why3session.xml 41.9 KB
Newer Older
1
<?xml version="1.0" encoding="UTF-8"?>
MARCHE Claude's avatar
MARCHE Claude committed
2
<!DOCTYPE why3session PUBLIC "-//Why3//proof session v2//EN" "http://why3.lri.fr/why3session.dtd">
Andrei Paskevich's avatar
Andrei Paskevich committed
3
<why3session shape_version="4">
4
 <prover
Andrei Paskevich's avatar
Andrei Paskevich committed
5
  id="0"
6
  name="Alt-Ergo"
Andrei Paskevich's avatar
Andrei Paskevich committed
7
  version="0.95.2"/>
8
 <prover
Andrei Paskevich's avatar
Andrei Paskevich committed
9
  id="1"
10
  name="CVC4"
Andrei Paskevich's avatar
Andrei Paskevich committed
11
  version="1.3"/>
12 13
 <prover
  id="2"
14
  name="Z3"
15
  version="4.3.1"/>
16 17 18
 <file
  name="../binary_search.mlw"
  verified="true"
19
  expanded="true">
20
  <theory
Andrei Paskevich's avatar
Andrei Paskevich committed
21
   name="BinarySearch"
22
   locfile="../binary_search.mlw"
Andrei Paskevich's avatar
Andrei Paskevich committed
23
   loclnum="5" loccnumb="7" loccnume="19"
24 25 26 27
   verified="true"
   expanded="true">
   <goal
    name="WP_parameter binary_search"
28
    locfile="../binary_search.mlw"
Andrei Paskevich's avatar
Andrei Paskevich committed
29
    loclnum="17" loccnumb="6" loccnume="19"
30
    expl="VC for binary_search"
MARCHE Claude's avatar
MARCHE Claude committed
31
    sum="f111c72f538ff096c2463a16d0ee1531"
32 33
    proved="true"
    expanded="true"
34
    shape="iNainfix =agetV1V5V2Iainfix &lt;V5V0Aainfix &lt;=c0V5Fiiainfix =agetV1V6V2Aainfix &lt;V6V0Aainfix &lt;=c0V6ainfix &lt;ainfix -V7V4ainfix -V3V4Aainfix &lt;=c0ainfix -V3V4Aainfix &lt;=V8V7Aainfix &lt;=V4V8Iainfix =agetV1V8V2Iainfix &lt;V8V0Aainfix &lt;=c0V8FAainfix &lt;V7V0Aainfix &lt;=c0V4Iainfix =V7ainfix -V6c1Fainfix &gt;agetV1V6V2Aainfix &lt;V6V0Aainfix &lt;=c0V6ainfix &lt;ainfix -V3V9ainfix -V3V4Aainfix &lt;=c0ainfix -V3V4Aainfix &lt;=V10V3Aainfix &lt;=V9V10Iainfix =agetV1V10V2Iainfix &lt;V10V0Aainfix &lt;=c0V10FAainfix &lt;V3V0Aainfix &lt;=c0V9Iainfix =V9ainfix +V6c1Fainfix &lt;agetV1V6V2Aainfix &lt;V6V0Aainfix &lt;=c0V6Aainfix &lt;=V6V3Aainfix &lt;=V4V6Lainfix +V4adivainfix -V3V4c2ainfix &lt;=V4V3Iainfix &lt;=V11V3Aainfix &lt;=V4V11Iainfix =agetV1V11V2Iainfix &lt;V11V0Aainfix &lt;=c0V11FAainfix &lt;V3V0Aainfix &lt;=c0V4FAainfix &lt;=V12ainfix -V0c1Aainfix &lt;=c0V12Iainfix =agetV1V12V2Iainfix &lt;V12V0Aainfix &lt;=c0V12FAainfix &lt;ainfix -V0c1V0Aainfix &lt;=c0c0Iainfix &lt;=agetV1V13agetV1V14Iainfix &lt;V14V0Aainfix &lt;=V13V14Aainfix &lt;=c0V13FAainfix &lt;=c0V0F">
Andrei Paskevich's avatar
Andrei Paskevich committed
35
    <label
36
     name="expl:VC for binary_search"/>
37
    <proof
38
     prover="0"
39
     timelimit="10"
Andrei Paskevich's avatar
Andrei Paskevich committed
40
     memlimit="1000"
Andrei Paskevich's avatar
Andrei Paskevich committed
41 42
     obsolete="false"
     archived="false">
MARCHE Claude's avatar
MARCHE Claude committed
43
     <result status="valid" time="0.17"/>
44
    </proof>
45
    <proof
46
     prover="1"
Andrei Paskevich's avatar
Andrei Paskevich committed
47
     timelimit="10"
48 49 50
     memlimit="1000"
     obsolete="false"
     archived="false">
Andrei Paskevich's avatar
Andrei Paskevich committed
51
     <result status="valid" time="0.03"/>
52 53 54
    </proof>
    <proof
     prover="2"
Andrei Paskevich's avatar
Andrei Paskevich committed
55
     timelimit="10"
56
     memlimit="1000"
Andrei Paskevich's avatar
Andrei Paskevich committed
57 58
     obsolete="false"
     archived="false">
59
     <result status="valid" time="0.02"/>
60 61 62 63
    </proof>
   </goal>
  </theory>
  <theory
Andrei Paskevich's avatar
Andrei Paskevich committed
64
   name="BinarySearchAnyMidPoint"
65
   locfile="../binary_search.mlw"
Andrei Paskevich's avatar
Andrei Paskevich committed
66
   loclnum="48" loccnumb="7" loccnume="30"
67 68 69 70
   verified="true"
   expanded="true">
   <goal
    name="WP_parameter binary_search"
71 72
    locfile="../binary_search.mlw"
    loclnum="60" loccnumb="6" loccnume="19"
73
    expl="VC for binary_search"
MARCHE Claude's avatar
MARCHE Claude committed
74
    sum="2ef34a49a235644800280811fde7f825"
75 76
    proved="true"
    expanded="true"
77
    shape="iNainfix =agetV1V5V2Iainfix &lt;V5V0Aainfix &lt;=c0V5Fiiainfix =agetV1V6V2Aainfix &lt;V6V0Aainfix &lt;=c0V6ainfix &lt;ainfix -V7V4ainfix -V3V4Aainfix &lt;=c0ainfix -V3V4Aainfix &lt;=V8V7Aainfix &lt;=V4V8Iainfix =agetV1V8V2Iainfix &lt;V8V0Aainfix &lt;=c0V8FAainfix &lt;V7V0Aainfix &lt;=c0V4Iainfix =V7ainfix -V6c1Fainfix &gt;agetV1V6V2Aainfix &lt;V6V0Aainfix &lt;=c0V6ainfix &lt;ainfix -V3V9ainfix -V3V4Aainfix &lt;=c0ainfix -V3V4Aainfix &lt;=V10V3Aainfix &lt;=V9V10Iainfix =agetV1V10V2Iainfix &lt;V10V0Aainfix &lt;=c0V10FAainfix &lt;V3V0Aainfix &lt;=c0V9Iainfix =V9ainfix +V6c1Fainfix &lt;agetV1V6V2Aainfix &lt;V6V0Aainfix &lt;=c0V6Iainfix &lt;=V6V3Aainfix &lt;=V4V6FAainfix &lt;=V4V3ainfix &lt;=V4V3Iainfix &lt;=V11V3Aainfix &lt;=V4V11Iainfix =agetV1V11V2Iainfix &lt;V11V0Aainfix &lt;=c0V11FAainfix &lt;V3V0Aainfix &lt;=c0V4FAainfix &lt;=V12ainfix -V0c1Aainfix &lt;=c0V12Iainfix =agetV1V12V2Iainfix &lt;V12V0Aainfix &lt;=c0V12FAainfix &lt;ainfix -V0c1V0Aainfix &lt;=c0c0Iainfix &lt;=agetV1V13agetV1V14Iainfix &lt;V14V0Aainfix &lt;=V13V14Aainfix &lt;=c0V13FAainfix &lt;=c0V0F">
Andrei Paskevich's avatar
Andrei Paskevich committed
78
    <label
79
     name="expl:VC for binary_search"/>
80
    <proof
Andrei Paskevich's avatar
Andrei Paskevich committed
81
     prover="0"
82
     timelimit="10"
Andrei Paskevich's avatar
Andrei Paskevich committed
83
     memlimit="1000"
Andrei Paskevich's avatar
Andrei Paskevich committed
84 85
     obsolete="false"
     archived="false">
86
     <result status="valid" time="0.02"/>
87
    </proof>
88 89
    <proof
     prover="1"
Andrei Paskevich's avatar
Andrei Paskevich committed
90
     timelimit="10"
91 92 93
     memlimit="1000"
     obsolete="false"
     archived="false">
Andrei Paskevich's avatar
Andrei Paskevich committed
94
     <result status="valid" time="0.03"/>
95 96 97
    </proof>
    <proof
     prover="2"
Andrei Paskevich's avatar
Andrei Paskevich committed
98
     timelimit="10"
99 100 101 102 103
     memlimit="1000"
     obsolete="false"
     archived="false">
     <result status="valid" time="0.02"/>
    </proof>
104 105 106
   </goal>
  </theory>
  <theory
Andrei Paskevich's avatar
Andrei Paskevich committed
107
   name="BinarySearchInt32"
108 109
   locfile="../binary_search.mlw"
   loclnum="89" loccnumb="7" loccnume="24"
110 111 112 113
   verified="true"
   expanded="true">
   <goal
    name="WP_parameter binary_search"
114 115
    locfile="../binary_search.mlw"
    loclnum="100" loccnumb="6" loccnume="19"
116
    expl="VC for binary_search"
MARCHE Claude's avatar
MARCHE Claude committed
117
    sum="2376bb8c282da41c650954824cc1850b"
118 119
    proved="true"
    expanded="true"
Andrei Paskevich's avatar
Andrei Paskevich committed
120
    shape="iNainfix =agetV1V9V2Iainfix &lt;V9ato_intV0Aainfix &lt;=c0V9Fiiainfix =agetV1ato_intV13V2Aainfix &lt;ato_intV13ato_intV0Aainfix &lt;=c0ato_intV13ainfix &lt;ainfix -ato_intV18ato_intV7ainfix -ato_intV6ato_intV7Aainfix &lt;=c0ainfix -ato_intV6ato_intV7Aainfix &lt;=V19ato_intV18Aainfix &lt;=ato_intV7V19Iainfix =agetV1V19V2Iainfix &lt;V19ato_intV0Aainfix &lt;=c0V19FAainfix &lt;ato_intV18ato_intV0Aainfix &lt;=c0ato_intV7Iainfix =V18V17FIainfix =ato_intV17ainfix -ato_intV13ato_intV16FAain_boundsainfix -ato_intV13ato_intV16Iainfix =ato_intV16c1FAain_boundsc1ainfix =V15aTrueIainfix &gt;ato_intagetV1ato_intV13ato_intV2qainfix =V15aTrueFAainfix &lt;ato_intV13ato_intV0Aainfix &lt;=c0ato_intV13ainfix &lt;ainfix -ato_intV6ato_intV22ainfix -ato_intV6ato_intV7Aainfix &lt;=c0ainfix -ato_intV6ato_intV7Aainfix &lt;=V23ato_intV6Aainfix &lt;=ato_intV22V23Iainfix =agetV1V23V2Iainfix &lt;V23ato_intV0Aainfix &lt;=c0V23FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV22Iainfix =V22V21FIainfix =ato_intV21ainfix +ato_intV13ato_intV20FAain_boundsainfix +ato_intV13ato_intV20Iainfix =ato_intV20c1FAain_boundsc1ainfix =V14aTrueIainfix &lt;ato_intagetV1ato_intV13ato_intV2qainfix =V14aTrueFAainfix &lt;ato_intV13ato_intV0Aainfix &lt;=c0ato_intV13Aainfix &lt;=ato_intV13ato_intV6Aainfix &lt;=ato_intV7ato_intV13Iainfix =ato_intV13ainfix +ato_intV7ato_intV12FAain_boundsainfix +ato_intV7ato_intV12Iainfix =ato_intV12adivato_intV11ato_intV10FAain_boundsadivato_intV11ato_intV10ANainfix =ato_intV10c0Iainfix =ato_intV11ainfix -ato_intV6ato_intV7FAain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV10c2FAain_boundsc2ainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V24ato_intV6Aainfix &lt;=ato_intV7V24Iainfix =agetV1V24V2Iainfix &lt;V24ato_intV0Aainfix &lt;=c0V24FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FAainfix &lt;=V25ato_intV5Aainfix &lt;=ato_intV3V25Iainfix =agetV1V25V2Iainfix &lt;V25ato_intV0Aainfix &lt;=c0V25FAainfix &lt;ato_intV5ato_intV0Aainfix &lt;=c0ato_intV3Iainfix =ato_intV5ainfix -ato_intV0ato_intV4FAain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FAain_boundsc1Iainfix =ato_intV3c0FAain_boundsc0Iainfix &lt;=ato_intagetV1V26ato_intagetV1V27Iainfix &lt;V27ato_intV0Aainfix &lt;=V26V27Aainfix &lt;=c0V26FAainfix &lt;=c0ato_intV0F">
Andrei Paskevich's avatar
Andrei Paskevich committed
121
    <label
122
     name="expl:VC for binary_search"/>
123 124
    <proof
     prover="1"
Andrei Paskevich's avatar
Andrei Paskevich committed
125
     timelimit="10"
126 127 128
     memlimit="1000"
     obsolete="false"
     archived="false">
Andrei Paskevich's avatar
Andrei Paskevich committed
129
     <result status="valid" time="0.22"/>
130 131 132
    </proof>
    <proof
     prover="2"
Andrei Paskevich's avatar
Andrei Paskevich committed
133
     timelimit="10"
134 135 136 137 138
     memlimit="1000"
     obsolete="false"
     archived="false">
     <result status="valid" time="0.01"/>
    </proof>
139 140 141 142 143 144 145 146 147
    <transf
     name="split_goal_wp"
     proved="true"
     expanded="true">
     <goal
      name="WP_parameter binary_search.1"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="1. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
148
      sum="40f616b4f4af1dac00f792adef7b0880"
149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsc0Iainfix &lt;=ato_intagetV1V3ato_intagetV1V4Iainfix &lt;V4ato_intV0Aainfix &lt;=V3V4Aainfix &lt;=c0V3FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.2"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="2. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
168
      sum="85c4626ae1fd225c0d69c56254d9957d"
169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V4ato_intagetV1V5Iainfix &lt;V5ato_intV0Aainfix &lt;=V4V5Aainfix &lt;=c0V4FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.3"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="3. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
188
      sum="f6b0d107cec009c4e7b3234231e3761d"
189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V5ato_intagetV1V6Iainfix &lt;V6ato_intV0Aainfix &lt;=V5V6Aainfix &lt;=c0V5FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.4"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="4. loop invariant init"
MARCHE Claude's avatar
MARCHE Claude committed
208
      sum="eeb2ca9a16b6407ef254c52ac180e238"
209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227
      proved="true"
      expanded="false"
      shape="loop invariant initainfix &lt;ato_intV5ato_intV0Aainfix &lt;=c0ato_intV3Iainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V6ato_intagetV1V7Iainfix &lt;V7ato_intV0Aainfix &lt;=V6V7Aainfix &lt;=c0V6FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.5"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="5. loop invariant init"
MARCHE Claude's avatar
MARCHE Claude committed
228
      sum="5814ce7c648bef253c77a7d370145f0a"
229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247
      proved="true"
      expanded="false"
      shape="loop invariant initainfix &lt;=V6ato_intV5Aainfix &lt;=ato_intV3V6Iainfix =agetV1V6V2Iainfix &lt;V6ato_intV0Aainfix &lt;=c0V6FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V7ato_intagetV1V8Iainfix &lt;V8ato_intV0Aainfix &lt;=V7V8Aainfix &lt;=c0V7FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.6"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="6. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
248
      sum="b49c1495adce6e681ab8ef6751ea48ff"
249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V9ato_intV6Aainfix &lt;=ato_intV7V9Iainfix =agetV1V9V2Iainfix &lt;V9ato_intV0Aainfix &lt;=c0V9FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V10ato_intagetV1V11Iainfix &lt;V11ato_intV0Aainfix &lt;=V10V11Aainfix &lt;=c0V10FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.7"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="7. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
268
      sum="0ec32669a0b3ae033514858b67106289"
269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V10ato_intV6Aainfix &lt;=ato_intV7V10Iainfix =agetV1V10V2Iainfix &lt;V10ato_intV0Aainfix &lt;=c0V10FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V11ato_intagetV1V12Iainfix &lt;V12ato_intV0Aainfix &lt;=V11V12Aainfix &lt;=c0V11FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.8"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="8. division by zero"
MARCHE Claude's avatar
MARCHE Claude committed
288
      sum="54246d7493697063d630dc0c68020af0"
289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307
      proved="true"
      expanded="false"
      shape="division by zeroNainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V11ato_intV6Aainfix &lt;=ato_intV7V11Iainfix =agetV1V11V2Iainfix &lt;V11ato_intV0Aainfix &lt;=c0V11FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V12ato_intagetV1V13Iainfix &lt;V13ato_intV0Aainfix &lt;=V12V13Aainfix &lt;=c0V12FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.9"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="9. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
308
      sum="88d9c84e323dc18df2116fafbd30832c"
309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsadivato_intV10ato_intV9Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V11ato_intV6Aainfix &lt;=ato_intV7V11Iainfix =agetV1V11V2Iainfix &lt;V11ato_intV0Aainfix &lt;=c0V11FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V12ato_intagetV1V13Iainfix &lt;V13ato_intV0Aainfix &lt;=V12V13Aainfix &lt;=c0V12FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.04"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.10"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="10. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
328
      sum="6fa725b77a6f6c333c46a26216cf8c1a"
329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V12ato_intV6Aainfix &lt;=ato_intV7V12Iainfix =agetV1V12V2Iainfix &lt;V12ato_intV0Aainfix &lt;=c0V12FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V13ato_intagetV1V14Iainfix &lt;V14ato_intV0Aainfix &lt;=V13V14Aainfix &lt;=c0V13FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.32"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.11"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="11. assertion"
MARCHE Claude's avatar
MARCHE Claude committed
348
      sum="dd2be40951479ddc7210db78d36a5565"
349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367
      proved="true"
      expanded="false"
      shape="assertionainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V13ato_intV6Aainfix &lt;=ato_intV7V13Iainfix =agetV1V13V2Iainfix &lt;V13ato_intV0Aainfix &lt;=c0V13FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V14ato_intagetV1V15Iainfix &lt;V15ato_intV0Aainfix &lt;=V14V15Aainfix &lt;=c0V14FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.66"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.12"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="12. precondition"
MARCHE Claude's avatar
MARCHE Claude committed
368
      sum="d41932b6b03f6725783e9c9236fb1f59"
369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387
      proved="true"
      expanded="false"
      shape="preconditionainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V13ato_intV6Aainfix &lt;=ato_intV7V13Iainfix =agetV1V13V2Iainfix &lt;V13ato_intV0Aainfix &lt;=c0V13FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V14ato_intagetV1V15Iainfix &lt;V15ato_intV0Aainfix &lt;=V14V15Aainfix &lt;=c0V14FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.13"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="13. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
388
      sum="773d69bd9242c91799cb983381401c70"
389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsc1Iainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V14ato_intV6Aainfix &lt;=ato_intV7V14Iainfix =agetV1V14V2Iainfix &lt;V14ato_intV0Aainfix &lt;=c0V14FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V15ato_intagetV1V16Iainfix &lt;V16ato_intV0Aainfix &lt;=V15V16Aainfix &lt;=c0V15FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.14"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="14. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
408
      sum="9d4fa5d1b0a8100c166a506b7a092f16"
409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsainfix +ato_intV12ato_intV14Iainfix =ato_intV14c1FIain_boundsc1Iainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V15ato_intV6Aainfix &lt;=ato_intV7V15Iainfix =agetV1V15V2Iainfix &lt;V15ato_intV0Aainfix &lt;=c0V15FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V16ato_intagetV1V17Iainfix &lt;V17ato_intV0Aainfix &lt;=V16V17Aainfix &lt;=c0V16FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.03"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.15"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="15. loop invariant preservation"
MARCHE Claude's avatar
MARCHE Claude committed
428
      sum="d264e441c17d414d9292966e45116c47"
429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447
      proved="true"
      expanded="false"
      shape="loop invariant preservationainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV16Iainfix =V16V15FIainfix =ato_intV15ainfix +ato_intV12ato_intV14FIain_boundsainfix +ato_intV12ato_intV14Iainfix =ato_intV14c1FIain_boundsc1Iainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V17ato_intV6Aainfix &lt;=ato_intV7V17Iainfix =agetV1V17V2Iainfix &lt;V17ato_intV0Aainfix &lt;=c0V17FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V18ato_intagetV1V19Iainfix &lt;V19ato_intV0Aainfix &lt;=V18V19Aainfix &lt;=c0V18FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.16"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="16. loop invariant preservation"
MARCHE Claude's avatar
MARCHE Claude committed
448
      sum="ed011df4b8b1d0c5893a1af2887c0bd6"
449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467
      proved="true"
      expanded="false"
      shape="loop invariant preservationainfix &lt;=V17ato_intV6Aainfix &lt;=ato_intV16V17Iainfix =agetV1V17V2Iainfix &lt;V17ato_intV0Aainfix &lt;=c0V17FIainfix =V16V15FIainfix =ato_intV15ainfix +ato_intV12ato_intV14FIain_boundsainfix +ato_intV12ato_intV14Iainfix =ato_intV14c1FIain_boundsc1Iainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V18ato_intV6Aainfix &lt;=ato_intV7V18Iainfix =agetV1V18V2Iainfix &lt;V18ato_intV0Aainfix &lt;=c0V18FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V19ato_intagetV1V20Iainfix &lt;V20ato_intV0Aainfix &lt;=V19V20Aainfix &lt;=c0V19FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="3.81"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.17"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="17. loop variant decrease"
MARCHE Claude's avatar
MARCHE Claude committed
468
      sum="3ab1a9374df41cc7d8394f97c3ca9e5e"
469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487
      proved="true"
      expanded="false"
      shape="loop variant decreaseainfix &lt;ainfix -ato_intV6ato_intV16ainfix -ato_intV6ato_intV7Aainfix &lt;=c0ainfix -ato_intV6ato_intV7Iainfix =V16V15FIainfix =ato_intV15ainfix +ato_intV12ato_intV14FIain_boundsainfix +ato_intV12ato_intV14Iainfix =ato_intV14c1FIain_boundsc1Iainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V17ato_intV6Aainfix &lt;=ato_intV7V17Iainfix =agetV1V17V2Iainfix &lt;V17ato_intV0Aainfix &lt;=c0V17FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V18ato_intagetV1V19Iainfix &lt;V19ato_intV0Aainfix &lt;=V18V19Aainfix &lt;=c0V18FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.18"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="18. precondition"
MARCHE Claude's avatar
MARCHE Claude committed
488
      sum="6341b1810be2c112c88cf631409726ac"
489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507
      proved="true"
      expanded="false"
      shape="preconditionainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V14ato_intV6Aainfix &lt;=ato_intV7V14Iainfix =agetV1V14V2Iainfix &lt;V14ato_intV0Aainfix &lt;=c0V14FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V15ato_intagetV1V16Iainfix &lt;V16ato_intV0Aainfix &lt;=V15V16Aainfix &lt;=c0V15FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.19"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="19. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
508
      sum="6215f0e8b0c6038389f3b43cea47e130"
509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsc1Iainfix =V14aTrueIainfix &gt;ato_intagetV1ato_intV12ato_intV2qainfix =V14aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V15ato_intV6Aainfix &lt;=ato_intV7V15Iainfix =agetV1V15V2Iainfix &lt;V15ato_intV0Aainfix &lt;=c0V15FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V16ato_intagetV1V17Iainfix &lt;V17ato_intV0Aainfix &lt;=V16V17Aainfix &lt;=c0V16FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.20"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="20. integer overflow"
MARCHE Claude's avatar
MARCHE Claude committed
528
      sum="109b69b1615374c70ffd4e58660d488e"
529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547
      proved="true"
      expanded="false"
      shape="integer overflowain_boundsainfix -ato_intV12ato_intV15Iainfix =ato_intV15c1FIain_boundsc1Iainfix =V14aTrueIainfix &gt;ato_intagetV1ato_intV12ato_intV2qainfix =V14aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V16ato_intV6Aainfix &lt;=ato_intV7V16Iainfix =agetV1V16V2Iainfix &lt;V16ato_intV0Aainfix &lt;=c0V16FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V17ato_intagetV1V18Iainfix &lt;V18ato_intV0Aainfix &lt;=V17V18Aainfix &lt;=c0V17FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.21"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="21. loop invariant preservation"
MARCHE Claude's avatar
MARCHE Claude committed
548
      sum="8c3d9056d0aa844c8317eae7ae118f90"
549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567
      proved="true"
      expanded="false"
      shape="loop invariant preservationainfix &lt;ato_intV17ato_intV0Aainfix &lt;=c0ato_intV7Iainfix =V17V16FIainfix =ato_intV16ainfix -ato_intV12ato_intV15FIain_boundsainfix -ato_intV12ato_intV15Iainfix =ato_intV15c1FIain_boundsc1Iainfix =V14aTrueIainfix &gt;ato_intagetV1ato_intV12ato_intV2qainfix =V14aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V18ato_intV6Aainfix &lt;=ato_intV7V18Iainfix =agetV1V18V2Iainfix &lt;V18ato_intV0Aainfix &lt;=c0V18FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V19ato_intagetV1V20Iainfix &lt;V20ato_intV0Aainfix &lt;=V19V20Aainfix &lt;=c0V19FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.22"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="22. loop invariant preservation"
MARCHE Claude's avatar
MARCHE Claude committed
568
      sum="371f2656f709291669b4ed3d83bee3b0"
569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587
      proved="true"
      expanded="false"
      shape="loop invariant preservationainfix &lt;=V18ato_intV17Aainfix &lt;=ato_intV7V18Iainfix =agetV1V18V2Iainfix &lt;V18ato_intV0Aainfix &lt;=c0V18FIainfix =V17V16FIainfix =ato_intV16ainfix -ato_intV12ato_intV15FIain_boundsainfix -ato_intV12ato_intV15Iainfix =ato_intV15c1FIain_boundsc1Iainfix =V14aTrueIainfix &gt;ato_intagetV1ato_intV12ato_intV2qainfix =V14aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V19ato_intV6Aainfix &lt;=ato_intV7V19Iainfix =agetV1V19V2Iainfix &lt;V19ato_intV0Aainfix &lt;=c0V19FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V20ato_intagetV1V21Iainfix &lt;V21ato_intV0Aainfix &lt;=V20V21Aainfix &lt;=c0V20FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="3.54"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.23"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="23. loop variant decrease"
MARCHE Claude's avatar
MARCHE Claude committed
588
      sum="92659f917304b5e3db4ba9cd9f791512"
589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607
      proved="true"
      expanded="false"
      shape="loop variant decreaseainfix &lt;ainfix -ato_intV17ato_intV7ainfix -ato_intV6ato_intV7Aainfix &lt;=c0ainfix -ato_intV6ato_intV7Iainfix =V17V16FIainfix =ato_intV16ainfix -ato_intV12ato_intV15FIain_boundsainfix -ato_intV12ato_intV15Iainfix =ato_intV15c1FIain_boundsc1Iainfix =V14aTrueIainfix &gt;ato_intagetV1ato_intV12ato_intV2qainfix =V14aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V18ato_intV6Aainfix &lt;=ato_intV7V18Iainfix =agetV1V18V2Iainfix &lt;V18ato_intV0Aainfix &lt;=c0V18FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V19ato_intagetV1V20Iainfix &lt;V20ato_intV0Aainfix &lt;=V19V20Aainfix &lt;=c0V19FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.02"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.24"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="24. postcondition"
MARCHE Claude's avatar
MARCHE Claude committed
608
      sum="aa9ac58c17315f72d6e61dd4b89d5a29"
609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627
      proved="true"
      expanded="false"
      shape="postconditionainfix =agetV1ato_intV12V2Aainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V14aTrueIainfix &gt;ato_intagetV1ato_intV12ato_intV2qainfix =V14aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12INainfix =V13aTrueIainfix &lt;ato_intagetV1ato_intV12ato_intV2qainfix =V13aTrueFIainfix &lt;ato_intV12ato_intV0Aainfix &lt;=c0ato_intV12Iainfix &lt;=ato_intV12ato_intV6Aainfix &lt;=ato_intV7ato_intV12Iainfix =ato_intV12ainfix +ato_intV7ato_intV11FIain_boundsainfix +ato_intV7ato_intV11Iainfix =ato_intV11adivato_intV10ato_intV9FIain_boundsadivato_intV10ato_intV9ANainfix =ato_intV9c0Iainfix =ato_intV10ainfix -ato_intV6ato_intV7FIain_boundsainfix -ato_intV6ato_intV7Iainfix =ato_intV9c2FIain_boundsc2Iainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V15ato_intV6Aainfix &lt;=ato_intV7V15Iainfix =agetV1V15V2Iainfix &lt;V15ato_intV0Aainfix &lt;=c0V15FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V16ato_intagetV1V17Iainfix &lt;V17ato_intV0Aainfix &lt;=V16V17Aainfix &lt;=c0V16FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.46"/>
      </proof>
     </goal>
     <goal
      name="WP_parameter binary_search.25"
      locfile="../binary_search.mlw"
      loclnum="100" loccnumb="6" loccnume="19"
      expl="25. exceptional postcondition"
MARCHE Claude's avatar
MARCHE Claude committed
628
      sum="c7d932701023469e2e26d7583d4ac754"
629 630 631 632 633 634 635 636 637 638 639 640 641 642 643
      proved="true"
      expanded="false"
      shape="exceptional postconditionNainfix =agetV1V9V2Iainfix &lt;V9ato_intV0Aainfix &lt;=c0V9FINainfix =V8aTrueIainfix &lt;=ato_intV7ato_intV6qainfix =V8aTrueFIainfix &lt;=V10ato_intV6Aainfix &lt;=ato_intV7V10Iainfix =agetV1V10V2Iainfix &lt;V10ato_intV0Aainfix &lt;=c0V10FAainfix &lt;ato_intV6ato_intV0Aainfix &lt;=c0ato_intV7FIainfix =ato_intV5ainfix -ato_intV0ato_intV4FIain_boundsainfix -ato_intV0ato_intV4Iainfix =ato_intV4c1FIain_boundsc1Iainfix =ato_intV3c0FIain_boundsc0Iainfix &lt;=ato_intagetV1V11ato_intagetV1V12Iainfix &lt;V12ato_intV0Aainfix &lt;=V11V12Aainfix &lt;=c0V11FAainfix &lt;=c0ato_intV0F">
      <label
       name="expl:VC for binary_search"/>
      <proof
       prover="0"
       timelimit="5"
       memlimit="1000"
       obsolete="false"
       archived="false">
       <result status="valid" time="0.01"/>
      </proof>
     </goal>
    </transf>
644 645
   </goal>
  </theory>
646 647
 </file>
</why3session>