diff --git a/tests/bitvector1.why b/tests/bitvector1.why
index e6ba477334981753f2418c78ff0f00d72449a271..0c4d0fb282f105cec051adef4e1c71ac334419f9 100644
--- a/tests/bitvector1.why
+++ b/tests/bitvector1.why
@@ -94,6 +94,10 @@ theory Pow2real
axiom Power_p : forall n: int. n <= 0 -> pow2 (n-1) = 0.5 *. pow2 n
+(* axiom Power_s : forall n:int. pow2 (n+1) = 2.0 *. pow2 n
+
+ axiom Power_p : forall n:int. pow2 (n-1) = 0.5 *. pow2 n
+*)
lemma Power_1 : pow2 1 = 2.0
lemma Power_neg1 : pow2 (-1) = 0.5
@@ -742,6 +746,12 @@ theory TestDoubleOfInt
lemma x_positive:forall x:int. (BV32.nth (BV32.from_int2c x) 31) = False ->
BV32.to_nat_sub (BV32.from_int2c x) 31 0 = BV32.to_nat_sub (BV32.from_int2c x) 30 0
+ lemma sign_of_x:
+ forall x:int. (BV32.nth (BV32.from_int2c x) 31) = False->x>0
+
+ lemma from_int2c_to_nat_sub:
+ forall x:int.x>0 -> BV32.to_nat_sub (BV32.from_int2c x) 31 0 = x
+
lemma x_positive1: forall x:int. (BV32.nth (BV32.from_int2c x) 31) = False ->
BV32.to_nat_sub (BV32.from_int2c x) 30 0 = x
lemma x_positive2: forall x:int. (BV64.nth (var x) 31) = True ->
@@ -750,12 +760,13 @@ theory TestDoubleOfInt
lemma mantissa_var_x_positive:
forall x:int. (BV64.nth (var x) 31) = True ->
mantissa(var(x)) = Pow2int.pow2 31 + x
-
+ (*a verifier*)
lemma x_negative: forall x:int. (BV64.nth (var x) 31) = False ->
BV64.to_nat_sub (var x) 30 0 = -x
+ (*a verifier*)
lemma mantissa_var_x_negative:
forall x:int. (BV64.nth (var x) 31) = False ->
- mantissa(var(x)) = Pow2int.pow2 31 - x
+ mantissa(var(x)) = Pow2int.pow2 31 + x
lemma mantissa_var: forall x:int. mantissa(var(x)) = Pow2int.pow2 31 + x
diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_negative_2.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_negative_2.v
new file mode 100644
index 0000000000000000000000000000000000000000..00c71fe89ad700ef7d6785a890688299ba4fd324
--- /dev/null
+++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_negative_2.v
@@ -0,0 +1,388 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter size: Z.
+
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < size)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (size - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (size - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (size - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+(* YOU MAY EDIT THE PROOF BELOW *)
+
+intros.
+rewrite nth_from_int2c_high_even_negative.
+auto.
+split.
+apply H.
+split.
+split.
+apply size_from_int2c.
+auto with *.
+rewrite pow2_0.
+rewrite Div_1.
+apply H.
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_positive_4.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_positive_4.v
new file mode 100644
index 0000000000000000000000000000000000000000..85935c8aeaa91686689f8859a17d5578c349cc2b
--- /dev/null
+++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_positive_4.v
@@ -0,0 +1,371 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter size: Z.
+
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < size)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (size - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (size - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intros.
+rewrite nth_from_int2c_high_even_positive.
+auto.
+split.
+apply H.
+split.
+split.
+apply size_from_int2c.
+auto with *.
+rewrite pow2_0.
+rewrite Div_1.
+apply H.
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_negative_2.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_negative_2.v
new file mode 100644
index 0000000000000000000000000000000000000000..d1183e761afa973bff375fee4195465aa081e1a0
--- /dev/null
+++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_negative_2.v
@@ -0,0 +1,391 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter size: Z.
+
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < size)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (size - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (size - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (size - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+(* YOU MAY EDIT THE PROOF BELOW *)
+
+intros.
+rewrite nth_from_int2c_high_odd_negative.
+auto.
+split.
+apply H.
+split.
+split.
+apply size_from_int2c.
+auto with *.
+rewrite pow2_0.
+rewrite Div_1.
+apply H.
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_positive_2.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_positive_2.v
new file mode 100644
index 0000000000000000000000000000000000000000..b25ce98d77bc1c458aa730db02262059e526b79f
--- /dev/null
+++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_positive_2.v
@@ -0,0 +1,374 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter size: Z.
+
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < size)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (size - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (size - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intros.
+rewrite nth_from_int2c_high_odd_positive.
+auto.
+split.
+apply H.
+split.
+split.
+apply size_from_int2c.
+auto with *.
+rewrite pow2_0.
+rewrite Div_1.
+apply H.
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_BitVector_pow2i_1.v b/tests/bitvector1/bitvector1_BitVector_pow2i_1.v
index 4d6cff3ea981cb5d7352758770477c0fb2aeec63..0296ab05f20c1e0c0a136b5cf0ee16cf775b421f 100644
--- a/tests/bitvector1/bitvector1_BitVector_pow2i_1.v
+++ b/tests/bitvector1/bitvector1_BitVector_pow2i_1.v
@@ -2,6 +2,12 @@
(* Beware! Only edit allowed sections below *)
Require Import ZArith.
Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
Parameter pow2: Z -> Z.
@@ -148,6 +154,8 @@ Parameter size: Z.
Parameter bv : Type.
+Axiom size_positive : (0%Z < size)%Z.
+
Parameter nth: bv -> Z -> bool.
@@ -211,13 +219,13 @@ Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
Parameter lsr: bv -> Z -> bv.
-Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
- (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (lsr b
- s) n) = (nth b (n + s)%Z)))).
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
-Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
- (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (lsr b
- s) n) = false))).
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\
+ (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
Parameter asr: bv -> Z -> bv.
@@ -263,18 +271,19 @@ Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
(0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
-Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((j <= i)%Z /\
- (0%Z <= j)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
k) = true)) -> ((to_nat_sub b j
i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
- (forall (k:Z), ((i <= k)%Z /\ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) ->
- ((to_nat_sub b1 j i) = (to_nat_sub b2 j i)).
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
-Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), (0%Z <= s)%Z ->
- ((to_nat_sub (lsr b s) (size - 1%Z)%Z 0%Z) = (to_nat_sub b
- ((size - 1%Z)%Z - s)%Z 0%Z)).
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)).
Parameter from_int: Z -> bv.
@@ -316,12 +325,24 @@ Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
((nth (from_int n) 0%Z) = true).
(* YOU MAY EDIT THE CONTEXT BELOW *)
-
+Open Scope Z_scope.
(* DO NOT EDIT BELOW *)
Theorem pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
(* YOU MAY EDIT THE PROOF BELOW *)
-intuition.
+intros i Hi.
+cut (0 <= i); auto with zarith.
+apply Z_lt_induction with
+ (P:= fun i =>
+ 0 <= i -> pow2 i <> 0);auto with zarith.
+intros x Hind Hxpos.
+assert (hx:x = 0 \/ x >0) by omega.
+destruct hx.
+subst x.
+rewrite Power_0;auto with zarith.
+
+replace (x) with (x-1+1) by omega.
+rewrite Power_s;auto with *.
Qed.
(* DO NOT EDIT BELOW *)
diff --git a/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v b/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v
index 95d6fe72b57b272726d4e9e9c052ed4436d8166b..a7a18d8339da287dcfef56c7acfef8f2dd2878b7 100644
--- a/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v
+++ b/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v
@@ -154,6 +154,8 @@ Parameter size: Z.
Parameter bv : Type.
+Axiom size_positive : (0%Z < size)%Z.
+
Parameter nth: bv -> Z -> bool.
diff --git a/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v b/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v
index 39f51c586b57d5cf37f59e66ae4002e8ceb5d636..7968404a87e745e15a932bdaf332494bdb051c52 100644
--- a/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v
+++ b/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v
@@ -30,29 +30,16 @@ assert (h:(x = 0 \/ x > 0)) by omega.
destruct h.
subst x.
rewrite Power_0.
-
-
-(*
-auto with zarith.
-elim n.
-replace (0+m) with m by omega.
-replace (1* pow2 m) with (pow2 m) by omega.
+replace (n+0) with n by omega.
+replace (pow2 n * 1) with (pow2 n) by omega.
auto.
-intro.
-elim p.
-3:rewrite Power_1.
-3:replace (1+m) with (m+1) by omega.
-3:apply Power_s.
-3:apply Hmn.
-intros p0 Hp0.
-rewrite Zpos_xI.
-replace (2 * Zpos p0) with (Zpos p0 * 2) by omega.
-rewrite<-Zplus_diag_eq_mult_2.
-rewrite Power_s.
-
-*)
-
-
+replace (x) with ((x-1)+1) by omega.
+rewrite Power_s;auto with zarith.
+replace (n + (x-1+1)) with (n+(x-1)+1) by omega.
+rewrite Power_s;auto with zarith.
+rewrite Hind;auto with zarith.
+rewrite Zmult_permute.
+auto with zarith.
Qed.
(* DO NOT EDIT BELOW *)
diff --git a/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v b/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v
index 5c3617e4735da4b695698149a609f6f06f1295bb..9249b8acc9767111028e82ed6608024a39dde069 100644
--- a/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v
+++ b/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v
@@ -7,10 +7,9 @@ Parameter pow2: Z -> R.
Axiom Power_0 : ((pow2 0%Z) = 1%R).
-Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
- ((pow2 (n + 1%Z)%Z) = (2%R * (pow2 n))%R).
+Axiom Power_s : forall (n:Z), ((pow2 (n + 1%Z)%Z) = (2%R * (pow2 n))%R).
-Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+Axiom Power_p : forall (n:Z),
((pow2 (n - 1%Z)%Z) = ((05 / 10)%R * (pow2 n))%R).
Axiom Power_1 : ((pow2 1%Z) = 2%R).
@@ -25,17 +24,31 @@ Theorem Power_sum : forall (n:Z) (m:Z),
((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%R).
(* YOU MAY EDIT THE PROOF BELOW *)
intros n m.
-elim n.
-replace (0 + m) with m by omega.
+
+assert (hm:m>=0 \/ m <=0) by omega.
+destruct hm.
+cut (0 <= m); auto with zarith.
+apply Z_lt_induction with
+ (P:= fun m =>
+ 0 <= m ->pow2 (n + m) = (pow2 n * pow2 m)%R);
+ auto with zarith.
+intros x Hind Hxpos.
+assert (h:(x = 0 \/ x > 0)) by omega.
+destruct h.
+subst x.
rewrite Power_0.
-rewrite Rmult_1_l.
+replace (n+0) with n by omega.
+rewrite Rmult_1_r.
auto.
-intro.
-elim p.
-intros p0 Hp0.
-3: replace (1+m) with (m+1) by omega.
-3:rewrite Power_1.
-3:apply Power_s.
+replace (x) with ((x-1)+1) by omega.
+rewrite Power_s;auto with zarith.
+replace (n + (x-1+1)) with (n+(x-1)+1) by omega.
+rewrite Power_s;auto with zarith.
+rewrite Hind;auto with zarith.
+rewrite <-Rmult_assoc.
+rewrite <-Rmult_assoc.
+rewrite Rmult_comm with (r1:=pow2 n)(r2:=2%R).
+auto with zarith.
Qed.
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v
index 41a9264663ded6056fc22ab0e4f84b71f087bc74..c8e627683a12b8e65debd80096c74217a8d2eae0 100644
--- a/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v
@@ -151,6 +151,8 @@ Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
Parameter bv : Type.
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
Parameter nth: bv -> Z -> bool.
@@ -214,13 +216,13 @@ Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
Parameter lsr: bv -> Z -> bv.
-Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
- (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (lsr b
- s) n) = (nth b (n + s)%Z)))).
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
-Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
- (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (lsr b
- s) n) = false))).
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
Parameter asr: bv -> Z -> bv.
@@ -272,12 +274,13 @@ Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
- (forall (k:Z), ((i <= k)%Z /\ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) ->
- ((to_nat_sub b1 j i) = (to_nat_sub b2 j i)).
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
-Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), (0%Z <= s)%Z ->
- ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z 0%Z) = (to_nat_sub b
- ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
Parameter from_int: Z -> bv.
@@ -323,8 +326,49 @@ Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
((nth (from_int 0%Z) i) = false).
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
Parameter bv1 : Type.
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
Parameter nth1: bv1 -> Z -> bool.
@@ -391,13 +435,13 @@ Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
Parameter lsr1: bv1 -> Z -> bv1.
-Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
- (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (lsr1 b
- s) n) = (nth1 b (n + s)%Z)))).
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
-Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
- (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (lsr1 b
- s) n) = false))).
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
Parameter asr1: bv1 -> Z -> bv1.
@@ -449,12 +493,13 @@ Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
- (forall (k:Z), ((i <= k)%Z /\ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2
- k))) -> ((to_nat_sub1 b1 j i) = (to_nat_sub1 b2 j i)).
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
-Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), (0%Z <= s)%Z ->
- ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z 0%Z) = (to_nat_sub1 b
- ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
Parameter from_int1: Z -> bv1.
@@ -478,6 +523,48 @@ Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
((nth1 (from_int1 0%Z) i) = false).
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
Parameter concat: bv -> bv -> bv1.
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var11_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var11_1.v
new file mode 100644
index 0000000000000000000000000000000000000000..52b87ce7139e48c8679d3f9e7453d09c9e8107c6
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var11_1.v
@@ -0,0 +1,712 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intros.
+unfold var.
+rewrite concat_low;auto with zarith.
+unfold jpxor.
+rewrite nth_var1;auto with zarith.
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var2_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var2_1.v
new file mode 100644
index 0000000000000000000000000000000000000000..eb93ecb9168139a3ddff216b79748aa4629e6be2
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var2_1.v
@@ -0,0 +1,722 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_var2 : forall (x:Z), ((nth1 (var x)
+ 31%Z) = (negb (nth (from_int2c x) 31%Z))).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intro x.
+unfold var.
+rewrite concat_low;auto with zarith.
+unfold jpxor.
+rewrite Nth_bw_xor_v1true.
+auto.
+split;auto with zarith.
+rewrite nth_from_int_high_odd;auto with *.
+split.
+split;auto with zarith.
+rewrite pow2_31.
+
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var4_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var4_1.v
new file mode 100644
index 0000000000000000000000000000000000000000..02dca96749da6b2d0dbb77a38b394397679c2d93
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var4_1.v
@@ -0,0 +1,731 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+
+Axiom nth_var2 : forall (x:Z), ((nth1 (var x)
+ 31%Z) = (negb (nth (from_int2c x) 31%Z))).
+
+Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) ->
+ ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)).
+
+Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\
+ (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\
+ (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intros x i H.
+unfold var.
+rewrite concat_high;auto with zarith.
+rewrite nth_from_int_high_odd;auto.
+split.
+split;auto with zarith.
+assert (h:i=52 \/ i=53) by omega.
+destruct h.
+subst i.
+replace (52-32) with 20 by omega.
+rewrite pow2_20.
+
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_sign_of_x_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_sign_of_x_1.v
new file mode 100644
index 0000000000000000000000000000000000000000..4e310fc4b52355477b06388c2ac7c16086c4239c
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_sign_of_x_1.v
@@ -0,0 +1,755 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+
+Axiom nth_var2 : forall (x:Z), ((nth1 (var x)
+ 31%Z) = (negb (nth (from_int2c x) 31%Z))).
+
+Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) ->
+ ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)).
+
+Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\
+ (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\
+ (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\
+ (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\
+ (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\
+ (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true).
+
+Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z),
+ (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) ->
+ ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)).
+
+Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z
+ 0%Z)).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem sign_of_x : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ (0%Z < x)%Z.
+(* YOU MAY EDIT THE PROOF BELOW *)
+intro x.
+
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_2.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_2.v
new file mode 100644
index 0000000000000000000000000000000000000000..66f39afa16bd92230cb807ea74b870d630afc15d
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_2.v
@@ -0,0 +1,761 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+
+Axiom nth_var2 : forall (x:Z), ((nth1 (var x)
+ 31%Z) = (negb (nth (from_int2c x) 31%Z))).
+
+Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) ->
+ ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)).
+
+Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\
+ (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\
+ (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\
+ (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\
+ (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\
+ (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true).
+
+Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z),
+ (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) ->
+ ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)).
+
+Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z
+ 0%Z)).
+
+Axiom from_int2c_to_nat_sub : forall (x:Z), (0%Z <= x)%Z ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = x).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem x_positive1 : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 30%Z 0%Z) = x).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intros x H.
+rewrite<- x_positive.
+rewrite from_int2c_to_nat_sub.
+auto.
+2: exact H.
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_3.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_3.v
new file mode 100644
index 0000000000000000000000000000000000000000..4b4b722527edd6bf6b843e06b19a5abe92a81dd1
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_3.v
@@ -0,0 +1,763 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+
+Axiom nth_var2 : forall (x:Z), ((nth1 (var x)
+ 31%Z) = (negb (nth (from_int2c x) 31%Z))).
+
+Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) ->
+ ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)).
+
+Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\
+ (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\
+ (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\
+ (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\
+ (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\
+ (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true).
+
+Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z),
+ (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) ->
+ ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)).
+
+Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z
+ 0%Z)).
+
+Axiom sign_of_x : forall (x:Z), (0%Z < x)%Z -> ((nth (from_int2c x)
+ 31%Z) = false).
+
+Axiom from_int2c_to_nat_sub : forall (x:Z), (0%Z < x)%Z ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = x).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+Open Scope Z_scope.
+(* DO NOT EDIT BELOW *)
+
+Theorem x_positive1 : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 30%Z 0%Z) = x).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intros x H.
+rewrite <-x_positive;auto.
+rewrite from_int2c_to_nat_sub;auto.
+
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_4.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_4.v
new file mode 100644
index 0000000000000000000000000000000000000000..f045b1f7b7fbd82de5d1c6b671cae33fa485519d
--- /dev/null
+++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_4.v
@@ -0,0 +1,760 @@
+(* This file is generated by Why3's Coq driver *)
+(* Beware! Only edit allowed sections below *)
+Require Import ZArith.
+Require Import Rbase.
+Definition implb(x:bool) (y:bool): bool := match (x,
+ y) with
+ | (true, false) => false
+ | (_, _) => true
+ end.
+
+Parameter pow2: Z -> Z.
+
+
+Axiom Power_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom Power_s : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z).
+
+Axiom Power_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
+ ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
+
+Axiom pow2_0 : ((pow2 0%Z) = 1%Z).
+
+Axiom pow2_1 : ((pow2 1%Z) = 2%Z).
+
+Axiom pow2_2 : ((pow2 2%Z) = 4%Z).
+
+Axiom pow2_3 : ((pow2 3%Z) = 8%Z).
+
+Axiom pow2_4 : ((pow2 4%Z) = 16%Z).
+
+Axiom pow2_5 : ((pow2 5%Z) = 32%Z).
+
+Axiom pow2_6 : ((pow2 6%Z) = 64%Z).
+
+Axiom pow2_7 : ((pow2 7%Z) = 128%Z).
+
+Axiom pow2_8 : ((pow2 8%Z) = 256%Z).
+
+Axiom pow2_9 : ((pow2 9%Z) = 512%Z).
+
+Axiom pow2_10 : ((pow2 10%Z) = 1024%Z).
+
+Axiom pow2_11 : ((pow2 11%Z) = 2048%Z).
+
+Axiom pow2_12 : ((pow2 12%Z) = 4096%Z).
+
+Axiom pow2_13 : ((pow2 13%Z) = 8192%Z).
+
+Axiom pow2_14 : ((pow2 14%Z) = 16384%Z).
+
+Axiom pow2_15 : ((pow2 15%Z) = 32768%Z).
+
+Axiom pow2_16 : ((pow2 16%Z) = 65536%Z).
+
+Axiom pow2_17 : ((pow2 17%Z) = 131072%Z).
+
+Axiom pow2_18 : ((pow2 18%Z) = 262144%Z).
+
+Axiom pow2_19 : ((pow2 19%Z) = 524288%Z).
+
+Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z).
+
+Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z).
+
+Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z).
+
+Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z).
+
+Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z).
+
+Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z).
+
+Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z).
+
+Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z).
+
+Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z).
+
+Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z).
+
+Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z).
+
+Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z).
+
+Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z).
+
+Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z).
+
+Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z).
+
+Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z).
+
+Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z).
+
+Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z).
+
+Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z).
+
+Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z).
+
+Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z).
+
+Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z).
+
+Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z).
+
+Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z).
+
+Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z).
+
+Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z).
+
+Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z).
+
+Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z).
+
+Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z).
+
+Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z).
+
+Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z).
+
+Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z).
+
+Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z).
+
+Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z).
+
+Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z).
+
+Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z).
+
+Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z).
+
+Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z).
+
+Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z).
+
+Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z).
+
+Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z).
+
+Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z).
+
+Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
+
+Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
+
+Parameter bv : Type.
+
+Axiom size_positive : (0%Z < 32%Z)%Z.
+
+Parameter nth: bv -> Z -> bool.
+
+
+Parameter bvzero: bv.
+
+
+Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth bvzero n) = false).
+
+Parameter bvone: bv.
+
+
+Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone
+ n) = true).
+
+Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)).
+
+Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
+
+Parameter bw_and: bv -> bv -> bv.
+
+
+Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))).
+
+Parameter bw_or: bv -> bv -> bv.
+
+
+Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))).
+
+Parameter bw_xor: bv -> bv -> bv.
+
+
+Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))).
+
+Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v2 n))).
+
+Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v2 n)).
+
+Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2)
+ n) = (negb (nth v1 n))).
+
+Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2)
+ n) = (nth v1 n)).
+
+Parameter bw_not: bv -> bv.
+
+
+Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) ->
+ ((nth (bw_not v) n) = (negb (nth v n))).
+
+Parameter lsr: bv -> Z -> bv.
+
+
+Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
+
+Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\
+ (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false).
+
+Parameter asr: bv -> Z -> bv.
+
+
+Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (n + s)%Z)))).
+
+Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b
+ s) n) = (nth b (32%Z - 1%Z)%Z)))).
+
+Parameter lsl: bv -> Z -> bv.
+
+
+Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s)
+ n) = (nth b (n - s)%Z)))).
+
+Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s)
+ n) = false))).
+
+Parameter to_nat_sub: bv -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b
+ (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub b j i) = 0%Z).
+
+Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))).
+
+Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = false)) -> ((to_nat_sub b j i) = 0%Z)).
+
+Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b
+ k) = true)) -> ((to_nat_sub b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j
+ i) = (to_nat_sub b2 j i))).
+
+Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\
+ (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int: Z -> bv.
+
+
+Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\
+ (x <= y)%Z).
+
+Parameter div: Z -> Z -> Z.
+
+
+Parameter mod1: Z -> Z -> Z.
+
+
+Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x
+ y))%Z + (mod1 x y))%Z).
+
+Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
+ ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z).
+
+Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x
+ y))%Z /\ ((mod1 x y) < (Zabs y))%Z).
+
+Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z).
+
+Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x).
+
+Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n)
+ i) = false).
+
+Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth (from_int n) i) = true).
+
+Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth (from_int n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth (from_int n) 0%Z) = true).
+
+Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth (from_int 0%Z) i) = false).
+
+Parameter from_int2c: Z -> bv.
+
+
+Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n)
+ (32%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\
+ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i))
+ 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false).
+
+Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false).
+
+Parameter bv1 : Type.
+
+Axiom size_positive1 : (0%Z < 64%Z)%Z.
+
+Parameter nth1: bv1 -> Z -> bool.
+
+
+Parameter bvzero1: bv1.
+
+
+Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvzero1 n) = false).
+
+Parameter bvone1: bv1.
+
+
+Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 bvone1 n) = true).
+
+Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)).
+
+Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2).
+
+Parameter bw_and1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_or1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2
+ n))).
+
+Parameter bw_xor1: bv1 -> bv1 -> bv1.
+
+
+Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2
+ n))).
+
+Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v2 n))).
+
+Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v2 n)).
+
+Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (negb (nth1 v1 n))).
+
+Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2)
+ n) = (nth1 v1 n)).
+
+Parameter bw_not1: bv1 -> bv1.
+
+
+Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) ->
+ ((nth1 (bw_not1 v) n) = (negb (nth1 v n))).
+
+Parameter lsr1: bv1 -> Z -> bv1.
+
+
+Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)).
+
+Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\
+ (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false).
+
+Parameter asr1: bv1 -> Z -> bv1.
+
+
+Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (n + s)%Z)))).
+
+Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b
+ s) n) = (nth1 b (64%Z - 1%Z)%Z)))).
+
+Parameter lsl1: bv1 -> Z -> bv1.
+
+
+Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = (nth1 b (n - s)%Z)))).
+
+Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\
+ (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b
+ s) n) = false))).
+
+Parameter to_nat_sub1: bv1 -> Z -> Z -> Z.
+
+
+Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j
+ i) = (to_nat_sub1 b (j - 1%Z)%Z i))).
+
+Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\
+ (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j
+ i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)).
+
+Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z ->
+ ((to_nat_sub1 b j i) = 0%Z).
+
+Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))).
+
+Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)).
+
+Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\
+ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b
+ k) = true)) -> ((to_nat_sub1 b j
+ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
+
+Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z),
+ ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\
+ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j
+ i) = (to_nat_sub1 b2 j i))).
+
+Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\
+ (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z
+ 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)).
+
+Parameter from_int1: Z -> bv1.
+
+
+Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = false).
+
+Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\
+ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) i) = true).
+
+Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) ->
+ ((nth1 (from_int1 n) 0%Z) = false).
+
+Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) ->
+ ((nth1 (from_int1 n) 0%Z) = true).
+
+Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z).
+
+Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) ->
+ ((nth1 (from_int1 0%Z) i) = false).
+
+Parameter from_int2c1: Z -> bv1.
+
+
+Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z.
+
+Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false).
+
+Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z),
+ ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = true).
+
+Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true).
+
+Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true).
+
+Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z),
+ ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\
+ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n)
+ i) = false).
+
+Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true).
+
+Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\
+ ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false).
+
+Parameter concat: bv -> bv -> bv1.
+
+
+Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\
+ (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)).
+
+Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\
+ (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)).
+
+Parameter pow21: Z -> R.
+
+
+Axiom Power_01 : ((pow21 0%Z) = 1%R).
+
+Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z ->
+ ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R).
+
+Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z ->
+ ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R).
+
+Axiom Power_11 : ((pow21 1%Z) = 2%R).
+
+Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R).
+
+Axiom Power_sum1 : forall (n:Z) (m:Z),
+ ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R).
+
+Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z ->
+ ((pow21 x) = (IZR (pow2 x))).
+
+Parameter double_of_bv64: bv1 -> R.
+
+
+Parameter sign_value: bool -> R.
+
+
+Axiom sign_value_false : ((sign_value false) = 1%R).
+
+Axiom sign_value_true : ((sign_value true) = (-1%R)%R).
+
+Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\
+ ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R).
+
+Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) ->
+ (0%R <= (double_of_bv64 b))%R.
+
+Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) ->
+ ((double_of_bv64 b) <= 0%R)%R.
+
+Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z
+ 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) ->
+ ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b
+ 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z
+ 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z) = true).
+
+Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true).
+
+Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z) = true).
+
+Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 63%Z) = false).
+
+Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z).
+
+Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) ->
+ ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z))
+ i) = false).
+
+Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z
+ 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 31%Z 0%Z)).
+
+Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)).
+
+Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R).
+
+Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R).
+
+Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)).
+
+Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R).
+
+Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z)
+ (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R).
+
+Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)).
+
+Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)).
+
+Definition var_as_double(x:Z): R := (double_of_bv64 (var x)).
+
+Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)).
+
+Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) ->
+ ((nth1 (var x) j) = (nth (from_int2c x) j)).
+
+Axiom nth_var2 : forall (x:Z), ((nth1 (var x)
+ 31%Z) = (negb (nth (from_int2c x) 31%Z))).
+
+Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) ->
+ ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)).
+
+Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\
+ (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\
+ (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\
+ (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\
+ (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true).
+
+Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\
+ (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false).
+
+Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true).
+
+Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false).
+
+Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z).
+
+Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z),
+ (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) ->
+ ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)).
+
+Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z
+ 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)).
+
+Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z
+ 0%Z)).
+
+Axiom sign_of_x : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ (0%Z < x)%Z.
+
+Axiom from_int2c_to_nat_sub : forall (x:Z), (0%Z < x)%Z ->
+ ((to_nat_sub (from_int2c x) 31%Z 0%Z) = x).
+
+(* YOU MAY EDIT THE CONTEXT BELOW *)
+
+(* DO NOT EDIT BELOW *)
+
+Theorem x_positive1 : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) ->
+ ((to_nat_sub (from_int2c x) 30%Z 0%Z) = x).
+(* YOU MAY EDIT THE PROOF BELOW *)
+intuition.
+
+Qed.
+(* DO NOT EDIT BELOW *)
+
+
diff --git a/tests/bitvector1/why3session.xml b/tests/bitvector1/why3session.xml
index 825a32cefc741b1923b972176fb84b1204de135d..80dba153de4c879257750fc909802d5bfe4de6cc 100644
--- a/tests/bitvector1/why3session.xml
+++ b/tests/bitvector1/why3session.xml
@@ -65,7 +65,7 @@
<theory
name="Pow2int"
verified="true"
- expanded="true">
+ expanded="false">
<goal
name="Power_1"
sum="72f6f91e98bcd7c0b932a93aeddaa0e5"
@@ -84,7 +84,7 @@
name="Power_sum"
sum="359eadaae8b7571af3ad546bc8656944"
proved="true"
- expanded="true"
+ expanded="false"
shape="ainfix =apow2ainfix +V0V1ainfix *apow2V0apow2V1Iainfix >=V1c0Aainfix >=V0c0F">
<proof
prover="coq"
@@ -1036,7 +1036,7 @@
<theory
name="Pow2real"
verified="false"
- expanded="false">
+ expanded="true">
<goal
name="Power_1"
sum="05eff9d48281eb24cb06eb9caecf811e"
@@ -1186,7 +1186,7 @@
timelimit="10"
edited="bitvector1_BitVector_to_nat_of_zero2_2.v"
obsolete="false">
- <result status="valid" time="0.66"/>
+ <result status="valid" time="0.60"/>
</proof>
</goal>
<goal
@@ -1968,7 +1968,7 @@
timelimit="5"
edited="bitvector1_TestDoubleOfInt_exp_const_1.v"
obsolete="false">
- <result status="valid" time="1.01"/>
+ <result status="valid" time="1.14"/>
</proof>
</goal>
<goal
@@ -2198,99 +2198,29 @@
<goal
name="nth_var11"
sum="65ca9957c1d3a1b2ddaeb053e22895d9"
- proved="false"
+ proved="true"
expanded="false"
shape="ainfix =anthavarV0V1anthafrom_int2cV0V1Iainfix <V1c31Aainfix <=c0V1F">
<proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.11"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="alt-ergo"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.11"/>
- </proof>
- <proof
- prover="cvc3-2.4"
+ prover="coq"
timelimit="5"
- edited=""
+ edited="bitvector1_TestDoubleOfInt_nth_var11_1.v"
obsolete="false">
- <result status="timeout" time="5.01"/>
+ <result status="valid" time="0.73"/>
</proof>
</goal>
<goal
name="nth_var2"
sum="b1ff953540ac3e95ef484243646501f2"
- proved="false"
+ proved="true"
expanded="false"
shape="ainfix =anthavarV0c31anotbanthafrom_int2cV0c31F">
- <proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.02"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
<proof
prover="alt-ergo"
- timelimit="5"
+ timelimit="15"
edited=""
obsolete="false">
- <result status="timeout" time="5.02"/>
- </proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.11"/>
- </proof>
- <proof
- prover="cvc3-2.4"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.02"/>
+ <result status="valid" time="8.02"/>
</proof>
</goal>
<goal
@@ -2299,27 +2229,6 @@
proved="true"
expanded="false"
shape="ainfix =anthavarV0V1anthajainfix -V1c32Iainfix <=V1c63Aainfix <=c32V1F">
- <proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.02"/>
- </proof>
<proof
prover="alt-ergo"
timelimit="5"
@@ -2327,20 +2236,6 @@
obsolete="false">
<result status="valid" time="1.22"/>
</proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.11"/>
- </proof>
- <proof
- prover="cvc3-2.4"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
</goal>
<goal
name="nth_var3"
@@ -2348,27 +2243,6 @@
proved="true"
expanded="false"
shape="ainfix =anthavarV0V1aFalseIainfix <=V1c51Aainfix <=c32V1FF">
- <proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.01"/>
- </proof>
<proof
prover="alt-ergo"
timelimit="5"
@@ -2376,68 +2250,19 @@
obsolete="false">
<result status="valid" time="4.41"/>
</proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="cvc3-2.4"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
</goal>
<goal
name="nth_var4"
sum="4861c5d794708fbd0aec4f34596caf89"
- proved="false"
+ proved="true"
expanded="false"
shape="ainfix =anthavarV0V1aTrueIainfix <=V1c53Aainfix <=c52V1FF">
- <proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.02"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.01"/>
- </proof>
<proof
prover="alt-ergo"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.02"/>
- </proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
- </proof>
- <proof
- prover="cvc3-2.4"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
+ <result status="valid" time="7.15"/>
</proof>
</goal>
<goal
@@ -2446,27 +2271,6 @@
proved="true"
expanded="false"
shape="ainfix =anthavarV0V1aFalseIainfix <=V1c55Aainfix <=c54V1FF">
- <proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.01"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.02"/>
- </proof>
<proof
prover="alt-ergo"
timelimit="5"
@@ -2474,68 +2278,19 @@
obsolete="false">
<result status="valid" time="4.26"/>
</proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="cvc3-2.4"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
</goal>
<goal
name="nth_var6"
sum="2fa1dd0b99a6e70a27f18cf88e34d82c"
- proved="false"
+ proved="true"
expanded="false"
shape="ainfix =anthavarV0V1aTrueIainfix <=V1c57Aainfix <=c56V1FF">
- <proof
- prover="z3-3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.11"/>
- </proof>
- <proof
- prover="alt-ergo-0.93.1"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.01"/>
- </proof>
- <proof
- prover="cvc3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
<proof
prover="alt-ergo"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.03"/>
- </proof>
- <proof
- prover="z3"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.04"/>
- </proof>
- <proof
- prover="cvc3-2.4"
- timelimit="5"
- edited=""
- obsolete="false">
- <result status="timeout" time="5.01"/>
+ <result status="valid" time="6.69"/>
</proof>
</goal>
<goal
@@ -2882,43 +2637,134 @@
</proof>
</goal>
<goal
- name="x_positive1"
- sum="241ac9058d476454282b0f929bad7ee6"
+ name="sign_of_x"
+ sum="86f0acc5e9331a780726afe9be192f18"
proved="false"
expanded="false"
- shape="ainfix =ato_nat_subafrom_int2cV0c30c0V0Iainfix =anthafrom_int2cV0c31aFalseF">
+ shape="ainfix >V0c0Iainfix =anthafrom_int2cV0c31aFalseF">
+ <proof
+ prover="coq"
+ timelimit="5"
+ edited="bitvector1_TestDoubleOfInt_sign_of_x_1.v"
+ obsolete="false">
+ <result status="unknown" time="0.71"/>
+ </proof>
+ <proof
+ prover="z3-3"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="timeout" time="5.64"/>
+ </proof>
<proof
prover="alt-ergo-0.93.1"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.03"/>
+ <result status="timeout" time="6.02"/>
</proof>
<proof
prover="cvc3"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.02"/>
+ <result status="timeout" time="5.07"/>
</proof>
<proof
prover="alt-ergo"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.01"/>
+ <result status="timeout" time="7.03"/>
+ </proof>
+ <proof
+ prover="z3"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="timeout" time="5.24"/>
+ </proof>
+ <proof
+ prover="cvc3-2.4"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="timeout" time="6.39"/>
+ </proof>
+ </goal>
+ <goal
+ name="from_int2c_to_nat_sub"
+ sum="f79701b11bf59f33d5bd8773ac9a6d52"
+ proved="true"
+ expanded="false"
+ shape="ainfix =ato_nat_subafrom_int2cV0c31c0V0Iainfix >V0c0F">
+ <proof
+ prover="z3-3"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.10"/>
+ </proof>
+ <proof
+ prover="alt-ergo-0.93.1"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.10"/>
+ </proof>
+ <proof
+ prover="cvc3"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.05"/>
+ </proof>
+ <proof
+ prover="alt-ergo"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.05"/>
+ </proof>
+ <proof
+ prover="z3"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.12"/>
</proof>
<proof
prover="cvc3-2.4"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.01"/>
+ <result status="valid" time="0.05"/>
+ </proof>
+ </goal>
+ <goal
+ name="x_positive1"
+ sum="d45f304ae19709e1c567bc4ef20d0b3c"
+ proved="true"
+ expanded="false"
+ shape="ainfix =ato_nat_subafrom_int2cV0c30c0V0Iainfix =anthafrom_int2cV0c31aFalseF">
+ <proof
+ prover="cvc3"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.06"/>
+ </proof>
+ <proof
+ prover="cvc3-2.4"
+ timelimit="5"
+ edited=""
+ obsolete="false">
+ <result status="valid" time="0.06"/>
</proof>
</goal>
<goal
name="x_positive2"
- sum="8b43ca32d8d9c639441a625662c8f761"
+ sum="65480fd6832d2c3e8b1121a4def73b10"
proved="true"
expanded="false"
shape="ainfix =ato_nat_subavarV0c30c0V0Iainfix =anthavarV0c31aTrueF">
@@ -2926,7 +2772,7 @@
prover="alt-ergo-0.93.1"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="timeout" time="5.03"/>
</proof>
<proof
@@ -2940,7 +2786,7 @@
prover="alt-ergo"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="timeout" time="5.03"/>
</proof>
<proof
@@ -2948,12 +2794,12 @@
timelimit="5"
edited=""
obsolete="false">
- <result status="valid" time="1.29"/>
+ <result status="valid" time="1.24"/>
</proof>
</goal>
<goal
name="mantissa_var_x_positive"
- sum="542472513dd6268ec97e336972785e02"
+ sum="18a5014548373febbe3b50eefc990ec8"
proved="true"
expanded="false"
shape="ainfix =amantissaavarV0ainfix +apow2c31V0Iainfix =anthavarV0c31aTrueF">
@@ -2962,48 +2808,48 @@
timelimit="5"
edited="bitvector1_TestDoubleOfInt_mantissa_var_x_positive_3.v"
obsolete="false">
- <result status="valid" time="0.75"/>
+ <result status="valid" time="0.73"/>
</proof>
</goal>
<goal
name="x_negative"
- sum="75aca8e6393ca908f8163a9722aeb5e8"
+ sum="8bb02aa90041e121671a77b1106a07e4"
proved="false"
expanded="false"
shape="ainfix =ato_nat_subavarV0c30c0aprefix -V0Iainfix =anthavarV0c31aFalseF">
</goal>
<goal
name="mantissa_var_x_negative"
- sum="af80cf6d8e488e18405d3f91f4ce940f"
+ sum="900ae31000e353928fd7fee7eeeece9a"
proved="false"
expanded="false"
- shape="ainfix =amantissaavarV0ainfix -apow2c31V0Iainfix =anthavarV0c31aFalseF">
+ shape="ainfix =amantissaavarV0ainfix +apow2c31V0Iainfix =anthavarV0c31aFalseF">
<proof
prover="coq"
timelimit="5"
edited="bitvector1_TestDoubleOfInt_mantissa_var_x_negative_4.v"
- obsolete="false">
+ obsolete="true">
<result status="unknown" time="0.78"/>
</proof>
<proof
prover="alt-ergo-0.93.1"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="timeout" time="5.03"/>
</proof>
<proof
prover="alt-ergo"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="timeout" time="5.03"/>
</proof>
</goal>
<goal
name="mantissa_var"
- sum="ea1a4fe3f73d3d54af5a684d0c6faa49"
- proved="false"
+ sum="ba02f8f30814da1bffa26ea845a08595"
+ proved="true"
expanded="false"
shape="ainfix =amantissaavarV0ainfix +apow2c31V0F">
<proof
@@ -3011,68 +2857,68 @@
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.01"/>
+ <result status="valid" time="0.10"/>
</proof>
<proof
- prover="z3-3"
- timelimit="5"
+ prover="alt-ergo"
+ timelimit="10"
edited=""
obsolete="false">
- <result status="timeout" time="5.11"/>
+ <result status="valid" time="0.04"/>
</proof>
+ </goal>
+ <goal
+ name="var_value0"
+ sum="00517c58404989618ea36dc9b89d0e6f"
+ proved="true"
+ expanded="false"
+ shape="ainfix =avar_as_doubleV0ainfix *.apow2ainfix -c1075c1023ainfix +.c1.0ainfix *.afrom_intainfix +apow2c31V0apow2aprefix -c52F">
<proof
- prover="cvc3"
- timelimit="5"
- edited=""
+ prover="coq"
+ timelimit="20"
+ edited="bitvector1_TestDoubleOfInt_var_value0_3.v"
obsolete="false">
- <result status="timeout" time="5.02"/>
+ <result status="valid" time="0.74"/>
</proof>
+ </goal>
+ <goal
+ name="from_int_sum"
+ sum="fe8dc9d54bb9122a2f9a8459248436fb"
+ proved="true"
+ expanded="false"
+ shape="ainfix =afrom_intainfix +apow2c31V0ainfix +.afrom_intapow2c31afrom_intV0F">
<proof
- prover="alt-ergo"
- timelimit="10"
+ prover="alt-ergo-0.93.1"
+ timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="10.08"/>
+ <result status="valid" time="0.20"/>
</proof>
<proof
- prover="z3"
+ prover="cvc3"
timelimit="5"
edited=""
obsolete="false">
<result status="timeout" time="5.03"/>
</proof>
<proof
- prover="cvc3-2.4"
+ prover="alt-ergo"
timelimit="5"
edited=""
obsolete="false">
- <result status="timeout" time="5.02"/>
+ <result status="valid" time="0.05"/>
</proof>
- </goal>
- <goal
- name="var_value0"
- sum="b1ad275e16038fb1ee195dd5572185a0"
- proved="true"
- expanded="false"
- shape="ainfix =avar_as_doubleV0ainfix *.apow2ainfix -c1075c1023ainfix +.c1.0ainfix *.afrom_intainfix +apow2c31V0apow2aprefix -c52F">
<proof
- prover="coq"
- timelimit="20"
- edited="bitvector1_TestDoubleOfInt_var_value0_3.v"
+ prover="cvc3-2.4"
+ timelimit="5"
+ edited=""
obsolete="false">
- <result status="valid" time="0.73"/>
+ <result status="timeout" time="5.02"/>
</proof>
</goal>
- <goal
- name="from_int_sum"
- sum="a1bb3937bfed62df0155e2517454c2d0"
- proved="false"
- expanded="false"
- shape="ainfix =afrom_intainfix +apow2c31V0ainfix +.afrom_intapow2c31afrom_intV0F">
- </goal>
<goal
name="var_value3"
- sum="557480b278b9d44fdf69ea62403dcb26"
+ sum="f91469b3ab15f3951ca145f4409964b1"
proved="true"
expanded="false"
shape="ainfix =avar_as_doubleV0ainfix +.apow2c52ainfix *.ainfix *.apow2c52ainfix +.afrom_intapow2c31afrom_intV0apow2aprefix -c52F">
@@ -3081,7 +2927,7 @@
timelimit="5"
edited=""
obsolete="false">
- <result status="valid" time="0.52"/>
+ <result status="valid" time="0.51"/>
</proof>
<proof
prover="alt-ergo"
@@ -3095,12 +2941,12 @@
timelimit="5"
edited=""
obsolete="false">
- <result status="valid" time="1.14"/>
+ <result status="valid" time="1.09"/>
</proof>
</goal>
<goal
name="distr_pow52"
- sum="88ce4e295c467bfad6479a327f4ab008"
+ sum="84236fdd574539aae997cdf8141d5118"
proved="true"
expanded="false"
shape="ainfix =ainfix *.ainfix *.apow2c52V0apow2aprefix -c52V0F">
@@ -3108,7 +2954,7 @@
prover="alt-ergo"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="timeout" time="5.03"/>
</proof>
<proof
@@ -3116,19 +2962,31 @@
timelimit="5"
edited=""
obsolete="false">
- <result status="valid" time="0.12"/>
+ <result status="valid" time="0.11"/>
</proof>
<proof
prover="cvc3-2.4"
timelimit="5"
edited=""
obsolete="false">
- <result status="valid" time="0.38"/>
+ <result status="valid" time="0.37"/>
</proof>
+ <transf
+ name="inline_goal"
+ proved="false"
+ expanded="false">
+ <goal
+ name="distr_pow52.1"
+ sum="6d078206e45765adc3c90da8915c466b"
+ proved="false"
+ expanded="false"
+ shape="ainfix =ainfix *ainfix *.apow2c52V0apow2aprefix -c52V0F">
+ </goal>
+ </transf>
</goal>
<goal
name="var_value4"
- sum="ce93ee0e901d7e2db2f205a940591e13"
+ sum="c2a26ffd37180e6c789df39d7dc9f1da"
proved="true"
expanded="false"
shape="ainfix =avar_as_doubleV0ainfix +.ainfix +.apow2c52afrom_intapow2c31afrom_intV0F">
@@ -3137,19 +2995,19 @@
timelimit="5"
edited="bitvector1_TestDoubleOfInt_var_value4_2.v"
obsolete="false">
- <result status="valid" time="0.82"/>
+ <result status="valid" time="0.73"/>
</proof>
<proof
prover="alt-ergo"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="timeout" time="5.04"/>
</proof>
</goal>
<goal
name="pow31"
- sum="6b80ca303ff53596b33a3c2b9556339a"
+ sum="c70e4db74468f9206db0598a811c3a7b"
proved="true"
expanded="false"
shape="ainfix =afrom_intapow2c31apow2c31">
@@ -3157,21 +3015,21 @@
prover="z3-3"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="valid" time="0.12"/>
</proof>
<proof
prover="alt-ergo-0.93.1"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="valid" time="0.12"/>
</proof>
<proof
prover="cvc3"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="valid" time="0.06"/>
</proof>
<proof
@@ -3185,20 +3043,20 @@
prover="z3"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="valid" time="0.13"/>
</proof>
<proof
prover="cvc3-2.4"
timelimit="5"
edited=""
- obsolete="false">
+ obsolete="true">
<result status="valid" time="0.07"/>
</proof>
</goal>
<goal
name="var_value"
- sum="02ff597f81e1747784100b402f0d6bbd"
+ sum="eaf5d27282812432b8af8f2e847e1f00"
proved="true"
expanded="false"
shape="ainfix =avar_as_doubleV0ainfix +.ainfix +.apow2c52apow2c31afrom_intV0F">
@@ -3207,26 +3065,26 @@
timelimit="20"
edited=""
obsolete="false">
- <result status="valid" time="0.10"/>
+ <result status="valid" time="0.09"/>
</proof>
<proof
prover="alt-ergo"
timelimit="10"
edited=""
obsolete="false">
- <result status="valid" time="0.05"/>
+ <result status="valid" time="0.04"/>
</proof>
<proof
prover="cvc3-2.4"
timelimit="20"
edited=""
obsolete="false">
- <result status="valid" time="1.48"/>
+ <result status="valid" time="1.36"/>
</proof>
</goal>
<goal
name="MainResult"
- sum="ba86da65075b57057344f62fe774e79b"
+ sum="77b9f0a125339af9c1d541b9b7356c7a"
proved="true"
expanded="false"
shape="ainfix =adouble_of_int32V0afrom_intV0F">
@@ -3235,7 +3093,7 @@
timelimit="5"
edited=""
obsolete="false">
- <result status="valid" time="0.10"/>
+ <result status="valid" time="0.09"/>
</proof>
<proof
prover="z3-3"
@@ -3256,7 +3114,7 @@
timelimit="10"
edited=""
obsolete="false">
- <result status="valid" time="0.04"/>
+ <result status="valid" time="0.03"/>
</proof>
</goal>
</theory>