Add Core-to-Core datatype partial evaluation transform with correctness proof#985
Add Core-to-Core datatype partial evaluation transform with correctness proof#985tautschnig wants to merge 3 commits intomainfrom
Conversation
…ss proof Add a general Core-to-Core transform that simplifies datatype tester and selector applications on known constructor terms: - tester(C(args)) → true/false depending on whether tester matches C - selector_i(C(args)) → args[i] when selector matches C Components: - DatatypeInfo + collectDatatypeInfo: collect constructor, tester, and selector metadata from Core datatype declarations - matchConstrApp: decompose an expression into constructor + arguments - partialEvalDatatypesCore: recursive expression simplifier - partialEvalDatatypesInProgram: apply across all procedure bodies, axioms, and specifications Correctness proof (zero sorry): - Define DtEquiv inductive relation capturing datatype axiom equivalence (reflexivity, symmetry, transitivity, congruence, tester/selector axioms) - Prove partialEvalDatatypesCore_correct by structural induction on LExpr: all rewrite cases justified by DtEquiv axioms applied to simplified subexpressions, composed with congruence and transitivity Wired into the GOTO pipeline after procedure inlining. Includes unit tests for collectDatatypeInfo, tester simplification (positive and negative), and selector projection. Co-authored-by: Kiro <kiro-agent@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Adds a Core-to-Core transformation that partially evaluates datatype tester/selector applications when applied to known constructor terms, proves the rewrite relation correct, and integrates the pass into the CBMC GOTO pipeline.
Changes:
- Implement
DatatypeInfocollection plus a recursive Core expression simplifier for datatype tester/selector applications. - Add a correctness development (
DtEquiv+partialEvalDatatypesCore_correct) with nosorry. - Wire the pass into
inlineCoreToGotoFilesand add unit tests covering metadata collection and key simplifications.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| Strata/Transform/DatatypePartialEval.lean | New datatype partial-evaluation transform and program-wide traversal. |
| Strata/Transform/DatatypePartialEvalCorrect.lean | Correctness proof for the Core expression simplifier via DtEquiv. |
| Strata/Backends/CBMC/GOTO/CoreToGOTOPipeline.lean | Integrates the transform into the Core→GOTO pipeline after inlining. |
| StrataTest/Transform/DatatypePartialEval.lean | Unit tests for datatype info collection and tester/selector simplification. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
I am a bit confused about this transformation's purpose. These simplifications are already part of the Lambda (and hence Core) partial evaluator. |
Implementation fixes: - Fix 1: Remove stale eq(C(args1),C(args2)) bullet from module docstring - Fix 2: O(n) matchConstrApp.collect using accumulator instead of O(n²) append - Fix 3: Update matchConstrApp docstring (not 'fully-applied', note no arity check) - Fix 4: Recurse into op in binary application case (was missing) - Fix 5: Narrow partialEvalDatatypesInProgram docstring to actual scope - Fix 6: Rename shadowed variable in GOTO pipeline Refactoring: - Extract trySimplifyUnaryApp helper from partialEvalDatatypesCore for modularity and proof tractability Proof rewrite (DatatypePartialEvalCorrect.lean): - Add missing abs/eq cases for new LExpr constructors from main merge - Use import all + unfold instead of simp [partialEvalDatatypesCore] (definition is opaque across module boundaries with the module keyword) - Restructure around trySimplifyUnaryApp helper for modularity - Two sorry's remain: trySimplifyUnaryApp_correct and the app case of partialEvalDatatypesCore_correct. The proof structure is validated but filling these requires careful case-splitting on the tester/selector lookups inside trySimplifyUnaryApp. Co-authored-by: Kiro <kiro-agent@users.noreply.github.com>
Move DatatypeInfo structure and ofDatatypes builder from the Core-specific DatatypePartialEval transform to Lambda.TypeFactory, making it available to both the standalone Core-to-Core transform and the Lambda evaluator. - DatatypeInfo now lives in Strata.DL.Lambda.TypeFactory - DatatypeInfo.ofDatatypes builds from List (LDatatype IDMeta) - matchConstrApp now delegates to Lambda.getLFuncCall instead of a custom collect function, eliminating code duplication - collectDatatypeInfo is a thin wrapper extracting datatypes from Core program declarations and calling ofDatatypes - Removed constrToTester and constrSiblingTesters fields (unused by the transform; testerToConstr suffices) Co-authored-by: Kiro <kiro-agent@users.noreply.github.com>
My primary intended use for this transform is the GOTO pipeline: The Lambda evaluator handles these simplifications during symbolic evaluation via To address the duplication concern, I've factored out the shared piece in 6ca07fc: |
|
Two general comments (I haven't looked at this in close detail yet).
|
|
For the top-level statement of correctness, github.com/strata-org/Strata/blob/main/Strata/Transform/Specification.lean has a few styles and I think |
Add a general Core-to-Core transform that simplifies datatype tester and selector applications on known constructor terms:
Components:
Correctness proof (zero sorry):
Wired into the GOTO pipeline after procedure inlining. Includes unit tests for collectDatatypeInfo, tester simplification (positive and negative), and selector projection.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.