proof: expose helper-return assign bridge catalog witness#2095
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Bugbot couldn't run - usage limit reachedBugbot is counted against Cursor usage for this user or team, and this run hit a usage or spend limit. A user or team admin can review and increase usage limits in the Cursor dashboard. (requestId: serverGenReqId_356d802d-823f-443f-aa6b-d319a2438bb5) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Advances #2080 for the helper-return-binding surface after #2090.
This PR keeps the existing
StmtListDirectInternalHelperAssignStepInterfacebridge witnesses and adds a function-body-level assembly theorem:stmtListDirectInternalHelperAssignStepInterface_of_perCalleeAssignBridgeCatalogThe new theorem converts the rank-induction-oriented
DirectInternalHelperPerCalleeAssignBridgeCataloginto the statement-list assign interface forfn.body, reusing the existing per-callee bridge and helper-call-name seam. It does not weaken supported fragments, helper-surface gates, compiler behavior, or CI checks.Notes
The helper-return-binding witness is non-vacuous at the interface layer: it consumes
DirectInternalHelperAssignHeadStepBridge, which compilesStmt.internalCallAssigninto the YulletManyhelper call and carries the exact source/IR execution bridge.The proof is still parameterized by the assign-head bridge. Closing that bridge directly from helper summaries remains blocked on the same architectural API gap noted in the file: a compiled-helper execution summary lemma connecting
execIRInternalFunctionWithInternals/evalIRCallWithInternalstoInternalHelperSummaryContract.postfor the helper body.This PR intentionally does not remove
SupportedStmtList.helperSurfaceClosedor the unsupported-helper-surface gate; expression-position helper calls and structural helper recursion remain open parts of #2080.Validation
lean-slot lake build Compiler.Proofs.HelperStepProofspassed. Spark offload rejected this mission worktree path with HTTP 403, solean-slotbuilt locally.python3 scripts/generate_print_axioms.py --checkpassed.python3 scripts/lean_lint.py --only proof_lengthpassed.rg -n "\\b(sorry|admit|axiom)\\b" Compiler/Proofs/HelperStepProofs.lean; test $? -eq 1passed.make checkpassed: 607 Python tests, all checks passed.lean-slot make verifypassed before the final rebase. Spark offload rejected this mission worktree path with HTTP 403, solean-slotbuilt locally.Note
Low Risk
Pure Lean proof scaffolding with no compiler, fragment, or runtime changes; the assign-head bridge remains an explicit parameter.
Overview
Adds
stmtListDirectInternalHelperAssignStepInterface_of_perCalleeAssignBridgeCatalog, which turns aDirectInternalHelperPerCalleeAssignBridgeCatalog(the rank-decreasing helper-summary assign inventory) intoStmtListDirectInternalHelperAssignStepInterfaceforfn.body, by reusing the existing per-statement-list assign bridge assembly and mappinghelperCallNamesmembership to catalogassignentries.Documentation in the direct helper-return-binding section is tightened to name the assign-head bridge as the remaining semantic seam; the
cons_internalCallAssignproof is slightly simplified.PrintAxioms.leanregisters the new public theorem.Reviewed by Cursor Bugbot for commit 208d625. Bugbot is set up for automated code reviews on this repo. Configure here.