Commit 9e7b004a authored by Stefan Berghofer's avatar Stefan Berghofer

Adapted to Isabelle2018

parent a1cc4c0a
......@@ -175,11 +175,8 @@ pvsbin/
/lib/isabelle/map/
/lib/isabelle/real/
/lib/isabelle/set/
/lib/isabelle/ROOT
/lib/isabelle/Why3_BV.thy
/lib/isabelle/Why3_Number.thy
/lib/isabelle/Why3_Real.thy
/lib/isabelle/Why3_Set.thy
/lib/isabelle/why3.ML
/lib/isabelle/last_build
/lib/isabelle/bv
......
......@@ -1261,7 +1261,7 @@ clean::
#######################
ISABELLEVERSIONSPECIFIC=ROOT why3.ML Why3_BV.thy Why3_Number.thy Why3_Real.thy Why3_Set.thy
ISABELLEVERSIONSPECIFIC=why3.ML Why3_Number.thy Why3_Real.thy
ISABELLEVERSIONSPECIFICTARGETS=$(addprefix lib/isabelle/, $(ISABELLEVERSIONSPECIFIC))
ISABELLEVERSIONSPECIFICSOURCES=$(addsuffix .@ISABELLEVERSION@, $(ISABELLEVERSIONSPECIFICTARGETS))
......
......@@ -744,7 +744,7 @@ fi
# Default version used for generation of realization in the case Isabelle is not
# detected or Why3 is compiled with disable-isabelle.
ISABELLEVERSION=2017
ISABELLEVERSION=2018
if test "$enable_isabelle_libs" = no; then
enable_isabelle_support=no
......@@ -760,9 +760,9 @@ else
ISABELLEDETECTEDVERSION=[`$ISABELLE version | sed -n -e 's|Isabelle\([^:]*\).*$|\1|p'`]
case $ISABELLEDETECTEDVERSION in
2016-1*)
2018*)
enable_isabelle_support=yes
ISABELLEVERSION=2016-1
ISABELLEVERSION=2018
AC_MSG_RESULT($ISABELLEDETECTEDVERSION)
;;
2017*)
......@@ -773,8 +773,8 @@ else
*)
AC_MSG_RESULT($ISABELLEDETECTEDVERSION)
enable_isabelle_support=no
AC_MSG_WARN(You need Isabelle 2016-1 or later; Isabelle discarded)
reason_isabelle_support=" (need version >= 2016-1)"
AC_MSG_WARN(You need Isabelle 2017 or later; Isabelle discarded)
reason_isabelle_support=" (need version >= 2017)"
;;
esac
fi
......
......@@ -11,9 +11,9 @@ using ``Edit'' action in \texttt{why3 ide}.
\subsection{Installation}
You need version Isabelle2016-1 or Isabelle2017. Former versions are not
supported. We assume below that your version is 2017, please replace
2017 by 2016-1 otherwise.
You need version Isabelle2017 or Isabelle2018. Former versions are not
supported. We assume below that your version is 2018, please replace
2018 by 2017 otherwise.
Isabelle must be installed before compiling \why. After compilation
and installation of \why, you must manually add the path
......@@ -22,7 +22,7 @@ and installation of \why, you must manually add the path
\end{verbatim}
into either the user file
\begin{verbatim}
.isabelle/Isabelle2017/etc/components
.isabelle/Isabelle2018/etc/components
\end{verbatim}
or the system-wide file
\begin{verbatim}
......
theory number.Coprime
syntax predicate coprime "<app><const name=\"GCD.gcd_class.coprime\"/>%1%2</app>"
end
theory number.Coprime
syntax predicate coprime "<app><const name=\"Rings.algebraic_semidom_class.coprime\"/>%1%2</app>"
end
......@@ -160,10 +160,6 @@ theory number.Prime
syntax predicate prime "<app><const name=\"Factorial_Ring.normalization_semidom_class.prime\"/>%1</app>"
end
theory number.Coprime
syntax predicate coprime "<app><const name=\"GCD.gcd_class.coprime\"/>%1%2</app>"
end
theory algebra.Field
syntax function inv "<app><const name=\"Fields.inverse_class.inverse\"/>%1</app>"
syntax function (/) "<app><const name=\"Rings.divide_class.divide\"/>%1%2</app>"
......
......@@ -7,3 +7,4 @@ filename "%t.xml"
transformation "inline_trivial"
import "isabelle-common.gen"
import "isabelle-2017.gen"
......@@ -8,6 +8,7 @@ transformation "inline_trivial"
transformation "eliminate_builtin"
import "isabelle-common.gen"
import "isabelle-2017.gen"
transformation "simplify_trivial_quantification_in_goal"
......@@ -7,3 +7,4 @@ filename "%t.xml"
transformation "inline_trivial"
import "isabelle-common.gen"
import "isabelle-2018.gen"
......@@ -8,6 +8,7 @@ transformation "inline_trivial"
transformation "eliminate_builtin"
import "isabelle-common.gen"
import "isabelle-2018.gen"
transformation "simplify_trivial_quantification_in_goal"
theory genealogy_Genealogy_Child_is_son_or_daughter_1
imports Why3
imports Why3.Why3
begin
why3_open "genealogy_Genealogy_Child_is_son_or_daughter_1.xml"
......
theory genealogy_Genealogy_Grandparent_is_grandfather_or_grandmother_1
imports Why3
imports Why3.Why3
begin
why3_open "genealogy_Genealogy_Grandparent_is_grandfather_or_grandmother_1.xml"
......
theory genealogy_Genealogy_Sibling_is_brother_or_sister_1
imports Why3
imports Why3.Why3
begin
why3_open "genealogy_Genealogy_Sibling_is_brother_or_sister_1.xml"
......
theory genealogy_Genealogy_Sibling_sym_1
imports Why3
imports Why3.Why3
begin
why3_open "genealogy_Genealogy_Sibling_sym_1.xml"
......
......@@ -32,7 +32,7 @@
<prover id="27" name="Eprover" version="2.0" timelimit="5" steplimit="0" memlimit="1000"/>
<prover id="28" name="Z3" version="4.4.1" timelimit="5" steplimit="1" memlimit="4000"/>
<prover id="29" name="Alt-Ergo" version="1.30" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="30" name="Isabelle" version="2016-1" timelimit="100" steplimit="1" memlimit="1000"/>
<prover id="30" name="Isabelle" version="2018" timelimit="100" steplimit="1" memlimit="4000"/>
<prover id="31" name="CVC4" version="1.5" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="32" name="Alt-Ergo" version="2.2.0" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="33" name="Z3" version="4.6.0" timelimit="1" steplimit="0" memlimit="1000"/>
......
chapter Why3
session Why3 = "HOL-Word" +
options [document = false]
theories Why3
......@@ -34,7 +34,7 @@ function make_theory()
BNAME=`basename "$1"`
if [ ! -e "$1.thy" ]; then
echo -e "theory $BNAME\nimports Why3\nbegin\n\nwhy3_open \"$BNAME.xml\"\n" > "$1.thy"
echo -e "theory $BNAME\nimports Why3.Why3\nbegin\n\nwhy3_open \"$BNAME.xml\"\n" > "$1.thy"
sed \
-e 's/<lemma name="\([^"]*\)"[^>]*>/why3_vc \1\n\n/g' \
-e 's/<[^l][^>]*>//g' \
......
theory Why3_BV
imports Why3_Int "~~/src/HOL/Word/Word" "~~/src/HOL/Word/Bit_Comparison"
begin
abbreviation (input) pow2 :: "int \<Rightarrow> int"
where "pow2 i \<equiv> 2 ^ nat i"
why3_open "bv/Pow2int.xml"
constants
pow2=pow2
why3_vc Power_0 by simp
why3_vc Power_s using assms by (simp add: Power_s)
why3_vc Power_1 by simp
why3_vc Power_sum using assms by (simp add: Power_sum)
why3_vc pow2pos using assms by simp
why3_vc pow2_0 by simp
why3_vc pow2_1 by simp
why3_vc pow2_2 by simp
why3_vc pow2_3 by simp
why3_vc pow2_4 by simp
why3_vc pow2_5 by simp
why3_vc pow2_6 by simp
why3_vc pow2_7 by simp
why3_vc pow2_8 by simp
why3_vc pow2_9 by simp
why3_vc pow2_10 by simp
why3_vc pow2_11 by simp
why3_vc pow2_12 by simp
why3_vc pow2_13 by simp
why3_vc pow2_14 by simp
why3_vc pow2_15 by simp
why3_vc pow2_16 by simp
why3_vc pow2_17 by simp
why3_vc pow2_18 by simp
why3_vc pow2_19 by simp
why3_vc pow2_20 by simp
why3_vc pow2_21 by simp
why3_vc pow2_22 by simp
why3_vc pow2_23 by simp
why3_vc pow2_24 by simp
why3_vc pow2_25 by simp
why3_vc pow2_26 by simp
why3_vc pow2_27 by simp
why3_vc pow2_28 by simp
why3_vc pow2_29 by simp
why3_vc pow2_30 by simp
why3_vc pow2_31 by simp
why3_vc pow2_32 by simp
why3_vc pow2_33 by simp
why3_vc pow2_34 by simp
why3_vc pow2_35 by simp
why3_vc pow2_36 by simp
why3_vc pow2_37 by simp
why3_vc pow2_38 by simp
why3_vc pow2_39 by simp
why3_vc pow2_40 by simp
why3_vc pow2_41 by simp
why3_vc pow2_42 by simp
why3_vc pow2_43 by simp
why3_vc pow2_44 by simp
why3_vc pow2_45 by simp
why3_vc pow2_46 by simp
why3_vc pow2_47 by simp
why3_vc pow2_48 by simp
why3_vc pow2_49 by simp
why3_vc pow2_50 by simp
why3_vc pow2_51 by simp
why3_vc pow2_52 by simp
why3_vc pow2_53 by simp
why3_vc pow2_54 by simp
why3_vc pow2_55 by simp
why3_vc pow2_56 by simp
why3_vc pow2_57 by simp
why3_vc pow2_58 by simp
why3_vc pow2_59 by simp
why3_vc pow2_60 by simp
why3_vc pow2_61 by simp
why3_vc pow2_62 by simp
why3_vc pow2_63 by simp
why3_vc pow2_64 by simp
why3_end
lemma rotate1_nth:
assumes "0 < length xs"
shows "rotate1 xs ! (i mod length xs) = xs ! (Suc i mod length xs)"
proof (cases xs)
case Nil
with `0 < length xs` show ?thesis by simp
next
case (Cons y ys)
with mod_less_divisor [of "Suc (length ys)" i]
show ?thesis
by (auto simp add: nth_append mod_Suc simp del: mod_less_divisor)
qed
lemma rotl_nth:
"word_rotl j w !! ((i + j) mod len_of TYPE('a)) = (w::'a::len word) !! (i mod len_of TYPE('a))"
proof (induct j arbitrary: w i)
case 0
show ?case by simp
next
case (Suc n)
from Suc [of "of_bl (rotate1 (to_bl w))" "Suc i"]
rotate1_nth [of "to_bl w" "len_of TYPE('a) - Suc (Suc i mod len_of TYPE('a))"]
show ?case
by (simp add: word_rotl_def rotate1_rotate_swap word_bl.Abs_inverse
rev_nth test_bit_bl word_size Suc_diff_Suc)
(simp add: mod_Suc)
qed
lemma rotater1_rotater_swap: "rotater1 (rotater n xs) = rotater n (rotater1 xs)"
by (simp add: rotater_def funpow_swap1)
lemma length_rotater1 [simp]: "length (rotater1 xs) = length xs"
by (simp add: rotater1_def split: list.split)
lemma rotater1_nth:
assumes "0 < length xs"
shows "rotater1 xs ! (Suc i mod length xs) = xs ! (i mod length xs)"
proof (cases xs rule: rev_cases)
case Nil
with `0 < length xs` show ?thesis by simp
next
case (snoc ys y)
with mod_less_divisor [of "Suc (length ys)" i]
show ?thesis
by (auto simp add: rotate1_rl' nth_append mod_Suc simp del: mod_less_divisor)
qed
lemma rotr_nth:
"word_rotr j w !! (i mod len_of TYPE('a)) = (w::'a::len word) !! ((i + j) mod len_of TYPE('a))"
proof (induct j arbitrary: w)
case 0
show ?case by simp
next
case (Suc n)
from Suc [of "of_bl (rotater1 (to_bl w))"]
rotater1_nth [of "to_bl w" "len_of TYPE('a) - Suc (Suc (i + n) mod len_of TYPE('a))", symmetric]
show ?case
by (simp add: word_rotr_def rotater1_rotater_swap word_bl.Abs_inverse
rev_nth test_bit_bl word_size Suc_diff_Suc)
(simp add: mod_Suc)
qed
lemma uint_pow: "uint ((b::'a::len word) ^ n) = uint b ^ n mod 2 ^ len_of TYPE('a)"
by (induct n) (simp_all add: mod_pos_pos_trivial uint_word_ariths pull_mods)
lemma eq_sub_equiv_aux:
"(\<forall>j. uint i \<le> j \<and> j < uint i + uint n \<longrightarrow>
(0 \<le> j \<and> a !! nat j) = (0 \<le> j \<and> b !! nat j)) =
(b AND (mask (unat n) << unat i) = a AND (mask (unat n) << unat i))"
apply (simp add: word_eq_iff word_ops_nth_size word_size nth_shiftl)
apply (rule iffI)
apply (rule allI)
apply (drule_tac x="int na" in spec)
apply (auto simp add: uint_nat)[1]
apply (rule allI)
apply (drule_tac x="nat j" in spec)
apply (auto simp add: uint_nat test_bit_bin)
done
lemma int_minus_mod: "((i::int) - j) mod n = (i + (n - j mod n)) mod n"
proof -
have "(i + (n - j mod n)) mod n = (i mod n + (n - j mod n) mod n) mod n"
by (simp only: pull_mods(1))
also have "(n - j mod n) mod n = (n mod n - j mod n) mod n"
by (simp add: pull_mods)
finally show ?thesis by (simp add: pull_mods)
qed
lemma nat_minus_mod:
assumes "0 < (n::nat)"
shows "((n - i mod n) + i) mod n = 0"
proof -
have "((n - i mod n) + i) mod n = (i + (n - i mod n)) mod n"
by (simp add: add_ac)
also have "\<dots> = (i mod n + (n - i mod n)) mod n"
by (simp add: pull_mods)
also from assms have "\<dots> = (n mod n + (i mod n - i mod n)) mod n"
by (simp add: add_ac)
finally show ?thesis by simp
qed
lemma nat_minus_mod':
assumes "0 < (n::nat)"
shows "(i + (n - j mod n) + j) mod n = i mod n"
proof -
have "(i + (n - j mod n) + j) mod n = (i + ((n - j mod n) + j)) mod n"
by (simp add: add_ac)
also have "\<dots> = (i mod n + ((n - j mod n) + j) mod n) mod n"
by (simp add: pull_mods)
also note nat_minus_mod [OF assms]
finally show ?thesis by simp
qed
definition bv_nth :: "'a::len0 word \<Rightarrow> int \<Rightarrow> bool"
where "bv_nth bv i \<equiv> 0 \<le> i \<and> bv !! nat i"
abbreviation (input) nth_bv :: "'a::len0 word \<Rightarrow> 'a word \<Rightarrow> bool"
where "nth_bv bv bv' \<equiv> bv !! unat bv'"
abbreviation (input) lsr :: "'a::len0 word \<Rightarrow> int \<Rightarrow> 'a word"
where "lsr v i \<equiv> v >> nat i"
abbreviation (input) lsr_bv :: "'a::len0 word \<Rightarrow> 'a word \<Rightarrow> 'a word"
where "lsr_bv v n \<equiv> v >> unat n"
abbreviation (input) asr :: "'a::len word \<Rightarrow> int \<Rightarrow> 'a word"
where "asr v i \<equiv> v >>> nat i"
abbreviation (input) asr_bv :: "'a::len word \<Rightarrow> 'a word \<Rightarrow> 'a word"
where "asr_bv v n \<equiv> v >>> unat n"
abbreviation (input) lsl :: "'a::len0 word \<Rightarrow> int \<Rightarrow> 'a word"
where "lsl v i \<equiv> v << nat i"
abbreviation (input) lsl_bv :: "'a::len0 word \<Rightarrow> 'a word \<Rightarrow> 'a word"
where "lsl_bv v n \<equiv> v << unat n"
abbreviation (input) rotate_left :: "'a::len0 word \<Rightarrow> int \<Rightarrow> 'a word"
where "rotate_left v n \<equiv> word_rotl (nat n) v"
abbreviation (input) rotate_right :: "'a::len0 word \<Rightarrow> int \<Rightarrow> 'a word"
where "rotate_right v n \<equiv> word_rotr (nat n) v"
abbreviation (input) rotate_left_bv :: "'a::len0 word \<Rightarrow> 'a word \<Rightarrow> 'a word"
where "rotate_left_bv v n \<equiv> word_rotl (unat n) v"
abbreviation (input) rotate_right_bv :: "'a::len0 word \<Rightarrow> 'a word \<Rightarrow> 'a word"
where "rotate_right_bv v n \<equiv> word_rotr (unat n) v"
definition eq_sub_bv :: "'a::len word \<Rightarrow> 'a word \<Rightarrow> 'a word \<Rightarrow> 'a word \<Rightarrow> bool" where
eq_sub_bv_defn: "eq_sub_bv a b i n =
(b AND (mask (unat n) << unat i) = a AND (mask (unat n) << unat i))"
definition size_bv :: "'a::len word" where
"size_bv = of_nat LENGTH('a)"
definition is_signed_positive :: "'a::len word \<Rightarrow> bool" where
"is_signed_positive w = (0 \<le> sint w)"
lemma to_int_eq:
"sint (x::'a::len word) =
(if is_signed_positive x then uint x else - (2 ^ LENGTH('a) - uint x))"
proof (cases "0 \<le> sint x")
case True
note sint_lt [of x]
also have "(2::int) ^ (LENGTH('a) - 1) < 2 ^ LENGTH('a)"
by (rule power_strict_increasing) simp_all
finally have "sint x < 2 ^ LENGTH('a)" .
with True show ?thesis
by (simp add: is_signed_positive_def uint_sint bintrunc_mod2p mod_pos_pos_trivial)
next
case False
from sint_ge [of x]
have "- sint x \<le> 2 ^ (LENGTH('a) - 1)" by simp
also have "(2::int) ^ (LENGTH('a) - 1) < 2 ^ LENGTH('a)"
by (rule power_strict_increasing) simp_all
finally have "- sint x < 2 ^ LENGTH('a)" .
then have "- (2 ^ LENGTH('a)) < sint x" by simp
moreover from False have "0 < - sint x" by simp
ultimately have "- sint x = - sint x mod 2 ^ LENGTH('a)"
by (simp add: mod_pos_pos_trivial)
also have "sint x mod 2 ^ LENGTH('a) \<noteq> 0"
proof
assume "sint x mod 2 ^ LENGTH('a) = 0"
then obtain y where y: "sint x = y * 2 ^ LENGTH('a)" by auto
with False have "\<not> 0 \<le> y" by auto
then have "y \<le> - 1" by simp
then have "y * 2 ^ LENGTH('a) \<le> - 1 * 2 ^ LENGTH('a)"
by (rule mult_right_mono) simp
with y have "sint x \<le> - (2 ^ LENGTH('a))" by simp
with \<open>- (2 ^ LENGTH('a)) < sint x\<close> show False by simp
qed
then have "- sint x mod 2 ^ LENGTH('a) = 2 ^ LENGTH('a) - sint x mod 2 ^ LENGTH('a)"
by (simp add: zmod_zminus1_eq_if)
finally show ?thesis using False
by (simp add: is_signed_positive_def uint_sint bintrunc_mod2p)
qed
type_synonym word8 = "8 word"
why3_open "bv/BV8.xml"
constants
zeros=zero_class.zero
ones=max_word
bw_and=bitAND
bw_or=bitOR
bw_xor=bitXOR
bw_not=bitNOT
add=plus
sub=minus
neg=uminus
mul=times
udiv=divide
urem=modulo
lsr=lsr
asr=asr
lsl=lsl
lsr_bv=lsr_bv
asr_bv=asr_bv
lsl_bv=lsl_bv
rotate_left=rotate_left
rotate_right=rotate_right
rotate_left_bv=rotate_left_bv
rotate_right_bv=rotate_right_bv
nth=bv_nth
nth_bv=nth_bv
tqtint=uint
of_int=of_int
eq_sub_bv=eq_sub_bv
size_bv=size_bv
one=one_class.one
is_signed_positive=is_signed_positive
types
t=word8
why3_vc nth_out_of_bound
using assms
by (auto simp add: bv_nth_def test_bit_bin)
why3_vc Nth_zeros by (simp add: bv_nth_def)
why3_vc Nth_ones
using assms
by (simp add: bv_nth_def)
why3_vc Nth_bw_and
using assms
by (simp add: bv_nth_def word_ops_nth_size word_size)
why3_vc Nth_bw_or
using assms
by (simp add: bv_nth_def word_ops_nth_size word_size)
why3_vc Nth_bw_xor
using assms
by (simp add: bv_nth_def word_ops_nth_size word_size)
why3_vc Nth_bw_not
using assms
by (simp add: bv_nth_def word_ops_nth_size word_size)
why3_vc Lsr_nth_low
using assms
by (simp add: bv_nth_def nth_shiftr nat_add_distrib)
why3_vc Lsr_nth_high
using assms
by (simp add: bv_nth_def nth_shiftr)
(simp add: test_bit_bin nat_add_distrib [symmetric] nat_less_iff)
why3_vc lsr_zeros by simp
why3_vc Asr_nth_low
using assms
by (simp add: bv_nth_def nth_sshiftr word_size)
(simp add: nat_add_distrib [symmetric] le_nat_iff)
why3_vc Asr_nth_high
using assms
by (simp add: bv_nth_def nth_sshiftr word_size)
(simp add: nat_add_distrib [symmetric] le_nat_iff nat_less_iff)
why3_vc asr_zeros by (simp add: sshiftr_def)
why3_vc Lsl_nth_high
using assms
by (simp add: bv_nth_def nth_shiftl nat_diff_distrib nat_less_iff nat_le_eq_zle)
why3_vc Lsl_nth_low
using assms
by (simp add: bv_nth_def nth_shiftl nat_le_eq_zle)
why3_vc lsl_zeros by simp
why3_vc to_uint_extensionality using assms by simp
why3_vc to_int_def by (simp add: to_int_eq)
why3_vc to_int_extensionality using assms by simp
why3_vc positive_is_ge_zeros
by (simp add: is_signed_positive_def sge_def)
why3_vc to_uint_bounds
using uint_lt [of v]
by simp_all
why3_vc to_uint_of_int
using assms
by (simp add: uint_in_range_def word_of_int uint_word_of_int mod_pos_pos_trivial)
why3_vc nth_bv_def
by (simp add: word_eq_iff word_ops_nth_size word_size nth_shiftr)
why3_vc Nth_bv_is_nth
by (simp add: bv_nth_def unat_def)
why3_vc Nth_bv_is_nth2
using assms
by (simp add: bv_nth_def unat_def to_uint_of_int uint_in_range_def)
why3_vc to_uint_size_bv by (simp add: size_bv_def)
why3_vc to_uint_zeros by simp
why3_vc to_uint_one by simp
why3_vc to_uint_ones by (simp add: max_word_eq)
why3_vc to_uint_add
by (simp add: uint_word_arith_bintrs bintrunc_mod2p emod_def)
why3_vc to_uint_add_bounded
using assms
by (simp add: uint_word_arith_bintrs bintrunc_mod2p mod_pos_pos_trivial)
why3_vc to_uint_sub
by (simp add: uint_word_arith_bintrs bintrunc_mod2p emod_def)
why3_vc to_uint_sub_bounded
using assms
by (simp add: uint_word_arith_bintrs bintrunc_mod2p mod_pos_pos_trivial)
why3_vc to_uint_neg
by (simp add: uint_word_arith_bintrs bintrunc_mod2p emod_def)
why3_vc to_uint_mul
by (simp add: uint_word_arith_bintrs bintrunc_mod2p emod_def)
why3_vc to_uint_mul_bounded
using assms
by (simp add: uint_word_arith_bintrs bintrunc_mod2p mod_pos_pos_trivial)
why3_vc to_uint_udiv
by (cases "uint v2 = 0")
(simp_all add: uint_div ediv_def order.strict_iff_order)
why3_vc to_uint_urem
by (simp add: uint_mod emod_def)
why3_vc Nth_rotate_left
using assms rotl_nth [of "nat n" v "nat i + (size v - nat n mod size v)"]
by (simp add: emod_def bv_nth_def word_size nat_minus_mod' int_minus_mod
nat_mod_distrib nat_add_distrib nat_diff_distrib del: add_diff_assoc)
why3_vc Nth_rotate_right
using assms rotr_nth [of "nat n" v "nat i"]
by (simp add: emod_def bv_nth_def nat_mod_distrib nat_add_distrib)
why3_vc rotate_left_bv_is_rotate_left by (simp add: unat_def)
why3_vc rotate_right_bv_is_rotate_right by (simp add: unat_def)
why3_vc lsr_bv_is_lsr by (simp add: unat_def)
why3_vc to_uint_lsr
by (simp add: ediv_def shiftr_div_2n unat_def)
why3_vc asr_bv_is_asr by (simp add: unat_def)
why3_vc lsl_bv_is_lsl by (simp add: unat_def)
why3_vc to_uint_lsl
by (simp add: emod_def shiftl_t2n unat_def
uint_word_ariths mult_ac uint_pow pull_mods)
why3_vc Extensionality
using assms