Skip to content

feat: termination arguments for String.ValidPos and String.Slice.Pos #10933

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
TwoFX merged 5 commits into from
Oct 27, 2025
Merged

feat: termination arguments for String.ValidPos and String.Slice.Pos #10933

TwoFX merged 5 commits into from
Oct 27, 2025

Conversation

@TwoFX
Copy link
Member

@TwoFX TwoFX commented Oct 23, 2025
edited
Loading

This PR adds the basic infrastructure to perform termination proofs about String.ValidPos and String.Slice.Pos.

We choose approach where the intended way to do termination arguments is to argue about the position itself rather than some projection of it like remainingBytes.

The types String.ValidPos and String.Slice.Pos are equipped with a WellFoundedRelation instance given by the greater-than relation. This means that if a function takes a position p and performs a recursive call on q, then the decreasing obligation will be p < q. This works well in the common case where q is p.next h, in which case the goal p < p.next h is solved by the simplifier.

For stepping through a string backwards, we introduce a type synonym with a WellFoundedRelation instance given by the less-than relation. This means that if a function takes a position p and performs a recursive call on q and specifies termination_by p.down, then the decreasing obligation will be q < p. This works well in the case where q is p.prev h, in which case the goal p.prev h < p is solved by the simplifier.

For termination arguments invoving multiple strings, the lower-level primitive p.remainingBytes (landing in Nat) is also available.

In a future PR, we will additionally provide the necessary typeclasses instances to register String.ValidPos and String.Slice.Pos with grind to make complex termination arguments more convenient in user code.

@TwoFX TwoFX added the changelog-library Library label Oct 23, 2025
@github-actions github-actions bot added the toolchain-available A toolchain is available for this PR, at leanprover/lean4-pr-releases:pr-release-NNNN label Oct 23, 2025
@leanprover-community-bot
Copy link
Collaborator

leanprover-community-bot commented Oct 23, 2025
edited
Loading

Mathlib CI status (docs):

  • ❗ Batteries/Mathlib CI will not be attempted unless your PR branches off the nightly-with-mathlib branch. Try git rebase 59573646c227d940962c08a1e77ce51177a024ea --onto efbbb0b230ce95653d25b59c83fd24a51a8bf363. You can force Mathlib CI using the force-mathlib-ci label. (2025-10-23 16:45:01)
  • ❗ Mathlib CI can not be attempted yet, as the nightly-testing-2025-10-25 tag does not exist there yet. We will retry when you push more commits. If you rebase your branch onto nightly-with-mathlib, Mathlib CI should run now. You can force Mathlib CI using the force-mathlib-ci label. (2025-10-25 14:24:45)
  • 💥 Mathlib branch lean-pr-testing-10933 build failed against this PR. (2025-10-26 17:40:37) View Log
  • ✅ Mathlib branch lean-pr-testing-10933 has successfully built against this PR. (2025-10-27 09:31:40) View Log

@leanprover-bot
Copy link
Collaborator

leanprover-bot commented Oct 23, 2025
edited
Loading

Reference manual CI status:

  • ❗ Reference manual CI will not be attempted unless your PR branches off the nightly-with-manual branch. Try git rebase 59573646c227d940962c08a1e77ce51177a024ea --onto d3dda9f6d4428a906c096067ecb75e432afc4615. You can force reference manual CI using the force-manual-ci label. (2025-10-23 16:45:03)
  • ❗ Reference manual CI can not be attempted yet, as the nightly-testing-2025-10-25 tag does not exist there yet. We will retry when you push more commits. If you rebase your branch onto nightly-with-manual, reference manual CI should run now. You can force reference manual CI using the force-manual-ci label. (2025-10-25 14:24:46)
  • ❗ Reference manual CI can not be attempted yet, as the nightly-testing-2025-10-26 tag does not exist there yet. We will retry when you push more commits. If you rebase your branch onto nightly-with-manual, reference manual CI should run now. You can force reference manual CI using the force-manual-ci label. (2025-10-26 16:42:35)

@TwoFX TwoFX force-pushed the markus/string-termination-3 branch 2 times, most recently from c509e5e to 43b3808 Compare October 25, 2025 13:29
@TwoFX TwoFX force-pushed the markus/string-termination-3 branch from 43b3808 to c381a0c Compare October 26, 2025 15:41
leanprover-community-mathlib4-bot added a commit to leanprover-community/batteries that referenced this pull request Oct 26, 2025
@leanprover-community-mathlib4-bot
Update lean-toolchain for testing leanprover/lean4#10933
115dc94
leanprover-community-mathlib4-bot added a commit to leanprover-community/mathlib4-nightly-testing that referenced this pull request Oct 26, 2025
@leanprover-community-mathlib4-bot
Update lean-toolchain for testing leanprover/lean4#10933
f89ebc9
@leanprover-community-bot leanprover-community-bot added breaks-mathlib This is not necessarily a blocker for merging: but there needs to be a plan builds-mathlib CI has verified that Mathlib builds against this PR and removed breaks-mathlib This is not necessarily a blocker for merging: but there needs to be a plan labels Oct 26, 2025
@TwoFX TwoFX marked this pull request as ready for review October 27, 2025 10:05
@TwoFX TwoFX enabled auto-merge October 27, 2025 10:05
@TwoFX TwoFX added this pull request to the merge queue Oct 27, 2025
Merged via the queue into leanprover:master with commit 8fe260d Oct 27, 2025
31 checks passed
wkrozowski pushed a commit to wkrozowski/lean4 that referenced this pull request Oct 27, 2025
@TwoFX @wkrozowski
feat: termination arguments for String.ValidPos and `String.Slice.P…
559e453 
…os` (leanprover#10933)

This PR adds the basic infrastructure to perform termination proofs
about `String.ValidPos` and `String.Slice.Pos`.

We choose approach where the intended way to do termination arguments is
to argue about the position itself rather than some projection of it
like `remainingBytes`.

The types `String.ValidPos` and `String.Slice.Pos` are equipped with a
`WellFoundedRelation` instance given by the greater-than relation. This
means that if a function takes a position `p` and performs a recursive
call on `q`, then the decreasing obligation will be `p < q`. This works
well in the common case where `q` is `p.next h`, in which case the goal
`p < p.next h` is solved by the simplifier.

For stepping through a string backwards, we introduce a type synonym
with a `WellFoundedRelation` instance given by the less-than relation.
This means that if a function takes a position `p` and performs a
recursive call on `q` and specifies `termination_by p.down`, then the
decreasing obligation will be `q < p`. This works well in the case where
`q` is `p.prev h`, in which case the goal `p.prev h < p` is solved by
the simplifier.

For termination arguments invoving multiple strings, the lower-level
primitive `p.remainingBytes` (landing in `Nat`) is also available.

In a future PR, we will additionally provide the necessary typeclasses
instances to register `String.ValidPos` and `String.Slice.Pos` with
`grind` to make complex termination arguments more convenient in user
code.
@nomeata nomeata mentioned this pull request Oct 29, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kim-em kim-em Awaiting requested review from kim-em kim-em is a code owner

@leodemoura leodemoura Awaiting requested review from leodemoura leodemoura is a code owner

@hargoniX hargoniX Awaiting requested review from hargoniX hargoniX is a code owner

Assignees

No one assigned

Labels

builds-mathlib CI has verified that Mathlib builds against this PR changelog-library Library toolchain-available A toolchain is available for this PR, at leanprover/lean4-pr-releases:pr-release-NNNN

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@TwoFX @leanprover-community-bot @leanprover-bot