1Isabelle NEWS -- history of user-relevant changes 2================================================= 3 4(Note: Isabelle/jEdit shows a tree-view of the NEWS file in Sidekick.) 5 6 7New in Isabelle2018 (August 2018) 8--------------------------------- 9 10*** General *** 11 12* Session-qualified theory names are mandatory: it is no longer possible 13to refer to unqualified theories from the parent session. 14INCOMPATIBILITY for old developments that have not been updated to 15Isabelle2017 yet (using the "isabelle imports" tool). 16 17* Only the most fundamental theory names are global, usually the entry 18points to major logic sessions: Pure, Main, Complex_Main, HOLCF, IFOL, 19FOL, ZF, ZFC etc. INCOMPATIBILITY, need to use qualified names for 20formerly global "HOL-Probability.Probability" and "HOL-SPARK.SPARK". 21 22* Global facts need to be closed: no free variables and no hypotheses. 23Rare INCOMPATIBILITY. 24 25* Facts stemming from locale interpretation are subject to lazy 26evaluation for improved performance. Rare INCOMPATIBILITY: errors 27stemming from interpretation morphisms might be deferred and thus 28difficult to locate; enable system option "strict_facts" temporarily to 29avoid this. 30 31* Marginal comments need to be written exclusively in the new-style form 32"\<comment> \<open>text\<close>", old ASCII variants like "-- {* ... *}" are no longer 33supported. INCOMPATIBILITY, use the command-line tool "isabelle 34update_comments" to update existing theory files. 35 36* Old-style inner comments (* ... *) within the term language are legacy 37and will be discontinued soon: use formal comments "\<comment> \<open>...\<close>" or "\<^cancel>\<open>...\<close>" 38instead. 39 40* The "op <infix-op>" syntax for infix operators has been replaced by 41"(<infix-op>)". If <infix-op> begins or ends with a "*", there needs to 42be a space between the "*" and the corresponding parenthesis. 43INCOMPATIBILITY, use the command-line tool "isabelle update_op" to 44convert theory and ML files to the new syntax. Because it is based on 45regular expression matching, the result may need a bit of manual 46postprocessing. Invoking "isabelle update_op" converts all files in the 47current directory (recursively). In case you want to exclude conversion 48of ML files (because the tool frequently also converts ML's "op" 49syntax), use option "-m". 50 51* Theory header 'abbrevs' specifications need to be separated by 'and'. 52INCOMPATIBILITY. 53 54* Command 'external_file' declares the formal dependency on the given 55file name, such that the Isabelle build process knows about it, but 56without specific Prover IDE management. 57 58* Session ROOT entries no longer allow specification of 'files'. Rare 59INCOMPATIBILITY, use command 'external_file' within a proper theory 60context. 61 62* Session root directories may be specified multiple times: each 63accessible ROOT file is processed only once. This facilitates 64specification of $ISABELLE_HOME_USER/ROOTS or command-line options like 65-d or -D for "isabelle build" and "isabelle jedit". Example: 66 67 isabelle build -D '~~/src/ZF' 68 69* The command 'display_drafts' has been discontinued. INCOMPATIBILITY, 70use action "isabelle.draft" (or "print") in Isabelle/jEdit instead. 71 72* In HTML output, the Isabelle symbol "\<hyphen>" is rendered as explicit 73Unicode hyphen U+2010, to avoid unclear meaning of the old "soft hyphen" 74U+00AD. Rare INCOMPATIBILITY, e.g. copy-paste of historic Isabelle HTML 75output. 76 77 78*** Isabelle/jEdit Prover IDE *** 79 80* The command-line tool "isabelle jedit" provides more flexible options 81for session management: 82 83 - option -R builds an auxiliary logic image with all theories from 84 other sessions that are not already present in its parent 85 86 - option -S is like -R, with a focus on the selected session and its 87 descendants (this reduces startup time for big projects like AFP) 88 89 - option -A specifies an alternative ancestor session for options -R 90 and -S 91 92 - option -i includes additional sessions into the name-space of 93 theories 94 95 Examples: 96 isabelle jedit -R HOL-Number_Theory 97 isabelle jedit -R HOL-Number_Theory -A HOL 98 isabelle jedit -d '$AFP' -S Formal_SSA -A HOL 99 isabelle jedit -d '$AFP' -S Formal_SSA -A HOL-Analysis 100 isabelle jedit -d '$AFP' -S Formal_SSA -A HOL-Analysis -i CryptHOL 101 102* PIDE markup for session ROOT files: allows to complete session names, 103follow links to theories and document files etc. 104 105* Completion supports theory header imports, using theory base name. 106E.g. "Prob" may be completed to "HOL-Probability.Probability". 107 108* Named control symbols (without special Unicode rendering) are shown as 109bold-italic keyword. This is particularly useful for the short form of 110antiquotations with control symbol: \<^name>\<open>argument\<close>. The action 111"isabelle.antiquoted_cartouche" turns an antiquotation with 0 or 1 112arguments into this format. 113 114* Completion provides templates for named symbols with arguments, 115e.g. "\<comment> \<open>ARGUMENT\<close>" or "\<^emph>\<open>ARGUMENT\<close>". 116 117* Slightly more parallel checking, notably for high priority print 118functions (e.g. State output). 119 120* The view title is set dynamically, according to the Isabelle 121distribution and the logic session name. The user can override this via 122set-view-title (stored persistently in $JEDIT_SETTINGS/perspective.xml). 123 124* System options "spell_checker_include" and "spell_checker_exclude" 125supersede former "spell_checker_elements" to determine regions of text 126that are subject to spell-checking. Minor INCOMPATIBILITY. 127 128* Action "isabelle.preview" is able to present more file formats, 129notably bibtex database files and ML files. 130 131* Action "isabelle.draft" is similar to "isabelle.preview", but shows a 132plain-text document draft. Both are available via the menu "Plugins / 133Isabelle". 134 135* When loading text files, the Isabelle symbols encoding UTF-8-Isabelle 136is only used if there is no conflict with existing Unicode sequences in 137the file. Otherwise, the fallback encoding is plain UTF-8 and Isabelle 138symbols remain in literal \<symbol> form. This avoids accidental loss of 139Unicode content when saving the file. 140 141* Bibtex database files (.bib) are semantically checked. 142 143* Update to jedit-5.5.0, the latest release. 144 145 146*** Isabelle/VSCode Prover IDE *** 147 148* HTML preview of theories and other file-formats similar to 149Isabelle/jEdit. 150 151* Command-line tool "isabelle vscode_server" accepts the same options 152-A, -R, -S, -i for session selection as "isabelle jedit". This is 153relevant for isabelle.args configuration settings in VSCode. The former 154option -A (explore all known session files) has been discontinued: it is 155enabled by default, unless option -S is used to focus on a particular 156spot in the session structure. INCOMPATIBILITY. 157 158 159*** Document preparation *** 160 161* Formal comments work uniformly in outer syntax, inner syntax (term 162language), Isabelle/ML and some other embedded languages of Isabelle. 163See also "Document comments" in the isar-ref manual. The following forms 164are supported: 165 166 - marginal text comment: \<comment> \<open>\<dots>\<close> 167 - canceled source: \<^cancel>\<open>\<dots>\<close> 168 - raw LaTeX: \<^latex>\<open>\<dots>\<close> 169 170* Outside of the inner theory body, the default presentation context is 171theory Pure. Thus elementary antiquotations may be used in markup 172commands (e.g. 'chapter', 'section', 'text') and formal comments. 173 174* System option "document_tags" specifies alternative command tags. This 175is occasionally useful to control the global visibility of commands via 176session options (e.g. in ROOT). 177 178* Document markup commands ('section', 'text' etc.) are implicitly 179tagged as "document" and visible by default. This avoids the application 180of option "document_tags" to these commands. 181 182* Isabelle names are mangled into LaTeX macro names to allow the full 183identifier syntax with underscore, prime, digits. This is relevant for 184antiquotations in control symbol notation, e.g. \<^const_name> becomes 185\isactrlconstUNDERSCOREname. 186 187* Document preparation with skip_proofs option now preserves the content 188more accurately: only terminal proof steps ('by' etc.) are skipped. 189 190* Document antiquotation @{theory name} requires the long 191session-qualified theory name: this is what users reading the text 192normally need to import. 193 194* Document antiquotation @{session name} checks and prints the given 195session name verbatim. 196 197* Document antiquotation @{cite} now checks the given Bibtex entries 198against the Bibtex database files -- only in batch-mode session builds. 199 200* Command-line tool "isabelle document" has been re-implemented in 201Isabelle/Scala, with simplified arguments and explicit errors from the 202latex and bibtex process. Minor INCOMPATIBILITY. 203 204* Session ROOT entry: empty 'document_files' means there is no document 205for this session. There is no need to specify options [document = false] 206anymore. 207 208 209*** Isar *** 210 211* Command 'interpret' no longer exposes resulting theorems as literal 212facts, notably for the \<open>prop\<close> notation or the "fact" proof method. This 213improves modularity of proofs and scalability of locale interpretation. 214Rare INCOMPATIBILITY, need to refer to explicitly named facts instead 215(e.g. use 'find_theorems' or 'try' to figure this out). 216 217* The old 'def' command has been discontinued (legacy since 218Isbelle2016-1). INCOMPATIBILITY, use 'define' instead -- usually with 219object-logic equality or equivalence. 220 221 222*** Pure *** 223 224* The inner syntax category "sort" now includes notation "_" for the 225dummy sort: it is effectively ignored in type-inference. 226 227* Rewrites clauses (keyword 'rewrites') were moved into the locale 228expression syntax, where they are part of locale instances. In 229interpretation commands rewrites clauses now need to occur before 'for' 230and 'defines'. Rare INCOMPATIBILITY; definitions immediately subject to 231rewriting may need to be pulled up into the surrounding theory. 232 233* For 'rewrites' clauses, if activating a locale instance fails, fall 234back to reading the clause first. This helps avoid qualification of 235locale instances where the qualifier's sole purpose is avoiding 236duplicate constant declarations. 237 238* Proof method "simp" now supports a new modifier "flip:" followed by a 239list of theorems. Each of these theorems is removed from the simpset 240(without warning if it is not there) and the symmetric version of the 241theorem (i.e. lhs and rhs exchanged) is added to the simpset. For "auto" 242and friends the modifier is "simp flip:". 243 244 245*** HOL *** 246 247* Sledgehammer: bundled version of "vampire" (for non-commercial users) 248helps to avoid fragility of "remote_vampire" service. 249 250* Clarified relationship of characters, strings and code generation: 251 252 - Type "char" is now a proper datatype of 8-bit values. 253 254 - Conversions "nat_of_char" and "char_of_nat" are gone; use more 255 general conversions "of_char" and "char_of" with suitable type 256 constraints instead. 257 258 - The zero character is just written "CHR 0x00", not "0" any longer. 259 260 - Type "String.literal" (for code generation) is now isomorphic to 261 lists of 7-bit (ASCII) values; concrete values can be written as 262 "STR ''...''" for sequences of printable characters and "STR 0x..." 263 for one single ASCII code point given as hexadecimal numeral. 264 265 - Type "String.literal" supports concatenation "... + ..." for all 266 standard target languages. 267 268 - Theory HOL-Library.Code_Char is gone; study the explanations 269 concerning "String.literal" in the tutorial on code generation to 270 get an idea how target-language string literals can be converted to 271 HOL string values and vice versa. 272 273 - Session Imperative-HOL: operation "raise" directly takes a value of 274 type "String.literal" as argument, not type "string". 275 276INCOMPATIBILITY. 277 278* Code generation: Code generation takes an explicit option 279"case_insensitive" to accomodate case-insensitive file systems. 280 281* Abstract bit operations as part of Main: push_bit, take_bit, drop_bit. 282 283* New, more general, axiomatization of complete_distrib_lattice. The 284former axioms: 285 286 "sup x (Inf X) = Inf (sup x ` X)" and "inf x (Sup X) = Sup (inf x ` X)" 287 288are replaced by: 289 290 "Inf (Sup ` A) <= Sup (Inf ` {f ` A | f . (! Y \<in> A . f Y \<in> Y)})" 291 292The instantiations of sets and functions as complete_distrib_lattice are 293moved to Hilbert_Choice.thy because their proofs need the Hilbert choice 294operator. The dual of this property is also proved in theory 295HOL.Hilbert_Choice. 296 297* New syntax for the minimum/maximum of a function over a finite set: 298MIN x\<in>A. B and even MIN x. B (only useful for finite types), also MAX. 299 300* Clarifed theorem names: 301 302 Min.antimono ~> Min.subset_imp 303 Max.antimono ~> Max.subset_imp 304 305Minor INCOMPATIBILITY. 306 307* SMT module: 308 309 - The 'smt_oracle' option is now necessary when using the 'smt' method 310 with a solver other than Z3. INCOMPATIBILITY. 311 312 - The encoding to first-order logic is now more complete in the 313 presence of higher-order quantifiers. An 'smt_explicit_application' 314 option has been added to control this. INCOMPATIBILITY. 315 316* Facts sum.commute(_restrict) and prod.commute(_restrict) renamed to 317sum.swap(_restrict) and prod.swap(_restrict), to avoid name clashes on 318interpretation of abstract locales. INCOMPATIBILITY. 319 320* Predicate coprime is now a real definition, not a mere abbreviation. 321INCOMPATIBILITY. 322 323* Predicate pairwise_coprime abolished, use "pairwise coprime" instead. 324INCOMPATIBILITY. 325 326* The relator rel_filter on filters has been strengthened to its 327canonical categorical definition with better properties. 328INCOMPATIBILITY. 329 330* Generalized linear algebra involving linear, span, dependent, dim 331from type class real_vector to locales module and vector_space. 332Renamed: 333 334 span_inc ~> span_superset 335 span_superset ~> span_base 336 span_eq ~> span_eq_iff 337 338INCOMPATIBILITY. 339 340* Class linordered_semiring_1 covers zero_less_one also, ruling out 341pathologic instances. Minor INCOMPATIBILITY. 342 343* Theory HOL.List: functions "sorted_wrt" and "sorted" now compare every 344element in a list to all following elements, not just the next one. 345 346* Theory HOL.List syntax: 347 348 - filter-syntax "[x <- xs. P]" is no longer output syntax, but only 349 input syntax 350 351 - list comprehension syntax now supports tuple patterns in "pat <- xs" 352 353* Theory Map: "empty" must now be qualified as "Map.empty". 354 355* Removed nat-int transfer machinery. Rare INCOMPATIBILITY. 356 357* Fact mod_mult_self4 (on nat) renamed to Suc_mod_mult_self3, to avoid 358clash with fact mod_mult_self4 (on more generic semirings). 359INCOMPATIBILITY. 360 361* Eliminated some theorem aliasses: 362 even_times_iff ~> even_mult_iff 363 mod_2_not_eq_zero_eq_one_nat ~> not_mod_2_eq_0_eq_1 364 even_of_nat ~> even_int_iff 365 366INCOMPATIBILITY. 367 368* Eliminated some theorem duplicate variations: 369 370 - dvd_eq_mod_eq_0_numeral can be replaced by dvd_eq_mod_eq_0 371 - mod_Suc_eq_Suc_mod can be replaced by mod_Suc 372 - mod_Suc_eq_Suc_mod [symmetrict] can be replaced by mod_simps 373 - mod_eq_0_iff can be replaced by mod_eq_0_iff_dvd and dvd_def 374 - the witness of mod_eqD can be given directly as "_ div _" 375 376INCOMPATIBILITY. 377 378* Classical setup: Assumption "m mod d = 0" (for m d :: nat) is no 379longer aggresively destroyed to "\<exists>q. m = d * q". INCOMPATIBILITY, adding 380"elim!: dvd" to classical proof methods in most situations restores 381broken proofs. 382 383* Theory HOL-Library.Conditional_Parametricity provides command 384'parametric_constant' for proving parametricity of non-recursive 385definitions. For constants that are not fully parametric the command 386will infer conditions on relations (e.g., bi_unique, bi_total, or type 387class conditions such as "respects 0") sufficient for parametricity. See 388theory HOL-ex.Conditional_Parametricity_Examples for some examples. 389 390* Theory HOL-Library.Code_Lazy provides a new preprocessor for the code 391generator to generate code for algebraic types with lazy evaluation 392semantics even in call-by-value target languages. See the theories 393HOL-ex.Code_Lazy_Demo and HOL-Codegenerator_Test.Code_Lazy_Test for some 394examples. 395 396* Theory HOL-Library.Landau_Symbols has been moved here from AFP. 397 398* Theory HOL-Library.Old_Datatype no longer provides the legacy command 399'old_datatype'. INCOMPATIBILITY. 400 401* Theory HOL-Computational_Algebra.Polynomial_Factorial does not provide 402instances of rat, real, complex as factorial rings etc. Import 403HOL-Computational_Algebra.Field_as_Ring explicitly in case of need. 404INCOMPATIBILITY. 405 406* Session HOL-Algebra: renamed (^) to [^] to avoid conflict with new 407infix/prefix notation. 408 409* Session HOL-Algebra: revamped with much new material. The set of 410isomorphisms between two groups is now denoted iso rather than iso_set. 411INCOMPATIBILITY. 412 413* Session HOL-Analysis: the Arg function now respects the same interval 414as Ln, namely (-pi,pi]; the old Arg function has been renamed Arg2pi. 415INCOMPATIBILITY. 416 417* Session HOL-Analysis: the functions zorder, zer_poly, porder and 418pol_poly have been redefined. All related lemmas have been reworked. 419INCOMPATIBILITY. 420 421* Session HOL-Analysis: infinite products, Moebius functions, the 422Riemann mapping theorem, the Vitali covering theorem, 423change-of-variables results for integration and measures. 424 425* Session HOL-Real_Asymp: proof method "real_asymp" proves asymptotics 426or real-valued functions (limits, "Big-O", etc.) automatically. 427See also ~~/src/HOL/Real_Asymp/Manual for some documentation. 428 429* Session HOL-Types_To_Sets: more tool support (unoverload_type combines 430internalize_sorts and unoverload) and larger experimental application 431(type based linear algebra transferred to linear algebra on subspaces). 432 433 434*** ML *** 435 436* Operation Export.export emits theory exports (arbitrary blobs), which 437are stored persistently in the session build database. 438 439* Command 'ML_export' exports ML toplevel bindings to the global 440bootstrap environment of the ML process. This allows ML evaluation 441without a formal theory context, e.g. in command-line tools like 442"isabelle process". 443 444 445*** System *** 446 447* Mac OS X 10.10 Yosemite is now the baseline version; Mavericks is no 448longer supported. 449 450* Linux and Windows/Cygwin is for x86_64 only, old 32bit platform 451support has been discontinued. 452 453* Java runtime is for x86_64 only. Corresponding Isabelle settings have 454been renamed to ISABELLE_TOOL_JAVA_OPTIONS and JEDIT_JAVA_OPTIONS, 455instead of former 32/64 variants. INCOMPATIBILITY. 456 457* Old settings ISABELLE_PLATFORM and ISABELLE_WINDOWS_PLATFORM should be 458phased out due to unclear preference of 32bit vs. 64bit architecture. 459Explicit GNU bash expressions are now preferred, for example (with 460quotes): 461 462 #Posix executables (Unix or Cygwin), with preference for 64bit 463 "${ISABELLE_PLATFORM64:-$ISABELLE_PLATFORM32}" 464 465 #native Windows or Unix executables, with preference for 64bit 466 "${ISABELLE_WINDOWS_PLATFORM64:-${ISABELLE_WINDOWS_PLATFORM32:-${ISABELLE_PLATFORM64:-$ISABELLE_PLATFORM32}}}" 467 468 #native Windows (32bit) or Unix executables (preference for 64bit) 469 "${ISABELLE_WINDOWS_PLATFORM32:-${ISABELLE_PLATFORM64:-$ISABELLE_PLATFORM32}}" 470 471* Command-line tool "isabelle build" supports new options: 472 - option -B NAME: include session NAME and all descendants 473 - option -S: only observe changes of sources, not heap images 474 - option -f: forces a fresh build 475 476* Command-line tool "isabelle build" options -c -x -B refer to 477descendants wrt. the session parent or import graph. Subtle 478INCOMPATIBILITY: options -c -x used to refer to the session parent graph 479only. 480 481* Command-line tool "isabelle build" takes "condition" options with the 482corresponding environment values into account, when determining the 483up-to-date status of a session. 484 485* The command-line tool "dump" dumps information from the cumulative 486PIDE session database: many sessions may be loaded into a given logic 487image, results from all loaded theories are written to the output 488directory. 489 490* Command-line tool "isabelle imports -I" also reports actual session 491imports. This helps to minimize the session dependency graph. 492 493* The command-line tool "export" and 'export_files' in session ROOT 494entries retrieve theory exports from the session build database. 495 496* The command-line tools "isabelle server" and "isabelle client" provide 497access to the Isabelle Server: it supports responsive session management 498and concurrent use of theories, based on Isabelle/PIDE infrastructure. 499See also the "system" manual. 500 501* The command-line tool "isabelle update_comments" normalizes formal 502comments in outer syntax as follows: \<comment> \<open>text\<close> (whith a single space to 503approximate the appearance in document output). This is more specific 504than former "isabelle update_cartouches -c": the latter tool option has 505been discontinued. 506 507* The command-line tool "isabelle mkroot" now always produces a document 508outline: its options have been adapted accordingly. INCOMPATIBILITY. 509 510* The command-line tool "isabelle mkroot -I" initializes a Mercurial 511repository for the generated session files. 512 513* Settings ISABELLE_HEAPS + ISABELLE_BROWSER_INFO (or 514ISABELLE_HEAPS_SYSTEM + ISABELLE_BROWSER_INFO_SYSTEM in "system build 515mode") determine the directory locations of the main build artefacts -- 516instead of hard-wired directories in ISABELLE_HOME_USER (or 517ISABELLE_HOME). 518 519* Settings ISABELLE_PATH and ISABELLE_OUTPUT have been discontinued: 520heap images and session databases are always stored in 521$ISABELLE_HEAPS/$ML_IDENTIFIER (command-line default) or 522$ISABELLE_HEAPS_SYSTEM/$ML_IDENTIFIER (main Isabelle application or 523"isabelle jedit -s" or "isabelle build -s"). 524 525* ISABELLE_LATEX and ISABELLE_PDFLATEX now include platform-specific 526options for improved error reporting. Potential INCOMPATIBILITY with 527unusual LaTeX installations, may have to adapt these settings. 528 529* Update to Poly/ML 5.7.1 with slightly improved performance and PIDE 530markup for identifier bindings. It now uses The GNU Multiple Precision 531Arithmetic Library (libgmp) on all platforms, notably Mac OS X with 53232/64 bit. 533 534 535 536New in Isabelle2017 (October 2017) 537---------------------------------- 538 539*** General *** 540 541* Experimental support for Visual Studio Code (VSCode) as alternative 542Isabelle/PIDE front-end, see also 543https://marketplace.visualstudio.com/items?itemName=makarius.Isabelle2017 544 545VSCode is a new type of application that continues the concepts of 546"programmer's editor" and "integrated development environment" towards 547fully semantic editing and debugging -- in a relatively light-weight 548manner. Thus it fits nicely on top of the Isabelle/PIDE infrastructure. 549Technically, VSCode is based on the Electron application framework 550(Node.js + Chromium browser + V8), which is implemented in JavaScript 551and TypeScript, while Isabelle/VSCode mainly consists of Isabelle/Scala 552modules around a Language Server implementation. 553 554* Theory names are qualified by the session name that they belong to. 555This affects imports, but not the theory name space prefix (which is 556just the theory base name as before). 557 558In order to import theories from other sessions, the ROOT file format 559provides a new 'sessions' keyword. In contrast, a theory that is 560imported in the old-fashioned manner via an explicit file-system path 561belongs to the current session, and might cause theory name conflicts 562later on. Theories that are imported from other sessions are excluded 563from the current session document. The command-line tool "isabelle 564imports" helps to update theory imports. 565 566* The main theory entry points for some non-HOL sessions have changed, 567to avoid confusion with the global name "Main" of the session HOL. This 568leads to the follow renamings: 569 570 CTT/Main.thy ~> CTT/CTT.thy 571 ZF/Main.thy ~> ZF/ZF.thy 572 ZF/Main_ZF.thy ~> ZF/ZF.thy 573 ZF/Main_ZFC.thy ~> ZF/ZFC.thy 574 ZF/ZF.thy ~> ZF/ZF_Base.thy 575 576INCOMPATIBILITY. 577 578* Commands 'alias' and 'type_alias' introduce aliases for constants and 579type constructors, respectively. This allows adhoc changes to name-space 580accesses within global or local theory contexts, e.g. within a 'bundle'. 581 582* Document antiquotations @{prf} and @{full_prf} output proof terms 583(again) in the same way as commands 'prf' and 'full_prf'. 584 585* Computations generated by the code generator can be embedded directly 586into ML, alongside with @{code} antiquotations, using the following 587antiquotations: 588 589 @{computation ... terms: ... datatypes: ...} : 590 ((term -> term) -> 'ml option -> 'a) -> Proof.context -> term -> 'a 591 @{computation_conv ... terms: ... datatypes: ...} : 592 (Proof.context -> 'ml -> conv) -> Proof.context -> conv 593 @{computation_check terms: ... datatypes: ...} : Proof.context -> conv 594 595See src/HOL/ex/Computations.thy, 596src/HOL/Decision_Procs/Commutative_Ring.thy and 597src/HOL/Decision_Procs/Reflective_Field.thy for examples and the 598tutorial on code generation. 599 600 601*** Prover IDE -- Isabelle/Scala/jEdit *** 602 603* Session-qualified theory imports allow the Prover IDE to process 604arbitrary theory hierarchies independently of the underlying logic 605session image (e.g. option "isabelle jedit -l"), but the directory 606structure needs to be known in advance (e.g. option "isabelle jedit -d" 607or a line in the file $ISABELLE_HOME_USER/ROOTS). 608 609* The PIDE document model maintains file content independently of the 610status of jEdit editor buffers. Reloading jEdit buffers no longer causes 611changes of formal document content. Theory dependencies are always 612resolved internally, without the need for corresponding editor buffers. 613The system option "jedit_auto_load" has been discontinued: it is 614effectively always enabled. 615 616* The Theories dockable provides a "Purge" button, in order to restrict 617the document model to theories that are required for open editor 618buffers. 619 620* The Theories dockable indicates the overall status of checking of each 621entry. When all forked tasks of a theory are finished, the border is 622painted with thick lines; remaining errors in this situation are 623represented by a different border color. 624 625* Automatic indentation is more careful to avoid redundant spaces in 626intermediate situations. Keywords are indented after input (via typed 627characters or completion); see also option "jedit_indent_input". 628 629* Action "isabelle.preview" opens an HTML preview of the current theory 630document in the default web browser. 631 632* Command-line invocation "isabelle jedit -R -l LOGIC" opens the ROOT 633entry of the specified logic session in the editor, while its parent is 634used for formal checking. 635 636* The main Isabelle/jEdit plugin may be restarted manually (using the 637jEdit Plugin Manager), as long as the "Isabelle Base" plugin remains 638enabled at all times. 639 640* Update to current jedit-5.4.0. 641 642 643*** Pure *** 644 645* Deleting the last code equations for a particular function using 646[code del] results in function with no equations (runtime abort) rather 647than an unimplemented function (generation time abort). Use explicit 648[[code drop:]] to enforce the latter. Minor INCOMPATIBILITY. 649 650* Proper concept of code declarations in code.ML: 651 - Regular code declarations act only on the global theory level, being 652 ignored with warnings if syntactically malformed. 653 - Explicitly global code declarations yield errors if syntactically 654 malformed. 655 - Default code declarations are silently ignored if syntactically 656 malformed. 657Minor INCOMPATIBILITY. 658 659* Clarified and standardized internal data bookkeeping of code 660declarations: history of serials allows to track potentially 661non-monotonous declarations appropriately. Minor INCOMPATIBILITY. 662 663 664*** HOL *** 665 666* The Nunchaku model finder is now part of "Main". 667 668* SMT module: 669 - A new option, 'smt_nat_as_int', has been added to translate 'nat' to 670 'int' and benefit from the SMT solver's theory reasoning. It is 671 disabled by default. 672 - The legacy module "src/HOL/Library/Old_SMT.thy" has been removed. 673 - Several small issues have been rectified in the 'smt' command. 674 675* (Co)datatype package: The 'size_gen_o_map' lemma is no longer 676generated for datatypes with type class annotations. As a result, the 677tactic that derives it no longer fails on nested datatypes. Slight 678INCOMPATIBILITY. 679 680* Command and antiquotation "value" with modified default strategy: 681terms without free variables are always evaluated using plain evaluation 682only, with no fallback on normalization by evaluation. Minor 683INCOMPATIBILITY. 684 685* Theories "GCD" and "Binomial" are already included in "Main" (instead 686of "Complex_Main"). 687 688* Constant "surj" is a full input/output abbreviation (again). 689Minor INCOMPATIBILITY. 690 691* Dropped aliasses RangeP, DomainP for Rangep, Domainp respectively. 692INCOMPATIBILITY. 693 694* Renamed ii to imaginary_unit in order to free up ii as a variable 695name. The syntax \<i> remains available. INCOMPATIBILITY. 696 697* Dropped abbreviations transP, antisymP, single_valuedP; use constants 698transp, antisymp, single_valuedp instead. INCOMPATIBILITY. 699 700* Constant "subseq" in Topological_Spaces has been removed -- it is 701subsumed by "strict_mono". Some basic lemmas specific to "subseq" have 702been renamed accordingly, e.g. "subseq_o" -> "strict_mono_o" etc. 703 704* Theory List: "sublist" renamed to "nths" in analogy with "nth", and 705"sublisteq" renamed to "subseq". Minor INCOMPATIBILITY. 706 707* Theory List: new generic function "sorted_wrt". 708 709* Named theorems mod_simps covers various congruence rules concerning 710mod, replacing former zmod_simps. INCOMPATIBILITY. 711 712* Swapped orientation of congruence rules mod_add_left_eq, 713mod_add_right_eq, mod_add_eq, mod_mult_left_eq, mod_mult_right_eq, 714mod_mult_eq, mod_minus_eq, mod_diff_left_eq, mod_diff_right_eq, 715mod_diff_eq. INCOMPATIBILITY. 716 717* Generalized some facts: 718 measure_induct_rule 719 measure_induct 720 zminus_zmod ~> mod_minus_eq 721 zdiff_zmod_left ~> mod_diff_left_eq 722 zdiff_zmod_right ~> mod_diff_right_eq 723 zmod_eq_dvd_iff ~> mod_eq_dvd_iff 724INCOMPATIBILITY. 725 726* Algebraic type class hierarchy of euclidean (semi)rings in HOL: 727euclidean_(semi)ring, euclidean_(semi)ring_cancel, 728unique_euclidean_(semi)ring; instantiation requires provision of a 729euclidean size. 730 731* Theory "HOL-Number_Theory.Euclidean_Algorithm" has been reworked: 732 - Euclidean induction is available as rule eucl_induct. 733 - Constants Euclidean_Algorithm.gcd, Euclidean_Algorithm.lcm, 734 Euclidean_Algorithm.Gcd and Euclidean_Algorithm.Lcm allow 735 easy instantiation of euclidean (semi)rings as GCD (semi)rings. 736 - Coefficients obtained by extended euclidean algorithm are 737 available as "bezout_coefficients". 738INCOMPATIBILITY. 739 740* Theory "Number_Theory.Totient" introduces basic notions about Euler's 741totient function previously hidden as solitary example in theory 742Residues. Definition changed so that "totient 1 = 1" in agreement with 743the literature. Minor INCOMPATIBILITY. 744 745* New styles in theory "HOL-Library.LaTeXsugar": 746 - "dummy_pats" for printing equations with "_" on the lhs; 747 - "eta_expand" for printing eta-expanded terms. 748 749* Theory "HOL-Library.Permutations": theorem bij_swap_ompose_bij has 750been renamed to bij_swap_compose_bij. INCOMPATIBILITY. 751 752* New theory "HOL-Library.Going_To_Filter" providing the "f going_to F" 753filter for describing points x such that f(x) is in the filter F. 754 755* Theory "HOL-Library.Formal_Power_Series": constants X/E/L/F have been 756renamed to fps_X/fps_exp/fps_ln/fps_hypergeo to avoid polluting the name 757space. INCOMPATIBILITY. 758 759* Theory "HOL-Library.FinFun" has been moved to AFP (again). 760INCOMPATIBILITY. 761 762* Theory "HOL-Library.FuncSet": some old and rarely used ASCII 763replacement syntax has been removed. INCOMPATIBILITY, standard syntax 764with symbols should be used instead. The subsequent commands help to 765reproduce the old forms, e.g. to simplify porting old theories: 766 767syntax (ASCII) 768 "_PiE" :: "pttrn \<Rightarrow> 'a set \<Rightarrow> 'b set \<Rightarrow> ('a \<Rightarrow> 'b) set" ("(3PIE _:_./ _)" 10) 769 "_Pi" :: "pttrn \<Rightarrow> 'a set \<Rightarrow> 'b set \<Rightarrow> ('a \<Rightarrow> 'b) set" ("(3PI _:_./ _)" 10) 770 "_lam" :: "pttrn \<Rightarrow> 'a set \<Rightarrow> 'a \<Rightarrow> 'b \<Rightarrow> ('a \<Rightarrow> 'b)" ("(3%_:_./ _)" [0,0,3] 3) 771 772* Theory "HOL-Library.Multiset": the simprocs on subsets operators of 773multisets have been renamed: 774 775 msetless_cancel_numerals ~> msetsubset_cancel 776 msetle_cancel_numerals ~> msetsubset_eq_cancel 777 778INCOMPATIBILITY. 779 780* Theory "HOL-Library.Pattern_Aliases" provides input and output syntax 781for pattern aliases as known from Haskell, Scala and ML. 782 783* Theory "HOL-Library.Uprod" formalizes the type of unordered pairs. 784 785* Session HOL-Analysis: more material involving arcs, paths, covering 786spaces, innessential maps, retracts, infinite products, simplicial 787complexes. Baire Category theorem. Major results include the Jordan 788Curve Theorem and the Great Picard Theorem. 789 790* Session HOL-Algebra has been extended by additional lattice theory: 791the Knaster-Tarski fixed point theorem and Galois Connections. 792 793* Sessions HOL-Computational_Algebra and HOL-Number_Theory: new notions 794of squarefreeness, n-th powers, and prime powers. 795 796* Session "HOL-Computional_Algebra" covers many previously scattered 797theories, notably Euclidean_Algorithm, Factorial_Ring, 798Formal_Power_Series, Fraction_Field, Fundamental_Theorem_Algebra, 799Normalized_Fraction, Polynomial_FPS, Polynomial, Primes. Minor 800INCOMPATIBILITY. 801 802 803*** System *** 804 805* Isabelle/Scala: the SQL module supports access to relational 806databases, either as plain file (SQLite) or full-scale server 807(PostgreSQL via local port or remote ssh connection). 808 809* Results of "isabelle build" are recorded as SQLite database (i.e. 810"Application File Format" in the sense of 811https://www.sqlite.org/appfileformat.html). This allows systematic 812access via operations from module Sessions.Store in Isabelle/Scala. 813 814* System option "parallel_proofs" is 1 by default (instead of more 815aggressive 2). This requires less heap space and avoids burning parallel 816CPU cycles, while full subproof parallelization is enabled for repeated 817builds (according to parallel_subproofs_threshold). 818 819* System option "record_proofs" allows to change the global 820Proofterm.proofs variable for a session. Regular values are are 0, 1, 2; 821a negative value means the current state in the ML heap image remains 822unchanged. 823 824* Isabelle settings variable ISABELLE_SCALA_BUILD_OPTIONS has been 825renamed to ISABELLE_SCALAC_OPTIONS. Rare INCOMPATIBILITY. 826 827* Isabelle settings variables ISABELLE_WINDOWS_PLATFORM, 828ISABELLE_WINDOWS_PLATFORM32, ISABELLE_WINDOWS_PLATFORM64 indicate the 829native Windows platform (independently of the Cygwin installation). This 830is analogous to ISABELLE_PLATFORM, ISABELLE_PLATFORM32, 831ISABELLE_PLATFORM64. 832 833* Command-line tool "isabelle build_docker" builds a Docker image from 834the Isabelle application bundle for Linux. See also 835https://hub.docker.com/r/makarius/isabelle 836 837* Command-line tool "isabelle vscode_server" provides a Language Server 838Protocol implementation, e.g. for the Visual Studio Code editor. It 839serves as example for alternative PIDE front-ends. 840 841* Command-line tool "isabelle imports" helps to maintain theory imports 842wrt. session structure. Examples for the main Isabelle distribution: 843 844 isabelle imports -I -a 845 isabelle imports -U -a 846 isabelle imports -U -i -a 847 isabelle imports -M -a -d '~~/src/Benchmarks' 848 849 850 851New in Isabelle2016-1 (December 2016) 852------------------------------------- 853 854*** General *** 855 856* Splitter in proof methods "simp", "auto" and friends: 857 - The syntax "split add" has been discontinued, use plain "split", 858 INCOMPATIBILITY. 859 - For situations with many conditional or case expressions, there is 860 an alternative splitting strategy that can be much faster. It is 861 selected by writing "split!" instead of "split". It applies safe 862 introduction and elimination rules after each split rule. As a 863 result the subgoal may be split into several subgoals. 864 865* Command 'bundle' provides a local theory target to define a bundle 866from the body of specification commands (such as 'declare', 867'declaration', 'notation', 'lemmas', 'lemma'). For example: 868 869bundle foo 870begin 871 declare a [simp] 872 declare b [intro] 873end 874 875* Command 'unbundle' is like 'include', but works within a local theory 876context. Unlike "context includes ... begin", the effect of 'unbundle' 877on the target context persists, until different declarations are given. 878 879* Simplified outer syntax: uniform category "name" includes long 880identifiers. Former "xname" / "nameref" / "name reference" has been 881discontinued. 882 883* Embedded content (e.g. the inner syntax of types, terms, props) may be 884delimited uniformly via cartouches. This works better than old-fashioned 885quotes when sub-languages are nested. 886 887* Mixfix annotations support general block properties, with syntax 888"(\<open>x=a y=b z \<dots>\<close>". Notable property names are "indent", "consistent", 889"unbreakable", "markup". The existing notation "(DIGITS" is equivalent 890to "(\<open>indent=DIGITS\<close>". The former notation "(00" for unbreakable blocks 891is superseded by "(\<open>unbreabable\<close>" --- rare INCOMPATIBILITY. 892 893* Proof method "blast" is more robust wrt. corner cases of Pure 894statements without object-logic judgment. 895 896* Commands 'prf' and 'full_prf' are somewhat more informative (again): 897proof terms are reconstructed and cleaned from administrative thm nodes. 898 899* Code generator: config option "code_timing" triggers measurements of 900different phases of code generation. See src/HOL/ex/Code_Timing.thy for 901examples. 902 903* Code generator: implicits in Scala (stemming from type class 904instances) are generated into companion object of corresponding type 905class, to resolve some situations where ambiguities may occur. 906 907* Solve direct: option "solve_direct_strict_warnings" gives explicit 908warnings for lemma statements with trivial proofs. 909 910 911*** Prover IDE -- Isabelle/Scala/jEdit *** 912 913* More aggressive flushing of machine-generated input, according to 914system option editor_generated_input_delay (in addition to existing 915editor_input_delay for regular user edits). This may affect overall PIDE 916reactivity and CPU usage. 917 918* Syntactic indentation according to Isabelle outer syntax. Action 919"indent-lines" (shortcut C+i) indents the current line according to 920command keywords and some command substructure. Action 921"isabelle.newline" (shortcut ENTER) indents the old and the new line 922according to command keywords only; see also option 923"jedit_indent_newline". 924 925* Semantic indentation for unstructured proof scripts ('apply' etc.) via 926number of subgoals. This requires information of ongoing document 927processing and may thus lag behind, when the user is editing too 928quickly; see also option "jedit_script_indent" and 929"jedit_script_indent_limit". 930 931* Refined folding mode "isabelle" based on Isar syntax: 'next' and 'qed' 932are treated as delimiters for fold structure; 'begin' and 'end' 933structure of theory specifications is treated as well. 934 935* Command 'proof' provides information about proof outline with cases, 936e.g. for proof methods "cases", "induct", "goal_cases". 937 938* Completion templates for commands involving "begin ... end" blocks, 939e.g. 'context', 'notepad'. 940 941* Sidekick parser "isabelle-context" shows nesting of context blocks 942according to 'begin' and 'end' structure. 943 944* Highlighting of entity def/ref positions wrt. cursor. 945 946* Action "isabelle.select-entity" (shortcut CS+ENTER) selects all 947occurrences of the formal entity at the caret position. This facilitates 948systematic renaming. 949 950* PIDE document markup works across multiple Isar commands, e.g. the 951results established at the end of a proof are properly identified in the 952theorem statement. 953 954* Cartouche abbreviations work both for " and ` to accomodate typical 955situations where old ASCII notation may be updated. 956 957* Dockable window "Symbols" also provides access to 'abbrevs' from the 958outer syntax of the current theory buffer. This provides clickable 959syntax templates, including entries with empty abbrevs name (which are 960inaccessible via keyboard completion). 961 962* IDE support for the Isabelle/Pure bootstrap process, with the 963following independent stages: 964 965 src/Pure/ROOT0.ML 966 src/Pure/ROOT.ML 967 src/Pure/Pure.thy 968 src/Pure/ML_Bootstrap.thy 969 970The ML ROOT files act like quasi-theories in the context of theory 971ML_Bootstrap: this allows continuous checking of all loaded ML files. 972The theory files are presented with a modified header to import Pure 973from the running Isabelle instance. Results from changed versions of 974each stage are *not* propagated to the next stage, and isolated from the 975actual Isabelle/Pure that runs the IDE itself. The sequential 976dependencies of the above files are only observed for batch build. 977 978* Isabelle/ML and Standard ML files are presented in Sidekick with the 979tree structure of section headings: this special comment format is 980described in "implementation" chapter 0, e.g. (*** section ***). 981 982* Additional abbreviations for syntactic completion may be specified 983within the theory header as 'abbrevs'. The theory syntax for 'keywords' 984has been simplified accordingly: optional abbrevs need to go into the 985new 'abbrevs' section. 986 987* Global abbreviations via $ISABELLE_HOME/etc/abbrevs and 988$ISABELLE_HOME_USER/etc/abbrevs are no longer supported. Minor 989INCOMPATIBILITY, use 'abbrevs' within theory header instead. 990 991* Action "isabelle.keymap-merge" asks the user to resolve pending 992Isabelle keymap changes that are in conflict with the current jEdit 993keymap; non-conflicting changes are always applied implicitly. This 994action is automatically invoked on Isabelle/jEdit startup and thus 995increases chances that users see new keyboard shortcuts when re-using 996old keymaps. 997 998* ML and document antiquotations for file-systems paths are more uniform 999and diverse: 1000 1001 @{path NAME} -- no file-system check 1002 @{file NAME} -- check for plain file 1003 @{dir NAME} -- check for directory 1004 1005Minor INCOMPATIBILITY, former uses of @{file} and @{file_unchecked} may 1006have to be changed. 1007 1008 1009*** Document preparation *** 1010 1011* New symbol \<circle>, e.g. for temporal operator. 1012 1013* New document and ML antiquotation @{locale} for locales, similar to 1014existing antiquotation @{class}. 1015 1016* Mixfix annotations support delimiters like \<^control>\<open>cartouche\<close> -- 1017this allows special forms of document output. 1018 1019* Raw LaTeX output now works via \<^latex>\<open>...\<close> instead of raw control 1020symbol \<^raw:...>. INCOMPATIBILITY, notably for LaTeXsugar.thy and its 1021derivatives. 1022 1023* \<^raw:...> symbols are no longer supported. 1024 1025* Old 'header' command is no longer supported (legacy since 1026Isabelle2015). 1027 1028 1029*** Isar *** 1030 1031* Many specification elements support structured statements with 'if' / 1032'for' eigen-context, e.g. 'axiomatization', 'abbreviation', 1033'definition', 'inductive', 'function'. 1034 1035* Toplevel theorem statements support eigen-context notation with 'if' / 1036'for' (in postfix), which corresponds to 'assumes' / 'fixes' in the 1037traditional long statement form (in prefix). Local premises are called 1038"that" or "assms", respectively. Empty premises are *not* bound in the 1039context: INCOMPATIBILITY. 1040 1041* Command 'define' introduces a local (non-polymorphic) definition, with 1042optional abstraction over local parameters. The syntax resembles 1043'definition' and 'obtain'. It fits better into the Isar language than 1044old 'def', which is now a legacy feature. 1045 1046* Command 'obtain' supports structured statements with 'if' / 'for' 1047context. 1048 1049* Command '\<proof>' is an alias for 'sorry', with different 1050typesetting. E.g. to produce proof holes in examples and documentation. 1051 1052* The defining position of a literal fact \<open>prop\<close> is maintained more 1053carefully, and made accessible as hyperlink in the Prover IDE. 1054 1055* Commands 'finally' and 'ultimately' used to expose the result as 1056literal fact: this accidental behaviour has been discontinued. Rare 1057INCOMPATIBILITY, use more explicit means to refer to facts in Isar. 1058 1059* Command 'axiomatization' has become more restrictive to correspond 1060better to internal axioms as singleton facts with mandatory name. Minor 1061INCOMPATIBILITY. 1062 1063* Proof methods may refer to the main facts via the dynamic fact 1064"method_facts". This is particularly useful for Eisbach method 1065definitions. 1066 1067* Proof method "use" allows to modify the main facts of a given method 1068expression, e.g. 1069 1070 (use facts in simp) 1071 (use facts in \<open>simp add: ...\<close>) 1072 1073* The old proof method "default" has been removed (legacy since 1074Isabelle2016). INCOMPATIBILITY, use "standard" instead. 1075 1076 1077*** Pure *** 1078 1079* Pure provides basic versions of proof methods "simp" and "simp_all" 1080that only know about meta-equality (==). Potential INCOMPATIBILITY in 1081theory imports that merge Pure with e.g. Main of Isabelle/HOL: the order 1082is relevant to avoid confusion of Pure.simp vs. HOL.simp. 1083 1084* The command 'unfolding' and proof method "unfold" include a second 1085stage where given equations are passed through the attribute "abs_def" 1086before rewriting. This ensures that definitions are fully expanded, 1087regardless of the actual parameters that are provided. Rare 1088INCOMPATIBILITY in some corner cases: use proof method (simp only:) 1089instead, or declare [[unfold_abs_def = false]] in the proof context. 1090 1091* Type-inference improves sorts of newly introduced type variables for 1092the object-logic, using its base sort (i.e. HOL.type for Isabelle/HOL). 1093Thus terms like "f x" or "\<And>x. P x" without any further syntactic context 1094produce x::'a::type in HOL instead of x::'a::{} in Pure. Rare 1095INCOMPATIBILITY, need to provide explicit type constraints for Pure 1096types where this is really intended. 1097 1098 1099*** HOL *** 1100 1101* New proof method "argo" using the built-in Argo solver based on SMT 1102technology. The method can be used to prove goals of quantifier-free 1103propositional logic, goals based on a combination of quantifier-free 1104propositional logic with equality, and goals based on a combination of 1105quantifier-free propositional logic with linear real arithmetic 1106including min/max/abs. See HOL/ex/Argo_Examples.thy for examples. 1107 1108* The new "nunchaku" command integrates the Nunchaku model finder. The 1109tool is experimental. See ~~/src/HOL/Nunchaku/Nunchaku.thy for details. 1110 1111* Metis: The problem encoding has changed very slightly. This might 1112break existing proofs. INCOMPATIBILITY. 1113 1114* Sledgehammer: 1115 - The MaSh relevance filter is now faster than before. 1116 - Produce syntactically correct Vampire 4.0 problem files. 1117 1118* (Co)datatype package: 1119 - New commands for defining corecursive functions and reasoning about 1120 them in "~~/src/HOL/Library/BNF_Corec.thy": 'corec', 'corecursive', 1121 'friend_of_corec', and 'corecursion_upto'; and 'corec_unique' proof 1122 method. See 'isabelle doc corec'. 1123 - The predicator :: ('a \<Rightarrow> bool) \<Rightarrow> 'a F \<Rightarrow> bool is now a first-class 1124 citizen in bounded natural functors. 1125 - 'primrec' now allows nested calls through the predicator in addition 1126 to the map function. 1127 - 'bnf' automatically discharges reflexive proof obligations. 1128 - 'bnf' outputs a slightly modified proof obligation expressing rel in 1129 terms of map and set 1130 (not giving a specification for rel makes this one reflexive). 1131 - 'bnf' outputs a new proof obligation expressing pred in terms of set 1132 (not giving a specification for pred makes this one reflexive). 1133 INCOMPATIBILITY: manual 'bnf' declarations may need adjustment. 1134 - Renamed lemmas: 1135 rel_prod_apply ~> rel_prod_inject 1136 pred_prod_apply ~> pred_prod_inject 1137 INCOMPATIBILITY. 1138 - The "size" plugin has been made compatible again with locales. 1139 - The theorems about "rel" and "set" may have a slightly different (but 1140 equivalent) form. 1141 INCOMPATIBILITY. 1142 1143* The 'coinductive' command produces a proper coinduction rule for 1144mutual coinductive predicates. This new rule replaces the old rule, 1145which exposed details of the internal fixpoint construction and was 1146hard to use. INCOMPATIBILITY. 1147 1148* New abbreviations for negated existence (but not bounded existence): 1149 1150 \<nexists>x. P x \<equiv> \<not> (\<exists>x. P x) 1151 \<nexists>!x. P x \<equiv> \<not> (\<exists>!x. P x) 1152 1153* The print mode "HOL" for ASCII syntax of binders "!", "?", "?!", "@" 1154has been removed for output. It is retained for input only, until it is 1155eliminated altogether. 1156 1157* The unique existence quantifier no longer provides 'binder' syntax, 1158but uses syntax translations (as for bounded unique existence). Thus 1159iterated quantification \<exists>!x y. P x y with its slightly confusing 1160sequential meaning \<exists>!x. \<exists>!y. P x y is no longer possible. Instead, 1161pattern abstraction admits simultaneous unique existence \<exists>!(x, y). P x y 1162(analogous to existing notation \<exists>!(x, y)\<in>A. P x y). Potential 1163INCOMPATIBILITY in rare situations. 1164 1165* Conventional syntax "%(). t" for unit abstractions. Slight syntactic 1166INCOMPATIBILITY. 1167 1168* Renamed constants and corresponding theorems: 1169 1170 setsum ~> sum 1171 setprod ~> prod 1172 listsum ~> sum_list 1173 listprod ~> prod_list 1174 1175INCOMPATIBILITY. 1176 1177* Sligthly more standardized theorem names: 1178 sgn_times ~> sgn_mult 1179 sgn_mult' ~> Real_Vector_Spaces.sgn_mult 1180 divide_zero_left ~> div_0 1181 zero_mod_left ~> mod_0 1182 divide_zero ~> div_by_0 1183 divide_1 ~> div_by_1 1184 nonzero_mult_divide_cancel_left ~> nonzero_mult_div_cancel_left 1185 div_mult_self1_is_id ~> nonzero_mult_div_cancel_left 1186 nonzero_mult_divide_cancel_right ~> nonzero_mult_div_cancel_right 1187 div_mult_self2_is_id ~> nonzero_mult_div_cancel_right 1188 is_unit_divide_mult_cancel_left ~> is_unit_div_mult_cancel_left 1189 is_unit_divide_mult_cancel_right ~> is_unit_div_mult_cancel_right 1190 mod_div_equality ~> div_mult_mod_eq 1191 mod_div_equality2 ~> mult_div_mod_eq 1192 mod_div_equality3 ~> mod_div_mult_eq 1193 mod_div_equality4 ~> mod_mult_div_eq 1194 minus_div_eq_mod ~> minus_div_mult_eq_mod 1195 minus_div_eq_mod2 ~> minus_mult_div_eq_mod 1196 minus_mod_eq_div ~> minus_mod_eq_div_mult 1197 minus_mod_eq_div2 ~> minus_mod_eq_mult_div 1198 div_mod_equality' ~> minus_mod_eq_div_mult [symmetric] 1199 mod_div_equality' ~> minus_div_mult_eq_mod [symmetric] 1200 zmod_zdiv_equality ~> mult_div_mod_eq [symmetric] 1201 zmod_zdiv_equality' ~> minus_div_mult_eq_mod [symmetric] 1202 Divides.mult_div_cancel ~> minus_mod_eq_mult_div [symmetric] 1203 mult_div_cancel ~> minus_mod_eq_mult_div [symmetric] 1204 zmult_div_cancel ~> minus_mod_eq_mult_div [symmetric] 1205 div_1 ~> div_by_Suc_0 1206 mod_1 ~> mod_by_Suc_0 1207INCOMPATIBILITY. 1208 1209* New type class "idom_abs_sgn" specifies algebraic properties 1210of sign and absolute value functions. Type class "sgn_if" has 1211disappeared. Slight INCOMPATIBILITY. 1212 1213* Dedicated syntax LENGTH('a) for length of types. 1214 1215* Characters (type char) are modelled as finite algebraic type 1216corresponding to {0..255}. 1217 1218 - Logical representation: 1219 * 0 is instantiated to the ASCII zero character. 1220 * All other characters are represented as "Char n" 1221 with n being a raw numeral expression less than 256. 1222 * Expressions of the form "Char n" with n greater than 255 1223 are non-canonical. 1224 - Printing and parsing: 1225 * Printable characters are printed and parsed as "CHR ''\<dots>''" 1226 (as before). 1227 * The ASCII zero character is printed and parsed as "0". 1228 * All other canonical characters are printed as "CHR 0xXX" 1229 with XX being the hexadecimal character code. "CHR n" 1230 is parsable for every numeral expression n. 1231 * Non-canonical characters have no special syntax and are 1232 printed as their logical representation. 1233 - Explicit conversions from and to the natural numbers are 1234 provided as char_of_nat, nat_of_char (as before). 1235 - The auxiliary nibble type has been discontinued. 1236 1237INCOMPATIBILITY. 1238 1239* Type class "div" with operation "mod" renamed to type class "modulo" 1240with operation "modulo", analogously to type class "divide". This 1241eliminates the need to qualify any of those names in the presence of 1242infix "mod" syntax. INCOMPATIBILITY. 1243 1244* Statements and proofs of Knaster-Tarski fixpoint combinators lfp/gfp 1245have been clarified. The fixpoint properties are lfp_fixpoint, its 1246symmetric lfp_unfold (as before), and the duals for gfp. Auxiliary items 1247for the proof (lfp_lemma2 etc.) are no longer exported, but can be 1248easily recovered by composition with eq_refl. Minor INCOMPATIBILITY. 1249 1250* Constant "surj" is a mere input abbreviation, to avoid hiding an 1251equation in term output. Minor INCOMPATIBILITY. 1252 1253* Command 'code_reflect' accepts empty constructor lists for datatypes, 1254which renders those abstract effectively. 1255 1256* Command 'export_code' checks given constants for abstraction 1257violations: a small guarantee that given constants specify a safe 1258interface for the generated code. 1259 1260* Code generation for Scala: ambiguous implicts in class diagrams are 1261spelt out explicitly. 1262 1263* Static evaluators (Code_Evaluation.static_* in Isabelle/ML) rely on 1264explicitly provided auxiliary definitions for required type class 1265dictionaries rather than half-working magic. INCOMPATIBILITY, see the 1266tutorial on code generation for details. 1267 1268* Theory Set_Interval: substantial new theorems on indexed sums and 1269products. 1270 1271* Locale bijection establishes convenient default simp rules such as 1272"inv f (f a) = a" for total bijections. 1273 1274* Abstract locales semigroup, abel_semigroup, semilattice, 1275semilattice_neutr, ordering, ordering_top, semilattice_order, 1276semilattice_neutr_order, comm_monoid_set, semilattice_set, 1277semilattice_neutr_set, semilattice_order_set, 1278semilattice_order_neutr_set monoid_list, comm_monoid_list, 1279comm_monoid_list_set, comm_monoid_mset, comm_monoid_fun use boldified 1280syntax uniformly that does not clash with corresponding global syntax. 1281INCOMPATIBILITY. 1282 1283* Former locale lifting_syntax is now a bundle, which is easier to 1284include in a local context or theorem statement, e.g. "context includes 1285lifting_syntax begin ... end". Minor INCOMPATIBILITY. 1286 1287* Some old / obsolete theorems have been renamed / removed, potential 1288INCOMPATIBILITY. 1289 1290 nat_less_cases -- removed, use linorder_cases instead 1291 inv_image_comp -- removed, use image_inv_f_f instead 1292 image_surj_f_inv_f ~> image_f_inv_f 1293 1294* Some theorems about groups and orders have been generalised from 1295 groups to semi-groups that are also monoids: 1296 le_add_same_cancel1 1297 le_add_same_cancel2 1298 less_add_same_cancel1 1299 less_add_same_cancel2 1300 add_le_same_cancel1 1301 add_le_same_cancel2 1302 add_less_same_cancel1 1303 add_less_same_cancel2 1304 1305* Some simplifications theorems about rings have been removed, since 1306 superseeded by a more general version: 1307 less_add_cancel_left_greater_zero ~> less_add_same_cancel1 1308 less_add_cancel_right_greater_zero ~> less_add_same_cancel2 1309 less_eq_add_cancel_left_greater_eq_zero ~> le_add_same_cancel1 1310 less_eq_add_cancel_right_greater_eq_zero ~> le_add_same_cancel2 1311 less_eq_add_cancel_left_less_eq_zero ~> add_le_same_cancel1 1312 less_eq_add_cancel_right_less_eq_zero ~> add_le_same_cancel2 1313 less_add_cancel_left_less_zero ~> add_less_same_cancel1 1314 less_add_cancel_right_less_zero ~> add_less_same_cancel2 1315INCOMPATIBILITY. 1316 1317* Renamed split_if -> if_split and split_if_asm -> if_split_asm to 1318resemble the f.split naming convention, INCOMPATIBILITY. 1319 1320* Added class topological_monoid. 1321 1322* The following theorems have been renamed: 1323 1324 setsum_left_distrib ~> sum_distrib_right 1325 setsum_right_distrib ~> sum_distrib_left 1326 1327INCOMPATIBILITY. 1328 1329* Compound constants INFIMUM and SUPREMUM are mere abbreviations now. 1330INCOMPATIBILITY. 1331 1332* "Gcd (f ` A)" and "Lcm (f ` A)" are printed with optional 1333comprehension-like syntax analogously to "Inf (f ` A)" and "Sup (f ` 1334A)". 1335 1336* Class semiring_Lcd merged into semiring_Gcd. INCOMPATIBILITY. 1337 1338* The type class ordered_comm_monoid_add is now called 1339ordered_cancel_comm_monoid_add. A new type class ordered_comm_monoid_add 1340is introduced as the combination of ordered_ab_semigroup_add + 1341comm_monoid_add. INCOMPATIBILITY. 1342 1343* Introduced the type classes canonically_ordered_comm_monoid_add and 1344dioid. 1345 1346* Introduced the type class ordered_ab_semigroup_monoid_add_imp_le. When 1347instantiating linordered_semiring_strict and ordered_ab_group_add, an 1348explicit instantiation of ordered_ab_semigroup_monoid_add_imp_le might 1349be required. INCOMPATIBILITY. 1350 1351* Dropped various legacy fact bindings, whose replacements are often 1352of a more general type also: 1353 lcm_left_commute_nat ~> lcm.left_commute 1354 lcm_left_commute_int ~> lcm.left_commute 1355 gcd_left_commute_nat ~> gcd.left_commute 1356 gcd_left_commute_int ~> gcd.left_commute 1357 gcd_greatest_iff_nat ~> gcd_greatest_iff 1358 gcd_greatest_iff_int ~> gcd_greatest_iff 1359 coprime_dvd_mult_nat ~> coprime_dvd_mult 1360 coprime_dvd_mult_int ~> coprime_dvd_mult 1361 zpower_numeral_even ~> power_numeral_even 1362 gcd_mult_cancel_nat ~> gcd_mult_cancel 1363 gcd_mult_cancel_int ~> gcd_mult_cancel 1364 div_gcd_coprime_nat ~> div_gcd_coprime 1365 div_gcd_coprime_int ~> div_gcd_coprime 1366 zpower_numeral_odd ~> power_numeral_odd 1367 zero_less_int_conv ~> of_nat_0_less_iff 1368 gcd_greatest_nat ~> gcd_greatest 1369 gcd_greatest_int ~> gcd_greatest 1370 coprime_mult_nat ~> coprime_mult 1371 coprime_mult_int ~> coprime_mult 1372 lcm_commute_nat ~> lcm.commute 1373 lcm_commute_int ~> lcm.commute 1374 int_less_0_conv ~> of_nat_less_0_iff 1375 gcd_commute_nat ~> gcd.commute 1376 gcd_commute_int ~> gcd.commute 1377 Gcd_insert_nat ~> Gcd_insert 1378 Gcd_insert_int ~> Gcd_insert 1379 of_int_int_eq ~> of_int_of_nat_eq 1380 lcm_least_nat ~> lcm_least 1381 lcm_least_int ~> lcm_least 1382 lcm_assoc_nat ~> lcm.assoc 1383 lcm_assoc_int ~> lcm.assoc 1384 int_le_0_conv ~> of_nat_le_0_iff 1385 int_eq_0_conv ~> of_nat_eq_0_iff 1386 Gcd_empty_nat ~> Gcd_empty 1387 Gcd_empty_int ~> Gcd_empty 1388 gcd_assoc_nat ~> gcd.assoc 1389 gcd_assoc_int ~> gcd.assoc 1390 zero_zle_int ~> of_nat_0_le_iff 1391 lcm_dvd2_nat ~> dvd_lcm2 1392 lcm_dvd2_int ~> dvd_lcm2 1393 lcm_dvd1_nat ~> dvd_lcm1 1394 lcm_dvd1_int ~> dvd_lcm1 1395 gcd_zero_nat ~> gcd_eq_0_iff 1396 gcd_zero_int ~> gcd_eq_0_iff 1397 gcd_dvd2_nat ~> gcd_dvd2 1398 gcd_dvd2_int ~> gcd_dvd2 1399 gcd_dvd1_nat ~> gcd_dvd1 1400 gcd_dvd1_int ~> gcd_dvd1 1401 int_numeral ~> of_nat_numeral 1402 lcm_ac_nat ~> ac_simps 1403 lcm_ac_int ~> ac_simps 1404 gcd_ac_nat ~> ac_simps 1405 gcd_ac_int ~> ac_simps 1406 abs_int_eq ~> abs_of_nat 1407 zless_int ~> of_nat_less_iff 1408 zdiff_int ~> of_nat_diff 1409 zadd_int ~> of_nat_add 1410 int_mult ~> of_nat_mult 1411 int_Suc ~> of_nat_Suc 1412 inj_int ~> inj_of_nat 1413 int_1 ~> of_nat_1 1414 int_0 ~> of_nat_0 1415 Lcm_empty_nat ~> Lcm_empty 1416 Lcm_empty_int ~> Lcm_empty 1417 Lcm_insert_nat ~> Lcm_insert 1418 Lcm_insert_int ~> Lcm_insert 1419 comp_fun_idem_gcd_nat ~> comp_fun_idem_gcd 1420 comp_fun_idem_gcd_int ~> comp_fun_idem_gcd 1421 comp_fun_idem_lcm_nat ~> comp_fun_idem_lcm 1422 comp_fun_idem_lcm_int ~> comp_fun_idem_lcm 1423 Lcm_eq_0 ~> Lcm_eq_0_I 1424 Lcm0_iff ~> Lcm_0_iff 1425 Lcm_dvd_int ~> Lcm_least 1426 divides_mult_nat ~> divides_mult 1427 divides_mult_int ~> divides_mult 1428 lcm_0_nat ~> lcm_0_right 1429 lcm_0_int ~> lcm_0_right 1430 lcm_0_left_nat ~> lcm_0_left 1431 lcm_0_left_int ~> lcm_0_left 1432 dvd_gcd_D1_nat ~> dvd_gcdD1 1433 dvd_gcd_D1_int ~> dvd_gcdD1 1434 dvd_gcd_D2_nat ~> dvd_gcdD2 1435 dvd_gcd_D2_int ~> dvd_gcdD2 1436 coprime_dvd_mult_iff_nat ~> coprime_dvd_mult_iff 1437 coprime_dvd_mult_iff_int ~> coprime_dvd_mult_iff 1438 realpow_minus_mult ~> power_minus_mult 1439 realpow_Suc_le_self ~> power_Suc_le_self 1440 dvd_Gcd, dvd_Gcd_nat, dvd_Gcd_int removed in favour of Gcd_greatest 1441INCOMPATIBILITY. 1442 1443* Renamed HOL/Quotient_Examples/FSet.thy to 1444HOL/Quotient_Examples/Quotient_FSet.thy INCOMPATIBILITY. 1445 1446* Session HOL-Library: theory FinFun bundles "finfun_syntax" and 1447"no_finfun_syntax" allow to control optional syntax in local contexts; 1448this supersedes former theory FinFun_Syntax. INCOMPATIBILITY, e.g. use 1449"unbundle finfun_syntax" to imitate import of 1450"~~/src/HOL/Library/FinFun_Syntax". 1451 1452* Session HOL-Library: theory Multiset_Permutations (executably) defines 1453the set of permutations of a given set or multiset, i.e. the set of all 1454lists that contain every element of the carrier (multi-)set exactly 1455once. 1456 1457* Session HOL-Library: multiset membership is now expressed using 1458set_mset rather than count. 1459 1460 - Expressions "count M a > 0" and similar simplify to membership 1461 by default. 1462 1463 - Converting between "count M a = 0" and non-membership happens using 1464 equations count_eq_zero_iff and not_in_iff. 1465 1466 - Rules count_inI and in_countE obtain facts of the form 1467 "count M a = n" from membership. 1468 1469 - Rules count_in_diffI and in_diff_countE obtain facts of the form 1470 "count M a = n + count N a" from membership on difference sets. 1471 1472INCOMPATIBILITY. 1473 1474* Session HOL-Library: theory LaTeXsugar uses new-style "dummy_pats" for 1475displaying equations in functional programming style --- variables 1476present on the left-hand but not on the righ-hand side are replaced by 1477underscores. 1478 1479* Session HOL-Library: theory Combinator_PER provides combinator to 1480build partial equivalence relations from a predicate and an equivalence 1481relation. 1482 1483* Session HOL-Library: theory Perm provides basic facts about almost 1484everywhere fix bijections. 1485 1486* Session HOL-Library: theory Normalized_Fraction allows viewing an 1487element of a field of fractions as a normalized fraction (i.e. a pair of 1488numerator and denominator such that the two are coprime and the 1489denominator is normalized wrt. unit factors). 1490 1491* Session HOL-NSA has been renamed to HOL-Nonstandard_Analysis. 1492 1493* Session HOL-Multivariate_Analysis has been renamed to HOL-Analysis. 1494 1495* Session HOL-Analysis: measure theory has been moved here from 1496HOL-Probability. When importing HOL-Analysis some theorems need 1497additional name spaces prefixes due to name clashes. INCOMPATIBILITY. 1498 1499* Session HOL-Analysis: more complex analysis including Cauchy's 1500inequality, Liouville theorem, open mapping theorem, maximum modulus 1501principle, Residue theorem, Schwarz Lemma. 1502 1503* Session HOL-Analysis: Theory of polyhedra: faces, extreme points, 1504polytopes, and the Krein���Milman Minkowski theorem. 1505 1506* Session HOL-Analysis: Numerous results ported from the HOL Light 1507libraries: homeomorphisms, continuous function extensions, invariance of 1508domain. 1509 1510* Session HOL-Probability: the type of emeasure and nn_integral was 1511changed from ereal to ennreal, INCOMPATIBILITY. 1512 1513 emeasure :: 'a measure \<Rightarrow> 'a set \<Rightarrow> ennreal 1514 nn_integral :: 'a measure \<Rightarrow> ('a \<Rightarrow> ennreal) \<Rightarrow> ennreal 1515 1516* Session HOL-Probability: Code generation and QuickCheck for 1517Probability Mass Functions. 1518 1519* Session HOL-Probability: theory Random_Permutations contains some 1520theory about choosing a permutation of a set uniformly at random and 1521folding over a list in random order. 1522 1523* Session HOL-Probability: theory SPMF formalises discrete 1524subprobability distributions. 1525 1526* Session HOL-Library: the names of multiset theorems have been 1527normalised to distinguish which ordering the theorems are about 1528 1529 mset_less_eqI ~> mset_subset_eqI 1530 mset_less_insertD ~> mset_subset_insertD 1531 mset_less_eq_count ~> mset_subset_eq_count 1532 mset_less_diff_self ~> mset_subset_diff_self 1533 mset_le_exists_conv ~> mset_subset_eq_exists_conv 1534 mset_le_mono_add_right_cancel ~> mset_subset_eq_mono_add_right_cancel 1535 mset_le_mono_add_left_cancel ~> mset_subset_eq_mono_add_left_cancel 1536 mset_le_mono_add ~> mset_subset_eq_mono_add 1537 mset_le_add_left ~> mset_subset_eq_add_left 1538 mset_le_add_right ~> mset_subset_eq_add_right 1539 mset_le_single ~> mset_subset_eq_single 1540 mset_le_multiset_union_diff_commute ~> mset_subset_eq_multiset_union_diff_commute 1541 diff_le_self ~> diff_subset_eq_self 1542 mset_leD ~> mset_subset_eqD 1543 mset_lessD ~> mset_subsetD 1544 mset_le_insertD ~> mset_subset_eq_insertD 1545 mset_less_of_empty ~> mset_subset_of_empty 1546 mset_less_size ~> mset_subset_size 1547 wf_less_mset_rel ~> wf_subset_mset_rel 1548 count_le_replicate_mset_le ~> count_le_replicate_mset_subset_eq 1549 mset_remdups_le ~> mset_remdups_subset_eq 1550 ms_lesseq_impl ~> subset_eq_mset_impl 1551 1552Some functions have been renamed: 1553 ms_lesseq_impl -> subset_eq_mset_impl 1554 1555* HOL-Library: multisets are now ordered with the multiset ordering 1556 #\<subseteq># ~> \<le> 1557 #\<subset># ~> < 1558 le_multiset ~> less_eq_multiset 1559 less_multiset ~> le_multiset 1560INCOMPATIBILITY. 1561 1562* Session HOL-Library: the prefix multiset_order has been discontinued: 1563the theorems can be directly accessed. As a consequence, the lemmas 1564"order_multiset" and "linorder_multiset" have been discontinued, and the 1565interpretations "multiset_linorder" and "multiset_wellorder" have been 1566replaced by instantiations. INCOMPATIBILITY. 1567 1568* Session HOL-Library: some theorems about the multiset ordering have 1569been renamed: 1570 1571 le_multiset_def ~> less_eq_multiset_def 1572 less_multiset_def ~> le_multiset_def 1573 less_eq_imp_le_multiset ~> subset_eq_imp_le_multiset 1574 mult_less_not_refl ~> mset_le_not_refl 1575 mult_less_trans ~> mset_le_trans 1576 mult_less_not_sym ~> mset_le_not_sym 1577 mult_less_asym ~> mset_le_asym 1578 mult_less_irrefl ~> mset_le_irrefl 1579 union_less_mono2{,1,2} ~> union_le_mono2{,1,2} 1580 1581 le_multiset\<^sub>H\<^sub>O ~> less_eq_multiset\<^sub>H\<^sub>O 1582 le_multiset_total ~> less_eq_multiset_total 1583 less_multiset_right_total ~> subset_eq_imp_le_multiset 1584 le_multiset_empty_left ~> less_eq_multiset_empty_left 1585 le_multiset_empty_right ~> less_eq_multiset_empty_right 1586 less_multiset_empty_right ~> le_multiset_empty_left 1587 less_multiset_empty_left ~> le_multiset_empty_right 1588 union_less_diff_plus ~> union_le_diff_plus 1589 ex_gt_count_imp_less_multiset ~> ex_gt_count_imp_le_multiset 1590 less_multiset_plus_left_nonempty ~> le_multiset_plus_left_nonempty 1591 le_multiset_plus_right_nonempty ~> le_multiset_plus_right_nonempty 1592INCOMPATIBILITY. 1593 1594* Session HOL-Library: the lemma mset_map has now the attribute [simp]. 1595INCOMPATIBILITY. 1596 1597* Session HOL-Library: some theorems about multisets have been removed. 1598INCOMPATIBILITY, use the following replacements: 1599 1600 le_multiset_plus_plus_left_iff ~> add_less_cancel_right 1601 less_multiset_plus_plus_left_iff ~> add_less_cancel_right 1602 le_multiset_plus_plus_right_iff ~> add_less_cancel_left 1603 less_multiset_plus_plus_right_iff ~> add_less_cancel_left 1604 add_eq_self_empty_iff ~> add_cancel_left_right 1605 mset_subset_add_bothsides ~> subset_mset.add_less_cancel_right 1606 mset_less_add_bothsides ~> subset_mset.add_less_cancel_right 1607 mset_le_add_bothsides ~> subset_mset.add_less_cancel_right 1608 empty_inter ~> subset_mset.inf_bot_left 1609 inter_empty ~> subset_mset.inf_bot_right 1610 empty_sup ~> subset_mset.sup_bot_left 1611 sup_empty ~> subset_mset.sup_bot_right 1612 bdd_below_multiset ~> subset_mset.bdd_above_bot 1613 subset_eq_empty ~> subset_mset.le_zero_eq 1614 le_empty ~> subset_mset.le_zero_eq 1615 mset_subset_empty_nonempty ~> subset_mset.zero_less_iff_neq_zero 1616 mset_less_empty_nonempty ~> subset_mset.zero_less_iff_neq_zero 1617 1618* Session HOL-Library: some typeclass constraints about multisets have 1619been reduced from ordered or linordered to preorder. Multisets have the 1620additional typeclasses order_bot, no_top, 1621ordered_ab_semigroup_add_imp_le, ordered_cancel_comm_monoid_add, 1622linordered_cancel_ab_semigroup_add, and 1623ordered_ab_semigroup_monoid_add_imp_le. INCOMPATIBILITY. 1624 1625* Session HOL-Library: there are some new simplification rules about 1626multisets, the multiset ordering, and the subset ordering on multisets. 1627INCOMPATIBILITY. 1628 1629* Session HOL-Library: the subset ordering on multisets has now the 1630interpretations ordered_ab_semigroup_monoid_add_imp_le and 1631bounded_lattice_bot. INCOMPATIBILITY. 1632 1633* Session HOL-Library, theory Multiset: single has been removed in favor 1634of add_mset that roughly corresponds to Set.insert. Some theorems have 1635removed or changed: 1636 1637 single_not_empty ~> add_mset_not_empty or empty_not_add_mset 1638 fold_mset_insert ~> fold_mset_add_mset 1639 image_mset_insert ~> image_mset_add_mset 1640 union_single_eq_diff 1641 multi_self_add_other_not_self 1642 diff_single_eq_union 1643INCOMPATIBILITY. 1644 1645* Session HOL-Library, theory Multiset: some theorems have been changed 1646to use add_mset instead of single: 1647 1648 mset_add 1649 multi_self_add_other_not_self 1650 diff_single_eq_union 1651 union_single_eq_diff 1652 union_single_eq_member 1653 add_eq_conv_diff 1654 insert_noteq_member 1655 add_eq_conv_ex 1656 multi_member_split 1657 multiset_add_sub_el_shuffle 1658 mset_subset_eq_insertD 1659 mset_subset_insertD 1660 insert_subset_eq_iff 1661 insert_union_subset_iff 1662 multi_psub_of_add_self 1663 inter_add_left1 1664 inter_add_left2 1665 inter_add_right1 1666 inter_add_right2 1667 sup_union_left1 1668 sup_union_left2 1669 sup_union_right1 1670 sup_union_right2 1671 size_eq_Suc_imp_eq_union 1672 multi_nonempty_split 1673 mset_insort 1674 mset_update 1675 mult1I 1676 less_add 1677 mset_zip_take_Cons_drop_twice 1678 rel_mset_Zero 1679 msed_map_invL 1680 msed_map_invR 1681 msed_rel_invL 1682 msed_rel_invR 1683 le_multiset_right_total 1684 multiset_induct 1685 multiset_induct2_size 1686 multiset_induct2 1687INCOMPATIBILITY. 1688 1689* Session HOL-Library, theory Multiset: the definitions of some 1690constants have changed to use add_mset instead of adding a single 1691element: 1692 1693 image_mset 1694 mset 1695 replicate_mset 1696 mult1 1697 pred_mset 1698 rel_mset' 1699 mset_insort 1700 1701INCOMPATIBILITY. 1702 1703* Session HOL-Library, theory Multiset: due to the above changes, the 1704attributes of some multiset theorems have been changed: 1705 1706 insert_DiffM [] ~> [simp] 1707 insert_DiffM2 [simp] ~> [] 1708 diff_add_mset_swap [simp] 1709 fold_mset_add_mset [simp] 1710 diff_diff_add [simp] (for multisets only) 1711 diff_cancel [simp] ~> [] 1712 count_single [simp] ~> [] 1713 set_mset_single [simp] ~> [] 1714 size_multiset_single [simp] ~> [] 1715 size_single [simp] ~> [] 1716 image_mset_single [simp] ~> [] 1717 mset_subset_eq_mono_add_right_cancel [simp] ~> [] 1718 mset_subset_eq_mono_add_left_cancel [simp] ~> [] 1719 fold_mset_single [simp] ~> [] 1720 subset_eq_empty [simp] ~> [] 1721 empty_sup [simp] ~> [] 1722 sup_empty [simp] ~> [] 1723 inter_empty [simp] ~> [] 1724 empty_inter [simp] ~> [] 1725INCOMPATIBILITY. 1726 1727* Session HOL-Library, theory Multiset: the order of the variables in 1728the second cases of multiset_induct, multiset_induct2_size, 1729multiset_induct2 has been changed (e.g. Add A a ~> Add a A). 1730INCOMPATIBILITY. 1731 1732* Session HOL-Library, theory Multiset: there is now a simplification 1733procedure on multisets. It mimics the behavior of the procedure on 1734natural numbers. INCOMPATIBILITY. 1735 1736* Session HOL-Library, theory Multiset: renamed sums and products of 1737multisets: 1738 1739 msetsum ~> sum_mset 1740 msetprod ~> prod_mset 1741 1742* Session HOL-Library, theory Multiset: the notation for intersection 1743and union of multisets have been changed: 1744 1745 #\<inter> ~> \<inter># 1746 #\<union> ~> \<union># 1747 1748INCOMPATIBILITY. 1749 1750* Session HOL-Library, theory Multiset: the lemma 1751one_step_implies_mult_aux on multisets has been removed, use 1752one_step_implies_mult instead. INCOMPATIBILITY. 1753 1754* Session HOL-Library: theory Complete_Partial_Order2 provides reasoning 1755support for monotonicity and continuity in chain-complete partial orders 1756and about admissibility conditions for fixpoint inductions. 1757 1758* Session HOL-Library: theory Library/Polynomial contains also 1759derivation of polynomials (formerly in Library/Poly_Deriv) but not 1760gcd/lcm on polynomials over fields. This has been moved to a separate 1761theory Library/Polynomial_GCD_euclidean.thy, to pave way for a possible 1762future different type class instantiation for polynomials over factorial 1763rings. INCOMPATIBILITY. 1764 1765* Session HOL-Library: theory Sublist provides function "prefixes" with 1766the following renaming 1767 1768 prefixeq -> prefix 1769 prefix -> strict_prefix 1770 suffixeq -> suffix 1771 suffix -> strict_suffix 1772 1773Added theory of longest common prefixes. 1774 1775* Session HOL-Number_Theory: algebraic foundation for primes: 1776Generalisation of predicate "prime" and introduction of predicates 1777"prime_elem", "irreducible", a "prime_factorization" function, and the 1778"factorial_ring" typeclass with instance proofs for nat, int, poly. Some 1779theorems now have different names, most notably "prime_def" is now 1780"prime_nat_iff". INCOMPATIBILITY. 1781 1782* Session Old_Number_Theory has been removed, after porting remaining 1783theories. 1784 1785* Session HOL-Types_To_Sets provides an experimental extension of 1786Higher-Order Logic to allow translation of types to sets. 1787 1788 1789*** ML *** 1790 1791* Integer.gcd and Integer.lcm use efficient operations from the Poly/ML 1792library (notably for big integers). Subtle change of semantics: 1793Integer.gcd and Integer.lcm both normalize the sign, results are never 1794negative. This coincides with the definitions in HOL/GCD.thy. 1795INCOMPATIBILITY. 1796 1797* Structure Rat for rational numbers is now an integral part of 1798Isabelle/ML, with special notation @int/nat or @int for numerals (an 1799abbreviation for antiquotation @{Pure.rat argument}) and ML pretty 1800printing. Standard operations on type Rat.rat are provided via ad-hoc 1801overloading of + - * / < <= > >= ~ abs. INCOMPATIBILITY, need to 1802use + instead of +/ etc. Moreover, exception Rat.DIVZERO has been 1803superseded by General.Div. 1804 1805* ML antiquotation @{path} is superseded by @{file}, which ensures that 1806the argument is a plain file. Minor INCOMPATIBILITY. 1807 1808* Antiquotation @{make_string} is available during Pure bootstrap -- 1809with approximative output quality. 1810 1811* Low-level ML system structures (like PolyML and RunCall) are no longer 1812exposed to Isabelle/ML user-space. Potential INCOMPATIBILITY. 1813 1814* The ML function "ML" provides easy access to run-time compilation. 1815This is particularly useful for conditional compilation, without 1816requiring separate files. 1817 1818* Option ML_exception_debugger controls detailed exception trace via the 1819Poly/ML debugger. Relevant ML modules need to be compiled beforehand 1820with ML_file_debug, or with ML_file and option ML_debugger enabled. Note 1821debugger information requires consirable time and space: main 1822Isabelle/HOL with full debugger support may need ML_system_64. 1823 1824* Local_Theory.restore has been renamed to Local_Theory.reset to 1825emphasize its disruptive impact on the cumulative context, notably the 1826scope of 'private' or 'qualified' names. Note that Local_Theory.reset is 1827only appropriate when targets are managed, e.g. starting from a global 1828theory and returning to it. Regular definitional packages should use 1829balanced blocks of Local_Theory.open_target versus 1830Local_Theory.close_target instead. Rare INCOMPATIBILITY. 1831 1832* Structure TimeLimit (originally from the SML/NJ library) has been 1833replaced by structure Timeout, with slightly different signature. 1834INCOMPATIBILITY. 1835 1836* Discontinued cd and pwd operations, which are not well-defined in a 1837multi-threaded environment. Note that files are usually located 1838relatively to the master directory of a theory (see also 1839File.full_path). Potential INCOMPATIBILITY. 1840 1841* Binding.empty_atts supersedes Thm.empty_binding and 1842Attrib.empty_binding. Minor INCOMPATIBILITY. 1843 1844 1845*** System *** 1846 1847* SML/NJ and old versions of Poly/ML are no longer supported. 1848 1849* Poly/ML heaps now follow the hierarchy of sessions, and thus require 1850much less disk space. 1851 1852* The Isabelle ML process is now managed directly by Isabelle/Scala, and 1853shell scripts merely provide optional command-line access. In 1854particular: 1855 1856 . Scala module ML_Process to connect to the raw ML process, 1857 with interaction via stdin/stdout/stderr or in batch mode; 1858 . command-line tool "isabelle console" as interactive wrapper; 1859 . command-line tool "isabelle process" as batch mode wrapper. 1860 1861* The executable "isabelle_process" has been discontinued. Tools and 1862prover front-ends should use ML_Process or Isabelle_Process in 1863Isabelle/Scala. INCOMPATIBILITY. 1864 1865* New command-line tool "isabelle process" supports ML evaluation of 1866literal expressions (option -e) or files (option -f) in the context of a 1867given heap image. Errors lead to premature exit of the ML process with 1868return code 1. 1869 1870* The command-line tool "isabelle build" supports option -N for cyclic 1871shuffling of NUMA CPU nodes. This may help performance tuning on Linux 1872servers with separate CPU/memory modules. 1873 1874* System option "threads" (for the size of the Isabelle/ML thread farm) 1875is also passed to the underlying ML runtime system as --gcthreads, 1876unless there is already a default provided via ML_OPTIONS settings. 1877 1878* System option "checkpoint" helps to fine-tune the global heap space 1879management of isabelle build. This is relevant for big sessions that may 1880exhaust the small 32-bit address space of the ML process (which is used 1881by default). 1882 1883* System option "profiling" specifies the mode for global ML profiling 1884in "isabelle build". Possible values are "time", "allocations". The 1885command-line tool "isabelle profiling_report" helps to digest the 1886resulting log files. 1887 1888* System option "ML_process_policy" specifies an optional command prefix 1889for the underlying ML process, e.g. to control CPU affinity on 1890multiprocessor systems. The "isabelle jedit" tool allows to override the 1891implicit default via option -p. 1892 1893* Command-line tool "isabelle console" provides option -r to help to 1894bootstrapping Isabelle/Pure interactively. 1895 1896* Command-line tool "isabelle yxml" has been discontinued. 1897INCOMPATIBILITY, use operations from the modules "XML" and "YXML" in 1898Isabelle/ML or Isabelle/Scala. 1899 1900* Many Isabelle tools that require a Java runtime system refer to the 1901settings ISABELLE_TOOL_JAVA_OPTIONS32 / ISABELLE_TOOL_JAVA_OPTIONS64, 1902depending on the underlying platform. The settings for "isabelle build" 1903ISABELLE_BUILD_JAVA_OPTIONS32 / ISABELLE_BUILD_JAVA_OPTIONS64 have been 1904discontinued. Potential INCOMPATIBILITY. 1905 1906* The Isabelle system environment always ensures that the main 1907executables are found within the shell search $PATH: "isabelle" and 1908"isabelle_scala_script". 1909 1910* Isabelle tools may consist of .scala files: the Scala compiler is 1911invoked on the spot. The source needs to define some object that extends 1912Isabelle_Tool.Body. 1913 1914* File.bash_string, File.bash_path etc. represent Isabelle/ML and 1915Isabelle/Scala strings authentically within GNU bash. This is useful to 1916produce robust shell scripts under program control, without worrying 1917about spaces or special characters. Note that user output works via 1918Path.print (ML) or Path.toString (Scala). INCOMPATIBILITY, the old (and 1919less versatile) operations File.shell_quote, File.shell_path etc. have 1920been discontinued. 1921 1922* The isabelle_java executable allows to run a Java process within the 1923name space of Java and Scala components that are bundled with Isabelle, 1924but without the Isabelle settings environment. 1925 1926* Isabelle/Scala: the SSH module supports ssh and sftp connections, for 1927remote command-execution and file-system access. This resembles 1928operations from module File and Isabelle_System to some extent. Note 1929that Path specifications need to be resolved remotely via 1930ssh.remote_path instead of File.standard_path: the implicit process 1931environment is different, Isabelle settings are not available remotely. 1932 1933* Isabelle/Scala: the Mercurial module supports repositories via the 1934regular hg command-line interface. The repositroy clone and working 1935directory may reside on a local or remote file-system (via ssh 1936connection). 1937 1938 1939 1940New in Isabelle2016 (February 2016) 1941----------------------------------- 1942 1943*** General *** 1944 1945* Eisbach is now based on Pure instead of HOL. Objects-logics may import 1946either the theory ~~/src/HOL/Eisbach/Eisbach (for HOL etc.) or 1947~~/src/HOL/Eisbach/Eisbach_Old_Appl_Syntax (for FOL, ZF etc.). Note that 1948the HOL-Eisbach session located in ~~/src/HOL/Eisbach/ contains further 1949examples that do require HOL. 1950 1951* Better resource usage on all platforms (Linux, Windows, Mac OS X) for 1952both Isabelle/ML and Isabelle/Scala. Slightly reduced heap space usage. 1953 1954* Former "xsymbols" syntax with Isabelle symbols is used by default, 1955without any special print mode. Important ASCII replacement syntax 1956remains available under print mode "ASCII", but less important syntax 1957has been removed (see below). 1958 1959* Support for more arrow symbols, with rendering in LaTeX and Isabelle 1960fonts: \<Lleftarrow> \<Rrightarrow> \<longlongleftarrow> \<longlongrightarrow> \<longlonglongleftarrow> \<longlonglongrightarrow>. 1961 1962* Special notation \<struct> for the first implicit 'structure' in the 1963context has been discontinued. Rare INCOMPATIBILITY, use explicit 1964structure name instead, notably in indexed notation with block-subscript 1965(e.g. \<odot>\<^bsub>A\<^esub>). 1966 1967* The glyph for \<diamond> in the IsabelleText font now corresponds better to its 1968counterpart \<box> as quantifier-like symbol. A small diamond is available as 1969\<diamondop>; the old symbol \<struct> loses this rendering and any special 1970meaning. 1971 1972* Syntax for formal comments "-- text" now also supports the symbolic 1973form "\<comment> text". Command-line tool "isabelle update_cartouches -c" helps 1974to update old sources. 1975 1976* Toplevel theorem statements have been simplified as follows: 1977 1978 theorems ~> lemmas 1979 schematic_lemma ~> schematic_goal 1980 schematic_theorem ~> schematic_goal 1981 schematic_corollary ~> schematic_goal 1982 1983Command-line tool "isabelle update_theorems" updates theory sources 1984accordingly. 1985 1986* Toplevel theorem statement 'proposition' is another alias for 1987'theorem'. 1988 1989* The old 'defs' command has been removed (legacy since Isabelle2014). 1990INCOMPATIBILITY, use regular 'definition' instead. Overloaded and/or 1991deferred definitions require a surrounding 'overloading' block. 1992 1993 1994*** Prover IDE -- Isabelle/Scala/jEdit *** 1995 1996* IDE support for the source-level debugger of Poly/ML, to work with 1997Isabelle/ML and official Standard ML. Option "ML_debugger" and commands 1998'ML_file_debug', 'ML_file_no_debug', 'SML_file_debug', 1999'SML_file_no_debug' control compilation of sources with or without 2000debugging information. The Debugger panel allows to set breakpoints (via 2001context menu), step through stopped threads, evaluate local ML 2002expressions etc. At least one Debugger view needs to be active to have 2003any effect on the running ML program. 2004 2005* The State panel manages explicit proof state output, with dynamic 2006auto-update according to cursor movement. Alternatively, the jEdit 2007action "isabelle.update-state" (shortcut S+ENTER) triggers manual 2008update. 2009 2010* The Output panel no longer shows proof state output by default, to 2011avoid GUI overcrowding. INCOMPATIBILITY, use the State panel instead or 2012enable option "editor_output_state". 2013 2014* The text overview column (status of errors, warnings etc.) is updated 2015asynchronously, leading to much better editor reactivity. Moreover, the 2016full document node content is taken into account. The width of the 2017column is scaled according to the main text area font, for improved 2018visibility. 2019 2020* The main text area no longer changes its color hue in outdated 2021situations. The text overview column takes over the role to indicate 2022unfinished edits in the PIDE pipeline. This avoids flashing text display 2023due to ad-hoc updates by auxiliary GUI components, such as the State 2024panel. 2025 2026* Slightly improved scheduling for urgent print tasks (e.g. command 2027state output, interactive queries) wrt. long-running background tasks. 2028 2029* Completion of symbols via prefix of \<name> or \<^name> or \name is 2030always possible, independently of the language context. It is never 2031implicit: a popup will show up unconditionally. 2032 2033* Additional abbreviations for syntactic completion may be specified in 2034$ISABELLE_HOME/etc/abbrevs and $ISABELLE_HOME_USER/etc/abbrevs, with 2035support for simple templates using ASCII 007 (bell) as placeholder. 2036 2037* Symbols \<oplus>, \<Oplus>, \<otimes>, \<Otimes>, \<odot>, \<Odot>, \<ominus>, \<oslash> no longer provide abbreviations for 2038completion like "+o", "*o", ".o" etc. -- due to conflicts with other 2039ASCII syntax. INCOMPATIBILITY, use plain backslash-completion or define 2040suitable abbreviations in $ISABELLE_HOME_USER/etc/abbrevs. 2041 2042* Action "isabelle-emph" (with keyboard shortcut C+e LEFT) controls 2043emphasized text style; the effect is visible in document output, not in 2044the editor. 2045 2046* Action "isabelle-reset" now uses keyboard shortcut C+e BACK_SPACE, 2047instead of former C+e LEFT. 2048 2049* The command-line tool "isabelle jedit" and the isabelle.Main 2050application wrapper treat the default $USER_HOME/Scratch.thy more 2051uniformly, and allow the dummy file argument ":" to open an empty buffer 2052instead. 2053 2054* New command-line tool "isabelle jedit_client" allows to connect to an 2055already running Isabelle/jEdit process. This achieves the effect of 2056single-instance applications seen on common GUI desktops. 2057 2058* The default look-and-feel for Linux is the traditional "Metal", which 2059works better with GUI scaling for very high-resolution displays (e.g. 20604K). Moreover, it is generally more robust than "Nimbus". 2061 2062* Update to jedit-5.3.0, with improved GUI scaling and support of 2063high-resolution displays (e.g. 4K). 2064 2065* The main Isabelle executable is managed as single-instance Desktop 2066application uniformly on all platforms: Linux, Windows, Mac OS X. 2067 2068 2069*** Document preparation *** 2070 2071* Commands 'paragraph' and 'subparagraph' provide additional section 2072headings. Thus there are 6 levels of standard headings, as in HTML. 2073 2074* Command 'text_raw' has been clarified: input text is processed as in 2075'text' (with antiquotations and control symbols). The key difference is 2076the lack of the surrounding isabelle markup environment in output. 2077 2078* Text is structured in paragraphs and nested lists, using notation that 2079is similar to Markdown. The control symbols for list items are as 2080follows: 2081 2082 \<^item> itemize 2083 \<^enum> enumerate 2084 \<^descr> description 2085 2086* There is a new short form for antiquotations with a single argument 2087that is a cartouche: \<^name>\<open>...\<close> is equivalent to @{name \<open>...\<close>} and 2088\<open>...\<close> without control symbol is equivalent to @{cartouche \<open>...\<close>}. 2089\<^name> without following cartouche is equivalent to @{name}. The 2090standard Isabelle fonts provide glyphs to render important control 2091symbols, e.g. "\<^verbatim>", "\<^emph>", "\<^bold>". 2092 2093* Antiquotations @{noindent}, @{smallskip}, @{medskip}, @{bigskip} with 2094corresponding control symbols \<^noindent>, \<^smallskip>, \<^medskip>, \<^bigskip> specify spacing formally, using 2095standard LaTeX macros of the same names. 2096 2097* Antiquotation @{cartouche} in Isabelle/Pure is the same as @{text}. 2098Consequently, \<open>...\<close> without any decoration prints literal quasi-formal 2099text. Command-line tool "isabelle update_cartouches -t" helps to update 2100old sources, by approximative patching of the content of string and 2101cartouche tokens seen in theory sources. 2102 2103* The @{text} antiquotation now ignores the antiquotation option 2104"source". The given text content is output unconditionally, without any 2105surrounding quotes etc. Subtle INCOMPATIBILITY, put quotes into the 2106argument where they are really intended, e.g. @{text \<open>"foo"\<close>}. Initial 2107or terminal spaces are ignored. 2108 2109* Antiquotations @{emph} and @{bold} output LaTeX source recursively, 2110adding appropriate text style markup. These may be used in the short 2111form \<^emph>\<open>...\<close> and \<^bold>\<open>...\<close>. 2112 2113* Document antiquotation @{footnote} outputs LaTeX source recursively, 2114marked as \footnote{}. This may be used in the short form \<^footnote>\<open>...\<close>. 2115 2116* Antiquotation @{verbatim [display]} supports option "indent". 2117 2118* Antiquotation @{theory_text} prints uninterpreted theory source text 2119(Isar outer syntax with command keywords etc.). This may be used in the 2120short form \<^theory_text>\<open>...\<close>. @{theory_text [display]} supports option "indent". 2121 2122* Antiquotation @{doc ENTRY} provides a reference to the given 2123documentation, with a hyperlink in the Prover IDE. 2124 2125* Antiquotations @{command}, @{method}, @{attribute} print checked 2126entities of the Isar language. 2127 2128* HTML presentation uses the standard IsabelleText font and Unicode 2129rendering of Isabelle symbols like Isabelle/Scala/jEdit. The former 2130print mode "HTML" loses its special meaning. 2131 2132 2133*** Isar *** 2134 2135* Local goals ('have', 'show', 'hence', 'thus') allow structured rule 2136statements like fixes/assumes/shows in theorem specifications, but the 2137notation is postfix with keywords 'if' (or 'when') and 'for'. For 2138example: 2139 2140 have result: "C x y" 2141 if "A x" and "B y" 2142 for x :: 'a and y :: 'a 2143 <proof> 2144 2145The local assumptions are bound to the name "that". The result is 2146exported from context of the statement as usual. The above roughly 2147corresponds to a raw proof block like this: 2148 2149 { 2150 fix x :: 'a and y :: 'a 2151 assume that: "A x" "B y" 2152 have "C x y" <proof> 2153 } 2154 note result = this 2155 2156The keyword 'when' may be used instead of 'if', to indicate 'presume' 2157instead of 'assume' above. 2158 2159* Assumptions ('assume', 'presume') allow structured rule statements 2160using 'if' and 'for', similar to 'have' etc. above. For example: 2161 2162 assume result: "C x y" 2163 if "A x" and "B y" 2164 for x :: 'a and y :: 'a 2165 2166This assumes "\<And>x y::'a. A x \<Longrightarrow> B y \<Longrightarrow> C x y" and produces a general 2167result as usual: "A ?x \<Longrightarrow> B ?y \<Longrightarrow> C ?x ?y". 2168 2169Vacuous quantification in assumptions is omitted, i.e. a for-context 2170only effects propositions according to actual use of variables. For 2171example: 2172 2173 assume "A x" and "B y" for x and y 2174 2175is equivalent to: 2176 2177 assume "\<And>x. A x" and "\<And>y. B y" 2178 2179* The meaning of 'show' with Pure rule statements has changed: premises 2180are treated in the sense of 'assume', instead of 'presume'. This means, 2181a goal like "\<And>x. A x \<Longrightarrow> B x \<Longrightarrow> C x" can be solved completely as 2182follows: 2183 2184 show "\<And>x. A x \<Longrightarrow> B x \<Longrightarrow> C x" 2185 2186or: 2187 2188 show "C x" if "A x" "B x" for x 2189 2190Rare INCOMPATIBILITY, the old behaviour may be recovered as follows: 2191 2192 show "C x" when "A x" "B x" for x 2193 2194* New command 'consider' states rules for generalized elimination and 2195case splitting. This is like a toplevel statement "theorem obtains" used 2196within a proof body; or like a multi-branch 'obtain' without activation 2197of the local context elements yet. 2198 2199* Proof method "cases" allows to specify the rule as first entry of 2200chained facts. This is particularly useful with 'consider': 2201 2202 consider (a) A | (b) B | (c) C <proof> 2203 then have something 2204 proof cases 2205 case a 2206 then show ?thesis <proof> 2207 next 2208 case b 2209 then show ?thesis <proof> 2210 next 2211 case c 2212 then show ?thesis <proof> 2213 qed 2214 2215* Command 'case' allows fact name and attribute specification like this: 2216 2217 case a: (c xs) 2218 case a [attributes]: (c xs) 2219 2220Facts that are introduced by invoking the case context are uniformly 2221qualified by "a"; the same name is used for the cumulative fact. The old 2222form "case (c xs) [attributes]" is no longer supported. Rare 2223INCOMPATIBILITY, need to adapt uses of case facts in exotic situations, 2224and always put attributes in front. 2225 2226* The standard proof method of commands 'proof' and '..' is now called 2227"standard" to make semantically clear what it is; the old name "default" 2228is still available as legacy for some time. Documentation now explains 2229'..' more accurately as "by standard" instead of "by rule". 2230 2231* Nesting of Isar goal structure has been clarified: the context after 2232the initial backwards refinement is retained for the whole proof, within 2233all its context sections (as indicated via 'next'). This is e.g. 2234relevant for 'using', 'including', 'supply': 2235 2236 have "A \<and> A" if a: A for A 2237 supply [simp] = a 2238 proof 2239 show A by simp 2240 next 2241 show A by simp 2242 qed 2243 2244* Command 'obtain' binds term abbreviations (via 'is' patterns) in the 2245proof body as well, abstracted over relevant parameters. 2246 2247* Improved type-inference for theorem statement 'obtains': separate 2248parameter scope for of each clause. 2249 2250* Term abbreviations via 'is' patterns also work for schematic 2251statements: result is abstracted over unknowns. 2252 2253* Command 'subgoal' allows to impose some structure on backward 2254refinements, to avoid proof scripts degenerating into long of 'apply' 2255sequences. Further explanations and examples are given in the isar-ref 2256manual. 2257 2258* Command 'supply' supports fact definitions during goal refinement 2259('apply' scripts). 2260 2261* Proof method "goal_cases" turns the current subgoals into cases within 2262the context; the conclusion is bound to variable ?case in each case. For 2263example: 2264 2265lemma "\<And>x. A x \<Longrightarrow> B x \<Longrightarrow> C x" 2266 and "\<And>y z. U y \<Longrightarrow> V z \<Longrightarrow> W y z" 2267proof goal_cases 2268 case (1 x) 2269 then show ?case using \<open>A x\<close> \<open>B x\<close> sorry 2270next 2271 case (2 y z) 2272 then show ?case using \<open>U y\<close> \<open>V z\<close> sorry 2273qed 2274 2275lemma "\<And>x. A x \<Longrightarrow> B x \<Longrightarrow> C x" 2276 and "\<And>y z. U y \<Longrightarrow> V z \<Longrightarrow> W y z" 2277proof goal_cases 2278 case prems: 1 2279 then show ?case using prems sorry 2280next 2281 case prems: 2 2282 then show ?case using prems sorry 2283qed 2284 2285* The undocumented feature of implicit cases goal1, goal2, goal3, etc. 2286is marked as legacy, and will be removed eventually. The proof method 2287"goals" achieves a similar effect within regular Isar; often it can be 2288done more adequately by other means (e.g. 'consider'). 2289 2290* The vacuous fact "TERM x" may be established "by fact" or as `TERM x` 2291as well, not just "by this" or "." as before. 2292 2293* Method "sleep" succeeds after a real-time delay (in seconds). This is 2294occasionally useful for demonstration and testing purposes. 2295 2296 2297*** Pure *** 2298 2299* Qualifiers in locale expressions default to mandatory ('!') regardless 2300of the command. Previously, for 'locale' and 'sublocale' the default was 2301optional ('?'). The old synatx '!' has been discontinued. 2302INCOMPATIBILITY, remove '!' and add '?' as required. 2303 2304* Keyword 'rewrites' identifies rewrite morphisms in interpretation 2305commands. Previously, the keyword was 'where'. INCOMPATIBILITY. 2306 2307* More gentle suppression of syntax along locale morphisms while 2308printing terms. Previously 'abbreviation' and 'notation' declarations 2309would be suppressed for morphisms except term identity. Now 2310'abbreviation' is also kept for morphims that only change the involved 2311parameters, and only 'notation' is suppressed. This can be of great help 2312when working with complex locale hierarchies, because proof states are 2313displayed much more succinctly. It also means that only notation needs 2314to be redeclared if desired, as illustrated by this example: 2315 2316 locale struct = fixes composition :: "'a => 'a => 'a" (infixl "\<cdot>" 65) 2317 begin 2318 definition derived (infixl "\<odot>" 65) where ... 2319 end 2320 2321 locale morphism = 2322 left: struct composition + right: struct composition' 2323 for composition (infix "\<cdot>" 65) and composition' (infix "\<cdot>''" 65) 2324 begin 2325 notation right.derived ("\<odot>''") 2326 end 2327 2328* Command 'global_interpretation' issues interpretations into global 2329theories, with optional rewrite definitions following keyword 'defines'. 2330 2331* Command 'sublocale' accepts optional rewrite definitions after keyword 2332'defines'. 2333 2334* Command 'permanent_interpretation' has been discontinued. Use 2335'global_interpretation' or 'sublocale' instead. INCOMPATIBILITY. 2336 2337* Command 'print_definitions' prints dependencies of definitional 2338specifications. This functionality used to be part of 'print_theory'. 2339 2340* Configuration option rule_insts_schematic has been discontinued 2341(intermediate legacy feature in Isabelle2015). INCOMPATIBILITY. 2342 2343* Abbreviations in type classes now carry proper sort constraint. Rare 2344INCOMPATIBILITY in situations where the previous misbehaviour has been 2345exploited. 2346 2347* Refinement of user-space type system in type classes: pseudo-local 2348operations behave more similar to abbreviations. Potential 2349INCOMPATIBILITY in exotic situations. 2350 2351 2352*** HOL *** 2353 2354* The 'typedef' command has been upgraded from a partially checked 2355"axiomatization", to a full definitional specification that takes the 2356global collection of overloaded constant / type definitions into 2357account. Type definitions with open dependencies on overloaded 2358definitions need to be specified as "typedef (overloaded)". This 2359provides extra robustness in theory construction. Rare INCOMPATIBILITY. 2360 2361* Qualification of various formal entities in the libraries is done more 2362uniformly via "context begin qualified definition ... end" instead of 2363old-style "hide_const (open) ...". Consequently, both the defined 2364constant and its defining fact become qualified, e.g. Option.is_none and 2365Option.is_none_def. Occasional INCOMPATIBILITY in applications. 2366 2367* Some old and rarely used ASCII replacement syntax has been removed. 2368INCOMPATIBILITY, standard syntax with symbols should be used instead. 2369The subsequent commands help to reproduce the old forms, e.g. to 2370simplify porting old theories: 2371 2372 notation iff (infixr "<->" 25) 2373 2374 notation Times (infixr "<*>" 80) 2375 2376 type_notation Map.map (infixr "~=>" 0) 2377 notation Map.map_comp (infixl "o'_m" 55) 2378 2379 type_notation FinFun.finfun ("(_ =>f /_)" [22, 21] 21) 2380 2381 notation FuncSet.funcset (infixr "->" 60) 2382 notation FuncSet.extensional_funcset (infixr "->\<^sub>E" 60) 2383 2384 notation Omega_Words_Fun.conc (infixr "conc" 65) 2385 2386 notation Preorder.equiv ("op ~~") 2387 and Preorder.equiv ("(_/ ~~ _)" [51, 51] 50) 2388 2389 notation (in topological_space) tendsto (infixr "--->" 55) 2390 notation (in topological_space) LIMSEQ ("((_)/ ----> (_))" [60, 60] 60) 2391 notation LIM ("((_)/ -- (_)/ --> (_))" [60, 0, 60] 60) 2392 2393 notation NSA.approx (infixl "@=" 50) 2394 notation NSLIMSEQ ("((_)/ ----NS> (_))" [60, 60] 60) 2395 notation NSLIM ("((_)/ -- (_)/ --NS> (_))" [60, 0, 60] 60) 2396 2397* The alternative notation "\<Colon>" for type and sort constraints has been 2398removed: in LaTeX document output it looks the same as "::". 2399INCOMPATIBILITY, use plain "::" instead. 2400 2401* Commands 'inductive' and 'inductive_set' work better when names for 2402intro rules are omitted: the "cases" and "induct" rules no longer 2403declare empty case_names, but no case_names at all. This allows to use 2404numbered cases in proofs, without requiring method "goal_cases". 2405 2406* Inductive definitions ('inductive', 'coinductive', etc.) expose 2407low-level facts of the internal construction only if the option 2408"inductive_internals" is enabled. This refers to the internal predicate 2409definition and its monotonicity result. Rare INCOMPATIBILITY. 2410 2411* Recursive function definitions ('fun', 'function', 'partial_function') 2412expose low-level facts of the internal construction only if the option 2413"function_internals" is enabled. Its internal inductive definition is 2414also subject to "inductive_internals". Rare INCOMPATIBILITY. 2415 2416* BNF datatypes ('datatype', 'codatatype', etc.) expose low-level facts 2417of the internal construction only if the option "bnf_internals" is 2418enabled. This supersedes the former option "bnf_note_all". Rare 2419INCOMPATIBILITY. 2420 2421* Combinator to represent case distinction on products is named 2422"case_prod", uniformly, discontinuing any input aliasses. Very popular 2423theorem aliasses have been retained. 2424 2425Consolidated facts: 2426 PairE ~> prod.exhaust 2427 Pair_eq ~> prod.inject 2428 pair_collapse ~> prod.collapse 2429 Pair_fst_snd_eq ~> prod_eq_iff 2430 split_twice ~> prod.case_distrib 2431 split_weak_cong ~> prod.case_cong_weak 2432 split_split ~> prod.split 2433 split_split_asm ~> prod.split_asm 2434 splitI ~> case_prodI 2435 splitD ~> case_prodD 2436 splitI2 ~> case_prodI2 2437 splitI2' ~> case_prodI2' 2438 splitE ~> case_prodE 2439 splitE' ~> case_prodE' 2440 split_pair ~> case_prod_Pair 2441 split_eta ~> case_prod_eta 2442 split_comp ~> case_prod_comp 2443 mem_splitI ~> mem_case_prodI 2444 mem_splitI2 ~> mem_case_prodI2 2445 mem_splitE ~> mem_case_prodE 2446 The_split ~> The_case_prod 2447 cond_split_eta ~> cond_case_prod_eta 2448 Collect_split_in_rel_leE ~> Collect_case_prod_in_rel_leE 2449 Collect_split_in_rel_leI ~> Collect_case_prod_in_rel_leI 2450 in_rel_Collect_split_eq ~> in_rel_Collect_case_prod_eq 2451 Collect_split_Grp_eqD ~> Collect_case_prod_Grp_eqD 2452 Collect_split_Grp_inD ~> Collect_case_prod_Grp_in 2453 Domain_Collect_split ~> Domain_Collect_case_prod 2454 Image_Collect_split ~> Image_Collect_case_prod 2455 Range_Collect_split ~> Range_Collect_case_prod 2456 Eps_split ~> Eps_case_prod 2457 Eps_split_eq ~> Eps_case_prod_eq 2458 split_rsp ~> case_prod_rsp 2459 curry_split ~> curry_case_prod 2460 split_curry ~> case_prod_curry 2461 2462Changes in structure HOLogic: 2463 split_const ~> case_prod_const 2464 mk_split ~> mk_case_prod 2465 mk_psplits ~> mk_ptupleabs 2466 strip_psplits ~> strip_ptupleabs 2467 2468INCOMPATIBILITY. 2469 2470* The coercions to type 'real' have been reorganised. The function 2471'real' is no longer overloaded, but has type 'nat => real' and 2472abbreviates of_nat for that type. Also 'real_of_int :: int => real' 2473abbreviates of_int for that type. Other overloaded instances of 'real' 2474have been replaced by 'real_of_ereal' and 'real_of_float'. 2475 2476Consolidated facts (among others): 2477 real_of_nat_le_iff -> of_nat_le_iff 2478 real_of_nat_numeral of_nat_numeral 2479 real_of_int_zero of_int_0 2480 real_of_nat_zero of_nat_0 2481 real_of_one of_int_1 2482 real_of_int_add of_int_add 2483 real_of_nat_add of_nat_add 2484 real_of_int_diff of_int_diff 2485 real_of_nat_diff of_nat_diff 2486 floor_subtract floor_diff_of_int 2487 real_of_int_inject of_int_eq_iff 2488 real_of_int_gt_zero_cancel_iff of_int_0_less_iff 2489 real_of_int_ge_zero_cancel_iff of_int_0_le_iff 2490 real_of_nat_ge_zero of_nat_0_le_iff 2491 real_of_int_ceiling_ge le_of_int_ceiling 2492 ceiling_less_eq ceiling_less_iff 2493 ceiling_le_eq ceiling_le_iff 2494 less_floor_eq less_floor_iff 2495 floor_less_eq floor_less_iff 2496 floor_divide_eq_div floor_divide_of_int_eq 2497 real_of_int_zero_cancel of_nat_eq_0_iff 2498 ceiling_real_of_int ceiling_of_int 2499 2500INCOMPATIBILITY. 2501 2502* Theory Map: lemma map_of_is_SomeD was a clone of map_of_SomeD and has 2503been removed. INCOMPATIBILITY. 2504 2505* Quickcheck setup for finite sets. 2506 2507* Discontinued simp_legacy_precond. Potential INCOMPATIBILITY. 2508 2509* Sledgehammer: 2510 - The MaSh relevance filter has been sped up. 2511 - Proof reconstruction has been improved, to minimize the incidence of 2512 cases where Sledgehammer gives a proof that does not work. 2513 - Auto Sledgehammer now minimizes and preplays the results. 2514 - Handle Vampire 4.0 proof output without raising exception. 2515 - Eliminated "MASH" environment variable. Use the "MaSh" option in 2516 Isabelle/jEdit instead. INCOMPATIBILITY. 2517 - Eliminated obsolete "blocking" option and related subcommands. 2518 2519* Nitpick: 2520 - Fixed soundness bug in translation of "finite" predicate. 2521 - Fixed soundness bug in "destroy_constrs" optimization. 2522 - Fixed soundness bug in translation of "rat" type. 2523 - Removed "check_potential" and "check_genuine" options. 2524 - Eliminated obsolete "blocking" option. 2525 2526* (Co)datatype package: 2527 - New commands "lift_bnf" and "copy_bnf" for lifting (copying) a BNF 2528 structure on the raw type to an abstract type defined using typedef. 2529 - Always generate "case_transfer" theorem. 2530 - For mutual types, generate slightly stronger "rel_induct", 2531 "rel_coinduct", and "coinduct" theorems. INCOMPATIBILITY. 2532 - Allow discriminators and selectors with the same name as the type 2533 being defined. 2534 - Avoid various internal name clashes (e.g., 'datatype f = f'). 2535 2536* Transfer: new methods for interactive debugging of 'transfer' and 2537'transfer_prover': 'transfer_start', 'transfer_step', 'transfer_end', 2538'transfer_prover_start' and 'transfer_prover_end'. 2539 2540* New diagnostic command print_record for displaying record definitions. 2541 2542* Division on integers is bootstrapped directly from division on 2543naturals and uses generic numeral algorithm for computations. Slight 2544INCOMPATIBILITY, simproc numeral_divmod replaces and generalizes former 2545simprocs binary_int_div and binary_int_mod 2546 2547* Tightened specification of class semiring_no_zero_divisors. Minor 2548INCOMPATIBILITY. 2549 2550* Class algebraic_semidom introduces common algebraic notions of 2551integral (semi)domains, particularly units. Although logically subsumed 2552by fields, is is not a super class of these in order not to burden 2553fields with notions that are trivial there. 2554 2555* Class normalization_semidom specifies canonical representants for 2556equivalence classes of associated elements in an integral (semi)domain. 2557This formalizes associated elements as well. 2558 2559* Abstract specification of gcd/lcm operations in classes semiring_gcd, 2560semiring_Gcd, semiring_Lcd. Minor INCOMPATIBILITY: facts gcd_nat.commute 2561and gcd_int.commute are subsumed by gcd.commute, as well as 2562gcd_nat.assoc and gcd_int.assoc by gcd.assoc. 2563 2564* Former constants Fields.divide (_ / _) and Divides.div (_ div _) are 2565logically unified to Rings.divide in syntactic type class Rings.divide, 2566with infix syntax (_ div _). Infix syntax (_ / _) for field division is 2567added later as abbreviation in class Fields.inverse. INCOMPATIBILITY, 2568instantiations must refer to Rings.divide rather than the former 2569separate constants, hence infix syntax (_ / _) is usually not available 2570during instantiation. 2571 2572* New cancellation simprocs for boolean algebras to cancel complementary 2573terms for sup and inf. For example, "sup x (sup y (- x))" simplifies to 2574"top". INCOMPATIBILITY. 2575 2576* Class uniform_space introduces uniform spaces btw topological spaces 2577and metric spaces. Minor INCOMPATIBILITY: open_<type>_def needs to be 2578introduced in the form of an uniformity. Some constants are more general 2579now, it may be necessary to add type class constraints. 2580 2581 open_real_def \<leadsto> open_dist 2582 open_complex_def \<leadsto> open_dist 2583 2584* Library/Monad_Syntax: notation uses symbols \<bind> and \<then>. INCOMPATIBILITY. 2585 2586* Library/Multiset: 2587 - Renamed multiset inclusion operators: 2588 < ~> <# 2589 > ~> ># 2590 <= ~> <=# 2591 >= ~> >=# 2592 \<le> ~> \<le># 2593 \<ge> ~> \<ge># 2594 INCOMPATIBILITY. 2595 - Added multiset inclusion operator syntax: 2596 \<subset># 2597 \<subseteq># 2598 \<supset># 2599 \<supseteq># 2600 - "'a multiset" is no longer an instance of the "order", 2601 "ordered_ab_semigroup_add_imp_le", "ordered_cancel_comm_monoid_diff", 2602 "semilattice_inf", and "semilattice_sup" type classes. The theorems 2603 previously provided by these type classes (directly or indirectly) 2604 are now available through the "subset_mset" interpretation 2605 (e.g. add_mono ~> subset_mset.add_mono). 2606 INCOMPATIBILITY. 2607 - Renamed conversions: 2608 multiset_of ~> mset 2609 multiset_of_set ~> mset_set 2610 set_of ~> set_mset 2611 INCOMPATIBILITY 2612 - Renamed lemmas: 2613 mset_le_def ~> subseteq_mset_def 2614 mset_less_def ~> subset_mset_def 2615 less_eq_multiset.rep_eq ~> subseteq_mset_def 2616 INCOMPATIBILITY 2617 - Removed lemmas generated by lift_definition: 2618 less_eq_multiset.abs_eq, less_eq_multiset.rsp, 2619 less_eq_multiset.transfer, less_eq_multiset_def 2620 INCOMPATIBILITY 2621 2622* Library/Omega_Words_Fun: Infinite words modeled as functions nat \<Rightarrow> 'a. 2623 2624* Library/Bourbaki_Witt_Fixpoint: Added formalisation of the 2625Bourbaki-Witt fixpoint theorem for increasing functions in 2626chain-complete partial orders. 2627 2628* Library/Old_Recdef: discontinued obsolete 'defer_recdef' command. 2629Minor INCOMPATIBILITY, use 'function' instead. 2630 2631* Library/Periodic_Fun: a locale that provides convenient lemmas for 2632periodic functions. 2633 2634* Library/Formal_Power_Series: proper definition of division (with 2635remainder) for formal power series; instances for Euclidean Ring and 2636GCD. 2637 2638* HOL-Imperative_HOL: obsolete theory Legacy_Mrec has been removed. 2639 2640* HOL-Statespace: command 'statespace' uses mandatory qualifier for 2641import of parent, as for general 'locale' expressions. INCOMPATIBILITY, 2642remove '!' and add '?' as required. 2643 2644* HOL-Decision_Procs: The "approximation" method works with "powr" 2645(exponentiation on real numbers) again. 2646 2647* HOL-Multivariate_Analysis: theory Cauchy_Integral_Thm with Contour 2648integrals (= complex path integrals), Cauchy's integral theorem, winding 2649numbers and Cauchy's integral formula, Liouville theorem, Fundamental 2650Theorem of Algebra. Ported from HOL Light. 2651 2652* HOL-Multivariate_Analysis: topological concepts such as connected 2653components, homotopic paths and the inside or outside of a set. 2654 2655* HOL-Multivariate_Analysis: radius of convergence of power series and 2656various summability tests; Harmonic numbers and the Euler���Mascheroni 2657constant; the Generalised Binomial Theorem; the complex and real 2658Gamma/log-Gamma/Digamma/ Polygamma functions and their most important 2659properties. 2660 2661* HOL-Probability: The central limit theorem based on Levy's uniqueness 2662and continuity theorems, weak convergence, and characterisitc functions. 2663 2664* HOL-Data_Structures: new and growing session of standard data 2665structures. 2666 2667 2668*** ML *** 2669 2670* The following combinators for low-level profiling of the ML runtime 2671system are available: 2672 2673 profile_time (*CPU time*) 2674 profile_time_thread (*CPU time on this thread*) 2675 profile_allocations (*overall heap allocations*) 2676 2677* Antiquotation @{undefined} or \<^undefined> inlines (raise Match). 2678 2679* Antiquotation @{method NAME} inlines the (checked) name of the given 2680Isar proof method. 2681 2682* Pretty printing of Poly/ML compiler output in Isabelle has been 2683improved: proper treatment of break offsets and blocks with consistent 2684breaks. 2685 2686* The auxiliary module Pure/display.ML has been eliminated. Its 2687elementary thm print operations are now in Pure/more_thm.ML and thus 2688called Thm.pretty_thm, Thm.string_of_thm etc. INCOMPATIBILITY. 2689 2690* Simproc programming interfaces have been simplified: 2691Simplifier.make_simproc and Simplifier.define_simproc supersede various 2692forms of Simplifier.mk_simproc, Simplifier.simproc_global etc. Note that 2693term patterns for the left-hand sides are specified with implicitly 2694fixed variables, like top-level theorem statements. INCOMPATIBILITY. 2695 2696* Instantiation rules have been re-organized as follows: 2697 2698 Thm.instantiate (*low-level instantiation with named arguments*) 2699 Thm.instantiate' (*version with positional arguments*) 2700 2701 Drule.infer_instantiate (*instantiation with type inference*) 2702 Drule.infer_instantiate' (*version with positional arguments*) 2703 2704The LHS only requires variable specifications, instead of full terms. 2705Old cterm_instantiate is superseded by infer_instantiate. 2706INCOMPATIBILITY, need to re-adjust some ML names and types accordingly. 2707 2708* Old tactic shorthands atac, rtac, etac, dtac, ftac have been 2709discontinued. INCOMPATIBILITY, use regular assume_tac, resolve_tac etc. 2710instead (with proper context). 2711 2712* Thm.instantiate (and derivatives) no longer require the LHS of the 2713instantiation to be certified: plain variables are given directly. 2714 2715* Subgoal.SUBPROOF and Subgoal.FOCUS combinators use anonymous 2716quasi-bound variables (like the Simplifier), instead of accidentally 2717named local fixes. This has the potential to improve stability of proof 2718tools, but can also cause INCOMPATIBILITY for tools that don't observe 2719the proof context discipline. 2720 2721* Isar proof methods are based on a slightly more general type 2722context_tactic, which allows to change the proof context dynamically 2723(e.g. to update cases) and indicate explicit Seq.Error results. Former 2724METHOD_CASES is superseded by CONTEXT_METHOD; further combinators are 2725provided in src/Pure/Isar/method.ML for convenience. INCOMPATIBILITY. 2726 2727 2728*** System *** 2729 2730* Command-line tool "isabelle console" enables print mode "ASCII". 2731 2732* Command-line tool "isabelle update_then" expands old Isar command 2733conflations: 2734 2735 hence ~> then have 2736 thus ~> then show 2737 2738This syntax is more orthogonal and improves readability and 2739maintainability of proofs. 2740 2741* Global session timeout is multiplied by timeout_scale factor. This 2742allows to adjust large-scale tests (e.g. AFP) to overall hardware 2743performance. 2744 2745* Property values in etc/symbols may contain spaces, if written with the 2746replacement character "���" (Unicode point 0x2324). For example: 2747 2748 \<star> code: 0x0022c6 group: operator font: Deja���Vu���Sans���Mono 2749 2750* Java runtime environment for x86_64-windows allows to use larger heap 2751space. 2752 2753* Java runtime options are determined separately for 32bit vs. 64bit 2754platforms as follows. 2755 2756 - Isabelle desktop application: platform-specific files that are 2757 associated with the main app bundle 2758 2759 - isabelle jedit: settings 2760 JEDIT_JAVA_SYSTEM_OPTIONS 2761 JEDIT_JAVA_OPTIONS32 vs. JEDIT_JAVA_OPTIONS64 2762 2763 - isabelle build: settings 2764 ISABELLE_BUILD_JAVA_OPTIONS32 vs. ISABELLE_BUILD_JAVA_OPTIONS64 2765 2766* Bash shell function "jvmpath" has been renamed to "platform_path": it 2767is relevant both for Poly/ML and JVM processes. 2768 2769* Poly/ML default platform architecture may be changed from 32bit to 277064bit via system option ML_system_64. A system restart (and rebuild) is 2771required after change. 2772 2773* Poly/ML 5.6 runs natively on x86-windows and x86_64-windows, which 2774both allow larger heap space than former x86-cygwin. 2775 2776* Heap images are 10-15% smaller due to less wasteful persistent theory 2777content (using ML type theory_id instead of theory); 2778 2779 2780 2781New in Isabelle2015 (May 2015) 2782------------------------------ 2783 2784*** General *** 2785 2786* Local theory specification commands may have a 'private' or 2787'qualified' modifier to restrict name space accesses to the local scope, 2788as provided by some "context begin ... end" block. For example: 2789 2790 context 2791 begin 2792 2793 private definition ... 2794 private lemma ... 2795 2796 qualified definition ... 2797 qualified lemma ... 2798 2799 lemma ... 2800 theorem ... 2801 2802 end 2803 2804* Command 'experiment' opens an anonymous locale context with private 2805naming policy. 2806 2807* Command 'notepad' requires proper nesting of begin/end and its proof 2808structure in the body: 'oops' is no longer supported here. Minor 2809INCOMPATIBILITY, use 'sorry' instead. 2810 2811* Command 'named_theorems' declares a dynamic fact within the context, 2812together with an attribute to maintain the content incrementally. This 2813supersedes functor Named_Thms in Isabelle/ML, but with a subtle change 2814of semantics due to external visual order vs. internal reverse order. 2815 2816* 'find_theorems': search patterns which are abstractions are 2817schematically expanded before search. Search results match the naive 2818expectation more closely, particularly wrt. abbreviations. 2819INCOMPATIBILITY. 2820 2821* Commands 'method_setup' and 'attribute_setup' now work within a local 2822theory context. 2823 2824* Outer syntax commands are managed authentically within the theory 2825context, without implicit global state. Potential for accidental 2826INCOMPATIBILITY, make sure that required theories are really imported. 2827 2828* Historical command-line terminator ";" is no longer accepted (and 2829already used differently in Isar). Minor INCOMPATIBILITY, use "isabelle 2830update_semicolons" to remove obsolete semicolons from old theory 2831sources. 2832 2833* Structural composition of proof methods (meth1; meth2) in Isar 2834corresponds to (tac1 THEN_ALL_NEW tac2) in ML. 2835 2836* The Eisbach proof method language allows to define new proof methods 2837by combining existing ones with their usual syntax. The "match" proof 2838method provides basic fact/term matching in addition to 2839premise/conclusion matching through Subgoal.focus, and binds fact names 2840from matches as well as term patterns within matches. The Isabelle 2841documentation provides an entry "eisbach" for the Eisbach User Manual. 2842Sources and various examples are in ~~/src/HOL/Eisbach/. 2843 2844 2845*** Prover IDE -- Isabelle/Scala/jEdit *** 2846 2847* Improved folding mode "isabelle" based on Isar syntax. Alternatively, 2848the "sidekick" mode may be used for document structure. 2849 2850* Extended bracket matching based on Isar language structure. System 2851option jedit_structure_limit determines maximum number of lines to scan 2852in the buffer. 2853 2854* Support for BibTeX files: context menu, context-sensitive token 2855marker, SideKick parser. 2856 2857* Document antiquotation @{cite} provides formal markup, which is 2858interpreted semi-formally based on .bib files that happen to be open in 2859the editor (hyperlinks, completion etc.). 2860 2861* Less waste of vertical space via negative line spacing (see Global 2862Options / Text Area). 2863 2864* Improved graphview panel with optional output of PNG or PDF, for 2865display of 'thy_deps', 'class_deps' etc. 2866 2867* The commands 'thy_deps' and 'class_deps' allow optional bounds to 2868restrict the visualized hierarchy. 2869 2870* Improved scheduling for asynchronous print commands (e.g. provers 2871managed by the Sledgehammer panel) wrt. ongoing document processing. 2872 2873 2874*** Document preparation *** 2875 2876* Document markup commands 'chapter', 'section', 'subsection', 2877'subsubsection', 'text', 'txt', 'text_raw' work uniformly in any 2878context, even before the initial 'theory' command. Obsolete proof 2879commands 'sect', 'subsect', 'subsubsect', 'txt_raw' have been 2880discontinued, use 'section', 'subsection', 'subsubsection', 'text_raw' 2881instead. The old 'header' command is still retained for some time, but 2882should be replaced by 'chapter', 'section' etc. (using "isabelle 2883update_header"). Minor INCOMPATIBILITY. 2884 2885* Official support for "tt" style variants, via \isatt{...} or 2886\begin{isabellett}...\end{isabellett}. The somewhat fragile \verb or 2887verbatim environment of LaTeX is no longer used. This allows @{ML} etc. 2888as argument to other macros (such as footnotes). 2889 2890* Document antiquotation @{verbatim} prints ASCII text literally in "tt" 2891style. 2892 2893* Discontinued obsolete option "document_graph": session_graph.pdf is 2894produced unconditionally for HTML browser_info and PDF-LaTeX document. 2895 2896* Diagnostic commands and document markup commands within a proof do not 2897affect the command tag for output. Thus commands like 'thm' are subject 2898to proof document structure, and no longer "stick out" accidentally. 2899Commands 'text' and 'txt' merely differ in the LaTeX style, not their 2900tags. Potential INCOMPATIBILITY in exotic situations. 2901 2902* System option "pretty_margin" is superseded by "thy_output_margin", 2903which is also accessible via document antiquotation option "margin". 2904Only the margin for document output may be changed, but not the global 2905pretty printing: that is 76 for plain console output, and adapted 2906dynamically in GUI front-ends. Implementations of document 2907antiquotations need to observe the margin explicitly according to 2908Thy_Output.string_of_margin. Minor INCOMPATIBILITY. 2909 2910* Specification of 'document_files' in the session ROOT file is 2911mandatory for document preparation. The legacy mode with implicit 2912copying of the document/ directory is no longer supported. Minor 2913INCOMPATIBILITY. 2914 2915 2916*** Pure *** 2917 2918* Proof methods with explicit instantiation ("rule_tac", "subgoal_tac" 2919etc.) allow an optional context of local variables ('for' declaration): 2920these variables become schematic in the instantiated theorem; this 2921behaviour is analogous to 'for' in attributes "where" and "of". 2922Configuration option rule_insts_schematic (default false) controls use 2923of schematic variables outside the context. Minor INCOMPATIBILITY, 2924declare rule_insts_schematic = true temporarily and update to use local 2925variable declarations or dummy patterns instead. 2926 2927* Explicit instantiation via attributes "where", "of", and proof methods 2928"rule_tac" with derivatives like "subgoal_tac" etc. admit dummy patterns 2929("_") that stand for anonymous local variables. 2930 2931* Generated schematic variables in standard format of exported facts are 2932incremented to avoid material in the proof context. Rare 2933INCOMPATIBILITY, explicit instantiation sometimes needs to refer to 2934different index. 2935 2936* Lexical separation of signed and unsigned numerals: categories "num" 2937and "float" are unsigned. INCOMPATIBILITY: subtle change in precedence 2938of numeral signs, particularly in expressions involving infix syntax 2939like "(- 1) ^ n". 2940 2941* Old inner token category "xnum" has been discontinued. Potential 2942INCOMPATIBILITY for exotic syntax: may use mixfix grammar with "num" 2943token category instead. 2944 2945 2946*** HOL *** 2947 2948* New (co)datatype package: 2949 - The 'datatype_new' command has been renamed 'datatype'. The old 2950 command of that name is now called 'old_datatype' and is provided 2951 by "~~/src/HOL/Library/Old_Datatype.thy". See 2952 'isabelle doc datatypes' for information on porting. 2953 INCOMPATIBILITY. 2954 - Renamed theorems: 2955 disc_corec ~> corec_disc 2956 disc_corec_iff ~> corec_disc_iff 2957 disc_exclude ~> distinct_disc 2958 disc_exhaust ~> exhaust_disc 2959 disc_map_iff ~> map_disc_iff 2960 sel_corec ~> corec_sel 2961 sel_exhaust ~> exhaust_sel 2962 sel_map ~> map_sel 2963 sel_set ~> set_sel 2964 sel_split ~> split_sel 2965 sel_split_asm ~> split_sel_asm 2966 strong_coinduct ~> coinduct_strong 2967 weak_case_cong ~> case_cong_weak 2968 INCOMPATIBILITY. 2969 - The "no_code" option to "free_constructors", "datatype_new", and 2970 "codatatype" has been renamed "plugins del: code". 2971 INCOMPATIBILITY. 2972 - The rules "set_empty" have been removed. They are easy 2973 consequences of other set rules "by auto". 2974 INCOMPATIBILITY. 2975 - The rule "set_cases" is now registered with the "[cases set]" 2976 attribute. This can influence the behavior of the "cases" proof 2977 method when more than one case rule is applicable (e.g., an 2978 assumption is of the form "w : set ws" and the method "cases w" 2979 is invoked). The solution is to specify the case rule explicitly 2980 (e.g. "cases w rule: widget.exhaust"). 2981 INCOMPATIBILITY. 2982 - Renamed theories: 2983 BNF_Comp ~> BNF_Composition 2984 BNF_FP_Base ~> BNF_Fixpoint_Base 2985 BNF_GFP ~> BNF_Greatest_Fixpoint 2986 BNF_LFP ~> BNF_Least_Fixpoint 2987 BNF_Constructions_on_Wellorders ~> BNF_Wellorder_Constructions 2988 Cardinals/Constructions_on_Wellorders ~> Cardinals/Wellorder_Constructions 2989 INCOMPATIBILITY. 2990 - Lifting and Transfer setup for basic HOL types sum and prod (also 2991 option) is now performed by the BNF package. Theories Lifting_Sum, 2992 Lifting_Product and Lifting_Option from Main became obsolete and 2993 were removed. Changed definitions of the relators rel_prod and 2994 rel_sum (using inductive). 2995 INCOMPATIBILITY: use rel_prod.simps and rel_sum.simps instead 2996 of rel_prod_def and rel_sum_def. 2997 Minor INCOMPATIBILITY: (rarely used by name) transfer theorem names 2998 changed (e.g. map_prod_transfer ~> prod.map_transfer). 2999 - Parametricity theorems for map functions, relators, set functions, 3000 constructors, case combinators, discriminators, selectors and 3001 (co)recursors are automatically proved and registered as transfer 3002 rules. 3003 3004* Old datatype package: 3005 - The old 'datatype' command has been renamed 'old_datatype', and 3006 'rep_datatype' has been renamed 'old_rep_datatype'. They are 3007 provided by "~~/src/HOL/Library/Old_Datatype.thy". See 3008 'isabelle doc datatypes' for information on porting. 3009 INCOMPATIBILITY. 3010 - Renamed theorems: 3011 weak_case_cong ~> case_cong_weak 3012 INCOMPATIBILITY. 3013 - Renamed theory: 3014 ~~/src/HOL/Datatype.thy ~> ~~/src/HOL/Library/Old_Datatype.thy 3015 INCOMPATIBILITY. 3016 3017* Nitpick: 3018 - Fixed soundness bug related to the strict and non-strict subset 3019 operations. 3020 3021* Sledgehammer: 3022 - CVC4 is now included with Isabelle instead of CVC3 and run by 3023 default. 3024 - Z3 is now always enabled by default, now that it is fully open 3025 source. The "z3_non_commercial" option is discontinued. 3026 - Minimization is now always enabled by default. 3027 Removed sub-command: 3028 min 3029 - Proof reconstruction, both one-liners and Isar, has been 3030 dramatically improved. 3031 - Improved support for CVC4 and veriT. 3032 3033* Old and new SMT modules: 3034 - The old 'smt' method has been renamed 'old_smt' and moved to 3035 'src/HOL/Library/Old_SMT.thy'. It is provided for compatibility, 3036 until applications have been ported to use the new 'smt' method. For 3037 the method to work, an older version of Z3 (e.g. Z3 3.2 or 4.0) must 3038 be installed, and the environment variable "OLD_Z3_SOLVER" must 3039 point to it. 3040 INCOMPATIBILITY. 3041 - The 'smt2' method has been renamed 'smt'. 3042 INCOMPATIBILITY. 3043 - New option 'smt_reconstruction_step_timeout' to limit the 3044 reconstruction time of Z3 proof steps in the new 'smt' method. 3045 - New option 'smt_statistics' to display statistics of the new 'smt' 3046 method, especially runtime statistics of Z3 proof reconstruction. 3047 3048* Lifting: command 'lift_definition' allows to execute lifted constants 3049that have as a return type a datatype containing a subtype. This 3050overcomes long-time limitations in the area of code generation and 3051lifting, and avoids tedious workarounds. 3052 3053* Command and antiquotation "value" provide different evaluation slots 3054(again), where the previous strategy (NBE after ML) serves as default. 3055Minor INCOMPATIBILITY. 3056 3057* Add NO_MATCH-simproc, allows to check for syntactic non-equality. 3058 3059* field_simps: Use NO_MATCH-simproc for distribution rules, to avoid 3060non-termination in case of distributing a division. With this change 3061field_simps is in some cases slightly less powerful, if it fails try to 3062add algebra_simps, or use divide_simps. Minor INCOMPATIBILITY. 3063 3064* Separate class no_zero_divisors has been given up in favour of fully 3065algebraic semiring_no_zero_divisors. INCOMPATIBILITY. 3066 3067* Class linordered_semidom really requires no zero divisors. 3068INCOMPATIBILITY. 3069 3070* Classes division_ring, field and linordered_field always demand 3071"inverse 0 = 0". Given up separate classes division_ring_inverse_zero, 3072field_inverse_zero and linordered_field_inverse_zero. INCOMPATIBILITY. 3073 3074* Classes cancel_ab_semigroup_add / cancel_monoid_add specify explicit 3075additive inverse operation. INCOMPATIBILITY. 3076 3077* Complex powers and square roots. The functions "ln" and "powr" are now 3078overloaded for types real and complex, and 0 powr y = 0 by definition. 3079INCOMPATIBILITY: type constraints may be necessary. 3080 3081* The functions "sin" and "cos" are now defined for any type of sort 3082"{real_normed_algebra_1,banach}" type, so in particular on "real" and 3083"complex" uniformly. Minor INCOMPATIBILITY: type constraints may be 3084needed. 3085 3086* New library of properties of the complex transcendental functions sin, 3087cos, tan, exp, Ln, Arctan, Arcsin, Arccos. Ported from HOL Light. 3088 3089* The factorial function, "fact", now has type "nat => 'a" (of a sort 3090that admits numeric types including nat, int, real and complex. 3091INCOMPATIBILITY: an expression such as "fact 3 = 6" may require a type 3092constraint, and the combination "real (fact k)" is likely to be 3093unsatisfactory. If a type conversion is still necessary, then use 3094"of_nat (fact k)" or "real_of_nat (fact k)". 3095 3096* Removed functions "natfloor" and "natceiling", use "nat o floor" and 3097"nat o ceiling" instead. A few of the lemmas have been retained and 3098adapted: in their names "natfloor"/"natceiling" has been replaced by 3099"nat_floor"/"nat_ceiling". 3100 3101* Qualified some duplicated fact names required for boostrapping the 3102type class hierarchy: 3103 ab_add_uminus_conv_diff ~> diff_conv_add_uminus 3104 field_inverse_zero ~> inverse_zero 3105 field_divide_inverse ~> divide_inverse 3106 field_inverse ~> left_inverse 3107Minor INCOMPATIBILITY. 3108 3109* Eliminated fact duplicates: 3110 mult_less_imp_less_right ~> mult_right_less_imp_less 3111 mult_less_imp_less_left ~> mult_left_less_imp_less 3112Minor INCOMPATIBILITY. 3113 3114* Fact consolidation: even_less_0_iff is subsumed by 3115double_add_less_zero_iff_single_add_less_zero (simp by default anyway). 3116 3117* Generalized and consolidated some theorems concerning divsibility: 3118 dvd_reduce ~> dvd_add_triv_right_iff 3119 dvd_plus_eq_right ~> dvd_add_right_iff 3120 dvd_plus_eq_left ~> dvd_add_left_iff 3121Minor INCOMPATIBILITY. 3122 3123* "even" and "odd" are mere abbreviations for "2 dvd _" and "~ 2 dvd _" 3124and part of theory Main. 3125 even_def ~> even_iff_mod_2_eq_zero 3126INCOMPATIBILITY. 3127 3128* Lemma name consolidation: divide_Numeral1 ~> divide_numeral_1. Minor 3129INCOMPATIBILITY. 3130 3131* Bootstrap of listsum as special case of abstract product over lists. 3132Fact rename: 3133 listsum_def ~> listsum.eq_foldr 3134INCOMPATIBILITY. 3135 3136* Product over lists via constant "listprod". 3137 3138* Theory List: renamed drop_Suc_conv_tl and nth_drop' to 3139Cons_nth_drop_Suc. 3140 3141* New infrastructure for compiling, running, evaluating and testing 3142generated code in target languages in HOL/Library/Code_Test. See 3143HOL/Codegenerator_Test/Code_Test* for examples. 3144 3145* Library/Multiset: 3146 - Introduced "replicate_mset" operation. 3147 - Introduced alternative characterizations of the multiset ordering in 3148 "Library/Multiset_Order". 3149 - Renamed multiset ordering: 3150 <# ~> #<# 3151 <=# ~> #<=# 3152 \<subset># ~> #\<subset># 3153 \<subseteq># ~> #\<subseteq># 3154 INCOMPATIBILITY. 3155 - Introduced abbreviations for ill-named multiset operations: 3156 <#, \<subset># abbreviate < (strict subset) 3157 <=#, \<le>#, \<subseteq># abbreviate <= (subset or equal) 3158 INCOMPATIBILITY. 3159 - Renamed 3160 in_multiset_of ~> in_multiset_in_set 3161 Multiset.fold ~> fold_mset 3162 Multiset.filter ~> filter_mset 3163 INCOMPATIBILITY. 3164 - Removed mcard, is equal to size. 3165 - Added attributes: 3166 image_mset.id [simp] 3167 image_mset_id [simp] 3168 elem_multiset_of_set [simp, intro] 3169 comp_fun_commute_plus_mset [simp] 3170 comp_fun_commute.fold_mset_insert [OF comp_fun_commute_plus_mset, simp] 3171 in_mset_fold_plus_iff [iff] 3172 set_of_Union_mset [simp] 3173 in_Union_mset_iff [iff] 3174 INCOMPATIBILITY. 3175 3176* Library/Sum_of_Squares: simplified and improved "sos" method. Always 3177use local CSDP executable, which is much faster than the NEOS server. 3178The "sos_cert" functionality is invoked as "sos" with additional 3179argument. Minor INCOMPATIBILITY. 3180 3181* HOL-Decision_Procs: New counterexample generator quickcheck 3182[approximation] for inequalities of transcendental functions. Uses 3183hardware floating point arithmetic to randomly discover potential 3184counterexamples. Counterexamples are certified with the "approximation" 3185method. See HOL/Decision_Procs/ex/Approximation_Quickcheck_Ex.thy for 3186examples. 3187 3188* HOL-Probability: Reworked measurability prover 3189 - applies destructor rules repeatedly 3190 - removed application splitting (replaced by destructor rule) 3191 - added congruence rules to rewrite measure spaces under the sets 3192 projection 3193 3194* New proof method "rewrite" (in theory ~~/src/HOL/Library/Rewrite) for 3195single-step rewriting with subterm selection based on patterns. 3196 3197 3198*** ML *** 3199 3200* Subtle change of name space policy: undeclared entries are now 3201considered inaccessible, instead of accessible via the fully-qualified 3202internal name. This mainly affects Name_Space.intern (and derivatives), 3203which may produce an unexpected Long_Name.hidden prefix. Note that 3204contemporary applications use the strict Name_Space.check (and 3205derivatives) instead, which is not affected by the change. Potential 3206INCOMPATIBILITY in rare applications of Name_Space.intern. 3207 3208* Subtle change of error semantics of Toplevel.proof_of: regular user 3209ERROR instead of internal Toplevel.UNDEF. 3210 3211* Basic combinators map, fold, fold_map, split_list, apply are available 3212as parameterized antiquotations, e.g. @{map 4} for lists of quadruples. 3213 3214* Renamed "pairself" to "apply2", in accordance to @{apply 2}. 3215INCOMPATIBILITY. 3216 3217* Former combinators NAMED_CRITICAL and CRITICAL for central critical 3218sections have been discontinued, in favour of the more elementary 3219Multithreading.synchronized and its high-level derivative 3220Synchronized.var (which is usually sufficient in applications). Subtle 3221INCOMPATIBILITY: synchronized access needs to be atomic and cannot be 3222nested. 3223 3224* Synchronized.value (ML) is actually synchronized (as in Scala): subtle 3225change of semantics with minimal potential for INCOMPATIBILITY. 3226 3227* The main operations to certify logical entities are Thm.ctyp_of and 3228Thm.cterm_of with a local context; old-style global theory variants are 3229available as Thm.global_ctyp_of and Thm.global_cterm_of. 3230INCOMPATIBILITY. 3231 3232* Elementary operations in module Thm are no longer pervasive. 3233INCOMPATIBILITY, need to use qualified Thm.prop_of, Thm.cterm_of, 3234Thm.term_of etc. 3235 3236* Proper context for various elementary tactics: assume_tac, 3237resolve_tac, eresolve_tac, dresolve_tac, forward_tac, match_tac, 3238compose_tac, Splitter.split_tac etc. INCOMPATIBILITY. 3239 3240* Tactical PARALLEL_ALLGOALS is the most common way to refer to 3241PARALLEL_GOALS. 3242 3243* Goal.prove_multi is superseded by the fully general Goal.prove_common, 3244which also allows to specify a fork priority. 3245 3246* Antiquotation @{command_spec "COMMAND"} is superseded by 3247@{command_keyword COMMAND} (usually without quotes and with PIDE 3248markup). Minor INCOMPATIBILITY. 3249 3250* Cartouches within ML sources are turned into values of type 3251Input.source (with formal position information). 3252 3253 3254*** System *** 3255 3256* The Isabelle tool "update_cartouches" changes theory files to use 3257cartouches instead of old-style {* verbatim *} or `alt_string` tokens. 3258 3259* The Isabelle tool "build" provides new options -X, -k, -x. 3260 3261* Discontinued old-fashioned "codegen" tool. Code generation can always 3262be externally triggered using an appropriate ROOT file plus a 3263corresponding theory. Parametrization is possible using environment 3264variables, or ML snippets in the most extreme cases. Minor 3265INCOMPATIBILITY. 3266 3267* JVM system property "isabelle.threads" determines size of Scala thread 3268pool, like Isabelle system option "threads" for ML. 3269 3270* JVM system property "isabelle.laf" determines the default Swing 3271look-and-feel, via internal class name or symbolic name as in the jEdit 3272menu Global Options / Appearance. 3273 3274* Support for Proof General and Isar TTY loop has been discontinued. 3275Minor INCOMPATIBILITY, use standard PIDE infrastructure instead. 3276 3277 3278 3279New in Isabelle2014 (August 2014) 3280--------------------------------- 3281 3282*** General *** 3283 3284* Support for official Standard ML within the Isabelle context. 3285Command 'SML_file' reads and evaluates the given Standard ML file. 3286Toplevel bindings are stored within the theory context; the initial 3287environment is restricted to the Standard ML implementation of 3288Poly/ML, without the add-ons of Isabelle/ML. Commands 'SML_import' 3289and 'SML_export' allow to exchange toplevel bindings between the two 3290separate environments. See also ~~/src/Tools/SML/Examples.thy for 3291some examples. 3292 3293* Standard tactics and proof methods such as "clarsimp", "auto" and 3294"safe" now preserve equality hypotheses "x = expr" where x is a free 3295variable. Locale assumptions and chained facts containing "x" 3296continue to be useful. The new method "hypsubst_thin" and the 3297configuration option "hypsubst_thin" (within the attribute name space) 3298restore the previous behavior. INCOMPATIBILITY, especially where 3299induction is done after these methods or when the names of free and 3300bound variables clash. As first approximation, old proofs may be 3301repaired by "using [[hypsubst_thin = true]]" in the critical spot. 3302 3303* More static checking of proof methods, which allows the system to 3304form a closure over the concrete syntax. Method arguments should be 3305processed in the original proof context as far as possible, before 3306operating on the goal state. In any case, the standard discipline for 3307subgoal-addressing needs to be observed: no subgoals or a subgoal 3308number that is out of range produces an empty result sequence, not an 3309exception. Potential INCOMPATIBILITY for non-conformant tactical 3310proof tools. 3311 3312* Lexical syntax (inner and outer) supports text cartouches with 3313arbitrary nesting, and without escapes of quotes etc. The Prover IDE 3314supports input via ` (backquote). 3315 3316* The outer syntax categories "text" (for formal comments and document 3317markup commands) and "altstring" (for literal fact references) allow 3318cartouches as well, in addition to the traditional mix of quotations. 3319 3320* Syntax of document antiquotation @{rail} now uses \<newline> instead 3321of "\\", to avoid the optical illusion of escaped backslash within 3322string token. General renovation of its syntax using text cartouches. 3323Minor INCOMPATIBILITY. 3324 3325* Discontinued legacy_isub_isup, which was a temporary workaround for 3326Isabelle/ML in Isabelle2013-1. The prover process no longer accepts 3327old identifier syntax with \<^isub> or \<^isup>. Potential 3328INCOMPATIBILITY. 3329 3330* Document antiquotation @{url} produces markup for the given URL, 3331which results in an active hyperlink within the text. 3332 3333* Document antiquotation @{file_unchecked} is like @{file}, but does 3334not check existence within the file-system. 3335 3336* Updated and extended manuals: codegen, datatypes, implementation, 3337isar-ref, jedit, system. 3338 3339 3340*** Prover IDE -- Isabelle/Scala/jEdit *** 3341 3342* Improved Document panel: simplified interaction where every single 3343mouse click (re)opens document via desktop environment or as jEdit 3344buffer. 3345 3346* Support for Navigator plugin (with toolbar buttons), with connection 3347to PIDE hyperlinks. 3348 3349* Auxiliary files ('ML_file' etc.) are managed by the Prover IDE. 3350Open text buffers take precedence over copies within the file-system. 3351 3352* Improved support for Isabelle/ML, with jEdit mode "isabelle-ml" for 3353auxiliary ML files. 3354 3355* Improved syntactic and semantic completion mechanism, with simple 3356templates, completion language context, name-space completion, 3357file-name completion, spell-checker completion. 3358 3359* Refined GUI popup for completion: more robust key/mouse event 3360handling and propagation to enclosing text area -- avoid loosing 3361keystrokes with slow / remote graphics displays. 3362 3363* Completion popup supports both ENTER and TAB (default) to select an 3364item, depending on Isabelle options. 3365 3366* Refined insertion of completion items wrt. jEdit text: multiple 3367selections, rectangular selections, rectangular selection as "tall 3368caret". 3369 3370* Integrated spell-checker for document text, comments etc. with 3371completion popup and context-menu. 3372 3373* More general "Query" panel supersedes "Find" panel, with GUI access 3374to commands 'find_theorems' and 'find_consts', as well as print 3375operations for the context. Minor incompatibility in keyboard 3376shortcuts etc.: replace action isabelle-find by isabelle-query. 3377 3378* Search field for all output panels ("Output", "Query", "Info" etc.) 3379to highlight text via regular expression. 3380 3381* Option "jedit_print_mode" (see also "Plugin Options / Isabelle / 3382General") allows to specify additional print modes for the prover 3383process, without requiring old-fashioned command-line invocation of 3384"isabelle jedit -m MODE". 3385 3386* More support for remote files (e.g. http) using standard Java 3387networking operations instead of jEdit virtual file-systems. 3388 3389* Empty editors buffers that are no longer required (e.g.\ via theory 3390imports) are automatically removed from the document model. 3391 3392* Improved monitor panel. 3393 3394* Improved Console/Scala plugin: more uniform scala.Console output, 3395more robust treatment of threads and interrupts. 3396 3397* Improved management of dockable windows: clarified keyboard focus 3398and window placement wrt. main editor view; optional menu item to 3399"Detach" a copy where this makes sense. 3400 3401* New Simplifier Trace panel provides an interactive view of the 3402simplification process, enabled by the "simp_trace_new" attribute 3403within the context. 3404 3405 3406*** Pure *** 3407 3408* Low-level type-class commands 'classes', 'classrel', 'arities' have 3409been discontinued to avoid the danger of non-trivial axiomatization 3410that is not immediately visible. INCOMPATIBILITY, use regular 3411'instance' command with proof. The required OFCLASS(...) theorem 3412might be postulated via 'axiomatization' beforehand, or the proof 3413finished trivially if the underlying class definition is made vacuous 3414(without any assumptions). See also Isabelle/ML operations 3415Axclass.class_axiomatization, Axclass.classrel_axiomatization, 3416Axclass.arity_axiomatization. 3417 3418* Basic constants of Pure use more conventional names and are always 3419qualified. Rare INCOMPATIBILITY, but with potentially serious 3420consequences, notably for tools in Isabelle/ML. The following 3421renaming needs to be applied: 3422 3423 == ~> Pure.eq 3424 ==> ~> Pure.imp 3425 all ~> Pure.all 3426 TYPE ~> Pure.type 3427 dummy_pattern ~> Pure.dummy_pattern 3428 3429Systematic porting works by using the following theory setup on a 3430*previous* Isabelle version to introduce the new name accesses for the 3431old constants: 3432 3433setup {* 3434 fn thy => thy 3435 |> Sign.root_path 3436 |> Sign.const_alias (Binding.qualify true "Pure" @{binding eq}) "==" 3437 |> Sign.const_alias (Binding.qualify true "Pure" @{binding imp}) "==>" 3438 |> Sign.const_alias (Binding.qualify true "Pure" @{binding all}) "all" 3439 |> Sign.restore_naming thy 3440*} 3441 3442Thus ML antiquotations like @{const_name Pure.eq} may be used already. 3443Later the application is moved to the current Isabelle version, and 3444the auxiliary aliases are deleted. 3445 3446* Attributes "where" and "of" allow an optional context of local 3447variables ('for' declaration): these variables become schematic in the 3448instantiated theorem. 3449 3450* Obsolete attribute "standard" has been discontinued (legacy since 3451Isabelle2012). Potential INCOMPATIBILITY, use explicit 'for' context 3452where instantiations with schematic variables are intended (for 3453declaration commands like 'lemmas' or attributes like "of"). The 3454following temporary definition may help to port old applications: 3455 3456 attribute_setup standard = 3457 "Scan.succeed (Thm.rule_attribute (K Drule.export_without_context))" 3458 3459* More thorough check of proof context for goal statements and 3460attributed fact expressions (concerning background theory, declared 3461hyps). Potential INCOMPATIBILITY, tools need to observe standard 3462context discipline. See also Assumption.add_assumes and the more 3463primitive Thm.assume_hyps. 3464 3465* Inner syntax token language allows regular quoted strings "..." 3466(only makes sense in practice, if outer syntax is delimited 3467differently, e.g. via cartouches). 3468 3469* Command 'print_term_bindings' supersedes 'print_binds' for clarity, 3470but the latter is retained some time as Proof General legacy. 3471 3472* Code generator preprocessor: explicit control of simp tracing on a 3473per-constant basis. See attribute "code_preproc". 3474 3475 3476*** HOL *** 3477 3478* Code generator: enforce case of identifiers only for strict target 3479language requirements. INCOMPATIBILITY. 3480 3481* Code generator: explicit proof contexts in many ML interfaces. 3482INCOMPATIBILITY. 3483 3484* Code generator: minimize exported identifiers by default. Minor 3485INCOMPATIBILITY. 3486 3487* Code generation for SML and OCaml: dropped arcane "no_signatures" 3488option. Minor INCOMPATIBILITY. 3489 3490* "declare [[code abort: ...]]" replaces "code_abort ...". 3491INCOMPATIBILITY. 3492 3493* "declare [[code drop: ...]]" drops all code equations associated 3494with the given constants. 3495 3496* Code generations are provided for make, fields, extend and truncate 3497operations on records. 3498 3499* Command and antiquotation "value" are now hardcoded against nbe and 3500ML. Minor INCOMPATIBILITY. 3501 3502* Renamed command 'enriched_type' to 'functor'. INCOMPATIBILITY. 3503 3504* The symbol "\<newline>" may be used within char or string literals 3505to represent (Char Nibble0 NibbleA), i.e. ASCII newline. 3506 3507* Qualified String.implode and String.explode. INCOMPATIBILITY. 3508 3509* Simplifier: Enhanced solver of preconditions of rewrite rules can 3510now deal with conjunctions. For help with converting proofs, the old 3511behaviour of the simplifier can be restored like this: declare/using 3512[[simp_legacy_precond]]. This configuration option will disappear 3513again in the future. INCOMPATIBILITY. 3514 3515* Simproc "finite_Collect" is no longer enabled by default, due to 3516spurious crashes and other surprises. Potential INCOMPATIBILITY. 3517 3518* Moved new (co)datatype package and its dependencies from session 3519 "HOL-BNF" to "HOL". The commands 'bnf', 'wrap_free_constructors', 3520 'datatype_new', 'codatatype', 'primcorec', 'primcorecursive' are now 3521 part of theory "Main". 3522 3523 Theory renamings: 3524 FunDef.thy ~> Fun_Def.thy (and Fun_Def_Base.thy) 3525 Library/Wfrec.thy ~> Wfrec.thy 3526 Library/Zorn.thy ~> Zorn.thy 3527 Cardinals/Order_Relation.thy ~> Order_Relation.thy 3528 Library/Order_Union.thy ~> Cardinals/Order_Union.thy 3529 Cardinals/Cardinal_Arithmetic_Base.thy ~> BNF_Cardinal_Arithmetic.thy 3530 Cardinals/Cardinal_Order_Relation_Base.thy ~> BNF_Cardinal_Order_Relation.thy 3531 Cardinals/Constructions_on_Wellorders_Base.thy ~> BNF_Constructions_on_Wellorders.thy 3532 Cardinals/Wellorder_Embedding_Base.thy ~> BNF_Wellorder_Embedding.thy 3533 Cardinals/Wellorder_Relation_Base.thy ~> BNF_Wellorder_Relation.thy 3534 BNF/Ctr_Sugar.thy ~> Ctr_Sugar.thy 3535 BNF/Basic_BNFs.thy ~> Basic_BNFs.thy 3536 BNF/BNF_Comp.thy ~> BNF_Comp.thy 3537 BNF/BNF_Def.thy ~> BNF_Def.thy 3538 BNF/BNF_FP_Base.thy ~> BNF_FP_Base.thy 3539 BNF/BNF_GFP.thy ~> BNF_GFP.thy 3540 BNF/BNF_LFP.thy ~> BNF_LFP.thy 3541 BNF/BNF_Util.thy ~> BNF_Util.thy 3542 BNF/Coinduction.thy ~> Coinduction.thy 3543 BNF/More_BNFs.thy ~> Library/More_BNFs.thy 3544 BNF/Countable_Type.thy ~> Library/Countable_Set_Type.thy 3545 BNF/Examples/* ~> BNF_Examples/* 3546 3547 New theories: 3548 Wellorder_Extension.thy (split from Zorn.thy) 3549 Library/Cardinal_Notations.thy 3550 Library/BNF_Axomatization.thy 3551 BNF_Examples/Misc_Primcorec.thy 3552 BNF_Examples/Stream_Processor.thy 3553 3554 Discontinued theories: 3555 BNF/BNF.thy 3556 BNF/Equiv_Relations_More.thy 3557 3558INCOMPATIBILITY. 3559 3560* New (co)datatype package: 3561 - Command 'primcorec' is fully implemented. 3562 - Command 'datatype_new' generates size functions ("size_xxx" and 3563 "size") as required by 'fun'. 3564 - BNFs are integrated with the Lifting tool and new-style 3565 (co)datatypes with Transfer. 3566 - Renamed commands: 3567 datatype_new_compat ~> datatype_compat 3568 primrec_new ~> primrec 3569 wrap_free_constructors ~> free_constructors 3570 INCOMPATIBILITY. 3571 - The generated constants "xxx_case" and "xxx_rec" have been renamed 3572 "case_xxx" and "rec_xxx" (e.g., "prod_case" ~> "case_prod"). 3573 INCOMPATIBILITY. 3574 - The constant "xxx_(un)fold" and related theorems are no longer 3575 generated. Use "xxx_(co)rec" or define "xxx_(un)fold" manually 3576 using "prim(co)rec". 3577 INCOMPATIBILITY. 3578 - No discriminators are generated for nullary constructors by 3579 default, eliminating the need for the odd "=:" syntax. 3580 INCOMPATIBILITY. 3581 - No discriminators or selectors are generated by default by 3582 "datatype_new", unless custom names are specified or the new 3583 "discs_sels" option is passed. 3584 INCOMPATIBILITY. 3585 3586* Old datatype package: 3587 - The generated theorems "xxx.cases" and "xxx.recs" have been 3588 renamed "xxx.case" and "xxx.rec" (e.g., "sum.cases" -> 3589 "sum.case"). INCOMPATIBILITY. 3590 - The generated constants "xxx_case", "xxx_rec", and "xxx_size" have 3591 been renamed "case_xxx", "rec_xxx", and "size_xxx" (e.g., 3592 "prod_case" ~> "case_prod"). INCOMPATIBILITY. 3593 3594* The types "'a list" and "'a option", their set and map functions, 3595 their relators, and their selectors are now produced using the new 3596 BNF-based datatype package. 3597 3598 Renamed constants: 3599 Option.set ~> set_option 3600 Option.map ~> map_option 3601 option_rel ~> rel_option 3602 3603 Renamed theorems: 3604 set_def ~> set_rec[abs_def] 3605 map_def ~> map_rec[abs_def] 3606 Option.map_def ~> map_option_case[abs_def] (with "case_option" instead of "rec_option") 3607 option.recs ~> option.rec 3608 list_all2_def ~> list_all2_iff 3609 set.simps ~> set_simps (or the slightly different "list.set") 3610 map.simps ~> list.map 3611 hd.simps ~> list.sel(1) 3612 tl.simps ~> list.sel(2-3) 3613 the.simps ~> option.sel 3614 3615INCOMPATIBILITY. 3616 3617* The following map functions and relators have been renamed: 3618 sum_map ~> map_sum 3619 map_pair ~> map_prod 3620 prod_rel ~> rel_prod 3621 sum_rel ~> rel_sum 3622 fun_rel ~> rel_fun 3623 set_rel ~> rel_set 3624 filter_rel ~> rel_filter 3625 fset_rel ~> rel_fset (in "src/HOL/Library/FSet.thy") 3626 cset_rel ~> rel_cset (in "src/HOL/Library/Countable_Set_Type.thy") 3627 vset ~> rel_vset (in "src/HOL/Library/Quotient_Set.thy") 3628 3629INCOMPATIBILITY. 3630 3631* Lifting and Transfer: 3632 - a type variable as a raw type is supported 3633 - stronger reflexivity prover 3634 - rep_eq is always generated by lift_definition 3635 - setup for Lifting/Transfer is now automated for BNFs 3636 + holds for BNFs that do not contain a dead variable 3637 + relator_eq, relator_mono, relator_distr, relator_domain, 3638 relator_eq_onp, quot_map, transfer rules for bi_unique, bi_total, 3639 right_unique, right_total, left_unique, left_total are proved 3640 automatically 3641 + definition of a predicator is generated automatically 3642 + simplification rules for a predicator definition are proved 3643 automatically for datatypes 3644 - consolidation of the setup of Lifting/Transfer 3645 + property that a relator preservers reflexivity is not needed any 3646 more 3647 Minor INCOMPATIBILITY. 3648 + left_total and left_unique rules are now transfer rules 3649 (reflexivity_rule attribute not needed anymore) 3650 INCOMPATIBILITY. 3651 + Domainp does not have to be a separate assumption in 3652 relator_domain theorems (=> more natural statement) 3653 INCOMPATIBILITY. 3654 - registration of code equations is more robust 3655 Potential INCOMPATIBILITY. 3656 - respectfulness proof obligation is preprocessed to a more readable 3657 form 3658 Potential INCOMPATIBILITY. 3659 - eq_onp is always unfolded in respectfulness proof obligation 3660 Potential INCOMPATIBILITY. 3661 - unregister lifting setup for Code_Numeral.integer and 3662 Code_Numeral.natural 3663 Potential INCOMPATIBILITY. 3664 - Lifting.invariant -> eq_onp 3665 INCOMPATIBILITY. 3666 3667* New internal SAT solver "cdclite" that produces models and proof 3668traces. This solver replaces the internal SAT solvers "enumerate" and 3669"dpll". Applications that explicitly used one of these two SAT 3670solvers should use "cdclite" instead. In addition, "cdclite" is now 3671the default SAT solver for the "sat" and "satx" proof methods and 3672corresponding tactics; the old default can be restored using "declare 3673[[sat_solver = zchaff_with_proofs]]". Minor INCOMPATIBILITY. 3674 3675* SMT module: A new version of the SMT module, temporarily called 3676"SMT2", uses SMT-LIB 2 and supports recent versions of Z3 (e.g., 36774.3). The new proof method is called "smt2". CVC3 and CVC4 are also 3678supported as oracles. Yices is no longer supported, because no version 3679of the solver can handle both SMT-LIB 2 and quantifiers. 3680 3681* Activation of Z3 now works via "z3_non_commercial" system option 3682(without requiring restart), instead of former settings variable 3683"Z3_NON_COMMERCIAL". The option can be edited in Isabelle/jEdit menu 3684Plugin Options / Isabelle / General. 3685 3686* Sledgehammer: 3687 - Z3 can now produce Isar proofs. 3688 - MaSh overhaul: 3689 . New SML-based learning algorithms eliminate the dependency on 3690 Python and increase performance and reliability. 3691 . MaSh and MeSh are now used by default together with the 3692 traditional MePo (Meng-Paulson) relevance filter. To disable 3693 MaSh, set the "MaSh" system option in Isabelle/jEdit Plugin 3694 Options / Isabelle / General to "none". 3695 - New option: 3696 smt_proofs 3697 - Renamed options: 3698 isar_compress ~> compress 3699 isar_try0 ~> try0 3700 3701INCOMPATIBILITY. 3702 3703* Removed solvers remote_cvc3 and remote_z3. Use cvc3 and z3 instead. 3704 3705* Nitpick: 3706 - Fixed soundness bug whereby mutually recursive datatypes could 3707 take infinite values. 3708 - Fixed soundness bug with low-level number functions such as 3709 "Abs_Integ" and "Rep_Integ". 3710 - Removed "std" option. 3711 - Renamed "show_datatypes" to "show_types" and "hide_datatypes" to 3712 "hide_types". 3713 3714* Metis: Removed legacy proof method 'metisFT'. Use 'metis 3715(full_types)' instead. INCOMPATIBILITY. 3716 3717* Try0: Added 'algebra' and 'meson' to the set of proof methods. 3718 3719* Adjustion of INF and SUP operations: 3720 - Elongated constants INFI and SUPR to INFIMUM and SUPREMUM. 3721 - Consolidated theorem names containing INFI and SUPR: have INF and 3722 SUP instead uniformly. 3723 - More aggressive normalization of expressions involving INF and Inf 3724 or SUP and Sup. 3725 - INF_image and SUP_image do not unfold composition. 3726 - Dropped facts INF_comp, SUP_comp. 3727 - Default congruence rules strong_INF_cong and strong_SUP_cong, with 3728 simplifier implication in premises. Generalize and replace former 3729 INT_cong, SUP_cong 3730 3731INCOMPATIBILITY. 3732 3733* SUP and INF generalized to conditionally_complete_lattice. 3734 3735* Swapped orientation of facts image_comp and vimage_comp: 3736 3737 image_compose ~> image_comp [symmetric] 3738 image_comp ~> image_comp [symmetric] 3739 vimage_compose ~> vimage_comp [symmetric] 3740 vimage_comp ~> vimage_comp [symmetric] 3741 3742INCOMPATIBILITY. 3743 3744* Theory reorganization: split of Big_Operators.thy into 3745Groups_Big.thy and Lattices_Big.thy. 3746 3747* Consolidated some facts about big group operators: 3748 3749 setsum_0' ~> setsum.neutral 3750 setsum_0 ~> setsum.neutral_const 3751 setsum_addf ~> setsum.distrib 3752 setsum_cartesian_product ~> setsum.cartesian_product 3753 setsum_cases ~> setsum.If_cases 3754 setsum_commute ~> setsum.commute 3755 setsum_cong ~> setsum.cong 3756 setsum_delta ~> setsum.delta 3757 setsum_delta' ~> setsum.delta' 3758 setsum_diff1' ~> setsum.remove 3759 setsum_empty ~> setsum.empty 3760 setsum_infinite ~> setsum.infinite 3761 setsum_insert ~> setsum.insert 3762 setsum_inter_restrict'' ~> setsum.inter_filter 3763 setsum_mono_zero_cong_left ~> setsum.mono_neutral_cong_left 3764 setsum_mono_zero_cong_right ~> setsum.mono_neutral_cong_right 3765 setsum_mono_zero_left ~> setsum.mono_neutral_left 3766 setsum_mono_zero_right ~> setsum.mono_neutral_right 3767 setsum_reindex ~> setsum.reindex 3768 setsum_reindex_cong ~> setsum.reindex_cong 3769 setsum_reindex_nonzero ~> setsum.reindex_nontrivial 3770 setsum_restrict_set ~> setsum.inter_restrict 3771 setsum_Plus ~> setsum.Plus 3772 setsum_setsum_restrict ~> setsum.commute_restrict 3773 setsum_Sigma ~> setsum.Sigma 3774 setsum_subset_diff ~> setsum.subset_diff 3775 setsum_Un_disjoint ~> setsum.union_disjoint 3776 setsum_UN_disjoint ~> setsum.UNION_disjoint 3777 setsum_Un_Int ~> setsum.union_inter 3778 setsum_Union_disjoint ~> setsum.Union_disjoint 3779 setsum_UNION_zero ~> setsum.Union_comp 3780 setsum_Un_zero ~> setsum.union_inter_neutral 3781 strong_setprod_cong ~> setprod.strong_cong 3782 strong_setsum_cong ~> setsum.strong_cong 3783 setprod_1' ~> setprod.neutral 3784 setprod_1 ~> setprod.neutral_const 3785 setprod_cartesian_product ~> setprod.cartesian_product 3786 setprod_cong ~> setprod.cong 3787 setprod_delta ~> setprod.delta 3788 setprod_delta' ~> setprod.delta' 3789 setprod_empty ~> setprod.empty 3790 setprod_infinite ~> setprod.infinite 3791 setprod_insert ~> setprod.insert 3792 setprod_mono_one_cong_left ~> setprod.mono_neutral_cong_left 3793 setprod_mono_one_cong_right ~> setprod.mono_neutral_cong_right 3794 setprod_mono_one_left ~> setprod.mono_neutral_left 3795 setprod_mono_one_right ~> setprod.mono_neutral_right 3796 setprod_reindex ~> setprod.reindex 3797 setprod_reindex_cong ~> setprod.reindex_cong 3798 setprod_reindex_nonzero ~> setprod.reindex_nontrivial 3799 setprod_Sigma ~> setprod.Sigma 3800 setprod_subset_diff ~> setprod.subset_diff 3801 setprod_timesf ~> setprod.distrib 3802 setprod_Un2 ~> setprod.union_diff2 3803 setprod_Un_disjoint ~> setprod.union_disjoint 3804 setprod_UN_disjoint ~> setprod.UNION_disjoint 3805 setprod_Un_Int ~> setprod.union_inter 3806 setprod_Union_disjoint ~> setprod.Union_disjoint 3807 setprod_Un_one ~> setprod.union_inter_neutral 3808 3809 Dropped setsum_cong2 (simple variant of setsum.cong). 3810 Dropped setsum_inter_restrict' (simple variant of setsum.inter_restrict) 3811 Dropped setsum_reindex_id, setprod_reindex_id 3812 (simple variants of setsum.reindex [symmetric], setprod.reindex [symmetric]). 3813 3814INCOMPATIBILITY. 3815 3816* Abolished slightly odd global lattice interpretation for min/max. 3817 3818 Fact consolidations: 3819 min_max.inf_assoc ~> min.assoc 3820 min_max.inf_commute ~> min.commute 3821 min_max.inf_left_commute ~> min.left_commute 3822 min_max.inf_idem ~> min.idem 3823 min_max.inf_left_idem ~> min.left_idem 3824 min_max.inf_right_idem ~> min.right_idem 3825 min_max.sup_assoc ~> max.assoc 3826 min_max.sup_commute ~> max.commute 3827 min_max.sup_left_commute ~> max.left_commute 3828 min_max.sup_idem ~> max.idem 3829 min_max.sup_left_idem ~> max.left_idem 3830 min_max.sup_inf_distrib1 ~> max_min_distrib2 3831 min_max.sup_inf_distrib2 ~> max_min_distrib1 3832 min_max.inf_sup_distrib1 ~> min_max_distrib2 3833 min_max.inf_sup_distrib2 ~> min_max_distrib1 3834 min_max.distrib ~> min_max_distribs 3835 min_max.inf_absorb1 ~> min.absorb1 3836 min_max.inf_absorb2 ~> min.absorb2 3837 min_max.sup_absorb1 ~> max.absorb1 3838 min_max.sup_absorb2 ~> max.absorb2 3839 min_max.le_iff_inf ~> min.absorb_iff1 3840 min_max.le_iff_sup ~> max.absorb_iff2 3841 min_max.inf_le1 ~> min.cobounded1 3842 min_max.inf_le2 ~> min.cobounded2 3843 le_maxI1, min_max.sup_ge1 ~> max.cobounded1 3844 le_maxI2, min_max.sup_ge2 ~> max.cobounded2 3845 min_max.le_infI1 ~> min.coboundedI1 3846 min_max.le_infI2 ~> min.coboundedI2 3847 min_max.le_supI1 ~> max.coboundedI1 3848 min_max.le_supI2 ~> max.coboundedI2 3849 min_max.less_infI1 ~> min.strict_coboundedI1 3850 min_max.less_infI2 ~> min.strict_coboundedI2 3851 min_max.less_supI1 ~> max.strict_coboundedI1 3852 min_max.less_supI2 ~> max.strict_coboundedI2 3853 min_max.inf_mono ~> min.mono 3854 min_max.sup_mono ~> max.mono 3855 min_max.le_infI, min_max.inf_greatest ~> min.boundedI 3856 min_max.le_supI, min_max.sup_least ~> max.boundedI 3857 min_max.le_inf_iff ~> min.bounded_iff 3858 min_max.le_sup_iff ~> max.bounded_iff 3859 3860For min_max.inf_sup_aci, prefer (one of) min.commute, min.assoc, 3861min.left_commute, min.left_idem, max.commute, max.assoc, 3862max.left_commute, max.left_idem directly. 3863 3864For min_max.inf_sup_ord, prefer (one of) min.cobounded1, 3865min.cobounded2, max.cobounded1m max.cobounded2 directly. 3866 3867For min_ac or max_ac, prefer more general collection ac_simps. 3868 3869INCOMPATIBILITY. 3870 3871* Theorem disambiguation Inf_le_Sup (on finite sets) ~> 3872Inf_fin_le_Sup_fin. INCOMPATIBILITY. 3873 3874* Qualified constant names Wellfounded.acc, Wellfounded.accp. 3875INCOMPATIBILITY. 3876 3877* Fact generalization and consolidation: 3878 neq_one_mod_two, mod_2_not_eq_zero_eq_one_int ~> not_mod_2_eq_0_eq_1 3879 3880INCOMPATIBILITY. 3881 3882* Purely algebraic definition of even. Fact generalization and 3883 consolidation: 3884 nat_even_iff_2_dvd, int_even_iff_2_dvd ~> even_iff_2_dvd 3885 even_zero_(nat|int) ~> even_zero 3886 3887INCOMPATIBILITY. 3888 3889* Abolished neg_numeral. 3890 - Canonical representation for minus one is "- 1". 3891 - Canonical representation for other negative numbers is "- (numeral _)". 3892 - When devising rule sets for number calculation, consider the 3893 following canonical cases: 0, 1, numeral _, - 1, - numeral _. 3894 - HOLogic.dest_number also recognizes numerals in non-canonical forms 3895 like "numeral One", "- numeral One", "- 0" and even "- ... - _". 3896 - Syntax for negative numerals is mere input syntax. 3897 3898INCOMPATIBILITY. 3899 3900* Reduced name variants for rules on associativity and commutativity: 3901 3902 add_assoc ~> add.assoc 3903 add_commute ~> add.commute 3904 add_left_commute ~> add.left_commute 3905 mult_assoc ~> mult.assoc 3906 mult_commute ~> mult.commute 3907 mult_left_commute ~> mult.left_commute 3908 nat_add_assoc ~> add.assoc 3909 nat_add_commute ~> add.commute 3910 nat_add_left_commute ~> add.left_commute 3911 nat_mult_assoc ~> mult.assoc 3912 nat_mult_commute ~> mult.commute 3913 eq_assoc ~> iff_assoc 3914 eq_left_commute ~> iff_left_commute 3915 3916INCOMPATIBILITY. 3917 3918* Fact collections add_ac and mult_ac are considered old-fashioned. 3919Prefer ac_simps instead, or specify rules 3920(add|mult).(assoc|commute|left_commute) individually. 3921 3922* Elimination of fact duplicates: 3923 equals_zero_I ~> minus_unique 3924 diff_eq_0_iff_eq ~> right_minus_eq 3925 nat_infinite ~> infinite_UNIV_nat 3926 int_infinite ~> infinite_UNIV_int 3927 3928INCOMPATIBILITY. 3929 3930* Fact name consolidation: 3931 diff_def, diff_minus, ab_diff_minus ~> diff_conv_add_uminus 3932 minus_le_self_iff ~> neg_less_eq_nonneg 3933 le_minus_self_iff ~> less_eq_neg_nonpos 3934 neg_less_nonneg ~> neg_less_pos 3935 less_minus_self_iff ~> less_neg_neg [simp] 3936 3937INCOMPATIBILITY. 3938 3939* More simplification rules on unary and binary minus: 3940add_diff_cancel, add_diff_cancel_left, add_le_same_cancel1, 3941add_le_same_cancel2, add_less_same_cancel1, add_less_same_cancel2, 3942add_minus_cancel, diff_add_cancel, le_add_same_cancel1, 3943le_add_same_cancel2, less_add_same_cancel1, less_add_same_cancel2, 3944minus_add_cancel, uminus_add_conv_diff. These correspondingly have 3945been taken away from fact collections algebra_simps and field_simps. 3946INCOMPATIBILITY. 3947 3948To restore proofs, the following patterns are helpful: 3949 3950a) Arbitrary failing proof not involving "diff_def": 3951Consider simplification with algebra_simps or field_simps. 3952 3953b) Lifting rules from addition to subtraction: 3954Try with "using <rule for addition> of [... "- _" ...]" by simp". 3955 3956c) Simplification with "diff_def": just drop "diff_def". 3957Consider simplification with algebra_simps or field_simps; 3958or the brute way with 3959"simp add: diff_conv_add_uminus del: add_uminus_conv_diff". 3960 3961* Introduce bdd_above and bdd_below in theory 3962Conditionally_Complete_Lattices, use them instead of explicitly 3963stating boundedness of sets. 3964 3965* ccpo.admissible quantifies only over non-empty chains to allow more 3966syntax-directed proof rules; the case of the empty chain shows up as 3967additional case in fixpoint induction proofs. INCOMPATIBILITY. 3968 3969* Removed and renamed theorems in Series: 3970 summable_le ~> suminf_le 3971 suminf_le ~> suminf_le_const 3972 series_pos_le ~> setsum_le_suminf 3973 series_pos_less ~> setsum_less_suminf 3974 suminf_ge_zero ~> suminf_nonneg 3975 suminf_gt_zero ~> suminf_pos 3976 suminf_gt_zero_iff ~> suminf_pos_iff 3977 summable_sumr_LIMSEQ_suminf ~> summable_LIMSEQ 3978 suminf_0_le ~> suminf_nonneg [rotate] 3979 pos_summable ~> summableI_nonneg_bounded 3980 ratio_test ~> summable_ratio_test 3981 3982 removed series_zero, replaced by sums_finite 3983 3984 removed auxiliary lemmas: 3985 3986 sumr_offset, sumr_offset2, sumr_offset3, sumr_offset4, sumr_group, 3987 half, le_Suc_ex_iff, lemma_realpow_diff_sumr, 3988 real_setsum_nat_ivl_bounded, summable_le2, ratio_test_lemma2, 3989 sumr_minus_one_realpow_zerom, sumr_one_lb_realpow_zero, 3990 summable_convergent_sumr_iff, sumr_diff_mult_const 3991 3992INCOMPATIBILITY. 3993 3994* Replace (F)DERIV syntax by has_derivative: 3995 - "(f has_derivative f') (at x within s)" replaces "FDERIV f x : s : f'" 3996 3997 - "(f has_field_derivative f') (at x within s)" replaces "DERIV f x : s : f'" 3998 3999 - "f differentiable at x within s" replaces "_ differentiable _ in _" syntax 4000 4001 - removed constant isDiff 4002 4003 - "DERIV f x : f'" and "FDERIV f x : f'" syntax is only available as 4004 input syntax. 4005 4006 - "DERIV f x : s : f'" and "FDERIV f x : s : f'" syntax removed. 4007 4008 - Renamed FDERIV_... lemmas to has_derivative_... 4009 4010 - renamed deriv (the syntax constant used for "DERIV _ _ :> _") to DERIV 4011 4012 - removed DERIV_intros, has_derivative_eq_intros 4013 4014 - introduced derivative_intros and deriative_eq_intros which 4015 includes now rules for DERIV, has_derivative and 4016 has_vector_derivative. 4017 4018 - Other renamings: 4019 differentiable_def ~> real_differentiable_def 4020 differentiableE ~> real_differentiableE 4021 fderiv_def ~> has_derivative_at 4022 field_fderiv_def ~> field_has_derivative_at 4023 isDiff_der ~> differentiable_def 4024 deriv_fderiv ~> has_field_derivative_def 4025 deriv_def ~> DERIV_def 4026 4027INCOMPATIBILITY. 4028 4029* Include more theorems in continuous_intros. Remove the 4030continuous_on_intros, isCont_intros collections, these facts are now 4031in continuous_intros. 4032 4033* Theorems about complex numbers are now stated only using Re and Im, 4034the Complex constructor is not used anymore. It is possible to use 4035primcorec to defined the behaviour of a complex-valued function. 4036 4037Removed theorems about the Complex constructor from the simpset, they 4038are available as the lemma collection legacy_Complex_simps. This 4039especially removes 4040 4041 i_complex_of_real: "ii * complex_of_real r = Complex 0 r". 4042 4043Instead the reverse direction is supported with 4044 Complex_eq: "Complex a b = a + \<i> * b" 4045 4046Moved csqrt from Fundamental_Algebra_Theorem to Complex. 4047 4048 Renamings: 4049 Re/Im ~> complex.sel 4050 complex_Re/Im_zero ~> zero_complex.sel 4051 complex_Re/Im_add ~> plus_complex.sel 4052 complex_Re/Im_minus ~> uminus_complex.sel 4053 complex_Re/Im_diff ~> minus_complex.sel 4054 complex_Re/Im_one ~> one_complex.sel 4055 complex_Re/Im_mult ~> times_complex.sel 4056 complex_Re/Im_inverse ~> inverse_complex.sel 4057 complex_Re/Im_scaleR ~> scaleR_complex.sel 4058 complex_Re/Im_i ~> ii.sel 4059 complex_Re/Im_cnj ~> cnj.sel 4060 Re/Im_cis ~> cis.sel 4061 4062 complex_divide_def ~> divide_complex_def 4063 complex_norm_def ~> norm_complex_def 4064 cmod_def ~> norm_complex_de 4065 4066 Removed theorems: 4067 complex_zero_def 4068 complex_add_def 4069 complex_minus_def 4070 complex_diff_def 4071 complex_one_def 4072 complex_mult_def 4073 complex_inverse_def 4074 complex_scaleR_def 4075 4076INCOMPATIBILITY. 4077 4078* Theory Lubs moved HOL image to HOL-Library. It is replaced by 4079Conditionally_Complete_Lattices. INCOMPATIBILITY. 4080 4081* HOL-Library: new theory src/HOL/Library/Tree.thy. 4082 4083* HOL-Library: removed theory src/HOL/Library/Kleene_Algebra.thy; it 4084is subsumed by session Kleene_Algebra in AFP. 4085 4086* HOL-Library / theory RBT: various constants and facts are hidden; 4087lifting setup is unregistered. INCOMPATIBILITY. 4088 4089* HOL-Cardinals: new theory src/HOL/Cardinals/Ordinal_Arithmetic.thy. 4090 4091* HOL-Word: bit representations prefer type bool over type bit. 4092INCOMPATIBILITY. 4093 4094* HOL-Word: 4095 - Abandoned fact collection "word_arith_alts", which is a duplicate 4096 of "word_arith_wis". 4097 - Dropped first (duplicated) element in fact collections 4098 "sint_word_ariths", "word_arith_alts", "uint_word_ariths", 4099 "uint_word_arith_bintrs". 4100 4101* HOL-Number_Theory: 4102 - consolidated the proofs of the binomial theorem 4103 - the function fib is again of type nat => nat and not overloaded 4104 - no more references to Old_Number_Theory in the HOL libraries 4105 (except the AFP) 4106 4107INCOMPATIBILITY. 4108 4109* HOL-Multivariate_Analysis: 4110 - Type class ordered_real_vector for ordered vector spaces. 4111 - New theory Complex_Basic_Analysis defining complex derivatives, 4112 holomorphic functions, etc., ported from HOL Light's canal.ml. 4113 - Changed order of ordered_euclidean_space to be compatible with 4114 pointwise ordering on products. Therefore instance of 4115 conditionally_complete_lattice and ordered_real_vector. 4116 INCOMPATIBILITY: use box instead of greaterThanLessThan or 4117 explicit set-comprehensions with eucl_less for other (half-)open 4118 intervals. 4119 - removed dependencies on type class ordered_euclidean_space with 4120 introduction of "cbox" on euclidean_space 4121 - renamed theorems: 4122 interval ~> box 4123 mem_interval ~> mem_box 4124 interval_eq_empty ~> box_eq_empty 4125 interval_ne_empty ~> box_ne_empty 4126 interval_sing(1) ~> cbox_sing 4127 interval_sing(2) ~> box_sing 4128 subset_interval_imp ~> subset_box_imp 4129 subset_interval ~> subset_box 4130 open_interval ~> open_box 4131 closed_interval ~> closed_cbox 4132 interior_closed_interval ~> interior_cbox 4133 bounded_closed_interval ~> bounded_cbox 4134 compact_interval ~> compact_cbox 4135 bounded_subset_closed_interval_symmetric ~> bounded_subset_cbox_symmetric 4136 bounded_subset_closed_interval ~> bounded_subset_cbox 4137 mem_interval_componentwiseI ~> mem_box_componentwiseI 4138 convex_box ~> convex_prod 4139 rel_interior_real_interval ~> rel_interior_real_box 4140 convex_interval ~> convex_box 4141 convex_hull_eq_real_interval ~> convex_hull_eq_real_cbox 4142 frechet_derivative_within_closed_interval ~> frechet_derivative_within_cbox 4143 content_closed_interval' ~> content_cbox' 4144 elementary_subset_interval ~> elementary_subset_box 4145 diameter_closed_interval ~> diameter_cbox 4146 frontier_closed_interval ~> frontier_cbox 4147 frontier_open_interval ~> frontier_box 4148 bounded_subset_open_interval_symmetric ~> bounded_subset_box_symmetric 4149 closure_open_interval ~> closure_box 4150 open_closed_interval_convex ~> open_cbox_convex 4151 open_interval_midpoint ~> box_midpoint 4152 content_image_affinity_interval ~> content_image_affinity_cbox 4153 is_interval_interval ~> is_interval_cbox + is_interval_box + is_interval_closed_interval 4154 bounded_interval ~> bounded_closed_interval + bounded_boxes 4155 4156 - respective theorems for intervals over the reals: 4157 content_closed_interval + content_cbox 4158 has_integral + has_integral_real 4159 fine_division_exists + fine_division_exists_real 4160 has_integral_null + has_integral_null_real 4161 tagged_division_union_interval + tagged_division_union_interval_real 4162 has_integral_const + has_integral_const_real 4163 integral_const + integral_const_real 4164 has_integral_bound + has_integral_bound_real 4165 integrable_continuous + integrable_continuous_real 4166 integrable_subinterval + integrable_subinterval_real 4167 has_integral_reflect_lemma + has_integral_reflect_lemma_real 4168 integrable_reflect + integrable_reflect_real 4169 integral_reflect + integral_reflect_real 4170 image_affinity_interval + image_affinity_cbox 4171 image_smult_interval + image_smult_cbox 4172 integrable_const + integrable_const_ivl 4173 integrable_on_subinterval + integrable_on_subcbox 4174 4175 - renamed theorems: 4176 derivative_linear ~> has_derivative_bounded_linear 4177 derivative_is_linear ~> has_derivative_linear 4178 bounded_linear_imp_linear ~> bounded_linear.linear 4179 4180* HOL-Probability: 4181 - Renamed positive_integral to nn_integral: 4182 4183 . Renamed all lemmas "*positive_integral*" to *nn_integral*" 4184 positive_integral_positive ~> nn_integral_nonneg 4185 4186 . Renamed abbreviation integral\<^sup>P to integral\<^sup>N. 4187 4188 - replaced the Lebesgue integral on real numbers by the more general 4189 Bochner integral for functions into a real-normed vector space. 4190 4191 integral_zero ~> integral_zero / integrable_zero 4192 integral_minus ~> integral_minus / integrable_minus 4193 integral_add ~> integral_add / integrable_add 4194 integral_diff ~> integral_diff / integrable_diff 4195 integral_setsum ~> integral_setsum / integrable_setsum 4196 integral_multc ~> integral_mult_left / integrable_mult_left 4197 integral_cmult ~> integral_mult_right / integrable_mult_right 4198 integral_triangle_inequality~> integral_norm_bound 4199 integrable_nonneg ~> integrableI_nonneg 4200 integral_positive ~> integral_nonneg_AE 4201 integrable_abs_iff ~> integrable_abs_cancel 4202 positive_integral_lim_INF ~> nn_integral_liminf 4203 lebesgue_real_affine ~> lborel_real_affine 4204 borel_integral_has_integral ~> has_integral_lebesgue_integral 4205 integral_indicator ~> 4206 integral_real_indicator / integrable_real_indicator 4207 positive_integral_fst ~> nn_integral_fst' 4208 positive_integral_fst_measurable ~> nn_integral_fst 4209 positive_integral_snd_measurable ~> nn_integral_snd 4210 4211 integrable_fst_measurable ~> 4212 integral_fst / integrable_fst / AE_integrable_fst 4213 4214 integrable_snd_measurable ~> 4215 integral_snd / integrable_snd / AE_integrable_snd 4216 4217 integral_monotone_convergence ~> 4218 integral_monotone_convergence / integrable_monotone_convergence 4219 4220 integral_monotone_convergence_at_top ~> 4221 integral_monotone_convergence_at_top / 4222 integrable_monotone_convergence_at_top 4223 4224 has_integral_iff_positive_integral_lebesgue ~> 4225 has_integral_iff_has_bochner_integral_lebesgue_nonneg 4226 4227 lebesgue_integral_has_integral ~> 4228 has_integral_integrable_lebesgue_nonneg 4229 4230 positive_integral_lebesgue_has_integral ~> 4231 integral_has_integral_lebesgue_nonneg / 4232 integrable_has_integral_lebesgue_nonneg 4233 4234 lebesgue_integral_real_affine ~> 4235 nn_integral_real_affine 4236 4237 has_integral_iff_positive_integral_lborel ~> 4238 integral_has_integral_nonneg / integrable_has_integral_nonneg 4239 4240 The following theorems where removed: 4241 4242 lebesgue_integral_nonneg 4243 lebesgue_integral_uminus 4244 lebesgue_integral_cmult 4245 lebesgue_integral_multc 4246 lebesgue_integral_cmult_nonneg 4247 integral_cmul_indicator 4248 integral_real 4249 4250 - Formalized properties about exponentially, Erlang, and normal 4251 distributed random variables. 4252 4253* HOL-Decision_Procs: Separate command 'approximate' for approximative 4254computation in src/HOL/Decision_Procs/Approximation. Minor 4255INCOMPATIBILITY. 4256 4257 4258*** Scala *** 4259 4260* The signature and semantics of Document.Snapshot.cumulate_markup / 4261select_markup have been clarified. Markup is now traversed in the 4262order of reports given by the prover: later markup is usually more 4263specific and may override results accumulated so far. The elements 4264guard is mandatory and checked precisely. Subtle INCOMPATIBILITY. 4265 4266* Substantial reworking of internal PIDE protocol communication 4267channels. INCOMPATIBILITY. 4268 4269 4270*** ML *** 4271 4272* Subtle change of semantics of Thm.eq_thm: theory stamps are not 4273compared (according to Thm.thm_ord), but assumed to be covered by the 4274current background theory. Thus equivalent data produced in different 4275branches of the theory graph usually coincides (e.g. relevant for 4276theory merge). Note that the softer Thm.eq_thm_prop is often more 4277appropriate than Thm.eq_thm. 4278 4279* Proper context for basic Simplifier operations: rewrite_rule, 4280rewrite_goals_rule, rewrite_goals_tac etc. INCOMPATIBILITY, need to 4281pass runtime Proof.context (and ensure that the simplified entity 4282actually belongs to it). 4283 4284* Proper context discipline for read_instantiate and instantiate_tac: 4285variables that are meant to become schematic need to be given as 4286fixed, and are generalized by the explicit context of local variables. 4287This corresponds to Isar attributes "where" and "of" with 'for' 4288declaration. INCOMPATIBILITY, also due to potential change of indices 4289of schematic variables. 4290 4291* Moved ML_Compiler.exn_trace and other operations on exceptions to 4292structure Runtime. Minor INCOMPATIBILITY. 4293 4294* Discontinued old Toplevel.debug in favour of system option 4295"ML_exception_trace", which may be also declared within the context 4296via "declare [[ML_exception_trace = true]]". Minor INCOMPATIBILITY. 4297 4298* Renamed configuration option "ML_trace" to "ML_source_trace". Minor 4299INCOMPATIBILITY. 4300 4301* Configuration option "ML_print_depth" controls the pretty-printing 4302depth of the ML compiler within the context. The old print_depth in 4303ML is still available as default_print_depth, but rarely used. Minor 4304INCOMPATIBILITY. 4305 4306* Toplevel function "use" refers to raw ML bootstrap environment, 4307without Isar context nor antiquotations. Potential INCOMPATIBILITY. 4308Note that 'ML_file' is the canonical command to load ML files into the 4309formal context. 4310 4311* Simplified programming interface to define ML antiquotations, see 4312structure ML_Antiquotation. Minor INCOMPATIBILITY. 4313 4314* ML antiquotation @{here} refers to its source position, which is 4315occasionally useful for experimentation and diagnostic purposes. 4316 4317* ML antiquotation @{path} produces a Path.T value, similarly to 4318Path.explode, but with compile-time check against the file-system and 4319some PIDE markup. Note that unlike theory source, ML does not have a 4320well-defined master directory, so an absolute symbolic path 4321specification is usually required, e.g. "~~/src/HOL". 4322 4323* ML antiquotation @{print} inlines a function to print an arbitrary 4324ML value, which is occasionally useful for diagnostic or demonstration 4325purposes. 4326 4327 4328*** System *** 4329 4330* Proof General with its traditional helper scripts is now an optional 4331Isabelle component, e.g. see ProofGeneral-4.2-2 from the Isabelle 4332component repository http://isabelle.in.tum.de/components/. Note that 4333the "system" manual provides general explanations about add-on 4334components, especially those that are not bundled with the release. 4335 4336* The raw Isabelle process executable has been renamed from 4337"isabelle-process" to "isabelle_process", which conforms to common 4338shell naming conventions, and allows to define a shell function within 4339the Isabelle environment to avoid dynamic path lookup. Rare 4340incompatibility for old tools that do not use the ISABELLE_PROCESS 4341settings variable. 4342 4343* Former "isabelle tty" has been superseded by "isabelle console", 4344with implicit build like "isabelle jedit", and without the mostly 4345obsolete Isar TTY loop. 4346 4347* Simplified "isabelle display" tool. Settings variables DVI_VIEWER 4348and PDF_VIEWER now refer to the actual programs, not shell 4349command-lines. Discontinued option -c: invocation may be asynchronous 4350via desktop environment, without any special precautions. Potential 4351INCOMPATIBILITY with ambitious private settings. 4352 4353* Removed obsolete "isabelle unsymbolize". Note that the usual format 4354for email communication is the Unicode rendering of Isabelle symbols, 4355as produced by Isabelle/jEdit, for example. 4356 4357* Removed obsolete tool "wwwfind". Similar functionality may be 4358integrated into Isabelle/jEdit eventually. 4359 4360* Improved 'display_drafts' concerning desktop integration and 4361repeated invocation in PIDE front-end: re-use single file 4362$ISABELLE_HOME_USER/tmp/drafts.pdf and corresponding views. 4363 4364* Session ROOT specifications require explicit 'document_files' for 4365robust dependencies on LaTeX sources. Only these explicitly given 4366files are copied to the document output directory, before document 4367processing is started. 4368 4369* Windows: support for regular TeX installation (e.g. MiKTeX) instead 4370of TeX Live from Cygwin. 4371 4372 4373 4374New in Isabelle2013-2 (December 2013) 4375------------------------------------- 4376 4377*** Prover IDE -- Isabelle/Scala/jEdit *** 4378 4379* More robust editing of running commands with internal forks, 4380e.g. non-terminating 'by' steps. 4381 4382* More relaxed Sledgehammer panel: avoid repeated application of query 4383after edits surrounding the command location. 4384 4385* More status information about commands that are interrupted 4386accidentally (via physical event or Poly/ML runtime system signal, 4387e.g. out-of-memory). 4388 4389 4390*** System *** 4391 4392* More robust termination of external processes managed by 4393Isabelle/ML: support cancellation of tasks within the range of 4394milliseconds, as required for PIDE document editing with automatically 4395tried tools (e.g. Sledgehammer). 4396 4397* Reactivated Isabelle/Scala kill command for external processes on 4398Mac OS X, which was accidentally broken in Isabelle2013-1 due to a 4399workaround for some Debian/Ubuntu Linux versions from 2013. 4400 4401 4402 4403New in Isabelle2013-1 (November 2013) 4404------------------------------------- 4405 4406*** General *** 4407 4408* Discontinued obsolete 'uses' within theory header. Note that 4409commands like 'ML_file' work without separate declaration of file 4410dependencies. Minor INCOMPATIBILITY. 4411 4412* Discontinued redundant 'use' command, which was superseded by 4413'ML_file' in Isabelle2013. Minor INCOMPATIBILITY. 4414 4415* Simplified subscripts within identifiers, using plain \<^sub> 4416instead of the second copy \<^isub> and \<^isup>. Superscripts are 4417only for literal tokens within notation; explicit mixfix annotations 4418for consts or fixed variables may be used as fall-back for unusual 4419names. Obsolete \<twosuperior> has been expanded to \<^sup>2 in 4420Isabelle/HOL. INCOMPATIBILITY, use "isabelle update_sub_sup" to 4421standardize symbols as a starting point for further manual cleanup. 4422The ML reference variable "legacy_isub_isup" may be set as temporary 4423workaround, to make the prover accept a subset of the old identifier 4424syntax. 4425 4426* Document antiquotations: term style "isub" has been renamed to 4427"sub". Minor INCOMPATIBILITY. 4428 4429* Uniform management of "quick_and_dirty" as system option (see also 4430"isabelle options"), configuration option within the context (see also 4431Config.get in Isabelle/ML), and attribute in Isabelle/Isar. Minor 4432INCOMPATIBILITY, need to use more official Isabelle means to access 4433quick_and_dirty, instead of historical poking into mutable reference. 4434 4435* Renamed command 'print_configs' to 'print_options'. Minor 4436INCOMPATIBILITY. 4437 4438* Proper diagnostic command 'print_state'. Old 'pr' (with its 4439implicit change of some global references) is retained for now as 4440control command, e.g. for ProofGeneral 3.7.x. 4441 4442* Discontinued 'print_drafts' command with its old-fashioned PS output 4443and Unix command-line print spooling. Minor INCOMPATIBILITY: use 4444'display_drafts' instead and print via the regular document viewer. 4445 4446* Updated and extended "isar-ref" and "implementation" manual, 4447eliminated old "ref" manual. 4448 4449 4450*** Prover IDE -- Isabelle/Scala/jEdit *** 4451 4452* New manual "jedit" for Isabelle/jEdit, see isabelle doc or 4453Documentation panel. 4454 4455* Dockable window "Documentation" provides access to Isabelle 4456documentation. 4457 4458* Dockable window "Find" provides query operations for formal entities 4459(GUI front-end to 'find_theorems' command). 4460 4461* Dockable window "Sledgehammer" manages asynchronous / parallel 4462sledgehammer runs over existing document sources, independently of 4463normal editing and checking process. 4464 4465* Dockable window "Timing" provides an overview of relevant command 4466timing information, depending on option jedit_timing_threshold. The 4467same timing information is shown in the extended tooltip of the 4468command keyword, when hovering the mouse over it while the CONTROL or 4469COMMAND modifier is pressed. 4470 4471* Improved dockable window "Theories": Continuous checking of proof 4472document (visible and required parts) may be controlled explicitly, 4473using check box or shortcut "C+e ENTER". Individual theory nodes may 4474be marked explicitly as required and checked in full, using check box 4475or shortcut "C+e SPACE". 4476 4477* Improved completion mechanism, which is now managed by the 4478Isabelle/jEdit plugin instead of SideKick. Refined table of Isabelle 4479symbol abbreviations (see $ISABELLE_HOME/etc/symbols). 4480 4481* Standard jEdit keyboard shortcut C+b complete-word is remapped to 4482isabelle.complete for explicit completion in Isabelle sources. 4483INCOMPATIBILITY wrt. jEdit defaults, may have to invent new shortcuts 4484to resolve conflict. 4485 4486* Improved support of various "minor modes" for Isabelle NEWS, 4487options, session ROOT etc., with completion and SideKick tree view. 4488 4489* Strictly monotonic document update, without premature cancellation of 4490running transactions that are still needed: avoid reset/restart of 4491such command executions while editing. 4492 4493* Support for asynchronous print functions, as overlay to existing 4494document content. 4495 4496* Support for automatic tools in HOL, which try to prove or disprove 4497toplevel theorem statements. 4498 4499* Action isabelle.reset-font-size resets main text area font size 4500according to Isabelle/Scala plugin option "jedit_font_reset_size" (see 4501also "Plugin Options / Isabelle / General"). It can be bound to some 4502keyboard shortcut by the user (e.g. C+0 and/or C+NUMPAD0). 4503 4504* File specifications in jEdit (e.g. file browser) may refer to 4505$ISABELLE_HOME and $ISABELLE_HOME_USER on all platforms. Discontinued 4506obsolete $ISABELLE_HOME_WINDOWS variable. 4507 4508* Improved support for Linux look-and-feel "GTK+", see also "Utilities 4509/ Global Options / Appearance". 4510 4511* Improved support of native Mac OS X functionality via "MacOSX" 4512plugin, which is now enabled by default. 4513 4514 4515*** Pure *** 4516 4517* Commands 'interpretation' and 'sublocale' are now target-sensitive. 4518In particular, 'interpretation' allows for non-persistent 4519interpretation within "context ... begin ... end" blocks offering a 4520light-weight alternative to 'sublocale'. See "isar-ref" manual for 4521details. 4522 4523* Improved locales diagnostic command 'print_dependencies'. 4524 4525* Discontinued obsolete 'axioms' command, which has been marked as 4526legacy since Isabelle2009-2. INCOMPATIBILITY, use 'axiomatization' 4527instead, while observing its uniform scope for polymorphism. 4528 4529* Discontinued empty name bindings in 'axiomatization'. 4530INCOMPATIBILITY. 4531 4532* System option "proofs" has been discontinued. Instead the global 4533state of Proofterm.proofs is persistently compiled into logic images 4534as required, notably HOL-Proofs. Users no longer need to change 4535Proofterm.proofs dynamically. Minor INCOMPATIBILITY. 4536 4537* Syntax translation functions (print_translation etc.) always depend 4538on Proof.context. Discontinued former "(advanced)" option -- this is 4539now the default. Minor INCOMPATIBILITY. 4540 4541* Former global reference trace_unify_fail is now available as 4542configuration option "unify_trace_failure" (global context only). 4543 4544* SELECT_GOAL now retains the syntactic context of the overall goal 4545state (schematic variables etc.). Potential INCOMPATIBILITY in rare 4546situations. 4547 4548 4549*** HOL *** 4550 4551* Stronger precedence of syntax for big intersection and union on 4552sets, in accordance with corresponding lattice operations. 4553INCOMPATIBILITY. 4554 4555* Notation "{p:A. P}" now allows tuple patterns as well. 4556 4557* Nested case expressions are now translated in a separate check phase 4558rather than during parsing. The data for case combinators is separated 4559from the datatype package. The declaration attribute 4560"case_translation" can be used to register new case combinators: 4561 4562 declare [[case_translation case_combinator constructor1 ... constructorN]] 4563 4564* Code generator: 4565 - 'code_printing' unifies 'code_const' / 'code_type' / 'code_class' / 4566 'code_instance'. 4567 - 'code_identifier' declares name hints for arbitrary identifiers in 4568 generated code, subsuming 'code_modulename'. 4569 4570See the isar-ref manual for syntax diagrams, and the HOL theories for 4571examples. 4572 4573* Attibute 'code': 'code' now declares concrete and abstract code 4574equations uniformly. Use explicit 'code equation' and 'code abstract' 4575to distinguish both when desired. 4576 4577* Discontinued theories Code_Integer and Efficient_Nat by a more 4578fine-grain stack of theories Code_Target_Int, Code_Binary_Nat, 4579Code_Target_Nat and Code_Target_Numeral. See the tutorial on code 4580generation for details. INCOMPATIBILITY. 4581 4582* Numeric types are mapped by default to target language numerals: 4583natural (replaces former code_numeral) and integer (replaces former 4584code_int). Conversions are available as integer_of_natural / 4585natural_of_integer / integer_of_nat / nat_of_integer (in HOL) and 4586Code_Numeral.integer_of_natural / Code_Numeral.natural_of_integer (in 4587ML). INCOMPATIBILITY. 4588 4589* Function package: For mutually recursive functions f and g, separate 4590cases rules f.cases and g.cases are generated instead of unusable 4591f_g.cases which exposed internal sum types. Potential INCOMPATIBILITY, 4592in the case that the unusable rule was used nevertheless. 4593 4594* Function package: For each function f, new rules f.elims are 4595generated, which eliminate equalities of the form "f x = t". 4596 4597* New command 'fun_cases' derives ad-hoc elimination rules for 4598function equations as simplified instances of f.elims, analogous to 4599inductive_cases. See ~~/src/HOL/ex/Fundefs.thy for some examples. 4600 4601* Lifting: 4602 - parametrized correspondence relations are now supported: 4603 + parametricity theorems for the raw term can be specified in 4604 the command lift_definition, which allow us to generate stronger 4605 transfer rules 4606 + setup_lifting generates stronger transfer rules if parametric 4607 correspondence relation can be generated 4608 + various new properties of the relator must be specified to support 4609 parametricity 4610 + parametricity theorem for the Quotient relation can be specified 4611 - setup_lifting generates domain rules for the Transfer package 4612 - stronger reflexivity prover of respectfulness theorems for type 4613 copies 4614 - ===> and --> are now local. The symbols can be introduced 4615 by interpreting the locale lifting_syntax (typically in an 4616 anonymous context) 4617 - Lifting/Transfer relevant parts of Library/Quotient_* are now in 4618 Main. Potential INCOMPATIBILITY 4619 - new commands for restoring and deleting Lifting/Transfer context: 4620 lifting_forget, lifting_update 4621 - the command print_quotmaps was renamed to print_quot_maps. 4622 INCOMPATIBILITY 4623 4624* Transfer: 4625 - better support for domains in Transfer: replace Domainp T 4626 by the actual invariant in a transferred goal 4627 - transfer rules can have as assumptions other transfer rules 4628 - Experimental support for transferring from the raw level to the 4629 abstract level: Transfer.transferred attribute 4630 - Attribute version of the transfer method: untransferred attribute 4631 4632* Reification and reflection: 4633 - Reification is now directly available in HOL-Main in structure 4634 "Reification". 4635 - Reflection now handles multiple lists with variables also. 4636 - The whole reflection stack has been decomposed into conversions. 4637INCOMPATIBILITY. 4638 4639* Revised devices for recursive definitions over finite sets: 4640 - Only one fundamental fold combinator on finite set remains: 4641 Finite_Set.fold :: ('a => 'b => 'b) => 'b => 'a set => 'b 4642 This is now identity on infinite sets. 4643 - Locales ("mini packages") for fundamental definitions with 4644 Finite_Set.fold: folding, folding_idem. 4645 - Locales comm_monoid_set, semilattice_order_set and 4646 semilattice_neutr_order_set for big operators on sets. 4647 See theory Big_Operators for canonical examples. 4648 Note that foundational constants comm_monoid_set.F and 4649 semilattice_set.F correspond to former combinators fold_image 4650 and fold1 respectively. These are now gone. You may use 4651 those foundational constants as substitutes, but it is 4652 preferable to interpret the above locales accordingly. 4653 - Dropped class ab_semigroup_idem_mult (special case of lattice, 4654 no longer needed in connection with Finite_Set.fold etc.) 4655 - Fact renames: 4656 card.union_inter ~> card_Un_Int [symmetric] 4657 card.union_disjoint ~> card_Un_disjoint 4658INCOMPATIBILITY. 4659 4660* Locale hierarchy for abstract orderings and (semi)lattices. 4661 4662* Complete_Partial_Order.admissible is defined outside the type class 4663ccpo, but with mandatory prefix ccpo. Admissibility theorems lose the 4664class predicate assumption or sort constraint when possible. 4665INCOMPATIBILITY. 4666 4667* Introduce type class "conditionally_complete_lattice": Like a 4668complete lattice but does not assume the existence of the top and 4669bottom elements. Allows to generalize some lemmas about reals and 4670extended reals. Removed SupInf and replaced it by the instantiation 4671of conditionally_complete_lattice for real. Renamed lemmas about 4672conditionally-complete lattice from Sup_... to cSup_... and from 4673Inf_... to cInf_... to avoid hidding of similar complete lattice 4674lemmas. 4675 4676* Introduce type class linear_continuum as combination of 4677conditionally-complete lattices and inner dense linorders which have 4678more than one element. INCOMPATIBILITY. 4679 4680* Introduced type classes order_top and order_bot. The old classes top 4681and bot only contain the syntax without assumptions. INCOMPATIBILITY: 4682Rename bot -> order_bot, top -> order_top 4683 4684* Introduce type classes "no_top" and "no_bot" for orderings without 4685top and bottom elements. 4686 4687* Split dense_linorder into inner_dense_order and no_top, no_bot. 4688 4689* Complex_Main: Unify and move various concepts from 4690HOL-Multivariate_Analysis to HOL-Complex_Main. 4691 4692 - Introduce type class (lin)order_topology and 4693 linear_continuum_topology. Allows to generalize theorems about 4694 limits and order. Instances are reals and extended reals. 4695 4696 - continuous and continuos_on from Multivariate_Analysis: 4697 "continuous" is the continuity of a function at a filter. "isCont" 4698 is now an abbrevitation: "isCont x f == continuous (at _) f". 4699 4700 Generalized continuity lemmas from isCont to continuous on an 4701 arbitrary filter. 4702 4703 - compact from Multivariate_Analysis. Use Bolzano's lemma to prove 4704 compactness of closed intervals on reals. Continuous functions 4705 attain infimum and supremum on compact sets. The inverse of a 4706 continuous function is continuous, when the function is continuous 4707 on a compact set. 4708 4709 - connected from Multivariate_Analysis. Use it to prove the 4710 intermediate value theorem. Show connectedness of intervals on 4711 linear_continuum_topology). 4712 4713 - first_countable_topology from Multivariate_Analysis. Is used to 4714 show equivalence of properties on the neighbourhood filter of x and 4715 on all sequences converging to x. 4716 4717 - FDERIV: Definition of has_derivative moved to Deriv.thy. Moved 4718 theorems from Library/FDERIV.thy to Deriv.thy and base the 4719 definition of DERIV on FDERIV. Add variants of DERIV and FDERIV 4720 which are restricted to sets, i.e. to represent derivatives from 4721 left or right. 4722 4723 - Removed the within-filter. It is replaced by the principal filter: 4724 4725 F within X = inf F (principal X) 4726 4727 - Introduce "at x within U" as a single constant, "at x" is now an 4728 abbreviation for "at x within UNIV" 4729 4730 - Introduce named theorem collections tendsto_intros, 4731 continuous_intros, continuous_on_intros and FDERIV_intros. Theorems 4732 in tendsto_intros (or FDERIV_intros) are also available as 4733 tendsto_eq_intros (or FDERIV_eq_intros) where the right-hand side 4734 is replaced by a congruence rule. This allows to apply them as 4735 intro rules and then proving equivalence by the simplifier. 4736 4737 - Restructured theories in HOL-Complex_Main: 4738 4739 + Moved RealDef and RComplete into Real 4740 4741 + Introduced Topological_Spaces and moved theorems about 4742 topological spaces, filters, limits and continuity to it 4743 4744 + Renamed RealVector to Real_Vector_Spaces 4745 4746 + Split Lim, SEQ, Series into Topological_Spaces, 4747 Real_Vector_Spaces, and Limits 4748 4749 + Moved Ln and Log to Transcendental 4750 4751 + Moved theorems about continuity from Deriv to Topological_Spaces 4752 4753 - Remove various auxiliary lemmas. 4754 4755INCOMPATIBILITY. 4756 4757* Nitpick: 4758 - Added option "spy". 4759 - Reduce incidence of "too high arity" errors. 4760 4761* Sledgehammer: 4762 - Renamed option: 4763 isar_shrink ~> isar_compress 4764 INCOMPATIBILITY. 4765 - Added options "isar_try0", "spy". 4766 - Better support for "isar_proofs". 4767 - MaSh has been fined-tuned and now runs as a local server. 4768 4769* Improved support for ad hoc overloading of constants (see also 4770isar-ref manual and ~~/src/HOL/ex/Adhoc_Overloading_Examples.thy). 4771 4772* Library/Polynomial.thy: 4773 - Use lifting for primitive definitions. 4774 - Explicit conversions from and to lists of coefficients, used for 4775 generated code. 4776 - Replaced recursion operator poly_rec by fold_coeffs. 4777 - Prefer pre-existing gcd operation for gcd. 4778 - Fact renames: 4779 poly_eq_iff ~> poly_eq_poly_eq_iff 4780 poly_ext ~> poly_eqI 4781 expand_poly_eq ~> poly_eq_iff 4782IMCOMPATIBILITY. 4783 4784* New Library/Simps_Case_Conv.thy: Provides commands simps_of_case and 4785case_of_simps to convert function definitions between a list of 4786equations with patterns on the lhs and a single equation with case 4787expressions on the rhs. See also Ex/Simps_Case_Conv_Examples.thy. 4788 4789* New Library/FSet.thy: type of finite sets defined as a subtype of 4790sets defined by Lifting/Transfer. 4791 4792* Discontinued theory src/HOL/Library/Eval_Witness. INCOMPATIBILITY. 4793 4794* Consolidation of library theories on product orders: 4795 4796 Product_Lattice ~> Product_Order -- pointwise order on products 4797 Product_ord ~> Product_Lexorder -- lexicographic order on products 4798 4799INCOMPATIBILITY. 4800 4801* Imperative-HOL: The MREC combinator is considered legacy and no 4802longer included by default. INCOMPATIBILITY, use partial_function 4803instead, or import theory Legacy_Mrec as a fallback. 4804 4805* HOL-Algebra: Discontinued theories ~~/src/HOL/Algebra/abstract and 4806~~/src/HOL/Algebra/poly. Existing theories should be based on 4807~~/src/HOL/Library/Polynomial instead. The latter provides 4808integration with HOL's type classes for rings. INCOMPATIBILITY. 4809 4810* HOL-BNF: 4811 - Various improvements to BNF-based (co)datatype package, including 4812 new commands "primrec_new", "primcorec", and 4813 "datatype_new_compat", as well as documentation. See 4814 "datatypes.pdf" for details. 4815 - New "coinduction" method to avoid some boilerplate (compared to 4816 coinduct). 4817 - Renamed keywords: 4818 data ~> datatype_new 4819 codata ~> codatatype 4820 bnf_def ~> bnf 4821 - Renamed many generated theorems, including 4822 discs ~> disc 4823 map_comp' ~> map_comp 4824 map_id' ~> map_id 4825 sels ~> sel 4826 set_map' ~> set_map 4827 sets ~> set 4828IMCOMPATIBILITY. 4829 4830 4831*** ML *** 4832 4833* Spec_Check is a Quickcheck tool for Isabelle/ML. The ML function 4834"check_property" allows to check specifications of the form "ALL x y 4835z. prop x y z". See also ~~/src/Tools/Spec_Check/ with its 4836Examples.thy in particular. 4837 4838* Improved printing of exception trace in Poly/ML 5.5.1, with regular 4839tracing output in the command transaction context instead of physical 4840stdout. See also Toplevel.debug, Toplevel.debugging and 4841ML_Compiler.exn_trace. 4842 4843* ML type "theory" is now immutable, without any special treatment of 4844drafts or linear updates (which could lead to "stale theory" errors in 4845the past). Discontinued obsolete operations like Theory.copy, 4846Theory.checkpoint, and the auxiliary type theory_ref. Minor 4847INCOMPATIBILITY. 4848 4849* More uniform naming of goal functions for skipped proofs: 4850 4851 Skip_Proof.prove ~> Goal.prove_sorry 4852 Skip_Proof.prove_global ~> Goal.prove_sorry_global 4853 4854Minor INCOMPATIBILITY. 4855 4856* Simplifier tactics and tools use proper Proof.context instead of 4857historic type simpset. Old-style declarations like addsimps, 4858addsimprocs etc. operate directly on Proof.context. Raw type simpset 4859retains its use as snapshot of the main Simplifier context, using 4860simpset_of and put_simpset on Proof.context. INCOMPATIBILITY -- port 4861old tools by making them depend on (ctxt : Proof.context) instead of 4862(ss : simpset), then turn (simpset_of ctxt) into ctxt. 4863 4864* Modifiers for classical wrappers (e.g. addWrapper, delWrapper) 4865operate on Proof.context instead of claset, for uniformity with addIs, 4866addEs, addDs etc. Note that claset_of and put_claset allow to manage 4867clasets separately from the context. 4868 4869* Discontinued obsolete ML antiquotations @{claset} and @{simpset}. 4870INCOMPATIBILITY, use @{context} instead. 4871 4872* Antiquotation @{theory_context A} is similar to @{theory A}, but 4873presents the result as initial Proof.context. 4874 4875 4876*** System *** 4877 4878* Discontinued obsolete isabelle usedir, mkdir, make -- superseded by 4879"isabelle build" in Isabelle2013. INCOMPATIBILITY. 4880 4881* Discontinued obsolete isabelle-process options -f and -u (former 4882administrative aliases of option -e). Minor INCOMPATIBILITY. 4883 4884* Discontinued obsolete isabelle print tool, and PRINT_COMMAND 4885settings variable. 4886 4887* Discontinued ISABELLE_DOC_FORMAT settings variable and historic 4888document formats: dvi.gz, ps, ps.gz -- the default document format is 4889always pdf. 4890 4891* Isabelle settings variable ISABELLE_BUILD_JAVA_OPTIONS allows to 4892specify global resources of the JVM process run by isabelle build. 4893 4894* Toplevel executable $ISABELLE_HOME/bin/isabelle_scala_script allows 4895to run Isabelle/Scala source files as standalone programs. 4896 4897* Improved "isabelle keywords" tool (for old-style ProofGeneral 4898keyword tables): use Isabelle/Scala operations, which inspect outer 4899syntax without requiring to build sessions first. 4900 4901* Sessions may be organized via 'chapter' specifications in the ROOT 4902file, which determines a two-level hierarchy of browser info. The old 4903tree-like organization via implicit sub-session relation (with its 4904tendency towards erratic fluctuation of URLs) has been discontinued. 4905The default chapter is called "Unsorted". Potential INCOMPATIBILITY 4906for HTML presentation of theories. 4907 4908 4909 4910New in Isabelle2013 (February 2013) 4911----------------------------------- 4912 4913*** General *** 4914 4915* Theorem status about oracles and unfinished/failed future proofs is 4916no longer printed by default, since it is incompatible with 4917incremental / parallel checking of the persistent document model. ML 4918function Thm.peek_status may be used to inspect a snapshot of the 4919ongoing evaluation process. Note that in batch mode --- notably 4920isabelle build --- the system ensures that future proofs of all 4921accessible theorems in the theory context are finished (as before). 4922 4923* Configuration option show_markup controls direct inlining of markup 4924into the printed representation of formal entities --- notably type 4925and sort constraints. This enables Prover IDE users to retrieve that 4926information via tooltips in the output window, for example. 4927 4928* Command 'ML_file' evaluates ML text from a file directly within the 4929theory, without any predeclaration via 'uses' in the theory header. 4930 4931* Old command 'use' command and corresponding keyword 'uses' in the 4932theory header are legacy features and will be discontinued soon. 4933Tools that load their additional source files may imitate the 4934'ML_file' implementation, such that the system can take care of 4935dependencies properly. 4936 4937* Discontinued obsolete method fastsimp / tactic fast_simp_tac, which 4938is called fastforce / fast_force_tac already since Isabelle2011-1. 4939 4940* Updated and extended "isar-ref" and "implementation" manual, reduced 4941remaining material in old "ref" manual. 4942 4943* Improved support for auxiliary contexts that indicate block structure 4944for specifications. Nesting of "context fixes ... context assumes ..." 4945and "class ... context ...". 4946 4947* Attribute "consumes" allows a negative value as well, which is 4948interpreted relatively to the total number of premises of the rule in 4949the target context. This form of declaration is stable when exported 4950from a nested 'context' with additional assumptions. It is the 4951preferred form for definitional packages, notably cases/rules produced 4952in HOL/inductive and HOL/function. 4953 4954* More informative error messages for Isar proof commands involving 4955lazy enumerations (method applications etc.). 4956 4957* Refined 'help' command to retrieve outer syntax commands according 4958to name patterns (with clickable results). 4959 4960 4961*** Prover IDE -- Isabelle/Scala/jEdit *** 4962 4963* Parallel terminal proofs ('by') are enabled by default, likewise 4964proofs that are built into packages like 'datatype', 'function'. This 4965allows to "run ahead" checking the theory specifications on the 4966surface, while the prover is still crunching on internal 4967justifications. Unfinished / cancelled proofs are restarted as 4968required to complete full proof checking eventually. 4969 4970* Improved output panel with tooltips, hyperlinks etc. based on the 4971same Rich_Text_Area as regular Isabelle/jEdit buffers. Activation of 4972tooltips leads to some window that supports the same recursively, 4973which can lead to stacks of tooltips as the semantic document content 4974is explored. ESCAPE closes the whole stack, individual windows may be 4975closed separately, or detached to become independent jEdit dockables. 4976 4977* Improved support for commands that produce graph output: the text 4978message contains a clickable area to open a new instance of the graph 4979browser on demand. 4980 4981* More robust incremental parsing of outer syntax (partial comments, 4982malformed symbols). Changing the balance of open/close quotes and 4983comment delimiters works more conveniently with unfinished situations 4984that frequently occur in user interaction. 4985 4986* More efficient painting and improved reactivity when editing large 4987files. More scalable management of formal document content. 4988 4989* Smarter handling of tracing messages: prover process pauses after 4990certain number of messages per command transaction, with some user 4991dialog to stop or continue. This avoids swamping the front-end with 4992potentially infinite message streams. 4993 4994* More plugin options and preferences, based on Isabelle/Scala. The 4995jEdit plugin option panel provides access to some Isabelle/Scala 4996options, including tuning parameters for editor reactivity and color 4997schemes. 4998 4999* Dockable window "Symbols" provides some editing support for Isabelle 5000symbols. 5001 5002* Dockable window "Monitor" shows ML runtime statistics. Note that 5003continuous display of the chart slows down the system. 5004 5005* Improved editing support for control styles: subscript, superscript, 5006bold, reset of style -- operating on single symbols or text 5007selections. Cf. keyboard shortcuts C+e DOWN/UP/RIGHT/LEFT. 5008 5009* Actions isabelle.increase-font-size and isabelle.decrease-font-size 5010adjust the main text area font size, and its derivatives for output, 5011tooltips etc. Cf. keyboard shortcuts C-PLUS and C-MINUS, which often 5012need to be adapted to local keyboard layouts. 5013 5014* More reactive completion popup by default: use \t (TAB) instead of 5015\n (NEWLINE) to minimize intrusion into regular flow of editing. See 5016also "Plugin Options / SideKick / General / Code Completion Options". 5017 5018* Implicit check and build dialog of the specified logic session 5019image. For example, HOL, HOLCF, HOL-Nominal can be produced on 5020demand, without bundling big platform-dependent heap images in the 5021Isabelle distribution. 5022 5023* Uniform Java 7 platform on Linux, Mac OS X, Windows: recent updates 5024from Oracle provide better multi-platform experience. This version is 5025now bundled exclusively with Isabelle. 5026 5027 5028*** Pure *** 5029 5030* Code generation for Haskell: restrict unqualified imports from 5031Haskell Prelude to a small set of fundamental operations. 5032 5033* Command 'export_code': relative file names are interpreted 5034relatively to master directory of current theory rather than the 5035rather arbitrary current working directory. INCOMPATIBILITY. 5036 5037* Discontinued obsolete attribute "COMP". Potential INCOMPATIBILITY, 5038use regular rule composition via "OF" / "THEN", or explicit proof 5039structure instead. Note that Isabelle/ML provides a variety of 5040operators like COMP, INCR_COMP, COMP_INCR, which need to be applied 5041with some care where this is really required. 5042 5043* Command 'typ' supports an additional variant with explicit sort 5044constraint, to infer and check the most general type conforming to a 5045given sort. Example (in HOL): 5046 5047 typ "_ * _ * bool * unit" :: finite 5048 5049* Command 'locale_deps' visualizes all locales and their relations as 5050a Hasse diagram. 5051 5052 5053*** HOL *** 5054 5055* Sledgehammer: 5056 5057 - Added MaSh relevance filter based on machine-learning; see the 5058 Sledgehammer manual for details. 5059 - Polished Isar proofs generated with "isar_proofs" option. 5060 - Rationalized type encodings ("type_enc" option). 5061 - Renamed "kill_provers" subcommand to "kill_all". 5062 - Renamed options: 5063 isar_proof ~> isar_proofs 5064 isar_shrink_factor ~> isar_shrink 5065 max_relevant ~> max_facts 5066 relevance_thresholds ~> fact_thresholds 5067 5068* Quickcheck: added an optimisation for equality premises. It is 5069switched on by default, and can be switched off by setting the 5070configuration quickcheck_optimise_equality to false. 5071 5072* Quotient: only one quotient can be defined by quotient_type 5073INCOMPATIBILITY. 5074 5075* Lifting: 5076 - generation of an abstraction function equation in lift_definition 5077 - quot_del attribute 5078 - renamed no_abs_code -> no_code (INCOMPATIBILITY.) 5079 5080* Simproc "finite_Collect" rewrites set comprehensions into pointfree 5081expressions. 5082 5083* Preprocessing of the code generator rewrites set comprehensions into 5084pointfree expressions. 5085 5086* The SMT solver Z3 has now by default a restricted set of directly 5087supported features. For the full set of features (div/mod, nonlinear 5088arithmetic, datatypes/records) with potential proof reconstruction 5089failures, enable the configuration option "z3_with_extensions". Minor 5090INCOMPATIBILITY. 5091 5092* Simplified 'typedef' specifications: historical options for implicit 5093set definition and alternative name have been discontinued. The 5094former behavior of "typedef (open) t = A" is now the default, but 5095written just "typedef t = A". INCOMPATIBILITY, need to adapt theories 5096accordingly. 5097 5098* Removed constant "chars"; prefer "Enum.enum" on type "char" 5099directly. INCOMPATIBILITY. 5100 5101* Moved operation product, sublists and n_lists from theory Enum to 5102List. INCOMPATIBILITY. 5103 5104* Theorem UN_o generalized to SUP_comp. INCOMPATIBILITY. 5105 5106* Class "comm_monoid_diff" formalises properties of bounded 5107subtraction, with natural numbers and multisets as typical instances. 5108 5109* Added combinator "Option.these" with type "'a option set => 'a set". 5110 5111* Theory "Transitive_Closure": renamed lemmas 5112 5113 reflcl_tranclp -> reflclp_tranclp 5114 rtranclp_reflcl -> rtranclp_reflclp 5115 5116INCOMPATIBILITY. 5117 5118* Theory "Rings": renamed lemmas (in class semiring) 5119 5120 left_distrib ~> distrib_right 5121 right_distrib ~> distrib_left 5122 5123INCOMPATIBILITY. 5124 5125* Generalized the definition of limits: 5126 5127 - Introduced the predicate filterlim (LIM x F. f x :> G) which 5128 expresses that when the input values x converge to F then the 5129 output f x converges to G. 5130 5131 - Added filters for convergence to positive (at_top) and negative 5132 infinity (at_bot). 5133 5134 - Moved infinity in the norm (at_infinity) from 5135 Multivariate_Analysis to Complex_Main. 5136 5137 - Removed real_tendsto_inf, it is superseded by "LIM x F. f x :> 5138 at_top". 5139 5140INCOMPATIBILITY. 5141 5142* Theory "Library/Option_ord" provides instantiation of option type to 5143lattice type classes. 5144 5145* Theory "Library/Multiset": renamed 5146 5147 constant fold_mset ~> Multiset.fold 5148 fact fold_mset_commute ~> fold_mset_comm 5149 5150INCOMPATIBILITY. 5151 5152* Renamed theory Library/List_Prefix to Library/Sublist, with related 5153changes as follows. 5154 5155 - Renamed constants (and related lemmas) 5156 5157 prefix ~> prefixeq 5158 strict_prefix ~> prefix 5159 5160 - Replaced constant "postfix" by "suffixeq" with swapped argument 5161 order (i.e., "postfix xs ys" is now "suffixeq ys xs") and dropped 5162 old infix syntax "xs >>= ys"; use "suffixeq ys xs" instead. 5163 Renamed lemmas accordingly. 5164 5165 - Added constant "list_hembeq" for homeomorphic embedding on 5166 lists. Added abbreviation "sublisteq" for special case 5167 "list_hembeq (op =)". 5168 5169 - Theory Library/Sublist no longer provides "order" and "bot" type 5170 class instances for the prefix order (merely corresponding locale 5171 interpretations). The type class instances are now in theory 5172 Library/Prefix_Order. 5173 5174 - The sublist relation of theory Library/Sublist_Order is now based 5175 on "Sublist.sublisteq". Renamed lemmas accordingly: 5176 5177 le_list_append_le_same_iff ~> Sublist.sublisteq_append_le_same_iff 5178 le_list_append_mono ~> Sublist.list_hembeq_append_mono 5179 le_list_below_empty ~> Sublist.list_hembeq_Nil, Sublist.list_hembeq_Nil2 5180 le_list_Cons_EX ~> Sublist.list_hembeq_ConsD 5181 le_list_drop_Cons2 ~> Sublist.sublisteq_Cons2' 5182 le_list_drop_Cons_neq ~> Sublist.sublisteq_Cons2_neq 5183 le_list_drop_Cons ~> Sublist.sublisteq_Cons' 5184 le_list_drop_many ~> Sublist.sublisteq_drop_many 5185 le_list_filter_left ~> Sublist.sublisteq_filter_left 5186 le_list_rev_drop_many ~> Sublist.sublisteq_rev_drop_many 5187 le_list_rev_take_iff ~> Sublist.sublisteq_append 5188 le_list_same_length ~> Sublist.sublisteq_same_length 5189 le_list_take_many_iff ~> Sublist.sublisteq_append' 5190 less_eq_list.drop ~> less_eq_list_drop 5191 less_eq_list.induct ~> less_eq_list_induct 5192 not_le_list_length ~> Sublist.not_sublisteq_length 5193 5194INCOMPATIBILITY. 5195 5196* New theory Library/Countable_Set. 5197 5198* Theory Library/Debug and Library/Parallel provide debugging and 5199parallel execution for code generated towards Isabelle/ML. 5200 5201* Theory Library/FuncSet: Extended support for Pi and extensional and 5202introduce the extensional dependent function space "PiE". Replaced 5203extensional_funcset by an abbreviation, and renamed lemmas from 5204extensional_funcset to PiE as follows: 5205 5206 extensional_empty ~> PiE_empty 5207 extensional_funcset_empty_domain ~> PiE_empty_domain 5208 extensional_funcset_empty_range ~> PiE_empty_range 5209 extensional_funcset_arb ~> PiE_arb 5210 extensional_funcset_mem ~> PiE_mem 5211 extensional_funcset_extend_domainI ~> PiE_fun_upd 5212 extensional_funcset_restrict_domain ~> fun_upd_in_PiE 5213 extensional_funcset_extend_domain_eq ~> PiE_insert_eq 5214 card_extensional_funcset ~> card_PiE 5215 finite_extensional_funcset ~> finite_PiE 5216 5217INCOMPATIBILITY. 5218 5219* Theory Library/FinFun: theory of almost everywhere constant 5220functions (supersedes the AFP entry "Code Generation for Functions as 5221Data"). 5222 5223* Theory Library/Phantom: generic phantom type to make a type 5224parameter appear in a constant's type. This alternative to adding 5225TYPE('a) as another parameter avoids unnecessary closures in generated 5226code. 5227 5228* Theory Library/RBT_Impl: efficient construction of red-black trees 5229from sorted associative lists. Merging two trees with rbt_union may 5230return a structurally different tree than before. Potential 5231INCOMPATIBILITY. 5232 5233* Theory Library/IArray: immutable arrays with code generation. 5234 5235* Theory Library/Finite_Lattice: theory of finite lattices. 5236 5237* HOL/Multivariate_Analysis: replaced 5238 5239 "basis :: 'a::euclidean_space => nat => real" 5240 "\<Chi>\<Chi> :: (nat => real) => 'a::euclidean_space" 5241 5242on euclidean spaces by using the inner product "_ \<bullet> _" with 5243vectors from the Basis set: "\<Chi>\<Chi> i. f i" is superseded by 5244"SUM i : Basis. f i * r i". 5245 5246 With this change the following constants are also changed or removed: 5247 5248 DIM('a) :: nat ~> card (Basis :: 'a set) (is an abbreviation) 5249 a $$ i ~> inner a i (where i : Basis) 5250 cart_base i removed 5251 \<pi>, \<pi>' removed 5252 5253 Theorems about these constants where removed. 5254 5255 Renamed lemmas: 5256 5257 component_le_norm ~> Basis_le_norm 5258 euclidean_eq ~> euclidean_eq_iff 5259 differential_zero_maxmin_component ~> differential_zero_maxmin_cart 5260 euclidean_simps ~> inner_simps 5261 independent_basis ~> independent_Basis 5262 span_basis ~> span_Basis 5263 in_span_basis ~> in_span_Basis 5264 norm_bound_component_le ~> norm_boound_Basis_le 5265 norm_bound_component_lt ~> norm_boound_Basis_lt 5266 component_le_infnorm ~> Basis_le_infnorm 5267 5268INCOMPATIBILITY. 5269 5270* HOL/Probability: 5271 5272 - Added simproc "measurable" to automatically prove measurability. 5273 5274 - Added induction rules for sigma sets with disjoint union 5275 (sigma_sets_induct_disjoint) and for Borel-measurable functions 5276 (borel_measurable_induct). 5277 5278 - Added the Daniell-Kolmogorov theorem (the existence the limit of a 5279 projective family). 5280 5281* HOL/Cardinals: Theories of ordinals and cardinals (supersedes the 5282AFP entry "Ordinals_and_Cardinals"). 5283 5284* HOL/BNF: New (co)datatype package based on bounded natural functors 5285with support for mixed, nested recursion and interesting non-free 5286datatypes. 5287 5288* HOL/Finite_Set and Relation: added new set and relation operations 5289expressed by Finite_Set.fold. 5290 5291* New theory HOL/Library/RBT_Set: implementation of sets by red-black 5292trees for the code generator. 5293 5294* HOL/Library/RBT and HOL/Library/Mapping have been converted to 5295Lifting/Transfer. 5296possible INCOMPATIBILITY. 5297 5298* HOL/Set: renamed Set.project -> Set.filter 5299INCOMPATIBILITY. 5300 5301 5302*** Document preparation *** 5303 5304* Dropped legacy antiquotations "term_style" and "thm_style", since 5305styles may be given as arguments to "term" and "thm" already. 5306Discontinued legacy styles "prem1" .. "prem19". 5307 5308* Default LaTeX rendering for \<euro> is now based on eurosym package, 5309instead of slightly exotic babel/greek. 5310 5311* Document variant NAME may use different LaTeX entry point 5312document/root_NAME.tex if that file exists, instead of the common 5313document/root.tex. 5314 5315* Simplified custom document/build script, instead of old-style 5316document/IsaMakefile. Minor INCOMPATIBILITY. 5317 5318 5319*** ML *** 5320 5321* The default limit for maximum number of worker threads is now 8, 5322instead of 4, in correspondence to capabilities of contemporary 5323hardware and Poly/ML runtime system. 5324 5325* Type Seq.results and related operations support embedded error 5326messages within lazy enumerations, and thus allow to provide 5327informative errors in the absence of any usable results. 5328 5329* Renamed Position.str_of to Position.here to emphasize that this is a 5330formal device to inline positions into message text, but not 5331necessarily printing visible text. 5332 5333 5334*** System *** 5335 5336* Advanced support for Isabelle sessions and build management, see 5337"system" manual for the chapter of that name, especially the "isabelle 5338build" tool and its examples. The "isabelle mkroot" tool prepares 5339session root directories for use with "isabelle build", similar to 5340former "isabelle mkdir" for "isabelle usedir". Note that this affects 5341document preparation as well. INCOMPATIBILITY, isabelle usedir / 5342mkdir / make are rendered obsolete. 5343 5344* Discontinued obsolete Isabelle/build script, it is superseded by the 5345regular isabelle build tool. For example: 5346 5347 isabelle build -s -b HOL 5348 5349* Discontinued obsolete "isabelle makeall". 5350 5351* Discontinued obsolete IsaMakefile and ROOT.ML files from the 5352Isabelle distribution, except for rudimentary src/HOL/IsaMakefile that 5353provides some traditional targets that invoke "isabelle build". Note 5354that this is inefficient! Applications of Isabelle/HOL involving 5355"isabelle make" should be upgraded to use "isabelle build" directly. 5356 5357* The "isabelle options" tool prints Isabelle system options, as 5358required for "isabelle build", for example. 5359 5360* The "isabelle logo" tool produces EPS and PDF format simultaneously. 5361Minor INCOMPATIBILITY in command-line options. 5362 5363* The "isabelle install" tool has now a simpler command-line. Minor 5364INCOMPATIBILITY. 5365 5366* The "isabelle components" tool helps to resolve add-on components 5367that are not bundled, or referenced from a bare-bones repository 5368version of Isabelle. 5369 5370* Settings variable ISABELLE_PLATFORM_FAMILY refers to the general 5371platform family: "linux", "macos", "windows". 5372 5373* The ML system is configured as regular component, and no longer 5374picked up from some surrounding directory. Potential INCOMPATIBILITY 5375for home-made settings. 5376 5377* Improved ML runtime statistics (heap, threads, future tasks etc.). 5378 5379* Discontinued support for Poly/ML 5.2.1, which was the last version 5380without exception positions and advanced ML compiler/toplevel 5381configuration. 5382 5383* Discontinued special treatment of Proof General -- no longer guess 5384PROOFGENERAL_HOME based on accidental file-system layout. Minor 5385INCOMPATIBILITY: provide PROOFGENERAL_HOME and PROOFGENERAL_OPTIONS 5386settings manually, or use a Proof General version that has been 5387bundled as Isabelle component. 5388 5389 5390 5391New in Isabelle2012 (May 2012) 5392------------------------------ 5393 5394*** General *** 5395 5396* Prover IDE (PIDE) improvements: 5397 5398 - more robust Sledgehammer integration (as before the sledgehammer 5399 command-line needs to be typed into the source buffer) 5400 - markup for bound variables 5401 - markup for types of term variables (displayed as tooltips) 5402 - support for user-defined Isar commands within the running session 5403 - improved support for Unicode outside original 16bit range 5404 e.g. glyph for \<A> (thanks to jEdit 4.5.1) 5405 5406* Forward declaration of outer syntax keywords within the theory 5407header -- minor INCOMPATIBILITY for user-defined commands. Allow new 5408commands to be used in the same theory where defined. 5409 5410* Auxiliary contexts indicate block structure for specifications with 5411additional parameters and assumptions. Such unnamed contexts may be 5412nested within other targets, like 'theory', 'locale', 'class', 5413'instantiation' etc. Results from the local context are generalized 5414accordingly and applied to the enclosing target context. Example: 5415 5416 context 5417 fixes x y z :: 'a 5418 assumes xy: "x = y" and yz: "y = z" 5419 begin 5420 5421 lemma my_trans: "x = z" using xy yz by simp 5422 5423 end 5424 5425 thm my_trans 5426 5427The most basic application is to factor-out context elements of 5428several fixes/assumes/shows theorem statements, e.g. see 5429~~/src/HOL/Isar_Examples/Group_Context.thy 5430 5431Any other local theory specification element works within the "context 5432... begin ... end" block as well. 5433 5434* Bundled declarations associate attributed fact expressions with a 5435given name in the context. These may be later included in other 5436contexts. This allows to manage context extensions casually, without 5437the logical dependencies of locales and locale interpretation. See 5438commands 'bundle', 'include', 'including' etc. in the isar-ref manual. 5439 5440* Commands 'lemmas' and 'theorems' allow local variables using 'for' 5441declaration, and results are standardized before being stored. Thus 5442old-style "standard" after instantiation or composition of facts 5443becomes obsolete. Minor INCOMPATIBILITY, due to potential change of 5444indices of schematic variables. 5445 5446* Rule attributes in local theory declarations (e.g. locale or class) 5447are now statically evaluated: the resulting theorem is stored instead 5448of the original expression. INCOMPATIBILITY in rare situations, where 5449the historic accident of dynamic re-evaluation in interpretations 5450etc. was exploited. 5451 5452* New tutorial "Programming and Proving in Isabelle/HOL" 5453("prog-prove"). It completely supersedes "A Tutorial Introduction to 5454Structured Isar Proofs" ("isar-overview"), which has been removed. It 5455also supersedes "Isabelle/HOL, A Proof Assistant for Higher-Order 5456Logic" as the recommended beginners tutorial, but does not cover all 5457of the material of that old tutorial. 5458 5459* Updated and extended reference manuals: "isar-ref", 5460"implementation", "system"; reduced remaining material in old "ref" 5461manual. 5462 5463 5464*** Pure *** 5465 5466* Command 'definition' no longer exports the foundational "raw_def" 5467into the user context. Minor INCOMPATIBILITY, may use the regular 5468"def" result with attribute "abs_def" to imitate the old version. 5469 5470* Attribute "abs_def" turns an equation of the form "f x y == t" into 5471"f == %x y. t", which ensures that "simp" or "unfold" steps always 5472expand it. This also works for object-logic equality. (Formerly 5473undocumented feature.) 5474 5475* Sort constraints are now propagated in simultaneous statements, just 5476like type constraints. INCOMPATIBILITY in rare situations, where 5477distinct sorts used to be assigned accidentally. For example: 5478 5479 lemma "P (x::'a::foo)" and "Q (y::'a::bar)" -- "now illegal" 5480 5481 lemma "P (x::'a)" and "Q (y::'a::bar)" 5482 -- "now uniform 'a::bar instead of default sort for first occurrence (!)" 5483 5484* Rule composition via attribute "OF" (or ML functions OF/MRS) is more 5485tolerant against multiple unifiers, as long as the final result is 5486unique. (As before, rules are composed in canonical right-to-left 5487order to accommodate newly introduced premises.) 5488 5489* Renamed some inner syntax categories: 5490 5491 num ~> num_token 5492 xnum ~> xnum_token 5493 xstr ~> str_token 5494 5495Minor INCOMPATIBILITY. Note that in practice "num_const" or 5496"num_position" etc. are mainly used instead (which also include 5497position information via constraints). 5498 5499* Simplified configuration options for syntax ambiguity: see 5500"syntax_ambiguity_warning" and "syntax_ambiguity_limit" in isar-ref 5501manual. Minor INCOMPATIBILITY. 5502 5503* Discontinued configuration option "syntax_positions": atomic terms 5504in parse trees are always annotated by position constraints. 5505 5506* Old code generator for SML and its commands 'code_module', 5507'code_library', 'consts_code', 'types_code' have been discontinued. 5508Use commands of the generic code generator instead. INCOMPATIBILITY. 5509 5510* Redundant attribute "code_inline" has been discontinued. Use 5511"code_unfold" instead. INCOMPATIBILITY. 5512 5513* Dropped attribute "code_unfold_post" in favor of the its dual 5514"code_abbrev", which yields a common pattern in definitions like 5515 5516 definition [code_abbrev]: "f = t" 5517 5518INCOMPATIBILITY. 5519 5520* Obsolete 'types' command has been discontinued. Use 'type_synonym' 5521instead. INCOMPATIBILITY. 5522 5523* Discontinued old "prems" fact, which used to refer to the accidental 5524collection of foundational premises in the context (already marked as 5525legacy since Isabelle2011). 5526 5527 5528*** HOL *** 5529 5530* Type 'a set is now a proper type constructor (just as before 5531Isabelle2008). Definitions mem_def and Collect_def have disappeared. 5532Non-trivial INCOMPATIBILITY. For developments keeping predicates and 5533sets separate, it is often sufficient to rephrase some set S that has 5534been accidentally used as predicates by "%x. x : S", and some 5535predicate P that has been accidentally used as set by "{x. P x}". 5536Corresponding proofs in a first step should be pruned from any 5537tinkering with former theorems mem_def and Collect_def as far as 5538possible. 5539 5540For developments which deliberately mix predicates and sets, a 5541planning step is necessary to determine what should become a predicate 5542and what a set. It can be helpful to carry out that step in 5543Isabelle2011-1 before jumping right into the current release. 5544 5545* Code generation by default implements sets as container type rather 5546than predicates. INCOMPATIBILITY. 5547 5548* New type synonym 'a rel = ('a * 'a) set 5549 5550* The representation of numerals has changed. Datatype "num" 5551represents strictly positive binary numerals, along with functions 5552"numeral :: num => 'a" and "neg_numeral :: num => 'a" to represent 5553positive and negated numeric literals, respectively. See also 5554definitions in ~~/src/HOL/Num.thy. Potential INCOMPATIBILITY, some 5555user theories may require adaptations as follows: 5556 5557 - Theorems with number_ring or number_semiring constraints: These 5558 classes are gone; use comm_ring_1 or comm_semiring_1 instead. 5559 5560 - Theories defining numeric types: Remove number, number_semiring, 5561 and number_ring instances. Defer all theorems about numerals until 5562 after classes one and semigroup_add have been instantiated. 5563 5564 - Numeral-only simp rules: Replace each rule having a "number_of v" 5565 pattern with two copies, one for numeral and one for neg_numeral. 5566 5567 - Theorems about subclasses of semiring_1 or ring_1: These classes 5568 automatically support numerals now, so more simp rules and 5569 simprocs may now apply within the proof. 5570 5571 - Definitions and theorems using old constructors Pls/Min/Bit0/Bit1: 5572 Redefine using other integer operations. 5573 5574* Transfer: New package intended to generalize the existing 5575"descending" method and related theorem attributes from the Quotient 5576package. (Not all functionality is implemented yet, but future 5577development will focus on Transfer as an eventual replacement for the 5578corresponding parts of the Quotient package.) 5579 5580 - transfer_rule attribute: Maintains a collection of transfer rules, 5581 which relate constants at two different types. Transfer rules may 5582 relate different type instances of the same polymorphic constant, 5583 or they may relate an operation on a raw type to a corresponding 5584 operation on an abstract type (quotient or subtype). For example: 5585 5586 ((A ===> B) ===> list_all2 A ===> list_all2 B) map map 5587 (cr_int ===> cr_int ===> cr_int) (%(x,y) (u,v). (x+u, y+v)) plus_int 5588 5589 - transfer method: Replaces a subgoal on abstract types with an 5590 equivalent subgoal on the corresponding raw types. Constants are 5591 replaced with corresponding ones according to the transfer rules. 5592 Goals are generalized over all free variables by default; this is 5593 necessary for variables whose types change, but can be overridden 5594 for specific variables with e.g. "transfer fixing: x y z". The 5595 variant transfer' method allows replacing a subgoal with one that 5596 is logically stronger (rather than equivalent). 5597 5598 - relator_eq attribute: Collects identity laws for relators of 5599 various type constructors, e.g. "list_all2 (op =) = (op =)". The 5600 transfer method uses these lemmas to infer transfer rules for 5601 non-polymorphic constants on the fly. 5602 5603 - transfer_prover method: Assists with proving a transfer rule for a 5604 new constant, provided the constant is defined in terms of other 5605 constants that already have transfer rules. It should be applied 5606 after unfolding the constant definitions. 5607 5608 - HOL/ex/Transfer_Int_Nat.thy: Example theory demonstrating transfer 5609 from type nat to type int. 5610 5611* Lifting: New package intended to generalize the quotient_definition 5612facility of the Quotient package; designed to work with Transfer. 5613 5614 - lift_definition command: Defines operations on an abstract type in 5615 terms of a corresponding operation on a representation 5616 type. Example syntax: 5617 5618 lift_definition dlist_insert :: "'a => 'a dlist => 'a dlist" 5619 is List.insert 5620 5621 Users must discharge a respectfulness proof obligation when each 5622 constant is defined. (For a type copy, i.e. a typedef with UNIV, 5623 the proof is discharged automatically.) The obligation is 5624 presented in a user-friendly, readable form; a respectfulness 5625 theorem in the standard format and a transfer rule are generated 5626 by the package. 5627 5628 - Integration with code_abstype: For typedefs (e.g. subtypes 5629 corresponding to a datatype invariant, such as dlist), 5630 lift_definition generates a code certificate theorem and sets up 5631 code generation for each constant. 5632 5633 - setup_lifting command: Sets up the Lifting package to work with a 5634 user-defined type. The user must provide either a quotient theorem 5635 or a type_definition theorem. The package configures transfer 5636 rules for equality and quantifiers on the type, and sets up the 5637 lift_definition command to work with the type. 5638 5639 - Usage examples: See Quotient_Examples/Lift_DList.thy, 5640 Quotient_Examples/Lift_RBT.thy, Quotient_Examples/Lift_FSet.thy, 5641 Word/Word.thy and Library/Float.thy. 5642 5643* Quotient package: 5644 5645 - The 'quotient_type' command now supports a 'morphisms' option with 5646 rep and abs functions, similar to typedef. 5647 5648 - 'quotient_type' sets up new types to work with the Lifting and 5649 Transfer packages, as with 'setup_lifting'. 5650 5651 - The 'quotient_definition' command now requires the user to prove a 5652 respectfulness property at the point where the constant is 5653 defined, similar to lift_definition; INCOMPATIBILITY. 5654 5655 - Renamed predicate 'Quotient' to 'Quotient3', and renamed theorems 5656 accordingly, INCOMPATIBILITY. 5657 5658* New diagnostic command 'find_unused_assms' to find potentially 5659superfluous assumptions in theorems using Quickcheck. 5660 5661* Quickcheck: 5662 5663 - Quickcheck returns variable assignments as counterexamples, which 5664 allows to reveal the underspecification of functions under test. 5665 For example, refuting "hd xs = x", it presents the variable 5666 assignment xs = [] and x = a1 as a counterexample, assuming that 5667 any property is false whenever "hd []" occurs in it. 5668 5669 These counterexample are marked as potentially spurious, as 5670 Quickcheck also returns "xs = []" as a counterexample to the 5671 obvious theorem "hd xs = hd xs". 5672 5673 After finding a potentially spurious counterexample, Quickcheck 5674 continues searching for genuine ones. 5675 5676 By default, Quickcheck shows potentially spurious and genuine 5677 counterexamples. The option "genuine_only" sets quickcheck to only 5678 show genuine counterexamples. 5679 5680 - The command 'quickcheck_generator' creates random and exhaustive 5681 value generators for a given type and operations. 5682 5683 It generates values by using the operations as if they were 5684 constructors of that type. 5685 5686 - Support for multisets. 5687 5688 - Added "use_subtype" options. 5689 5690 - Added "quickcheck_locale" configuration to specify how to process 5691 conjectures in a locale context. 5692 5693* Nitpick: Fixed infinite loop caused by the 'peephole_optim' option 5694and affecting 'rat' and 'real'. 5695 5696* Sledgehammer: 5697 - Integrated more tightly with SPASS, as described in the ITP 2012 5698 paper "More SPASS with Isabelle". 5699 - Made it try "smt" as a fallback if "metis" fails or times out. 5700 - Added support for the following provers: Alt-Ergo (via Why3 and 5701 TFF1), iProver, iProver-Eq. 5702 - Sped up the minimizer. 5703 - Added "lam_trans", "uncurry_aliases", and "minimize" options. 5704 - Renamed "slicing" ("no_slicing") option to "slice" ("dont_slice"). 5705 - Renamed "sound" option to "strict". 5706 5707* Metis: Added possibility to specify lambda translations scheme as a 5708parenthesized argument (e.g., "by (metis (lifting) ...)"). 5709 5710* SMT: Renamed "smt_fixed" option to "smt_read_only_certificates". 5711 5712* Command 'try0': Renamed from 'try_methods'. INCOMPATIBILITY. 5713 5714* New "case_product" attribute to generate a case rule doing multiple 5715case distinctions at the same time. E.g. 5716 5717 list.exhaust [case_product nat.exhaust] 5718 5719produces a rule which can be used to perform case distinction on both 5720a list and a nat. 5721 5722* New "eventually_elim" method as a generalized variant of the 5723eventually_elim* rules. Supports structured proofs. 5724 5725* Typedef with implicit set definition is considered legacy. Use 5726"typedef (open)" form instead, which will eventually become the 5727default. 5728 5729* Record: code generation can be switched off manually with 5730 5731 declare [[record_coden = false]] -- "default true" 5732 5733* Datatype: type parameters allow explicit sort constraints. 5734 5735* Concrete syntax for case expressions includes constraints for source 5736positions, and thus produces Prover IDE markup for its bindings. 5737INCOMPATIBILITY for old-style syntax translations that augment the 5738pattern notation; e.g. see src/HOL/HOLCF/One.thy for translations of 5739one_case. 5740 5741* Clarified attribute "mono_set": pure declaration without modifying 5742the result of the fact expression. 5743 5744* More default pred/set conversions on a couple of relation operations 5745and predicates. Added powers of predicate relations. Consolidation 5746of some relation theorems: 5747 5748 converse_def ~> converse_unfold 5749 rel_comp_def ~> relcomp_unfold 5750 symp_def ~> (modified, use symp_def and sym_def instead) 5751 transp_def ~> transp_trans 5752 Domain_def ~> Domain_unfold 5753 Range_def ~> Domain_converse [symmetric] 5754 5755Generalized theorems INF_INT_eq, INF_INT_eq2, SUP_UN_eq, SUP_UN_eq2. 5756 5757See theory "Relation" for examples for making use of pred/set 5758conversions by means of attributes "to_set" and "to_pred". 5759 5760INCOMPATIBILITY. 5761 5762* Renamed facts about the power operation on relations, i.e., relpow 5763to match the constant's name: 5764 5765 rel_pow_1 ~> relpow_1 5766 rel_pow_0_I ~> relpow_0_I 5767 rel_pow_Suc_I ~> relpow_Suc_I 5768 rel_pow_Suc_I2 ~> relpow_Suc_I2 5769 rel_pow_0_E ~> relpow_0_E 5770 rel_pow_Suc_E ~> relpow_Suc_E 5771 rel_pow_E ~> relpow_E 5772 rel_pow_Suc_D2 ~> relpow_Suc_D2 5773 rel_pow_Suc_E2 ~> relpow_Suc_E2 5774 rel_pow_Suc_D2' ~> relpow_Suc_D2' 5775 rel_pow_E2 ~> relpow_E2 5776 rel_pow_add ~> relpow_add 5777 rel_pow_commute ~> relpow 5778 rel_pow_empty ~> relpow_empty: 5779 rtrancl_imp_UN_rel_pow ~> rtrancl_imp_UN_relpow 5780 rel_pow_imp_rtrancl ~> relpow_imp_rtrancl 5781 rtrancl_is_UN_rel_pow ~> rtrancl_is_UN_relpow 5782 rtrancl_imp_rel_pow ~> rtrancl_imp_relpow 5783 rel_pow_fun_conv ~> relpow_fun_conv 5784 rel_pow_finite_bounded1 ~> relpow_finite_bounded1 5785 rel_pow_finite_bounded ~> relpow_finite_bounded 5786 rtrancl_finite_eq_rel_pow ~> rtrancl_finite_eq_relpow 5787 trancl_finite_eq_rel_pow ~> trancl_finite_eq_relpow 5788 single_valued_rel_pow ~> single_valued_relpow 5789 5790INCOMPATIBILITY. 5791 5792* Theory Relation: Consolidated constant name for relation composition 5793and corresponding theorem names: 5794 5795 - Renamed constant rel_comp to relcomp. 5796 5797 - Dropped abbreviation pred_comp. Use relcompp instead. 5798 5799 - Renamed theorems: 5800 5801 rel_compI ~> relcompI 5802 rel_compEpair ~> relcompEpair 5803 rel_compE ~> relcompE 5804 pred_comp_rel_comp_eq ~> relcompp_relcomp_eq 5805 rel_comp_empty1 ~> relcomp_empty1 5806 rel_comp_mono ~> relcomp_mono 5807 rel_comp_subset_Sigma ~> relcomp_subset_Sigma 5808 rel_comp_distrib ~> relcomp_distrib 5809 rel_comp_distrib2 ~> relcomp_distrib2 5810 rel_comp_UNION_distrib ~> relcomp_UNION_distrib 5811 rel_comp_UNION_distrib2 ~> relcomp_UNION_distrib2 5812 single_valued_rel_comp ~> single_valued_relcomp 5813 rel_comp_def ~> relcomp_unfold 5814 converse_rel_comp ~> converse_relcomp 5815 pred_compI ~> relcomppI 5816 pred_compE ~> relcomppE 5817 pred_comp_bot1 ~> relcompp_bot1 5818 pred_comp_bot2 ~> relcompp_bot2 5819 transp_pred_comp_less_eq ~> transp_relcompp_less_eq 5820 pred_comp_mono ~> relcompp_mono 5821 pred_comp_distrib ~> relcompp_distrib 5822 pred_comp_distrib2 ~> relcompp_distrib2 5823 converse_pred_comp ~> converse_relcompp 5824 5825 finite_rel_comp ~> finite_relcomp 5826 5827 set_rel_comp ~> set_relcomp 5828 5829INCOMPATIBILITY. 5830 5831* Theory Divides: Discontinued redundant theorems about div and mod. 5832INCOMPATIBILITY, use the corresponding generic theorems instead. 5833 5834 DIVISION_BY_ZERO ~> div_by_0, mod_by_0 5835 zdiv_self ~> div_self 5836 zmod_self ~> mod_self 5837 zdiv_zero ~> div_0 5838 zmod_zero ~> mod_0 5839 zdiv_zmod_equality ~> div_mod_equality2 5840 zdiv_zmod_equality2 ~> div_mod_equality 5841 zmod_zdiv_trivial ~> mod_div_trivial 5842 zdiv_zminus_zminus ~> div_minus_minus 5843 zmod_zminus_zminus ~> mod_minus_minus 5844 zdiv_zminus2 ~> div_minus_right 5845 zmod_zminus2 ~> mod_minus_right 5846 zdiv_minus1_right ~> div_minus1_right 5847 zmod_minus1_right ~> mod_minus1_right 5848 zdvd_mult_div_cancel ~> dvd_mult_div_cancel 5849 zmod_zmult1_eq ~> mod_mult_right_eq 5850 zpower_zmod ~> power_mod 5851 zdvd_zmod ~> dvd_mod 5852 zdvd_zmod_imp_zdvd ~> dvd_mod_imp_dvd 5853 mod_mult_distrib ~> mult_mod_left 5854 mod_mult_distrib2 ~> mult_mod_right 5855 5856* Removed redundant theorems nat_mult_2 and nat_mult_2_right; use 5857generic mult_2 and mult_2_right instead. INCOMPATIBILITY. 5858 5859* Finite_Set.fold now qualified. INCOMPATIBILITY. 5860 5861* Consolidated theorem names concerning fold combinators: 5862 5863 inf_INFI_fold_inf ~> inf_INF_fold_inf 5864 sup_SUPR_fold_sup ~> sup_SUP_fold_sup 5865 INFI_fold_inf ~> INF_fold_inf 5866 SUPR_fold_sup ~> SUP_fold_sup 5867 union_set ~> union_set_fold 5868 minus_set ~> minus_set_fold 5869 INFI_set_fold ~> INF_set_fold 5870 SUPR_set_fold ~> SUP_set_fold 5871 INF_code ~> INF_set_foldr 5872 SUP_code ~> SUP_set_foldr 5873 foldr.simps ~> foldr.simps (in point-free formulation) 5874 foldr_fold_rev ~> foldr_conv_fold 5875 foldl_fold ~> foldl_conv_fold 5876 foldr_foldr ~> foldr_conv_foldl 5877 foldl_foldr ~> foldl_conv_foldr 5878 fold_set_remdups ~> fold_set_fold_remdups 5879 fold_set ~> fold_set_fold 5880 fold1_set ~> fold1_set_fold 5881 5882INCOMPATIBILITY. 5883 5884* Dropped rarely useful theorems concerning fold combinators: 5885foldl_apply, foldl_fun_comm, foldl_rev, fold_weak_invariant, 5886rev_foldl_cons, fold_set_remdups, fold_set, fold_set1, 5887concat_conv_foldl, foldl_weak_invariant, foldl_invariant, 5888foldr_invariant, foldl_absorb0, foldl_foldr1_lemma, foldl_foldr1, 5889listsum_conv_fold, listsum_foldl, sort_foldl_insort, foldl_assoc, 5890foldr_conv_foldl, start_le_sum, elem_le_sum, sum_eq_0_conv. 5891INCOMPATIBILITY. For the common phrases "%xs. List.foldr plus xs 0" 5892and "List.foldl plus 0", prefer "List.listsum". Otherwise it can be 5893useful to boil down "List.foldr" and "List.foldl" to "List.fold" by 5894unfolding "foldr_conv_fold" and "foldl_conv_fold". 5895 5896* Dropped lemmas minus_set_foldr, union_set_foldr, union_coset_foldr, 5897inter_coset_foldr, Inf_fin_set_foldr, Sup_fin_set_foldr, 5898Min_fin_set_foldr, Max_fin_set_foldr, Inf_set_foldr, Sup_set_foldr, 5899INF_set_foldr, SUP_set_foldr. INCOMPATIBILITY. Prefer corresponding 5900lemmas over fold rather than foldr, or make use of lemmas 5901fold_conv_foldr and fold_rev. 5902 5903* Congruence rules Option.map_cong and Option.bind_cong for recursion 5904through option types. 5905 5906* "Transitive_Closure.ntrancl": bounded transitive closure on 5907relations. 5908 5909* Constant "Set.not_member" now qualified. INCOMPATIBILITY. 5910 5911* Theory Int: Discontinued many legacy theorems specific to type int. 5912INCOMPATIBILITY, use the corresponding generic theorems instead. 5913 5914 zminus_zminus ~> minus_minus 5915 zminus_0 ~> minus_zero 5916 zminus_zadd_distrib ~> minus_add_distrib 5917 zadd_commute ~> add_commute 5918 zadd_assoc ~> add_assoc 5919 zadd_left_commute ~> add_left_commute 5920 zadd_ac ~> add_ac 5921 zmult_ac ~> mult_ac 5922 zadd_0 ~> add_0_left 5923 zadd_0_right ~> add_0_right 5924 zadd_zminus_inverse2 ~> left_minus 5925 zmult_zminus ~> mult_minus_left 5926 zmult_commute ~> mult_commute 5927 zmult_assoc ~> mult_assoc 5928 zadd_zmult_distrib ~> left_distrib 5929 zadd_zmult_distrib2 ~> right_distrib 5930 zdiff_zmult_distrib ~> left_diff_distrib 5931 zdiff_zmult_distrib2 ~> right_diff_distrib 5932 zmult_1 ~> mult_1_left 5933 zmult_1_right ~> mult_1_right 5934 zle_refl ~> order_refl 5935 zle_trans ~> order_trans 5936 zle_antisym ~> order_antisym 5937 zle_linear ~> linorder_linear 5938 zless_linear ~> linorder_less_linear 5939 zadd_left_mono ~> add_left_mono 5940 zadd_strict_right_mono ~> add_strict_right_mono 5941 zadd_zless_mono ~> add_less_le_mono 5942 int_0_less_1 ~> zero_less_one 5943 int_0_neq_1 ~> zero_neq_one 5944 zless_le ~> less_le 5945 zpower_zadd_distrib ~> power_add 5946 zero_less_zpower_abs_iff ~> zero_less_power_abs_iff 5947 zero_le_zpower_abs ~> zero_le_power_abs 5948 5949* Theory Deriv: Renamed 5950 5951 DERIV_nonneg_imp_nonincreasing ~> DERIV_nonneg_imp_nondecreasing 5952 5953* Theory Library/Multiset: Improved code generation of multisets. 5954 5955* Theory HOL/Library/Set_Algebras: Addition and multiplication on sets 5956are expressed via type classes again. The special syntax 5957\<oplus>/\<otimes> has been replaced by plain +/*. Removed constant 5958setsum_set, which is now subsumed by Big_Operators.setsum. 5959INCOMPATIBILITY. 5960 5961* Theory HOL/Library/Diagonalize has been removed. INCOMPATIBILITY, 5962use theory HOL/Library/Nat_Bijection instead. 5963 5964* Theory HOL/Library/RBT_Impl: Backing implementation of red-black 5965trees is now inside a type class context. Names of affected 5966operations and lemmas have been prefixed by rbt_. INCOMPATIBILITY for 5967theories working directly with raw red-black trees, adapt the names as 5968follows: 5969 5970 Operations: 5971 bulkload -> rbt_bulkload 5972 del_from_left -> rbt_del_from_left 5973 del_from_right -> rbt_del_from_right 5974 del -> rbt_del 5975 delete -> rbt_delete 5976 ins -> rbt_ins 5977 insert -> rbt_insert 5978 insertw -> rbt_insert_with 5979 insert_with_key -> rbt_insert_with_key 5980 map_entry -> rbt_map_entry 5981 lookup -> rbt_lookup 5982 sorted -> rbt_sorted 5983 tree_greater -> rbt_greater 5984 tree_less -> rbt_less 5985 tree_less_symbol -> rbt_less_symbol 5986 union -> rbt_union 5987 union_with -> rbt_union_with 5988 union_with_key -> rbt_union_with_key 5989 5990 Lemmas: 5991 balance_left_sorted -> balance_left_rbt_sorted 5992 balance_left_tree_greater -> balance_left_rbt_greater 5993 balance_left_tree_less -> balance_left_rbt_less 5994 balance_right_sorted -> balance_right_rbt_sorted 5995 balance_right_tree_greater -> balance_right_rbt_greater 5996 balance_right_tree_less -> balance_right_rbt_less 5997 balance_sorted -> balance_rbt_sorted 5998 balance_tree_greater -> balance_rbt_greater 5999 balance_tree_less -> balance_rbt_less 6000 bulkload_is_rbt -> rbt_bulkload_is_rbt 6001 combine_sorted -> combine_rbt_sorted 6002 combine_tree_greater -> combine_rbt_greater 6003 combine_tree_less -> combine_rbt_less 6004 delete_in_tree -> rbt_delete_in_tree 6005 delete_is_rbt -> rbt_delete_is_rbt 6006 del_from_left_tree_greater -> rbt_del_from_left_rbt_greater 6007 del_from_left_tree_less -> rbt_del_from_left_rbt_less 6008 del_from_right_tree_greater -> rbt_del_from_right_rbt_greater 6009 del_from_right_tree_less -> rbt_del_from_right_rbt_less 6010 del_in_tree -> rbt_del_in_tree 6011 del_inv1_inv2 -> rbt_del_inv1_inv2 6012 del_sorted -> rbt_del_rbt_sorted 6013 del_tree_greater -> rbt_del_rbt_greater 6014 del_tree_less -> rbt_del_rbt_less 6015 dom_lookup_Branch -> dom_rbt_lookup_Branch 6016 entries_lookup -> entries_rbt_lookup 6017 finite_dom_lookup -> finite_dom_rbt_lookup 6018 insert_sorted -> rbt_insert_rbt_sorted 6019 insertw_is_rbt -> rbt_insertw_is_rbt 6020 insertwk_is_rbt -> rbt_insertwk_is_rbt 6021 insertwk_sorted -> rbt_insertwk_rbt_sorted 6022 insertw_sorted -> rbt_insertw_rbt_sorted 6023 ins_sorted -> ins_rbt_sorted 6024 ins_tree_greater -> ins_rbt_greater 6025 ins_tree_less -> ins_rbt_less 6026 is_rbt_sorted -> is_rbt_rbt_sorted 6027 lookup_balance -> rbt_lookup_balance 6028 lookup_bulkload -> rbt_lookup_rbt_bulkload 6029 lookup_delete -> rbt_lookup_rbt_delete 6030 lookup_Empty -> rbt_lookup_Empty 6031 lookup_from_in_tree -> rbt_lookup_from_in_tree 6032 lookup_in_tree -> rbt_lookup_in_tree 6033 lookup_ins -> rbt_lookup_ins 6034 lookup_insert -> rbt_lookup_rbt_insert 6035 lookup_insertw -> rbt_lookup_rbt_insertw 6036 lookup_insertwk -> rbt_lookup_rbt_insertwk 6037 lookup_keys -> rbt_lookup_keys 6038 lookup_map -> rbt_lookup_map 6039 lookup_map_entry -> rbt_lookup_rbt_map_entry 6040 lookup_tree_greater -> rbt_lookup_rbt_greater 6041 lookup_tree_less -> rbt_lookup_rbt_less 6042 lookup_union -> rbt_lookup_rbt_union 6043 map_entry_color_of -> rbt_map_entry_color_of 6044 map_entry_inv1 -> rbt_map_entry_inv1 6045 map_entry_inv2 -> rbt_map_entry_inv2 6046 map_entry_is_rbt -> rbt_map_entry_is_rbt 6047 map_entry_sorted -> rbt_map_entry_rbt_sorted 6048 map_entry_tree_greater -> rbt_map_entry_rbt_greater 6049 map_entry_tree_less -> rbt_map_entry_rbt_less 6050 map_tree_greater -> map_rbt_greater 6051 map_tree_less -> map_rbt_less 6052 map_sorted -> map_rbt_sorted 6053 paint_sorted -> paint_rbt_sorted 6054 paint_lookup -> paint_rbt_lookup 6055 paint_tree_greater -> paint_rbt_greater 6056 paint_tree_less -> paint_rbt_less 6057 sorted_entries -> rbt_sorted_entries 6058 tree_greater_eq_trans -> rbt_greater_eq_trans 6059 tree_greater_nit -> rbt_greater_nit 6060 tree_greater_prop -> rbt_greater_prop 6061 tree_greater_simps -> rbt_greater_simps 6062 tree_greater_trans -> rbt_greater_trans 6063 tree_less_eq_trans -> rbt_less_eq_trans 6064 tree_less_nit -> rbt_less_nit 6065 tree_less_prop -> rbt_less_prop 6066 tree_less_simps -> rbt_less_simps 6067 tree_less_trans -> rbt_less_trans 6068 tree_ord_props -> rbt_ord_props 6069 union_Branch -> rbt_union_Branch 6070 union_is_rbt -> rbt_union_is_rbt 6071 unionw_is_rbt -> rbt_unionw_is_rbt 6072 unionwk_is_rbt -> rbt_unionwk_is_rbt 6073 unionwk_sorted -> rbt_unionwk_rbt_sorted 6074 6075* Theory HOL/Library/Float: Floating point numbers are now defined as 6076a subset of the real numbers. All operations are defined using the 6077lifing-framework and proofs use the transfer method. INCOMPATIBILITY. 6078 6079 Changed Operations: 6080 float_abs -> abs 6081 float_nprt -> nprt 6082 float_pprt -> pprt 6083 pow2 -> use powr 6084 round_down -> float_round_down 6085 round_up -> float_round_up 6086 scale -> exponent 6087 6088 Removed Operations: 6089 ceiling_fl, lb_mult, lb_mod, ub_mult, ub_mod 6090 6091 Renamed Lemmas: 6092 abs_float_def -> Float.compute_float_abs 6093 bitlen_ge0 -> bitlen_nonneg 6094 bitlen.simps -> Float.compute_bitlen 6095 float_components -> Float_mantissa_exponent 6096 float_divl.simps -> Float.compute_float_divl 6097 float_divr.simps -> Float.compute_float_divr 6098 float_eq_odd -> mult_powr_eq_mult_powr_iff 6099 float_power -> real_of_float_power 6100 lapprox_posrat_def -> Float.compute_lapprox_posrat 6101 lapprox_rat.simps -> Float.compute_lapprox_rat 6102 le_float_def' -> Float.compute_float_le 6103 le_float_def -> less_eq_float.rep_eq 6104 less_float_def' -> Float.compute_float_less 6105 less_float_def -> less_float.rep_eq 6106 normfloat_def -> Float.compute_normfloat 6107 normfloat_imp_odd_or_zero -> mantissa_not_dvd and mantissa_noteq_0 6108 normfloat -> normfloat_def 6109 normfloat_unique -> use normfloat_def 6110 number_of_float_Float -> Float.compute_float_numeral, Float.compute_float_neg_numeral 6111 one_float_def -> Float.compute_float_one 6112 plus_float_def -> Float.compute_float_plus 6113 rapprox_posrat_def -> Float.compute_rapprox_posrat 6114 rapprox_rat.simps -> Float.compute_rapprox_rat 6115 real_of_float_0 -> zero_float.rep_eq 6116 real_of_float_1 -> one_float.rep_eq 6117 real_of_float_abs -> abs_float.rep_eq 6118 real_of_float_add -> plus_float.rep_eq 6119 real_of_float_minus -> uminus_float.rep_eq 6120 real_of_float_mult -> times_float.rep_eq 6121 real_of_float_simp -> Float.rep_eq 6122 real_of_float_sub -> minus_float.rep_eq 6123 round_down.simps -> Float.compute_float_round_down 6124 round_up.simps -> Float.compute_float_round_up 6125 times_float_def -> Float.compute_float_times 6126 uminus_float_def -> Float.compute_float_uminus 6127 zero_float_def -> Float.compute_float_zero 6128 6129 Lemmas not necessary anymore, use the transfer method: 6130 bitlen_B0, bitlen_B1, bitlen_ge1, bitlen_Min, bitlen_Pls, float_divl, 6131 float_divr, float_le_simp, float_less1_mantissa_bound, 6132 float_less_simp, float_less_zero, float_le_zero, 6133 float_pos_less1_e_neg, float_pos_m_pos, float_split, float_split2, 6134 floor_pos_exp, lapprox_posrat, lapprox_posrat_bottom, lapprox_rat, 6135 lapprox_rat_bottom, normalized_float, rapprox_posrat, 6136 rapprox_posrat_le1, rapprox_rat, real_of_float_ge0_exp, 6137 real_of_float_neg_exp, real_of_float_nge0_exp, round_down floor_fl, 6138 round_up, zero_le_float, zero_less_float 6139 6140* New theory HOL/Library/DAList provides an abstract type for 6141association lists with distinct keys. 6142 6143* Session HOL/IMP: Added new theory of abstract interpretation of 6144annotated commands. 6145 6146* Session HOL-Import: Re-implementation from scratch is faster, 6147simpler, and more scalable. Requires a proof bundle, which is 6148available as an external component. Discontinued old (and mostly 6149dead) Importer for HOL4 and HOL Light. INCOMPATIBILITY. 6150 6151* Session HOL-Word: Discontinued many redundant theorems specific to 6152type 'a word. INCOMPATIBILITY, use the corresponding generic theorems 6153instead. 6154 6155 word_sub_alt ~> word_sub_wi 6156 word_add_alt ~> word_add_def 6157 word_mult_alt ~> word_mult_def 6158 word_minus_alt ~> word_minus_def 6159 word_0_alt ~> word_0_wi 6160 word_1_alt ~> word_1_wi 6161 word_add_0 ~> add_0_left 6162 word_add_0_right ~> add_0_right 6163 word_mult_1 ~> mult_1_left 6164 word_mult_1_right ~> mult_1_right 6165 word_add_commute ~> add_commute 6166 word_add_assoc ~> add_assoc 6167 word_add_left_commute ~> add_left_commute 6168 word_mult_commute ~> mult_commute 6169 word_mult_assoc ~> mult_assoc 6170 word_mult_left_commute ~> mult_left_commute 6171 word_left_distrib ~> left_distrib 6172 word_right_distrib ~> right_distrib 6173 word_left_minus ~> left_minus 6174 word_diff_0_right ~> diff_0_right 6175 word_diff_self ~> diff_self 6176 word_sub_def ~> diff_minus 6177 word_diff_minus ~> diff_minus 6178 word_add_ac ~> add_ac 6179 word_mult_ac ~> mult_ac 6180 word_plus_ac0 ~> add_0_left add_0_right add_ac 6181 word_times_ac1 ~> mult_1_left mult_1_right mult_ac 6182 word_order_trans ~> order_trans 6183 word_order_refl ~> order_refl 6184 word_order_antisym ~> order_antisym 6185 word_order_linear ~> linorder_linear 6186 lenw1_zero_neq_one ~> zero_neq_one 6187 word_number_of_eq ~> number_of_eq 6188 word_of_int_add_hom ~> wi_hom_add 6189 word_of_int_sub_hom ~> wi_hom_sub 6190 word_of_int_mult_hom ~> wi_hom_mult 6191 word_of_int_minus_hom ~> wi_hom_neg 6192 word_of_int_succ_hom ~> wi_hom_succ 6193 word_of_int_pred_hom ~> wi_hom_pred 6194 word_of_int_0_hom ~> word_0_wi 6195 word_of_int_1_hom ~> word_1_wi 6196 6197* Session HOL-Word: New proof method "word_bitwise" for splitting 6198machine word equalities and inequalities into logical circuits, 6199defined in HOL/Word/WordBitwise.thy. Supports addition, subtraction, 6200multiplication, shifting by constants, bitwise operators and numeric 6201constants. Requires fixed-length word types, not 'a word. Solves 6202many standard word identities outright and converts more into first 6203order problems amenable to blast or similar. See also examples in 6204HOL/Word/Examples/WordExamples.thy. 6205 6206* Session HOL-Probability: Introduced the type "'a measure" to 6207represent measures, this replaces the records 'a algebra and 'a 6208measure_space. The locales based on subset_class now have two 6209locale-parameters the space \<Omega> and the set of measurable sets M. 6210The product of probability spaces uses now the same constant as the 6211finite product of sigma-finite measure spaces "PiM :: ('i => 'a) 6212measure". Most constants are defined now outside of locales and gain 6213an additional parameter, like null_sets, almost_eventually or \<mu>'. 6214Measure space constructions for distributions and densities now got 6215their own constants distr and density. Instead of using locales to 6216describe measure spaces with a finite space, the measure count_space 6217and point_measure is introduced. INCOMPATIBILITY. 6218 6219 Renamed constants: 6220 measure -> emeasure 6221 finite_measure.\<mu>' -> measure 6222 product_algebra_generator -> prod_algebra 6223 product_prob_space.emb -> prod_emb 6224 product_prob_space.infprod_algebra -> PiM 6225 6226 Removed locales: 6227 completeable_measure_space 6228 finite_measure_space 6229 finite_prob_space 6230 finite_product_finite_prob_space 6231 finite_product_sigma_algebra 6232 finite_sigma_algebra 6233 measure_space 6234 pair_finite_prob_space 6235 pair_finite_sigma_algebra 6236 pair_finite_space 6237 pair_sigma_algebra 6238 product_sigma_algebra 6239 6240 Removed constants: 6241 conditional_space 6242 distribution -> use distr measure, or distributed predicate 6243 image_space 6244 joint_distribution -> use distr measure, or distributed predicate 6245 pair_measure_generator 6246 product_prob_space.infprod_algebra -> use PiM 6247 subvimage 6248 6249 Replacement theorems: 6250 finite_additivity_sufficient -> ring_of_sets.countably_additiveI_finite 6251 finite_measure.empty_measure -> measure_empty 6252 finite_measure.finite_continuity_from_above -> finite_measure.finite_Lim_measure_decseq 6253 finite_measure.finite_continuity_from_below -> finite_measure.finite_Lim_measure_incseq 6254 finite_measure.finite_measure_countably_subadditive -> finite_measure.finite_measure_subadditive_countably 6255 finite_measure.finite_measure_eq -> finite_measure.emeasure_eq_measure 6256 finite_measure.finite_measure -> finite_measure.emeasure_finite 6257 finite_measure.finite_measure_finite_singleton -> finite_measure.finite_measure_eq_setsum_singleton 6258 finite_measure.positive_measure' -> measure_nonneg 6259 finite_measure.real_measure -> finite_measure.emeasure_real 6260 finite_product_prob_space.finite_measure_times -> finite_product_prob_space.finite_measure_PiM_emb 6261 finite_product_sigma_algebra.in_P -> sets_PiM_I_finite 6262 finite_product_sigma_algebra.P_empty -> space_PiM_empty, sets_PiM_empty 6263 information_space.conditional_entropy_eq -> information_space.conditional_entropy_simple_distributed 6264 information_space.conditional_entropy_positive -> information_space.conditional_entropy_nonneg_simple 6265 information_space.conditional_mutual_information_eq_mutual_information -> information_space.conditional_mutual_information_eq_mutual_information_simple 6266 information_space.conditional_mutual_information_generic_positive -> information_space.conditional_mutual_information_nonneg_simple 6267 information_space.conditional_mutual_information_positive -> information_space.conditional_mutual_information_nonneg_simple 6268 information_space.entropy_commute -> information_space.entropy_commute_simple 6269 information_space.entropy_eq -> information_space.entropy_simple_distributed 6270 information_space.entropy_generic_eq -> information_space.entropy_simple_distributed 6271 information_space.entropy_positive -> information_space.entropy_nonneg_simple 6272 information_space.entropy_uniform_max -> information_space.entropy_uniform 6273 information_space.KL_eq_0_imp -> information_space.KL_eq_0_iff_eq 6274 information_space.KL_eq_0 -> information_space.KL_same_eq_0 6275 information_space.KL_ge_0 -> information_space.KL_nonneg 6276 information_space.mutual_information_eq -> information_space.mutual_information_simple_distributed 6277 information_space.mutual_information_positive -> information_space.mutual_information_nonneg_simple 6278 Int_stable_cuboids -> Int_stable_atLeastAtMost 6279 Int_stable_product_algebra_generator -> positive_integral 6280 measure_preserving -> equality "distr M N f = N" "f : measurable M N" 6281 measure_space.additive -> emeasure_additive 6282 measure_space.AE_iff_null_set -> AE_iff_null 6283 measure_space.almost_everywhere_def -> eventually_ae_filter 6284 measure_space.almost_everywhere_vimage -> AE_distrD 6285 measure_space.continuity_from_above -> INF_emeasure_decseq 6286 measure_space.continuity_from_above_Lim -> Lim_emeasure_decseq 6287 measure_space.continuity_from_below_Lim -> Lim_emeasure_incseq 6288 measure_space.continuity_from_below -> SUP_emeasure_incseq 6289 measure_space_density -> emeasure_density 6290 measure_space.density_is_absolutely_continuous -> absolutely_continuousI_density 6291 measure_space.integrable_vimage -> integrable_distr 6292 measure_space.integral_translated_density -> integral_density 6293 measure_space.integral_vimage -> integral_distr 6294 measure_space.measure_additive -> plus_emeasure 6295 measure_space.measure_compl -> emeasure_compl 6296 measure_space.measure_countable_increasing -> emeasure_countable_increasing 6297 measure_space.measure_countably_subadditive -> emeasure_subadditive_countably 6298 measure_space.measure_decseq -> decseq_emeasure 6299 measure_space.measure_Diff -> emeasure_Diff 6300 measure_space.measure_Diff_null_set -> emeasure_Diff_null_set 6301 measure_space.measure_eq_0 -> emeasure_eq_0 6302 measure_space.measure_finitely_subadditive -> emeasure_subadditive_finite 6303 measure_space.measure_finite_singleton -> emeasure_eq_setsum_singleton 6304 measure_space.measure_incseq -> incseq_emeasure 6305 measure_space.measure_insert -> emeasure_insert 6306 measure_space.measure_mono -> emeasure_mono 6307 measure_space.measure_not_negative -> emeasure_not_MInf 6308 measure_space.measure_preserving_Int_stable -> measure_eqI_generator_eq 6309 measure_space.measure_setsum -> setsum_emeasure 6310 measure_space.measure_setsum_split -> setsum_emeasure_cover 6311 measure_space.measure_space_vimage -> emeasure_distr 6312 measure_space.measure_subadditive_finite -> emeasure_subadditive_finite 6313 measure_space.measure_subadditive -> subadditive 6314 measure_space.measure_top -> emeasure_space 6315 measure_space.measure_UN_eq_0 -> emeasure_UN_eq_0 6316 measure_space.measure_Un_null_set -> emeasure_Un_null_set 6317 measure_space.positive_integral_translated_density -> positive_integral_density 6318 measure_space.positive_integral_vimage -> positive_integral_distr 6319 measure_space.real_continuity_from_above -> Lim_measure_decseq 6320 measure_space.real_continuity_from_below -> Lim_measure_incseq 6321 measure_space.real_measure_countably_subadditive -> measure_subadditive_countably 6322 measure_space.real_measure_Diff -> measure_Diff 6323 measure_space.real_measure_finite_Union -> measure_finite_Union 6324 measure_space.real_measure_setsum_singleton -> measure_eq_setsum_singleton 6325 measure_space.real_measure_subadditive -> measure_subadditive 6326 measure_space.real_measure_Union -> measure_Union 6327 measure_space.real_measure_UNION -> measure_UNION 6328 measure_space.simple_function_vimage -> simple_function_comp 6329 measure_space.simple_integral_vimage -> simple_integral_distr 6330 measure_space.simple_integral_vimage -> simple_integral_distr 6331 measure_unique_Int_stable -> measure_eqI_generator_eq 6332 measure_unique_Int_stable_vimage -> measure_eqI_generator_eq 6333 pair_sigma_algebra.measurable_cut_fst -> sets_Pair1 6334 pair_sigma_algebra.measurable_cut_snd -> sets_Pair2 6335 pair_sigma_algebra.measurable_pair_image_fst -> measurable_Pair1 6336 pair_sigma_algebra.measurable_pair_image_snd -> measurable_Pair2 6337 pair_sigma_algebra.measurable_product_swap -> measurable_pair_swap_iff 6338 pair_sigma_algebra.pair_sigma_algebra_measurable -> measurable_pair_swap 6339 pair_sigma_algebra.pair_sigma_algebra_swap_measurable -> measurable_pair_swap' 6340 pair_sigma_algebra.sets_swap -> sets_pair_swap 6341 pair_sigma_finite.measure_cut_measurable_fst -> pair_sigma_finite.measurable_emeasure_Pair1 6342 pair_sigma_finite.measure_cut_measurable_snd -> pair_sigma_finite.measurable_emeasure_Pair2 6343 pair_sigma_finite.measure_preserving_swap -> pair_sigma_finite.distr_pair_swap 6344 pair_sigma_finite.pair_measure_alt2 -> pair_sigma_finite.emeasure_pair_measure_alt2 6345 pair_sigma_finite.pair_measure_alt -> pair_sigma_finite.emeasure_pair_measure_alt 6346 pair_sigma_finite.pair_measure_times -> pair_sigma_finite.emeasure_pair_measure_Times 6347 prob_space.indep_distribution_eq_measure -> prob_space.indep_vars_iff_distr_eq_PiM 6348 prob_space.indep_var_distributionD -> prob_space.indep_var_distribution_eq 6349 prob_space.measure_space_1 -> prob_space.emeasure_space_1 6350 prob_space.prob_space_vimage -> prob_space_distr 6351 prob_space.random_variable_restrict -> measurable_restrict 6352 prob_space_unique_Int_stable -> measure_eqI_prob_space 6353 product_algebraE -> prod_algebraE_all 6354 product_algebra_generator_der -> prod_algebra_eq_finite 6355 product_algebra_generator_into_space -> prod_algebra_sets_into_space 6356 product_algebraI -> sets_PiM_I_finite 6357 product_measure_exists -> product_sigma_finite.sigma_finite 6358 product_prob_space.finite_index_eq_finite_product -> product_prob_space.sets_PiM_generator 6359 product_prob_space.finite_measure_infprod_emb_Pi -> product_prob_space.measure_PiM_emb 6360 product_prob_space.infprod_spec -> product_prob_space.emeasure_PiM_emb_not_empty 6361 product_prob_space.measurable_component -> measurable_component_singleton 6362 product_prob_space.measurable_emb -> measurable_prod_emb 6363 product_prob_space.measurable_into_infprod_algebra -> measurable_PiM_single 6364 product_prob_space.measurable_singleton_infprod -> measurable_component_singleton 6365 product_prob_space.measure_emb -> emeasure_prod_emb 6366 product_prob_space.measure_preserving_restrict -> product_prob_space.distr_restrict 6367 product_sigma_algebra.product_algebra_into_space -> space_closed 6368 product_sigma_finite.measure_fold -> product_sigma_finite.distr_merge 6369 product_sigma_finite.measure_preserving_component_singelton -> product_sigma_finite.distr_singleton 6370 product_sigma_finite.measure_preserving_merge -> product_sigma_finite.distr_merge 6371 sequence_space.measure_infprod -> sequence_space.measure_PiM_countable 6372 sets_product_algebra -> sets_PiM 6373 sigma_algebra.measurable_sigma -> measurable_measure_of 6374 sigma_finite_measure.disjoint_sigma_finite -> sigma_finite_disjoint 6375 sigma_finite_measure.RN_deriv_vimage -> sigma_finite_measure.RN_deriv_distr 6376 sigma_product_algebra_sigma_eq -> sigma_prod_algebra_sigma_eq 6377 space_product_algebra -> space_PiM 6378 6379* Session HOL-TPTP: support to parse and import TPTP problems (all 6380languages) into Isabelle/HOL. 6381 6382 6383*** FOL *** 6384 6385* New "case_product" attribute (see HOL). 6386 6387 6388*** ZF *** 6389 6390* Greater support for structured proofs involving induction or case 6391analysis. 6392 6393* Much greater use of mathematical symbols. 6394 6395* Removal of many ML theorem bindings. INCOMPATIBILITY. 6396 6397 6398*** ML *** 6399 6400* Antiquotation @{keyword "name"} produces a parser for outer syntax 6401from a minor keyword introduced via theory header declaration. 6402 6403* Antiquotation @{command_spec "name"} produces the 6404Outer_Syntax.command_spec from a major keyword introduced via theory 6405header declaration; it can be passed to Outer_Syntax.command etc. 6406 6407* Local_Theory.define no longer hard-wires default theorem name 6408"foo_def", but retains the binding as given. If that is Binding.empty 6409/ Attrib.empty_binding, the result is not registered as user-level 6410fact. The Local_Theory.define_internal variant allows to specify a 6411non-empty name (used for the foundation in the background theory), 6412while omitting the fact binding in the user-context. Potential 6413INCOMPATIBILITY for derived definitional packages: need to specify 6414naming policy for primitive definitions more explicitly. 6415 6416* Renamed Thm.capply to Thm.apply, and Thm.cabs to Thm.lambda in 6417conformance with similar operations in structure Term and Logic. 6418 6419* Antiquotation @{attributes [...]} embeds attribute source 6420representation into the ML text, which is particularly useful with 6421declarations like Local_Theory.note. 6422 6423* Structure Proof_Context follows standard naming scheme. Old 6424ProofContext has been discontinued. INCOMPATIBILITY. 6425 6426* Refined Local_Theory.declaration {syntax, pervasive}, with subtle 6427change of semantics: update is applied to auxiliary local theory 6428context as well. 6429 6430* Modernized some old-style infix operations: 6431 6432 addeqcongs ~> Simplifier.add_eqcong 6433 deleqcongs ~> Simplifier.del_eqcong 6434 addcongs ~> Simplifier.add_cong 6435 delcongs ~> Simplifier.del_cong 6436 setmksimps ~> Simplifier.set_mksimps 6437 setmkcong ~> Simplifier.set_mkcong 6438 setmksym ~> Simplifier.set_mksym 6439 setmkeqTrue ~> Simplifier.set_mkeqTrue 6440 settermless ~> Simplifier.set_termless 6441 setsubgoaler ~> Simplifier.set_subgoaler 6442 addsplits ~> Splitter.add_split 6443 delsplits ~> Splitter.del_split 6444 6445 6446*** System *** 6447 6448* USER_HOME settings variable points to cross-platform user home 6449directory, which coincides with HOME on POSIX systems only. Likewise, 6450the Isabelle path specification "~" now expands to $USER_HOME, instead 6451of former $HOME. A different default for USER_HOME may be set 6452explicitly in shell environment, before Isabelle settings are 6453evaluated. Minor INCOMPATIBILITY: need to adapt Isabelle path where 6454the generic user home was intended. 6455 6456* ISABELLE_HOME_WINDOWS refers to ISABELLE_HOME in windows file name 6457notation, which is useful for the jEdit file browser, for example. 6458 6459* ISABELLE_JDK_HOME settings variable points to JDK with javac and jar 6460(not just JRE). 6461 6462 6463 6464New in Isabelle2011-1 (October 2011) 6465------------------------------------ 6466 6467*** General *** 6468 6469* Improved Isabelle/jEdit Prover IDE (PIDE), which can be invoked as 6470"isabelle jedit" or "ISABELLE_HOME/Isabelle" on the command line. 6471 6472 - Management of multiple theory files directly from the editor 6473 buffer store -- bypassing the file-system (no requirement to save 6474 files for checking). 6475 6476 - Markup of formal entities within the text buffer, with semantic 6477 highlighting, tooltips and hyperlinks to jump to defining source 6478 positions. 6479 6480 - Improved text rendering, with sub/superscripts in the source 6481 buffer (including support for copy/paste wrt. output panel, HTML 6482 theory output and other non-Isabelle text boxes). 6483 6484 - Refined scheduling of proof checking and printing of results, 6485 based on interactive editor view. (Note: jEdit folding and 6486 narrowing allows to restrict buffer perspectives explicitly.) 6487 6488 - Reduced CPU performance requirements, usable on machines with few 6489 cores. 6490 6491 - Reduced memory requirements due to pruning of unused document 6492 versions (garbage collection). 6493 6494See also ~~/src/Tools/jEdit/README.html for further information, 6495including some remaining limitations. 6496 6497* Theory loader: source files are exclusively located via the master 6498directory of each theory node (where the .thy file itself resides). 6499The global load path (such as src/HOL/Library) has been discontinued. 6500Note that the path element ~~ may be used to reference theories in the 6501Isabelle home folder -- for instance, "~~/src/HOL/Library/FuncSet". 6502INCOMPATIBILITY. 6503 6504* Theory loader: source files are identified by content via SHA1 6505digests. Discontinued former path/modtime identification and optional 6506ISABELLE_FILE_IDENT plugin scripts. 6507 6508* Parallelization of nested Isar proofs is subject to 6509Goal.parallel_proofs_threshold (default 100). See also isabelle 6510usedir option -Q. 6511 6512* Name space: former unsynchronized references are now proper 6513configuration options, with more conventional names: 6514 6515 long_names ~> names_long 6516 short_names ~> names_short 6517 unique_names ~> names_unique 6518 6519Minor INCOMPATIBILITY, need to declare options in context like this: 6520 6521 declare [[names_unique = false]] 6522 6523* Literal facts `prop` may contain dummy patterns, e.g. `_ = _`. Note 6524that the result needs to be unique, which means fact specifications 6525may have to be refined after enriching a proof context. 6526 6527* Attribute "case_names" has been refined: the assumptions in each case 6528can be named now by following the case name with [name1 name2 ...]. 6529 6530* Isabelle/Isar reference manual has been updated and extended: 6531 - "Synopsis" provides a catalog of main Isar language concepts. 6532 - Formal references in syntax diagrams, via @{rail} antiquotation. 6533 - Updated material from classic "ref" manual, notably about 6534 "Classical Reasoner". 6535 6536 6537*** HOL *** 6538 6539* Class bot and top require underlying partial order rather than 6540preorder: uniqueness of bot and top is guaranteed. INCOMPATIBILITY. 6541 6542* Class complete_lattice: generalized a couple of lemmas from sets; 6543generalized theorems INF_cong and SUP_cong. New type classes for 6544complete boolean algebras and complete linear orders. Lemmas 6545Inf_less_iff, less_Sup_iff, INF_less_iff, less_SUP_iff now reside in 6546class complete_linorder. 6547 6548Changed proposition of lemmas Inf_bool_def, Sup_bool_def, Inf_fun_def, 6549Sup_fun_def, Inf_apply, Sup_apply. 6550 6551Removed redundant lemmas (the right hand side gives hints how to 6552replace them for (metis ...), or (simp only: ...) proofs): 6553 6554 Inf_singleton ~> Inf_insert [where A="{}", unfolded Inf_empty inf_top_right] 6555 Sup_singleton ~> Sup_insert [where A="{}", unfolded Sup_empty sup_bot_right] 6556 Inf_binary ~> Inf_insert, Inf_empty, and inf_top_right 6557 Sup_binary ~> Sup_insert, Sup_empty, and sup_bot_right 6558 Int_eq_Inter ~> Inf_insert, Inf_empty, and inf_top_right 6559 Un_eq_Union ~> Sup_insert, Sup_empty, and sup_bot_right 6560 Inter_def ~> INF_def, image_def 6561 Union_def ~> SUP_def, image_def 6562 INT_eq ~> INF_def, and image_def 6563 UN_eq ~> SUP_def, and image_def 6564 INF_subset ~> INF_superset_mono [OF _ order_refl] 6565 6566More consistent and comprehensive names: 6567 6568 INTER_eq_Inter_image ~> INF_def 6569 UNION_eq_Union_image ~> SUP_def 6570 INFI_def ~> INF_def 6571 SUPR_def ~> SUP_def 6572 INF_leI ~> INF_lower 6573 INF_leI2 ~> INF_lower2 6574 le_INFI ~> INF_greatest 6575 le_SUPI ~> SUP_upper 6576 le_SUPI2 ~> SUP_upper2 6577 SUP_leI ~> SUP_least 6578 INFI_bool_eq ~> INF_bool_eq 6579 SUPR_bool_eq ~> SUP_bool_eq 6580 INFI_apply ~> INF_apply 6581 SUPR_apply ~> SUP_apply 6582 INTER_def ~> INTER_eq 6583 UNION_def ~> UNION_eq 6584 6585INCOMPATIBILITY. 6586 6587* Renamed theory Complete_Lattice to Complete_Lattices. 6588INCOMPATIBILITY. 6589 6590* Theory Complete_Lattices: lemmas Inf_eq_top_iff, INF_eq_top_iff, 6591INF_image, Inf_insert, INF_top, Inf_top_conv, INF_top_conv, SUP_bot, 6592Sup_bot_conv, SUP_bot_conv, Sup_eq_top_iff, SUP_eq_top_iff, SUP_image, 6593Sup_insert are now declared as [simp]. INCOMPATIBILITY. 6594 6595* Theory Lattice: lemmas compl_inf_bot, compl_le_comp_iff, 6596compl_sup_top, inf_idem, inf_left_idem, inf_sup_absorb, sup_idem, 6597sup_inf_absob, sup_left_idem are now declared as [simp]. Minor 6598INCOMPATIBILITY. 6599 6600* Added syntactic classes "inf" and "sup" for the respective 6601constants. INCOMPATIBILITY: Changes in the argument order of the 6602(mostly internal) locale predicates for some derived classes. 6603 6604* Theorem collections ball_simps and bex_simps do not contain theorems 6605referring to UNION any longer; these have been moved to collection 6606UN_ball_bex_simps. INCOMPATIBILITY. 6607 6608* Theory Archimedean_Field: floor now is defined as parameter of a 6609separate type class floor_ceiling. 6610 6611* Theory Finite_Set: more coherent development of fold_set locales: 6612 6613 locale fun_left_comm ~> locale comp_fun_commute 6614 locale fun_left_comm_idem ~> locale comp_fun_idem 6615 6616Both use point-free characterization; interpretation proofs may need 6617adjustment. INCOMPATIBILITY. 6618 6619* Theory Limits: Type "'a net" has been renamed to "'a filter", in 6620accordance with standard mathematical terminology. INCOMPATIBILITY. 6621 6622* Theory Complex_Main: The locale interpretations for the 6623bounded_linear and bounded_bilinear locales have been removed, in 6624order to reduce the number of duplicate lemmas. Users must use the 6625original names for distributivity theorems, potential INCOMPATIBILITY. 6626 6627 divide.add ~> add_divide_distrib 6628 divide.diff ~> diff_divide_distrib 6629 divide.setsum ~> setsum_divide_distrib 6630 mult.add_right ~> right_distrib 6631 mult.diff_right ~> right_diff_distrib 6632 mult_right.setsum ~> setsum_right_distrib 6633 mult_left.diff ~> left_diff_distrib 6634 6635* Theory Complex_Main: Several redundant theorems have been removed or 6636replaced by more general versions. INCOMPATIBILITY. 6637 6638 real_diff_def ~> minus_real_def 6639 real_divide_def ~> divide_real_def 6640 real_less_def ~> less_le 6641 real_abs_def ~> abs_real_def 6642 real_sgn_def ~> sgn_real_def 6643 real_mult_commute ~> mult_commute 6644 real_mult_assoc ~> mult_assoc 6645 real_mult_1 ~> mult_1_left 6646 real_add_mult_distrib ~> left_distrib 6647 real_zero_not_eq_one ~> zero_neq_one 6648 real_mult_inverse_left ~> left_inverse 6649 INVERSE_ZERO ~> inverse_zero 6650 real_le_refl ~> order_refl 6651 real_le_antisym ~> order_antisym 6652 real_le_trans ~> order_trans 6653 real_le_linear ~> linear 6654 real_le_eq_diff ~> le_iff_diff_le_0 6655 real_add_left_mono ~> add_left_mono 6656 real_mult_order ~> mult_pos_pos 6657 real_mult_less_mono2 ~> mult_strict_left_mono 6658 real_of_int_real_of_nat ~> real_of_int_of_nat_eq 6659 real_0_le_divide_iff ~> zero_le_divide_iff 6660 realpow_two_disj ~> power2_eq_iff 6661 real_squared_diff_one_factored ~> square_diff_one_factored 6662 realpow_two_diff ~> square_diff_square_factored 6663 reals_complete2 ~> complete_real 6664 real_sum_squared_expand ~> power2_sum 6665 exp_ln_eq ~> ln_unique 6666 expi_add ~> exp_add 6667 expi_zero ~> exp_zero 6668 lemma_DERIV_subst ~> DERIV_cong 6669 LIMSEQ_Zfun_iff ~> tendsto_Zfun_iff 6670 LIMSEQ_const ~> tendsto_const 6671 LIMSEQ_norm ~> tendsto_norm 6672 LIMSEQ_add ~> tendsto_add 6673 LIMSEQ_minus ~> tendsto_minus 6674 LIMSEQ_minus_cancel ~> tendsto_minus_cancel 6675 LIMSEQ_diff ~> tendsto_diff 6676 bounded_linear.LIMSEQ ~> bounded_linear.tendsto 6677 bounded_bilinear.LIMSEQ ~> bounded_bilinear.tendsto 6678 LIMSEQ_mult ~> tendsto_mult 6679 LIMSEQ_inverse ~> tendsto_inverse 6680 LIMSEQ_divide ~> tendsto_divide 6681 LIMSEQ_pow ~> tendsto_power 6682 LIMSEQ_setsum ~> tendsto_setsum 6683 LIMSEQ_setprod ~> tendsto_setprod 6684 LIMSEQ_norm_zero ~> tendsto_norm_zero_iff 6685 LIMSEQ_rabs_zero ~> tendsto_rabs_zero_iff 6686 LIMSEQ_imp_rabs ~> tendsto_rabs 6687 LIMSEQ_add_minus ~> tendsto_add [OF _ tendsto_minus] 6688 LIMSEQ_add_const ~> tendsto_add [OF _ tendsto_const] 6689 LIMSEQ_diff_const ~> tendsto_diff [OF _ tendsto_const] 6690 LIMSEQ_Complex ~> tendsto_Complex 6691 LIM_ident ~> tendsto_ident_at 6692 LIM_const ~> tendsto_const 6693 LIM_add ~> tendsto_add 6694 LIM_add_zero ~> tendsto_add_zero 6695 LIM_minus ~> tendsto_minus 6696 LIM_diff ~> tendsto_diff 6697 LIM_norm ~> tendsto_norm 6698 LIM_norm_zero ~> tendsto_norm_zero 6699 LIM_norm_zero_cancel ~> tendsto_norm_zero_cancel 6700 LIM_norm_zero_iff ~> tendsto_norm_zero_iff 6701 LIM_rabs ~> tendsto_rabs 6702 LIM_rabs_zero ~> tendsto_rabs_zero 6703 LIM_rabs_zero_cancel ~> tendsto_rabs_zero_cancel 6704 LIM_rabs_zero_iff ~> tendsto_rabs_zero_iff 6705 LIM_compose ~> tendsto_compose 6706 LIM_mult ~> tendsto_mult 6707 LIM_scaleR ~> tendsto_scaleR 6708 LIM_of_real ~> tendsto_of_real 6709 LIM_power ~> tendsto_power 6710 LIM_inverse ~> tendsto_inverse 6711 LIM_sgn ~> tendsto_sgn 6712 isCont_LIM_compose ~> isCont_tendsto_compose 6713 bounded_linear.LIM ~> bounded_linear.tendsto 6714 bounded_linear.LIM_zero ~> bounded_linear.tendsto_zero 6715 bounded_bilinear.LIM ~> bounded_bilinear.tendsto 6716 bounded_bilinear.LIM_prod_zero ~> bounded_bilinear.tendsto_zero 6717 bounded_bilinear.LIM_left_zero ~> bounded_bilinear.tendsto_left_zero 6718 bounded_bilinear.LIM_right_zero ~> bounded_bilinear.tendsto_right_zero 6719 LIM_inverse_fun ~> tendsto_inverse [OF tendsto_ident_at] 6720 6721* Theory Complex_Main: The definition of infinite series was 6722generalized. Now it is defined on the type class {topological_space, 6723comm_monoid_add}. Hence it is useable also for extended real numbers. 6724 6725* Theory Complex_Main: The complex exponential function "expi" is now 6726a type-constrained abbreviation for "exp :: complex => complex"; thus 6727several polymorphic lemmas about "exp" are now applicable to "expi". 6728 6729* Code generation: 6730 6731 - Theory Library/Code_Char_ord provides native ordering of 6732 characters in the target language. 6733 6734 - Commands code_module and code_library are legacy, use export_code 6735 instead. 6736 6737 - Method "evaluation" is legacy, use method "eval" instead. 6738 6739 - Legacy evaluator "SML" is deactivated by default. May be 6740 reactivated by the following theory command: 6741 6742 setup {* Value.add_evaluator ("SML", Codegen.eval_term) *} 6743 6744* Declare ext [intro] by default. Rare INCOMPATIBILITY. 6745 6746* New proof method "induction" that gives induction hypotheses the 6747name "IH", thus distinguishing them from further hypotheses that come 6748from rule induction. The latter are still called "hyps". Method 6749"induction" is a thin wrapper around "induct" and follows the same 6750syntax. 6751 6752* Method "fastsimp" has been renamed to "fastforce", but "fastsimp" is 6753still available as a legacy feature for some time. 6754 6755* Nitpick: 6756 - Added "need" and "total_consts" options. 6757 - Reintroduced "show_skolems" option by popular demand. 6758 - Renamed attribute: nitpick_def ~> nitpick_unfold. 6759 INCOMPATIBILITY. 6760 6761* Sledgehammer: 6762 - Use quasi-sound (and efficient) translations by default. 6763 - Added support for the following provers: E-ToFoF, LEO-II, 6764 Satallax, SNARK, Waldmeister, and Z3 with TPTP syntax. 6765 - Automatically preplay and minimize proofs before showing them if 6766 this can be done within reasonable time. 6767 - sledgehammer available_provers ~> sledgehammer supported_provers. 6768 INCOMPATIBILITY. 6769 - Added "preplay_timeout", "slicing", "type_enc", "sound", 6770 "max_mono_iters", and "max_new_mono_instances" options. 6771 - Removed "explicit_apply" and "full_types" options as well as "Full 6772 Types" Proof General menu item. INCOMPATIBILITY. 6773 6774* Metis: 6775 - Removed "metisF" -- use "metis" instead. INCOMPATIBILITY. 6776 - Obsoleted "metisFT" -- use "metis (full_types)" instead. 6777 INCOMPATIBILITY. 6778 6779* Command 'try': 6780 - Renamed 'try_methods' and added "simp:", "intro:", "dest:", and 6781 "elim:" options. INCOMPATIBILITY. 6782 - Introduced 'try' that not only runs 'try_methods' but also 6783 'solve_direct', 'sledgehammer', 'quickcheck', and 'nitpick'. 6784 6785* Quickcheck: 6786 - Added "eval" option to evaluate terms for the found counterexample 6787 (currently only supported by the default (exhaustive) tester). 6788 - Added post-processing of terms to obtain readable counterexamples 6789 (currently only supported by the default (exhaustive) tester). 6790 - New counterexample generator quickcheck[narrowing] enables 6791 narrowing-based testing. Requires the Glasgow Haskell compiler 6792 with its installation location defined in the Isabelle settings 6793 environment as ISABELLE_GHC. 6794 - Removed quickcheck tester "SML" based on the SML code generator 6795 (formly in HOL/Library). 6796 6797* Function package: discontinued option "tailrec". INCOMPATIBILITY, 6798use 'partial_function' instead. 6799 6800* Theory Library/Extended_Reals replaces now the positive extended 6801reals found in probability theory. This file is extended by 6802Multivariate_Analysis/Extended_Real_Limits. 6803 6804* Theory Library/Old_Recdef: old 'recdef' package has been moved here, 6805from where it must be imported explicitly if it is really required. 6806INCOMPATIBILITY. 6807 6808* Theory Library/Wfrec: well-founded recursion combinator "wfrec" has 6809been moved here. INCOMPATIBILITY. 6810 6811* Theory Library/Saturated provides type of numbers with saturated 6812arithmetic. 6813 6814* Theory Library/Product_Lattice defines a pointwise ordering for the 6815product type 'a * 'b, and provides instance proofs for various order 6816and lattice type classes. 6817 6818* Theory Library/Countable now provides the "countable_datatype" proof 6819method for proving "countable" class instances for datatypes. 6820 6821* Theory Library/Cset_Monad allows do notation for computable sets 6822(cset) via the generic monad ad-hoc overloading facility. 6823 6824* Library: Theories of common data structures are split into theories 6825for implementation, an invariant-ensuring type, and connection to an 6826abstract type. INCOMPATIBILITY. 6827 6828 - RBT is split into RBT and RBT_Mapping. 6829 - AssocList is split and renamed into AList and AList_Mapping. 6830 - DList is split into DList_Impl, DList, and DList_Cset. 6831 - Cset is split into Cset and List_Cset. 6832 6833* Theory Library/Nat_Infinity has been renamed to 6834Library/Extended_Nat, with name changes of the following types and 6835constants: 6836 6837 type inat ~> type enat 6838 Fin ~> enat 6839 Infty ~> infinity (overloaded) 6840 iSuc ~> eSuc 6841 the_Fin ~> the_enat 6842 6843Every theorem name containing "inat", "Fin", "Infty", or "iSuc" has 6844been renamed accordingly. INCOMPATIBILITY. 6845 6846* Session Multivariate_Analysis: The euclidean_space type class now 6847fixes a constant "Basis :: 'a set" consisting of the standard 6848orthonormal basis for the type. Users now have the option of 6849quantifying over this set instead of using the "basis" function, e.g. 6850"ALL x:Basis. P x" vs "ALL i<DIM('a). P (basis i)". 6851 6852* Session Multivariate_Analysis: Type "('a, 'b) cart" has been renamed 6853to "('a, 'b) vec" (the syntax "'a ^ 'b" remains unaffected). Constants 6854"Cart_nth" and "Cart_lambda" have been respectively renamed to 6855"vec_nth" and "vec_lambda"; theorems mentioning those names have 6856changed to match. Definition theorems for overloaded constants now use 6857the standard "foo_vec_def" naming scheme. A few other theorems have 6858been renamed as follows (INCOMPATIBILITY): 6859 6860 Cart_eq ~> vec_eq_iff 6861 dist_nth_le_cart ~> dist_vec_nth_le 6862 tendsto_vector ~> vec_tendstoI 6863 Cauchy_vector ~> vec_CauchyI 6864 6865* Session Multivariate_Analysis: Several duplicate theorems have been 6866removed, and other theorems have been renamed or replaced with more 6867general versions. INCOMPATIBILITY. 6868 6869 finite_choice ~> finite_set_choice 6870 eventually_conjI ~> eventually_conj 6871 eventually_and ~> eventually_conj_iff 6872 eventually_false ~> eventually_False 6873 setsum_norm ~> norm_setsum 6874 Lim_sequentially ~> LIMSEQ_def 6875 Lim_ident_at ~> LIM_ident 6876 Lim_const ~> tendsto_const 6877 Lim_cmul ~> tendsto_scaleR [OF tendsto_const] 6878 Lim_neg ~> tendsto_minus 6879 Lim_add ~> tendsto_add 6880 Lim_sub ~> tendsto_diff 6881 Lim_mul ~> tendsto_scaleR 6882 Lim_vmul ~> tendsto_scaleR [OF _ tendsto_const] 6883 Lim_null_norm ~> tendsto_norm_zero_iff [symmetric] 6884 Lim_linear ~> bounded_linear.tendsto 6885 Lim_component ~> tendsto_euclidean_component 6886 Lim_component_cart ~> tendsto_vec_nth 6887 Lim_inner ~> tendsto_inner [OF tendsto_const] 6888 dot_lsum ~> inner_setsum_left 6889 dot_rsum ~> inner_setsum_right 6890 continuous_cmul ~> continuous_scaleR [OF continuous_const] 6891 continuous_neg ~> continuous_minus 6892 continuous_sub ~> continuous_diff 6893 continuous_vmul ~> continuous_scaleR [OF _ continuous_const] 6894 continuous_mul ~> continuous_scaleR 6895 continuous_inv ~> continuous_inverse 6896 continuous_at_within_inv ~> continuous_at_within_inverse 6897 continuous_at_inv ~> continuous_at_inverse 6898 continuous_at_norm ~> continuous_norm [OF continuous_at_id] 6899 continuous_at_infnorm ~> continuous_infnorm [OF continuous_at_id] 6900 continuous_at_component ~> continuous_component [OF continuous_at_id] 6901 continuous_on_neg ~> continuous_on_minus 6902 continuous_on_sub ~> continuous_on_diff 6903 continuous_on_cmul ~> continuous_on_scaleR [OF continuous_on_const] 6904 continuous_on_vmul ~> continuous_on_scaleR [OF _ continuous_on_const] 6905 continuous_on_mul ~> continuous_on_scaleR 6906 continuous_on_mul_real ~> continuous_on_mult 6907 continuous_on_inner ~> continuous_on_inner [OF continuous_on_const] 6908 continuous_on_norm ~> continuous_on_norm [OF continuous_on_id] 6909 continuous_on_inverse ~> continuous_on_inv 6910 uniformly_continuous_on_neg ~> uniformly_continuous_on_minus 6911 uniformly_continuous_on_sub ~> uniformly_continuous_on_diff 6912 subset_interior ~> interior_mono 6913 subset_closure ~> closure_mono 6914 closure_univ ~> closure_UNIV 6915 real_arch_lt ~> reals_Archimedean2 6916 real_arch ~> reals_Archimedean3 6917 real_abs_norm ~> abs_norm_cancel 6918 real_abs_sub_norm ~> norm_triangle_ineq3 6919 norm_cauchy_schwarz_abs ~> Cauchy_Schwarz_ineq2 6920 6921* Session HOL-Probability: 6922 - Caratheodory's extension lemma is now proved for ring_of_sets. 6923 - Infinite products of probability measures are now available. 6924 - Sigma closure is independent, if the generator is independent 6925 - Use extended reals instead of positive extended 6926 reals. INCOMPATIBILITY. 6927 6928* Session HOLCF: Discontinued legacy theorem names, INCOMPATIBILITY. 6929 6930 expand_fun_below ~> fun_below_iff 6931 below_fun_ext ~> fun_belowI 6932 expand_cfun_eq ~> cfun_eq_iff 6933 ext_cfun ~> cfun_eqI 6934 expand_cfun_below ~> cfun_below_iff 6935 below_cfun_ext ~> cfun_belowI 6936 monofun_fun_fun ~> fun_belowD 6937 monofun_fun_arg ~> monofunE 6938 monofun_lub_fun ~> adm_monofun [THEN admD] 6939 cont_lub_fun ~> adm_cont [THEN admD] 6940 cont2cont_Rep_CFun ~> cont2cont_APP 6941 cont_Rep_CFun_app ~> cont_APP_app 6942 cont_Rep_CFun_app_app ~> cont_APP_app_app 6943 cont_cfun_fun ~> cont_Rep_cfun1 [THEN contE] 6944 cont_cfun_arg ~> cont_Rep_cfun2 [THEN contE] 6945 contlub_cfun ~> lub_APP [symmetric] 6946 contlub_LAM ~> lub_LAM [symmetric] 6947 thelubI ~> lub_eqI 6948 UU_I ~> bottomI 6949 lift_distinct1 ~> lift.distinct(1) 6950 lift_distinct2 ~> lift.distinct(2) 6951 Def_not_UU ~> lift.distinct(2) 6952 Def_inject ~> lift.inject 6953 below_UU_iff ~> below_bottom_iff 6954 eq_UU_iff ~> eq_bottom_iff 6955 6956 6957*** Document preparation *** 6958 6959* Antiquotation @{rail} layouts railroad syntax diagrams, see also 6960isar-ref manual, both for description and actual application of the 6961same. 6962 6963* Antiquotation @{value} evaluates the given term and presents its 6964result. 6965 6966* Antiquotations: term style "isub" provides ad-hoc conversion of 6967variables x1, y23 into subscripted form x\<^isub>1, 6968y\<^isub>2\<^isub>3. 6969 6970* Predefined LaTeX macros for Isabelle symbols \<bind> and \<then> 6971(e.g. see ~~/src/HOL/Library/Monad_Syntax.thy). 6972 6973* Localized \isabellestyle switch can be used within blocks or groups 6974like this: 6975 6976 \isabellestyle{it} %preferred default 6977 {\isabellestylett @{text "typewriter stuff"}} 6978 6979* Discontinued special treatment of hard tabulators. Implicit 6980tab-width is now defined as 1. Potential INCOMPATIBILITY for visual 6981layouts. 6982 6983 6984*** ML *** 6985 6986* The inner syntax of sort/type/term/prop supports inlined YXML 6987representations within quoted string tokens. By encoding logical 6988entities via Term_XML (in ML or Scala) concrete syntax can be 6989bypassed, which is particularly useful for producing bits of text 6990under external program control. 6991 6992* Antiquotations for ML and document preparation are managed as theory 6993data, which requires explicit setup. 6994 6995* Isabelle_Process.is_active allows tools to check if the official 6996process wrapper is running (Isabelle/Scala/jEdit) or the old TTY loop 6997(better known as Proof General). 6998 6999* Structure Proof_Context follows standard naming scheme. Old 7000ProofContext is still available for some time as legacy alias. 7001 7002* Structure Timing provides various operations for timing; supersedes 7003former start_timing/end_timing etc. 7004 7005* Path.print is the official way to show file-system paths to users 7006(including quotes etc.). 7007 7008* Inner syntax: identifiers in parse trees of generic categories 7009"logic", "aprop", "idt" etc. carry position information (disguised as 7010type constraints). Occasional INCOMPATIBILITY with non-compliant 7011translations that choke on unexpected type constraints. Positions can 7012be stripped in ML translations via Syntax.strip_positions / 7013Syntax.strip_positions_ast, or via the syntax constant 7014"_strip_positions" within parse trees. As last resort, positions can 7015be disabled via the configuration option Syntax.positions, which is 7016called "syntax_positions" in Isar attribute syntax. 7017 7018* Discontinued special status of various ML structures that contribute 7019to structure Syntax (Ast, Lexicon, Mixfix, Parser, Printer etc.): less 7020pervasive content, no inclusion in structure Syntax. INCOMPATIBILITY, 7021refer directly to Ast.Constant, Lexicon.is_identifier, 7022Syntax_Trans.mk_binder_tr etc. 7023 7024* Typed print translation: discontinued show_sorts argument, which is 7025already available via context of "advanced" translation. 7026 7027* Refined PARALLEL_GOALS tactical: degrades gracefully for schematic 7028goal states; body tactic needs to address all subgoals uniformly. 7029 7030* Slightly more special eq_list/eq_set, with shortcut involving 7031pointer equality (assumes that eq relation is reflexive). 7032 7033* Classical tactics use proper Proof.context instead of historic types 7034claset/clasimpset. Old-style declarations like addIs, addEs, addDs 7035operate directly on Proof.context. Raw type claset retains its use as 7036snapshot of the classical context, which can be recovered via 7037(put_claset HOL_cs) etc. Type clasimpset has been discontinued. 7038INCOMPATIBILITY, classical tactics and derived proof methods require 7039proper Proof.context. 7040 7041 7042*** System *** 7043 7044* Discontinued support for Poly/ML 5.2, which was the last version 7045without proper multithreading and TimeLimit implementation. 7046 7047* Discontinued old lib/scripts/polyml-platform, which has been 7048obsolete since Isabelle2009-2. 7049 7050* Various optional external tools are referenced more robustly and 7051uniformly by explicit Isabelle settings as follows: 7052 7053 ISABELLE_CSDP (formerly CSDP_EXE) 7054 ISABELLE_GHC (formerly EXEC_GHC or GHC_PATH) 7055 ISABELLE_OCAML (formerly EXEC_OCAML) 7056 ISABELLE_SWIPL (formerly EXEC_SWIPL) 7057 ISABELLE_YAP (formerly EXEC_YAP) 7058 7059Note that automated detection from the file-system or search path has 7060been discontinued. INCOMPATIBILITY. 7061 7062* Scala layer provides JVM method invocation service for static 7063methods of type (String)String, see Invoke_Scala.method in ML. For 7064example: 7065 7066 Invoke_Scala.method "java.lang.System.getProperty" "java.home" 7067 7068Together with YXML.string_of_body/parse_body and XML.Encode/Decode 7069this allows to pass structured values between ML and Scala. 7070 7071* The IsabelleText fonts includes some further glyphs to support the 7072Prover IDE. Potential INCOMPATIBILITY: users who happen to have 7073installed a local copy (which is normally *not* required) need to 7074delete or update it from ~~/lib/fonts/. 7075 7076 7077 7078New in Isabelle2011 (January 2011) 7079---------------------------------- 7080 7081*** General *** 7082 7083* Experimental Prover IDE based on Isabelle/Scala and jEdit (see 7084src/Tools/jEdit). This also serves as IDE for Isabelle/ML, with 7085useful tooltips and hyperlinks produced from its static analysis. The 7086bundled component provides an executable Isabelle tool that can be run 7087like this: 7088 7089 Isabelle2011/bin/isabelle jedit 7090 7091* Significantly improved Isabelle/Isar implementation manual. 7092 7093* System settings: ISABELLE_HOME_USER now includes ISABELLE_IDENTIFIER 7094(and thus refers to something like $HOME/.isabelle/Isabelle2011), 7095while the default heap location within that directory lacks that extra 7096suffix. This isolates multiple Isabelle installations from each 7097other, avoiding problems with old settings in new versions. 7098INCOMPATIBILITY, need to copy/upgrade old user settings manually. 7099 7100* Source files are always encoded as UTF-8, instead of old-fashioned 7101ISO-Latin-1. INCOMPATIBILITY. Isabelle LaTeX documents might require 7102the following package declarations: 7103 7104 \usepackage[utf8]{inputenc} 7105 \usepackage{textcomp} 7106 7107* Explicit treatment of UTF-8 sequences as Isabelle symbols, such that 7108a Unicode character is treated as a single symbol, not a sequence of 7109non-ASCII bytes as before. Since Isabelle/ML string literals may 7110contain symbols without further backslash escapes, Unicode can now be 7111used here as well. Recall that Symbol.explode in ML provides a 7112consistent view on symbols, while raw explode (or String.explode) 7113merely give a byte-oriented representation. 7114 7115* Theory loader: source files are primarily located via the master 7116directory of each theory node (where the .thy file itself resides). 7117The global load path is still partially available as legacy feature. 7118Minor INCOMPATIBILITY due to subtle change in file lookup: use 7119explicit paths, relatively to the theory. 7120 7121* Special treatment of ML file names has been discontinued. 7122Historically, optional extensions .ML or .sml were added on demand -- 7123at the cost of clarity of file dependencies. Recall that Isabelle/ML 7124files exclusively use the .ML extension. Minor INCOMPATIBILITY. 7125 7126* Various options that affect pretty printing etc. are now properly 7127handled within the context via configuration options, instead of 7128unsynchronized references or print modes. There are both ML Config.T 7129entities and Isar declaration attributes to access these. 7130 7131 ML (Config.T) Isar (attribute) 7132 7133 eta_contract eta_contract 7134 show_brackets show_brackets 7135 show_sorts show_sorts 7136 show_types show_types 7137 show_question_marks show_question_marks 7138 show_consts show_consts 7139 show_abbrevs show_abbrevs 7140 7141 Syntax.ast_trace syntax_ast_trace 7142 Syntax.ast_stat syntax_ast_stat 7143 Syntax.ambiguity_level syntax_ambiguity_level 7144 7145 Goal_Display.goals_limit goals_limit 7146 Goal_Display.show_main_goal show_main_goal 7147 7148 Method.rule_trace rule_trace 7149 7150 Thy_Output.display thy_output_display 7151 Thy_Output.quotes thy_output_quotes 7152 Thy_Output.indent thy_output_indent 7153 Thy_Output.source thy_output_source 7154 Thy_Output.break thy_output_break 7155 7156Note that corresponding "..._default" references in ML may only be 7157changed globally at the ROOT session setup, but *not* within a theory. 7158The option "show_abbrevs" supersedes the former print mode 7159"no_abbrevs" with inverted meaning. 7160 7161* More systematic naming of some configuration options. 7162INCOMPATIBILITY. 7163 7164 trace_simp ~> simp_trace 7165 debug_simp ~> simp_debug 7166 7167* Support for real valued configuration options, using simplistic 7168floating-point notation that coincides with the inner syntax for 7169float_token. 7170 7171* Support for real valued preferences (with approximative PGIP type): 7172front-ends need to accept "pgint" values in float notation. 7173INCOMPATIBILITY. 7174 7175* The IsabelleText font now includes Cyrillic, Hebrew, Arabic from 7176DejaVu Sans. 7177 7178* Discontinued support for Poly/ML 5.0 and 5.1 versions. 7179 7180 7181*** Pure *** 7182 7183* Command 'type_synonym' (with single argument) replaces somewhat 7184outdated 'types', which is still available as legacy feature for some 7185time. 7186 7187* Command 'nonterminal' (with 'and' separated list of arguments) 7188replaces somewhat outdated 'nonterminals'. INCOMPATIBILITY. 7189 7190* Command 'notepad' replaces former 'example_proof' for 7191experimentation in Isar without any result. INCOMPATIBILITY. 7192 7193* Locale interpretation commands 'interpret' and 'sublocale' accept 7194lists of equations to map definitions in a locale to appropriate 7195entities in the context of the interpretation. The 'interpretation' 7196command already provided this functionality. 7197 7198* Diagnostic command 'print_dependencies' prints the locale instances 7199that would be activated if the specified expression was interpreted in 7200the current context. Variant "print_dependencies!" assumes a context 7201without interpretations. 7202 7203* Diagnostic command 'print_interps' prints interpretations in proofs 7204in addition to interpretations in theories. 7205 7206* Discontinued obsolete 'global' and 'local' commands to manipulate 7207the theory name space. Rare INCOMPATIBILITY. The ML functions 7208Sign.root_path and Sign.local_path may be applied directly where this 7209feature is still required for historical reasons. 7210 7211* Discontinued obsolete 'constdefs' command. INCOMPATIBILITY, use 7212'definition' instead. 7213 7214* The "prems" fact, which refers to the accidental collection of 7215foundational premises in the context, is now explicitly marked as 7216legacy feature and will be discontinued soon. Consider using "assms" 7217of the head statement or reference facts by explicit names. 7218 7219* Document antiquotations @{class} and @{type} print classes and type 7220constructors. 7221 7222* Document antiquotation @{file} checks file/directory entries within 7223the local file system. 7224 7225 7226*** HOL *** 7227 7228* Coercive subtyping: functions can be declared as coercions and type 7229inference will add them as necessary upon input of a term. Theory 7230Complex_Main declares real :: nat => real and real :: int => real as 7231coercions. A coercion function f is declared like this: 7232 7233 declare [[coercion f]] 7234 7235To lift coercions through type constructors (e.g. from nat => real to 7236nat list => real list), map functions can be declared, e.g. 7237 7238 declare [[coercion_map map]] 7239 7240Currently coercion inference is activated only in theories including 7241real numbers, i.e. descendants of Complex_Main. This is controlled by 7242the configuration option "coercion_enabled", e.g. it can be enabled in 7243other theories like this: 7244 7245 declare [[coercion_enabled]] 7246 7247* Command 'partial_function' provides basic support for recursive 7248function definitions over complete partial orders. Concrete instances 7249are provided for i) the option type, ii) tail recursion on arbitrary 7250types, and iii) the heap monad of Imperative_HOL. See 7251src/HOL/ex/Fundefs.thy and src/HOL/Imperative_HOL/ex/Linked_Lists.thy 7252for examples. 7253 7254* Function package: f.psimps rules are no longer implicitly declared 7255as [simp]. INCOMPATIBILITY. 7256 7257* Datatype package: theorems generated for executable equality (class 7258"eq") carry proper names and are treated as default code equations. 7259 7260* Inductive package: now offers command 'inductive_simps' to 7261automatically derive instantiated and simplified equations for 7262inductive predicates, similar to 'inductive_cases'. 7263 7264* Command 'enriched_type' allows to register properties of the 7265functorial structure of types. 7266 7267* Improved infrastructure for term evaluation using code generator 7268techniques, in particular static evaluation conversions. 7269 7270* Code generator: Scala (2.8 or higher) has been added to the target 7271languages. 7272 7273* Code generator: globbing constant expressions "*" and "Theory.*" 7274have been replaced by the more idiomatic "_" and "Theory._". 7275INCOMPATIBILITY. 7276 7277* Code generator: export_code without explicit file declaration prints 7278to standard output. INCOMPATIBILITY. 7279 7280* Code generator: do not print function definitions for case 7281combinators any longer. 7282 7283* Code generator: simplification with rules determined with 7284src/Tools/Code/code_simp.ML and method "code_simp". 7285 7286* Code generator for records: more idiomatic representation of record 7287types. Warning: records are not covered by ancient SML code 7288generation any longer. INCOMPATIBILITY. In cases of need, a suitable 7289rep_datatype declaration helps to succeed then: 7290 7291 record 'a foo = ... 7292 ... 7293 rep_datatype foo_ext ... 7294 7295* Records: logical foundation type for records does not carry a 7296'_type' suffix any longer (obsolete due to authentic syntax). 7297INCOMPATIBILITY. 7298 7299* Quickcheck now by default uses exhaustive testing instead of random 7300testing. Random testing can be invoked by "quickcheck [random]", 7301exhaustive testing by "quickcheck [exhaustive]". 7302 7303* Quickcheck instantiates polymorphic types with small finite 7304datatypes by default. This enables a simple execution mechanism to 7305handle quantifiers and function equality over the finite datatypes. 7306 7307* Quickcheck random generator has been renamed from "code" to 7308"random". INCOMPATIBILITY. 7309 7310* Quickcheck now has a configurable time limit which is set to 30 7311seconds by default. This can be changed by adding [timeout = n] to the 7312quickcheck command. The time limit for Auto Quickcheck is still set 7313independently. 7314 7315* Quickcheck in locales considers interpretations of that locale for 7316counter example search. 7317 7318* Sledgehammer: 7319 - Added "smt" and "remote_smt" provers based on the "smt" proof 7320 method. See the Sledgehammer manual for details ("isabelle doc 7321 sledgehammer"). 7322 - Renamed commands: 7323 sledgehammer atp_info ~> sledgehammer running_provers 7324 sledgehammer atp_kill ~> sledgehammer kill_provers 7325 sledgehammer available_atps ~> sledgehammer available_provers 7326 INCOMPATIBILITY. 7327 - Renamed options: 7328 sledgehammer [atps = ...] ~> sledgehammer [provers = ...] 7329 sledgehammer [atp = ...] ~> sledgehammer [prover = ...] 7330 sledgehammer [timeout = 77 s] ~> sledgehammer [timeout = 77] 7331 (and "ms" and "min" are no longer supported) 7332 INCOMPATIBILITY. 7333 7334* Nitpick: 7335 - Renamed options: 7336 nitpick [timeout = 77 s] ~> nitpick [timeout = 77] 7337 nitpick [tac_timeout = 777 ms] ~> nitpick [tac_timeout = 0.777] 7338 INCOMPATIBILITY. 7339 - Added support for partial quotient types. 7340 - Added local versions of the "Nitpick.register_xxx" functions. 7341 - Added "whack" option. 7342 - Allow registration of quotient types as codatatypes. 7343 - Improved "merge_type_vars" option to merge more types. 7344 - Removed unsound "fast_descrs" option. 7345 - Added custom symmetry breaking for datatypes, making it possible to reach 7346 higher cardinalities. 7347 - Prevent the expansion of too large definitions. 7348 7349* Proof methods "metis" and "meson" now have configuration options 7350"meson_trace", "metis_trace", and "metis_verbose" that can be enabled 7351to diagnose these tools. E.g. 7352 7353 using [[metis_trace = true]] 7354 7355* Auto Solve: Renamed "Auto Solve Direct". The tool is now available 7356manually as command 'solve_direct'. 7357 7358* The default SMT solver Z3 must be enabled explicitly (due to 7359licensing issues) by setting the environment variable 7360Z3_NON_COMMERCIAL in etc/settings of the component, for example. For 7361commercial applications, the SMT solver CVC3 is provided as fall-back; 7362changing the SMT solver is done via the configuration option 7363"smt_solver". 7364 7365* Remote SMT solvers need to be referred to by the "remote_" prefix, 7366i.e. "remote_cvc3" and "remote_z3". 7367 7368* Added basic SMT support for datatypes, records, and typedefs using 7369the oracle mode (no proofs). Direct support of pairs has been dropped 7370in exchange (pass theorems fst_conv snd_conv pair_collapse to the SMT 7371support for a similar behavior). Minor INCOMPATIBILITY. 7372 7373* Changed SMT configuration options: 7374 - Renamed: 7375 z3_proofs ~> smt_oracle (with inverted meaning) 7376 z3_trace_assms ~> smt_trace_used_facts 7377 INCOMPATIBILITY. 7378 - Added: 7379 smt_verbose 7380 smt_random_seed 7381 smt_datatypes 7382 smt_infer_triggers 7383 smt_monomorph_limit 7384 cvc3_options 7385 remote_cvc3_options 7386 remote_z3_options 7387 yices_options 7388 7389* Boogie output files (.b2i files) need to be declared in the theory 7390header. 7391 7392* Simplification procedure "list_to_set_comprehension" rewrites list 7393comprehensions applied to List.set to set comprehensions. Occasional 7394INCOMPATIBILITY, may be deactivated like this: 7395 7396 declare [[simproc del: list_to_set_comprehension]] 7397 7398* Removed old version of primrec package. INCOMPATIBILITY. 7399 7400* Removed simplifier congruence rule of "prod_case", as has for long 7401been the case with "split". INCOMPATIBILITY. 7402 7403* String.literal is a type, but not a datatype. INCOMPATIBILITY. 7404 7405* Removed [split_format ... and ... and ...] version of 7406[split_format]. Potential INCOMPATIBILITY. 7407 7408* Predicate "sorted" now defined inductively, with nice induction 7409rules. INCOMPATIBILITY: former sorted.simps now named sorted_simps. 7410 7411* Constant "contents" renamed to "the_elem", to free the generic name 7412contents for other uses. INCOMPATIBILITY. 7413 7414* Renamed class eq and constant eq (for code generation) to class 7415equal and constant equal, plus renaming of related facts and various 7416tuning. INCOMPATIBILITY. 7417 7418* Dropped type classes mult_mono and mult_mono1. INCOMPATIBILITY. 7419 7420* Removed output syntax "'a ~=> 'b" for "'a => 'b option". 7421INCOMPATIBILITY. 7422 7423* Renamed theory Fset to Cset, type Fset.fset to Cset.set, in order to 7424avoid confusion with finite sets. INCOMPATIBILITY. 7425 7426* Abandoned locales equiv, congruent and congruent2 for equivalence 7427relations. INCOMPATIBILITY: use equivI rather than equiv_intro (same 7428for congruent(2)). 7429 7430* Some previously unqualified names have been qualified: 7431 7432 types 7433 bool ~> HOL.bool 7434 nat ~> Nat.nat 7435 7436 constants 7437 Trueprop ~> HOL.Trueprop 7438 True ~> HOL.True 7439 False ~> HOL.False 7440 op & ~> HOL.conj 7441 op | ~> HOL.disj 7442 op --> ~> HOL.implies 7443 op = ~> HOL.eq 7444 Not ~> HOL.Not 7445 The ~> HOL.The 7446 All ~> HOL.All 7447 Ex ~> HOL.Ex 7448 Ex1 ~> HOL.Ex1 7449 Let ~> HOL.Let 7450 If ~> HOL.If 7451 Ball ~> Set.Ball 7452 Bex ~> Set.Bex 7453 Suc ~> Nat.Suc 7454 Pair ~> Product_Type.Pair 7455 fst ~> Product_Type.fst 7456 snd ~> Product_Type.snd 7457 curry ~> Product_Type.curry 7458 op : ~> Set.member 7459 Collect ~> Set.Collect 7460 7461INCOMPATIBILITY. 7462 7463* More canonical naming convention for some fundamental definitions: 7464 7465 bot_bool_eq ~> bot_bool_def 7466 top_bool_eq ~> top_bool_def 7467 inf_bool_eq ~> inf_bool_def 7468 sup_bool_eq ~> sup_bool_def 7469 bot_fun_eq ~> bot_fun_def 7470 top_fun_eq ~> top_fun_def 7471 inf_fun_eq ~> inf_fun_def 7472 sup_fun_eq ~> sup_fun_def 7473 7474INCOMPATIBILITY. 7475 7476* More stylized fact names: 7477 7478 expand_fun_eq ~> fun_eq_iff 7479 expand_set_eq ~> set_eq_iff 7480 set_ext ~> set_eqI 7481 nat_number ~> eval_nat_numeral 7482 7483INCOMPATIBILITY. 7484 7485* Refactoring of code-generation specific operations in theory List: 7486 7487 constants 7488 null ~> List.null 7489 7490 facts 7491 mem_iff ~> member_def 7492 null_empty ~> null_def 7493 7494INCOMPATIBILITY. Note that these were not supposed to be used 7495regularly unless for striking reasons; their main purpose was code 7496generation. 7497 7498Various operations from the Haskell prelude are used for generating 7499Haskell code. 7500 7501* Term "bij f" is now an abbreviation of "bij_betw f UNIV UNIV". Term 7502"surj f" is now an abbreviation of "range f = UNIV". The theorems 7503bij_def and surj_def are unchanged. INCOMPATIBILITY. 7504 7505* Abolished some non-alphabetic type names: "prod" and "sum" replace 7506"*" and "+" respectively. INCOMPATIBILITY. 7507 7508* Name "Plus" of disjoint sum operator "<+>" is now hidden. Write 7509"Sum_Type.Plus" instead. 7510 7511* Constant "split" has been merged with constant "prod_case"; names of 7512ML functions, facts etc. involving split have been retained so far, 7513though. INCOMPATIBILITY. 7514 7515* Dropped old infix syntax "_ mem _" for List.member; use "_ : set _" 7516instead. INCOMPATIBILITY. 7517 7518* Removed lemma "Option.is_none_none" which duplicates "is_none_def". 7519INCOMPATIBILITY. 7520 7521* Former theory Library/Enum is now part of the HOL-Main image. 7522INCOMPATIBILITY: all constants of the Enum theory now have to be 7523referred to by its qualified name. 7524 7525 enum ~> Enum.enum 7526 nlists ~> Enum.nlists 7527 product ~> Enum.product 7528 7529* Theory Library/Monad_Syntax provides do-syntax for monad types. 7530Syntax in Library/State_Monad has been changed to avoid ambiguities. 7531INCOMPATIBILITY. 7532 7533* Theory Library/SetsAndFunctions has been split into 7534Library/Function_Algebras and Library/Set_Algebras; canonical names 7535for instance definitions for functions; various improvements. 7536INCOMPATIBILITY. 7537 7538* Theory Library/Multiset provides stable quicksort implementation of 7539sort_key. 7540 7541* Theory Library/Multiset: renamed empty_idemp ~> empty_neutral. 7542INCOMPATIBILITY. 7543 7544* Session Multivariate_Analysis: introduced a type class for euclidean 7545space. Most theorems are now stated in terms of euclidean spaces 7546instead of finite cartesian products. 7547 7548 types 7549 real ^ 'n ~> 'a::real_vector 7550 ~> 'a::euclidean_space 7551 ~> 'a::ordered_euclidean_space 7552 (depends on your needs) 7553 7554 constants 7555 _ $ _ ~> _ $$ _ 7556 \<chi> x. _ ~> \<chi>\<chi> x. _ 7557 CARD('n) ~> DIM('a) 7558 7559Also note that the indices are now natural numbers and not from some 7560finite type. Finite cartesian products of euclidean spaces, products 7561of euclidean spaces the real and complex numbers are instantiated to 7562be euclidean_spaces. INCOMPATIBILITY. 7563 7564* Session Probability: introduced pextreal as positive extended real 7565numbers. Use pextreal as value for measures. Introduce the 7566Radon-Nikodym derivative, product spaces and Fubini's theorem for 7567arbitrary sigma finite measures. Introduces Lebesgue measure based on 7568the integral in Multivariate Analysis. INCOMPATIBILITY. 7569 7570* Session Imperative_HOL: revamped, corrected dozens of inadequacies. 7571INCOMPATIBILITY. 7572 7573* Session SPARK (with image HOL-SPARK) provides commands to load and 7574prove verification conditions generated by the SPARK Ada program 7575verifier. See also src/HOL/SPARK and src/HOL/SPARK/Examples. 7576 7577 7578*** HOL-Algebra *** 7579 7580* Theorems for additive ring operations (locale abelian_monoid and 7581descendants) are generated by interpretation from their multiplicative 7582counterparts. Names (in particular theorem names) have the mandatory 7583qualifier 'add'. Previous theorem names are redeclared for 7584compatibility. 7585 7586* Structure "int_ring" is now an abbreviation (previously a 7587definition). This fits more natural with advanced interpretations. 7588 7589 7590*** HOLCF *** 7591 7592* The domain package now runs in definitional mode by default: The 7593former command 'new_domain' is now called 'domain'. To use the domain 7594package in its original axiomatic mode, use 'domain (unsafe)'. 7595INCOMPATIBILITY. 7596 7597* The new class "domain" is now the default sort. Class "predomain" 7598is an unpointed version of "domain". Theories can be updated by 7599replacing sort annotations as shown below. INCOMPATIBILITY. 7600 7601 'a::type ~> 'a::countable 7602 'a::cpo ~> 'a::predomain 7603 'a::pcpo ~> 'a::domain 7604 7605* The old type class "rep" has been superseded by class "domain". 7606Accordingly, users of the definitional package must remove any 7607"default_sort rep" declarations. INCOMPATIBILITY. 7608 7609* The domain package (definitional mode) now supports unpointed 7610predomain argument types, as long as they are marked 'lazy'. (Strict 7611arguments must be in class "domain".) For example, the following 7612domain definition now works: 7613 7614 domain natlist = nil | cons (lazy "nat discr") (lazy "natlist") 7615 7616* Theory HOLCF/Library/HOL_Cpo provides cpo and predomain class 7617instances for types from main HOL: bool, nat, int, char, 'a + 'b, 7618'a option, and 'a list. Additionally, it configures fixrec and the 7619domain package to work with these types. For example: 7620 7621 fixrec isInl :: "('a + 'b) u -> tr" 7622 where "isInl$(up$(Inl x)) = TT" | "isInl$(up$(Inr y)) = FF" 7623 7624 domain V = VFun (lazy "V -> V") | VCon (lazy "nat") (lazy "V list") 7625 7626* The "(permissive)" option of fixrec has been replaced with a 7627per-equation "(unchecked)" option. See 7628src/HOL/HOLCF/Tutorial/Fixrec_ex.thy for examples. INCOMPATIBILITY. 7629 7630* The "bifinite" class no longer fixes a constant "approx"; the class 7631now just asserts that such a function exists. INCOMPATIBILITY. 7632 7633* Former type "alg_defl" has been renamed to "defl". HOLCF no longer 7634defines an embedding of type 'a defl into udom by default; instances 7635of "bifinite" and "domain" classes are available in 7636src/HOL/HOLCF/Library/Defl_Bifinite.thy. 7637 7638* The syntax "REP('a)" has been replaced with "DEFL('a)". 7639 7640* The predicate "directed" has been removed. INCOMPATIBILITY. 7641 7642* The type class "finite_po" has been removed. INCOMPATIBILITY. 7643 7644* The function "cprod_map" has been renamed to "prod_map". 7645INCOMPATIBILITY. 7646 7647* The monadic bind operator on each powerdomain has new binder syntax 7648similar to sets, e.g. "\<Union>\<sharp>x\<in>xs. t" represents 7649"upper_bind\<cdot>xs\<cdot>(\<Lambda> x. t)". 7650 7651* The infix syntax for binary union on each powerdomain has changed 7652from e.g. "+\<sharp>" to "\<union>\<sharp>", for consistency with set 7653syntax. INCOMPATIBILITY. 7654 7655* The constant "UU" has been renamed to "bottom". The syntax "UU" is 7656still supported as an input translation. 7657 7658* Renamed some theorems (the original names are also still available). 7659 7660 expand_fun_below ~> fun_below_iff 7661 below_fun_ext ~> fun_belowI 7662 expand_cfun_eq ~> cfun_eq_iff 7663 ext_cfun ~> cfun_eqI 7664 expand_cfun_below ~> cfun_below_iff 7665 below_cfun_ext ~> cfun_belowI 7666 cont2cont_Rep_CFun ~> cont2cont_APP 7667 7668* The Abs and Rep functions for various types have changed names. 7669Related theorem names have also changed to match. INCOMPATIBILITY. 7670 7671 Rep_CFun ~> Rep_cfun 7672 Abs_CFun ~> Abs_cfun 7673 Rep_Sprod ~> Rep_sprod 7674 Abs_Sprod ~> Abs_sprod 7675 Rep_Ssum ~> Rep_ssum 7676 Abs_Ssum ~> Abs_ssum 7677 7678* Lemmas with names of the form *_defined_iff or *_strict_iff have 7679been renamed to *_bottom_iff. INCOMPATIBILITY. 7680 7681* Various changes to bisimulation/coinduction with domain package: 7682 7683 - Definitions of "bisim" constants no longer mention definedness. 7684 - With mutual recursion, "bisim" predicate is now curried. 7685 - With mutual recursion, each type gets a separate coind theorem. 7686 - Variable names in bisim_def and coinduct rules have changed. 7687 7688INCOMPATIBILITY. 7689 7690* Case combinators generated by the domain package for type "foo" are 7691now named "foo_case" instead of "foo_when". INCOMPATIBILITY. 7692 7693* Several theorems have been renamed to more accurately reflect the 7694names of constants and types involved. INCOMPATIBILITY. 7695 7696 thelub_const ~> lub_const 7697 lub_const ~> is_lub_const 7698 thelubI ~> lub_eqI 7699 is_lub_lub ~> is_lubD2 7700 lubI ~> is_lub_lub 7701 unique_lub ~> is_lub_unique 7702 is_ub_lub ~> is_lub_rangeD1 7703 lub_bin_chain ~> is_lub_bin_chain 7704 lub_fun ~> is_lub_fun 7705 thelub_fun ~> lub_fun 7706 thelub_cfun ~> lub_cfun 7707 thelub_Pair ~> lub_Pair 7708 lub_cprod ~> is_lub_prod 7709 thelub_cprod ~> lub_prod 7710 minimal_cprod ~> minimal_prod 7711 inst_cprod_pcpo ~> inst_prod_pcpo 7712 UU_I ~> bottomI 7713 compact_UU ~> compact_bottom 7714 deflation_UU ~> deflation_bottom 7715 finite_deflation_UU ~> finite_deflation_bottom 7716 7717* Many legacy theorem names have been discontinued. INCOMPATIBILITY. 7718 7719 sq_ord_less_eq_trans ~> below_eq_trans 7720 sq_ord_eq_less_trans ~> eq_below_trans 7721 refl_less ~> below_refl 7722 trans_less ~> below_trans 7723 antisym_less ~> below_antisym 7724 antisym_less_inverse ~> po_eq_conv [THEN iffD1] 7725 box_less ~> box_below 7726 rev_trans_less ~> rev_below_trans 7727 not_less2not_eq ~> not_below2not_eq 7728 less_UU_iff ~> below_UU_iff 7729 flat_less_iff ~> flat_below_iff 7730 adm_less ~> adm_below 7731 adm_not_less ~> adm_not_below 7732 adm_compact_not_less ~> adm_compact_not_below 7733 less_fun_def ~> below_fun_def 7734 expand_fun_less ~> fun_below_iff 7735 less_fun_ext ~> fun_belowI 7736 less_discr_def ~> below_discr_def 7737 discr_less_eq ~> discr_below_eq 7738 less_unit_def ~> below_unit_def 7739 less_cprod_def ~> below_prod_def 7740 prod_lessI ~> prod_belowI 7741 Pair_less_iff ~> Pair_below_iff 7742 fst_less_iff ~> fst_below_iff 7743 snd_less_iff ~> snd_below_iff 7744 expand_cfun_less ~> cfun_below_iff 7745 less_cfun_ext ~> cfun_belowI 7746 injection_less ~> injection_below 7747 less_up_def ~> below_up_def 7748 not_Iup_less ~> not_Iup_below 7749 Iup_less ~> Iup_below 7750 up_less ~> up_below 7751 Def_inject_less_eq ~> Def_below_Def 7752 Def_less_is_eq ~> Def_below_iff 7753 spair_less_iff ~> spair_below_iff 7754 less_sprod ~> below_sprod 7755 spair_less ~> spair_below 7756 sfst_less_iff ~> sfst_below_iff 7757 ssnd_less_iff ~> ssnd_below_iff 7758 fix_least_less ~> fix_least_below 7759 dist_less_one ~> dist_below_one 7760 less_ONE ~> below_ONE 7761 ONE_less_iff ~> ONE_below_iff 7762 less_sinlD ~> below_sinlD 7763 less_sinrD ~> below_sinrD 7764 7765 7766*** FOL and ZF *** 7767 7768* All constant names are now qualified internally and use proper 7769identifiers, e.g. "IFOL.eq" instead of "op =". INCOMPATIBILITY. 7770 7771 7772*** ML *** 7773 7774* Antiquotation @{assert} inlines a function bool -> unit that raises 7775Fail if the argument is false. Due to inlining the source position of 7776failed assertions is included in the error output. 7777 7778* Discontinued antiquotation @{theory_ref}, which is obsolete since ML 7779text is in practice always evaluated with a stable theory checkpoint. 7780Minor INCOMPATIBILITY, use (Theory.check_thy @{theory}) instead. 7781 7782* Antiquotation @{theory A} refers to theory A from the ancestry of 7783the current context, not any accidental theory loader state as before. 7784Potential INCOMPATIBILITY, subtle change in semantics. 7785 7786* Syntax.pretty_priority (default 0) configures the required priority 7787of pretty-printed output and thus affects insertion of parentheses. 7788 7789* Syntax.default_root (default "any") configures the inner syntax 7790category (nonterminal symbol) for parsing of terms. 7791 7792* Former exception Library.UnequalLengths now coincides with 7793ListPair.UnequalLengths. 7794 7795* Renamed structure MetaSimplifier to Raw_Simplifier. Note that the 7796main functionality is provided by structure Simplifier. 7797 7798* Renamed raw "explode" function to "raw_explode" to emphasize its 7799meaning. Note that internally to Isabelle, Symbol.explode is used in 7800almost all situations. 7801 7802* Discontinued obsolete function sys_error and exception SYS_ERROR. 7803See implementation manual for further details on exceptions in 7804Isabelle/ML. 7805 7806* Renamed setmp_noncritical to Unsynchronized.setmp to emphasize its 7807meaning. 7808 7809* Renamed structure PureThy to Pure_Thy and moved most of its 7810operations to structure Global_Theory, to emphasize that this is 7811rarely-used global-only stuff. 7812 7813* Discontinued Output.debug. Minor INCOMPATIBILITY, use plain writeln 7814instead (or tracing for high-volume output). 7815 7816* Configuration option show_question_marks only affects regular pretty 7817printing of types and terms, not raw Term.string_of_vname. 7818 7819* ML_Context.thm and ML_Context.thms are no longer pervasive. Rare 7820INCOMPATIBILITY, superseded by static antiquotations @{thm} and 7821@{thms} for most purposes. 7822 7823* ML structure Unsynchronized is never opened, not even in Isar 7824interaction mode as before. Old Unsynchronized.set etc. have been 7825discontinued -- use plain := instead. This should be *rare* anyway, 7826since modern tools always work via official context data, notably 7827configuration options. 7828 7829* Parallel and asynchronous execution requires special care concerning 7830interrupts. Structure Exn provides some convenience functions that 7831avoid working directly with raw Interrupt. User code must not absorb 7832interrupts -- intermediate handling (for cleanup etc.) needs to be 7833followed by re-raising of the original exception. Another common 7834source of mistakes are "handle _" patterns, which make the meaning of 7835the program subject to physical effects of the environment. 7836 7837 7838 7839New in Isabelle2009-2 (June 2010) 7840--------------------------------- 7841 7842*** General *** 7843 7844* Authentic syntax for *all* logical entities (type classes, type 7845constructors, term constants): provides simple and robust 7846correspondence between formal entities and concrete syntax. Within 7847the parse tree / AST representations, "constants" are decorated by 7848their category (class, type, const) and spelled out explicitly with 7849their full internal name. 7850 7851Substantial INCOMPATIBILITY concerning low-level syntax declarations 7852and translations (translation rules and translation functions in ML). 7853Some hints on upgrading: 7854 7855 - Many existing uses of 'syntax' and 'translations' can be replaced 7856 by more modern 'type_notation', 'notation' and 'abbreviation', 7857 which are independent of this issue. 7858 7859 - 'translations' require markup within the AST; the term syntax 7860 provides the following special forms: 7861 7862 CONST c -- produces syntax version of constant c from context 7863 XCONST c -- literally c, checked as constant from context 7864 c -- literally c, if declared by 'syntax' 7865 7866 Plain identifiers are treated as AST variables -- occasionally the 7867 system indicates accidental variables via the error "rhs contains 7868 extra variables". 7869 7870 Type classes and type constructors are marked according to their 7871 concrete syntax. Some old translations rules need to be written 7872 for the "type" category, using type constructor application 7873 instead of pseudo-term application of the default category 7874 "logic". 7875 7876 - 'parse_translation' etc. in ML may use the following 7877 antiquotations: 7878 7879 @{class_syntax c} -- type class c within parse tree / AST 7880 @{term_syntax c} -- type constructor c within parse tree / AST 7881 @{const_syntax c} -- ML version of "CONST c" above 7882 @{syntax_const c} -- literally c (checked wrt. 'syntax' declarations) 7883 7884 - Literal types within 'typed_print_translations', i.e. those *not* 7885 represented as pseudo-terms are represented verbatim. Use @{class 7886 c} or @{type_name c} here instead of the above syntax 7887 antiquotations. 7888 7889Note that old non-authentic syntax was based on unqualified base 7890names, so all of the above "constant" names would coincide. Recall 7891that 'print_syntax' and ML_command "set Syntax.trace_ast" help to 7892diagnose syntax problems. 7893 7894* Type constructors admit general mixfix syntax, not just infix. 7895 7896* Concrete syntax may be attached to local entities without a proof 7897body, too. This works via regular mixfix annotations for 'fix', 7898'def', 'obtain' etc. or via the explicit 'write' command, which is 7899similar to the 'notation' command in theory specifications. 7900 7901* Discontinued unnamed infix syntax (legacy feature for many years) -- 7902need to specify constant name and syntax separately. Internal ML 7903datatype constructors have been renamed from InfixName to Infix etc. 7904Minor INCOMPATIBILITY. 7905 7906* Schematic theorem statements need to be explicitly markup as such, 7907via commands 'schematic_lemma', 'schematic_theorem', 7908'schematic_corollary'. Thus the relevance of the proof is made 7909syntactically clear, which impacts performance in a parallel or 7910asynchronous interactive environment. Minor INCOMPATIBILITY. 7911 7912* Use of cumulative prems via "!" in some proof methods has been 7913discontinued (old legacy feature). 7914 7915* References 'trace_simp' and 'debug_simp' have been replaced by 7916configuration options stored in the context. Enabling tracing (the 7917case of debugging is similar) in proofs works via 7918 7919 using [[trace_simp = true]] 7920 7921Tracing is then active for all invocations of the simplifier in 7922subsequent goal refinement steps. Tracing may also still be enabled or 7923disabled via the ProofGeneral settings menu. 7924 7925* Separate commands 'hide_class', 'hide_type', 'hide_const', 7926'hide_fact' replace the former 'hide' KIND command. Minor 7927INCOMPATIBILITY. 7928 7929* Improved parallelism of proof term normalization: usedir -p2 -q0 is 7930more efficient than combinations with -q1 or -q2. 7931 7932 7933*** Pure *** 7934 7935* Proofterms record type-class reasoning explicitly, using the 7936"unconstrain" operation internally. This eliminates all sort 7937constraints from a theorem and proof, introducing explicit 7938OFCLASS-premises. On the proof term level, this operation is 7939automatically applied at theorem boundaries, such that closed proofs 7940are always free of sort constraints. INCOMPATIBILITY for tools that 7941inspect proof terms. 7942 7943* Local theory specifications may depend on extra type variables that 7944are not present in the result type -- arguments TYPE('a) :: 'a itself 7945are added internally. For example: 7946 7947 definition unitary :: bool where "unitary = (ALL (x::'a) y. x = y)" 7948 7949* Predicates of locales introduced by classes carry a mandatory 7950"class" prefix. INCOMPATIBILITY. 7951 7952* Vacuous class specifications observe default sort. INCOMPATIBILITY. 7953 7954* Old 'axclass' command has been discontinued. INCOMPATIBILITY, use 7955'class' instead. 7956 7957* Command 'code_reflect' allows to incorporate generated ML code into 7958runtime environment; replaces immature code_datatype antiquotation. 7959INCOMPATIBILITY. 7960 7961* Code generator: simple concept for abstract datatypes obeying 7962invariants. 7963 7964* Code generator: details of internal data cache have no impact on the 7965user space functionality any longer. 7966 7967* Methods "unfold_locales" and "intro_locales" ignore non-locale 7968subgoals. This is more appropriate for interpretations with 'where'. 7969INCOMPATIBILITY. 7970 7971* Command 'example_proof' opens an empty proof body. This allows to 7972experiment with Isar, without producing any persistent result. 7973 7974* Commands 'type_notation' and 'no_type_notation' declare type syntax 7975within a local theory context, with explicit checking of the 7976constructors involved (in contrast to the raw 'syntax' versions). 7977 7978* Commands 'types' and 'typedecl' now work within a local theory 7979context -- without introducing dependencies on parameters or 7980assumptions, which is not possible in Isabelle/Pure. 7981 7982* Command 'defaultsort' has been renamed to 'default_sort', it works 7983within a local theory context. Minor INCOMPATIBILITY. 7984 7985 7986*** HOL *** 7987 7988* Command 'typedef' now works within a local theory context -- without 7989introducing dependencies on parameters or assumptions, which is not 7990possible in Isabelle/Pure/HOL. Note that the logical environment may 7991contain multiple interpretations of local typedefs (with different 7992non-emptiness proofs), even in a global theory context. 7993 7994* New package for quotient types. Commands 'quotient_type' and 7995'quotient_definition' may be used for defining types and constants by 7996quotient constructions. An example is the type of integers created by 7997quotienting pairs of natural numbers: 7998 7999 fun 8000 intrel :: "(nat * nat) => (nat * nat) => bool" 8001 where 8002 "intrel (x, y) (u, v) = (x + v = u + y)" 8003 8004 quotient_type int = "nat * nat" / intrel 8005 by (auto simp add: equivp_def expand_fun_eq) 8006 8007 quotient_definition 8008 "0::int" is "(0::nat, 0::nat)" 8009 8010The method "lifting" can be used to lift of theorems from the 8011underlying "raw" type to the quotient type. The example 8012src/HOL/Quotient_Examples/FSet.thy includes such a quotient 8013construction and provides a reasoning infrastructure for finite sets. 8014 8015* Renamed Library/Quotient.thy to Library/Quotient_Type.thy to avoid 8016clash with new theory Quotient in Main HOL. 8017 8018* Moved the SMT binding into the main HOL session, eliminating 8019separate HOL-SMT session. 8020 8021* List membership infix mem operation is only an input abbreviation. 8022INCOMPATIBILITY. 8023 8024* Theory Library/Word.thy has been removed. Use library Word/Word.thy 8025for future developements; former Library/Word.thy is still present in 8026the AFP entry RSAPPS. 8027 8028* Theorem Int.int_induct renamed to Int.int_of_nat_induct and is no 8029longer shadowed. INCOMPATIBILITY. 8030 8031* Dropped theorem duplicate comp_arith; use semiring_norm instead. 8032INCOMPATIBILITY. 8033 8034* Dropped theorem RealPow.real_sq_order; use power2_le_imp_le instead. 8035INCOMPATIBILITY. 8036 8037* Dropped normalizing_semiring etc; use the facts in semiring classes 8038instead. INCOMPATIBILITY. 8039 8040* Dropped several real-specific versions of lemmas about floor and 8041ceiling; use the generic lemmas from theory "Archimedean_Field" 8042instead. INCOMPATIBILITY. 8043 8044 floor_number_of_eq ~> floor_number_of 8045 le_floor_eq_number_of ~> number_of_le_floor 8046 le_floor_eq_zero ~> zero_le_floor 8047 le_floor_eq_one ~> one_le_floor 8048 floor_less_eq_number_of ~> floor_less_number_of 8049 floor_less_eq_zero ~> floor_less_zero 8050 floor_less_eq_one ~> floor_less_one 8051 less_floor_eq_number_of ~> number_of_less_floor 8052 less_floor_eq_zero ~> zero_less_floor 8053 less_floor_eq_one ~> one_less_floor 8054 floor_le_eq_number_of ~> floor_le_number_of 8055 floor_le_eq_zero ~> floor_le_zero 8056 floor_le_eq_one ~> floor_le_one 8057 floor_subtract_number_of ~> floor_diff_number_of 8058 floor_subtract_one ~> floor_diff_one 8059 ceiling_number_of_eq ~> ceiling_number_of 8060 ceiling_le_eq_number_of ~> ceiling_le_number_of 8061 ceiling_le_zero_eq ~> ceiling_le_zero 8062 ceiling_le_eq_one ~> ceiling_le_one 8063 less_ceiling_eq_number_of ~> number_of_less_ceiling 8064 less_ceiling_eq_zero ~> zero_less_ceiling 8065 less_ceiling_eq_one ~> one_less_ceiling 8066 ceiling_less_eq_number_of ~> ceiling_less_number_of 8067 ceiling_less_eq_zero ~> ceiling_less_zero 8068 ceiling_less_eq_one ~> ceiling_less_one 8069 le_ceiling_eq_number_of ~> number_of_le_ceiling 8070 le_ceiling_eq_zero ~> zero_le_ceiling 8071 le_ceiling_eq_one ~> one_le_ceiling 8072 ceiling_subtract_number_of ~> ceiling_diff_number_of 8073 ceiling_subtract_one ~> ceiling_diff_one 8074 8075* Theory "Finite_Set": various folding_XXX locales facilitate the 8076application of the various fold combinators on finite sets. 8077 8078* Library theory "RBT" renamed to "RBT_Impl"; new library theory "RBT" 8079provides abstract red-black tree type which is backed by "RBT_Impl" as 8080implementation. INCOMPATIBILITY. 8081 8082* Theory Library/Coinductive_List has been removed -- superseded by 8083AFP/thys/Coinductive. 8084 8085* Theory PReal, including the type "preal" and related operations, has 8086been removed. INCOMPATIBILITY. 8087 8088* Real: new development using Cauchy Sequences. 8089 8090* Split off theory "Big_Operators" containing setsum, setprod, 8091Inf_fin, Sup_fin, Min, Max from theory Finite_Set. INCOMPATIBILITY. 8092 8093* Theory "Rational" renamed to "Rat", for consistency with "Nat", 8094"Int" etc. INCOMPATIBILITY. 8095 8096* Constant Rat.normalize needs to be qualified. INCOMPATIBILITY. 8097 8098* New set of rules "ac_simps" provides combined assoc / commute 8099rewrites for all interpretations of the appropriate generic locales. 8100 8101* Renamed theory "OrderedGroup" to "Groups" and split theory 8102"Ring_and_Field" into theories "Rings" and "Fields"; for more 8103appropriate and more consistent names suitable for name prefixes 8104within the HOL theories. INCOMPATIBILITY. 8105 8106* Some generic constants have been put to appropriate theories: 8107 - less_eq, less: Orderings 8108 - zero, one, plus, minus, uminus, times, abs, sgn: Groups 8109 - inverse, divide: Rings 8110INCOMPATIBILITY. 8111 8112* More consistent naming of type classes involving orderings (and 8113lattices): 8114 8115 lower_semilattice ~> semilattice_inf 8116 upper_semilattice ~> semilattice_sup 8117 8118 dense_linear_order ~> dense_linorder 8119 8120 pordered_ab_group_add ~> ordered_ab_group_add 8121 pordered_ab_group_add_abs ~> ordered_ab_group_add_abs 8122 pordered_ab_semigroup_add ~> ordered_ab_semigroup_add 8123 pordered_ab_semigroup_add_imp_le ~> ordered_ab_semigroup_add_imp_le 8124 pordered_cancel_ab_semigroup_add ~> ordered_cancel_ab_semigroup_add 8125 pordered_cancel_comm_semiring ~> ordered_cancel_comm_semiring 8126 pordered_cancel_semiring ~> ordered_cancel_semiring 8127 pordered_comm_monoid_add ~> ordered_comm_monoid_add 8128 pordered_comm_ring ~> ordered_comm_ring 8129 pordered_comm_semiring ~> ordered_comm_semiring 8130 pordered_ring ~> ordered_ring 8131 pordered_ring_abs ~> ordered_ring_abs 8132 pordered_semiring ~> ordered_semiring 8133 8134 ordered_ab_group_add ~> linordered_ab_group_add 8135 ordered_ab_semigroup_add ~> linordered_ab_semigroup_add 8136 ordered_cancel_ab_semigroup_add ~> linordered_cancel_ab_semigroup_add 8137 ordered_comm_semiring_strict ~> linordered_comm_semiring_strict 8138 ordered_field ~> linordered_field 8139 ordered_field_no_lb ~> linordered_field_no_lb 8140 ordered_field_no_ub ~> linordered_field_no_ub 8141 ordered_field_dense_linear_order ~> dense_linordered_field 8142 ordered_idom ~> linordered_idom 8143 ordered_ring ~> linordered_ring 8144 ordered_ring_le_cancel_factor ~> linordered_ring_le_cancel_factor 8145 ordered_ring_less_cancel_factor ~> linordered_ring_less_cancel_factor 8146 ordered_ring_strict ~> linordered_ring_strict 8147 ordered_semidom ~> linordered_semidom 8148 ordered_semiring ~> linordered_semiring 8149 ordered_semiring_1 ~> linordered_semiring_1 8150 ordered_semiring_1_strict ~> linordered_semiring_1_strict 8151 ordered_semiring_strict ~> linordered_semiring_strict 8152 8153 The following slightly odd type classes have been moved to a 8154 separate theory Library/Lattice_Algebras: 8155 8156 lordered_ab_group_add ~> lattice_ab_group_add 8157 lordered_ab_group_add_abs ~> lattice_ab_group_add_abs 8158 lordered_ab_group_add_meet ~> semilattice_inf_ab_group_add 8159 lordered_ab_group_add_join ~> semilattice_sup_ab_group_add 8160 lordered_ring ~> lattice_ring 8161 8162INCOMPATIBILITY. 8163 8164* Refined field classes: 8165 - classes division_ring_inverse_zero, field_inverse_zero, 8166 linordered_field_inverse_zero include rule inverse 0 = 0 -- 8167 subsumes former division_by_zero class; 8168 - numerous lemmas have been ported from field to division_ring. 8169INCOMPATIBILITY. 8170 8171* Refined algebra theorem collections: 8172 - dropped theorem group group_simps, use algebra_simps instead; 8173 - dropped theorem group ring_simps, use field_simps instead; 8174 - proper theorem collection field_simps subsumes former theorem 8175 groups field_eq_simps and field_simps; 8176 - dropped lemma eq_minus_self_iff which is a duplicate for 8177 equal_neg_zero. 8178INCOMPATIBILITY. 8179 8180* Theory Finite_Set and List: some lemmas have been generalized from 8181sets to lattices: 8182 8183 fun_left_comm_idem_inter ~> fun_left_comm_idem_inf 8184 fun_left_comm_idem_union ~> fun_left_comm_idem_sup 8185 inter_Inter_fold_inter ~> inf_Inf_fold_inf 8186 union_Union_fold_union ~> sup_Sup_fold_sup 8187 Inter_fold_inter ~> Inf_fold_inf 8188 Union_fold_union ~> Sup_fold_sup 8189 inter_INTER_fold_inter ~> inf_INFI_fold_inf 8190 union_UNION_fold_union ~> sup_SUPR_fold_sup 8191 INTER_fold_inter ~> INFI_fold_inf 8192 UNION_fold_union ~> SUPR_fold_sup 8193 8194* Theory "Complete_Lattice": lemmas top_def and bot_def have been 8195replaced by the more convenient lemmas Inf_empty and Sup_empty. 8196Dropped lemmas Inf_insert_simp and Sup_insert_simp, which are subsumed 8197by Inf_insert and Sup_insert. Lemmas Inf_UNIV and Sup_UNIV replace 8198former Inf_Univ and Sup_Univ. Lemmas inf_top_right and sup_bot_right 8199subsume inf_top and sup_bot respectively. INCOMPATIBILITY. 8200 8201* Reorganized theory Multiset: swapped notation of pointwise and 8202multiset order: 8203 8204 - pointwise ordering is instance of class order with standard syntax 8205 <= and <; 8206 - multiset ordering has syntax <=# and <#; partial order properties 8207 are provided by means of interpretation with prefix 8208 multiset_order; 8209 - less duplication, less historical organization of sections, 8210 conversion from associations lists to multisets, rudimentary code 8211 generation; 8212 - use insert_DiffM2 [symmetric] instead of elem_imp_eq_diff_union, 8213 if needed. 8214 8215Renamed: 8216 8217 multiset_eq_conv_count_eq ~> multiset_ext_iff 8218 multi_count_ext ~> multiset_ext 8219 diff_union_inverse2 ~> diff_union_cancelR 8220 8221INCOMPATIBILITY. 8222 8223* Theory Permutation: replaced local "remove" by List.remove1. 8224 8225* Code generation: ML and OCaml code is decorated with signatures. 8226 8227* Theory List: added transpose. 8228 8229* Library/Nat_Bijection.thy is a collection of bijective functions 8230between nat and other types, which supersedes the older libraries 8231Library/Nat_Int_Bij.thy and HOLCF/NatIso.thy. INCOMPATIBILITY. 8232 8233 Constants: 8234 Nat_Int_Bij.nat2_to_nat ~> prod_encode 8235 Nat_Int_Bij.nat_to_nat2 ~> prod_decode 8236 Nat_Int_Bij.int_to_nat_bij ~> int_encode 8237 Nat_Int_Bij.nat_to_int_bij ~> int_decode 8238 Countable.pair_encode ~> prod_encode 8239 NatIso.prod2nat ~> prod_encode 8240 NatIso.nat2prod ~> prod_decode 8241 NatIso.sum2nat ~> sum_encode 8242 NatIso.nat2sum ~> sum_decode 8243 NatIso.list2nat ~> list_encode 8244 NatIso.nat2list ~> list_decode 8245 NatIso.set2nat ~> set_encode 8246 NatIso.nat2set ~> set_decode 8247 8248 Lemmas: 8249 Nat_Int_Bij.bij_nat_to_int_bij ~> bij_int_decode 8250 Nat_Int_Bij.nat2_to_nat_inj ~> inj_prod_encode 8251 Nat_Int_Bij.nat2_to_nat_surj ~> surj_prod_encode 8252 Nat_Int_Bij.nat_to_nat2_inj ~> inj_prod_decode 8253 Nat_Int_Bij.nat_to_nat2_surj ~> surj_prod_decode 8254 Nat_Int_Bij.i2n_n2i_id ~> int_encode_inverse 8255 Nat_Int_Bij.n2i_i2n_id ~> int_decode_inverse 8256 Nat_Int_Bij.surj_nat_to_int_bij ~> surj_int_encode 8257 Nat_Int_Bij.surj_int_to_nat_bij ~> surj_int_decode 8258 Nat_Int_Bij.inj_nat_to_int_bij ~> inj_int_encode 8259 Nat_Int_Bij.inj_int_to_nat_bij ~> inj_int_decode 8260 Nat_Int_Bij.bij_nat_to_int_bij ~> bij_int_encode 8261 Nat_Int_Bij.bij_int_to_nat_bij ~> bij_int_decode 8262 8263* Sledgehammer: 8264 - Renamed ATP commands: 8265 atp_info ~> sledgehammer running_atps 8266 atp_kill ~> sledgehammer kill_atps 8267 atp_messages ~> sledgehammer messages 8268 atp_minimize ~> sledgehammer minimize 8269 print_atps ~> sledgehammer available_atps 8270 INCOMPATIBILITY. 8271 - Added user's manual ("isabelle doc sledgehammer"). 8272 - Added option syntax and "sledgehammer_params" to customize 8273 Sledgehammer's behavior. See the manual for details. 8274 - Modified the Isar proof reconstruction code so that it produces 8275 direct proofs rather than proofs by contradiction. (This feature 8276 is still experimental.) 8277 - Made Isar proof reconstruction work for SPASS, remote ATPs, and in 8278 full-typed mode. 8279 - Added support for TPTP syntax for SPASS via the "spass_tptp" ATP. 8280 8281* Nitpick: 8282 - Added and implemented "binary_ints" and "bits" options. 8283 - Added "std" option and implemented support for nonstandard models. 8284 - Added and implemented "finitize" option to improve the precision 8285 of infinite datatypes based on a monotonicity analysis. 8286 - Added support for quotient types. 8287 - Added support for "specification" and "ax_specification" 8288 constructs. 8289 - Added support for local definitions (for "function" and 8290 "termination" proofs). 8291 - Added support for term postprocessors. 8292 - Optimized "Multiset.multiset" and "FinFun.finfun". 8293 - Improved efficiency of "destroy_constrs" optimization. 8294 - Fixed soundness bugs related to "destroy_constrs" optimization and 8295 record getters. 8296 - Fixed soundness bug related to higher-order constructors. 8297 - Fixed soundness bug when "full_descrs" is enabled. 8298 - Improved precision of set constructs. 8299 - Added "atoms" option. 8300 - Added cache to speed up repeated Kodkod invocations on the same 8301 problems. 8302 - Renamed "MiniSatJNI", "zChaffJNI", "BerkMinAlloy", and 8303 "SAT4JLight" to "MiniSat_JNI", "zChaff_JNI", "BerkMin_Alloy", and 8304 "SAT4J_Light". INCOMPATIBILITY. 8305 - Removed "skolemize", "uncurry", "sym_break", "flatten_prop", 8306 "sharing_depth", and "show_skolems" options. INCOMPATIBILITY. 8307 - Removed "nitpick_intro" attribute. INCOMPATIBILITY. 8308 8309* Method "induct" now takes instantiations of the form t, where t is not 8310 a variable, as a shorthand for "x == t", where x is a fresh variable. 8311 If this is not intended, t has to be enclosed in parentheses. 8312 By default, the equalities generated by definitional instantiations 8313 are pre-simplified, which may cause parameters of inductive cases 8314 to disappear, or may even delete some of the inductive cases. 8315 Use "induct (no_simp)" instead of "induct" to restore the old 8316 behaviour. The (no_simp) option is also understood by the "cases" 8317 and "nominal_induct" methods, which now perform pre-simplification, too. 8318 INCOMPATIBILITY. 8319 8320 8321*** HOLCF *** 8322 8323* Variable names in lemmas generated by the domain package have 8324changed; the naming scheme is now consistent with the HOL datatype 8325package. Some proof scripts may be affected, INCOMPATIBILITY. 8326 8327* The domain package no longer defines the function "foo_copy" for 8328recursive domain "foo". The reach lemma is now stated directly in 8329terms of "foo_take". Lemmas and proofs that mention "foo_copy" must 8330be reformulated in terms of "foo_take", INCOMPATIBILITY. 8331 8332* Most definedness lemmas generated by the domain package (previously 8333of the form "x ~= UU ==> foo$x ~= UU") now have an if-and-only-if form 8334like "foo$x = UU <-> x = UU", which works better as a simp rule. 8335Proofs that used definedness lemmas as intro rules may break, 8336potential INCOMPATIBILITY. 8337 8338* Induction and casedist rules generated by the domain package now 8339declare proper case_names (one called "bottom", and one named for each 8340constructor). INCOMPATIBILITY. 8341 8342* For mutually-recursive domains, separate "reach" and "take_lemma" 8343rules are generated for each domain, INCOMPATIBILITY. 8344 8345 foo_bar.reach ~> foo.reach bar.reach 8346 foo_bar.take_lemmas ~> foo.take_lemma bar.take_lemma 8347 8348* Some lemmas generated by the domain package have been renamed for 8349consistency with the datatype package, INCOMPATIBILITY. 8350 8351 foo.ind ~> foo.induct 8352 foo.finite_ind ~> foo.finite_induct 8353 foo.coind ~> foo.coinduct 8354 foo.casedist ~> foo.exhaust 8355 foo.exhaust ~> foo.nchotomy 8356 8357* For consistency with other definition packages, the fixrec package 8358now generates qualified theorem names, INCOMPATIBILITY. 8359 8360 foo_simps ~> foo.simps 8361 foo_unfold ~> foo.unfold 8362 foo_induct ~> foo.induct 8363 8364* The "fixrec_simp" attribute has been removed. The "fixrec_simp" 8365method and internal fixrec proofs now use the default simpset instead. 8366INCOMPATIBILITY. 8367 8368* The "contlub" predicate has been removed. Proof scripts should use 8369lemma contI2 in place of monocontlub2cont, INCOMPATIBILITY. 8370 8371* The "admw" predicate has been removed, INCOMPATIBILITY. 8372 8373* The constants cpair, cfst, and csnd have been removed in favor of 8374Pair, fst, and snd from Isabelle/HOL, INCOMPATIBILITY. 8375 8376 8377*** ML *** 8378 8379* Antiquotations for basic formal entities: 8380 8381 @{class NAME} -- type class 8382 @{class_syntax NAME} -- syntax representation of the above 8383 8384 @{type_name NAME} -- logical type 8385 @{type_abbrev NAME} -- type abbreviation 8386 @{nonterminal NAME} -- type of concrete syntactic category 8387 @{type_syntax NAME} -- syntax representation of any of the above 8388 8389 @{const_name NAME} -- logical constant (INCOMPATIBILITY) 8390 @{const_abbrev NAME} -- abbreviated constant 8391 @{const_syntax NAME} -- syntax representation of any of the above 8392 8393* Antiquotation @{syntax_const NAME} ensures that NAME refers to a raw 8394syntax constant (cf. 'syntax' command). 8395 8396* Antiquotation @{make_string} inlines a function to print arbitrary 8397values similar to the ML toplevel. The result is compiler dependent 8398and may fall back on "?" in certain situations. 8399 8400* Diagnostic commands 'ML_val' and 'ML_command' may refer to 8401antiquotations @{Isar.state} and @{Isar.goal}. This replaces impure 8402Isar.state() and Isar.goal(), which belong to the old TTY loop and do 8403not work with the asynchronous Isar document model. 8404 8405* Configuration options now admit dynamic default values, depending on 8406the context or even global references. 8407 8408* SHA1.digest digests strings according to SHA-1 (see RFC 3174). It 8409uses an efficient external library if available (for Poly/ML). 8410 8411* Renamed some important ML structures, while keeping the old names 8412for some time as aliases within the structure Legacy: 8413 8414 OuterKeyword ~> Keyword 8415 OuterLex ~> Token 8416 OuterParse ~> Parse 8417 OuterSyntax ~> Outer_Syntax 8418 PrintMode ~> Print_Mode 8419 SpecParse ~> Parse_Spec 8420 ThyInfo ~> Thy_Info 8421 ThyLoad ~> Thy_Load 8422 ThyOutput ~> Thy_Output 8423 TypeInfer ~> Type_Infer 8424 8425Note that "open Legacy" simplifies porting of sources, but forgetting 8426to remove it again will complicate porting again in the future. 8427 8428* Most operations that refer to a global context are named 8429accordingly, e.g. Simplifier.global_context or 8430ProofContext.init_global. There are some situations where a global 8431context actually works, but under normal circumstances one needs to 8432pass the proper local context through the code! 8433 8434* Discontinued old TheoryDataFun with its copy/init operation -- data 8435needs to be pure. Functor Theory_Data_PP retains the traditional 8436Pretty.pp argument to merge, which is absent in the standard 8437Theory_Data version. 8438 8439* Sorts.certify_sort and derived "cert" operations for types and terms 8440no longer minimize sorts. Thus certification at the boundary of the 8441inference kernel becomes invariant under addition of class relations, 8442which is an important monotonicity principle. Sorts are now minimized 8443in the syntax layer only, at the boundary between the end-user and the 8444system. Subtle INCOMPATIBILITY, may have to use Sign.minimize_sort 8445explicitly in rare situations. 8446 8447* Renamed old-style Drule.standard to Drule.export_without_context, to 8448emphasize that this is in no way a standard operation. 8449INCOMPATIBILITY. 8450 8451* Subgoal.FOCUS (and variants): resulting goal state is normalized as 8452usual for resolution. Rare INCOMPATIBILITY. 8453 8454* Renamed varify/unvarify operations to varify_global/unvarify_global 8455to emphasize that these only work in a global situation (which is 8456quite rare). 8457 8458* Curried take and drop in library.ML; negative length is interpreted 8459as infinity (as in chop). Subtle INCOMPATIBILITY. 8460 8461* Proof terms: type substitutions on proof constants now use canonical 8462order of type variables. INCOMPATIBILITY for tools working with proof 8463terms. 8464 8465* Raw axioms/defs may no longer carry sort constraints, and raw defs 8466may no longer carry premises. User-level specifications are 8467transformed accordingly by Thm.add_axiom/add_def. 8468 8469 8470*** System *** 8471 8472* Discontinued special HOL_USEDIR_OPTIONS for the main HOL image; 8473ISABELLE_USEDIR_OPTIONS applies uniformly to all sessions. Note that 8474proof terms are enabled unconditionally in the new HOL-Proofs image. 8475 8476* Discontinued old ISABELLE and ISATOOL environment settings (legacy 8477feature since Isabelle2009). Use ISABELLE_PROCESS and ISABELLE_TOOL, 8478respectively. 8479 8480* Old lib/scripts/polyml-platform is superseded by the 8481ISABELLE_PLATFORM setting variable, which defaults to the 32 bit 8482variant, even on a 64 bit machine. The following example setting 8483prefers 64 bit if available: 8484 8485 ML_PLATFORM="${ISABELLE_PLATFORM64:-$ISABELLE_PLATFORM}" 8486 8487* The preliminary Isabelle/jEdit application demonstrates the emerging 8488Isabelle/Scala layer for advanced prover interaction and integration. 8489See src/Tools/jEdit or "isabelle jedit" provided by the properly built 8490component. 8491 8492* "IsabelleText" is a Unicode font derived from Bitstream Vera Mono 8493and Bluesky TeX fonts. It provides the usual Isabelle symbols, 8494similar to the default assignment of the document preparation system 8495(cf. isabellesym.sty). The Isabelle/Scala class Isabelle_System 8496provides some operations for direct access to the font without asking 8497the user for manual installation. 8498 8499 8500 8501New in Isabelle2009-1 (December 2009) 8502------------------------------------- 8503 8504*** General *** 8505 8506* Discontinued old form of "escaped symbols" such as \\<forall>. Only 8507one backslash should be used, even in ML sources. 8508 8509 8510*** Pure *** 8511 8512* Locale interpretation propagates mixins along the locale hierarchy. 8513The currently only available mixins are the equations used to map 8514local definitions to terms of the target domain of an interpretation. 8515 8516* Reactivated diagnostic command 'print_interps'. Use "print_interps 8517loc" to print all interpretations of locale "loc" in the theory. 8518Interpretations in proofs are not shown. 8519 8520* Thoroughly revised locales tutorial. New section on conditional 8521interpretation. 8522 8523* On instantiation of classes, remaining undefined class parameters 8524are formally declared. INCOMPATIBILITY. 8525 8526 8527*** Document preparation *** 8528 8529* New generalized style concept for printing terms: @{foo (style) ...} 8530instead of @{foo_style style ...} (old form is still retained for 8531backward compatibility). Styles can be also applied for 8532antiquotations prop, term_type and typeof. 8533 8534 8535*** HOL *** 8536 8537* New proof method "smt" for a combination of first-order logic with 8538equality, linear and nonlinear (natural/integer/real) arithmetic, and 8539fixed-size bitvectors; there is also basic support for higher-order 8540features (esp. lambda abstractions). It is an incomplete decision 8541procedure based on external SMT solvers using the oracle mechanism; 8542for the SMT solver Z3, this method is proof-producing. Certificates 8543are provided to avoid calling the external solvers solely for 8544re-checking proofs. Due to a remote SMT service there is no need for 8545installing SMT solvers locally. See src/HOL/SMT. 8546 8547* New commands to load and prove verification conditions generated by 8548the Boogie program verifier or derived systems (e.g. the Verifying C 8549Compiler (VCC) or Spec#). See src/HOL/Boogie. 8550 8551* New counterexample generator tool 'nitpick' based on the Kodkod 8552relational model finder. See src/HOL/Tools/Nitpick and 8553src/HOL/Nitpick_Examples. 8554 8555* New commands 'code_pred' and 'values' to invoke the predicate 8556compiler and to enumerate values of inductive predicates. 8557 8558* A tabled implementation of the reflexive transitive closure. 8559 8560* New implementation of quickcheck uses generic code generator; 8561default generators are provided for all suitable HOL types, records 8562and datatypes. Old quickcheck can be re-activated importing theory 8563Library/SML_Quickcheck. 8564 8565* New testing tool Mirabelle for automated proof tools. Applies 8566several tools and tactics like sledgehammer, metis, or quickcheck, to 8567every proof step in a theory. To be used in batch mode via the 8568"mirabelle" utility. 8569 8570* New proof method "sos" (sum of squares) for nonlinear real 8571arithmetic (originally due to John Harison). It requires theory 8572Library/Sum_Of_Squares. It is not a complete decision procedure but 8573works well in practice on quantifier-free real arithmetic with +, -, 8574*, ^, =, <= and <, i.e. boolean combinations of equalities and 8575inequalities between polynomials. It makes use of external 8576semidefinite programming solvers. Method "sos" generates a 8577certificate that can be pasted into the proof thus avoiding the need 8578to call an external tool every time the proof is checked. See 8579src/HOL/Library/Sum_Of_Squares. 8580 8581* New method "linarith" invokes existing linear arithmetic decision 8582procedure only. 8583 8584* New command 'atp_minimal' reduces result produced by Sledgehammer. 8585 8586* New Sledgehammer option "Full Types" in Proof General settings menu. 8587Causes full type information to be output to the ATPs. This slows 8588ATPs down considerably but eliminates a source of unsound "proofs" 8589that fail later. 8590 8591* New method "metisFT": A version of metis that uses full type 8592information in order to avoid failures of proof reconstruction. 8593 8594* New evaluator "approximate" approximates an real valued term using 8595the same method as the approximation method. 8596 8597* Method "approximate" now supports arithmetic expressions as 8598boundaries of intervals and implements interval splitting and Taylor 8599series expansion. 8600 8601* ML antiquotation @{code_datatype} inserts definition of a datatype 8602generated by the code generator; e.g. see src/HOL/Predicate.thy. 8603 8604* New theory SupInf of the supremum and infimum operators for sets of 8605reals. 8606 8607* New theory Probability, which contains a development of measure 8608theory, eventually leading to Lebesgue integration and probability. 8609 8610* Extended Multivariate Analysis to include derivation and Brouwer's 8611fixpoint theorem. 8612 8613* Reorganization of number theory, INCOMPATIBILITY: 8614 - new number theory development for nat and int, in theories Divides 8615 and GCD as well as in new session Number_Theory 8616 - some constants and facts now suffixed with _nat and _int 8617 accordingly 8618 - former session NumberTheory now named Old_Number_Theory, including 8619 theories Legacy_GCD and Primes (prefer Number_Theory if possible) 8620 - moved theory Pocklington from src/HOL/Library to 8621 src/HOL/Old_Number_Theory 8622 8623* Theory GCD includes functions Gcd/GCD and Lcm/LCM for the gcd and 8624lcm of finite and infinite sets. It is shown that they form a complete 8625lattice. 8626 8627* Class semiring_div requires superclass no_zero_divisors and proof of 8628div_mult_mult1; theorems div_mult_mult1, div_mult_mult2, 8629div_mult_mult1_if, div_mult_mult1 and div_mult_mult2 have been 8630generalized to class semiring_div, subsuming former theorems 8631zdiv_zmult_zmult1, zdiv_zmult_zmult1_if, zdiv_zmult_zmult1 and 8632zdiv_zmult_zmult2. div_mult_mult1 is now [simp] by default. 8633INCOMPATIBILITY. 8634 8635* Refinements to lattice classes and sets: 8636 - less default intro/elim rules in locale variant, more default 8637 intro/elim rules in class variant: more uniformity 8638 - lemma ge_sup_conv renamed to le_sup_iff, in accordance with 8639 le_inf_iff 8640 - dropped lemma alias inf_ACI for inf_aci (same for sup_ACI and 8641 sup_aci) 8642 - renamed ACI to inf_sup_aci 8643 - new class "boolean_algebra" 8644 - class "complete_lattice" moved to separate theory 8645 "Complete_Lattice"; corresponding constants (and abbreviations) 8646 renamed and with authentic syntax: 8647 Set.Inf ~> Complete_Lattice.Inf 8648 Set.Sup ~> Complete_Lattice.Sup 8649 Set.INFI ~> Complete_Lattice.INFI 8650 Set.SUPR ~> Complete_Lattice.SUPR 8651 Set.Inter ~> Complete_Lattice.Inter 8652 Set.Union ~> Complete_Lattice.Union 8653 Set.INTER ~> Complete_Lattice.INTER 8654 Set.UNION ~> Complete_Lattice.UNION 8655 - authentic syntax for 8656 Set.Pow 8657 Set.image 8658 - mere abbreviations: 8659 Set.empty (for bot) 8660 Set.UNIV (for top) 8661 Set.inter (for inf, formerly Set.Int) 8662 Set.union (for sup, formerly Set.Un) 8663 Complete_Lattice.Inter (for Inf) 8664 Complete_Lattice.Union (for Sup) 8665 Complete_Lattice.INTER (for INFI) 8666 Complete_Lattice.UNION (for SUPR) 8667 - object-logic definitions as far as appropriate 8668 8669INCOMPATIBILITY. Care is required when theorems Int_subset_iff or 8670Un_subset_iff are explicitly deleted as default simp rules; then also 8671their lattice counterparts le_inf_iff and le_sup_iff have to be 8672deleted to achieve the desired effect. 8673 8674* Rules inf_absorb1, inf_absorb2, sup_absorb1, sup_absorb2 are no simp 8675rules by default any longer; the same applies to min_max.inf_absorb1 8676etc. INCOMPATIBILITY. 8677 8678* Rules sup_Int_eq and sup_Un_eq are no longer declared as 8679pred_set_conv by default. INCOMPATIBILITY. 8680 8681* Power operations on relations and functions are now one dedicated 8682constant "compow" with infix syntax "^^". Power operation on 8683multiplicative monoids retains syntax "^" and is now defined generic 8684in class power. INCOMPATIBILITY. 8685 8686* Relation composition "R O S" now has a more standard argument order: 8687"R O S = {(x, z). EX y. (x, y) : R & (y, z) : S}". INCOMPATIBILITY, 8688rewrite propositions with "S O R" --> "R O S". Proofs may occasionally 8689break, since the O_assoc rule was not rewritten like this. Fix using 8690O_assoc[symmetric]. The same applies to the curried version "R OO S". 8691 8692* Function "Inv" is renamed to "inv_into" and function "inv" is now an 8693abbreviation for "inv_into UNIV". Lemmas are renamed accordingly. 8694INCOMPATIBILITY. 8695 8696* Most rules produced by inductive and datatype package have mandatory 8697prefixes. INCOMPATIBILITY. 8698 8699* Changed "DERIV_intros" to a dynamic fact, which can be augmented by 8700the attribute of the same name. Each of the theorems in the list 8701DERIV_intros assumes composition with an additional function and 8702matches a variable to the derivative, which has to be solved by the 8703Simplifier. Hence (auto intro!: DERIV_intros) computes the derivative 8704of most elementary terms. Former Maclauren.DERIV_tac and 8705Maclauren.deriv_tac should be replaced by (auto intro!: DERIV_intros). 8706INCOMPATIBILITY. 8707 8708* Code generator attributes follow the usual underscore convention: 8709 code_unfold replaces code unfold 8710 code_post replaces code post 8711 etc. 8712 INCOMPATIBILITY. 8713 8714* Renamed methods: 8715 sizechange -> size_change 8716 induct_scheme -> induction_schema 8717 INCOMPATIBILITY. 8718 8719* Discontinued abbreviation "arbitrary" of constant "undefined". 8720INCOMPATIBILITY, use "undefined" directly. 8721 8722* Renamed theorems: 8723 Suc_eq_add_numeral_1 -> Suc_eq_plus1 8724 Suc_eq_add_numeral_1_left -> Suc_eq_plus1_left 8725 Suc_plus1 -> Suc_eq_plus1 8726 *anti_sym -> *antisym* 8727 vector_less_eq_def -> vector_le_def 8728 INCOMPATIBILITY. 8729 8730* Added theorem List.map_map as [simp]. Removed List.map_compose. 8731INCOMPATIBILITY. 8732 8733* Removed predicate "M hassize n" (<--> card M = n & finite M). 8734INCOMPATIBILITY. 8735 8736 8737*** HOLCF *** 8738 8739* Theory Representable defines a class "rep" of domains that are 8740representable (via an ep-pair) in the universal domain type "udom". 8741Instances are provided for all type constructors defined in HOLCF. 8742 8743* The 'new_domain' command is a purely definitional version of the 8744domain package, for representable domains. Syntax is identical to the 8745old domain package. The 'new_domain' package also supports indirect 8746recursion using previously-defined type constructors. See 8747src/HOLCF/ex/New_Domain.thy for examples. 8748 8749* Method "fixrec_simp" unfolds one step of a fixrec-defined constant 8750on the left-hand side of an equation, and then performs 8751simplification. Rewriting is done using rules declared with the 8752"fixrec_simp" attribute. The "fixrec_simp" method is intended as a 8753replacement for "fixpat"; see src/HOLCF/ex/Fixrec_ex.thy for examples. 8754 8755* The pattern-match compiler in 'fixrec' can now handle constructors 8756with HOL function types. Pattern-match combinators for the Pair 8757constructor are pre-configured. 8758 8759* The 'fixrec' package now produces better fixed-point induction rules 8760for mutually-recursive definitions: Induction rules have conclusions 8761of the form "P foo bar" instead of "P <foo, bar>". 8762 8763* The constant "sq_le" (with infix syntax "<<" or "\<sqsubseteq>") has 8764been renamed to "below". The name "below" now replaces "less" in many 8765theorem names. (Legacy theorem names using "less" are still supported 8766as well.) 8767 8768* The 'fixrec' package now supports "bottom patterns". Bottom 8769patterns can be used to generate strictness rules, or to make 8770functions more strict (much like the bang-patterns supported by the 8771Glasgow Haskell Compiler). See src/HOLCF/ex/Fixrec_ex.thy for 8772examples. 8773 8774 8775*** ML *** 8776 8777* Support for Poly/ML 5.3.0, with improved reporting of compiler 8778errors and run-time exceptions, including detailed source positions. 8779 8780* Structure Name_Space (formerly NameSpace) now manages uniquely 8781identified entries, with some additional information such as source 8782position, logical grouping etc. 8783 8784* Theory and context data is now introduced by the simplified and 8785modernized functors Theory_Data, Proof_Data, Generic_Data. Data needs 8786to be pure, but the old TheoryDataFun for mutable data (with explicit 8787copy operation) is still available for some time. 8788 8789* Structure Synchronized (cf. src/Pure/Concurrent/synchronized.ML) 8790provides a high-level programming interface to synchronized state 8791variables with atomic update. This works via pure function 8792application within a critical section -- its runtime should be as 8793short as possible; beware of deadlocks if critical code is nested, 8794either directly or indirectly via other synchronized variables! 8795 8796* Structure Unsynchronized (cf. src/Pure/ML-Systems/unsynchronized.ML) 8797wraps raw ML references, explicitly indicating their non-thread-safe 8798behaviour. The Isar toplevel keeps this structure open, to 8799accommodate Proof General as well as quick and dirty interactive 8800experiments with references. 8801 8802* PARALLEL_CHOICE and PARALLEL_GOALS provide basic support for 8803parallel tactical reasoning. 8804 8805* Tacticals Subgoal.FOCUS, Subgoal.FOCUS_PREMS, Subgoal.FOCUS_PARAMS 8806are similar to SUBPROOF, but are slightly more flexible: only the 8807specified parts of the subgoal are imported into the context, and the 8808body tactic may introduce new subgoals and schematic variables. 8809 8810* Old tactical METAHYPS, which does not observe the proof context, has 8811been renamed to Old_Goals.METAHYPS and awaits deletion. Use SUBPROOF 8812or Subgoal.FOCUS etc. 8813 8814* Renamed functor TableFun to Table, and GraphFun to Graph. (Since 8815functors have their own ML name space there is no point to mark them 8816separately.) Minor INCOMPATIBILITY. 8817 8818* Renamed NamedThmsFun to Named_Thms. INCOMPATIBILITY. 8819 8820* Renamed several structures FooBar to Foo_Bar. Occasional, 8821INCOMPATIBILITY. 8822 8823* Operations of structure Skip_Proof no longer require quick_and_dirty 8824mode, which avoids critical setmp. 8825 8826* Eliminated old Attrib.add_attributes, Method.add_methods and related 8827combinators for "args". INCOMPATIBILITY, need to use simplified 8828Attrib/Method.setup introduced in Isabelle2009. 8829 8830* Proper context for simpset_of, claset_of, clasimpset_of. May fall 8831back on global_simpset_of, global_claset_of, global_clasimpset_of as 8832last resort. INCOMPATIBILITY. 8833 8834* Display.pretty_thm now requires a proper context (cf. former 8835ProofContext.pretty_thm). May fall back on Display.pretty_thm_global 8836or even Display.pretty_thm_without_context as last resort. 8837INCOMPATIBILITY. 8838 8839* Discontinued Display.pretty_ctyp/cterm etc. INCOMPATIBILITY, use 8840Syntax.pretty_typ/term directly, preferably with proper context 8841instead of global theory. 8842 8843 8844*** System *** 8845 8846* Further fine tuning of parallel proof checking, scales up to 8 cores 8847(max. speedup factor 5.0). See also Goal.parallel_proofs in ML and 8848usedir option -q. 8849 8850* Support for additional "Isabelle components" via etc/components, see 8851also the system manual. 8852 8853* The isabelle makeall tool now operates on all components with 8854IsaMakefile, not just hardwired "logics". 8855 8856* Removed "compress" option from isabelle-process and isabelle usedir; 8857this is always enabled. 8858 8859* Discontinued support for Poly/ML 4.x versions. 8860 8861* Isabelle tool "wwwfind" provides web interface for 'find_theorems' 8862on a given logic image. This requires the lighttpd webserver and is 8863currently supported on Linux only. 8864 8865 8866 8867New in Isabelle2009 (April 2009) 8868-------------------------------- 8869 8870*** General *** 8871 8872* Simplified main Isabelle executables, with less surprises on 8873case-insensitive file-systems (such as Mac OS). 8874 8875 - The main Isabelle tool wrapper is now called "isabelle" instead of 8876 "isatool." 8877 8878 - The former "isabelle" alias for "isabelle-process" has been 8879 removed (should rarely occur to regular users). 8880 8881 - The former "isabelle-interface" and its alias "Isabelle" have been 8882 removed (interfaces are now regular Isabelle tools). 8883 8884Within scripts and make files, the Isabelle environment variables 8885ISABELLE_TOOL and ISABELLE_PROCESS replace old ISATOOL and ISABELLE, 8886respectively. (The latter are still available as legacy feature.) 8887 8888The old isabelle-interface wrapper could react in confusing ways if 8889the interface was uninstalled or changed otherwise. Individual 8890interface tool configuration is now more explicit, see also the 8891Isabelle system manual. In particular, Proof General is now available 8892via "isabelle emacs". 8893 8894INCOMPATIBILITY, need to adapt derivative scripts. Users may need to 8895purge installed copies of Isabelle executables and re-run "isabelle 8896install -p ...", or use symlinks. 8897 8898* The default for ISABELLE_HOME_USER is now ~/.isabelle instead of the 8899old ~/isabelle, which was slightly non-standard and apt to cause 8900surprises on case-insensitive file-systems (such as Mac OS). 8901 8902INCOMPATIBILITY, need to move existing ~/isabelle/etc, 8903~/isabelle/heaps, ~/isabelle/browser_info to the new place. Special 8904care is required when using older releases of Isabelle. Note that 8905ISABELLE_HOME_USER can be changed in Isabelle/etc/settings of any 8906Isabelle distribution, in order to use the new ~/.isabelle uniformly. 8907 8908* Proofs of fully specified statements are run in parallel on 8909multi-core systems. A speedup factor of 2.5 to 3.2 can be expected on 8910a regular 4-core machine, if the initial heap space is made reasonably 8911large (cf. Poly/ML option -H). (Requires Poly/ML 5.2.1 or later.) 8912 8913* The main reference manuals ("isar-ref", "implementation", and 8914"system") have been updated and extended. Formally checked references 8915as hyperlinks are now available uniformly. 8916 8917 8918*** Pure *** 8919 8920* Complete re-implementation of locales. INCOMPATIBILITY in several 8921respects. The most important changes are listed below. See the 8922Tutorial on Locales ("locales" manual) for details. 8923 8924- In locale expressions, instantiation replaces renaming. Parameters 8925must be declared in a for clause. To aid compatibility with previous 8926parameter inheritance, in locale declarations, parameters that are not 8927'touched' (instantiation position "_" or omitted) are implicitly added 8928with their syntax at the beginning of the for clause. 8929 8930- Syntax from abbreviations and definitions in locales is available in 8931locale expressions and context elements. The latter is particularly 8932useful in locale declarations. 8933 8934- More flexible mechanisms to qualify names generated by locale 8935expressions. Qualifiers (prefixes) may be specified in locale 8936expressions, and can be marked as mandatory (syntax: "name!:") or 8937optional (syntax "name?:"). The default depends for plain "name:" 8938depends on the situation where a locale expression is used: in 8939commands 'locale' and 'sublocale' prefixes are optional, in 8940'interpretation' and 'interpret' prefixes are mandatory. The old 8941implicit qualifiers derived from the parameter names of a locale are 8942no longer generated. 8943 8944- Command "sublocale l < e" replaces "interpretation l < e". The 8945instantiation clause in "interpretation" and "interpret" (square 8946brackets) is no longer available. Use locale expressions. 8947 8948- When converting proof scripts, mandatory qualifiers in 8949'interpretation' and 'interpret' should be retained by default, even 8950if this is an INCOMPATIBILITY compared to former behavior. In the 8951worst case, use the "name?:" form for non-mandatory ones. Qualifiers 8952in locale expressions range over a single locale instance only. 8953 8954- Dropped locale element "includes". This is a major INCOMPATIBILITY. 8955In existing theorem specifications replace the includes element by the 8956respective context elements of the included locale, omitting those 8957that are already present in the theorem specification. Multiple 8958assume elements of a locale should be replaced by a single one 8959involving the locale predicate. In the proof body, declarations (most 8960notably theorems) may be regained by interpreting the respective 8961locales in the proof context as required (command "interpret"). 8962 8963If using "includes" in replacement of a target solely because the 8964parameter types in the theorem are not as general as in the target, 8965consider declaring a new locale with additional type constraints on 8966the parameters (context element "constrains"). 8967 8968- Discontinued "locale (open)". INCOMPATIBILITY. 8969 8970- Locale interpretation commands no longer attempt to simplify goal. 8971INCOMPATIBILITY: in rare situations the generated goal differs. Use 8972methods intro_locales and unfold_locales to clarify. 8973 8974- Locale interpretation commands no longer accept interpretation 8975attributes. INCOMPATIBILITY. 8976 8977* Class declaration: so-called "base sort" must not be given in import 8978list any longer, but is inferred from the specification. Particularly 8979in HOL, write 8980 8981 class foo = ... 8982 8983instead of 8984 8985 class foo = type + ... 8986 8987* Class target: global versions of theorems stemming do not carry a 8988parameter prefix any longer. INCOMPATIBILITY. 8989 8990* Class 'instance' command no longer accepts attached definitions. 8991INCOMPATIBILITY, use proper 'instantiation' target instead. 8992 8993* Recovered hiding of consts, which was accidentally broken in 8994Isabelle2007. Potential INCOMPATIBILITY, ``hide const c'' really 8995makes c inaccessible; consider using ``hide (open) const c'' instead. 8996 8997* Slightly more coherent Pure syntax, with updated documentation in 8998isar-ref manual. Removed locales meta_term_syntax and 8999meta_conjunction_syntax: TERM and &&& (formerly &&) are now permanent, 9000INCOMPATIBILITY in rare situations. Note that &&& should not be used 9001directly in regular applications. 9002 9003* There is a new syntactic category "float_const" for signed decimal 9004fractions (e.g. 123.45 or -123.45). 9005 9006* Removed exotic 'token_translation' command. INCOMPATIBILITY, use ML 9007interface with 'setup' command instead. 9008 9009* Command 'local_setup' is similar to 'setup', but operates on a local 9010theory context. 9011 9012* The 'axiomatization' command now only works within a global theory 9013context. INCOMPATIBILITY. 9014 9015* Goal-directed proof now enforces strict proof irrelevance wrt. sort 9016hypotheses. Sorts required in the course of reasoning need to be 9017covered by the constraints in the initial statement, completed by the 9018type instance information of the background theory. Non-trivial sort 9019hypotheses, which rarely occur in practice, may be specified via 9020vacuous propositions of the form SORT_CONSTRAINT('a::c). For example: 9021 9022 lemma assumes "SORT_CONSTRAINT('a::empty)" shows False ... 9023 9024The result contains an implicit sort hypotheses as before -- 9025SORT_CONSTRAINT premises are eliminated as part of the canonical rule 9026normalization. 9027 9028* Generalized Isar history, with support for linear undo, direct state 9029addressing etc. 9030 9031* Changed defaults for unify configuration options: 9032 9033 unify_trace_bound = 50 (formerly 25) 9034 unify_search_bound = 60 (formerly 30) 9035 9036* Different bookkeeping for code equations (INCOMPATIBILITY): 9037 9038 a) On theory merge, the last set of code equations for a particular 9039 constant is taken (in accordance with the policy applied by other 9040 parts of the code generator framework). 9041 9042 b) Code equations stemming from explicit declarations (e.g. code 9043 attribute) gain priority over default code equations stemming 9044 from definition, primrec, fun etc. 9045 9046* Keyword 'code_exception' now named 'code_abort'. INCOMPATIBILITY. 9047 9048* Unified theorem tables for both code generators. Thus [code 9049func] has disappeared and only [code] remains. INCOMPATIBILITY. 9050 9051* Command 'find_consts' searches for constants based on type and name 9052patterns, e.g. 9053 9054 find_consts "_ => bool" 9055 9056By default, matching is against subtypes, but it may be restricted to 9057the whole type. Searching by name is possible. Multiple queries are 9058conjunctive and queries may be negated by prefixing them with a 9059hyphen: 9060 9061 find_consts strict: "_ => bool" name: "Int" -"int => int" 9062 9063* New 'find_theorems' criterion "solves" matches theorems that 9064directly solve the current goal (modulo higher-order unification). 9065 9066* Auto solve feature for main theorem statements: whenever a new goal 9067is stated, "find_theorems solves" is called; any theorems that could 9068solve the lemma directly are listed as part of the goal state. 9069Cf. associated options in Proof General Isabelle settings menu, 9070enabled by default, with reasonable timeout for pathological cases of 9071higher-order unification. 9072 9073 9074*** Document preparation *** 9075 9076* Antiquotation @{lemma} now imitates a regular terminal proof, 9077demanding keyword 'by' and supporting the full method expression 9078syntax just like the Isar command 'by'. 9079 9080 9081*** HOL *** 9082 9083* Integrated main parts of former image HOL-Complex with HOL. Entry 9084points Main and Complex_Main remain as before. 9085 9086* Logic image HOL-Plain provides a minimal HOL with the most important 9087tools available (inductive, datatype, primrec, ...). This facilitates 9088experimentation and tool development. Note that user applications 9089(and library theories) should never refer to anything below theory 9090Main, as before. 9091 9092* Logic image HOL-Main stops at theory Main, and thus facilitates 9093experimentation due to shorter build times. 9094 9095* Logic image HOL-NSA contains theories of nonstandard analysis which 9096were previously part of former HOL-Complex. Entry point Hyperreal 9097remains valid, but theories formerly using Complex_Main should now use 9098new entry point Hypercomplex. 9099 9100* Generic ATP manager for Sledgehammer, based on ML threads instead of 9101Posix processes. Avoids potentially expensive forking of the ML 9102process. New thread-based implementation also works on non-Unix 9103platforms (Cygwin). Provers are no longer hardwired, but defined 9104within the theory via plain ML wrapper functions. Basic Sledgehammer 9105commands are covered in the isar-ref manual. 9106 9107* Wrapper scripts for remote SystemOnTPTP service allows to use 9108sledgehammer without local ATP installation (Vampire etc.). Other 9109provers may be included via suitable ML wrappers, see also 9110src/HOL/ATP_Linkup.thy. 9111 9112* ATP selection (E/Vampire/Spass) is now via Proof General's settings 9113menu. 9114 9115* The metis method no longer fails because the theorem is too trivial 9116(contains the empty clause). 9117 9118* The metis method now fails in the usual manner, rather than raising 9119an exception, if it determines that it cannot prove the theorem. 9120 9121* Method "coherent" implements a prover for coherent logic (see also 9122src/Tools/coherent.ML). 9123 9124* Constants "undefined" and "default" replace "arbitrary". Usually 9125"undefined" is the right choice to replace "arbitrary", though 9126logically there is no difference. INCOMPATIBILITY. 9127 9128* Command "value" now integrates different evaluation mechanisms. The 9129result of the first successful evaluation mechanism is printed. In 9130square brackets a particular named evaluation mechanisms may be 9131specified (currently, [SML], [code] or [nbe]). See further 9132src/HOL/ex/Eval_Examples.thy. 9133 9134* Normalization by evaluation now allows non-leftlinear equations. 9135Declare with attribute [code nbe]. 9136 9137* Methods "case_tac" and "induct_tac" now refer to the very same rules 9138as the structured Isar versions "cases" and "induct", cf. the 9139corresponding "cases" and "induct" attributes. Mutual induction rules 9140are now presented as a list of individual projections 9141(e.g. foo_bar.inducts for types foo and bar); the old format with 9142explicit HOL conjunction is no longer supported. INCOMPATIBILITY, in 9143rare situations a different rule is selected --- notably nested tuple 9144elimination instead of former prod.exhaust: use explicit (case_tac t 9145rule: prod.exhaust) here. 9146 9147* Attributes "cases", "induct", "coinduct" support "del" option. 9148 9149* Removed fact "case_split_thm", which duplicates "case_split". 9150 9151* The option datatype has been moved to a new theory Option. Renamed 9152option_map to Option.map, and o2s to Option.set, INCOMPATIBILITY. 9153 9154* New predicate "strict_mono" classifies strict functions on partial 9155orders. With strict functions on linear orders, reasoning about 9156(in)equalities is facilitated by theorems "strict_mono_eq", 9157"strict_mono_less_eq" and "strict_mono_less". 9158 9159* Some set operations are now proper qualified constants with 9160authentic syntax. INCOMPATIBILITY: 9161 9162 op Int ~> Set.Int 9163 op Un ~> Set.Un 9164 INTER ~> Set.INTER 9165 UNION ~> Set.UNION 9166 Inter ~> Set.Inter 9167 Union ~> Set.Union 9168 {} ~> Set.empty 9169 UNIV ~> Set.UNIV 9170 9171* Class complete_lattice with operations Inf, Sup, INFI, SUPR now in 9172theory Set. 9173 9174* Auxiliary class "itself" has disappeared -- classes without any 9175parameter are treated as expected by the 'class' command. 9176 9177* Leibnitz's Series for Pi and the arcus tangens and logarithm series. 9178 9179* Common decision procedures (Cooper, MIR, Ferrack, Approximation, 9180Dense_Linear_Order) are now in directory HOL/Decision_Procs. 9181 9182* Theory src/HOL/Decision_Procs/Approximation provides the new proof 9183method "approximation". It proves formulas on real values by using 9184interval arithmetic. In the formulas are also the transcendental 9185functions sin, cos, tan, atan, ln, exp and the constant pi are 9186allowed. For examples see 9187src/HOL/Descision_Procs/ex/Approximation_Ex.thy. 9188 9189* Theory "Reflection" now resides in HOL/Library. 9190 9191* Entry point to Word library now simply named "Word". 9192INCOMPATIBILITY. 9193 9194* Made source layout more coherent with logical distribution 9195structure: 9196 9197 src/HOL/Library/RType.thy ~> src/HOL/Typerep.thy 9198 src/HOL/Library/Code_Message.thy ~> src/HOL/ 9199 src/HOL/Library/GCD.thy ~> src/HOL/ 9200 src/HOL/Library/Order_Relation.thy ~> src/HOL/ 9201 src/HOL/Library/Parity.thy ~> src/HOL/ 9202 src/HOL/Library/Univ_Poly.thy ~> src/HOL/ 9203 src/HOL/Real/ContNotDenum.thy ~> src/HOL/Library/ 9204 src/HOL/Real/Lubs.thy ~> src/HOL/ 9205 src/HOL/Real/PReal.thy ~> src/HOL/ 9206 src/HOL/Real/Rational.thy ~> src/HOL/ 9207 src/HOL/Real/RComplete.thy ~> src/HOL/ 9208 src/HOL/Real/RealDef.thy ~> src/HOL/ 9209 src/HOL/Real/RealPow.thy ~> src/HOL/ 9210 src/HOL/Real/Real.thy ~> src/HOL/ 9211 src/HOL/Complex/Complex_Main.thy ~> src/HOL/ 9212 src/HOL/Complex/Complex.thy ~> src/HOL/ 9213 src/HOL/Complex/FrechetDeriv.thy ~> src/HOL/Library/ 9214 src/HOL/Complex/Fundamental_Theorem_Algebra.thy ~> src/HOL/Library/ 9215 src/HOL/Hyperreal/Deriv.thy ~> src/HOL/ 9216 src/HOL/Hyperreal/Fact.thy ~> src/HOL/ 9217 src/HOL/Hyperreal/Integration.thy ~> src/HOL/ 9218 src/HOL/Hyperreal/Lim.thy ~> src/HOL/ 9219 src/HOL/Hyperreal/Ln.thy ~> src/HOL/ 9220 src/HOL/Hyperreal/Log.thy ~> src/HOL/ 9221 src/HOL/Hyperreal/MacLaurin.thy ~> src/HOL/ 9222 src/HOL/Hyperreal/NthRoot.thy ~> src/HOL/ 9223 src/HOL/Hyperreal/Series.thy ~> src/HOL/ 9224 src/HOL/Hyperreal/SEQ.thy ~> src/HOL/ 9225 src/HOL/Hyperreal/Taylor.thy ~> src/HOL/ 9226 src/HOL/Hyperreal/Transcendental.thy ~> src/HOL/ 9227 src/HOL/Real/Float ~> src/HOL/Library/ 9228 src/HOL/Real/HahnBanach ~> src/HOL/HahnBanach 9229 src/HOL/Real/RealVector.thy ~> src/HOL/ 9230 9231 src/HOL/arith_data.ML ~> src/HOL/Tools 9232 src/HOL/hologic.ML ~> src/HOL/Tools 9233 src/HOL/simpdata.ML ~> src/HOL/Tools 9234 src/HOL/int_arith1.ML ~> src/HOL/Tools/int_arith.ML 9235 src/HOL/int_factor_simprocs.ML ~> src/HOL/Tools 9236 src/HOL/nat_simprocs.ML ~> src/HOL/Tools 9237 src/HOL/Real/float_arith.ML ~> src/HOL/Tools 9238 src/HOL/Real/float_syntax.ML ~> src/HOL/Tools 9239 src/HOL/Real/rat_arith.ML ~> src/HOL/Tools 9240 src/HOL/Real/real_arith.ML ~> src/HOL/Tools 9241 9242 src/HOL/Library/Array.thy ~> src/HOL/Imperative_HOL 9243 src/HOL/Library/Heap_Monad.thy ~> src/HOL/Imperative_HOL 9244 src/HOL/Library/Heap.thy ~> src/HOL/Imperative_HOL 9245 src/HOL/Library/Imperative_HOL.thy ~> src/HOL/Imperative_HOL 9246 src/HOL/Library/Ref.thy ~> src/HOL/Imperative_HOL 9247 src/HOL/Library/Relational.thy ~> src/HOL/Imperative_HOL 9248 9249* If methods "eval" and "evaluation" encounter a structured proof 9250state with !!/==>, only the conclusion is evaluated to True (if 9251possible), avoiding strange error messages. 9252 9253* Method "sizechange" automates termination proofs using (a 9254modification of) the size-change principle. Requires SAT solver. See 9255src/HOL/ex/Termination.thy for examples. 9256 9257* Simplifier: simproc for let expressions now unfolds if bound 9258variable occurs at most once in let expression body. INCOMPATIBILITY. 9259 9260* Method "arith": Linear arithmetic now ignores all inequalities when 9261fast_arith_neq_limit is exceeded, instead of giving up entirely. 9262 9263* New attribute "arith" for facts that should always be used 9264automatically by arithmetic. It is intended to be used locally in 9265proofs, e.g. 9266 9267 assumes [arith]: "x > 0" 9268 9269Global usage is discouraged because of possible performance impact. 9270 9271* New classes "top" and "bot" with corresponding operations "top" and 9272"bot" in theory Orderings; instantiation of class "complete_lattice" 9273requires instantiation of classes "top" and "bot". INCOMPATIBILITY. 9274 9275* Changed definition lemma "less_fun_def" in order to provide an 9276instance for preorders on functions; use lemma "less_le" instead. 9277INCOMPATIBILITY. 9278 9279* Theory Orderings: class "wellorder" moved here, with explicit 9280induction rule "less_induct" as assumption. For instantiation of 9281"wellorder" by means of predicate "wf", use rule wf_wellorderI. 9282INCOMPATIBILITY. 9283 9284* Theory Orderings: added class "preorder" as superclass of "order". 9285INCOMPATIBILITY: Instantiation proofs for order, linorder 9286etc. slightly changed. Some theorems named order_class.* now named 9287preorder_class.*. 9288 9289* Theory Relation: renamed "refl" to "refl_on", "reflexive" to "refl, 9290"diag" to "Id_on". 9291 9292* Theory Finite_Set: added a new fold combinator of type 9293 9294 ('a => 'b => 'b) => 'b => 'a set => 'b 9295 9296Occasionally this is more convenient than the old fold combinator 9297which is now defined in terms of the new one and renamed to 9298fold_image. 9299 9300* Theories Ring_and_Field and OrderedGroup: The lemmas "group_simps" 9301and "ring_simps" have been replaced by "algebra_simps" (which can be 9302extended with further lemmas!). At the moment both still exist but 9303the former will disappear at some point. 9304 9305* Theory Power: Lemma power_Suc is now declared as a simp rule in 9306class recpower. Type-specific simp rules for various recpower types 9307have been removed. INCOMPATIBILITY, rename old lemmas as follows: 9308 9309rat_power_0 -> power_0 9310rat_power_Suc -> power_Suc 9311realpow_0 -> power_0 9312realpow_Suc -> power_Suc 9313complexpow_0 -> power_0 9314complexpow_Suc -> power_Suc 9315power_poly_0 -> power_0 9316power_poly_Suc -> power_Suc 9317 9318* Theories Ring_and_Field and Divides: Definition of "op dvd" has been 9319moved to separate class dvd in Ring_and_Field; a couple of lemmas on 9320dvd has been generalized to class comm_semiring_1. Likewise a bunch 9321of lemmas from Divides has been generalized from nat to class 9322semiring_div. INCOMPATIBILITY. This involves the following theorem 9323renames resulting from duplicate elimination: 9324 9325 dvd_def_mod ~> dvd_eq_mod_eq_0 9326 zero_dvd_iff ~> dvd_0_left_iff 9327 dvd_0 ~> dvd_0_right 9328 DIVISION_BY_ZERO_DIV ~> div_by_0 9329 DIVISION_BY_ZERO_MOD ~> mod_by_0 9330 mult_div ~> div_mult_self2_is_id 9331 mult_mod ~> mod_mult_self2_is_0 9332 9333* Theory IntDiv: removed many lemmas that are instances of class-based 9334generalizations (from Divides and Ring_and_Field). INCOMPATIBILITY, 9335rename old lemmas as follows: 9336 9337dvd_diff -> nat_dvd_diff 9338dvd_zminus_iff -> dvd_minus_iff 9339mod_add1_eq -> mod_add_eq 9340mod_mult1_eq -> mod_mult_right_eq 9341mod_mult1_eq' -> mod_mult_left_eq 9342mod_mult_distrib_mod -> mod_mult_eq 9343nat_mod_add_left_eq -> mod_add_left_eq 9344nat_mod_add_right_eq -> mod_add_right_eq 9345nat_mod_div_trivial -> mod_div_trivial 9346nat_mod_mod_trivial -> mod_mod_trivial 9347zdiv_zadd_self1 -> div_add_self1 9348zdiv_zadd_self2 -> div_add_self2 9349zdiv_zmult_self1 -> div_mult_self2_is_id 9350zdiv_zmult_self2 -> div_mult_self1_is_id 9351zdvd_triv_left -> dvd_triv_left 9352zdvd_triv_right -> dvd_triv_right 9353zdvd_zmult_cancel_disj -> dvd_mult_cancel_left 9354zmod_eq0_zdvd_iff -> dvd_eq_mod_eq_0[symmetric] 9355zmod_zadd_left_eq -> mod_add_left_eq 9356zmod_zadd_right_eq -> mod_add_right_eq 9357zmod_zadd_self1 -> mod_add_self1 9358zmod_zadd_self2 -> mod_add_self2 9359zmod_zadd1_eq -> mod_add_eq 9360zmod_zdiff1_eq -> mod_diff_eq 9361zmod_zdvd_zmod -> mod_mod_cancel 9362zmod_zmod_cancel -> mod_mod_cancel 9363zmod_zmult_self1 -> mod_mult_self2_is_0 9364zmod_zmult_self2 -> mod_mult_self1_is_0 9365zmod_1 -> mod_by_1 9366zdiv_1 -> div_by_1 9367zdvd_abs1 -> abs_dvd_iff 9368zdvd_abs2 -> dvd_abs_iff 9369zdvd_refl -> dvd_refl 9370zdvd_trans -> dvd_trans 9371zdvd_zadd -> dvd_add 9372zdvd_zdiff -> dvd_diff 9373zdvd_zminus_iff -> dvd_minus_iff 9374zdvd_zminus2_iff -> minus_dvd_iff 9375zdvd_zmultD -> dvd_mult_right 9376zdvd_zmultD2 -> dvd_mult_left 9377zdvd_zmult_mono -> mult_dvd_mono 9378zdvd_0_right -> dvd_0_right 9379zdvd_0_left -> dvd_0_left_iff 9380zdvd_1_left -> one_dvd 9381zminus_dvd_iff -> minus_dvd_iff 9382 9383* Theory Rational: 'Fract k 0' now equals '0'. INCOMPATIBILITY. 9384 9385* The real numbers offer decimal input syntax: 12.34 is translated 9386into 1234/10^2. This translation is not reversed upon output. 9387 9388* Theory Library/Polynomial defines an abstract type 'a poly of 9389univariate polynomials with coefficients of type 'a. In addition to 9390the standard ring operations, it also supports div and mod. Code 9391generation is also supported, using list-style constructors. 9392 9393* Theory Library/Inner_Product defines a class of real_inner for real 9394inner product spaces, with an overloaded operation inner :: 'a => 'a 9395=> real. Class real_inner is a subclass of real_normed_vector from 9396theory RealVector. 9397 9398* Theory Library/Product_Vector provides instances for the product 9399type 'a * 'b of several classes from RealVector and Inner_Product. 9400Definitions of addition, subtraction, scalar multiplication, norms, 9401and inner products are included. 9402 9403* Theory Library/Bit defines the field "bit" of integers modulo 2. In 9404addition to the field operations, numerals and case syntax are also 9405supported. 9406 9407* Theory Library/Diagonalize provides constructive version of Cantor's 9408first diagonalization argument. 9409 9410* Theory Library/GCD: Curried operations gcd, lcm (for nat) and zgcd, 9411zlcm (for int); carried together from various gcd/lcm developements in 9412the HOL Distribution. Constants zgcd and zlcm replace former igcd and 9413ilcm; corresponding theorems renamed accordingly. INCOMPATIBILITY, 9414may recover tupled syntax as follows: 9415 9416 hide (open) const gcd 9417 abbreviation gcd where 9418 "gcd == (%(a, b). GCD.gcd a b)" 9419 notation (output) 9420 GCD.gcd ("gcd '(_, _')") 9421 9422The same works for lcm, zgcd, zlcm. 9423 9424* Theory Library/Nat_Infinity: added addition, numeral syntax and more 9425instantiations for algebraic structures. Removed some duplicate 9426theorems. Changes in simp rules. INCOMPATIBILITY. 9427 9428* ML antiquotation @{code} takes a constant as argument and generates 9429corresponding code in background and inserts name of the corresponding 9430resulting ML value/function/datatype constructor binding in place. 9431All occurrences of @{code} with a single ML block are generated 9432simultaneously. Provides a generic and safe interface for 9433instrumentalizing code generation. See 9434src/HOL/Decision_Procs/Ferrack.thy for a more ambitious application. 9435In future you ought to refrain from ad-hoc compiling generated SML 9436code on the ML toplevel. Note that (for technical reasons) @{code} 9437cannot refer to constants for which user-defined serializations are 9438set. Refer to the corresponding ML counterpart directly in that 9439cases. 9440 9441* Command 'rep_datatype': instead of theorem names the command now 9442takes a list of terms denoting the constructors of the type to be 9443represented as datatype. The characteristic theorems have to be 9444proven. INCOMPATIBILITY. Also observe that the following theorems 9445have disappeared in favour of existing ones: 9446 9447 unit_induct ~> unit.induct 9448 prod_induct ~> prod.induct 9449 sum_induct ~> sum.induct 9450 Suc_Suc_eq ~> nat.inject 9451 Suc_not_Zero Zero_not_Suc ~> nat.distinct 9452 9453 9454*** HOL-Algebra *** 9455 9456* New locales for orders and lattices where the equivalence relation 9457is not restricted to equality. INCOMPATIBILITY: all order and lattice 9458locales use a record structure with field eq for the equivalence. 9459 9460* New theory of factorial domains. 9461 9462* Units_l_inv and Units_r_inv are now simp rules by default. 9463INCOMPATIBILITY. Simplifier proof that require deletion of l_inv 9464and/or r_inv will now also require deletion of these lemmas. 9465 9466* Renamed the following theorems, INCOMPATIBILITY: 9467 9468UpperD ~> Upper_memD 9469LowerD ~> Lower_memD 9470least_carrier ~> least_closed 9471greatest_carrier ~> greatest_closed 9472greatest_Lower_above ~> greatest_Lower_below 9473one_zero ~> carrier_one_zero 9474one_not_zero ~> carrier_one_not_zero (collision with assumption) 9475 9476 9477*** HOL-Nominal *** 9478 9479* Nominal datatypes can now contain type-variables. 9480 9481* Commands 'nominal_inductive' and 'equivariance' work with local 9482theory targets. 9483 9484* Nominal primrec can now works with local theory targets and its 9485specification syntax now conforms to the general format as seen in 9486'inductive' etc. 9487 9488* Method "perm_simp" honours the standard simplifier attributes 9489(no_asm), (no_asm_use) etc. 9490 9491* The new predicate #* is defined like freshness, except that on the 9492left hand side can be a set or list of atoms. 9493 9494* Experimental command 'nominal_inductive2' derives strong induction 9495principles for inductive definitions. In contrast to 9496'nominal_inductive', which can only deal with a fixed number of 9497binders, it can deal with arbitrary expressions standing for sets of 9498atoms to be avoided. The only inductive definition we have at the 9499moment that needs this generalisation is the typing rule for Lets in 9500the algorithm W: 9501 9502 Gamma |- t1 : T1 (x,close Gamma T1)::Gamma |- t2 : T2 x#Gamma 9503 ----------------------------------------------------------------- 9504 Gamma |- Let x be t1 in t2 : T2 9505 9506In this rule one wants to avoid all the binders that are introduced by 9507"close Gamma T1". We are looking for other examples where this 9508feature might be useful. Please let us know. 9509 9510 9511*** HOLCF *** 9512 9513* Reimplemented the simplification procedure for proving continuity 9514subgoals. The new simproc is extensible; users can declare additional 9515continuity introduction rules with the attribute [cont2cont]. 9516 9517* The continuity simproc now uses a different introduction rule for 9518solving continuity subgoals on terms with lambda abstractions. In 9519some rare cases the new simproc may fail to solve subgoals that the 9520old one could solve, and "simp add: cont2cont_LAM" may be necessary. 9521Potential INCOMPATIBILITY. 9522 9523* Command 'fixrec': specification syntax now conforms to the general 9524format as seen in 'inductive' etc. See src/HOLCF/ex/Fixrec_ex.thy for 9525examples. INCOMPATIBILITY. 9526 9527 9528*** ZF *** 9529 9530* Proof of Zorn's Lemma for partial orders. 9531 9532 9533*** ML *** 9534 9535* Multithreading for Poly/ML 5.1/5.2 is no longer supported, only for 9536Poly/ML 5.2.1 or later. Important note: the TimeLimit facility 9537depends on multithreading, so timouts will not work before Poly/ML 95385.2.1! 9539 9540* High-level support for concurrent ML programming, see 9541src/Pure/Cuncurrent. The data-oriented model of "future values" is 9542particularly convenient to organize independent functional 9543computations. The concept of "synchronized variables" provides a 9544higher-order interface for components with shared state, avoiding the 9545delicate details of mutexes and condition variables. (Requires 9546Poly/ML 5.2.1 or later.) 9547 9548* ML bindings produced via Isar commands are stored within the Isar 9549context (theory or proof). Consequently, commands like 'use' and 'ML' 9550become thread-safe and work with undo as expected (concerning 9551top-level bindings, not side-effects on global references). 9552INCOMPATIBILITY, need to provide proper Isar context when invoking the 9553compiler at runtime; really global bindings need to be given outside a 9554theory. (Requires Poly/ML 5.2 or later.) 9555 9556* Command 'ML_prf' is analogous to 'ML' but works within a proof 9557context. Top-level ML bindings are stored within the proof context in 9558a purely sequential fashion, disregarding the nested proof structure. 9559ML bindings introduced by 'ML_prf' are discarded at the end of the 9560proof. (Requires Poly/ML 5.2 or later.) 9561 9562* Simplified ML attribute and method setup, cf. functions Attrib.setup 9563and Method.setup, as well as Isar commands 'attribute_setup' and 9564'method_setup'. INCOMPATIBILITY for 'method_setup', need to simplify 9565existing code accordingly, or use plain 'setup' together with old 9566Method.add_method. 9567 9568* Simplified ML oracle interface Thm.add_oracle promotes 'a -> cterm 9569to 'a -> thm, while results are always tagged with an authentic oracle 9570name. The Isar command 'oracle' is now polymorphic, no argument type 9571is specified. INCOMPATIBILITY, need to simplify existing oracle code 9572accordingly. Note that extra performance may be gained by producing 9573the cterm carefully, avoiding slow Thm.cterm_of. 9574 9575* Simplified interface for defining document antiquotations via 9576ThyOutput.antiquotation, ThyOutput.output, and optionally 9577ThyOutput.maybe_pretty_source. INCOMPATIBILITY, need to simplify user 9578antiquotations accordingly, see src/Pure/Thy/thy_output.ML for common 9579examples. 9580 9581* More systematic treatment of long names, abstract name bindings, and 9582name space operations. Basic operations on qualified names have been 9583move from structure NameSpace to Long_Name, e.g. Long_Name.base_name, 9584Long_Name.append. Old type bstring has been mostly replaced by 9585abstract type binding (see structure Binding), which supports precise 9586qualification by packages and local theory targets, as well as proper 9587tracking of source positions. INCOMPATIBILITY, need to wrap old 9588bstring values into Binding.name, or better pass through abstract 9589bindings everywhere. See further src/Pure/General/long_name.ML, 9590src/Pure/General/binding.ML and src/Pure/General/name_space.ML 9591 9592* Result facts (from PureThy.note_thms, ProofContext.note_thms, 9593LocalTheory.note etc.) now refer to the *full* internal name, not the 9594bstring as before. INCOMPATIBILITY, not detected by ML type-checking! 9595 9596* Disposed old type and term read functions (Sign.read_def_typ, 9597Sign.read_typ, Sign.read_def_terms, Sign.read_term, 9598Thm.read_def_cterms, Thm.read_cterm etc.). INCOMPATIBILITY, should 9599use regular Syntax.read_typ, Syntax.read_term, Syntax.read_typ_global, 9600Syntax.read_term_global etc.; see also OldGoals.read_term as last 9601resort for legacy applications. 9602 9603* Disposed old declarations, tactics, tactic combinators that refer to 9604the simpset or claset of an implicit theory (such as Addsimps, 9605Simp_tac, SIMPSET). INCOMPATIBILITY, should use @{simpset} etc. in 9606embedded ML text, or local_simpset_of with a proper context passed as 9607explicit runtime argument. 9608 9609* Rules and tactics that read instantiations (read_instantiate, 9610res_inst_tac, thin_tac, subgoal_tac etc.) now demand a proper proof 9611context, which is required for parsing and type-checking. Moreover, 9612the variables are specified as plain indexnames, not string encodings 9613thereof. INCOMPATIBILITY. 9614 9615* Generic Toplevel.add_hook interface allows to analyze the result of 9616transactions. E.g. see src/Pure/ProofGeneral/proof_general_pgip.ML 9617for theorem dependency output of transactions resulting in a new 9618theory state. 9619 9620* ML antiquotations: block-structured compilation context indicated by 9621\<lbrace> ... \<rbrace>; additional antiquotation forms: 9622 9623 @{binding name} - basic name binding 9624 @{let ?pat = term} - term abbreviation (HO matching) 9625 @{note name = fact} - fact abbreviation 9626 @{thm fact} - singleton fact (with attributes) 9627 @{thms fact} - general fact (with attributes) 9628 @{lemma prop by method} - singleton goal 9629 @{lemma prop by meth1 meth2} - singleton goal 9630 @{lemma prop1 ... propN by method} - general goal 9631 @{lemma prop1 ... propN by meth1 meth2} - general goal 9632 @{lemma (open) ...} - open derivation 9633 9634 9635*** System *** 9636 9637* The Isabelle "emacs" tool provides a specific interface to invoke 9638Proof General / Emacs, with more explicit failure if that is not 9639installed (the old isabelle-interface script silently falls back on 9640isabelle-process). The PROOFGENERAL_HOME setting determines the 9641installation location of the Proof General distribution. 9642 9643* Isabelle/lib/classes/Pure.jar provides basic support to integrate 9644the Isabelle process into a JVM/Scala application. See 9645Isabelle/lib/jedit/plugin for a minimal example. (The obsolete Java 9646process wrapper has been discontinued.) 9647 9648* Added homegrown Isabelle font with unicode layout, see lib/fonts. 9649 9650* Various status messages (with exact source position information) are 9651emitted, if proper markup print mode is enabled. This allows 9652user-interface components to provide detailed feedback on internal 9653prover operations. 9654 9655 9656 9657New in Isabelle2008 (June 2008) 9658------------------------------- 9659 9660*** General *** 9661 9662* The Isabelle/Isar Reference Manual (isar-ref) has been reorganized 9663and updated, with formally checked references as hyperlinks. 9664 9665* Theory loader: use_thy (and similar operations) no longer set the 9666implicit ML context, which was occasionally hard to predict and in 9667conflict with concurrency. INCOMPATIBILITY, use ML within Isar which 9668provides a proper context already. 9669 9670* Theory loader: old-style ML proof scripts being *attached* to a thy 9671file are no longer supported. INCOMPATIBILITY, regular 'uses' and 9672'use' within a theory file will do the job. 9673 9674* Name space merge now observes canonical order, i.e. the second space 9675is inserted into the first one, while existing entries in the first 9676space take precedence. INCOMPATIBILITY in rare situations, may try to 9677swap theory imports. 9678 9679* Syntax: symbol \<chi> is now considered a letter. Potential 9680INCOMPATIBILITY in identifier syntax etc. 9681 9682* Outer syntax: string tokens no longer admit escaped white space, 9683which was an accidental (undocumented) feature. INCOMPATIBILITY, use 9684white space without escapes. 9685 9686* Outer syntax: string tokens may contain arbitrary character codes 9687specified via 3 decimal digits (as in SML). E.g. "foo\095bar" for 9688"foo_bar". 9689 9690 9691*** Pure *** 9692 9693* Context-dependent token translations. Default setup reverts locally 9694fixed variables, and adds hilite markup for undeclared frees. 9695 9696* Unused theorems can be found using the new command 'unused_thms'. 9697There are three ways of invoking it: 9698 9699(1) unused_thms 9700 Only finds unused theorems in the current theory. 9701 9702(2) unused_thms thy_1 ... thy_n - 9703 Finds unused theorems in the current theory and all of its ancestors, 9704 excluding the theories thy_1 ... thy_n and all of their ancestors. 9705 9706(3) unused_thms thy_1 ... thy_n - thy'_1 ... thy'_m 9707 Finds unused theorems in the theories thy'_1 ... thy'_m and all of 9708 their ancestors, excluding the theories thy_1 ... thy_n and all of 9709 their ancestors. 9710 9711In order to increase the readability of the list produced by 9712unused_thms, theorems that have been created by a particular instance 9713of a theory command such as 'inductive' or 'function' are considered 9714to belong to the same "group", meaning that if at least one theorem in 9715this group is used, the other theorems in the same group are no longer 9716reported as unused. Moreover, if all theorems in the group are 9717unused, only one theorem in the group is displayed. 9718 9719Note that proof objects have to be switched on in order for 9720unused_thms to work properly (i.e. !proofs must be >= 1, which is 9721usually the case when using Proof General with the default settings). 9722 9723* Authentic naming of facts disallows ad-hoc overwriting of previous 9724theorems within the same name space. INCOMPATIBILITY, need to remove 9725duplicate fact bindings, or even accidental fact duplications. Note 9726that tools may maintain dynamically scoped facts systematically, using 9727PureThy.add_thms_dynamic. 9728 9729* Command 'hide' now allows to hide from "fact" name space as well. 9730 9731* Eliminated destructive theorem database, simpset, claset, and 9732clasimpset. Potential INCOMPATIBILITY, really need to observe linear 9733update of theories within ML code. 9734 9735* Eliminated theory ProtoPure and CPure, leaving just one Pure theory. 9736INCOMPATIBILITY, object-logics depending on former Pure require 9737additional setup PureThy.old_appl_syntax_setup; object-logics 9738depending on former CPure need to refer to Pure. 9739 9740* Commands 'use' and 'ML' are now purely functional, operating on 9741theory/local_theory. Removed former 'ML_setup' (on theory), use 'ML' 9742instead. Added 'ML_val' as mere diagnostic replacement for 'ML'. 9743INCOMPATIBILITY. 9744 9745* Command 'setup': discontinued implicit version with ML reference. 9746 9747* Instantiation target allows for simultaneous specification of class 9748instance operations together with an instantiation proof. 9749Type-checking phase allows to refer to class operations uniformly. 9750See src/HOL/Complex/Complex.thy for an Isar example and 9751src/HOL/Library/Eval.thy for an ML example. 9752 9753* Indexing of literal facts: be more serious about including only 9754facts from the visible specification/proof context, but not the 9755background context (locale etc.). Affects `prop` notation and method 9756"fact". INCOMPATIBILITY: need to name facts explicitly in rare 9757situations. 9758 9759* Method "cases", "induct", "coinduct": removed obsolete/undocumented 9760"(open)" option, which used to expose internal bound variables to the 9761proof text. 9762 9763* Isar statements: removed obsolete case "rule_context". 9764INCOMPATIBILITY, better use explicit fixes/assumes. 9765 9766* Locale proofs: default proof step now includes 'unfold_locales'; 9767hence 'proof' without argument may be used to unfold locale 9768predicates. 9769 9770 9771*** Document preparation *** 9772 9773* Simplified pdfsetup.sty: color/hyperref is used unconditionally for 9774both pdf and dvi (hyperlinks usually work in xdvi as well); removed 9775obsolete thumbpdf setup (contemporary PDF viewers do this on the 9776spot); renamed link color from "darkblue" to "linkcolor" (default 9777value unchanged, can be redefined via \definecolor); no longer sets 9778"a4paper" option (unnecessary or even intrusive). 9779 9780* Antiquotation @{lemma A method} proves proposition A by the given 9781method (either a method name or a method name plus (optional) method 9782arguments in parentheses) and prints A just like @{prop A}. 9783 9784 9785*** HOL *** 9786 9787* New primrec package. Specification syntax conforms in style to 9788definition/function/.... No separate induction rule is provided. The 9789"primrec" command distinguishes old-style and new-style specifications 9790by syntax. The former primrec package is now named OldPrimrecPackage. 9791When adjusting theories, beware: constants stemming from new-style 9792primrec specifications have authentic syntax. 9793 9794* Metis prover is now an order of magnitude faster, and also works 9795with multithreading. 9796 9797* Metis: the maximum number of clauses that can be produced from a 9798theorem is now given by the attribute max_clauses. Theorems that 9799exceed this number are ignored, with a warning printed. 9800 9801* Sledgehammer no longer produces structured proofs by default. To 9802enable, declare [[sledgehammer_full = true]]. Attributes 9803reconstruction_modulus, reconstruction_sorts renamed 9804sledgehammer_modulus, sledgehammer_sorts. INCOMPATIBILITY. 9805 9806* Method "induct_scheme" derives user-specified induction rules 9807from well-founded induction and completeness of patterns. This factors 9808out some operations that are done internally by the function package 9809and makes them available separately. See 9810src/HOL/ex/Induction_Scheme.thy for examples. 9811 9812* More flexible generation of measure functions for termination 9813proofs: Measure functions can be declared by proving a rule of the 9814form "is_measure f" and giving it the [measure_function] attribute. 9815The "is_measure" predicate is logically meaningless (always true), and 9816just guides the heuristic. To find suitable measure functions, the 9817termination prover sets up the goal "is_measure ?f" of the appropriate 9818type and generates all solutions by Prolog-style backward proof using 9819the declared rules. 9820 9821This setup also deals with rules like 9822 9823 "is_measure f ==> is_measure (list_size f)" 9824 9825which accommodates nested datatypes that recurse through lists. 9826Similar rules are predeclared for products and option types. 9827 9828* Turned the type of sets "'a set" into an abbreviation for "'a => bool" 9829 9830 INCOMPATIBILITIES: 9831 9832 - Definitions of overloaded constants on sets have to be replaced by 9833 definitions on => and bool. 9834 9835 - Some definitions of overloaded operators on sets can now be proved 9836 using the definitions of the operators on => and bool. Therefore, 9837 the following theorems have been renamed: 9838 9839 subset_def -> subset_eq 9840 psubset_def -> psubset_eq 9841 set_diff_def -> set_diff_eq 9842 Compl_def -> Compl_eq 9843 Sup_set_def -> Sup_set_eq 9844 Inf_set_def -> Inf_set_eq 9845 sup_set_def -> sup_set_eq 9846 inf_set_def -> inf_set_eq 9847 9848 - Due to the incompleteness of the HO unification algorithm, some 9849 rules such as subst may require manual instantiation, if some of 9850 the unknowns in the rule is a set. 9851 9852 - Higher order unification and forward proofs: 9853 The proof pattern 9854 9855 have "P (S::'a set)" <...> 9856 then have "EX S. P S" .. 9857 9858 no longer works (due to the incompleteness of the HO unification 9859 algorithm) and must be replaced by the pattern 9860 9861 have "EX S. P S" 9862 proof 9863 show "P S" <...> 9864 qed 9865 9866 - Calculational reasoning with subst (or similar rules): 9867 The proof pattern 9868 9869 have "P (S::'a set)" <...> 9870 also have "S = T" <...> 9871 finally have "P T" . 9872 9873 no longer works (for similar reasons as the previous example) and 9874 must be replaced by something like 9875 9876 have "P (S::'a set)" <...> 9877 moreover have "S = T" <...> 9878 ultimately have "P T" by simp 9879 9880 - Tactics or packages written in ML code: 9881 Code performing pattern matching on types via 9882 9883 Type ("set", [T]) => ... 9884 9885 must be rewritten. Moreover, functions like strip_type or 9886 binder_types no longer return the right value when applied to a 9887 type of the form 9888 9889 T1 => ... => Tn => U => bool 9890 9891 rather than 9892 9893 T1 => ... => Tn => U set 9894 9895* Merged theories Wellfounded_Recursion, Accessible_Part and 9896Wellfounded_Relations to theory Wellfounded. 9897 9898* Explicit class "eq" for executable equality. INCOMPATIBILITY. 9899 9900* Class finite no longer treats UNIV as class parameter. Use class 9901enum from theory Library/Enum instead to achieve a similar effect. 9902INCOMPATIBILITY. 9903 9904* Theory List: rule list_induct2 now has explicitly named cases "Nil" 9905and "Cons". INCOMPATIBILITY. 9906 9907* HOL (and FOL): renamed variables in rules imp_elim and swap. 9908Potential INCOMPATIBILITY. 9909 9910* Theory Product_Type: duplicated lemmas split_Pair_apply and 9911injective_fst_snd removed, use split_eta and prod_eqI instead. 9912Renamed upd_fst to apfst and upd_snd to apsnd. INCOMPATIBILITY. 9913 9914* Theory Nat: removed redundant lemmas that merely duplicate lemmas of 9915the same name in theory Orderings: 9916 9917 less_trans 9918 less_linear 9919 le_imp_less_or_eq 9920 le_less_trans 9921 less_le_trans 9922 less_not_sym 9923 less_asym 9924 9925Renamed less_imp_le to less_imp_le_nat, and less_irrefl to 9926less_irrefl_nat. Potential INCOMPATIBILITY due to more general types 9927and different variable names. 9928 9929* Library/Option_ord.thy: Canonical order on option type. 9930 9931* Library/RBT.thy: Red-black trees, an efficient implementation of 9932finite maps. 9933 9934* Library/Countable.thy: Type class for countable types. 9935 9936* Theory Int: The representation of numerals has changed. The infix 9937operator BIT and the bit datatype with constructors B0 and B1 have 9938disappeared. INCOMPATIBILITY, use "Int.Bit0 x" and "Int.Bit1 y" in 9939place of "x BIT bit.B0" and "y BIT bit.B1", respectively. Theorems 9940involving BIT, B0, or B1 have been renamed with "Bit0" or "Bit1" 9941accordingly. 9942 9943* Theory Nat: definition of <= and < on natural numbers no longer 9944depend on well-founded relations. INCOMPATIBILITY. Definitions 9945le_def and less_def have disappeared. Consider lemmas not_less 9946[symmetric, where ?'a = nat] and less_eq [symmetric] instead. 9947 9948* Theory Finite_Set: locales ACf, ACe, ACIf, ACIfSL and ACIfSLlin 9949(whose purpose mainly is for various fold_set functionals) have been 9950abandoned in favor of the existing algebraic classes 9951ab_semigroup_mult, comm_monoid_mult, ab_semigroup_idem_mult, 9952lower_semilattice (resp. upper_semilattice) and linorder. 9953INCOMPATIBILITY. 9954 9955* Theory Transitive_Closure: induct and cases rules now declare proper 9956case_names ("base" and "step"). INCOMPATIBILITY. 9957 9958* Theorem Inductive.lfp_ordinal_induct generalized to complete 9959lattices. The form set-specific version is available as 9960Inductive.lfp_ordinal_induct_set. 9961 9962* Renamed theorems "power.simps" to "power_int.simps". 9963INCOMPATIBILITY. 9964 9965* Class semiring_div provides basic abstract properties of semirings 9966with division and modulo operations. Subsumes former class dvd_mod. 9967 9968* Merged theories IntDef, Numeral and IntArith into unified theory 9969Int. INCOMPATIBILITY. 9970 9971* Theory Library/Code_Index: type "index" now represents natural 9972numbers rather than integers. INCOMPATIBILITY. 9973 9974* New class "uminus" with operation "uminus" (split of from class 9975"minus" which now only has operation "minus", binary). 9976INCOMPATIBILITY. 9977 9978* Constants "card", "internal_split", "option_map" now with authentic 9979syntax. INCOMPATIBILITY. 9980 9981* Definitions subset_def, psubset_def, set_diff_def, Compl_def, 9982le_bool_def, less_bool_def, le_fun_def, less_fun_def, inf_bool_def, 9983sup_bool_def, Inf_bool_def, Sup_bool_def, inf_fun_def, sup_fun_def, 9984Inf_fun_def, Sup_fun_def, inf_set_def, sup_set_def, Inf_set_def, 9985Sup_set_def, le_def, less_def, option_map_def now with object 9986equality. INCOMPATIBILITY. 9987 9988* Records. Removed K_record, and replaced it by pure lambda term 9989%x. c. The simplifier setup is now more robust against eta expansion. 9990INCOMPATIBILITY: in cases explicitly referring to K_record. 9991 9992* Library/Multiset: {#a, b, c#} abbreviates {#a#} + {#b#} + {#c#}. 9993 9994* Library/ListVector: new theory of arithmetic vector operations. 9995 9996* Library/Order_Relation: new theory of various orderings as sets of 9997pairs. Defines preorders, partial orders, linear orders and 9998well-orders on sets and on types. 9999 10000 10001*** ZF *** 10002 10003* Renamed some theories to allow to loading both ZF and HOL in the 10004same session: 10005 10006 Datatype -> Datatype_ZF 10007 Inductive -> Inductive_ZF 10008 Int -> Int_ZF 10009 IntDiv -> IntDiv_ZF 10010 Nat -> Nat_ZF 10011 List -> List_ZF 10012 Main -> Main_ZF 10013 10014INCOMPATIBILITY: ZF theories that import individual theories below 10015Main might need to be adapted. Regular theory Main is still 10016available, as trivial extension of Main_ZF. 10017 10018 10019*** ML *** 10020 10021* ML within Isar: antiquotation @{const name} or @{const 10022name(typargs)} produces statically-checked Const term. 10023 10024* Functor NamedThmsFun: data is available to the user as dynamic fact 10025(of the same name). Removed obsolete print command. 10026 10027* Removed obsolete "use_legacy_bindings" function. 10028 10029* The ``print mode'' is now a thread-local value derived from a global 10030template (the former print_mode reference), thus access becomes 10031non-critical. The global print_mode reference is for session 10032management only; user-code should use print_mode_value, 10033print_mode_active, PrintMode.setmp etc. INCOMPATIBILITY. 10034 10035* Functions system/system_out provide a robust way to invoke external 10036shell commands, with propagation of interrupts (requires Poly/ML 100375.2.1). Do not use OS.Process.system etc. from the basis library! 10038 10039 10040*** System *** 10041 10042* Default settings: PROOFGENERAL_OPTIONS no longer impose xemacs --- 10043in accordance with Proof General 3.7, which prefers GNU emacs. 10044 10045* isatool tty runs Isabelle process with plain tty interaction; 10046optional line editor may be specified via ISABELLE_LINE_EDITOR 10047setting, the default settings attempt to locate "ledit" and "rlwrap". 10048 10049* isatool browser now works with Cygwin as well, using general 10050"javapath" function defined in Isabelle process environment. 10051 10052* YXML notation provides a simple and efficient alternative to 10053standard XML transfer syntax. See src/Pure/General/yxml.ML and 10054isatool yxml as described in the Isabelle system manual. 10055 10056* JVM class isabelle.IsabelleProcess (located in Isabelle/lib/classes) 10057provides general wrapper for managing an Isabelle process in a robust 10058fashion, with ``cooked'' output from stdin/stderr. 10059 10060* Rudimentary Isabelle plugin for jEdit (see Isabelle/lib/jedit), 10061based on Isabelle/JVM process wrapper (see Isabelle/lib/classes). 10062 10063* Removed obsolete THIS_IS_ISABELLE_BUILD feature. NB: the documented 10064way of changing the user's settings is via 10065ISABELLE_HOME_USER/etc/settings, which is a fully featured bash 10066script. 10067 10068* Multithreading.max_threads := 0 refers to the number of actual CPU 10069cores of the underlying machine, which is a good starting point for 10070optimal performance tuning. The corresponding usedir option -M allows 10071"max" as an alias for "0". WARNING: does not work on certain versions 10072of Mac OS (with Poly/ML 5.1). 10073 10074* isabelle-process: non-ML sessions are run with "nice", to reduce the 10075adverse effect of Isabelle flooding interactive front-ends (notably 10076ProofGeneral / XEmacs). 10077 10078 10079 10080New in Isabelle2007 (November 2007) 10081----------------------------------- 10082 10083*** General *** 10084 10085* More uniform information about legacy features, notably a 10086warning/error of "Legacy feature: ...", depending on the state of the 10087tolerate_legacy_features flag (default true). FUTURE INCOMPATIBILITY: 10088legacy features will disappear eventually. 10089 10090* Theory syntax: the header format ``theory A = B + C:'' has been 10091discontinued in favour of ``theory A imports B C begin''. Use isatool 10092fixheaders to convert existing theory files. INCOMPATIBILITY. 10093 10094* Theory syntax: the old non-Isar theory file format has been 10095discontinued altogether. Note that ML proof scripts may still be used 10096with Isar theories; migration is usually quite simple with the ML 10097function use_legacy_bindings. INCOMPATIBILITY. 10098 10099* Theory syntax: some popular names (e.g. 'class', 'declaration', 10100'fun', 'help', 'if') are now keywords. INCOMPATIBILITY, use double 10101quotes. 10102 10103* Theory loader: be more serious about observing the static theory 10104header specifications (including optional directories), but not the 10105accidental file locations of previously successful loads. The strict 10106update policy of former update_thy is now already performed by 10107use_thy, so the former has been removed; use_thys updates several 10108theories simultaneously, just as 'imports' within a theory header 10109specification, but without merging the results. Potential 10110INCOMPATIBILITY: may need to refine theory headers and commands 10111ROOT.ML which depend on load order. 10112 10113* Theory loader: optional support for content-based file 10114identification, instead of the traditional scheme of full physical 10115path plus date stamp; configured by the ISABELLE_FILE_IDENT setting 10116(cf. the system manual). The new scheme allows to work with 10117non-finished theories in persistent session images, such that source 10118files may be moved later on without requiring reloads. 10119 10120* Theory loader: old-style ML proof scripts being *attached* to a thy 10121file (with the same base name as the theory) are considered a legacy 10122feature, which will disappear eventually. Even now, the theory loader 10123no longer maintains dependencies on such files. 10124 10125* Syntax: the scope for resolving ambiguities via type-inference is 10126now limited to individual terms, instead of whole simultaneous 10127specifications as before. This greatly reduces the complexity of the 10128syntax module and improves flexibility by separating parsing and 10129type-checking. INCOMPATIBILITY: additional type-constraints (explicit 10130'fixes' etc.) are required in rare situations. 10131 10132* Syntax: constants introduced by new-style packages ('definition', 10133'abbreviation' etc.) are passed through the syntax module in 10134``authentic mode''. This means that associated mixfix annotations 10135really stick to such constants, independently of potential name space 10136ambiguities introduced later on. INCOMPATIBILITY: constants in parse 10137trees are represented slightly differently, may need to adapt syntax 10138translations accordingly. Use CONST marker in 'translations' and 10139@{const_syntax} antiquotation in 'parse_translation' etc. 10140 10141* Legacy goal package: reduced interface to the bare minimum required 10142to keep existing proof scripts running. Most other user-level 10143functions are now part of the OldGoals structure, which is *not* open 10144by default (consider isatool expandshort before open OldGoals). 10145Removed top_sg, prin, printyp, pprint_term/typ altogether, because 10146these tend to cause confusion about the actual goal (!) context being 10147used here, which is not necessarily the same as the_context(). 10148 10149* Command 'find_theorems': supports "*" wild-card in "name:" 10150criterion; "with_dups" option. Certain ProofGeneral versions might 10151support a specific search form (see ProofGeneral/CHANGES). 10152 10153* The ``prems limit'' option (cf. ProofContext.prems_limit) is now -1 10154by default, which means that "prems" (and also "fixed variables") are 10155suppressed from proof state output. Note that the ProofGeneral 10156settings mechanism allows to change and save options persistently, but 10157older versions of Isabelle will fail to start up if a negative prems 10158limit is imposed. 10159 10160* Local theory targets may be specified by non-nested blocks of 10161``context/locale/class ... begin'' followed by ``end''. The body may 10162contain definitions, theorems etc., including any derived mechanism 10163that has been implemented on top of these primitives. This concept 10164generalizes the existing ``theorem (in ...)'' towards more versatility 10165and scalability. 10166 10167* Proof General interface: proper undo of final 'end' command; 10168discontinued Isabelle/classic mode (ML proof scripts). 10169 10170 10171*** Document preparation *** 10172 10173* Added antiquotation @{theory name} which prints the given name, 10174after checking that it refers to a valid ancestor theory in the 10175current context. 10176 10177* Added antiquotations @{ML_type text} and @{ML_struct text} which 10178check the given source text as ML type/structure, printing verbatim. 10179 10180* Added antiquotation @{abbrev "c args"} which prints the abbreviation 10181"c args == rhs" given in the current context. (Any number of 10182arguments may be given on the LHS.) 10183 10184 10185*** Pure *** 10186 10187* The 'class' package offers a combination of axclass and locale to 10188achieve Haskell-like type classes in Isabelle. Definitions and 10189theorems within a class context produce both relative results (with 10190implicit parameters according to the locale context), and polymorphic 10191constants with qualified polymorphism (according to the class 10192context). Within the body context of a 'class' target, a separate 10193syntax layer ("user space type system") takes care of converting 10194between global polymorphic consts and internal locale representation. 10195See src/HOL/ex/Classpackage.thy for examples (as well as main HOL). 10196"isatool doc classes" provides a tutorial. 10197 10198* Generic code generator framework allows to generate executable 10199code for ML and Haskell (including Isabelle classes). A short usage 10200sketch: 10201 10202 internal compilation: 10203 export_code <list of constants (term syntax)> in SML 10204 writing SML code to a file: 10205 export_code <list of constants (term syntax)> in SML <filename> 10206 writing OCaml code to a file: 10207 export_code <list of constants (term syntax)> in OCaml <filename> 10208 writing Haskell code to a bunch of files: 10209 export_code <list of constants (term syntax)> in Haskell <filename> 10210 10211 evaluating closed propositions to True/False using code generation: 10212 method ``eval'' 10213 10214Reasonable default setup of framework in HOL. 10215 10216Theorem attributs for selecting and transforming function equations theorems: 10217 10218 [code fun]: select a theorem as function equation for a specific constant 10219 [code fun del]: deselect a theorem as function equation for a specific constant 10220 [code inline]: select an equation theorem for unfolding (inlining) in place 10221 [code inline del]: deselect an equation theorem for unfolding (inlining) in place 10222 10223User-defined serializations (target in {SML, OCaml, Haskell}): 10224 10225 code_const <and-list of constants (term syntax)> 10226 {(target) <and-list of const target syntax>}+ 10227 10228 code_type <and-list of type constructors> 10229 {(target) <and-list of type target syntax>}+ 10230 10231 code_instance <and-list of instances> 10232 {(target)}+ 10233 where instance ::= <type constructor> :: <class> 10234 10235 code_class <and_list of classes> 10236 {(target) <and-list of class target syntax>}+ 10237 where class target syntax ::= <class name> {where {<classop> == <target syntax>}+}? 10238 10239code_instance and code_class only are effective to target Haskell. 10240 10241For example usage see src/HOL/ex/Codegenerator.thy and 10242src/HOL/ex/Codegenerator_Pretty.thy. A separate tutorial on code 10243generation from Isabelle/HOL theories is available via "isatool doc 10244codegen". 10245 10246* Code generator: consts in 'consts_code' Isar commands are now 10247referred to by usual term syntax (including optional type 10248annotations). 10249 10250* Command 'no_translations' removes translation rules from theory 10251syntax. 10252 10253* Overloaded definitions are now actually checked for acyclic 10254dependencies. The overloading scheme is slightly more general than 10255that of Haskell98, although Isabelle does not demand an exact 10256correspondence to type class and instance declarations. 10257INCOMPATIBILITY, use ``defs (unchecked overloaded)'' to admit more 10258exotic versions of overloading -- at the discretion of the user! 10259 10260Polymorphic constants are represented via type arguments, i.e. the 10261instantiation that matches an instance against the most general 10262declaration given in the signature. For example, with the declaration 10263c :: 'a => 'a => 'a, an instance c :: nat => nat => nat is represented 10264as c(nat). Overloading is essentially simultaneous structural 10265recursion over such type arguments. Incomplete specification patterns 10266impose global constraints on all occurrences, e.g. c('a * 'a) on the 10267LHS means that more general c('a * 'b) will be disallowed on any RHS. 10268Command 'print_theory' outputs the normalized system of recursive 10269equations, see section "definitions". 10270 10271* Configuration options are maintained within the theory or proof 10272context (with name and type bool/int/string), providing a very simple 10273interface to a poor-man's version of general context data. Tools may 10274declare options in ML (e.g. using Attrib.config_int) and then refer to 10275these values using Config.get etc. Users may change options via an 10276associated attribute of the same name. This form of context 10277declaration works particularly well with commands 'declare' or 10278'using', for example ``declare [[foo = 42]]''. Thus it has become 10279very easy to avoid global references, which would not observe Isar 10280toplevel undo/redo and fail to work with multithreading. 10281 10282Various global ML references of Pure and HOL have been turned into 10283configuration options: 10284 10285 Unify.search_bound unify_search_bound 10286 Unify.trace_bound unify_trace_bound 10287 Unify.trace_simp unify_trace_simp 10288 Unify.trace_types unify_trace_types 10289 Simplifier.simp_depth_limit simp_depth_limit 10290 Blast.depth_limit blast_depth_limit 10291 DatatypeProp.dtK datatype_distinctness_limit 10292 fast_arith_neq_limit fast_arith_neq_limit 10293 fast_arith_split_limit fast_arith_split_limit 10294 10295* Named collections of theorems may be easily installed as context 10296data using the functor NamedThmsFun (see also 10297src/Pure/Tools/named_thms.ML). The user may add or delete facts via 10298attributes; there is also a toplevel print command. This facility is 10299just a common case of general context data, which is the preferred way 10300for anything more complex than just a list of facts in canonical 10301order. 10302 10303* Isar: command 'declaration' augments a local theory by generic 10304declaration functions written in ML. This enables arbitrary content 10305being added to the context, depending on a morphism that tells the 10306difference of the original declaration context wrt. the application 10307context encountered later on. 10308 10309* Isar: proper interfaces for simplification procedures. Command 10310'simproc_setup' declares named simprocs (with match patterns, and body 10311text in ML). Attribute "simproc" adds/deletes simprocs in the current 10312context. ML antiquotation @{simproc name} retrieves named simprocs. 10313 10314* Isar: an extra pair of brackets around attribute declarations 10315abbreviates a theorem reference involving an internal dummy fact, 10316which will be ignored later --- only the effect of the attribute on 10317the background context will persist. This form of in-place 10318declarations is particularly useful with commands like 'declare' and 10319'using', for example ``have A using [[simproc a]] by simp''. 10320 10321* Isar: method "assumption" (and implicit closing of subproofs) now 10322takes simple non-atomic goal assumptions into account: after applying 10323an assumption as a rule the resulting subgoals are solved by atomic 10324assumption steps. This is particularly useful to finish 'obtain' 10325goals, such as "!!x. (!!x. P x ==> thesis) ==> P x ==> thesis", 10326without referring to the original premise "!!x. P x ==> thesis" in the 10327Isar proof context. POTENTIAL INCOMPATIBILITY: method "assumption" is 10328more permissive. 10329 10330* Isar: implicit use of prems from the Isar proof context is 10331considered a legacy feature. Common applications like ``have A .'' 10332may be replaced by ``have A by fact'' or ``note `A`''. In general, 10333referencing facts explicitly here improves readability and 10334maintainability of proof texts. 10335 10336* Isar: improper proof element 'guess' is like 'obtain', but derives 10337the obtained context from the course of reasoning! For example: 10338 10339 assume "EX x y. A x & B y" -- "any previous fact" 10340 then guess x and y by clarify 10341 10342This technique is potentially adventurous, depending on the facts and 10343proof tools being involved here. 10344 10345* Isar: known facts from the proof context may be specified as literal 10346propositions, using ASCII back-quote syntax. This works wherever 10347named facts used to be allowed so far, in proof commands, proof 10348methods, attributes etc. Literal facts are retrieved from the context 10349according to unification of type and term parameters. For example, 10350provided that "A" and "A ==> B" and "!!x. P x ==> Q x" are known 10351theorems in the current context, then these are valid literal facts: 10352`A` and `A ==> B` and `!!x. P x ==> Q x" as well as `P a ==> Q a` etc. 10353 10354There is also a proof method "fact" which does the same composition 10355for explicit goal states, e.g. the following proof texts coincide with 10356certain special cases of literal facts: 10357 10358 have "A" by fact == note `A` 10359 have "A ==> B" by fact == note `A ==> B` 10360 have "!!x. P x ==> Q x" by fact == note `!!x. P x ==> Q x` 10361 have "P a ==> Q a" by fact == note `P a ==> Q a` 10362 10363* Isar: ":" (colon) is no longer a symbolic identifier character in 10364outer syntax. Thus symbolic identifiers may be used without 10365additional white space in declarations like this: ``assume *: A''. 10366 10367* Isar: 'print_facts' prints all local facts of the current context, 10368both named and unnamed ones. 10369 10370* Isar: 'def' now admits simultaneous definitions, e.g.: 10371 10372 def x == "t" and y == "u" 10373 10374* Isar: added command 'unfolding', which is structurally similar to 10375'using', but affects both the goal state and facts by unfolding given 10376rewrite rules. Thus many occurrences of the 'unfold' method or 10377'unfolded' attribute may be replaced by first-class proof text. 10378 10379* Isar: methods 'unfold' / 'fold', attributes 'unfolded' / 'folded', 10380and command 'unfolding' now all support object-level equalities 10381(potentially conditional). The underlying notion of rewrite rule is 10382analogous to the 'rule_format' attribute, but *not* that of the 10383Simplifier (which is usually more generous). 10384 10385* Isar: the new attribute [rotated n] (default n = 1) rotates the 10386premises of a theorem by n. Useful in conjunction with drule. 10387 10388* Isar: the goal restriction operator [N] (default N = 1) evaluates a 10389method expression within a sandbox consisting of the first N 10390sub-goals, which need to exist. For example, ``simp_all [3]'' 10391simplifies the first three sub-goals, while (rule foo, simp_all)[] 10392simplifies all new goals that emerge from applying rule foo to the 10393originally first one. 10394 10395* Isar: schematic goals are no longer restricted to higher-order 10396patterns; e.g. ``lemma "?P(?x)" by (rule TrueI)'' now works as 10397expected. 10398 10399* Isar: the conclusion of a long theorem statement is now either 10400'shows' (a simultaneous conjunction, as before), or 'obtains' 10401(essentially a disjunction of cases with local parameters and 10402assumptions). The latter allows to express general elimination rules 10403adequately; in this notation common elimination rules look like this: 10404 10405 lemma exE: -- "EX x. P x ==> (!!x. P x ==> thesis) ==> thesis" 10406 assumes "EX x. P x" 10407 obtains x where "P x" 10408 10409 lemma conjE: -- "A & B ==> (A ==> B ==> thesis) ==> thesis" 10410 assumes "A & B" 10411 obtains A and B 10412 10413 lemma disjE: -- "A | B ==> (A ==> thesis) ==> (B ==> thesis) ==> thesis" 10414 assumes "A | B" 10415 obtains 10416 A 10417 | B 10418 10419The subsequent classical rules even refer to the formal "thesis" 10420explicitly: 10421 10422 lemma classical: -- "(~ thesis ==> thesis) ==> thesis" 10423 obtains "~ thesis" 10424 10425 lemma Peirce's_Law: -- "((thesis ==> something) ==> thesis) ==> thesis" 10426 obtains "thesis ==> something" 10427 10428The actual proof of an 'obtains' statement is analogous to that of the 10429Isar proof element 'obtain', only that there may be several cases. 10430Optional case names may be specified in parentheses; these will be 10431available both in the present proof and as annotations in the 10432resulting rule, for later use with the 'cases' method (cf. attribute 10433case_names). 10434 10435* Isar: the assumptions of a long theorem statement are available as 10436"assms" fact in the proof context. This is more appropriate than the 10437(historical) "prems", which refers to all assumptions of the current 10438context, including those from the target locale, proof body etc. 10439 10440* Isar: 'print_statement' prints theorems from the current theory or 10441proof context in long statement form, according to the syntax of a 10442top-level lemma. 10443 10444* Isar: 'obtain' takes an optional case name for the local context 10445introduction rule (default "that"). 10446 10447* Isar: removed obsolete 'concl is' patterns. INCOMPATIBILITY, use 10448explicit (is "_ ==> ?foo") in the rare cases where this still happens 10449to occur. 10450 10451* Pure: syntax "CONST name" produces a fully internalized constant 10452according to the current context. This is particularly useful for 10453syntax translations that should refer to internal constant 10454representations independently of name spaces. 10455 10456* Pure: syntax constant for foo (binder "FOO ") is called "foo_binder" 10457instead of "FOO ". This allows multiple binder declarations to coexist 10458in the same context. INCOMPATIBILITY. 10459 10460* Isar/locales: 'notation' provides a robust interface to the 'syntax' 10461primitive that also works in a locale context (both for constants and 10462fixed variables). Type declaration and internal syntactic representation 10463of given constants retrieved from the context. Likewise, the 10464'no_notation' command allows to remove given syntax annotations from the 10465current context. 10466 10467* Isar/locales: new derived specification elements 'axiomatization', 10468'definition', 'abbreviation', which support type-inference, admit 10469object-level specifications (equality, equivalence). See also the 10470isar-ref manual. Examples: 10471 10472 axiomatization 10473 eq (infix "===" 50) where 10474 eq_refl: "x === x" and eq_subst: "x === y ==> P x ==> P y" 10475 10476 definition "f x y = x + y + 1" 10477 definition g where "g x = f x x" 10478 10479 abbreviation 10480 neq (infix "=!=" 50) where 10481 "x =!= y == ~ (x === y)" 10482 10483These specifications may be also used in a locale context. Then the 10484constants being introduced depend on certain fixed parameters, and the 10485constant name is qualified by the locale base name. An internal 10486abbreviation takes care for convenient input and output, making the 10487parameters implicit and using the original short name. See also 10488src/HOL/ex/Abstract_NAT.thy for an example of deriving polymorphic 10489entities from a monomorphic theory. 10490 10491Presently, abbreviations are only available 'in' a target locale, but 10492not inherited by general import expressions. Also note that 10493'abbreviation' may be used as a type-safe replacement for 'syntax' + 10494'translations' in common applications. The "no_abbrevs" print mode 10495prevents folding of abbreviations in term output. 10496 10497Concrete syntax is attached to specified constants in internal form, 10498independently of name spaces. The parse tree representation is 10499slightly different -- use 'notation' instead of raw 'syntax', and 10500'translations' with explicit "CONST" markup to accommodate this. 10501 10502* Pure/Isar: unified syntax for new-style specification mechanisms 10503(e.g. 'definition', 'abbreviation', or 'inductive' in HOL) admits 10504full type inference and dummy patterns ("_"). For example: 10505 10506 definition "K x _ = x" 10507 10508 inductive conj for A B 10509 where "A ==> B ==> conj A B" 10510 10511* Pure: command 'print_abbrevs' prints all constant abbreviations of 10512the current context. Print mode "no_abbrevs" prevents inversion of 10513abbreviations on output. 10514 10515* Isar/locales: improved parameter handling: use of locales "var" and 10516"struct" no longer necessary; - parameter renamings are no longer 10517required to be injective. For example, this allows to define 10518endomorphisms as locale endom = homom mult mult h. 10519 10520* Isar/locales: changed the way locales with predicates are defined. 10521Instead of accumulating the specification, the imported expression is 10522now an interpretation. INCOMPATIBILITY: different normal form of 10523locale expressions. In particular, in interpretations of locales with 10524predicates, goals repesenting already interpreted fragments are not 10525removed automatically. Use methods `intro_locales' and 10526`unfold_locales'; see below. 10527 10528* Isar/locales: new methods `intro_locales' and `unfold_locales' 10529provide backward reasoning on locales predicates. The methods are 10530aware of interpretations and discharge corresponding goals. 10531`intro_locales' is less aggressive then `unfold_locales' and does not 10532unfold predicates to assumptions. 10533 10534* Isar/locales: the order in which locale fragments are accumulated 10535has changed. This enables to override declarations from fragments due 10536to interpretations -- for example, unwanted simp rules. 10537 10538* Isar/locales: interpretation in theories and proof contexts has been 10539extended. One may now specify (and prove) equations, which are 10540unfolded in interpreted theorems. This is useful for replacing 10541defined concepts (constants depending on locale parameters) by 10542concepts already existing in the target context. Example: 10543 10544 interpretation partial_order ["op <= :: [int, int] => bool"] 10545 where "partial_order.less (op <=) (x::int) y = (x < y)" 10546 10547Typically, the constant `partial_order.less' is created by a 10548definition specification element in the context of locale 10549partial_order. 10550 10551* Method "induct": improved internal context management to support 10552local fixes and defines on-the-fly. Thus explicit meta-level 10553connectives !! and ==> are rarely required anymore in inductive goals 10554(using object-logic connectives for this purpose has been long 10555obsolete anyway). Common proof patterns are explained in 10556src/HOL/Induct/Common_Patterns.thy, see also 10557src/HOL/Isar_examples/Puzzle.thy and src/HOL/Lambda for realistic 10558examples. 10559 10560* Method "induct": improved handling of simultaneous goals. Instead of 10561introducing object-level conjunction, the statement is now split into 10562several conclusions, while the corresponding symbolic cases are nested 10563accordingly. INCOMPATIBILITY, proofs need to be structured explicitly, 10564see src/HOL/Induct/Common_Patterns.thy, for example. 10565 10566* Method "induct": mutual induction rules are now specified as a list 10567of rule sharing the same induction cases. HOL packages usually provide 10568foo_bar.inducts for mutually defined items foo and bar (e.g. inductive 10569predicates/sets or datatypes). INCOMPATIBILITY, users need to specify 10570mutual induction rules differently, i.e. like this: 10571 10572 (induct rule: foo_bar.inducts) 10573 (induct set: foo bar) 10574 (induct pred: foo bar) 10575 (induct type: foo bar) 10576 10577The ML function ProjectRule.projections turns old-style rules into the 10578new format. 10579 10580* Method "coinduct": dual of induction, see 10581src/HOL/Library/Coinductive_List.thy for various examples. 10582 10583* Method "cases", "induct", "coinduct": the ``(open)'' option is 10584considered a legacy feature. 10585 10586* Attribute "symmetric" produces result with standardized schematic 10587variables (index 0). Potential INCOMPATIBILITY. 10588 10589* Simplifier: by default the simplifier trace only shows top level 10590rewrites now. That is, trace_simp_depth_limit is set to 1 by 10591default. Thus there is less danger of being flooded by the trace. The 10592trace indicates where parts have been suppressed. 10593 10594* Provers/classical: removed obsolete classical version of elim_format 10595attribute; classical elim/dest rules are now treated uniformly when 10596manipulating the claset. 10597 10598* Provers/classical: stricter checks to ensure that supplied intro, 10599dest and elim rules are well-formed; dest and elim rules must have at 10600least one premise. 10601 10602* Provers/classical: attributes dest/elim/intro take an optional 10603weight argument for the rule (just as the Pure versions). Weights are 10604ignored by automated tools, but determine the search order of single 10605rule steps. 10606 10607* Syntax: input syntax now supports dummy variable binding "%_. b", 10608where the body does not mention the bound variable. Note that dummy 10609patterns implicitly depend on their context of bounds, which makes 10610"{_. _}" match any set comprehension as expected. Potential 10611INCOMPATIBILITY -- parse translations need to cope with syntactic 10612constant "_idtdummy" in the binding position. 10613 10614* Syntax: removed obsolete syntactic constant "_K" and its associated 10615parse translation. INCOMPATIBILITY -- use dummy abstraction instead, 10616for example "A -> B" => "Pi A (%_. B)". 10617 10618* Pure: 'class_deps' command visualizes the subclass relation, using 10619the graph browser tool. 10620 10621* Pure: 'print_theory' now suppresses certain internal declarations by 10622default; use '!' option for full details. 10623 10624 10625*** HOL *** 10626 10627* Method "metis" proves goals by applying the Metis general-purpose 10628resolution prover (see also http://gilith.com/software/metis/). 10629Examples are in the directory MetisExamples. WARNING: the 10630Isabelle/HOL-Metis integration does not yet work properly with 10631multi-threading. 10632 10633* Command 'sledgehammer' invokes external automatic theorem provers as 10634background processes. It generates calls to the "metis" method if 10635successful. These can be pasted into the proof. Users do not have to 10636wait for the automatic provers to return. WARNING: does not really 10637work with multi-threading. 10638 10639* New "auto_quickcheck" feature tests outermost goal statements for 10640potential counter-examples. Controlled by ML references 10641auto_quickcheck (default true) and auto_quickcheck_time_limit (default 106425000 milliseconds). Fails silently if statements is outside of 10643executable fragment, or any other codgenerator problem occurs. 10644 10645* New constant "undefined" with axiom "undefined x = undefined". 10646 10647* Added class "HOL.eq", allowing for code generation with polymorphic 10648equality. 10649 10650* Some renaming of class constants due to canonical name prefixing in 10651the new 'class' package: 10652 10653 HOL.abs ~> HOL.abs_class.abs 10654 HOL.divide ~> HOL.divide_class.divide 10655 0 ~> HOL.zero_class.zero 10656 1 ~> HOL.one_class.one 10657 op + ~> HOL.plus_class.plus 10658 op - ~> HOL.minus_class.minus 10659 uminus ~> HOL.minus_class.uminus 10660 op * ~> HOL.times_class.times 10661 op < ~> HOL.ord_class.less 10662 op <= > HOL.ord_class.less_eq 10663 Nat.power ~> Power.power_class.power 10664 Nat.size ~> Nat.size_class.size 10665 Numeral.number_of ~> Numeral.number_class.number_of 10666 FixedPoint.Inf ~> Lattices.complete_lattice_class.Inf 10667 FixedPoint.Sup ~> Lattices.complete_lattice_class.Sup 10668 Orderings.min ~> Orderings.ord_class.min 10669 Orderings.max ~> Orderings.ord_class.max 10670 Divides.op div ~> Divides.div_class.div 10671 Divides.op mod ~> Divides.div_class.mod 10672 Divides.op dvd ~> Divides.div_class.dvd 10673 10674INCOMPATIBILITY. Adaptions may be required in the following cases: 10675 10676a) User-defined constants using any of the names "plus", "minus", 10677"times", "less" or "less_eq". The standard syntax translations for 10678"+", "-" and "*" may go wrong. INCOMPATIBILITY: use more specific 10679names. 10680 10681b) Variables named "plus", "minus", "times", "less", "less_eq" 10682INCOMPATIBILITY: use more specific names. 10683 10684c) Permutative equations (e.g. "a + b = b + a") 10685Since the change of names also changes the order of terms, permutative 10686rewrite rules may get applied in a different order. Experience shows 10687that this is rarely the case (only two adaptions in the whole Isabelle 10688distribution). INCOMPATIBILITY: rewrite proofs 10689 10690d) ML code directly refering to constant names 10691This in general only affects hand-written proof tactics, simprocs and 10692so on. INCOMPATIBILITY: grep your sourcecode and replace names. 10693Consider using @{const_name} antiquotation. 10694 10695* New class "default" with associated constant "default". 10696 10697* Function "sgn" is now overloaded and available on int, real, complex 10698(and other numeric types), using class "sgn". Two possible defs of 10699sgn are given as equational assumptions in the classes sgn_if and 10700sgn_div_norm; ordered_idom now also inherits from sgn_if. 10701INCOMPATIBILITY. 10702 10703* Locale "partial_order" now unified with class "order" (cf. theory 10704Orderings), added parameter "less". INCOMPATIBILITY. 10705 10706* Renamings in classes "order" and "linorder": facts "refl", "trans" and 10707"cases" to "order_refl", "order_trans" and "linorder_cases", to avoid 10708clashes with HOL "refl" and "trans". INCOMPATIBILITY. 10709 10710* Classes "order" and "linorder": potential INCOMPATIBILITY due to 10711changed order of proof goals in instance proofs. 10712 10713* The transitivity reasoner for partial and linear orders is set up 10714for classes "order" and "linorder". Instances of the reasoner are available 10715in all contexts importing or interpreting the corresponding locales. 10716Method "order" invokes the reasoner separately; the reasoner 10717is also integrated with the Simplifier as a solver. Diagnostic 10718command 'print_orders' shows the available instances of the reasoner 10719in the current context. 10720 10721* Localized monotonicity predicate in theory "Orderings"; integrated 10722lemmas max_of_mono and min_of_mono with this predicate. 10723INCOMPATIBILITY. 10724 10725* Formulation of theorem "dense" changed slightly due to integration 10726with new class dense_linear_order. 10727 10728* Uniform lattice theory development in HOL. 10729 10730 constants "meet" and "join" now named "inf" and "sup" 10731 constant "Meet" now named "Inf" 10732 10733 classes "meet_semilorder" and "join_semilorder" now named 10734 "lower_semilattice" and "upper_semilattice" 10735 class "lorder" now named "lattice" 10736 class "comp_lat" now named "complete_lattice" 10737 10738 Instantiation of lattice classes allows explicit definitions 10739 for "inf" and "sup" operations (or "Inf" and "Sup" for complete lattices). 10740 10741 INCOMPATIBILITY. Theorem renames: 10742 10743 meet_left_le ~> inf_le1 10744 meet_right_le ~> inf_le2 10745 join_left_le ~> sup_ge1 10746 join_right_le ~> sup_ge2 10747 meet_join_le ~> inf_sup_ord 10748 le_meetI ~> le_infI 10749 join_leI ~> le_supI 10750 le_meet ~> le_inf_iff 10751 le_join ~> ge_sup_conv 10752 meet_idempotent ~> inf_idem 10753 join_idempotent ~> sup_idem 10754 meet_comm ~> inf_commute 10755 join_comm ~> sup_commute 10756 meet_leI1 ~> le_infI1 10757 meet_leI2 ~> le_infI2 10758 le_joinI1 ~> le_supI1 10759 le_joinI2 ~> le_supI2 10760 meet_assoc ~> inf_assoc 10761 join_assoc ~> sup_assoc 10762 meet_left_comm ~> inf_left_commute 10763 meet_left_idempotent ~> inf_left_idem 10764 join_left_comm ~> sup_left_commute 10765 join_left_idempotent ~> sup_left_idem 10766 meet_aci ~> inf_aci 10767 join_aci ~> sup_aci 10768 le_def_meet ~> le_iff_inf 10769 le_def_join ~> le_iff_sup 10770 join_absorp2 ~> sup_absorb2 10771 join_absorp1 ~> sup_absorb1 10772 meet_absorp1 ~> inf_absorb1 10773 meet_absorp2 ~> inf_absorb2 10774 meet_join_absorp ~> inf_sup_absorb 10775 join_meet_absorp ~> sup_inf_absorb 10776 distrib_join_le ~> distrib_sup_le 10777 distrib_meet_le ~> distrib_inf_le 10778 10779 add_meet_distrib_left ~> add_inf_distrib_left 10780 add_join_distrib_left ~> add_sup_distrib_left 10781 is_join_neg_meet ~> is_join_neg_inf 10782 is_meet_neg_join ~> is_meet_neg_sup 10783 add_meet_distrib_right ~> add_inf_distrib_right 10784 add_join_distrib_right ~> add_sup_distrib_right 10785 add_meet_join_distribs ~> add_sup_inf_distribs 10786 join_eq_neg_meet ~> sup_eq_neg_inf 10787 meet_eq_neg_join ~> inf_eq_neg_sup 10788 add_eq_meet_join ~> add_eq_inf_sup 10789 meet_0_imp_0 ~> inf_0_imp_0 10790 join_0_imp_0 ~> sup_0_imp_0 10791 meet_0_eq_0 ~> inf_0_eq_0 10792 join_0_eq_0 ~> sup_0_eq_0 10793 neg_meet_eq_join ~> neg_inf_eq_sup 10794 neg_join_eq_meet ~> neg_sup_eq_inf 10795 join_eq_if ~> sup_eq_if 10796 10797 mono_meet ~> mono_inf 10798 mono_join ~> mono_sup 10799 meet_bool_eq ~> inf_bool_eq 10800 join_bool_eq ~> sup_bool_eq 10801 meet_fun_eq ~> inf_fun_eq 10802 join_fun_eq ~> sup_fun_eq 10803 meet_set_eq ~> inf_set_eq 10804 join_set_eq ~> sup_set_eq 10805 meet1_iff ~> inf1_iff 10806 meet2_iff ~> inf2_iff 10807 meet1I ~> inf1I 10808 meet2I ~> inf2I 10809 meet1D1 ~> inf1D1 10810 meet2D1 ~> inf2D1 10811 meet1D2 ~> inf1D2 10812 meet2D2 ~> inf2D2 10813 meet1E ~> inf1E 10814 meet2E ~> inf2E 10815 join1_iff ~> sup1_iff 10816 join2_iff ~> sup2_iff 10817 join1I1 ~> sup1I1 10818 join2I1 ~> sup2I1 10819 join1I1 ~> sup1I1 10820 join2I2 ~> sup1I2 10821 join1CI ~> sup1CI 10822 join2CI ~> sup2CI 10823 join1E ~> sup1E 10824 join2E ~> sup2E 10825 10826 is_meet_Meet ~> is_meet_Inf 10827 Meet_bool_def ~> Inf_bool_def 10828 Meet_fun_def ~> Inf_fun_def 10829 Meet_greatest ~> Inf_greatest 10830 Meet_lower ~> Inf_lower 10831 Meet_set_def ~> Inf_set_def 10832 10833 Sup_def ~> Sup_Inf 10834 Sup_bool_eq ~> Sup_bool_def 10835 Sup_fun_eq ~> Sup_fun_def 10836 Sup_set_eq ~> Sup_set_def 10837 10838 listsp_meetI ~> listsp_infI 10839 listsp_meet_eq ~> listsp_inf_eq 10840 10841 meet_min ~> inf_min 10842 join_max ~> sup_max 10843 10844* Added syntactic class "size"; overloaded constant "size" now has 10845type "'a::size ==> bool" 10846 10847* Internal reorganisation of `size' of datatypes: size theorems 10848"foo.size" are no longer subsumed by "foo.simps" (but are still 10849simplification rules by default!); theorems "prod.size" now named 10850"*.size". 10851 10852* Class "div" now inherits from class "times" rather than "type". 10853INCOMPATIBILITY. 10854 10855* HOL/Finite_Set: "name-space" locales Lattice, Distrib_lattice, 10856Linorder etc. have disappeared; operations defined in terms of 10857fold_set now are named Inf_fin, Sup_fin. INCOMPATIBILITY. 10858 10859* HOL/Nat: neq0_conv no longer declared as iff. INCOMPATIBILITY. 10860 10861* HOL-Word: New extensive library and type for generic, fixed size 10862machine words, with arithmetic, bit-wise, shifting and rotating 10863operations, reflection into int, nat, and bool lists, automation for 10864linear arithmetic (by automatic reflection into nat or int), including 10865lemmas on overflow and monotonicity. Instantiated to all appropriate 10866arithmetic type classes, supporting automatic simplification of 10867numerals on all operations. 10868 10869* Library/Boolean_Algebra: locales for abstract boolean algebras. 10870 10871* Library/Numeral_Type: numbers as types, e.g. TYPE(32). 10872 10873* Code generator library theories: 10874 - Code_Integer represents HOL integers by big integer literals in target 10875 languages. 10876 - Code_Char represents HOL characters by character literals in target 10877 languages. 10878 - Code_Char_chr like Code_Char, but also offers treatment of character 10879 codes; includes Code_Integer. 10880 - Executable_Set allows to generate code for finite sets using lists. 10881 - Executable_Rat implements rational numbers as triples (sign, enumerator, 10882 denominator). 10883 - Executable_Real implements a subset of real numbers, namly those 10884 representable by rational numbers. 10885 - Efficient_Nat implements natural numbers by integers, which in general will 10886 result in higher efficency; pattern matching with 0/Suc is eliminated; 10887 includes Code_Integer. 10888 - Code_Index provides an additional datatype index which is mapped to 10889 target-language built-in integers. 10890 - Code_Message provides an additional datatype message_string which is isomorphic to 10891 strings; messages are mapped to target-language strings. 10892 10893* New package for inductive predicates 10894 10895 An n-ary predicate p with m parameters z_1, ..., z_m can now be defined via 10896 10897 inductive 10898 p :: "U_1 => ... => U_m => T_1 => ... => T_n => bool" 10899 for z_1 :: U_1 and ... and z_n :: U_m 10900 where 10901 rule_1: "... ==> p z_1 ... z_m t_1_1 ... t_1_n" 10902 | ... 10903 10904 with full support for type-inference, rather than 10905 10906 consts s :: "U_1 => ... => U_m => (T_1 * ... * T_n) set" 10907 10908 abbreviation p :: "U_1 => ... => U_m => T_1 => ... => T_n => bool" 10909 where "p z_1 ... z_m x_1 ... x_n == (x_1, ..., x_n) : s z_1 ... z_m" 10910 10911 inductive "s z_1 ... z_m" 10912 intros 10913 rule_1: "... ==> (t_1_1, ..., t_1_n) : s z_1 ... z_m" 10914 ... 10915 10916 For backward compatibility, there is a wrapper allowing inductive 10917 sets to be defined with the new package via 10918 10919 inductive_set 10920 s :: "U_1 => ... => U_m => (T_1 * ... * T_n) set" 10921 for z_1 :: U_1 and ... and z_n :: U_m 10922 where 10923 rule_1: "... ==> (t_1_1, ..., t_1_n) : s z_1 ... z_m" 10924 | ... 10925 10926 or 10927 10928 inductive_set 10929 s :: "U_1 => ... => U_m => (T_1 * ... * T_n) set" 10930 and p :: "U_1 => ... => U_m => T_1 => ... => T_n => bool" 10931 for z_1 :: U_1 and ... and z_n :: U_m 10932 where 10933 "p z_1 ... z_m x_1 ... x_n == (x_1, ..., x_n) : s z_1 ... z_m" 10934 | rule_1: "... ==> p z_1 ... z_m t_1_1 ... t_1_n" 10935 | ... 10936 10937 if the additional syntax "p ..." is required. 10938 10939 Numerous examples can be found in the subdirectories src/HOL/Auth, 10940 src/HOL/Bali, src/HOL/Induct, and src/HOL/MicroJava. 10941 10942 INCOMPATIBILITIES: 10943 10944 - Since declaration and definition of inductive sets or predicates 10945 is no longer separated, abbreviations involving the newly 10946 introduced sets or predicates must be specified together with the 10947 introduction rules after the 'where' keyword (see above), rather 10948 than before the actual inductive definition. 10949 10950 - The variables in induction and elimination rules are now 10951 quantified in the order of their occurrence in the introduction 10952 rules, rather than in alphabetical order. Since this may break 10953 some proofs, these proofs either have to be repaired, e.g. by 10954 reordering the variables a_i_1 ... a_i_{k_i} in Isar 'case' 10955 statements of the form 10956 10957 case (rule_i a_i_1 ... a_i_{k_i}) 10958 10959 or the old order of quantification has to be restored by explicitly adding 10960 meta-level quantifiers in the introduction rules, i.e. 10961 10962 | rule_i: "!!a_i_1 ... a_i_{k_i}. ... ==> p z_1 ... z_m t_i_1 ... t_i_n" 10963 10964 - The format of the elimination rules is now 10965 10966 p z_1 ... z_m x_1 ... x_n ==> 10967 (!!a_1_1 ... a_1_{k_1}. x_1 = t_1_1 ==> ... ==> x_n = t_1_n ==> ... ==> P) 10968 ==> ... ==> P 10969 10970 for predicates and 10971 10972 (x_1, ..., x_n) : s z_1 ... z_m ==> 10973 (!!a_1_1 ... a_1_{k_1}. x_1 = t_1_1 ==> ... ==> x_n = t_1_n ==> ... ==> P) 10974 ==> ... ==> P 10975 10976 for sets rather than 10977 10978 x : s z_1 ... z_m ==> 10979 (!!a_1_1 ... a_1_{k_1}. x = (t_1_1, ..., t_1_n) ==> ... ==> P) 10980 ==> ... ==> P 10981 10982 This may require terms in goals to be expanded to n-tuples 10983 (e.g. using case_tac or simplification with the split_paired_all 10984 rule) before the above elimination rule is applicable. 10985 10986 - The elimination or case analysis rules for (mutually) inductive 10987 sets or predicates are now called "p_1.cases" ... "p_k.cases". The 10988 list of rules "p_1_..._p_k.elims" is no longer available. 10989 10990* New package "function"/"fun" for general recursive functions, 10991supporting mutual and nested recursion, definitions in local contexts, 10992more general pattern matching and partiality. See HOL/ex/Fundefs.thy 10993for small examples, and the separate tutorial on the function 10994package. The old recdef "package" is still available as before, but 10995users are encouraged to use the new package. 10996 10997* Method "lexicographic_order" automatically synthesizes termination 10998relations as lexicographic combinations of size measures. 10999 11000* Case-expressions allow arbitrary constructor-patterns (including 11001"_") and take their order into account, like in functional 11002programming. Internally, this is translated into nested 11003case-expressions; missing cases are added and mapped to the predefined 11004constant "undefined". In complicated cases printing may no longer show 11005the original input but the internal form. Lambda-abstractions allow 11006the same form of pattern matching: "% pat1 => e1 | ..." is an 11007abbreviation for "%x. case x of pat1 => e1 | ..." where x is a new 11008variable. 11009 11010* IntDef: The constant "int :: nat => int" has been removed; now "int" 11011is an abbreviation for "of_nat :: nat => int". The simplification 11012rules for "of_nat" have been changed to work like "int" did 11013previously. Potential INCOMPATIBILITY: 11014 - "of_nat (Suc m)" simplifies to "1 + of_nat m" instead of "of_nat m + 1" 11015 - of_nat_diff and of_nat_mult are no longer default simp rules 11016 11017* Method "algebra" solves polynomial equations over (semi)rings using 11018Groebner bases. The (semi)ring structure is defined by locales and the 11019tool setup depends on that generic context. Installing the method for 11020a specific type involves instantiating the locale and possibly adding 11021declarations for computation on the coefficients. The method is 11022already instantiated for natural numbers and for the axiomatic class 11023of idoms with numerals. See also the paper by Chaieb and Wenzel at 11024CALCULEMUS 2007 for the general principles underlying this 11025architecture of context-aware proof-tools. 11026 11027* Method "ferrack" implements quantifier elimination over 11028special-purpose dense linear orders using locales (analogous to 11029"algebra"). The method is already installed for class 11030{ordered_field,recpower,number_ring} which subsumes real, hyperreal, 11031rat, etc. 11032 11033* Former constant "List.op @" now named "List.append". Use ML 11034antiquotations @{const_name List.append} or @{term " ... @ ... "} to 11035circumvent possible incompatibilities when working on ML level. 11036 11037* primrec: missing cases mapped to "undefined" instead of "arbitrary". 11038 11039* New function listsum :: 'a list => 'a for arbitrary monoids. 11040Special syntax: "SUM x <- xs. f x" (and latex variants) 11041 11042* New syntax for Haskell-like list comprehension (input only), eg. 11043[(x,y). x <- xs, y <- ys, x ~= y], see also src/HOL/List.thy. 11044 11045* The special syntax for function "filter" has changed from [x : 11046xs. P] to [x <- xs. P] to avoid an ambiguity caused by list 11047comprehension syntax, and for uniformity. INCOMPATIBILITY. 11048 11049* [a..b] is now defined for arbitrary linear orders. It used to be 11050defined on nat only, as an abbreviation for [a..<Suc b] 11051INCOMPATIBILITY. 11052 11053* Renamed lemma "set_take_whileD" to "set_takeWhileD". 11054 11055* New functions "sorted" and "sort" in src/HOL/List.thy. 11056 11057* New lemma collection field_simps (an extension of ring_simps) for 11058manipulating (in)equations involving division. Multiplies with all 11059denominators that can be proved to be non-zero (in equations) or 11060positive/negative (in inequations). 11061 11062* Lemma collections ring_eq_simps, group_eq_simps and ring_distrib 11063have been improved and renamed to ring_simps, group_simps and 11064ring_distribs. Removed lemmas field_xyz in theory Ring_and_Field 11065because they were subsumed by lemmas xyz. INCOMPATIBILITY. 11066 11067* Theory Library/Commutative_Ring: switched from recdef to function 11068package; constants add, mul, pow now curried. Infix syntax for 11069algebraic operations. 11070 11071* Dropped redundant lemma def_imp_eq in favor of meta_eq_to_obj_eq. 11072INCOMPATIBILITY. 11073 11074* Dropped redundant lemma if_def2 in favor of if_bool_eq_conj. 11075INCOMPATIBILITY. 11076 11077* HOL/records: generalised field-update to take a function on the 11078field rather than the new value: r(|A := x|) is translated to A_update 11079(K x) r The K-combinator that is internally used is called K_record. 11080INCOMPATIBILITY: Usage of the plain update functions has to be 11081adapted. 11082 11083* Class "semiring_0" now contains annihilation axioms x * 0 = 0 and 0 11084* x = 0, which are required for a semiring. Richer structures do not 11085inherit from semiring_0 anymore, because this property is a theorem 11086there, not an axiom. INCOMPATIBILITY: In instances of semiring_0, 11087there is more to prove, but this is mostly trivial. 11088 11089* Class "recpower" is generalized to arbitrary monoids, not just 11090commutative semirings. INCOMPATIBILITY: may need to incorporate 11091commutativity or semiring properties additionally. 11092 11093* Constant "List.list_all2" in List.thy now uses authentic syntax. 11094INCOMPATIBILITY: translations containing list_all2 may go wrong, 11095better use 'abbreviation'. 11096 11097* Renamed constant "List.op mem" to "List.member". INCOMPATIBILITY. 11098 11099* Numeral syntax: type 'bin' which was a mere type copy of 'int' has 11100been abandoned in favour of plain 'int'. INCOMPATIBILITY -- 11101significant changes for setting up numeral syntax for types: 11102 - New constants Numeral.pred and Numeral.succ instead 11103 of former Numeral.bin_pred and Numeral.bin_succ. 11104 - Use integer operations instead of bin_add, bin_mult and so on. 11105 - Numeral simplification theorems named Numeral.numeral_simps instead of Bin_simps. 11106 - ML structure Bin_Simprocs now named Int_Numeral_Base_Simprocs. 11107 11108See src/HOL/Integ/IntArith.thy for an example setup. 11109 11110* Command 'normal_form' computes the normal form of a term that may 11111contain free variables. For example ``normal_form "rev [a, b, c]"'' 11112produces ``[b, c, a]'' (without proof). This command is suitable for 11113heavy-duty computations because the functions are compiled to ML 11114first. Correspondingly, a method "normalization" is provided. See 11115further src/HOL/ex/NormalForm.thy and src/Tools/nbe.ML. 11116 11117* Alternative iff syntax "A <-> B" for equality on bool (with priority 1111825 like -->); output depends on the "iff" print_mode, the default is 11119"A = B" (with priority 50). 11120 11121* Relations less (<) and less_eq (<=) are also available on type bool. 11122Modified syntax to disallow nesting without explicit parentheses, 11123e.g. "(x < y) < z" or "x < (y < z)", but NOT "x < y < z". Potential 11124INCOMPATIBILITY. 11125 11126* "LEAST x:A. P" expands to "LEAST x. x:A & P" (input only). 11127 11128* Relation composition operator "op O" now has precedence 75 and binds 11129stronger than union and intersection. INCOMPATIBILITY. 11130 11131* The old set interval syntax "{m..n(}" (and relatives) has been 11132removed. Use "{m..<n}" (and relatives) instead. 11133 11134* In the context of the assumption "~(s = t)" the Simplifier rewrites 11135"t = s" to False (by simproc "neq"). INCOMPATIBILITY, consider using 11136``declare [[simproc del: neq]]''. 11137 11138* Simplifier: "m dvd n" where m and n are numbers is evaluated to 11139True/False. 11140 11141* Theorem Cons_eq_map_conv no longer declared as "simp". 11142 11143* Theorem setsum_mult renamed to setsum_right_distrib. 11144 11145* Prefer ex1I over ex_ex1I in single-step reasoning, e.g. by the 11146``rule'' method. 11147 11148* Reimplemented methods "sat" and "satx", with several improvements: 11149goals no longer need to be stated as "<prems> ==> False", equivalences 11150(i.e. "=" on type bool) are handled, variable names of the form 11151"lit_<n>" are no longer reserved, significant speedup. 11152 11153* Methods "sat" and "satx" can now replay MiniSat proof traces. 11154zChaff is still supported as well. 11155 11156* 'inductive' and 'datatype': provide projections of mutual rules, 11157bundled as foo_bar.inducts; 11158 11159* Library: moved theories Parity, GCD, Binomial, Infinite_Set to 11160Library. 11161 11162* Library: moved theory Accessible_Part to main HOL. 11163 11164* Library: added theory Coinductive_List of potentially infinite lists 11165as greatest fixed-point. 11166 11167* Library: added theory AssocList which implements (finite) maps as 11168association lists. 11169 11170* Method "evaluation" solves goals (i.e. a boolean expression) 11171efficiently by compiling it to ML. The goal is "proved" (via an 11172oracle) if it evaluates to True. 11173 11174* Linear arithmetic now splits certain operators (e.g. min, max, abs) 11175also when invoked by the simplifier. This results in the Simplifier 11176being more powerful on arithmetic goals. INCOMPATIBILITY. 11177Configuration option fast_arith_split_limit=0 recovers the old 11178behavior. 11179 11180* Support for hex (0x20) and binary (0b1001) numerals. 11181 11182* New method: reify eqs (t), where eqs are equations for an 11183interpretation I :: 'a list => 'b => 'c and t::'c is an optional 11184parameter, computes a term s::'b and a list xs::'a list and proves the 11185theorem I xs s = t. This is also known as reification or quoting. The 11186resulting theorem is applied to the subgoal to substitute t with I xs 11187s. If t is omitted, the subgoal itself is reified. 11188 11189* New method: reflection corr_thm eqs (t). The parameters eqs and (t) 11190are as explained above. corr_thm is a theorem for I vs (f t) = I vs t, 11191where f is supposed to be a computable function (in the sense of code 11192generattion). The method uses reify to compute s and xs as above then 11193applies corr_thm and uses normalization by evaluation to "prove" f s = 11194r and finally gets the theorem t = r, which is again applied to the 11195subgoal. An Example is available in src/HOL/ex/ReflectionEx.thy. 11196 11197* Reflection: Automatic reification now handels binding, an example is 11198available in src/HOL/ex/ReflectionEx.thy 11199 11200* HOL-Statespace: ``State Spaces: The Locale Way'' introduces a 11201command 'statespace' that is similar to 'record', but introduces an 11202abstract specification based on the locale infrastructure instead of 11203HOL types. This leads to extra flexibility in composing state spaces, 11204in particular multiple inheritance and renaming of components. 11205 11206 11207*** HOL-Complex *** 11208 11209* Hyperreal: Functions root and sqrt are now defined on negative real 11210inputs so that root n (- x) = - root n x and sqrt (- x) = - sqrt x. 11211Nonnegativity side conditions have been removed from many lemmas, so 11212that more subgoals may now be solved by simplification; potential 11213INCOMPATIBILITY. 11214 11215* Real: new type classes formalize real normed vector spaces and 11216algebras, using new overloaded constants scaleR :: real => 'a => 'a 11217and norm :: 'a => real. 11218 11219* Real: constant of_real :: real => 'a::real_algebra_1 injects from 11220reals into other types. The overloaded constant Reals :: 'a set is now 11221defined as range of_real; potential INCOMPATIBILITY. 11222 11223* Real: proper support for ML code generation, including 'quickcheck'. 11224Reals are implemented as arbitrary precision rationals. 11225 11226* Hyperreal: Several constants that previously worked only for the 11227reals have been generalized, so they now work over arbitrary vector 11228spaces. Type annotations may need to be added in some cases; potential 11229INCOMPATIBILITY. 11230 11231 Infinitesimal :: ('a::real_normed_vector) star set 11232 HFinite :: ('a::real_normed_vector) star set 11233 HInfinite :: ('a::real_normed_vector) star set 11234 approx :: ('a::real_normed_vector) star => 'a star => bool 11235 monad :: ('a::real_normed_vector) star => 'a star set 11236 galaxy :: ('a::real_normed_vector) star => 'a star set 11237 (NS)LIMSEQ :: [nat => 'a::real_normed_vector, 'a] => bool 11238 (NS)convergent :: (nat => 'a::real_normed_vector) => bool 11239 (NS)Bseq :: (nat => 'a::real_normed_vector) => bool 11240 (NS)Cauchy :: (nat => 'a::real_normed_vector) => bool 11241 (NS)LIM :: ['a::real_normed_vector => 'b::real_normed_vector, 'a, 'b] => bool 11242 is(NS)Cont :: ['a::real_normed_vector => 'b::real_normed_vector, 'a] => bool 11243 deriv :: ['a::real_normed_field => 'a, 'a, 'a] => bool 11244 sgn :: 'a::real_normed_vector => 'a 11245 exp :: 'a::{recpower,real_normed_field,banach} => 'a 11246 11247* Complex: Some complex-specific constants are now abbreviations for 11248overloaded ones: complex_of_real = of_real, cmod = norm, hcmod = 11249hnorm. Other constants have been entirely removed in favor of the 11250polymorphic versions (INCOMPATIBILITY): 11251 11252 approx <-- capprox 11253 HFinite <-- CFinite 11254 HInfinite <-- CInfinite 11255 Infinitesimal <-- CInfinitesimal 11256 monad <-- cmonad 11257 galaxy <-- cgalaxy 11258 (NS)LIM <-- (NS)CLIM, (NS)CRLIM 11259 is(NS)Cont <-- is(NS)Contc, is(NS)contCR 11260 (ns)deriv <-- (ns)cderiv 11261 11262 11263*** HOL-Algebra *** 11264 11265* Formalisation of ideals and the quotient construction over rings. 11266 11267* Order and lattice theory no longer based on records. 11268INCOMPATIBILITY. 11269 11270* Renamed lemmas least_carrier -> least_closed and greatest_carrier -> 11271greatest_closed. INCOMPATIBILITY. 11272 11273* Method algebra is now set up via an attribute. For examples see 11274Ring.thy. INCOMPATIBILITY: the method is now weaker on combinations 11275of algebraic structures. 11276 11277* Renamed theory CRing to Ring. 11278 11279 11280*** HOL-Nominal *** 11281 11282* Substantial, yet incomplete support for nominal datatypes (binding 11283structures) based on HOL-Nominal logic. See src/HOL/Nominal and 11284src/HOL/Nominal/Examples. Prospective users should consult 11285http://isabelle.in.tum.de/nominal/ 11286 11287 11288*** ML *** 11289 11290* ML basics: just one true type int, which coincides with IntInf.int 11291(even on SML/NJ). 11292 11293* ML within Isar: antiquotations allow to embed statically-checked 11294formal entities in the source, referring to the context available at 11295compile-time. For example: 11296 11297ML {* @{sort "{zero,one}"} *} 11298ML {* @{typ "'a => 'b"} *} 11299ML {* @{term "%x. x"} *} 11300ML {* @{prop "x == y"} *} 11301ML {* @{ctyp "'a => 'b"} *} 11302ML {* @{cterm "%x. x"} *} 11303ML {* @{cprop "x == y"} *} 11304ML {* @{thm asm_rl} *} 11305ML {* @{thms asm_rl} *} 11306ML {* @{type_name c} *} 11307ML {* @{type_syntax c} *} 11308ML {* @{const_name c} *} 11309ML {* @{const_syntax c} *} 11310ML {* @{context} *} 11311ML {* @{theory} *} 11312ML {* @{theory Pure} *} 11313ML {* @{theory_ref} *} 11314ML {* @{theory_ref Pure} *} 11315ML {* @{simpset} *} 11316ML {* @{claset} *} 11317ML {* @{clasimpset} *} 11318 11319The same works for sources being ``used'' within an Isar context. 11320 11321* ML in Isar: improved error reporting; extra verbosity with 11322ML_Context.trace enabled. 11323 11324* Pure/General/table.ML: the join operations now works via exceptions 11325DUP/SAME instead of type option. This is simpler in simple cases, and 11326admits slightly more efficient complex applications. 11327 11328* Pure: 'advanced' translation functions (parse_translation etc.) now 11329use Context.generic instead of just theory. 11330 11331* Pure: datatype Context.generic joins theory/Proof.context and 11332provides some facilities for code that works in either kind of 11333context, notably GenericDataFun for uniform theory and proof data. 11334 11335* Pure: simplified internal attribute type, which is now always 11336Context.generic * thm -> Context.generic * thm. Global (theory) vs. 11337local (Proof.context) attributes have been discontinued, while 11338minimizing code duplication. Thm.rule_attribute and 11339Thm.declaration_attribute build canonical attributes; see also structure 11340Context for further operations on Context.generic, notably 11341GenericDataFun. INCOMPATIBILITY, need to adapt attribute type 11342declarations and definitions. 11343 11344* Context data interfaces (Theory/Proof/GenericDataFun): removed 11345name/print, uninitialized data defaults to ad-hoc copy of empty value, 11346init only required for impure data. INCOMPATIBILITY: empty really need 11347to be empty (no dependencies on theory content!) 11348 11349* Pure/kernel: consts certification ignores sort constraints given in 11350signature declarations. (This information is not relevant to the 11351logic, but only for type inference.) SIGNIFICANT INTERNAL CHANGE, 11352potential INCOMPATIBILITY. 11353 11354* Pure: axiomatic type classes are now purely definitional, with 11355explicit proofs of class axioms and super class relations performed 11356internally. See Pure/axclass.ML for the main internal interfaces -- 11357notably AxClass.define_class supercedes AxClass.add_axclass, and 11358AxClass.axiomatize_class/classrel/arity supersede 11359Sign.add_classes/classrel/arities. 11360 11361* Pure/Isar: Args/Attrib parsers operate on Context.generic -- 11362global/local versions on theory vs. Proof.context have been 11363discontinued; Attrib.syntax and Method.syntax have been adapted 11364accordingly. INCOMPATIBILITY, need to adapt parser expressions for 11365attributes, methods, etc. 11366 11367* Pure: several functions of signature "... -> theory -> theory * ..." 11368have been reoriented to "... -> theory -> ... * theory" in order to 11369allow natural usage in combination with the ||>, ||>>, |-> and 11370fold_map combinators. 11371 11372* Pure: official theorem names (closed derivations) and additional 11373comments (tags) are now strictly separate. Name hints -- which are 11374maintained as tags -- may be attached any time without affecting the 11375derivation. 11376 11377* Pure: primitive rule lift_rule now takes goal cterm instead of an 11378actual goal state (thm). Use Thm.lift_rule (Thm.cprem_of st i) to 11379achieve the old behaviour. 11380 11381* Pure: the "Goal" constant is now called "prop", supporting a 11382slightly more general idea of ``protecting'' meta-level rule 11383statements. 11384 11385* Pure: Logic.(un)varify only works in a global context, which is now 11386enforced instead of silently assumed. INCOMPATIBILITY, may use 11387Logic.legacy_(un)varify as temporary workaround. 11388 11389* Pure: structure Name provides scalable operations for generating 11390internal variable names, notably Name.variants etc. This replaces 11391some popular functions from term.ML: 11392 11393 Term.variant -> Name.variant 11394 Term.variantlist -> Name.variant_list 11395 Term.invent_names -> Name.invent_list 11396 11397Note that low-level renaming rarely occurs in new code -- operations 11398from structure Variable are used instead (see below). 11399 11400* Pure: structure Variable provides fundamental operations for proper 11401treatment of fixed/schematic variables in a context. For example, 11402Variable.import introduces fixes for schematics of given facts and 11403Variable.export reverses the effect (up to renaming) -- this replaces 11404various freeze_thaw operations. 11405 11406* Pure: structure Goal provides simple interfaces for 11407init/conclude/finish and tactical prove operations (replacing former 11408Tactic.prove). Goal.prove is the canonical way to prove results 11409within a given context; Goal.prove_global is a degraded version for 11410theory level goals, including a global Drule.standard. Note that 11411OldGoals.prove_goalw_cterm has long been obsolete, since it is 11412ill-behaved in a local proof context (e.g. with local fixes/assumes or 11413in a locale context). 11414 11415* Pure/Syntax: generic interfaces for parsing (Syntax.parse_term etc.) 11416and type checking (Syntax.check_term etc.), with common combinations 11417(Syntax.read_term etc.). These supersede former Sign.read_term etc. 11418which are considered legacy and await removal. 11419 11420* Pure/Syntax: generic interfaces for type unchecking 11421(Syntax.uncheck_terms etc.) and unparsing (Syntax.unparse_term etc.), 11422with common combinations (Syntax.pretty_term, Syntax.string_of_term 11423etc.). Former Sign.pretty_term, Sign.string_of_term etc. are still 11424available for convenience, but refer to the very same operations using 11425a mere theory instead of a full context. 11426 11427* Isar: simplified treatment of user-level errors, using exception 11428ERROR of string uniformly. Function error now merely raises ERROR, 11429without any side effect on output channels. The Isar toplevel takes 11430care of proper display of ERROR exceptions. ML code may use plain 11431handle/can/try; cat_error may be used to concatenate errors like this: 11432 11433 ... handle ERROR msg => cat_error msg "..." 11434 11435Toplevel ML code (run directly or through the Isar toplevel) may be 11436embedded into the Isar toplevel with exception display/debug like 11437this: 11438 11439 Isar.toplevel (fn () => ...) 11440 11441INCOMPATIBILITY, removed special transform_error facilities, removed 11442obsolete variants of user-level exceptions (ERROR_MESSAGE, 11443Context.PROOF, ProofContext.CONTEXT, Proof.STATE, ProofHistory.FAIL) 11444-- use plain ERROR instead. 11445 11446* Isar: theory setup now has type (theory -> theory), instead of a 11447list. INCOMPATIBILITY, may use #> to compose setup functions. 11448 11449* Isar: ML toplevel pretty printer for type Proof.context, subject to 11450ProofContext.debug/verbose flags. 11451 11452* Isar: Toplevel.theory_to_proof admits transactions that modify the 11453theory before entering a proof state. Transactions now always see a 11454quasi-functional intermediate checkpoint, both in interactive and 11455batch mode. 11456 11457* Isar: simplified interfaces for outer syntax. Renamed 11458OuterSyntax.add_keywords to OuterSyntax.keywords. Removed 11459OuterSyntax.add_parsers -- this functionality is now included in 11460OuterSyntax.command etc. INCOMPATIBILITY. 11461 11462* Simplifier: the simpset of a running simplification process now 11463contains a proof context (cf. Simplifier.the_context), which is the 11464very context that the initial simpset has been retrieved from (by 11465simpset_of/local_simpset_of). Consequently, all plug-in components 11466(solver, looper etc.) may depend on arbitrary proof data. 11467 11468* Simplifier.inherit_context inherits the proof context (plus the 11469local bounds) of the current simplification process; any simproc 11470etc. that calls the Simplifier recursively should do this! Removed 11471former Simplifier.inherit_bounds, which is already included here -- 11472INCOMPATIBILITY. Tools based on low-level rewriting may even have to 11473specify an explicit context using Simplifier.context/theory_context. 11474 11475* Simplifier/Classical Reasoner: more abstract interfaces 11476change_simpset/claset for modifying the simpset/claset reference of a 11477theory; raw versions simpset/claset_ref etc. have been discontinued -- 11478INCOMPATIBILITY. 11479 11480* Provers: more generic wrt. syntax of object-logics, avoid hardwired 11481"Trueprop" etc. 11482 11483 11484*** System *** 11485 11486* settings: the default heap location within ISABELLE_HOME_USER now 11487includes ISABELLE_IDENTIFIER. This simplifies use of multiple 11488Isabelle installations. 11489 11490* isabelle-process: option -S (secure mode) disables some critical 11491operations, notably runtime compilation and evaluation of ML source 11492code. 11493 11494* Basic Isabelle mode for jEdit, see Isabelle/lib/jedit/. 11495 11496* Support for parallel execution, using native multicore support of 11497Poly/ML 5.1. The theory loader exploits parallelism when processing 11498independent theories, according to the given theory header 11499specifications. The maximum number of worker threads is specified via 11500usedir option -M or the "max-threads" setting in Proof General. A 11501speedup factor of 1.5--3.5 can be expected on a 4-core machine, and up 11502to 6 on a 8-core machine. User-code needs to observe certain 11503guidelines for thread-safe programming, see appendix A in the Isar 11504Implementation manual. 11505 11506 11507 11508New in Isabelle2005 (October 2005) 11509---------------------------------- 11510 11511*** General *** 11512 11513* Theory headers: the new header syntax for Isar theories is 11514 11515 theory <name> 11516 imports <theory1> ... <theoryN> 11517 uses <file1> ... <fileM> 11518 begin 11519 11520where the 'uses' part is optional. The previous syntax 11521 11522 theory <name> = <theory1> + ... + <theoryN>: 11523 11524will disappear in the next release. Use isatool fixheaders to convert 11525existing theory files. Note that there is no change in ancient 11526non-Isar theories now, but these will disappear soon. 11527 11528* Theory loader: parent theories can now also be referred to via 11529relative and absolute paths. 11530 11531* Command 'find_theorems' searches for a list of criteria instead of a 11532list of constants. Known criteria are: intro, elim, dest, name:string, 11533simp:term, and any term. Criteria can be preceded by '-' to select 11534theorems that do not match. Intro, elim, dest select theorems that 11535match the current goal, name:s selects theorems whose fully qualified 11536name contain s, and simp:term selects all simplification rules whose 11537lhs match term. Any other term is interpreted as pattern and selects 11538all theorems matching the pattern. Available in ProofGeneral under 11539'ProofGeneral -> Find Theorems' or C-c C-f. Example: 11540 11541 C-c C-f (100) "(_::nat) + _ + _" intro -name: "HOL." 11542 11543prints the last 100 theorems matching the pattern "(_::nat) + _ + _", 11544matching the current goal as introduction rule and not having "HOL." 11545in their name (i.e. not being defined in theory HOL). 11546 11547* Command 'thms_containing' has been discontinued in favour of 11548'find_theorems'; INCOMPATIBILITY. 11549 11550* Communication with Proof General is now 8bit clean, which means that 11551Unicode text in UTF-8 encoding may be used within theory texts (both 11552formal and informal parts). Cf. option -U of the Isabelle Proof 11553General interface. Here are some simple examples (cf. src/HOL/ex): 11554 11555 http://isabelle.in.tum.de/library/HOL/ex/Hebrew.html 11556 http://isabelle.in.tum.de/library/HOL/ex/Chinese.html 11557 11558* Improved efficiency of the Simplifier and, to a lesser degree, the 11559Classical Reasoner. Typical big applications run around 2 times 11560faster. 11561 11562 11563*** Document preparation *** 11564 11565* Commands 'display_drafts' and 'print_drafts' perform simple output 11566of raw sources. Only those symbols that do not require additional 11567LaTeX packages (depending on comments in isabellesym.sty) are 11568displayed properly, everything else is left verbatim. isatool display 11569and isatool print are used as front ends (these are subject to the 11570DVI/PDF_VIEWER and PRINT_COMMAND settings, respectively). 11571 11572* Command tags control specific markup of certain regions of text, 11573notably folding and hiding. Predefined tags include "theory" (for 11574theory begin and end), "proof" for proof commands, and "ML" for 11575commands involving ML code; the additional tags "visible" and 11576"invisible" are unused by default. Users may give explicit tag 11577specifications in the text, e.g. ''by %invisible (auto)''. The 11578interpretation of tags is determined by the LaTeX job during document 11579preparation: see option -V of isatool usedir, or options -n and -t of 11580isatool document, or even the LaTeX macros \isakeeptag, \isafoldtag, 11581\isadroptag. 11582 11583Several document versions may be produced at the same time via isatool 11584usedir (the generated index.html will link all of them). Typical 11585specifications include ''-V document=theory,proof,ML'' to present 11586theory/proof/ML parts faithfully, ''-V outline=/proof,/ML'' to fold 11587proof and ML commands, and ''-V mutilated=-theory,-proof,-ML'' to omit 11588these parts without any formal replacement text. The Isabelle site 11589default settings produce ''document'' and ''outline'' versions as 11590specified above. 11591 11592* Several new antiquotations: 11593 11594 @{term_type term} prints a term with its type annotated; 11595 11596 @{typeof term} prints the type of a term; 11597 11598 @{const const} is the same as @{term const}, but checks that the 11599 argument is a known logical constant; 11600 11601 @{term_style style term} and @{thm_style style thm} print a term or 11602 theorem applying a "style" to it 11603 11604 @{ML text} 11605 11606Predefined styles are 'lhs' and 'rhs' printing the lhs/rhs of 11607definitions, equations, inequations etc., 'concl' printing only the 11608conclusion of a meta-logical statement theorem, and 'prem1' .. 'prem19' 11609to print the specified premise. TermStyle.add_style provides an ML 11610interface for introducing further styles. See also the "LaTeX Sugar" 11611document practical applications. The ML antiquotation prints 11612type-checked ML expressions verbatim. 11613 11614* Markup commands 'chapter', 'section', 'subsection', 'subsubsection', 11615and 'text' support optional locale specification '(in loc)', which 11616specifies the default context for interpreting antiquotations. For 11617example: 'text (in lattice) {* @{thm inf_assoc}*}'. 11618 11619* Option 'locale=NAME' of antiquotations specifies an alternative 11620context interpreting the subsequent argument. For example: @{thm 11621[locale=lattice] inf_assoc}. 11622 11623* Proper output of proof terms (@{prf ...} and @{full_prf ...}) within 11624a proof context. 11625 11626* Proper output of antiquotations for theory commands involving a 11627proof context (such as 'locale' or 'theorem (in loc) ...'). 11628 11629* Delimiters of outer tokens (string etc.) now produce separate LaTeX 11630macros (\isachardoublequoteopen, isachardoublequoteclose etc.). 11631 11632* isatool usedir: new option -C (default true) controls whether option 11633-D should include a copy of the original document directory; -C false 11634prevents unwanted effects such as copying of administrative CVS data. 11635 11636 11637*** Pure *** 11638 11639* Considerably improved version of 'constdefs' command. Now performs 11640automatic type-inference of declared constants; additional support for 11641local structure declarations (cf. locales and HOL records), see also 11642isar-ref manual. Potential INCOMPATIBILITY: need to observe strictly 11643sequential dependencies of definitions within a single 'constdefs' 11644section; moreover, the declared name needs to be an identifier. If 11645all fails, consider to fall back on 'consts' and 'defs' separately. 11646 11647* Improved indexed syntax and implicit structures. First of all, 11648indexed syntax provides a notational device for subscripted 11649application, using the new syntax \<^bsub>term\<^esub> for arbitrary 11650expressions. Secondly, in a local context with structure 11651declarations, number indexes \<^sub>n or the empty index (default 11652number 1) refer to a certain fixed variable implicitly; option 11653show_structs controls printing of implicit structures. Typical 11654applications of these concepts involve record types and locales. 11655 11656* New command 'no_syntax' removes grammar declarations (and 11657translations) resulting from the given syntax specification, which is 11658interpreted in the same manner as for the 'syntax' command. 11659 11660* 'Advanced' translation functions (parse_translation etc.) may depend 11661on the signature of the theory context being presently used for 11662parsing/printing, see also isar-ref manual. 11663 11664* Improved 'oracle' command provides a type-safe interface to turn an 11665ML expression of type theory -> T -> term into a primitive rule of 11666type theory -> T -> thm (i.e. the functionality of Thm.invoke_oracle 11667is already included here); see also FOL/ex/IffExample.thy; 11668INCOMPATIBILITY. 11669 11670* axclass: name space prefix for class "c" is now "c_class" (was "c" 11671before); "cI" is no longer bound, use "c.intro" instead. 11672INCOMPATIBILITY. This change avoids clashes of fact bindings for 11673axclasses vs. locales. 11674 11675* Improved internal renaming of symbolic identifiers -- attach primes 11676instead of base 26 numbers. 11677 11678* New flag show_question_marks controls printing of leading question 11679marks in schematic variable names. 11680 11681* In schematic variable names, *any* symbol following \<^isub> or 11682\<^isup> is now treated as part of the base name. For example, the 11683following works without printing of awkward ".0" indexes: 11684 11685 lemma "x\<^isub>1 = x\<^isub>2 ==> x\<^isub>2 = x\<^isub>1" 11686 by simp 11687 11688* Inner syntax includes (*(*nested*) comments*). 11689 11690* Pretty printer now supports unbreakable blocks, specified in mixfix 11691annotations as "(00...)". 11692 11693* Clear separation of logical types and nonterminals, where the latter 11694may only occur in 'syntax' specifications or type abbreviations. 11695Before that distinction was only partially implemented via type class 11696"logic" vs. "{}". Potential INCOMPATIBILITY in rare cases of improper 11697use of 'types'/'consts' instead of 'nonterminals'/'syntax'. Some very 11698exotic syntax specifications may require further adaption 11699(e.g. Cube/Cube.thy). 11700 11701* Removed obsolete type class "logic", use the top sort {} instead. 11702Note that non-logical types should be declared as 'nonterminals' 11703rather than 'types'. INCOMPATIBILITY for new object-logic 11704specifications. 11705 11706* Attributes 'induct' and 'cases': type or set names may now be 11707locally fixed variables as well. 11708 11709* Simplifier: can now control the depth to which conditional rewriting 11710is traced via the PG menu Isabelle -> Settings -> Trace Simp Depth 11711Limit. 11712 11713* Simplifier: simplification procedures may now take the current 11714simpset into account (cf. Simplifier.simproc(_i) / mk_simproc 11715interface), which is very useful for calling the Simplifier 11716recursively. Minor INCOMPATIBILITY: the 'prems' argument of simprocs 11717is gone -- use prems_of_ss on the simpset instead. Moreover, the 11718low-level mk_simproc no longer applies Logic.varify internally, to 11719allow for use in a context of fixed variables. 11720 11721* thin_tac now works even if the assumption being deleted contains !! 11722or ==>. More generally, erule now works even if the major premise of 11723the elimination rule contains !! or ==>. 11724 11725* Method 'rules' has been renamed to 'iprover'. INCOMPATIBILITY. 11726 11727* Reorganized bootstrapping of the Pure theories; CPure is now derived 11728from Pure, which contains all common declarations already. Both 11729theories are defined via plain Isabelle/Isar .thy files. 11730INCOMPATIBILITY: elements of CPure (such as the CPure.intro / 11731CPure.elim / CPure.dest attributes) now appear in the Pure name space; 11732use isatool fixcpure to adapt your theory and ML sources. 11733 11734* New syntax 'name(i-j, i-, i, ...)' for referring to specific 11735selections of theorems in named facts via index ranges. 11736 11737* 'print_theorems': in theory mode, really print the difference 11738wrt. the last state (works for interactive theory development only), 11739in proof mode print all local facts (cf. 'print_facts'); 11740 11741* 'hide': option '(open)' hides only base names. 11742 11743* More efficient treatment of intermediate checkpoints in interactive 11744theory development. 11745 11746* Code generator is now invoked via code_module (incremental code 11747generation) and code_library (modular code generation, ML structures 11748for each theory). INCOMPATIBILITY: new keywords 'file' and 'contains' 11749must be quoted when used as identifiers. 11750 11751* New 'value' command for reading, evaluating and printing terms using 11752the code generator. INCOMPATIBILITY: command keyword 'value' must be 11753quoted when used as identifier. 11754 11755 11756*** Locales *** 11757 11758* New commands for the interpretation of locale expressions in 11759theories (1), locales (2) and proof contexts (3). These generate 11760proof obligations from the expression specification. After the 11761obligations have been discharged, theorems of the expression are added 11762to the theory, target locale or proof context. The synopsis of the 11763commands is a follows: 11764 11765 (1) interpretation expr inst 11766 (2) interpretation target < expr 11767 (3) interpret expr inst 11768 11769Interpretation in theories and proof contexts require a parameter 11770instantiation of terms from the current context. This is applied to 11771specifications and theorems of the interpreted expression. 11772Interpretation in locales only permits parameter renaming through the 11773locale expression. Interpretation is smart in that interpretations 11774that are active already do not occur in proof obligations, neither are 11775instantiated theorems stored in duplicate. Use 'print_interps' to 11776inspect active interpretations of a particular locale. For details, 11777see the Isar Reference manual. Examples can be found in 11778HOL/Finite_Set.thy and HOL/Algebra/UnivPoly.thy. 11779 11780INCOMPATIBILITY: former 'instantiate' has been withdrawn, use 11781'interpret' instead. 11782 11783* New context element 'constrains' for adding type constraints to 11784parameters. 11785 11786* Context expressions: renaming of parameters with syntax 11787redeclaration. 11788 11789* Locale declaration: 'includes' disallowed. 11790 11791* Proper static binding of attribute syntax -- i.e. types / terms / 11792facts mentioned as arguments are always those of the locale definition 11793context, independently of the context of later invocations. Moreover, 11794locale operations (renaming and type / term instantiation) are applied 11795to attribute arguments as expected. 11796 11797INCOMPATIBILITY of the ML interface: always pass Attrib.src instead of 11798actual attributes; rare situations may require Attrib.attribute to 11799embed those attributes into Attrib.src that lack concrete syntax. 11800Attribute implementations need to cooperate properly with the static 11801binding mechanism. Basic parsers Args.XXX_typ/term/prop and 11802Attrib.XXX_thm etc. already do the right thing without further 11803intervention. Only unusual applications -- such as "where" or "of" 11804(cf. src/Pure/Isar/attrib.ML), which process arguments depending both 11805on the context and the facts involved -- may have to assign parsed 11806values to argument tokens explicitly. 11807 11808* Changed parameter management in theorem generation for long goal 11809statements with 'includes'. INCOMPATIBILITY: produces a different 11810theorem statement in rare situations. 11811 11812* Locale inspection command 'print_locale' omits notes elements. Use 11813'print_locale!' to have them included in the output. 11814 11815 11816*** Provers *** 11817 11818* Provers/hypsubst.ML: improved version of the subst method, for 11819single-step rewriting: it now works in bound variable contexts. New is 11820'subst (asm)', for rewriting an assumption. INCOMPATIBILITY: may 11821rewrite a different subterm than the original subst method, which is 11822still available as 'simplesubst'. 11823 11824* Provers/quasi.ML: new transitivity reasoners for transitivity only 11825and quasi orders. 11826 11827* Provers/trancl.ML: new transitivity reasoner for transitive and 11828reflexive-transitive closure of relations. 11829 11830* Provers/blast.ML: new reference depth_limit to make blast's depth 11831limit (previously hard-coded with a value of 20) user-definable. 11832 11833* Provers/simplifier.ML has been moved to Pure, where Simplifier.setup 11834is peformed already. Object-logics merely need to finish their 11835initial simpset configuration as before. INCOMPATIBILITY. 11836 11837 11838*** HOL *** 11839 11840* Symbolic syntax of Hilbert Choice Operator is now as follows: 11841 11842 syntax (epsilon) 11843 "_Eps" :: "[pttrn, bool] => 'a" ("(3\<some>_./ _)" [0, 10] 10) 11844 11845The symbol \<some> is displayed as the alternative epsilon of LaTeX 11846and x-symbol; use option '-m epsilon' to get it actually printed. 11847Moreover, the mathematically important symbolic identifier \<epsilon> 11848becomes available as variable, constant etc. INCOMPATIBILITY, 11849 11850* "x > y" abbreviates "y < x" and "x >= y" abbreviates "y <= x". 11851Similarly for all quantifiers: "ALL x > y" etc. The x-symbol for >= 11852is \<ge>. New transitivity rules have been added to HOL/Orderings.thy to 11853support corresponding Isar calculations. 11854 11855* "{x:A. P}" abbreviates "{x. x:A & P}", and similarly for "\<in>" 11856instead of ":". 11857 11858* theory SetInterval: changed the syntax for open intervals: 11859 11860 Old New 11861 {..n(} {..<n} 11862 {)n..} {n<..} 11863 {m..n(} {m..<n} 11864 {)m..n} {m<..n} 11865 {)m..n(} {m<..<n} 11866 11867The old syntax is still supported but will disappear in the next 11868release. For conversion use the following Emacs search and replace 11869patterns (these are not perfect but work quite well): 11870 11871 {)\([^\.]*\)\.\. -> {\1<\.\.} 11872 \.\.\([^(}]*\)(} -> \.\.<\1} 11873 11874* Theory Commutative_Ring (in Library): method comm_ring for proving 11875equalities in commutative rings; method 'algebra' provides a generic 11876interface. 11877 11878* Theory Finite_Set: changed the syntax for 'setsum', summation over 11879finite sets: "setsum (%x. e) A", which used to be "\<Sum>x:A. e", is 11880now either "SUM x:A. e" or "\<Sum>x \<in> A. e". The bound variable can 11881be a tuple pattern. 11882 11883Some new syntax forms are available: 11884 11885 "\<Sum>x | P. e" for "setsum (%x. e) {x. P}" 11886 "\<Sum>x = a..b. e" for "setsum (%x. e) {a..b}" 11887 "\<Sum>x = a..<b. e" for "setsum (%x. e) {a..<b}" 11888 "\<Sum>x < k. e" for "setsum (%x. e) {..<k}" 11889 11890The latter form "\<Sum>x < k. e" used to be based on a separate 11891function "Summation", which has been discontinued. 11892 11893* theory Finite_Set: in structured induction proofs, the insert case 11894is now 'case (insert x F)' instead of the old counterintuitive 'case 11895(insert F x)'. 11896 11897* The 'refute' command has been extended to support a much larger 11898fragment of HOL, including axiomatic type classes, constdefs and 11899typedefs, inductive datatypes and recursion. 11900 11901* New tactics 'sat' and 'satx' to prove propositional tautologies. 11902Requires zChaff with proof generation to be installed. See 11903HOL/ex/SAT_Examples.thy for examples. 11904 11905* Datatype induction via method 'induct' now preserves the name of the 11906induction variable. For example, when proving P(xs::'a list) by 11907induction on xs, the induction step is now P(xs) ==> P(a#xs) rather 11908than P(list) ==> P(a#list) as previously. Potential INCOMPATIBILITY 11909in unstructured proof scripts. 11910 11911* Reworked implementation of records. Improved scalability for 11912records with many fields, avoiding performance problems for type 11913inference. Records are no longer composed of nested field types, but 11914of nested extension types. Therefore the record type only grows linear 11915in the number of extensions and not in the number of fields. The 11916top-level (users) view on records is preserved. Potential 11917INCOMPATIBILITY only in strange cases, where the theory depends on the 11918old record representation. The type generated for a record is called 11919<record_name>_ext_type. 11920 11921Flag record_quick_and_dirty_sensitive can be enabled to skip the 11922proofs triggered by a record definition or a simproc (if 11923quick_and_dirty is enabled). Definitions of large records can take 11924quite long. 11925 11926New simproc record_upd_simproc for simplification of multiple record 11927updates enabled by default. Moreover, trivial updates are also 11928removed: r(|x := x r|) = r. INCOMPATIBILITY: old proofs break 11929occasionally, since simplification is more powerful by default. 11930 11931* typedef: proper support for polymorphic sets, which contain extra 11932type-variables in the term. 11933 11934* Simplifier: automatically reasons about transitivity chains 11935involving "trancl" (r^+) and "rtrancl" (r^*) by setting up tactics 11936provided by Provers/trancl.ML as additional solvers. INCOMPATIBILITY: 11937old proofs break occasionally as simplification may now solve more 11938goals than previously. 11939 11940* Simplifier: converts x <= y into x = y if assumption y <= x is 11941present. Works for all partial orders (class "order"), in particular 11942numbers and sets. For linear orders (e.g. numbers) it treats ~ x < y 11943just like y <= x. 11944 11945* Simplifier: new simproc for "let x = a in f x". If a is a free or 11946bound variable or a constant then the let is unfolded. Otherwise 11947first a is simplified to b, and then f b is simplified to g. If 11948possible we abstract b from g arriving at "let x = b in h x", 11949otherwise we unfold the let and arrive at g. The simproc can be 11950enabled/disabled by the reference use_let_simproc. Potential 11951INCOMPATIBILITY since simplification is more powerful by default. 11952 11953* Classical reasoning: the meson method now accepts theorems as arguments. 11954 11955* Prover support: pre-release of the Isabelle-ATP linkup, which runs background 11956jobs to provide advice on the provability of subgoals. 11957 11958* Theory OrderedGroup and Ring_and_Field: various additions and 11959improvements to faciliate calculations involving equalities and 11960inequalities. 11961 11962The following theorems have been eliminated or modified 11963(INCOMPATIBILITY): 11964 11965 abs_eq now named abs_of_nonneg 11966 abs_of_ge_0 now named abs_of_nonneg 11967 abs_minus_eq now named abs_of_nonpos 11968 imp_abs_id now named abs_of_nonneg 11969 imp_abs_neg_id now named abs_of_nonpos 11970 mult_pos now named mult_pos_pos 11971 mult_pos_le now named mult_nonneg_nonneg 11972 mult_pos_neg_le now named mult_nonneg_nonpos 11973 mult_pos_neg2_le now named mult_nonneg_nonpos2 11974 mult_neg now named mult_neg_neg 11975 mult_neg_le now named mult_nonpos_nonpos 11976 11977* The following lemmas in Ring_and_Field have been added to the simplifier: 11978 11979 zero_le_square 11980 not_square_less_zero 11981 11982 The following lemmas have been deleted from Real/RealPow: 11983 11984 realpow_zero_zero 11985 realpow_two 11986 realpow_less 11987 zero_le_power 11988 realpow_two_le 11989 abs_realpow_two 11990 realpow_two_abs 11991 11992* Theory Parity: added rules for simplifying exponents. 11993 11994* Theory List: 11995 11996The following theorems have been eliminated or modified 11997(INCOMPATIBILITY): 11998 11999 list_all_Nil now named list_all.simps(1) 12000 list_all_Cons now named list_all.simps(2) 12001 list_all_conv now named list_all_iff 12002 set_mem_eq now named mem_iff 12003 12004* Theories SetsAndFunctions and BigO (see HOL/Library) support 12005asymptotic "big O" calculations. See the notes in BigO.thy. 12006 12007 12008*** HOL-Complex *** 12009 12010* Theory RealDef: better support for embedding natural numbers and 12011integers in the reals. 12012 12013The following theorems have been eliminated or modified 12014(INCOMPATIBILITY): 12015 12016 exp_ge_add_one_self now requires no hypotheses 12017 real_of_int_add reversed direction of equality (use [symmetric]) 12018 real_of_int_minus reversed direction of equality (use [symmetric]) 12019 real_of_int_diff reversed direction of equality (use [symmetric]) 12020 real_of_int_mult reversed direction of equality (use [symmetric]) 12021 12022* Theory RComplete: expanded support for floor and ceiling functions. 12023 12024* Theory Ln is new, with properties of the natural logarithm 12025 12026* Hyperreal: There is a new type constructor "star" for making 12027nonstandard types. The old type names are now type synonyms: 12028 12029 hypreal = real star 12030 hypnat = nat star 12031 hcomplex = complex star 12032 12033* Hyperreal: Many groups of similarly-defined constants have been 12034replaced by polymorphic versions (INCOMPATIBILITY): 12035 12036 star_of <-- hypreal_of_real, hypnat_of_nat, hcomplex_of_complex 12037 12038 starset <-- starsetNat, starsetC 12039 *s* <-- *sNat*, *sc* 12040 starset_n <-- starsetNat_n, starsetC_n 12041 *sn* <-- *sNatn*, *scn* 12042 InternalSets <-- InternalNatSets, InternalCSets 12043 12044 starfun <-- starfun{Nat,Nat2,C,RC,CR} 12045 *f* <-- *fNat*, *fNat2*, *fc*, *fRc*, *fcR* 12046 starfun_n <-- starfun{Nat,Nat2,C,RC,CR}_n 12047 *fn* <-- *fNatn*, *fNat2n*, *fcn*, *fRcn*, *fcRn* 12048 InternalFuns <-- InternalNatFuns, InternalNatFuns2, Internal{C,RC,CR}Funs 12049 12050* Hyperreal: Many type-specific theorems have been removed in favor of 12051theorems specific to various axiomatic type classes (INCOMPATIBILITY): 12052 12053 add_commute <-- {hypreal,hypnat,hcomplex}_add_commute 12054 add_assoc <-- {hypreal,hypnat,hcomplex}_add_assocs 12055 OrderedGroup.add_0 <-- {hypreal,hypnat,hcomplex}_add_zero_left 12056 OrderedGroup.add_0_right <-- {hypreal,hcomplex}_add_zero_right 12057 right_minus <-- hypreal_add_minus 12058 left_minus <-- {hypreal,hcomplex}_add_minus_left 12059 mult_commute <-- {hypreal,hypnat,hcomplex}_mult_commute 12060 mult_assoc <-- {hypreal,hypnat,hcomplex}_mult_assoc 12061 mult_1_left <-- {hypreal,hypnat}_mult_1, hcomplex_mult_one_left 12062 mult_1_right <-- hcomplex_mult_one_right 12063 mult_zero_left <-- hcomplex_mult_zero_left 12064 left_distrib <-- {hypreal,hypnat,hcomplex}_add_mult_distrib 12065 right_distrib <-- hypnat_add_mult_distrib2 12066 zero_neq_one <-- {hypreal,hypnat,hcomplex}_zero_not_eq_one 12067 right_inverse <-- hypreal_mult_inverse 12068 left_inverse <-- hypreal_mult_inverse_left, hcomplex_mult_inv_left 12069 order_refl <-- {hypreal,hypnat}_le_refl 12070 order_trans <-- {hypreal,hypnat}_le_trans 12071 order_antisym <-- {hypreal,hypnat}_le_anti_sym 12072 order_less_le <-- {hypreal,hypnat}_less_le 12073 linorder_linear <-- {hypreal,hypnat}_le_linear 12074 add_left_mono <-- {hypreal,hypnat}_add_left_mono 12075 mult_strict_left_mono <-- {hypreal,hypnat}_mult_less_mono2 12076 add_nonneg_nonneg <-- hypreal_le_add_order 12077 12078* Hyperreal: Separate theorems having to do with type-specific 12079versions of constants have been merged into theorems that apply to the 12080new polymorphic constants (INCOMPATIBILITY): 12081 12082 STAR_UNIV_set <-- {STAR_real,NatStar_real,STARC_complex}_set 12083 STAR_empty_set <-- {STAR,NatStar,STARC}_empty_set 12084 STAR_Un <-- {STAR,NatStar,STARC}_Un 12085 STAR_Int <-- {STAR,NatStar,STARC}_Int 12086 STAR_Compl <-- {STAR,NatStar,STARC}_Compl 12087 STAR_subset <-- {STAR,NatStar,STARC}_subset 12088 STAR_mem <-- {STAR,NatStar,STARC}_mem 12089 STAR_mem_Compl <-- {STAR,STARC}_mem_Compl 12090 STAR_diff <-- {STAR,STARC}_diff 12091 STAR_star_of_image_subset <-- {STAR_hypreal_of_real, NatStar_hypreal_of_real, 12092 STARC_hcomplex_of_complex}_image_subset 12093 starset_n_Un <-- starset{Nat,C}_n_Un 12094 starset_n_Int <-- starset{Nat,C}_n_Int 12095 starset_n_Compl <-- starset{Nat,C}_n_Compl 12096 starset_n_diff <-- starset{Nat,C}_n_diff 12097 InternalSets_Un <-- Internal{Nat,C}Sets_Un 12098 InternalSets_Int <-- Internal{Nat,C}Sets_Int 12099 InternalSets_Compl <-- Internal{Nat,C}Sets_Compl 12100 InternalSets_diff <-- Internal{Nat,C}Sets_diff 12101 InternalSets_UNIV_diff <-- Internal{Nat,C}Sets_UNIV_diff 12102 InternalSets_starset_n <-- Internal{Nat,C}Sets_starset{Nat,C}_n 12103 starset_starset_n_eq <-- starset{Nat,C}_starset{Nat,C}_n_eq 12104 starset_n_starset <-- starset{Nat,C}_n_starset{Nat,C} 12105 starfun_n_starfun <-- starfun{Nat,Nat2,C,RC,CR}_n_starfun{Nat,Nat2,C,RC,CR} 12106 starfun <-- starfun{Nat,Nat2,C,RC,CR} 12107 starfun_mult <-- starfun{Nat,Nat2,C,RC,CR}_mult 12108 starfun_add <-- starfun{Nat,Nat2,C,RC,CR}_add 12109 starfun_minus <-- starfun{Nat,Nat2,C,RC,CR}_minus 12110 starfun_diff <-- starfun{C,RC,CR}_diff 12111 starfun_o <-- starfun{NatNat2,Nat2,_stafunNat,C,C_starfunRC,_starfunCR}_o 12112 starfun_o2 <-- starfun{NatNat2,_stafunNat,C,C_starfunRC,_starfunCR}_o2 12113 starfun_const_fun <-- starfun{Nat,Nat2,C,RC,CR}_const_fun 12114 starfun_inverse <-- starfun{Nat,C,RC,CR}_inverse 12115 starfun_eq <-- starfun{Nat,Nat2,C,RC,CR}_eq 12116 starfun_eq_iff <-- starfun{C,RC,CR}_eq_iff 12117 starfun_Id <-- starfunC_Id 12118 starfun_approx <-- starfun{Nat,CR}_approx 12119 starfun_capprox <-- starfun{C,RC}_capprox 12120 starfun_abs <-- starfunNat_rabs 12121 starfun_lambda_cancel <-- starfun{C,CR,RC}_lambda_cancel 12122 starfun_lambda_cancel2 <-- starfun{C,CR,RC}_lambda_cancel2 12123 starfun_mult_HFinite_approx <-- starfunCR_mult_HFinite_capprox 12124 starfun_mult_CFinite_capprox <-- starfun{C,RC}_mult_CFinite_capprox 12125 starfun_add_capprox <-- starfun{C,RC}_add_capprox 12126 starfun_add_approx <-- starfunCR_add_approx 12127 starfun_inverse_inverse <-- starfunC_inverse_inverse 12128 starfun_divide <-- starfun{C,CR,RC}_divide 12129 starfun_n <-- starfun{Nat,C}_n 12130 starfun_n_mult <-- starfun{Nat,C}_n_mult 12131 starfun_n_add <-- starfun{Nat,C}_n_add 12132 starfun_n_add_minus <-- starfunNat_n_add_minus 12133 starfun_n_const_fun <-- starfun{Nat,C}_n_const_fun 12134 starfun_n_minus <-- starfun{Nat,C}_n_minus 12135 starfun_n_eq <-- starfun{Nat,C}_n_eq 12136 12137 star_n_add <-- {hypreal,hypnat,hcomplex}_add 12138 star_n_minus <-- {hypreal,hcomplex}_minus 12139 star_n_diff <-- {hypreal,hcomplex}_diff 12140 star_n_mult <-- {hypreal,hcomplex}_mult 12141 star_n_inverse <-- {hypreal,hcomplex}_inverse 12142 star_n_le <-- {hypreal,hypnat}_le 12143 star_n_less <-- {hypreal,hypnat}_less 12144 star_n_zero_num <-- {hypreal,hypnat,hcomplex}_zero_num 12145 star_n_one_num <-- {hypreal,hypnat,hcomplex}_one_num 12146 star_n_abs <-- hypreal_hrabs 12147 star_n_divide <-- hcomplex_divide 12148 12149 star_of_add <-- {hypreal_of_real,hypnat_of_nat,hcomplex_of_complex}_add 12150 star_of_minus <-- {hypreal_of_real,hcomplex_of_complex}_minus 12151 star_of_diff <-- hypreal_of_real_diff 12152 star_of_mult <-- {hypreal_of_real,hypnat_of_nat,hcomplex_of_complex}_mult 12153 star_of_one <-- {hypreal_of_real,hcomplex_of_complex}_one 12154 star_of_zero <-- {hypreal_of_real,hypnat_of_nat,hcomplex_of_complex}_zero 12155 star_of_le <-- {hypreal_of_real,hypnat_of_nat}_le_iff 12156 star_of_less <-- {hypreal_of_real,hypnat_of_nat}_less_iff 12157 star_of_eq <-- {hypreal_of_real,hypnat_of_nat,hcomplex_of_complex}_eq_iff 12158 star_of_inverse <-- {hypreal_of_real,hcomplex_of_complex}_inverse 12159 star_of_divide <-- {hypreal_of_real,hcomplex_of_complex}_divide 12160 star_of_of_nat <-- {hypreal_of_real,hcomplex_of_complex}_of_nat 12161 star_of_of_int <-- {hypreal_of_real,hcomplex_of_complex}_of_int 12162 star_of_number_of <-- {hypreal,hcomplex}_number_of 12163 star_of_number_less <-- number_of_less_hypreal_of_real_iff 12164 star_of_number_le <-- number_of_le_hypreal_of_real_iff 12165 star_of_eq_number <-- hypreal_of_real_eq_number_of_iff 12166 star_of_less_number <-- hypreal_of_real_less_number_of_iff 12167 star_of_le_number <-- hypreal_of_real_le_number_of_iff 12168 star_of_power <-- hypreal_of_real_power 12169 star_of_eq_0 <-- hcomplex_of_complex_zero_iff 12170 12171* Hyperreal: new method "transfer" that implements the transfer 12172principle of nonstandard analysis. With a subgoal that mentions 12173nonstandard types like "'a star", the command "apply transfer" 12174replaces it with an equivalent one that mentions only standard types. 12175To be successful, all free variables must have standard types; non- 12176standard variables must have explicit universal quantifiers. 12177 12178* Hyperreal: A theory of Taylor series. 12179 12180 12181*** HOLCF *** 12182 12183* Discontinued special version of 'constdefs' (which used to support 12184continuous functions) in favor of the general Pure one with full 12185type-inference. 12186 12187* New simplification procedure for solving continuity conditions; it 12188is much faster on terms with many nested lambda abstractions (cubic 12189instead of exponential time). 12190 12191* New syntax for domain package: selector names are now optional. 12192Parentheses should be omitted unless argument is lazy, for example: 12193 12194 domain 'a stream = cons "'a" (lazy "'a stream") 12195 12196* New command 'fixrec' for defining recursive functions with pattern 12197matching; defining multiple functions with mutual recursion is also 12198supported. Patterns may include the constants cpair, spair, up, sinl, 12199sinr, or any data constructor defined by the domain package. The given 12200equations are proven as rewrite rules. See HOLCF/ex/Fixrec_ex.thy for 12201syntax and examples. 12202 12203* New commands 'cpodef' and 'pcpodef' for defining predicate subtypes 12204of cpo and pcpo types. Syntax is exactly like the 'typedef' command, 12205but the proof obligation additionally includes an admissibility 12206requirement. The packages generate instances of class cpo or pcpo, 12207with continuity and strictness theorems for Rep and Abs. 12208 12209* HOLCF: Many theorems have been renamed according to a more standard naming 12210scheme (INCOMPATIBILITY): 12211 12212 foo_inject: "foo$x = foo$y ==> x = y" 12213 foo_eq: "(foo$x = foo$y) = (x = y)" 12214 foo_less: "(foo$x << foo$y) = (x << y)" 12215 foo_strict: "foo$UU = UU" 12216 foo_defined: "... ==> foo$x ~= UU" 12217 foo_defined_iff: "(foo$x = UU) = (x = UU)" 12218 12219 12220*** ZF *** 12221 12222* ZF/ex: theories Group and Ring provide examples in abstract algebra, 12223including the First Isomorphism Theorem (on quotienting by the kernel 12224of a homomorphism). 12225 12226* ZF/Simplifier: install second copy of type solver that actually 12227makes use of TC rules declared to Isar proof contexts (or locales); 12228the old version is still required for ML proof scripts. 12229 12230 12231*** Cube *** 12232 12233* Converted to Isar theory format; use locales instead of axiomatic 12234theories. 12235 12236 12237*** ML *** 12238 12239* Pure/library.ML: added ##>, ##>>, #>> -- higher-order counterparts 12240for ||>, ||>>, |>>, 12241 12242* Pure/library.ML no longer defines its own option datatype, but uses 12243that of the SML basis, which has constructors NONE and SOME instead of 12244None and Some, as well as exception Option.Option instead of OPTION. 12245The functions the, if_none, is_some, is_none have been adapted 12246accordingly, while Option.map replaces apsome. 12247 12248* Pure/library.ML: the exception LIST has been given up in favour of 12249the standard exceptions Empty and Subscript, as well as 12250Library.UnequalLengths. Function like Library.hd and Library.tl are 12251superceded by the standard hd and tl functions etc. 12252 12253A number of basic list functions are no longer exported to the ML 12254toplevel, as they are variants of predefined functions. The following 12255suggests how one can translate existing code: 12256 12257 rev_append xs ys = List.revAppend (xs, ys) 12258 nth_elem (i, xs) = List.nth (xs, i) 12259 last_elem xs = List.last xs 12260 flat xss = List.concat xss 12261 seq fs = List.app fs 12262 partition P xs = List.partition P xs 12263 mapfilter f xs = List.mapPartial f xs 12264 12265* Pure/library.ML: several combinators for linear functional 12266transformations, notably reverse application and composition: 12267 12268 x |> f f #> g 12269 (x, y) |-> f f #-> g 12270 12271* Pure/library.ML: introduced/changed precedence of infix operators: 12272 12273 infix 1 |> |-> ||> ||>> |>> |>>> #> #->; 12274 infix 2 ?; 12275 infix 3 o oo ooo oooo; 12276 infix 4 ~~ upto downto; 12277 12278Maybe INCOMPATIBILITY when any of those is used in conjunction with other 12279infix operators. 12280 12281* Pure/library.ML: natural list combinators fold, fold_rev, and 12282fold_map support linear functional transformations and nesting. For 12283example: 12284 12285 fold f [x1, ..., xN] y = 12286 y |> f x1 |> ... |> f xN 12287 12288 (fold o fold) f [xs1, ..., xsN] y = 12289 y |> fold f xs1 |> ... |> fold f xsN 12290 12291 fold f [x1, ..., xN] = 12292 f x1 #> ... #> f xN 12293 12294 (fold o fold) f [xs1, ..., xsN] = 12295 fold f xs1 #> ... #> fold f xsN 12296 12297* Pure/library.ML: the following selectors on type 'a option are 12298available: 12299 12300 the: 'a option -> 'a (*partial*) 12301 these: 'a option -> 'a where 'a = 'b list 12302 the_default: 'a -> 'a option -> 'a 12303 the_list: 'a option -> 'a list 12304 12305* Pure/General: structure AList (cf. Pure/General/alist.ML) provides 12306basic operations for association lists, following natural argument 12307order; moreover the explicit equality predicate passed here avoids 12308potentially expensive polymorphic runtime equality checks. 12309The old functions may be expressed as follows: 12310 12311 assoc = uncurry (AList.lookup (op =)) 12312 assocs = these oo AList.lookup (op =) 12313 overwrite = uncurry (AList.update (op =)) o swap 12314 12315* Pure/General: structure AList (cf. Pure/General/alist.ML) provides 12316 12317 val make: ('a -> 'b) -> 'a list -> ('a * 'b) list 12318 val find: ('a * 'b -> bool) -> ('c * 'b) list -> 'a -> 'c list 12319 12320replacing make_keylist and keyfilter (occassionally used) 12321Naive rewrites: 12322 12323 make_keylist = AList.make 12324 keyfilter = AList.find (op =) 12325 12326* eq_fst and eq_snd now take explicit equality parameter, thus 12327 avoiding eqtypes. Naive rewrites: 12328 12329 eq_fst = eq_fst (op =) 12330 eq_snd = eq_snd (op =) 12331 12332* Removed deprecated apl and apr (rarely used). 12333 Naive rewrites: 12334 12335 apl (n, op) =>>= curry op n 12336 apr (op, m) =>>= fn n => op (n, m) 12337 12338* Pure/General: structure OrdList (cf. Pure/General/ord_list.ML) 12339provides a reasonably efficient light-weight implementation of sets as 12340lists. 12341 12342* Pure/General: generic tables (cf. Pure/General/table.ML) provide a 12343few new operations; existing lookup and update are now curried to 12344follow natural argument order (for use with fold etc.); 12345INCOMPATIBILITY, use (uncurry Symtab.lookup) etc. as last resort. 12346 12347* Pure/General: output via the Isabelle channels of 12348writeln/warning/error etc. is now passed through Output.output, with a 12349hook for arbitrary transformations depending on the print_mode 12350(cf. Output.add_mode -- the first active mode that provides a output 12351function wins). Already formatted output may be embedded into further 12352text via Output.raw; the result of Pretty.string_of/str_of and derived 12353functions (string_of_term/cterm/thm etc.) is already marked raw to 12354accommodate easy composition of diagnostic messages etc. Programmers 12355rarely need to care about Output.output or Output.raw at all, with 12356some notable exceptions: Output.output is required when bypassing the 12357standard channels (writeln etc.), or in token translations to produce 12358properly formatted results; Output.raw is required when capturing 12359already output material that will eventually be presented to the user 12360a second time. For the default print mode, both Output.output and 12361Output.raw have no effect. 12362 12363* Pure/General: Output.time_accumulator NAME creates an operator ('a 12364-> 'b) -> 'a -> 'b to measure runtime and count invocations; the 12365cumulative results are displayed at the end of a batch session. 12366 12367* Pure/General: File.sysify_path and File.quote_sysify path have been 12368replaced by File.platform_path and File.shell_path (with appropriate 12369hooks). This provides a clean interface for unusual systems where the 12370internal and external process view of file names are different. 12371 12372* Pure: more efficient orders for basic syntactic entities: added 12373fast_string_ord, fast_indexname_ord, fast_term_ord; changed sort_ord 12374and typ_ord to use fast_string_ord and fast_indexname_ord (term_ord is 12375NOT affected); structures Symtab, Vartab, Typtab, Termtab use the fast 12376orders now -- potential INCOMPATIBILITY for code that depends on a 12377particular order for Symtab.keys, Symtab.dest, etc. (consider using 12378Library.sort_strings on result). 12379 12380* Pure/term.ML: combinators fold_atyps, fold_aterms, fold_term_types, 12381fold_types traverse types/terms from left to right, observing natural 12382argument order. Supercedes previous foldl_XXX versions, add_frees, 12383add_vars etc. have been adapted as well: INCOMPATIBILITY. 12384 12385* Pure: name spaces have been refined, with significant changes of the 12386internal interfaces -- INCOMPATIBILITY. Renamed cond_extern(_table) 12387to extern(_table). The plain name entry path is superceded by a 12388general 'naming' context, which also includes the 'policy' to produce 12389a fully qualified name and external accesses of a fully qualified 12390name; NameSpace.extend is superceded by context dependent 12391Sign.declare_name. Several theory and proof context operations modify 12392the naming context. Especially note Theory.restore_naming and 12393ProofContext.restore_naming to get back to a sane state; note that 12394Theory.add_path is no longer sufficient to recover from 12395Theory.absolute_path in particular. 12396 12397* Pure: new flags short_names (default false) and unique_names 12398(default true) for controlling output of qualified names. If 12399short_names is set, names are printed unqualified. If unique_names is 12400reset, the name prefix is reduced to the minimum required to achieve 12401the original result when interning again, even if there is an overlap 12402with earlier declarations. 12403 12404* Pure/TheoryDataFun: change of the argument structure; 'prep_ext' is 12405now 'extend', and 'merge' gets an additional Pretty.pp argument 12406(useful for printing error messages). INCOMPATIBILITY. 12407 12408* Pure: major reorganization of the theory context. Type Sign.sg and 12409Theory.theory are now identified, referring to the universal 12410Context.theory (see Pure/context.ML). Actual signature and theory 12411content is managed as theory data. The old code and interfaces were 12412spread over many files and structures; the new arrangement introduces 12413considerable INCOMPATIBILITY to gain more clarity: 12414 12415 Context -- theory management operations (name, identity, inclusion, 12416 parents, ancestors, merge, etc.), plus generic theory data; 12417 12418 Sign -- logical signature and syntax operations (declaring consts, 12419 types, etc.), plus certify/read for common entities; 12420 12421 Theory -- logical theory operations (stating axioms, definitions, 12422 oracles), plus a copy of logical signature operations (consts, 12423 types, etc.); also a few basic management operations (Theory.copy, 12424 Theory.merge, etc.) 12425 12426The most basic sign_of operations (Theory.sign_of, Thm.sign_of_thm 12427etc.) as well as the sign field in Thm.rep_thm etc. have been retained 12428for convenience -- they merely return the theory. 12429 12430* Pure: type Type.tsig is superceded by theory in most interfaces. 12431 12432* Pure: the Isar proof context type is already defined early in Pure 12433as Context.proof (note that ProofContext.context and Proof.context are 12434aliases, where the latter is the preferred name). This enables other 12435Isabelle components to refer to that type even before Isar is present. 12436 12437* Pure/sign/theory: discontinued named name spaces (i.e. classK, 12438typeK, constK, axiomK, oracleK), but provide explicit operations for 12439any of these kinds. For example, Sign.intern typeK is now 12440Sign.intern_type, Theory.hide_space Sign.typeK is now 12441Theory.hide_types. Also note that former 12442Theory.hide_classes/types/consts are now 12443Theory.hide_classes_i/types_i/consts_i, while the non '_i' versions 12444internalize their arguments! INCOMPATIBILITY. 12445 12446* Pure: get_thm interface (of PureThy and ProofContext) expects 12447datatype thmref (with constructors Name and NameSelection) instead of 12448plain string -- INCOMPATIBILITY; 12449 12450* Pure: cases produced by proof methods specify options, where NONE 12451means to remove case bindings -- INCOMPATIBILITY in 12452(RAW_)METHOD_CASES. 12453 12454* Pure: the following operations retrieve axioms or theorems from a 12455theory node or theory hierarchy, respectively: 12456 12457 Theory.axioms_of: theory -> (string * term) list 12458 Theory.all_axioms_of: theory -> (string * term) list 12459 PureThy.thms_of: theory -> (string * thm) list 12460 PureThy.all_thms_of: theory -> (string * thm) list 12461 12462* Pure: print_tac now outputs the goal through the trace channel. 12463 12464* Isar toplevel: improved diagnostics, mostly for Poly/ML only. 12465Reference Toplevel.debug (default false) controls detailed printing 12466and tracing of low-level exceptions; Toplevel.profiling (default 0) 12467controls execution profiling -- set to 1 for time and 2 for space 12468(both increase the runtime). 12469 12470* Isar session: The initial use of ROOT.ML is now always timed, 12471i.e. the log will show the actual process times, in contrast to the 12472elapsed wall-clock time that the outer shell wrapper produces. 12473 12474* Simplifier: improved handling of bound variables (nameless 12475representation, avoid allocating new strings). Simprocs that invoke 12476the Simplifier recursively should use Simplifier.inherit_bounds to 12477avoid local name clashes. Failure to do so produces warnings 12478"Simplifier: renamed bound variable ..."; set Simplifier.debug_bounds 12479for further details. 12480 12481* ML functions legacy_bindings and use_legacy_bindings produce ML fact 12482bindings for all theorems stored within a given theory; this may help 12483in porting non-Isar theories to Isar ones, while keeping ML proof 12484scripts for the time being. 12485 12486* ML operator HTML.with_charset specifies the charset begin used for 12487generated HTML files. For example: 12488 12489 HTML.with_charset "utf-8" use_thy "Hebrew"; 12490 HTML.with_charset "utf-8" use_thy "Chinese"; 12491 12492 12493*** System *** 12494 12495* Allow symlinks to all proper Isabelle executables (Isabelle, 12496isabelle, isatool etc.). 12497 12498* ISABELLE_DOC_FORMAT setting specifies preferred document format (for 12499isatool doc, isatool mkdir, display_drafts etc.). 12500 12501* isatool usedir: option -f allows specification of the ML file to be 12502used by Isabelle; default is ROOT.ML. 12503 12504* New isatool version outputs the version identifier of the Isabelle 12505distribution being used. 12506 12507* HOL: new isatool dimacs2hol converts files in DIMACS CNF format 12508(containing Boolean satisfiability problems) into Isabelle/HOL 12509theories. 12510 12511 12512 12513New in Isabelle2004 (April 2004) 12514-------------------------------- 12515 12516*** General *** 12517 12518* Provers/order.ML: new efficient reasoner for partial and linear orders. 12519 Replaces linorder.ML. 12520 12521* Pure: Greek letters (except small lambda, \<lambda>), as well as Gothic 12522 (\<aa>...\<zz>\<AA>...\<ZZ>), calligraphic (\<A>...\<Z>), and Euler 12523 (\<a>...\<z>), are now considered normal letters, and can therefore 12524 be used anywhere where an ASCII letter (a...zA...Z) has until 12525 now. COMPATIBILITY: This obviously changes the parsing of some 12526 terms, especially where a symbol has been used as a binder, say 12527 '\<Pi>x. ...', which is now a type error since \<Pi>x will be parsed 12528 as an identifier. Fix it by inserting a space around former 12529 symbols. Call 'isatool fixgreek' to try to fix parsing errors in 12530 existing theory and ML files. 12531 12532* Pure: Macintosh and Windows line-breaks are now allowed in theory files. 12533 12534* Pure: single letter sub/superscripts (\<^isub> and \<^isup>) are now 12535 allowed in identifiers. Similar to Greek letters \<^isub> is now considered 12536 a normal (but invisible) letter. For multiple letter subscripts repeat 12537 \<^isub> like this: x\<^isub>1\<^isub>2. 12538 12539* Pure: There are now sub-/superscripts that can span more than one 12540 character. Text between \<^bsub> and \<^esub> is set in subscript in 12541 ProofGeneral and LaTeX, text between \<^bsup> and \<^esup> in 12542 superscript. The new control characters are not identifier parts. 12543 12544* Pure: Control-symbols of the form \<^raw:...> will literally print the 12545 content of "..." to the latex file instead of \isacntrl... . The "..." 12546 may consist of any printable characters excluding the end bracket >. 12547 12548* Pure: Using new Isar command "finalconsts" (or the ML functions 12549 Theory.add_finals or Theory.add_finals_i) it is now possible to 12550 declare constants "final", which prevents their being given a definition 12551 later. It is useful for constants whose behaviour is fixed axiomatically 12552 rather than definitionally, such as the meta-logic connectives. 12553 12554* Pure: 'instance' now handles general arities with general sorts 12555 (i.e. intersections of classes), 12556 12557* Presentation: generated HTML now uses a CSS style sheet to make layout 12558 (somewhat) independent of content. It is copied from lib/html/isabelle.css. 12559 It can be changed to alter the colors/layout of generated pages. 12560 12561 12562*** Isar *** 12563 12564* Tactic emulation methods rule_tac, erule_tac, drule_tac, frule_tac, 12565 cut_tac, subgoal_tac and thin_tac: 12566 - Now understand static (Isar) contexts. As a consequence, users of Isar 12567 locales are no longer forced to write Isar proof scripts. 12568 For details see Isar Reference Manual, paragraph 4.3.2: Further tactic 12569 emulations. 12570 - INCOMPATIBILITY: names of variables to be instantiated may no 12571 longer be enclosed in quotes. Instead, precede variable name with `?'. 12572 This is consistent with the instantiation attribute "where". 12573 12574* Attributes "where" and "of": 12575 - Now take type variables of instantiated theorem into account when reading 12576 the instantiation string. This fixes a bug that caused instantiated 12577 theorems to have too special types in some circumstances. 12578 - "where" permits explicit instantiations of type variables. 12579 12580* Calculation commands "moreover" and "also" no longer interfere with 12581 current facts ("this"), admitting arbitrary combinations with "then" 12582 and derived forms. 12583 12584* Locales: 12585 - Goal statements involving the context element "includes" no longer 12586 generate theorems with internal delta predicates (those ending on 12587 "_axioms") in the premise. 12588 Resolve particular premise with <locale>.intro to obtain old form. 12589 - Fixed bug in type inference ("unify_frozen") that prevented mix of target 12590 specification and "includes" elements in goal statement. 12591 - Rule sets <locale>.intro and <locale>.axioms no longer declared as 12592 [intro?] and [elim?] (respectively) by default. 12593 - Experimental command for instantiation of locales in proof contexts: 12594 instantiate <label>[<attrs>]: <loc> 12595 Instantiates locale <loc> and adds all its theorems to the current context 12596 taking into account their attributes. Label and attrs are optional 12597 modifiers, like in theorem declarations. If present, names of 12598 instantiated theorems are qualified with <label>, and the attributes 12599 <attrs> are applied after any attributes these theorems might have already. 12600 If the locale has assumptions, a chained fact of the form 12601 "<loc> t1 ... tn" is expected from which instantiations of the parameters 12602 are derived. The command does not support old-style locales declared 12603 with "locale (open)". 12604 A few (very simple) examples can be found in FOL/ex/LocaleInst.thy. 12605 12606* HOL: Tactic emulation methods induct_tac and case_tac understand static 12607 (Isar) contexts. 12608 12609 12610*** HOL *** 12611 12612* Proof import: new image HOL4 contains the imported library from 12613 the HOL4 system with about 2500 theorems. It is imported by 12614 replaying proof terms produced by HOL4 in Isabelle. The HOL4 image 12615 can be used like any other Isabelle image. See 12616 HOL/Import/HOL/README for more information. 12617 12618* Simplifier: 12619 - Much improved handling of linear and partial orders. 12620 Reasoners for linear and partial orders are set up for type classes 12621 "linorder" and "order" respectively, and are added to the default simpset 12622 as solvers. This means that the simplifier can build transitivity chains 12623 to solve goals from the assumptions. 12624 - INCOMPATIBILITY: old proofs break occasionally. Typically, applications 12625 of blast or auto after simplification become unnecessary because the goal 12626 is solved by simplification already. 12627 12628* Numerics: new theory Ring_and_Field contains over 250 basic numerical laws, 12629 all proved in axiomatic type classes for semirings, rings and fields. 12630 12631* Numerics: 12632 - Numeric types (nat, int, and in HOL-Complex rat, real, complex, etc.) are 12633 now formalized using the Ring_and_Field theory mentioned above. 12634 - INCOMPATIBILITY: simplification and arithmetic behaves somewhat differently 12635 than before, because now they are set up once in a generic manner. 12636 - INCOMPATIBILITY: many type-specific arithmetic laws have gone. 12637 Look for the general versions in Ring_and_Field (and Power if they concern 12638 exponentiation). 12639 12640* Type "rat" of the rational numbers is now available in HOL-Complex. 12641 12642* Records: 12643 - Record types are now by default printed with their type abbreviation 12644 instead of the list of all field types. This can be configured via 12645 the reference "print_record_type_abbr". 12646 - Simproc "record_upd_simproc" for simplification of multiple updates added 12647 (not enabled by default). 12648 - Simproc "record_ex_sel_eq_simproc" to simplify EX x. sel r = x resp. 12649 EX x. x = sel r to True (not enabled by default). 12650 - Tactic "record_split_simp_tac" to split and simplify records added. 12651 12652* 'specification' command added, allowing for definition by 12653 specification. There is also an 'ax_specification' command that 12654 introduces the new constants axiomatically. 12655 12656* arith(_tac) is now able to generate counterexamples for reals as well. 12657 12658* HOL-Algebra: new locale "ring" for non-commutative rings. 12659 12660* HOL-ex: InductiveInvariant_examples illustrates advanced recursive function 12661 definitions, thanks to Sava Krsti\'{c} and John Matthews. 12662 12663* HOL-Matrix: a first theory for matrices in HOL with an application of 12664 matrix theory to linear programming. 12665 12666* Unions and Intersections: 12667 The latex output syntax of UN and INT has been changed 12668 from "\Union x \in A. B" to "\Union_{x \in A} B" 12669 i.e. the index formulae has become a subscript. 12670 Similarly for "\Union x. B", and for \Inter instead of \Union. 12671 12672* Unions and Intersections over Intervals: 12673 There is new short syntax "UN i<=n. A" for "UN i:{0..n}. A". There is 12674 also an x-symbol version with subscripts "\<Union>\<^bsub>i <= n\<^esub>. A" 12675 like in normal math, and corresponding versions for < and for intersection. 12676 12677* HOL/List: Ordering "lexico" is renamed "lenlex" and the standard 12678 lexicographic dictonary ordering has been added as "lexord". 12679 12680* ML: the legacy theory structures Int and List have been removed. They had 12681 conflicted with ML Basis Library structures having the same names. 12682 12683* 'refute' command added to search for (finite) countermodels. Only works 12684 for a fragment of HOL. The installation of an external SAT solver is 12685 highly recommended. See "HOL/Refute.thy" for details. 12686 12687* 'quickcheck' command: Allows to find counterexamples by evaluating 12688 formulae under an assignment of free variables to random values. 12689 In contrast to 'refute', it can deal with inductive datatypes, 12690 but cannot handle quantifiers. See "HOL/ex/Quickcheck_Examples.thy" 12691 for examples. 12692 12693 12694*** HOLCF *** 12695 12696* Streams now come with concatenation and are part of the HOLCF image 12697 12698 12699 12700New in Isabelle2003 (May 2003) 12701------------------------------ 12702 12703*** General *** 12704 12705* Provers/simplifier: 12706 12707 - Completely reimplemented method simp (ML: Asm_full_simp_tac): 12708 Assumptions are now subject to complete mutual simplification, 12709 not just from left to right. The simplifier now preserves 12710 the order of assumptions. 12711 12712 Potential INCOMPATIBILITY: 12713 12714 -- simp sometimes diverges where the old version did 12715 not, e.g. invoking simp on the goal 12716 12717 [| P (f x); y = x; f x = f y |] ==> Q 12718 12719 now gives rise to the infinite reduction sequence 12720 12721 P(f x) --(f x = f y)--> P(f y) --(y = x)--> P(f x) --(f x = f y)--> ... 12722 12723 Using "simp (asm_lr)" (ML: Asm_lr_simp_tac) instead often solves this 12724 kind of problem. 12725 12726 -- Tactics combining classical reasoner and simplification (such as auto) 12727 are also affected by this change, because many of them rely on 12728 simp. They may sometimes diverge as well or yield a different numbers 12729 of subgoals. Try to use e.g. force, fastsimp, or safe instead of auto 12730 in case of problems. Sometimes subsequent calls to the classical 12731 reasoner will fail because a preceeding call to the simplifier too 12732 eagerly simplified the goal, e.g. deleted redundant premises. 12733 12734 - The simplifier trace now shows the names of the applied rewrite rules 12735 12736 - You can limit the number of recursive invocations of the simplifier 12737 during conditional rewriting (where the simplifie tries to solve the 12738 conditions before applying the rewrite rule): 12739 ML "simp_depth_limit := n" 12740 where n is an integer. Thus you can force termination where previously 12741 the simplifier would diverge. 12742 12743 - Accepts free variables as head terms in congruence rules. Useful in Isar. 12744 12745 - No longer aborts on failed congruence proof. Instead, the 12746 congruence is ignored. 12747 12748* Pure: New generic framework for extracting programs from constructive 12749 proofs. See HOL/Extraction.thy for an example instantiation, as well 12750 as HOL/Extraction for some case studies. 12751 12752* Pure: The main goal of the proof state is no longer shown by default, only 12753the subgoals. This behaviour is controlled by a new flag. 12754 PG menu: Isabelle/Isar -> Settings -> Show Main Goal 12755(ML: Proof.show_main_goal). 12756 12757* Pure: You can find all matching introduction rules for subgoal 1, i.e. all 12758rules whose conclusion matches subgoal 1: 12759 PG menu: Isabelle/Isar -> Show me -> matching rules 12760The rules are ordered by how closely they match the subgoal. 12761In particular, rules that solve a subgoal outright are displayed first 12762(or rather last, the way they are printed). 12763(ML: ProofGeneral.print_intros()) 12764 12765* Pure: New flag trace_unify_fail causes unification to print 12766diagnostic information (PG: in trace buffer) when it fails. This is 12767useful for figuring out why single step proofs like rule, erule or 12768assumption failed. 12769 12770* Pure: Locale specifications now produce predicate definitions 12771according to the body of text (covering assumptions modulo local 12772definitions); predicate "loc_axioms" covers newly introduced text, 12773while "loc" is cumulative wrt. all included locale expressions; the 12774latter view is presented only on export into the global theory 12775context; potential INCOMPATIBILITY, use "(open)" option to fall back 12776on the old view without predicates; 12777 12778* Pure: predefined locales "var" and "struct" are useful for sharing 12779parameters (as in CASL, for example); just specify something like 12780``var x + var y + struct M'' as import; 12781 12782* Pure: improved thms_containing: proper indexing of facts instead of 12783raw theorems; check validity of results wrt. current name space; 12784include local facts of proof configuration (also covers active 12785locales), cover fixed variables in index; may use "_" in term 12786specification; an optional limit for the number of printed facts may 12787be given (the default is 40); 12788 12789* Pure: disallow duplicate fact bindings within new-style theory files 12790(batch-mode only); 12791 12792* Provers: improved induct method: assumptions introduced by case 12793"foo" are split into "foo.hyps" (from the rule) and "foo.prems" (from 12794the goal statement); "foo" still refers to all facts collectively; 12795 12796* Provers: the function blast.overloaded has been removed: all constants 12797are regarded as potentially overloaded, which improves robustness in exchange 12798for slight decrease in efficiency; 12799 12800* Provers/linorder: New generic prover for transitivity reasoning over 12801linear orders. Note: this prover is not efficient! 12802 12803* Isar: preview of problems to finish 'show' now produce an error 12804rather than just a warning (in interactive mode); 12805 12806 12807*** HOL *** 12808 12809* arith(_tac) 12810 12811 - Produces a counter example if it cannot prove a goal. 12812 Note that the counter example may be spurious if the goal is not a formula 12813 of quantifier-free linear arithmetic. 12814 In ProofGeneral the counter example appears in the trace buffer. 12815 12816 - Knows about div k and mod k where k is a numeral of type nat or int. 12817 12818 - Calls full Presburger arithmetic (by Amine Chaieb) if quantifier-free 12819 linear arithmetic fails. This takes account of quantifiers and divisibility. 12820 Presburger arithmetic can also be called explicitly via presburger(_tac). 12821 12822* simp's arithmetic capabilities have been enhanced a bit: it now 12823takes ~= in premises into account (by performing a case split); 12824 12825* simp reduces "m*(n div m) + n mod m" to n, even if the two summands 12826are distributed over a sum of terms; 12827 12828* New tactic "trans_tac" and method "trans" instantiate 12829Provers/linorder.ML for axclasses "order" and "linorder" (predicates 12830"<=", "<" and "="). 12831 12832* function INCOMPATIBILITIES: Pi-sets have been redefined and moved from main 12833HOL to Library/FuncSet; constant "Fun.op o" is now called "Fun.comp"; 12834 12835* 'typedef' command has new option "open" to suppress the set 12836definition; 12837 12838* functions Min and Max on finite sets have been introduced (theory 12839Finite_Set); 12840 12841* attribute [symmetric] now works for relations as well; it turns 12842(x,y) : R^-1 into (y,x) : R, and vice versa; 12843 12844* induct over a !!-quantified statement (say !!x1..xn): 12845 each "case" automatically performs "fix x1 .. xn" with exactly those names. 12846 12847* Map: `empty' is no longer a constant but a syntactic abbreviation for 12848%x. None. Warning: empty_def now refers to the previously hidden definition 12849of the empty set. 12850 12851* Algebra: formalization of classical algebra. Intended as base for 12852any algebraic development in Isabelle. Currently covers group theory 12853(up to Sylow's theorem) and ring theory (Universal Property of 12854Univariate Polynomials). Contributions welcome; 12855 12856* GroupTheory: deleted, since its material has been moved to Algebra; 12857 12858* Complex: new directory of the complex numbers with numeric constants, 12859nonstandard complex numbers, and some complex analysis, standard and 12860nonstandard (Jacques Fleuriot); 12861 12862* HOL-Complex: new image for analysis, replacing HOL-Real and HOL-Hyperreal; 12863 12864* Hyperreal: introduced Gauge integration and hyperreal logarithms (Jacques 12865Fleuriot); 12866 12867* Real/HahnBanach: updated and adapted to locales; 12868 12869* NumberTheory: added Gauss's law of quadratic reciprocity (by Avigad, 12870Gray and Kramer); 12871 12872* UNITY: added the Meier-Sanders theory of progress sets; 12873 12874* MicroJava: bytecode verifier and lightweight bytecode verifier 12875as abstract algorithms, instantiated to the JVM; 12876 12877* Bali: Java source language formalization. Type system, operational 12878semantics, axiomatic semantics. Supported language features: 12879classes, interfaces, objects,virtual methods, static methods, 12880static/instance fields, arrays, access modifiers, definite 12881assignment, exceptions. 12882 12883 12884*** ZF *** 12885 12886* ZF/Constructible: consistency proof for AC (Gdel's constructible 12887universe, etc.); 12888 12889* Main ZF: virtually all theories converted to new-style format; 12890 12891 12892*** ML *** 12893 12894* Pure: Tactic.prove provides sane interface for internal proofs; 12895omits the infamous "standard" operation, so this is more appropriate 12896than prove_goalw_cterm in many situations (e.g. in simprocs); 12897 12898* Pure: improved error reporting of simprocs; 12899 12900* Provers: Simplifier.simproc(_i) provides sane interface for setting 12901up simprocs; 12902 12903 12904*** Document preparation *** 12905 12906* uses \par instead of \\ for line breaks in theory text. This may 12907shift some page breaks in large documents. To get the old behaviour 12908use \renewcommand{\isanewline}{\mbox{}\\\mbox{}} in root.tex. 12909 12910* minimized dependencies of isabelle.sty and isabellesym.sty on 12911other packages 12912 12913* \<euro> now needs package babel/greek instead of marvosym (which 12914broke \Rightarrow) 12915 12916* normal size for \<zero>...\<nine> (uses \mathbf instead of 12917textcomp package) 12918 12919 12920 12921New in Isabelle2002 (March 2002) 12922-------------------------------- 12923 12924*** Document preparation *** 12925 12926* greatly simplified document preparation setup, including more 12927graceful interpretation of isatool usedir -i/-d/-D options, and more 12928instructive isatool mkdir; users should basically be able to get 12929started with "isatool mkdir HOL Test && isatool make"; alternatively, 12930users may run a separate document processing stage manually like this: 12931"isatool usedir -D output HOL Test && isatool document Test/output"; 12932 12933* theory dependency graph may now be incorporated into documents; 12934isatool usedir -g true will produce session_graph.eps/.pdf for use 12935with \includegraphics of LaTeX; 12936 12937* proper spacing of consecutive markup elements, especially text 12938blocks after section headings; 12939 12940* support bold style (for single symbols only), input syntax is like 12941this: "\<^bold>\<alpha>" or "\<^bold>A"; 12942 12943* \<bullet> is now output as bold \cdot by default, which looks much 12944better in printed text; 12945 12946* added default LaTeX bindings for \<tturnstile> and \<TTurnstile>; 12947note that these symbols are currently unavailable in Proof General / 12948X-Symbol; new symbols \<zero>, \<one>, ..., \<nine>, and \<euro>; 12949 12950* isatool latex no longer depends on changed TEXINPUTS, instead 12951isatool document copies the Isabelle style files to the target 12952location; 12953 12954 12955*** Isar *** 12956 12957* Pure/Provers: improved proof by cases and induction; 12958 - 'case' command admits impromptu naming of parameters (such as 12959 "case (Suc n)"); 12960 - 'induct' method divinates rule instantiation from the inductive 12961 claim; no longer requires excessive ?P bindings for proper 12962 instantiation of cases; 12963 - 'induct' method properly enumerates all possibilities of set/type 12964 rules; as a consequence facts may be also passed through *type* 12965 rules without further ado; 12966 - 'induct' method now derives symbolic cases from the *rulified* 12967 rule (before it used to rulify cases stemming from the internal 12968 atomized version); this means that the context of a non-atomic 12969 statement becomes is included in the hypothesis, avoiding the 12970 slightly cumbersome show "PROP ?case" form; 12971 - 'induct' may now use elim-style induction rules without chaining 12972 facts, using ``missing'' premises from the goal state; this allows 12973 rules stemming from inductive sets to be applied in unstructured 12974 scripts, while still benefitting from proper handling of non-atomic 12975 statements; NB: major inductive premises need to be put first, all 12976 the rest of the goal is passed through the induction; 12977 - 'induct' proper support for mutual induction involving non-atomic 12978 rule statements (uses the new concept of simultaneous goals, see 12979 below); 12980 - append all possible rule selections, but only use the first 12981 success (no backtracking); 12982 - removed obsolete "(simplified)" and "(stripped)" options of methods; 12983 - undeclared rule case names default to numbers 1, 2, 3, ...; 12984 - added 'print_induct_rules' (covered by help item in recent Proof 12985 General versions); 12986 - moved induct/cases attributes to Pure, methods to Provers; 12987 - generic method setup instantiated for FOL and HOL; 12988 12989* Pure: support multiple simultaneous goal statements, for example 12990"have a: A and b: B" (same for 'theorem' etc.); being a pure 12991meta-level mechanism, this acts as if several individual goals had 12992been stated separately; in particular common proof methods need to be 12993repeated in order to cover all claims; note that a single elimination 12994step is *not* sufficient to establish the two conjunctions, so this 12995fails: 12996 12997 assume "A & B" then have A and B .. (*".." fails*) 12998 12999better use "obtain" in situations as above; alternative refer to 13000multi-step methods like 'auto', 'simp_all', 'blast+' etc.; 13001 13002* Pure: proper integration with ``locales''; unlike the original 13003version by Florian Kammller, Isar locales package high-level proof 13004contexts rather than raw logical ones (e.g. we admit to include 13005attributes everywhere); operations on locales include merge and 13006rename; support for implicit arguments (``structures''); simultaneous 13007type-inference over imports and text; see also HOL/ex/Locales.thy for 13008some examples; 13009 13010* Pure: the following commands have been ``localized'', supporting a 13011target locale specification "(in name)": 'lemma', 'theorem', 13012'corollary', 'lemmas', 'theorems', 'declare'; the results will be 13013stored both within the locale and at the theory level (exported and 13014qualified by the locale name); 13015 13016* Pure: theory goals may now be specified in ``long'' form, with 13017ad-hoc contexts consisting of arbitrary locale elements. for example 13018``lemma foo: fixes x assumes "A x" shows "B x"'' (local syntax and 13019definitions may be given, too); the result is a meta-level rule with 13020the context elements being discharged in the obvious way; 13021 13022* Pure: new proof command 'using' allows to augment currently used 13023facts after a goal statement ('using' is syntactically analogous to 13024'apply', but acts on the goal's facts only); this allows chained facts 13025to be separated into parts given before and after a claim, as in 13026``from a and b have C using d and e <proof>''; 13027 13028* Pure: renamed "antecedent" case to "rule_context"; 13029 13030* Pure: new 'judgment' command records explicit information about the 13031object-logic embedding (used by several tools internally); no longer 13032use hard-wired "Trueprop"; 13033 13034* Pure: added 'corollary' command; 13035 13036* Pure: fixed 'token_translation' command; 13037 13038* Pure: removed obsolete 'exported' attribute; 13039 13040* Pure: dummy pattern "_" in is/let is now automatically lifted over 13041bound variables: "ALL x. P x --> Q x" (is "ALL x. _ --> ?C x") 13042supersedes more cumbersome ... (is "ALL x. _ x --> ?C x"); 13043 13044* Pure: method 'atomize' presents local goal premises as object-level 13045statements (atomic meta-level propositions); setup controlled via 13046rewrite rules declarations of 'atomize' attribute; example 13047application: 'induct' method with proper rule statements in improper 13048proof *scripts*; 13049 13050* Pure: emulation of instantiation tactics (rule_tac, cut_tac, etc.) 13051now consider the syntactic context of assumptions, giving a better 13052chance to get type-inference of the arguments right (this is 13053especially important for locales); 13054 13055* Pure: "sorry" no longer requires quick_and_dirty in interactive 13056mode; 13057 13058* Pure/obtain: the formal conclusion "thesis", being marked as 13059``internal'', may no longer be reference directly in the text; 13060potential INCOMPATIBILITY, may need to use "?thesis" in rare 13061situations; 13062 13063* Pure: generic 'sym' attribute which declares a rule both as pure 13064'elim?' and for the 'symmetric' operation; 13065 13066* Pure: marginal comments ``--'' may now occur just anywhere in the 13067text; the fixed correlation with particular command syntax has been 13068discontinued; 13069 13070* Pure: new method 'rules' is particularly well-suited for proof 13071search in intuitionistic logic; a bit slower than 'blast' or 'fast', 13072but often produces more compact proof terms with less detours; 13073 13074* Pure/Provers/classical: simplified integration with pure rule 13075attributes and methods; the classical "intro?/elim?/dest?" 13076declarations coincide with the pure ones; the "rule" method no longer 13077includes classically swapped intros; "intro" and "elim" methods no 13078longer pick rules from the context; also got rid of ML declarations 13079AddXIs/AddXEs/AddXDs; all of this has some potential for 13080INCOMPATIBILITY; 13081 13082* Provers/classical: attribute 'swapped' produces classical inversions 13083of introduction rules; 13084 13085* Provers/simplifier: 'simplified' attribute may refer to explicit 13086rules instead of full simplifier context; 'iff' attribute handles 13087conditional rules; 13088 13089* HOL: 'typedef' now allows alternative names for Rep/Abs morphisms; 13090 13091* HOL: 'recdef' now fails on unfinished automated proofs, use 13092"(permissive)" option to recover old behavior; 13093 13094* HOL: 'inductive' no longer features separate (collective) attributes 13095for 'intros' (was found too confusing); 13096 13097* HOL: properly declared induction rules less_induct and 13098wf_induct_rule; 13099 13100 13101*** HOL *** 13102 13103* HOL: moved over to sane numeral syntax; the new policy is as 13104follows: 13105 13106 - 0 and 1 are polymorphic constants, which are defined on any 13107 numeric type (nat, int, real etc.); 13108 13109 - 2, 3, 4, ... and -1, -2, -3, ... are polymorphic numerals, based 13110 binary representation internally; 13111 13112 - type nat has special constructor Suc, and generally prefers Suc 0 13113 over 1::nat and Suc (Suc 0) over 2::nat; 13114 13115This change may cause significant problems of INCOMPATIBILITY; here 13116are some hints on converting existing sources: 13117 13118 - due to the new "num" token, "-0" and "-1" etc. are now atomic 13119 entities, so expressions involving "-" (unary or binary minus) need 13120 to be spaced properly; 13121 13122 - existing occurrences of "1" may need to be constraint "1::nat" or 13123 even replaced by Suc 0; similar for old "2"; 13124 13125 - replace "#nnn" by "nnn", and "#-nnn" by "-nnn"; 13126 13127 - remove all special provisions on numerals in proofs; 13128 13129* HOL: simp rules nat_number expand numerals on nat to Suc/0 13130representation (depends on bin_arith_simps in the default context); 13131 13132* HOL: symbolic syntax for x^2 (numeral 2); 13133 13134* HOL: the class of all HOL types is now called "type" rather than 13135"term"; INCOMPATIBILITY, need to adapt references to this type class 13136in axclass/classes, instance/arities, and (usually rare) occurrences 13137in typings (of consts etc.); internally the class is called 13138"HOL.type", ML programs should refer to HOLogic.typeS; 13139 13140* HOL/record package improvements: 13141 - new derived operations "fields" to build a partial record section, 13142 "extend" to promote a fixed record to a record scheme, and 13143 "truncate" for the reverse; cf. theorems "xxx.defs", which are *not* 13144 declared as simp by default; 13145 - shared operations ("more", "fields", etc.) now need to be always 13146 qualified) --- potential INCOMPATIBILITY; 13147 - removed "make_scheme" operations (use "make" with "extend") -- 13148 INCOMPATIBILITY; 13149 - removed "more" class (simply use "term") -- INCOMPATIBILITY; 13150 - provides cases/induct rules for use with corresponding Isar 13151 methods (for concrete records, record schemes, concrete more 13152 parts, and schematic more parts -- in that order); 13153 - internal definitions directly based on a light-weight abstract 13154 theory of product types over typedef rather than datatype; 13155 13156* HOL: generic code generator for generating executable ML code from 13157specifications; specific support for HOL constructs such as inductive 13158datatypes and sets, as well as recursive functions; can be invoked 13159via 'generate_code' theory section; 13160 13161* HOL: canonical cases/induct rules for n-tuples (n = 3..7); 13162 13163* HOL: consolidated and renamed several theories. In particular: 13164 Ord.thy has been absorbed into HOL.thy 13165 String.thy has been absorbed into List.thy 13166 13167* HOL: concrete setsum syntax "\<Sum>i:A. b" == "setsum (%i. b) A" 13168(beware of argument permutation!); 13169 13170* HOL: linorder_less_split superseded by linorder_cases; 13171 13172* HOL/List: "nodups" renamed to "distinct"; 13173 13174* HOL: added "The" definite description operator; move Hilbert's "Eps" 13175to peripheral theory "Hilbert_Choice"; some INCOMPATIBILITIES: 13176 - Ex_def has changed, now need to use some_eq_ex 13177 13178* HOL: made split_all_tac safe; EXISTING PROOFS MAY FAIL OR LOOP, so 13179in this (rare) case use: 13180 13181 delSWrapper "split_all_tac" 13182 addSbefore ("unsafe_split_all_tac", unsafe_split_all_tac) 13183 13184* HOL: added safe wrapper "split_conv_tac" to claset; EXISTING PROOFS 13185MAY FAIL; 13186 13187* HOL: introduced f^n = f o ... o f; warning: due to the limits of 13188Isabelle's type classes, ^ on functions and relations has too general 13189a domain, namely ('a * 'b) set and 'a => 'b; this means that it may be 13190necessary to attach explicit type constraints; 13191 13192* HOL/Relation: the prefix name of the infix "O" has been changed from 13193"comp" to "rel_comp"; INCOMPATIBILITY: a few theorems have been 13194renamed accordingly (eg "compI" -> "rel_compI"). 13195 13196* HOL: syntax translations now work properly with numerals and records 13197expressions; 13198 13199* HOL: bounded abstraction now uses syntax "%" / "\<lambda>" instead 13200of "lam" -- INCOMPATIBILITY; 13201 13202* HOL: got rid of some global declarations (potential INCOMPATIBILITY 13203for ML tools): const "()" renamed "Product_Type.Unity", type "unit" 13204renamed "Product_Type.unit"; 13205 13206* HOL: renamed rtrancl_into_rtrancl2 to converse_rtrancl_into_rtrancl 13207 13208* HOL: removed obsolete theorem "optionE" (use "option.exhaust", or 13209the "cases" method); 13210 13211* HOL/GroupTheory: group theory examples including Sylow's theorem (by 13212Florian Kammller); 13213 13214* HOL/IMP: updated and converted to new-style theory format; several 13215parts turned into readable document, with proper Isar proof texts and 13216some explanations (by Gerwin Klein); 13217 13218* HOL-Real: added Complex_Numbers (by Gertrud Bauer); 13219 13220* HOL-Hyperreal is now a logic image; 13221 13222 13223*** HOLCF *** 13224 13225* Isar: consts/constdefs supports mixfix syntax for continuous 13226operations; 13227 13228* Isar: domain package adapted to new-style theory format, e.g. see 13229HOLCF/ex/Dnat.thy; 13230 13231* theory Lift: proper use of rep_datatype lift instead of ML hacks -- 13232potential INCOMPATIBILITY; now use plain induct_tac instead of former 13233lift.induct_tac, always use UU instead of Undef; 13234 13235* HOLCF/IMP: updated and converted to new-style theory; 13236 13237 13238*** ZF *** 13239 13240* Isar: proper integration of logic-specific tools and packages, 13241including theory commands '(co)inductive', '(co)datatype', 13242'rep_datatype', 'inductive_cases', as well as methods 'ind_cases', 13243'induct_tac', 'case_tac', and 'typecheck' (with attribute 'TC'); 13244 13245* theory Main no longer includes AC; for the Axiom of Choice, base 13246your theory on Main_ZFC; 13247 13248* the integer library now covers quotients and remainders, with many 13249laws relating division to addition, multiplication, etc.; 13250 13251* ZF/UNITY: Chandy and Misra's UNITY is now available in ZF, giving a 13252typeless version of the formalism; 13253 13254* ZF/AC, Coind, IMP, Resid: updated and converted to new-style theory 13255format; 13256 13257* ZF/Induct: new directory for examples of inductive definitions, 13258including theory Multiset for multiset orderings; converted to 13259new-style theory format; 13260 13261* ZF: many new theorems about lists, ordinals, etc.; 13262 13263 13264*** General *** 13265 13266* Pure/kernel: meta-level proof terms (by Stefan Berghofer); reference 13267variable proof controls level of detail: 0 = no proofs (only oracle 13268dependencies), 1 = lemma dependencies, 2 = compact proof terms; see 13269also ref manual for further ML interfaces; 13270 13271* Pure/axclass: removed obsolete ML interface 13272goal_subclass/goal_arity; 13273 13274* Pure/syntax: new token syntax "num" for plain numerals (without "#" 13275of "xnum"); potential INCOMPATIBILITY, since -0, -1 etc. are now 13276separate tokens, so expressions involving minus need to be spaced 13277properly; 13278 13279* Pure/syntax: support non-oriented infixes, using keyword "infix" 13280rather than "infixl" or "infixr"; 13281 13282* Pure/syntax: concrete syntax for dummy type variables admits genuine 13283sort constraint specifications in type inference; e.g. "x::_::foo" 13284ensures that the type of "x" is of sort "foo" (but not necessarily a 13285type variable); 13286 13287* Pure/syntax: print modes "type_brackets" and "no_type_brackets" 13288control output of nested => (types); the default behavior is 13289"type_brackets"; 13290 13291* Pure/syntax: builtin parse translation for "_constify" turns valued 13292tokens into AST constants; 13293 13294* Pure/syntax: prefer later declarations of translations and print 13295translation functions; potential INCOMPATIBILITY: need to reverse 13296multiple declarations for same syntax element constant; 13297 13298* Pure/show_hyps reset by default (in accordance to existing Isar 13299practice); 13300 13301* Provers/classical: renamed addaltern to addafter, addSaltern to 13302addSafter; 13303 13304* Provers/clasimp: ``iff'' declarations now handle conditional rules 13305as well; 13306 13307* system: tested support for MacOS X; should be able to get Isabelle + 13308Proof General to work in a plain Terminal after installing Poly/ML 13309(e.g. from the Isabelle distribution area) and GNU bash alone 13310(e.g. from http://www.apple.com); full X11, XEmacs and X-Symbol 13311support requires further installations, e.g. from 13312http://fink.sourceforge.net/); 13313 13314* system: support Poly/ML 4.1.1 (able to manage larger heaps); 13315 13316* system: reduced base memory usage by Poly/ML (approx. 20 MB instead 13317of 40 MB), cf. ML_OPTIONS; 13318 13319* system: Proof General keywords specification is now part of the 13320Isabelle distribution (see etc/isar-keywords.el); 13321 13322* system: support for persistent Proof General sessions (refrain from 13323outdating all loaded theories on startup); user may create writable 13324logic images like this: ``isabelle -q HOL Test''; 13325 13326* system: smart selection of Isabelle process versus Isabelle 13327interface, accommodates case-insensitive file systems (e.g. HFS+); may 13328run both "isabelle" and "Isabelle" even if file names are badly 13329damaged (executable inspects the case of the first letter of its own 13330name); added separate "isabelle-process" and "isabelle-interface"; 13331 13332* system: refrain from any attempt at filtering input streams; no 13333longer support ``8bit'' encoding of old isabelle font, instead proper 13334iso-latin characters may now be used; the related isatools 13335"symbolinput" and "nonascii" have disappeared as well; 13336 13337* system: removed old "xterm" interface (the print modes "xterm" and 13338"xterm_color" are still available for direct use in a suitable 13339terminal); 13340 13341 13342 13343New in Isabelle99-2 (February 2001) 13344----------------------------------- 13345 13346*** Overview of INCOMPATIBILITIES *** 13347 13348* HOL: please note that theories in the Library and elsewhere often use the 13349new-style (Isar) format; to refer to their theorems in an ML script you must 13350bind them to ML identifers by e.g. val thm_name = thm "thm_name"; 13351 13352* HOL: inductive package no longer splits induction rule aggressively, 13353but only as far as specified by the introductions given; the old 13354format may be recovered via ML function complete_split_rule or attribute 13355'split_rule (complete)'; 13356 13357* HOL: induct renamed to lfp_induct, lfp_Tarski to lfp_unfold, 13358gfp_Tarski to gfp_unfold; 13359 13360* HOL: contrapos, contrapos2 renamed to contrapos_nn, contrapos_pp; 13361 13362* HOL: infix "dvd" now has priority 50 rather than 70 (because it is a 13363relation); infix "^^" has been renamed "``"; infix "``" has been 13364renamed "`"; "univalent" has been renamed "single_valued"; 13365 13366* HOL/Real: "rinv" and "hrinv" replaced by overloaded "inverse" 13367operation; 13368 13369* HOLCF: infix "`" has been renamed "$"; the symbol syntax is \<cdot>; 13370 13371* Isar: 'obtain' no longer declares "that" fact as simp/intro; 13372 13373* Isar/HOL: method 'induct' now handles non-atomic goals; as a 13374consequence, it is no longer monotonic wrt. the local goal context 13375(which is now passed through the inductive cases); 13376 13377* Document preparation: renamed standard symbols \<ll> to \<lless> and 13378\<gg> to \<ggreater>; 13379 13380 13381*** Document preparation *** 13382 13383* \isabellestyle{NAME} selects version of Isabelle output (currently 13384available: are "it" for near math-mode best-style output, "sl" for 13385slanted text style, and "tt" for plain type-writer; if no 13386\isabellestyle command is given, output is according to slanted 13387type-writer); 13388 13389* support sub/super scripts (for single symbols only), input syntax is 13390like this: "A\<^sup>*" or "A\<^sup>\<star>"; 13391 13392* some more standard symbols; see Appendix A of the system manual for 13393the complete list of symbols defined in isabellesym.sty; 13394 13395* improved isabelle style files; more abstract symbol implementation 13396(should now use \isamath{...} and \isatext{...} in custom symbol 13397definitions); 13398 13399* antiquotation @{goals} and @{subgoals} for output of *dynamic* goals 13400state; Note that presentation of goal states does not conform to 13401actual human-readable proof documents. Please do not include goal 13402states into document output unless you really know what you are doing! 13403 13404* proper indentation of antiquoted output with proportional LaTeX 13405fonts; 13406 13407* no_document ML operator temporarily disables LaTeX document 13408generation; 13409 13410* isatool unsymbolize tunes sources for plain ASCII communication; 13411 13412 13413*** Isar *** 13414 13415* Pure: Isar now suffers initial goal statements to contain unbound 13416schematic variables (this does not conform to actual readable proof 13417documents, due to unpredictable outcome and non-compositional proof 13418checking); users who know what they are doing may use schematic goals 13419for Prolog-style synthesis of proven results; 13420 13421* Pure: assumption method (an implicit finishing) now handles actual 13422rules as well; 13423 13424* Pure: improved 'obtain' --- moved to Pure, insert "that" into 13425initial goal, declare "that" only as Pure intro (only for single 13426steps); the "that" rule assumption may now be involved in implicit 13427finishing, thus ".." becomes a feasible for trivial obtains; 13428 13429* Pure: default proof step now includes 'intro_classes'; thus trivial 13430instance proofs may be performed by ".."; 13431 13432* Pure: ?thesis / ?this / "..." now work for pure meta-level 13433statements as well; 13434 13435* Pure: more robust selection of calculational rules; 13436 13437* Pure: the builtin notion of 'finished' goal now includes the ==-refl 13438rule (as well as the assumption rule); 13439 13440* Pure: 'thm_deps' command visualizes dependencies of theorems and 13441lemmas, using the graph browser tool; 13442 13443* Pure: predict failure of "show" in interactive mode; 13444 13445* Pure: 'thms_containing' now takes actual terms as arguments; 13446 13447* HOL: improved method 'induct' --- now handles non-atomic goals 13448(potential INCOMPATIBILITY); tuned error handling; 13449 13450* HOL: cases and induct rules now provide explicit hints about the 13451number of facts to be consumed (0 for "type" and 1 for "set" rules); 13452any remaining facts are inserted into the goal verbatim; 13453 13454* HOL: local contexts (aka cases) may now contain term bindings as 13455well; the 'cases' and 'induct' methods new provide a ?case binding for 13456the result to be shown in each case; 13457 13458* HOL: added 'recdef_tc' command; 13459 13460* isatool convert assists in eliminating legacy ML scripts; 13461 13462 13463*** HOL *** 13464 13465* HOL/Library: a collection of generic theories to be used together 13466with main HOL; the theory loader path already includes this directory 13467by default; the following existing theories have been moved here: 13468HOL/Induct/Multiset, HOL/Induct/Acc (as Accessible_Part), HOL/While 13469(as While_Combinator), HOL/Lex/Prefix (as List_Prefix); 13470 13471* HOL/Unix: "Some aspects of Unix file-system security", a typical 13472modelling and verification task performed in Isabelle/HOL + 13473Isabelle/Isar + Isabelle document preparation (by Markus Wenzel). 13474 13475* HOL/Algebra: special summation operator SUM no longer exists, it has 13476been replaced by setsum; infix 'assoc' now has priority 50 (like 13477'dvd'); axiom 'one_not_zero' has been moved from axclass 'ring' to 13478'domain', this makes the theory consistent with mathematical 13479literature; 13480 13481* HOL basics: added overloaded operations "inverse" and "divide" 13482(infix "/"), syntax for generic "abs" operation, generic summation 13483operator \<Sum>; 13484 13485* HOL/typedef: simplified package, provide more useful rules (see also 13486HOL/subset.thy); 13487 13488* HOL/datatype: induction rule for arbitrarily branching datatypes is 13489now expressed as a proper nested rule (old-style tactic scripts may 13490require atomize_strip_tac to cope with non-atomic premises); 13491 13492* HOL: renamed theory "Prod" to "Product_Type", renamed "split" rule 13493to "split_conv" (old name still available for compatibility); 13494 13495* HOL: improved concrete syntax for strings (e.g. allows translation 13496rules with string literals); 13497 13498* HOL-Real-Hyperreal: this extends HOL-Real with the hyperreals 13499 and Fleuriot's mechanization of analysis, including the transcendental 13500 functions for the reals; 13501 13502* HOL/Real, HOL/Hyperreal: improved arithmetic simplification; 13503 13504 13505*** CTT *** 13506 13507* CTT: x-symbol support for Pi, Sigma, -->, : (membership); note that 13508"lam" is displayed as TWO lambda-symbols 13509 13510* CTT: theory Main now available, containing everything (that is, Bool 13511and Arith); 13512 13513 13514*** General *** 13515 13516* Pure: the Simplifier has been implemented properly as a derived rule 13517outside of the actual kernel (at last!); the overall performance 13518penalty in practical applications is about 50%, while reliability of 13519the Isabelle inference kernel has been greatly improved; 13520 13521* print modes "brackets" and "no_brackets" control output of nested => 13522(types) and ==> (props); the default behaviour is "brackets"; 13523 13524* Provers: fast_tac (and friends) now handle actual object-logic rules 13525as assumptions as well; 13526 13527* system: support Poly/ML 4.0; 13528 13529* system: isatool install handles KDE version 1 or 2; 13530 13531 13532 13533New in Isabelle99-1 (October 2000) 13534---------------------------------- 13535 13536*** Overview of INCOMPATIBILITIES *** 13537 13538* HOL: simplification of natural numbers is much changed; to partly 13539recover the old behaviour (e.g. to prevent n+n rewriting to #2*n) 13540issue the following ML commands: 13541 13542 Delsimprocs Nat_Numeral_Simprocs.cancel_numerals; 13543 Delsimprocs [Nat_Numeral_Simprocs.combine_numerals]; 13544 13545* HOL: simplification no longer dives into case-expressions; this is 13546controlled by "t.weak_case_cong" for each datatype t; 13547 13548* HOL: nat_less_induct renamed to less_induct; 13549 13550* HOL: systematic renaming of the SOME (Eps) rules, may use isatool 13551fixsome to patch .thy and .ML sources automatically; 13552 13553 select_equality -> some_equality 13554 select_eq_Ex -> some_eq_ex 13555 selectI2EX -> someI2_ex 13556 selectI2 -> someI2 13557 selectI -> someI 13558 select1_equality -> some1_equality 13559 Eps_sym_eq -> some_sym_eq_trivial 13560 Eps_eq -> some_eq_trivial 13561 13562* HOL: exhaust_tac on datatypes superceded by new generic case_tac; 13563 13564* HOL: removed obsolete theorem binding expand_if (refer to split_if 13565instead); 13566 13567* HOL: the recursion equations generated by 'recdef' are now called 13568f.simps instead of f.rules; 13569 13570* HOL: qed_spec_mp now also handles bounded ALL as well; 13571 13572* HOL: 0 is now overloaded, so the type constraint ":: nat" may 13573sometimes be needed; 13574 13575* HOL: the constant for "f``x" is now "image" rather than "op ``"; 13576 13577* HOL: the constant for "f-``x" is now "vimage" rather than "op -``"; 13578 13579* HOL: the disjoint sum is now "<+>" instead of "Plus"; the cartesian 13580product is now "<*>" instead of "Times"; the lexicographic product is 13581now "<*lex*>" instead of "**"; 13582 13583* HOL: theory Sexp is now in HOL/Induct examples (it used to be part 13584of main HOL, but was unused); better use HOL's datatype package; 13585 13586* HOL: removed "symbols" syntax for constant "override" of theory Map; 13587the old syntax may be recovered as follows: 13588 13589 syntax (symbols) 13590 override :: "('a ~=> 'b) => ('a ~=> 'b) => ('a ~=> 'b)" 13591 (infixl "\\<oplus>" 100) 13592 13593* HOL/Real: "rabs" replaced by overloaded "abs" function; 13594 13595* HOL/ML: even fewer consts are declared as global (see theories Ord, 13596Lfp, Gfp, WF); this only affects ML packages that refer to const names 13597internally; 13598 13599* HOL and ZF: syntax for quotienting wrt an equivalence relation 13600changed from A/r to A//r; 13601 13602* ZF: new treatment of arithmetic (nat & int) may break some old 13603proofs; 13604 13605* Isar: renamed some attributes (RS -> THEN, simplify -> simplified, 13606rulify -> rule_format, elimify -> elim_format, ...); 13607 13608* Isar/Provers: intro/elim/dest attributes changed; renamed 13609intro/intro!/intro!! flags to intro!/intro/intro? (in most cases, one 13610should have to change intro!! to intro? only); replaced "delrule" by 13611"rule del"; 13612 13613* Isar/HOL: renamed "intrs" to "intros" in inductive definitions; 13614 13615* Provers: strengthened force_tac by using new first_best_tac; 13616 13617* LaTeX document preparation: several changes of isabelle.sty (see 13618lib/texinputs); 13619 13620 13621*** Document preparation *** 13622 13623* formal comments (text blocks etc.) in new-style theories may now 13624contain antiquotations of thm/prop/term/typ/text to be presented 13625according to latex print mode; concrete syntax is like this: 13626@{term[show_types] "f(x) = a + x"}; 13627 13628* isatool mkdir provides easy setup of Isabelle session directories, 13629including proper document sources; 13630 13631* generated LaTeX sources are now deleted after successful run 13632(isatool document -c); may retain a copy somewhere else via -D option 13633of isatool usedir; 13634 13635* isatool usedir -D now lets isatool latex -o sty update the Isabelle 13636style files, achieving self-contained LaTeX sources and simplifying 13637LaTeX debugging; 13638 13639* old-style theories now produce (crude) LaTeX output as well; 13640 13641* browser info session directories are now self-contained (may be put 13642on WWW server seperately); improved graphs of nested sessions; removed 13643graph for 'all sessions'; 13644 13645* several improvements in isabelle style files; \isabellestyle{it} 13646produces fake math mode output; \isamarkupheader is now \section by 13647default; see lib/texinputs/isabelle.sty etc.; 13648 13649 13650*** Isar *** 13651 13652* Isar/Pure: local results and corresponding term bindings are now 13653subject to Hindley-Milner polymorphism (similar to ML); this 13654accommodates incremental type-inference very nicely; 13655 13656* Isar/Pure: new derived language element 'obtain' supports 13657generalized existence reasoning; 13658 13659* Isar/Pure: new calculational elements 'moreover' and 'ultimately' 13660support accumulation of results, without applying any rules yet; 13661useful to collect intermediate results without explicit name 13662references, and for use with transitivity rules with more than 2 13663premises; 13664 13665* Isar/Pure: scalable support for case-analysis type proofs: new 13666'case' language element refers to local contexts symbolically, as 13667produced by certain proof methods; internally, case names are attached 13668to theorems as "tags"; 13669 13670* Isar/Pure: theory command 'hide' removes declarations from 13671class/type/const name spaces; 13672 13673* Isar/Pure: theory command 'defs' supports option "(overloaded)" to 13674indicate potential overloading; 13675 13676* Isar/Pure: changed syntax of local blocks from {{ }} to { }; 13677 13678* Isar/Pure: syntax of sorts made 'inner', i.e. have to write 13679"{a,b,c}" instead of {a,b,c}; 13680 13681* Isar/Pure now provides its own version of intro/elim/dest 13682attributes; useful for building new logics, but beware of confusion 13683with the version in Provers/classical; 13684 13685* Isar/Pure: the local context of (non-atomic) goals is provided via 13686case name 'antecedent'; 13687 13688* Isar/Pure: removed obsolete 'transfer' attribute (transfer of thms 13689to the current context is now done automatically); 13690 13691* Isar/Pure: theory command 'method_setup' provides a simple interface 13692for definining proof methods in ML; 13693 13694* Isar/Provers: intro/elim/dest attributes changed; renamed 13695intro/intro!/intro!! flags to intro!/intro/intro? (INCOMPATIBILITY, in 13696most cases, one should have to change intro!! to intro? only); 13697replaced "delrule" by "rule del"; 13698 13699* Isar/Provers: new 'hypsubst' method, plain 'subst' method and 13700'symmetric' attribute (the latter supercedes [RS sym]); 13701 13702* Isar/Provers: splitter support (via 'split' attribute and 'simp' 13703method modifier); 'simp' method: 'only:' modifier removes loopers as 13704well (including splits); 13705 13706* Isar/Provers: Simplifier and Classical methods now support all kind 13707of modifiers used in the past, including 'cong', 'iff', etc. 13708 13709* Isar/Provers: added 'fastsimp' and 'clarsimp' methods (combination 13710of Simplifier and Classical reasoner); 13711 13712* Isar/HOL: new proof method 'cases' and improved version of 'induct' 13713now support named cases; major packages (inductive, datatype, primrec, 13714recdef) support case names and properly name parameters; 13715 13716* Isar/HOL: new transitivity rules for substitution in inequalities -- 13717monotonicity conditions are extracted to be proven at end of 13718calculations; 13719 13720* Isar/HOL: removed 'case_split' thm binding, should use 'cases' proof 13721method anyway; 13722 13723* Isar/HOL: removed old expand_if = split_if; theorems if_splits = 13724split_if split_if_asm; datatype package provides theorems foo.splits = 13725foo.split foo.split_asm for each datatype; 13726 13727* Isar/HOL: tuned inductive package, rename "intrs" to "intros" 13728(potential INCOMPATIBILITY), emulation of mk_cases feature for proof 13729scripts: new 'inductive_cases' command and 'ind_cases' method; (Note: 13730use "(cases (simplified))" method in proper proof texts); 13731 13732* Isar/HOL: added global 'arith_split' attribute for 'arith' method; 13733 13734* Isar: names of theorems etc. may be natural numbers as well; 13735 13736* Isar: 'pr' command: optional arguments for goals_limit and 13737ProofContext.prems_limit; no longer prints theory contexts, but only 13738proof states; 13739 13740* Isar: diagnostic commands 'pr', 'thm', 'prop', 'term', 'typ' admit 13741additional print modes to be specified; e.g. "pr(latex)" will print 13742proof state according to the Isabelle LaTeX style; 13743 13744* Isar: improved support for emulating tactic scripts, including proof 13745methods 'rule_tac' etc., 'cut_tac', 'thin_tac', 'subgoal_tac', 13746'rename_tac', 'rotate_tac', 'tactic', and 'case_tac' / 'induct_tac' 13747(for HOL datatypes); 13748 13749* Isar: simplified (more robust) goal selection of proof methods: 1st 13750goal, all goals, or explicit goal specifier (tactic emulation); thus 13751'proof method scripts' have to be in depth-first order; 13752 13753* Isar: tuned 'let' syntax: replaced 'as' keyword by 'and'; 13754 13755* Isar: removed 'help' command, which hasn't been too helpful anyway; 13756should instead use individual commands for printing items 13757(print_commands, print_methods etc.); 13758 13759* Isar: added 'nothing' --- the empty list of theorems; 13760 13761 13762*** HOL *** 13763 13764* HOL/MicroJava: formalization of a fragment of Java, together with a 13765corresponding virtual machine and a specification of its bytecode 13766verifier and a lightweight bytecode verifier, including proofs of 13767type-safety; by Gerwin Klein, Tobias Nipkow, David von Oheimb, and 13768Cornelia Pusch (see also the homepage of project Bali at 13769http://isabelle.in.tum.de/Bali/); 13770 13771* HOL/Algebra: new theory of rings and univariate polynomials, by 13772Clemens Ballarin; 13773 13774* HOL/NumberTheory: fundamental Theorem of Arithmetic, Chinese 13775Remainder Theorem, Fermat/Euler Theorem, Wilson's Theorem, by Thomas M 13776Rasmussen; 13777 13778* HOL/Lattice: fundamental concepts of lattice theory and order 13779structures, including duals, properties of bounds versus algebraic 13780laws, lattice operations versus set-theoretic ones, the Knaster-Tarski 13781Theorem for complete lattices etc.; may also serve as a demonstration 13782for abstract algebraic reasoning using axiomatic type classes, and 13783mathematics-style proof in Isabelle/Isar; by Markus Wenzel; 13784 13785* HOL/Prolog: a (bare-bones) implementation of Lambda-Prolog, by David 13786von Oheimb; 13787 13788* HOL/IMPP: extension of IMP with local variables and mutually 13789recursive procedures, by David von Oheimb; 13790 13791* HOL/Lambda: converted into new-style theory and document; 13792 13793* HOL/ex/Multiquote: example of multiple nested quotations and 13794anti-quotations -- basically a generalized version of de-Bruijn 13795representation; very useful in avoiding lifting of operations; 13796 13797* HOL/record: added general record equality rule to simpset; fixed 13798select-update simplification procedure to handle extended records as 13799well; admit "r" as field name; 13800 13801* HOL: 0 is now overloaded over the new sort "zero", allowing its use with 13802other numeric types and also as the identity of groups, rings, etc.; 13803 13804* HOL: new axclass plus_ac0 for addition with the AC-laws and 0 as identity. 13805Types nat and int belong to this axclass; 13806 13807* HOL: greatly improved simplification involving numerals of type nat, int, real: 13808 (i + #8 + j) = Suc k simplifies to #7 + (i + j) = k 13809 i*j + k + j*#3*i simplifies to #4*(i*j) + k 13810 two terms #m*u and #n*u are replaced by #(m+n)*u 13811 (where #m, #n and u can implicitly be 1; this is simproc combine_numerals) 13812 and the term/formula #m*u+x ~~ #n*u+y simplifies simplifies to #(m-n)+x ~~ y 13813 or x ~~ #(n-m)+y, where ~~ is one of = < <= or - (simproc cancel_numerals); 13814 13815* HOL: meson_tac is available (previously in ex/meson.ML); it is a 13816powerful prover for predicate logic but knows nothing of clasets; see 13817ex/mesontest.ML and ex/mesontest2.ML for example applications; 13818 13819* HOL: new version of "case_tac" subsumes both boolean case split and 13820"exhaust_tac" on datatypes; INCOMPATIBILITY: exhaust_tac no longer 13821exists, may define val exhaust_tac = case_tac for ad-hoc portability; 13822 13823* HOL: simplification no longer dives into case-expressions: only the 13824selector expression is simplified, but not the remaining arms; to 13825enable full simplification of case-expressions for datatype t, you may 13826remove t.weak_case_cong from the simpset, either globally (Delcongs 13827[thm"t.weak_case_cong"];) or locally (delcongs [...]). 13828 13829* HOL/recdef: the recursion equations generated by 'recdef' for 13830function 'f' are now called f.simps instead of f.rules; if all 13831termination conditions are proved automatically, these simplification 13832rules are added to the simpset, as in primrec; rules may be named 13833individually as well, resulting in a separate list of theorems for 13834each equation; 13835 13836* HOL/While is a new theory that provides a while-combinator. It 13837permits the definition of tail-recursive functions without the 13838provision of a termination measure. The latter is necessary once the 13839invariant proof rule for while is applied. 13840 13841* HOL: new (overloaded) notation for the set of elements below/above 13842some element: {..u}, {..u(}, {l..}, {)l..}. See theory SetInterval. 13843 13844* HOL: theorems impI, allI, ballI bound as "strip"; 13845 13846* HOL: new tactic induct_thm_tac: thm -> string -> int -> tactic 13847induct_tac th "x1 ... xn" expects th to have a conclusion of the form 13848P v1 ... vn and abbreviates res_inst_tac [("v1","x1"),...,("vn","xn")] th; 13849 13850* HOL/Real: "rabs" replaced by overloaded "abs" function; 13851 13852* HOL: theory Sexp now in HOL/Induct examples (it used to be part of 13853main HOL, but was unused); 13854 13855* HOL: fewer consts declared as global (e.g. have to refer to 13856"Lfp.lfp" instead of "lfp" internally; affects ML packages only); 13857 13858* HOL: tuned AST representation of nested pairs, avoiding bogus output 13859in case of overlap with user translations (e.g. judgements over 13860tuples); (note that the underlying logical represenation is still 13861bogus); 13862 13863 13864*** ZF *** 13865 13866* ZF: simplification automatically cancels common terms in arithmetic 13867expressions over nat and int; 13868 13869* ZF: new treatment of nat to minimize type-checking: all operators 13870coerce their operands to a natural number using the function natify, 13871making the algebraic laws unconditional; 13872 13873* ZF: as above, for int: operators coerce their operands to an integer 13874using the function intify; 13875 13876* ZF: the integer library now contains many of the usual laws for the 13877orderings, including $<=, and monotonicity laws for $+ and $*; 13878 13879* ZF: new example ZF/ex/NatSum to demonstrate integer arithmetic 13880simplification; 13881 13882* FOL and ZF: AddIffs now available, giving theorems of the form P<->Q 13883to the simplifier and classical reasoner simultaneously; 13884 13885 13886*** General *** 13887 13888* Provers: blast_tac now handles actual object-logic rules as 13889assumptions; note that auto_tac uses blast_tac internally as well; 13890 13891* Provers: new functions rulify/rulify_no_asm: thm -> thm for turning 13892outer -->/All/Ball into ==>/!!; qed_spec_mp now uses rulify_no_asm; 13893 13894* Provers: delrules now handles destruct rules as well (no longer need 13895explicit make_elim); 13896 13897* Provers: Blast_tac now warns of and ignores "weak elimination rules" e.g. 13898 [| inj ?f; ?f ?x = ?f ?y; ?x = ?y ==> ?W |] ==> ?W 13899use instead the strong form, 13900 [| inj ?f; ~ ?W ==> ?f ?x = ?f ?y; ?x = ?y ==> ?W |] ==> ?W 13901in HOL, FOL and ZF the function cla_make_elim will create such rules 13902from destruct-rules; 13903 13904* Provers: Simplifier.easy_setup provides a fast path to basic 13905Simplifier setup for new object-logics; 13906 13907* Pure: AST translation rules no longer require constant head on LHS; 13908 13909* Pure: improved name spaces: ambiguous output is qualified; support 13910for hiding of names; 13911 13912* system: smart setup of canonical ML_HOME, ISABELLE_INTERFACE, and 13913XSYMBOL_HOME; no longer need to do manual configuration in most 13914situations; 13915 13916* system: compression of ML heaps images may now be controlled via -c 13917option of isabelle and isatool usedir (currently only observed by 13918Poly/ML); 13919 13920* system: isatool installfonts may handle X-Symbol fonts as well (very 13921useful for remote X11); 13922 13923* system: provide TAGS file for Isabelle sources; 13924 13925* ML: infix 'OF' is a version of 'MRS' with more appropriate argument 13926order; 13927 13928* ML: renamed flags Syntax.trace_norm_ast to Syntax.trace_ast; global 13929timing flag supersedes proof_timing and Toplevel.trace; 13930 13931* ML: new combinators |>> and |>>> for incremental transformations 13932with secondary results (e.g. certain theory extensions): 13933 13934* ML: PureThy.add_defs gets additional argument to indicate potential 13935overloading (usually false); 13936 13937* ML: PureThy.add_thms/add_axioms/add_defs now return theorems as 13938results; 13939 13940 13941 13942New in Isabelle99 (October 1999) 13943-------------------------------- 13944 13945*** Overview of INCOMPATIBILITIES (see below for more details) *** 13946 13947* HOL: The THEN and ELSE parts of conditional expressions (if P then x else y) 13948are no longer simplified. (This allows the simplifier to unfold recursive 13949functional programs.) To restore the old behaviour, declare 13950 13951 Delcongs [if_weak_cong]; 13952 13953* HOL: Removed the obsolete syntax "Compl A"; use -A for set 13954complement; 13955 13956* HOL: the predicate "inj" is now defined by translation to "inj_on"; 13957 13958* HOL/datatype: mutual_induct_tac no longer exists -- 13959 use induct_tac "x_1 ... x_n" instead of mutual_induct_tac ["x_1", ..., "x_n"] 13960 13961* HOL/typedef: fixed type inference for representing set; type 13962arguments now have to occur explicitly on the rhs as type constraints; 13963 13964* ZF: The con_defs part of an inductive definition may no longer refer 13965to constants declared in the same theory; 13966 13967* HOL, ZF: the function mk_cases, generated by the inductive 13968definition package, has lost an argument. To simplify its result, it 13969uses the default simpset instead of a supplied list of theorems. 13970 13971* HOL/List: the constructors of type list are now Nil and Cons; 13972 13973* Simplifier: the type of the infix ML functions 13974 setSSolver addSSolver setSolver addSolver 13975is now simpset * solver -> simpset where `solver' is a new abstract type 13976for packaging solvers. A solver is created via 13977 mk_solver: string -> (thm list -> int -> tactic) -> solver 13978where the string argument is only a comment. 13979 13980 13981*** Proof tools *** 13982 13983* Provers/Arith/fast_lin_arith.ML contains a functor for creating a 13984decision procedure for linear arithmetic. Currently it is used for 13985types `nat', `int', and `real' in HOL (see below); it can, should and 13986will be instantiated for other types and logics as well. 13987 13988* The simplifier now accepts rewrite rules with flexible heads, eg 13989 hom ?f ==> ?f(?x+?y) = ?f ?x + ?f ?y 13990 They are applied like any rule with a non-pattern lhs, i.e. by first-order 13991 matching. 13992 13993 13994*** General *** 13995 13996* New Isabelle/Isar subsystem provides an alternative to traditional 13997tactical theorem proving; together with the ProofGeneral/isar user 13998interface it offers an interactive environment for developing human 13999readable proof documents (Isar == Intelligible semi-automated 14000reasoning); for further information see isatool doc isar-ref, 14001src/HOL/Isar_examples and http://isabelle.in.tum.de/Isar/ 14002 14003* improved and simplified presentation of theories: better HTML markup 14004(including colors), graph views in several sizes; isatool usedir now 14005provides a proper interface for user theories (via -P option); actual 14006document preparation based on (PDF)LaTeX is available as well (for 14007new-style theories only); see isatool doc system for more information; 14008 14009* native support for Proof General, both for classic Isabelle and 14010Isabelle/Isar; 14011 14012* ML function thm_deps visualizes dependencies of theorems and lemmas, 14013using the graph browser tool; 14014 14015* Isabelle manuals now also available as PDF; 14016 14017* theory loader rewritten from scratch (may not be fully 14018bug-compatible); old loadpath variable has been replaced by show_path, 14019add_path, del_path, reset_path functions; new operations such as 14020update_thy, touch_thy, remove_thy, use/update_thy_only (see also 14021isatool doc ref); 14022 14023* improved isatool install: option -k creates KDE application icon, 14024option -p DIR installs standalone binaries; 14025 14026* added ML_PLATFORM setting (useful for cross-platform installations); 14027more robust handling of platform specific ML images for SML/NJ; 14028 14029* the settings environment is now statically scoped, i.e. it is never 14030created again in sub-processes invoked from isabelle, isatool, or 14031Isabelle; 14032 14033* path element specification '~~' refers to '$ISABELLE_HOME'; 14034 14035* in locales, the "assumes" and "defines" parts may be omitted if 14036empty; 14037 14038* new print_mode "xsymbols" for extended symbol support (e.g. genuine 14039long arrows); 14040 14041* new print_mode "HTML"; 14042 14043* new flag show_tags controls display of tags of theorems (which are 14044basically just comments that may be attached by some tools); 14045 14046* Isamode 2.6 requires patch to accomodate change of Isabelle font 14047mode and goal output format: 14048 14049diff -r Isamode-2.6/elisp/isa-load.el Isamode/elisp/isa-load.el 14050244c244 14051< (list (isa-getenv "ISABELLE") "-msymbols" logic-name) 14052--- 14053> (list (isa-getenv "ISABELLE") "-misabelle_font" "-msymbols" logic-name) 14054diff -r Isabelle-2.6/elisp/isa-proofstate.el Isamode/elisp/isa-proofstate.el 14055181c181 14056< (defconst proofstate-proofstart-regexp "^Level [0-9]+$" 14057--- 14058> (defconst proofstate-proofstart-regexp "^Level [0-9]+" 14059 14060* function bind_thms stores lists of theorems (cf. bind_thm); 14061 14062* new shorthand tactics ftac, eatac, datac, fatac; 14063 14064* qed (and friends) now accept "" as result name; in that case the 14065theorem is not stored, but proper checks and presentation of the 14066result still apply; 14067 14068* theorem database now also indexes constants "Trueprop", "all", 14069"==>", "=="; thus thms_containing, findI etc. may retrieve more rules; 14070 14071 14072*** HOL *** 14073 14074** HOL arithmetic ** 14075 14076* There are now decision procedures for linear arithmetic over nat and 14077int: 14078 140791. arith_tac copes with arbitrary formulae involving `=', `<', `<=', 14080`+', `-', `Suc', `min', `max' and numerical constants; other subterms 14081are treated as atomic; subformulae not involving type `nat' or `int' 14082are ignored; quantified subformulae are ignored unless they are 14083positive universal or negative existential. The tactic has to be 14084invoked by hand and can be a little bit slow. In particular, the 14085running time is exponential in the number of occurrences of `min' and 14086`max', and `-' on `nat'. 14087 140882. fast_arith_tac is a cut-down version of arith_tac: it only takes 14089(negated) (in)equalities among the premises and the conclusion into 14090account (i.e. no compound formulae) and does not know about `min' and 14091`max', and `-' on `nat'. It is fast and is used automatically by the 14092simplifier. 14093 14094NB: At the moment, these decision procedures do not cope with mixed 14095nat/int formulae where the two parts interact, such as `m < n ==> 14096int(m) < int(n)'. 14097 14098* HOL/Numeral provides a generic theory of numerals (encoded 14099efficiently as bit strings); setup for types nat/int/real is in place; 14100INCOMPATIBILITY: since numeral syntax is now polymorphic, rather than 14101int, existing theories and proof scripts may require a few additional 14102type constraints; 14103 14104* integer division and remainder can now be performed on constant 14105arguments; 14106 14107* many properties of integer multiplication, division and remainder 14108are now available; 14109 14110* An interface to the Stanford Validity Checker (SVC) is available through the 14111tactic svc_tac. Propositional tautologies and theorems of linear arithmetic 14112are proved automatically. SVC must be installed separately, and its results 14113must be TAKEN ON TRUST (Isabelle does not check the proofs, but tags any 14114invocation of the underlying oracle). For SVC see 14115 http://verify.stanford.edu/SVC 14116 14117* IsaMakefile: the HOL-Real target now builds an actual image; 14118 14119 14120** HOL misc ** 14121 14122* HOL/Real/HahnBanach: the Hahn-Banach theorem for real vector spaces 14123(in Isabelle/Isar) -- by Gertrud Bauer; 14124 14125* HOL/BCV: generic model of bytecode verification, i.e. data-flow 14126analysis for assembly languages with subtypes; 14127 14128* HOL/TLA (Lamport's Temporal Logic of Actions): major reorganization 14129-- avoids syntactic ambiguities and treats state, transition, and 14130temporal levels more uniformly; introduces INCOMPATIBILITIES due to 14131changed syntax and (many) tactics; 14132 14133* HOL/inductive: Now also handles more general introduction rules such 14134 as "ALL y. (y, x) : r --> y : acc r ==> x : acc r"; monotonicity 14135 theorems are now maintained within the theory (maintained via the 14136 "mono" attribute); 14137 14138* HOL/datatype: Now also handles arbitrarily branching datatypes 14139 (using function types) such as 14140 14141 datatype 'a tree = Atom 'a | Branch "nat => 'a tree" 14142 14143* HOL/record: record_simproc (part of the default simpset) takes care 14144of selectors applied to updated records; record_split_tac is no longer 14145part of the default claset; update_defs may now be removed from the 14146simpset in many cases; COMPATIBILITY: old behavior achieved by 14147 14148 claset_ref () := claset() addSWrapper record_split_wrapper; 14149 Delsimprocs [record_simproc] 14150 14151* HOL/typedef: fixed type inference for representing set; type 14152arguments now have to occur explicitly on the rhs as type constraints; 14153 14154* HOL/recdef (TFL): 'congs' syntax now expects comma separated list of theorem 14155names rather than an ML expression; 14156 14157* HOL/defer_recdef (TFL): like recdef but the well-founded relation can be 14158supplied later. Program schemes can be defined, such as 14159 "While B C s = (if B s then While B C (C s) else s)" 14160where the well-founded relation can be chosen after B and C have been given. 14161 14162* HOL/List: the constructors of type list are now Nil and Cons; 14163INCOMPATIBILITY: while [] and infix # syntax is still there, of 14164course, ML tools referring to List.list.op # etc. have to be adapted; 14165 14166* HOL_quantifiers flag superseded by "HOL" print mode, which is 14167disabled by default; run isabelle with option -m HOL to get back to 14168the original Gordon/HOL-style output; 14169 14170* HOL/Ord.thy: new bounded quantifier syntax (input only): ALL x<y. P, 14171ALL x<=y. P, EX x<y. P, EX x<=y. P; 14172 14173* HOL basic syntax simplified (more orthogonal): all variants of 14174All/Ex now support plain / symbolic / HOL notation; plain syntax for 14175Eps operator is provided as well: "SOME x. P[x]"; 14176 14177* HOL/Sum.thy: sum_case has been moved to HOL/Datatype; 14178 14179* HOL/Univ.thy: infix syntax <*>, <+>, <**>, <+> eliminated and made 14180thus available for user theories; 14181 14182* HOLCF/IOA/Sequents: renamed 'Cons' to 'Consq' to avoid clash with 14183HOL/List; hardly an INCOMPATIBILITY since '>>' syntax is used all the 14184time; 14185 14186* HOL: new tactic smp_tac: int -> int -> tactic, which applies spec 14187several times and then mp; 14188 14189 14190*** LK *** 14191 14192* the notation <<...>> is now available as a notation for sequences of 14193formulas; 14194 14195* the simplifier is now installed 14196 14197* the axiom system has been generalized (thanks to Soren Heilmann) 14198 14199* the classical reasoner now has a default rule database 14200 14201 14202*** ZF *** 14203 14204* new primrec section allows primitive recursive functions to be given 14205directly (as in HOL) over datatypes and the natural numbers; 14206 14207* new tactics induct_tac and exhaust_tac for induction (or case 14208analysis) over datatypes and the natural numbers; 14209 14210* the datatype declaration of type T now defines the recursor T_rec; 14211 14212* simplification automatically does freeness reasoning for datatype 14213constructors; 14214 14215* automatic type-inference, with AddTCs command to insert new 14216type-checking rules; 14217 14218* datatype introduction rules are now added as Safe Introduction rules 14219to the claset; 14220 14221* the syntax "if P then x else y" is now available in addition to 14222if(P,x,y); 14223 14224 14225*** Internal programming interfaces *** 14226 14227* tuned simplifier trace output; new flag debug_simp; 14228 14229* structures Vartab / Termtab (instances of TableFun) offer efficient 14230tables indexed by indexname_ord / term_ord (compatible with aconv); 14231 14232* AxClass.axclass_tac lost the theory argument; 14233 14234* tuned current_goals_markers semantics: begin / end goal avoids 14235printing empty lines; 14236 14237* removed prs and prs_fn hook, which was broken because it did not 14238include \n in its semantics, forcing writeln to add one 14239uncoditionally; replaced prs_fn by writeln_fn; consider std_output: 14240string -> unit if you really want to output text without newline; 14241 14242* Symbol.output subject to print mode; INCOMPATIBILITY: defaults to 14243plain output, interface builders may have to enable 'isabelle_font' 14244mode to get Isabelle font glyphs as before; 14245 14246* refined token_translation interface; INCOMPATIBILITY: output length 14247now of type real instead of int; 14248 14249* theory loader actions may be traced via new ThyInfo.add_hook 14250interface (see src/Pure/Thy/thy_info.ML); example application: keep 14251your own database of information attached to *whole* theories -- as 14252opposed to intra-theory data slots offered via TheoryDataFun; 14253 14254* proper handling of dangling sort hypotheses (at last!); 14255Thm.strip_shyps and Drule.strip_shyps_warning take care of removing 14256extra sort hypotheses that can be witnessed from the type signature; 14257the force_strip_shyps flag is gone, any remaining shyps are simply 14258left in the theorem (with a warning issued by strip_shyps_warning); 14259 14260 14261 14262New in Isabelle98-1 (October 1998) 14263---------------------------------- 14264 14265*** Overview of INCOMPATIBILITIES (see below for more details) *** 14266 14267* several changes of automated proof tools; 14268 14269* HOL: major changes to the inductive and datatype packages, including 14270some minor incompatibilities of theory syntax; 14271 14272* HOL: renamed r^-1 to 'converse' from 'inverse'; 'inj_onto' is now 14273called `inj_on'; 14274 14275* HOL: removed duplicate thms in Arith: 14276 less_imp_add_less should be replaced by trans_less_add1 14277 le_imp_add_le should be replaced by trans_le_add1 14278 14279* HOL: unary minus is now overloaded (new type constraints may be 14280required); 14281 14282* HOL and ZF: unary minus for integers is now #- instead of #~. In 14283ZF, expressions such as n#-1 must be changed to n#- 1, since #-1 is 14284now taken as an integer constant. 14285 14286* Pure: ML function 'theory_of' renamed to 'theory'; 14287 14288 14289*** Proof tools *** 14290 14291* Simplifier: 14292 1. Asm_full_simp_tac is now more aggressive. 14293 1. It will sometimes reorient premises if that increases their power to 14294 simplify. 14295 2. It does no longer proceed strictly from left to right but may also 14296 rotate premises to achieve further simplification. 14297 For compatibility reasons there is now Asm_lr_simp_tac which is like the 14298 old Asm_full_simp_tac in that it does not rotate premises. 14299 2. The simplifier now knows a little bit about nat-arithmetic. 14300 14301* Classical reasoner: wrapper mechanism for the classical reasoner now 14302allows for selected deletion of wrappers, by introduction of names for 14303wrapper functionals. This implies that addbefore, addSbefore, 14304addaltern, and addSaltern now take a pair (name, tactic) as argument, 14305and that adding two tactics with the same name overwrites the first 14306one (emitting a warning). 14307 type wrapper = (int -> tactic) -> (int -> tactic) 14308 setWrapper, setSWrapper, compWrapper and compSWrapper are replaced by 14309 addWrapper, addSWrapper: claset * (string * wrapper) -> claset 14310 delWrapper, delSWrapper: claset * string -> claset 14311 getWrapper is renamed to appWrappers, getSWrapper to appSWrappers; 14312 14313* Classical reasoner: addbefore/addSbefore now have APPEND/ORELSE 14314semantics; addbefore now affects only the unsafe part of step_tac 14315etc.; this affects addss/auto_tac/force_tac, so EXISTING PROOFS MAY 14316FAIL, but proofs should be fixable easily, e.g. by replacing Auto_tac 14317by Force_tac; 14318 14319* Classical reasoner: setwrapper to setWrapper and compwrapper to 14320compWrapper; added safe wrapper (and access functions for it); 14321 14322* HOL/split_all_tac is now much faster and fails if there is nothing 14323to split. Some EXISTING PROOFS MAY REQUIRE ADAPTION because the order 14324and the names of the automatically generated variables have changed. 14325split_all_tac has moved within claset() from unsafe wrappers to safe 14326wrappers, which means that !!-bound variables are split much more 14327aggressively, and safe_tac and clarify_tac now split such variables. 14328If this splitting is not appropriate, use delSWrapper "split_all_tac". 14329Note: the same holds for record_split_tac, which does the job of 14330split_all_tac for record fields. 14331 14332* HOL/Simplifier: Rewrite rules for case distinctions can now be added 14333permanently to the default simpset using Addsplits just like 14334Addsimps. They can be removed via Delsplits just like 14335Delsimps. Lower-case versions are also available. 14336 14337* HOL/Simplifier: The rule split_if is now part of the default 14338simpset. This means that the simplifier will eliminate all occurrences 14339of if-then-else in the conclusion of a goal. To prevent this, you can 14340either remove split_if completely from the default simpset by 14341`Delsplits [split_if]' or remove it in a specific call of the 14342simplifier using `... delsplits [split_if]'. You can also add/delete 14343other case splitting rules to/from the default simpset: every datatype 14344generates suitable rules `split_t_case' and `split_t_case_asm' (where 14345t is the name of the datatype). 14346 14347* Classical reasoner / Simplifier combination: new force_tac (and 14348derivatives Force_tac, force) combines rewriting and classical 14349reasoning (and whatever other tools) similarly to auto_tac, but is 14350aimed to solve the given subgoal completely. 14351 14352 14353*** General *** 14354 14355* new top-level commands `Goal' and `Goalw' that improve upon `goal' 14356and `goalw': the theory is no longer needed as an explicit argument - 14357the current theory context is used; assumptions are no longer returned 14358at the ML-level unless one of them starts with ==> or !!; it is 14359recommended to convert to these new commands using isatool fixgoal 14360(backup your sources first!); 14361 14362* new top-level commands 'thm' and 'thms' for retrieving theorems from 14363the current theory context, and 'theory' to lookup stored theories; 14364 14365* new theory section 'locale' for declaring constants, assumptions and 14366definitions that have local scope; 14367 14368* new theory section 'nonterminals' for purely syntactic types; 14369 14370* new theory section 'setup' for generic ML setup functions 14371(e.g. package initialization); 14372 14373* the distribution now includes Isabelle icons: see 14374lib/logo/isabelle-{small,tiny}.xpm; 14375 14376* isatool install - install binaries with absolute references to 14377ISABELLE_HOME/bin; 14378 14379* isatool logo -- create instances of the Isabelle logo (as EPS); 14380 14381* print mode 'emacs' reserved for Isamode; 14382 14383* support multiple print (ast) translations per constant name; 14384 14385* theorems involving oracles are now printed with a suffixed [!]; 14386 14387 14388*** HOL *** 14389 14390* there is now a tutorial on Isabelle/HOL (do 'isatool doc tutorial'); 14391 14392* HOL/inductive package reorganized and improved: now supports mutual 14393definitions such as 14394 14395 inductive EVEN ODD 14396 intrs 14397 null "0 : EVEN" 14398 oddI "n : EVEN ==> Suc n : ODD" 14399 evenI "n : ODD ==> Suc n : EVEN" 14400 14401new theorem list "elims" contains an elimination rule for each of the 14402recursive sets; inductive definitions now handle disjunctive premises 14403correctly (also ZF); 14404 14405INCOMPATIBILITIES: requires Inductive as an ancestor; component 14406"mutual_induct" no longer exists - the induction rule is always 14407contained in "induct"; 14408 14409 14410* HOL/datatype package re-implemented and greatly improved: now 14411supports mutually recursive datatypes such as 14412 14413 datatype 14414 'a aexp = IF_THEN_ELSE ('a bexp) ('a aexp) ('a aexp) 14415 | SUM ('a aexp) ('a aexp) 14416 | DIFF ('a aexp) ('a aexp) 14417 | NUM 'a 14418 and 14419 'a bexp = LESS ('a aexp) ('a aexp) 14420 | AND ('a bexp) ('a bexp) 14421 | OR ('a bexp) ('a bexp) 14422 14423as well as indirectly recursive datatypes such as 14424 14425 datatype 14426 ('a, 'b) term = Var 'a 14427 | App 'b ((('a, 'b) term) list) 14428 14429The new tactic mutual_induct_tac [<var_1>, ..., <var_n>] i performs 14430induction on mutually / indirectly recursive datatypes. 14431 14432Primrec equations are now stored in theory and can be accessed via 14433<function_name>.simps. 14434 14435INCOMPATIBILITIES: 14436 14437 - Theories using datatypes must now have theory Datatype as an 14438 ancestor. 14439 - The specific <typename>.induct_tac no longer exists - use the 14440 generic induct_tac instead. 14441 - natE has been renamed to nat.exhaust - use exhaust_tac 14442 instead of res_inst_tac ... natE. Note that the variable 14443 names in nat.exhaust differ from the names in natE, this 14444 may cause some "fragile" proofs to fail. 14445 - The theorems split_<typename>_case and split_<typename>_case_asm 14446 have been renamed to <typename>.split and <typename>.split_asm. 14447 - Since default sorts of type variables are now handled correctly, 14448 some datatype definitions may have to be annotated with explicit 14449 sort constraints. 14450 - Primrec definitions no longer require function name and type 14451 of recursive argument. 14452 14453Consider using isatool fixdatatype to adapt your theories and proof 14454scripts to the new package (backup your sources first!). 14455 14456 14457* HOL/record package: considerably improved implementation; now 14458includes concrete syntax for record types, terms, updates; theorems 14459for surjective pairing and splitting !!-bound record variables; proof 14460support is as follows: 14461 14462 1) standard conversions (selectors or updates applied to record 14463constructor terms) are part of the standard simpset; 14464 14465 2) inject equations of the form ((x, y) = (x', y')) == x=x' & y=y' are 14466made part of standard simpset and claset via addIffs; 14467 14468 3) a tactic for record field splitting (record_split_tac) is part of 14469the standard claset (addSWrapper); 14470 14471To get a better idea about these rules you may retrieve them via 14472something like 'thms "foo.simps"' or 'thms "foo.iffs"', where "foo" is 14473the name of your record type. 14474 14475The split tactic 3) conceptually simplifies by the following rule: 14476 14477 "(!!x. PROP ?P x) == (!!a b. PROP ?P (a, b))" 14478 14479Thus any record variable that is bound by meta-all will automatically 14480blow up into some record constructor term, consequently the 14481simplifications of 1), 2) apply. Thus force_tac, auto_tac etc. shall 14482solve record problems automatically. 14483 14484 14485* reorganized the main HOL image: HOL/Integ and String loaded by 14486default; theory Main includes everything; 14487 14488* automatic simplification of integer sums and comparisons, using cancellation; 14489 14490* added option_map_eq_Some and not_Some_eq to the default simpset and claset; 14491 14492* added disj_not1 = "(~P | Q) = (P --> Q)" to the default simpset; 14493 14494* many new identities for unions, intersections, set difference, etc.; 14495 14496* expand_if, expand_split, expand_sum_case and expand_nat_case are now 14497called split_if, split_split, split_sum_case and split_nat_case (to go 14498with add/delsplits); 14499 14500* HOL/Prod introduces simplification procedure unit_eq_proc rewriting 14501(?x::unit) = (); this is made part of the default simpset, which COULD 14502MAKE EXISTING PROOFS FAIL under rare circumstances (consider 14503'Delsimprocs [unit_eq_proc];' as last resort); also note that 14504unit_abs_eta_conv is added in order to counter the effect of 14505unit_eq_proc on (%u::unit. f u), replacing it by f rather than by 14506%u.f(); 14507 14508* HOL/Fun INCOMPATIBILITY: `inj_onto' is now called `inj_on' (which 14509makes more sense); 14510 14511* HOL/Set INCOMPATIBILITY: rule `equals0D' is now a well-formed destruct rule; 14512 It and 'sym RS equals0D' are now in the default claset, giving automatic 14513 disjointness reasoning but breaking a few old proofs. 14514 14515* HOL/Relation INCOMPATIBILITY: renamed the relational operator r^-1 14516to 'converse' from 'inverse' (for compatibility with ZF and some 14517literature); 14518 14519* HOL/recdef can now declare non-recursive functions, with {} supplied as 14520the well-founded relation; 14521 14522* HOL/Set INCOMPATIBILITY: the complement of set A is now written -A instead of 14523 Compl A. The "Compl" syntax remains available as input syntax for this 14524 release ONLY. 14525 14526* HOL/Update: new theory of function updates: 14527 f(a:=b) == %x. if x=a then b else f x 14528may also be iterated as in f(a:=b,c:=d,...); 14529 14530* HOL/Vimage: new theory for inverse image of a function, syntax f-``B; 14531 14532* HOL/List: 14533 - new function list_update written xs[i:=v] that updates the i-th 14534 list position. May also be iterated as in xs[i:=a,j:=b,...]. 14535 - new function `upt' written [i..j(] which generates the list 14536 [i,i+1,...,j-1], i.e. the upper bound is excluded. To include the upper 14537 bound write [i..j], which is a shorthand for [i..j+1(]. 14538 - new lexicographic orderings and corresponding wellfoundedness theorems. 14539 14540* HOL/Arith: 14541 - removed 'pred' (predecessor) function; 14542 - generalized some theorems about n-1; 14543 - many new laws about "div" and "mod"; 14544 - new laws about greatest common divisors (see theory ex/Primes); 14545 14546* HOL/Relation: renamed the relational operator r^-1 "converse" 14547instead of "inverse"; 14548 14549* HOL/Induct/Multiset: a theory of multisets, including the wellfoundedness 14550 of the multiset ordering; 14551 14552* directory HOL/Real: a construction of the reals using Dedekind cuts 14553 (not included by default); 14554 14555* directory HOL/UNITY: Chandy and Misra's UNITY formalism; 14556 14557* directory HOL/Hoare: a new version of Hoare logic which permits many-sorted 14558 programs, i.e. different program variables may have different types. 14559 14560* calling (stac rew i) now fails if "rew" has no effect on the goal 14561 [previously, this check worked only if the rewrite rule was unconditional] 14562 Now rew can involve either definitions or equalities (either == or =). 14563 14564 14565*** ZF *** 14566 14567* theory Main includes everything; INCOMPATIBILITY: theory ZF.thy contains 14568 only the theorems proved on ZF.ML; 14569 14570* ZF INCOMPATIBILITY: rule `equals0D' is now a well-formed destruct rule; 14571 It and 'sym RS equals0D' are now in the default claset, giving automatic 14572 disjointness reasoning but breaking a few old proofs. 14573 14574* ZF/Update: new theory of function updates 14575 with default rewrite rule f(x:=y) ` z = if(z=x, y, f`z) 14576 may also be iterated as in f(a:=b,c:=d,...); 14577 14578* in let x=t in u(x), neither t nor u(x) has to be an FOL term. 14579 14580* calling (stac rew i) now fails if "rew" has no effect on the goal 14581 [previously, this check worked only if the rewrite rule was unconditional] 14582 Now rew can involve either definitions or equalities (either == or =). 14583 14584* case_tac provided for compatibility with HOL 14585 (like the old excluded_middle_tac, but with subgoals swapped) 14586 14587 14588*** Internal programming interfaces *** 14589 14590* Pure: several new basic modules made available for general use, see 14591also src/Pure/README; 14592 14593* improved the theory data mechanism to support encapsulation (data 14594kind name replaced by private Object.kind, acting as authorization 14595key); new type-safe user interface via functor TheoryDataFun; generic 14596print_data function becomes basically useless; 14597 14598* removed global_names compatibility flag -- all theory declarations 14599are qualified by default; 14600 14601* module Pure/Syntax now offers quote / antiquote translation 14602functions (useful for Hoare logic etc. with implicit dependencies); 14603see HOL/ex/Antiquote for an example use; 14604 14605* Simplifier now offers conversions (asm_)(full_)rewrite: simpset -> 14606cterm -> thm; 14607 14608* new tactical CHANGED_GOAL for checking that a tactic modifies a 14609subgoal; 14610 14611* Display.print_goals function moved to Locale.print_goals; 14612 14613* standard print function for goals supports current_goals_markers 14614variable for marking begin of proof, end of proof, start of goal; the 14615default is ("", "", ""); setting current_goals_markers := ("<proof>", 14616"</proof>", "<goal>") causes SGML like tagged proof state printing, 14617for example; 14618 14619 14620 14621New in Isabelle98 (January 1998) 14622-------------------------------- 14623 14624*** Overview of INCOMPATIBILITIES (see below for more details) *** 14625 14626* changed lexical syntax of terms / types: dots made part of long 14627identifiers, e.g. "%x.x" no longer possible, should be "%x. x"; 14628 14629* simpset (and claset) reference variable replaced by functions 14630simpset / simpset_ref; 14631 14632* no longer supports theory aliases (via merge) and non-trivial 14633implicit merge of thms' signatures; 14634 14635* most internal names of constants changed due to qualified names; 14636 14637* changed Pure/Sequence interface (see Pure/seq.ML); 14638 14639 14640*** General Changes *** 14641 14642* hierachically structured name spaces (for consts, types, axms, thms 14643etc.); new lexical class 'longid' (e.g. Foo.bar.x) may render much of 14644old input syntactically incorrect (e.g. "%x.x"); COMPATIBILITY: 14645isatool fixdots ensures space after dots (e.g. "%x. x"); set 14646long_names for fully qualified output names; NOTE: ML programs 14647(special tactics, packages etc.) referring to internal names may have 14648to be adapted to cope with fully qualified names; in case of severe 14649backward campatibility problems try setting 'global_names' at compile 14650time to have enrything declared within a flat name space; one may also 14651fine tune name declarations in theories via the 'global' and 'local' 14652section; 14653 14654* reimplemented the implicit simpset and claset using the new anytype 14655data filed in signatures; references simpset:simpset ref etc. are 14656replaced by functions simpset:unit->simpset and 14657simpset_ref:unit->simpset ref; COMPATIBILITY: use isatool fixclasimp 14658to patch your ML files accordingly; 14659 14660* HTML output now includes theory graph data for display with Java 14661applet or isatool browser; data generated automatically via isatool 14662usedir (see -i option, ISABELLE_USEDIR_OPTIONS); 14663 14664* defs may now be conditional; improved rewrite_goals_tac to handle 14665conditional equations; 14666 14667* defs now admits additional type arguments, using TYPE('a) syntax; 14668 14669* theory aliases via merge (e.g. M=A+B+C) no longer supported, always 14670creates a new theory node; implicit merge of thms' signatures is 14671restricted to 'trivial' ones; COMPATIBILITY: one may have to use 14672transfer:theory->thm->thm in (rare) cases; 14673 14674* improved handling of draft signatures / theories; draft thms (and 14675ctyps, cterms) are automatically promoted to real ones; 14676 14677* slightly changed interfaces for oracles: admit many per theory, named 14678(e.g. oracle foo = mlfun), additional name argument for invoke_oracle; 14679 14680* print_goals: optional output of const types (set show_consts and 14681show_types); 14682 14683* improved output of warnings (###) and errors (***); 14684 14685* subgoal_tac displays a warning if the new subgoal has type variables; 14686 14687* removed old README and Makefiles; 14688 14689* replaced print_goals_ref hook by print_current_goals_fn and result_error_fn; 14690 14691* removed obsolete init_pps and init_database; 14692 14693* deleted the obsolete tactical STATE, which was declared by 14694 fun STATE tacfun st = tacfun st st; 14695 14696* cd and use now support path variables, e.g. $ISABELLE_HOME, or ~ 14697(which abbreviates $HOME); 14698 14699* changed Pure/Sequence interface (see Pure/seq.ML); COMPATIBILITY: 14700use isatool fixseq to adapt your ML programs (this works for fully 14701qualified references to the Sequence structure only!); 14702 14703* use_thy no longer requires writable current directory; it always 14704reloads .ML *and* .thy file, if either one is out of date; 14705 14706 14707*** Classical Reasoner *** 14708 14709* Clarify_tac, clarify_tac, clarify_step_tac, Clarify_step_tac: new 14710tactics that use classical reasoning to simplify a subgoal without 14711splitting it into several subgoals; 14712 14713* Safe_tac: like safe_tac but uses the default claset; 14714 14715 14716*** Simplifier *** 14717 14718* added simplification meta rules: 14719 (asm_)(full_)simplify: simpset -> thm -> thm; 14720 14721* simplifier.ML no longer part of Pure -- has to be loaded by object 14722logics (again); 14723 14724* added prems argument to simplification procedures; 14725 14726* HOL, FOL, ZF: added infix function `addsplits': 14727 instead of `<simpset> setloop (split_tac <thms>)' 14728 you can simply write `<simpset> addsplits <thms>' 14729 14730 14731*** Syntax *** 14732 14733* TYPE('a) syntax for type reflection terms; 14734 14735* no longer handles consts with name "" -- declare as 'syntax' instead; 14736 14737* pretty printer: changed order of mixfix annotation preference (again!); 14738 14739* Pure: fixed idt/idts vs. pttrn/pttrns syntactic categories; 14740 14741 14742*** HOL *** 14743 14744* HOL: there is a new splitter `split_asm_tac' that can be used e.g. 14745 with `addloop' of the simplifier to faciliate case splitting in premises. 14746 14747* HOL/TLA: Stephan Merz's formalization of Lamport's Temporal Logic of Actions; 14748 14749* HOL/Auth: new protocol proofs including some for the Internet 14750 protocol TLS; 14751 14752* HOL/Map: new theory of `maps' a la VDM; 14753 14754* HOL/simplifier: simplification procedures nat_cancel_sums for 14755cancelling out common nat summands from =, <, <= (in)equalities, or 14756differences; simplification procedures nat_cancel_factor for 14757cancelling common factor from =, <, <= (in)equalities over natural 14758sums; nat_cancel contains both kinds of procedures, it is installed by 14759default in Arith.thy -- this COULD MAKE EXISTING PROOFS FAIL; 14760 14761* HOL/simplifier: terms of the form 14762 `? x. P1(x) & ... & Pn(x) & x=t & Q1(x) & ... Qn(x)' (or t=x) 14763 are rewritten to 14764 `P1(t) & ... & Pn(t) & Q1(t) & ... Qn(t)', 14765 and those of the form 14766 `! x. P1(x) & ... & Pn(x) & x=t & Q1(x) & ... Qn(x) --> R(x)' (or t=x) 14767 are rewritten to 14768 `P1(t) & ... & Pn(t) & Q1(t) & ... Qn(t) --> R(t)', 14769 14770* HOL/datatype 14771 Each datatype `t' now comes with a theorem `split_t_case' of the form 14772 14773 P(t_case f1 ... fn x) = 14774 ( (!y1 ... ym1. x = C1 y1 ... ym1 --> P(f1 y1 ... ym1)) & 14775 ... 14776 (!y1 ... ymn. x = Cn y1 ... ymn --> P(f1 y1 ... ymn)) 14777 ) 14778 14779 and a theorem `split_t_case_asm' of the form 14780 14781 P(t_case f1 ... fn x) = 14782 ~( (? y1 ... ym1. x = C1 y1 ... ym1 & ~P(f1 y1 ... ym1)) | 14783 ... 14784 (? y1 ... ymn. x = Cn y1 ... ymn & ~P(f1 y1 ... ymn)) 14785 ) 14786 which can be added to a simpset via `addsplits'. The existing theorems 14787 expand_list_case and expand_option_case have been renamed to 14788 split_list_case and split_option_case. 14789 14790* HOL/Arithmetic: 14791 - `pred n' is automatically converted to `n-1'. 14792 Users are strongly encouraged not to use `pred' any longer, 14793 because it will disappear altogether at some point. 14794 - Users are strongly encouraged to write "0 < n" rather than 14795 "n ~= 0". Theorems and proof tools have been modified towards this 14796 `standard'. 14797 14798* HOL/Lists: 14799 the function "set_of_list" has been renamed "set" (and its theorems too); 14800 the function "nth" now takes its arguments in the reverse order and 14801 has acquired the infix notation "!" as in "xs!n". 14802 14803* HOL/Set: UNIV is now a constant and is no longer translated to Compl{}; 14804 14805* HOL/Set: The operator (UN x.B x) now abbreviates (UN x:UNIV. B x) and its 14806 specialist theorems (like UN1_I) are gone. Similarly for (INT x.B x); 14807 14808* HOL/record: extensible records with schematic structural subtyping 14809(single inheritance); EXPERIMENTAL version demonstrating the encoding, 14810still lacks various theorems and concrete record syntax; 14811 14812 14813*** HOLCF *** 14814 14815* removed "axioms" and "generated by" sections; 14816 14817* replaced "ops" section by extended "consts" section, which is capable of 14818 handling the continuous function space "->" directly; 14819 14820* domain package: 14821 . proves theorems immediately and stores them in the theory, 14822 . creates hierachical name space, 14823 . now uses normal mixfix annotations (instead of cinfix...), 14824 . minor changes to some names and values (for consistency), 14825 . e.g. cases -> casedist, dists_eq -> dist_eqs, [take_lemma] -> take_lemmas, 14826 . separator between mutual domain defs: changed "," to "and", 14827 . improved handling of sort constraints; now they have to 14828 appear on the left-hand side of the equations only; 14829 14830* fixed LAM <x,y,zs>.b syntax; 14831 14832* added extended adm_tac to simplifier in HOLCF -- can now discharge 14833adm (%x. P (t x)), where P is chainfinite and t continuous; 14834 14835 14836*** FOL and ZF *** 14837 14838* FOL: there is a new splitter `split_asm_tac' that can be used e.g. 14839 with `addloop' of the simplifier to faciliate case splitting in premises. 14840 14841* qed_spec_mp, qed_goal_spec_mp, qed_goalw_spec_mp are available, as 14842in HOL, they strip ALL and --> from proved theorems; 14843 14844 14845 14846New in Isabelle94-8 (May 1997) 14847------------------------------ 14848 14849*** General Changes *** 14850 14851* new utilities to build / run / maintain Isabelle etc. (in parts 14852still somewhat experimental); old Makefiles etc. still functional; 14853 14854* new 'Isabelle System Manual'; 14855 14856* INSTALL text, together with ./configure and ./build scripts; 14857 14858* reimplemented type inference for greater efficiency, better error 14859messages and clean internal interface; 14860 14861* prlim command for dealing with lots of subgoals (an easier way of 14862setting goals_limit); 14863 14864 14865*** Syntax *** 14866 14867* supports alternative (named) syntax tables (parser and pretty 14868printer); internal interface is provided by add_modesyntax(_i); 14869 14870* Pure, FOL, ZF, HOL, HOLCF now support symbolic input and output; to 14871be used in conjunction with the Isabelle symbol font; uses the 14872"symbols" syntax table; 14873 14874* added token_translation interface (may translate name tokens in 14875arbitrary ways, dependent on their type (free, bound, tfree, ...) and 14876the current print_mode); IMPORTANT: user print translation functions 14877are responsible for marking newly introduced bounds 14878(Syntax.mark_boundT); 14879 14880* token translations for modes "xterm" and "xterm_color" that display 14881names in bold, underline etc. or colors (which requires a color 14882version of xterm); 14883 14884* infixes may now be declared with names independent of their syntax; 14885 14886* added typed_print_translation (like print_translation, but may 14887access type of constant); 14888 14889 14890*** Classical Reasoner *** 14891 14892Blast_tac: a new tactic! It is often more powerful than fast_tac, but has 14893some limitations. Blast_tac... 14894 + ignores addss, addbefore, addafter; this restriction is intrinsic 14895 + ignores elimination rules that don't have the correct format 14896 (the conclusion MUST be a formula variable) 14897 + ignores types, which can make HOL proofs fail 14898 + rules must not require higher-order unification, e.g. apply_type in ZF 14899 [message "Function Var's argument not a bound variable" relates to this] 14900 + its proof strategy is more general but can actually be slower 14901 14902* substitution with equality assumptions no longer permutes other 14903assumptions; 14904 14905* minor changes in semantics of addafter (now called addaltern); renamed 14906setwrapper to setWrapper and compwrapper to compWrapper; added safe wrapper 14907(and access functions for it); 14908 14909* improved combination of classical reasoner and simplifier: 14910 + functions for handling clasimpsets 14911 + improvement of addss: now the simplifier is called _after_ the 14912 safe steps. 14913 + safe variant of addss called addSss: uses safe simplifications 14914 _during_ the safe steps. It is more complete as it allows multiple 14915 instantiations of unknowns (e.g. with slow_tac). 14916 14917*** Simplifier *** 14918 14919* added interface for simplification procedures (functions that 14920produce *proven* rewrite rules on the fly, depending on current 14921redex); 14922 14923* ordering on terms as parameter (used for ordered rewriting); 14924 14925* new functions delcongs, deleqcongs, and Delcongs. richer rep_ss; 14926 14927* the solver is now split into a safe and an unsafe part. 14928This should be invisible for the normal user, except that the 14929functions setsolver and addsolver have been renamed to setSolver and 14930addSolver; added safe_asm_full_simp_tac; 14931 14932 14933*** HOL *** 14934 14935* a generic induction tactic `induct_tac' which works for all datatypes and 14936also for type `nat'; 14937 14938* a generic case distinction tactic `exhaust_tac' which works for all 14939datatypes and also for type `nat'; 14940 14941* each datatype comes with a function `size'; 14942 14943* patterns in case expressions allow tuple patterns as arguments to 14944constructors, for example `case x of [] => ... | (x,y,z)#ps => ...'; 14945 14946* primrec now also works with type nat; 14947 14948* recdef: a new declaration form, allows general recursive functions to be 14949defined in theory files. See HOL/ex/Fib, HOL/ex/Primes, HOL/Subst/Unify. 14950 14951* the constant for negation has been renamed from "not" to "Not" to 14952harmonize with FOL, ZF, LK, etc.; 14953 14954* HOL/ex/LFilter theory of a corecursive "filter" functional for 14955infinite lists; 14956 14957* HOL/Modelcheck demonstrates invocation of model checker oracle; 14958 14959* HOL/ex/Ring.thy declares cring_simp, which solves equational 14960problems in commutative rings, using axiomatic type classes for + and *; 14961 14962* more examples in HOL/MiniML and HOL/Auth; 14963 14964* more default rewrite rules for quantifiers, union/intersection; 14965 14966* a new constant `arbitrary == @x.False'; 14967 14968* HOLCF/IOA replaces old HOL/IOA; 14969 14970* HOLCF changes: derived all rules and arities 14971 + axiomatic type classes instead of classes 14972 + typedef instead of faking type definitions 14973 + eliminated the internal constants less_fun, less_cfun, UU_fun, UU_cfun etc. 14974 + new axclasses cpo, chfin, flat with flat < chfin < pcpo < cpo < po 14975 + eliminated the types void, one, tr 14976 + use unit lift and bool lift (with translations) instead of one and tr 14977 + eliminated blift from Lift3.thy (use Def instead of blift) 14978 all eliminated rules are derived as theorems --> no visible changes ; 14979 14980 14981*** ZF *** 14982 14983* ZF now has Fast_tac, Simp_tac and Auto_tac. Union_iff is a now a default 14984rewrite rule; this may affect some proofs. eq_cs is gone but can be put back 14985as ZF_cs addSIs [equalityI]; 14986 14987 14988 14989New in Isabelle94-7 (November 96) 14990--------------------------------- 14991 14992* allowing negative levels (as offsets) in prlev and choplev; 14993 14994* super-linear speedup for large simplifications; 14995 14996* FOL, ZF and HOL now use miniscoping: rewriting pushes 14997quantifications in as far as possible (COULD MAKE EXISTING PROOFS 14998FAIL); can suppress it using the command Delsimps (ex_simps @ 14999all_simps); De Morgan laws are also now included, by default; 15000 15001* improved printing of ==> : ~: 15002 15003* new object-logic "Sequents" adds linear logic, while replacing LK 15004and Modal (thanks to Sara Kalvala); 15005 15006* HOL/Auth: correctness proofs for authentication protocols; 15007 15008* HOL: new auto_tac combines rewriting and classical reasoning (many 15009examples on HOL/Auth); 15010 15011* HOL: new command AddIffs for declaring theorems of the form P=Q to 15012the rewriter and classical reasoner simultaneously; 15013 15014* function uresult no longer returns theorems in "standard" format; 15015regain previous version by: val uresult = standard o uresult; 15016 15017 15018 15019New in Isabelle94-6 15020------------------- 15021 15022* oracles -- these establish an interface between Isabelle and trusted 15023external reasoners, which may deliver results as theorems; 15024 15025* proof objects (in particular record all uses of oracles); 15026 15027* Simp_tac, Fast_tac, etc. that refer to implicit simpset / claset; 15028 15029* "constdefs" section in theory files; 15030 15031* "primrec" section (HOL) no longer requires names; 15032 15033* internal type "tactic" now simply "thm -> thm Sequence.seq"; 15034 15035 15036 15037New in Isabelle94-5 15038------------------- 15039 15040* reduced space requirements; 15041 15042* automatic HTML generation from theories; 15043 15044* theory files no longer require "..." (quotes) around most types; 15045 15046* new examples, including two proofs of the Church-Rosser theorem; 15047 15048* non-curried (1994) version of HOL is no longer distributed; 15049 15050 15051 15052New in Isabelle94-4 15053------------------- 15054 15055* greatly reduced space requirements; 15056 15057* theory files (.thy) no longer require \...\ escapes at line breaks; 15058 15059* searchable theorem database (see the section "Retrieving theorems" on 15060page 8 of the Reference Manual); 15061 15062* new examples, including Grabczewski's monumental case study of the 15063Axiom of Choice; 15064 15065* The previous version of HOL renamed to Old_HOL; 15066 15067* The new version of HOL (previously called CHOL) uses a curried syntax 15068for functions. Application looks like f a b instead of f(a,b); 15069 15070* Mutually recursive inductive definitions finally work in HOL; 15071 15072* In ZF, pattern-matching on tuples is now available in all abstractions and 15073translates to the operator "split"; 15074 15075 15076 15077New in Isabelle94-3 15078------------------- 15079 15080* new infix operator, addss, allowing the classical reasoner to 15081perform simplification at each step of its search. Example: 15082 fast_tac (cs addss ss) 15083 15084* a new logic, CHOL, the same as HOL, but with a curried syntax 15085for functions. Application looks like f a b instead of f(a,b). Also pairs 15086look like (a,b) instead of <a,b>; 15087 15088* PLEASE NOTE: CHOL will eventually replace HOL! 15089 15090* In CHOL, pattern-matching on tuples is now available in all abstractions. 15091It translates to the operator "split". A new theory of integers is available; 15092 15093* In ZF, integer numerals now denote two's-complement binary integers. 15094Arithmetic operations can be performed by rewriting. See ZF/ex/Bin.ML; 15095 15096* Many new examples: I/O automata, Church-Rosser theorem, equivalents 15097of the Axiom of Choice; 15098 15099 15100 15101New in Isabelle94-2 15102------------------- 15103 15104* Significantly faster resolution; 15105 15106* the different sections in a .thy file can now be mixed and repeated 15107freely; 15108 15109* Database of theorems for FOL, HOL and ZF. New 15110commands including qed, qed_goal and bind_thm store theorems in the database. 15111 15112* Simple database queries: return a named theorem (get_thm) or all theorems of 15113a given theory (thms_of), or find out what theory a theorem was proved in 15114(theory_of_thm); 15115 15116* Bugs fixed in the inductive definition and datatype packages; 15117 15118* The classical reasoner provides deepen_tac and depth_tac, making FOL_dup_cs 15119and HOL_dup_cs obsolete; 15120 15121* Syntactic ambiguities caused by the new treatment of syntax in Isabelle94-1 15122have been removed; 15123 15124* Simpler definition of function space in ZF; 15125 15126* new results about cardinal and ordinal arithmetic in ZF; 15127 15128* 'subtype' facility in HOL for introducing new types as subsets of existing 15129types; 15130 15131:mode=isabelle-news:wrap=hard:maxLineLen=72: 15132