Skip to content

chore: audit and standardize grind E-graph internalization entry points#12402

Draft
kim-em wants to merge 9 commits intomasterfrom
grind-audit-internalize-entry-points
Draft

chore: audit and standardize grind E-graph internalization entry points#12402
kim-em wants to merge 9 commits intomasterfrom
grind-audit-internalize-entry-points

Conversation

@kim-em
Copy link
Collaborator

@kim-em kim-em commented Feb 10, 2026

This PR adds a preferred entry point preprocessAndInternalize for adding newly constructed
terms to the E-graph, and converts ad-hoc internalization sites to use it. This is preparatory
work for the grind simplification sets design, which requires every term in the E-graph to have
been through the full preprocessing pipeline.

A new function preprocessAndInternalize in Simp.lean composes preprocess and internalize
into a single call. Eight sites that previously used preprocessLight + internalize or bare
internalize are converted to use it, with proof adjustments where needed (e.g. composing
Simp.Result.proof? via mkEqTrans/mkHEqTrans).

Four sites are intentionally not converted, with explanations:

  • Proj.lean: preprocessing would reduce proj_i (ctor ...) to the field value, breaking the
    congruence closure connection mechanism
  • Cutsat/EqCnstr.lean (3 sites): terms are tightly coupled with the cutsat polynomial solver
    and mkVar registration

🤖 Prepared with Claude Code

@kim-em kim-em added the changelog-no Do not include this PR in the release changelog label Feb 10, 2026
kim-em and others added 8 commits February 10, 2026 05:28
@kim-em @claude
chore: audit grind E-graph internalization entry points
d2a539d 
Add `preprocessAndInternalize` as the preferred entry point for adding
newly constructed terms to the E-graph, combining full preprocessing
with internalization. Mark 12 ad-hoc sites across 10 files where complex
synthesized terms bypass the full normalization pipeline with TODO
comments for future investigation.

This is preparatory work for the grind simplification sets design, which
requires that every term in the E-graph has been through the full
preprocessing pipeline.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
chore: use preprocessAndInternalize in ensureInternalized
1557dbe 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
chore: use preprocessAndInternalize in applyCongrFun
3f65124 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
chore: use preprocessAndInternalize in PropagateInj and Ctor
f21ffcf 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
chore: use preprocessAndInternalize in EMatch, Linear, CommRing, AC
59e89b0 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
chore: update remaining TODOs with explanations
70b0137 
Replace generic TODO markers with specific explanations of why
these sites cannot easily use preprocessAndInternalize.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
fix: thread preprocessing proofs through proveEq/proveHEq
1fba6d4 
ensureInternalized now returns Simp.Result so that callers can
compose preprocessing proofs with E-graph equality proofs. This
ensures correctness when full preprocessing produces terms that
are only propositionally (not definitionally) equal to the originals.

In abstractGroundMismatches?, the original subterms are pushed into
the lhss/rhss arrays (needed for definitional equality with the
lambda abstraction), while the preprocessed versions are used only
for the isEqv check.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em @claude
fix: revert arithmetic solver conversions to preprocessAndInternalize
73639ef 
The Linear/DenoteExpr and CommRing/EqCnstr conversions broke 15 tests
because the arithmetic solvers' proof reconstruction is tightly coupled
with the exact form of internalized expressions. Full preprocessing
changes expressions in ways that cause type mismatches in solver proofs.

These sites now have explanatory comments alongside Proj.lean and
Cutsat/EqCnstr.lean as sites that cannot use preprocessAndInternalize.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@kim-em kim-em force-pushed the grind-audit-internalize-entry-points branch from 0492bd1 to 73639ef Compare February 10, 2026 05:51
@github-actions github-actions bot added the toolchain-available A toolchain is available for this PR, at leanprover/lean4-pr-releases:pr-release-NNNN label Feb 10, 2026
@mathlib-lean-pr-testing
Copy link

mathlib-lean-pr-testing bot commented Feb 10, 2026
edited
Loading

Mathlib CI status (docs):

  • ❗ Batteries/Mathlib CI will not be attempted unless your PR branches off the nightly-with-mathlib branch. Try git rebase af2444a140d51e3c97247814204fef6821d2ba76 --onto 39c26fce1da321b24eaf949d0d7d028ba589e4e1. You can force Mathlib CI using the force-mathlib-ci label. (2026-02-10 06:47:17)
  • ❗ Batteries/Mathlib CI will not be attempted unless your PR branches off the nightly-with-mathlib branch. Try git rebase af2444a140d51e3c97247814204fef6821d2ba76 --onto 4cdc199f772977113bd6c1bf87a6c02b78d5c4d3. You can force Mathlib CI using the force-mathlib-ci label. (2026-02-11 00:21:42)

@leanprover-bot
Copy link
Collaborator

leanprover-bot commented Feb 10, 2026
edited
Loading

Reference manual CI status:

  • ❗ Reference manual CI will not be attempted unless your PR branches off the nightly-with-manual branch. Try git rebase af2444a140d51e3c97247814204fef6821d2ba76 --onto 75d7f7eb227bc54dc6ea3d8ead090ee4180debaf. You can force reference manual CI using the force-manual-ci label. (2026-02-10 06:47:18)
  • ❗ Reference manual CI will not be attempted unless your PR branches off the nightly-with-manual branch. Try git rebase af2444a140d51e3c97247814204fef6821d2ba76 --onto 03dc334f73259e1bae0b8f2b80a39a82e1de3df6. You can force reference manual CI using the force-manual-ci label. (2026-02-11 00:21:43)

@kim-em @claude
fix: revert ensureInternalized to preprocessLight
3248c46 
Full preprocessing (via preprocessAndInternalize) runs simp, which can
normalize terms into forms that break congruence closure. For example,
`i < (a :: l).length` becomes `i + 1 ≤ (a :: l).length`, preventing CC
from proving equality with `0 < (a :: l).length` when `i` and `0` are
in the same equivalence class. This caused 6 test failures.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leodemoura leodemoura Awaiting requested review from leodemoura leodemoura will be requested when the pull request is marked ready for review leodemoura is a code owner

Assignees

No one assigned

Labels

changelog-no Do not include this PR in the release changelog toolchain-available A toolchain is available for this PR, at leanprover/lean4-pr-releases:pr-release-NNNN

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kim-em @leanprover-bot