ci: fmt under stable 1.96 to make rust-ci green (follow-up)#46
Merged
Conversation
Adds Chapeliser.ABI.Invariants, a new machine-checked theorem deeper than
and distinct from the Layer-2 Partition tiling proof. Partition.idr proved
the block partition is a gapless, non-overlapping tiling for all n,k but
explicitly left open the arithmetic residual `sumNat (perItemCounts n k) = n`
("the only div/mod obligation"). This module discharges exactly that.
blockCountsComplete : (n,k') -> sumNat (blockCounts n k') = n proves every
item is covered exactly once, for ALL n and all k>0, via the Euclidean
division theorem (contrib Data.Nat.Division) plus a self-contained count of
remainder slots. Counts are expressed with the public-export divNatNZ/modNatNZ
(the reducing form of Prelude div/mod on a positive divisor) so the proof and
its concrete controls reduce at the type level.
Includes: a sound+complete Dec (decCoversExactly), positive controls
(covers10over3, covers12over4 by Refl + via the general theorem), and
non-vacuity/negative controls (notCovers10as9, dec10over3as9No,
remainderCountMatters). Genuine proof: no believe_me/postulate/assert_total/
sorry/admitted. Builds clean (0 warnings); a deliberately false variant is
rejected by the type checker.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…I.FfiSeam) Add a new module proving the Result FFI encoding is sound: - intToResult decoder + resultRoundTrip: the C integer faithfully round-trips back to the ABI Result (lossless/faithful encoding). - resultToIntInjective: distinct ABI outcomes never collide on the wire, derived from the round-trip via justInj . cong intToResult. - Positive controls (concrete decode = Refl) and a machine-checked non-vacuity control: distinct codes have distinct ints. Genuine total proofs, no believe_me/postulate/assert_total/etc. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
Assemble the existing proof layers into one inhabited certificate value in Chapeliser.ABI.Capstone: - ABISound record whose fields reuse real exported witnesses: * flagshipValid -> Proofs.tenAcrossTwoValid (Layer 2, complete+disjoint) * blockComplete -> Invariants.blockPartitionIsComplete 10 2 (Layer 3) * blockCompleteAll -> Invariants.blockCountsComplete (Layer 3, general) * ffiInjective -> FfiSeam.resultToIntInjective (Layer 4 seam) - abiContractDischarged : ABISound — the single inhabited capstone value; ties manifest -> ABI proofs (flagship + invariant) -> FFI seam into one end-to-end soundness statement. Stops typechecking if any layer weakens. No believe_me/postulate/assert_total/sorry/%hint; %default total; SPDX line 1. Build clean (0 warnings); adversarial false-field certificate is rejected. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…ble fix); port ABI-FFI gate Python->Bash (Python is estate-banned) Resolves the standing baseline CI reds (rust-ci toolchain error, governance Language/anti-pattern, governance workflow-lint) without altering the proven ABI. The Bash gate reproduces the former Python gate's verdict verbatim (validated across all -iser repos) and catches the same drift classes. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01A6PSzJWpRxtzGDjUCEh7Mx
…simiser) in place of the interim Bash port
…t --check + clippy -D warnings clean
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Follow-up to the merged CI-green PR. With rust-ci now running,
cargo fmt --all -- --checkfails onmainunder the CI toolchain (stable rustfmt 1.96) — the toolchain-pin landed before the formatting fix. This brings the Rust sources to rustfmt-clean so rust-ci goes green.Changes
cargo fmt(src/codegen/header.rs) socargo fmt --all -- --checkpasses under stable 1.96.RSR Quality Checklist
Required
cargo test --locked --all-targets)cargo fmt --all -- --check)cargo clippy --locked --all-targets -- -D warnings).envfiles includedTesting
Verified locally with the CI toolchain (rustc/clippy/rustfmt 1.96.0):
cargo fmt --check,clippy -D warnings,cargo check --locked,cargo test --lockedall pass.🤖 Generated with Claude Code
Generated by Claude Code