theory Demo = Main:

(* a test: solve the following goal in single steps *)
lemma "A&(B|C) ==> A&B | C";
oops;

(* a successful example of quantifier reasoning: *)
lemma "ALL x. EX y. x = y"
apply(rule allI)
apply(rule exI)
apply(rule refl)
done;

(* an unsuccessful example of quantifier reasoning: *)
lemma "EX y. ALL x. x = y"
apply(rule exI)
apply(rule allI)
(* Does not work:
apply(rule refl)
*)
oops;

(* I and E rules *)
lemma "(EX y. ALL x. P x y) ==> (ALL x. EX y. P x y)"
(* the safe rules first: *)
apply(rule allI)
apply(erule exE)
(* now the unsafe ones: *)
apply(rule exI)
apply(erule allE)
apply(assumption)
done;

(* what happens if an unsafe rule is tried too early: *)
lemma "(EX y. ALL x. P x y) ==> (ALL x. EX y. P x y)"
apply(rule allI)
apply(rule exI)
apply(erule exE)
apply(erule allE)
(* Fails now:
apply(assumption)
*)
oops;

(* Lehre:
   Zuerst sicher Quantoren Regeln (allI, exE: sie erzeugen Parameter),
   dann die unsicheren Quantoren Regeln (allE, exI: sie erzeugen ?-Variablen)
*)


(*** Renaming ***)
lemma "xs \<noteq> [] \<longrightarrow> P xs"
apply(induct_tac xs)
apply simp
apply(rename_tac elem rest)
oops;

(*** Instantiation ***)

(* instantiating exI *)
lemma "EX n::nat. n*n = n"
thm exI
thm exI[of _ "1"]
apply(rule exI[of _ "1"])
apply(simp)
done;

(* instantiating allE *)
lemma "ALL xs. xs@ys = zs ==> ys=zs"
thm allE
thm allE[of _ "[]"]
apply(erule allE[of _ "[]"])
apply(simp)
done;

(** Instantiation with terms containing variables
    that occur in the goal
**)
lemma "EX n. P(f n) ==> EX m. P m"
apply(erule exE)
(* Does not work:
apply(rule exI[of _ "f n"])
*)
apply(rule_tac x = "f n" in exI)
apply assumption
done;

lemma "[| EX n. P n; ALL m. P(m) --> P(f m) |] ==> EX a. P(f a)"
apply(erule exE)
apply(erule_tac x = "n" in allE)
apply blast
done;


(** instantiation can remove ambiguity: **)
lemma "[| A & B; C & D |] ==> D"
apply(erule_tac P = "C" in conjE)
(* without instantiation, the wrong one is chosen (first) *)
apply assumption
done;

end