Tutorial Description. ACL2 (“A Computational Logic for Applicative Common Lisp”) is both a programming language in which you can model computer systems. ACL2’s logic is constructed on top of a real programming language, Common Lisp, and supports a wide variety of. David Hardin’s current a liation: Ajile Systems. PDF | We describe a tutorial that demonstrates the use of the ACL2 theorem prover. We have three goals: to enable a motivated reader to start.

Author: Arabar Faukree
Country: Ukraine
Language: English (Spanish)
Genre: Automotive
Published (Last): 18 February 2014
Pages: 38
PDF File Size: 18.67 Mb
ePub File Size: 11.93 Mb
ISBN: 694-4-93872-936-2
Downloads: 17685
Price: Free* [*Free Regsitration Required]
Uploader: Negul

It can be installed using the raco command line utility.

In this case, it fails all cases, but it might help you to diagnose the problem if only some of the cases fail too. Dracula has been used to teach a first-year undergraduate logic course at Northeastern University. Keep reading below for installation instructions, and check out the links on the left for tutorials, examples, and bug report instructions. Guards are restrictions on what values a function will take; in this case, endp xs expects a list, and we gave it a number.

ttutorial Now, what if xs is not empty? If it fails, it instead turns red, an ‘x’ is shown, and the details pane opens up to show you the error message you received. So we need to put 1 at the end of the reversed list.


Essentially, the REPL will execute any code you type in the text field on bottom the “prompt” and show the result in the log above.

Introduction to Proof Pad

On Windows, this utility is in the directory where Racket is installed; on Mac or Unix, it is in the bin subdirectory. To run the test, just paste it into the definitions area. To do this, we need to write a property-style test. If the Dracula language or its documentation does not get installed correctly, try running the following command to fix it: In this case, our test as written will fail.

This means that the function call executed without errors. The first case is when the argument, xsis empty or nil. You instantly see the result, which is 5 4 3 2 1. The proof bar handles this for you. Dracula is available as a Racket package.

Proof Pad: Introduction

The reverse of an empty list is just an empty list: To define and edit functions, use the Definitions window. There are a couple of things to note at this point.

They only test the types of values that you generate, and you might have a bug that impacts only a small subset of cases, which means the generated test cases are unlikely to expose the bug. Define reverse reverse xs is a built-in function that takes a list and returns a list with all of the elements in the opposite order.


It will run, and if it passes, a green bar will appear to the left of the test. It generates values called xsusing the random-integer-list generator.

We can just use rev rest xs to reverse the rest of the list, but what do we do with first xs? Once you’ve admitted some code to the ACL2 logic which can take some time for complex functions or theoremsthe proof bar turns green next to the form or forms that were tutogial.

A doublecheck test has three parts: The intent of this is to let you test your functions in the REPL, even if they aren’t carefully written enough in the way ACL2 expects to be used in: In order to correct this, we need to add a hypothesis to our property: This way, ACL2 will know to only concern itself with values that satisfy true-listp — values that are lists.

You may now restart ACL2 if desired. This simply means that the code was executed by ACL2 without any problems. This automatic admission occurs in: