Content-Type: text/enriched
Text-Width: 70

Topic: NOTE-7-2
Parent list: (RELEASE-NOTES)
Source: ACL2 Sources


ACL2 Version 7.2 (xx, 20xx) Notes


  NOTE! New users can ignore these release notes, because the
  [documentation] has been updated to reflect all changes that are
  recorded here.


  Below we roughly organize the changes to ACL2 since Version 7.1 into
  the following categories of changes: existing features, new
  features, heuristic and efficiency improvements, bug fixes, changes
  at the system level, Emacs support, and experimental versions. Each
  change is described in just one category, though of course many
  changes could be placed in more than one category.


  See also [note-7-2-books] for a summary of changes made to the ACL2
  Community Books since ACL2 7.1, including the build system.



Changes to Existing Features


  The built-in functions [term-order], merge-sort-term-order, [arity],
  [termp], [term-listp], and [term-list-listp] --- as well as new
  functions arities-okp and plist-worldp-with-formals --- are now
  [guard]-verified in :[logic] mode. (Technical note: This
  enhancement followed the usual process: added community books,
  books/system/merge-sort-term-order.lisp and
  books/system/termp.lisp, included those books in
  books/system/top.lisp, and updated source constant
  *system-verify-guards-alist* accordingly.)


  Deprecated utilities clear-hash-tables and wash-memory have been
  eliminated. For clear-hash-tables, you can get the same effect by
  first invoking [clear-memoize-tables], and then invoking either
  (hons-clear t) or instead, if your executable uses static honsing,
  (hons-wash). For wash-memory you can invoke (clear-memoize-tables)
  and then (hons-wash). Thanks to Jared Davis for helpful
  discussions.


  The [command]s :[ubt] and :[ubu] have been changed. Their previous
  functionality is available with the commands :[ubt?] and :[ubu?],
  respectively. <x-color><param>red3</param>Now, :[ubt] and :[ubu] behave much more like :[ubt!]
  and :[ubu!] (which have not been changed), in that they do not
  cause queries; however, unlike :[ubt!] and :[ubu!], the [command]s
  :[ubt] and :[ubu] do report errors.</x-color> Thanks to Eric Smith for
  requesting this change.


  Now, :[puff*] has an optional argument that can avoid rollback of the
  world when there is an error. See [puff*].


  <x-color><param>red3</param>After invoking :[redef] and redefining functions in a
  [mutual-recursion] event, it was necessary to answer Y repeatedly
  in order to complete the redefinitions. A new option, Y!, will
  complete the remaining such redefinitions without further query.</x-color>
  Thanks to Eric Smith for requesting this feature.


  A harmless but somewhat annoying superfluous declaration (DECLARE
  (XARGS :NON-EXECUTABLE T)) was, by default, included in the
  generated [defun] for a [defun-sk] event. This has been fixed.
  Thanks to Eric Smith for bringing this issue to our attention.


  The [proof-checker] command show-rewrites (or sr; see
  [ACL2-pc::show-rewrites]) now shows additional bindings of free
  variables that would be generated when a third argument of t is
  supplied for the rewrite (or r; see [ACL2-pc::rewrite]) command.
  Thanks to Ben Selfridge for noting that this information was
  missing. Note that we also made a few trivial formatting changes
  for sr.

  The redundancy check for [encapsulate] [events] has changed in two
  small ways. One change is described below (see ``Redundancy
  checking for [encapsulate]''). The other change is the redundancy
  check now properly identifies a previous subsidiary [make-event]
  form with its expansion, ignoreing the record-expansion wrapper.
  See the example labeled ``Redundant after Version_7.1 (as of
  mid-September 2015)'' in community book
  books/make-event/local-elided.lisp.

  A new mechanism for controlling the checking for [invariant-risk]
  replaces the raw Lisp global variable *ignore-invariant-risk*,
  which is obsolete. See [set-check-invariant-risk]. In particular,
  the default is now to print a (new) warning when encoutering
  potential slowdown due to invariant-risk. Note that more functions
  are now subject to the invariant-risk check; see the discussion
  below in the section on Bug Fixes that pertains to invariant-risk.

  The (undocumented) system utility with-ubt!, which continues to be
  used in [trace!] and [disassemble$] and is now also used in
  [set-check-invariant-risk], now binds [ld] special
  [ld-pre-eval-print] to nil. Thus, when with-ubt! is invoked,
  subsidiary forms will not be printed to the screen even when the
  above LD special is non-nil.



New Features


  <x-color><param>red3</param>It is now possible to make ACL2 avoid the well-formedness checks done
  when metafunctions and clause processors are run.</x-color> By default, when
  a metafunction or clause processor is run, ACL2 calls [termp] or
  [term-list-listp], respectively, on the new value to make sure it
  is well-formed. Now, if you prove and provide a
  :[well-formedness-guarantee] with the :meta or :clause-processor
  rule-class, you can skip these checks. This can speed up the use of
  metafunctions and clause processors on big terms and formulas.


  It is now possible to ensure the integrity of statistics produced by
  [memsum] after functions are [memoize]d. See
  [protect-memoize-statistics]. Thanks to Alessandro Coglio for
  noticing oddities in those statistics and to Jared Davis for
  providing an implementation of this new feature.



Heuristic and Efficiency Improvements


  The redundancy check for [defconst] has been sped up in cases with a
  very large term, as in the following example. Thanks to David Rager
  and Jared Davis for helpful related discussions.


    (defun make-tree (n)
      (declare (type (integer 0 *) n))
      (if (zp n)
          nil
        (let ((x (make-tree (1- n))))
          (cons x x))))
    (make-event
    `(defconst *a* (hons-copy ',(make-tree 50))))
    ; Redundant, and formerly very slow:
    (make-event
    `(defconst *a* (hons-copy ',(make-tree 50))))


  Processing of [defpkg] forms may be faster, thanks to a change
  suggested by Jared Davis (who observed significant speedup in
  SBCL).


  <x-color><param>red3</param>Optimizations have been made that can speed up [include-book] for
  some large books</x-color>, as follows. In particular, for the form (time$
  (include-book "centaur/sv/tutorial/alu" :dir :system)) we have seen
  a <x-color><param>red3</param>25%</x-color> reduction (on Mac OS) for the first item below, and an
  additional <x-color><param>red3</param>29%</x-color> reduction (also on Mac OS) for the second item.

    * Various optimizations have been made for [theory] manipulation,
      including some to make processing for efficient for [defund]
      and [defthmd]. Thanks to Sol Swords for bringing this issue to
      our attention in GitHub Issue #401 and for reporting a bug in
      our initial implementation.
    * Redundancy checking for [encapsulate] [events] can be much faster.
      The only functional change (with one small exception, described
      in an item above) is to check for a sub-event of the proposed
      encapsulate event that is attempting to introduce a new name;
      if no such name is found, then the redundancy check is skipped,
      and the proposed encapsulate event is evaluated. This new check
      is quite thorough (see [redundant-encapsulate]), so we expect
      it to be rare that an encapsulate event that was formerly
      redundant is no longer redundant.



Bug Fixes


  It was possible to use :[program] mode functions to write past the
  end of an array, leading to unsoundness. This has been fixed by
  marking updaters for [stobj] array fields as having so-called
  ``invariant-risk'', even (unlike previously) when the element type
  of the array is t (that is, unconstrained), and by also thus
  marking built-in functions [aset1], [aset2],
  extend-32-bit-integer-stack, and aset-32-bit-integer-stack.
  (Technical note: the latter two were already accounted for in
  system constant *boot-strap-invariant-risk-symbols*, but that
  constant had been mishandled by the boot-strap.) See
  [invariant-risk] and see [<x-color><param>red3</param>set-check-invariant-risk</x-color>], which is
  discussed above in the section Changes to Existing Features. Thanks
  to Jared Davis and Sol Swords for sending an example to illustrate
  the bug.

  When ACL2 was interrupted while debugging was on (see
  [set-debugger-enable]), it was possible later to get the following
  error repeatedly:


    HARD ACL2 ERROR in TIME-TRACKER:  It is illegal to specify :START for
    tag :TAU, because tracking for this tag is already in an active state.


  This problem has been fixed, by defining a new keyword argument for
  [time-tracker], :start!, and using it to track the use of the
  [tau-system]; see [time-tracker] and [time-tracker-tau].


  ACL2 would cause an error at startup when the value of environment
  variable ACL2_SYSTEM_BOOKS was a string starting with the tilde
  character (~). This has been fixed. Thanks to Shilpi Goel and
  Warren Hunt for bringing this bug to our attention.


  (GCL only) It had not been possible to define a [stobj] with more
  than 64 fields in GCL. We have removed that restriction. (Technical
  note: GCL disallows calls of the function, vector, with more than
  64 arguments. So instead we now build a list of stobj fields that
  is coerced to a vector, rather than calling vector directly.)


  Fixed [deftheory-static] by declaring the [world] to be ignorable,
  thus avoiding errors for forms that don't reference the world.
  Thanks to Jared Davis for pointing out this bug with the example,
  (deftheory-static my-theory '(car-cons)).


  Fixed a bug that was causing the hiding-cars component of the
  [ld-evisc-tuple] to be ignored when printing evaluation results.


  We avoid an error in the case that [skip-proofs] is used around a
  definition with no tests above a recursive call, as in the
  following example.


    (skip-proofs (defun foo (x)
                  (declare (xargs :measure (acl2-count x)))
                  (identity
                   (cond ((zp x) 17)
                         (t (foo (1- x)))))))


  Thanks to Dave Greve for bringing this bug to our attention. Note
  that such a definitional event may be unsound (not surprisingly,
  because of the use of skip-proofs). For example, the following form
  succeeds: (thm nil :hints (("Goal" :induct (foo x)))).


  <x-color><param>red3</param>Several improvements have been made to avoid errors in the execution
  of :[puff] and :[puff*].</x-color> Thanks to Eric Smith for reporting this
  issue. (Technical implementation note: a bug in source function
  find-longest-common-retraction1-event, used in reverting logical
  [world]s, was fixed in support of this work.)


  When the [default-defun-mode] was :[logic], then a [mutual-recursion]
  form with [xargs] declaration of :[program] mode, which also had
  one or more [defund] [events], would cause a error when attempting
  to [disable] new function symbols after admitting their
  definitions. This has been fixed. Thanks to Jared Davis for
  bringing this bug to our attention (GitHub Issue #464).



Changes at the System Level


  (CCL only) Starting with CCL Version 16384, EGC (the ephemeral
  garbage collector) is enabled in ACL2 by default, in place of a
  ``start-sol-gc'' memory management scheme, but with some of the
  delay in full garbage collection that had been provided by that
  scheme. That scheme is still available to users, under a different
  name and inside the ACL2 loop; see [set-gc-strategy]. (Note that
  both set-gc-strategy and gc-strategy have been added to
  [*ACL2-exports*].) Thanks to Gary Byers for CCL improvements
  leading to this change, and to him, Bob Boyer, Jared Davis, and Sol
  Swords for helpful discussions. The default behavior can be
  restored to the previous behavior at ACL2 build time, by setting
  Make variable ACL2_EGC_ON=nil when building an ACL2 executable.


  <x-color><param>red3</param>A new mechanism allows importing of theorems into the ACL2 source
  code, thus extending the existing mechanism for importing
  termination and guard verification for system functions</x-color> (see the
  item above about [term-order], merge-sort-term-order, and so on).
  Using this mechanism, some theorems have been imported from a new
  community book, books/system/termp.lisp. (For an example of how
  ACL2 developers use this mechanism, see the call of system-events
  in ACL2 source file boot-strap-pass-2.lisp.)


  Remaining traces of legacy documentation have been eliminated.


  File GNUmakefile in the (top-level) ACL2 sources directory now sets
  environment variable TIME_CERT so that regressions will generate
  timing information.



EMACS Support


  We fixed a bug in the [ACL2-doc] command, S (command
  acl2-doc-re-search).



Experimental Versions


  Fixed some interleaved output that could appear with
  [waterfall-parallelism] enabled. Thanks to Eric Smith for reporting
  this problem and to David Rager for a helpful chat.



Subtopics


  [Note-7-2-books]
      Release notes for the ACL2 Community Books for ACL2 7.2 (xx 20xx)

