Skip to content

ABI: make Idris2 proofs genuinely compile + add machine-checked theorems#35

Merged
hyperpolymath merged 4 commits into
mainfrom
claude/iseriser-proofs-review-rtdcwb
Jun 26, 2026
Merged

ABI: make Idris2 proofs genuinely compile + add machine-checked theorems#35
hyperpolymath merged 4 commits into
mainfrom
claude/iseriser-proofs-review-rtdcwb

Conversation

@hyperpolymath

Copy link
Copy Markdown
Owner

Idris2 ABI proofs — genuinely compile + machine-checked theorems

Part of the family-wide ABI-proofs review. The hand-written ABI did not typecheck under Idris2 0.7.0; this makes it real and verified, following the merged iseriser reference.

Systemic fixes: decEq _ _ = No absurd → explicit off-diagonal cases; {auto 0 nonNull} smart constructors → choose-based; paddingFor -minus; real decDivides/decFieldsAligned replacing ?fieldsAlignedProof; honest offsetInBounds; thisPlatform de-%runElab'd; buildable nested layout + ipkg; new Proofs.idr with real theorems.

Verified: idris2 --build clean (0/0); adversarial re-verify found no believe_me/postulate/holes.

🤖 Generated with Claude Code


Generated by Claude Code

Jonathan D.A. Jewell and others added 3 commits June 26, 2026 11:20
The governance/licence-consistency check requires an SPDX-License-Identifier
header on the LICENSE file and a `license` field in the manifest. The LICENSE
body is MPL-2.0 text, so stamp `SPDX-License-Identifier: MPL-2.0` (matching the
actual body) and set `license = "MPL-2.0"` (replacing `license-file`).

Verified with standards/scripts/check-licence-consistency.sh (passes).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DF9CcCuL4YJoqs26eHsYiA
Make the repo's licensing single and consistent, matching the wokelangiser
reference policy and the merged iseriser pattern:

- Remove contradictory PMPL-1.0-or-later / Palimpsest self-claims from README
  badges/footers, QUICKSTART, RSR_OUTLINE, STATE-VISUALIZER, and machine-readable
  governance (META, stapeln, deny.toml allow-list, copilot/AGENTIC SPDX
  directives, Trust/Must LICENSE-content checks, per-project CLAUDE.md).
- Encode the docs split in REUSE dep5: *.adoc/*.md/docs/** -> CC-BY-SA-4.0,
  everything else -> MPL-2.0.
- READMEs show MPL-2.0 (code) + CC-BY-SA-4.0 (docs) badges; full texts live in
  LICENSES/; root LICENSE stays MPL-2.0 for GitHub's licence chip.

Preserves legitimate non-self references: cargo-deny's AGPL deny-list, the
"never use AGPL" estate policy, and the Contributor Covenant CoC.

Verified: standards/scripts/check-licence-consistency.sh passes; no residual
PMPL/Palimpsest self-claims remain.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DF9CcCuL4YJoqs26eHsYiA
The src/interface/abi ABI was scaffolded from a template and never
compiler-checked. This makes all four modules build cleanly (zero errors,
zero warnings) under Idris2 0.7.0 and adds machine-checked theorems.

Systemic fixes:
- Types: replace `DecEq Result` catch-all `No absurd` with explicit
  off-diagonal `No (\case Refl impossible)` cases for every distinct pair.
- Types: fix `createHandle`/`createDistHandle` smart constructors to solve
  the `So (ptr /= 0)` auto-proof via `choose`.
- Types: replace `thisPlatform = %runElab ...` (needs ElabReflection) with
  the plain value `Linux`.
- Types: `CPtr` returned `Bits (ptrSize p)` (Bits is an interface, not a
  type constructor) — map each platform to a concrete `Bits64`/`Bits32`.
- Types: `cSizeOf`/`cAlignOf` matched on `CInt _`/`CSize _` (type-level
  functions, not constructors) — drop those clauses; the reduced `Bits*`
  clauses cover them.
- Types: Kolmogorov witness GADTs (`NonNegative`/`Normalised`) indexed by
  `Normal m s` etc. left the constructors' `So` auto-proofs unsolved — bind
  them as erased implicits on each witness constructor.
- Types: import Decidable.Equality.
- Layout: `paddingFor` used `alignment - ...` (Nat has no Neg) — use
  `minus`; import Data.Nat.
- Layout: add sound `decDivides` decision procedure; make `alignUpCorrect`
  and `verifyLayout` sound (return witnesses via the decision procedure,
  supply `sizeCorrect`/`aligned` explicitly).
- Layout: implement `decFieldsAligned`; replace `checkCABI`'s
  `?fieldsAlignedProof` hole with a real decision over the field vector.
- Layout: supply concrete `StructLayout` erased proofs explicitly
  (`{sizeCorrect = Oh}`, `{aligned = DivideBy k Refl}`).
- Layout: discharge the three `...LayoutValid` holes with direct
  `ConsField`/`DivideBy` witnesses; qualify the layout name in the type as
  `Layout.fooLayout` to avoid implicit auto-binding.
- Layout: `offsetInBounds` had an unsound universally-quantified `So` return
  — change to `Maybe (So ...)` decided via `choose`.
- Layout: rename the `StructLayout` length field to `fieldCount` to remove
  the `StructLayout.n` projection that shadowed Vect lengths (warnings).
- Foreign: import Data.So.

Buildability:
- Move flat src/interface/abi/{Types,Layout,Foreign}.idr into the
  Betlangiser/ABI/ namespace directory so file paths match modules.
- Add src/interface/abi/betlangiser-abi.ipkg.
- .gitignore: add **/build/, *.ttc, *.ttm.

New theorems (src/interface/abi/Betlangiser/ABI/Proofs.idr):
- distributionCompliant, sampleBufferCompliant, confidenceIntervalCompliant,
  ternaryArrayCompliant : CABICompliant of each concrete layout, built
  directly from DivideBy witnesses (multiplication reduces; division does not).
- okIsZero : resultToInt Ok = 0.
- okNotError, notUnknownIsUnknown, falseAndUnknownIsFalse.

No believe_me, assert_total, idris_crash, postulate, %hint, or holes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DF9CcCuL4YJoqs26eHsYiA
@hyperpolymath hyperpolymath marked this pull request as ready for review June 26, 2026 14:52
@hyperpolymath hyperpolymath merged commit 2ecf551 into main Jun 26, 2026
17 of 21 checks passed
@hyperpolymath hyperpolymath deleted the claude/iseriser-proofs-review-rtdcwb branch June 26, 2026 14:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants