feat: add SMT-LIB overflow definitions for bitvectors (not_overflow,uadd_overflow,sadd_overflow,umul_overflow,smul_overflow)
#42
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This PR an issue introduced by the `[grind _=_]` attribute.
This PR adds additional tests for `grind`, demonstrating that we can automate some manual proofs from Mathlib's basic category theory library, with less reliance on Mathlib's `@[reassoc]` trick. In several places I've added bidirectional patterns for equational lemmas. I've updated some other files to use the new `@[grind_eq]` attribute (but left as is all cases where we are inspecting the info messages from `grind_pattern`). --------- Co-authored-by: Leonardo de Moura <leomoura@amazon.com>
This PR adds propagators for implication to the `grind` tactic. It also disables the normalization rule: `(p → q) = (¬ p ∨ q)`
This PR continues aligning `Array` and `Vector` lemmas with `List`, working on `fold` and `map` operations.
This PR adds a basic case-splitting strategy for the `grind` tactic. We still need to add support for user customization.
This PR should prevent Lake from accidentally picking up other linkers installed on the machine.
This PR fixes some typos and makes minor improvements to grind doc-strings and messages.
This PR adds support for erasing the `[grind]` attribute used to mark theorems for heuristic instantiation in the `grind` tactic.
…tic (leanprover#6567) This PR adds support for erasing the `[grind]` attribute used to mark theorems for heuristic instantiation in the `grind` tactic.
…over#6568) This PR adds basic support for cast-like operators to the grind tactic. Example: ```lean example (α : Type) (β : Type) (a₁ a₂ : α) (b₁ b₂ : β) (h₁ : α = β) (h₂ : h₁ ▸ a₁ = b₁) (h₃ : a₁ = a₂) (h₄ : b₁ = b₂) : HEq a₂ b₂ := by grind ```
This PR adds the subtraction equivalents for `Int.emod_add_emod` (`(a % n + b) % n = (a + b) % n`) and `Int.add_emod_emod` (`(a + b % n) % n = (a + b) % n`). These are marked @[simp] like their addition equivalents. Discussed on Zulip in https://leanprover.zulipchat.com/#narrow/channel/270676-lean4/topic/Adding.20some.20sub_emod.20lemmas.20to.20DivModLemmas
This PR modifies the `induction`/`cases` syntax so that the `with` clause does not need to be followed by any alternatives. This improves friendliness of these tactics, since this lets them surface the names of the missing alternatives: ```lean example (n : Nat) : True := by induction n with /- ~~~~ alternative 'zero' has not been provided alternative 'succ' has not been provided -/ ``` Related to issue leanprover#3555
This PR completes the toNat/Int/Fin family for `shiftLeft`.
…leanprover#6177) This PR implements `BitVec.*_fill`. We also add `toInt_allOnes` and `toFin_allOnes` as the former is needed here. This completes the allOnes API.
…6569) This PR adds support for case splitting on `match`-expressions in `grind`. We still need to add support for resolving the antecedents of `match`-conditional equations.
…leanprover#6565) This PR fixes the location of the error emitted when the `rintro` and `intro` tactics cannot introduce the requested number of binders. This patch adds a few `withRef` wrappers to invocations of `MVarId.intro` to fix error locations. Perhaps `MVarId.intro` should take a syntax object to set the location itself in the future; however there are a couple other call sites which would need non-trivial fixup. Closes leanprover#5659.
This PR speeds up JSON serialisation by using a lookup table to check whether a string needs to be escaped. The approach is based on https://byroot.github.io/ruby/json/2024/12/15/optimizing-ruby-json-part-1.html.
This PR actually prevents Lake from accidentally picking up other toolchains installed on the machine. Fixes regression introduced in leanprover#6176
This PR ensures tactics are evaluated incrementally in the body of `classical`.
This PR fixes and improves the propagator for forall-expressions in the `grind` tactic. --------- Co-authored-by: Kim Morrison <kim@tqft.net>
…anprover#6581) This PR adds the following configuration options to `Grind.Config`: `splitIte`, `splitMatch`, and `splitIndPred`.
This PR adds support for creating local E-matching theorems for universal propositions known to be true. It allows `grind` to automatically solve examples such as: ```lean example (b : List α) (p : α → Prop) (h₁ : ∀ a ∈ b, p a) (h₂ : ∃ a ∈ b, ¬p a) : False := by grind ```
…#6584) This PR adds helper theorems to implement offset constraints in grind.
This PR fixes a bug in the `grind` canonicalizer.
This PR continues aligning `List/Array/Vector` lemmas, finishing up lemmas about `map`.
This PR continues aligning `List/Array` lemmas, finishing `filter` and `filterMap`.
This PR improves the `grind` canonicalizer diagnostics. --------- Co-authored-by: Kim Morrison <scott.morrison@gmail.com>
This PR adds less-than and less-than-or-equal-to relations to `UInt32`, consistent with the other `UIntN` types.
This PR implements `Std.Net.Addr` which contains structures around IP and socket addresses. While we could implement our own parser instead of going through the `addr_in`/`addr_in6` route we will need to implement these conversions to make proper system calls anyway. Hence this is likely the approach with the least amount of non trivial code overall. The only thing I am uncertain about is whether `ofString` should return `Option` or `Except`, unfortunately `libuv` doesn't hand out error messages on IP parsing.
This PR adds a `toFin` and `msb` lemma for unsigned bitvector division. We *don't* have `toInt_udiv`, since the only truly general statement we can make does no better than unfolding the definition, and it's not uncontroversially clear how to unfold `toInt` (see `toInt_eq_msb_cond`/`toInt_eq_toNat_cond`/`toInt_eq_toNat_bmod` for a few options currently provided). Instead, we do have `toInt_udiv_of_msb` that's able to provide a more meaningful rewrite given an extra side-condition (that `x.msb = false`). This PR also upstreams a minor `Nat` theorem (`Nat.div_le_div_left`) needed for the above from Mathlib. --------- Co-authored-by: Kim Morrison <scott@tqft.net>
… types (leanprover#6587) This PR adds decidable instances for the `LE` and `LT` instances for the `Offset` types defined in `Std.Time`.
…nprover#6347) This PR adds `BitVec.toNat_rotateLeft` and `BitVec.toNat_rotateLeft`. --------- Co-authored-by: Kim Morrison <scott@tqft.net>
This PR adds a `toFin` and `msb` lemma for unsigned bitvector modulus. Similar to leanprover#6402, we don't provide a general `toInt_umod` lemmas, but instead choose to provide more specialized rewrites, with extra side-conditions. --------- Co-authored-by: Kim Morrison <scott@tqft.net>
…prover#6599) The FFI description didn't mention Int or signed integers. This PR adds `Int` and signed integers to the FFI document.
Users have requested toolchain tags on `lean4-cli`, so let's add it to the release checklist to make sure these get added regularly. Previously, `lean4-cli` has used more complicated tags, but going forward we're going to just use the simple `v4.16.0` style tags, with no repository-specific versioning. --------- Co-authored-by: Markus Himmel <markus@lean-fro.org>
This PR fixes a bug in the pattern selection in the `grind`.
This PR adds support for case-splitting on `<->` (and `@Eq Prop`) in the `grind` tactic.
This PR fixes a bug in the `simp_arith` tactic. See new test.
This PR improves the case-split heuristic used in grind, prioritizing case-splits with fewer cases.
This PR fixes a bug in the `grind` core module responsible for merging equivalence classes and propagating constraints.
This PR fixes one of the sanity check tests used in `grind`.
This PR adds lemmas about `Array.append`, improving alignment with the `List` API.
This PR improves the case split heuristic used in the `grind` tactic, ensuring it now avoids unnecessary case-splits on `Iff`.
This PR improves the usability of the `[grind =]` attribute by
automatically handling
forbidden pattern symbols. For example, consider the following theorem
tagged with this attribute:
```
getLast?_eq_some_iff {xs : List α} {a : α} : xs.getLast? = some a ↔ ∃ ys, xs = ys ++ [a]
```
Here, the selected pattern is `xs.getLast? = some a`, but `Eq` is a
forbidden pattern symbol.
Instead of producing an error, this function converts the pattern into a
multi-pattern,
allowing the attribute to be used conveniently.
This PR allows the dot ident notation to resolve to the current definition, or to any of the other definitions in the same mutual block. Existing code that uses dot ident notation may need to have `nonrec` added if the ident has the same name as the definition. Closes leanprover#6601
) This PR implements support for offset constraints in the `grind` tactic. Several features are still missing, such as constraint propagation and support for offset equalities, but `grind` can already solve examples like the following: ```lean example (a b c : Nat) : a ≤ b → b + 2 ≤ c → a + 1 ≤ c := by grind example (a b c : Nat) : a ≤ b → b ≤ c → a ≤ c := by grind example (a b c : Nat) : a + 1 ≤ b → b + 1 ≤ c → a + 2 ≤ c := by grind example (a b c : Nat) : a + 1 ≤ b → b + 1 ≤ c → a + 1 ≤ c := by grind example (a b c : Nat) : a + 1 ≤ b → b ≤ c + 2 → a ≤ c + 1 := by grind example (a b c : Nat) : a + 2 ≤ b → b ≤ c + 2 → a ≤ c := by grind ``` --------- Co-authored-by: Kim Morrison <scott.morrison@gmail.com>
This PR adds two auxiliary functions `mkEqTrueCore` and `mkOfEqTrueCore` that avoid redundant proof terms in proofs produced by `grind`.
Tests using `logInfo` were taking an additional two seconds on my machine. This is a performance issue with the old code generator, where we spend all this time specializing the logging functions for `GoalM`. I have not checked whether the new code generator is also affected by this performance issue. Here is a small example that exposes the issue: ```lean import Lean set_option profiler true open Lean Meta Grind in def test (e : Expr): GoalM Unit := do logInfo e ``` cc @zwarich
…er#6617) This PR completes alignment of `List`/`Array`/`Vector` `append` lemmas.
This PR updates the commit conventions documentation to describe the new changelog conventions, and adds brief documentation of integrated Mathlib CI, with a link for further explanation.
…eanprover#6618) This PR implements exhaustive offset constraint propagation in the `grind` tactic. This enhancement minimizes the number of case splits performed by `grind`. For instance, it can solve the following example without performing any case splits: ```lean example (p q r s : Prop) (a b : Nat) : (a + 1 ≤ c ↔ p) → (a + 2 ≤ c ↔ s) → (a ≤ c ↔ q) → (a ≤ c + 4 ↔ r) → a ≤ b → b + 2 ≤ c → p ∧ q ∧ r ∧ s := by grind (splits := 0) ``` TODO: support for equational offset constraints.
This PR fixes the indentation of nested traces nodes in the info view.  Fixes leanprover#6389
This PR fixes the `Repr` instance of the `Timestamp` type and changes the `PlainTime` type so that it always represents a clock time that may be a leap second. - Fix timestamp `Repr`. - The `PlainTime` type now always represents a clock time that may be a leap second. - Changed `readlink -f` to `IO.FS.realPath` --------- Co-authored-by: Mac Malone <tydeu@hatpress.net> Co-authored-by: Markus Himmel <markus@himmel-villmar.de>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds SMT-LIB operators to detect overflow (
not_overflow,uadd_overflow,sadd_overflow,umul_overflow,smul_overflow), according to the definitions here.