max/crosslang
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
crosslang/TsmLean/Compile/Source.lean
Maximus Gorog ec65229050 Extend source-to-TSM compiler with addition (v0.2). 
Source.Expr now has intLit and add. Compile and correctness theorem
both extend.

The add case of compile_correct exercises the compositional structure:
  - IH on e1 (with extended suffix) gives the multistep for the first
    operand's evaluation.
  - IH on e2 (with extended prefix) gives the multistep for the second.
  - A single .add step at the boundary closes the trace.
  - Each intermediate state's PC is computed via array-size arithmetic
    threaded through omega.

New supporting lemmas:
  step_add               - per-instruction step for .add
  compile_add_get_op     - the instruction at the end of compile (.add e1 e2)
                           is .add. Extracted so the dependent-rewrite issue
                           with array bound proofs is contained in one place.

Engineering knowledge gained (recurring patterns when extending):
  - Array.getElem_append_left/right take the bound as an explicit positional
    arg, not via (h := ...).
  - rw on indices that appear in dependent bound proofs fails with "motive
    not type correct"; factor the lookup into a separate lemma.
  - convert tactic appears not to be available; rw + exact substitutes.
  - simp + omega closes most arithmetic on Array.size after expansion.
  - step lemmas with implicit args (a, b) need explicit (a := _) in calls
    where context doesn't determine them.

Adding a constructor still follows the v0.1 recipe — one Source
constructor, one Eval rule, one compile arm, one step_X helper, one
compile_X_get_op lemma, one case in compile_correct's induction. Each
case is ~25-40 lines of proof.

Zero sorries / axioms / admits.
2026-05-10 05:53:39 -06:00

24 lines
653 B
Text
Raw Blame History

import TsmLean.Core.Syntax
namespace TsmLean.Compile.Source
/-! # Source language for compilation (v0.2).
Integer literals + addition. The minimal "tree of operations" that
exercises the compositional structure of the correctness proof. -/
inductive Expr where
| intLit : Int → Expr
| add : Expr → Expr → Expr
deriving Repr, Inhabited
abbrev Value := TsmLean.Core.Value
inductive Eval : Expr → Value → Prop where
| intLit (n : Int) : Eval (.intLit n) (.vInt n)
| add {e1 e2 a b}
(h1 : Eval e1 (.vInt a))
(h2 : Eval e2 (.vInt b)) :
Eval (.add e1 e2) (.vInt (a + b))
end TsmLean.Compile.Source
Reference in a new issue View git blame Copy permalink