqrt16.27" expl="loop invariant preservation" proved="true">
101
  <proof prover="3"><result status="valid" time="0.18"/></proof>
102
  </goal>
103
  <goal name="VC isqrt16.28" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
104
  <proof prover="3"><result status="valid" time="0.07"/></proof>
105
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
106
  <goal name="VC isqrt16.29" expl="loop invariant preservation" proved="true">
107
  <proof prover="3"><result status="valid" time="0.04"/></proof>
108
  </goal>
109 110
  <goal name="VC isqrt16.30" expl="loop variant decrease" proved="true">
  <proof prover="3"><result status="valid" time="0.07"/></proof>
111
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
112
  <goal name="VC isqrt16.31" expl="loop invariant preservation" proved="true">
113
  <proof prover="3"><result status="valid" time="0.05"/></proof>
114
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
115
  <goal name="VC isqrt16.32" expl="loop invariant preservation" proved="true">
116
  <proof prover="3"><result status="valid" time="0.05"/></proof>
117
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
118
  <goal name="VC isqrt16.33" expl="loop invariant preservation" proved="true">
119
  <proof prover="3"><result status="valid" time="0.08"/></proof>
120
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
121
  <goal name="VC isqrt16.34" expl="loop invariant preservation" proved="true">
122
  <proof prover="3"><result status="valid" time="0.06"/></proof>
123
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
124
  <goal name="VC isqrt16.35" expl="loop invariant preservation" proved="true">
125 126
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
127
  <goal name="VC isqrt16.36" expl="loop invariant preservation" proved="true">
128 129
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
130
  <goal name="VC isqrt16.37" expl="loop invariant preservation" proved="true">
131 132 133 134 135 136 137
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
  <goal name="VC isqrt16.38" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
  <goal name="VC isqrt16.39" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.06"/></proof>
138
  </goal>
139 140 141 142
  <goal name="VC isqrt16.40" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.42"/></proof>
  </goal>
  <goal name="VC isqrt16.41" expl="postcondition" proved="true">
143 144
  <proof prover="3"><result status="valid" time="0.02"/></proof>
  </goal>
145
  <goal name="VC isqrt16.42" expl="postcondition" proved="true">
146 147 148 149 150
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
 </transf>
 </goal>
</theory>
151
<theory name="VonNeumann32" proved="true">
152
 <goal name="sqr_add2" proved="true">
153
 <transf name="unfold" proved="true" arg1="sqr">
154 155
  <goal name="sqr_add2.0" proved="true">
  <proof prover="2" timelimit="20"><result status="valid" time="0.02"/></proof>
156 157
  </goal>
 </transf>
158
 </goal>
159
 <goal name="VC isqrt32" expl="VC for isqrt32" proved="true">
160
 <transf name="split_goal_right" proved="true" >
MARCHE Claude's avatar
MARCHE Claude committed
161
  <goal name="VC isqrt32.0" expl="loop invariant init" proved="true">
162
  <proof prover="3"><result status="valid" time="0.02"/></proof>
163
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
164
  <goal name="VC isqrt32.1" expl="loop invariant init" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
165
  <proof prover="3"><result status="valid" time="0.01"/></proof>
166
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
167
  <goal name="VC isqrt32.2" expl="loop invariant init" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
168
  <proof prover="3"><result status="valid" time="0.02"/></proof>
169
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
170
  <goal name="VC isqrt32.3" expl="loop invariant init" proved="true">
171 172
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
173
  <goal name="VC isqrt32.4" expl="loop invariant init" proved="true">
174 175
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
176
  <goal name="VC isqrt32.5" expl="loop invariant init" proved="true">
177 178
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
179
  <goal name="VC isqrt32.6" expl="loop invariant init" proved="true">
180 181
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
182
  <goal name="VC isqrt32.7" expl="loop invariant init" proved="true">
183
  <proof prover="3"><result status="valid" time="0.02"/></proof>
184
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
185
  <goal name="VC isqrt32.8" expl="loop invariant init" proved="true">
186 187
  <proof prover="3"><result status="valid" time="0.02"/></proof>
  </goal>
188
  <goal name="VC isqrt32.9" expl="loop invariant init" proved="true">
189
  <proof prover="3"><result status="valid" time="0.02"/></proof>
190
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
191
  <goal name="VC isqrt32.10" expl="assertion" proved="true">
192
  <proof prover="3"><result status="valid" time="0.02"/></proof>
193
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
194
  <goal name="VC isqrt32.11" expl="assertion" proved="true">
195 196
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
197
  <goal name="VC isqrt32.12" expl="assertion" proved="true">
198
  <proof prover="3"><result status="valid" time="0.01"/></proof>
199
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
200
  <goal name="VC isqrt32.13" expl="assertion" proved="true">
201
  <proof prover="3"><result status="valid" time="0.01"/></proof>
202
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
203
  <goal name="VC isqrt32.14" expl="assertion" proved="true">
204
  <proof prover="3"><result status="valid" time="0.14"/></proof>
205
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
206
  <goal name="VC isqrt32.15" expl="assertion" proved="true">
207
  <proof prover="3"><result status="valid" time="0.23"/></proof>
208
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
209
  <goal name="VC isqrt32.16" expl="assertion" proved="true">
210
  <proof prover="3"><result status="valid" time="0.18"/></proof>
211
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
212
  <goal name="VC isqrt32.17" expl="assertion" proved="true">
213
  <proof prover="3"><result status="valid" time="0.19"/></proof>
214
  </goal>
215 216
  <goal name="VC isqrt32.18" expl="assertion" proved="true">
  <proof prover="3"><result status="valid" time="0.21"/></proof>
MARCHE Claude's avatar
MARCHE Claude committed
217
  </goal>
218 219
  <goal name="VC isqrt32.19" expl="loop variant decrease" proved="true">
  <proof prover="3"><result status="valid" time="0.24"/></proof>
220
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
221
  <goal name="VC isqrt32.20" expl="loop invariant preservation" proved="true">
222
  <proof prover="3"><result status="valid" time="0.13"/></proof>
223
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
224
  <goal name="VC isqrt32.21" expl="loop invariant preservation" proved="true">
225
  <proof prover="3"><result status="valid" time="0.14"/></proof>
226
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
227
  <goal name="VC isqrt32.22" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
228
  <proof prover="3"><result status="valid" time="0.49"/></proof>
229
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
230
  <goal name="VC isqrt32.23" expl="loop invariant preservation" proved="true">
231
  <proof prover="3"><result status="valid" time="0.34"/></proof>
232
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
233
  <goal name="VC isqrt32.24" expl="loop invariant preservation" proved="true">
234
  <proof prover="3"><result status="valid" time="0.13"/></proof>
235
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
236
  <goal name="VC isqrt32.25" expl="loop invariant preservation" proved="true">
237
  <proof prover="3"><result status="valid" time="0.01"/></proof>
238
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
239
  <goal name="VC isqrt32.26" expl="loop invariant preservation" proved="true">
240
  <proof prover="3"><result status="valid" time="0.17"/></proof>
241
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
242
  <goal name="VC isqrt32.27" expl="loop invariant preservation" proved="true">
243
  <transf name="introduce_premises" proved="true" >
244
   <goal name="VC isqrt32.27.0" expl="loop invariant preservation" proved="true">
245
   <transf name="replace" proved="true" arg1="res_g" arg2="(add res_g1 bits_g1)">
246
    <goal name="VC isqrt32.27.0.0" expl="loop invariant preservation" proved="true">
247 248 249 250 251 252
    <transf name="rewrite" proved="true" arg1="sqr_add2">
     <goal name="VC isqrt32.27.0.0.0" expl="loop invariant preservation" proved="true">
     <proof prover="3"><result status="valid" time="0.57"/></proof>
     </goal>
    </transf>
    </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
253
    <goal name="VC isqrt32.27.0.1" expl="equality hypothesis" proved="true">
254
    <proof prover="3"><result status="valid" time="0.01"/></proof>
255 256 257 258
    </goal>
   </transf>
   </goal>
  </transf>
259
  </goal>
260 261
  <goal name="VC isqrt32.28" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.13"/></proof>
262
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
263
  <goal name="VC isqrt32.29" expl="loop invariant preservation" proved="true">
264
  <proof prover="3"><result status="valid" time="0.19"/></proof>
265
  </goal>
266 267
  <goal name="VC isqrt32.30" expl="loop variant decrease" proved="true">
  <proof prover="3"><result status="valid" time="0.23"/></proof>
268
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
269
  <goal name="VC isqrt32.31" expl="loop invariant preservation" proved="true">
270
  <proof prover="3"><result status="valid" time="0.11"/></proof>
271
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
272
  <goal name="VC isqrt32.32" expl="loop invariant preservation" proved="true">
273
  <proof prover="3"><result status="valid" time="0.14"/></proof>
274
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
275
  <goal name="VC isqrt32.33" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
276
  <proof prover="3"><result status="valid" time="0.51"/></proof>
277
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
278
  <goal name="VC isqrt32.34" expl="loop invariant preservation" proved="true">
279
  <proof prover="3"><result status="valid" time="0.30"/></proof>
280
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
281
  <goal name="VC isqrt32.35" expl="loop invariant preservation" proved="true">
282
  <proof prover="3"><result status="valid" time="0.02"/></proof>
283
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
284
  <goal name="VC isqrt32.36" expl="loop invariant preservation" proved="true">
285 286 287
  <proof prover="3"><result status="valid" time="0.00"/></proof>
  </goal>
  <goal name="VC isqrt32.37" expl="loop invariant preservation" proved="true">
288 289
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
290 291
  <goal name="VC isqrt32.38" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.01"/></proof>
292
  </goal>
293 294
  <goal name="VC isqrt32.39" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.12"/></proof>
295
  </goal>
296
  <goal name="VC isqrt32.40" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
297
  <proof prover="3" timelimit="120"><result status="valid" time="86.22"/></proof>
298
  </goal>
299 300 301 302 303
  <goal name="VC isqrt32.41" expl="postcondition" proved="true">
  <proof prover="3"><result status="valid" time="0.16"/></proof>
  </goal>
  <goal name="VC isqrt32.42" expl="postcondition" proved="true">
  <proof prover="3"><result status="valid" time="0.15"/></proof>
304 305 306
  </goal>
 </transf>
 </goal>
307
</theory>
308
<theory name="VonNeumann64" proved="true">
309 310 311 312 313 314
 <goal name="sqr_add2" proved="true">
 <transf name="unfold" proved="true" arg1="sqr">
  <goal name="sqr_add2.0" proved="true">
  <proof prover="2" timelimit="1"><result status="valid" time="0.01"/></proof>
  </goal>
 </transf>
315
 </goal>
316
 <goal name="VC isqrt64" expl="VC for isqrt64" proved="true">
317
 <transf name="split_goal_right" proved="true" >
MARCHE Claude's avatar
MARCHE Claude committed
318
  <goal name="VC isqrt64.0" expl="loop invariant init" proved="true">
319 320
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
321
  <goal name="VC isqrt64.1" expl="loop invariant init" proved="true">
322 323
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
324
  <goal name="VC isqrt64.2" expl="loop invariant init" proved="true">
325 326
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
327
  <goal name="VC isqrt64.3" expl="loop invariant init" proved="true">
328 329
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
330
  <goal name="VC isqrt64.4" expl="loop invariant init" proved="true">
331
  <proof prover="3"><result status="valid" time="0.01"/></proof>
332
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
333
  <goal name="VC isqrt64.5" expl="loop invariant init" proved="true">
334 335
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
336
  <goal name="VC isqrt64.6" expl="loop invariant init" proved="true">
337 338
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
339
  <goal name="VC isqrt64.7" expl="loop invariant init" proved="true">
340 341
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
342
  <goal name="VC isqrt64.8" expl="loop invariant init" proved="true">
343 344
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
345
  <goal name="VC isqrt64.9" expl="loop invariant init" proved="true">
346 347
  <proof prover="3"><result status="valid" time="0.02"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
348
  <goal name="VC isqrt64.10" expl="assertion" proved="true">
349
  <proof prover="3"><result status="valid" time="0.05"/></proof>
350
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
351
  <goal name="VC isqrt64.11" expl="assertion" proved="true">
352 353
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
354
  <goal name="VC isqrt64.12" expl="assertion" proved="true">
355
  <proof prover="3"><result status="valid" time="0.01"/></proof>
356
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
357
  <goal name="VC isqrt64.13" expl="assertion" proved="true">
358
  <proof prover="3"><result status="valid" time="0.01"/></proof>
359
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
360
  <goal name="VC isqrt64.14" expl="assertion" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
361
  <proof prover="3"><result status="valid" time="0.49"/></proof>
MARCHE Claude's avatar
MARCHE Claude committed
362 363
  </goal>
  <goal name="VC isqrt64.15" expl="assertion" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
364
  <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="0.98"/></proof>
365
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
366
  <goal name="VC isqrt64.16" expl="assertion" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
367
  <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="1.20"/></proof>
368
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
369
  <goal name="VC isqrt64.17" expl="assertion" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
370
  <proof prover="3" timelimit="5"><result status="valid" time="0.91"/></proof>
371
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
372
  <goal name="VC isqrt64.18" expl="assertion" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
373
  <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="1.89"/></proof>
374
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
375
  <goal name="VC isqrt64.19" expl="loop variant decrease" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
376
  <proof prover="3" timelimit="5"><result status="valid" time="1.63"/></proof>
377
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
378
  <goal name="VC isqrt64.20" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
379
  <proof prover="3"><result status="valid" time="0.36"/></proof>
380
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
381
  <goal name="VC isqrt64.21" expl="loop invariant preservation" proved="true">
382
  <proof prover="3"><result status="valid" time="0.50"/></proof>
383
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
384
  <goal name="VC isqrt64.22" expl="loop invariant preservation" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
385
  <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="2.98"/></proof>
386
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
387
  <goal name="VC isqrt64.23" expl="loop invariant preservation" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
388
  <proof prover="3" timelimit="60"><result status="valid" time="1.99"/></proof>
MARCHE Claude's avatar
MARCHE Claude committed
389 390
  </goal>
  <goal name="VC isqrt64.24" expl="loop invariant preservation" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
391
  <proof prover="3"><result status="valid" time="0.49"/></proof>
MARCHE Claude's avatar
MARCHE Claude committed
392 393 394 395 396
  </goal>
  <goal name="VC isqrt64.25" expl="loop invariant preservation" proved="true">
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
  <goal name="VC isqrt64.26" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
397
  <proof prover="3"><result status="valid" time="0.75"/></proof>
398 399
  </goal>
  <goal name="VC isqrt64.27" expl="loop invariant preservation" proved="true">
400
  <transf name="introduce_premises" proved="true" >
401
   <goal name="VC isqrt64.27.0" expl="loop invariant preservation" proved="true">
402
   <transf name="replace" proved="true" arg1="res_g" arg2="(add res_g1 bits_g1)">
403
    <goal name="VC isqrt64.27.0.0" expl="loop invariant preservation" proved="true">
404 405
    <transf name="rewrite" proved="true" arg1="sqr_add2">
     <goal name="VC isqrt64.27.0.0.0" expl="loop invariant preservation" proved="true">
Sylvain Dailler's avatar
Sylvain Dailler committed
406
     <proof prover="3" timelimit="30"><result status="valid" time="5.80"/></proof>
407 408 409
     </goal>
    </transf>
    </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
410
    <goal name="VC isqrt64.27.0.1" expl="equality hypothesis" proved="true">
411
    <proof prover="3"><result status="valid" time="0.01"/></proof>
412 413 414
    </goal>
   </transf>
   </goal>
MARCHE Claude's avatar
MARCHE Claude committed
415
  </transf>
416
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
417
  <goal name="VC isqrt64.28" expl="loop invariant preservation" proved="true">
418
  <proof prover="3"><result status="valid" time="0.51"/></proof>
419
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
420
  <goal name="VC isqrt64.29" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
421
  <proof prover="3"><result status="valid" time="0.54"/></proof>
422
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
423
  <goal name="VC isqrt64.30" expl="loop variant decrease" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
424
  <proof prover="3" timelimit="5"><result status="valid" time="1.25"/></proof>
425
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
426
  <goal name="VC isqrt64.31" expl="loop invariant preservation" proved="true">
427
  <proof prover="3"><result status="valid" time="0.30"/></proof>
428
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
429
  <goal name="VC isqrt64.32" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
430
  <proof prover="3"><result status="valid" time="0.37"/></proof>
431
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
432
  <goal name="VC isqrt64.33" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
433
  <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="2.20"/></proof>
434
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
435
  <goal name="VC isqrt64.34" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
436
  <proof prover="3"><result status="valid" time="1.00"/></proof>
437
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
438
  <goal name="VC isqrt64.35" expl="loop invariant preservation" proved="true">
439 440
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
441
  <goal name="VC isqrt64.36" expl="loop invariant preservation" proved="true">
442 443
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
444
  <goal name="VC isqrt64.37" expl="loop invariant preservation" proved="true">
445 446
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
447
  <goal name="VC isqrt64.38" expl="loop invariant preservation" proved="true">
448 449
  <proof prover="3"><result status="valid" time="0.01"/></proof>
  </goal>
MARCHE Claude's avatar
MARCHE Claude committed
450
  <goal name="VC isqrt64.39" expl="loop invariant preservation" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
451
  <proof prover="3"><result status="valid" time="0.40"/></proof>
452 453 454 455 456 457 458 459 460
  </goal>
  <goal name="VC isqrt64.40" expl="loop invariant preservation" proved="true">
  <transf name="introduce_premises" proved="true" >
   <goal name="VC isqrt64.40.0" expl="loop invariant preservation" proved="true">
   <transf name="unfold" proved="true" arg1="ule">
    <goal name="VC isqrt64.40.0.0" expl="VC for isqrt64" proved="true">
    <transf name="rewrite" proved="true" arg1="sqr_add2">
     <goal name="VC isqrt64.40.0.0.0" expl="VC for isqrt64" proved="true">
     <transf name="assert" proved="true" arg1="(x = add (sqr res_g) num)">
Sylvain Dailler's avatar
Sylvain Dailler committed
461
      <goal name="VC isqrt64.40.0.0.0.0" expl="asserted formula" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
462
      <proof prover="3" timelimit="5"><result status="valid" time="0.42"/></proof>
463
      </goal>
464 465 466 467 468 469
      <goal name="VC isqrt64.40.0.0.0.1" expl="VC for isqrt64" proved="true">
      <transf name="unfold" proved="true" arg1="sqr">
       <goal name="VC isqrt64.40.0.0.0.1.0" expl="VC for isqrt64" proved="true">
       <transf name="rewrite" proved="true" arg1="h">
        <goal name="VC isqrt64.40.0.0.0.1.0.0" expl="VC for isqrt64" proved="true">
        <transf name="assert" proved="true" arg1="(ule num (pred (mul bits_g1 (add (mul (2:t) res_g) bits_g1))))">
Sylvain Dailler's avatar
Sylvain Dailler committed
470
         <goal name="VC isqrt64.40.0.0.0.1.0.0.0" expl="asserted formula" proved="true">
471
         <transf name="assert" proved="true" arg1="(ult num b)">
Sylvain Dailler's avatar
Sylvain Dailler committed
472
          <goal name="VC isqrt64.40.0.0.0.1.0.0.0.0" expl="asserted formula" proved="true">
473 474
          <proof prover="2"><result status="valid" time="0.01"/></proof>
          </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
475
          <goal name="VC isqrt64.40.0.0.0.1.0.0.0.1" expl="asserted formula" proved="true">
476
          <transf name="assert" proved="true" arg1="(forall a b. mul a b = mul b a)">
Sylvain Dailler's avatar
Sylvain Dailler committed
477
           <goal name="VC isqrt64.40.0.0.0.1.0.0.0.1.0" expl="asserted formula" proved="true">
478 479
           <proof prover="3"><result status="valid" time="0.01"/></proof>
           </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
480
           <goal name="VC isqrt64.40.0.0.0.1.0.0.0.1.1" expl="asserted formula" proved="true">
481
           <proof prover="4"><result status="valid" time="0.14" steps="267"/></proof>
482 483 484
           </goal>
          </transf>
          </goal>
485 486 487 488 489 490
         </transf>
         </goal>
         <goal name="VC isqrt64.40.0.0.0.1.0.0.1" expl="VC for isqrt64" proved="true">
         <transf name="replace" proved="true" arg1="(pow2 m)" arg2="bits_g1">
          <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0" expl="VC for isqrt64" proved="true">
          <transf name="assert" proved="true" arg1="(ule (add res_g (pow2 m1)) (0x100000000:t))">
Sylvain Dailler's avatar
Sylvain Dailler committed
491
           <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.0" expl="asserted formula" proved="true">
492 493
           <proof prover="2"><result status="valid" time="0.02"/></proof>
           </goal>
494 495
           <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1" expl="VC for isqrt64" proved="true">
           <transf name="assert" proved="true" arg1="(ule (add res_g bits_g1) (0x100000000:t))">
Sylvain Dailler's avatar
Sylvain Dailler committed
496
            <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.0" expl="asserted formula" proved="true">
497
            <proof prover="3" timelimit="5"><result status="valid" time="0.70"/></proof>
498
            </goal>
499 500 501 502 503 504
            <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1" expl="VC for isqrt64" proved="true">
            <transf name="unfold" proved="true" arg1="pred">
             <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0" expl="VC for isqrt64" proved="true">
             <transf name="unfold" proved="true" arg1="pred" arg2="in" arg3="h2">
              <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0" expl="VC for isqrt64" proved="true">
              <transf name="assert" proved="true" arg1="(forall a b c. t&#39;int b + t&#39;int c &lt; two_power_size -&gt; ule a b -&gt; ule (add a c) (add b c))">
Sylvain Dailler's avatar
Sylvain Dailler committed
505
               <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.0" expl="asserted formula" proved="true">
506
               <proof prover="5"><result status="valid" time="0.04" steps="590"/></proof>
507
               </goal>
508 509 510 511 512
               <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1" expl="VC for isqrt64" proved="true">
               <transf name="case" proved="true" arg1="(add (sqr res_g) (mul bits_g1 (add (mul (2:t) res_g) bits_g1)) = (0:t))">
                <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.0" expl="true case" proved="true">
                <transf name="unfold" proved="true" arg1="sqr" arg2="in" arg3="h">
                 <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.0.0" expl="true case" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
513
                 <proof prover="3" timelimit="5"><result status="valid" time="3.24"/></proof>
514 515 516
                 </goal>
                </transf>
                </goal>
517 518 519
                <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1" expl="false case" proved="true">
                <transf name="case" proved="true" arg1="(res_g = (0:t))">
                 <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.0" expl="false case (true case)" proved="true">
MARCHE Claude's avatar
MARCHE Claude committed
520
                 <proof prover="3" timelimit="5"><result status="valid" time="3.28"/></proof>
521
                 </goal>
522 523 524 525 526 527 528 529 530 531
                 <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1" expl="false case" proved="true">
                 <transf name="rewrite" proved="true" arg1="to_uint_sub_bounded">
                  <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0" expl="false case" proved="true">
                  <transf name="rewrite" proved="true" arg1="to_uint_add_bounded">
                   <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0" expl="false case" proved="true">
                   <transf name="rewrite" proved="true" arg1="to_uint_add_bounded">
                    <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0" expl="false case" proved="true">
                    <transf name="unfold" proved="true" arg1="sqr">
                     <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0" expl="false case" proved="true">
                     <transf name="assert" proved="true" arg1="(forall a b c. b &lt;= c -&gt; a + b &lt;= a + c)">
Sylvain Dailler's avatar
Sylvain Dailler committed
532
                      <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.0" expl="asserted formula" proved="true">
533 534
                      <proof prover="2"><result status="valid" time="0.01"/></proof>
                      </goal>
535 536 537 538 539
                      <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1" expl="false case" proved="true">
                      <transf name="unfold" proved="true" arg1="ule" arg2="in" arg3="h6">
                       <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0" expl="false case" proved="true">
                       <transf name="rewrite" proved="true" arg1="to_uint_sub_bounded" arg2="in" arg3="h6">
                        <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0.0" expl="false case" proved="true">
540 541
                        <proof prover="2"><result status="valid" time="0.01"/></proof>
                        </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
542
                        <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0.1" expl="rewrite premises" proved="true">
543
                        <transf name="split_all_right" proved="true" >
544 545
                         <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0.1.0" proved="true">
                         <transf name="assert" proved="true" arg1="(0 &lt;= t&#39;int b - t&#39;int (1:t))">
Sylvain Dailler's avatar
Sylvain Dailler committed
546
                          <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0.1.0.0" expl="asserted formula" proved="true">
547
                          <proof prover="5"><result status="valid" time="0.06" steps="213"/></proof>
548
                          </goal>
549 550
                          <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0.1.0.1" proved="true">
                          <proof prover="0"><result status="valid" time="0.01"/></proof>
551 552 553
                          </goal>
                         </transf>
                         </goal>
554
                         <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.0.0.1.0.1.1" proved="true">
555
                         <proof prover="5" timelimit="1"><result status="valid" time="0.02" steps="213"/></proof>
556 557 558 559 560 561 562 563 564 565 566
                         </goal>
                        </transf>
                        </goal>
                       </transf>
                       </goal>
                      </transf>
                      </goal>
                     </transf>
                     </goal>
                    </transf>
                    </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
567
                    <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1" expl="rewrite premises" proved="true">
568
                    <transf name="rewrite" proved="true" arg1="to_uint_mul_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
569
                     <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0" expl="rewrite premises" proved="true">
570
                     <transf name="rewrite" proved="true" arg1="to_uint_mul_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
571
                      <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0" expl="rewrite premises" proved="true">
572
                      <transf name="rewrite" proved="true" arg1="to_uint_add_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
573
                       <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0" expl="rewrite premises" proved="true">
574
                       <transf name="rewrite" proved="true" arg1="to_uint_mul_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
575
                        <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0" expl="rewrite premises" proved="true">
576
                        <transf name="assert" proved="true" arg1="(forall a b. a * a + b * ((2 * a) + b) = (a + b) * (a + b))">
Sylvain Dailler's avatar
Sylvain Dailler committed
577
                         <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.0" expl="asserted formula" proved="true">
578 579
                         <proof prover="2"><result status="valid" time="0.02"/></proof>
                         </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
580
                         <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1" expl="rewrite premises" proved="true">
581
                         <transf name="replace" proved="true" arg1="(t&#39;int (2:t))" arg2="2">
Sylvain Dailler's avatar
Sylvain Dailler committed
582
                          <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.0" expl="rewrite premises" proved="true">
583
                          <transf name="rewrite" proved="true" arg1="h">
Sylvain Dailler's avatar
Sylvain Dailler committed
584
                           <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.0.0" expl="rewrite premises" proved="true">
585
                           <transf name="replace" proved="true" arg1="two_power_size" arg2="(0x100000000 * 0x100000000)">
Sylvain Dailler's avatar
Sylvain Dailler committed
586
                            <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.0.0.0" expl="rewrite premises" proved="true">
587
                            <transf name="rewrite" proved="true" arg1="&lt;-" arg2="to_uint_add_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
588
                             <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.0.0.0.0" expl="rewrite premises" proved="true">
589
                             <proof prover="4" timelimit="10" memlimit="4000"><result status="valid" time="2.80" steps="571"/></proof>
590
                             </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
591
                             <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.0.0.0.1" expl="rewrite premises" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
592
                             <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="3.04"/></proof>
593 594 595
                             </goal>
                            </transf>
                            </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
596
                            <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.0.0.1" expl="equality hypothesis" proved="true">
597 598 599 600 601 602
                            <proof prover="3" timelimit="5"><result status="valid" time="0.01"/></proof>
                            </goal>
                           </transf>
                           </goal>
                          </transf>
                          </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
603
                          <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.0.1.1" expl="equality hypothesis" proved="true">
604 605 606 607 608 609
                          <proof prover="3"><result status="valid" time="0.01"/></proof>
                          </goal>
                         </transf>
                         </goal>
                        </transf>
                        </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
610
                        <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.0.1" expl="rewrite premises" proved="true">
611
                        <proof prover="5" timelimit="1"><result status="valid" time="0.02" steps="213"/></proof>
612 613 614
                        </goal>
                       </transf>
                       </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
615
                       <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.0.1" expl="rewrite premises" proved="true">
Guillaume Melquiond's avatar
Guillaume Melquiond committed
616
                       <proof prover="3" timelimit="10" memlimit="4000"><result status="valid" time="2.59"/></proof>
617 618 619
                       </goal>
                      </transf>
                      </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
620
                      <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1" expl="rewrite premises" proved="true">
621
                      <transf name="rewrite" proved="true" arg1="to_uint_add_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
622
                       <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0" expl="rewrite premises" proved="true">
623
                       <transf name="rewrite" proved="true" arg1="to_uint_mul_bounded">
Sylvain Dailler's avatar
Sylvain Dailler committed
624
                        <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0" expl="rewrite premises" proved="true">
625
                        <transf name="assert" proved="true" arg1="(forall a b. a * ((2 * b) + a) = (a + b) * (a + b) - b * b)">
Sylvain Dailler's avatar
Sylvain Dailler committed
626
                         <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0.0" expl="asserted formula" proved="true">
627
                         <proof prover="5"><result status="valid" time="0.02" steps="209"/></proof>
628
                         </goal>
Sylvain Dailler's avatar
Sylvain Dailler committed
629
                         <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0.1" expl="rewrite premises" proved="true">
630
                         <transf name="replace" proved="true" arg1="(t&#39;int (2:t))" arg2="2">
Sylvain Dailler's avatar
Sylvain Dailler committed
631
                          <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0.1.0" expl="rewrite premises" proved="true">
632
                          <transf name="rewrite" proved="true" arg1="h">
Sylvain Dailler's avatar
Sylvain Dailler committed
633
                           <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0.1.0.0" expl="rewrite premises" proved="true">
634
                           <transf name="assert" proved="true" arg1="(((t&#39;int bits_g1 + t&#39;int res_g) * (t&#39;int bits_g1 + t&#39;int res_g)) &lt;= two_power_size)">
Sylvain Dailler's avatar
Sylvain Dailler committed
635
                            <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0.1.0.0.0" expl="asserted formula" proved="true">
636
                            <transf name="replace" proved="true" arg1="two_power_size" arg2="(0x100000000 * 0x100000000)">
Sylvain Dailler's avatar
Sylvain Dailler committed
637
                             <goal name="VC isqrt64.40.0.0.0.1.0.0.1.0.1.1.0.0.1.1.1.0.0.1.0.1.0.0.1.0.0.0.0" expl="asserted formula" proved="true">