src/Sequents/LK0.thy
author wenzelm
Thu Dec 07 00:42:04 2006 +0100 (2006-12-07)
changeset 21687 f689f729afab
parent 21588 cd0dc678a205
child 22894 619b270607ac
permissions -rw-r--r--
reorganized structure Goal vs. Tactic;
wenzelm@17481
     1
(*  Title:      LK/LK0.thy
paulson@7093
     2
    ID:         $Id$
paulson@7093
     3
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@7093
     4
    Copyright   1993  University of Cambridge
paulson@7093
     5
paulson@7093
     6
There may be printing problems if a seqent is in expanded normal form
wenzelm@17481
     7
        (eta-expanded, beta-contracted)
paulson@7093
     8
*)
paulson@7093
     9
wenzelm@17481
    10
header {* Classical First-Order Sequent Calculus *}
wenzelm@17481
    11
wenzelm@17481
    12
theory LK0
wenzelm@17481
    13
imports Sequents
wenzelm@17481
    14
begin
paulson@7093
    15
paulson@7093
    16
global
paulson@7093
    17
wenzelm@17481
    18
classes "term"
wenzelm@17481
    19
defaultsort "term"
paulson@7093
    20
paulson@7093
    21
consts
paulson@7093
    22
wenzelm@21524
    23
  Trueprop       :: "two_seqi"
paulson@7093
    24
wenzelm@17481
    25
  True         :: o
wenzelm@17481
    26
  False        :: o
wenzelm@17481
    27
  "="          :: "['a,'a] => o"     (infixl 50)
wenzelm@17481
    28
  Not          :: "o => o"           ("~ _" [40] 40)
wenzelm@17481
    29
  "&"          :: "[o,o] => o"       (infixr 35)
wenzelm@17481
    30
  "|"          :: "[o,o] => o"       (infixr 30)
wenzelm@17481
    31
  "-->"        :: "[o,o] => o"       (infixr 25)
wenzelm@17481
    32
  "<->"        :: "[o,o] => o"       (infixr 25)
wenzelm@17481
    33
  The          :: "('a => o) => 'a"  (binder "THE " 10)
wenzelm@17481
    34
  All          :: "('a => o) => o"   (binder "ALL " 10)
wenzelm@17481
    35
  Ex           :: "('a => o) => o"   (binder "EX " 10)
paulson@7093
    36
paulson@7093
    37
syntax
wenzelm@17481
    38
 "@Trueprop"    :: "two_seqe" ("((_)/ |- (_))" [6,6] 5)
wenzelm@17481
    39
  "_not_equal" :: "['a, 'a] => o"              (infixl "~=" 50)
wenzelm@17481
    40
wenzelm@17481
    41
parse_translation {* [("@Trueprop", two_seq_tr "Trueprop")] *}
wenzelm@17481
    42
print_translation {* [("Trueprop", two_seq_tr' "@Trueprop")] *}
paulson@7093
    43
paulson@7093
    44
translations
paulson@7093
    45
  "x ~= y"      == "~ (x = y)"
paulson@7093
    46
wenzelm@12116
    47
syntax (xsymbols)
wenzelm@17481
    48
  Not           :: "o => o"               ("\<not> _" [40] 40)
wenzelm@17481
    49
  "op &"        :: "[o, o] => o"          (infixr "\<and>" 35)
wenzelm@17481
    50
  "op |"        :: "[o, o] => o"          (infixr "\<or>" 30)
wenzelm@17481
    51
  "op -->"      :: "[o, o] => o"          (infixr "\<longrightarrow>" 25)
wenzelm@17481
    52
  "op <->"      :: "[o, o] => o"          (infixr "\<longleftrightarrow>" 25)
wenzelm@21524
    53
  All_binder    :: "[idts, o] => o"       ("(3\<forall>_./ _)" [0, 10] 10)
wenzelm@21524
    54
  Ex_binder     :: "[idts, o] => o"       ("(3\<exists>_./ _)" [0, 10] 10)
wenzelm@17481
    55
  "_not_equal"  :: "['a, 'a] => o"        (infixl "\<noteq>" 50)
paulson@7093
    56
paulson@7093
    57
syntax (HTML output)
wenzelm@17481
    58
  Not           :: "o => o"               ("\<not> _" [40] 40)
wenzelm@17481
    59
  "op &"        :: "[o, o] => o"          (infixr "\<and>" 35)
wenzelm@17481
    60
  "op |"        :: "[o, o] => o"          (infixr "\<or>" 30)
wenzelm@21524
    61
  All_binder    :: "[idts, o] => o"       ("(3\<forall>_./ _)" [0, 10] 10)
wenzelm@21524
    62
  Ex_binder     :: "[idts, o] => o"       ("(3\<exists>_./ _)" [0, 10] 10)
wenzelm@17481
    63
  "_not_equal"  :: "['a, 'a] => o"        (infixl "\<noteq>" 50)
paulson@7093
    64
paulson@7093
    65
local
wenzelm@17481
    66
wenzelm@17481
    67
axioms
paulson@7093
    68
paulson@7093
    69
  (*Structural rules: contraction, thinning, exchange [Soren Heilmann] *)
paulson@7093
    70
wenzelm@17481
    71
  contRS: "$H |- $E, $S, $S, $F ==> $H |- $E, $S, $F"
wenzelm@17481
    72
  contLS: "$H, $S, $S, $G |- $E ==> $H, $S, $G |- $E"
paulson@7093
    73
wenzelm@17481
    74
  thinRS: "$H |- $E, $F ==> $H |- $E, $S, $F"
wenzelm@17481
    75
  thinLS: "$H, $G |- $E ==> $H, $S, $G |- $E"
paulson@7093
    76
wenzelm@17481
    77
  exchRS: "$H |- $E, $R, $S, $F ==> $H |- $E, $S, $R, $F"
wenzelm@17481
    78
  exchLS: "$H, $R, $S, $G |- $E ==> $H, $S, $R, $G |- $E"
paulson@7093
    79
wenzelm@17481
    80
  cut:   "[| $H |- $E, P;  $H, P |- $E |] ==> $H |- $E"
paulson@7093
    81
paulson@7093
    82
  (*Propositional rules*)
paulson@7093
    83
wenzelm@17481
    84
  basic: "$H, P, $G |- $E, P, $F"
paulson@7093
    85
wenzelm@17481
    86
  conjR: "[| $H|- $E, P, $F;  $H|- $E, Q, $F |] ==> $H|- $E, P&Q, $F"
wenzelm@17481
    87
  conjL: "$H, P, Q, $G |- $E ==> $H, P & Q, $G |- $E"
paulson@7093
    88
wenzelm@17481
    89
  disjR: "$H |- $E, P, Q, $F ==> $H |- $E, P|Q, $F"
wenzelm@17481
    90
  disjL: "[| $H, P, $G |- $E;  $H, Q, $G |- $E |] ==> $H, P|Q, $G |- $E"
paulson@7093
    91
wenzelm@17481
    92
  impR:  "$H, P |- $E, Q, $F ==> $H |- $E, P-->Q, $F"
wenzelm@17481
    93
  impL:  "[| $H,$G |- $E,P;  $H, Q, $G |- $E |] ==> $H, P-->Q, $G |- $E"
paulson@7093
    94
wenzelm@17481
    95
  notR:  "$H, P |- $E, $F ==> $H |- $E, ~P, $F"
wenzelm@17481
    96
  notL:  "$H, $G |- $E, P ==> $H, ~P, $G |- $E"
paulson@7093
    97
wenzelm@17481
    98
  FalseL: "$H, False, $G |- $E"
paulson@7093
    99
wenzelm@17481
   100
  True_def: "True == False-->False"
wenzelm@17481
   101
  iff_def:  "P<->Q == (P-->Q) & (Q-->P)"
paulson@7093
   102
paulson@7093
   103
  (*Quantifiers*)
paulson@7093
   104
wenzelm@17481
   105
  allR:  "(!!x.$H |- $E, P(x), $F) ==> $H |- $E, ALL x. P(x), $F"
wenzelm@17481
   106
  allL:  "$H, P(x), $G, ALL x. P(x) |- $E ==> $H, ALL x. P(x), $G |- $E"
paulson@7093
   107
wenzelm@17481
   108
  exR:   "$H |- $E, P(x), $F, EX x. P(x) ==> $H |- $E, EX x. P(x), $F"
wenzelm@17481
   109
  exL:   "(!!x.$H, P(x), $G |- $E) ==> $H, EX x. P(x), $G |- $E"
paulson@7093
   110
paulson@7093
   111
  (*Equality*)
paulson@7093
   112
wenzelm@17481
   113
  refl:  "$H |- $E, a=a, $F"
wenzelm@17481
   114
  subst: "$H(a), $G(a) |- $E(a) ==> $H(b), a=b, $G(b) |- $E(b)"
paulson@7093
   115
paulson@7093
   116
  (* Reflection *)
paulson@7093
   117
wenzelm@17481
   118
  eq_reflection:  "|- x=y ==> (x==y)"
wenzelm@17481
   119
  iff_reflection: "|- P<->Q ==> (P==Q)"
paulson@7093
   120
paulson@7093
   121
  (*Descriptions*)
paulson@7093
   122
wenzelm@17481
   123
  The: "[| $H |- $E, P(a), $F;  !!x.$H, P(x) |- $E, x=a, $F |] ==>
paulson@7093
   124
          $H |- $E, P(THE x. P(x)), $F"
paulson@7093
   125
paulson@7093
   126
constdefs
wenzelm@17481
   127
  If :: "[o, 'a, 'a] => 'a"   ("(if (_)/ then (_)/ else (_))" 10)
paulson@7093
   128
   "If(P,x,y) == THE z::'a. (P --> z=x) & (~P --> z=y)"
paulson@7093
   129
wenzelm@21426
   130
wenzelm@21426
   131
(** Structural Rules on formulas **)
wenzelm@21426
   132
wenzelm@21426
   133
(*contraction*)
wenzelm@21426
   134
wenzelm@21426
   135
lemma contR: "$H |- $E, P, P, $F ==> $H |- $E, P, $F"
wenzelm@21426
   136
  by (rule contRS)
wenzelm@21426
   137
wenzelm@21426
   138
lemma contL: "$H, P, P, $G |- $E ==> $H, P, $G |- $E"
wenzelm@21426
   139
  by (rule contLS)
wenzelm@21426
   140
wenzelm@21426
   141
(*thinning*)
wenzelm@21426
   142
wenzelm@21426
   143
lemma thinR: "$H |- $E, $F ==> $H |- $E, P, $F"
wenzelm@21426
   144
  by (rule thinRS)
wenzelm@21426
   145
wenzelm@21426
   146
lemma thinL: "$H, $G |- $E ==> $H, P, $G |- $E"
wenzelm@21426
   147
  by (rule thinLS)
wenzelm@21426
   148
wenzelm@21426
   149
(*exchange*)
wenzelm@21426
   150
wenzelm@21426
   151
lemma exchR: "$H |- $E, Q, P, $F ==> $H |- $E, P, Q, $F"
wenzelm@21426
   152
  by (rule exchRS)
wenzelm@21426
   153
wenzelm@21426
   154
lemma exchL: "$H, Q, P, $G |- $E ==> $H, P, Q, $G |- $E"
wenzelm@21426
   155
  by (rule exchLS)
wenzelm@21426
   156
wenzelm@21426
   157
ML {*
wenzelm@21426
   158
local
wenzelm@21426
   159
  val thinR = thm "thinR"
wenzelm@21426
   160
  val thinL = thm "thinL"
wenzelm@21426
   161
  val cut = thm "cut"
wenzelm@21426
   162
in
wenzelm@21426
   163
wenzelm@21426
   164
(*Cut and thin, replacing the right-side formula*)
wenzelm@21426
   165
fun cutR_tac s i =
wenzelm@21426
   166
  res_inst_tac [ ("P", s) ] cut i  THEN  rtac thinR i
wenzelm@21426
   167
wenzelm@21426
   168
(*Cut and thin, replacing the left-side formula*)
wenzelm@21426
   169
fun cutL_tac s i =
wenzelm@21426
   170
  res_inst_tac [("P", s)] cut i  THEN  rtac thinL (i+1)
wenzelm@17481
   171
paulson@7093
   172
end
wenzelm@21426
   173
*}
wenzelm@21426
   174
wenzelm@21426
   175
wenzelm@21426
   176
(** If-and-only-if rules **)
wenzelm@21426
   177
lemma iffR: 
wenzelm@21426
   178
    "[| $H,P |- $E,Q,$F;  $H,Q |- $E,P,$F |] ==> $H |- $E, P <-> Q, $F"
wenzelm@21426
   179
  apply (unfold iff_def)
wenzelm@21426
   180
  apply (assumption | rule conjR impR)+
wenzelm@21426
   181
  done
wenzelm@21426
   182
wenzelm@21426
   183
lemma iffL: 
wenzelm@21426
   184
    "[| $H,$G |- $E,P,Q;  $H,Q,P,$G |- $E |] ==> $H, P <-> Q, $G |- $E"
wenzelm@21426
   185
  apply (unfold iff_def)
wenzelm@21426
   186
  apply (assumption | rule conjL impL basic)+
wenzelm@21426
   187
  done
wenzelm@21426
   188
wenzelm@21426
   189
lemma iff_refl: "$H |- $E, (P <-> P), $F"
wenzelm@21426
   190
  apply (rule iffR basic)+
wenzelm@21426
   191
  done
wenzelm@21426
   192
wenzelm@21426
   193
lemma TrueR: "$H |- $E, True, $F"
wenzelm@21426
   194
  apply (unfold True_def)
wenzelm@21426
   195
  apply (rule impR)
wenzelm@21426
   196
  apply (rule basic)
wenzelm@21426
   197
  done
wenzelm@21426
   198
wenzelm@21426
   199
(*Descriptions*)
wenzelm@21426
   200
lemma the_equality:
wenzelm@21426
   201
  assumes p1: "$H |- $E, P(a), $F"
wenzelm@21426
   202
    and p2: "!!x. $H, P(x) |- $E, x=a, $F"
wenzelm@21426
   203
  shows "$H |- $E, (THE x. P(x)) = a, $F"
wenzelm@21426
   204
  apply (rule cut)
wenzelm@21426
   205
   apply (rule_tac [2] p2)
wenzelm@21426
   206
  apply (rule The, rule thinR, rule exchRS, rule p1)
wenzelm@21426
   207
  apply (rule thinR, rule exchRS, rule p2)
wenzelm@21426
   208
  done
wenzelm@21426
   209
wenzelm@21426
   210
wenzelm@21426
   211
(** Weakened quantifier rules.  Incomplete, they let the search terminate.**)
wenzelm@21426
   212
wenzelm@21426
   213
lemma allL_thin: "$H, P(x), $G |- $E ==> $H, ALL x. P(x), $G |- $E"
wenzelm@21426
   214
  apply (rule allL)
wenzelm@21426
   215
  apply (erule thinL)
wenzelm@21426
   216
  done
wenzelm@21426
   217
wenzelm@21426
   218
lemma exR_thin: "$H |- $E, P(x), $F ==> $H |- $E, EX x. P(x), $F"
wenzelm@21426
   219
  apply (rule exR)
wenzelm@21426
   220
  apply (erule thinR)
wenzelm@21426
   221
  done
wenzelm@21426
   222
wenzelm@21426
   223
(*The rules of LK*)
wenzelm@21426
   224
wenzelm@21426
   225
ML {*
wenzelm@21426
   226
val prop_pack = empty_pack add_safes
wenzelm@21426
   227
                [thm "basic", thm "refl", thm "TrueR", thm "FalseL",
wenzelm@21426
   228
                 thm "conjL", thm "conjR", thm "disjL", thm "disjR", thm "impL", thm "impR",
wenzelm@21426
   229
                 thm "notL", thm "notR", thm "iffL", thm "iffR"];
wenzelm@21426
   230
wenzelm@21426
   231
val LK_pack = prop_pack add_safes   [thm "allR", thm "exL"]
wenzelm@21426
   232
                        add_unsafes [thm "allL_thin", thm "exR_thin", thm "the_equality"];
wenzelm@21426
   233
wenzelm@21426
   234
val LK_dup_pack = prop_pack add_safes   [thm "allR", thm "exL"]
wenzelm@21426
   235
                            add_unsafes [thm "allL", thm "exR", thm "the_equality"];
wenzelm@21426
   236
wenzelm@21426
   237
wenzelm@21426
   238
local
wenzelm@21426
   239
  val thinR = thm "thinR"
wenzelm@21426
   240
  val thinL = thm "thinL"
wenzelm@21426
   241
  val cut = thm "cut"
wenzelm@21426
   242
in
wenzelm@21426
   243
wenzelm@21426
   244
fun lemma_tac th i =
wenzelm@21426
   245
    rtac (thinR RS cut) i THEN REPEAT (rtac thinL i) THEN rtac th i;
wenzelm@21426
   246
wenzelm@21426
   247
end;
wenzelm@21426
   248
*}
wenzelm@21426
   249
wenzelm@21426
   250
method_setup fast_prop =
wenzelm@21588
   251
  {* Method.no_args (Method.SIMPLE_METHOD' (fast_tac prop_pack)) *}
wenzelm@21426
   252
  "propositional reasoning"
wenzelm@21426
   253
wenzelm@21426
   254
method_setup fast =
wenzelm@21588
   255
  {* Method.no_args (Method.SIMPLE_METHOD' (fast_tac LK_pack)) *}
wenzelm@21426
   256
  "classical reasoning"
wenzelm@21426
   257
wenzelm@21426
   258
method_setup fast_dup =
wenzelm@21588
   259
  {* Method.no_args (Method.SIMPLE_METHOD' (fast_tac LK_dup_pack)) *}
wenzelm@21426
   260
  "classical reasoning"
wenzelm@21426
   261
wenzelm@21426
   262
method_setup best =
wenzelm@21588
   263
  {* Method.no_args (Method.SIMPLE_METHOD' (best_tac LK_pack)) *}
wenzelm@21426
   264
  "classical reasoning"
wenzelm@21426
   265
wenzelm@21426
   266
method_setup best_dup =
wenzelm@21588
   267
  {* Method.no_args (Method.SIMPLE_METHOD' (best_tac LK_dup_pack)) *}
wenzelm@21426
   268
  "classical reasoning"
paulson@7093
   269
paulson@7118
   270
wenzelm@21426
   271
lemma mp_R:
wenzelm@21426
   272
  assumes major: "$H |- $E, $F, P --> Q"
wenzelm@21426
   273
    and minor: "$H |- $E, $F, P"
wenzelm@21426
   274
  shows "$H |- $E, Q, $F"
wenzelm@21426
   275
  apply (rule thinRS [THEN cut], rule major)
wenzelm@21426
   276
  apply (tactic "step_tac LK_pack 1")
wenzelm@21426
   277
  apply (rule thinR, rule minor)
wenzelm@21426
   278
  done
wenzelm@21426
   279
wenzelm@21426
   280
lemma mp_L:
wenzelm@21426
   281
  assumes major: "$H, $G |- $E, P --> Q"
wenzelm@21426
   282
    and minor: "$H, $G, Q |- $E"
wenzelm@21426
   283
  shows "$H, P, $G |- $E"
wenzelm@21426
   284
  apply (rule thinL [THEN cut], rule major)
wenzelm@21426
   285
  apply (tactic "step_tac LK_pack 1")
wenzelm@21426
   286
  apply (rule thinL, rule minor)
wenzelm@21426
   287
  done
wenzelm@21426
   288
wenzelm@21426
   289
wenzelm@21426
   290
(** Two rules to generate left- and right- rules from implications **)
wenzelm@21426
   291
wenzelm@21426
   292
lemma R_of_imp:
wenzelm@21426
   293
  assumes major: "|- P --> Q"
wenzelm@21426
   294
    and minor: "$H |- $E, $F, P"
wenzelm@21426
   295
  shows "$H |- $E, Q, $F"
wenzelm@21426
   296
  apply (rule mp_R)
wenzelm@21426
   297
   apply (rule_tac [2] minor)
wenzelm@21426
   298
  apply (rule thinRS, rule major [THEN thinLS])
wenzelm@21426
   299
  done
wenzelm@21426
   300
wenzelm@21426
   301
lemma L_of_imp:
wenzelm@21426
   302
  assumes major: "|- P --> Q"
wenzelm@21426
   303
    and minor: "$H, $G, Q |- $E"
wenzelm@21426
   304
  shows "$H, P, $G |- $E"
wenzelm@21426
   305
  apply (rule mp_L)
wenzelm@21426
   306
   apply (rule_tac [2] minor)
wenzelm@21426
   307
  apply (rule thinRS, rule major [THEN thinLS])
wenzelm@21426
   308
  done
wenzelm@21426
   309
wenzelm@21426
   310
(*Can be used to create implications in a subgoal*)
wenzelm@21426
   311
lemma backwards_impR:
wenzelm@21426
   312
  assumes prem: "$H, $G |- $E, $F, P --> Q"
wenzelm@21426
   313
  shows "$H, P, $G |- $E, Q, $F"
wenzelm@21426
   314
  apply (rule mp_L)
wenzelm@21426
   315
   apply (rule_tac [2] basic)
wenzelm@21426
   316
  apply (rule thinR, rule prem)
wenzelm@21426
   317
  done
wenzelm@21426
   318
wenzelm@21426
   319
lemma conjunct1: "|-P&Q ==> |-P"
wenzelm@21426
   320
  apply (erule thinR [THEN cut])
wenzelm@21426
   321
  apply fast
wenzelm@21426
   322
  done
wenzelm@21426
   323
wenzelm@21426
   324
lemma conjunct2: "|-P&Q ==> |-Q"
wenzelm@21426
   325
  apply (erule thinR [THEN cut])
wenzelm@21426
   326
  apply fast
wenzelm@21426
   327
  done
wenzelm@21426
   328
wenzelm@21426
   329
lemma spec: "|- (ALL x. P(x)) ==> |- P(x)"
wenzelm@21426
   330
  apply (erule thinR [THEN cut])
wenzelm@21426
   331
  apply fast
wenzelm@21426
   332
  done
wenzelm@21426
   333
wenzelm@21426
   334
wenzelm@21426
   335
(** Equality **)
wenzelm@21426
   336
wenzelm@21426
   337
lemma sym: "|- a=b --> b=a"
wenzelm@21426
   338
  by (tactic {* safe_tac (LK_pack add_safes [thm "subst"]) 1 *})
wenzelm@21426
   339
wenzelm@21426
   340
lemma trans: "|- a=b --> b=c --> a=c"
wenzelm@21426
   341
  by (tactic {* safe_tac (LK_pack add_safes [thm "subst"]) 1 *})
wenzelm@21426
   342
wenzelm@21426
   343
(* Symmetry of equality in hypotheses *)
wenzelm@21426
   344
lemmas symL = sym [THEN L_of_imp, standard]
wenzelm@21426
   345
wenzelm@21426
   346
(* Symmetry of equality in hypotheses *)
wenzelm@21426
   347
lemmas symR = sym [THEN R_of_imp, standard]
wenzelm@21426
   348
wenzelm@21426
   349
lemma transR: "[| $H|- $E, $F, a=b;  $H|- $E, $F, b=c |] ==> $H|- $E, a=c, $F"
wenzelm@21426
   350
  by (rule trans [THEN R_of_imp, THEN mp_R])
wenzelm@21426
   351
wenzelm@21426
   352
(* Two theorms for rewriting only one instance of a definition:
wenzelm@21426
   353
   the first for definitions of formulae and the second for terms *)
wenzelm@21426
   354
wenzelm@21426
   355
lemma def_imp_iff: "(A == B) ==> |- A <-> B"
wenzelm@21426
   356
  apply unfold
wenzelm@21426
   357
  apply (rule iff_refl)
wenzelm@21426
   358
  done
wenzelm@21426
   359
wenzelm@21426
   360
lemma meta_eq_to_obj_eq: "(A == B) ==> |- A = B"
wenzelm@21426
   361
  apply unfold
wenzelm@21426
   362
  apply (rule refl)
wenzelm@21426
   363
  done
wenzelm@21426
   364
wenzelm@21426
   365
wenzelm@21426
   366
(** if-then-else rules **)
wenzelm@21426
   367
wenzelm@21426
   368
lemma if_True: "|- (if True then x else y) = x"
wenzelm@21426
   369
  unfolding If_def by fast
wenzelm@21426
   370
wenzelm@21426
   371
lemma if_False: "|- (if False then x else y) = y"
wenzelm@21426
   372
  unfolding If_def by fast
wenzelm@21426
   373
wenzelm@21426
   374
lemma if_P: "|- P ==> |- (if P then x else y) = x"
wenzelm@21426
   375
  apply (unfold If_def)
wenzelm@21426
   376
  apply (erule thinR [THEN cut])
wenzelm@21426
   377
  apply fast
wenzelm@21426
   378
  done
wenzelm@21426
   379
wenzelm@21426
   380
lemma if_not_P: "|- ~P ==> |- (if P then x else y) = y";
wenzelm@21426
   381
  apply (unfold If_def)
wenzelm@21426
   382
  apply (erule thinR [THEN cut])
wenzelm@21426
   383
  apply fast
wenzelm@21426
   384
  done
wenzelm@21426
   385
wenzelm@21426
   386
end