Tutorial Description. ACL2 (“A Computational Logic for Applicative Common Lisp”) is both a programming language in which you can model computer systems. ACL2’s logic is constructed on top of a real programming language, Common Lisp, and supports a wide variety of. David Hardin’s current a liation: Ajile Systems. PDF | We describe a tutorial that demonstrates the use of the ACL2 theorem prover. We have three goals: to enable a motivated reader to start.

Author: Tutaxe Grogore
Country: Central African Republic
Language: English (Spanish)
Genre: Politics
Published (Last): 27 August 2005
Pages: 107
PDF File Size: 1.69 Mb
ePub File Size: 4.24 Mb
ISBN: 192-8-50593-124-8
Downloads: 15193
Price: Free* [*Free Regsitration Required]
Uploader: Taujas

If everything has been entered correctly, ACL2 will succeed, and the bar will turn dark green with a checkmarkindicating that the property has been proven correct.

You may also enter definitions into the Interactions Window if you want to test something on the fly.

This page provides instructions for downloading the software, working in Racket’s ACL2 language, writing interactive graphical programs, and for reporting bugs. The REPL is a good place to test the functions you write in the definitions area, or just to get a sense of how to use a certain function or feature. They only test the types of values that you generate, and you might have a bug that impacts only a small subset of cases, which means the generated test cases are unlikely to expose the bug.

You will probably want to admit these functions to ACL2’s: Dracula The objective of the “Dracula” project is to provide a programming environment for the ACL2 language and theorem prover. The intent of this is to let you test your functions in the REPL, even if they aren’t carefully written enough in the way ACL2 expects to be used in: In order to define a recursive function in ACL2, we need to think about what it would return in a couple of different cases.


It generates values called xsusing the random-integer-list generator. The first case is when the argument, xsis empty or nil.

Tutorial: reverse of reverse

So we need to put 1 at the end of the reversed list. You can see that this makes the test fail.

Try admitting your sum function from before. Running Dracula Start DrRacket.

And what we want for the whole list is list 5 4 3 2 1. The whole file so far is: First, the ‘3’ has a checkmark with a green background next to it. After we split it up into two parts, 1 and list 2 3 4 5we can reverse the list part to get list 5 4 3 2. This simply means that the code was executed by ACL2 without any problems. This means that the function call executed without errors. One property we can test with DoubleCheck is that reversing a list twice gives you the same list you started with.

The definitions area is where you write your functions, theorems, and other state-altering expressions. To install Dracula using this utility, execute: Define reverse reverse xs is a built-in function that takes a list and returns a list with all of the elements in the opposite order.

Proof Pad: Introduction

To define and edit functions, use the Definitions window. Dracula is available as a Racket package.


Finally, we have the body: Try changing the nil in the definition of rev above to something else, like 1. You can read more about ACL2’s two modes herethough this is strictly optional reading; you don’t need to have an intimate understanding of this for Proof Pad, since it abstracts these parts away for you.

The proof bar handles this for you. Download and install from the Racket site.

To do this, we need to write a property-style test. Essentially, the REPL will execute any code you type in the text field on bottom the “prompt” and afl2 the result in the log above.

The name of the test is rev-rev-test. Once you’ve admitted some code to the ACL2 logic which can take some time for complex functions or theoremsthe proof bar turns green next to the form or forms that were admitted. This way, ACL2 will know to only concern itself with values that satisfy true-listp — values that are lists. In this case, it fails all cases, but it might help you to diagnose the problem if only some of the cases fail too. We could write some more check-expect style tests, but they can only get us so far.

Keep reading below for installation instructions, and check out the links on the left for tutorials, examples, and titorial report instructions.