Major Section: RELEASE-NOTES
Also see note-2-9-1 and see note-2-9-2 for other changes since the last non-incremental release (Version_2.9).
We fixed a soundness bug that exploited the ability to define
program mode functions that are improperly guarded, and then to
use those functions in
defconst forms. The fix is to evaluate
defconst forms using the same ``safe-mode'' that is used in
macroexpansion (see guards-and-evaluation). Here is a proof of
succeeded in Allegro Common Lisp (but not, for example, GCL). See also a
long comment in source function
defconst-fn for an example that does not
require the use of
:set-guard-checking nil ; execute before certifying the book below
(encapsulate () (local (defun f1 () (declare (xargs :mode :program)) (char-upcase (code-char 224)))) (local (defconst *b* (f1))) (defun f1 () (char-upcase (code-char 224))) (defconst *b* (f1)) (defthm bad (not (equal *b* (code-char 224))) :rule-classes nil))
(defthm ouch nil :hints (("Goal" :use bad)) :rule-classes nil)
We fixed a soundness hole due to the fact that the "LISP" package does not
exist in OpenMCL. We now explicitly disallow this package name as an
defpkg. Thanks to Bob Boyer and Warren Hunt for bringing
an issue to our attention that led to this fix.
ACL2 now requires all package names to consist of standard characters (see standard-char-p, none of which is lower case. The reason is that we have seen at least one lisp implementation that does not handle lower case package names correctly. Consider for example the following raw lisp log (some newlines omitted).
>(make-package "foo") #<"foo" package> >(package-name (symbol-package 'FOO::A)) "foo" >(package-name (symbol-package '|FOO|::A)) "foo" >Distributed book
books/textbook/chap10/compiler, as well as workshop books in directory
books/workshops/2004/cowles-gamboa/support/, were modified to accommodate the above change.
*acl2-exports*. Thanks to Jared Davis for bringing these to our
Added a line to
acl2.lisp to support CMUCL running on Mac OSX, thanks to
a suggestion from Fabricio Chalub Barbosa do Rosario.
The executable scripts for saved ACL2 images now include
$*, so that
command-line arguments will be passed along.
(For GCL profiling only) Fixed a colon (
:) that should have been a
;) in file
save-gprof.lsp. Thanks to David Hardin for
pointing out this bug.
The documentation for
elim rules has been expanded and improved,
thanks to useful feedback from Hanbing Liu.
Fixed a bug in the guard for function
For those who want to experiment with an alternate implementation of
mv-let, there is now support for under-the-hood implementation of
these in terms of raw Lisp functions
respectively. The regression suite has seen about a 10% speed-up in Allegro
CL and about an 8% slowdown in GCL for builds with this change. See the
GNUmakefile) for examples of how to build ACL2 by including the
:acl2-mv-as-values. Source file
init.lsp has been renamed
init.lisp in support of this change (technical detail: otherwise GCL
loads the init file too soon, before its
-eval argument is evaluated).
Thanks to David Rager for inspiring this change, by pointing out the
problematic use of globals by the existing
mv implementation from the
standpoint of supporting parallel evaluation. This capability is
experimental: there is likely to be some remaining work to be done on it.
A change related to the one just above is that we now limit the maximum
number of arguments to any call of
mv to 32. Thanks to Bob Boyer for
raising a question that lead to this change.
Eliminated some compiler warnings in OpenMCL.
In the rtl library (
have had their guards improved (as they had been too restrictive,
A new function
time$ permits timing of forms, by using (under the hood)
the host Common Lisp's
We fixed an infinite loop that could occur during destructor elimination (see elim). Thanks to Sol Swords to bringing this to our attention and sending a nice example, and to Doug Harper for sending a second example that we also found useful.
The method of speeding up GCL-based builds (see note-2-9-2) has changed
slightly from Version_2.9.2. Now, in the
LISP='gcl -eval "(defparameter user::*fast-acl2-gcl-build* t)"
We improved the pretty-printer's handling of keywords. For example, before this change one might see the following printed by ACL2.
(MODIFY TH S :KEY1 VAL1 :KEY2 (IF (IF X Y Z) AAAAAAAAAA BBBBBBB))Now, the above might print as follows. Notice that we have avoided breaking after a keyword (see keywordp) that is preceded by other forms on the same line.
(MODIFY TH S :KEY1 VAL1 :KEY2 (IF (IF X Y Z) AAAAAAAAAA BBBBBBB))See note-2-9-3-ppr-change for a detailed discussion of this change.
(GCL ONLY) Evaluation in a break is no longer inhibited by ACL2 when built on top of GCL, so GCL now matches other Common Lisps in this respect.
For ACL2 built on most host Common Lisps, you will see the string
[RAW LISP] in the prompt, at least at a break, to emphasize
that one is inside a break and hence should probably quit from the
break. See breaks.
Jared Davis suggested improvements to lemmas
len-update-nth (in source
books/meta/term-defuns.lisp), which have been incorporated. The former
required a change in
2004/ruiz-et-al/support/q-dag-unification.cert, which has been made.
The proof-checker command
rewrite allows further binding of free
variables in hypotheses, with new optional argument
sr) gives corresponding
additional information. Documentation for these commands has been improved;
see proof-checker-commands. Thanks to John Matthews and Bill Young for
suggestions and feedback leading to these improvements.
Fixed downcase printing so that the package name of a symbol is also
downcased. For example, after execution of
(defpkg "FOO" nil) and
'foo::ab will print back as the
same, rather than as
It is now possible to control the output so that numbers are printed in
binary, octal, or hex, though the default is still radix 10.
See set-acl2-print-base. Note that in support of this change, built-in
explode-atom now take an
print-base argument. Different support for radix conversion may be
found in a book newly contributed by Jun Sawada,
car-cdr-elim is now only an
elim rule. It was
formerly both an
:elim rule and a
rewrite rule. A new rule,
cons-car-cdr, takes the place of the old
:rewrite rule, but is
instead a hypothesis-free rule that can cause a case split (see source file
axioms.lisp). Thanks to Jared Davis for suggesting this change.
alphorder-total) are now available.
(They had been
local in source file
axioms.lisp.) Thanks to Serita
Nelesen for bringing this issue to our attention.
ACL2 has, for some time, printed a space in the event summary after the open
parenthesis for a
defthm event, in order to ease backward searching for
the original form, for example
(defthm bar ...):
Form: ( DEFTHM BAR ...)The intention was that this extra space should be printed for every event form; but it was missing in some cases, for example, for
verify-guards. This has been fixed.
In analogy to
ld takes the (optional) keyword
:dir. Thanks to Jared Davis for providing an implementation of
this feature and to Eric Smith and Jeff Marshall for requesting this feature.
We fixed a bug in
include-book that could cause an error when
redefinition is on, for example:
(set-ld-redefinition-action '(:warn! . :overwrite) state) (include-book "/u/acl2/books/arithmetic/top")
The behavior of
include-book now matches the documentation: handling of
compiled files for uncertified books will follow the same rules as for
certified books. In particular, if you create an object file in raw Lisp for
some book, then including that book will load that object file. Thanks to
Jared Davis for bringing this issue to our attention.
New documentation explains the interaction of redefinition and redundancy. See redundant-events -- the ``Note About Unfortunate Redundancies'' is new. Thanks to Grant Passmore for providing examples that led us to write this additional documentation.
Solutions to exercises in ``How To Prove Theorems Formally''
now available in distributed book
Also in that directory may be found a new book
hanoi.lisp that contains a
solution to the Towers of Hanoi problem.