README: update and change expandshort.sh to expandshort ; document teeinput

agrep: change to
grep "$*" {Pure,Provers,Pure/SYNTAX,FOL,ZF,LK,Modal,CTT,HOL,Cube,LCF}/*ML \
        {FOL,ZF,LK,Modal,CTT,HOL}/ex/*ML 

SYNTAX: trim down signature SYNTAX to include only the items that people
actually use, and leave Syntax "open"

SYNTAX: suppress Warning: no productions for ANY1

define ext_theory from intro.ML OR USE...
    val empty_syntax = Sext{mixfix=[],
			    parse_translation=[],
			    print_translation=[]};

    fun enrich_theory thy thyname
	  {sort_decs, old_type_decs, new_type_decs, const_decs, syntax_decs} =
	extend_theory thy thyname
	  (sort_decs, old_type_decs, new_type_decs, 
	   const_decs, Some (Sext syntax_decs));



stamps_of should act on THEOREMS instead of theories?
val stamps_of = #stamps o Sign.rep_sg o #sign o rep_thm;

INSTALL NEW GET-RULENAMES

A function make_elimlist such that make_elimlist[conjunct1,conjunct2] is
conjE?

FLEXFLEX PAIRS -- no longer using equality

PAPER on recursive type defs: find sufficient conditions for an ARBITRARY
functor to be used in domain equations.  Does any parametrized solution of
the equations satisfy these conditions?

Prover/lasthyp_subst_tac: delete?  (ask mc).  Its use of subst looks wrong.
At least, lasthyp_subst_tac and hyp_subst_tac should share some code!

Send new version to Hajime Sawamura, Sreeranga Rajan

Give THEN, THEN' higher precedence than ORELSE APPEND INTLEAVE?

tctical/select: change to (since nasms = 0)
fun select (Tactic tf) state i =
  let val prem::_ = nth_tail(i-1, prems_of state)
      val st0 = trivial (Sign.cterm_of (#sign(rep_thm state)) prem);
      fun next st = bicompose(state, i) (false, st, length(prems_of st))
  in  Sequence.flats (Sequence.maps next (tf st0))
  end;


Pure/NJ.ML:
    (*A conditional timing function: applies f to () and, if the flag is true,
      prints its runtime. *)
    fun cond_timeit flag f =
      if flag then
	let val imakestring = makestring : int->string
	    open System.Timer;
	    fun string_of_time (TIME {sec,usec} : time) =
		  imakestring sec ^ "." ^
		  imakestring ((usec + 50000) div 100000)
	    val start = start_timer()
	    val result = f();
	    val nongc = check_timer(start)
	    and gc = check_timer_gc(start);
	    val both = add_time(nongc,gc)
	in  print("Non GC "  ^ string_of_time nongc ^
		   "   GC "  ^ string_of_time gc    ^
		   "   both "^ string_of_time both  ^ " secs\n");
	    result
	end
      else f();

    (*Unconditional timing function*)
    val timeit = cond_timeit true;


SUPPRESSION OF PRINTING OF HYPS: Pure/tctical
    val show_hyps = ref true;

    fun pretty_thm th =
    let val {sign, hyps, prop,...} = rep_thm th
	val hsymbs = if null hyps then []
		     else if !show_hyps then
			  Pretty.brk 2 ::
			  Pretty.lst("[","]") (map (Sign.pretty_term sign) hyps)
		     else Pretty.str" [" :: map (fn _ => Pretty.str".") hyps @
			  [Pretty.str"]"];
    in Pretty.blk(0, Sign.pretty_term sign prop :: hsymbs) end;

    val string_of_thm = Pretty.string_of o pretty_thm;

    (** Top-level commands for printing theorems **)
    val print_thm = writeln o string_of_thm;

    fun prth th = (print_thm th; th);

    (*Print and return a sequence of theorems, separated by blank lines. *)
    fun prthq thseq =
	(Sequence.prints (fn _ => print_thm) 100000 thseq;
	 thseq);

    (*Print and return a list of theorems, separated by blank lines. *)
    fun prths ths = (print_list_ln print_thm ths; ths);

Pure/NJ: include a dummy version of "timing" that sets proof_timing:=true

Pure/thm/bicompose_aux: add a flag to permit detection of a "match" (not
updating variables in proof state) and define tactics match_tac, ematch_tac
and dmatch_tac.  Add "match" flag to bicompose_aux, bicompose,
biresolution;

fun biresolution match brules i state = ...

  val bicompose: bool -> bool * thm * int -> int -> thm -> thm Sequence.seq   
  val biresolution: bool -> (bool*thm)list -> int -> thm -> thm Sequence.seq   
  val resolution: bool -> thm list -> int -> thm -> thm Sequence.seq   


export PRIMSEQ
fun compose_tac arg i = PRIMSEQ (bicompose arg i);

fun resolve_tac rules i = PRIMSEQ (resolution rules i);

fun biresolve_tac brules i = PRIMSEQ (biresolution brules i);

(*Attack subgoal i by resolution, using flags to indicate elimination rules*)
fun biresolve_tac brules i = Tactic (fn state=> biresolution(state,i,brules)
	handle THM _ => Sequence.null);

I do forsee the possibility that the disagreement pair ?a==?b, where ?a is
from the proof state and ?b is from the rule, might be treated incorrectly.  I
would like to ensure that the variable with the higher index is updated, other
things being equal.  Even in resolution proofs, this would protect variables
in the proof state from being needlessly renamed.


define LETGOAL to handle unfinished proofs (lifting via pure inference)

Pelletier's problems
Dijkstra's Law should be all <->
check nos 39, 40

**************** FOL ****************

FOL: there's no SIMPLIFIER for INTUITIONISTIC LOGIC!!

FOL/ex/intro.ML,prolog.ML: from text/Doc/Intro

FOL/ex/cla.ML, FOL/int-prover, FOL/ROOT.ML: see ~/newisa/cla.ML
structure Int_Prover should NOT BE OPEN

FOL/int-prover: is it complete? make it so!  And make similar to
Provers/classical in names and general behavior.  safe_step_tac should be
so spelled & safe!  Use hyp_subst_tac; change safe_tac; fast_tac & best_tac??

notE,impE in wrong order!
fun mp_tac i = eresolve_tac [notE,impE] i  THEN  assume_tac i;
fun eq_mp_tac i = eresolve_tac [notE,impE] i  THEN  eq_assume_tac i;

FOL/cla-lemmas/notnotE: replace by notnotD: ~~P ==>  P

**************** ZF ****************

fix the concrete syntax for ZF:
> 2. Looking at your grammar it seems ambiguous: you have used Delimfix instead
> of Mixfix in most places and <a,b,c> could be PairA(a,PairB(b,c)) or
> PairA(PairB(a,b),c). 
Could this syntax be deleted?

define fst(p) = split(p, %x y.x) and snd(p) = split(p, %x y.y) 
Use split rather than THE in list_case, ...

val domain_def = assume_ax set_thy "domain(r) == {a. p:r, EX b. p=<a,b>}";

val [prem] = goalw set_thy [domain_def] "<a,b>: r ==> a: domain(r)";
by (fast_tac (upair_cs addIs [prem] addEs [Pair_inject]) 1);
val domainI = result();

val major::prems = goalw set_thy [domain_def]
    "[| a : domain(r);  !!y. <a,y>: r ==> P |] ==> P";
br (major RS ReplaceE) 1;
by (fast_tac (upair_cs addIs prems) 1);
val domainE = result();

could simplify things by moving perm/converse to rules: then 
range(r) == domain(converse(r))  and
r -`` A == converse(r)''A

Prove Cantor's Theorem

Tidy up list operations?

bexXI to bexCI; what about other XI rules??
delete PrimReplaceI, PrimReplaceE, empty_subsetD, nonemptyI, nonemptyE
delete <!

delete subset/cons_refl



(*** Rules for Intersections of families ***)
(* INT x:A. B(x) abbreviates Inter(RepFun(A, %x.B(x))) *)

    val prems = goal set_thy
	"[| !!x. x: A ==> b: B(x);  a: A |] ==> b: (INT x:A. B(x))";
    by (REPEAT (ares_tac (prems@[InterI,RepFunI]) 1
	 ORELSE eresolve_tac [RepFunE,ssubst] 1));
    val INT_I = result();

    val [major,minor] = goal set_thy
	"[| b : (INT x:A. B(x));  a: A |] ==> b : B(a)";
    by (rtac (major RS InterD) 1);
    by (rtac (minor RS RepFunI) 1);
    val INT_E = result();

ex/ordinal.ML:  (delete subset/Union_upperbound Inter_lowerbound
Un_upperbound1 Un_upperbound2 Int_lowerbound1 Int_lowerbound2)
val [prem] = goal Ord.thy
    "[| !!i. i:A ==> Transset(i) |] ==> Transset(Union(A))";
by (rtac TranssetI 1);
by (etac UnionE 1);
by (rtac subset_trans 1);
by (rtac Union_upper 2);
by (REPEAT (eresolve_tac [asm_rl, prem RS TranssetD] 1));
val Transset_Union = result();

use Un_upper1 RSN (2, subset_trans) and Un_upper2 RSN (2, subset_trans)
ex/ordinal.ML: ORELSE ares_tac [TranssetI, Un_upperbound1, Un_upperbound2] 1));
ex/univ.ML: etac Un_upperbound1 ]);

use Int_lower1 RS subset_trans
ex/wf.ML:by (res_inst_tac [ ("B", "Z") ] (prem1 RS Int_lowerbound1) 1);

func/Pair_mem_PiE could be replaced by the 3 destruct rules domain_type,
range_type, apply_equality?  Note also  fun_is_rel RS subsetD RS SigmaE2

pair: change all (SUM x:A.B(x)) to Sigma(A,B)
should there be destruction rules for SigmaE2??

func: change all (PROD x:A.B(x)) to Pi(A,B)

null set axiom could be deleted; use PrimReplace(Inf, %x y.False)
or {y. x:Inf, False}

**************** HOL ****************

Dependent types
HOL/lemmas/notnotE: replace by notnotD: ~~P ==>  P

install clapc and meson from ~/newisa

**************** LK ****************

Install new LK/resolve from newisa
ruleshell: subst rule for sequents (not formulae)
syntax: True->Trueprop;  change "<SP> to "@; Forall->All; Exists->Ex



**************** CTT ****************

ruleshell/subst rules -- get nicer versions from text/Doc/CTT-rules.txt

resolve/safestep_tac: put in signature.  These tactics don't look very
good.
