2553  4 

4981  5 
New in this Isabelle version 
6 
 

4649  7 

5931  8 
*** Overview of INCOMPATIBILITIES (see below for more details) *** 
9 

6922  10 
* HOL: The THEN and ELSE parts of conditional expressions (if P then x else y) 
11 
are no longer simplified. (This allows the simplifier to unfold recursive 

12 
functional programs.) To restore the old behaviour, declare 

13 
Delcongs [if_weak_cong]; 

14 

6269  15 
* HOL: Removed the obsolete syntax "Compl A"; use A for set 
16 
complement; 

5931  17 

6269  18 
* HOL: the predicate "inj" is now defined by translation to "inj_on"; 
6174  19 

20 
* HOL/typedef: fixed type inference for representing set; type 
21 
arguments now have to occur explicitly on the rhs as type constraints; 
22 

6269  23 
* ZF: The con_defs part of an inductive definition may no longer refer 
24 
to constants declared in the same theory; 

6057  25 

6269  26 
* HOL, ZF: the function mk_cases, generated by the inductive 
27 
definition package, has lost an argument. To simplify its result, it 

28 
uses the default simpset instead of a supplied list of theorems. 

6141  29 

6057  30 

6069  31 
*** Proof tools *** 
32 

6343  33 
* Provers/Arith/fast_lin_arith.ML contains a functor for creating a 
34 
decision procedure for linear arithmetic. Currently it is used for 

35 
types `nat' and `int' in HOL (see below) but can, should and will be 

36 
instantiated for other types and logics as well. 

6069  37 

38 

6014  39 
*** General *** 
40 

6751  41 
* Isabelle manuals now also available as PDF; 
42 

6671  43 
* improved browser info generation: better HTML markup (including 
44 
colors), graph views in several sizes; isatool usedir now provides a 

45 
proper interface for user theories (via P option); 

46 

6449  47 
* theory loader rewritten from scratch (may not be fully 
48 
bugcompatible); old loadpath variable has been replaced by show_path, 

6671  49 
add_path, del_path, reset_path functions; new operations such as 
50 
update_thy, touch_thy, remove_thy (see also isatool doc ref); 

6449  51 

6343  52 
* in locales, the "assumes" and "defines" parts may be omitted if 
53 
empty; 

5973  54 

6269  55 
* new print_mode "xsymbols" for extended symbol support (e.g. genuine 
56 
long arrows); 

57 

6343  58 
* new print_mode "HTML"; 
59 

60 
* path element specification '~~' refers to '$ISABELLE_HOME'; 
61 

6343  62 
* new flag show_tags controls display of tags of theorems (which are 
63 
basically just comments that may be attached by some tools); 

64 

6420  65 
* improved isatool install: option k creates KDE application icon, 
66 
option p DIR installs standalone binaries; 

6415  67 

6413  68 
* added ML_PLATFORM setting (useful for crossplatform installations); 
6671  69 
more robust handling of platform specific ML images for SML/NJ; 
6413  70 

6461  71 
* Isamode 2.6 requires patch to accomodate change of Isabelle font 
72 
mode and goal output format: 

73 

74 
diff r Isamode2.6/elisp/isaload.el Isamode/elisp/isaload.el 

75 
244c244 

76 
< (list (isagetenv "ISABELLE") "msymbols" logicname) 

77 
 

6533  78 
> (list (isagetenv "ISABELLE") "misabelle_font" "msymbols" logicname) 
6461  79 
diff r Isabelle2.6/elisp/isaproofstate.el Isamode/elisp/isaproofstate.el 
80 
181c181 

81 
< (defconst proofstateproofstartregexp "^Level [09]+$" 

82 
 

83 
> (defconst proofstateproofstartregexp "^Level [09]+" 

84 

6028  85 

6057  86 
*** HOL *** 
87 

6343  88 
* There are now decision procedures for linear arithmetic over nat and 
89 
int: 

6131  90 

6343  91 
1. arith_tac copes with arbitrary formulae involving `=', `<', `<=', 
92 
`+', `', `Suc', `min', `max' and numerical constants; other subterms 

93 
are treated as atomic; subformulae not involving type `nat' or `int' 

94 
are ignored; quantified subformulae are ignored unless they are 

95 
positive universal or negative existential. The tactic has to be 

96 
invoked by hand and can be a little bit slow. In particular, the 

97 
running time is exponential in the number of occurrences of `min' and 

98 
`max', and `' on `nat'. 

6131  99 

6343  100 
2. fast_arith_tac is a cutdown version of arith_tac: it only takes 
101 
(negated) (in)equalities among the premises and the conclusion into 

102 
account (i.e. no compound formulae) and does not know about `min' and 

103 
`max', and `' on `nat'. It is fast and is used automatically by the 

104 
simplifier. 

6131  105 

6343  106 
NB: At the moment, these decision procedures do not cope with mixed 
107 
nat/int formulae where the two parts interact, such as `m < n ==> 

108 
int(m) < int(n)'. 

6028  109 

6922  110 
* Integer division and remainder can now be performed on constant arguments. 
111 

112 
* Many properties of integer multiplication, division and remainder are now 

113 
available. 

114 

6403  115 
* New bounded quantifier syntax (input only): 
116 
! x < y. P, ! x <= y. P, ? x < y. P, ? x <= y. P 

117 

6278  118 
* HOL/TLA (Lamport's Temporal Logic of Actions): major reorganization 
119 
 avoids syntactic ambiguities and treats state, transition, and 

120 
temporal levels more uniformly; introduces INCOMPATIBILITIES due to 

121 
changed syntax and (many) tactics; 

122 

123 
* HOL/typedef: fixed type inference for representing set; type 
124 
arguments now have to occur explicitly on the rhs as type constraints; 
125 

6671  126 
* HOL/recdef (TFL): requires theory Recdef; 'congs' syntax now expects 
127 
comma separated list of theorem names rather than an ML expression; 

6563  128 

6795  129 
* reset HOL_quantifiers by default, i.e. quantifiers are printed as 
130 
ALL/EX rather than !/?; 

131 

6269  132 

6064  133 
*** ZF *** 
134 

135 
* new primrec section allows primitive recursive functions to be given 

6269  136 
directly (as in HOL) over datatypes and the natural numbers; 
6064  137 

6269  138 
* new tactics induct_tac and exhaust_tac for induction (or case 
139 
analysis) over datatypes and the natural numbers; 

6064  140 

141 
* the datatype declaration of type T now defines the recursor T_rec; 

142 

6141  143 
* simplification automatically does freeness reasoning for datatype 
6269  144 
constructors; 
6141  145 

6269  146 
* automatic typeinference, with AddTCs command to insert new 
147 
typechecking rules; 

6155  148 

6269  149 
* datatype introduction rules are now added as Safe Introduction rules 
150 
to the claset; 

6155  151 

6269  152 
* the syntax "if P then x else y" is now available in addition to 
153 
if(P,x,y); 

154 

6069  155 

6343  156 
*** Internal programming interfaces *** 
157 

158 
* AxClass.axclass_tac lost the theory argument; 
159 

6343  160 
* tuned current_goals_markers semantics: begin / end goal avoids 
161 
printing empty lines; 

162 

163 
* removed prs and prs_fn hook, which was broken because it did not 

164 
include \n in its semantics, forcing writeln to add one 

165 
uncoditionally; replaced prs_fn by writeln_fn; consider std_output: 

166 
string > unit if you really want to output text without newline; 

167 

168 
* Symbol.output subject to print mode; INCOMPATIBILITY: defaults to 

169 
plain output, interface builders may have to enable 'isabelle_font' 

170 
mode to get Isabelle font glyphs as before; 

171 

172 
* refined token_translation interface; INCOMPATIBILITY: output length 

173 
now of type real instead of int; 

174 

175 

6064  176 

5781  177 
New in Isabelle981 (October 1998) 
178 
 

179 

5127  180 
*** Overview of INCOMPATIBILITIES (see below for more details) *** 
4842  181 

5726  182 
* several changes of automated proof tools; 
5373  183 

5726  184 
* HOL: major changes to the inductive and datatype packages, including 
185 
some minor incompatibilities of theory syntax; 

5214  186 

5726  187 
* HOL: renamed r^1 to 'converse' from 'inverse'; 'inj_onto' is now 
5217  188 
called `inj_on'; 
5160  189 

5275  190 
* HOL: removed duplicate thms in Arith: 
191 
less_imp_add_less should be replaced by trans_less_add1 

192 
le_imp_add_le should be replaced by trans_le_add1 

5160  193 

5726  194 
* HOL: unary minus is now overloaded (new type constraints may be 
195 
required); 

5490  196 

5726  197 
* HOL and ZF: unary minus for integers is now # instead of #~. In 
198 
ZF, expressions such as n#1 must be changed to n# 1, since #1 is 

199 
now taken as an integer constant. 

5541  200 

5726  201 
* Pure: ML function 'theory_of' renamed to 'theory'; 
202 

5363  203 

5127  204 
*** Proof tools *** 
4880  205 

206 
* Simplifier: 
1a6c9c6a3f8e
2. The simplifier now knows a little bit about natarithmetic.
nipkow
parents:
5651
diff
changeset

207 
1. Asm_full_simp_tac is now more aggressive. 
1. It will sometimes reorient premises if that increases their power to 
209 
simplify. 
210 
2. It does no longer proceed strictly from left to right but may also 
211 
rotate premises to achieve further simplification. 
212 
For compatibility reasons there is now Asm_lr_simp_tac which is like the 
213 
old Asm_full_simp_tac in that it does not rotate premises. 
214 
2. The simplifier now knows a little bit about natarithmetic. 
4880  215 

5127  216 
* Classical reasoner: wrapper mechanism for the classical reasoner now 
217 
allows for selected deletion of wrappers, by introduction of names for 

218 
wrapper functionals. This implies that addbefore, addSbefore, 

219 
addaltern, and addSaltern now take a pair (name, tactic) as argument, 

220 
and that adding two tactics with the same name overwrites the first 

221 
one (emitting a warning). 

4824  222 
type wrapper = (int > tactic) > (int > tactic) 
4649  223 
setWrapper, setSWrapper, compWrapper and compSWrapper are replaced by 
4824  224 
addWrapper, addSWrapper: claset * (string * wrapper) > claset 
225 
delWrapper, delSWrapper: claset * string > claset 

4649  226 
getWrapper is renamed to appWrappers, getSWrapper to appSWrappers; 
227 

5705
228 
* Classical reasoner: addbefore/addSbefore now have APPEND/ORELSE 
5726  229 
semantics; addbefore now affects only the unsafe part of step_tac 
230 
etc.; this affects addss/auto_tac/force_tac, so EXISTING PROOFS MAY 

231 
FAIL, but proofs should be fixable easily, e.g. by replacing Auto_tac 

232 
by Force_tac; 

5524  233 

5726  234 
* Classical reasoner: setwrapper to setWrapper and compwrapper to 
235 
compWrapper; added safe wrapper (and access functions for it); 

5524  236 

5127  237 
* HOL/split_all_tac is now much faster and fails if there is nothing 
5726  238 
to split. Some EXISTING PROOFS MAY REQUIRE ADAPTION because the order 
239 
and the names of the automatically generated variables have changed. 

240 
split_all_tac has moved within claset() from unsafe wrappers to safe 

241 
wrappers, which means that !!bound variables are split much more 

242 
aggressively, and safe_tac and clarify_tac now split such variables. 

243 
If this splitting is not appropriate, use delSWrapper "split_all_tac". 

244 
Note: the same holds for record_split_tac, which does the job of 

245 
split_all_tac for record fields. 

5127  246 

5726  247 
* HOL/Simplifier: Rewrite rules for case distinctions can now be added 
248 
permanently to the default simpset using Addsplits just like 

249 
Addsimps. They can be removed via Delsplits just like 

250 
Delsimps. Lowercase versions are also available. 

5127  251 

5726  252 
* HOL/Simplifier: The rule split_if is now part of the default 
253 
simpset. This means that the simplifier will eliminate all occurrences 

254 
of ifthenelse in the conclusion of a goal. To prevent this, you can 

255 
either remove split_if completely from the default simpset by 

256 
`Delsplits [split_if]' or remove it in a specific call of the 

257 
simplifier using `... delsplits [split_if]'. You can also add/delete 

258 
other case splitting rules to/from the default simpset: every datatype 

259 
generates suitable rules `split_t_case' and `split_t_case_asm' (where 

260 
t is the name of the datatype). 

5127  261 

5726  262 
* Classical reasoner / Simplifier combination: new force_tac (and 
5127  263 
derivatives Force_tac, force) combines rewriting and classical 
264 
reasoning (and whatever other tools) similarly to auto_tac, but is 

5726  265 
aimed to solve the given subgoal completely. 
5127  266 

267 

268 
*** General *** 

269 

5217  270 
* new toplevel commands `Goal' and `Goalw' that improve upon `goal' 
5127  271 
and `goalw': the theory is no longer needed as an explicit argument  
272 
the current theory context is used; assumptions are no longer returned 

273 
at the MLlevel unless one of them starts with ==> or !!; it is 

5217  274 
recommended to convert to these new commands using isatool fixgoal 
275 
(backup your sources first!); 

4842  276 

5217  277 
* new toplevel commands 'thm' and 'thms' for retrieving theorems from 
5207  278 
the current theory context, and 'theory' to lookup stored theories; 
4806  279 

5722  280 
* new theory section 'locale' for declaring constants, assumptions and 
281 
definitions that have local scope; 

282 

5127  283 
* new theory section 'nonterminals' for purely syntactic types; 
4858  284 

5127  285 
* new theory section 'setup' for generic ML setup functions 
286 
(e.g. package initialization); 

4869  287 

5131  288 
* the distribution now includes Isabelle icons: see 
289 
lib/logo/isabelle{small,tiny}.xpm; 

290 

5363  291 
* isatool install  install binaries with absolute references to 
292 
ISABELLE_HOME/bin; 

293 

5572  294 
* isatool logo  create instances of the Isabelle logo (as EPS); 
295 

5407  296 
* print mode 'emacs' reserved for Isamode; 
297 

5726  298 
* support multiple print (ast) translations per constant name; 
299 

300 
* theorems involving oracles are now printed with a suffixed [!]; 
301 

4711  302 

4661  303 
*** HOL *** 
304 

5710  305 
* there is now a tutorial on Isabelle/HOL (do 'isatool doc tutorial'); 
5709  306 

5217  307 
* HOL/inductive package reorganized and improved: now supports mutual 
5267  308 
definitions such as 
5217  309 

310 
inductive EVEN ODD 

311 
intrs 

312 
null "0 : EVEN" 

313 
oddI "n : EVEN ==> Suc n : ODD" 

314 
evenI "n : ODD ==> Suc n : EVEN" 

315 

316 
new theorem list "elims" contains an elimination rule for each of the 

317 
recursive sets; inductive definitions now handle disjunctive premises 

318 
correctly (also ZF); 

5214  319 

5217  320 
INCOMPATIBILITIES: requires Inductive as an ancestor; component 
321 
"mutual_induct" no longer exists  the induction rule is always 

322 
contained in "induct"; 

323 

324 

325 
* HOL/datatype package reimplemented and greatly improved: now 

5267  326 
supports mutually recursive datatypes such as 
5217  327 

328 
datatype 

329 
'a aexp = IF_THEN_ELSE ('a bexp) ('a aexp) ('a aexp) 

330 
 SUM ('a aexp) ('a aexp) 

331 
 DIFF ('a aexp) ('a aexp) 

332 
 NUM 'a 

333 
and 

334 
'a bexp = LESS ('a aexp) ('a aexp) 

335 
 AND ('a bexp) ('a bexp) 

336 
 OR ('a bexp) ('a bexp) 

337 

5267  338 
as well as indirectly recursive datatypes such as 
5214  339 

5217  340 
datatype 
341 
('a, 'b) term = Var 'a 

342 
 App 'b ((('a, 'b) term) list) 

5214  343 

5217  344 
The new tactic mutual_induct_tac [<var_1>, ..., <var_n>] i performs 
345 
induction on mutually / indirectly recursive datatypes. 

346 

347 
Primrec equations are now stored in theory and can be accessed via 

348 
<function_name>.simps. 

349 

350 
INCOMPATIBILITIES: 

5214  351 

5217  352 
 Theories using datatypes must now have theory Datatype as an 
353 
ancestor. 

354 
 The specific <typename>.induct_tac no longer exists  use the 

355 
generic induct_tac instead. 

5226  356 
 natE has been renamed to nat.exhaust  use exhaust_tac 
5217  357 
instead of res_inst_tac ... natE. Note that the variable 
5226  358 
names in nat.exhaust differ from the names in natE, this 
5217  359 
may cause some "fragile" proofs to fail. 
360 
 The theorems split_<typename>_case and split_<typename>_case_asm 

361 
have been renamed to <typename>.split and <typename>.split_asm. 

362 
 Since default sorts of type variables are now handled correctly, 

363 
some datatype definitions may have to be annotated with explicit 

364 
sort constraints. 

365 
 Primrec definitions no longer require function name and type 

366 
of recursive argument. 

5214  367 

5217  368 
Consider using isatool fixdatatype to adapt your theories and proof 
369 
scripts to the new package (backup your sources first!). 

370 

371 

5726  372 
* HOL/record package: considerably improved implementation; now 
373 
includes concrete syntax for record types, terms, updates; theorems 

374 
for surjective pairing and splitting !!bound record variables; proof 

375 
support is as follows: 

376 

377 
1) standard conversions (selectors or updates applied to record 

378 
constructor terms) are part of the standard simpset; 

379 

380 
2) inject equations of the form ((x, y) = (x', y')) == x=x' & y=y' are 

381 
made part of standard simpset and claset via addIffs; 

382 

383 
3) a tactic for record field splitting (record_split_tac) is part of 

384 
the standard claset (addSWrapper); 

385 

386 
To get a better idea about these rules you may retrieve them via 

387 
something like 'thms "foo.simps"' or 'thms "foo.iffs"', where "foo" is 

388 
the name of your record type. 

389 

390 
The split tactic 3) conceptually simplifies by the following rule: 

391 

392 
"(!!x. PROP ?P x) == (!!a b. PROP ?P (a, b))" 

393 

394 
Thus any record variable that is bound by metaall will automatically 

395 
blow up into some record constructor term, consequently the 

396 
simplifications of 1), 2) apply. Thus force_tac, auto_tac etc. shall 

397 
solve record problems automatically. 

398 

5214  399 

5125  400 
* reorganized the main HOL image: HOL/Integ and String loaded by 
401 
default; theory Main includes everything; 

402 

5650  403 
* automatic simplification of integer sums and comparisons, using cancellation; 
404 

5526  405 
* added option_map_eq_Some and not_Some_eq to the default simpset and claset; 
5127  406 

407 
* added disj_not1 = "(~P  Q) = (P > Q)" to the default simpset; 

408 

409 
* many new identities for unions, intersections, set difference, etc.; 

410 

411 
* expand_if, expand_split, expand_sum_case and expand_nat_case are now 

412 
called split_if, split_split, split_sum_case and split_nat_case (to go 

413 
with add/delsplits); 

5125  414 

5127  415 
* HOL/Prod introduces simplification procedure unit_eq_proc rewriting 
416 
(?x::unit) = (); this is made part of the default simpset, which COULD 

417 
MAKE EXISTING PROOFS FAIL under rare circumstances (consider 

5207  418 
'Delsimprocs [unit_eq_proc];' as last resort); also note that 
419 
unit_abs_eta_conv is added in order to counter the effect of 

420 
unit_eq_proc on (%u::unit. f u), replacing it by f rather than by 

421 
%u.f(); 

5125  422 

5217  423 
* HOL/Fun INCOMPATIBILITY: `inj_onto' is now called `inj_on' (which 
424 
makes more sense); 

5109  425 

5475  426 
* HOL/Set INCOMPATIBILITY: rule `equals0D' is now a wellformed destruct rule; 
427 
It and 'sym RS equals0D' are now in the default claset, giving automatic 

428 
disjointness reasoning but breaking a few old proofs. 

5267  429 

5217  430 
* HOL/Relation INCOMPATIBILITY: renamed the relational operator r^1 
431 
to 'converse' from 'inverse' (for compatibility with ZF and some 

432 
literature); 

433 

5127  434 
* HOL/recdef can now declare nonrecursive functions, with {} supplied as 
435 
the wellfounded relation; 

4838  436 

5490  437 
* HOL/Set INCOMPATIBILITY: the complement of set A is now written A instead of 
438 
Compl A. The "Compl" syntax remains available as input syntax for this 

439 
release ONLY. 

440 

5127  441 
* HOL/Update: new theory of function updates: 
442 
f(a:=b) == %x. if x=a then b else f x 

443 
may also be iterated as in f(a:=b,c:=d,...); 

5077
71043526295f
* HOL/List: new function list_update written xs[i:=v] that updates the ith
nipkow
parents:
5075
diff
changeset

444 

5127  445 
* HOL/Vimage: new theory for inverse image of a function, syntax f``B; 
4899  446 

5282  447 
* HOL/List: 
448 
 new function list_update written xs[i:=v] that updates the ith 

449 
list position. May also be iterated as in xs[i:=a,j:=b,...]. 

5428  450 
 new function `upt' written [i..j(] which generates the list 
451 
[i,i+1,...,j1], i.e. the upper bound is excluded. To include the upper 

452 
bound write [i..j], which is a shorthand for [i..j+1(]. 

5282  453 
 new lexicographic orderings and corresponding wellfoundedness theorems. 
4779  454 

5127  455 
* HOL/Arith: 
456 
 removed 'pred' (predecessor) function; 

457 
 generalized some theorems about n1; 

458 
 many new laws about "div" and "mod"; 

459 
 new laws about greatest common divisors (see theory ex/Primes); 

4766  460 

5127  461 
* HOL/Relation: renamed the relational operator r^1 "converse" 
4842  462 
instead of "inverse"; 
4711  463 

5651  464 
* HOL/Induct/Multiset: a theory of multisets, including the wellfoundedness 
465 
of the multiset ordering; 

466 

5127  467 
* directory HOL/Real: a construction of the reals using Dedekind cuts 
5651  468 
(not included by default); 
4835  469 

5127  470 
* directory HOL/UNITY: Chandy and Misra's UNITY formalism; 
4711  471 

5651  472 
* directory HOL/Hoare: a new version of Hoare logic which permits manysorted 
473 
programs, i.e. different program variables may have different types. 

474 

5142  475 
* calling (stac rew i) now fails if "rew" has no effect on the goal 
476 
[previously, this check worked only if the rewrite rule was unconditional] 

5308  477 
Now rew can involve either definitions or equalities (either == or =). 
5002
478 

5363  479 

4879
480 
*** ZF *** 
58656c6a3551
"let" is no longer restricted to FOL terms and allows any logical terms
paulson
parents:
4869
diff
changeset

481 

5332  482 
* theory Main includes everything; INCOMPATIBILITY: theory ZF.thy contains 
483 
only the theorems proved on ZF.ML; 

5160  484 

5475  485 
* ZF INCOMPATIBILITY: rule `equals0D' is now a wellformed destruct rule; 
486 
It and 'sym RS equals0D' are now in the default claset, giving automatic 

487 
disjointness reasoning but breaking a few old proofs. 

5267  488 

5160  489 
* ZF/Update: new theory of function updates 
490 
with default rewrite rule f(x:=y) ` z = if(z=x, y, f`z) 

491 
may also be iterated as in f(a:=b,c:=d,...); 

492 

4879
493 
* in let x=t in u(x), neither t nor u(x) has to be an FOL term. 
4649  494 

5142  495 
* calling (stac rew i) now fails if "rew" has no effect on the goal 
496 
[previously, this check worked only if the rewrite rule was unconditional] 

5308  497 
Now rew can involve either definitions or equalities (either == or =). 
5142  498 

5160  499 
* case_tac provided for compatibility with HOL 
500 
(like the old excluded_middle_tac, but with subgoals swapped) 

501 

4842  502 

5127  503 
*** Internal programming interfaces *** 
5002
7b4c2a153738
* improved the theory data mechanism to support real encapsulation;
504 

5251  505 
* Pure: several new basic modules made available for general use, see 
506 
also src/Pure/README; 

5207  507 

5008  508 
* improved the theory data mechanism to support encapsulation (data 
509 
kind name replaced by private Object.kind, acting as authorization 

5373  510 
key); new typesafe user interface via functor TheoryDataFun; generic 
511 
print_data function becomes basically useless; 

5002
512 

5251  513 
* removed global_names compatibility flag  all theory declarations 
514 
are qualified by default; 

515 

5085
516 
* module Pure/Syntax now offers quote / antiquote translation 
517 
functions (useful for Hoare logic etc. with implicit dependencies); 
5373  518 
see HOL/ex/Antiquote for an example use; 
5085
519 

5127  520 
* Simplifier now offers conversions (asm_)(full_)rewrite: simpset > 
521 
cterm > thm; 

522 

5207  523 
* new tactical CHANGED_GOAL for checking that a tactic modifies a 
524 
subgoal; 

5142  525 

5251  526 
* Display.print_goals function moved to Locale.print_goals; 
527 

5731  528 
* standard print function for goals supports current_goals_markers 
529 
variable for marking begin of proof, end of proof, start of goal; the 

530 
default is ("", "", ""); setting current_goals_markers := ("<proof>", 

531 
"</proof>", "<goal>") causes SGML like tagged proof state printing, 

532 
for example; 

533 

5002
534 

7b4c2a153738
4410  536 
New in Isabelle98 (January 1998) 
537 
 

538 

539 
*** Overview of INCOMPATIBILITIES (see below for more details) *** 

540 

541 
* changed lexical syntax of terms / types: dots made part of long 

542 
identifiers, e.g. "%x.x" no longer possible, should be "%x. x"; 

543 

544 
* simpset (and claset) reference variable replaced by functions 

545 
simpset / simpset_ref; 

546 

547 
* no longer supports theory aliases (via merge) and nontrivial 

548 
implicit merge of thms' signatures; 

549 

550 
* most internal names of constants changed due to qualified names; 

551 

552 
* changed Pure/Sequence interface (see Pure/seq.ML); 

553 

3454  554 

3715  555 
*** General Changes *** 
556 

4174  557 
* hierachically structured name spaces (for consts, types, axms, thms 
3943  558 
etc.); new lexical class 'longid' (e.g. Foo.bar.x) may render much of 
4108  559 
old input syntactically incorrect (e.g. "%x.x"); COMPATIBILITY: 
560 
isatool fixdots ensures space after dots (e.g. "%x. x"); set 

4174  561 
long_names for fully qualified output names; NOTE: ML programs 
562 
(special tactics, packages etc.) referring to internal names may have 

563 
to be adapted to cope with fully qualified names; in case of severe 

564 
backward campatibility problems try setting 'global_names' at compile 

565 
time to have enrything declared within a flat name space; one may also 

566 
fine tune name declarations in theories via the 'global' and 'local' 

567 
section; 

4108  568 

569 
* reimplemented the implicit simpset and claset using the new anytype 

570 
data filed in signatures; references simpset:simpset ref etc. are 

571 
replaced by functions simpset:unit>simpset and 

572 
simpset_ref:unit>simpset ref; COMPATIBILITY: use isatool fixclasimp 

573 
to patch your ML files accordingly; 

3856  574 

3857  575 
* HTML output now includes theory graph data for display with Java 
576 
applet or isatool browser; data generated automatically via isatool 

3901  577 
usedir (see i option, ISABELLE_USEDIR_OPTIONS); 
3857  578 

3856  579 
* defs may now be conditional; improved rewrite_goals_tac to handle 
580 
conditional equations; 

581 

4174  582 
* defs now admits additional type arguments, using TYPE('a) syntax; 
583 

3901  584 
* theory aliases via merge (e.g. M=A+B+C) no longer supported, always 
585 
creates a new theory node; implicit merge of thms' signatures is 

4112  586 
restricted to 'trivial' ones; COMPATIBILITY: one may have to use 
3901  587 
transfer:theory>thm>thm in (rare) cases; 
588 

3968
589 
* improved handling of draft signatures / theories; draft thms (and 
590 
ctyps, cterms) are automatically promoted to real ones; 
591 

3901  592 
* slightly changed interfaces for oracles: admit many per theory, named 
593 
(e.g. oracle foo = mlfun), additional name argument for invoke_oracle; 

594 

595 
* print_goals: optional output of const types (set show_consts and 

596 
show_types); 

3851
597 

4388  598 
* improved output of warnings (###) and errors (***); 
3697
599 

4178
e64ff1c1bc70
subgoal_tac displays a warning if the new subgoal has type variables
paulson
parents:
4174
diff
changeset

600 
* subgoal_tac displays a warning if the new subgoal has type variables; 
e64ff1c1bc70
subgoal_tac displays a warning if the new subgoal has type variables
paulson
parents:
4174
diff
changeset

601 

3715  602 
* removed old README and Makefiles; 
3697
c5833dfcc2cc
Pure: fixed idt/idts vs. pttrn/pttrns syntactic categories;
603 

3856  604 
* replaced print_goals_ref hook by print_current_goals_fn and result_error_fn; 
3670
605 

3715  606 
* removed obsolete init_pps and init_database; 
607 

608 
* deleted the obsolete tactical STATE, which was declared by 

609 
fun STATE tacfun st = tacfun st st; 

610 

4388  611 
* cd and use now support path variables, e.g. $ISABELLE_HOME, or ~ 
612 
(which abbreviates $HOME); 

4269  613 

614 
* changed Pure/Sequence interface (see Pure/seq.ML); COMPATIBILITY: 

615 
use isatool fixseq to adapt your ML programs (this works for fully 

616 
qualified references to the Sequence structure only!); 

617 

4381  618 
* use_thy no longer requires writable current directory; it always 
619 
reloads .ML *and* .thy file, if either one is out of date; 

4269  620 

3715  621 

622 
*** Classical Reasoner *** 

623 

3744  624 
* Clarify_tac, clarify_tac, clarify_step_tac, Clarify_step_tac: new 
625 
tactics that use classical reasoning to simplify a subgoal without 

626 
splitting it into several subgoals; 

3715  627 

3719  628 
* Safe_tac: like safe_tac but uses the default claset; 
629 

3715  630 

631 
*** Simplifier *** 

632 

633 
* added simplification meta rules: 

634 
(asm_)(full_)simplify: simpset > thm > thm; 

635 

636 
* simplifier.ML no longer part of Pure  has to be loaded by object 

637 
logics (again); 

638 

639 
* added prems argument to simplification procedures; 

640 

4325  641 
* HOL, FOL, ZF: added infix function `addsplits': 
642 
instead of `<simpset> setloop (split_tac <thms>)' 

643 
you can simply write `<simpset> addsplits <thms>' 

644 

3715  645 

646 
*** Syntax *** 

647 

4174  648 
* TYPE('a) syntax for type reflection terms; 
649 

3985  650 
* no longer handles consts with name ""  declare as 'syntax' instead; 
3856  651 

652 
* pretty printer: changed order of mixfix annotation preference (again!); 

3846  653 

3715  654 
* Pure: fixed idt/idts vs. pttrn/pttrns syntactic categories; 
655 

656 

657 
*** HOL *** 

658 

5726  659 
* HOL: there is a new splitter `split_asm_tac' that can be used e.g. 
4189  660 
with `addloop' of the simplifier to faciliate case splitting in premises. 
661 

4035  662 
* HOL/TLA: Stephan Merz's formalization of Lamport's Temporal Logic of Actions; 
3985  663 

664 
* HOL/Auth: new protocol proofs including some for the Internet 

4035  665 
protocol TLS; 
3985  666 

4125  667 
* HOL/Map: new theory of `maps' a la VDM; 
3982  668 

4335  669 
* HOL/simplifier: simplification procedures nat_cancel_sums for 
670 
cancelling out common nat summands from =, <, <= (in)equalities, or 

671 
differences; simplification procedures nat_cancel_factor for 

672 
cancelling common factor from =, <, <= (in)equalities over natural 

4373  673 
sums; nat_cancel contains both kinds of procedures, it is installed by 
674 
default in Arith.thy  this COULD MAKE EXISTING PROOFS FAIL; 

4335  675 

3580  676 
* HOL/simplifier: terms of the form 
4325  677 
`? x. P1(x) & ... & Pn(x) & x=t & Q1(x) & ... Qn(x)' (or t=x) 
3580  678 
are rewritten to 
4035  679 
`P1(t) & ... & Pn(t) & Q1(t) & ... Qn(t)', 
680 
and those of the form 

4325  681 
`! x. P1(x) & ... & Pn(x) & x=t & Q1(x) & ... Qn(x) > R(x)' (or t=x) 
4035  682 
are rewritten to 
683 
`P1(t) & ... & Pn(t) & Q1(t) & ... Qn(t) > R(t)', 

684 

685 
* HOL/datatype 

686 
Each datatype `t' now comes with a theorem `split_t_case' of the form 

3580  687 

4035  688 
P(t_case f1 ... fn x) = 
689 
( (!y1 ... ym1. x = C1 y1 ... ym1 > P(f1 y1 ... ym1)) & 

690 
... 

4189  691 
(!y1 ... ymn. x = Cn y1 ... ymn > P(f1 y1 ... ymn)) 
4035  692 
) 
693 

4930
694 
and a theorem `split_t_case_asm' of the form 
4189  695 

696 
P(t_case f1 ... fn x) = 

697 
~( (? y1 ... ym1. x = C1 y1 ... ym1 & ~P(f1 y1 ... ym1))  

698 
... 

699 
(? y1 ... ymn. x = Cn y1 ... ymn & ~P(f1 y1 ... ymn)) 

700 
) 

4930
701 
which can be added to a simpset via `addsplits'. The existing theorems 
89271bc4e7ed
expand_list_case and expand_option_case have been renamed to 
89271bc4e7ed
extended addsplits and delsplits to handle also split rules for assumptions
4189  704 

4361  705 
* HOL/Arithmetic: 
706 
 `pred n' is automatically converted to `n1'. 

707 
Users are strongly encouraged not to use `pred' any longer, 

708 
because it will disappear altogether at some point. 

709 
 Users are strongly encouraged to write "0 < n" rather than 

710 
"n ~= 0". Theorems and proof tools have been modified towards this 

711 
`standard'. 

4357  712 

4502  713 
* HOL/Lists: 
714 
the function "set_of_list" has been renamed "set" (and its theorems too); 

715 
the function "nth" now takes its arguments in the reverse order and 

716 
has acquired the infix notation "!" as in "xs!n". 

3570  717 

4154  718 
* HOL/Set: UNIV is now a constant and is no longer translated to Compl{}; 
719 

720 
* HOL/Set: The operator (UN x.B x) now abbreviates (UN x:UNIV. B x) and its 

721 
specialist theorems (like UN1_I) are gone. Similarly for (INT x.B x); 

722 

4575  723 
* HOL/record: extensible records with schematic structural subtyping 
724 
(single inheritance); EXPERIMENTAL version demonstrating the encoding, 

725 
still lacks various theorems and concrete record syntax; 

726 

4125  727 

3715  728 
*** HOLCF *** 
3535  729 

4125  730 
* removed "axioms" and "generated by" sections; 
731 

4123  732 
* replaced "ops" section by extended "consts" section, which is capable of 
4125  733 
handling the continuous function space ">" directly; 
734 

735 
* domain package: 

736 
. proves theorems immediately and stores them in the theory, 

737 
. creates hierachical name space, 

738 
. now uses normal mixfix annotations (instead of cinfix...), 

739 
. minor changes to some names and values (for consistency), 

740 
. e.g. cases > casedist, dists_eq > dist_eqs, [take_lemma] > take_lemmas, 

741 
. separator between mutual domain defs: changed "," to "and", 

742 
. improved handling of sort constraints; now they have to 

743 
appear on the lefthand side of the equations only; 

4123  744 

745 
* fixed LAM <x,y,zs>.b syntax; 

3567  746 

3744  747 
* added extended adm_tac to simplifier in HOLCF  can now discharge 
748 
adm (%x. P (t x)), where P is chainfinite and t continuous; 

3579  749 

750 

3719  751 
*** FOL and ZF *** 
752 

5726  753 
* FOL: there is a new splitter `split_asm_tac' that can be used e.g. 
4189  754 
with `addloop' of the simplifier to faciliate case splitting in premises. 
755 

3744  756 
* qed_spec_mp, qed_goal_spec_mp, qed_goalw_spec_mp are available, as 
757 
in HOL, they strip ALL and > from proved theorems; 

758 

3719  759 

3579  760 

3006  761 
New in Isabelle948 (May 1997) 
762 
 

2654  763 

3002
764 
*** General Changes *** 
223e5d65faaa
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
2971  768 

3205  769 
* new 'Isabelle System Manual'; 
770 

2825  771 
* INSTALL text, together with ./configure and ./build scripts; 
2773  772 

3006  773 
* reimplemented type inference for greater efficiency, better error 
774 
messages and clean internal interface; 

3002
775 

223e5d65faaa
* prlim command for dealing with lots of subgoals (an easier way of 
223e5d65faaa
setting goals_limit); 
223e5d65faaa
3006  779 

780 
*** Syntax *** 

3002
781 

3116  782 
* supports alternative (named) syntax tables (parser and pretty 
783 
printer); internal interface is provided by add_modesyntax(_i); 

784 

3002
785 
* Pure, FOL, ZF, HOL, HOLCF now support symbolic input and output; to 
786 
be used in conjunction with the Isabelle symbol font; uses the 
787 
"symbols" syntax table; 
788 

2705  789 
* added token_translation interface (may translate name tokens in 
2756  790 
arbitrary ways, dependent on their type (free, bound, tfree, ...) and 
3116  791 
the current print_mode); IMPORTANT: user print translation functions 
792 
are responsible for marking newly introduced bounds 

793 
(Syntax.mark_boundT); 

2705  794 

2730  795 
* token translations for modes "xterm" and "xterm_color" that display 
3006  796 
names in bold, underline etc. or colors (which requires a color 
797 
version of xterm); 

2730  798 

3002
799 
* infixes may now be declared with names independent of their syntax; 
800 

223e5d65faaa
* added typed_print_translation (like print_translation, but may 
223e5d65faaa
access type of constant); 
223e5d65faaa
3006  804 

3002
223e5d65faaa
*** Classical Reasoner *** 
223e5d65faaa
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
5726  811 
(the conclusion MUST be a formula variable) 
changeset

812 
changeset

813 
changeset

814 
changeset

815 
changeset

816 

3107  817 
* substitution with equality assumptions no longer permutes other 
818 
assumptions; 

3002
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
Reorganized under headings. Also documented Blast_tac and LFilter
paulson
Reorganized under headings. Also documented Blast_tac and LFilter
paulson
(and access functions for it); 
3002
823 

5726  824 
* improved combination of classical reasoner and simplifier: 
3317  825 
+ functions for handling clasimpsets 
826 
+ improvement of addss: now the simplifier is called _after_ the 

827 
safe steps. 

828 
+ safe variant of addss called addSss: uses safe simplifications 

5726  829 
_during_ the safe steps. It is more complete as it allows multiple 
3317  830 
instantiations of unknowns (e.g. with slow_tac). 
3006  831 

3002
832 
*** Simplifier *** 
833 

3006  834 
* ordering on terms as parameter (used for ordered rewriting); 

839 

2993
diff
diff
changeset

diff
changeset

diff
changeset

paulson
parents:
parents:
2993
2993
diff
2993
diff
3316  853 
* a generic case distinction tactic `exhaust_tac' which works for all 
223e5d65faaa
Reorganized under headings. Also documented Blast_tac and LFilter
3107  859 
constructors, for example `case x of [] => ...  (x,y,z)#ps => ...'; 
changeset

860 

861 
* primrec now also works with type nat; 
862 

3338  863 
paulson
parents:
3002
223e5d65faaa
3107  869 
* HOL/ex/LFilter theory of a corecursive "filter" functional for 
2993
diff
Reorganized under headings. Also documented Blast_tac and LFilter
paulson
Reorganized under headings. Also documented Blast_tac and LFilter
paulson
Reorganized under headings. Also documented Blast_tac and LFilter
paulson
paulson
parents:
paulson
parents:
parents:
2993
parents:
2993
* HOLCF/IOA replaces old HOL/IOA; 
884 

5726  885 
* HOLCF changes: derived all rules and arities 
886 
+ axiomatic type classes instead of classes 

2653
887 
+ typedef instead of faking type definitions 
slotosch
parents:
slotosch
parents:
slotosch
parents:
2649  894 

3006  895 

3002
896 
*** ZF *** 
2553  897 

2865  898 
* ZF now has Fast_tac, Simp_tac and Auto_tac. Union_iff is a now a default 
899 
rewrite rule; this may affect some proofs. eq_cs is gone but can be put back 

900 
as ZF_cs addSIs [equalityI]; 

2553  901 

2554  902 

2732  903 

2553  904 
New in Isabelle947 (November 96) 
905 
 

906 

907 
* allowing negative levels (as offsets) in prlev and choplev; 

908 

2554  909 
* superlinear speedup for large simplifications; 
910 

911 
* FOL, ZF and HOL now use miniscoping: rewriting pushes 

912 
quantifications in as far as possible (COULD MAKE EXISTING PROOFS 

913 
FAIL); can suppress it using the command Delsimps (ex_simps @ 

914 
all_simps); De Morgan laws are also now included, by default; 

915 

916 
* improved printing of ==> : ~: 

917 

918 
* new objectlogic "Sequents" adds linear logic, while replacing LK 

919 
and Modal (thanks to Sara Kalvala); 

920 

921 
* HOL/Auth: correctness proofs for authentication protocols; 

922 

923 
* HOL: new auto_tac combines rewriting and classical reasoning (many 

924 
examples on HOL/Auth); 

925 

926 
* HOL: new command AddIffs for declaring theorems of the form P=Q to 

927 
the rewriter and classical reasoner simultaneously; 

928 

929 
* function uresult no longer returns theorems in "standard" format; 

930 
regain previous version by: val uresult = standard o uresult; 

931 

932 

933 

934 
New in Isabelle946 

935 
 

936 

937 
* oracles  these establish an interface between Isabelle and trusted 

938 
external reasoners, which may deliver results as theorems; 

939 

940 
* proof objects (in particular record all uses of oracles); 

941 

942 
* Simp_tac, Fast_tac, etc. that refer to implicit simpset / claset; 

943 

944 
* "constdefs" section in theory files; 

945 

946 
* "primrec" section (HOL) no longer requires names; 

947 

948 
* internal type "tactic" now simply "thm > thm Sequence.seq"; 

949 

950 

951 

952 
New in Isabelle945 

953 
 

954 

955 
* reduced space requirements; 

956 

957 
* automatic HTML generation from theories; 

958 

959 
* theory files no longer require "..." (quotes) around most types; 

960 

961 
* new examples, including two proofs of the ChurchRosser theorem; 

962 

963 
* noncurried (1994) version of HOL is no longer distributed; 

964 

2553  965 

2557  966 

967 
New in Isabelle944 

968 
 

969 

2747  970 
* greatly reduced space requirements; 
2557  971 

972 
* theory files (.thy) no longer require \...\ escapes at line breaks; 

973 

5726  974 
* searchable theorem database (see the section "Retrieving theorems" on 
2557  975 
page 8 of the Reference Manual); 
976 

977 
* new examples, including Grabczewski's monumental case study of the 

978 
Axiom of Choice; 

979 

980 
* The previous version of HOL renamed to Old_HOL; 

981 

5726  982 
* The new version of HOL (previously called CHOL) uses a curried syntax 
2557  983 
for functions. Application looks like f a b instead of f(a,b); 
984 

985 
* Mutually recursive inductive definitions finally work in HOL; 

986 

987 
* In ZF, patternmatching on tuples is now available in all abstractions and 

988 
translates to the operator "split"; 

989 

990 

991 

992 
New in Isabelle943 

993 
 

994 

5726  995 
* new infix operator, addss, allowing the classical reasoner to 
2557  996 
perform simplification at each step of its search. Example: 
5726  997 
fast_tac (cs addss ss) 
2557  998 

5726  999 
* a new logic, CHOL, the same as HOL, but with a curried syntax 
1000 
for functions. Application looks like f a b instead of f(a,b). Also pairs 

2557  1001 
look like (a,b) instead of <a,b>; 
1002 

1003 
* PLEASE NOTE: CHOL will eventually replace HOL! 

1004 

1005 
* In CHOL, patternmatching on tuples is now available in all abstractions. 

1006 
It translates to the operator "split". A new theory of integers is available; 

1007 

1008 
* In ZF, integer numerals now denote two'scomplement binary integers. 

1009 
Arithmetic operations can be performed by rewriting. See ZF/ex/Bin.ML; 

1010 

5726  1011 
* Many new examples: I/O automata, ChurchRosser theorem, equivalents 
2557  1012 
of the Axiom of Choice; 
1013 

1014 

1015 

1016 
New in Isabelle942 

1017 
 

1018 

5726  1019 
* Significantly faster resolution; 
2557  1020 

1021 
* the different sections in a .thy file can now be mixed and repeated 

1022 
freely; 

1023 

1024 
* Database of theorems for FOL, HOL and ZF. New 

1025 
commands including qed, qed_goal and bind_thm store theorems in the database. 

1026 

1027 
* Simple database queries: return a named theorem (get_thm) or all theorems of 

1028 
a given theory (thms_of), or find out what theory a theorem was proved in 

1029 
(theory_of_thm); 

1030 

1031 
* Bugs fixed in the inductive definition and datatype packages; 

1032 

1033 
* The classical reasoner provides deepen_tac and depth_tac, making FOL_dup_cs 

1034 
and HOL_dup_cs obsolete; 

1035 

1036 
* Syntactic ambiguities caused by the new treatment of syntax in Isabelle941 

1037 
have been removed; 

1038 

1039 
* Simpler definition of function space in ZF; 

1040 

1041 
* new results about cardinal and ordinal arithmetic in ZF; 

1042 

1043 
* 'subtype' facility in HOL for introducing new types as subsets of existing 

1044 
types; 

1045 

1046 

2553  1047 
