Skip to content

feat: icombine#392

Draft
alvinylt wants to merge 75 commits into
leanprover-community:masterfrom
ISTA-PLV:icombine
Draft

feat: icombine#392
alvinylt wants to merge 75 commits into
leanprover-community:masterfrom
ISTA-PLV:icombine

Conversation

@alvinylt
Copy link
Copy Markdown

@alvinylt alvinylt commented May 13, 2026
edited
Loading

Description

This reopens the accidentally closed pull request #388.

Implements the icombine tactic, available in three formats:

  • icombine <hypotheses> as <pattern>
  • icombine <hypotheses> gives <pattern>
  • icombine <hypotheses> as <pattern> gives <pattern>

Addresses #359.

The functions combineAsProofModeHyp and combineGivesProofModeHyp utilise the type classes CombineSepAs and CombineSepGives, respectively. Since these two functions already handle the list of hypotheses recursively, there is no need to rely on type classes for recursion.

The following type classes and type class instances are all located under the ProofMode directory.

Type class in Lean Located within the Lean codebase in Corresponding type class in Rocq Located within the Rocq codebase in
CombineSepAs Classes.lean CombineSepAs classes.v
CombineSepGives Classes.lean CombineSepGives classes.v

Four instances of the type class CombineSepAs are named combine_sep_as_* instead combine_sep_gives_* in Rocq. Their Lean counterparts are named combineSepGives_* for consistency.

Type class instance in Lean Located within the Lean codebase in Corresponding type class instance in Rocq Located within the Rocq codebase in
combineSepAs_default Instances.lean maybe_combine_sep_as_default classes.v
combineSepAs_affinely Instances.lean maybe_combine_sep_as_affinely class_instances.v
combineSepAs_intuitionistically Instances.lean maybe_combine_sep_as_intuitionistically class_instances.v
combineSepAs_absorbingly Instances.lean maybe_combine_sep_as_absorbingly class_instances.v
combineSepAs_persistently Instances.lean maybe_combine_sep_as_persistently class_instances.v
combineSepAs_later InstancesLater.lean maybe_combine_sep_as_later class_instances_later.v
combineSepAs_laterN InstancesLater.lean maybe_combine_sep_as_laterN class_instances_later.v
combineSepAs_except0 InstancesLater.lean maybe_combine_sep_as_except_0 class_instances_later.v
combineSepGives_affinely Instances.lean combine_sep_as_affinely class_instances.v
combineSepGives_intuitionistically Instances.lean combine_sep_as_intuitionistically class_instances.v
combineSepGives_absorbingly Instances.lean combine_sep_as_absorbingly class_instances.v
combineSepGives_persistently Instances.lean combine_sep_as_persistently class_instances.v
combineSepGives_later InstancesLater.lean maybe_combine_sep_gives_later class_instances_later.v
combineSepGives_laterN InstancesLater.lean maybe_combine_sep_gives_laterN class_instances_later.v
combineSepGives_except0 InstancesLater.lean maybe_combine_sep_gives_except_0 class_instances_later.v

The tactic should exhibit the following behaviour, consistent with that in Rocq (correct me if I am wrong):

  • If all propositions being combined exist in the intuitionistic context, then the resultant combined proposition also exists in the intuitionistic context.
  • Propositions in the intuitionistic context can be used as arguments of the tactic multiple times. For example, if we have HP : P in the intuitionistic context, then icombine HP HP HP as HNew results in HNew : P ∗ P ∗ P being introduced.
  • Propositions in the spatial context, by contrast, cannot be used multiple times, so the tactic throws an error in that case.
  • If some propositions are in the intuitionistic context while others are in the spatial context, then the resultant combined proposition is in the spatial context. For example, if we have HP : P and HQ : Q in the intuitionistic context as well as HR : R in the spatial context, then icombine HR HQ HP HR as HNew produces Hnew : R ∗ Q ∗ P ∗ R in the spatial context.
  • Right associativity: even though propositions are combined from left to right in the order of tactic arguments, combining P, Q and R should give P ∗ Q ∗ R instead of (P ∗ Q) ∗ R.

Regarding the last point, it appears that this is handled automatically by the type class instance for recursion in Rocq. Since the iterative process is handled by combineGivesProofModeHyp in Lean instead, we currently have the type class instance combineSepAs_assoc for this purpose.

Checklist

  • My code follows the mathlib naming and code style conventions
  • I have updated PORTING.md as appropriate
  • I have added my name to the authors section of any appropriate files

@lzy0505 lzy0505 linked an issue May 13, 2026 that may be closed by this pull request
Port iCombine #359
Open
@alvinylt alvinylt mentioned this pull request May 13, 2026
Closed
3 tasks
MackieLoeffel
MackieLoeffel reviewed May 14, 2026
View reviewed changes
Comment thread Iris/Iris/Examples/IProp.lean
Comment thread Iris/Iris/ProofMode/Tactics/Combine.lean Outdated
{p : Q(Bool)}
{out' : Q($prop)}
(newHyps : Hyps bi newE)
(init : Q(Bool) := q(false))
Copy link
Copy Markdown
Collaborator

@MackieLoeffel MackieLoeffel May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you get rid of this boolean by special casing the 0 argument case and if there is at least one hypothesis, initialize this structure with the first hypothesis?

Comment thread Iris/Iris/ProofMode/Tactics/Combine.lean
(newHyps : Hyps bi newE)
(init : Q(Bool) := q(false))
(pf1 : Q($origE ⊢ $newE ∗ □?$p $out'))
pf : Q(($newE ∗ □?$p $out' ⊢ $goal) → ($origE ⊢ $goal))
Copy link
Copy Markdown
Collaborator

@MackieLoeffel MackieLoeffel May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are pf and pf1 and why are both necessary?

Comment thread Iris/Iris/ProofMode/Tactics/Combine.lean
{out' : Q($prop)}
(hyps : Hyps bi e)
(pf1 : Q($e ⊢ $e ∗ □ $out'))
pf : Q(($e ∗ □ $out' ⊢ $goal) → ($e ⊢ $goal))
Copy link
Copy Markdown
Collaborator

@MackieLoeffel MackieLoeffel May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you combine CombineGivesState and CombineAsState into a single state and also combine the two combine... functions such that one needs to do a single pass instead of two like in Rocq? I thought there was a comment in the Rocq version explaining why they need to do it in a single pass.

Comment thread Iris/Iris/ProofMode/Instances.lean
Note that `icombine` combines propositions from left to right.
For example, when `□ P1`, `□ P2` and `P3` are combined, it may result in
`□ (P1 ∗ P2) ∗ P3`. -/
instance (priority := default - 10) combineSepAs_assoc [BI PROP] (P Q R S : PROP)
Copy link
Copy Markdown
Collaborator

@MackieLoeffel MackieLoeffel May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure if this instance fully solves the problem. Can you instead call instance search in a different order in the tactic to get the behavior we want? E.g. by reversing order in which the list of hypothesis is processed?

alvinylt added 27 commits May 15, 2026 10:25
@alvinylt
Implement an oversimplified version of icombine that combines two pro…
5379d92 
…positions in the spatial context using separation conjunction as the connective

TODO #1: use icasesPat for case destruction
TODO #2: generalise the tactic using type classes
@alvinylt
Move icombine features into iCombineCore as reusable code
aa4f0e1
@alvinylt
Use Hyps.addWithInfo to introduce new hypothesis with the name specif…
e8915cc 
…ied by the user
@alvinylt
Implement the type class CombineSepsAs for icombine
43e3690 
Currently using an instance combineSepAs_default for the simplest way to
combine two propositions with separation conjunction
@alvinylt
Minor identation improvement in lemma (Combine.lean)
484ab6c
@alvinylt
Implement instances of CombineSepAs: monotonicity with <affinely>, <i…
0a4a75a 
…ntuitionstically>, <absorb>, <pers> modalities
@alvinylt
Tests for icombine for monotonicity
f408301
@alvinylt
Define type classes CombineSepGives, CombineSepAsGives, CombineSepAs …
5da50d0 
…and relevant instances for monotonicity
@alvinylt
Generalise the tactic icombine to handle multiple propositions at onc…
ec78143 
…e (iCombineCoreList)
@alvinylt
Define instances for CombineSepsAs
8a258fa
@alvinylt
Minor style refinements
4dcab54
@alvinylt
Introduce lemma leavesMatchBigSep
421b2cb
@alvinylt
Use iCasesCore for patterns for icombine
2d8736d
@alvinylt
Tests for patterns with icombine
a592c69
@alvinylt
Use patterns for iCombineCoreList in Combine.lean
1a66776
@alvinylt
Use outParam for CombineSepsAs and CombineSepGives for synthesis, fix…
6657c44 
… hypothesis for synthesis in CombineSepsAs_cons
@alvinylt
CombineSepsAs_append in Combine.Lean: Handle appended lists of propos…
7ddb0a6 
…itions
@alvinylt
Refine comments for icombine tactic tests
9504240
@alvinylt
Refactor code in Combine.lean such that iCombineCore returns ProofMod…
f960bf1 
…eM value
@alvinylt
Implement icombine with 'as' notation for any number of hypotheses
9a8f67f 
iCombineCore works recursively on the list of hypotheses to be combined
@alvinylt
More tests for icombine
b615e39
@alvinylt
Simplify iCombineCore by reducing repetitive code
6984d82
@alvinylt
Use Hyps.mkSep and Hyps.mkHyp in iCombineCore instead of Hyps.add to …
bb4f674 
…avoid typing problem
@alvinylt
Two more icombine tests
0743bcb
@alvinylt
Simplify arguments with iCombineCore
7a03857 
Some arguments can be inferred by the prover
@alvinylt
More examples to test the handling of propostions in the non-spatial …
8a20058 
…context by icombine
@alvinylt
Bug fix: propositions in the persistent context should not be removed…
0b08c14 
… by icombine
alvinylt added 25 commits May 15, 2026 10:29
@alvinylt
Starting implementing icombine with gives syntax: iCombineGivesCore
2a63d9e
@alvinylt
Proof for iCombineGivesCore: combine_step_gives
7d07a69
@alvinylt
Implement icombine ... as ... gives ... syntax
7d8b825
@alvinylt
Implement recursive case of iCombineGivesCore
65b393a
@alvinylt
Add class instances for icombine in InstancesLater.lean
10a869e
@alvinylt
Add a test for icombine for propositions with later modalities
56d248b
@alvinylt
Update author headers
3c0c808
@alvinylt
Fix typo and add another icombine test
31bc601
@alvinylt
Remove intermediate propositions in the intuitionistic context when i…
d57782f 
…CombineGivesCore is used

Does not affect the behaviour correctness of the tactic but prettier
@alvinylt
Minor code restructuring
68655ba
@alvinylt
Code style formatting for compliance of guidelines
e62027e
@alvinylt
Introduce CombineState
fcac70a
@alvinylt
Refactor icombine code for an iterative implementation instead of rec…
34aa23c 
…ursion

Proofs to be completed
@alvinylt
Update Combine.lean to use IVarId instead of Name (uniq)
24abb1e
@alvinylt
Restructure code in Combine.lean
173823d
@alvinylt
Factor code to reduce repetitiveness
5f124bb
@alvinylt
More refactoring
7213c74
@alvinylt
Minor simplifications
d069a0a
@alvinylt
Implement icombine ... gives ... using CombineState
924bc57
@alvinylt
Finish icombine ... gives ... refactoring
597d47c
@alvinylt
Finish combine_gives_step proof
46a9d27
@alvinylt
Remove redundant variables
75aa7cf
@alvinylt
Simplify base case of icombine ... gives ...
6f8b42e
@alvinylt
Minor refinements
663d31d
@alvinylt
Rename variables, formatting
5581c76
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MackieLoeffel MackieLoeffel MackieLoeffel left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Port iCombine

2 participants

@alvinylt @MackieLoeffel