diff --git a/tests/bitvector1.why b/tests/bitvector1.why index e6ba477334981753f2418c78ff0f00d72449a271..0c4d0fb282f105cec051adef4e1c71ac334419f9 100644 --- a/tests/bitvector1.why +++ b/tests/bitvector1.why @@ -94,6 +94,10 @@ theory Pow2real axiom Power_p : forall n: int. n <= 0 -> pow2 (n-1) = 0.5 *. pow2 n +(* axiom Power_s : forall n:int. pow2 (n+1) = 2.0 *. pow2 n + + axiom Power_p : forall n:int. pow2 (n-1) = 0.5 *. pow2 n +*) lemma Power_1 : pow2 1 = 2.0 lemma Power_neg1 : pow2 (-1) = 0.5 @@ -742,6 +746,12 @@ theory TestDoubleOfInt lemma x_positive:forall x:int. (BV32.nth (BV32.from_int2c x) 31) = False -> BV32.to_nat_sub (BV32.from_int2c x) 31 0 = BV32.to_nat_sub (BV32.from_int2c x) 30 0 + lemma sign_of_x: + forall x:int. (BV32.nth (BV32.from_int2c x) 31) = False->x>0 + + lemma from_int2c_to_nat_sub: + forall x:int.x>0 -> BV32.to_nat_sub (BV32.from_int2c x) 31 0 = x + lemma x_positive1: forall x:int. (BV32.nth (BV32.from_int2c x) 31) = False -> BV32.to_nat_sub (BV32.from_int2c x) 30 0 = x lemma x_positive2: forall x:int. (BV64.nth (var x) 31) = True -> @@ -750,12 +760,13 @@ theory TestDoubleOfInt lemma mantissa_var_x_positive: forall x:int. (BV64.nth (var x) 31) = True -> mantissa(var(x)) = Pow2int.pow2 31 + x - + (*a verifier*) lemma x_negative: forall x:int. (BV64.nth (var x) 31) = False -> BV64.to_nat_sub (var x) 30 0 = -x + (*a verifier*) lemma mantissa_var_x_negative: forall x:int. (BV64.nth (var x) 31) = False -> - mantissa(var(x)) = Pow2int.pow2 31 - x + mantissa(var(x)) = Pow2int.pow2 31 + x lemma mantissa_var: forall x:int. mantissa(var(x)) = Pow2int.pow2 31 + x diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_negative_2.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_negative_2.v new file mode 100644 index 0000000000000000000000000000000000000000..00c71fe89ad700ef7d6785a890688299ba4fd324 --- /dev/null +++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_negative_2.v @@ -0,0 +1,388 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter size: Z. + + +Parameter bv : Type. + +Axiom size_positive : (0%Z < size)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (size - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z + 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (size - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (size - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). +(* YOU MAY EDIT THE PROOF BELOW *) + +intros. +rewrite nth_from_int2c_high_even_negative. +auto. +split. +apply H. +split. +split. +apply size_from_int2c. +auto with *. +rewrite pow2_0. +rewrite Div_1. +apply H. +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_positive_4.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_positive_4.v new file mode 100644 index 0000000000000000000000000000000000000000..85935c8aeaa91686689f8859a17d5578c349cc2b --- /dev/null +++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_even_positive_4.v @@ -0,0 +1,371 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter size: Z. + + +Parameter bv : Type. + +Axiom size_positive : (0%Z < size)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (size - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z + 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (size - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). +(* YOU MAY EDIT THE PROOF BELOW *) +intros. +rewrite nth_from_int2c_high_even_positive. +auto. +split. +apply H. +split. +split. +apply size_from_int2c. +auto with *. +rewrite pow2_0. +rewrite Div_1. +apply H. + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_negative_2.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_negative_2.v new file mode 100644 index 0000000000000000000000000000000000000000..d1183e761afa973bff375fee4195465aa081e1a0 --- /dev/null +++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_negative_2.v @@ -0,0 +1,391 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter size: Z. + + +Parameter bv : Type. + +Axiom size_positive : (0%Z < size)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (size - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z + 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (size - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (size - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). +(* YOU MAY EDIT THE PROOF BELOW *) + +intros. +rewrite nth_from_int2c_high_odd_negative. +auto. +split. +apply H. +split. +split. +apply size_from_int2c. +auto with *. +rewrite pow2_0. +rewrite Div_1. +apply H. +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_positive_2.v b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_positive_2.v new file mode 100644 index 0000000000000000000000000000000000000000..b25ce98d77bc1c458aa730db02262059e526b79f --- /dev/null +++ b/tests/bitvector1/bitvector1_BitVector_nth_from_int2c_low_odd_positive_2.v @@ -0,0 +1,374 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter size: Z. + + +Parameter bv : Type. + +Axiom size_positive : (0%Z < size)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (size - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < size)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z + 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < size)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < size)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (size - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (size - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (size - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). +(* YOU MAY EDIT THE PROOF BELOW *) +intros. +rewrite nth_from_int2c_high_odd_positive. +auto. +split. +apply H. +split. +split. +apply size_from_int2c. +auto with *. +rewrite pow2_0. +rewrite Div_1. +apply H. + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_BitVector_pow2i_1.v b/tests/bitvector1/bitvector1_BitVector_pow2i_1.v index 4d6cff3ea981cb5d7352758770477c0fb2aeec63..0296ab05f20c1e0c0a136b5cf0ee16cf775b421f 100644 --- a/tests/bitvector1/bitvector1_BitVector_pow2i_1.v +++ b/tests/bitvector1/bitvector1_BitVector_pow2i_1.v @@ -2,6 +2,12 @@ (* Beware! Only edit allowed sections below *) Require Import ZArith. Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + Parameter pow2: Z -> Z. @@ -148,6 +154,8 @@ Parameter size: Z. Parameter bv : Type. +Axiom size_positive : (0%Z < size)%Z. + Parameter nth: bv -> Z -> bool. @@ -211,13 +219,13 @@ Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> Parameter lsr: bv -> Z -> bv. -Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ - (n < size)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < size)%Z -> ((nth (lsr b - s) n) = (nth b (n + s)%Z)))). +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + ((n + s)%Z < size)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). -Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ - (n < size)%Z) -> ((0%Z <= s)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (lsr b - s) n) = false))). +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < size)%Z) /\ (((0%Z <= s)%Z /\ (s < size)%Z) /\ + (size <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). Parameter asr: bv -> Z -> bv. @@ -263,18 +271,19 @@ Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b k) = false)) -> ((to_nat_sub b j i) = 0%Z)). -Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((j <= i)%Z /\ - (0%Z <= j)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b k) = true)) -> ((to_nat_sub b j i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), - (forall (k:Z), ((i <= k)%Z /\ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> - ((to_nat_sub b1 j i) = (to_nat_sub b2 j i)). + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). -Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), (0%Z <= s)%Z -> - ((to_nat_sub (lsr b s) (size - 1%Z)%Z 0%Z) = (to_nat_sub b - ((size - 1%Z)%Z - s)%Z 0%Z)). +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < size)%Z) -> ((to_nat_sub (lsr b s) (size - 1%Z)%Z + 0%Z) = (to_nat_sub b ((size - 1%Z)%Z - s)%Z 0%Z)). Parameter from_int: Z -> bv. @@ -316,12 +325,24 @@ Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int n) 0%Z) = true). (* YOU MAY EDIT THE CONTEXT BELOW *) - +Open Scope Z_scope. (* DO NOT EDIT BELOW *) Theorem pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). (* YOU MAY EDIT THE PROOF BELOW *) -intuition. +intros i Hi. +cut (0 <= i); auto with zarith. +apply Z_lt_induction with + (P:= fun i => + 0 <= i -> pow2 i <> 0);auto with zarith. +intros x Hind Hxpos. +assert (hx:x = 0 \/ x >0) by omega. +destruct hx. +subst x. +rewrite Power_0;auto with zarith. + +replace (x) with (x-1+1) by omega. +rewrite Power_s;auto with *. Qed. (* DO NOT EDIT BELOW *) diff --git a/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v b/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v index 95d6fe72b57b272726d4e9e9c052ed4436d8166b..a7a18d8339da287dcfef56c7acfef8f2dd2878b7 100644 --- a/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v +++ b/tests/bitvector1/bitvector1_BitVector_to_nat_of_zero2_2.v @@ -154,6 +154,8 @@ Parameter size: Z. Parameter bv : Type. +Axiom size_positive : (0%Z < size)%Z. + Parameter nth: bv -> Z -> bool. diff --git a/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v b/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v index 39f51c586b57d5cf37f59e66ae4002e8ceb5d636..7968404a87e745e15a932bdaf332494bdb051c52 100644 --- a/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v +++ b/tests/bitvector1/bitvector1_Pow2int_Power_sum_1.v @@ -30,29 +30,16 @@ assert (h:(x = 0 \/ x > 0)) by omega. destruct h. subst x. rewrite Power_0. - - -(* -auto with zarith. -elim n. -replace (0+m) with m by omega. -replace (1* pow2 m) with (pow2 m) by omega. +replace (n+0) with n by omega. +replace (pow2 n * 1) with (pow2 n) by omega. auto. -intro. -elim p. -3:rewrite Power_1. -3:replace (1+m) with (m+1) by omega. -3:apply Power_s. -3:apply Hmn. -intros p0 Hp0. -rewrite Zpos_xI. -replace (2 * Zpos p0) with (Zpos p0 * 2) by omega. -rewrite<-Zplus_diag_eq_mult_2. -rewrite Power_s. - -*) - - +replace (x) with ((x-1)+1) by omega. +rewrite Power_s;auto with zarith. +replace (n + (x-1+1)) with (n+(x-1)+1) by omega. +rewrite Power_s;auto with zarith. +rewrite Hind;auto with zarith. +rewrite Zmult_permute. +auto with zarith. Qed. (* DO NOT EDIT BELOW *) diff --git a/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v b/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v index 5c3617e4735da4b695698149a609f6f06f1295bb..9249b8acc9767111028e82ed6608024a39dde069 100644 --- a/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v +++ b/tests/bitvector1/bitvector1_Pow2real_Power_sum_1.v @@ -7,10 +7,9 @@ Parameter pow2: Z -> R. Axiom Power_0 : ((pow2 0%Z) = 1%R). -Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> - ((pow2 (n + 1%Z)%Z) = (2%R * (pow2 n))%R). +Axiom Power_s : forall (n:Z), ((pow2 (n + 1%Z)%Z) = (2%R * (pow2 n))%R). -Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> +Axiom Power_p : forall (n:Z), ((pow2 (n - 1%Z)%Z) = ((05 / 10)%R * (pow2 n))%R). Axiom Power_1 : ((pow2 1%Z) = 2%R). @@ -25,17 +24,31 @@ Theorem Power_sum : forall (n:Z) (m:Z), ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%R). (* YOU MAY EDIT THE PROOF BELOW *) intros n m. -elim n. -replace (0 + m) with m by omega. + +assert (hm:m>=0 \/ m <=0) by omega. +destruct hm. +cut (0 <= m); auto with zarith. +apply Z_lt_induction with + (P:= fun m => + 0 <= m ->pow2 (n + m) = (pow2 n * pow2 m)%R); + auto with zarith. +intros x Hind Hxpos. +assert (h:(x = 0 \/ x > 0)) by omega. +destruct h. +subst x. rewrite Power_0. -rewrite Rmult_1_l. +replace (n+0) with n by omega. +rewrite Rmult_1_r. auto. -intro. -elim p. -intros p0 Hp0. -3: replace (1+m) with (m+1) by omega. -3:rewrite Power_1. -3:apply Power_s. +replace (x) with ((x-1)+1) by omega. +rewrite Power_s;auto with zarith. +replace (n + (x-1+1)) with (n+(x-1)+1) by omega. +rewrite Power_s;auto with zarith. +rewrite Hind;auto with zarith. +rewrite <-Rmult_assoc. +rewrite <-Rmult_assoc. +rewrite Rmult_comm with (r1:=pow2 n)(r2:=2%R). +auto with zarith. Qed. diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v index 41a9264663ded6056fc22ab0e4f84b71f087bc74..c8e627683a12b8e65debd80096c74217a8d2eae0 100644 --- a/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_exp_const_1.v @@ -151,6 +151,8 @@ Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). Parameter bv : Type. +Axiom size_positive : (0%Z < 32%Z)%Z. + Parameter nth: bv -> Z -> bool. @@ -214,13 +216,13 @@ Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> Parameter lsr: bv -> Z -> bv. -Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ - (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (lsr b - s) n) = (nth b (n + s)%Z)))). +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). -Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ - (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (lsr b - s) n) = false))). +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). Parameter asr: bv -> Z -> bv. @@ -272,12 +274,13 @@ Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), - (forall (k:Z), ((i <= k)%Z /\ (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> - ((to_nat_sub b1 j i) = (to_nat_sub b2 j i)). + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). -Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), (0%Z <= s)%Z -> - ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z 0%Z) = (to_nat_sub b - ((32%Z - 1%Z)%Z - s)%Z 0%Z)). +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). Parameter from_int: Z -> bv. @@ -323,8 +326,49 @@ Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> ((nth (from_int 0%Z) i) = false). +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + Parameter bv1 : Type. +Axiom size_positive1 : (0%Z < 64%Z)%Z. + Parameter nth1: bv1 -> Z -> bool. @@ -391,13 +435,13 @@ Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> Parameter lsr1: bv1 -> Z -> bv1. -Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ - (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (lsr1 b - s) n) = (nth1 b (n + s)%Z)))). +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). -Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ - (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (lsr1 b - s) n) = false))). +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). Parameter asr1: bv1 -> Z -> bv1. @@ -449,12 +493,13 @@ Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), - (forall (k:Z), ((i <= k)%Z /\ (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 - k))) -> ((to_nat_sub1 b1 j i) = (to_nat_sub1 b2 j i)). + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). -Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), (0%Z <= s)%Z -> - ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z 0%Z) = (to_nat_sub1 b - ((64%Z - 1%Z)%Z - s)%Z 0%Z)). +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). Parameter from_int1: Z -> bv1. @@ -478,6 +523,48 @@ Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> ((nth1 (from_int1 0%Z) i) = false). +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + Parameter concat: bv -> bv -> bv1. diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var11_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var11_1.v new file mode 100644 index 0000000000000000000000000000000000000000..52b87ce7139e48c8679d3f9e7453d09c9e8107c6 --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var11_1.v @@ -0,0 +1,712 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). +(* YOU MAY EDIT THE PROOF BELOW *) +intros. +unfold var. +rewrite concat_low;auto with zarith. +unfold jpxor. +rewrite nth_var1;auto with zarith. + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var2_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var2_1.v new file mode 100644 index 0000000000000000000000000000000000000000..eb93ecb9168139a3ddff216b79748aa4629e6be2 --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var2_1.v @@ -0,0 +1,722 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_var2 : forall (x:Z), ((nth1 (var x) + 31%Z) = (negb (nth (from_int2c x) 31%Z))). +(* YOU MAY EDIT THE PROOF BELOW *) +intro x. +unfold var. +rewrite concat_low;auto with zarith. +unfold jpxor. +rewrite Nth_bw_xor_v1true. +auto. +split;auto with zarith. +rewrite nth_from_int_high_odd;auto with *. +split. +split;auto with zarith. +rewrite pow2_31. + + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var4_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var4_1.v new file mode 100644 index 0000000000000000000000000000000000000000..02dca96749da6b2d0dbb77a38b394397679c2d93 --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_nth_var4_1.v @@ -0,0 +1,731 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). + +Axiom nth_var2 : forall (x:Z), ((nth1 (var x) + 31%Z) = (negb (nth (from_int2c x) 31%Z))). + +Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) -> + ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)). + +Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\ + (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\ + (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true). +(* YOU MAY EDIT THE PROOF BELOW *) +intros x i H. +unfold var. +rewrite concat_high;auto with zarith. +rewrite nth_from_int_high_odd;auto. +split. +split;auto with zarith. +assert (h:i=52 \/ i=53) by omega. +destruct h. +subst i. +replace (52-32) with 20 by omega. +rewrite pow2_20. + + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_sign_of_x_1.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_sign_of_x_1.v new file mode 100644 index 0000000000000000000000000000000000000000..4e310fc4b52355477b06388c2ac7c16086c4239c --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_sign_of_x_1.v @@ -0,0 +1,755 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). + +Axiom nth_var2 : forall (x:Z), ((nth1 (var x) + 31%Z) = (negb (nth (from_int2c x) 31%Z))). + +Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) -> + ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)). + +Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\ + (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\ + (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\ + (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\ + (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\ + (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true). + +Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z), + (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) -> + ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)). + +Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z + 0%Z)). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem sign_of_x : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + (0%Z < x)%Z. +(* YOU MAY EDIT THE PROOF BELOW *) +intro x. + + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_2.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_2.v new file mode 100644 index 0000000000000000000000000000000000000000..66f39afa16bd92230cb807ea74b870d630afc15d --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_2.v @@ -0,0 +1,761 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). + +Axiom nth_var2 : forall (x:Z), ((nth1 (var x) + 31%Z) = (negb (nth (from_int2c x) 31%Z))). + +Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) -> + ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)). + +Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\ + (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\ + (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\ + (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\ + (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\ + (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true). + +Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z), + (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) -> + ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)). + +Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z + 0%Z)). + +Axiom from_int2c_to_nat_sub : forall (x:Z), (0%Z <= x)%Z -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = x). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem x_positive1 : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 30%Z 0%Z) = x). +(* YOU MAY EDIT THE PROOF BELOW *) +intros x H. +rewrite<- x_positive. +rewrite from_int2c_to_nat_sub. +auto. +2: exact H. + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_3.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_3.v new file mode 100644 index 0000000000000000000000000000000000000000..4b4b722527edd6bf6b843e06b19a5abe92a81dd1 --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_3.v @@ -0,0 +1,763 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). + +Axiom nth_var2 : forall (x:Z), ((nth1 (var x) + 31%Z) = (negb (nth (from_int2c x) 31%Z))). + +Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) -> + ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)). + +Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\ + (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\ + (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\ + (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\ + (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\ + (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true). + +Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z), + (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) -> + ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)). + +Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z + 0%Z)). + +Axiom sign_of_x : forall (x:Z), (0%Z < x)%Z -> ((nth (from_int2c x) + 31%Z) = false). + +Axiom from_int2c_to_nat_sub : forall (x:Z), (0%Z < x)%Z -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = x). + +(* YOU MAY EDIT THE CONTEXT BELOW *) +Open Scope Z_scope. +(* DO NOT EDIT BELOW *) + +Theorem x_positive1 : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 30%Z 0%Z) = x). +(* YOU MAY EDIT THE PROOF BELOW *) +intros x H. +rewrite <-x_positive;auto. +rewrite from_int2c_to_nat_sub;auto. + + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_4.v b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_4.v new file mode 100644 index 0000000000000000000000000000000000000000..f045b1f7b7fbd82de5d1c6b671cae33fa485519d --- /dev/null +++ b/tests/bitvector1/bitvector1_TestDoubleOfInt_x_positive1_4.v @@ -0,0 +1,760 @@ +(* This file is generated by Why3's Coq driver *) +(* Beware! Only edit allowed sections below *) +Require Import ZArith. +Require Import Rbase. +Definition implb(x:bool) (y:bool): bool := match (x, + y) with + | (true, false) => false + | (_, _) => true + end. + +Parameter pow2: Z -> Z. + + +Axiom Power_0 : ((pow2 0%Z) = 1%Z). + +Axiom Power_s : forall (n:Z), (0%Z <= n)%Z -> + ((pow2 (n + 1%Z)%Z) = (2%Z * (pow2 n))%Z). + +Axiom Power_1 : ((pow2 1%Z) = 2%Z). + +Axiom Power_sum : forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) -> + ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). + +Axiom pow2_0 : ((pow2 0%Z) = 1%Z). + +Axiom pow2_1 : ((pow2 1%Z) = 2%Z). + +Axiom pow2_2 : ((pow2 2%Z) = 4%Z). + +Axiom pow2_3 : ((pow2 3%Z) = 8%Z). + +Axiom pow2_4 : ((pow2 4%Z) = 16%Z). + +Axiom pow2_5 : ((pow2 5%Z) = 32%Z). + +Axiom pow2_6 : ((pow2 6%Z) = 64%Z). + +Axiom pow2_7 : ((pow2 7%Z) = 128%Z). + +Axiom pow2_8 : ((pow2 8%Z) = 256%Z). + +Axiom pow2_9 : ((pow2 9%Z) = 512%Z). + +Axiom pow2_10 : ((pow2 10%Z) = 1024%Z). + +Axiom pow2_11 : ((pow2 11%Z) = 2048%Z). + +Axiom pow2_12 : ((pow2 12%Z) = 4096%Z). + +Axiom pow2_13 : ((pow2 13%Z) = 8192%Z). + +Axiom pow2_14 : ((pow2 14%Z) = 16384%Z). + +Axiom pow2_15 : ((pow2 15%Z) = 32768%Z). + +Axiom pow2_16 : ((pow2 16%Z) = 65536%Z). + +Axiom pow2_17 : ((pow2 17%Z) = 131072%Z). + +Axiom pow2_18 : ((pow2 18%Z) = 262144%Z). + +Axiom pow2_19 : ((pow2 19%Z) = 524288%Z). + +Axiom pow2_20 : ((pow2 20%Z) = 1048576%Z). + +Axiom pow2_21 : ((pow2 21%Z) = 2097152%Z). + +Axiom pow2_22 : ((pow2 22%Z) = 4194304%Z). + +Axiom pow2_23 : ((pow2 23%Z) = 8388608%Z). + +Axiom pow2_24 : ((pow2 24%Z) = 16777216%Z). + +Axiom pow2_25 : ((pow2 25%Z) = 33554432%Z). + +Axiom pow2_26 : ((pow2 26%Z) = 67108864%Z). + +Axiom pow2_27 : ((pow2 27%Z) = 134217728%Z). + +Axiom pow2_28 : ((pow2 28%Z) = 268435456%Z). + +Axiom pow2_29 : ((pow2 29%Z) = 536870912%Z). + +Axiom pow2_30 : ((pow2 30%Z) = 1073741824%Z). + +Axiom pow2_31 : ((pow2 31%Z) = 2147483648%Z). + +Axiom pow2_32 : ((pow2 32%Z) = 4294967296%Z). + +Axiom pow2_33 : ((pow2 33%Z) = 8589934592%Z). + +Axiom pow2_34 : ((pow2 34%Z) = 17179869184%Z). + +Axiom pow2_35 : ((pow2 35%Z) = 34359738368%Z). + +Axiom pow2_36 : ((pow2 36%Z) = 68719476736%Z). + +Axiom pow2_37 : ((pow2 37%Z) = 137438953472%Z). + +Axiom pow2_38 : ((pow2 38%Z) = 274877906944%Z). + +Axiom pow2_39 : ((pow2 39%Z) = 549755813888%Z). + +Axiom pow2_40 : ((pow2 40%Z) = 1099511627776%Z). + +Axiom pow2_41 : ((pow2 41%Z) = 2199023255552%Z). + +Axiom pow2_42 : ((pow2 42%Z) = 4398046511104%Z). + +Axiom pow2_43 : ((pow2 43%Z) = 8796093022208%Z). + +Axiom pow2_44 : ((pow2 44%Z) = 17592186044416%Z). + +Axiom pow2_45 : ((pow2 45%Z) = 35184372088832%Z). + +Axiom pow2_46 : ((pow2 46%Z) = 70368744177664%Z). + +Axiom pow2_47 : ((pow2 47%Z) = 140737488355328%Z). + +Axiom pow2_48 : ((pow2 48%Z) = 281474976710656%Z). + +Axiom pow2_49 : ((pow2 49%Z) = 562949953421312%Z). + +Axiom pow2_50 : ((pow2 50%Z) = 1125899906842624%Z). + +Axiom pow2_51 : ((pow2 51%Z) = 2251799813685248%Z). + +Axiom pow2_52 : ((pow2 52%Z) = 4503599627370496%Z). + +Axiom pow2_53 : ((pow2 53%Z) = 9007199254740992%Z). + +Axiom pow2_54 : ((pow2 54%Z) = 18014398509481984%Z). + +Axiom pow2_55 : ((pow2 55%Z) = 36028797018963968%Z). + +Axiom pow2_56 : ((pow2 56%Z) = 72057594037927936%Z). + +Axiom pow2_57 : ((pow2 57%Z) = 144115188075855872%Z). + +Axiom pow2_58 : ((pow2 58%Z) = 288230376151711744%Z). + +Axiom pow2_59 : ((pow2 59%Z) = 576460752303423488%Z). + +Axiom pow2_60 : ((pow2 60%Z) = 1152921504606846976%Z). + +Axiom pow2_61 : ((pow2 61%Z) = 2305843009213693952%Z). + +Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z). + +Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z). + +Parameter bv : Type. + +Axiom size_positive : (0%Z < 32%Z)%Z. + +Parameter nth: bv -> Z -> bool. + + +Parameter bvzero: bv. + + +Axiom Nth_zero : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth bvzero n) = false). + +Parameter bvone: bv. + + +Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> ((nth bvone + n) = true). + +Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth v1 n) = (nth v2 n)). + +Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2). + +Parameter bw_and: bv -> bv -> bv. + + +Axiom Nth_bw_and : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_and v1 v2) n) = (andb (nth v1 n) (nth v2 n))). + +Parameter bw_or: bv -> bv -> bv. + + +Axiom Nth_bw_or : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_or v1 v2) n) = (orb (nth v1 n) (nth v2 n))). + +Parameter bw_xor: bv -> bv -> bv. + + +Axiom Nth_bw_xor : forall (v1:bv) (v2:bv) (n:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((nth (bw_xor v1 v2) n) = (xorb (nth v1 n) (nth v2 n))). + +Axiom Nth_bw_xor_v1true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v2 n))). + +Axiom Nth_bw_xor_v1false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v1 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v2 n)). + +Axiom Nth_bw_xor_v2true : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = true)) -> ((nth (bw_xor v1 v2) + n) = (negb (nth v1 n))). + +Axiom Nth_bw_xor_v2false : forall (v1:bv) (v2:bv) (n:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ ((nth v2 n) = false)) -> ((nth (bw_xor v1 v2) + n) = (nth v1 n)). + +Parameter bw_not: bv -> bv. + + +Axiom Nth_bw_not : forall (v:bv) (n:Z), ((0%Z <= n)%Z /\ (n < 32%Z)%Z) -> + ((nth (bw_not v) n) = (negb (nth v n))). + +Parameter lsr: bv -> Z -> bv. + + +Axiom lsr_nth_low : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + ((n + s)%Z < 32%Z)%Z)) -> ((nth (lsr b s) n) = (nth b (n + s)%Z)). + +Axiom lsr_nth_high : forall (b:bv) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 32%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 32%Z)%Z) /\ + (32%Z <= (n + s)%Z)%Z)) -> ((nth (lsr b s) n) = false). + +Parameter asr: bv -> Z -> bv. + + +Axiom asr_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 32%Z)%Z -> ((nth (asr b + s) n) = (nth b (n + s)%Z)))). + +Axiom asr_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((32%Z <= (n + s)%Z)%Z -> ((nth (asr b + s) n) = (nth b (32%Z - 1%Z)%Z)))). + +Parameter lsl: bv -> Z -> bv. + + +Axiom lsl_nth_high : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth (lsl b s) + n) = (nth b (n - s)%Z)))). + +Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 32%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth (lsl b s) + n) = false))). + +Parameter to_nat_sub: bv -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j i) = (to_nat_sub b + (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub b j i) = 0%Z). + +Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b i 0%Z))). + +Axiom to_nat_of_zero : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = false)) -> ((to_nat_sub b j i) = 0%Z)). + +Axiom to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth b + k) = true)) -> ((to_nat_sub b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint : forall (b1:bv) (b2:bv) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth b1 k) = (nth b2 k))) -> ((to_nat_sub b1 j + i) = (to_nat_sub b2 j i))). + +Axiom lsr_to_nat_sub : forall (b:bv) (s:Z), ((0%Z <= s)%Z /\ + (s < 32%Z)%Z) -> ((to_nat_sub (lsr b s) (32%Z - 1%Z)%Z + 0%Z) = (to_nat_sub b ((32%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int: Z -> bv. + + +Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ + (x <= y)%Z). + +Parameter div: Z -> Z -> Z. + + +Parameter mod1: Z -> Z -> Z. + + +Axiom Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> (x = ((y * (div x + y))%Z + (mod1 x y))%Z). + +Axiom Div_bound : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> + ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). + +Axiom Mod_bound : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((0%Z <= (mod1 x + y))%Z /\ ((mod1 x y) < (Zabs y))%Z). + +Axiom Mod_1 : forall (x:Z), ((mod1 x 1%Z) = 0%Z). + +Axiom Div_1 : forall (x:Z), ((div x 1%Z) = x). + +Axiom nth_from_int_high_even : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> ((nth (from_int n) + i) = false). + +Axiom nth_from_int_high_odd : forall (n:Z) (i:Z), (((i < 32%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth (from_int n) i) = true). + +Axiom nth_from_int_low_even : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth (from_int n) 0%Z) = false). + +Axiom nth_from_int_low_odd : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth (from_int n) 0%Z) = true). + +Axiom pow2i : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_0 : forall (i:Z), ((i < 32%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth (from_int 0%Z) i) = false). + +Parameter from_int2c: Z -> bv. + + +Axiom size_from_int2c : (0%Z < (32%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_high_odd_positive : forall (n:Z) (i:Z), ((0%Z <= n)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_low_even_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_sign_negative : forall (n:Z), (0%Z <= n)%Z -> ((nth (from_int2c n) + (32%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = true). + +Axiom nth_from_int2c_high_odd_negative : forall (n:Z) (i:Z), ((n < 0%Z)%Z /\ + (((i < (32%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) + 2%Z) = 0%Z))) -> ((nth (from_int2c n) i) = false). + +Axiom nth_from_int2c_low_even_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth (from_int2c n) 0%Z) = false). + +Parameter bv1 : Type. + +Axiom size_positive1 : (0%Z < 64%Z)%Z. + +Parameter nth1: bv1 -> Z -> bool. + + +Parameter bvzero1: bv1. + + +Axiom Nth_zero1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvzero1 n) = false). + +Parameter bvone1: bv1. + + +Axiom Nth_one1 : forall (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 bvone1 n) = true). + +Definition eq1(v1:bv1) (v2:bv1): Prop := forall (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 v1 n) = (nth1 v2 n)). + +Axiom extensionality1 : forall (v1:bv1) (v2:bv1), (eq1 v1 v2) -> (v1 = v2). + +Parameter bw_and1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_and1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_and1 v1 v2) n) = (andb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_or1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_or1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_or1 v1 v2) n) = (orb (nth1 v1 n) (nth1 v2 + n))). + +Parameter bw_xor1: bv1 -> bv1 -> bv1. + + +Axiom Nth_bw_xor1 : forall (v1:bv1) (v2:bv1) (n:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((nth1 (bw_xor1 v1 v2) n) = (xorb (nth1 v1 n) (nth1 v2 + n))). + +Axiom Nth_bw_xor_v1true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v2 n))). + +Axiom Nth_bw_xor_v1false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v1 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v2 n)). + +Axiom Nth_bw_xor_v2true1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = true)) -> ((nth1 (bw_xor1 v1 v2) + n) = (negb (nth1 v1 n))). + +Axiom Nth_bw_xor_v2false1 : forall (v1:bv1) (v2:bv1) (n:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ ((nth1 v2 n) = false)) -> ((nth1 (bw_xor1 v1 v2) + n) = (nth1 v1 n)). + +Parameter bw_not1: bv1 -> bv1. + + +Axiom Nth_bw_not1 : forall (v:bv1) (n:Z), ((0%Z <= n)%Z /\ (n < 64%Z)%Z) -> + ((nth1 (bw_not1 v) n) = (negb (nth1 v n))). + +Parameter lsr1: bv1 -> Z -> bv1. + + +Axiom lsr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + ((n + s)%Z < 64%Z)%Z)) -> ((nth1 (lsr1 b s) n) = (nth1 b (n + s)%Z)). + +Axiom lsr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), (((0%Z <= n)%Z /\ + (n < 64%Z)%Z) /\ (((0%Z <= s)%Z /\ (s < 64%Z)%Z) /\ + (64%Z <= (n + s)%Z)%Z)) -> ((nth1 (lsr1 b s) n) = false). + +Parameter asr1: bv1 -> Z -> bv1. + + +Axiom asr_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n + s)%Z < 64%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (n + s)%Z)))). + +Axiom asr_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((64%Z <= (n + s)%Z)%Z -> ((nth1 (asr1 b + s) n) = (nth1 b (64%Z - 1%Z)%Z)))). + +Parameter lsl1: bv1 -> Z -> bv1. + + +Axiom lsl_nth_high1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> ((0%Z <= (n - s)%Z)%Z -> ((nth1 (lsl1 b + s) n) = (nth1 b (n - s)%Z)))). + +Axiom lsl_nth_low1 : forall (b:bv1) (n:Z) (s:Z), ((0%Z <= n)%Z /\ + (n < 64%Z)%Z) -> ((0%Z <= s)%Z -> (((n - s)%Z < 0%Z)%Z -> ((nth1 (lsl1 b + s) n) = false))). + +Parameter to_nat_sub1: bv1 -> Z -> Z -> Z. + + +Axiom to_nat_sub_zero1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = false) -> ((to_nat_sub1 b j + i) = (to_nat_sub1 b (j - 1%Z)%Z i))). + +Axiom to_nat_sub_one1 : forall (b:bv1) (j:Z) (i:Z), ((0%Z <= i)%Z /\ + (i <= j)%Z) -> (((nth1 b j) = true) -> ((to_nat_sub1 b j + i) = ((pow2 (j - i)%Z) + (to_nat_sub1 b (j - 1%Z)%Z i))%Z)). + +Axiom to_nat_sub_high1 : forall (b:bv1) (j:Z) (i:Z), (j < i)%Z -> + ((to_nat_sub1 b j i) = 0%Z). + +Axiom to_nat_of_zero21 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i < k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j 0%Z) = (to_nat_sub1 b i 0%Z))). + +Axiom to_nat_of_zero1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = false)) -> ((to_nat_sub1 b j i) = 0%Z)). + +Axiom to_nat_of_one1 : forall (b:bv1) (i:Z) (j:Z), ((i <= j)%Z /\ + (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\ (i <= k)%Z) -> ((nth1 b + k) = true)) -> ((to_nat_sub1 b j + i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)). + +Axiom to_nat_sub_footprint1 : forall (b1:bv1) (b2:bv1) (j:Z) (i:Z), + ((i <= j)%Z /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((i <= k)%Z /\ + (k <= j)%Z) -> ((nth1 b1 k) = (nth1 b2 k))) -> ((to_nat_sub1 b1 j + i) = (to_nat_sub1 b2 j i))). + +Axiom lsr_to_nat_sub1 : forall (b:bv1) (s:Z), ((0%Z <= s)%Z /\ + (s < 64%Z)%Z) -> ((to_nat_sub1 (lsr1 b s) (64%Z - 1%Z)%Z + 0%Z) = (to_nat_sub1 b ((64%Z - 1%Z)%Z - s)%Z 0%Z)). + +Parameter from_int1: Z -> bv1. + + +Axiom nth_from_int_high_even1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = false). + +Axiom nth_from_int_high_odd1 : forall (n:Z) (i:Z), (((i < 64%Z)%Z /\ + (0%Z <= i)%Z) /\ ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) i) = true). + +Axiom nth_from_int_low_even1 : forall (n:Z), ((mod1 n 2%Z) = 0%Z) -> + ((nth1 (from_int1 n) 0%Z) = false). + +Axiom nth_from_int_low_odd1 : forall (n:Z), (~ ((mod1 n 2%Z) = 0%Z)) -> + ((nth1 (from_int1 n) 0%Z) = true). + +Axiom pow2i1 : forall (i:Z), (0%Z <= i)%Z -> ~ ((pow2 i) = 0%Z). + +Axiom nth_from_int_01 : forall (i:Z), ((i < 64%Z)%Z /\ (0%Z <= i)%Z) -> + ((nth1 (from_int1 0%Z) i) = false). + +Parameter from_int2c1: Z -> bv1. + + +Axiom size_from_int2c1 : (0%Z < (64%Z - 1%Z)%Z)%Z. + +Axiom nth_sign_positive1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = false). + +Axiom nth_from_int2c_high_even_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_high_odd_positive1 : forall (n:Z) (i:Z), + ((0%Z <= n)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = true). + +Axiom nth_from_int2c_low_even_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Axiom nth_from_int2c_low_odd_positive1 : forall (n:Z), ((0%Z <= n)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_sign_negative1 : forall (n:Z), (0%Z <= n)%Z -> + ((nth1 (from_int2c1 n) (64%Z - 1%Z)%Z) = true). + +Axiom nth_from_int2c_high_even_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) i) = true). + +Axiom nth_from_int2c_high_odd_negative1 : forall (n:Z) (i:Z), + ((n < 0%Z)%Z /\ (((i < (64%Z - 1%Z)%Z)%Z /\ (0%Z <= i)%Z) /\ + ~ ((mod1 (div n (pow2 i)) 2%Z) = 0%Z))) -> ((nth1 (from_int2c1 n) + i) = false). + +Axiom nth_from_int2c_low_even_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = true). + +Axiom nth_from_int2c_low_odd_negative1 : forall (n:Z), ((n < 0%Z)%Z /\ + ~ ((mod1 n 2%Z) = 0%Z)) -> ((nth1 (from_int2c1 n) 0%Z) = false). + +Parameter concat: bv -> bv -> bv1. + + +Axiom concat_low : forall (b1:bv) (b2:bv), forall (i:Z), ((0%Z <= i)%Z /\ + (i < 32%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b2 i)). + +Axiom concat_high : forall (b1:bv) (b2:bv), forall (i:Z), ((32%Z <= i)%Z /\ + (i < 64%Z)%Z) -> ((nth1 (concat b1 b2) i) = (nth b1 (i - 32%Z)%Z)). + +Parameter pow21: Z -> R. + + +Axiom Power_01 : ((pow21 0%Z) = 1%R). + +Axiom Power_s1 : forall (n:Z), (0%Z <= n)%Z -> + ((pow21 (n + 1%Z)%Z) = (2%R * (pow21 n))%R). + +Axiom Power_p : forall (n:Z), (n <= 0%Z)%Z -> + ((pow21 (n - 1%Z)%Z) = ((05 / 10)%R * (pow21 n))%R). + +Axiom Power_11 : ((pow21 1%Z) = 2%R). + +Axiom Power_neg1 : ((pow21 (-1%Z)%Z) = (05 / 10)%R). + +Axiom Power_sum1 : forall (n:Z) (m:Z), + ((pow21 (n + m)%Z) = ((pow21 n) * (pow21 m))%R). + +Axiom Pow2_int_real : forall (x:Z), (0%Z <= x)%Z -> + ((pow21 x) = (IZR (pow2 x))). + +Parameter double_of_bv64: bv1 -> R. + + +Parameter sign_value: bool -> R. + + +Axiom sign_value_false : ((sign_value false) = 1%R). + +Axiom sign_value_true : ((sign_value true) = (-1%R)%R). + +Axiom zero : forall (b:bv1), (((to_nat_sub1 b 62%Z 52%Z) = 0%Z) /\ + ((to_nat_sub1 b 51%Z 0%Z) = 0%Z)) -> ((double_of_bv64 b) = 0%R). + +Axiom sign_of_double_positive : forall (b:bv1), ((nth1 b 63%Z) = false) -> + (0%R <= (double_of_bv64 b))%R. + +Axiom sign_of_double_negative : forall (b:bv1), ((nth1 b 63%Z) = true) -> + ((double_of_bv64 b) <= 0%R)%R. + +Axiom double_of_bv64_value : forall (b:bv1), ((0%Z < (to_nat_sub1 b 62%Z + 52%Z))%Z /\ ((to_nat_sub1 b 62%Z 52%Z) < 2047%Z)%Z) -> + ((double_of_bv64 b) = (((sign_value (nth1 b 63%Z)) * (pow21 ((to_nat_sub1 b + 62%Z 52%Z) - 1023%Z)%Z))%R * (1%R + ((IZR (to_nat_sub1 b 51%Z + 0%Z)) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom nth_const1 : forall (i:Z), ((0%Z <= i)%Z /\ (i <= 30%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const2 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z) = true). + +Axiom nth_const3 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const4 : forall (i:Z), ((52%Z <= i)%Z /\ (i <= 53%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const5 : forall (i:Z), ((54%Z <= i)%Z /\ (i <= 55%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const6 : forall (i:Z), ((56%Z <= i)%Z /\ (i <= 57%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) i) = true). + +Axiom nth_const7 : forall (i:Z), ((58%Z <= i)%Z /\ (i <= 61%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom nth_const8 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z) = true). + +Axiom nth_const9 : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom sign_const : ((nth1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 63%Z) = false). + +Axiom exp_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_mantissa_1 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 30%Z 0%Z) = 0%Z). + +Axiom mantissa_const_nth2 : forall (i:Z), ((32%Z <= i)%Z /\ (i <= 51%Z)%Z) -> + ((nth1 (concat (from_int 1127219200%Z) (from_int 2147483648%Z)) + i) = false). + +Axiom mantissa_const_to_nat51 : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z + 0%Z) = (to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 31%Z 0%Z)). + +Axiom mantissa_const : ((to_nat_sub1 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z)) 51%Z 0%Z) = (pow2 31%Z)). + +Axiom real1075m1023 : ((IZR (1075%Z - 1023%Z)%Z) = 52%R). + +Axiom real1075m1023_2 : ((1075%R - 1023%R)%R = 52%R). + +Axiom real52_a_m52 : ((((pow21 (1075%Z - 1023%Z)%Z) * (pow21 31%Z))%R * (pow21 (-52%Z)%Z))%R = (pow21 31%Z)). + +Axiom const_value0 : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((1%R * (pow21 (1075%Z - 1023%Z)%Z))%R * (1%R + ((pow21 31%Z) * (pow21 (-52%Z)%Z))%R)%R)%R). + +Axiom const_value : ((double_of_bv64 (concat (from_int 1127219200%Z) + (from_int 2147483648%Z))) = ((pow21 52%Z) + (pow21 31%Z))%R). + +Definition jpxor(i:Z): bv := (bw_xor (from_int 2147483648%Z) (from_int2c i)). + +Definition var(i:Z): bv1 := (concat (from_int 1127219200%Z) (jpxor i)). + +Definition var_as_double(x:Z): R := (double_of_bv64 (var x)). + +Axiom nth_var1 : forall (x:bv) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth (bw_xor (from_int 2147483648%Z) x) j) = (nth x j)). + +Axiom nth_var11 : forall (x:Z) (j:Z), ((0%Z <= j)%Z /\ (j < 31%Z)%Z) -> + ((nth1 (var x) j) = (nth (from_int2c x) j)). + +Axiom nth_var2 : forall (x:Z), ((nth1 (var x) + 31%Z) = (negb (nth (from_int2c x) 31%Z))). + +Axiom nth_var30 : forall (x:Z) (k:Z), ((32%Z <= k)%Z /\ (k <= 63%Z)%Z) -> + ((nth1 (var x) k) = (nth (from_int 1127219200%Z) (k - 32%Z)%Z)). + +Axiom nth_var3 : forall (x:Z), forall (i:Z), ((32%Z <= i)%Z /\ + (i <= 51%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var4 : forall (x:Z), forall (i:Z), ((52%Z <= i)%Z /\ + (i <= 53%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var5 : forall (x:Z), forall (i:Z), ((54%Z <= i)%Z /\ + (i <= 55%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var6 : forall (x:Z), forall (i:Z), ((56%Z <= i)%Z /\ + (i <= 57%Z)%Z) -> ((nth1 (var x) i) = true). + +Axiom nth_var7 : forall (x:Z), forall (i:Z), ((58%Z <= i)%Z /\ + (i <= 61%Z)%Z) -> ((nth1 (var x) i) = false). + +Axiom nth_var8 : forall (x:Z), ((nth1 (var x) 62%Z) = true). + +Axiom nth_var9 : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom sign_var : forall (x:Z), ((nth1 (var x) 63%Z) = false). + +Axiom exp_var : forall (x:Z), ((to_nat_sub1 (var x) 62%Z 52%Z) = 1075%Z). + +Axiom to_nat_sub_same : forall (i:bv1), forall (j:bv), forall (m:Z), + (forall (k:Z), ((0%Z <= k)%Z /\ (k <= m)%Z) -> ((nth1 i k) = (nth j k))) -> + ((to_nat_sub1 i m 0%Z) = (to_nat_sub j m 0%Z)). + +Axiom nat_to_sub_x : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom to_nat_sub_var : forall (x:Z), ((to_nat_sub1 (var x) 30%Z + 0%Z) = (to_nat_sub (from_int2c x) 30%Z 0%Z)). + +Axiom x_positive : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = (to_nat_sub (from_int2c x) 30%Z + 0%Z)). + +Axiom sign_of_x : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + (0%Z < x)%Z. + +Axiom from_int2c_to_nat_sub : forall (x:Z), (0%Z < x)%Z -> + ((to_nat_sub (from_int2c x) 31%Z 0%Z) = x). + +(* YOU MAY EDIT THE CONTEXT BELOW *) + +(* DO NOT EDIT BELOW *) + +Theorem x_positive1 : forall (x:Z), ((nth (from_int2c x) 31%Z) = false) -> + ((to_nat_sub (from_int2c x) 30%Z 0%Z) = x). +(* YOU MAY EDIT THE PROOF BELOW *) +intuition. + +Qed. +(* DO NOT EDIT BELOW *) + + diff --git a/tests/bitvector1/why3session.xml b/tests/bitvector1/why3session.xml index 825a32cefc741b1923b972176fb84b1204de135d..80dba153de4c879257750fc909802d5bfe4de6cc 100644 --- a/tests/bitvector1/why3session.xml +++ b/tests/bitvector1/why3session.xml @@ -65,7 +65,7 @@ + expanded="false"> + expanded="true"> - + - + - - - - - - - - - - - - - - - - + - - - - - - - - - - - - - - - - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + shape="ainfix >V0c0Iainfix =anthafrom_int2cV0c31aFalseF"> + + + + + + - + - + - + + + + + + + + + + + + + + + + + + + + + + + + - + + + + + + + + + @@ -2926,7 +2772,7 @@ prover="alt-ergo-0.93.1" timelimit="5" edited="" - obsolete="false"> + obsolete="true"> + obsolete="true"> - + @@ -2962,48 +2808,48 @@ timelimit="5" edited="bitvector1_TestDoubleOfInt_mantissa_var_x_positive_3.v" obsolete="false"> - + + shape="ainfix =amantissaavarV0ainfix +apow2c31V0Iainfix =anthavarV0c31aFalseF"> + obsolete="true"> + obsolete="true"> + obsolete="true"> - + - + + + - + + + - + - + - - - + - - @@ -3081,7 +2927,7 @@ timelimit="5" edited="" obsolete="false"> - + - + @@ -3108,7 +2954,7 @@ prover="alt-ergo" timelimit="5" edited="" - obsolete="false"> + obsolete="true"> - + - + + + + + @@ -3137,19 +2995,19 @@ timelimit="5" edited="bitvector1_TestDoubleOfInt_var_value4_2.v" obsolete="false"> - + + obsolete="true"> @@ -3157,21 +3015,21 @@ prover="z3-3" timelimit="5" edited="" - obsolete="false"> + obsolete="true"> + obsolete="true"> + obsolete="true"> + obsolete="true"> + obsolete="true"> @@ -3207,26 +3065,26 @@ timelimit="20" edited="" obsolete="false"> - + - + - + @@ -3235,7 +3093,7 @@ timelimit="5" edited="" obsolete="false"> - + - +