Theory If

(*  Title:      FOL/ex/If.thy
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
    Copyright   1991  University of Cambridge
*)

section ‹First-Order Logic: the 'if' example›

theory If
imports FOL
begin

definition "if" :: [o,o,o]=>o
  where if(P,Q,R)  P  Q  ¬ P  R

lemma ifI: P  Q; ¬ P  R  if(P,Q,R)
  unfolding if_def by blast

lemma ifE: if(P,Q,R); P; Q  S; ¬ P; R  S  S
  unfolding if_def by blast

lemma if_commute: if(P, if(Q,A,B), if(Q,C,D))  if(Q, if(P,A,C), if(P,B,D))
  apply (rule iffI)
  apply (erule ifE)
  apply (erule ifE)
  apply (rule ifI)
  apply (rule ifI)
  oops

text‹Trying again from the beginning in order to use blast›
declare ifI [intro!]
declare ifE [elim!]

lemma if_commute: if(P, if(Q,A,B), if(Q,C,D))  if(Q, if(P,A,C), if(P,B,D))
  by blast


lemma if(if(P,Q,R), A, B)  if(P, if(Q,A,B), if(R,A,B))
  by blast

text‹Trying again from the beginning in order to prove from the definitions›
lemma if(if(P,Q,R), A, B)  if(P, if(Q,A,B), if(R,A,B))
  unfolding if_def by blast


text ‹An invalid formula. High-level rules permit a simpler diagnosis.›
lemma if(if(P,Q,R), A, B)  if(P, if(Q,A,B), if(R,B,A))
  apply auto
    ― ‹The next step will fail unless subgoals remain›
  apply (tactic all_tac)
  oops

text ‹Trying again from the beginning in order to prove from the definitions.›
lemma if(if(P,Q,R), A, B)  if(P, if(Q,A,B), if(R,B,A))
  unfolding if_def
  apply auto
    ― ‹The next step will fail unless subgoals remain›
  apply (tactic all_tac)
  oops

end