• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
      • Theories
      • Rule-classes
      • Proof-builder
      • Recursion-and-induction
      • Hons-and-memoization
      • Events
      • Parallelism
      • History
      • Programming
        • Defun
        • Declare
        • System-utilities
        • Stobj
        • State
          • World
          • Io
          • Wormhole
          • Programming-with-state
            • Error-triple
            • Cbd
            • State-global-let*
            • Last-prover-steps
            • @
            • Assign
            • Read-run-time
            • Canonical-pathname
            • F-put-global
            • Unsound-eval
              • Setenv$
              • Er-progn
              • Read-ACL2-oracle
              • With-live-state
              • F-get-global
              • Getenv$
              • Pprogn
              • Get-real-time
              • Makunbound-global
              • Get-cpu-time
              • F-boundp-global
              • Probe-file
            • W
            • Set-state-ok
            • Random$
          • Mutual-recursion
          • Memoize
          • Mbe
          • Io
          • Defpkg
          • Apply$
          • Loop$
          • Programming-with-state
            • Error-triple
            • Cbd
            • State-global-let*
            • Last-prover-steps
            • @
            • Assign
            • Read-run-time
            • Canonical-pathname
            • F-put-global
            • Unsound-eval
              • Setenv$
              • Er-progn
              • Read-ACL2-oracle
              • With-live-state
              • F-get-global
              • Getenv$
              • Pprogn
              • Get-real-time
              • Makunbound-global
              • Get-cpu-time
              • F-boundp-global
              • Probe-file
            • Arrays
            • Characters
            • Time$
            • Defmacro
            • Loop$-primer
            • Fast-alists
            • Defconst
            • Evaluation
            • Guard
            • Equality-variants
            • Compilation
            • Hons
            • ACL2-built-ins
            • Developers-guide
            • System-attachments
            • Advanced-features
            • Set-check-invariant-risk
            • Numbers
            • Efficiency
            • Irrelevant-formals
            • Introduction-to-programming-in-ACL2-for-those-who-know-lisp
            • Redefining-programs
            • Lists
            • Invariant-risk
            • Errors
            • Defabbrev
            • Conses
            • Alists
            • Set-register-invariant-risk
            • Strings
            • Program-wrapper
            • Get-internal-time
            • Basics
            • Packages
            • Oracle-eval
            • Defmacro-untouchable
            • <<
            • Primitive
            • Revert-world
            • Unmemoize
            • Set-duplicate-keys-action
            • Symbols
            • Def-list-constructor
            • Easy-simplify-term
            • Defiteration
            • Fake-oracle-eval
            • Defopen
            • Sleep
          • Operational-semantics
          • Real
          • Start-here
          • Debugging
          • Miscellaneous
          • Output-controls
          • Macros
          • Interfacing-tools
        • Interfacing-tools
        • Hardware-verification
        • Software-verification
        • Math
        • Testing-utilities
      • Interfacing-tools
      • Programming-with-state

      Unsound-eval

      A somewhat robust evaluator.

      Signature
      (unsound-eval sexpr &key (state 'state)) 
  → 
(mv errmsg values state)
      Arguments
      sexpr — An s-expression to evaluate, typically this should be a well-formed ACL2 form without guard violations, etc. It may mention stobjs.
      Returns
      errmsg — An error msg on failure, or nil on success. Note that this message is likely to be very terse/unhelpful when evaluating sexpr causes any ACL2 error.
      values — The list of return values from evaluating sexpr, with stobjs elided with their names.
      state — Type (state-p1 state), given (state-p1 state).

      In the logic, this is implemented as oracle reads, so you can't prove anything about what it returns. Even so, it is generally unsound since it lets you to modify state and other stobjs without accounting for how they have been modified.

      In the execution, we basically call ACL2's trans-eval function (technically: trans-eval-no-warning). But we wrap up the call in some error handlers so that, e.g., guard violations and er calls can be trapped and returned as error messages. Unfortunately these error messages are not very informative—they will just say something like ACL2 Halted instead of explaining the problem.

      Definitions and Theorems

      Function: unsound-eval-fn

      (defun unsound-eval-fn (sexpr state)
  (declare (xargs :stobjs (state)))
  (declare (ignorable sexpr))
  (declare (xargs :guard t))
  (let ((__function__ 'unsound-eval))
    (declare (ignorable __function__))
    (b* ((- (raise "Raw lisp definition not installed?"))
         ((mv err1 errmsg? state)
          (read-acl2-oracle state))
         ((mv err2 values state)
          (read-acl2-oracle state))
         ((when (or err1 err2))
          (mv (msg "Reading oracle failed.")
              nil state))
         ((when errmsg?) (mv errmsg? nil state)))
      (mv nil values state))))

      Theorem: state-p1-of-unsound-eval.state

      (defthm state-p1-of-unsound-eval.state
  (implies (state-p1 state)
           (b* (((mv ?errmsg common-lisp::?values ?state)
                 (unsound-eval-fn sexpr state)))
             (state-p1 state)))
  :rule-classes :rewrite)