-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathproof-terms.smt2
37 lines (35 loc) · 1018 Bytes
/
proof-terms.smt2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
(set-option :produce-proofs true)
(push)
(declare-const p Bool)
(declare-const q Bool)
(declare-const r Bool)
(assert (distinct p q r))
(check-sat)
(get-proof)
(pop)
(push)
(define-fun-rec append ((xs (List Int)) (ys (List Int))) (List Int)
(match xs (
((insert x xs) (insert x (append xs ys)))
(nil ys))))
(declare-const xs (List Int))
; Times out
; (assert (not (= (append xs nil) xs)))
; Works, but proof is pretty trivial
; (assert (not (= (append nil xs) xs)))
; (check-sat)
; (get-proof)
(pop)
; Interestingly, if I first assert (∀ xs, xs ++ [] == xs) (which z3 can somehow prove),
; then I can get a proof out...
(push)
(define-fun-rec append ((xs (List Int)) (ys (List Int))) (List Int)
(match xs (
((insert x xs) (insert x (append xs ys)))
(nil ys))))
(assert (forall ((xs (List Int))) (= (append xs nil) xs)))
(declare-const xs (List Int))
(assert (not (= (append xs nil) xs)))
(check-sat)
(get-proof) ; ...but I don't see any kind of induction argument being made in the proof
(pop)