Datatypes for linarith

Some of the data structures here are used in multiple parts of the tactic. We split them into their own file.

This file also contains a few convenient auxiliary functions.

ink

def Linarith.linarithTraceProofs {α : Type} [inst : Lean.ToMessageData α] (s : α) (l : List Lean.Expr) : Lean.MetaM Unit

A shorthand for tracing the types of a list of proof terms when the trace.linarith option is set to true.

Equations

• One or more equations did not get rendered due to their size.

Linear expressions

ink

def Linarith.Linexp : Type

A linear expression is a list of pairs of variable indices and coefficients, representing the sum of the products of each coefficient with its corresponding variable.

Some functions on Linexp assume that n : Nat occurs at most once as the first element of a pair, and that the list is sorted in decreasing order of the first argument. This is not enforced by the type but the operations here preserve it.

Equations

• Linarith.Linexp = List (ℕ × ℤ)

ink

partial def Linarith.Linexp.add : Linarith.Linexp → Linarith.Linexp → Linarith.Linexp

Add two Linexps together componentwise. Preserves sorting and uniqueness of the first argument.

ink

def Linarith.Linexp.scale (c : ℤ) (l : Linarith.Linexp) : Linarith.Linexp

l.scale c scales the values in l by c without modifying the order or keys.

Equations

• Linarith.Linexp.scale c l = if c = 0 then [] else if c = 1 then l else List.map (fun x => match x with | (n, z) => (n, z * c)) l

ink

def Linarith.Linexp.get (n : ℕ) : Linarith.Linexp → Option ℤ

l.get n returns the value in l associated with key n, if it exists, and none otherwise. This function assumes that l is sorted in decreasing order of the first argument, that is, it will return none as soon as it finds a key smaller than n.

Equations

• Linarith.Linexp.get n [] = none
• Linarith.Linexp.get n ((a, b) :: t) = if a < n then none else if a = n then some b else Linarith.Linexp.get n t

ink

def Linarith.Linexp.contains (n : ℕ) : Linarith.Linexp → Bool

l.contains n is true iff n is the first element of a pair in l.

Equations

• Linarith.Linexp.contains n = Option.isSome ∘ Linarith.Linexp.get n

ink

def Linarith.Linexp.zfind (n : ℕ) (l : Linarith.Linexp) : ℤ

l.zfind n returns the value associated with key n if there is one, and 0 otherwise.

Equations

• Linarith.Linexp.zfind n l = match Linarith.Linexp.get n l with | none => 0 | some v => v

ink

def Linarith.Linexp.vars (l : Linarith.Linexp) : List ℕ

l.vars returns the list of variables that occur in l.

Equations

• Linarith.Linexp.vars l = List.map Prod.fst l

ink

def Linarith.Linexp.cmp : Linarith.Linexp → Linarith.Linexp → Ordering

Defines a lex ordering on Linexp. This function is performance critical.

Equations

• One or more equations did not get rendered due to their size.
• Linarith.Linexp.cmp [] [] = Ordering.eq
• Linarith.Linexp.cmp [] x = Ordering.lt
• Linarith.Linexp.cmp x [] = Ordering.gt

Inequalities

ink

inductive Linarith.Ineq : Type

• eq: Linarith.Ineq
• le: Linarith.Ineq
• lt: Linarith.Ineq

The three-element type Ineq is used to represent the strength of a comparison between terms.

ink

instance Linarith.instDecidableEqIneq : DecidableEq Linarith.Ineq

Equations

• Linarith.instDecidableEqIneq x y = if h : Linarith.Ineq.toCtorIdx x = Linarith.Ineq.toCtorIdx y then isTrue (_ : x = y) else isFalse (_ : x = y → False)

ink

instance Linarith.instInhabitedIneq : Inhabited Linarith.Ineq

Equations

• Linarith.instInhabitedIneq = { default := Linarith.Ineq.eq }

ink

instance Linarith.instReprIneq : Repr Linarith.Ineq

Equations

• Linarith.instReprIneq = { reprPrec := Linarith.reprIneq✝ }

ink

def Linarith.Ineq.max : Linarith.Ineq → Linarith.Ineq → Linarith.Ineq

max R1 R2 computes the strength of the sum of two inequalities. If t1 R1 0 and t2 R2 0, then t1 + t2 (max R1 R2) 0.

Equations

• One or more equations did not get rendered due to their size.

ink

def Linarith.Ineq.cmp : Linarith.Ineq → Linarith.Ineq → Ordering

Ineq is ordered eq < le < lt.

Equations

• One or more equations did not get rendered due to their size.

ink

def Linarith.Ineq.toString : Linarith.Ineq → String

Prints an Ineq as the corresponding infix symbol.

Equations

• Linarith.Ineq.toString x = match x with | Linarith.Ineq.eq => "=" | Linarith.Ineq.le => "≤" | Linarith.Ineq.lt => "<"

ink

def Linarith.Ineq.toConstMulName : Linarith.Ineq → Lean.Name

Finds the name of a multiplicative lemma corresponding to an inequality strength.

Equations

• Linarith.Ineq.toConstMulName x = match x with | Linarith.Ineq.lt => `Linarith.mul_neg | Linarith.Ineq.le => `Linarith.mul_nonpos | Linarith.Ineq.eq => `Linarith.mul_eq

ink

instance Linarith.Ineq.instToStringIneq : ToString Linarith.Ineq

Equations

• Linarith.Ineq.instToStringIneq = { toString := Linarith.Ineq.toString }

ink

instance Linarith.Ineq.instToFormatIneq : Lean.ToFormat Linarith.Ineq

Equations

• Linarith.Ineq.instToFormatIneq = { format := fun i => Std.Format.text (Linarith.Ineq.toString i) }

Comparisons with 0

ink

structure Linarith.Comp : Type

• The strength of the comparison, <, ≤≤, or =.

  str : Linarith.Ineq

• The coefficients of the comparison, stored as list of pairs (i, a), where i is the index of a recorded atom, and a is the coefficient.

  coeffs : Linarith.Linexp

The main datatype for FM elimination. Variables are represented by natural numbers, each of which has an integer coefficient. Index 0 is reserved for constants, i.e. coeffs.find 0 is the coefficient of 1. The represented term is coeffs.sum (λ ⟨k, v⟩, v * Var[k]). str determines the strength of the comparison -- is it < 0, ≤ 0, or = 0?

ink

instance Linarith.instInhabitedComp : Inhabited Linarith.Comp

Equations

• Linarith.instInhabitedComp = { default := { str := default, coeffs := default } }

ink

instance Linarith.instReprComp : Repr Linarith.Comp

Equations

• Linarith.instReprComp = { reprPrec := Linarith.reprComp✝ }

ink

def Linarith.Comp.vars : Linarith.Comp → List ℕ

c.vars returns the list of variables that appear in the linear expression contained in c.

Equations

• Linarith.Comp.vars = Linarith.Linexp.vars ∘ Linarith.Comp.coeffs

ink

def Linarith.Comp.coeffOf (c : Linarith.Comp) (a : ℕ) : ℤ

c.coeffOf a projects the coefficient of variable a out of c.

Equations

• Linarith.Comp.coeffOf c a = Linarith.Linexp.zfind a c.coeffs

ink

def Linarith.Comp.scale (c : Linarith.Comp) (n : ℕ) : Linarith.Comp

c.scale n scales the coefficients of c by n.

Equations

• Linarith.Comp.scale c n = { str := c.str, coeffs := Linarith.Linexp.scale (↑n) c.coeffs }

ink

def Linarith.Comp.add (c1 : Linarith.Comp) (c2 : Linarith.Comp) : Linarith.Comp

Comp.add c1 c2 adds the expressions represented by c1 and c2. The coefficient of variable a in c1.add c2 is the sum of the coefficients of a in c1 and c2.

Equations

• Linarith.Comp.add c1 c2 = { str := Linarith.Ineq.max c1.str c2.str, coeffs := Linarith.Linexp.add c1.coeffs c2.coeffs }

ink

def Linarith.Comp.cmp : Linarith.Comp → Linarith.Comp → Ordering

Comp has a lex order. First the ineqs are compared, then the coeffs.

Equations

• One or more equations did not get rendered due to their size.

ink

def Linarith.Comp.isContr (c : Linarith.Comp) : Bool

A Comp represents a contradiction if its expression has no coefficients and its strength is <, that is, it represents the fact 0 < 0.

Equations

• Linarith.Comp.isContr c = (List.isEmpty c.coeffs && decide (c.str = Linarith.Ineq.lt))

ink

instance Linarith.Comp.ToFormat : Lean.ToFormat Linarith.Comp

Equations

• Linarith.Comp.ToFormat = { format := fun p => Std.format p.coeffs ++ Std.Format.text (toString p.str) ++ Std.Format.text "0" }

Parsing into linear form

Control

ink

structure Linarith.Preprocessor : Type

• The name of the preprocessor, used in trace output.

  name : String

• Replace a hypothesis by a list of hypotheses. These expressions are the proof terms.

  transform : Lean.Expr → Lean.MetaM (List Lean.Expr)

A preprocessor transforms a proof of a proposition into a proof of a different propositon. The return type is List Expr, since some preprocessing steps may create multiple new hypotheses, and some may remove a hypothesis from the list. A "no-op" preprocessor should return its input as a singleton list.

ink

structure Linarith.GlobalPreprocessor : Type

• The name of the global preprocessor, used in trace output.

  name : String

• Replace the collection of all hypotheses with new hypotheses. These expressions are proof terms.

  transform : List Lean.Expr → Lean.MetaM (List Lean.Expr)

Some preprocessors need to examine the full list of hypotheses instead of working item by item. As with Preprocessor, the input to a GlobalPreprocessor is replaced by, not added to, its output.

ink

def Linarith.Branch : Type

Some preprocessors perform branching case splits. A Branch is used to track one of these case splits. The first component, an MVarId, is the goal corresponding to this branch of the split, given as a metavariable. The List Expr component is the list of hypotheses for linarith in this branch.

Equations

• Linarith.Branch = (Lean.MVarId × List Lean.Expr)

ink

structure Linarith.GlobalBranchingPreprocessor : Type

• The name of the global branching preprocessor, used in trace output.

  name : String

• Given a goal, and a list of hypotheses, produce a list of pairs (consisting of a goal and list of hypotheses).

  transform : Lean.MVarId → List Lean.Expr → Lean.MetaM (List Linarith.Branch)

Some preprocessors perform branching case splits. A GlobalBranchingPreprocessor produces a list of branches to run. Each branch is independent, so hypotheses that appear in multiple branches should be duplicated. The preprocessor is responsible for making sure that each branch contains the correct goal metavariable.

ink

def Linarith.Preprocessor.globalize (pp : Linarith.Preprocessor) : Linarith.GlobalPreprocessor

A Preprocessor lifts to a GlobalPreprocessor by folding it over the input list.

Equations

• One or more equations did not get rendered due to their size.

ink

def Linarith.GlobalPreprocessor.branching (pp : Linarith.GlobalPreprocessor) : Linarith.GlobalBranchingPreprocessor

A GlobalPreprocessor lifts to a GlobalBranchingPreprocessor by producing only one branch.

Equations

• Linarith.GlobalPreprocessor.branching pp = { name := pp.name, transform := fun g l => do let __do_lift ← Linarith.GlobalPreprocessor.transform pp l pure [(g, __do_lift)] }

ink

def Linarith.GlobalBranchingPreprocessor.process (pp : Linarith.GlobalBranchingPreprocessor) (g : Lean.MVarId) (l : List Lean.Expr) : Lean.MetaM (List Linarith.Branch)

process pp l runs pp.transform on l and returns the result, tracing the result if trace.linarith is on.

Equations

• One or more equations did not get rendered due to their size.

ink

instance Linarith.PreprocessorToGlobalBranchingPreprocessor : Coe Linarith.Preprocessor Linarith.GlobalBranchingPreprocessor

Equations

• Linarith.PreprocessorToGlobalBranchingPreprocessor = { coe := Linarith.GlobalPreprocessor.branching ∘ Linarith.Preprocessor.globalize }

ink

instance Linarith.GlobalPreprocessorToGlobalBranchingPreprocessor : Coe Linarith.GlobalPreprocessor Linarith.GlobalBranchingPreprocessor

Equations

• Linarith.GlobalPreprocessorToGlobalBranchingPreprocessor = { coe := Linarith.GlobalPreprocessor.branching }

ink

def Linarith.CertificateOracle : Type

A CertificateOracle is a function produceCertificate : List Comp → Nat → MetaM (HashMap Nat Nat)→ Nat → MetaM (HashMap Nat Nat)→ MetaM (HashMap Nat Nat). produceCertificate hyps max_var tries to derive a contradiction from the comparisons in hyps by eliminating all variables ≤ max_var. If successful, it returns a map coeff : Nat → Nat→ Nat as a certificate. This map represents that we can find a contradiction by taking the sum ∑ (coeff i) * hyps[i]∑ (coeff i) * hyps[i].

The default CertificateOracle used by linarith is Linarith.FourierMotzkin.produceCertificate.

Equations

• Linarith.CertificateOracle = (List Linarith.Comp → ℕ → Lean.MetaM (Std.HashMap ℕ ℕ))

ink

structure Linarith.LinarithConfig : Type

• Discharger to prove that a candidate linear combination of hypothesis is zero.

  discharger : Lean.Elab.Tactic.TacticM Unit

• Prove goals which are not linear comparisons by first calling exfalso.

  exfalso : Bool

• Transparency mode for identifying atomic expressions in comparisons.

  transparency : Lean.Meta.TransparencyMode

• Split conjunctions in hypotheses.

  split_hypotheses : Bool

• Split ≠≠ in hypotheses, by branching in cases < and >.

  split_ne : Bool

• Override the list of preprocessors.

  preprocessors : Option (List Linarith.GlobalBranchingPreprocessor)

• Specify an oracle for identifying candidate contradictions. The only implementation here is Fourier-Motzkin elimination.

  oracle : Option Linarith.CertificateOracle

A configuration object for linarith.

ink

def Linarith.LinarithConfig.updateReducibility (cfg : Linarith.LinarithConfig) (reduce_default : Bool) : Linarith.LinarithConfig

cfg.updateReducibility reduce_default will change the transparency setting of cfg to default if reduce_default is true. In this case, it also sets the discharger to ring!, since this is typically needed when using stronger unification.

Equations

• One or more equations did not get rendered due to their size.

Auxiliary functions

These functions are used by multiple modules, so we put them here for accessibility.

ink

def Linarith.getRelSides (e : Lean.Expr) : Lean.MetaM (Lean.Expr × Lean.Expr)

getRelSides e returns the left and right hand sides of e if e is a comparison, and fails otherwise. This function is more naturally in the Option monad, but it is convenient to put in MetaM for compositionality.

Equations

• One or more equations did not get rendered due to their size.

ink

def Linarith.parseCompAndExpr (e : Lean.Expr) : Lean.MetaM (Linarith.Ineq × Lean.Expr)

parseCompAndExpr e checks if e is of the form t < 0, t ≤ 0≤ 0, or t = 0. If it is, it returns the comparison along with t.

Equations

• One or more equations did not get rendered due to their size.

ink

def Linarith.parseCompAndExpr.throwNotZero (z : Lean.Expr) : Lean.MetaM (Linarith.Ineq × Lean.Expr)

helper function for error message

Equations

• Linarith.parseCompAndExpr.throwNotZero z = Lean.throwError (Lean.toMessageData "invalid comparison, rhs not zero: " ++ Lean.toMessageData z ++ Lean.toMessageData "")

ink

def Linarith.mkSingleCompZeroOf (c : ℕ) (h : Lean.Expr) : Lean.MetaM (Linarith.Ineq × Lean.Expr)

mkSingleCompZeroOf c h assumes that h is a proof of t R 0. It produces a pair (R', h'), where h' is a proof of c*t R' 0. Typically R and R' will be the same, except when c = 0, in which case R' is =. If c = 1, h' is the same as h -- specifically, it does not change the type to 1*t R 0.

Equations

• One or more equations did not get rendered due to their size.