added proof reconstructon for Z3,
authorboehmes
Tue Oct 20 10:11:30 2009 +0200 (2009-10-20)
changeset 3301039f73a59e855
parent 33008 b0ff69f0a248
child 33011 ab599f7f2639
added proof reconstructon for Z3,
added certificates for simpler re-checking of proofs (no need to invoke external solvers),
added examples and certificates for all examples,
removed Unsynchronized.ref (in smt_normalize.ML)
CONTRIBUTORS
NEWS
src/HOL/IsaMakefile
src/HOL/SMT/Examples/ROOT.ML
src/HOL/SMT/Examples/SMT_Examples.thy
src/HOL/SMT/Examples/cert/z3_arith_quant_01
src/HOL/SMT/Examples/cert/z3_arith_quant_01.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_02
src/HOL/SMT/Examples/cert/z3_arith_quant_02.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_03
src/HOL/SMT/Examples/cert/z3_arith_quant_03.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_04
src/HOL/SMT/Examples/cert/z3_arith_quant_04.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_05
src/HOL/SMT/Examples/cert/z3_arith_quant_05.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_06
src/HOL/SMT/Examples/cert/z3_arith_quant_06.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_07
src/HOL/SMT/Examples/cert/z3_arith_quant_07.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_08
src/HOL/SMT/Examples/cert/z3_arith_quant_08.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_09
src/HOL/SMT/Examples/cert/z3_arith_quant_09.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_10
src/HOL/SMT/Examples/cert/z3_arith_quant_10.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_11
src/HOL/SMT/Examples/cert/z3_arith_quant_11.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_12
src/HOL/SMT/Examples/cert/z3_arith_quant_12.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_13
src/HOL/SMT/Examples/cert/z3_arith_quant_13.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_14
src/HOL/SMT/Examples/cert/z3_arith_quant_14.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_15
src/HOL/SMT/Examples/cert/z3_arith_quant_15.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_16
src/HOL/SMT/Examples/cert/z3_arith_quant_16.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_17
src/HOL/SMT/Examples/cert/z3_arith_quant_17.proof
src/HOL/SMT/Examples/cert/z3_arith_quant_18
src/HOL/SMT/Examples/cert/z3_arith_quant_18.proof
src/HOL/SMT/Examples/cert/z3_bv_01
src/HOL/SMT/Examples/cert/z3_bv_01.proof
src/HOL/SMT/Examples/cert/z3_bv_02
src/HOL/SMT/Examples/cert/z3_bv_02.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_01
src/HOL/SMT/Examples/cert/z3_bv_arith_01.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_02
src/HOL/SMT/Examples/cert/z3_bv_arith_02.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_03
src/HOL/SMT/Examples/cert/z3_bv_arith_03.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_04
src/HOL/SMT/Examples/cert/z3_bv_arith_04.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_05
src/HOL/SMT/Examples/cert/z3_bv_arith_05.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_06
src/HOL/SMT/Examples/cert/z3_bv_arith_06.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_07
src/HOL/SMT/Examples/cert/z3_bv_arith_07.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_08
src/HOL/SMT/Examples/cert/z3_bv_arith_08.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_09
src/HOL/SMT/Examples/cert/z3_bv_arith_09.proof
src/HOL/SMT/Examples/cert/z3_bv_arith_10
src/HOL/SMT/Examples/cert/z3_bv_arith_10.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_01
src/HOL/SMT/Examples/cert/z3_bv_bit_01.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_02
src/HOL/SMT/Examples/cert/z3_bv_bit_02.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_03
src/HOL/SMT/Examples/cert/z3_bv_bit_03.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_04
src/HOL/SMT/Examples/cert/z3_bv_bit_04.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_05
src/HOL/SMT/Examples/cert/z3_bv_bit_05.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_06
src/HOL/SMT/Examples/cert/z3_bv_bit_06.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_07
src/HOL/SMT/Examples/cert/z3_bv_bit_07.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_08
src/HOL/SMT/Examples/cert/z3_bv_bit_08.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_09
src/HOL/SMT/Examples/cert/z3_bv_bit_09.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_10
src/HOL/SMT/Examples/cert/z3_bv_bit_10.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_11
src/HOL/SMT/Examples/cert/z3_bv_bit_11.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_12
src/HOL/SMT/Examples/cert/z3_bv_bit_12.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_13
src/HOL/SMT/Examples/cert/z3_bv_bit_13.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_14
src/HOL/SMT/Examples/cert/z3_bv_bit_14.proof
src/HOL/SMT/Examples/cert/z3_bv_bit_15
src/HOL/SMT/Examples/cert/z3_bv_bit_15.proof
src/HOL/SMT/Examples/cert/z3_fol_01
src/HOL/SMT/Examples/cert/z3_fol_01.proof
src/HOL/SMT/Examples/cert/z3_fol_02
src/HOL/SMT/Examples/cert/z3_fol_02.proof
src/HOL/SMT/Examples/cert/z3_fol_03
src/HOL/SMT/Examples/cert/z3_fol_03.proof
src/HOL/SMT/Examples/cert/z3_fol_04
src/HOL/SMT/Examples/cert/z3_fol_04.proof
src/HOL/SMT/Examples/cert/z3_hol_01
src/HOL/SMT/Examples/cert/z3_hol_01.proof
src/HOL/SMT/Examples/cert/z3_hol_02
src/HOL/SMT/Examples/cert/z3_hol_02.proof
src/HOL/SMT/Examples/cert/z3_hol_03
src/HOL/SMT/Examples/cert/z3_hol_03.proof
src/HOL/SMT/Examples/cert/z3_hol_04
src/HOL/SMT/Examples/cert/z3_hol_04.proof
src/HOL/SMT/Examples/cert/z3_hol_05
src/HOL/SMT/Examples/cert/z3_hol_05.proof
src/HOL/SMT/Examples/cert/z3_hol_06
src/HOL/SMT/Examples/cert/z3_hol_06.proof
src/HOL/SMT/Examples/cert/z3_hol_07
src/HOL/SMT/Examples/cert/z3_hol_07.proof
src/HOL/SMT/Examples/cert/z3_hol_08
src/HOL/SMT/Examples/cert/z3_hol_08.proof
src/HOL/SMT/Examples/cert/z3_linarith_01
src/HOL/SMT/Examples/cert/z3_linarith_01.proof
src/HOL/SMT/Examples/cert/z3_linarith_02
src/HOL/SMT/Examples/cert/z3_linarith_02.proof
src/HOL/SMT/Examples/cert/z3_linarith_03
src/HOL/SMT/Examples/cert/z3_linarith_03.proof
src/HOL/SMT/Examples/cert/z3_linarith_04
src/HOL/SMT/Examples/cert/z3_linarith_04.proof
src/HOL/SMT/Examples/cert/z3_linarith_05
src/HOL/SMT/Examples/cert/z3_linarith_05.proof
src/HOL/SMT/Examples/cert/z3_linarith_06
src/HOL/SMT/Examples/cert/z3_linarith_06.proof
src/HOL/SMT/Examples/cert/z3_linarith_07
src/HOL/SMT/Examples/cert/z3_linarith_07.proof
src/HOL/SMT/Examples/cert/z3_linarith_08
src/HOL/SMT/Examples/cert/z3_linarith_08.proof
src/HOL/SMT/Examples/cert/z3_linarith_09
src/HOL/SMT/Examples/cert/z3_linarith_09.proof
src/HOL/SMT/Examples/cert/z3_linarith_10
src/HOL/SMT/Examples/cert/z3_linarith_10.proof
src/HOL/SMT/Examples/cert/z3_linarith_11
src/HOL/SMT/Examples/cert/z3_linarith_11.proof
src/HOL/SMT/Examples/cert/z3_linarith_12
src/HOL/SMT/Examples/cert/z3_linarith_12.proof
src/HOL/SMT/Examples/cert/z3_linarith_13
src/HOL/SMT/Examples/cert/z3_linarith_13.proof
src/HOL/SMT/Examples/cert/z3_linarith_14
src/HOL/SMT/Examples/cert/z3_linarith_14.proof
src/HOL/SMT/Examples/cert/z3_linarith_15
src/HOL/SMT/Examples/cert/z3_linarith_15.proof
src/HOL/SMT/Examples/cert/z3_linarith_16
src/HOL/SMT/Examples/cert/z3_linarith_16.proof
src/HOL/SMT/Examples/cert/z3_mono_01
src/HOL/SMT/Examples/cert/z3_mono_01.proof
src/HOL/SMT/Examples/cert/z3_mono_02
src/HOL/SMT/Examples/cert/z3_mono_02.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_01
src/HOL/SMT/Examples/cert/z3_nat_arith_01.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_02
src/HOL/SMT/Examples/cert/z3_nat_arith_02.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_03
src/HOL/SMT/Examples/cert/z3_nat_arith_03.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_04
src/HOL/SMT/Examples/cert/z3_nat_arith_04.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_05
src/HOL/SMT/Examples/cert/z3_nat_arith_05.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_06
src/HOL/SMT/Examples/cert/z3_nat_arith_06.proof
src/HOL/SMT/Examples/cert/z3_nat_arith_07
src/HOL/SMT/Examples/cert/z3_nat_arith_07.proof
src/HOL/SMT/Examples/cert/z3_nlarith_01
src/HOL/SMT/Examples/cert/z3_nlarith_01.proof
src/HOL/SMT/Examples/cert/z3_nlarith_02
src/HOL/SMT/Examples/cert/z3_nlarith_02.proof
src/HOL/SMT/Examples/cert/z3_nlarith_03
src/HOL/SMT/Examples/cert/z3_nlarith_03.proof
src/HOL/SMT/Examples/cert/z3_nlarith_04
src/HOL/SMT/Examples/cert/z3_nlarith_04.proof
src/HOL/SMT/Examples/cert/z3_pair_01
src/HOL/SMT/Examples/cert/z3_pair_01.proof
src/HOL/SMT/Examples/cert/z3_pair_02
src/HOL/SMT/Examples/cert/z3_pair_02.proof
src/HOL/SMT/Examples/cert/z3_prop_01
src/HOL/SMT/Examples/cert/z3_prop_01.proof
src/HOL/SMT/Examples/cert/z3_prop_02
src/HOL/SMT/Examples/cert/z3_prop_02.proof
src/HOL/SMT/Examples/cert/z3_prop_03
src/HOL/SMT/Examples/cert/z3_prop_03.proof
src/HOL/SMT/Examples/cert/z3_prop_04
src/HOL/SMT/Examples/cert/z3_prop_04.proof
src/HOL/SMT/Examples/cert/z3_prop_05
src/HOL/SMT/Examples/cert/z3_prop_05.proof
src/HOL/SMT/Examples/cert/z3_prop_06
src/HOL/SMT/Examples/cert/z3_prop_06.proof
src/HOL/SMT/Examples/cert/z3_prop_07
src/HOL/SMT/Examples/cert/z3_prop_07.proof
src/HOL/SMT/Examples/cert/z3_prop_08
src/HOL/SMT/Examples/cert/z3_prop_08.proof
src/HOL/SMT/Examples/cert/z3_prop_09
src/HOL/SMT/Examples/cert/z3_prop_09.proof
src/HOL/SMT/Examples/cert/z3_prop_10
src/HOL/SMT/Examples/cert/z3_prop_10.proof
src/HOL/SMT/SMT.thy
src/HOL/SMT/SMT_Base.thy
src/HOL/SMT/SMT_Definitions.thy
src/HOL/SMT/Tools/cvc3_solver.ML
src/HOL/SMT/Tools/smt_normalize.ML
src/HOL/SMT/Tools/smt_solver.ML
src/HOL/SMT/Tools/yices_solver.ML
src/HOL/SMT/Tools/z3_proof.ML
src/HOL/SMT/Tools/z3_proof_rules.ML
src/HOL/SMT/Tools/z3_proof_terms.ML
src/HOL/SMT/Tools/z3_solver.ML
src/HOL/SMT/Z3.thy
src/HOL/SMT/etc/settings
src/HOL/SMT/lib/scripts/cert_smt.pl
src/HOL/SMT/lib/scripts/remote_smt.pl
     1.1 --- a/CONTRIBUTORS	Tue Oct 20 08:10:47 2009 +0200
     1.2 +++ b/CONTRIBUTORS	Tue Oct 20 10:11:30 2009 +0200
     1.3 @@ -7,10 +7,13 @@
     1.4  Contributions to this Isabelle version
     1.5  --------------------------------------
     1.6  
     1.7 -* Oktober 2009: Florian Haftmann, TUM
     1.8 +* October 2009: Sascha Boehme, TUM
     1.9 +  Extension of SMT method: proof-reconstruction for the SMT solver Z3
    1.10 +
    1.11 +* October 2009: Florian Haftmann, TUM
    1.12    Refinement of parts of the HOL datatype package
    1.13  
    1.14 -* Oktober 2009: Florian Haftmann, TUM
    1.15 +* October 2009: Florian Haftmann, TUM
    1.16    Generic term styles for term antiquotations
    1.17  
    1.18  * September 2009: Thomas Sewell, NICTA
     2.1 --- a/NEWS	Tue Oct 20 08:10:47 2009 +0200
     2.2 +++ b/NEWS	Tue Oct 20 10:11:30 2009 +0200
     2.3 @@ -46,7 +46,9 @@
     2.4  arithmetic, and fixed-size bitvectors; there is also basic
     2.5  support for higher-order features (esp. lambda abstractions).
     2.6  It is an incomplete decision procedure based on external SMT
     2.7 -solvers using the oracle mechanism.
     2.8 +solvers using the oracle mechanism; for the SMT solver Z3,
     2.9 +this method is proof-producing. Certificates are provided to
    2.10 +avoid calling the external solvers solely for re-checking proofs.
    2.11  
    2.12  * Reorganization of number theory:
    2.13    * former session NumberTheory now named Old_Number_Theory
     3.1 --- a/src/HOL/IsaMakefile	Tue Oct 20 08:10:47 2009 +0200
     3.2 +++ b/src/HOL/IsaMakefile	Tue Oct 20 10:11:30 2009 +0200
     3.3 @@ -6,7 +6,7 @@
     3.4  
     3.5  default: HOL
     3.6  generate: HOL-Generate-HOL HOL-Generate-HOLLight
     3.7 -images: HOL HOL-Base HOL-Plain HOL-Main HOL-Algebra HOL-Nominal HOL-NSA HOL-Word TLA HOL4
     3.8 +images: HOL HOL-Base HOL-Plain HOL-Main HOL-Algebra HOL-Nominal HOL-NSA HOL-SMT HOL-Word TLA HOL4
     3.9  
    3.10  #Note: keep targets sorted (except for HOL-Library and HOL-ex)
    3.11  test: \
    3.12 @@ -40,7 +40,7 @@
    3.13    HOL-Prolog \
    3.14    HOL-SET-Protocol \
    3.15    HOL-SizeChange \
    3.16 -  HOL-SMT \
    3.17 +  HOL-SMT-Examples \
    3.18    HOL-Statespace \
    3.19    HOL-Subst \
    3.20        TLA-Buffer \
    3.21 @@ -1146,15 +1146,222 @@
    3.22  
    3.23  HOL-SMT: HOL-Word $(LOG)/HOL-SMT.gz
    3.24  
    3.25 -$(LOG)/HOL-SMT.gz: $(OUT)/HOL-Word SMT/SMT_Definitions.thy SMT/SMT.thy \
    3.26 +$(LOG)/HOL-SMT.gz: $(OUT)/HOL-Word SMT/SMT_Base.thy SMT/Z3.thy SMT/SMT.thy \
    3.27    SMT/Tools/smt_normalize.ML SMT/Tools/smt_monomorph.ML \
    3.28    SMT/Tools/smt_translate.ML SMT/Tools/smt_builtin.ML \
    3.29    SMT/Tools/smtlib_interface.ML SMT/Tools/smt_solver.ML \
    3.30    SMT/Tools/cvc3_solver.ML SMT/Tools/yices_solver.ML \
    3.31 -  SMT/Tools/z3_interface.ML SMT/Tools/z3_solver.ML SMT/Tools/z3_model.ML
    3.32 +  SMT/Tools/z3_proof_terms.ML SMT/Tools/z3_proof_rules.ML \
    3.33 +  SMT/Tools/z3_proof.ML SMT/Tools/z3_model.ML SMT/Tools/z3_interface.ML \
    3.34 +  SMT/Tools/z3_solver.ML
    3.35  	@cd SMT; $(ISABELLE_TOOL) usedir -b -g true $(OUT)/HOL-Word HOL-SMT
    3.36  
    3.37  
    3.38 +## HOL-SMT-Examples
    3.39 +
    3.40 +HOL-SMT-Examples: HOL-SMT $(LOG)/HOL-SMT-Examples.gz
    3.41 +
    3.42 +$(LOG)/HOL-SMT-Examples.gz: $(OUT)/HOL-SMT SMT/Examples/ROOT.ML	\
    3.43 +  SMT/Examples/SMT_Examples.thy \
    3.44 +  SMT/Examples/cert/z3_arith_quant_01 \
    3.45 +  SMT/Examples/cert/z3_arith_quant_01.proof \
    3.46 +  SMT/Examples/cert/z3_arith_quant_02 \
    3.47 +  SMT/Examples/cert/z3_arith_quant_02.proof \
    3.48 +  SMT/Examples/cert/z3_arith_quant_03 \
    3.49 +  SMT/Examples/cert/z3_arith_quant_03.proof \
    3.50 +  SMT/Examples/cert/z3_arith_quant_04 \
    3.51 +  SMT/Examples/cert/z3_arith_quant_04.proof \
    3.52 +  SMT/Examples/cert/z3_arith_quant_05 \
    3.53 +  SMT/Examples/cert/z3_arith_quant_05.proof \
    3.54 +  SMT/Examples/cert/z3_arith_quant_06 \
    3.55 +  SMT/Examples/cert/z3_arith_quant_06.proof \
    3.56 +  SMT/Examples/cert/z3_arith_quant_07 \
    3.57 +  SMT/Examples/cert/z3_arith_quant_07.proof \
    3.58 +  SMT/Examples/cert/z3_arith_quant_08 \
    3.59 +  SMT/Examples/cert/z3_arith_quant_08.proof \
    3.60 +  SMT/Examples/cert/z3_arith_quant_09 \
    3.61 +  SMT/Examples/cert/z3_arith_quant_09.proof \
    3.62 +  SMT/Examples/cert/z3_arith_quant_10 \
    3.63 +  SMT/Examples/cert/z3_arith_quant_10.proof \
    3.64 +  SMT/Examples/cert/z3_arith_quant_11 \
    3.65 +  SMT/Examples/cert/z3_arith_quant_11.proof \
    3.66 +  SMT/Examples/cert/z3_arith_quant_12 \
    3.67 +  SMT/Examples/cert/z3_arith_quant_12.proof \
    3.68 +  SMT/Examples/cert/z3_arith_quant_13 \
    3.69 +  SMT/Examples/cert/z3_arith_quant_13.proof \
    3.70 +  SMT/Examples/cert/z3_arith_quant_14 \
    3.71 +  SMT/Examples/cert/z3_arith_quant_14.proof \
    3.72 +  SMT/Examples/cert/z3_arith_quant_15 \
    3.73 +  SMT/Examples/cert/z3_arith_quant_15.proof \
    3.74 +  SMT/Examples/cert/z3_arith_quant_16 \
    3.75 +  SMT/Examples/cert/z3_arith_quant_16.proof \
    3.76 +  SMT/Examples/cert/z3_arith_quant_17 \
    3.77 +  SMT/Examples/cert/z3_arith_quant_17.proof \
    3.78 +  SMT/Examples/cert/z3_arith_quant_18 \
    3.79 +  SMT/Examples/cert/z3_arith_quant_18.proof \
    3.80 +  SMT/Examples/cert/z3_bv_01 \
    3.81 +  SMT/Examples/cert/z3_bv_01.proof \
    3.82 +  SMT/Examples/cert/z3_bv_02 \
    3.83 +  SMT/Examples/cert/z3_bv_02.proof \
    3.84 +  SMT/Examples/cert/z3_bv_arith_01 \
    3.85 +  SMT/Examples/cert/z3_bv_arith_01.proof \
    3.86 +  SMT/Examples/cert/z3_bv_arith_02 \
    3.87 +  SMT/Examples/cert/z3_bv_arith_02.proof \
    3.88 +  SMT/Examples/cert/z3_bv_arith_03 \
    3.89 +  SMT/Examples/cert/z3_bv_arith_03.proof \
    3.90 +  SMT/Examples/cert/z3_bv_arith_04 \
    3.91 +  SMT/Examples/cert/z3_bv_arith_04.proof \
    3.92 +  SMT/Examples/cert/z3_bv_arith_05 \
    3.93 +  SMT/Examples/cert/z3_bv_arith_05.proof \
    3.94 +  SMT/Examples/cert/z3_bv_arith_06 \
    3.95 +  SMT/Examples/cert/z3_bv_arith_06.proof \
    3.96 +  SMT/Examples/cert/z3_bv_arith_07 \
    3.97 +  SMT/Examples/cert/z3_bv_arith_07.proof \
    3.98 +  SMT/Examples/cert/z3_bv_arith_08 \
    3.99 +  SMT/Examples/cert/z3_bv_arith_08.proof \
   3.100 +  SMT/Examples/cert/z3_bv_arith_09 \
   3.101 +  SMT/Examples/cert/z3_bv_arith_09.proof \
   3.102 +  SMT/Examples/cert/z3_bv_arith_10 \
   3.103 +  SMT/Examples/cert/z3_bv_arith_10.proof \
   3.104 +  SMT/Examples/cert/z3_bv_bit_01 \
   3.105 +  SMT/Examples/cert/z3_bv_bit_01.proof \
   3.106 +  SMT/Examples/cert/z3_bv_bit_02 \
   3.107 +  SMT/Examples/cert/z3_bv_bit_02.proof \
   3.108 +  SMT/Examples/cert/z3_bv_bit_03 \
   3.109 +  SMT/Examples/cert/z3_bv_bit_03.proof \
   3.110 +  SMT/Examples/cert/z3_bv_bit_04 \
   3.111 +  SMT/Examples/cert/z3_bv_bit_04.proof \
   3.112 +  SMT/Examples/cert/z3_bv_bit_05 \
   3.113 +  SMT/Examples/cert/z3_bv_bit_05.proof \
   3.114 +  SMT/Examples/cert/z3_bv_bit_06 \
   3.115 +  SMT/Examples/cert/z3_bv_bit_06.proof \
   3.116 +  SMT/Examples/cert/z3_bv_bit_07 \
   3.117 +  SMT/Examples/cert/z3_bv_bit_07.proof \
   3.118 +  SMT/Examples/cert/z3_bv_bit_08 \
   3.119 +  SMT/Examples/cert/z3_bv_bit_08.proof \
   3.120 +  SMT/Examples/cert/z3_bv_bit_09 \
   3.121 +  SMT/Examples/cert/z3_bv_bit_09.proof \
   3.122 +  SMT/Examples/cert/z3_bv_bit_10 \
   3.123 +  SMT/Examples/cert/z3_bv_bit_10.proof \
   3.124 +  SMT/Examples/cert/z3_bv_bit_11 \
   3.125 +  SMT/Examples/cert/z3_bv_bit_11.proof \
   3.126 +  SMT/Examples/cert/z3_bv_bit_12 \
   3.127 +  SMT/Examples/cert/z3_bv_bit_12.proof \
   3.128 +  SMT/Examples/cert/z3_bv_bit_13 \
   3.129 +  SMT/Examples/cert/z3_bv_bit_13.proof \
   3.130 +  SMT/Examples/cert/z3_bv_bit_14 \
   3.131 +  SMT/Examples/cert/z3_bv_bit_14.proof \
   3.132 +  SMT/Examples/cert/z3_bv_bit_15 \
   3.133 +  SMT/Examples/cert/z3_bv_bit_15.proof \
   3.134 +  SMT/Examples/cert/z3_fol_01 \
   3.135 +  SMT/Examples/cert/z3_fol_01.proof \
   3.136 +  SMT/Examples/cert/z3_fol_02 \
   3.137 +  SMT/Examples/cert/z3_fol_02.proof \
   3.138 +  SMT/Examples/cert/z3_fol_03 \
   3.139 +  SMT/Examples/cert/z3_fol_03.proof \
   3.140 +  SMT/Examples/cert/z3_fol_04 \
   3.141 +  SMT/Examples/cert/z3_fol_04.proof \
   3.142 +  SMT/Examples/cert/z3_hol_01 \
   3.143 +  SMT/Examples/cert/z3_hol_01.proof \
   3.144 +  SMT/Examples/cert/z3_hol_02 \
   3.145 +  SMT/Examples/cert/z3_hol_02.proof \
   3.146 +  SMT/Examples/cert/z3_hol_03 \
   3.147 +  SMT/Examples/cert/z3_hol_03.proof \
   3.148 +  SMT/Examples/cert/z3_hol_04 \
   3.149 +  SMT/Examples/cert/z3_hol_04.proof \
   3.150 +  SMT/Examples/cert/z3_hol_05 \
   3.151 +  SMT/Examples/cert/z3_hol_05.proof \
   3.152 +  SMT/Examples/cert/z3_hol_06 \
   3.153 +  SMT/Examples/cert/z3_hol_06.proof \
   3.154 +  SMT/Examples/cert/z3_hol_07 \
   3.155 +  SMT/Examples/cert/z3_hol_07.proof \
   3.156 +  SMT/Examples/cert/z3_hol_08 \
   3.157 +  SMT/Examples/cert/z3_hol_08.proof \
   3.158 +  SMT/Examples/cert/z3_linarith_01 \
   3.159 +  SMT/Examples/cert/z3_linarith_01.proof \
   3.160 +  SMT/Examples/cert/z3_linarith_02 \
   3.161 +  SMT/Examples/cert/z3_linarith_02.proof \
   3.162 +  SMT/Examples/cert/z3_linarith_03 \
   3.163 +  SMT/Examples/cert/z3_linarith_03.proof \
   3.164 +  SMT/Examples/cert/z3_linarith_04 \
   3.165 +  SMT/Examples/cert/z3_linarith_04.proof \
   3.166 +  SMT/Examples/cert/z3_linarith_05 \
   3.167 +  SMT/Examples/cert/z3_linarith_05.proof \
   3.168 +  SMT/Examples/cert/z3_linarith_06 \
   3.169 +  SMT/Examples/cert/z3_linarith_06.proof \
   3.170 +  SMT/Examples/cert/z3_linarith_07 \
   3.171 +  SMT/Examples/cert/z3_linarith_07.proof \
   3.172 +  SMT/Examples/cert/z3_linarith_08 \
   3.173 +  SMT/Examples/cert/z3_linarith_08.proof \
   3.174 +  SMT/Examples/cert/z3_linarith_09 \
   3.175 +  SMT/Examples/cert/z3_linarith_09.proof \
   3.176 +  SMT/Examples/cert/z3_linarith_10 \
   3.177 +  SMT/Examples/cert/z3_linarith_10.proof \
   3.178 +  SMT/Examples/cert/z3_linarith_11 \
   3.179 +  SMT/Examples/cert/z3_linarith_11.proof \
   3.180 +  SMT/Examples/cert/z3_linarith_12 \
   3.181 +  SMT/Examples/cert/z3_linarith_12.proof \
   3.182 +  SMT/Examples/cert/z3_linarith_13 \
   3.183 +  SMT/Examples/cert/z3_linarith_13.proof \
   3.184 +  SMT/Examples/cert/z3_linarith_14 \
   3.185 +  SMT/Examples/cert/z3_linarith_14.proof \
   3.186 +  SMT/Examples/cert/z3_linarith_15 \
   3.187 +  SMT/Examples/cert/z3_linarith_15.proof \
   3.188 +  SMT/Examples/cert/z3_linarith_16 \
   3.189 +  SMT/Examples/cert/z3_linarith_16.proof \
   3.190 +  SMT/Examples/cert/z3_mono_01 \
   3.191 +  SMT/Examples/cert/z3_mono_01.proof \
   3.192 +  SMT/Examples/cert/z3_mono_02 \
   3.193 +  SMT/Examples/cert/z3_mono_02.proof \
   3.194 +  SMT/Examples/cert/z3_nat_arith_01 \
   3.195 +  SMT/Examples/cert/z3_nat_arith_01.proof \
   3.196 +  SMT/Examples/cert/z3_nat_arith_02 \
   3.197 +  SMT/Examples/cert/z3_nat_arith_02.proof \
   3.198 +  SMT/Examples/cert/z3_nat_arith_03 \
   3.199 +  SMT/Examples/cert/z3_nat_arith_03.proof \
   3.200 +  SMT/Examples/cert/z3_nat_arith_04 \
   3.201 +  SMT/Examples/cert/z3_nat_arith_04.proof \
   3.202 +  SMT/Examples/cert/z3_nat_arith_05 \
   3.203 +  SMT/Examples/cert/z3_nat_arith_05.proof \
   3.204 +  SMT/Examples/cert/z3_nat_arith_06 \
   3.205 +  SMT/Examples/cert/z3_nat_arith_06.proof \
   3.206 +  SMT/Examples/cert/z3_nat_arith_07 \
   3.207 +  SMT/Examples/cert/z3_nat_arith_07.proof \
   3.208 +  SMT/Examples/cert/z3_nlarith_01 \
   3.209 +  SMT/Examples/cert/z3_nlarith_01.proof \
   3.210 +  SMT/Examples/cert/z3_nlarith_02 \
   3.211 +  SMT/Examples/cert/z3_nlarith_02.proof \
   3.212 +  SMT/Examples/cert/z3_nlarith_03 \
   3.213 +  SMT/Examples/cert/z3_nlarith_03.proof \
   3.214 +  SMT/Examples/cert/z3_nlarith_04 \
   3.215 +  SMT/Examples/cert/z3_nlarith_04.proof \
   3.216 +  SMT/Examples/cert/z3_pair_01 \
   3.217 +  SMT/Examples/cert/z3_pair_01.proof \
   3.218 +  SMT/Examples/cert/z3_pair_02 \
   3.219 +  SMT/Examples/cert/z3_pair_02.proof \
   3.220 +  SMT/Examples/cert/z3_prop_01 \
   3.221 +  SMT/Examples/cert/z3_prop_01.proof \
   3.222 +  SMT/Examples/cert/z3_prop_02 \
   3.223 +  SMT/Examples/cert/z3_prop_02.proof \
   3.224 +  SMT/Examples/cert/z3_prop_03 \
   3.225 +  SMT/Examples/cert/z3_prop_03.proof \
   3.226 +  SMT/Examples/cert/z3_prop_04 \
   3.227 +  SMT/Examples/cert/z3_prop_04.proof \
   3.228 +  SMT/Examples/cert/z3_prop_05 \
   3.229 +  SMT/Examples/cert/z3_prop_05.proof \
   3.230 +  SMT/Examples/cert/z3_prop_06 \
   3.231 +  SMT/Examples/cert/z3_prop_06.proof \
   3.232 +  SMT/Examples/cert/z3_prop_07 \
   3.233 +  SMT/Examples/cert/z3_prop_07.proof \
   3.234 +  SMT/Examples/cert/z3_prop_08 \
   3.235 +  SMT/Examples/cert/z3_prop_08.proof \
   3.236 +  SMT/Examples/cert/z3_prop_09 \
   3.237 +  SMT/Examples/cert/z3_prop_09.proof \
   3.238 +  SMT/Examples/cert/z3_prop_10 \
   3.239 +  SMT/Examples/cert/z3_prop_10.proof
   3.240 +	@cd SMT; $(ISABELLE_TOOL) usedir $(OUT)/HOL-SMT Examples
   3.241 +
   3.242 +
   3.243  ## clean
   3.244  
   3.245  clean:
   3.246 @@ -1177,4 +1384,6 @@
   3.247  		$(LOG)/HOL-Unix.gz $(OUT)/HOL-Word $(LOG)/HOL-Word.gz	\
   3.248  		$(LOG)/HOL-Word-Examples.gz $(OUT)/HOL-NSA		\
   3.249  		$(LOG)/HOL-NSA.gz $(LOG)/HOL-NSA-Examples.gz            \
   3.250 -                $(LOG)/HOL-Mirabelle.gz $(LOG)/HOL-SMT.gz
   3.251 +                $(LOG)/HOL-Mirabelle.gz $(LOG)/HOL-SMT.gz               \
   3.252 +                $(LOG)/HOL-SMT-Examples.gz
   3.253 +
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/src/HOL/SMT/Examples/ROOT.ML	Tue Oct 20 10:11:30 2009 +0200
     4.3 @@ -0,0 +1,1 @@
     4.4 +use_thy "SMT_Examples";
     5.1 --- a/src/HOL/SMT/Examples/SMT_Examples.thy	Tue Oct 20 08:10:47 2009 +0200
     5.2 +++ b/src/HOL/SMT/Examples/SMT_Examples.thy	Tue Oct 20 10:11:30 2009 +0200
     5.3 @@ -5,35 +5,361 @@
     5.4  header {* Examples for the 'smt' tactic. *}
     5.5  
     5.6  theory SMT_Examples
     5.7 -imports "../SMT"
     5.8 +imports SMT
     5.9  begin
    5.10  
    5.11 -declare [[smt_solver=z3, z3_proofs=false]]
    5.12 -declare [[smt_trace=false]]
    5.13 +declare [[smt_solver=z3, z3_proofs=true]]
    5.14  
    5.15  
    5.16  section {* Propositional and first-order logic *}
    5.17  
    5.18 -lemma "True" by smt
    5.19 -lemma "p \<or> \<not>p" by smt
    5.20 -lemma "(p \<and> True) = p" by smt
    5.21 -lemma "(p \<or> q) \<and> \<not>p \<Longrightarrow> q" by smt
    5.22 -lemma "(a \<and> b) \<or> (c \<and> d) \<Longrightarrow> (a \<and> b) \<or> (c \<and> d)" by smt
    5.23 -lemma "P=P=P=P=P=P=P=P=P=P" by smt
    5.24 +lemma "True"
    5.25 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_01"]]
    5.26 +  by smt
    5.27 +
    5.28 +lemma "p \<or> \<not>p"
    5.29 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_02"]]
    5.30 +  by smt
    5.31 +
    5.32 +lemma "(p \<and> True) = p"
    5.33 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_03"]]
    5.34 +  by smt
    5.35 +
    5.36 +lemma "(p \<or> q) \<and> \<not>p \<Longrightarrow> q"
    5.37 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_04"]]
    5.38 +  by smt
    5.39 +
    5.40 +lemma "(a \<and> b) \<or> (c \<and> d) \<Longrightarrow> (a \<and> b) \<or> (c \<and> d)"
    5.41 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_05"]]
    5.42 +  using [[z3_proofs=false]] (* no Z3 proof *)
    5.43 +  by smt
    5.44 +
    5.45 +lemma "(p1 \<and> p2) \<or> p3 \<longrightarrow> (p1 \<longrightarrow> (p3 \<and> p2) \<or> (p1 \<and> p3)) \<or> p1"
    5.46 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_06"]]
    5.47 +  by smt
    5.48 +
    5.49 +lemma "P=P=P=P=P=P=P=P=P=P"
    5.50 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_07"]]
    5.51 +  by smt
    5.52 +
    5.53 +lemma 
    5.54 +  assumes "a | b | c | d"
    5.55 +      and "e | f | (a & d)"
    5.56 +      and "~(a | (c & ~c)) | b"
    5.57 +      and "~(b & (x | ~x)) | c"
    5.58 +      and "~(d | False) | c"
    5.59 +      and "~(c | (~p & (p | (q & ~q))))"
    5.60 +  shows False
    5.61 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_08"]]
    5.62 +  using assms by smt
    5.63  
    5.64  axiomatization symm_f :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" where
    5.65    symm_f: "symm_f x y = symm_f y x"
    5.66 -lemma "a = a \<and> symm_f a b = symm_f b a" by (smt add: symm_f)
    5.67 +lemma "a = a \<and> symm_f a b = symm_f b a"
    5.68 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_09"]]
    5.69 +  by (smt add: symm_f)
    5.70 +
    5.71 +(* 
    5.72 +Taken from ~~/src/HOL/ex/SAT_Examples.thy.
    5.73 +Translated from TPTP problem library: PUZ015-2.006.dimacs
    5.74 +*)
    5.75 +lemma 
    5.76 +  assumes "~x0"
    5.77 +  and "~x30"
    5.78 +  and "~x29"
    5.79 +  and "~x59"
    5.80 +  and "x1 | x31 | x0"
    5.81 +  and "x2 | x32 | x1"
    5.82 +  and "x3 | x33 | x2"
    5.83 +  and "x4 | x34 | x3"
    5.84 +  and "x35 | x4"
    5.85 +  and "x5 | x36 | x30"
    5.86 +  and "x6 | x37 | x5 | x31"
    5.87 +  and "x7 | x38 | x6 | x32"
    5.88 +  and "x8 | x39 | x7 | x33"
    5.89 +  and "x9 | x40 | x8 | x34"
    5.90 +  and "x41 | x9 | x35"
    5.91 +  and "x10 | x42 | x36"
    5.92 +  and "x11 | x43 | x10 | x37"
    5.93 +  and "x12 | x44 | x11 | x38"
    5.94 +  and "x13 | x45 | x12 | x39"
    5.95 +  and "x14 | x46 | x13 | x40"
    5.96 +  and "x47 | x14 | x41"
    5.97 +  and "x15 | x48 | x42"
    5.98 +  and "x16 | x49 | x15 | x43"
    5.99 +  and "x17 | x50 | x16 | x44"
   5.100 +  and "x18 | x51 | x17 | x45"
   5.101 +  and "x19 | x52 | x18 | x46"
   5.102 +  and "x53 | x19 | x47"
   5.103 +  and "x20 | x54 | x48"
   5.104 +  and "x21 | x55 | x20 | x49"
   5.105 +  and "x22 | x56 | x21 | x50"
   5.106 +  and "x23 | x57 | x22 | x51"
   5.107 +  and "x24 | x58 | x23 | x52"
   5.108 +  and "x59 | x24 | x53"
   5.109 +  and "x25 | x54"
   5.110 +  and "x26 | x25 | x55"
   5.111 +  and "x27 | x26 | x56"
   5.112 +  and "x28 | x27 | x57"
   5.113 +  and "x29 | x28 | x58"
   5.114 +  and "~x1 | ~x31"
   5.115 +  and "~x1 | ~x0"
   5.116 +  and "~x31 | ~x0"
   5.117 +  and "~x2 | ~x32"
   5.118 +  and "~x2 | ~x1"
   5.119 +  and "~x32 | ~x1"
   5.120 +  and "~x3 | ~x33"
   5.121 +  and "~x3 | ~x2"
   5.122 +  and "~x33 | ~x2"
   5.123 +  and "~x4 | ~x34"
   5.124 +  and "~x4 | ~x3"
   5.125 +  and "~x34 | ~x3"
   5.126 +  and "~x35 | ~x4"
   5.127 +  and "~x5 | ~x36"
   5.128 +  and "~x5 | ~x30"
   5.129 +  and "~x36 | ~x30"
   5.130 +  and "~x6 | ~x37"
   5.131 +  and "~x6 | ~x5"
   5.132 +  and "~x6 | ~x31"
   5.133 +  and "~x37 | ~x5"
   5.134 +  and "~x37 | ~x31"
   5.135 +  and "~x5 | ~x31"
   5.136 +  and "~x7 | ~x38"
   5.137 +  and "~x7 | ~x6"
   5.138 +  and "~x7 | ~x32"
   5.139 +  and "~x38 | ~x6"
   5.140 +  and "~x38 | ~x32"
   5.141 +  and "~x6 | ~x32"
   5.142 +  and "~x8 | ~x39"
   5.143 +  and "~x8 | ~x7"
   5.144 +  and "~x8 | ~x33"
   5.145 +  and "~x39 | ~x7"
   5.146 +  and "~x39 | ~x33"
   5.147 +  and "~x7 | ~x33"
   5.148 +  and "~x9 | ~x40"
   5.149 +  and "~x9 | ~x8"
   5.150 +  and "~x9 | ~x34"
   5.151 +  and "~x40 | ~x8"
   5.152 +  and "~x40 | ~x34"
   5.153 +  and "~x8 | ~x34"
   5.154 +  and "~x41 | ~x9"
   5.155 +  and "~x41 | ~x35"
   5.156 +  and "~x9 | ~x35"
   5.157 +  and "~x10 | ~x42"
   5.158 +  and "~x10 | ~x36"
   5.159 +  and "~x42 | ~x36"
   5.160 +  and "~x11 | ~x43"
   5.161 +  and "~x11 | ~x10"
   5.162 +  and "~x11 | ~x37"
   5.163 +  and "~x43 | ~x10"
   5.164 +  and "~x43 | ~x37"
   5.165 +  and "~x10 | ~x37"
   5.166 +  and "~x12 | ~x44"
   5.167 +  and "~x12 | ~x11"
   5.168 +  and "~x12 | ~x38"
   5.169 +  and "~x44 | ~x11"
   5.170 +  and "~x44 | ~x38"
   5.171 +  and "~x11 | ~x38"
   5.172 +  and "~x13 | ~x45"
   5.173 +  and "~x13 | ~x12"
   5.174 +  and "~x13 | ~x39"
   5.175 +  and "~x45 | ~x12"
   5.176 +  and "~x45 | ~x39"
   5.177 +  and "~x12 | ~x39"
   5.178 +  and "~x14 | ~x46"
   5.179 +  and "~x14 | ~x13"
   5.180 +  and "~x14 | ~x40"
   5.181 +  and "~x46 | ~x13"
   5.182 +  and "~x46 | ~x40"
   5.183 +  and "~x13 | ~x40"
   5.184 +  and "~x47 | ~x14"
   5.185 +  and "~x47 | ~x41"
   5.186 +  and "~x14 | ~x41"
   5.187 +  and "~x15 | ~x48"
   5.188 +  and "~x15 | ~x42"
   5.189 +  and "~x48 | ~x42"
   5.190 +  and "~x16 | ~x49"
   5.191 +  and "~x16 | ~x15"
   5.192 +  and "~x16 | ~x43"
   5.193 +  and "~x49 | ~x15"
   5.194 +  and "~x49 | ~x43"
   5.195 +  and "~x15 | ~x43"
   5.196 +  and "~x17 | ~x50"
   5.197 +  and "~x17 | ~x16"
   5.198 +  and "~x17 | ~x44"
   5.199 +  and "~x50 | ~x16"
   5.200 +  and "~x50 | ~x44"
   5.201 +  and "~x16 | ~x44"
   5.202 +  and "~x18 | ~x51"
   5.203 +  and "~x18 | ~x17"
   5.204 +  and "~x18 | ~x45"
   5.205 +  and "~x51 | ~x17"
   5.206 +  and "~x51 | ~x45"
   5.207 +  and "~x17 | ~x45"
   5.208 +  and "~x19 | ~x52"
   5.209 +  and "~x19 | ~x18"
   5.210 +  and "~x19 | ~x46"
   5.211 +  and "~x52 | ~x18"
   5.212 +  and "~x52 | ~x46"
   5.213 +  and "~x18 | ~x46"
   5.214 +  and "~x53 | ~x19"
   5.215 +  and "~x53 | ~x47"
   5.216 +  and "~x19 | ~x47"
   5.217 +  and "~x20 | ~x54"
   5.218 +  and "~x20 | ~x48"
   5.219 +  and "~x54 | ~x48"
   5.220 +  and "~x21 | ~x55"
   5.221 +  and "~x21 | ~x20"
   5.222 +  and "~x21 | ~x49"
   5.223 +  and "~x55 | ~x20"
   5.224 +  and "~x55 | ~x49"
   5.225 +  and "~x20 | ~x49"
   5.226 +  and "~x22 | ~x56"
   5.227 +  and "~x22 | ~x21"
   5.228 +  and "~x22 | ~x50"
   5.229 +  and "~x56 | ~x21"
   5.230 +  and "~x56 | ~x50"
   5.231 +  and "~x21 | ~x50"
   5.232 +  and "~x23 | ~x57"
   5.233 +  and "~x23 | ~x22"
   5.234 +  and "~x23 | ~x51"
   5.235 +  and "~x57 | ~x22"
   5.236 +  and "~x57 | ~x51"
   5.237 +  and "~x22 | ~x51"
   5.238 +  and "~x24 | ~x58"
   5.239 +  and "~x24 | ~x23"
   5.240 +  and "~x24 | ~x52"
   5.241 +  and "~x58 | ~x23"
   5.242 +  and "~x58 | ~x52"
   5.243 +  and "~x23 | ~x52"
   5.244 +  and "~x59 | ~x24"
   5.245 +  and "~x59 | ~x53"
   5.246 +  and "~x24 | ~x53"
   5.247 +  and "~x25 | ~x54"
   5.248 +  and "~x26 | ~x25"
   5.249 +  and "~x26 | ~x55"
   5.250 +  and "~x25 | ~x55"
   5.251 +  and "~x27 | ~x26"
   5.252 +  and "~x27 | ~x56"
   5.253 +  and "~x26 | ~x56"
   5.254 +  and "~x28 | ~x27"
   5.255 +  and "~x28 | ~x57"
   5.256 +  and "~x27 | ~x57"
   5.257 +  and "~x29 | ~x28"
   5.258 +  and "~x29 | ~x58"
   5.259 +  and "~x28 | ~x58"
   5.260 +  shows False
   5.261 +  using assms
   5.262 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_prop_10"]]
   5.263 +  by smt
   5.264 +
   5.265 +lemma "\<forall>x::int. P x \<longrightarrow> (\<forall>y::int. P x \<or> P y)"
   5.266 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_fol_01"]]
   5.267 +  by smt
   5.268 +
   5.269 +lemma 
   5.270 +  assumes "(\<forall>x y. P x y = x)"
   5.271 +  shows "(\<exists>y. P x y) = P x c"
   5.272 +  using assms 
   5.273 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_fol_02"]]
   5.274 +  by smt
   5.275 +
   5.276 +lemma 
   5.277 +  assumes "(\<forall>x y. P x y = x)"
   5.278 +  and "(\<forall>x. \<exists>y. P x y) = (\<forall>x. P x c)"
   5.279 +  shows "(EX y. P x y) = P x c"
   5.280 +  using assms
   5.281 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_fol_03"]]
   5.282 +  by smt
   5.283 +
   5.284 +lemma
   5.285 +  assumes "if P x then \<not>(\<exists>y. P y) else (\<forall>y. \<not>P y)"
   5.286 +  shows "P x \<longrightarrow> P y"
   5.287 +  using assms
   5.288 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_fol_04"]]
   5.289 +  by smt
   5.290  
   5.291  
   5.292 -section {* Linear arithmetic *}
   5.293 +section {* Arithmetic *}
   5.294 +
   5.295 +subsection {* Linear arithmetic over integers and reals *}
   5.296 +
   5.297 +lemma "(3::int) = 3"
   5.298 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_01"]]
   5.299 +  by smt
   5.300 +
   5.301 +lemma "(3::real) = 3"
   5.302 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_02"]]
   5.303 +  by smt
   5.304 +
   5.305 +lemma "(3 :: int) + 1 = 4"
   5.306 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_03"]]
   5.307 +  by smt
   5.308 +
   5.309 +lemma "x + (y + z) = y + (z + (x::int))"
   5.310 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_04"]]
   5.311 +  by smt
   5.312 +
   5.313 +lemma "max (3::int) 8 > 5"
   5.314 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_05"]]
   5.315 +  by smt
   5.316 +
   5.317 +lemma "abs (x :: real) + abs y \<ge> abs (x + y)"
   5.318 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_06"]]
   5.319 +  by smt
   5.320 +
   5.321 +lemma "P ((2::int) < 3) = P True"
   5.322 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_07"]]
   5.323 +  by smt
   5.324 +
   5.325 +lemma "x + 3 \<ge> 4 \<or> x < (1::int)"
   5.326 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_08"]]
   5.327 +  by smt
   5.328  
   5.329 -lemma "(3::int) = 3" by smt
   5.330 -lemma "(3::real) = 3" by smt
   5.331 -lemma "(3 :: int) + 1 = 4" by smt
   5.332 -lemma "max (3::int) 8 > 5" by smt
   5.333 -lemma "abs (x :: real) + abs y \<ge> abs (x + y)" by smt
   5.334 -lemma "let x = (2 :: int) in x + x \<noteq> 5" by smt
   5.335 +lemma
   5.336 +  assumes "x \<ge> (3::int)" and "y = x + 4"
   5.337 +  shows "y - x > 0" 
   5.338 +  using assms
   5.339 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_09"]]
   5.340 +  by smt
   5.341 +
   5.342 +lemma "let x = (2 :: int) in x + x \<noteq> 5"
   5.343 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_10"]]
   5.344 +  by smt
   5.345 +
   5.346 +lemma
   5.347 +  fixes x :: real
   5.348 +  assumes "3 * x + 7 * a < 4" and "3 < 2 * x"
   5.349 +  shows "a < 0"
   5.350 +  using assms
   5.351 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_11"]]
   5.352 +  by smt
   5.353 +
   5.354 +lemma "(0 \<le> y + -1 * x \<or> \<not> 0 \<le> x \<or> 0 \<le> (x::int)) = (\<not> False)"
   5.355 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_12"]]
   5.356 +  by smt
   5.357 +
   5.358 +lemma "distinct [x < (3::int), 3 \<le> x]"
   5.359 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_13"]]
   5.360 +  by smt
   5.361 +
   5.362 +lemma
   5.363 +  assumes "a > (0::int)"
   5.364 +  shows "distinct [a, a * 2, a - a]"
   5.365 +  using assms
   5.366 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_14"]]
   5.367 +  by smt
   5.368 +
   5.369 +lemma "
   5.370 +  (n < m & m < n') | (n < m & m = n') | (n < n' & n' < m) |
   5.371 +  (n = n' & n' < m) | (n = m & m < n') |
   5.372 +  (n' < m & m < n) | (n' < m & m = n) |
   5.373 +  (n' < n & n < m) | (n' = n & n < m) | (n' = m & m < n) |
   5.374 +  (m < n & n < n') | (m < n & n' = n) | (m < n' & n' < n) |
   5.375 +  (m = n & n < n') | (m = n' & n' < n) |
   5.376 +  (n' = m & m = (n::int))"
   5.377 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_15"]]
   5.378 +  by smt
   5.379  
   5.380  text{* 
   5.381  The following example was taken from HOL/ex/PresburgerEx.thy, where it says:
   5.382 @@ -47,107 +373,333 @@
   5.383    Warning: it takes (in 2006) over 4.2 minutes! 
   5.384  
   5.385  There, it is proved by "arith". SMT is able to prove this within a fraction
   5.386 -of one second.
   5.387 +of one second. With proof reconstruction, it takes about 13 seconds on a Core2
   5.388 +processor.
   5.389  *}
   5.390  
   5.391  lemma "\<lbrakk> x3 = abs x2 - x1; x4 = abs x3 - x2; x5 = abs x4 - x3;
   5.392           x6 = abs x5 - x4; x7 = abs x6 - x5; x8 = abs x7 - x6;
   5.393           x9 = abs x8 - x7; x10 = abs x9 - x8; x11 = abs x10 - x9 \<rbrakk>
   5.394   \<Longrightarrow> x1 = x10 & x2 = (x11::int)"
   5.395 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_linarith_16"]]
   5.396 +  by smt
   5.397 +
   5.398 +
   5.399 +subsection {* Linear arithmetic with quantifiers *}
   5.400 +
   5.401 +lemma "~ (\<exists>x::int. False)"
   5.402 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_01"]]
   5.403 +  by smt
   5.404 +
   5.405 +lemma "~ (\<exists>x::real. False)"
   5.406 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_02"]]
   5.407 +  by smt
   5.408 +
   5.409 +lemma "\<exists>x::int. 0 < x"
   5.410 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_03"]]
   5.411 +  using [[z3_proofs=false]] (* no Z3 proof *)
   5.412 +  by smt
   5.413 +
   5.414 +lemma "\<exists>x::real. 0 < x"
   5.415 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_04"]]
   5.416 +  using [[z3_proofs=false]] (* no Z3 proof *)
   5.417 +  by smt
   5.418 +
   5.419 +lemma "\<forall>x::int. \<exists>y. y > x"
   5.420 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_05"]]
   5.421 +  using [[z3_proofs=false]] (* no Z3 proof *)
   5.422 +  by smt
   5.423 +
   5.424 +lemma "\<forall>x y::int. (x = 0 \<and> y = 1) \<longrightarrow> x \<noteq> y"
   5.425 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_06"]]
   5.426 +  by smt
   5.427 +
   5.428 +lemma "\<exists>x::int. \<forall>y. x < y \<longrightarrow> y < 0 \<or> y >= 0"
   5.429 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_07"]]
   5.430 +  by smt
   5.431 +
   5.432 +lemma "\<forall>x y::int. x < y \<longrightarrow> (2 * x + 1) < (2 * y)"
   5.433 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_08"]]
   5.434 +  by smt
   5.435 +
   5.436 +lemma "\<forall>x y::int. (2 * x + 1) \<noteq> (2 * y)"
   5.437 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_09"]]
   5.438 +  by smt
   5.439 +
   5.440 +lemma "\<forall>x y::int. x + y > 2 \<or> x + y = 2 \<or> x + y < 2"
   5.441 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_10"]]
   5.442    by smt
   5.443  
   5.444 -lemma "\<exists>x::int. 0 < x" by smt
   5.445 -lemma "\<exists>x::real. 0 < x" by smt
   5.446 -lemma "\<forall>x y::int. x < y \<longrightarrow> (2 * x + 1) < (2 * y)" by smt
   5.447 -lemma "\<forall>x y::int. (2 * x + 1) \<noteq> (2 * y)" by smt
   5.448 -lemma "~ (\<exists>x y z::int. 4 * x + -6 * y = (1::int))" by smt
   5.449 -lemma "~ (\<exists>x::int. False)" by smt
   5.450 +lemma "\<forall>x::int. if x > 0 then x + 1 > 0 else 1 > x"
   5.451 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_11"]]
   5.452 +  by smt
   5.453 +
   5.454 +lemma "if (ALL x::int. x < 0 \<or> x > 0) then False else True"
   5.455 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_12"]]
   5.456 +  by smt
   5.457 +
   5.458 +lemma "(if (ALL x::int. x < 0 \<or> x > 0) then -1 else 3) > (0::int)"
   5.459 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_13"]]
   5.460 +  by smt
   5.461 +
   5.462 +lemma "~ (\<exists>x y z::int. 4 * x + -6 * y = (1::int))"
   5.463 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_14"]]
   5.464 +  by smt
   5.465 +
   5.466 +lemma "\<exists>x::int. \<forall>x y. 0 < x \<and> 0 < y \<longrightarrow> (0::int) < x + y"
   5.467 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_15"]]
   5.468 +  by smt
   5.469 +
   5.470 +lemma "\<exists>u::int. \<forall>(x::int) y::real. 0 < x \<and> 0 < y \<longrightarrow> -1 < x"
   5.471 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_16"]]
   5.472 +  by smt
   5.473 +
   5.474 +lemma "\<exists>x::int. (\<forall>y. y \<ge> x \<longrightarrow> y > 0) \<longrightarrow> x > 0"
   5.475 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_17"]]
   5.476 +  by smt
   5.477 +
   5.478 +lemma "\<forall>x::int. trigger [pat x] (x < a \<longrightarrow> 2 * x < 2 * a)"
   5.479 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_arith_quant_18"]]
   5.480 +  by smt
   5.481  
   5.482  
   5.483 -section {* Non-linear arithmetic *}
   5.484 +subsection {* Non-linear arithmetic over integers and reals *}
   5.485 +
   5.486 +lemma "a > (0::int) \<Longrightarrow> a*b > 0 \<Longrightarrow> b > 0"
   5.487 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nlarith_01"]]
   5.488 +  using [[z3_proofs=false]]  -- {* Isabelle's arithmetic decision procedures
   5.489 +    are too weak to automatically prove @{thm zero_less_mult_pos}. *}
   5.490 +  by smt
   5.491  
   5.492 -lemma "((x::int) * (1 + y) - x * (1 - y)) = (2 * x * y)" by smt
   5.493 +lemma  "(a::int) * (x + 1 + y) = a * x + a * (y + 1)"
   5.494 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nlarith_02"]]
   5.495 +  by smt
   5.496 +
   5.497 +lemma "((x::real) * (1 + y) - x * (1 - y)) = (2 * x * y)"
   5.498 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nlarith_03"]]
   5.499 +  by smt
   5.500 +
   5.501  lemma
   5.502    "(U::int) + (1 + p) * (b + e) + p * d =
   5.503     U + (2 * (1 + p) * (b + e) + (1 + p) * d + d * p) - (1 + p) * (b + d + e)"
   5.504 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nlarith_04"]]
   5.505    by smt
   5.506  
   5.507  
   5.508 -section {* Linear arithmetic for natural numbers *}
   5.509 +subsection {* Linear arithmetic for natural numbers *}
   5.510 +
   5.511 +lemma "2 * (x::nat) ~= 1"
   5.512 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_01"]]
   5.513 +  by smt
   5.514  
   5.515 -lemma "a < 3 \<Longrightarrow> (7::nat) > 2 * a" by smt
   5.516 -lemma "let x = (1::nat) + y in x - y > 0 * x" by smt
   5.517 +lemma "a < 3 \<Longrightarrow> (7::nat) > 2 * a"
   5.518 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_02"]]
   5.519 +  by smt
   5.520 +
   5.521 +lemma "let x = (1::nat) + y in x - y > 0 * x"
   5.522 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_03"]]
   5.523 +  by smt
   5.524 +
   5.525  lemma
   5.526    "let x = (1::nat) + y in
   5.527     let P = (if x > 0 then True else False) in
   5.528     False \<or> P = (x - 1 = y) \<or> (\<not>P \<longrightarrow> False)"
   5.529 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_04"]]
   5.530    by smt
   5.531  
   5.532 +lemma "distinct [a + (1::nat), a * 2 + 3, a - a]"
   5.533 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_05"]]
   5.534 +  by smt
   5.535 +
   5.536 +lemma "int (nat \<bar>x::int\<bar>) = \<bar>x\<bar>"
   5.537 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_06"]]
   5.538 +  by smt
   5.539 +
   5.540 +definition prime_nat :: "nat \<Rightarrow> bool" where
   5.541 +  "prime_nat p = (1 < p \<and> (\<forall>m. m dvd p --> m = 1 \<or> m = p))"
   5.542 +lemma "prime_nat (4*m + 1) \<Longrightarrow> m \<ge> (1::nat)"
   5.543 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_nat_arith_07"]]
   5.544 +  by (smt add: prime_nat_def)
   5.545 +
   5.546  
   5.547  section {* Bitvectors *}
   5.548  
   5.549  locale bv
   5.550  begin
   5.551  
   5.552 -declare [[smt_solver=z3]]
   5.553 +text {*
   5.554 +The following examples only work for Z3, and only without proof reconstruction.
   5.555 +*}
   5.556 +
   5.557 +declare [[smt_solver=z3, z3_proofs=false]]
   5.558 +
   5.559 +
   5.560 +subsection {* Bitvector arithmetic *}
   5.561 +
   5.562 +lemma "(27 :: 4 word) = -5" 
   5.563 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_01"]]
   5.564 +  by smt
   5.565 +
   5.566 +lemma "(27 :: 4 word) = 11"
   5.567 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_02"]]
   5.568 +  by smt
   5.569 +
   5.570 +lemma "23 < (27::8 word)" 
   5.571 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_03"]]
   5.572 +  by smt
   5.573 +
   5.574 +lemma "27 + 11 = (6::5 word)" 
   5.575 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_04"]]
   5.576 +  by smt
   5.577  
   5.578 -lemma "(27 :: 4 word) = -5" by smt
   5.579 -lemma "(27 :: 4 word) = 11" by smt
   5.580 -lemma "23 < (27::8 word)" by smt
   5.581 -lemma "27 + 11 = (6::5 word)" by smt
   5.582 -lemma "7 * 3 = (21::8 word)" by smt
   5.583 -lemma "11 - 27 = (-16::8 word)" by smt
   5.584 -lemma "- -11 = (11::5 word)" by smt
   5.585 -lemma "-40 + 1 = (-39::7 word)" by smt
   5.586 -lemma "a + 2 * b + c - b = (b + c) + (a :: 32 word)" by smt
   5.587 +lemma "7 * 3 = (21::8 word)" 
   5.588 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_05"]]
   5.589 +  by smt
   5.590 +lemma "11 - 27 = (-16::8 word)" 
   5.591 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_06"]]
   5.592 +  by smt
   5.593 +
   5.594 +lemma "- -11 = (11::5 word)" 
   5.595 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_07"]]
   5.596 +  by smt
   5.597 +
   5.598 +lemma "-40 + 1 = (-39::7 word)" 
   5.599 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_08"]]
   5.600 +  by smt
   5.601  
   5.602 -lemma "0b110 AND 0b101 = (0b100 :: 32 word)" by smt
   5.603 -lemma "0b110 OR 0b011 = (0b111 :: 8 word)" by smt
   5.604 -lemma "0xF0 XOR 0xFF = (0x0F :: 8 word)" by smt
   5.605 -lemma "NOT (0xF0 :: 16 word) = 0xFF0F" by smt
   5.606 +lemma "a + 2 * b + c - b = (b + c) + (a :: 32 word)" 
   5.607 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_09"]]
   5.608 +  by smt
   5.609 +
   5.610 +lemma "x = (5 :: 4 word) \<Longrightarrow> 4 * x = 4" 
   5.611 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_arith_10"]]
   5.612 +  by smt
   5.613 +
   5.614 +
   5.615 +subsection {* Bit-level logic *}
   5.616  
   5.617 -lemma "word_cat (27::4 word) (27::8 word) = (2843::12 word)" by smt
   5.618 -lemma "word_cat (0b0011::4 word) (0b1111::6word) = (0b0011001111 :: 10 word)" 
   5.619 +lemma "0b110 AND 0b101 = (0b100 :: 32 word)"
   5.620 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_01"]]
   5.621 +  by smt
   5.622 +
   5.623 +lemma "0b110 OR 0b011 = (0b111 :: 8 word)" 
   5.624 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_02"]]
   5.625 +  by smt
   5.626 +
   5.627 +lemma "0xF0 XOR 0xFF = (0x0F :: 8 word)" 
   5.628 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_03"]]
   5.629    by smt
   5.630  
   5.631 -lemma "slice 1 (0b10110 :: 4 word) = (0b11 :: 2 word)" by smt
   5.632 +lemma "NOT (0xF0 :: 16 word) = 0xFF0F" 
   5.633 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_04"]]
   5.634 +  by smt
   5.635 +
   5.636 +lemma "word_cat (27::4 word) (27::8 word) = (2843::12 word)" 
   5.637 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_05"]]
   5.638 +  by smt
   5.639 +
   5.640 +lemma "word_cat (0b0011::4 word) (0b1111::6word) = (0b0011001111 :: 10 word)"
   5.641 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_06"]]
   5.642 +  by smt
   5.643  
   5.644 -lemma "ucast (0b1010 :: 4 word) = (0b1010 :: 10 word)" by smt
   5.645 -lemma "scast (0b1010 :: 4 word) = (0b111010 :: 6 word)" by smt
   5.646 +lemma "slice 1 (0b10110 :: 4 word) = (0b11 :: 2 word)" 
   5.647 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_07"]]
   5.648 +  by smt
   5.649 +
   5.650 +lemma "ucast (0b1010 :: 4 word) = (0b1010 :: 10 word)" 
   5.651 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_08"]]
   5.652 +  by smt
   5.653 +
   5.654 +lemma "scast (0b1010 :: 4 word) = (0b111010 :: 6 word)" 
   5.655 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_09"]]
   5.656 +  by smt
   5.657  
   5.658 -lemma "bv_lshr 0b10011 2 = (0b100::8 word)" by smt
   5.659 -lemma "bv_ashr 0b10011 2 = (0b100::8 word)" by smt
   5.660 +lemma "bv_lshr 0b10011 2 = (0b100::8 word)" 
   5.661 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_10"]]
   5.662 +  by smt
   5.663 +
   5.664 +lemma "bv_ashr 0b10011 2 = (0b100::8 word)" 
   5.665 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_11"]]
   5.666 +  by smt
   5.667 +
   5.668 +lemma "word_rotr 2 0b0110 = (0b1001::4 word)" 
   5.669 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_12"]]
   5.670 +  by smt
   5.671  
   5.672 -lemma "word_rotr 2 0b0110 = (0b1001::4 word)" by smt
   5.673 -lemma "word_rotl 1 0b1110 = (0b1101::4 word)" by smt
   5.674 +lemma "word_rotl 1 0b1110 = (0b1101::4 word)" 
   5.675 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_13"]]
   5.676 +  by smt
   5.677  
   5.678 -lemma "(x AND 0xff00) OR (x AND 0x00ff) = (x::16 word)" by smt
   5.679 +lemma "(x AND 0xff00) OR (x AND 0x00ff) = (x::16 word)" 
   5.680 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_14"]]
   5.681 +  by smt
   5.682  
   5.683 -lemma "w < 256 \<Longrightarrow> (w :: 16 word) AND 0x00FF = w" by smt
   5.684 +lemma "w < 256 \<Longrightarrow> (w :: 16 word) AND 0x00FF = w" 
   5.685 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_bit_15"]]
   5.686 +  by smt
   5.687  
   5.688  end
   5.689  
   5.690 +lemma
   5.691 +  assumes "bv2int 0 = 0"
   5.692 +      and "bv2int 1 = 1"
   5.693 +      and "bv2int 2 = 2"
   5.694 +      and "bv2int 3 = 3"
   5.695 +      and "\<forall>x::2 word. bv2int x > 0"
   5.696 +  shows "\<forall>i::int. i < 0 \<longrightarrow> (\<forall>x::2 word. bv2int x > i)"
   5.697 +  using assms 
   5.698 +  using [[smt_solver=z3]]
   5.699 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_01"]]
   5.700 +  by smt
   5.701 +
   5.702 +lemma "P (0 \<le> (a :: 4 word)) = P True"
   5.703 +  using [[smt_solver=z3, z3_proofs=false]]
   5.704 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_bv_02"]]
   5.705 +  by smt
   5.706 +
   5.707  
   5.708  section {* Pairs *}
   5.709  
   5.710 -lemma "fst (x, y) = a \<Longrightarrow> x = a" by smt
   5.711 -lemma "p1 = (x, y) \<and> p2 = (y, x) \<Longrightarrow> fst p1 = snd p2" by smt
   5.712 +lemma "fst (x, y) = a \<Longrightarrow> x = a"
   5.713 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_pair_01"]]
   5.714 +  by smt
   5.715 +
   5.716 +lemma "p1 = (x, y) \<and> p2 = (y, x) \<Longrightarrow> fst p1 = snd p2"
   5.717 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_pair_02"]]
   5.718 +  by smt
   5.719  
   5.720  
   5.721  section {* Higher-order problems and recursion *}
   5.722  
   5.723 -lemma "(f g x = (g x \<and> True)) \<or> (f g x = True) \<or> (g x = True)" by smt
   5.724 -lemma "P ((2::int) < 3) = P True" by smt
   5.725 -lemma "P ((2::int) < 3) = (P True :: bool)" by smt
   5.726 -lemma "P (0 \<le> (a :: 4 word)) = P True" using [[smt_solver=z3]] by smt
   5.727 -lemma "id 3 = 3 \<and> id True = True" by (smt add: id_def)
   5.728 -lemma "i \<noteq> i1 \<and> i \<noteq> i2 \<Longrightarrow> ((f (i1 := v1)) (i2 := v2)) i = f i" by smt
   5.729 -lemma "map (\<lambda>i::nat. i + 1) [0, 1] = [1, 2]" by (smt add: map.simps)
   5.730 -lemma "(ALL x. P x) | ~ All P" by smt
   5.731 +lemma "i \<noteq> i1 \<and> i \<noteq> i2 \<Longrightarrow> (f (i1 := v1, i2 := v2)) i = f i"
   5.732 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_01"]]
   5.733 +  by smt
   5.734 +
   5.735 +lemma "(f g x = (g x \<and> True)) \<or> (f g x = True) \<or> (g x = True)"
   5.736 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_02"]]
   5.737 +  by smt
   5.738 +
   5.739 +lemma "id 3 = 3 \<and> id True = True"
   5.740 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_03"]]
   5.741 +  by (smt add: id_def)
   5.742 +
   5.743 +lemma "i \<noteq> i1 \<and> i \<noteq> i2 \<Longrightarrow> ((f (i1 := v1)) (i2 := v2)) i = f i"
   5.744 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_04"]]
   5.745 +  by smt
   5.746 +
   5.747 +lemma "map (\<lambda>i::nat. i + 1) [0, 1] = [1, 2]"
   5.748 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_05"]]
   5.749 +  by (smt add: map.simps)
   5.750 +
   5.751 +lemma "(ALL x. P x) | ~ All P"
   5.752 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_06"]]
   5.753 +  by smt
   5.754  
   5.755  fun dec_10 :: "nat \<Rightarrow> nat" where
   5.756    "dec_10 n = (if n < 10 then n else dec_10 (n - 10))"
   5.757 -lemma "dec_10 (4 * dec_10 4) = 6" by (smt add: dec_10.simps)
   5.758 +lemma "dec_10 (4 * dec_10 4) = 6"
   5.759 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_07"]]
   5.760 +  by (smt add: dec_10.simps)
   5.761  
   5.762  axiomatization
   5.763    eval_dioph :: "int list \<Rightarrow> nat list \<Rightarrow> int"
   5.764 @@ -163,7 +715,7 @@
   5.765     (eval_dioph ks (map (\<lambda>x. x mod 2) xs) mod 2 = l mod 2 \<and>
   5.766      eval_dioph ks (map (\<lambda>x. x div 2) xs) =
   5.767        (l - eval_dioph ks (map (\<lambda>x. x mod 2) xs)) div 2)"
   5.768 -  using [[smt_solver=z3]]
   5.769 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_hol_08"]]
   5.770    by (smt add: eval_dioph_mod[where n=2] eval_dioph_div_mult[where n=2])
   5.771  
   5.772  
   5.773 @@ -171,13 +723,17 @@
   5.774  
   5.775  definition P :: "'a \<Rightarrow> bool" where "P x = True"
   5.776  lemma poly_P: "P x \<and> (P [x] \<or> \<not>P[x])" by (simp add: P_def)
   5.777 -lemma "P (1::int)" by (smt add: poly_P)
   5.778 +lemma "P (1::int)"
   5.779 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_mono_01"]]
   5.780 +  by (smt add: poly_P)
   5.781  
   5.782  consts g :: "'a \<Rightarrow> nat"
   5.783  axioms
   5.784    g1: "g (Some x) = g [x]"
   5.785    g2: "g None = g []"
   5.786    g3: "g xs = length xs"
   5.787 -lemma "g (Some (3::int)) = g (Some True)" by (smt add: g1 g2 g3 list.size)
   5.788 +lemma "g (Some (3::int)) = g (Some True)"
   5.789 +  using [[smt_cert="~/isabelle/SMT/Examples/cert/z3_mono_02"]]
   5.790 +  by (smt add: g1 g2 g3 list.size)
   5.791  
   5.792  end
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_01	Tue Oct 20 10:11:30 2009 +0200
     6.3 @@ -0,0 +1,4 @@
     6.4 +(benchmark Isabelle
     6.5 +:assumption (not (not (exists (?x1 Int) false)))
     6.6 +:formula true
     6.7 +)
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_01.proof	Tue Oct 20 10:11:30 2009 +0200
     7.3 @@ -0,0 +1,24 @@
     7.4 +#2 := false
     7.5 +#4 := (exists (vars (?x1 int)) false)
     7.6 +#5 := (not #4)
     7.7 +#6 := (not #5)
     7.8 +#37 := (iff #6 false)
     7.9 +#1 := true
    7.10 +#32 := (not true)
    7.11 +#35 := (iff #32 false)
    7.12 +#36 := [rewrite]: #35
    7.13 +#33 := (iff #6 #32)
    7.14 +#30 := (iff #5 true)
    7.15 +#25 := (not false)
    7.16 +#28 := (iff #25 true)
    7.17 +#29 := [rewrite]: #28
    7.18 +#26 := (iff #5 #25)
    7.19 +#23 := (iff #4 false)
    7.20 +#24 := [elim-unused]: #23
    7.21 +#27 := [monotonicity #24]: #26
    7.22 +#31 := [trans #27 #29]: #30
    7.23 +#34 := [monotonicity #31]: #33
    7.24 +#38 := [trans #34 #36]: #37
    7.25 +#22 := [asserted]: #6
    7.26 +[mp #22 #38]: false
    7.27 +unsat
     8.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_02	Tue Oct 20 10:11:30 2009 +0200
     8.3 @@ -0,0 +1,4 @@
     8.4 +(benchmark Isabelle
     8.5 +:assumption (not (not (exists (?x1 Real) false)))
     8.6 +:formula true
     8.7 +)
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_02.proof	Tue Oct 20 10:11:30 2009 +0200
     9.3 @@ -0,0 +1,24 @@
     9.4 +#2 := false
     9.5 +#4 := (exists (vars (?x1 real)) false)
     9.6 +#5 := (not #4)
     9.7 +#6 := (not #5)
     9.8 +#37 := (iff #6 false)
     9.9 +#1 := true
    9.10 +#32 := (not true)
    9.11 +#35 := (iff #32 false)
    9.12 +#36 := [rewrite]: #35
    9.13 +#33 := (iff #6 #32)
    9.14 +#30 := (iff #5 true)
    9.15 +#25 := (not false)
    9.16 +#28 := (iff #25 true)
    9.17 +#29 := [rewrite]: #28
    9.18 +#26 := (iff #5 #25)
    9.19 +#23 := (iff #4 false)
    9.20 +#24 := [elim-unused]: #23
    9.21 +#27 := [monotonicity #24]: #26
    9.22 +#31 := [trans #27 #29]: #30
    9.23 +#34 := [monotonicity #31]: #33
    9.24 +#38 := [trans #34 #36]: #37
    9.25 +#22 := [asserted]: #6
    9.26 +[mp #22 #38]: false
    9.27 +unsat
    10.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_03	Tue Oct 20 10:11:30 2009 +0200
    10.3 @@ -0,0 +1,4 @@
    10.4 +(benchmark Isabelle
    10.5 +:assumption (not (exists (?x1 Int) (< 0 ?x1)))
    10.6 +:formula true
    10.7 +)
    11.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_03.proof	Tue Oct 20 10:11:30 2009 +0200
    11.3 @@ -0,0 +1,1 @@
    11.4 +unsat
    12.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    12.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_04	Tue Oct 20 10:11:30 2009 +0200
    12.3 @@ -0,0 +1,4 @@
    12.4 +(benchmark Isabelle
    12.5 +:assumption (not (exists (?x1 Real) (< 0.0 ?x1)))
    12.6 +:formula true
    12.7 +)
    13.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_04.proof	Tue Oct 20 10:11:30 2009 +0200
    13.3 @@ -0,0 +1,1 @@
    13.4 +unsat
    14.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    14.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_05	Tue Oct 20 10:11:30 2009 +0200
    14.3 @@ -0,0 +1,4 @@
    14.4 +(benchmark Isabelle
    14.5 +:assumption (not (forall (?x1 Int) (exists (?x2 Int) (< ?x1 ?x2))))
    14.6 +:formula true
    14.7 +)
    15.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    15.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_05.proof	Tue Oct 20 10:11:30 2009 +0200
    15.3 @@ -0,0 +1,1 @@
    15.4 +unsat
    16.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    16.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_06	Tue Oct 20 10:11:30 2009 +0200
    16.3 @@ -0,0 +1,4 @@
    16.4 +(benchmark Isabelle
    16.5 +:assumption (not (forall (?x1 Int) (?x2 Int) (implies (and (= ?x1 0) (= ?x2 1)) (not (= ?x1 ?x2)))))
    16.6 +:formula true
    16.7 +)
    17.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    17.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_06.proof	Tue Oct 20 10:11:30 2009 +0200
    17.3 @@ -0,0 +1,73 @@
    17.4 +#2 := false
    17.5 +#5 := 0::int
    17.6 +#8 := 1::int
    17.7 +#143 := (= 1::int 0::int)
    17.8 +#145 := (iff #143 false)
    17.9 +#146 := [rewrite]: #145
   17.10 +decl ?x1!1 :: int
   17.11 +#47 := ?x1!1
   17.12 +#51 := (= ?x1!1 0::int)
   17.13 +decl ?x2!0 :: int
   17.14 +#46 := ?x2!0
   17.15 +#50 := (= ?x2!0 1::int)
   17.16 +#63 := (and #50 #51)
   17.17 +#69 := (= ?x2!0 ?x1!1)
   17.18 +#72 := (not #69)
   17.19 +#66 := (not #63)
   17.20 +#75 := (or #66 #72)
   17.21 +#78 := (not #75)
   17.22 +#48 := (= ?x1!1 ?x2!0)
   17.23 +#49 := (not #48)
   17.24 +#52 := (and #51 #50)
   17.25 +#53 := (not #52)
   17.26 +#54 := (or #53 #49)
   17.27 +#55 := (not #54)
   17.28 +#79 := (iff #55 #78)
   17.29 +#76 := (iff #54 #75)
   17.30 +#73 := (iff #49 #72)
   17.31 +#70 := (iff #48 #69)
   17.32 +#71 := [rewrite]: #70
   17.33 +#74 := [monotonicity #71]: #73
   17.34 +#67 := (iff #53 #66)
   17.35 +#64 := (iff #52 #63)
   17.36 +#65 := [rewrite]: #64
   17.37 +#68 := [monotonicity #65]: #67
   17.38 +#77 := [monotonicity #68 #74]: #76
   17.39 +#80 := [monotonicity #77]: #79
   17.40 +#7 := (:var 0 int)
   17.41 +#4 := (:var 1 int)
   17.42 +#11 := (= #4 #7)
   17.43 +#12 := (not #11)
   17.44 +#9 := (= #7 1::int)
   17.45 +#6 := (= #4 0::int)
   17.46 +#10 := (and #6 #9)
   17.47 +#32 := (not #10)
   17.48 +#33 := (or #32 #12)
   17.49 +#36 := (forall (vars (?x1 int) (?x2 int)) #33)
   17.50 +#39 := (not #36)
   17.51 +#56 := (~ #39 #55)
   17.52 +#57 := [sk]: #56
   17.53 +#13 := (implies #10 #12)
   17.54 +#14 := (forall (vars (?x1 int) (?x2 int)) #13)
   17.55 +#15 := (not #14)
   17.56 +#40 := (iff #15 #39)
   17.57 +#37 := (iff #14 #36)
   17.58 +#34 := (iff #13 #33)
   17.59 +#35 := [rewrite]: #34
   17.60 +#38 := [quant-intro #35]: #37
   17.61 +#41 := [monotonicity #38]: #40
   17.62 +#31 := [asserted]: #15
   17.63 +#44 := [mp #31 #41]: #39
   17.64 +#60 := [mp~ #44 #57]: #55
   17.65 +#61 := [mp #60 #80]: #78
   17.66 +#62 := [not-or-elim #61]: #63
   17.67 +#82 := [and-elim #62]: #51
   17.68 +#141 := (= 1::int ?x1!1)
   17.69 +#83 := [not-or-elim #61]: #69
   17.70 +#139 := (= 1::int ?x2!0)
   17.71 +#81 := [and-elim #62]: #50
   17.72 +#140 := [symm #81]: #139
   17.73 +#142 := [trans #140 #83]: #141
   17.74 +#144 := [trans #142 #82]: #143
   17.75 +[mp #144 #146]: false
   17.76 +unsat
    18.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    18.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_07	Tue Oct 20 10:11:30 2009 +0200
    18.3 @@ -0,0 +1,4 @@
    18.4 +(benchmark Isabelle
    18.5 +:assumption (not (exists (?x1 Int) (forall (?x2 Int) (implies (< ?x1 ?x2) (or (< ?x2 0) (<= 0 ?x2))))))
    18.6 +:formula true
    18.7 +)
    19.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    19.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_07.proof	Tue Oct 20 10:11:30 2009 +0200
    19.3 @@ -0,0 +1,82 @@
    19.4 +#2 := false
    19.5 +#5 := (:var 0 int)
    19.6 +#7 := 0::int
    19.7 +#9 := (<= 0::int #5)
    19.8 +#8 := (< #5 0::int)
    19.9 +#10 := (or #8 #9)
   19.10 +#4 := (:var 1 int)
   19.11 +#6 := (< #4 #5)
   19.12 +#11 := (implies #6 #10)
   19.13 +#12 := (forall (vars (?x2 int)) #11)
   19.14 +#13 := (exists (vars (?x1 int)) #12)
   19.15 +#14 := (not #13)
   19.16 +#95 := (iff #14 false)
   19.17 +#31 := (not #6)
   19.18 +#32 := (or #31 #10)
   19.19 +#35 := (forall (vars (?x2 int)) #32)
   19.20 +#38 := (exists (vars (?x1 int)) #35)
   19.21 +#41 := (not #38)
   19.22 +#93 := (iff #41 false)
   19.23 +#1 := true
   19.24 +#88 := (not true)
   19.25 +#91 := (iff #88 false)
   19.26 +#92 := [rewrite]: #91
   19.27 +#89 := (iff #41 #88)
   19.28 +#86 := (iff #38 true)
   19.29 +#81 := (exists (vars (?x1 int)) true)
   19.30 +#84 := (iff #81 true)
   19.31 +#85 := [elim-unused]: #84
   19.32 +#82 := (iff #38 #81)
   19.33 +#79 := (iff #35 true)
   19.34 +#74 := (forall (vars (?x2 int)) true)
   19.35 +#77 := (iff #74 true)
   19.36 +#78 := [elim-unused]: #77
   19.37 +#75 := (iff #35 #74)
   19.38 +#72 := (iff #32 true)
   19.39 +#46 := (>= #5 0::int)
   19.40 +#44 := (not #46)
   19.41 +#64 := (or #44 #46)
   19.42 +#50 := -1::int
   19.43 +#53 := (* -1::int #5)
   19.44 +#54 := (+ #4 #53)
   19.45 +#52 := (>= #54 0::int)
   19.46 +#67 := (or #52 #64)
   19.47 +#70 := (iff #67 true)
   19.48 +#71 := [rewrite]: #70
   19.49 +#68 := (iff #32 #67)
   19.50 +#65 := (iff #10 #64)
   19.51 +#48 := (iff #9 #46)
   19.52 +#49 := [rewrite]: #48
   19.53 +#45 := (iff #8 #44)
   19.54 +#47 := [rewrite]: #45
   19.55 +#66 := [monotonicity #47 #49]: #65
   19.56 +#62 := (iff #31 #52)
   19.57 +#51 := (not #52)
   19.58 +#57 := (not #51)
   19.59 +#60 := (iff #57 #52)
   19.60 +#61 := [rewrite]: #60
   19.61 +#58 := (iff #31 #57)
   19.62 +#55 := (iff #6 #51)
   19.63 +#56 := [rewrite]: #55
   19.64 +#59 := [monotonicity #56]: #58
   19.65 +#63 := [trans #59 #61]: #62
   19.66 +#69 := [monotonicity #63 #66]: #68
   19.67 +#73 := [trans #69 #71]: #72
   19.68 +#76 := [quant-intro #73]: #75
   19.69 +#80 := [trans #76 #78]: #79
   19.70 +#83 := [quant-intro #80]: #82
   19.71 +#87 := [trans #83 #85]: #86
   19.72 +#90 := [monotonicity #87]: #89
   19.73 +#94 := [trans #90 #92]: #93
   19.74 +#42 := (iff #14 #41)
   19.75 +#39 := (iff #13 #38)
   19.76 +#36 := (iff #12 #35)
   19.77 +#33 := (iff #11 #32)
   19.78 +#34 := [rewrite]: #33
   19.79 +#37 := [quant-intro #34]: #36
   19.80 +#40 := [quant-intro #37]: #39
   19.81 +#43 := [monotonicity #40]: #42
   19.82 +#96 := [trans #43 #94]: #95
   19.83 +#30 := [asserted]: #14
   19.84 +[mp #30 #96]: false
   19.85 +unsat
    20.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    20.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_08	Tue Oct 20 10:11:30 2009 +0200
    20.3 @@ -0,0 +1,4 @@
    20.4 +(benchmark Isabelle
    20.5 +:assumption (not (forall (?x1 Int) (?x2 Int) (implies (< ?x1 ?x2) (< (+ (* 2 ?x1) 1) (* 2 ?x2)))))
    20.6 +:formula true
    20.7 +)
    21.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    21.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_08.proof	Tue Oct 20 10:11:30 2009 +0200
    21.3 @@ -0,0 +1,128 @@
    21.4 +#2 := false
    21.5 +#9 := 1::int
    21.6 +decl ?x1!1 :: int
    21.7 +#91 := ?x1!1
    21.8 +#68 := -2::int
    21.9 +#129 := (* -2::int ?x1!1)
   21.10 +decl ?x2!0 :: int
   21.11 +#90 := ?x2!0
   21.12 +#7 := 2::int
   21.13 +#128 := (* 2::int ?x2!0)
   21.14 +#130 := (+ #128 #129)
   21.15 +#131 := (<= #130 1::int)
   21.16 +#136 := (not #131)
   21.17 +#55 := 0::int
   21.18 +#53 := -1::int
   21.19 +#115 := (* -1::int ?x1!1)
   21.20 +#116 := (+ ?x2!0 #115)
   21.21 +#117 := (<= #116 0::int)
   21.22 +#139 := (or #117 #136)
   21.23 +#142 := (not #139)
   21.24 +#92 := (* -2::int ?x2!0)
   21.25 +#93 := (* 2::int ?x1!1)
   21.26 +#94 := (+ #93 #92)
   21.27 +#95 := (>= #94 -1::int)
   21.28 +#96 := (not #95)
   21.29 +#97 := (* -1::int ?x2!0)
   21.30 +#98 := (+ ?x1!1 #97)
   21.31 +#99 := (>= #98 0::int)
   21.32 +#100 := (or #99 #96)
   21.33 +#101 := (not #100)
   21.34 +#143 := (iff #101 #142)
   21.35 +#140 := (iff #100 #139)
   21.36 +#137 := (iff #96 #136)
   21.37 +#134 := (iff #95 #131)
   21.38 +#122 := (+ #92 #93)
   21.39 +#125 := (>= #122 -1::int)
   21.40 +#132 := (iff #125 #131)
   21.41 +#133 := [rewrite]: #132
   21.42 +#126 := (iff #95 #125)
   21.43 +#123 := (= #94 #122)
   21.44 +#124 := [rewrite]: #123
   21.45 +#127 := [monotonicity #124]: #126
   21.46 +#135 := [trans #127 #133]: #134
   21.47 +#138 := [monotonicity #135]: #137
   21.48 +#120 := (iff #99 #117)
   21.49 +#109 := (+ #97 ?x1!1)
   21.50 +#112 := (>= #109 0::int)
   21.51 +#118 := (iff #112 #117)
   21.52 +#119 := [rewrite]: #118
   21.53 +#113 := (iff #99 #112)
   21.54 +#110 := (= #98 #109)
   21.55 +#111 := [rewrite]: #110
   21.56 +#114 := [monotonicity #111]: #113
   21.57 +#121 := [trans #114 #119]: #120
   21.58 +#141 := [monotonicity #121 #138]: #140
   21.59 +#144 := [monotonicity #141]: #143
   21.60 +#5 := (:var 0 int)
   21.61 +#71 := (* -2::int #5)
   21.62 +#4 := (:var 1 int)
   21.63 +#8 := (* 2::int #4)
   21.64 +#72 := (+ #8 #71)
   21.65 +#70 := (>= #72 -1::int)
   21.66 +#69 := (not #70)
   21.67 +#57 := (* -1::int #5)
   21.68 +#58 := (+ #4 #57)
   21.69 +#56 := (>= #58 0::int)
   21.70 +#75 := (or #56 #69)
   21.71 +#78 := (forall (vars (?x1 int) (?x2 int)) #75)
   21.72 +#81 := (not #78)
   21.73 +#102 := (~ #81 #101)
   21.74 +#103 := [sk]: #102
   21.75 +#11 := (* 2::int #5)
   21.76 +#10 := (+ #8 1::int)
   21.77 +#12 := (< #10 #11)
   21.78 +#6 := (< #4 #5)
   21.79 +#13 := (implies #6 #12)
   21.80 +#14 := (forall (vars (?x1 int) (?x2 int)) #13)
   21.81 +#15 := (not #14)
   21.82 +#84 := (iff #15 #81)
   21.83 +#32 := (+ 1::int #8)
   21.84 +#35 := (< #32 #11)
   21.85 +#41 := (not #6)
   21.86 +#42 := (or #41 #35)
   21.87 +#47 := (forall (vars (?x1 int) (?x2 int)) #42)
   21.88 +#50 := (not #47)
   21.89 +#82 := (iff #50 #81)
   21.90 +#79 := (iff #47 #78)
   21.91 +#76 := (iff #42 #75)
   21.92 +#73 := (iff #35 #69)
   21.93 +#74 := [rewrite]: #73
   21.94 +#66 := (iff #41 #56)
   21.95 +#54 := (not #56)
   21.96 +#61 := (not #54)
   21.97 +#64 := (iff #61 #56)
   21.98 +#65 := [rewrite]: #64
   21.99 +#62 := (iff #41 #61)
  21.100 +#59 := (iff #6 #54)
  21.101 +#60 := [rewrite]: #59
  21.102 +#63 := [monotonicity #60]: #62
  21.103 +#67 := [trans #63 #65]: #66
  21.104 +#77 := [monotonicity #67 #74]: #76
  21.105 +#80 := [quant-intro #77]: #79
  21.106 +#83 := [monotonicity #80]: #82
  21.107 +#51 := (iff #15 #50)
  21.108 +#48 := (iff #14 #47)
  21.109 +#45 := (iff #13 #42)
  21.110 +#38 := (implies #6 #35)
  21.111 +#43 := (iff #38 #42)
  21.112 +#44 := [rewrite]: #43
  21.113 +#39 := (iff #13 #38)
  21.114 +#36 := (iff #12 #35)
  21.115 +#33 := (= #10 #32)
  21.116 +#34 := [rewrite]: #33
  21.117 +#37 := [monotonicity #34]: #36
  21.118 +#40 := [monotonicity #37]: #39
  21.119 +#46 := [trans #40 #44]: #45
  21.120 +#49 := [quant-intro #46]: #48
  21.121 +#52 := [monotonicity #49]: #51
  21.122 +#85 := [trans #52 #83]: #84
  21.123 +#31 := [asserted]: #15
  21.124 +#86 := [mp #31 #85]: #81
  21.125 +#106 := [mp~ #86 #103]: #101
  21.126 +#107 := [mp #106 #144]: #142
  21.127 +#146 := [not-or-elim #107]: #131
  21.128 +#108 := (not #117)
  21.129 +#145 := [not-or-elim #107]: #108
  21.130 +[th-lemma #145 #146]: false
  21.131 +unsat
    22.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    22.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_09	Tue Oct 20 10:11:30 2009 +0200
    22.3 @@ -0,0 +1,4 @@
    22.4 +(benchmark Isabelle
    22.5 +:assumption (not (forall (?x1 Int) (?x2 Int) (not (= (+ (* 2 ?x1) 1) (* 2 ?x2)))))
    22.6 +:formula true
    22.7 +)
    23.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    23.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_09.proof	Tue Oct 20 10:11:30 2009 +0200
    23.3 @@ -0,0 +1,100 @@
    23.4 +#2 := false
    23.5 +#7 := 1::int
    23.6 +decl ?x1!1 :: int
    23.7 +#74 := ?x1!1
    23.8 +#51 := -2::int
    23.9 +#96 := (* -2::int ?x1!1)
   23.10 +decl ?x2!0 :: int
   23.11 +#73 := ?x2!0
   23.12 +#4 := 2::int
   23.13 +#95 := (* 2::int ?x2!0)
   23.14 +#97 := (+ #95 #96)
   23.15 +#166 := (<= #97 1::int)
   23.16 +#94 := (= #97 1::int)
   23.17 +#53 := -1::int
   23.18 +#75 := (* -2::int ?x2!0)
   23.19 +#76 := (* 2::int ?x1!1)
   23.20 +#77 := (+ #76 #75)
   23.21 +#78 := (= #77 -1::int)
   23.22 +#79 := (not #78)
   23.23 +#80 := (not #79)
   23.24 +#110 := (iff #80 #94)
   23.25 +#102 := (not #94)
   23.26 +#105 := (not #102)
   23.27 +#108 := (iff #105 #94)
   23.28 +#109 := [rewrite]: #108
   23.29 +#106 := (iff #80 #105)
   23.30 +#103 := (iff #79 #102)
   23.31 +#100 := (iff #78 #94)
   23.32 +#88 := (+ #75 #76)
   23.33 +#91 := (= #88 -1::int)
   23.34 +#98 := (iff #91 #94)
   23.35 +#99 := [rewrite]: #98
   23.36 +#92 := (iff #78 #91)
   23.37 +#89 := (= #77 #88)
   23.38 +#90 := [rewrite]: #89
   23.39 +#93 := [monotonicity #90]: #92
   23.40 +#101 := [trans #93 #99]: #100
   23.41 +#104 := [monotonicity #101]: #103
   23.42 +#107 := [monotonicity #104]: #106
   23.43 +#111 := [trans #107 #109]: #110
   23.44 +#9 := (:var 0 int)
   23.45 +#55 := (* -2::int #9)
   23.46 +#5 := (:var 1 int)
   23.47 +#6 := (* 2::int #5)
   23.48 +#56 := (+ #6 #55)
   23.49 +#54 := (= #56 -1::int)
   23.50 +#58 := (not #54)
   23.51 +#61 := (forall (vars (?x1 int) (?x2 int)) #58)
   23.52 +#64 := (not #61)
   23.53 +#81 := (~ #64 #80)
   23.54 +#82 := [sk]: #81
   23.55 +#10 := (* 2::int #9)
   23.56 +#8 := (+ #6 1::int)
   23.57 +#11 := (= #8 #10)
   23.58 +#12 := (not #11)
   23.59 +#13 := (forall (vars (?x1 int) (?x2 int)) #12)
   23.60 +#14 := (not #13)
   23.61 +#67 := (iff #14 #64)
   23.62 +#31 := (+ 1::int #6)
   23.63 +#37 := (= #10 #31)
   23.64 +#42 := (not #37)
   23.65 +#45 := (forall (vars (?x1 int) (?x2 int)) #42)
   23.66 +#48 := (not #45)
   23.67 +#65 := (iff #48 #64)
   23.68 +#62 := (iff #45 #61)
   23.69 +#59 := (iff #42 #58)
   23.70 +#52 := (iff #37 #54)
   23.71 +#57 := [rewrite]: #52
   23.72 +#60 := [monotonicity #57]: #59
   23.73 +#63 := [quant-intro #60]: #62
   23.74 +#66 := [monotonicity #63]: #65
   23.75 +#49 := (iff #14 #48)
   23.76 +#46 := (iff #13 #45)
   23.77 +#43 := (iff #12 #42)
   23.78 +#40 := (iff #11 #37)
   23.79 +#34 := (= #31 #10)
   23.80 +#38 := (iff #34 #37)
   23.81 +#39 := [rewrite]: #38
   23.82 +#35 := (iff #11 #34)
   23.83 +#32 := (= #8 #31)
   23.84 +#33 := [rewrite]: #32
   23.85 +#36 := [monotonicity #33]: #35
   23.86 +#41 := [trans #36 #39]: #40
   23.87 +#44 := [monotonicity #41]: #43
   23.88 +#47 := [quant-intro #44]: #46
   23.89 +#50 := [monotonicity #47]: #49
   23.90 +#68 := [trans #50 #66]: #67
   23.91 +#30 := [asserted]: #14
   23.92 +#69 := [mp #30 #68]: #64
   23.93 +#85 := [mp~ #69 #82]: #80
   23.94 +#86 := [mp #85 #111]: #94
   23.95 +#168 := (or #102 #166)
   23.96 +#169 := [th-lemma]: #168
   23.97 +#170 := [unit-resolution #169 #86]: #166
   23.98 +#167 := (>= #97 1::int)
   23.99 +#171 := (or #102 #167)
  23.100 +#172 := [th-lemma]: #171
  23.101 +#173 := [unit-resolution #172 #86]: #167
  23.102 +[th-lemma #173 #170]: false
  23.103 +unsat
    24.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    24.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_10	Tue Oct 20 10:11:30 2009 +0200
    24.3 @@ -0,0 +1,4 @@
    24.4 +(benchmark Isabelle
    24.5 +:assumption (not (forall (?x1 Int) (?x2 Int) (or (< 2 (+ ?x1 ?x2)) (or (= (+ ?x1 ?x2) 2) (< (+ ?x1 ?x2) 2)))))
    24.6 +:formula true
    24.7 +)
    25.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    25.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_10.proof	Tue Oct 20 10:11:30 2009 +0200
    25.3 @@ -0,0 +1,111 @@
    25.4 +#2 := false
    25.5 +#4 := 2::int
    25.6 +decl ?x1!1 :: int
    25.7 +#85 := ?x1!1
    25.8 +decl ?x2!0 :: int
    25.9 +#84 := ?x2!0
   25.10 +#101 := (+ ?x2!0 ?x1!1)
   25.11 +#107 := (>= #101 2::int)
   25.12 +#113 := (<= #101 2::int)
   25.13 +#116 := (not #113)
   25.14 +#110 := (not #107)
   25.15 +#104 := (= #101 2::int)
   25.16 +#119 := (or #104 #110 #116)
   25.17 +#122 := (not #119)
   25.18 +#86 := (+ ?x1!1 ?x2!0)
   25.19 +#87 := (<= #86 2::int)
   25.20 +#88 := (not #87)
   25.21 +#89 := (>= #86 2::int)
   25.22 +#90 := (not #89)
   25.23 +#91 := (= #86 2::int)
   25.24 +#92 := (or #91 #90 #88)
   25.25 +#93 := (not #92)
   25.26 +#123 := (iff #93 #122)
   25.27 +#120 := (iff #92 #119)
   25.28 +#117 := (iff #88 #116)
   25.29 +#114 := (iff #87 #113)
   25.30 +#102 := (= #86 #101)
   25.31 +#103 := [rewrite]: #102
   25.32 +#115 := [monotonicity #103]: #114
   25.33 +#118 := [monotonicity #115]: #117
   25.34 +#111 := (iff #90 #110)
   25.35 +#108 := (iff #89 #107)
   25.36 +#109 := [monotonicity #103]: #108
   25.37 +#112 := [monotonicity #109]: #111
   25.38 +#105 := (iff #91 #104)
   25.39 +#106 := [monotonicity #103]: #105
   25.40 +#121 := [monotonicity #106 #112 #118]: #120
   25.41 +#124 := [monotonicity #121]: #123
   25.42 +#6 := (:var 0 int)
   25.43 +#5 := (:var 1 int)
   25.44 +#7 := (+ #5 #6)
   25.45 +#56 := (<= #7 2::int)
   25.46 +#58 := (not #56)
   25.47 +#54 := (>= #7 2::int)
   25.48 +#51 := (not #54)
   25.49 +#9 := (= #7 2::int)
   25.50 +#67 := (or #9 #51 #58)
   25.51 +#72 := (forall (vars (?x1 int) (?x2 int)) #67)
   25.52 +#75 := (not #72)
   25.53 +#94 := (~ #75 #93)
   25.54 +#95 := [sk]: #94
   25.55 +#10 := (< #7 2::int)
   25.56 +#11 := (or #9 #10)
   25.57 +#8 := (< 2::int #7)
   25.58 +#12 := (or #8 #11)
   25.59 +#13 := (forall (vars (?x1 int) (?x2 int)) #12)
   25.60 +#14 := (not #13)
   25.61 +#78 := (iff #14 #75)
   25.62 +#31 := (= 2::int #7)
   25.63 +#37 := (or #10 #31)
   25.64 +#42 := (or #8 #37)
   25.65 +#45 := (forall (vars (?x1 int) (?x2 int)) #42)
   25.66 +#48 := (not #45)
   25.67 +#76 := (iff #48 #75)
   25.68 +#73 := (iff #45 #72)
   25.69 +#70 := (iff #42 #67)
   25.70 +#61 := (or #51 #9)
   25.71 +#64 := (or #58 #61)
   25.72 +#68 := (iff #64 #67)
   25.73 +#69 := [rewrite]: #68
   25.74 +#65 := (iff #42 #64)
   25.75 +#62 := (iff #37 #61)
   25.76 +#55 := (iff #31 #9)
   25.77 +#57 := [rewrite]: #55
   25.78 +#53 := (iff #10 #51)
   25.79 +#52 := [rewrite]: #53
   25.80 +#63 := [monotonicity #52 #57]: #62
   25.81 +#59 := (iff #8 #58)
   25.82 +#60 := [rewrite]: #59
   25.83 +#66 := [monotonicity #60 #63]: #65
   25.84 +#71 := [trans #66 #69]: #70
   25.85 +#74 := [quant-intro #71]: #73
   25.86 +#77 := [monotonicity #74]: #76
   25.87 +#49 := (iff #14 #48)
   25.88 +#46 := (iff #13 #45)
   25.89 +#43 := (iff #12 #42)
   25.90 +#40 := (iff #11 #37)
   25.91 +#34 := (or #31 #10)
   25.92 +#38 := (iff #34 #37)
   25.93 +#39 := [rewrite]: #38
   25.94 +#35 := (iff #11 #34)
   25.95 +#32 := (iff #9 #31)
   25.96 +#33 := [rewrite]: #32
   25.97 +#36 := [monotonicity #33]: #35
   25.98 +#41 := [trans #36 #39]: #40
   25.99 +#44 := [monotonicity #41]: #43
  25.100 +#47 := [quant-intro #44]: #46
  25.101 +#50 := [monotonicity #47]: #49
  25.102 +#79 := [trans #50 #77]: #78
  25.103 +#30 := [asserted]: #14
  25.104 +#80 := [mp #30 #79]: #75
  25.105 +#98 := [mp~ #80 #95]: #93
  25.106 +#99 := [mp #98 #124]: #122
  25.107 +#126 := [not-or-elim #99]: #107
  25.108 +#100 := (not #104)
  25.109 +#125 := [not-or-elim #99]: #100
  25.110 +#127 := [not-or-elim #99]: #113
  25.111 +#183 := (or #104 #116 #110)
  25.112 +#184 := [th-lemma]: #183
  25.113 +[unit-resolution #184 #127 #125 #126]: false
  25.114 +unsat
    26.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    26.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_11	Tue Oct 20 10:11:30 2009 +0200
    26.3 @@ -0,0 +1,4 @@
    26.4 +(benchmark Isabelle
    26.5 +:assumption (not (forall (?x1 Int) (if_then_else (< 0 ?x1) (< 0 (+ ?x1 1)) (< ?x1 1))))
    26.6 +:formula true
    26.7 +)
    27.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    27.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_11.proof	Tue Oct 20 10:11:30 2009 +0200
    27.3 @@ -0,0 +1,89 @@
    27.4 +#2 := false
    27.5 +#4 := 0::int
    27.6 +decl ?x1!0 :: int
    27.7 +#78 := ?x1!0
    27.8 +#83 := (<= ?x1!0 0::int)
    27.9 +#146 := (not #83)
   27.10 +#155 := [hypothesis]: #83
   27.11 +#7 := 1::int
   27.12 +#81 := (>= ?x1!0 1::int)
   27.13 +#82 := (not #81)
   27.14 +#156 := (or #82 #146)
   27.15 +#157 := [th-lemma]: #156
   27.16 +#158 := [unit-resolution #157 #155]: #82
   27.17 +#159 := (or #146 #81)
   27.18 +#49 := -1::int
   27.19 +#79 := (<= ?x1!0 -1::int)
   27.20 +#80 := (not #79)
   27.21 +#84 := (ite #83 #82 #80)
   27.22 +#85 := (not #84)
   27.23 +#5 := (:var 0 int)
   27.24 +#50 := (<= #5 -1::int)
   27.25 +#51 := (not #50)
   27.26 +#55 := (>= #5 1::int)
   27.27 +#54 := (not #55)
   27.28 +#45 := (<= #5 0::int)
   27.29 +#61 := (ite #45 #54 #51)
   27.30 +#66 := (forall (vars (?x1 int)) #61)
   27.31 +#69 := (not #66)
   27.32 +#86 := (~ #69 #85)
   27.33 +#87 := [sk]: #86
   27.34 +#10 := (< #5 1::int)
   27.35 +#8 := (+ #5 1::int)
   27.36 +#9 := (< 0::int #8)
   27.37 +#6 := (< 0::int #5)
   27.38 +#11 := (ite #6 #9 #10)
   27.39 +#12 := (forall (vars (?x1 int)) #11)
   27.40 +#13 := (not #12)
   27.41 +#72 := (iff #13 #69)
   27.42 +#30 := (+ 1::int #5)
   27.43 +#33 := (< 0::int #30)
   27.44 +#36 := (ite #6 #33 #10)
   27.45 +#39 := (forall (vars (?x1 int)) #36)
   27.46 +#42 := (not #39)
   27.47 +#70 := (iff #42 #69)
   27.48 +#67 := (iff #39 #66)
   27.49 +#64 := (iff #36 #61)
   27.50 +#46 := (not #45)
   27.51 +#58 := (ite #46 #51 #54)
   27.52 +#62 := (iff #58 #61)
   27.53 +#63 := [rewrite]: #62
   27.54 +#59 := (iff #36 #58)
   27.55 +#56 := (iff #10 #54)
   27.56 +#57 := [rewrite]: #56
   27.57 +#52 := (iff #33 #51)
   27.58 +#53 := [rewrite]: #52
   27.59 +#47 := (iff #6 #46)
   27.60 +#48 := [rewrite]: #47
   27.61 +#60 := [monotonicity #48 #53 #57]: #59
   27.62 +#65 := [trans #60 #63]: #64
   27.63 +#68 := [quant-intro #65]: #67
   27.64 +#71 := [monotonicity #68]: #70
   27.65 +#43 := (iff #13 #42)
   27.66 +#40 := (iff #12 #39)
   27.67 +#37 := (iff #11 #36)
   27.68 +#34 := (iff #9 #33)
   27.69 +#31 := (= #8 #30)
   27.70 +#32 := [rewrite]: #31
   27.71 +#35 := [monotonicity #32]: #34
   27.72 +#38 := [monotonicity #35]: #37
   27.73 +#41 := [quant-intro #38]: #40
   27.74 +#44 := [monotonicity #41]: #43
   27.75 +#73 := [trans #44 #71]: #72
   27.76 +#29 := [asserted]: #13
   27.77 +#74 := [mp #29 #73]: #69
   27.78 +#90 := [mp~ #74 #87]: #85
   27.79 +#151 := (or #84 #146 #81)
   27.80 +#152 := [def-axiom]: #151
   27.81 +#160 := [unit-resolution #152 #90]: #159
   27.82 +#161 := [unit-resolution #160 #158 #155]: false
   27.83 +#162 := [lemma #161]: #146
   27.84 +#163 := (or #80 #83)
   27.85 +#164 := [th-lemma]: #163
   27.86 +#165 := [unit-resolution #164 #162]: #80
   27.87 +#166 := (or #83 #79)
   27.88 +#153 := (or #84 #83 #79)
   27.89 +#154 := [def-axiom]: #153
   27.90 +#167 := [unit-resolution #154 #90]: #166
   27.91 +[unit-resolution #167 #165 #162]: false
   27.92 +unsat
    28.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    28.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_12	Tue Oct 20 10:11:30 2009 +0200
    28.3 @@ -0,0 +1,4 @@
    28.4 +(benchmark Isabelle
    28.5 +:assumption (not (if_then_else (forall (?x1 Int) (or (< ?x1 0) (< 0 ?x1))) false true))
    28.6 +:formula true
    28.7 +)
    29.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    29.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_12.proof	Tue Oct 20 10:11:30 2009 +0200
    29.3 @@ -0,0 +1,83 @@
    29.4 +#2 := false
    29.5 +#5 := 0::int
    29.6 +#4 := (:var 0 int)
    29.7 +#42 := (<= #4 0::int)
    29.8 +#43 := (not #42)
    29.9 +#40 := (>= #4 0::int)
   29.10 +#38 := (not #40)
   29.11 +#46 := (or #38 #43)
   29.12 +#49 := (forall (vars (?x1 int)) #46)
   29.13 +#524 := (not #49)
   29.14 +#118 := (<= 0::int 0::int)
   29.15 +#205 := (not #118)
   29.16 +#119 := (>= 0::int 0::int)
   29.17 +#206 := (not #119)
   29.18 +#120 := (or #206 #205)
   29.19 +#183 := (or #524 #120)
   29.20 +#172 := (iff #183 #524)
   29.21 +#525 := (or #524 false)
   29.22 +#168 := (iff #525 #524)
   29.23 +#510 := [rewrite]: #168
   29.24 +#184 := (iff #183 #525)
   29.25 +#528 := (iff #120 false)
   29.26 +#197 := (or false false)
   29.27 +#532 := (iff #197 false)
   29.28 +#533 := [rewrite]: #532
   29.29 +#530 := (iff #120 #197)
   29.30 +#523 := (iff #205 false)
   29.31 +#1 := true
   29.32 +#209 := (not true)
   29.33 +#211 := (iff #209 false)
   29.34 +#208 := [rewrite]: #211
   29.35 +#185 := (iff #205 #209)
   29.36 +#527 := (iff #118 true)
   29.37 +#529 := [rewrite]: #527
   29.38 +#316 := [monotonicity #529]: #185
   29.39 +#196 := [trans #316 #208]: #523
   29.40 +#212 := (iff #206 false)
   29.41 +#210 := (iff #206 #209)
   29.42 +#207 := (iff #119 true)
   29.43 +#198 := [rewrite]: #207
   29.44 +#138 := [monotonicity #198]: #210
   29.45 +#191 := [trans #138 #208]: #212
   29.46 +#531 := [monotonicity #191 #196]: #530
   29.47 +#534 := [trans #531 #533]: #528
   29.48 +#526 := [monotonicity #534]: #184
   29.49 +#173 := [trans #526 #510]: #172
   29.50 +#188 := [quant-inst]: #183
   29.51 +#174 := [mp #188 #173]: #524
   29.52 +#60 := (~ #49 #49)
   29.53 +#58 := (~ #46 #46)
   29.54 +#59 := [refl]: #58
   29.55 +#61 := [nnf-pos #59]: #60
   29.56 +#7 := (< 0::int #4)
   29.57 +#6 := (< #4 0::int)
   29.58 +#8 := (or #6 #7)
   29.59 +#9 := (forall (vars (?x1 int)) #8)
   29.60 +#10 := (ite #9 false true)
   29.61 +#11 := (not #10)
   29.62 +#52 := (iff #11 #49)
   29.63 +#50 := (iff #9 #49)
   29.64 +#47 := (iff #8 #46)
   29.65 +#44 := (iff #7 #43)
   29.66 +#45 := [rewrite]: #44
   29.67 +#39 := (iff #6 #38)
   29.68 +#41 := [rewrite]: #39
   29.69 +#48 := [monotonicity #41 #45]: #47
   29.70 +#51 := [quant-intro #48]: #50
   29.71 +#36 := (iff #11 #9)
   29.72 +#28 := (not #9)
   29.73 +#31 := (not #28)
   29.74 +#34 := (iff #31 #9)
   29.75 +#35 := [rewrite]: #34
   29.76 +#32 := (iff #11 #31)
   29.77 +#29 := (iff #10 #28)
   29.78 +#30 := [rewrite]: #29
   29.79 +#33 := [monotonicity #30]: #32
   29.80 +#37 := [trans #33 #35]: #36
   29.81 +#53 := [trans #37 #51]: #52
   29.82 +#27 := [asserted]: #11
   29.83 +#54 := [mp #27 #53]: #49
   29.84 +#62 := [mp~ #54 #61]: #49
   29.85 +[unit-resolution #62 #174]: false
   29.86 +unsat
    30.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    30.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_13	Tue Oct 20 10:11:30 2009 +0200
    30.3 @@ -0,0 +1,4 @@
    30.4 +(benchmark Isabelle
    30.5 +:assumption (not (< 0 (ite (forall (?x1 Int) (or (< ?x1 0) (< 0 ?x1))) (~ 1) 3)))
    30.6 +:formula true
    30.7 +)
    31.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    31.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_13.proof	Tue Oct 20 10:11:30 2009 +0200
    31.3 @@ -0,0 +1,180 @@
    31.4 +#2 := false
    31.5 +#4 := 0::int
    31.6 +#5 := (:var 0 int)
    31.7 +#48 := (<= #5 0::int)
    31.8 +#49 := (not #48)
    31.9 +#45 := (>= #5 0::int)
   31.10 +#44 := (not #45)
   31.11 +#52 := (or #44 #49)
   31.12 +#55 := (forall (vars (?x1 int)) #52)
   31.13 +#86 := (not #55)
   31.14 +#604 := (<= 0::int 0::int)
   31.15 +#264 := (not #604)
   31.16 +#269 := (>= 0::int 0::int)
   31.17 +#605 := (not #269)
   31.18 +#265 := (or #605 #264)
   31.19 +#588 := (or #86 #265)
   31.20 +#584 := (iff #588 #86)
   31.21 +#311 := (or #86 false)
   31.22 +#314 := (iff #311 #86)
   31.23 +#208 := [rewrite]: #314
   31.24 +#312 := (iff #588 #311)
   31.25 +#599 := (iff #265 false)
   31.26 +#598 := (or false false)
   31.27 +#241 := (iff #598 false)
   31.28 +#601 := [rewrite]: #241
   31.29 +#600 := (iff #265 #598)
   31.30 +#597 := (iff #264 false)
   31.31 +#1 := true
   31.32 +#590 := (not true)
   31.33 +#255 := (iff #590 false)
   31.34 +#256 := [rewrite]: #255
   31.35 +#596 := (iff #264 #590)
   31.36 +#594 := (iff #604 true)
   31.37 +#595 := [rewrite]: #594
   31.38 +#591 := [monotonicity #595]: #596
   31.39 +#235 := [trans #591 #256]: #597
   31.40 +#592 := (iff #605 false)
   31.41 +#253 := (iff #605 #590)
   31.42 +#606 := (iff #269 true)
   31.43 +#249 := [rewrite]: #606
   31.44 +#254 := [monotonicity #249]: #253
   31.45 +#593 := [trans #254 #256]: #592
   31.46 +#240 := [monotonicity #593 #235]: #600
   31.47 +#602 := [trans #240 #601]: #599
   31.48 +#313 := [monotonicity #602]: #312
   31.49 +#585 := [trans #313 #208]: #584
   31.50 +#589 := [quant-inst]: #588
   31.51 +#307 := [mp #589 #585]: #86
   31.52 +decl z3name!0 :: bool
   31.53 +#83 := z3name!0
   31.54 +#12 := 3::int
   31.55 +#32 := -1::int
   31.56 +#92 := (ite z3name!0 -1::int 3::int)
   31.57 +#290 := (= #92 3::int)
   31.58 +#610 := (not #290)
   31.59 +#607 := (>= #92 3::int)
   31.60 +#609 := (not #607)
   31.61 +#95 := (<= #92 0::int)
   31.62 +#58 := (ite #55 -1::int 3::int)
   31.63 +#64 := (<= #58 0::int)
   31.64 +#96 := (~ #64 #95)
   31.65 +#93 := (= #58 #92)
   31.66 +#90 := (~ #55 z3name!0)
   31.67 +#87 := (or z3name!0 #86)
   31.68 +#84 := (not z3name!0)
   31.69 +#85 := (or #84 #55)
   31.70 +#88 := (and #85 #87)
   31.71 +#89 := [intro-def]: #88
   31.72 +#91 := [apply-def #89]: #90
   31.73 +#94 := [monotonicity #91]: #93
   31.74 +#97 := [monotonicity #94]: #96
   31.75 +#10 := 1::int
   31.76 +#11 := (- 1::int)
   31.77 +#7 := (< 0::int #5)
   31.78 +#6 := (< #5 0::int)
   31.79 +#8 := (or #6 #7)
   31.80 +#9 := (forall (vars (?x1 int)) #8)
   31.81 +#13 := (ite #9 #11 3::int)
   31.82 +#14 := (< 0::int #13)
   31.83 +#15 := (not #14)
   31.84 +#77 := (iff #15 #64)
   31.85 +#35 := (ite #9 -1::int 3::int)
   31.86 +#38 := (< 0::int #35)
   31.87 +#41 := (not #38)
   31.88 +#75 := (iff #41 #64)
   31.89 +#65 := (not #64)
   31.90 +#70 := (not #65)
   31.91 +#73 := (iff #70 #64)
   31.92 +#74 := [rewrite]: #73
   31.93 +#71 := (iff #41 #70)
   31.94 +#68 := (iff #38 #65)
   31.95 +#61 := (< 0::int #58)
   31.96 +#66 := (iff #61 #65)
   31.97 +#67 := [rewrite]: #66
   31.98 +#62 := (iff #38 #61)
   31.99 +#59 := (= #35 #58)
  31.100 +#56 := (iff #9 #55)
  31.101 +#53 := (iff #8 #52)
  31.102 +#50 := (iff #7 #49)
  31.103 +#51 := [rewrite]: #50
  31.104 +#46 := (iff #6 #44)
  31.105 +#47 := [rewrite]: #46
  31.106 +#54 := [monotonicity #47 #51]: #53
  31.107 +#57 := [quant-intro #54]: #56
  31.108 +#60 := [monotonicity #57]: #59
  31.109 +#63 := [monotonicity #60]: #62
  31.110 +#69 := [trans #63 #67]: #68
  31.111 +#72 := [monotonicity #69]: #71
  31.112 +#76 := [trans #72 #74]: #75
  31.113 +#42 := (iff #15 #41)
  31.114 +#39 := (iff #14 #38)
  31.115 +#36 := (= #13 #35)
  31.116 +#33 := (= #11 -1::int)
  31.117 +#34 := [rewrite]: #33
  31.118 +#37 := [monotonicity #34]: #36
  31.119 +#40 := [monotonicity #37]: #39
  31.120 +#43 := [monotonicity #40]: #42
  31.121 +#78 := [trans #43 #76]: #77
  31.122 +#31 := [asserted]: #15
  31.123 +#79 := [mp #31 #78]: #64
  31.124 +#126 := [mp~ #79 #97]: #95
  31.125 +#266 := (not #95)
  31.126 +#396 := (or #609 #266)
  31.127 +#603 := [th-lemma]: #396
  31.128 +#277 := [unit-resolution #603 #126]: #609
  31.129 +#278 := [hypothesis]: #290
  31.130 +#611 := (or #610 #607)
  31.131 +#612 := [th-lemma]: #611
  31.132 +#613 := [unit-resolution #612 #278 #277]: false
  31.133 +#608 := [lemma #613]: #610
  31.134 +#289 := (or z3name!0 #290)
  31.135 +#293 := [def-axiom]: #289
  31.136 +#308 := [unit-resolution #293 #608]: z3name!0
  31.137 +#129 := (or #55 #84)
  31.138 +decl ?x1!1 :: int
  31.139 +#108 := ?x1!1
  31.140 +#111 := (>= ?x1!1 0::int)
  31.141 +#112 := (not #111)
  31.142 +#109 := (<= ?x1!1 0::int)
  31.143 +#110 := (not #109)
  31.144 +#132 := (or #110 #112)
  31.145 +#135 := (not #132)
  31.146 +#138 := (or z3name!0 #135)
  31.147 +#141 := (and #129 #138)
  31.148 +#113 := (or #112 #110)
  31.149 +#114 := (not #113)
  31.150 +#119 := (or z3name!0 #114)
  31.151 +#122 := (and #85 #119)
  31.152 +#142 := (iff #122 #141)
  31.153 +#139 := (iff #119 #138)
  31.154 +#136 := (iff #114 #135)
  31.155 +#133 := (iff #113 #132)
  31.156 +#134 := [rewrite]: #133
  31.157 +#137 := [monotonicity #134]: #136
  31.158 +#140 := [monotonicity #137]: #139
  31.159 +#130 := (iff #85 #129)
  31.160 +#131 := [rewrite]: #130
  31.161 +#143 := [monotonicity #131 #140]: #142
  31.162 +#123 := (~ #88 #122)
  31.163 +#120 := (~ #87 #119)
  31.164 +#115 := (~ #86 #114)
  31.165 +#116 := [sk]: #115
  31.166 +#106 := (~ z3name!0 z3name!0)
  31.167 +#107 := [refl]: #106
  31.168 +#121 := [monotonicity #107 #116]: #120
  31.169 +#104 := (~ #85 #85)
  31.170 +#102 := (~ #55 #55)
  31.171 +#100 := (~ #52 #52)
  31.172 +#101 := [refl]: #100
  31.173 +#103 := [nnf-pos #101]: #102
  31.174 +#98 := (~ #84 #84)
  31.175 +#99 := [refl]: #98
  31.176 +#105 := [monotonicity #99 #103]: #104
  31.177 +#124 := [monotonicity #105 #121]: #123
  31.178 +#125 := [mp~ #89 #124]: #122
  31.179 +#127 := [mp #125 #143]: #141
  31.180 +#128 := [and-elim #127]: #129
  31.181 +#582 := [unit-resolution #128 #308]: #55
  31.182 +[unit-resolution #582 #307]: false
  31.183 +unsat
    32.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    32.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_14	Tue Oct 20 10:11:30 2009 +0200
    32.3 @@ -0,0 +1,4 @@
    32.4 +(benchmark Isabelle
    32.5 +:assumption (not (not (exists (?x1 Int) (?x2 Int) (?x3 Int) (= (+ (* 4 ?x1) (* (~ 6) ?x2)) 1))))
    32.6 +:formula true
    32.7 +)
    33.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    33.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_14.proof	Tue Oct 20 10:11:30 2009 +0200
    33.3 @@ -0,0 +1,103 @@
    33.4 +#2 := false
    33.5 +#104 := -1::int
    33.6 +decl ?x1!1 :: int
    33.7 +#86 := ?x1!1
    33.8 +#106 := -4::int
    33.9 +#107 := (* -4::int ?x1!1)
   33.10 +decl ?x2!0 :: int
   33.11 +#85 := ?x2!0
   33.12 +#7 := 6::int
   33.13 +#105 := (* 6::int ?x2!0)
   33.14 +#108 := (+ #105 #107)
   33.15 +#168 := (<= #108 -1::int)
   33.16 +#109 := (= #108 -1::int)
   33.17 +#12 := 1::int
   33.18 +#33 := -6::int
   33.19 +#87 := (* -6::int ?x2!0)
   33.20 +#4 := 4::int
   33.21 +#88 := (* 4::int ?x1!1)
   33.22 +#89 := (+ #88 #87)
   33.23 +#90 := (= #89 1::int)
   33.24 +#112 := (iff #90 #109)
   33.25 +#98 := (+ #87 #88)
   33.26 +#101 := (= #98 1::int)
   33.27 +#110 := (iff #101 #109)
   33.28 +#111 := [rewrite]: #110
   33.29 +#102 := (iff #90 #101)
   33.30 +#99 := (= #89 #98)
   33.31 +#100 := [rewrite]: #99
   33.32 +#103 := [monotonicity #100]: #102
   33.33 +#113 := [trans #103 #111]: #112
   33.34 +#53 := (:var 0 int)
   33.35 +#54 := (* -6::int #53)
   33.36 +#9 := (:var 1 int)
   33.37 +#55 := (* 4::int #9)
   33.38 +#56 := (+ #55 #54)
   33.39 +#76 := (= #56 1::int)
   33.40 +#74 := (exists (vars (?x1 int) (?x2 int)) #76)
   33.41 +#91 := (~ #74 #90)
   33.42 +#92 := [sk]: #91
   33.43 +#8 := (- 6::int)
   33.44 +#10 := (* #8 #9)
   33.45 +#5 := (:var 2 int)
   33.46 +#6 := (* 4::int #5)
   33.47 +#11 := (+ #6 #10)
   33.48 +#13 := (= #11 1::int)
   33.49 +#14 := (exists (vars (?x1 int) (?x2 int) (?x3 int)) #13)
   33.50 +#15 := (not #14)
   33.51 +#16 := (not #15)
   33.52 +#79 := (iff #16 #74)
   33.53 +#57 := (= 1::int #56)
   33.54 +#58 := (exists (vars (?x1 int) (?x2 int)) #57)
   33.55 +#77 := (iff #58 #74)
   33.56 +#75 := (iff #57 #76)
   33.57 +#73 := [rewrite]: #75
   33.58 +#78 := [quant-intro #73]: #77
   33.59 +#71 := (iff #16 #58)
   33.60 +#63 := (not #58)
   33.61 +#66 := (not #63)
   33.62 +#69 := (iff #66 #58)
   33.63 +#70 := [rewrite]: #69
   33.64 +#67 := (iff #16 #66)
   33.65 +#64 := (iff #15 #63)
   33.66 +#61 := (iff #14 #58)
   33.67 +#36 := (* -6::int #9)
   33.68 +#39 := (+ #6 #36)
   33.69 +#45 := (= 1::int #39)
   33.70 +#50 := (exists (vars (?x1 int) (?x2 int) (?x3 int)) #45)
   33.71 +#59 := (iff #50 #58)
   33.72 +#60 := [elim-unused]: #59
   33.73 +#51 := (iff #14 #50)
   33.74 +#48 := (iff #13 #45)
   33.75 +#42 := (= #39 1::int)
   33.76 +#46 := (iff #42 #45)
   33.77 +#47 := [rewrite]: #46
   33.78 +#43 := (iff #13 #42)
   33.79 +#40 := (= #11 #39)
   33.80 +#37 := (= #10 #36)
   33.81 +#34 := (= #8 -6::int)
   33.82 +#35 := [rewrite]: #34
   33.83 +#38 := [monotonicity #35]: #37
   33.84 +#41 := [monotonicity #38]: #40
   33.85 +#44 := [monotonicity #41]: #43
   33.86 +#49 := [trans #44 #47]: #48
   33.87 +#52 := [quant-intro #49]: #51
   33.88 +#62 := [trans #52 #60]: #61
   33.89 +#65 := [monotonicity #62]: #64
   33.90 +#68 := [monotonicity #65]: #67
   33.91 +#72 := [trans #68 #70]: #71
   33.92 +#80 := [trans #72 #78]: #79
   33.93 +#32 := [asserted]: #16
   33.94 +#81 := [mp #32 #80]: #74
   33.95 +#95 := [mp~ #81 #92]: #90
   33.96 +#96 := [mp #95 #113]: #109
   33.97 +#170 := (not #109)
   33.98 +#171 := (or #170 #168)
   33.99 +#172 := [th-lemma]: #171
  33.100 +#173 := [unit-resolution #172 #96]: #168
  33.101 +#169 := (>= #108 -1::int)
  33.102 +#174 := (or #170 #169)
  33.103 +#175 := [th-lemma]: #174
  33.104 +#176 := [unit-resolution #175 #96]: #169
  33.105 +[th-lemma #176 #173]: false
  33.106 +unsat
    34.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    34.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_15	Tue Oct 20 10:11:30 2009 +0200
    34.3 @@ -0,0 +1,4 @@
    34.4 +(benchmark Isabelle
    34.5 +:assumption (not (exists (?x1 Int) (forall (?x2 Int) (?x3 Int) (implies (and (< 0 ?x2) (< 0 ?x3)) (< 0 (+ ?x2 ?x3))))))
    34.6 +:formula true
    34.7 +)
    35.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    35.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_15.proof	Tue Oct 20 10:11:30 2009 +0200
    35.3 @@ -0,0 +1,107 @@
    35.4 +#2 := false
    35.5 +#4 := 0::int
    35.6 +decl ?x2!1 :: int
    35.7 +#83 := ?x2!1
    35.8 +decl ?x3!0 :: int
    35.9 +#82 := ?x3!0
   35.10 +#108 := (+ ?x3!0 ?x2!1)
   35.11 +#111 := (<= #108 0::int)
   35.12 +#114 := (not #111)
   35.13 +#89 := (<= ?x2!1 0::int)
   35.14 +#90 := (not #89)
   35.15 +#87 := (<= ?x3!0 0::int)
   35.16 +#88 := (not #87)
   35.17 +#102 := (and #88 #90)
   35.18 +#105 := (not #102)
   35.19 +#117 := (or #105 #114)
   35.20 +#120 := (not #117)
   35.21 +#84 := (+ ?x2!1 ?x3!0)
   35.22 +#85 := (<= #84 0::int)
   35.23 +#86 := (not #85)
   35.24 +#91 := (and #90 #88)
   35.25 +#92 := (not #91)
   35.26 +#93 := (or #92 #86)
   35.27 +#94 := (not #93)
   35.28 +#121 := (iff #94 #120)
   35.29 +#118 := (iff #93 #117)
   35.30 +#115 := (iff #86 #114)
   35.31 +#112 := (iff #85 #111)
   35.32 +#109 := (= #84 #108)
   35.33 +#110 := [rewrite]: #109
   35.34 +#113 := [monotonicity #110]: #112
   35.35 +#116 := [monotonicity #113]: #115
   35.36 +#106 := (iff #92 #105)
   35.37 +#103 := (iff #91 #102)
   35.38 +#104 := [rewrite]: #103
   35.39 +#107 := [monotonicity #104]: #106
   35.40 +#119 := [monotonicity #107 #116]: #118
   35.41 +#122 := [monotonicity #119]: #121
   35.42 +#7 := (:var 0 int)
   35.43 +#5 := (:var 1 int)
   35.44 +#10 := (+ #5 #7)
   35.45 +#63 := (<= #10 0::int)
   35.46 +#64 := (not #63)
   35.47 +#53 := (<= #7 0::int)
   35.48 +#54 := (not #53)
   35.49 +#49 := (<= #5 0::int)
   35.50 +#50 := (not #49)
   35.51 +#57 := (and #50 #54)
   35.52 +#60 := (not #57)
   35.53 +#67 := (or #60 #64)
   35.54 +#70 := (forall (vars (?x2 int) (?x3 int)) #67)
   35.55 +#73 := (not #70)
   35.56 +#95 := (~ #73 #94)
   35.57 +#96 := [sk]: #95
   35.58 +#11 := (< 0::int #10)
   35.59 +#8 := (< 0::int #7)
   35.60 +#6 := (< 0::int #5)
   35.61 +#9 := (and #6 #8)
   35.62 +#12 := (implies #9 #11)
   35.63 +#13 := (forall (vars (?x2 int) (?x3 int)) #12)
   35.64 +#14 := (exists (vars (?x1 int)) #13)
   35.65 +#15 := (not #14)
   35.66 +#76 := (iff #15 #73)
   35.67 +#32 := (not #9)
   35.68 +#33 := (or #32 #11)
   35.69 +#36 := (forall (vars (?x2 int) (?x3 int)) #33)
   35.70 +#46 := (not #36)
   35.71 +#74 := (iff #46 #73)
   35.72 +#71 := (iff #36 #70)
   35.73 +#68 := (iff #33 #67)
   35.74 +#65 := (iff #11 #64)
   35.75 +#66 := [rewrite]: #65
   35.76 +#61 := (iff #32 #60)
   35.77 +#58 := (iff #9 #57)
   35.78 +#55 := (iff #8 #54)
   35.79 +#56 := [rewrite]: #55
   35.80 +#51 := (iff #6 #50)
   35.81 +#52 := [rewrite]: #51
   35.82 +#59 := [monotonicity #52 #56]: #58
   35.83 +#62 := [monotonicity #59]: #61
   35.84 +#69 := [monotonicity #62 #66]: #68
   35.85 +#72 := [quant-intro #69]: #71
   35.86 +#75 := [monotonicity #72]: #74
   35.87 +#47 := (iff #15 #46)
   35.88 +#44 := (iff #14 #36)
   35.89 +#39 := (exists (vars (?x1 int)) #36)
   35.90 +#42 := (iff #39 #36)
   35.91 +#43 := [elim-unused]: #42
   35.92 +#40 := (iff #14 #39)
   35.93 +#37 := (iff #13 #36)
   35.94 +#34 := (iff #12 #33)
   35.95 +#35 := [rewrite]: #34
   35.96 +#38 := [quant-intro #35]: #37
   35.97 +#41 := [quant-intro #38]: #40
   35.98 +#45 := [trans #41 #43]: #44
   35.99 +#48 := [monotonicity #45]: #47
  35.100 +#77 := [trans #48 #75]: #76
  35.101 +#31 := [asserted]: #15
  35.102 +#78 := [mp #31 #77]: #73
  35.103 +#99 := [mp~ #78 #96]: #94
  35.104 +#100 := [mp #99 #122]: #120
  35.105 +#125 := [not-or-elim #100]: #111
  35.106 +#101 := [not-or-elim #100]: #102
  35.107 +#124 := [and-elim #101]: #90
  35.108 +#123 := [and-elim #101]: #88
  35.109 +[th-lemma #123 #124 #125]: false
  35.110 +unsat
    36.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    36.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_16	Tue Oct 20 10:11:30 2009 +0200
    36.3 @@ -0,0 +1,4 @@
    36.4 +(benchmark Isabelle
    36.5 +:assumption (not (exists (?x1 Int) (forall (?x2 Int) (?x3 Real) (implies (and (< 0 ?x2) (< 0.0 ?x3)) (< (~ 1) ?x2)))))
    36.6 +:formula true
    36.7 +)
    37.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    37.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_16.proof	Tue Oct 20 10:11:30 2009 +0200
    37.3 @@ -0,0 +1,117 @@
    37.4 +#2 := false
    37.5 +#4 := 0::int
    37.6 +decl ?x2!1 :: int
    37.7 +#91 := ?x2!1
    37.8 +#98 := (<= ?x2!1 0::int)
    37.9 +#99 := (not #98)
   37.10 +#7 := 0::real
   37.11 +decl ?x3!0 :: real
   37.12 +#93 := ?x3!0
   37.13 +#96 := (<= ?x3!0 0::real)
   37.14 +#97 := (not #96)
   37.15 +#111 := (and #97 #99)
   37.16 +#114 := (not #111)
   37.17 +#33 := -1::int
   37.18 +#94 := (<= ?x2!1 -1::int)
   37.19 +#95 := (not #94)
   37.20 +#120 := (or #95 #114)
   37.21 +#125 := (not #120)
   37.22 +#100 := (and #99 #97)
   37.23 +#101 := (not #100)
   37.24 +#102 := (or #101 #95)
   37.25 +#103 := (not #102)
   37.26 +#126 := (iff #103 #125)
   37.27 +#123 := (iff #102 #120)
   37.28 +#117 := (or #114 #95)
   37.29 +#121 := (iff #117 #120)
   37.30 +#122 := [rewrite]: #121
   37.31 +#118 := (iff #102 #117)
   37.32 +#115 := (iff #101 #114)
   37.33 +#112 := (iff #100 #111)
   37.34 +#113 := [rewrite]: #112
   37.35 +#116 := [monotonicity #113]: #115
   37.36 +#119 := [monotonicity #116]: #118
   37.37 +#124 := [trans #119 #122]: #123
   37.38 +#127 := [monotonicity #124]: #126
   37.39 +#5 := (:var 1 int)
   37.40 +#75 := (<= #5 -1::int)
   37.41 +#76 := (not #75)
   37.42 +#8 := (:var 0 real)
   37.43 +#65 := (<= #8 0::real)
   37.44 +#66 := (not #65)
   37.45 +#61 := (<= #5 0::int)
   37.46 +#62 := (not #61)
   37.47 +#69 := (and #62 #66)
   37.48 +#72 := (not #69)
   37.49 +#79 := (or #72 #76)
   37.50 +#82 := (forall (vars (?x2 int) (?x3 real)) #79)
   37.51 +#85 := (not #82)
   37.52 +#104 := (~ #85 #103)
   37.53 +#105 := [sk]: #104
   37.54 +#11 := 1::int
   37.55 +#12 := (- 1::int)
   37.56 +#13 := (< #12 #5)
   37.57 +#9 := (< 0::real #8)
   37.58 +#6 := (< 0::int #5)
   37.59 +#10 := (and #6 #9)
   37.60 +#14 := (implies #10 #13)
   37.61 +#15 := (forall (vars (?x2 int) (?x3 real)) #14)
   37.62 +#16 := (exists (vars (?x1 int)) #15)
   37.63 +#17 := (not #16)
   37.64 +#88 := (iff #17 #85)
   37.65 +#36 := (< -1::int #5)
   37.66 +#42 := (not #10)
   37.67 +#43 := (or #42 #36)
   37.68 +#48 := (forall (vars (?x2 int) (?x3 real)) #43)
   37.69 +#58 := (not #48)
   37.70 +#86 := (iff #58 #85)
   37.71 +#83 := (iff #48 #82)
   37.72 +#80 := (iff #43 #79)
   37.73 +#77 := (iff #36 #76)
   37.74 +#78 := [rewrite]: #77
   37.75 +#73 := (iff #42 #72)
   37.76 +#70 := (iff #10 #69)
   37.77 +#67 := (iff #9 #66)
   37.78 +#68 := [rewrite]: #67
   37.79 +#63 := (iff #6 #62)
   37.80 +#64 := [rewrite]: #63
   37.81 +#71 := [monotonicity #64 #68]: #70
   37.82 +#74 := [monotonicity #71]: #73
   37.83 +#81 := [monotonicity #74 #78]: #80
   37.84 +#84 := [quant-intro #81]: #83
   37.85 +#87 := [monotonicity #84]: #86
   37.86 +#59 := (iff #17 #58)
   37.87 +#56 := (iff #16 #48)
   37.88 +#51 := (exists (vars (?x1 int)) #48)
   37.89 +#54 := (iff #51 #48)
   37.90 +#55 := [elim-unused]: #54
   37.91 +#52 := (iff #16 #51)
   37.92 +#49 := (iff #15 #48)
   37.93 +#46 := (iff #14 #43)
   37.94 +#39 := (implies #10 #36)
   37.95 +#44 := (iff #39 #43)
   37.96 +#45 := [rewrite]: #44
   37.97 +#40 := (iff #14 #39)
   37.98 +#37 := (iff #13 #36)
   37.99 +#34 := (= #12 -1::int)
  37.100 +#35 := [rewrite]: #34
  37.101 +#38 := [monotonicity #35]: #37
  37.102 +#41 := [monotonicity #38]: #40
  37.103 +#47 := [trans #41 #45]: #46
  37.104 +#50 := [quant-intro #47]: #49
  37.105 +#53 := [quant-intro #50]: #52
  37.106 +#57 := [trans #53 #55]: #56
  37.107 +#60 := [monotonicity #57]: #59
  37.108 +#89 := [trans #60 #87]: #88
  37.109 +#32 := [asserted]: #17
  37.110 +#90 := [mp #32 #89]: #85
  37.111 +#108 := [mp~ #90 #105]: #103
  37.112 +#109 := [mp #108 #127]: #125
  37.113 +#128 := [not-or-elim #109]: #111
  37.114 +#130 := [and-elim #128]: #99
  37.115 +#110 := [not-or-elim #109]: #94
  37.116 +#186 := (or #95 #98)
  37.117 +#187 := [th-lemma]: #186
  37.118 +#188 := [unit-resolution #187 #110]: #98
  37.119 +[unit-resolution #188 #130]: false
  37.120 +unsat
    38.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    38.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_17	Tue Oct 20 10:11:30 2009 +0200
    38.3 @@ -0,0 +1,4 @@
    38.4 +(benchmark Isabelle
    38.5 +:assumption (not (exists (?x1 Int) (implies (forall (?x2 Int) (implies (<= ?x1 ?x2) (< 0 ?x2))) (< 0 ?x1))))
    38.6 +:formula true
    38.7 +)
    39.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    39.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_17.proof	Tue Oct 20 10:11:30 2009 +0200
    39.3 @@ -0,0 +1,148 @@
    39.4 +#2 := false
    39.5 +#144 := (not false)
    39.6 +#7 := 0::int
    39.7 +#5 := (:var 0 int)
    39.8 +#52 := (<= #5 0::int)
    39.9 +#53 := (not #52)
   39.10 +#147 := (or #53 #144)
   39.11 +#150 := (not #147)
   39.12 +#153 := (forall (vars (?x1 int)) #150)
   39.13 +#180 := (iff #153 false)
   39.14 +#175 := (forall (vars (?x1 int)) false)
   39.15 +#178 := (iff #175 false)
   39.16 +#179 := [elim-unused]: #178
   39.17 +#176 := (iff #153 #175)
   39.18 +#173 := (iff #150 false)
   39.19 +#1 := true
   39.20 +#168 := (not true)
   39.21 +#171 := (iff #168 false)
   39.22 +#172 := [rewrite]: #171
   39.23 +#169 := (iff #150 #168)
   39.24 +#166 := (iff #147 true)
   39.25 +#161 := (or #53 true)
   39.26 +#164 := (iff #161 true)
   39.27 +#165 := [rewrite]: #164
   39.28 +#162 := (iff #147 #161)
   39.29 +#159 := (iff #144 true)
   39.30 +#160 := [rewrite]: #159
   39.31 +#163 := [monotonicity #160]: #162
   39.32 +#167 := [trans #163 #165]: #166
   39.33 +#170 := [monotonicity #167]: #169
   39.34 +#174 := [trans #170 #172]: #173
   39.35 +#177 := [quant-intro #174]: #176
   39.36 +#181 := [trans #177 #179]: #180
   39.37 +#56 := -1::int
   39.38 +#57 := (* -1::int #5)
   39.39 +#4 := (:var 1 int)
   39.40 +#58 := (+ #4 #57)
   39.41 +#59 := (<= #58 0::int)
   39.42 +#62 := (not #59)
   39.43 +#68 := (or #53 #62)
   39.44 +#73 := (forall (vars (?x2 int)) #68)
   39.45 +#76 := (not #73)
   39.46 +#79 := (or #53 #76)
   39.47 +#105 := (not #79)
   39.48 +#123 := (forall (vars (?x1 int)) #105)
   39.49 +#156 := (iff #123 #153)
   39.50 +#127 := (forall (vars (?x2 int)) #53)
   39.51 +#130 := (not #127)
   39.52 +#133 := (or #53 #130)
   39.53 +#136 := (not #133)
   39.54 +#139 := (forall (vars (?x1 int)) #136)
   39.55 +#154 := (iff #139 #153)
   39.56 +#155 := [rewrite]: #154
   39.57 +#140 := (iff #123 #139)
   39.58 +#141 := [rewrite]: #140
   39.59 +#157 := [trans #141 #155]: #156
   39.60 +#116 := (and #52 #73)
   39.61 +#119 := (forall (vars (?x1 int)) #116)
   39.62 +#124 := (iff #119 #123)
   39.63 +#113 := (iff #116 #105)
   39.64 +#122 := [rewrite]: #113
   39.65 +#125 := [quant-intro #122]: #124
   39.66 +#94 := (not #53)
   39.67 +#104 := (and #94 #73)
   39.68 +#108 := (forall (vars (?x1 int)) #104)
   39.69 +#120 := (iff #108 #119)
   39.70 +#117 := (iff #104 #116)
   39.71 +#114 := (iff #94 #52)
   39.72 +#115 := [rewrite]: #114
   39.73 +#118 := [monotonicity #115]: #117
   39.74 +#121 := [quant-intro #118]: #120
   39.75 +#82 := (exists (vars (?x1 int)) #79)
   39.76 +#85 := (not #82)
   39.77 +#109 := (~ #85 #108)
   39.78 +#106 := (~ #105 #104)
   39.79 +#101 := (not #76)
   39.80 +#102 := (~ #101 #73)
   39.81 +#99 := (~ #73 #73)
   39.82 +#97 := (~ #68 #68)
   39.83 +#98 := [refl]: #97
   39.84 +#100 := [nnf-pos #98]: #99
   39.85 +#103 := [nnf-neg #100]: #102
   39.86 +#95 := (~ #94 #94)
   39.87 +#96 := [refl]: #95
   39.88 +#107 := [nnf-neg #96 #103]: #106
   39.89 +#110 := [nnf-neg #107]: #109
   39.90 +#8 := (< 0::int #5)
   39.91 +#6 := (<= #4 #5)
   39.92 +#9 := (implies #6 #8)
   39.93 +#10 := (forall (vars (?x2 int)) #9)
   39.94 +#11 := (implies #10 #8)
   39.95 +#12 := (exists (vars (?x1 int)) #11)
   39.96 +#13 := (not #12)
   39.97 +#88 := (iff #13 #85)
   39.98 +#30 := (not #6)
   39.99 +#31 := (or #30 #8)
  39.100 +#34 := (forall (vars (?x2 int)) #31)
  39.101 +#40 := (not #34)
  39.102 +#41 := (or #8 #40)
  39.103 +#46 := (exists (vars (?x1 int)) #41)
  39.104 +#49 := (not #46)
  39.105 +#86 := (iff #49 #85)
  39.106 +#83 := (iff #46 #82)
  39.107 +#80 := (iff #41 #79)
  39.108 +#77 := (iff #40 #76)
  39.109 +#74 := (iff #34 #73)
  39.110 +#71 := (iff #31 #68)
  39.111 +#65 := (or #62 #53)
  39.112 +#69 := (iff #65 #68)
  39.113 +#70 := [rewrite]: #69
  39.114 +#66 := (iff #31 #65)
  39.115 +#54 := (iff #8 #53)
  39.116 +#55 := [rewrite]: #54
  39.117 +#63 := (iff #30 #62)
  39.118 +#60 := (iff #6 #59)
  39.119 +#61 := [rewrite]: #60
  39.120 +#64 := [monotonicity #61]: #63
  39.121 +#67 := [monotonicity #64 #55]: #66
  39.122 +#72 := [trans #67 #70]: #71
  39.123 +#75 := [quant-intro #72]: #74
  39.124 +#78 := [monotonicity #75]: #77
  39.125 +#81 := [monotonicity #55 #78]: #80
  39.126 +#84 := [quant-intro #81]: #83
  39.127 +#87 := [monotonicity #84]: #86
  39.128 +#50 := (iff #13 #49)
  39.129 +#47 := (iff #12 #46)
  39.130 +#44 := (iff #11 #41)
  39.131 +#37 := (implies #34 #8)
  39.132 +#42 := (iff #37 #41)
  39.133 +#43 := [rewrite]: #42
  39.134 +#38 := (iff #11 #37)
  39.135 +#35 := (iff #10 #34)
  39.136 +#32 := (iff #9 #31)
  39.137 +#33 := [rewrite]: #32
  39.138 +#36 := [quant-intro #33]: #35
  39.139 +#39 := [monotonicity #36]: #38
  39.140 +#45 := [trans #39 #43]: #44
  39.141 +#48 := [quant-intro #45]: #47
  39.142 +#51 := [monotonicity #48]: #50
  39.143 +#89 := [trans #51 #87]: #88
  39.144 +#29 := [asserted]: #13
  39.145 +#90 := [mp #29 #89]: #85
  39.146 +#111 := [mp~ #90 #110]: #108
  39.147 +#112 := [mp #111 #121]: #119
  39.148 +#126 := [mp #112 #125]: #123
  39.149 +#158 := [mp #126 #157]: #153
  39.150 +[mp #158 #181]: false
  39.151 +unsat
    40.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    40.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_18	Tue Oct 20 10:11:30 2009 +0200
    40.3 @@ -0,0 +1,7 @@
    40.4 +(benchmark Isabelle
    40.5 +:extrafuns (
    40.6 +  (uf_1 Int)
    40.7 + )
    40.8 +:assumption (not (forall (?x1 Int) (implies (< ?x1 uf_1) (< (* 2 ?x1) (* 2 uf_1))) :pat{ ?x1 }))
    40.9 +:formula true
   40.10 +)
    41.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    41.2 +++ b/src/HOL/SMT/Examples/cert/z3_arith_quant_18.proof	Tue Oct 20 10:11:30 2009 +0200
    41.3 @@ -0,0 +1,112 @@
    41.4 +#2 := false
    41.5 +#43 := 0::int
    41.6 +decl ?x1!0 :: int
    41.7 +#78 := ?x1!0
    41.8 +#56 := -2::int
    41.9 +#113 := (* -2::int ?x1!0)
   41.10 +decl uf_1 :: int
   41.11 +#6 := uf_1
   41.12 +#8 := 2::int
   41.13 +#10 := (* 2::int uf_1)
   41.14 +#114 := (+ #10 #113)
   41.15 +#115 := (<= #114 0::int)
   41.16 +#120 := (not #115)
   41.17 +#41 := -1::int
   41.18 +#100 := (* -1::int ?x1!0)
   41.19 +#101 := (+ uf_1 #100)
   41.20 +#102 := (<= #101 0::int)
   41.21 +#123 := (or #102 #120)
   41.22 +#126 := (not #123)
   41.23 +#59 := (* -2::int uf_1)
   41.24 +#79 := (* 2::int ?x1!0)
   41.25 +#80 := (+ #79 #59)
   41.26 +#81 := (>= #80 0::int)
   41.27 +#82 := (not #81)
   41.28 +#45 := (* -1::int uf_1)
   41.29 +#83 := (+ ?x1!0 #45)
   41.30 +#84 := (>= #83 0::int)
   41.31 +#85 := (or #84 #82)
   41.32 +#86 := (not #85)
   41.33 +#127 := (iff #86 #126)
   41.34 +#124 := (iff #85 #123)
   41.35 +#121 := (iff #82 #120)
   41.36 +#118 := (iff #81 #115)
   41.37 +#107 := (+ #59 #79)
   41.38 +#110 := (>= #107 0::int)
   41.39 +#116 := (iff #110 #115)
   41.40 +#117 := [rewrite]: #116
   41.41 +#111 := (iff #81 #110)
   41.42 +#108 := (= #80 #107)
   41.43 +#109 := [rewrite]: #108
   41.44 +#112 := [monotonicity #109]: #111
   41.45 +#119 := [trans #112 #117]: #118
   41.46 +#122 := [monotonicity #119]: #121
   41.47 +#105 := (iff #84 #102)
   41.48 +#94 := (+ #45 ?x1!0)
   41.49 +#97 := (>= #94 0::int)
   41.50 +#103 := (iff #97 #102)
   41.51 +#104 := [rewrite]: #103
   41.52 +#98 := (iff #84 #97)
   41.53 +#95 := (= #83 #94)
   41.54 +#96 := [rewrite]: #95
   41.55 +#99 := [monotonicity #96]: #98
   41.56 +#106 := [trans #99 #104]: #105
   41.57 +#125 := [monotonicity #106 #122]: #124
   41.58 +#128 := [monotonicity #125]: #127
   41.59 +#4 := (:var 0 int)
   41.60 +#5 := (pattern #4)
   41.61 +#9 := (* 2::int #4)
   41.62 +#60 := (+ #9 #59)
   41.63 +#58 := (>= #60 0::int)
   41.64 +#57 := (not #58)
   41.65 +#46 := (+ #4 #45)
   41.66 +#44 := (>= #46 0::int)
   41.67 +#63 := (or #44 #57)
   41.68 +#66 := (forall (vars (?x1 int)) (:pat #5) #63)
   41.69 +#69 := (not #66)
   41.70 +#87 := (~ #69 #86)
   41.71 +#88 := [sk]: #87
   41.72 +#11 := (< #9 #10)
   41.73 +#7 := (< #4 uf_1)
   41.74 +#12 := (implies #7 #11)
   41.75 +#13 := (forall (vars (?x1 int)) (:pat #5) #12)
   41.76 +#14 := (not #13)
   41.77 +#72 := (iff #14 #69)
   41.78 +#31 := (not #7)
   41.79 +#32 := (or #31 #11)
   41.80 +#35 := (forall (vars (?x1 int)) (:pat #5) #32)
   41.81 +#38 := (not #35)
   41.82 +#70 := (iff #38 #69)
   41.83 +#67 := (iff #35 #66)
   41.84 +#64 := (iff #32 #63)
   41.85 +#61 := (iff #11 #57)
   41.86 +#62 := [rewrite]: #61
   41.87 +#54 := (iff #31 #44)
   41.88 +#42 := (not #44)
   41.89 +#49 := (not #42)
   41.90 +#52 := (iff #49 #44)
   41.91 +#53 := [rewrite]: #52
   41.92 +#50 := (iff #31 #49)
   41.93 +#47 := (iff #7 #42)
   41.94 +#48 := [rewrite]: #47
   41.95 +#51 := [monotonicity #48]: #50
   41.96 +#55 := [trans #51 #53]: #54
   41.97 +#65 := [monotonicity #55 #62]: #64
   41.98 +#68 := [quant-intro #65]: #67
   41.99 +#71 := [monotonicity #68]: #70
  41.100 +#39 := (iff #14 #38)
  41.101 +#36 := (iff #13 #35)
  41.102 +#33 := (iff #12 #32)
  41.103 +#34 := [rewrite]: #33
  41.104 +#37 := [quant-intro #34]: #36
  41.105 +#40 := [monotonicity #37]: #39
  41.106 +#73 := [trans #40 #71]: #72
  41.107 +#30 := [asserted]: #14
  41.108 +#74 := [mp #30 #73]: #69
  41.109 +#91 := [mp~ #74 #88]: #86
  41.110 +#92 := [mp #91 #128]: #126
  41.111 +#130 := [not-or-elim #92]: #115
  41.112 +#93 := (not #102)
  41.113 +#129 := [not-or-elim #92]: #93
  41.114 +[th-lemma #129 #130]: false
  41.115 +unsat
    42.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    42.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_01	Tue Oct 20 10:11:30 2009 +0200
    42.3 @@ -0,0 +1,12 @@
    42.4 +(benchmark Isabelle
    42.5 +:extrafuns (
    42.6 +  (uf_1 BitVec[2] Int)
    42.7 + )
    42.8 +:assumption (= (uf_1 bv0[2]) 0)
    42.9 +:assumption (= (uf_1 bv1[2]) 1)
   42.10 +:assumption (= (uf_1 bv2[2]) 2)
   42.11 +:assumption (= (uf_1 bv3[2]) 3)
   42.12 +:assumption (forall (?x1 BitVec[2]) (< 0 (uf_1 ?x1)))
   42.13 +:assumption (not (forall (?x2 Int) (implies (< ?x2 0) (forall (?x3 BitVec[2]) (< ?x2 (uf_1 ?x3))))))
   42.14 +:formula true
   42.15 +)
    43.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    43.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_01.proof	Tue Oct 20 10:11:30 2009 +0200
    43.3 @@ -0,0 +1,43 @@
    43.4 +#2 := false
    43.5 +#6 := 0::int
    43.6 +decl uf_1 :: (-> bv[2] int)
    43.7 +#4 := bv[0:2]
    43.8 +#5 := (uf_1 bv[0:2])
    43.9 +#225 := (<= #5 0::int)
   43.10 +#311 := (not #225)
   43.11 +#20 := (:var 0 bv[2])
   43.12 +#21 := (uf_1 #20)
   43.13 +#640 := (pattern #21)
   43.14 +#54 := (<= #21 0::int)
   43.15 +#55 := (not #54)
   43.16 +#641 := (forall (vars (?x1 bv[2])) (:pat #640) #55)
   43.17 +#58 := (forall (vars (?x1 bv[2])) #55)
   43.18 +#644 := (iff #58 #641)
   43.19 +#642 := (iff #55 #55)
   43.20 +#643 := [refl]: #642
   43.21 +#645 := [quant-intro #643]: #644
   43.22 +#113 := (~ #58 #58)
   43.23 +#115 := (~ #55 #55)
   43.24 +#116 := [refl]: #115
   43.25 +#114 := [nnf-pos #116]: #113
   43.26 +#22 := (< 0::int #21)
   43.27 +#23 := (forall (vars (?x1 bv[2])) #22)
   43.28 +#59 := (iff #23 #58)
   43.29 +#56 := (iff #22 #55)
   43.30 +#57 := [rewrite]: #56
   43.31 +#60 := [quant-intro #57]: #59
   43.32 +#51 := [asserted]: #23
   43.33 +#61 := [mp #51 #60]: #58
   43.34 +#111 := [mp~ #61 #114]: #58
   43.35 +#646 := [mp #111 #645]: #641
   43.36 +#227 := (not #641)
   43.37 +#313 := (or #227 #311)
   43.38 +#304 := [quant-inst]: #313
   43.39 +#635 := [unit-resolution #304 #646]: #311
   43.40 +#7 := (= #5 0::int)
   43.41 +#47 := [asserted]: #7
   43.42 +#638 := (not #7)
   43.43 +#633 := (or #638 #225)
   43.44 +#639 := [th-lemma]: #633
   43.45 +[unit-resolution #639 #47 #635]: false
   43.46 +unsat
    44.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    44.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_02	Tue Oct 20 10:11:30 2009 +0200
    44.3 @@ -0,0 +1,12 @@
    44.4 +(benchmark Isabelle
    44.5 +:extrasorts ( T2 T1)
    44.6 +:extrafuns (
    44.7 +  (uf_2 T1)
    44.8 +  (uf_1 BitVec[4] BitVec[4] T1)
    44.9 +  (uf_3 T1 T2)
   44.10 +  (uf_4 BitVec[4])
   44.11 + )
   44.12 +:assumption (forall (?x1 BitVec[4]) (?x2 BitVec[4]) (iff (= (uf_1 ?x1 ?x2) uf_2) (bvule ?x1 ?x2)))
   44.13 +:assumption (not (= (uf_3 (uf_1 bv0[4] uf_4)) (uf_3 uf_2)))
   44.14 +:formula true
   44.15 +)
    45.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    45.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_02.proof	Tue Oct 20 10:11:30 2009 +0200
    45.3 @@ -0,0 +1,1 @@
    45.4 +unsat
    46.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    46.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_01	Tue Oct 20 10:11:30 2009 +0200
    46.3 @@ -0,0 +1,4 @@
    46.4 +(benchmark Isabelle
    46.5 +:assumption (not (= bv27[4] (bvneg bv5[4])))
    46.6 +:formula true
    46.7 +)
    47.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    47.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_01.proof	Tue Oct 20 10:11:30 2009 +0200
    47.3 @@ -0,0 +1,1 @@
    47.4 +unsat
    48.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    48.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_02	Tue Oct 20 10:11:30 2009 +0200
    48.3 @@ -0,0 +1,4 @@
    48.4 +(benchmark Isabelle
    48.5 +:assumption (not (= bv27[4] bv11[4]))
    48.6 +:formula true
    48.7 +)
    49.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    49.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_02.proof	Tue Oct 20 10:11:30 2009 +0200
    49.3 @@ -0,0 +1,1 @@
    49.4 +unsat
    50.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    50.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_03	Tue Oct 20 10:11:30 2009 +0200
    50.3 @@ -0,0 +1,4 @@
    50.4 +(benchmark Isabelle
    50.5 +:assumption (not (bvult bv23[8] bv27[8]))
    50.6 +:formula true
    50.7 +)
    51.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    51.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_03.proof	Tue Oct 20 10:11:30 2009 +0200
    51.3 @@ -0,0 +1,1 @@
    51.4 +unsat
    52.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    52.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_04	Tue Oct 20 10:11:30 2009 +0200
    52.3 @@ -0,0 +1,4 @@
    52.4 +(benchmark Isabelle
    52.5 +:assumption (not (= (bvadd bv27[5] bv11[5]) bv6[5]))
    52.6 +:formula true
    52.7 +)
    53.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    53.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_04.proof	Tue Oct 20 10:11:30 2009 +0200
    53.3 @@ -0,0 +1,1 @@
    53.4 +unsat
    54.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    54.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_05	Tue Oct 20 10:11:30 2009 +0200
    54.3 @@ -0,0 +1,4 @@
    54.4 +(benchmark Isabelle
    54.5 +:assumption (not (= (bvmul bv7[8] bv3[8]) bv21[8]))
    54.6 +:formula true
    54.7 +)
    55.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    55.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_05.proof	Tue Oct 20 10:11:30 2009 +0200
    55.3 @@ -0,0 +1,1 @@
    55.4 +unsat
    56.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    56.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_06	Tue Oct 20 10:11:30 2009 +0200
    56.3 @@ -0,0 +1,4 @@
    56.4 +(benchmark Isabelle
    56.5 +:assumption (not (= (bvsub bv11[8] bv27[8]) (bvneg bv16[8])))
    56.6 +:formula true
    56.7 +)
    57.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    57.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_06.proof	Tue Oct 20 10:11:30 2009 +0200
    57.3 @@ -0,0 +1,1 @@
    57.4 +unsat
    58.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    58.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_07	Tue Oct 20 10:11:30 2009 +0200
    58.3 @@ -0,0 +1,4 @@
    58.4 +(benchmark Isabelle
    58.5 +:assumption (not (= (bvneg (bvneg bv11[5])) bv11[5]))
    58.6 +:formula true
    58.7 +)
    59.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    59.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_07.proof	Tue Oct 20 10:11:30 2009 +0200
    59.3 @@ -0,0 +1,1 @@
    59.4 +unsat
    60.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    60.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_08	Tue Oct 20 10:11:30 2009 +0200
    60.3 @@ -0,0 +1,4 @@
    60.4 +(benchmark Isabelle
    60.5 +:assumption (not (= (bvadd (bvneg bv40[7]) bv1[7]) (bvneg bv39[7])))
    60.6 +:formula true
    60.7 +)
    61.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    61.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_08.proof	Tue Oct 20 10:11:30 2009 +0200
    61.3 @@ -0,0 +1,1 @@
    61.4 +unsat
    62.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    62.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_09	Tue Oct 20 10:11:30 2009 +0200
    62.3 @@ -0,0 +1,9 @@
    62.4 +(benchmark Isabelle
    62.5 +:extrafuns (
    62.6 +  (uf_1 BitVec[32])
    62.7 +  (uf_2 BitVec[32])
    62.8 +  (uf_3 BitVec[32])
    62.9 + )
   62.10 +:assumption (not (= (bvsub (bvadd (bvadd uf_1 (bvmul bv2[32] uf_2)) uf_3) uf_2) (bvadd (bvadd uf_2 uf_3) uf_1)))
   62.11 +:formula true
   62.12 +)
    63.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    63.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_09.proof	Tue Oct 20 10:11:30 2009 +0200
    63.3 @@ -0,0 +1,1 @@
    63.4 +unsat
    64.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    64.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_10	Tue Oct 20 10:11:30 2009 +0200
    64.3 @@ -0,0 +1,8 @@
    64.4 +(benchmark Isabelle
    64.5 +:extrafuns (
    64.6 +  (uf_1 BitVec[4])
    64.7 + )
    64.8 +:assumption (= uf_1 bv5[4])
    64.9 +:assumption (not (= (bvmul bv4[4] uf_1) bv4[4]))
   64.10 +:formula true
   64.11 +)
    65.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    65.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_arith_10.proof	Tue Oct 20 10:11:30 2009 +0200
    65.3 @@ -0,0 +1,1 @@
    65.4 +unsat
    66.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    66.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_01	Tue Oct 20 10:11:30 2009 +0200
    66.3 @@ -0,0 +1,4 @@
    66.4 +(benchmark Isabelle
    66.5 +:assumption (not (= (bvand bv6[32] bv5[32]) bv4[32]))
    66.6 +:formula true
    66.7 +)
    67.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    67.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_01.proof	Tue Oct 20 10:11:30 2009 +0200
    67.3 @@ -0,0 +1,1 @@
    67.4 +unsat
    68.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    68.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_02	Tue Oct 20 10:11:30 2009 +0200
    68.3 @@ -0,0 +1,4 @@
    68.4 +(benchmark Isabelle
    68.5 +:assumption (not (= (bvor bv6[8] bv3[8]) bv7[8]))
    68.6 +:formula true
    68.7 +)
    69.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    69.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_02.proof	Tue Oct 20 10:11:30 2009 +0200
    69.3 @@ -0,0 +1,1 @@
    69.4 +unsat
    70.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    70.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_03	Tue Oct 20 10:11:30 2009 +0200
    70.3 @@ -0,0 +1,4 @@
    70.4 +(benchmark Isabelle
    70.5 +:assumption (not (= (bvxor bv240[8] bv255[8]) bv15[8]))
    70.6 +:formula true
    70.7 +)
    71.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    71.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_03.proof	Tue Oct 20 10:11:30 2009 +0200
    71.3 @@ -0,0 +1,1 @@
    71.4 +unsat
    72.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    72.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_04	Tue Oct 20 10:11:30 2009 +0200
    72.3 @@ -0,0 +1,4 @@
    72.4 +(benchmark Isabelle
    72.5 +:assumption (not (= (bvnot bv240[16]) bv65295[16]))
    72.6 +:formula true
    72.7 +)
    73.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    73.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_04.proof	Tue Oct 20 10:11:30 2009 +0200
    73.3 @@ -0,0 +1,1 @@
    73.4 +unsat
    74.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    74.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_05	Tue Oct 20 10:11:30 2009 +0200
    74.3 @@ -0,0 +1,4 @@
    74.4 +(benchmark Isabelle
    74.5 +:assumption (not (= (concat bv27[4] bv27[8]) bv2843[12]))
    74.6 +:formula true
    74.7 +)
    75.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    75.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_05.proof	Tue Oct 20 10:11:30 2009 +0200
    75.3 @@ -0,0 +1,1 @@
    75.4 +unsat
    76.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    76.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_06	Tue Oct 20 10:11:30 2009 +0200
    76.3 @@ -0,0 +1,4 @@
    76.4 +(benchmark Isabelle
    76.5 +:assumption (not (= (concat bv3[4] bv15[6]) bv207[10]))
    76.6 +:formula true
    76.7 +)
    77.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    77.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_06.proof	Tue Oct 20 10:11:30 2009 +0200
    77.3 @@ -0,0 +1,1 @@
    77.4 +unsat
    78.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    78.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_07	Tue Oct 20 10:11:30 2009 +0200
    78.3 @@ -0,0 +1,12 @@
    78.4 +(benchmark Isabelle
    78.5 +:extrasorts ( T1)
    78.6 +:extrafuns (
    78.7 +  (uf_1 Int T1)
    78.8 +  (uf_2 T1 Int)
    78.9 + )
   78.10 +:assumption (forall (?x1 T1) (= (uf_1 (uf_2 ?x1)) ?x1))
   78.11 +:assumption (forall (?x2 Int) (implies (<= 0 ?x2) (= (uf_2 (uf_1 ?x2)) ?x2)))
   78.12 +:assumption (forall (?x3 Int) (implies (< ?x3 0) (= (uf_2 (uf_1 ?x3)) 0)))
   78.13 +:assumption (not (= (extract[2:1] bv22[4]) bv3[2]))
   78.14 +:formula true
   78.15 +)
    79.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    79.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_07.proof	Tue Oct 20 10:11:30 2009 +0200
    79.3 @@ -0,0 +1,1 @@
    79.4 +unsat
    80.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    80.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_08	Tue Oct 20 10:11:30 2009 +0200
    80.3 @@ -0,0 +1,4 @@
    80.4 +(benchmark Isabelle
    80.5 +:assumption (not (= (zero_extend[6] bv10[4]) bv10[10]))
    80.6 +:formula true
    80.7 +)
    81.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    81.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_08.proof	Tue Oct 20 10:11:30 2009 +0200
    81.3 @@ -0,0 +1,1 @@
    81.4 +unsat
    82.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    82.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_09	Tue Oct 20 10:11:30 2009 +0200
    82.3 @@ -0,0 +1,4 @@
    82.4 +(benchmark Isabelle
    82.5 +:assumption (not (= (sign_extend[2] bv10[4]) bv58[6]))
    82.6 +:formula true
    82.7 +)
    83.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    83.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_09.proof	Tue Oct 20 10:11:30 2009 +0200
    83.3 @@ -0,0 +1,1 @@
    83.4 +unsat
    84.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    84.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_10	Tue Oct 20 10:11:30 2009 +0200
    84.3 @@ -0,0 +1,4 @@
    84.4 +(benchmark Isabelle
    84.5 +:assumption (not (= (bvlshr bv19[8] bv2[8]) bv4[8]))
    84.6 +:formula true
    84.7 +)
    85.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    85.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_10.proof	Tue Oct 20 10:11:30 2009 +0200
    85.3 @@ -0,0 +1,1 @@
    85.4 +unsat
    86.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    86.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_11	Tue Oct 20 10:11:30 2009 +0200
    86.3 @@ -0,0 +1,4 @@
    86.4 +(benchmark Isabelle
    86.5 +:assumption (not (= (bvashr bv19[8] bv2[8]) bv4[8]))
    86.6 +:formula true
    86.7 +)
    87.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    87.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_11.proof	Tue Oct 20 10:11:30 2009 +0200
    87.3 @@ -0,0 +1,1 @@
    87.4 +unsat
    88.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    88.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_12	Tue Oct 20 10:11:30 2009 +0200
    88.3 @@ -0,0 +1,12 @@
    88.4 +(benchmark Isabelle
    88.5 +:extrasorts ( T1)
    88.6 +:extrafuns (
    88.7 +  (uf_1 Int T1)
    88.8 +  (uf_2 T1 Int)
    88.9 + )
   88.10 +:assumption (forall (?x1 T1) (= (uf_1 (uf_2 ?x1)) ?x1))
   88.11 +:assumption (forall (?x2 Int) (implies (<= 0 ?x2) (= (uf_2 (uf_1 ?x2)) ?x2)))
   88.12 +:assumption (forall (?x3 Int) (implies (< ?x3 0) (= (uf_2 (uf_1 ?x3)) 0)))
   88.13 +:assumption (not (= (rotate_right[2] bv6[4]) bv9[4]))
   88.14 +:formula true
   88.15 +)
    89.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    89.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_12.proof	Tue Oct 20 10:11:30 2009 +0200
    89.3 @@ -0,0 +1,1 @@
    89.4 +unsat
    90.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    90.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_13	Tue Oct 20 10:11:30 2009 +0200
    90.3 @@ -0,0 +1,12 @@
    90.4 +(benchmark Isabelle
    90.5 +:extrasorts ( T1)
    90.6 +:extrafuns (
    90.7 +  (uf_1 Int T1)
    90.8 +  (uf_2 T1 Int)
    90.9 + )
   90.10 +:assumption (forall (?x1 T1) (= (uf_1 (uf_2 ?x1)) ?x1))
   90.11 +:assumption (forall (?x2 Int) (implies (<= 0 ?x2) (= (uf_2 (uf_1 ?x2)) ?x2)))
   90.12 +:assumption (forall (?x3 Int) (implies (< ?x3 0) (= (uf_2 (uf_1 ?x3)) 0)))
   90.13 +:assumption (not (= (rotate_left[1] bv14[4]) bv13[4]))
   90.14 +:formula true
   90.15 +)
    91.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    91.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_13.proof	Tue Oct 20 10:11:30 2009 +0200
    91.3 @@ -0,0 +1,1 @@
    91.4 +unsat
    92.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    92.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_14	Tue Oct 20 10:11:30 2009 +0200
    92.3 @@ -0,0 +1,7 @@
    92.4 +(benchmark Isabelle
    92.5 +:extrafuns (
    92.6 +  (uf_1 BitVec[16])
    92.7 + )
    92.8 +:assumption (not (= (bvor (bvand uf_1 bv65280[16]) (bvand uf_1 bv255[16])) uf_1))
    92.9 +:formula true
   92.10 +)
    93.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    93.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_14.proof	Tue Oct 20 10:11:30 2009 +0200
    93.3 @@ -0,0 +1,1 @@
    93.4 +unsat
    94.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    94.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_15	Tue Oct 20 10:11:30 2009 +0200
    94.3 @@ -0,0 +1,8 @@
    94.4 +(benchmark Isabelle
    94.5 +:extrafuns (
    94.6 +  (uf_1 BitVec[16])
    94.7 + )
    94.8 +:assumption (bvult uf_1 bv256[16])
    94.9 +:assumption (not (= (bvand uf_1 bv255[16]) uf_1))
   94.10 +:formula true
   94.11 +)
    95.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    95.2 +++ b/src/HOL/SMT/Examples/cert/z3_bv_bit_15.proof	Tue Oct 20 10:11:30 2009 +0200
    95.3 @@ -0,0 +1,1 @@
    95.4 +unsat
    96.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    96.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_01	Tue Oct 20 10:11:30 2009 +0200
    96.3 @@ -0,0 +1,8 @@
    96.4 +(benchmark Isabelle
    96.5 +:extrasorts ( T1)
    96.6 +:extrapreds (
    96.7 +  (up_1 Int)
    96.8 + )
    96.9 +:assumption (not (forall (?x1 Int) (implies (up_1 ?x1) (forall (?x2 Int) (or (up_1 ?x1) (up_1 ?x2))))))
   96.10 +:formula true
   96.11 +)
    97.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    97.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_01.proof	Tue Oct 20 10:11:30 2009 +0200
    97.3 @@ -0,0 +1,78 @@
    97.4 +#2 := false
    97.5 +decl up_1 :: (-> int bool)
    97.6 +decl ?x1!0 :: int
    97.7 +#54 := ?x1!0
    97.8 +#55 := (up_1 ?x1!0)
    97.9 +#58 := (not #55)
   97.10 +decl ?x2!1 :: int
   97.11 +#66 := ?x2!1
   97.12 +#67 := (up_1 ?x2!1)
   97.13 +#85 := (or #55 #67)
   97.14 +#88 := (not #85)
   97.15 +#91 := (and #55 #88)
   97.16 +#68 := (or #67 #55)
   97.17 +#69 := (not #68)
   97.18 +#63 := (not #58)
   97.19 +#75 := (and #63 #69)
   97.20 +#92 := (iff #75 #91)
   97.21 +#89 := (iff #69 #88)
   97.22 +#86 := (iff #68 #85)
   97.23 +#87 := [rewrite]: #86
   97.24 +#90 := [monotonicity #87]: #89
   97.25 +#83 := (iff #63 #55)
   97.26 +#84 := [rewrite]: #83
   97.27 +#93 := [monotonicity #84 #90]: #92
   97.28 +#6 := (:var 1 int)
   97.29 +#7 := (up_1 #6)
   97.30 +#4 := (:var 0 int)
   97.31 +#5 := (up_1 #4)
   97.32 +#29 := (or #5 #7)
   97.33 +#32 := (forall (vars (?x2 int)) #29)
   97.34 +#38 := (not #5)
   97.35 +#39 := (or #38 #32)
   97.36 +#44 := (forall (vars (?x1 int)) #39)
   97.37 +#47 := (not #44)
   97.38 +#78 := (~ #47 #75)
   97.39 +#56 := (or #5 #55)
   97.40 +#57 := (forall (vars (?x2 int)) #56)
   97.41 +#59 := (or #58 #57)
   97.42 +#60 := (not #59)
   97.43 +#76 := (~ #60 #75)
   97.44 +#70 := (not #57)
   97.45 +#71 := (~ #70 #69)
   97.46 +#72 := [sk]: #71
   97.47 +#64 := (~ #63 #63)
   97.48 +#65 := [refl]: #64
   97.49 +#77 := [nnf-neg #65 #72]: #76
   97.50 +#61 := (~ #47 #60)
   97.51 +#62 := [sk]: #61
   97.52 +#79 := [trans #62 #77]: #78
   97.53 +#8 := (or #7 #5)
   97.54 +#9 := (forall (vars (?x2 int)) #8)
   97.55 +#10 := (implies #5 #9)
   97.56 +#11 := (forall (vars (?x1 int)) #10)
   97.57 +#12 := (not #11)
   97.58 +#48 := (iff #12 #47)
   97.59 +#45 := (iff #11 #44)
   97.60 +#42 := (iff #10 #39)
   97.61 +#35 := (implies #5 #32)
   97.62 +#40 := (iff #35 #39)
   97.63 +#41 := [rewrite]: #40
   97.64 +#36 := (iff #10 #35)
   97.65 +#33 := (iff #9 #32)
   97.66 +#30 := (iff #8 #29)
   97.67 +#31 := [rewrite]: #30
   97.68 +#34 := [quant-intro #31]: #33
   97.69 +#37 := [monotonicity #34]: #36
   97.70 +#43 := [trans #37 #41]: #42
   97.71 +#46 := [quant-intro #43]: #45
   97.72 +#49 := [monotonicity #46]: #48
   97.73 +#28 := [asserted]: #12
   97.74 +#52 := [mp #28 #49]: #47
   97.75 +#80 := [mp~ #52 #79]: #75
   97.76 +#81 := [mp #80 #93]: #91
   97.77 +#94 := [and-elim #81]: #88
   97.78 +#95 := [not-or-elim #94]: #58
   97.79 +#82 := [and-elim #81]: #55
   97.80 +[unit-resolution #82 #95]: false
   97.81 +unsat
    98.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    98.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_02	Tue Oct 20 10:11:30 2009 +0200
    98.3 @@ -0,0 +1,14 @@
    98.4 +(benchmark Isabelle
    98.5 +:extrasorts ( T2 T1)
    98.6 +:extrafuns (
    98.7 +  (uf_2 T1)
    98.8 +  (uf_4 T2)
    98.9 +  (uf_3 T1)
   98.10 + )
   98.11 +:extrapreds (
   98.12 +  (up_1 T1 T2)
   98.13 + )
   98.14 +:assumption (forall (?x1 T1) (?x2 T2) (iff (up_1 ?x1 ?x2) (= ?x1 uf_2)))
   98.15 +:assumption (not (iff (exists (?x3 T2) (up_1 uf_3 ?x3)) (up_1 uf_3 uf_4)))
   98.16 +:formula true
   98.17 +)
    99.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    99.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_02.proof	Tue Oct 20 10:11:30 2009 +0200
    99.3 @@ -0,0 +1,135 @@
    99.4 +#2 := false
    99.5 +decl up_1 :: (-> T1 T2 bool)
    99.6 +#5 := (:var 0 T2)
    99.7 +decl uf_3 :: T1
    99.8 +#11 := uf_3
    99.9 +#12 := (up_1 uf_3 #5)
   99.10 +#560 := (pattern #12)
   99.11 +#57 := (not #12)
   99.12 +#561 := (forall (vars (?x3 T2)) (:pat #560) #57)
   99.13 +decl uf_4 :: T2
   99.14 +#14 := uf_4
   99.15 +#15 := (up_1 uf_3 uf_4)
   99.16 +decl uf_2 :: T1
   99.17 +#7 := uf_2
   99.18 +#136 := (= uf_2 uf_3)
   99.19 +#543 := (iff #15 #136)
   99.20 +#4 := (:var 1 T1)
   99.21 +#6 := (up_1 #4 #5)
   99.22 +#553 := (pattern #6)
   99.23 +#8 := (= #4 uf_2)
   99.24 +#9 := (iff #6 #8)
   99.25 +#554 := (forall (vars (?x1 T1) (?x2 T2)) (:pat #553) #9)
   99.26 +#10 := (forall (vars (?x1 T1) (?x2 T2)) #9)
   99.27 +#557 := (iff #10 #554)
   99.28 +#555 := (iff #9 #9)
   99.29 +#556 := [refl]: #555
   99.30 +#558 := [quant-intro #556]: #557
   99.31 +#47 := (~ #10 #10)
   99.32 +#45 := (~ #9 #9)
   99.33 +#46 := [refl]: #45
   99.34 +#48 := [nnf-pos #46]: #47
   99.35 +#33 := [asserted]: #10
   99.36 +#49 := [mp~ #33 #48]: #10
   99.37 +#559 := [mp #49 #558]: #554
   99.38 +#227 := (not #554)
   99.39 +#185 := (or #227 #543)
   99.40 +#135 := (= uf_3 uf_2)
   99.41 +#205 := (iff #15 #135)
   99.42 +#528 := (or #227 #205)
   99.43 +#190 := (iff #528 #185)
   99.44 +#192 := (iff #185 #185)
   99.45 +#530 := [rewrite]: #192
   99.46 +#201 := (iff #205 #543)
   99.47 +#223 := (iff #135 #136)
   99.48 +#137 := [rewrite]: #223
   99.49 +#544 := [monotonicity #137]: #201
   99.50 +#191 := [monotonicity #544]: #190
   99.51 +#531 := [trans #191 #530]: #190
   99.52 +#189 := [quant-inst]: #528
   99.53 +#532 := [mp #189 #531]: #185
   99.54 +#539 := [unit-resolution #532 #559]: #543
   99.55 +decl ?x3!0 :: T2
   99.56 +#50 := ?x3!0
   99.57 +#51 := (up_1 uf_3 ?x3!0)
   99.58 +#224 := (iff #51 #136)
   99.59 +#155 := (or #227 #224)
   99.60 +#222 := (iff #51 #135)
   99.61 +#228 := (or #227 #222)
   99.62 +#229 := (iff #228 #155)
   99.63 +#545 := (iff #155 #155)
   99.64 +#547 := [rewrite]: #545
   99.65 +#215 := (iff #222 #224)
   99.66 +#226 := [monotonicity #137]: #215
   99.67 +#208 := [monotonicity #226]: #229
   99.68 +#202 := [trans #208 #547]: #229
   99.69 +#225 := [quant-inst]: #228
   99.70 +#334 := [mp #225 #202]: #155
   99.71 +#537 := [unit-resolution #334 #559]: #224
   99.72 +#541 := (not #224)
   99.73 +#527 := (or #541 #136)
   99.74 +#63 := (not #15)
   99.75 +#540 := [hypothesis]: #63
   99.76 +#68 := (or #15 #51)
   99.77 +#60 := (forall (vars (?x3 T2)) #57)
   99.78 +#69 := (or #63 #60)
   99.79 +#76 := (and #68 #69)
   99.80 +#70 := (and #69 #68)
   99.81 +#77 := (iff #70 #76)
   99.82 +#78 := [rewrite]: #77
   99.83 +#13 := (exists (vars (?x3 T2)) #12)
   99.84 +#35 := (not #13)
   99.85 +#36 := (iff #15 #35)
   99.86 +#71 := (~ #36 #70)
   99.87 +#61 := (~ #35 #60)
   99.88 +#58 := (~ #57 #57)
   99.89 +#59 := [refl]: #58
   99.90 +#62 := [nnf-neg #59]: #61
   99.91 +#54 := (not #35)
   99.92 +#55 := (~ #54 #51)
   99.93 +#42 := (~ #13 #51)
   99.94 +#39 := [sk]: #42
   99.95 +#56 := [nnf-neg #39]: #55
   99.96 +#66 := (~ #15 #15)
   99.97 +#67 := [refl]: #66
   99.98 +#64 := (~ #63 #63)
   99.99 +#65 := [refl]: #64
  99.100 +#72 := [nnf-pos #65 #67 #56 #62]: #71
  99.101 +#16 := (iff #13 #15)
  99.102 +#17 := (not #16)
  99.103 +#37 := (iff #17 #36)
  99.104 +#38 := [rewrite]: #37
  99.105 +#34 := [asserted]: #17
  99.106 +#41 := [mp #34 #38]: #36
  99.107 +#73 := [mp~ #41 #72]: #70
  99.108 +#74 := [mp #73 #78]: #76
  99.109 +#75 := [and-elim #74]: #68
  99.110 +#526 := [unit-resolution #75 #540]: #51
  99.111 +#549 := (not #51)
  99.112 +#550 := (or #541 #549 #136)
  99.113 +#551 := [def-axiom]: #550
  99.114 +#233 := [unit-resolution #551 #526]: #527
  99.115 +#249 := [unit-resolution #233 #537]: #136
  99.116 +#213 := (not #136)
  99.117 +#533 := (not #543)
  99.118 +#250 := (or #533 #213)
  99.119 +#534 := (or #533 #15 #213)
  99.120 +#529 := [def-axiom]: #534
  99.121 +#251 := [unit-resolution #529 #540]: #250
  99.122 +#237 := [unit-resolution #251 #249 #539]: false
  99.123 +#252 := [lemma #237]: #15
  99.124 +#566 := (or #63 #561)
  99.125 +#567 := (iff #69 #566)
  99.126 +#564 := (iff #60 #561)
  99.127 +#562 := (iff #57 #57)
  99.128 +#563 := [refl]: #562
  99.129 +#565 := [quant-intro #563]: #564
  99.130 +#568 := [monotonicity #565]: #567
  99.131 +#79 := [and-elim #74]: #69
  99.132 +#569 := [mp #79 #568]: #566
  99.133 +#535 := [unit-resolution #569 #252]: #561
  99.134 +#536 := (not #561)
  99.135 +#538 := (or #536 #63)
  99.136 +#176 := [quant-inst]: #538
  99.137 +[unit-resolution #176 #252 #535]: false
  99.138 +unsat
   100.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   100.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_03	Tue Oct 20 10:11:30 2009 +0200
   100.3 @@ -0,0 +1,15 @@
   100.4 +(benchmark Isabelle
   100.5 +:extrasorts ( T2 T1)
   100.6 +:extrafuns (
   100.7 +  (uf_2 T1)
   100.8 +  (uf_3 T2)
   100.9 +  (uf_4 T1)
  100.10 + )
  100.11 +:extrapreds (
  100.12 +  (up_1 T1 T2)
  100.13 + )
  100.14 +:assumption (forall (?x1 T1) (?x2 T2) (iff (up_1 ?x1 ?x2) (= ?x1 uf_2)))
  100.15 +:assumption (iff (forall (?x3 T1) (exists (?x4 T2) (up_1 ?x3 ?x4))) (forall (?x5 T1) (up_1 ?x5 uf_3)))
  100.16 +:assumption (not (iff (exists (?x6 T2) (up_1 uf_4 ?x6)) (up_1 uf_4 uf_3)))
  100.17 +:formula true
  100.18 +)
   101.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   101.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_03.proof	Tue Oct 20 10:11:30 2009 +0200
   101.3 @@ -0,0 +1,135 @@
   101.4 +#2 := false
   101.5 +decl up_1 :: (-> T1 T2 bool)
   101.6 +#5 := (:var 0 T2)
   101.7 +decl uf_4 :: T1
   101.8 +#18 := uf_4
   101.9 +#19 := (up_1 uf_4 #5)
  101.10 +#635 := (pattern #19)
  101.11 +#116 := (not #19)
  101.12 +#636 := (forall (vars (?x6 T2)) (:pat #635) #116)
  101.13 +decl uf_3 :: T2
  101.14 +#14 := uf_3
  101.15 +#21 := (up_1 uf_4 uf_3)
  101.16 +decl uf_2 :: T1
  101.17 +#7 := uf_2
  101.18 +#195 := (= uf_2 uf_4)
  101.19 +#602 := (iff #21 #195)
  101.20 +#4 := (:var 1 T1)
  101.21 +#6 := (up_1 #4 #5)
  101.22 +#612 := (pattern #6)
  101.23 +#8 := (= #4 uf_2)
  101.24 +#9 := (iff #6 #8)
  101.25 +#613 := (forall (vars (?x1 T1) (?x2 T2)) (:pat #612) #9)
  101.26 +#10 := (forall (vars (?x1 T1) (?x2 T2)) #9)
  101.27 +#616 := (iff #10 #613)
  101.28 +#614 := (iff #9 #9)
  101.29 +#615 := [refl]: #614
  101.30 +#617 := [quant-intro #615]: #616
  101.31 +#56 := (~ #10 #10)
  101.32 +#54 := (~ #9 #9)
  101.33 +#55 := [refl]: #54
  101.34 +#57 := [nnf-pos #55]: #56
  101.35 +#39 := [asserted]: #10
  101.36 +#58 := [mp~ #39 #57]: #10
  101.37 +#618 := [mp #58 #617]: #613
  101.38 +#286 := (not #613)
  101.39 +#244 := (or #286 #602)
  101.40 +#194 := (= uf_4 uf_2)
  101.41 +#264 := (iff #21 #194)
  101.42 +#587 := (or #286 #264)
  101.43 +#249 := (iff #587 #244)
  101.44 +#251 := (iff #244 #244)
  101.45 +#589 := [rewrite]: #251
  101.46 +#260 := (iff #264 #602)
  101.47 +#282 := (iff #194 #195)
  101.48 +#196 := [rewrite]: #282
  101.49 +#603 := [monotonicity #196]: #260
  101.50 +#250 := [monotonicity #603]: #249
  101.51 +#590 := [trans #250 #589]: #249
  101.52 +#248 := [quant-inst]: #587
  101.53 +#591 := [mp #248 #590]: #244
  101.54 +#598 := [unit-resolution #591 #618]: #602
  101.55 +decl ?x6!3 :: T2
  101.56 +#63 := ?x6!3
  101.57 +#64 := (up_1 uf_4 ?x6!3)
  101.58 +#283 := (iff #64 #195)
  101.59 +#214 := (or #286 #283)
  101.60 +#281 := (iff #64 #194)
  101.61 +#287 := (or #286 #281)
  101.62 +#288 := (iff #287 #214)
  101.63 +#604 := (iff #214 #214)
  101.64 +#606 := [rewrite]: #604
  101.65 +#274 := (iff #281 #283)
  101.66 +#285 := [monotonicity #196]: #274
  101.67 +#267 := [monotonicity #285]: #288
  101.68 +#261 := [trans #267 #606]: #288
  101.69 +#284 := [quant-inst]: #287
  101.70 +#393 := [mp #284 #261]: #214
  101.71 +#596 := [unit-resolution #393 #618]: #283
  101.72 +#600 := (not #283)
  101.73 +#586 := (or #600 #195)
  101.74 +#122 := (not #21)
  101.75 +#599 := [hypothesis]: #122
  101.76 +#127 := (or #21 #64)
  101.77 +#119 := (forall (vars (?x6 T2)) #116)
  101.78 +#128 := (or #122 #119)
  101.79 +#135 := (and #127 #128)
  101.80 +#129 := (and #128 #127)
  101.81 +#136 := (iff #129 #135)
  101.82 +#137 := [rewrite]: #136
  101.83 +#20 := (exists (vars (?x6 T2)) #19)
  101.84 +#42 := (not #20)
  101.85 +#43 := (iff #21 #42)
  101.86 +#130 := (~ #43 #129)
  101.87 +#120 := (~ #42 #119)
  101.88 +#117 := (~ #116 #116)
  101.89 +#118 := [refl]: #117
  101.90 +#121 := [nnf-neg #118]: #120
  101.91 +#113 := (not #42)
  101.92 +#114 := (~ #113 #64)
  101.93 +#88 := (~ #20 #64)
  101.94 +#89 := [sk]: #88
  101.95 +#115 := [nnf-neg #89]: #114
  101.96 +#125 := (~ #21 #21)
  101.97 +#126 := [refl]: #125
  101.98 +#123 := (~ #122 #122)
  101.99 +#124 := [refl]: #123
 101.100 +#131 := [nnf-pos #124 #126 #115 #121]: #130
 101.101 +#22 := (iff #20 #21)
 101.102 +#23 := (not #22)
 101.103 +#44 := (iff #23 #43)
 101.104 +#45 := [rewrite]: #44
 101.105 +#41 := [asserted]: #23
 101.106 +#48 := [mp #41 #45]: #43
 101.107 +#132 := [mp~ #48 #131]: #129
 101.108 +#133 := [mp #132 #137]: #135
 101.109 +#134 := [and-elim #133]: #127
 101.110 +#585 := [unit-resolution #134 #599]: #64
 101.111 +#608 := (not #64)
 101.112 +#609 := (or #600 #608 #195)
 101.113 +#610 := [def-axiom]: #609
 101.114 +#292 := [unit-resolution #610 #585]: #586
 101.115 +#308 := [unit-resolution #292 #596]: #195
 101.116 +#272 := (not #195)
 101.117 +#592 := (not #602)
 101.118 +#309 := (or #592 #272)
 101.119 +#593 := (or #592 #21 #272)
 101.120 +#588 := [def-axiom]: #593
 101.121 +#310 := [unit-resolution #588 #599]: #309
 101.122 +#296 := [unit-resolution #310 #308 #598]: false
 101.123 +#311 := [lemma #296]: #21
 101.124 +#641 := (or #122 #636)
 101.125 +#642 := (iff #128 #641)
 101.126 +#639 := (iff #119 #636)
 101.127 +#637 := (iff #116 #116)
 101.128 +#638 := [refl]: #637
 101.129 +#640 := [quant-intro #638]: #639
 101.130 +#643 := [monotonicity #640]: #642
 101.131 +#138 := [and-elim #133]: #128
 101.132 +#644 := [mp #138 #643]: #641
 101.133 +#594 := [unit-resolution #644 #311]: #636
 101.134 +#595 := (not #636)
 101.135 +#597 := (or #595 #122)
 101.136 +#235 := [quant-inst]: #597
 101.137 +[unit-resolution #235 #311 #594]: false
 101.138 +unsat
   102.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   102.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_04	Tue Oct 20 10:11:30 2009 +0200
   102.3 @@ -0,0 +1,13 @@
   102.4 +(benchmark Isabelle
   102.5 +:extrasorts ( T1 T2)
   102.6 +:extrafuns (
   102.7 +  (uf_2 T1)
   102.8 +  (uf_3 T1)
   102.9 + )
  102.10 +:extrapreds (
  102.11 +  (up_1 T1)
  102.12 + )
  102.13 +:assumption (if_then_else (up_1 uf_2) (not (exists (?x1 T1) (up_1 ?x1))) (forall (?x2 T1) (not (up_1 ?x2))))
  102.14 +:assumption (not (implies (up_1 uf_2) (up_1 uf_3)))
  102.15 +:formula true
  102.16 +)
   103.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   103.2 +++ b/src/HOL/SMT/Examples/cert/z3_fol_04.proof	Tue Oct 20 10:11:30 2009 +0200
   103.3 @@ -0,0 +1,56 @@
   103.4 +#2 := false
   103.5 +decl up_1 :: (-> T1 bool)
   103.6 +decl uf_2 :: T1
   103.7 +#4 := uf_2
   103.8 +#5 := (up_1 uf_2)
   103.9 +decl uf_3 :: T1
  103.10 +#13 := uf_3
  103.11 +#14 := (up_1 uf_3)
  103.12 +#34 := (not #5)
  103.13 +#35 := (or #34 #14)
  103.14 +#38 := (not #35)
  103.15 +#15 := (implies #5 #14)
  103.16 +#16 := (not #15)
  103.17 +#39 := (iff #16 #38)
  103.18 +#36 := (iff #15 #35)
  103.19 +#37 := [rewrite]: #36
  103.20 +#40 := [monotonicity #37]: #39
  103.21 +#33 := [asserted]: #16
  103.22 +#43 := [mp #33 #40]: #38
  103.23 +#41 := [not-or-elim #43]: #5
  103.24 +#6 := (:var 0 T1)
  103.25 +#7 := (up_1 #6)
  103.26 +#536 := (pattern #7)
  103.27 +#10 := (not #7)
  103.28 +#537 := (forall (vars (?x2 T1)) (:pat #536) #10)
  103.29 +#11 := (forall (vars (?x2 T1)) #10)
  103.30 +#540 := (iff #11 #537)
  103.31 +#538 := (iff #10 #10)
  103.32 +#539 := [refl]: #538
  103.33 +#541 := [quant-intro #539]: #540
  103.34 +#8 := (exists (vars (?x1 T1)) #7)
  103.35 +#9 := (not #8)
  103.36 +#45 := (~ #9 #11)
  103.37 +#50 := (~ #10 #10)
  103.38 +#51 := [refl]: #50
  103.39 +#59 := [nnf-neg #51]: #45
  103.40 +#12 := (ite #5 #9 #11)
  103.41 +#57 := (iff #12 #9)
  103.42 +#1 := true
  103.43 +#52 := (ite true #9 #11)
  103.44 +#55 := (iff #52 #9)
  103.45 +#56 := [rewrite]: #55
  103.46 +#53 := (iff #12 #52)
  103.47 +#48 := (iff #5 true)
  103.48 +#49 := [iff-true #41]: #48
  103.49 +#54 := [monotonicity #49]: #53
  103.50 +#58 := [trans #54 #56]: #57
  103.51 +#32 := [asserted]: #12
  103.52 +#47 := [mp #32 #58]: #9
  103.53 +#60 := [mp~ #47 #59]: #11
  103.54 +#542 := [mp #60 #541]: #537
  103.55 +#119 := (not #537)
  103.56 +#206 := (or #119 #34)
  103.57 +#120 := [quant-inst]: #206
  103.58 +[unit-resolution #120 #542 #41]: false
  103.59 +unsat
   104.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   104.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_01	Tue Oct 20 10:11:30 2009 +0200
   104.3 @@ -0,0 +1,18 @@
   104.4 +(benchmark Isabelle
   104.5 +:extrasorts ( T2 T3 T1)
   104.6 +:extrafuns (
   104.7 +  (uf_2 T1 T2 T3 T1)
   104.8 +  (uf_1 T1 T2 T3)
   104.9 +  (uf_6 T1)
  104.10 +  (uf_3 T2)
  104.11 +  (uf_4 T2)
  104.12 +  (uf_5 T2)
  104.13 +  (uf_7 T3)
  104.14 +  (uf_8 T3)
  104.15 + )
  104.16 +:assumption (forall (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2) (= (uf_1 (uf_2 ?x1 ?x2 ?x3) ?x4) (ite (= ?x4 ?x2) ?x3 (uf_1 ?x1 ?x4))))
  104.17 +:assumption (forall (?x5 T1) (?x6 T2) (?x7 T3) (= (uf_1 (uf_2 ?x5 ?x6 ?x7) ?x6) ?x7))
  104.18 +:assumption (and (not (= uf_3 uf_4)) (not (= uf_3 uf_5)))
  104.19 +:assumption (not (= (uf_1 (uf_2 (uf_2 uf_6 uf_4 uf_7) uf_5 uf_8) uf_3) (uf_1 uf_6 uf_3)))
  104.20 +:formula true
  104.21 +)
   105.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   105.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_01.proof	Tue Oct 20 10:11:30 2009 +0200
   105.3 @@ -0,0 +1,181 @@
   105.4 +#2 := false
   105.5 +decl uf_1 :: (-> T1 T2 T3)
   105.6 +decl uf_3 :: T2
   105.7 +#22 := uf_3
   105.8 +decl uf_6 :: T1
   105.9 +#30 := uf_6
  105.10 +#36 := (uf_1 uf_6 uf_3)
  105.11 +decl uf_2 :: (-> T1 T2 T3 T1)
  105.12 +decl uf_8 :: T3
  105.13 +#33 := uf_8
  105.14 +decl uf_5 :: T2
  105.15 +#26 := uf_5
  105.16 +decl uf_7 :: T3
  105.17 +#31 := uf_7
  105.18 +decl uf_4 :: T2
  105.19 +#23 := uf_4
  105.20 +#32 := (uf_2 uf_6 uf_4 uf_7)
  105.21 +#34 := (uf_2 #32 uf_5 uf_8)
  105.22 +#35 := (uf_1 #34 uf_3)
  105.23 +#37 := (= #35 #36)
  105.24 +#223 := (uf_1 #32 uf_4)
  105.25 +#214 := (uf_2 uf_6 uf_4 #223)
  105.26 +#552 := (uf_1 #214 uf_3)
  105.27 +#555 := (= #552 #36)
  105.28 +#560 := (= #36 #552)
  105.29 +#556 := (= #223 #552)
  105.30 +#24 := (= uf_3 uf_4)
  105.31 +#561 := (ite #24 #556 #560)
  105.32 +#8 := (:var 0 T2)
  105.33 +#6 := (:var 1 T3)
  105.34 +#5 := (:var 2 T2)
  105.35 +#4 := (:var 3 T1)
  105.36 +#7 := (uf_2 #4 #5 #6)
  105.37 +#9 := (uf_1 #7 #8)
  105.38 +#575 := (pattern #9)
  105.39 +#11 := (uf_1 #4 #8)
  105.40 +#100 := (= #9 #11)
  105.41 +#99 := (= #6 #9)
  105.42 +#55 := (= #5 #8)
  105.43 +#83 := (ite #55 #99 #100)
  105.44 +#576 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) (:pat #575) #83)
  105.45 +#90 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) #83)
  105.46 +#579 := (iff #90 #576)
  105.47 +#577 := (iff #83 #83)
  105.48 +#578 := [refl]: #577
  105.49 +#580 := [quant-intro #578]: #579
  105.50 +#58 := (ite #55 #6 #11)
  105.51 +#61 := (= #9 #58)
  105.52 +#64 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) #61)
  105.53 +#87 := (iff #64 #90)
  105.54 +#84 := (iff #61 #83)
  105.55 +#89 := [rewrite]: #84
  105.56 +#88 := [quant-intro #89]: #87
  105.57 +#93 := (~ #64 #64)
  105.58 +#91 := (~ #61 #61)
  105.59 +#92 := [refl]: #91
  105.60 +#94 := [nnf-pos #92]: #93
  105.61 +#10 := (= #8 #5)
  105.62 +#12 := (ite #10 #6 #11)
  105.63 +#13 := (= #9 #12)
  105.64 +#14 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) #13)
  105.65 +#65 := (iff #14 #64)
  105.66 +#62 := (iff #13 #61)
  105.67 +#59 := (= #12 #58)
  105.68 +#56 := (iff #10 #55)
  105.69 +#57 := [rewrite]: #56
  105.70 +#60 := [monotonicity #57]: #59
  105.71 +#63 := [monotonicity #60]: #62
  105.72 +#66 := [quant-intro #63]: #65
  105.73 +#54 := [asserted]: #14
  105.74 +#69 := [mp #54 #66]: #64
  105.75 +#95 := [mp~ #69 #94]: #64
  105.76 +#85 := [mp #95 #88]: #90
  105.77 +#581 := [mp #85 #580]: #576
  105.78 +#250 := (not #576)
  105.79 +#548 := (or #250 #561)
  105.80 +#551 := (= uf_4 uf_3)
  105.81 +#557 := (ite #551 #556 #555)
  105.82 +#549 := (or #250 #557)
  105.83 +#271 := (iff #549 #548)
  105.84 +#273 := (iff #548 #548)
  105.85 +#259 := [rewrite]: #273
  105.86 +#559 := (iff #557 #561)
  105.87 +#198 := (iff #555 #560)
  105.88 +#199 := [rewrite]: #198
  105.89 +#193 := (iff #551 #24)
  105.90 +#558 := [rewrite]: #193
  105.91 +#562 := [monotonicity #558 #199]: #559
  105.92 +#272 := [monotonicity #562]: #271
  105.93 +#274 := [trans #272 #259]: #271
  105.94 +#255 := [quant-inst]: #549
  105.95 +#165 := [mp #255 #274]: #548
  105.96 +#510 := [unit-resolution #165 #581]: #561
  105.97 +#544 := (not #561)
  105.98 +#497 := (or #544 #560)
  105.99 +#25 := (not #24)
 105.100 +#27 := (= uf_3 uf_5)
 105.101 +#28 := (not #27)
 105.102 +#29 := (and #25 #28)
 105.103 +#75 := [asserted]: #29
 105.104 +#79 := [and-elim #75]: #25
 105.105 +#268 := (or #544 #24 #560)
 105.106 +#542 := [def-axiom]: #268
 105.107 +#499 := [unit-resolution #542 #79]: #497
 105.108 +#491 := [unit-resolution #499 #510]: #560
 105.109 +#493 := [symm #491]: #555
 105.110 +#494 := (= #35 #552)
 105.111 +#157 := (uf_1 #32 uf_3)
 105.112 +#503 := (= #157 #552)
 105.113 +#502 := (= #552 #157)
 105.114 +#509 := (= #214 #32)
 105.115 +#415 := (= #223 uf_7)
 105.116 +#566 := (= uf_7 #223)
 105.117 +#17 := (:var 0 T3)
 105.118 +#16 := (:var 1 T2)
 105.119 +#15 := (:var 2 T1)
 105.120 +#18 := (uf_2 #15 #16 #17)
 105.121 +#582 := (pattern #18)
 105.122 +#19 := (uf_1 #18 #16)
 105.123 +#68 := (= #17 #19)
 105.124 +#584 := (forall (vars (?x5 T1) (?x6 T2) (?x7 T3)) (:pat #582) #68)
 105.125 +#72 := (forall (vars (?x5 T1) (?x6 T2) (?x7 T3)) #68)
 105.126 +#583 := (iff #72 #584)
 105.127 +#586 := (iff #584 #584)
 105.128 +#587 := [rewrite]: #586
 105.129 +#585 := [rewrite]: #583
 105.130 +#588 := [trans #585 #587]: #583
 105.131 +#82 := (~ #72 #72)
 105.132 +#96 := (~ #68 #68)
 105.133 +#97 := [refl]: #96
 105.134 +#78 := [nnf-pos #97]: #82
 105.135 +#20 := (= #19 #17)
 105.136 +#21 := (forall (vars (?x5 T1) (?x6 T2) (?x7 T3)) #20)
 105.137 +#73 := (iff #21 #72)
 105.138 +#70 := (iff #20 #68)
 105.139 +#71 := [rewrite]: #70
 105.140 +#74 := [quant-intro #71]: #73
 105.141 +#67 := [asserted]: #21
 105.142 +#77 := [mp #67 #74]: #72
 105.143 +#98 := [mp~ #77 #78]: #72
 105.144 +#589 := [mp #98 #588]: #584
 105.145 +#211 := (not #584)
 105.146 +#212 := (or #211 #566)
 105.147 +#213 := [quant-inst]: #212
 105.148 +#414 := [unit-resolution #213 #589]: #566
 105.149 +#416 := [symm #414]: #415
 105.150 +#506 := [monotonicity #416]: #509
 105.151 +#498 := [monotonicity #506]: #502
 105.152 +#492 := [symm #498]: #503
 105.153 +#244 := (= #35 #157)
 105.154 +#158 := (= uf_8 #35)
 105.155 +#248 := (ite #27 #158 #244)
 105.156 +#247 := (or #250 #248)
 105.157 +#245 := (= uf_5 uf_3)
 105.158 +#159 := (ite #245 #158 #244)
 105.159 +#251 := (or #250 #159)
 105.160 +#567 := (iff #251 #247)
 105.161 +#224 := (iff #247 #247)
 105.162 +#356 := [rewrite]: #224
 105.163 +#249 := (iff #159 #248)
 105.164 +#246 := (iff #245 #27)
 105.165 +#237 := [rewrite]: #246
 105.166 +#177 := [monotonicity #237]: #249
 105.167 +#569 := [monotonicity #177]: #567
 105.168 +#563 := [trans #569 #356]: #567
 105.169 +#230 := [quant-inst]: #251
 105.170 +#235 := [mp #230 #563]: #247
 105.171 +#488 := [unit-resolution #235 #581]: #248
 105.172 +#236 := (not #248)
 105.173 +#490 := (or #236 #244)
 105.174 +#80 := [and-elim #75]: #28
 105.175 +#572 := (or #236 #27 #244)
 105.176 +#573 := [def-axiom]: #572
 105.177 +#500 := [unit-resolution #573 #80]: #490
 105.178 +#501 := [unit-resolution #500 #488]: #244
 105.179 +#495 := [trans #501 #492]: #494
 105.180 +#489 := [trans #495 #493]: #37
 105.181 +#38 := (not #37)
 105.182 +#76 := [asserted]: #38
 105.183 +[unit-resolution #76 #489]: false
 105.184 +unsat
   106.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   106.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_02	Tue Oct 20 10:11:30 2009 +0200
   106.3 @@ -0,0 +1,13 @@
   106.4 +(benchmark Isabelle
   106.5 +:extrasorts ( T2 T1 T3)
   106.6 +:extrafuns (
   106.7 +  (uf_2 T1)
   106.8 +  (uf_3 T2)
   106.9 + )
  106.10 +:extrapreds (
  106.11 +  (up_4 T1 T2)
  106.12 +  (up_1 T1 T2)
  106.13 + )
  106.14 +:assumption (not (or (iff (up_1 uf_2 uf_3) (and (up_4 uf_2 uf_3) true)) (or (iff (up_1 uf_2 uf_3) true) (iff (up_4 uf_2 uf_3) true))))
  106.15 +:formula true
  106.16 +)
   107.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   107.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_02.proof	Tue Oct 20 10:11:30 2009 +0200
   107.3 @@ -0,0 +1,62 @@
   107.4 +#2 := false
   107.5 +decl up_4 :: (-> T1 T2 bool)
   107.6 +decl uf_3 :: T2
   107.7 +#5 := uf_3
   107.8 +decl uf_2 :: T1
   107.9 +#4 := uf_2
  107.10 +#7 := (up_4 uf_2 uf_3)
  107.11 +#60 := (not #7)
  107.12 +decl up_1 :: (-> T1 T2 bool)
  107.13 +#6 := (up_1 uf_2 uf_3)
  107.14 +#33 := (iff #6 #7)
  107.15 +#49 := (or #6 #7 #33)
  107.16 +#52 := (not #49)
  107.17 +#1 := true
  107.18 +#11 := (iff #7 true)
  107.19 +#10 := (iff #6 true)
  107.20 +#12 := (or #10 #11)
  107.21 +#8 := (and #7 true)
  107.22 +#9 := (iff #6 #8)
  107.23 +#13 := (or #9 #12)
  107.24 +#14 := (not #13)
  107.25 +#55 := (iff #14 #52)
  107.26 +#40 := (or #6 #7)
  107.27 +#43 := (or #33 #40)
  107.28 +#46 := (not #43)
  107.29 +#53 := (iff #46 #52)
  107.30 +#50 := (iff #43 #49)
  107.31 +#51 := [rewrite]: #50
  107.32 +#54 := [monotonicity #51]: #53
  107.33 +#47 := (iff #14 #46)
  107.34 +#44 := (iff #13 #43)
  107.35 +#41 := (iff #12 #40)
  107.36 +#38 := (iff #11 #7)
  107.37 +#39 := [rewrite]: #38
  107.38 +#36 := (iff #10 #6)
  107.39 +#37 := [rewrite]: #36
  107.40 +#42 := [monotonicity #37 #39]: #41
  107.41 +#34 := (iff #9 #33)
  107.42 +#31 := (iff #8 #7)
  107.43 +#32 := [rewrite]: #31
  107.44 +#35 := [monotonicity #32]: #34
  107.45 +#45 := [monotonicity #35 #42]: #44
  107.46 +#48 := [monotonicity #45]: #47
  107.47 +#56 := [trans #48 #54]: #55
  107.48 +#30 := [asserted]: #14
  107.49 +#57 := [mp #30 #56]: #52
  107.50 +#61 := [not-or-elim #57]: #60
  107.51 +#58 := (not #6)
  107.52 +#59 := [not-or-elim #57]: #58
  107.53 +#72 := (or #7 #6)
  107.54 +#66 := (iff #7 #58)
  107.55 +#62 := (not #33)
  107.56 +#64 := (iff #62 #66)
  107.57 +#67 := [rewrite]: #64
  107.58 +#63 := [not-or-elim #57]: #62
  107.59 +#68 := [mp #63 #67]: #66
  107.60 +#69 := (not #66)
  107.61 +#70 := (or #7 #6 #69)
  107.62 +#71 := [def-axiom]: #70
  107.63 +#73 := [unit-resolution #71 #68]: #72
  107.64 +[unit-resolution #73 #59 #61]: false
  107.65 +unsat
   108.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   108.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_03	Tue Oct 20 10:11:30 2009 +0200
   108.3 @@ -0,0 +1,13 @@
   108.4 +(benchmark Isabelle
   108.5 +:extrasorts ( T1 T2)
   108.6 +:extrafuns (
   108.7 +  (uf_3 T2)
   108.8 +  (uf_1 T1 T1)
   108.9 +  (uf_2 T2 T2)
  108.10 +  (uf_4 T1)
  108.11 + )
  108.12 +:assumption (forall (?x1 T1) (= (uf_1 ?x1) ?x1))
  108.13 +:assumption (forall (?x2 T2) (iff (= (uf_2 ?x2) uf_3) (= ?x2 uf_3)))
  108.14 +:assumption (not (and (= (uf_1 uf_4) uf_4) (iff (= (uf_2 uf_3) uf_3) true)))
  108.15 +:formula true
  108.16 +)
   109.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   109.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_03.proof	Tue Oct 20 10:11:30 2009 +0200
   109.3 @@ -0,0 +1,120 @@
   109.4 +#2 := false
   109.5 +decl uf_1 :: (-> T1 T1)
   109.6 +decl uf_4 :: T1
   109.7 +#15 := uf_4
   109.8 +#16 := (uf_1 uf_4)
   109.9 +#48 := (= uf_4 #16)
  109.10 +#83 := (not #48)
  109.11 +decl uf_2 :: (-> T2 T2)
  109.12 +decl uf_3 :: T2
  109.13 +#10 := uf_3
  109.14 +#18 := (uf_2 uf_3)
  109.15 +#51 := (= uf_3 #18)
  109.16 +#84 := (not #51)
  109.17 +#556 := [hypothesis]: #84
  109.18 +#8 := (:var 0 T2)
  109.19 +#9 := (uf_2 #8)
  109.20 +#575 := (pattern #9)
  109.21 +#12 := (= #8 uf_3)
  109.22 +#11 := (= #9 uf_3)
  109.23 +#13 := (iff #11 #12)
  109.24 +#576 := (forall (vars (?x2 T2)) (:pat #575) #13)
  109.25 +#14 := (forall (vars (?x2 T2)) #13)
  109.26 +#579 := (iff #14 #576)
  109.27 +#577 := (iff #13 #13)
  109.28 +#578 := [refl]: #577
  109.29 +#580 := [quant-intro #578]: #579
  109.30 +#70 := (~ #14 #14)
  109.31 +#80 := (~ #13 #13)
  109.32 +#81 := [refl]: #80
  109.33 +#67 := [nnf-pos #81]: #70
  109.34 +#45 := [asserted]: #14
  109.35 +#82 := [mp~ #45 #67]: #14
  109.36 +#581 := [mp #82 #580]: #576
  109.37 +#242 := (not #576)
  109.38 +#170 := (or #242 #51)
  109.39 +#150 := (= uf_3 uf_3)
  109.40 +#19 := (= #18 uf_3)
  109.41 +#237 := (iff #19 #150)
  109.42 +#243 := (or #242 #237)
  109.43 +#244 := (iff #243 #170)
  109.44 +#560 := (iff #170 #170)
  109.45 +#562 := [rewrite]: #560
  109.46 +#230 := (iff #237 #51)
  109.47 +#1 := true
  109.48 +#54 := (iff #51 true)
  109.49 +#57 := (iff #54 #51)
  109.50 +#58 := [rewrite]: #57
  109.51 +#152 := (iff #237 #54)
  109.52 +#151 := (iff #150 true)
  109.53 +#238 := [rewrite]: #151
  109.54 +#52 := (iff #19 #51)
  109.55 +#53 := [rewrite]: #52
  109.56 +#239 := [monotonicity #53 #238]: #152
  109.57 +#241 := [trans #239 #58]: #230
  109.58 +#223 := [monotonicity #241]: #244
  109.59 +#217 := [trans #223 #562]: #244
  109.60 +#240 := [quant-inst]: #243
  109.61 +#349 := [mp #240 #217]: #170
  109.62 +#228 := [unit-resolution #349 #581 #556]: false
  109.63 +#229 := [lemma #228]: #51
  109.64 +#71 := (or #83 #84)
  109.65 +#61 := (and #48 #51)
  109.66 +#64 := (not #61)
  109.67 +#90 := (iff #64 #71)
  109.68 +#72 := (not #71)
  109.69 +#85 := (not #72)
  109.70 +#88 := (iff #85 #71)
  109.71 +#89 := [rewrite]: #88
  109.72 +#86 := (iff #64 #85)
  109.73 +#73 := (iff #61 #72)
  109.74 +#74 := [rewrite]: #73
  109.75 +#87 := [monotonicity #74]: #86
  109.76 +#91 := [trans #87 #89]: #90
  109.77 +#20 := (iff #19 true)
  109.78 +#17 := (= #16 uf_4)
  109.79 +#21 := (and #17 #20)
  109.80 +#22 := (not #21)
  109.81 +#65 := (iff #22 #64)
  109.82 +#62 := (iff #21 #61)
  109.83 +#59 := (iff #20 #51)
  109.84 +#55 := (iff #20 #54)
  109.85 +#56 := [monotonicity #53]: #55
  109.86 +#60 := [trans #56 #58]: #59
  109.87 +#49 := (iff #17 #48)
  109.88 +#50 := [rewrite]: #49
  109.89 +#63 := [monotonicity #50 #60]: #62
  109.90 +#66 := [monotonicity #63]: #65
  109.91 +#46 := [asserted]: #22
  109.92 +#69 := [mp #46 #66]: #64
  109.93 +#92 := [mp #69 #91]: #71
  109.94 +#563 := [unit-resolution #92 #229]: #83
  109.95 +#4 := (:var 0 T1)
  109.96 +#5 := (uf_1 #4)
  109.97 +#568 := (pattern #5)
  109.98 +#39 := (= #4 #5)
  109.99 +#569 := (forall (vars (?x1 T1)) (:pat #568) #39)
 109.100 +#42 := (forall (vars (?x1 T1)) #39)
 109.101 +#572 := (iff #42 #569)
 109.102 +#570 := (iff #39 #39)
 109.103 +#571 := [refl]: #570
 109.104 +#573 := [quant-intro #571]: #572
 109.105 +#77 := (~ #42 #42)
 109.106 +#75 := (~ #39 #39)
 109.107 +#76 := [refl]: #75
 109.108 +#78 := [nnf-pos #76]: #77
 109.109 +#6 := (= #5 #4)
 109.110 +#7 := (forall (vars (?x1 T1)) #6)
 109.111 +#43 := (iff #7 #42)
 109.112 +#40 := (iff #6 #39)
 109.113 +#41 := [rewrite]: #40
 109.114 +#44 := [quant-intro #41]: #43
 109.115 +#38 := [asserted]: #7
 109.116 +#47 := [mp #38 #44]: #42
 109.117 +#79 := [mp~ #47 #78]: #42
 109.118 +#574 := [mp #79 #573]: #569
 109.119 +#565 := (not #569)
 109.120 +#566 := (or #565 #48)
 109.121 +#561 := [quant-inst]: #566
 109.122 +[unit-resolution #561 #574 #563]: false
 109.123 +unsat
   110.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   110.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_04	Tue Oct 20 10:11:30 2009 +0200
   110.3 @@ -0,0 +1,18 @@
   110.4 +(benchmark Isabelle
   110.5 +:extrasorts ( T2 T3 T1)
   110.6 +:extrafuns (
   110.7 +  (uf_2 T1 T2 T3 T1)
   110.8 +  (uf_1 T1 T2 T3)
   110.9 +  (uf_6 T1)
  110.10 +  (uf_3 T2)
  110.11 +  (uf_4 T2)
  110.12 +  (uf_5 T2)
  110.13 +  (uf_7 T3)
  110.14 +  (uf_8 T3)
  110.15 + )
  110.16 +:assumption (forall (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2) (= (uf_1 (uf_2 ?x1 ?x2 ?x3) ?x4) (ite (= ?x4 ?x2) ?x3 (uf_1 ?x1 ?x4))))
  110.17 +:assumption (forall (?x5 T1) (?x6 T2) (?x7 T3) (= (uf_1 (uf_2 ?x5 ?x6 ?x7) ?x6) ?x7))
  110.18 +:assumption (and (not (= uf_3 uf_4)) (not (= uf_3 uf_5)))
  110.19 +:assumption (not (= (uf_1 (uf_2 (uf_2 uf_6 uf_4 uf_7) uf_5 uf_8) uf_3) (uf_1 uf_6 uf_3)))
  110.20 +:formula true
  110.21 +)
   111.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   111.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_04.proof	Tue Oct 20 10:11:30 2009 +0200
   111.3 @@ -0,0 +1,181 @@
   111.4 +#2 := false
   111.5 +decl uf_1 :: (-> T1 T2 T3)
   111.6 +decl uf_3 :: T2
   111.7 +#22 := uf_3
   111.8 +decl uf_6 :: T1
   111.9 +#30 := uf_6
  111.10 +#36 := (uf_1 uf_6 uf_3)
  111.11 +decl uf_2 :: (-> T1 T2 T3 T1)
  111.12 +decl uf_8 :: T3
  111.13 +#33 := uf_8
  111.14 +decl uf_5 :: T2
  111.15 +#26 := uf_5
  111.16 +decl uf_7 :: T3
  111.17 +#31 := uf_7
  111.18 +decl uf_4 :: T2
  111.19 +#23 := uf_4
  111.20 +#32 := (uf_2 uf_6 uf_4 uf_7)
  111.21 +#34 := (uf_2 #32 uf_5 uf_8)
  111.22 +#35 := (uf_1 #34 uf_3)
  111.23 +#37 := (= #35 #36)
  111.24 +#223 := (uf_1 #32 uf_4)
  111.25 +#214 := (uf_2 uf_6 uf_4 #223)
  111.26 +#552 := (uf_1 #214 uf_3)
  111.27 +#555 := (= #552 #36)
  111.28 +#560 := (= #36 #552)
  111.29 +#556 := (= #223 #552)
  111.30 +#24 := (= uf_3 uf_4)
  111.31 +#561 := (ite #24 #556 #560)
  111.32 +#8 := (:var 0 T2)
  111.33 +#6 := (:var 1 T3)
  111.34 +#5 := (:var 2 T2)
  111.35 +#4 := (:var 3 T1)
  111.36 +#7 := (uf_2 #4 #5 #6)
  111.37 +#9 := (uf_1 #7 #8)
  111.38 +#575 := (pattern #9)
  111.39 +#11 := (uf_1 #4 #8)
  111.40 +#100 := (= #9 #11)
  111.41 +#99 := (= #6 #9)
  111.42 +#55 := (= #5 #8)
  111.43 +#83 := (ite #55 #99 #100)
  111.44 +#576 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) (:pat #575) #83)
  111.45 +#90 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) #83)
  111.46 +#579 := (iff #90 #576)
  111.47 +#577 := (iff #83 #83)
  111.48 +#578 := [refl]: #577
  111.49 +#580 := [quant-intro #578]: #579
  111.50 +#58 := (ite #55 #6 #11)
  111.51 +#61 := (= #9 #58)
  111.52 +#64 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) #61)
  111.53 +#87 := (iff #64 #90)
  111.54 +#84 := (iff #61 #83)
  111.55 +#89 := [rewrite]: #84
  111.56 +#88 := [quant-intro #89]: #87
  111.57 +#93 := (~ #64 #64)
  111.58 +#91 := (~ #61 #61)
  111.59 +#92 := [refl]: #91
  111.60 +#94 := [nnf-pos #92]: #93
  111.61 +#10 := (= #8 #5)
  111.62 +#12 := (ite #10 #6 #11)
  111.63 +#13 := (= #9 #12)
  111.64 +#14 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3) (?x4 T2)) #13)
  111.65 +#65 := (iff #14 #64)
  111.66 +#62 := (iff #13 #61)
  111.67 +#59 := (= #12 #58)
  111.68 +#56 := (iff #10 #55)
  111.69 +#57 := [rewrite]: #56
  111.70 +#60 := [monotonicity #57]: #59
  111.71 +#63 := [monotonicity #60]: #62
  111.72 +#66 := [quant-intro #63]: #65
  111.73 +#54 := [asserted]: #14
  111.74 +#69 := [mp #54 #66]: #64
  111.75 +#95 := [mp~ #69 #94]: #64
  111.76 +#85 := [mp #95 #88]: #90
  111.77 +#581 := [mp #85 #580]: #576
  111.78 +#250 := (not #576)
  111.79 +#548 := (or #250 #561)
  111.80 +#551 := (= uf_4 uf_3)
  111.81 +#557 := (ite #551 #556 #555)
  111.82 +#549 := (or #250 #557)
  111.83 +#271 := (iff #549 #548)
  111.84 +#273 := (iff #548 #548)
  111.85 +#259 := [rewrite]: #273
  111.86 +#559 := (iff #557 #561)
  111.87 +#198 := (iff #555 #560)
  111.88 +#199 := [rewrite]: #198
  111.89 +#193 := (iff #551 #24)
  111.90 +#558 := [rewrite]: #193
  111.91 +#562 := [monotonicity #558 #199]: #559
  111.92 +#272 := [monotonicity #562]: #271
  111.93 +#274 := [trans #272 #259]: #271
  111.94 +#255 := [quant-inst]: #549
  111.95 +#165 := [mp #255 #274]: #548
  111.96 +#510 := [unit-resolution #165 #581]: #561
  111.97 +#544 := (not #561)
  111.98 +#497 := (or #544 #560)
  111.99 +#25 := (not #24)
 111.100 +#27 := (= uf_3 uf_5)
 111.101 +#28 := (not #27)
 111.102 +#29 := (and #25 #28)
 111.103 +#75 := [asserted]: #29
 111.104 +#79 := [and-elim #75]: #25
 111.105 +#268 := (or #544 #24 #560)
 111.106 +#542 := [def-axiom]: #268
 111.107 +#499 := [unit-resolution #542 #79]: #497
 111.108 +#491 := [unit-resolution #499 #510]: #560
 111.109 +#493 := [symm #491]: #555
 111.110 +#494 := (= #35 #552)
 111.111 +#157 := (uf_1 #32 uf_3)
 111.112 +#503 := (= #157 #552)
 111.113 +#502 := (= #552 #157)
 111.114 +#509 := (= #214 #32)
 111.115 +#415 := (= #223 uf_7)
 111.116 +#566 := (= uf_7 #223)
 111.117 +#17 := (:var 0 T3)
 111.118 +#16 := (:var 1 T2)
 111.119 +#15 := (:var 2 T1)
 111.120 +#18 := (uf_2 #15 #16 #17)
 111.121 +#582 := (pattern #18)
 111.122 +#19 := (uf_1 #18 #16)
 111.123 +#68 := (= #17 #19)
 111.124 +#584 := (forall (vars (?x5 T1) (?x6 T2) (?x7 T3)) (:pat #582) #68)
 111.125 +#72 := (forall (vars (?x5 T1) (?x6 T2) (?x7 T3)) #68)
 111.126 +#583 := (iff #72 #584)
 111.127 +#586 := (iff #584 #584)
 111.128 +#587 := [rewrite]: #586
 111.129 +#585 := [rewrite]: #583
 111.130 +#588 := [trans #585 #587]: #583
 111.131 +#82 := (~ #72 #72)
 111.132 +#96 := (~ #68 #68)
 111.133 +#97 := [refl]: #96
 111.134 +#78 := [nnf-pos #97]: #82
 111.135 +#20 := (= #19 #17)
 111.136 +#21 := (forall (vars (?x5 T1) (?x6 T2) (?x7 T3)) #20)
 111.137 +#73 := (iff #21 #72)
 111.138 +#70 := (iff #20 #68)
 111.139 +#71 := [rewrite]: #70
 111.140 +#74 := [quant-intro #71]: #73
 111.141 +#67 := [asserted]: #21
 111.142 +#77 := [mp #67 #74]: #72
 111.143 +#98 := [mp~ #77 #78]: #72
 111.144 +#589 := [mp #98 #588]: #584
 111.145 +#211 := (not #584)
 111.146 +#212 := (or #211 #566)
 111.147 +#213 := [quant-inst]: #212
 111.148 +#414 := [unit-resolution #213 #589]: #566
 111.149 +#416 := [symm #414]: #415
 111.150 +#506 := [monotonicity #416]: #509
 111.151 +#498 := [monotonicity #506]: #502
 111.152 +#492 := [symm #498]: #503
 111.153 +#244 := (= #35 #157)
 111.154 +#158 := (= uf_8 #35)
 111.155 +#248 := (ite #27 #158 #244)
 111.156 +#247 := (or #250 #248)
 111.157 +#245 := (= uf_5 uf_3)
 111.158 +#159 := (ite #245 #158 #244)
 111.159 +#251 := (or #250 #159)
 111.160 +#567 := (iff #251 #247)
 111.161 +#224 := (iff #247 #247)
 111.162 +#356 := [rewrite]: #224
 111.163 +#249 := (iff #159 #248)
 111.164 +#246 := (iff #245 #27)
 111.165 +#237 := [rewrite]: #246
 111.166 +#177 := [monotonicity #237]: #249
 111.167 +#569 := [monotonicity #177]: #567
 111.168 +#563 := [trans #569 #356]: #567
 111.169 +#230 := [quant-inst]: #251
 111.170 +#235 := [mp #230 #563]: #247
 111.171 +#488 := [unit-resolution #235 #581]: #248
 111.172 +#236 := (not #248)
 111.173 +#490 := (or #236 #244)
 111.174 +#80 := [and-elim #75]: #28
 111.175 +#572 := (or #236 #27 #244)
 111.176 +#573 := [def-axiom]: #572
 111.177 +#500 := [unit-resolution #573 #80]: #490
 111.178 +#501 := [unit-resolution #500 #488]: #244
 111.179 +#495 := [trans #501 #492]: #494
 111.180 +#489 := [trans #495 #493]: #37
 111.181 +#38 := (not #37)
 111.182 +#76 := [asserted]: #38
 111.183 +[unit-resolution #76 #489]: false
 111.184 +unsat
   112.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   112.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_05	Tue Oct 20 10:11:30 2009 +0200
   112.3 @@ -0,0 +1,20 @@
   112.4 +(benchmark Isabelle
   112.5 +:extrasorts ( T1 T2 T3)
   112.6 +:extrafuns (
   112.7 +  (uf_6 Int T2)
   112.8 +  (uf_1 T1 T3 T3)
   112.9 +  (uf_4 T3)
  112.10 +  (uf_2 T2 T3 T3)
  112.11 +  (uf_3 T1 T2 T2)
  112.12 +  (uf_7 T2 Int)
  112.13 +  (uf_5 T1)
  112.14 + )
  112.15 +:assumption (forall (?x1 T1) (?x2 T2) (?x3 T3) (= (uf_1 ?x1 (uf_2 ?x2 ?x3)) (uf_2 (uf_3 ?x1 ?x2) (uf_1 ?x1 ?x3))))
  112.16 +:assumption (forall (?x4 T1) (= (uf_1 ?x4 uf_4) uf_4))
  112.17 +:assumption (forall (?x5 T2) (= (uf_3 uf_5 ?x5) (uf_6 (+ (uf_7 ?x5) 1))))
  112.18 +:assumption (forall (?x6 T2) (= (uf_6 (uf_7 ?x6)) ?x6))
  112.19 +:assumption (forall (?x7 Int) (implies (<= 0 ?x7) (= (uf_7 (uf_6 ?x7)) ?x7)))
  112.20 +:assumption (forall (?x8 Int) (implies (< ?x8 0) (= (uf_7 (uf_6 ?x8)) 0)))
  112.21 +:assumption (not (= (uf_1 uf_5 (uf_2 (uf_6 0) (uf_2 (uf_6 1) uf_4))) (uf_2 (uf_6 1) (uf_2 (uf_6 2) uf_4))))
  112.22 +:formula true
  112.23 +)
   113.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   113.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_05.proof	Tue Oct 20 10:11:30 2009 +0200
   113.3 @@ -0,0 +1,464 @@
   113.4 +#2 := false
   113.5 +decl uf_2 :: (-> T2 T3 T3)
   113.6 +decl uf_4 :: T3
   113.7 +#15 := uf_4
   113.8 +decl uf_6 :: (-> int T2)
   113.9 +#48 := 2::int
  113.10 +#49 := (uf_6 2::int)
  113.11 +#50 := (uf_2 #49 uf_4)
  113.12 +#23 := 1::int
  113.13 +#44 := (uf_6 1::int)
  113.14 +#51 := (uf_2 #44 #50)
  113.15 +decl uf_1 :: (-> T1 T3 T3)
  113.16 +#45 := (uf_2 #44 uf_4)
  113.17 +#31 := 0::int
  113.18 +#43 := (uf_6 0::int)
  113.19 +#46 := (uf_2 #43 #45)
  113.20 +decl uf_5 :: T1
  113.21 +#19 := uf_5
  113.22 +#47 := (uf_1 uf_5 #46)
  113.23 +#52 := (= #47 #51)
  113.24 +#266 := (uf_1 uf_5 #45)
  113.25 +decl uf_3 :: (-> T1 T2 T2)
  113.26 +#352 := (uf_3 uf_5 #43)
  113.27 +#267 := (uf_2 #352 #266)
  113.28 +#797 := (= #267 #51)
  113.29 +#795 := (= #51 #267)
  113.30 +#758 := (= #50 #266)
  113.31 +#521 := (uf_1 uf_5 uf_4)
  113.32 +#522 := (uf_3 uf_5 #44)
  113.33 +#523 := (uf_2 #522 #521)
  113.34 +#756 := (= #523 #266)
  113.35 +#616 := (= #266 #523)
  113.36 +#6 := (:var 0 T3)
  113.37 +#4 := (:var 2 T1)
  113.38 +#10 := (uf_1 #4 #6)
  113.39 +#5 := (:var 1 T2)
  113.40 +#9 := (uf_3 #4 #5)
  113.41 +#11 := (uf_2 #9 #10)
  113.42 +#683 := (pattern #11)
  113.43 +#7 := (uf_2 #5 #6)
  113.44 +#8 := (uf_1 #4 #7)
  113.45 +#682 := (pattern #8)
  113.46 +#12 := (= #8 #11)
  113.47 +#684 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3)) (:pat #682 #683) #12)
  113.48 +#13 := (forall (vars (?x1 T1) (?x2 T2) (?x3 T3)) #12)
  113.49 +#687 := (iff #13 #684)
  113.50 +#685 := (iff #12 #12)
  113.51 +#686 := [refl]: #685
  113.52 +#688 := [quant-intro #686]: #687
  113.53 +#195 := (~ #13 #13)
  113.54 +#193 := (~ #12 #12)
  113.55 +#194 := [refl]: #193
  113.56 +#196 := [nnf-pos #194]: #195
  113.57 +#69 := [asserted]: #13
  113.58 +#197 := [mp~ #69 #196]: #13
  113.59 +#689 := [mp #197 #688]: #684
  113.60 +#345 := (not #684)
  113.61 +#604 := (or #345 #616)
  113.62 +#606 := [quant-inst]: #604
  113.63 +#277 := [unit-resolution #606 #689]: #616
  113.64 +#757 := [symm #277]: #756
  113.65 +#754 := (= #50 #523)
  113.66 +#569 := (= uf_4 #521)
  113.67 +#14 := (:var 0 T1)
  113.68 +#16 := (uf_1 #14 uf_4)
  113.69 +#690 := (pattern #16)
  113.70 +#71 := (= uf_4 #16)
  113.71 +#691 := (forall (vars (?x4 T1)) (:pat #690) #71)
  113.72 +#74 := (forall (vars (?x4 T1)) #71)
  113.73 +#694 := (iff #74 #691)
  113.74 +#692 := (iff #71 #71)
  113.75 +#693 := [refl]: #692
  113.76 +#695 := [quant-intro #693]: #694
  113.77 +#180 := (~ #74 #74)
  113.78 +#198 := (~ #71 #71)
  113.79 +#199 := [refl]: #198
  113.80 +#178 := [nnf-pos #199]: #180
  113.81 +#17 := (= #16 uf_4)
  113.82 +#18 := (forall (vars (?x4 T1)) #17)
  113.83 +#75 := (iff #18 #74)
  113.84 +#72 := (iff #17 #71)
  113.85 +#73 := [rewrite]: #72
  113.86 +#76 := [quant-intro #73]: #75
  113.87 +#70 := [asserted]: #18
  113.88 +#79 := [mp #70 #76]: #74
  113.89 +#200 := [mp~ #79 #178]: #74
  113.90 +#696 := [mp #200 #695]: #691
  113.91 +#572 := (not #691)
  113.92 +#573 := (or #572 #569)
  113.93 +#574 := [quant-inst]: #573
  113.94 +#282 := [unit-resolution #574 #696]: #569
  113.95 +#752 := (= #49 #522)
  113.96 +decl uf_7 :: (-> T2 int)
  113.97 +#666 := (uf_7 #44)
  113.98 +#595 := (+ 1::int #666)
  113.99 +#597 := (uf_6 #595)
 113.100 +#748 := (= #597 #522)
 113.101 +#605 := (= #522 #597)
 113.102 +#20 := (:var 0 T2)
 113.103 +#22 := (uf_7 #20)
 113.104 +#698 := (pattern #22)
 113.105 +#21 := (uf_3 uf_5 #20)
 113.106 +#697 := (pattern #21)
 113.107 +#78 := (+ 1::int #22)
 113.108 +#82 := (uf_6 #78)
 113.109 +#85 := (= #21 #82)
 113.110 +#699 := (forall (vars (?x5 T2)) (:pat #697 #698) #85)
 113.111 +#88 := (forall (vars (?x5 T2)) #85)
 113.112 +#702 := (iff #88 #699)
 113.113 +#700 := (iff #85 #85)
 113.114 +#701 := [refl]: #700
 113.115 +#703 := [quant-intro #701]: #702
 113.116 +#181 := (~ #88 #88)
 113.117 +#201 := (~ #85 #85)
 113.118 +#202 := [refl]: #201
 113.119 +#182 := [nnf-pos #202]: #181
 113.120 +#24 := (+ #22 1::int)
 113.121 +#25 := (uf_6 #24)
 113.122 +#26 := (= #21 #25)
 113.123 +#27 := (forall (vars (?x5 T2)) #26)
 113.124 +#89 := (iff #27 #88)
 113.125 +#86 := (iff #26 #85)
 113.126 +#83 := (= #25 #82)
 113.127 +#80 := (= #24 #78)
 113.128 +#81 := [rewrite]: #80
 113.129 +#84 := [monotonicity #81]: #83
 113.130 +#87 := [monotonicity #84]: #86
 113.131 +#90 := [quant-intro #87]: #89
 113.132 +#77 := [asserted]: #27
 113.133 +#93 := [mp #77 #90]: #88
 113.134 +#203 := [mp~ #93 #182]: #88
 113.135 +#704 := [mp #203 #703]: #699
 113.136 +#607 := (not #699)
 113.137 +#600 := (or #607 #605)
 113.138 +#601 := [quant-inst]: #600
 113.139 +#269 := [unit-resolution #601 #704]: #605
 113.140 +#749 := [symm #269]: #748
 113.141 +#750 := (= #49 #597)
 113.142 +#499 := (uf_7 #597)
 113.143 +#337 := (uf_6 #499)
 113.144 +#318 := (= #337 #597)
 113.145 +#28 := (uf_6 #22)
 113.146 +#92 := (= #20 #28)
 113.147 +#705 := (forall (vars (?x6 T2)) (:pat #698) #92)
 113.148 +#96 := (forall (vars (?x6 T2)) #92)
 113.149 +#706 := (iff #96 #705)
 113.150 +#708 := (iff #705 #705)
 113.151 +#709 := [rewrite]: #708
 113.152 +#707 := [rewrite]: #706
 113.153 +#710 := [trans #707 #709]: #706
 113.154 +#183 := (~ #96 #96)
 113.155 +#204 := (~ #92 #92)
 113.156 +#205 := [refl]: #204
 113.157 +#184 := [nnf-pos #205]: #183
 113.158 +#29 := (= #28 #20)
 113.159 +#30 := (forall (vars (?x6 T2)) #29)
 113.160 +#97 := (iff #30 #96)
 113.161 +#94 := (iff #29 #92)
 113.162 +#95 := [rewrite]: #94
 113.163 +#98 := [quant-intro #95]: #97
 113.164 +#91 := [asserted]: #30
 113.165 +#101 := [mp #91 #98]: #96
 113.166 +#206 := [mp~ #101 #184]: #96
 113.167 +#711 := [mp #206 #710]: #705
 113.168 +#376 := (not #705)
 113.169 +#325 := (or #376 #318)
 113.170 +#316 := (= #597 #337)
 113.171 +#326 := (or #376 #316)
 113.172 +#328 := (iff #326 #325)
 113.173 +#329 := (iff #325 #325)
 113.174 +#310 := [rewrite]: #329
 113.175 +#323 := (iff #316 #318)
 113.176 +#324 := [rewrite]: #323
 113.177 +#317 := [monotonicity #324]: #328
 113.178 +#312 := [trans #317 #310]: #328
 113.179 +#327 := [quant-inst]: #326
 113.180 +#313 := [mp #327 #312]: #325
 113.181 +#271 := [unit-resolution #313 #711]: #318
 113.182 +#746 := (= #49 #337)
 113.183 +#744 := (= 2::int #499)
 113.184 +#742 := (= #499 2::int)
 113.185 +#578 := -1::int
 113.186 +#513 := (* -1::int #666)
 113.187 +#514 := (+ #499 #513)
 113.188 +#474 := (<= #514 1::int)
 113.189 +#512 := (= #514 1::int)
 113.190 +#504 := (>= #666 -1::int)
 113.191 +#586 := (>= #666 1::int)
 113.192 +#378 := (= #666 1::int)
 113.193 +#32 := (:var 0 int)
 113.194 +#34 := (uf_6 #32)
 113.195 +#712 := (pattern #34)
 113.196 +#118 := (>= #32 0::int)
 113.197 +#119 := (not #118)
 113.198 +#35 := (uf_7 #34)
 113.199 +#100 := (= #32 #35)
 113.200 +#125 := (or #100 #119)
 113.201 +#713 := (forall (vars (?x7 int)) (:pat #712) #125)
 113.202 +#130 := (forall (vars (?x7 int)) #125)
 113.203 +#716 := (iff #130 #713)
 113.204 +#714 := (iff #125 #125)
 113.205 +#715 := [refl]: #714
 113.206 +#717 := [quant-intro #715]: #716
 113.207 +#185 := (~ #130 #130)
 113.208 +#207 := (~ #125 #125)
 113.209 +#208 := [refl]: #207
 113.210 +#186 := [nnf-pos #208]: #185
 113.211 +#36 := (= #35 #32)
 113.212 +#33 := (<= 0::int #32)
 113.213 +#37 := (implies #33 #36)
 113.214 +#38 := (forall (vars (?x7 int)) #37)
 113.215 +#133 := (iff #38 #130)
 113.216 +#107 := (not #33)
 113.217 +#108 := (or #107 #100)
 113.218 +#113 := (forall (vars (?x7 int)) #108)
 113.219 +#131 := (iff #113 #130)
 113.220 +#128 := (iff #108 #125)
 113.221 +#122 := (or #119 #100)
 113.222 +#126 := (iff #122 #125)
 113.223 +#127 := [rewrite]: #126
 113.224 +#123 := (iff #108 #122)
 113.225 +#120 := (iff #107 #119)
 113.226 +#116 := (iff #33 #118)
 113.227 +#117 := [rewrite]: #116
 113.228 +#121 := [monotonicity #117]: #120
 113.229 +#124 := [monotonicity #121]: #123
 113.230 +#129 := [trans #124 #127]: #128
 113.231 +#132 := [quant-intro #129]: #131
 113.232 +#114 := (iff #38 #113)
 113.233 +#111 := (iff #37 #108)
 113.234 +#104 := (implies #33 #100)
 113.235 +#109 := (iff #104 #108)
 113.236 +#110 := [rewrite]: #109
 113.237 +#105 := (iff #37 #104)
 113.238 +#102 := (iff #36 #100)
 113.239 +#103 := [rewrite]: #102
 113.240 +#106 := [monotonicity #103]: #105
 113.241 +#112 := [trans #106 #110]: #111
 113.242 +#115 := [quant-intro #112]: #114
 113.243 +#134 := [trans #115 #132]: #133
 113.244 +#99 := [asserted]: #38
 113.245 +#135 := [mp #99 #134]: #130
 113.246 +#209 := [mp~ #135 #186]: #130
 113.247 +#718 := [mp #209 #717]: #713
 113.248 +#673 := (not #713)
 113.249 +#365 := (or #673 #378)
 113.250 +#307 := (>= 1::int 0::int)
 113.251 +#668 := (not #307)
 113.252 +#669 := (= 1::int #666)
 113.253 +#655 := (or #669 #668)
 113.254 +#366 := (or #673 #655)
 113.255 +#645 := (iff #366 #365)
 113.256 +#360 := (iff #365 #365)
 113.257 +#643 := [rewrite]: #360
 113.258 +#654 := (iff #655 #378)
 113.259 +#374 := (or #378 false)
 113.260 +#653 := (iff #374 #378)
 113.261 +#650 := [rewrite]: #653
 113.262 +#375 := (iff #655 #374)
 113.263 +#651 := (iff #668 false)
 113.264 +#1 := true
 113.265 +#670 := (not true)
 113.266 +#677 := (iff #670 false)
 113.267 +#678 := [rewrite]: #677
 113.268 +#381 := (iff #668 #670)
 113.269 +#379 := (iff #307 true)
 113.270 +#380 := [rewrite]: #379
 113.271 +#274 := [monotonicity #380]: #381
 113.272 +#652 := [trans #274 #678]: #651
 113.273 +#656 := (iff #669 #378)
 113.274 +#363 := [rewrite]: #656
 113.275 +#649 := [monotonicity #363 #652]: #375
 113.276 +#364 := [trans #649 #650]: #654
 113.277 +#646 := [monotonicity #364]: #645
 113.278 +#647 := [trans #646 #643]: #645
 113.279 +#367 := [quant-inst]: #366
 113.280 +#644 := [mp #367 #647]: #365
 113.281 +#272 := [unit-resolution #644 #718]: #378
 113.282 +#270 := (not #378)
 113.283 +#273 := (or #270 #586)
 113.284 +#725 := [th-lemma]: #273
 113.285 +#726 := [unit-resolution #725 #272]: #586
 113.286 +#727 := (not #586)
 113.287 +#728 := (or #727 #504)
 113.288 +#729 := [th-lemma]: #728
 113.289 +#730 := [unit-resolution #729 #726]: #504
 113.290 +#481 := (not #504)
 113.291 +#496 := (or #673 #481 #512)
 113.292 +#509 := (>= #595 0::int)
 113.293 +#468 := (not #509)
 113.294 +#501 := (= #595 #499)
 113.295 +#503 := (or #501 #468)
 113.296 +#497 := (or #673 #503)
 113.297 +#470 := (iff #497 #496)
 113.298 +#491 := (or #481 #512)
 113.299 +#498 := (or #673 #491)
 113.300 +#467 := (iff #498 #496)
 113.301 +#469 := [rewrite]: #467
 113.302 +#459 := (iff #497 #498)
 113.303 +#494 := (iff #503 #491)
 113.304 +#488 := (or #512 #481)
 113.305 +#492 := (iff #488 #491)
 113.306 +#493 := [rewrite]: #492
 113.307 +#489 := (iff #503 #488)
 113.308 +#486 := (iff #468 #481)
 113.309 +#525 := (iff #509 #504)
 113.310 +#480 := [rewrite]: #525
 113.311 +#487 := [monotonicity #480]: #486
 113.312 +#510 := (iff #501 #512)
 113.313 +#524 := [rewrite]: #510
 113.314 +#490 := [monotonicity #524 #487]: #489
 113.315 +#495 := [trans #490 #493]: #494
 113.316 +#460 := [monotonicity #495]: #459
 113.317 +#471 := [trans #460 #469]: #470
 113.318 +#482 := [quant-inst]: #497
 113.319 +#473 := [mp #482 #471]: #496
 113.320 +#731 := [unit-resolution #473 #718 #730]: #512
 113.321 +#732 := (not #512)
 113.322 +#733 := (or #732 #474)
 113.323 +#734 := [th-lemma]: #733
 113.324 +#735 := [unit-resolution #734 #731]: #474
 113.325 +#475 := (>= #514 1::int)
 113.326 +#736 := (or #732 #475)
 113.327 +#737 := [th-lemma]: #736
 113.328 +#738 := [unit-resolution #737 #731]: #475
 113.329 +#582 := (<= #666 1::int)
 113.330 +#739 := (or #270 #582)
 113.331 +#740 := [th-lemma]: #739
 113.332 +#741 := [unit-resolution #740 #272]: #582
 113.333 +#743 := [th-lemma #726 #741 #738 #735]: #742
 113.334 +#745 := [symm #743]: #744
 113.335 +#747 := [monotonicity #745]: #746
 113.336 +#751 := [trans #747 #271]: #750
 113.337 +#753 := [trans #751 #749]: #752
 113.338 +#755 := [monotonicity #753 #282]: #754
 113.339 +#759 := [trans #755 #757]: #758
 113.340 +#792 := (= #44 #352)
 113.341 +#358 := (uf_7 #43)
 113.342 +#613 := (+ 1::int #358)
 113.343 +#617 := (uf_6 #613)
 113.344 +#788 := (= #617 #352)
 113.345 +#598 := (= #352 #617)
 113.346 +#608 := (or #607 #598)
 113.347 +#609 := [quant-inst]: #608
 113.348 +#760 := [unit-resolution #609 #704]: #598
 113.349 +#789 := [symm #760]: #788
 113.350 +#790 := (= #44 #617)
 113.351 +#575 := (uf_7 #617)
 113.352 +#390 := (uf_6 #575)
 113.353 +#382 := (= #390 #617)
 113.354 +#385 := (or #376 #382)
 113.355 +#392 := (= #617 #390)
 113.356 +#386 := (or #376 #392)
 113.357 +#387 := (iff #386 #385)
 113.358 +#369 := (iff #385 #385)
 113.359 +#370 := [rewrite]: #369
 113.360 +#383 := (iff #392 #382)
 113.361 +#384 := [rewrite]: #383
 113.362 +#368 := [monotonicity #384]: #387
 113.363 +#361 := [trans #368 #370]: #387
 113.364 +#377 := [quant-inst]: #386
 113.365 +#371 := [mp #377 #361]: #385
 113.366 +#761 := [unit-resolution #371 #711]: #382
 113.367 +#786 := (= #44 #390)
 113.368 +#784 := (= 1::int #575)
 113.369 +#782 := (= #575 1::int)
 113.370 +#568 := (* -1::int #575)
 113.371 +#579 := (+ #358 #568)
 113.372 +#535 := (<= #579 -1::int)
 113.373 +#557 := (= #579 -1::int)
 113.374 +#561 := (>= #358 -1::int)
 113.375 +#585 := (>= #358 0::int)
 113.376 +#676 := (= #358 0::int)
 113.377 +#315 := (or #673 #676)
 113.378 +#268 := (>= 0::int 0::int)
 113.379 +#354 := (not #268)
 113.380 +#355 := (= 0::int #358)
 113.381 +#359 := (or #355 #354)
 113.382 +#657 := (or #673 #359)
 113.383 +#320 := (iff #657 #315)
 113.384 +#322 := (iff #315 #315)
 113.385 +#659 := [rewrite]: #322
 113.386 +#672 := (iff #359 #676)
 113.387 +#675 := (or #676 false)
 113.388 +#330 := (iff #675 #676)
 113.389 +#335 := [rewrite]: #330
 113.390 +#681 := (iff #359 #675)
 113.391 +#679 := (iff #354 false)
 113.392 +#343 := (iff #354 #670)
 113.393 +#332 := (iff #268 true)
 113.394 +#463 := [rewrite]: #332
 113.395 +#344 := [monotonicity #463]: #343
 113.396 +#680 := [trans #344 #678]: #679
 113.397 +#338 := (iff #355 #676)
 113.398 +#674 := [rewrite]: #338
 113.399 +#671 := [monotonicity #674 #680]: #681
 113.400 +#331 := [trans #671 #335]: #672
 113.401 +#321 := [monotonicity #331]: #320
 113.402 +#660 := [trans #321 #659]: #320
 113.403 +#319 := [quant-inst]: #657
 113.404 +#661 := [mp #319 #660]: #315
 113.405 +#762 := [unit-resolution #661 #718]: #676
 113.406 +#763 := (not #676)
 113.407 +#764 := (or #763 #585)
 113.408 +#765 := [th-lemma]: #764
 113.409 +#766 := [unit-resolution #765 #762]: #585
 113.410 +#767 := (not #585)
 113.411 +#768 := (or #767 #561)
 113.412 +#769 := [th-lemma]: #768
 113.413 +#770 := [unit-resolution #769 #766]: #561
 113.414 +#564 := (not #561)
 113.415 +#549 := (or #673 #557 #564)
 113.416 +#570 := (>= #613 0::int)
 113.417 +#571 := (not #570)
 113.418 +#576 := (= #613 #575)
 113.419 +#577 := (or #576 #571)
 113.420 +#552 := (or #673 #577)
 113.421 +#530 := (iff #552 #549)
 113.422 +#551 := (or #557 #564)
 113.423 +#554 := (or #673 #551)
 113.424 +#556 := (iff #554 #549)
 113.425 +#529 := [rewrite]: #556
 113.426 +#555 := (iff #552 #554)
 113.427 +#547 := (iff #577 #551)
 113.428 +#559 := (iff #571 #564)
 113.429 +#562 := (iff #570 #561)
 113.430 +#563 := [rewrite]: #562
 113.431 +#565 := [monotonicity #563]: #559
 113.432 +#558 := (iff #576 #557)
 113.433 +#560 := [rewrite]: #558
 113.434 +#548 := [monotonicity #560 #565]: #547
 113.435 +#550 := [monotonicity #548]: #555
 113.436 +#531 := [trans #550 #529]: #530
 113.437 +#553 := [quant-inst]: #552
 113.438 +#424 := [mp #553 #531]: #549
 113.439 +#771 := [unit-resolution #424 #718 #770]: #557
 113.440 +#772 := (not #557)
 113.441 +#773 := (or #772 #535)
 113.442 +#774 := [th-lemma]: #773
 113.443 +#775 := [unit-resolution #774 #771]: #535
 113.444 +#536 := (>= #579 -1::int)
 113.445 +#776 := (or #772 #536)
 113.446 +#777 := [th-lemma]: #776
 113.447 +#778 := [unit-resolution #777 #771]: #536
 113.448 +#584 := (<= #358 0::int)
 113.449 +#779 := (or #763 #584)
 113.450 +#780 := [th-lemma]: #779
 113.451 +#781 := [unit-resolution #780 #762]: #584
 113.452 +#783 := [th-lemma #766 #781 #778 #775]: #782
 113.453 +#785 := [symm #783]: #784
 113.454 +#787 := [monotonicity #785]: #786
 113.455 +#791 := [trans #787 #761]: #790
 113.456 +#793 := [trans #791 #789]: #792
 113.457 +#796 := [monotonicity #793 #759]: #795
 113.458 +#798 := [symm #796]: #797
 113.459 +#353 := (= #47 #267)
 113.460 +#356 := (or #345 #353)
 113.461 +#357 := [quant-inst]: #356
 113.462 +#794 := [unit-resolution #357 #689]: #353
 113.463 +#799 := [trans #794 #798]: #52
 113.464 +#53 := (not #52)
 113.465 +#177 := [asserted]: #53
 113.466 +[unit-resolution #177 #799]: false
 113.467 +unsat
   114.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   114.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_06	Tue Oct 20 10:11:30 2009 +0200
   114.3 @@ -0,0 +1,8 @@
   114.4 +(benchmark Isabelle
   114.5 +:extrasorts ( T1 T2)
   114.6 +:extrapreds (
   114.7 +  (up_1 T1)
   114.8 + )
   114.9 +:assumption (not (or (forall (?x1 T1) (up_1 ?x1)) (not (forall (?x2 T1) (up_1 ?x2)))))
  114.10 +:formula true
  114.11 +)
   115.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   115.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_06.proof	Tue Oct 20 10:11:30 2009 +0200
   115.3 @@ -0,0 +1,21 @@
   115.4 +#2 := false
   115.5 +decl up_1 :: (-> T1 bool)
   115.6 +#4 := (:var 0 T1)
   115.7 +#5 := (up_1 #4)
   115.8 +#6 := (forall (vars (?x1 T1)) #5)
   115.9 +#7 := (not #6)
  115.10 +#8 := (or #6 #7)
  115.11 +#9 := (not #8)
  115.12 +#33 := (iff #9 false)
  115.13 +#1 := true
  115.14 +#28 := (not true)
  115.15 +#31 := (iff #28 false)
  115.16 +#32 := [rewrite]: #31
  115.17 +#29 := (iff #9 #28)
  115.18 +#26 := (iff #8 true)
  115.19 +#27 := [rewrite]: #26
  115.20 +#30 := [monotonicity #27]: #29
  115.21 +#34 := [trans #30 #32]: #33
  115.22 +#25 := [asserted]: #9
  115.23 +[mp #25 #34]: false
  115.24 +unsat
   116.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   116.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_07	Tue Oct 20 10:11:30 2009 +0200
   116.3 @@ -0,0 +1,14 @@
   116.4 +(benchmark Isabelle
   116.5 +:extrasorts ( T1)
   116.6 +:extrafuns (
   116.7 +  (uf_1 Int T1)
   116.8 +  (uf_3 T1 T1)
   116.9 +  (uf_2 T1 Int)
  116.10 + )
  116.11 +:assumption (forall (?x1 T1) (= (uf_1 (uf_2 ?x1)) ?x1))
  116.12 +:assumption (forall (?x2 Int) (implies (<= 0 ?x2) (= (uf_2 (uf_1 ?x2)) ?x2)))
  116.13 +:assumption (forall (?x3 Int) (implies (< ?x3 0) (= (uf_2 (uf_1 ?x3)) 0)))
  116.14 +:assumption (forall (?x4 T1) (= (uf_3 ?x4) (ite (< (uf_2 ?x4) 10) ?x4 (uf_3 (uf_1 (- (uf_2 ?x4) 10))))))
  116.15 +:assumption (not (= (uf_3 (uf_1 (* 4 (uf_2 (uf_3 (uf_1 4)))))) (uf_1 6)))
  116.16 +:formula true
  116.17 +)
   117.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   117.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_07.proof	Tue Oct 20 10:11:30 2009 +0200
   117.3 @@ -0,0 +1,373 @@
   117.4 +#2 := false
   117.5 +decl uf_1 :: (-> int T1)
   117.6 +#37 := 6::int
   117.7 +#38 := (uf_1 6::int)
   117.8 +decl uf_3 :: (-> T1 T1)
   117.9 +decl uf_2 :: (-> T1 int)
  117.10 +#30 := 4::int
  117.11 +#31 := (uf_1 4::int)
  117.12 +#32 := (uf_3 #31)
  117.13 +#33 := (uf_2 #32)
  117.14 +#34 := (* 4::int #33)
  117.15 +#35 := (uf_1 #34)
  117.16 +#36 := (uf_3 #35)
  117.17 +#39 := (= #36 #38)
  117.18 +#548 := (uf_3 #38)
  117.19 +#394 := (= #548 #38)
  117.20 +#549 := (= #38 #548)
  117.21 +#523 := (uf_2 #38)
  117.22 +#142 := -10::int
  117.23 +#513 := (+ -10::int #523)
  117.24 +#537 := (uf_1 #513)
  117.25 +#538 := (uf_3 #537)
  117.26 +#514 := (= #538 #548)
  117.27 +#22 := 10::int
  117.28 +#539 := (>= #523 10::int)
  117.29 +#506 := (ite #539 #514 #549)
  117.30 +#4 := (:var 0 T1)
  117.31 +#21 := (uf_3 #4)
  117.32 +#708 := (pattern #21)
  117.33 +#5 := (uf_2 #4)
  117.34 +#687 := (pattern #5)
  117.35 +#209 := (= #4 #21)
  117.36 +#143 := (+ -10::int #5)
  117.37 +#146 := (uf_1 #143)
  117.38 +#149 := (uf_3 #146)
  117.39 +#208 := (= #21 #149)
  117.40 +#163 := (>= #5 10::int)
  117.41 +#190 := (ite #163 #208 #209)
  117.42 +#709 := (forall (vars (?x4 T1)) (:pat #687 #708) #190)
  117.43 +#193 := (forall (vars (?x4 T1)) #190)
  117.44 +#712 := (iff #193 #709)
  117.45 +#710 := (iff #190 #190)
  117.46 +#711 := [refl]: #710
  117.47 +#713 := [quant-intro #711]: #712
  117.48 +#168 := (ite #163 #149 #4)
  117.49 +#173 := (= #21 #168)
  117.50 +#176 := (forall (vars (?x4 T1)) #173)
  117.51 +#210 := (iff #176 #193)
  117.52 +#191 := (iff #173 #190)
  117.53 +#192 := [rewrite]: #191
  117.54 +#211 := [quant-intro #192]: #210
  117.55 +#188 := (~ #176 #176)
  117.56 +#205 := (~ #173 #173)
  117.57 +#206 := [refl]: #205
  117.58 +#189 := [nnf-pos #206]: #188
  117.59 +#24 := (- #5 10::int)
  117.60 +#25 := (uf_1 #24)
  117.61 +#26 := (uf_3 #25)
  117.62 +#23 := (< #5 10::int)
  117.63 +#27 := (ite #23 #4 #26)
  117.64 +#28 := (= #21 #27)
  117.65 +#29 := (forall (vars (?x4 T1)) #28)
  117.66 +#179 := (iff #29 #176)
  117.67 +#152 := (ite #23 #4 #149)
  117.68 +#155 := (= #21 #152)
  117.69 +#158 := (forall (vars (?x4 T1)) #155)
  117.70 +#177 := (iff #158 #176)
  117.71 +#174 := (iff #155 #173)
  117.72 +#171 := (= #152 #168)
  117.73 +#161 := (not #163)
  117.74 +#165 := (ite #161 #4 #149)
  117.75 +#169 := (= #165 #168)
  117.76 +#170 := [rewrite]: #169
  117.77 +#166 := (= #152 #165)
  117.78 +#162 := (iff #23 #161)
  117.79 +#164 := [rewrite]: #162
  117.80 +#167 := [monotonicity #164]: #166
  117.81 +#172 := [trans #167 #170]: #171
  117.82 +#175 := [monotonicity #172]: #174
  117.83 +#178 := [quant-intro #175]: #177
  117.84 +#159 := (iff #29 #158)
  117.85 +#156 := (iff #28 #155)
  117.86 +#153 := (= #27 #152)
  117.87 +#150 := (= #26 #149)
  117.88 +#147 := (= #25 #146)
  117.89 +#144 := (= #24 #143)
  117.90 +#145 := [rewrite]: #144
  117.91 +#148 := [monotonicity #145]: #147
  117.92 +#151 := [monotonicity #148]: #150
  117.93 +#154 := [monotonicity #151]: #153
  117.94 +#157 := [monotonicity #154]: #156
  117.95 +#160 := [quant-intro #157]: #159
  117.96 +#180 := [trans #160 #178]: #179
  117.97 +#141 := [asserted]: #29
  117.98 +#181 := [mp #141 #180]: #176
  117.99 +#207 := [mp~ #181 #189]: #176
 117.100 +#212 := [mp #207 #211]: #193
 117.101 +#714 := [mp #212 #713]: #709
 117.102 +#681 := (not #709)
 117.103 +#517 := (or #681 #506)
 117.104 +#533 := (= #548 #538)
 117.105 +#507 := (ite #539 #533 #549)
 117.106 +#518 := (or #681 #507)
 117.107 +#529 := (iff #518 #517)
 117.108 +#530 := (iff #517 #517)
 117.109 +#485 := [rewrite]: #530
 117.110 +#508 := (iff #507 #506)
 117.111 +#473 := (iff #533 #514)
 117.112 +#504 := [rewrite]: #473
 117.113 +#515 := [monotonicity #504]: #508
 117.114 +#509 := [monotonicity #515]: #529
 117.115 +#486 := [trans #509 #485]: #529
 117.116 +#519 := [quant-inst]: #518
 117.117 +#491 := [mp #519 #486]: #517
 117.118 +#484 := [unit-resolution #491 #714]: #506
 117.119 +#493 := (not #539)
 117.120 +#465 := (<= #523 6::int)
 117.121 +#526 := (= #523 6::int)
 117.122 +#10 := (:var 0 int)
 117.123 +#12 := (uf_1 #10)
 117.124 +#695 := (pattern #12)
 117.125 +#9 := 0::int
 117.126 +#82 := (>= #10 0::int)
 117.127 +#83 := (not #82)
 117.128 +#13 := (uf_2 #12)
 117.129 +#64 := (= #10 #13)
 117.130 +#89 := (or #64 #83)
 117.131 +#696 := (forall (vars (?x2 int)) (:pat #695) #89)
 117.132 +#94 := (forall (vars (?x2 int)) #89)
 117.133 +#699 := (iff #94 #696)
 117.134 +#697 := (iff #89 #89)
 117.135 +#698 := [refl]: #697
 117.136 +#700 := [quant-intro #698]: #699
 117.137 +#185 := (~ #94 #94)
 117.138 +#199 := (~ #89 #89)
 117.139 +#200 := [refl]: #199
 117.140 +#183 := [nnf-pos #200]: #185
 117.141 +#14 := (= #13 #10)
 117.142 +#11 := (<= 0::int #10)
 117.143 +#15 := (implies #11 #14)
 117.144 +#16 := (forall (vars (?x2 int)) #15)
 117.145 +#97 := (iff #16 #94)
 117.146 +#71 := (not #11)
 117.147 +#72 := (or #71 #64)
 117.148 +#77 := (forall (vars (?x2 int)) #72)
 117.149 +#95 := (iff #77 #94)
 117.150 +#92 := (iff #72 #89)
 117.151 +#86 := (or #83 #64)
 117.152 +#90 := (iff #86 #89)
 117.153 +#91 := [rewrite]: #90
 117.154 +#87 := (iff #72 #86)
 117.155 +#84 := (iff #71 #83)
 117.156 +#80 := (iff #11 #82)
 117.157 +#81 := [rewrite]: #80
 117.158 +#85 := [monotonicity #81]: #84
 117.159 +#88 := [monotonicity #85]: #87
 117.160 +#93 := [trans #88 #91]: #92
 117.161 +#96 := [quant-intro #93]: #95
 117.162 +#78 := (iff #16 #77)
 117.163 +#75 := (iff #15 #72)
 117.164 +#68 := (implies #11 #64)
 117.165 +#73 := (iff #68 #72)
 117.166 +#74 := [rewrite]: #73
 117.167 +#69 := (iff #15 #68)
 117.168 +#66 := (iff #14 #64)
 117.169 +#67 := [rewrite]: #66
 117.170 +#70 := [monotonicity #67]: #69
 117.171 +#76 := [trans #70 #74]: #75
 117.172 +#79 := [quant-intro #76]: #78
 117.173 +#98 := [trans #79 #96]: #97
 117.174 +#63 := [asserted]: #16
 117.175 +#99 := [mp #63 #98]: #94
 117.176 +#201 := [mp~ #99 #183]: #94
 117.177 +#701 := [mp #201 #700]: #696
 117.178 +#671 := (not #696)
 117.179 +#615 := (or #671 #526)
 117.180 +#520 := (>= 6::int 0::int)
 117.181 +#522 := (not #520)
 117.182 +#516 := (= 6::int #523)
 117.183 +#524 := (or #516 #522)
 117.184 +#604 := (or #671 #524)
 117.185 +#606 := (iff #604 #615)
 117.186 +#601 := (iff #615 #615)
 117.187 +#608 := [rewrite]: #601
 117.188 +#614 := (iff #524 #526)
 117.189 +#603 := (or #526 false)
 117.190 +#612 := (iff #603 #526)
 117.191 +#613 := [rewrite]: #612
 117.192 +#600 := (iff #524 #603)
 117.193 +#609 := (iff #522 false)
 117.194 +#1 := true
 117.195 +#327 := (not true)
 117.196 +#666 := (iff #327 false)
 117.197 +#667 := [rewrite]: #666
 117.198 +#618 := (iff #522 #327)
 117.199 +#528 := (iff #520 true)
 117.200 +#621 := [rewrite]: #528
 117.201 +#622 := [monotonicity #621]: #618
 117.202 +#611 := [trans #622 #667]: #609
 117.203 +#525 := (iff #516 #526)
 117.204 +#527 := [rewrite]: #525
 117.205 +#602 := [monotonicity #527 #611]: #600
 117.206 +#610 := [trans #602 #613]: #614
 117.207 +#607 := [monotonicity #610]: #606
 117.208 +#592 := [trans #607 #608]: #606
 117.209 +#605 := [quant-inst]: #604
 117.210 +#593 := [mp #605 #592]: #615
 117.211 +#454 := [unit-resolution #593 #701]: #526
 117.212 +#303 := (not #526)
 117.213 +#462 := (or #303 #465)
 117.214 +#458 := [th-lemma]: #462
 117.215 +#463 := [unit-resolution #458 #454]: #465
 117.216 +#442 := (not #465)
 117.217 +#445 := (or #442 #493)
 117.218 +#449 := [th-lemma]: #445
 117.219 +#451 := [unit-resolution #449 #463]: #493
 117.220 +#492 := (not #506)
 117.221 +#496 := (or #492 #539 #549)
 117.222 +#497 := [def-axiom]: #496
 117.223 +#452 := [unit-resolution #497 #451 #484]: #549
 117.224 +#395 := [symm #452]: #394
 117.225 +#397 := (= #36 #548)
 117.226 +#372 := (uf_2 #35)
 117.227 +#576 := (+ -10::int #372)
 117.228 +#568 := (uf_1 #576)
 117.229 +#569 := (uf_3 #568)
 117.230 +#408 := (= #569 #548)
 117.231 +#401 := (= #568 #38)
 117.232 +#422 := (= #576 6::int)
 117.233 +#677 := (uf_2 #31)
 117.234 +#365 := -1::int
 117.235 +#478 := (* -1::int #677)
 117.236 +#479 := (+ #33 #478)
 117.237 +#480 := (<= #479 0::int)
 117.238 +#476 := (= #33 #677)
 117.239 +#431 := (= #32 #31)
 117.240 +#589 := (= #31 #32)
 117.241 +#590 := (+ -10::int #677)
 117.242 +#587 := (uf_1 #590)
 117.243 +#591 := (uf_3 #587)
 117.244 +#571 := (= #32 #591)
 117.245 +#572 := (>= #677 10::int)
 117.246 +#574 := (ite #572 #571 #589)
 117.247 +#577 := (or #681 #574)
 117.248 +#578 := [quant-inst]: #577
 117.249 +#450 := [unit-resolution #578 #714]: #574
 117.250 +#580 := (not #572)
 117.251 +#552 := (<= #677 4::int)
 117.252 +#324 := (= #677 4::int)
 117.253 +#674 := (or #671 #324)
 117.254 +#343 := (>= 4::int 0::int)
 117.255 +#679 := (not #343)
 117.256 +#336 := (= 4::int #677)
 117.257 +#678 := (or #336 #679)
 117.258 +#660 := (or #671 #678)
 117.259 +#368 := (iff #660 #674)
 117.260 +#384 := (iff #674 #674)
 117.261 +#385 := [rewrite]: #384
 117.262 +#312 := (iff #678 #324)
 117.263 +#669 := (or #324 false)
 117.264 +#672 := (iff #669 #324)
 117.265 +#311 := [rewrite]: #672
 117.266 +#306 := (iff #678 #669)
 117.267 +#668 := (iff #679 false)
 117.268 +#664 := (iff #679 #327)
 117.269 +#325 := (iff #343 true)
 117.270 +#326 := [rewrite]: #325
 117.271 +#665 := [monotonicity #326]: #664
 117.272 +#663 := [trans #665 #667]: #668
 117.273 +#320 := (iff #336 #324)
 117.274 +#662 := [rewrite]: #320
 117.275 +#670 := [monotonicity #662 #663]: #306
 117.276 +#673 := [trans #670 #311]: #312
 117.277 +#383 := [monotonicity #673]: #368
 117.278 +#386 := [trans #383 #385]: #368
 117.279 +#661 := [quant-inst]: #660
 117.280 +#278 := [mp #661 #386]: #674
 117.281 +#453 := [unit-resolution #278 #701]: #324
 117.282 +#441 := (not #324)
 117.283 +#444 := (or #441 #552)
 117.284 +#446 := [th-lemma]: #444
 117.285 +#447 := [unit-resolution #446 #453]: #552
 117.286 +#443 := (not #552)
 117.287 +#448 := (or #443 #580)
 117.288 +#438 := [th-lemma]: #448
 117.289 +#428 := [unit-resolution #438 #447]: #580
 117.290 +#579 := (not #574)
 117.291 +#583 := (or #579 #572 #589)
 117.292 +#573 := [def-axiom]: #583
 117.293 +#430 := [unit-resolution #573 #428 #450]: #589
 117.294 +#434 := [symm #430]: #431
 117.295 +#435 := [monotonicity #434]: #476
 117.296 +#439 := (not #476)
 117.297 +#432 := (or #439 #480)
 117.298 +#440 := [th-lemma]: #432
 117.299 +#433 := [unit-resolution #440 #435]: #480
 117.300 +#481 := (>= #479 0::int)
 117.301 +#436 := (or #439 #481)
 117.302 +#437 := [th-lemma]: #436
 117.303 +#423 := [unit-resolution #437 #435]: #481
 117.304 +#553 := (>= #677 4::int)
 117.305 +#425 := (or #441 #553)
 117.306 +#426 := [th-lemma]: #425
 117.307 +#424 := [unit-resolution #426 #453]: #553
 117.308 +#648 := (* -1::int #372)
 117.309 +#652 := (+ #34 #648)
 117.310 +#631 := (<= #652 0::int)
 117.311 +#649 := (= #652 0::int)
 117.312 +#370 := (>= #34 0::int)
 117.313 +#409 := (not #481)
 117.314 +#427 := (not #553)
 117.315 +#411 := (or #370 #427 #409)
 117.316 +#412 := [th-lemma]: #411
 117.317 +#413 := [unit-resolution #412 #424 #423]: #370
 117.318 +#371 := (not #370)
 117.319 +#640 := (or #371 #649)
 117.320 +#488 := (or #671 #371 #649)
 117.321 +#650 := (= #34 #372)
 117.322 +#651 := (or #650 #371)
 117.323 +#489 := (or #671 #651)
 117.324 +#630 := (iff #489 #488)
 117.325 +#632 := (or #671 #640)
 117.326 +#635 := (iff #632 #488)
 117.327 +#629 := [rewrite]: #635
 117.328 +#633 := (iff #489 #632)
 117.329 +#641 := (iff #651 #640)
 117.330 +#643 := (or #649 #371)
 117.331 +#645 := (iff #643 #640)
 117.332 +#646 := [rewrite]: #645
 117.333 +#644 := (iff #651 #643)
 117.334 +#653 := (iff #650 #649)
 117.335 +#642 := [rewrite]: #653
 117.336 +#639 := [monotonicity #642]: #644
 117.337 +#647 := [trans #639 #646]: #641
 117.338 +#634 := [monotonicity #647]: #633
 117.339 +#636 := [trans #634 #629]: #630
 117.340 +#490 := [quant-inst]: #489
 117.341 +#637 := [mp #490 #636]: #488
 117.342 +#414 := [unit-resolution #637 #701]: #640
 117.343 +#415 := [unit-resolution #414 #413]: #649
 117.344 +#416 := (not #649)
 117.345 +#417 := (or #416 #631)
 117.346 +#418 := [th-lemma]: #417
 117.347 +#419 := [unit-resolution #418 #415]: #631
 117.348 +#638 := (>= #652 0::int)
 117.349 +#420 := (or #416 #638)
 117.350 +#421 := [th-lemma]: #420
 117.351 +#410 := [unit-resolution #421 #415]: #638
 117.352 +#399 := [th-lemma #410 #419 #424 #447 #423 #433]: #422
 117.353 +#402 := [monotonicity #399]: #401
 117.354 +#393 := [monotonicity #402]: #408
 117.355 +#564 := (= #36 #569)
 117.356 +#575 := (= #35 #36)
 117.357 +#570 := (>= #372 10::int)
 117.358 +#556 := (ite #570 #564 #575)
 117.359 +#554 := (or #681 #556)
 117.360 +#557 := [quant-inst]: #554
 117.361 +#403 := [unit-resolution #557 #714]: #556
 117.362 +#404 := (not #631)
 117.363 +#405 := (or #570 #404 #427 #409)
 117.364 +#406 := [th-lemma]: #405
 117.365 +#407 := [unit-resolution #406 #419 #424 #423]: #570
 117.366 +#559 := (not #570)
 117.367 +#558 := (not #556)
 117.368 +#560 := (or #558 #559 #564)
 117.369 +#555 := [def-axiom]: #560
 117.370 +#400 := [unit-resolution #555 #407 #403]: #564
 117.371 +#396 := [trans #400 #393]: #397
 117.372 +#398 := [trans #396 #395]: #39
 117.373 +#40 := (not #39)
 117.374 +#182 := [asserted]: #40
 117.375 +[unit-resolution #182 #398]: false
 117.376 +unsat
   118.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   118.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_08	Tue Oct 20 10:11:30 2009 +0200
   118.3 @@ -0,0 +1,24 @@
   118.4 +(benchmark Isabelle
   118.5 +:extrasorts ( T2 T1 T4 T3)
   118.6 +:extrafuns (
   118.7 +  (uf_3 Int T1)
   118.8 +  (uf_7 T2 T4 T4)
   118.9 +  (uf_1 T2 T1 T1)
  118.10 +  (uf_6 T3 T4 Int)
  118.11 +  (uf_4 T1 Int)
  118.12 +  (uf_5 T2)
  118.13 +  (uf_2 T2)
  118.14 +  (uf_10 Int)
  118.15 +  (uf_8 T3)
  118.16 +  (uf_9 T4)
  118.17 + )
  118.18 +:assumption (forall (?x1 T1) (= (uf_1 uf_2 ?x1) (uf_3 (div (uf_4 ?x1) 2))))
  118.19 +:assumption (forall (?x2 T1) (= (uf_1 uf_5 ?x2) (uf_3 (mod (uf_4 ?x2) 2))))
  118.20 +:assumption (forall (?x3 T1) (= (uf_3 (uf_4 ?x3)) ?x3))
  118.21 +:assumption (forall (?x4 Int) (implies (<= 0 ?x4) (= (uf_4 (uf_3 ?x4)) ?x4)))
  118.22 +:assumption (forall (?x5 Int) (implies (< ?x5 0) (= (uf_4 (uf_3 ?x5)) 0)))
  118.23 +:assumption (forall (?x6 T3) (?x7 T4) (= (mod (uf_6 ?x6 ?x7) 2) (mod (uf_6 ?x6 (uf_7 uf_5 ?x7)) 2)))
  118.24 +:assumption (forall (?x8 T3) (?x9 T4) (= (+ (* (uf_6 ?x8 (uf_7 uf_2 ?x9)) 2) (uf_6 ?x8 (uf_7 uf_5 ?x9))) (uf_6 ?x8 ?x9)))
  118.25 +:assumption (iff (= (uf_6 uf_8 uf_9) uf_10) (implies (= (mod (uf_6 uf_8 (uf_7 uf_5 uf_9)) 2) (mod uf_10 2)) (not (= (uf_6 uf_8 (uf_7 uf_2 uf_9)) (div (- uf_10 (uf_6 uf_8 (uf_7 uf_5 uf_9))) 2)))))
  118.26 +:formula true
  118.27 +)
   119.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   119.2 +++ b/src/HOL/SMT/Examples/cert/z3_hol_08.proof	Tue Oct 20 10:11:30 2009 +0200
   119.3 @@ -0,0 +1,410 @@
   119.4 +#2 := false
   119.5 +#22 := 0::int
   119.6 +decl uf_6 :: (-> T3 T4 int)
   119.7 +decl uf_7 :: (-> T2 T4 T4)
   119.8 +decl uf_9 :: T4
   119.9 +#50 := uf_9
  119.10 +decl uf_2 :: T2
  119.11 +#4 := uf_2
  119.12 +#59 := (uf_7 uf_2 uf_9)
  119.13 +decl uf_8 :: T3
  119.14 +#49 := uf_8
  119.15 +#60 := (uf_6 uf_8 #59)
  119.16 +#204 := -2::int
  119.17 +#683 := (* -2::int #60)
  119.18 +decl uf_5 :: T2
  119.19 +#13 := uf_5
  119.20 +#54 := (uf_7 uf_5 uf_9)
  119.21 +#55 := (uf_6 uf_8 #54)
  119.22 +#172 := -1::int
  119.23 +#218 := (* -1::int #55)
  119.24 +#685 := (+ #218 #683)
  119.25 +#51 := (uf_6 uf_8 uf_9)
  119.26 +#686 := (+ #51 #685)
  119.27 +#679 := (>= #686 0::int)
  119.28 +#687 := (= #686 0::int)
  119.29 +#35 := (:var 0 T4)
  119.30 +#43 := (uf_7 uf_2 #35)
  119.31 +#34 := (:var 1 T3)
  119.32 +#44 := (uf_6 #34 #43)
  119.33 +#819 := (pattern #44)
  119.34 +#38 := (uf_7 uf_5 #35)
  119.35 +#39 := (uf_6 #34 #38)
  119.36 +#812 := (pattern #39)
  119.37 +#205 := (* -2::int #44)
  119.38 +#203 := (* -1::int #39)
  119.39 +#206 := (+ #203 #205)
  119.40 +#36 := (uf_6 #34 #35)
  119.41 +#207 := (+ #36 #206)
  119.42 +#208 := (= #207 0::int)
  119.43 +#820 := (forall (vars (?x8 T3) (?x9 T4)) (:pat #812 #819) #208)
  119.44 +#211 := (forall (vars (?x8 T3) (?x9 T4)) #208)
  119.45 +#823 := (iff #211 #820)
  119.46 +#821 := (iff #208 #208)
  119.47 +#822 := [refl]: #821
  119.48 +#824 := [quant-intro #822]: #823
  119.49 +#279 := (~ #211 #211)
  119.50 +#305 := (~ #208 #208)
  119.51 +#306 := [refl]: #305
  119.52 +#280 := [nnf-pos #306]: #279
  119.53 +#8 := 2::int
  119.54 +#45 := (* #44 2::int)
  119.55 +#46 := (+ #45 #39)
  119.56 +#47 := (= #46 #36)
  119.57 +#48 := (forall (vars (?x8 T3) (?x9 T4)) #47)
  119.58 +#214 := (iff #48 #211)
  119.59 +#171 := (* 2::int #44)
  119.60 +#187 := (+ #39 #171)
  119.61 +#195 := (= #36 #187)
  119.62 +#200 := (forall (vars (?x8 T3) (?x9 T4)) #195)
  119.63 +#212 := (iff #200 #211)
  119.64 +#209 := (iff #195 #208)
  119.65 +#210 := [rewrite]: #209
  119.66 +#213 := [quant-intro #210]: #212
  119.67 +#201 := (iff #48 #200)
  119.68 +#198 := (iff #47 #195)
  119.69 +#192 := (= #187 #36)
  119.70 +#196 := (iff #192 #195)
  119.71 +#197 := [rewrite]: #196
  119.72 +#193 := (iff #47 #192)
  119.73 +#190 := (= #46 #187)
  119.74 +#184 := (+ #171 #39)
  119.75 +#188 := (= #184 #187)
  119.76 +#189 := [rewrite]: #188
  119.77 +#185 := (= #46 #184)
  119.78 +#182 := (= #45 #171)
  119.79 +#183 := [rewrite]: #182
  119.80 +#186 := [monotonicity #183]: #185
  119.81 +#191 := [trans #186 #189]: #190
  119.82 +#194 := [monotonicity #191]: #193
  119.83 +#199 := [trans #194 #197]: #198
  119.84 +#202 := [quant-intro #199]: #201
  119.85 +#215 := [trans #202 #213]: #214
  119.86 +#170 := [asserted]: #48
  119.87 +#216 := [mp #170 #215]: #211
  119.88 +#307 := [mp~ #216 #280]: #211
  119.89 +#825 := [mp #307 #824]: #820
  119.90 +#689 := (not #820)
  119.91 +#675 := (or #689 #687)
  119.92 +#676 := [quant-inst]: #675
  119.93 +#536 := [unit-resolution #676 #825]: #687
  119.94 +#537 := (not #687)
  119.95 +#533 := (or #537 #679)
  119.96 +#538 := [th-lemma]: #533
  119.97 +#528 := [unit-resolution #538 #536]: #679
  119.98 +decl uf_10 :: int
  119.99 +#52 := uf_10
 119.100 +#219 := (+ uf_10 #218)
 119.101 +#222 := (div #219 2::int)
 119.102 +#251 := (* -1::int #222)
 119.103 +#252 := (+ #60 #251)
 119.104 +#449 := (<= #252 0::int)
 119.105 +#399 := (not #449)
 119.106 +#253 := (= #252 0::int)
 119.107 +#256 := (not #253)
 119.108 +#57 := (mod uf_10 2::int)
 119.109 +#243 := (* -1::int #57)
 119.110 +#56 := (mod #55 2::int)
 119.111 +#244 := (+ #56 #243)
 119.112 +#245 := (= #244 0::int)
 119.113 +#448 := (>= #244 0::int)
 119.114 +#688 := (mod #51 2::int)
 119.115 +#666 := (* -1::int #688)
 119.116 +#667 := (+ #56 #666)
 119.117 +#660 := (>= #667 0::int)
 119.118 +#668 := (= #667 0::int)
 119.119 +#40 := (mod #39 2::int)
 119.120 +#173 := (* -1::int #40)
 119.121 +#37 := (mod #36 2::int)
 119.122 +#174 := (+ #37 #173)
 119.123 +#175 := (= #174 0::int)
 119.124 +#813 := (forall (vars (?x6 T3) (?x7 T4)) (:pat #812) #175)
 119.125 +#178 := (forall (vars (?x6 T3) (?x7 T4)) #175)
 119.126 +#816 := (iff #178 #813)
 119.127 +#814 := (iff #175 #175)
 119.128 +#815 := [refl]: #814
 119.129 +#817 := [quant-intro #815]: #816
 119.130 +#277 := (~ #178 #178)
 119.131 +#302 := (~ #175 #175)
 119.132 +#303 := [refl]: #302
 119.133 +#278 := [nnf-pos #303]: #277
 119.134 +#41 := (= #37 #40)
 119.135 +#42 := (forall (vars (?x6 T3) (?x7 T4)) #41)
 119.136 +#179 := (iff #42 #178)
 119.137 +#176 := (iff #41 #175)
 119.138 +#177 := [rewrite]: #176
 119.139 +#180 := [quant-intro #177]: #179
 119.140 +#169 := [asserted]: #42
 119.141 +#181 := [mp #169 #180]: #178
 119.142 +#304 := [mp~ #181 #278]: #178
 119.143 +#818 := [mp #304 #817]: #813
 119.144 +#673 := (not #813)
 119.145 +#663 := (or #673 #668)
 119.146 +#756 := (* -1::int #56)
 119.147 +#684 := (+ #688 #756)
 119.148 +#680 := (= #684 0::int)
 119.149 +#674 := (or #673 #680)
 119.150 +#653 := (iff #674 #663)
 119.151 +#656 := (iff #663 #663)
 119.152 +#657 := [rewrite]: #656
 119.153 +#671 := (iff #680 #668)
 119.154 +#677 := (+ #756 #688)
 119.155 +#662 := (= #677 0::int)
 119.156 +#669 := (iff #662 #668)
 119.157 +#670 := [rewrite]: #669
 119.158 +#664 := (iff #680 #662)
 119.159 +#681 := (= #684 #677)
 119.160 +#661 := [rewrite]: #681
 119.161 +#665 := [monotonicity #661]: #664
 119.162 +#672 := [trans #665 #670]: #671
 119.163 +#655 := [monotonicity #672]: #653
 119.164 +#658 := [trans #655 #657]: #653
 119.165 +#652 := [quant-inst]: #674
 119.166 +#659 := [mp #652 #658]: #663
 119.167 +#394 := [unit-resolution #659 #818]: #668
 119.168 +#552 := (not #668)
 119.169 +#514 := (or #552 #660)
 119.170 +#517 := [th-lemma]: #514
 119.171 +#499 := [unit-resolution #517 #394]: #660
 119.172 +#503 := (not #448)
 119.173 +#414 := [hypothesis]: #503
 119.174 +#561 := (+ #57 #666)
 119.175 +#709 := (<= #561 0::int)
 119.176 +#602 := (= #57 #688)
 119.177 +#468 := (= #688 #57)
 119.178 +#53 := (= #51 uf_10)
 119.179 +#248 := (not #245)
 119.180 +#259 := (or #248 #256)
 119.181 +#362 := (mod #219 2::int)
 119.182 +#699 := (>= #362 0::int)
 119.183 +#1 := true
 119.184 +#81 := [true-axiom]: true
 119.185 +#604 := (or false #699)
 119.186 +#506 := [th-lemma]: #604
 119.187 +#507 := [unit-resolution #506 #81]: #699
 119.188 +#628 := (* -1::int uf_10)
 119.189 +#623 := (+ #51 #628)
 119.190 +#629 := (<= #623 0::int)
 119.191 +#498 := (not #629)
 119.192 +#597 := (>= #623 0::int)
 119.193 +#381 := (not #259)
 119.194 +#508 := [hypothesis]: #381
 119.195 +#450 := (or #259 #245)
 119.196 +#441 := [def-axiom]: #450
 119.197 +#509 := [unit-resolution #441 #508]: #245
 119.198 +#510 := (or #248 #448)
 119.199 +#511 := [th-lemma]: #510
 119.200 +#500 := [unit-resolution #511 #509]: #448
 119.201 +#743 := (div uf_10 2::int)
 119.202 +#723 := (* -2::int #743)
 119.203 +#545 := (* -2::int #688)
 119.204 +#546 := (+ #545 #723)
 119.205 +#646 := (div #51 2::int)
 119.206 +#645 := (* -2::int #646)
 119.207 +#547 := (+ #645 #546)
 119.208 +#605 := (* -2::int #57)
 119.209 +#549 := (+ #605 #547)
 119.210 +#594 := (* 2::int #56)
 119.211 +#550 := (+ #594 #549)
 119.212 +#598 := (* 2::int uf_10)
 119.213 +#551 := (+ #598 #550)
 119.214 +#563 := (>= #551 2::int)
 119.215 +#520 := (not #563)
 119.216 +#361 := (<= #244 0::int)
 119.217 +#512 := (or #248 #361)
 119.218 +#489 := [th-lemma]: #512
 119.219 +#491 := [unit-resolution #489 #509]: #361
 119.220 +#363 := (>= #252 0::int)
 119.221 +#452 := (or #259 #253)
 119.222 +#453 := [def-axiom]: #452
 119.223 +#492 := [unit-resolution #453 #508]: #253
 119.224 +#493 := (or #256 #363)
 119.225 +#494 := [th-lemma]: #493
 119.226 +#495 := [unit-resolution #494 #492]: #363
 119.227 +#556 := (not #361)
 119.228 +#573 := (not #363)
 119.229 +#521 := (or #520 #573 #556)
 119.230 +#703 := (>= #362 2::int)
 119.231 +#704 := (not #703)
 119.232 +#599 := (or false #704)
 119.233 +#620 := [th-lemma]: #599
 119.234 +#575 := [unit-resolution #620 #81]: #704
 119.235 +#654 := (<= #667 0::int)
 119.236 +#548 := (or #552 #654)
 119.237 +#553 := [th-lemma]: #548
 119.238 +#532 := [unit-resolution #553 #394]: #654
 119.239 +#651 := (+ #645 #666)
 119.240 +#624 := (+ #51 #651)
 119.241 +#626 := (<= #624 0::int)
 119.242 +#650 := (= #624 0::int)
 119.243 +#535 := (or false #650)
 119.244 +#539 := [th-lemma]: #535
 119.245 +#541 := [unit-resolution #539 #81]: #650
 119.246 +#542 := (not #650)
 119.247 +#540 := (or #542 #626)
 119.248 +#543 := [th-lemma]: #540
 119.249 +#531 := [unit-resolution #543 #541]: #626
 119.250 +#587 := [hypothesis]: #361
 119.251 +#724 := (+ #243 #723)
 119.252 +#725 := (+ uf_10 #724)
 119.253 +#727 := (<= #725 0::int)
 119.254 +#722 := (= #725 0::int)
 119.255 +#576 := (or false #722)
 119.256 +#581 := [th-lemma]: #576
 119.257 +#582 := [unit-resolution #581 #81]: #722
 119.258 +#583 := (not #722)
 119.259 +#584 := (or #583 #727)
 119.260 +#585 := [th-lemma]: #584
 119.261 +#586 := [unit-resolution #585 #582]: #727
 119.262 +#534 := [hypothesis]: #563
 119.263 +#555 := [hypothesis]: #363
 119.264 +#616 := (* -1::int #362)
 119.265 +#615 := (* -2::int #222)
 119.266 +#617 := (+ #615 #616)
 119.267 +#618 := (+ #218 #617)
 119.268 +#711 := (+ uf_10 #618)
 119.269 +#708 := (<= #711 0::int)
 119.270 +#606 := (= #711 0::int)
 119.271 +#562 := (or false #606)
 119.272 +#564 := [th-lemma]: #562
 119.273 +#565 := [unit-resolution #564 #81]: #606
 119.274 +#566 := (not #606)
 119.275 +#568 := (or #566 #708)
 119.276 +#569 := [th-lemma]: #568
 119.277 +#570 := [unit-resolution #569 #565]: #708
 119.278 +#518 := [th-lemma #570 #555 #528 #534 #586 #587 #531 #532 #575]: false
 119.279 +#524 := [lemma #518]: #521
 119.280 +#496 := [unit-resolution #524 #495 #491]: #520
 119.281 +#504 := (or #597 #563 #503)
 119.282 +#529 := (not #597)
 119.283 +#522 := [hypothesis]: #529
 119.284 +#519 := (>= #624 0::int)
 119.285 +#530 := (or #542 #519)
 119.286 +#523 := [th-lemma]: #530
 119.287 +#526 := [unit-resolution #523 #541]: #519
 119.288 +#527 := [hypothesis]: #448
 119.289 +#721 := (>= #725 0::int)
 119.290 +#513 := (or #583 #721)
 119.291 +#515 := [th-lemma]: #513
 119.292 +#516 := [unit-resolution #515 #582]: #721
 119.293 +#501 := [th-lemma #499 #516 #527 #526 #522]: #563
 119.294 +#525 := [hypothesis]: #520
 119.295 +#502 := [unit-resolution #525 #501]: false
 119.296 +#505 := [lemma #502]: #504
 119.297 +#497 := [unit-resolution #505 #496 #500]: #597
 119.298 +#485 := (or #498 #529)
 119.299 +#558 := (not #53)
 119.300 +#440 := (or #558 #259)
 119.301 +#262 := (iff #53 #259)
 119.302 +#61 := (- uf_10 #55)
 119.303 +#62 := (div #61 2::int)
 119.304 +#63 := (= #60 #62)
 119.305 +#64 := (not #63)
 119.306 +#58 := (= #56 #57)
 119.307 +#65 := (implies #58 #64)
 119.308 +#66 := (iff #53 #65)
 119.309 +#265 := (iff #66 #262)
 119.310 +#225 := (= #60 #222)
 119.311 +#228 := (not #225)
 119.312 +#234 := (not #58)
 119.313 +#235 := (or #234 #228)
 119.314 +#240 := (iff #53 #235)
 119.315 +#263 := (iff #240 #262)
 119.316 +#260 := (iff #235 #259)
 119.317 +#257 := (iff #228 #256)
 119.318 +#254 := (iff #225 #253)
 119.319 +#255 := [rewrite]: #254
 119.320 +#258 := [monotonicity #255]: #257
 119.321 +#249 := (iff #234 #248)
 119.322 +#246 := (iff #58 #245)
 119.323 +#247 := [rewrite]: #246
 119.324 +#250 := [monotonicity #247]: #249
 119.325 +#261 := [monotonicity #250 #258]: #260
 119.326 +#264 := [monotonicity #261]: #263
 119.327 +#241 := (iff #66 #240)
 119.328 +#238 := (iff #65 #235)
 119.329 +#231 := (implies #58 #228)
 119.330 +#236 := (iff #231 #235)
 119.331 +#237 := [rewrite]: #236
 119.332 +#232 := (iff #65 #231)
 119.333 +#229 := (iff #64 #228)
 119.334 +#226 := (iff #63 #225)
 119.335 +#223 := (= #62 #222)
 119.336 +#220 := (= #61 #219)
 119.337 +#221 := [rewrite]: #220
 119.338 +#224 := [monotonicity #221]: #223
 119.339 +#227 := [monotonicity #224]: #226
 119.340 +#230 := [monotonicity #227]: #229
 119.341 +#233 := [monotonicity #230]: #232
 119.342 +#239 := [trans #233 #237]: #238
 119.343 +#242 := [monotonicity #239]: #241
 119.344 +#266 := [trans #242 #264]: #265
 119.345 +#217 := [asserted]: #66
 119.346 +#267 := [mp #217 #266]: #262
 119.347 +#455 := (not #262)
 119.348 +#765 := (or #558 #259 #455)
 119.349 +#439 := [def-axiom]: #765
 119.350 +#772 := [unit-resolution #439 #267]: #440
 119.351 +#490 := [unit-resolution #772 #508]: #558
 119.352 +#483 := (or #53 #498 #529)
 119.353 +#484 := [th-lemma]: #483
 119.354 +#487 := [unit-resolution #484 #490]: #485
 119.355 +#486 := [unit-resolution #487 #497]: #498
 119.356 +#678 := (<= #686 0::int)
 119.357 +#488 := (or #537 #678)
 119.358 +#477 := [th-lemma]: #488
 119.359 +#478 := [unit-resolution #477 #536]: #678
 119.360 +#479 := (or #256 #449)
 119.361 +#471 := [th-lemma]: #479
 119.362 +#480 := [unit-resolution #471 #492]: #449
 119.363 +#712 := (>= #711 0::int)
 119.364 +#481 := (or #566 #712)
 119.365 +#472 := [th-lemma]: #481
 119.366 +#482 := [unit-resolution #472 #565]: #712
 119.367 +#463 := [th-lemma #482 #480 #478 #486 #507]: false
 119.368 +#464 := [lemma #463]: #259
 119.369 +#771 := (or #53 #381)
 119.370 +#434 := (or #53 #381 #455)
 119.371 +#769 := [def-axiom]: #434
 119.372 +#428 := [unit-resolution #769 #267]: #771
 119.373 +#442 := [unit-resolution #428 #464]: #53
 119.374 +#435 := [monotonicity #442]: #468
 119.375 +#437 := [symm #435]: #602
 119.376 +#438 := (not #602)
 119.377 +#419 := (or #438 #709)
 119.378 +#420 := [th-lemma]: #419
 119.379 +#421 := [unit-resolution #420 #437]: #709
 119.380 +#422 := [th-lemma #421 #414 #499]: false
 119.381 +#423 := [lemma #422]: #448
 119.382 +#410 := (or #245 #503)
 119.383 +#611 := (>= #561 0::int)
 119.384 +#682 := (or #438 #611)
 119.385 +#447 := [th-lemma]: #682
 119.386 +#430 := [unit-resolution #447 #437]: #611
 119.387 +#432 := [hypothesis]: #556
 119.388 +#433 := [th-lemma #532 #432 #430]: false
 119.389 +#412 := [lemma #433]: #361
 119.390 +#409 := (or #245 #556 #503)
 119.391 +#407 := [th-lemma]: #409
 119.392 +#398 := [unit-resolution #407 #412]: #410
 119.393 +#400 := [unit-resolution #398 #423]: #245
 119.394 +#454 := (or #381 #248 #256)
 119.395 +#451 := [def-axiom]: #454
 119.396 +#401 := [unit-resolution #451 #464]: #259
 119.397 +#404 := [unit-resolution #401 #400]: #256
 119.398 +#384 := (or #253 #399)
 119.399 +#429 := [hypothesis]: #573
 119.400 +#443 := (or #558 #597)
 119.401 +#444 := [th-lemma]: #443
 119.402 +#445 := [unit-resolution #444 #442]: #597
 119.403 +#446 := [th-lemma #445 #507 #482 #429 #478]: false
 119.404 +#436 := [lemma #446]: #363
 119.405 +#405 := (or #253 #399 #573)
 119.406 +#379 := [th-lemma]: #405
 119.407 +#385 := [unit-resolution #379 #436]: #384
 119.408 +#390 := [unit-resolution #385 #404]: #399
 119.409 +#392 := (or #558 #629)
 119.410 +#393 := [th-lemma]: #392
 119.411 +#395 := [unit-resolution #393 #442]: #629
 119.412 +[th-lemma #395 #575 #570 #390 #528]: false
 119.413 +unsat
   120.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   120.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_01	Tue Oct 20 10:11:30 2009 +0200
   120.3 @@ -0,0 +1,4 @@
   120.4 +(benchmark Isabelle
   120.5 +:assumption (not (= 3 3))
   120.6 +:formula true
   120.7 +)
   121.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   121.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_01.proof	Tue Oct 20 10:11:30 2009 +0200
   121.3 @@ -0,0 +1,17 @@
   121.4 +#2 := false
   121.5 +#4 := 3::int
   121.6 +#5 := (= 3::int 3::int)
   121.7 +#6 := (not #5)
   121.8 +#30 := (iff #6 false)
   121.9 +#1 := true
  121.10 +#25 := (not true)
  121.11 +#28 := (iff #25 false)
  121.12 +#29 := [rewrite]: #28
  121.13 +#26 := (iff #6 #25)
  121.14 +#23 := (iff #5 true)
  121.15 +#24 := [rewrite]: #23
  121.16 +#27 := [monotonicity #24]: #26
  121.17 +#31 := [trans #27 #29]: #30
  121.18 +#22 := [asserted]: #6
  121.19 +[mp #22 #31]: false
  121.20 +unsat
   122.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   122.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_02	Tue Oct 20 10:11:30 2009 +0200
   122.3 @@ -0,0 +1,4 @@
   122.4 +(benchmark Isabelle
   122.5 +:assumption (not (= 3.0 3.0))
   122.6 +:formula true
   122.7 +)
   123.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   123.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_02.proof	Tue Oct 20 10:11:30 2009 +0200
   123.3 @@ -0,0 +1,17 @@
   123.4 +#2 := false
   123.5 +#4 := 3::real
   123.6 +#5 := (= 3::real 3::real)
   123.7 +#6 := (not #5)
   123.8 +#30 := (iff #6 false)
   123.9 +#1 := true
  123.10 +#25 := (not true)
  123.11 +#28 := (iff #25 false)
  123.12 +#29 := [rewrite]: #28
  123.13 +#26 := (iff #6 #25)
  123.14 +#23 := (iff #5 true)
  123.15 +#24 := [rewrite]: #23
  123.16 +#27 := [monotonicity #24]: #26
  123.17 +#31 := [trans #27 #29]: #30
  123.18 +#22 := [asserted]: #6
  123.19 +[mp #22 #31]: false
  123.20 +unsat
   124.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   124.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_03	Tue Oct 20 10:11:30 2009 +0200
   124.3 @@ -0,0 +1,4 @@
   124.4 +(benchmark Isabelle
   124.5 +:assumption (not (= (+ 3 1) 4))
   124.6 +:formula true
   124.7 +)
   125.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   125.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_03.proof	Tue Oct 20 10:11:30 2009 +0200
   125.3 @@ -0,0 +1,26 @@
   125.4 +#2 := false
   125.5 +#7 := 4::int
   125.6 +#5 := 1::int
   125.7 +#4 := 3::int
   125.8 +#6 := (+ 3::int 1::int)
   125.9 +#8 := (= #6 4::int)
  125.10 +#9 := (not #8)
  125.11 +#39 := (iff #9 false)
  125.12 +#1 := true
  125.13 +#34 := (not true)
  125.14 +#37 := (iff #34 false)
  125.15 +#38 := [rewrite]: #37
  125.16 +#35 := (iff #9 #34)
  125.17 +#32 := (iff #8 true)
  125.18 +#27 := (= 4::int 4::int)
  125.19 +#30 := (iff #27 true)
  125.20 +#31 := [rewrite]: #30
  125.21 +#28 := (iff #8 #27)
  125.22 +#26 := [rewrite]: #8
  125.23 +#29 := [monotonicity #26]: #28
  125.24 +#33 := [trans #29 #31]: #32
  125.25 +#36 := [monotonicity #33]: #35
  125.26 +#40 := [trans #36 #38]: #39
  125.27 +#25 := [asserted]: #9
  125.28 +[mp #25 #40]: false
  125.29 +unsat
   126.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   126.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_04	Tue Oct 20 10:11:30 2009 +0200
   126.3 @@ -0,0 +1,9 @@
   126.4 +(benchmark Isabelle
   126.5 +:extrafuns (
   126.6 +  (uf_1 Int)
   126.7 +  (uf_2 Int)
   126.8 +  (uf_3 Int)
   126.9 + )
  126.10 +:assumption (not (= (+ uf_1 (+ uf_2 uf_3)) (+ uf_2 (+ uf_3 uf_1))))
  126.11 +:formula true
  126.12 +)
   127.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   127.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_04.proof	Tue Oct 20 10:11:30 2009 +0200
   127.3 @@ -0,0 +1,41 @@
   127.4 +#2 := false
   127.5 +decl uf_1 :: int
   127.6 +#4 := uf_1
   127.7 +decl uf_3 :: int
   127.8 +#6 := uf_3
   127.9 +#9 := (+ uf_3 uf_1)
  127.10 +decl uf_2 :: int
  127.11 +#5 := uf_2
  127.12 +#10 := (+ uf_2 #9)
  127.13 +#7 := (+ uf_2 uf_3)
  127.14 +#8 := (+ uf_1 #7)
  127.15 +#11 := (= #8 #10)
  127.16 +#12 := (not #11)
  127.17 +#51 := (iff #12 false)
  127.18 +#1 := true
  127.19 +#46 := (not true)
  127.20 +#49 := (iff #46 false)
  127.21 +#50 := [rewrite]: #49
  127.22 +#47 := (iff #12 #46)
  127.23 +#44 := (iff #11 true)
  127.24 +#39 := (= #8 #8)
  127.25 +#42 := (iff #39 true)
  127.26 +#43 := [rewrite]: #42
  127.27 +#40 := (iff #11 #39)
  127.28 +#37 := (= #10 #8)
  127.29 +#29 := (+ uf_1 uf_3)
  127.30 +#32 := (+ uf_2 #29)
  127.31 +#35 := (= #32 #8)
  127.32 +#36 := [rewrite]: #35
  127.33 +#33 := (= #10 #32)
  127.34 +#30 := (= #9 #29)
  127.35 +#31 := [rewrite]: #30
  127.36 +#34 := [monotonicity #31]: #33
  127.37 +#38 := [trans #34 #36]: #37
  127.38 +#41 := [monotonicity #38]: #40
  127.39 +#45 := [trans #41 #43]: #44
  127.40 +#48 := [monotonicity #45]: #47
  127.41 +#52 := [trans #48 #50]: #51
  127.42 +#28 := [asserted]: #12
  127.43 +[mp #28 #52]: false
  127.44 +unsat
   128.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   128.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_05	Tue Oct 20 10:11:30 2009 +0200
   128.3 @@ -0,0 +1,4 @@
   128.4 +(benchmark Isabelle
   128.5 +:assumption (not (< 5 (ite (<= 3 8) 8 3)))
   128.6 +:formula true
   128.7 +)
   129.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   129.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_05.proof	Tue Oct 20 10:11:30 2009 +0200
   129.3 @@ -0,0 +1,35 @@
   129.4 +#2 := false
   129.5 +#5 := 3::int
   129.6 +#6 := 8::int
   129.7 +#7 := (<= 3::int 8::int)
   129.8 +#8 := (ite #7 8::int 3::int)
   129.9 +#4 := 5::int
  129.10 +#9 := (< 5::int #8)
  129.11 +#10 := (not #9)
  129.12 +#50 := (iff #10 false)
  129.13 +#1 := true
  129.14 +#45 := (not true)
  129.15 +#48 := (iff #45 false)
  129.16 +#49 := [rewrite]: #48
  129.17 +#46 := (iff #10 #45)
  129.18 +#43 := (iff #9 true)
  129.19 +#38 := (< 5::int 8::int)
  129.20 +#41 := (iff #38 true)
  129.21 +#42 := [rewrite]: #41
  129.22 +#39 := (iff #9 #38)
  129.23 +#36 := (= #8 8::int)
  129.24 +#31 := (ite true 8::int 3::int)
  129.25 +#34 := (= #31 8::int)
  129.26 +#35 := [rewrite]: #34
  129.27 +#32 := (= #8 #31)
  129.28 +#29 := (iff #7 true)
  129.29 +#30 := [rewrite]: #29
  129.30 +#33 := [monotonicity #30]: #32
  129.31 +#37 := [trans #33 #35]: #36
  129.32 +#40 := [monotonicity #37]: #39
  129.33 +#44 := [trans #40 #42]: #43
  129.34 +#47 := [monotonicity #44]: #46
  129.35 +#51 := [trans #47 #49]: #50
  129.36 +#26 := [asserted]: #10
  129.37 +[mp #26 #51]: false
  129.38 +unsat
   130.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   130.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_06	Tue Oct 20 10:11:30 2009 +0200
   130.3 @@ -0,0 +1,8 @@
   130.4 +(benchmark Isabelle
   130.5 +:extrafuns (
   130.6 +  (uf_1 Real)
   130.7 +  (uf_2 Real)
   130.8 + )
   130.9 +:assumption (not (<= (ite (< (+ uf_1 uf_2) 0.0) (~ (+ uf_1 uf_2)) (+ uf_1 uf_2)) (+ (ite (< uf_1 0.0) (~ uf_1) uf_1) (ite (< uf_2 0.0) (~ uf_2) uf_2))))
  130.10 +:formula true
  130.11 +)
   131.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   131.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_06.proof	Tue Oct 20 10:11:30 2009 +0200
   131.3 @@ -0,0 +1,250 @@
   131.4 +#2 := false
   131.5 +#7 := 0::real
   131.6 +decl uf_2 :: real
   131.7 +#5 := uf_2
   131.8 +#143 := 2::real
   131.9 +#144 := (* 2::real uf_2)
  131.10 +#165 := (<= #144 0::real)
  131.11 +#188 := (not #165)
  131.12 +#88 := (>= uf_2 0::real)
  131.13 +#166 := (or #88 #165)
  131.14 +#191 := (not #166)
  131.15 +decl uf_1 :: real
  131.16 +#4 := uf_1
  131.17 +#76 := (>= uf_1 0::real)
  131.18 +#89 := (not #88)
  131.19 +#146 := (* 2::real uf_1)
  131.20 +#167 := (<= #146 0::real)
  131.21 +#199 := (not #167)
  131.22 +#263 := [hypothesis]: #88
  131.23 +#147 := (+ #146 #144)
  131.24 +#168 := (<= #147 0::real)
  131.25 +#169 := (ite #88 #167 #168)
  131.26 +#194 := (not #169)
  131.27 +#186 := (or #166 #89)
  131.28 +#187 := [def-axiom]: #186
  131.29 +#271 := [unit-resolution #187 #263]: #166
  131.30 +#170 := (ite #76 #166 #169)
  131.31 +#205 := (not #170)
  131.32 +#6 := (+ uf_1 uf_2)
  131.33 +#64 := (>= #6 0::real)
  131.34 +#269 := (or #64 #89)
  131.35 +#65 := (not #64)
  131.36 +#262 := [hypothesis]: #65
  131.37 +#174 := (>= #144 0::real)
  131.38 +#175 := (or #89 #174)
  131.39 +#230 := (not #175)
  131.40 +#257 := [hypothesis]: #230
  131.41 +#225 := (or #175 #88)
  131.42 +#226 := [def-axiom]: #225
  131.43 +#258 := [unit-resolution #226 #257]: #88
  131.44 +#227 := (not #174)
  131.45 +#228 := (or #175 #227)
  131.46 +#229 := [def-axiom]: #228
  131.47 +#259 := [unit-resolution #229 #257]: #227
  131.48 +#260 := [th-lemma #259 #258]: false
  131.49 +#261 := [lemma #260]: #175
  131.50 +#172 := (>= #146 0::real)
  131.51 +#171 := (>= #147 0::real)
  131.52 +#173 := (ite #88 #171 #172)
  131.53 +#176 := (ite #76 #173 #175)
  131.54 +#233 := (not #176)
  131.55 +#264 := (or #64 #233)
  131.56 +#177 := (ite #64 #170 #176)
  131.57 +#182 := (not #177)
  131.58 +#36 := -1::real
  131.59 +#38 := (* -1::real uf_2)
  131.60 +#95 := (ite #88 uf_2 #38)
  131.61 +#107 := (* -1::real #95)
  131.62 +#37 := (* -1::real uf_1)
  131.63 +#83 := (ite #76 uf_1 #37)
  131.64 +#106 := (* -1::real #83)
  131.65 +#108 := (+ #106 #107)
  131.66 +#39 := (+ #37 #38)
  131.67 +#71 := (ite #64 #6 #39)
  131.68 +#109 := (+ #71 #108)
  131.69 +#110 := (<= #109 0::real)
  131.70 +#115 := (not #110)
  131.71 +#183 := (iff #115 #182)
  131.72 +#180 := (iff #110 #177)
  131.73 +#150 := -2::real
  131.74 +#152 := (* -2::real uf_2)
  131.75 +#155 := (ite #88 #152 0::real)
  131.76 +#151 := (* -2::real uf_1)
  131.77 +#153 := (+ #151 #152)
  131.78 +#154 := (ite #88 #153 #151)
  131.79 +#156 := (ite #76 #154 #155)
  131.80 +#148 := (ite #88 #146 #147)
  131.81 +#145 := (ite #88 0::real #144)
  131.82 +#149 := (ite #76 #145 #148)
  131.83 +#157 := (ite #64 #149 #156)
  131.84 +#162 := (<= #157 0::real)
  131.85 +#178 := (iff #162 #177)
  131.86 +#179 := [rewrite]: #178
  131.87 +#163 := (iff #110 #162)
  131.88 +#160 := (= #109 #157)
  131.89 +#133 := (+ uf_1 #38)
  131.90 +#134 := (ite #88 #133 #6)
  131.91 +#131 := (+ #37 uf_2)
  131.92 +#132 := (ite #88 #39 #131)
  131.93 +#135 := (ite #76 #132 #134)
  131.94 +#140 := (+ #71 #135)
  131.95 +#158 := (= #140 #157)
  131.96 +#159 := [rewrite]: #158
  131.97 +#141 := (= #109 #140)
  131.98 +#138 := (= #108 #135)
  131.99 +#125 := (ite #88 #38 uf_2)
 131.100 +#123 := (ite #76 #37 uf_1)
 131.101 +#128 := (+ #123 #125)
 131.102 +#136 := (= #128 #135)
 131.103 +#137 := [rewrite]: #136
 131.104 +#129 := (= #108 #128)
 131.105 +#126 := (= #107 #125)
 131.106 +#127 := [rewrite]: #126
 131.107 +#121 := (= #106 #123)
 131.108 +#124 := [rewrite]: #121
 131.109 +#130 := [monotonicity #124 #127]: #129
 131.110 +#139 := [trans #130 #137]: #138
 131.111 +#142 := [monotonicity #139]: #141
 131.112 +#161 := [trans #142 #159]: #160
 131.113 +#164 := [monotonicity #161]: #163
 131.114 +#181 := [trans #164 #179]: #180
 131.115 +#184 := [monotonicity #181]: #183
 131.116 +#15 := (- uf_2)
 131.117 +#14 := (< uf_2 0::real)
 131.118 +#16 := (ite #14 #15 uf_2)
 131.119 +#12 := (- uf_1)
 131.120 +#11 := (< uf_1 0::real)
 131.121 +#13 := (ite #11 #12 uf_1)
 131.122 +#17 := (+ #13 #16)
 131.123 +#9 := (- #6)
 131.124 +#8 := (< #6 0::real)
 131.125 +#10 := (ite #8 #9 #6)
 131.126 +#18 := (<= #10 #17)
 131.127 +#19 := (not #18)
 131.128 +#118 := (iff #19 #115)
 131.129 +#52 := (ite #14 #38 uf_2)
 131.130 +#47 := (ite #11 #37 uf_1)
 131.131 +#55 := (+ #47 #52)
 131.132 +#42 := (ite #8 #39 #6)
 131.133 +#58 := (<= #42 #55)
 131.134 +#61 := (not #58)
 131.135 +#116 := (iff #61 #115)
 131.136 +#113 := (iff #58 #110)
 131.137 +#100 := (+ #83 #95)
 131.138 +#103 := (<= #71 #100)
 131.139 +#111 := (iff #103 #110)
 131.140 +#112 := [rewrite]: #111
 131.141 +#104 := (iff #58 #103)
 131.142 +#101 := (= #55 #100)
 131.143 +#98 := (= #52 #95)
 131.144 +#92 := (ite #89 #38 uf_2)
 131.145 +#96 := (= #92 #95)
 131.146 +#97 := [rewrite]: #96
 131.147 +#93 := (= #52 #92)
 131.148 +#90 := (iff #14 #89)
 131.149 +#91 := [rewrite]: #90
 131.150 +#94 := [monotonicity #91]: #93
 131.151 +#99 := [trans #94 #97]: #98
 131.152 +#86 := (= #47 #83)
 131.153 +#77 := (not #76)
 131.154 +#80 := (ite #77 #37 uf_1)
 131.155 +#84 := (= #80 #83)
 131.156 +#85 := [rewrite]: #84
 131.157 +#81 := (= #47 #80)
 131.158 +#78 := (iff #11 #77)
 131.159 +#79 := [rewrite]: #78
 131.160 +#82 := [monotonicity #79]: #81
 131.161 +#87 := [trans #82 #85]: #86
 131.162 +#102 := [monotonicity #87 #99]: #101
 131.163 +#74 := (= #42 #71)
 131.164 +#68 := (ite #65 #39 #6)
 131.165 +#72 := (= #68 #71)
 131.166 +#73 := [rewrite]: #72
 131.167 +#69 := (= #42 #68)
 131.168 +#66 := (iff #8 #65)
 131.169 +#67 := [rewrite]: #66
 131.170 +#70 := [monotonicity #67]: #69
 131.171 +#75 := [trans #70 #73]: #74
 131.172 +#105 := [monotonicity #75 #102]: #104
 131.173 +#114 := [trans #105 #112]: #113
 131.174 +#117 := [monotonicity #114]: #116
 131.175 +#62 := (iff #19 #61)
 131.176 +#59 := (iff #18 #58)
 131.177 +#56 := (= #17 #55)
 131.178 +#53 := (= #16 #52)
 131.179 +#50 := (= #15 #38)
 131.180 +#51 := [rewrite]: #50
 131.181 +#54 := [monotonicity #51]: #53
 131.182 +#48 := (= #13 #47)
 131.183 +#45 := (= #12 #37)
 131.184 +#46 := [rewrite]: #45
 131.185 +#49 := [monotonicity #46]: #48
 131.186 +#57 := [monotonicity #49 #54]: #56
 131.187 +#43 := (= #10 #42)
 131.188 +#40 := (= #9 #39)
 131.189 +#41 := [rewrite]: #40
 131.190 +#44 := [monotonicity #41]: #43
 131.191 +#60 := [monotonicity #44 #57]: #59
 131.192 +#63 := [monotonicity #60]: #62
 131.193 +#119 := [trans #63 #117]: #118
 131.194 +#35 := [asserted]: #19
 131.195 +#120 := [mp #35 #119]: #115
 131.196 +#185 := [mp #120 #184]: #182
 131.197 +#248 := (or #177 #64 #233)
 131.198 +#249 := [def-axiom]: #248
 131.199 +#265 := [unit-resolution #249 #185]: #264
 131.200 +#266 := [unit-resolution #265 #262]: #233
 131.201 +#240 := (or #176 #76 #230)
 131.202 +#241 := [def-axiom]: #240
 131.203 +#267 := [unit-resolution #241 #266 #261]: #76
 131.204 +#268 := [th-lemma #267 #263 #262]: false
 131.205 +#270 := [lemma #268]: #269
 131.206 +#272 := [unit-resolution #270 #263]: #64
 131.207 +#273 := (or #65 #205)
 131.208 +#246 := (or #177 #65 #205)
 131.209 +#247 := [def-axiom]: #246
 131.210 +#274 := [unit-resolution #247 #185]: #273
 131.211 +#275 := [unit-resolution #274 #272]: #205
 131.212 +#255 := (or #170 #194 #191)
 131.213 +#250 := [hypothesis]: #169
 131.214 +#251 := [hypothesis]: #205
 131.215 +#252 := [hypothesis]: #166
 131.216 +#210 := (or #170 #77 #191)
 131.217 +#211 := [def-axiom]: #210
 131.218 +#253 := [unit-resolution #211 #251 #252]: #77
 131.219 +#212 := (or #170 #76 #194)
 131.220 +#213 := [def-axiom]: #212
 131.221 +#254 := [unit-resolution #213 #253 #251 #250]: false
 131.222 +#256 := [lemma #254]: #255
 131.223 +#276 := [unit-resolution #256 #275 #271]: #194
 131.224 +#200 := (or #169 #89 #199)
 131.225 +#201 := [def-axiom]: #200
 131.226 +#277 := [unit-resolution #201 #276 #263]: #199
 131.227 +#278 := [unit-resolution #211 #275 #271]: #77
 131.228 +#279 := [th-lemma #278 #277]: false
 131.229 +#280 := [lemma #279]: #89
 131.230 +#281 := [hypothesis]: #77
 131.231 +#282 := [unit-resolution #241 #281 #261]: #176
 131.232 +#283 := [unit-resolution #265 #282]: #64
 131.233 +#284 := [th-lemma #281 #283 #280]: false
 131.234 +#285 := [lemma #284]: #76
 131.235 +#222 := (not #172)
 131.236 +#286 := [hypothesis]: #222
 131.237 +#287 := [th-lemma #285 #286]: false
 131.238 +#288 := [lemma #287]: #172
 131.239 +#223 := (or #173 #88 #222)
 131.240 +#224 := [def-axiom]: #223
 131.241 +#289 := [unit-resolution #224 #288 #280]: #173
 131.242 +#214 := (not #173)
 131.243 +#238 := (or #176 #77 #214)
 131.244 +#239 := [def-axiom]: #238
 131.245 +#290 := [unit-resolution #239 #289 #285]: #176
 131.246 +#291 := [unit-resolution #265 #290]: #64
 131.247 +#292 := [unit-resolution #274 #291]: #205
 131.248 +#293 := [unit-resolution #211 #292 #285]: #191
 131.249 +#189 := (or #166 #188)
 131.250 +#190 := [def-axiom]: #189
 131.251 +#294 := [unit-resolution #190 #293]: #188
 131.252 +[th-lemma #280 #294]: false
 131.253 +unsat
   132.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   132.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_07	Tue Oct 20 10:11:30 2009 +0200
   132.3 @@ -0,0 +1,11 @@
   132.4 +(benchmark Isabelle
   132.5 +:extrasorts ( T2 T1)
   132.6 +:extrafuns (
   132.7 +  (uf_2 T1)
   132.8 +  (uf_1 Int Int T1)
   132.9 +  (uf_3 T1 T2)
  132.10 + )
  132.11 +:assumption (forall (?x1 Int) (?x2 Int) (iff (= (uf_1 ?x1 ?x2) uf_2) (< ?x1 ?x2)))
  132.12 +:assumption (not (= (uf_3 (uf_1 2 3)) (uf_3 uf_2)))
  132.13 +:formula true
  132.14 +)
   133.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   133.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_07.proof	Tue Oct 20 10:11:30 2009 +0200
   133.3 @@ -0,0 +1,105 @@
   133.4 +#2 := false
   133.5 +decl uf_3 :: (-> T1 T2)
   133.6 +decl uf_2 :: T1
   133.7 +#7 := uf_2
   133.8 +#16 := (uf_3 uf_2)
   133.9 +decl uf_1 :: (-> int int T1)
  133.10 +#13 := 3::int
  133.11 +#12 := 2::int
  133.12 +#14 := (uf_1 2::int 3::int)
  133.13 +#15 := (uf_3 #14)
  133.14 +#17 := (= #15 #16)
  133.15 +#516 := (= #16 #15)
  133.16 +#194 := (= uf_2 #14)
  133.17 +#5 := (:var 0 int)
  133.18 +#4 := (:var 1 int)
  133.19 +#6 := (uf_1 #4 #5)
  133.20 +#530 := (pattern #6)
  133.21 +#39 := 0::int
  133.22 +#37 := -1::int
  133.23 +#41 := (* -1::int #5)
  133.24 +#42 := (+ #4 #41)
  133.25 +#40 := (>= #42 0::int)
  133.26 +#38 := (not #40)
  133.27 +#8 := (= #6 uf_2)
  133.28 +#45 := (iff #8 #38)
  133.29 +#531 := (forall (vars (?x1 int) (?x2 int)) (:pat #530) #45)
  133.30 +#48 := (forall (vars (?x1 int) (?x2 int)) #45)
  133.31 +#534 := (iff #48 #531)
  133.32 +#532 := (iff #45 #45)
  133.33 +#533 := [refl]: #532
  133.34 +#535 := [quant-intro #533]: #534
  133.35 +#58 := (~ #48 #48)
  133.36 +#56 := (~ #45 #45)
  133.37 +#57 := [refl]: #56
  133.38 +#59 := [nnf-pos #57]: #58
  133.39 +#9 := (< #4 #5)
  133.40 +#10 := (iff #8 #9)
  133.41 +#11 := (forall (vars (?x1 int) (?x2 int)) #10)
  133.42 +#49 := (iff #11 #48)
  133.43 +#46 := (iff #10 #45)
  133.44 +#43 := (iff #9 #38)
  133.45 +#44 := [rewrite]: #43
  133.46 +#47 := [monotonicity #44]: #46
  133.47 +#50 := [quant-intro #47]: #49
  133.48 +#34 := [asserted]: #11
  133.49 +#51 := [mp #34 #50]: #48
  133.50 +#60 := [mp~ #51 #59]: #48
  133.51 +#536 := [mp #60 #535]: #531
  133.52 +#508 := (not #531)
  133.53 +#509 := (or #508 #194)
  133.54 +#201 := (* -1::int 3::int)
  133.55 +#115 := (+ 2::int #201)
  133.56 +#202 := (>= #115 0::int)
  133.57 +#116 := (not #202)
  133.58 +#114 := (= #14 uf_2)
  133.59 +#203 := (iff #114 #116)
  133.60 +#510 := (or #508 #203)
  133.61 +#506 := (iff #510 #509)
  133.62 +#150 := (iff #509 #509)
  133.63 +#513 := [rewrite]: #150
  133.64 +#171 := (iff #203 #194)
  133.65 +#1 := true
  133.66 +#164 := (iff #194 true)
  133.67 +#169 := (iff #164 #194)
  133.68 +#170 := [rewrite]: #169
  133.69 +#505 := (iff #203 #164)
  133.70 +#180 := (iff #116 true)
  133.71 +#529 := (not false)
  133.72 +#184 := (iff #529 true)
  133.73 +#520 := [rewrite]: #184
  133.74 +#519 := (iff #116 #529)
  133.75 +#528 := (iff #202 false)
  133.76 +#192 := (>= -1::int 0::int)
  133.77 +#526 := (iff #192 false)
  133.78 +#527 := [rewrite]: #526
  133.79 +#193 := (iff #202 #192)
  133.80 +#311 := (= #115 -1::int)
  133.81 +#134 := -3::int
  133.82 +#208 := (+ 2::int -3::int)
  133.83 +#524 := (= #208 -1::int)
  133.84 +#181 := [rewrite]: #524
  133.85 +#187 := (= #115 #208)
  133.86 +#207 := (= #201 -3::int)
  133.87 +#204 := [rewrite]: #207
  133.88 +#522 := [monotonicity #204]: #187
  133.89 +#518 := [trans #522 #181]: #311
  133.90 +#525 := [monotonicity #518]: #193
  133.91 +#523 := [trans #525 #527]: #528
  133.92 +#179 := [monotonicity #523]: #519
  133.93 +#521 := [trans #179 #520]: #180
  133.94 +#205 := (iff #114 #194)
  133.95 +#206 := [rewrite]: #205
  133.96 +#168 := [monotonicity #206 #521]: #505
  133.97 +#507 := [trans #168 #170]: #171
  133.98 +#512 := [monotonicity #507]: #506
  133.99 +#515 := [trans #512 #513]: #506
 133.100 +#511 := [quant-inst]: #510
 133.101 +#155 := [mp #511 #515]: #509
 133.102 +#156 := [unit-resolution #155 #536]: #194
 133.103 +#514 := [monotonicity #156]: #516
 133.104 +#517 := [symm #514]: #17
 133.105 +#18 := (not #17)
 133.106 +#35 := [asserted]: #18
 133.107 +[unit-resolution #35 #517]: false
 133.108 +unsat
   134.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   134.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_08	Tue Oct 20 10:11:30 2009 +0200
   134.3 @@ -0,0 +1,7 @@
   134.4 +(benchmark Isabelle
   134.5 +:extrafuns (
   134.6 +  (uf_1 Int)
   134.7 + )
   134.8 +:assumption (not (or (<= 4 (+ uf_1 3)) (< uf_1 1)))
   134.9 +:formula true
  134.10 +)
   135.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   135.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_08.proof	Tue Oct 20 10:11:30 2009 +0200
   135.3 @@ -0,0 +1,54 @@
   135.4 +#2 := false
   135.5 +#9 := 1::int
   135.6 +decl uf_1 :: int
   135.7 +#5 := uf_1
   135.8 +#10 := (< uf_1 1::int)
   135.9 +#6 := 3::int
  135.10 +#7 := (+ uf_1 3::int)
  135.11 +#4 := 4::int
  135.12 +#8 := (<= 4::int #7)
  135.13 +#11 := (or #8 #10)
  135.14 +#12 := (not #11)
  135.15 +#66 := (iff #12 false)
  135.16 +#29 := (+ 3::int uf_1)
  135.17 +#32 := (<= 4::int #29)
  135.18 +#38 := (or #10 #32)
  135.19 +#43 := (not #38)
  135.20 +#64 := (iff #43 false)
  135.21 +#1 := true
  135.22 +#59 := (not true)
  135.23 +#62 := (iff #59 false)
  135.24 +#63 := [rewrite]: #62
  135.25 +#60 := (iff #43 #59)
  135.26 +#57 := (iff #38 true)
  135.27 +#48 := (>= uf_1 1::int)
  135.28 +#46 := (not #48)
  135.29 +#52 := (or #46 #48)
  135.30 +#55 := (iff #52 true)
  135.31 +#56 := [rewrite]: #55
  135.32 +#53 := (iff #38 #52)
  135.33 +#50 := (iff #32 #48)
  135.34 +#51 := [rewrite]: #50
  135.35 +#47 := (iff #10 #46)
  135.36 +#49 := [rewrite]: #47
  135.37 +#54 := [monotonicity #49 #51]: #53
  135.38 +#58 := [trans #54 #56]: #57
  135.39 +#61 := [monotonicity #58]: #60
  135.40 +#65 := [trans #61 #63]: #64
  135.41 +#44 := (iff #12 #43)
  135.42 +#41 := (iff #11 #38)
  135.43 +#35 := (or #32 #10)
  135.44 +#39 := (iff #35 #38)
  135.45 +#40 := [rewrite]: #39
  135.46 +#36 := (iff #11 #35)
  135.47 +#33 := (iff #8 #32)
  135.48 +#30 := (= #7 #29)
  135.49 +#31 := [rewrite]: #30
  135.50 +#34 := [monotonicity #31]: #33
  135.51 +#37 := [monotonicity #34]: #36
  135.52 +#42 := [trans #37 #40]: #41
  135.53 +#45 := [monotonicity #42]: #44
  135.54 +#67 := [trans #45 #65]: #66
  135.55 +#28 := [asserted]: #12
  135.56 +[mp #28 #67]: false
  135.57 +unsat
   136.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   136.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_09	Tue Oct 20 10:11:30 2009 +0200
   136.3 @@ -0,0 +1,10 @@
   136.4 +(benchmark Isabelle
   136.5 +:extrafuns (
   136.6 +  (uf_1 Int)
   136.7 +  (uf_2 Int)
   136.8 + )
   136.9 +:assumption (<= 3 uf_1)
  136.10 +:assumption (= uf_2 (+ uf_1 4))
  136.11 +:assumption (not (< 0 (- uf_2 uf_1)))
  136.12 +:formula true
  136.13 +)
   137.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   137.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_09.proof	Tue Oct 20 10:11:30 2009 +0200
   137.3 @@ -0,0 +1,63 @@
   137.4 +#2 := false
   137.5 +#11 := 0::int
   137.6 +decl uf_2 :: int
   137.7 +#7 := uf_2
   137.8 +#42 := -1::int
   137.9 +#45 := (* -1::int uf_2)
  137.10 +decl uf_1 :: int
  137.11 +#5 := uf_1
  137.12 +#46 := (+ uf_1 #45)
  137.13 +#63 := (>= #46 0::int)
  137.14 +#83 := (iff #63 false)
  137.15 +#44 := -4::int
  137.16 +#79 := (>= -4::int 0::int)
  137.17 +#81 := (iff #79 false)
  137.18 +#82 := [rewrite]: #81
  137.19 +#77 := (iff #63 #79)
  137.20 +#47 := (= #46 -4::int)
  137.21 +#8 := 4::int
  137.22 +#9 := (+ uf_1 4::int)
  137.23 +#10 := (= uf_2 #9)
  137.24 +#49 := (iff #10 #47)
  137.25 +#32 := (+ 4::int uf_1)
  137.26 +#39 := (= uf_2 #32)
  137.27 +#43 := (iff #39 #47)
  137.28 +#48 := [rewrite]: #43
  137.29 +#40 := (iff #10 #39)
  137.30 +#37 := (= #9 #32)
  137.31 +#38 := [rewrite]: #37
  137.32 +#41 := [monotonicity #38]: #40
  137.33 +#50 := [trans #41 #48]: #49
  137.34 +#31 := [asserted]: #10
  137.35 +#51 := [mp #31 #50]: #47
  137.36 +#80 := [monotonicity #51]: #77
  137.37 +#84 := [trans #80 #82]: #83
  137.38 +#12 := (- uf_2 uf_1)
  137.39 +#13 := (< 0::int #12)
  137.40 +#14 := (not #13)
  137.41 +#74 := (iff #14 #63)
  137.42 +#53 := (* -1::int uf_1)
  137.43 +#54 := (+ #53 uf_2)
  137.44 +#57 := (< 0::int #54)
  137.45 +#60 := (not #57)
  137.46 +#72 := (iff #60 #63)
  137.47 +#64 := (not #63)
  137.48 +#67 := (not #64)
  137.49 +#70 := (iff #67 #63)
  137.50 +#71 := [rewrite]: #70
  137.51 +#68 := (iff #60 #67)
  137.52 +#65 := (iff #57 #64)
  137.53 +#66 := [rewrite]: #65
  137.54 +#69 := [monotonicity #66]: #68
  137.55 +#73 := [trans #69 #71]: #72
  137.56 +#61 := (iff #14 #60)
  137.57 +#58 := (iff #13 #57)
  137.58 +#55 := (= #12 #54)
  137.59 +#56 := [rewrite]: #55
  137.60 +#59 := [monotonicity #56]: #58
  137.61 +#62 := [monotonicity #59]: #61
  137.62 +#75 := [trans #62 #73]: #74
  137.63 +#52 := [asserted]: #14
  137.64 +#76 := [mp #52 #75]: #63
  137.65 +[mp #76 #84]: false
  137.66 +unsat
   138.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   138.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_10	Tue Oct 20 10:11:30 2009 +0200
   138.3 @@ -0,0 +1,4 @@
   138.4 +(benchmark Isabelle
   138.5 +:assumption (not (let (?x1 2) (not (= (+ ?x1 ?x1) 5))))
   138.6 +:formula true
   138.7 +)
   139.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   139.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_10.proof	Tue Oct 20 10:11:30 2009 +0200
   139.3 @@ -0,0 +1,35 @@
   139.4 +#2 := false
   139.5 +#6 := 5::int
   139.6 +#4 := 2::int
   139.7 +#5 := (+ 2::int 2::int)
   139.8 +#7 := (= #5 5::int)
   139.9 +#8 := (not #7)
  139.10 +#9 := (not #8)
  139.11 +#48 := (iff #9 false)
  139.12 +#1 := true
  139.13 +#43 := (not true)
  139.14 +#46 := (iff #43 false)
  139.15 +#47 := [rewrite]: #46
  139.16 +#44 := (iff #9 #43)
  139.17 +#41 := (iff #8 true)
  139.18 +#36 := (not false)
  139.19 +#39 := (iff #36 true)
  139.20 +#40 := [rewrite]: #39
  139.21 +#37 := (iff #8 #36)
  139.22 +#34 := (iff #7 false)
  139.23 +#26 := 4::int
  139.24 +#29 := (= 4::int 5::int)
  139.25 +#32 := (iff #29 false)
  139.26 +#33 := [rewrite]: #32
  139.27 +#30 := (iff #7 #29)
  139.28 +#27 := (= #5 4::int)
  139.29 +#28 := [rewrite]: #27
  139.30 +#31 := [monotonicity #28]: #30
  139.31 +#35 := [trans #31 #33]: #34
  139.32 +#38 := [monotonicity #35]: #37
  139.33 +#42 := [trans #38 #40]: #41
  139.34 +#45 := [monotonicity #42]: #44
  139.35 +#49 := [trans #45 #47]: #48
  139.36 +#25 := [asserted]: #9
  139.37 +[mp #25 #49]: false
  139.38 +unsat
   140.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   140.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_11	Tue Oct 20 10:11:30 2009 +0200
   140.3 @@ -0,0 +1,10 @@
   140.4 +(benchmark Isabelle
   140.5 +:extrafuns (
   140.6 +  (uf_2 Real)
   140.7 +  (uf_1 Real)
   140.8 + )
   140.9 +:assumption (< (+ (* 3.0 uf_1) (* 7.0 uf_2)) 4.0)
  140.10 +:assumption (< 3.0 (* 2.0 uf_1))
  140.11 +:assumption (not (< uf_2 0.0))
  140.12 +:formula true
  140.13 +)
   141.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   141.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_11.proof	Tue Oct 20 10:11:30 2009 +0200
   141.3 @@ -0,0 +1,45 @@
   141.4 +#2 := false
   141.5 +#11 := 4::real
   141.6 +decl uf_2 :: real
   141.7 +#8 := uf_2
   141.8 +#7 := 7::real
   141.9 +#9 := (* 7::real uf_2)
  141.10 +decl uf_1 :: real
  141.11 +#5 := uf_1
  141.12 +#4 := 3::real
  141.13 +#6 := (* 3::real uf_1)
  141.14 +#10 := (+ #6 #9)
  141.15 +#41 := (>= #10 4::real)
  141.16 +#39 := (not #41)
  141.17 +#12 := (< #10 4::real)
  141.18 +#40 := (iff #12 #39)
  141.19 +#37 := [rewrite]: #40
  141.20 +#34 := [asserted]: #12
  141.21 +#38 := [mp #34 #37]: #39
  141.22 +#13 := 2::real
  141.23 +#14 := (* 2::real uf_1)
  141.24 +#43 := (<= #14 3::real)
  141.25 +#44 := (not #43)
  141.26 +#15 := (< 3::real #14)
  141.27 +#45 := (iff #15 #44)
  141.28 +#46 := [rewrite]: #45
  141.29 +#35 := [asserted]: #15
  141.30 +#47 := [mp #35 #46]: #44
  141.31 +#16 := 0::real
  141.32 +#51 := (>= uf_2 0::real)
  141.33 +#17 := (< uf_2 0::real)
  141.34 +#18 := (not #17)
  141.35 +#58 := (iff #18 #51)
  141.36 +#49 := (not #51)
  141.37 +#53 := (not #49)
  141.38 +#56 := (iff #53 #51)
  141.39 +#57 := [rewrite]: #56
  141.40 +#54 := (iff #18 #53)
  141.41 +#50 := (iff #17 #49)
  141.42 +#52 := [rewrite]: #50
  141.43 +#55 := [monotonicity #52]: #54
  141.44 +#59 := [trans #55 #57]: #58
  141.45 +#36 := [asserted]: #18
  141.46 +#60 := [mp #36 #59]: #51
  141.47 +[th-lemma #60 #47 #38]: false
  141.48 +unsat
   142.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   142.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_12	Tue Oct 20 10:11:30 2009 +0200
   142.3 @@ -0,0 +1,8 @@
   142.4 +(benchmark Isabelle
   142.5 +:extrafuns (
   142.6 +  (uf_2 Int)
   142.7 +  (uf_1 Int)
   142.8 + )
   142.9 +:assumption (not (iff (or (<= 0 (+ uf_1 (* (~ 1) uf_2))) (or (not (<= 0 uf_2)) (<= 0 uf_2))) (not false)))
  142.10 +:formula true
  142.11 +)
   143.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   143.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_12.proof	Tue Oct 20 10:11:30 2009 +0200
   143.3 @@ -0,0 +1,59 @@
   143.4 +#2 := false
   143.5 +#16 := (not false)
   143.6 +decl uf_2 :: int
   143.7 +#8 := uf_2
   143.8 +#4 := 0::int
   143.9 +#12 := (<= 0::int uf_2)
  143.10 +#13 := (not #12)
  143.11 +#14 := (or #13 #12)
  143.12 +#6 := 1::int
  143.13 +#7 := (- 1::int)
  143.14 +#9 := (* #7 uf_2)
  143.15 +decl uf_1 :: int
  143.16 +#5 := uf_1
  143.17 +#10 := (+ uf_1 #9)
  143.18 +#11 := (<= 0::int #10)
  143.19 +#15 := (or #11 #14)
  143.20 +#17 := (iff #15 #16)
  143.21 +#18 := (not #17)
  143.22 +#70 := (iff #18 false)
  143.23 +#1 := true
  143.24 +#65 := (not true)
  143.25 +#68 := (iff #65 false)
  143.26 +#69 := [rewrite]: #68
  143.27 +#66 := (iff #18 #65)
  143.28 +#63 := (iff #17 true)
  143.29 +#58 := (iff true true)
  143.30 +#61 := (iff #58 true)
  143.31 +#62 := [rewrite]: #61
  143.32 +#59 := (iff #17 #58)
  143.33 +#56 := (iff #16 true)
  143.34 +#57 := [rewrite]: #56
  143.35 +#54 := (iff #15 true)
  143.36 +#35 := -1::int
  143.37 +#38 := (* -1::int uf_2)
  143.38 +#41 := (+ uf_1 #38)
  143.39 +#44 := (<= 0::int #41)
  143.40 +#49 := (or #44 true)
  143.41 +#52 := (iff #49 true)
  143.42 +#53 := [rewrite]: #52
  143.43 +#50 := (iff #15 #49)
  143.44 +#47 := (iff #14 true)
  143.45 +#48 := [rewrite]: #47
  143.46 +#45 := (iff #11 #44)
  143.47 +#42 := (= #10 #41)
  143.48 +#39 := (= #9 #38)
  143.49 +#36 := (= #7 -1::int)
  143.50 +#37 := [rewrite]: #36
  143.51 +#40 := [monotonicity #37]: #39
  143.52 +#43 := [monotonicity #40]: #42
  143.53 +#46 := [monotonicity #43]: #45
  143.54 +#51 := [monotonicity #46 #48]: #50
  143.55 +#55 := [trans #51 #53]: #54
  143.56 +#60 := [monotonicity #55 #57]: #59
  143.57 +#64 := [trans #60 #62]: #63
  143.58 +#67 := [monotonicity #64]: #66
  143.59 +#71 := [trans #67 #69]: #70
  143.60 +#34 := [asserted]: #18
  143.61 +[mp #34 #71]: false
  143.62 +unsat
   144.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   144.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_13	Tue Oct 20 10:11:30 2009 +0200
   144.3 @@ -0,0 +1,13 @@
   144.4 +(benchmark Isabelle
   144.5 +:extrasorts ( T1)
   144.6 +:extrafuns (
   144.7 +  (uf_2 T1)
   144.8 +  (uf_3 Int Int T1)
   144.9 +  (uf_1 Int Int T1)
  144.10 +  (uf_4 Int)
  144.11 + )
  144.12 +:assumption (forall (?x1 Int) (?x2 Int) (iff (= (uf_1 ?x1 ?x2) uf_2) (<= ?x1 ?x2)))
  144.13 +:assumption (forall (?x3 Int) (?x4 Int) (iff (= (uf_3 ?x3 ?x4) uf_2) (< ?x3 ?x4)))
  144.14 +:assumption (not (distinct (uf_3 uf_4 3) (uf_1 3 uf_4)))
  144.15 +:formula true
  144.16 +)
   145.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   145.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_13.proof	Tue Oct 20 10:11:30 2009 +0200
   145.3 @@ -0,0 +1,212 @@
   145.4 +#2 := false
   145.5 +decl uf_3 :: (-> int int T1)
   145.6 +#18 := 3::int
   145.7 +decl uf_4 :: int
   145.8 +#17 := uf_4
   145.9 +#19 := (uf_3 uf_4 3::int)
  145.10 +decl uf_2 :: T1
  145.11 +#7 := uf_2
  145.12 +#221 := (= uf_2 #19)
  145.13 +decl uf_1 :: (-> int int T1)
  145.14 +#20 := (uf_1 3::int uf_4)
  145.15 +#256 := (= uf_2 #20)
  145.16 +#531 := (iff #256 #221)
  145.17 +#529 := (iff #221 #256)
  145.18 +#87 := (= #19 #20)
  145.19 +#21 := (distinct #19 #20)
  145.20 +#22 := (not #21)
  145.21 +#96 := (iff #22 #87)
  145.22 +#88 := (not #87)
  145.23 +#91 := (not #88)
  145.24 +#94 := (iff #91 #87)
  145.25 +#95 := [rewrite]: #94
  145.26 +#92 := (iff #22 #91)
  145.27 +#89 := (iff #21 #88)
  145.28 +#90 := [rewrite]: #89
  145.29 +#93 := [monotonicity #90]: #92
  145.30 +#97 := [trans #93 #95]: #96
  145.31 +#86 := [asserted]: #22
  145.32 +#100 := [mp #86 #97]: #87
  145.33 +#530 := [monotonicity #100]: #529
  145.34 +#525 := [symm #530]: #531
  145.35 +#548 := (not #221)
  145.36 +#232 := (not #256)
  145.37 +#526 := (iff #232 #548)
  145.38 +#532 := [monotonicity #525]: #526
  145.39 +#536 := [hypothesis]: #232
  145.40 +#533 := [mp #536 #532]: #548
  145.41 +#259 := (>= uf_4 3::int)
  145.42 +#576 := (not #259)
  145.43 +#542 := (or #256 #576)
  145.44 +#257 := (iff #256 #259)
  145.45 +#5 := (:var 0 int)
  145.46 +#4 := (:var 1 int)
  145.47 +#6 := (uf_1 #4 #5)
  145.48 +#583 := (pattern #6)
  145.49 +#44 := 0::int
  145.50 +#41 := -1::int
  145.51 +#42 := (* -1::int #5)
  145.52 +#43 := (+ #4 #42)
  145.53 +#45 := (<= #43 0::int)
  145.54 +#8 := (= #6 uf_2)
  145.55 +#48 := (iff #8 #45)
  145.56 +#584 := (forall (vars (?x1 int) (?x2 int)) (:pat #583) #48)
  145.57 +#51 := (forall (vars (?x1 int) (?x2 int)) #48)
  145.58 +#587 := (iff #51 #584)
  145.59 +#585 := (iff #48 #48)
  145.60 +#586 := [refl]: #585
  145.61 +#588 := [quant-intro #586]: #587
  145.62 +#108 := (~ #51 #51)
  145.63 +#106 := (~ #48 #48)
  145.64 +#107 := [refl]: #106
  145.65 +#109 := [nnf-pos #107]: #108
  145.66 +#9 := (<= #4 #5)
  145.67 +#10 := (iff #8 #9)
  145.68 +#11 := (forall (vars (?x1 int) (?x2 int)) #10)
  145.69 +#52 := (iff #11 #51)
  145.70 +#49 := (iff #10 #48)
  145.71 +#46 := (iff #9 #45)
  145.72 +#47 := [rewrite]: #46
  145.73 +#50 := [monotonicity #47]: #49
  145.74 +#53 := [quant-intro #50]: #52
  145.75 +#38 := [asserted]: #11
  145.76 +#54 := [mp #38 #53]: #51
  145.77 +#110 := [mp~ #54 #109]: #51
  145.78 +#589 := [mp #110 #588]: #584
  145.79 +#575 := (not #584)
  145.80 +#577 := (or #575 #257)
  145.81 +#167 := (* -1::int uf_4)
  145.82 +#254 := (+ 3::int #167)
  145.83 +#168 := (<= #254 0::int)
  145.84 +#255 := (= #20 uf_2)
  145.85 +#169 := (iff #255 #168)
  145.86 +#234 := (or #575 #169)
  145.87 +#571 := (iff #234 #577)
  145.88 +#246 := (iff #577 #577)
  145.89 +#578 := [rewrite]: #246
  145.90 +#261 := (iff #169 #257)
  145.91 +#187 := (iff #168 #259)
  145.92 +#260 := [rewrite]: #187
  145.93 +#247 := (iff #255 #256)
  145.94 +#258 := [rewrite]: #247
  145.95 +#240 := [monotonicity #258 #260]: #261
  145.96 +#245 := [monotonicity #240]: #571
  145.97 +#579 := [trans #245 #578]: #571
  145.98 +#364 := [quant-inst]: #234
  145.99 +#580 := [mp #364 #579]: #577
 145.100 +#541 := [unit-resolution #580 #589]: #257
 145.101 +#581 := (not #257)
 145.102 +#582 := (or #581 #256 #576)
 145.103 +#572 := [def-axiom]: #582
 145.104 +#537 := [unit-resolution #572 #541]: #542
 145.105 +#543 := [unit-resolution #537 #536]: #576
 145.106 +#385 := (or #221 #259)
 145.107 +#552 := (iff #221 #576)
 145.108 +#12 := (uf_3 #4 #5)
 145.109 +#590 := (pattern #12)
 145.110 +#69 := (>= #43 0::int)
 145.111 +#68 := (not #69)
 145.112 +#40 := (= uf_2 #12)
 145.113 +#75 := (iff #40 #68)
 145.114 +#591 := (forall (vars (?x3 int) (?x4 int)) (:pat #590) #75)
 145.115 +#80 := (forall (vars (?x3 int) (?x4 int)) #75)
 145.116 +#594 := (iff #80 #591)
 145.117 +#592 := (iff #75 #75)
 145.118 +#593 := [refl]: #592
 145.119 +#595 := [quant-intro #593]: #594
 145.120 +#101 := (~ #80 #80)
 145.121 +#111 := (~ #75 #75)
 145.122 +#112 := [refl]: #111
 145.123 +#98 := [nnf-pos #112]: #101
 145.124 +#14 := (< #4 #5)
 145.125 +#13 := (= #12 uf_2)
 145.126 +#15 := (iff #13 #14)
 145.127 +#16 := (forall (vars (?x3 int) (?x4 int)) #15)
 145.128 +#83 := (iff #16 #80)
 145.129 +#60 := (iff #14 #40)
 145.130 +#65 := (forall (vars (?x3 int) (?x4 int)) #60)
 145.131 +#81 := (iff #65 #80)
 145.132 +#78 := (iff #60 #75)
 145.133 +#72 := (iff #68 #40)
 145.134 +#76 := (iff #72 #75)
 145.135 +#77 := [rewrite]: #76
 145.136 +#73 := (iff #60 #72)
 145.137 +#70 := (iff #14 #68)
 145.138 +#71 := [rewrite]: #70
 145.139 +#74 := [monotonicity #71]: #73
 145.140 +#79 := [trans #74 #77]: #78
 145.141 +#82 := [quant-intro #79]: #81
 145.142 +#66 := (iff #16 #65)
 145.143 +#63 := (iff #15 #60)
 145.144 +#57 := (iff #40 #14)
 145.145 +#61 := (iff #57 #60)
 145.146 +#62 := [rewrite]: #61
 145.147 +#58 := (iff #15 #57)
 145.148 +#55 := (iff #13 #40)
 145.149 +#56 := [rewrite]: #55
 145.150 +#59 := [monotonicity #56]: #58
 145.151 +#64 := [trans #59 #62]: #63
 145.152 +#67 := [quant-intro #64]: #66
 145.153 +#84 := [trans #67 #82]: #83
 145.154 +#39 := [asserted]: #16
 145.155 +#85 := [mp #39 #84]: #80
 145.156 +#113 := [mp~ #85 #98]: #80
 145.157 +#596 := [mp #113 #595]: #591
 145.158 +#276 := (not #591)
 145.159 +#550 := (or #276 #552)
 145.160 +#222 := (* -1::int 3::int)
 145.161 +#223 := (+ uf_4 #222)
 145.162 +#224 := (>= #223 0::int)
 145.163 +#560 := (not #224)
 145.164 +#561 := (iff #221 #560)
 145.165 +#554 := (or #276 #561)
 145.166 +#555 := (iff #554 #550)
 145.167 +#266 := (iff #550 #550)
 145.168 +#267 := [rewrite]: #266
 145.169 +#553 := (iff #561 #552)
 145.170 +#282 := (iff #560 #576)
 145.171 +#280 := (iff #224 #259)
 145.172 +#562 := -3::int
 145.173 +#566 := (+ -3::int uf_4)
 145.174 +#567 := (>= #566 0::int)
 145.175 +#557 := (iff #567 #259)
 145.176 +#279 := [rewrite]: #557
 145.177 +#570 := (iff #224 #567)
 145.178 +#209 := (= #223 #566)
 145.179 +#559 := (+ uf_4 -3::int)
 145.180 +#568 := (= #559 #566)
 145.181 +#208 := [rewrite]: #568
 145.182 +#565 := (= #223 #559)
 145.183 +#563 := (= #222 -3::int)
 145.184 +#564 := [rewrite]: #563
 145.185 +#203 := [monotonicity #564]: #565
 145.186 +#569 := [trans #203 #208]: #209
 145.187 +#556 := [monotonicity #569]: #570
 145.188 +#281 := [trans #556 #279]: #280
 145.189 +#175 := [monotonicity #281]: #282
 145.190 +#275 := [monotonicity #175]: #553
 145.191 +#265 := [monotonicity #275]: #555
 145.192 +#268 := [trans #265 #267]: #555
 145.193 +#551 := [quant-inst]: #554
 145.194 +#546 := [mp #551 #268]: #550
 145.195 +#384 := [unit-resolution #546 #596]: #552
 145.196 +#547 := (not #552)
 145.197 +#262 := (or #547 #221 #259)
 145.198 +#544 := [def-axiom]: #262
 145.199 +#386 := [unit-resolution #544 #384]: #385
 145.200 +#528 := [unit-resolution #386 #543]: #221
 145.201 +#527 := [unit-resolution #528 #533]: false
 145.202 +#534 := [lemma #527]: #256
 145.203 +#523 := [mp #534 #525]: #221
 145.204 +#363 := (or #232 #259)
 145.205 +#237 := (or #581 #232 #259)
 145.206 +#573 := [def-axiom]: #237
 145.207 +#365 := [unit-resolution #573 #541]: #363
 145.208 +#366 := [unit-resolution #365 #534]: #259
 145.209 +#519 := (or #548 #576)
 145.210 +#545 := (or #547 #548 #576)
 145.211 +#549 := [def-axiom]: #545
 145.212 +#520 := [unit-resolution #549 #384]: #519
 145.213 +#522 := [unit-resolution #520 #366]: #548
 145.214 +[unit-resolution #522 #523]: false
 145.215 +unsat
   146.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   146.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_14	Tue Oct 20 10:11:30 2009 +0200
   146.3 @@ -0,0 +1,8 @@
   146.4 +(benchmark Isabelle
   146.5 +:extrafuns (
   146.6 +  (uf_1 Int)
   146.7 + )
   146.8 +:assumption (< 0 uf_1)
   146.9 +:assumption (not (distinct uf_1 (* uf_1 2) (- uf_1 uf_1)))
  146.10 +:formula true
  146.11 +)
   147.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   147.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_14.proof	Tue Oct 20 10:11:30 2009 +0200
   147.3 @@ -0,0 +1,86 @@
   147.4 +#2 := false
   147.5 +decl uf_1 :: int
   147.6 +#5 := uf_1
   147.7 +#7 := 2::int
   147.8 +#29 := (* 2::int uf_1)
   147.9 +#4 := 0::int
  147.10 +#54 := (= 0::int #29)
  147.11 +#55 := (not #54)
  147.12 +#61 := (= #29 0::int)
  147.13 +#104 := (not #61)
  147.14 +#110 := (iff #104 #55)
  147.15 +#108 := (iff #61 #54)
  147.16 +#109 := [commutativity]: #108
  147.17 +#111 := [monotonicity #109]: #110
  147.18 +#62 := (<= #29 0::int)
  147.19 +#100 := (not #62)
  147.20 +#30 := (<= uf_1 0::int)
  147.21 +#31 := (not #30)
  147.22 +#6 := (< 0::int uf_1)
  147.23 +#32 := (iff #6 #31)
  147.24 +#33 := [rewrite]: #32
  147.25 +#27 := [asserted]: #6
  147.26 +#34 := [mp #27 #33]: #31
  147.27 +#101 := (or #100 #30)
  147.28 +#102 := [th-lemma]: #101
  147.29 +#103 := [unit-resolution #102 #34]: #100
  147.30 +#105 := (or #104 #62)
  147.31 +#106 := [th-lemma]: #105
  147.32 +#107 := [unit-resolution #106 #103]: #104
  147.33 +#112 := [mp #107 #111]: #55
  147.34 +#56 := (= uf_1 #29)
  147.35 +#57 := (not #56)
  147.36 +#53 := (= 0::int uf_1)
  147.37 +#50 := (not #53)
  147.38 +#58 := (and #50 #55 #57)
  147.39 +#69 := (not #58)
  147.40 +#42 := (distinct 0::int uf_1 #29)
  147.41 +#47 := (not #42)
  147.42 +#9 := (- uf_1 uf_1)
  147.43 +#8 := (* uf_1 2::int)
  147.44 +#10 := (distinct uf_1 #8 #9)
  147.45 +#11 := (not #10)
  147.46 +#48 := (iff #11 #47)
  147.47 +#45 := (iff #10 #42)
  147.48 +#39 := (distinct uf_1 #29 0::int)
  147.49 +#43 := (iff #39 #42)
  147.50 +#44 := [rewrite]: #43
  147.51 +#40 := (iff #10 #39)
  147.52 +#37 := (= #9 0::int)
  147.53 +#38 := [rewrite]: #37
  147.54 +#35 := (= #8 #29)
  147.55 +#36 := [rewrite]: #35
  147.56 +#41 := [monotonicity #36 #38]: #40
  147.57 +#46 := [trans #41 #44]: #45
  147.58 +#49 := [monotonicity #46]: #48
  147.59 +#28 := [asserted]: #11
  147.60 +#52 := [mp #28 #49]: #47
  147.61 +#80 := (or #42 #69)
  147.62 +#81 := [def-axiom]: #80
  147.63 +#82 := [unit-resolution #81 #52]: #69
  147.64 +#59 := (= uf_1 0::int)
  147.65 +#83 := (not #59)
  147.66 +#89 := (iff #83 #50)
  147.67 +#87 := (iff #59 #53)
  147.68 +#88 := [commutativity]: #87
  147.69 +#90 := [monotonicity #88]: #89
  147.70 +#84 := (or #83 #30)
  147.71 +#85 := [th-lemma]: #84
  147.72 +#86 := [unit-resolution #85 #34]: #83
  147.73 +#91 := [mp #86 #90]: #50
  147.74 +#64 := -1::int
  147.75 +#65 := (* -1::int #29)
  147.76 +#66 := (+ uf_1 #65)
  147.77 +#68 := (>= #66 0::int)
  147.78 +#92 := (not #68)
  147.79 +#93 := (or #92 #30)
  147.80 +#94 := [th-lemma]: #93
  147.81 +#95 := [unit-resolution #94 #34]: #92
  147.82 +#96 := (or #57 #68)
  147.83 +#97 := [th-lemma]: #96
  147.84 +#98 := [unit-resolution #97 #95]: #57
  147.85 +#76 := (or #58 #53 #54 #56)
  147.86 +#77 := [def-axiom]: #76
  147.87 +#99 := [unit-resolution #77 #98 #91 #82]: #54
  147.88 +[unit-resolution #99 #112]: false
  147.89 +unsat
   148.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   148.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_15	Tue Oct 20 10:11:30 2009 +0200
   148.3 @@ -0,0 +1,9 @@
   148.4 +(benchmark Isabelle
   148.5 +:extrafuns (
   148.6 +  (uf_2 Int)
   148.7 +  (uf_1 Int)
   148.8 +  (uf_3 Int)
   148.9 + )
  148.10 +:assumption (not (or (and (< uf_1 uf_2) (< uf_2 uf_3)) (or (and (< uf_1 uf_2) (= uf_2 uf_3)) (or (and (< uf_1 uf_3) (< uf_3 uf_2)) (or (and (= uf_1 uf_3) (< uf_3 uf_2)) (or (and (= uf_1 uf_2) (< uf_2 uf_3)) (or (and (< uf_3 uf_2) (< uf_2 uf_1)) (or (and (< uf_3 uf_2) (= uf_2 uf_1)) (or (and (< uf_3 uf_1) (< uf_1 uf_2)) (or (and (= uf_3 uf_1) (< uf_1 uf_2)) (or (and (= uf_3 uf_2) (< uf_2 uf_1)) (or (and (< uf_2 uf_1) (< uf_1 uf_3)) (or (and (< uf_2 uf_1) (= uf_3 uf_1)) (or (and (< uf_2 uf_3) (< uf_3 uf_1)) (or (and (= uf_2 uf_1) (< uf_1 uf_3)) (or (and (= uf_2 uf_3) (< uf_3 uf_1)) (and (= uf_3 uf_2) (= uf_2 uf_1))))))))))))))))))
  148.11 +:formula true
  148.12 +)
   149.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   149.2 +++ b/src/HOL/SMT/Examples/cert/z3_linarith_15.proof	Tue Oct 20 10:11:30 2009 +0200
   149.3 @@ -0,0 +1,673 @@
   149.4 +#2 := false
   149.5 +#169 := 0::int
   149.6 +decl uf_2 :: int
   149.7 +#5 := uf_2
   149.8 +#166 := -1::int
   149.9 +#202 := (* -1::int uf_2)
  149.10 +decl uf_1 :: int
  149.11 +#4 := uf_1
  149.12 +#203 := (+ uf_1 #202)
  149.13 +#218 := (>= #203 0::int)
  149.14 +decl uf_3 :: int
  149.15 +#7 := uf_3
  149.16 +#167 := (* -1::int uf_3)
  149.17 +#168 := (+ uf_1 #167)
  149.18 +#178 := (>= #168 0::int)
  149.19 +#217 := (not #218)
  149.20 +#204 := (<= #203 0::int)
  149.21 +#205 := (not #204)
  149.22 +#692 := [hypothesis]: #205
  149.23 +#177 := (not #178)
  149.24 +#693 := (or #177 #204)
  149.25 +#170 := (<= #168 0::int)
  149.26 +#191 := (+ uf_2 #167)
  149.27 +#237 := (<= #191 0::int)
  149.28 +#238 := (not #237)
  149.29 +#171 := (not #170)
  149.30 +#685 := [hypothesis]: #171
  149.31 +#190 := (>= #191 0::int)
  149.32 +#455 := (or #170 #190)
  149.33 +#189 := (not #190)
  149.34 +#197 := (and #171 #189)
  149.35 +#354 := (not #197)
  149.36 +#464 := (iff #354 #455)
  149.37 +#456 := (not #455)
  149.38 +#459 := (not #456)
  149.39 +#462 := (iff #459 #455)
  149.40 +#463 := [rewrite]: #462
  149.41 +#460 := (iff #354 #459)
  149.42 +#457 := (iff #197 #456)
  149.43 +#458 := [rewrite]: #457
  149.44 +#461 := [monotonicity #458]: #460
  149.45 +#465 := [trans #461 #463]: #464
  149.46 +#287 := (and #189 #217)
  149.47 +#10 := (= uf_2 uf_3)
  149.48 +#279 := (and #10 #217)
  149.49 +#273 := (and #177 #238)
  149.50 +#15 := (= uf_1 uf_3)
  149.51 +#268 := (and #15 #238)
  149.52 +#17 := (= uf_1 uf_2)
  149.53 +#260 := (and #17 #189)
  149.54 +#252 := (and #205 #238)
  149.55 +#244 := (and #17 #238)
  149.56 +#232 := (and #171 #217)
  149.57 +#224 := (and #15 #217)
  149.58 +#214 := (and #10 #205)
  149.59 +#211 := (and #177 #205)
  149.60 +#208 := (and #15 #205)
  149.61 +#184 := (and #17 #177)
  149.62 +#174 := (and #10 #171)
  149.63 +#115 := (and #10 #17)
  149.64 +#337 := (or #115 #174 #184 #197 #208 #211 #214 #224 #232 #244 #252 #260 #268 #273 #279 #287)
  149.65 +#342 := (not #337)
  149.66 +#21 := (= uf_2 uf_1)
  149.67 +#27 := (= uf_3 uf_2)
  149.68 +#34 := (and #27 #21)
  149.69 +#23 := (< uf_3 uf_1)
  149.70 +#33 := (and #10 #23)
  149.71 +#35 := (or #33 #34)
  149.72 +#12 := (< uf_1 uf_3)
  149.73 +#32 := (and #21 #12)
  149.74 +#36 := (or #32 #35)
  149.75 +#8 := (< uf_2 uf_3)
  149.76 +#31 := (and #8 #23)
  149.77 +#37 := (or #31 #36)
  149.78 +#25 := (= uf_3 uf_1)
  149.79 +#19 := (< uf_2 uf_1)
  149.80 +#30 := (and #19 #25)
  149.81 +#38 := (or #30 #37)
  149.82 +#29 := (and #19 #12)
  149.83 +#39 := (or #29 #38)
  149.84 +#28 := (and #27 #19)
  149.85 +#40 := (or #28 #39)
  149.86 +#6 := (< uf_1 uf_2)
  149.87 +#26 := (and #25 #6)
  149.88 +#41 := (or #26 #40)
  149.89 +#24 := (and #23 #6)
  149.90 +#42 := (or #24 #41)
  149.91 +#13 := (< uf_3 uf_2)
  149.92 +#22 := (and #13 #21)
  149.93 +#43 := (or #22 #42)
  149.94 +#20 := (and #13 #19)
  149.95 +#44 := (or #20 #43)
  149.96 +#18 := (and #17 #8)
  149.97 +#45 := (or #18 #44)
  149.98 +#16 := (and #15 #13)
  149.99 +#46 := (or #16 #45)
 149.100 +#14 := (and #12 #13)
 149.101 +#47 := (or #14 #46)
 149.102 +#11 := (and #6 #10)
 149.103 +#48 := (or #11 #47)
 149.104 +#9 := (and #6 #8)
 149.105 +#49 := (or #9 #48)
 149.106 +#50 := (not #49)
 149.107 +#345 := (iff #50 #342)
 149.108 +#118 := (or #33 #115)
 149.109 +#110 := (and #12 #17)
 149.110 +#121 := (or #110 #118)
 149.111 +#124 := (or #31 #121)
 149.112 +#102 := (and #15 #19)
 149.113 +#127 := (or #102 #124)
 149.114 +#96 := (and #12 #19)
 149.115 +#130 := (or #96 #127)
 149.116 +#93 := (and #10 #19)
 149.117 +#133 := (or #93 #130)
 149.118 +#86 := (and #6 #15)
 149.119 +#136 := (or #86 #133)
 149.120 +#78 := (and #6 #23)
 149.121 +#139 := (or #78 #136)
 149.122 +#75 := (and #13 #17)
 149.123 +#142 := (or #75 #139)
 149.124 +#145 := (or #20 #142)
 149.125 +#70 := (and #8 #17)
 149.126 +#148 := (or #70 #145)
 149.127 +#67 := (and #13 #15)
 149.128 +#151 := (or #67 #148)
 149.129 +#154 := (or #14 #151)
 149.130 +#157 := (or #11 #154)
 149.131 +#160 := (or #9 #157)
 149.132 +#163 := (not #160)
 149.133 +#343 := (iff #163 #342)
 149.134 +#340 := (iff #160 #337)
 149.135 +#292 := (or #174 #115)
 149.136 +#295 := (or #184 #292)
 149.137 +#298 := (or #197 #295)
 149.138 +#301 := (or #208 #298)
 149.139 +#304 := (or #211 #301)
 149.140 +#307 := (or #214 #304)
 149.141 +#310 := (or #224 #307)
 149.142 +#313 := (or #232 #310)
 149.143 +#316 := (or #244 #313)
 149.144 +#319 := (or #252 #316)
 149.145 +#322 := (or #260 #319)
 149.146 +#325 := (or #268 #322)
 149.147 +#328 := (or #273 #325)
 149.148 +#331 := (or #279 #328)
 149.149 +#334 := (or #287 #331)
 149.150 +#338 := (iff #334 #337)
 149.151 +#339 := [rewrite]: #338
 149.152 +#335 := (iff #160 #334)
 149.153 +#332 := (iff #157 #331)
 149.154 +#329 := (iff #154 #328)
 149.155 +#326 := (iff #151 #325)
 149.156 +#323 := (iff #148 #322)
 149.157 +#320 := (iff #145 #319)
 149.158 +#317 := (iff #142 #316)
 149.159 +#314 := (iff #139 #313)
 149.160 +#311 := (iff #136 #310)
 149.161 +#308 := (iff #133 #307)
 149.162 +#305 := (iff #130 #304)
 149.163 +#302 := (iff #127 #301)
 149.164 +#299 := (iff #124 #298)
 149.165 +#296 := (iff #121 #295)
 149.166 +#293 := (iff #118 #292)
 149.167 +#175 := (iff #33 #174)
 149.168 +#172 := (iff #23 #171)
 149.169 +#173 := [rewrite]: #172
 149.170 +#176 := [monotonicity #173]: #175
 149.171 +#294 := [monotonicity #176]: #293
 149.172 +#187 := (iff #110 #184)
 149.173 +#181 := (and #177 #17)
 149.174 +#185 := (iff #181 #184)
 149.175 +#186 := [rewrite]: #185
 149.176 +#182 := (iff #110 #181)
 149.177 +#179 := (iff #12 #177)
 149.178 +#180 := [rewrite]: #179
 149.179 +#183 := [monotonicity #180]: #182
 149.180 +#188 := [trans #183 #186]: #187
 149.181 +#297 := [monotonicity #188 #294]: #296
 149.182 +#200 := (iff #31 #197)
 149.183 +#194 := (and #189 #171)
 149.184 +#198 := (iff #194 #197)
 149.185 +#199 := [rewrite]: #198
 149.186 +#195 := (iff #31 #194)
 149.187 +#192 := (iff #8 #189)
 149.188 +#193 := [rewrite]: #192
 149.189 +#196 := [monotonicity #193 #173]: #195
 149.190 +#201 := [trans #196 #199]: #200
 149.191 +#300 := [monotonicity #201 #297]: #299
 149.192 +#209 := (iff #102 #208)
 149.193 +#206 := (iff #19 #205)
 149.194 +#207 := [rewrite]: #206
 149.195 +#210 := [monotonicity #207]: #209
 149.196 +#303 := [monotonicity #210 #300]: #302
 149.197 +#212 := (iff #96 #211)
 149.198 +#213 := [monotonicity #180 #207]: #212
 149.199 +#306 := [monotonicity #213 #303]: #305
 149.200 +#215 := (iff #93 #214)
 149.201 +#216 := [monotonicity #207]: #215
 149.202 +#309 := [monotonicity #216 #306]: #308
 149.203 +#227 := (iff #86 #224)
 149.204 +#221 := (and #217 #15)
 149.205 +#225 := (iff #221 #224)
 149.206 +#226 := [rewrite]: #225
 149.207 +#222 := (iff #86 #221)
 149.208 +#219 := (iff #6 #217)
 149.209 +#220 := [rewrite]: #219
 149.210 +#223 := [monotonicity #220]: #222
 149.211 +#228 := [trans #223 #226]: #227
 149.212 +#312 := [monotonicity #228 #309]: #311
 149.213 +#235 := (iff #78 #232)
 149.214 +#229 := (and #217 #171)
 149.215 +#233 := (iff #229 #232)
 149.216 +#234 := [rewrite]: #233
 149.217 +#230 := (iff #78 #229)
 149.218 +#231 := [monotonicity #220 #173]: #230
 149.219 +#236 := [trans #231 #234]: #235
 149.220 +#315 := [monotonicity #236 #312]: #314
 149.221 +#247 := (iff #75 #244)
 149.222 +#241 := (and #238 #17)
 149.223 +#245 := (iff #241 #244)
 149.224 +#246 := [rewrite]: #245
 149.225 +#242 := (iff #75 #241)
 149.226 +#239 := (iff #13 #238)
 149.227 +#240 := [rewrite]: #239
 149.228 +#243 := [monotonicity #240]: #242
 149.229 +#248 := [trans #243 #246]: #247
 149.230 +#318 := [monotonicity #248 #315]: #317
 149.231 +#255 := (iff #20 #252)
 149.232 +#249 := (and #238 #205)
 149.233 +#253 := (iff #249 #252)
 149.234 +#254 := [rewrite]: #253
 149.235 +#250 := (iff #20 #249)
 149.236 +#251 := [monotonicity #240 #207]: #250
 149.237 +#256 := [trans #251 #254]: #255
 149.238 +#321 := [monotonicity #256 #318]: #320
 149.239 +#263 := (iff #70 #260)
 149.240 +#257 := (and #189 #17)
 149.241 +#261 := (iff #257 #260)
 149.242 +#262 := [rewrite]: #261
 149.243 +#258 := (iff #70 #257)
 149.244 +#259 := [monotonicity #193]: #258
 149.245 +#264 := [trans #259 #262]: #263
 149.246 +#324 := [monotonicity #264 #321]: #323
 149.247 +#271 := (iff #67 #268)
 149.248 +#265 := (and #238 #15)
 149.249 +#269 := (iff #265 #268)
 149.250 +#270 := [rewrite]: #269
 149.251 +#266 := (iff #67 #265)
 149.252 +#267 := [monotonicity #240]: #266
 149.253 +#272 := [trans #267 #270]: #271
 149.254 +#327 := [monotonicity #272 #324]: #326
 149.255 +#274 := (iff #14 #273)
 149.256 +#275 := [monotonicity #180 #240]: #274
 149.257 +#330 := [monotonicity #275 #327]: #329
 149.258 +#282 := (iff #11 #279)
 149.259 +#276 := (and #217 #10)
 149.260 +#280 := (iff #276 #279)
 149.261 +#281 := [rewrite]: #280
 149.262 +#277 := (iff #11 #276)
 149.263 +#278 := [monotonicity #220]: #277
 149.264 +#283 := [trans #278 #281]: #282
 149.265 +#333 := [monotonicity #283 #330]: #332
 149.266 +#290 := (iff #9 #287)
 149.267 +#284 := (and #217 #189)
 149.268 +#288 := (iff #284 #287)
 149.269 +#289 := [rewrite]: #288
 149.270 +#285 := (iff #9 #284)
 149.271 +#286 := [monotonicity #220 #193]: #285
 149.272 +#291 := [trans #286 #289]: #290
 149.273 +#336 := [monotonicity #291 #333]: #335
 149.274 +#341 := [trans #336 #339]: #340
 149.275 +#344 := [monotonicity #341]: #343
 149.276 +#164 := (iff #50 #163)
 149.277 +#161 := (iff #49 #160)
 149.278 +#158 := (iff #48 #157)
 149.279 +#155 := (iff #47 #154)
 149.280 +#152 := (iff #46 #151)
 149.281 +#149 := (iff #45 #148)
 149.282 +#146 := (iff #44 #145)
 149.283 +#143 := (iff #43 #142)
 149.284 +#140 := (iff #42 #139)
 149.285 +#137 := (iff #41 #136)
 149.286 +#134 := (iff #40 #133)
 149.287 +#131 := (iff #39 #130)
 149.288 +#128 := (iff #38 #127)
 149.289 +#125 := (iff #37 #124)
 149.290 +#122 := (iff #36 #121)
 149.291 +#119 := (iff #35 #118)
 149.292 +#116 := (iff #34 #115)
 149.293 +#73 := (iff #21 #17)
 149.294 +#74 := [rewrite]: #73
 149.295 +#91 := (iff #27 #10)
 149.296 +#92 := [rewrite]: #91
 149.297 +#117 := [monotonicity #92 #74]: #116
 149.298 +#120 := [monotonicity #117]: #119
 149.299 +#113 := (iff #32 #110)
 149.300 +#107 := (and #17 #12)
 149.301 +#111 := (iff #107 #110)
 149.302 +#112 := [rewrite]: #111
 149.303 +#108 := (iff #32 #107)
 149.304 +#109 := [monotonicity #74]: #108
 149.305 +#114 := [trans #109 #112]: #113
 149.306 +#123 := [monotonicity #114 #120]: #122
 149.307 +#126 := [monotonicity #123]: #125
 149.308 +#105 := (iff #30 #102)
 149.309 +#99 := (and #19 #15)
 149.310 +#103 := (iff #99 #102)
 149.311 +#104 := [rewrite]: #103
 149.312 +#100 := (iff #30 #99)
 149.313 +#81 := (iff #25 #15)
 149.314 +#82 := [rewrite]: #81
 149.315 +#101 := [monotonicity #82]: #100
 149.316 +#106 := [trans #101 #104]: #105
 149.317 +#129 := [monotonicity #106 #126]: #128
 149.318 +#97 := (iff #29 #96)
 149.319 +#98 := [rewrite]: #97
 149.320 +#132 := [monotonicity #98 #129]: #131
 149.321 +#94 := (iff #28 #93)
 149.322 +#95 := [monotonicity #92]: #94
 149.323 +#135 := [monotonicity #95 #132]: #134
 149.324 +#89 := (iff #26 #86)
 149.325 +#83 := (and #15 #6)
 149.326 +#87 := (iff #83 #86)
 149.327 +#88 := [rewrite]: #87
 149.328 +#84 := (iff #26 #83)
 149.329 +#85 := [monotonicity #82]: #84
 149.330 +#90 := [trans #85 #88]: #89
 149.331 +#138 := [monotonicity #90 #135]: #137
 149.332 +#79 := (iff #24 #78)
 149.333 +#80 := [rewrite]: #79
 149.334 +#141 := [monotonicity #80 #138]: #140
 149.335 +#76 := (iff #22 #75)
 149.336 +#77 := [monotonicity #74]: #76
 149.337 +#144 := [monotonicity #77 #141]: #143
 149.338 +#147 := [monotonicity #144]: #146
 149.339 +#71 := (iff #18 #70)
 149.340 +#72 := [rewrite]: #71
 149.341 +#150 := [monotonicity #72 #147]: #149
 149.342 +#68 := (iff #16 #67)
 149.343 +#69 := [rewrite]: #68
 149.344 +#153 := [monotonicity #69 #150]: #152
 149.345 +#156 := [monotonicity #153]: #155
 149.346 +#159 := [monotonicity #156]: #158
 149.347 +#162 := [monotonicity #159]: #161
 149.348 +#165 := [monotonicity #162]: #164
 149.349 +#346 := [trans #165 #344]: #345
 149.350 +#66 := [asserted]: #50
 149.351 +#347 := [mp #66 #346]: #342
 149.352 +#355 := [not-or-elim #347]: #354
 149.353 +#466 := [mp #355 #465]: #455
 149.354 +#686 := [unit-resolution #466 #685]: #190
 149.355 +#427 := (or #170 #189 #238)
 149.356 +#350 := (not #174)
 149.357 +#430 := (iff #350 #427)
 149.358 +#382 := (or #189 #238)
 149.359 +#414 := (or #170 #382)
 149.360 +#428 := (iff #414 #427)
 149.361 +#429 := [rewrite]: #428
 149.362 +#425 := (iff #350 #414)
 149.363 +#415 := (not #414)
 149.364 +#420 := (not #415)
 149.365 +#423 := (iff #420 #414)
 149.366 +#424 := [rewrite]: #423
 149.367 +#421 := (iff #350 #420)
 149.368 +#418 := (iff #174 #415)
 149.369 +#380 := (not #382)
 149.370 +#411 := (and #380 #171)
 149.371 +#416 := (iff #411 #415)
 149.372 +#417 := [rewrite]: #416
 149.373 +#412 := (iff #174 #411)
 149.374 +#383 := (iff #10 #380)
 149.375 +#384 := [rewrite]: #383
 149.376 +#413 := [monotonicity #384]: #412
 149.377 +#419 := [trans #413 #417]: #418
 149.378 +#422 := [monotonicity #419]: #421
 149.379 +#426 := [trans #422 #424]: #425
 149.380 +#431 := [trans #426 #429]: #430
 149.381 +#351 := [not-or-elim #347]: #350
 149.382 +#432 := [mp #351 #431]: #427
 149.383 +#687 := [unit-resolution #432 #686 #685]: #238
 149.384 +#549 := (or #170 #218)
 149.385 +#364 := (not #232)
 149.386 +#558 := (iff #364 #549)
 149.387 +#550 := (not #549)
 149.388 +#553 := (not #550)
 149.389 +#556 := (iff #553 #549)
 149.390 +#557 := [rewrite]: #556
 149.391 +#554 := (iff #364 #553)
 149.392 +#551 := (iff #232 #550)
 149.393 +#552 := [rewrite]: #551
 149.394 +#555 := [monotonicity #552]: #554
 149.395 +#559 := [trans #555 #557]: #558
 149.396 +#365 := [not-or-elim #347]: #364
 149.397 +#560 := [mp #365 #559]: #549
 149.398 +#688 := [unit-resolution #560 #685]: #218
 149.399 +#577 := (or #205 #217 #237)
 149.400 +#366 := (not #244)
 149.401 +#580 := (iff #366 #577)
 149.402 +#385 := (or #205 #217)
 149.403 +#564 := (or #237 #385)
 149.404 +#578 := (iff #564 #577)
 149.405 +#579 := [rewrite]: #578
 149.406 +#575 := (iff #366 #564)
 149.407 +#565 := (not #564)
 149.408 +#570 := (not #565)
 149.409 +#573 := (iff #570 #564)
 149.410 +#574 := [rewrite]: #573
 149.411 +#571 := (iff #366 #570)
 149.412 +#568 := (iff #244 #565)
 149.413 +#386 := (not #385)
 149.414 +#561 := (and #386 #238)
 149.415 +#566 := (iff #561 #565)
 149.416 +#567 := [rewrite]: #566
 149.417 +#562 := (iff #244 #561)
 149.418 +#387 := (iff #17 #386)
 149.419 +#388 := [rewrite]: #387
 149.420 +#563 := [monotonicity #388]: #562
 149.421 +#569 := [trans #563 #567]: #568
 149.422 +#572 := [monotonicity #569]: #571
 149.423 +#576 := [trans #572 #574]: #575
 149.424 +#581 := [trans #576 #579]: #580
 149.425 +#367 := [not-or-elim #347]: #366
 149.426 +#582 := [mp #367 #581]: #577
 149.427 +#689 := [unit-resolution #582 #688 #687]: #205
 149.428 +#583 := (or #204 #237)
 149.429 +#368 := (not #252)
 149.430 +#592 := (iff #368 #583)
 149.431 +#584 := (not #583)
 149.432 +#587 := (not #584)
 149.433 +#590 := (iff #587 #583)
 149.434 +#591 := [rewrite]: #590
 149.435 +#588 := (iff #368 #587)
 149.436 +#585 := (iff #252 #584)
 149.437 +#586 := [rewrite]: #585
 149.438 +#589 := [monotonicity #586]: #588
 149.439 +#593 := [trans #589 #591]: #592
 149.440 +#369 := [not-or-elim #347]: #368
 149.441 +#594 := [mp #369 #593]: #583
 149.442 +#690 := [unit-resolution #594 #689 #687]: false
 149.443 +#691 := [lemma #690]: #170
 149.444 +#487 := (or #171 #177 #204)
 149.445 +#356 := (not #208)
 149.446 +#490 := (iff #356 #487)
 149.447 +#467 := (or #171 #177)
 149.448 +#474 := (or #204 #467)
 149.449 +#488 := (iff #474 #487)
 149.450 +#489 := [rewrite]: #488
 149.451 +#485 := (iff #356 #474)
 149.452 +#475 := (not #474)
 149.453 +#480 := (not #475)
 149.454 +#483 := (iff #480 #474)
 149.455 +#484 := [rewrite]: #483
 149.456 +#481 := (iff #356 #480)
 149.457 +#478 := (iff #208 #475)
 149.458 +#468 := (not #467)
 149.459 +#471 := (and #468 #205)
 149.460 +#476 := (iff #471 #475)
 149.461 +#477 := [rewrite]: #476
 149.462 +#472 := (iff #208 #471)
 149.463 +#469 := (iff #15 #468)
 149.464 +#470 := [rewrite]: #469
 149.465 +#473 := [monotonicity #470]: #472
 149.466 +#479 := [trans #473 #477]: #478
 149.467 +#482 := [monotonicity #479]: #481
 149.468 +#486 := [trans #482 #484]: #485
 149.469 +#491 := [trans #486 #489]: #490
 149.470 +#357 := [not-or-elim #347]: #356
 149.471 +#492 := [mp #357 #491]: #487
 149.472 +#694 := [unit-resolution #492 #691]: #693
 149.473 +#695 := [unit-resolution #694 #692]: #177
 149.474 +#493 := (or #178 #204)
 149.475 +#358 := (not #211)
 149.476 +#502 := (iff #358 #493)
 149.477 +#494 := (not #493)
 149.478 +#497 := (not #494)
 149.479 +#500 := (iff #497 #493)
 149.480 +#501 := [rewrite]: #500
 149.481 +#498 := (iff #358 #497)
 149.482 +#495 := (iff #211 #494)
 149.483 +#496 := [rewrite]: #495
 149.484 +#499 := [monotonicity #496]: #498
 149.485 +#503 := [trans #499 #501]: #502
 149.486 +#359 := [not-or-elim #347]: #358
 149.487 +#504 := [mp #359 #503]: #493
 149.488 +#696 := [unit-resolution #504 #695 #692]: false
 149.489 +#697 := [lemma #696]: #204
 149.490 +#698 := [hypothesis]: #177
 149.491 +#449 := (or #178 #205 #217)
 149.492 +#352 := (not #184)
 149.493 +#452 := (iff #352 #449)
 149.494 +#436 := (or #178 #385)
 149.495 +#450 := (iff #436 #449)
 149.496 +#451 := [rewrite]: #450
 149.497 +#447 := (iff #352 #436)
 149.498 +#437 := (not #436)
 149.499 +#442 := (not #437)
 149.500 +#445 := (iff #442 #436)
 149.501 +#446 := [rewrite]: #445
 149.502 +#443 := (iff #352 #442)
 149.503 +#440 := (iff #184 #437)
 149.504 +#433 := (and #386 #177)
 149.505 +#438 := (iff #433 #437)
 149.506 +#439 := [rewrite]: #438
 149.507 +#434 := (iff #184 #433)
 149.508 +#435 := [monotonicity #388]: #434
 149.509 +#441 := [trans #435 #439]: #440
 149.510 +#444 := [monotonicity #441]: #443
 149.511 +#448 := [trans #444 #446]: #447
 149.512 +#453 := [trans #448 #451]: #452
 149.513 +#353 := [not-or-elim #347]: #352
 149.514 +#454 := [mp #353 #453]: #449
 149.515 +#699 := [unit-resolution #454 #698 #697]: #217
 149.516 +#639 := (or #178 #237)
 149.517 +#374 := (not #273)