Skip to content

ABI: make Idris2 proofs genuinely compile + add machine-checked theorems#37

Merged
hyperpolymath merged 4 commits into
mainfrom
claude/iseriser-proofs-review-rtdcwb
Jun 26, 2026
Merged

ABI: make Idris2 proofs genuinely compile + add machine-checked theorems#37
hyperpolymath merged 4 commits into
mainfrom
claude/iseriser-proofs-review-rtdcwb

Conversation

@hyperpolymath

Copy link
Copy Markdown
Owner

Idris2 ABI proofs — genuinely compile + machine-checked theorems

Part of the family-wide ABI-proofs review. The hand-written ABI did not typecheck under Idris2 0.7.0; this makes it real and verified, following the merged iseriser reference.

Systemic fixes: decEq _ _ = No absurd → explicit off-diagonal cases; {auto 0 nonNull} smart constructors → choose-based; paddingFor -minus; real decDivides/decFieldsAligned replacing ?fieldsAlignedProof; honest offsetInBounds; thisPlatform de-%runElab'd; buildable nested layout + ipkg; new Proofs.idr with real theorems.

Verified: idris2 --build clean (0/0); adversarial re-verify found no believe_me/postulate/holes.

🤖 Generated with Claude Code


Generated by Claude Code

Jonathan D.A. Jewell and others added 3 commits June 26, 2026 11:20
The governance/licence-consistency check requires an SPDX-License-Identifier
header on the LICENSE file and a `license` field in the manifest. The LICENSE
body is MPL-2.0 text, so stamp `SPDX-License-Identifier: MPL-2.0` (matching the
actual body) and set `license = "MPL-2.0"` (replacing `license-file`).

Verified with standards/scripts/check-licence-consistency.sh (passes).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DF9CcCuL4YJoqs26eHsYiA
Make the repo's licensing single and consistent, matching the wokelangiser
reference policy and the merged iseriser pattern:

- Remove contradictory PMPL-1.0-or-later / Palimpsest self-claims from README
  badges/footers, QUICKSTART, RSR_OUTLINE, STATE-VISUALIZER, and machine-readable
  governance (META, stapeln, deny.toml allow-list, copilot/AGENTIC SPDX
  directives, Trust/Must LICENSE-content checks, per-project CLAUDE.md).
- Encode the docs split in REUSE dep5: *.adoc/*.md/docs/** -> CC-BY-SA-4.0,
  everything else -> MPL-2.0.
- READMEs show MPL-2.0 (code) + CC-BY-SA-4.0 (docs) badges; full texts live in
  LICENSES/; root LICENSE stays MPL-2.0 for GitHub's licence chip.

Preserves legitimate non-self references: cargo-deny's AGPL deny-list, the
"never use AGPL" estate policy, and the Contributor Covenant CoC.

Verified: standards/scripts/check-licence-consistency.sh passes; no residual
PMPL/Palimpsest self-claims remain.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DF9CcCuL4YJoqs26eHsYiA
Make the anvomidaviser ABI formal proofs real and machine-checked. The
scaffold was never compiler-checked; this fixes the systemic and
repo-specific bugs and adds genuine theorems.

Bugs fixed:
- Types: replace `decEq _ _ = No absurd` catch-all in the Result DecEq
  instance with explicit off-diagonal `No (\case Refl impossible)` cases;
  import Decidable.Equality.
- Types: createHandle now solves the `So (ptr /= 0)` auto-proof via
  `choose` instead of leaving MkHandle's proof unsolved.
- Types: thisPlatform was `%runElab` (needs ElabReflection); replace with
  the plain value `Linux`.
- Types: CPtr referenced `Bits (ptrSize p)` (Bits is an interface, not a
  Nat-indexed type) — map to the pointer-sized CSize p.
- Types: drop the un-matchable `cSizeOf/cAlignOf (CInt _)/(CSize _)`
  clauses (CInt/CSize reduce to Bits32/Bits64, already covered).
- Types: remove the duplicate `namespace Foreign` block whose prim__*
  names collided ambiguously with the real ones in Foreign.idr.
- Layout: paddingFor used Nat subtraction `alignment - ...`; use
  `minus`; import Data.Nat.
- Layout: implement a sound decDivides decision procedure (real decEq,
  no believe_me) and decFieldsAligned; checkCABI now returns a genuine
  CABIOk witness or Left.
- Layout: alignUpCorrect claimed an unsound universal Divides proof;
  replace with alignUpDivides returning a checked Maybe witness.
- Layout: offsetInBounds had an unsound universal `So (...)` return;
  change to `Maybe (So ...)` via choose.
- Layout: concrete StructLayout values supply erased proofs explicitly
  ({sizeCorrect = Oh}, {aligned = DivideBy k Refl}); the *LayoutValid
  proofs build FieldsAligned witnesses directly (no holes).
- Layout/verifyLayout: construct StructLayout with explicit size and
  alignment witnesses.
- Rename implicit `n` to `k` to stop shadowing StructLayout.n.

Buildability:
- Move flat src/interface/abi/{Types,Layout,Foreign}.idr to nested
  Anvomidaviser/ABI/ matching the module namespace.
- Add anvomidaviser-abi.ipkg (Types, Layout, Foreign, Proofs).

Theorems (Proofs.idr, all `export`, machine-checked):
- technicalElementCompliant : CABICompliant Layout.technicalElementLayout
- programScoreCompliant     : CABICompliant Layout.programScoreLayout
- okIsZero, okNotError, ruleViolationIsFive (result-code encoding).

Build is clean: `idris2 --build anvomidaviser-abi.ipkg` exits 0 with zero
errors and zero warnings. No believe_me/postulate/holes anywhere.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01DF9CcCuL4YJoqs26eHsYiA
@hyperpolymath hyperpolymath marked this pull request as ready for review June 26, 2026 14:53
@hyperpolymath hyperpolymath merged commit e76b2fb into main Jun 26, 2026
13 of 18 checks passed
@hyperpolymath hyperpolymath deleted the claude/iseriser-proofs-review-rtdcwb branch June 26, 2026 14:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants