copy across some Find API to Array

.github/workflows/pr-release.yml

@@ -34,7 +34,7 @@ jobs:
       - name: Download artifact from the previous workflow.
         if: ${{ steps.workflow-info.outputs.pullRequestNumber != '' }}
         id: download-artifact
-        uses: dawidd6/action-download-artifact@v9 # https://github.com/marketplace/actions/download-workflow-artifact
+        uses: dawidd6/action-download-artifact@v8 # https://github.com/marketplace/actions/download-workflow-artifact
         with:
           run_id: ${{ github.event.workflow_run.id }}
           path: artifacts
@@ -155,20 +155,6 @@ jobs:
           fi
 
           if [[ -n "$MESSAGE" ]]; then
-            # Check if force-mathlib-ci label is present
-            LABELS="$(curl --retry 3 --location --silent \
-                          -H "Authorization: token ${{ secrets.MATHLIB4_COMMENT_BOT }}" \
-                          -H "Accept: application/vnd.github.v3+json" \
-                          "https://api.github.com/repos/leanprover/lean4/issues/${{ steps.workflow-info.outputs.pullRequestNumber }}/labels" \
-                          | jq -r '.[].name')"
-            
-            if echo "$LABELS" | grep -q "^force-mathlib-ci$"; then
-              echo "force-mathlib-ci label detected, forcing CI despite issues"
-              MESSAGE="Forcing Mathlib CI because the \`force-mathlib-ci\` label is present, despite problem: $MESSAGE"
-              FORCE_CI=true
-            else
-              MESSAGE="$MESSAGE You can force Mathlib CI using the \`force-mathlib-ci\` label."
-            fi
 
             echo "Checking existing messages"
 
@@ -215,12 +201,7 @@ jobs:
             else
               echo "The message already exists in the comment body."
             fi
-
-            if [[ "$FORCE_CI" == "true" ]]; then
-              echo "mathlib_ready=true" >> "$GITHUB_OUTPUT"
-            else
-              echo "mathlib_ready=false" >> "$GITHUB_OUTPUT"
-            fi
+            echo "mathlib_ready=false" >> "$GITHUB_OUTPUT"
           else
             echo "mathlib_ready=true" >> "$GITHUB_OUTPUT"
           fi
@@ -271,7 +252,7 @@ jobs:
           if git ls-remote --heads --tags --exit-code origin "nightly-testing-${MOST_RECENT_NIGHTLY}" >/dev/null; then
             BASE="nightly-testing-${MOST_RECENT_NIGHTLY}"
           else
-            echo "Couldn't find a 'nightly-testing-${MOST_RECENT_NIGHTLY}' tag at Batteries. Falling back to 'nightly-testing'."
+            echo "This shouldn't be possible: couldn't find a 'nightly-testing-${MOST_RECENT_NIGHTLY}' tag at Batteries. Falling back to 'nightly-testing'."
             BASE=nightly-testing
           fi
 
@@ -335,7 +316,7 @@ jobs:
           if git ls-remote --heads --tags --exit-code origin "nightly-testing-${MOST_RECENT_NIGHTLY}" >/dev/null; then
             BASE="nightly-testing-${MOST_RECENT_NIGHTLY}"
           else
-            echo "Couldn't find a 'nightly-testing-${MOST_RECENT_NIGHTLY}' branch at Mathlib. Falling back to 'nightly-testing'."
+            echo "This shouldn't be possible: couldn't find a 'nightly-testing-${MOST_RECENT_NIGHTLY}' branch at Mathlib. Falling back to 'nightly-testing'."
             BASE=nightly-testing
           fi
 

CMakeLists.txt

@@ -47,11 +47,10 @@ if (NOT ${CMAKE_SYSTEM_NAME} MATCHES "Emscripten")
     if(${CMAKE_SYSTEM_NAME} MATCHES "Windows")
       string(APPEND CADICAL_CXXFLAGS " -DNUNLOCKED")
     endif()
-    string(APPEND CADICAL_CXXFLAGS " -DNCLOSEFROM")
     ExternalProject_add(cadical
       PREFIX cadical
       GIT_REPOSITORY https://github.com/arminbiere/cadical
-      GIT_TAG rel-2.1.2
+      GIT_TAG rel-1.9.5
       CONFIGURE_COMMAND ""
       # https://github.com/arminbiere/cadical/blob/master/BUILD.md#manual-build
       BUILD_COMMAND $(MAKE) -f ${CMAKE_SOURCE_DIR}/src/cadical.mk CMAKE_EXECUTABLE_SUFFIX=${CMAKE_EXECUTABLE_SUFFIX} CXX=${CADICAL_CXX} CXXFLAGS=${CADICAL_CXXFLAGS}

flake.lock

@@ -36,17 +36,17 @@
     },
     "nixpkgs-cadical": {
       "locked": {
-        "lastModified": 1740791350,
-        "narHash": "sha256-igS2Z4tVw5W/x3lCZeeadt0vcU9fxtetZ/RyrqsCRQ0=",
+        "lastModified": 1722221733,
+        "narHash": "sha256-sga9SrrPb+pQJxG1ttJfMPheZvDOxApFfwXCFO0H9xw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "199169a2135e6b864a888e89a2ace345703c025d",
+        "rev": "12bf09802d77264e441f48e25459c10c93eada2e",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "199169a2135e6b864a888e89a2ace345703c025d",
+        "rev": "12bf09802d77264e441f48e25459c10c93eada2e",
         "type": "github"
       }
     },

flake.nix

@@ -8,8 +8,8 @@
   # old nixpkgs used for portable release with older glibc (2.26)
   inputs.nixpkgs-older.url = "github:NixOS/nixpkgs/0b307aa73804bbd7a7172899e59ae0b8c347a62d";
   inputs.nixpkgs-older.flake = false;
-  # for cadical 2.1.2; sync with CMakeLists.txt by taking commit from https://www.nixhub.io/packages/cadical
-  inputs.nixpkgs-cadical.url = "github:NixOS/nixpkgs/199169a2135e6b864a888e89a2ace345703c025d";
+  # for cadical 1.9.5; sync with CMakeLists.txt
+  inputs.nixpkgs-cadical.url = "github:NixOS/nixpkgs/12bf09802d77264e441f48e25459c10c93eada2e";
   inputs.flake-utils.url = "github:numtide/flake-utils";
 
   outputs = inputs: inputs.flake-utils.lib.eachDefaultSystem (system:

script/prepare-llvm-mingw.sh

@@ -25,10 +25,7 @@ cp llvm/lib/clang/*/include/{std*,__std*,limits}.h stage1/include/clang
 echo '
 // https://docs.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-seterrormode
 #define SEM_FAILCRITICALERRORS 0x0001
-__declspec(dllimport) __stdcall unsigned int SetErrorMode(unsigned int uMode);
-// https://docs.microsoft.com/en-us/windows/console/setconsoleoutputcp
-#define CP_UTF8 65001
-__declspec(dllimport) __stdcall int SetConsoleOutputCP(unsigned int wCodePageID);' > stage1/include/clang/windows.h
+__declspec(dllimport) __stdcall unsigned int SetErrorMode(unsigned int uMode);' > stage1/include/clang/windows.h
 # COFF dependencies
 cp /clang64/lib/{crtbegin,crtend,crt2,dllcrt2}.o stage1/lib/
 # runtime

script/release_notes.py

@@ -65,21 +65,20 @@ def format_markdown_description(pr_number, description):
     link = f"[#{pr_number}](https://github.com/leanprover/lean4/pull/{pr_number})"
     return f"{link} {description}"
 
-def commit_types():
-    # see doc/dev/commit_convention.md
-    return ['feat', 'fix', 'doc', 'style', 'refactor', 'test', 'chore', 'perf']
-
 def count_commit_types(commits):
     counts = {
         'total': len(commits),
+        'feat': 0,
+        'fix': 0,
+        'refactor': 0,
+        'doc': 0,
+        'chore': 0
     }
-    for commit_type in commit_types():
-        counts[commit_type] = 0
     
     for _, first_line, _ in commits:
-        for commit_type in commit_types():
-            if first_line.startswith(f'{commit_type}:'):
-                counts[commit_type] += 1
+        for commit_type in ['feat:', 'fix:', 'refactor:', 'doc:', 'chore:']:
+            if first_line.startswith(commit_type):
+                counts[commit_type.rstrip(':')] += 1
                 break
     
     return counts
@@ -159,9 +158,8 @@ def main():
     counts = count_commit_types(commits)
     print(f"For this release, {counts['total']} changes landed. "
           f"In addition to the {counts['feat']} feature additions and {counts['fix']} fixes listed below "
-          f"there were {counts['refactor']} refactoring changes, {counts['doc']} documentation improvements, "
-          f"{counts['perf']} performance improvements, {counts['test']} improvements to the test suite "
-          f"and {counts['style'] + counts['chore']} other changes.\n")
+          f"there were {counts['refactor']} refactoring changes, {counts['doc']} documentation improvements "
+          f"and {counts['chore']} chores.\n")
 
     section_order = sort_sections_order()
     sorted_changelog = sorted(changelog.items(), key=lambda item: section_order.index(format_section_title(item[0])) if format_section_title(item[0]) in section_order else len(section_order))

src/CMakeLists.txt

@@ -10,7 +10,7 @@ endif()
 include(ExternalProject)
 project(LEAN CXX C)
 set(LEAN_VERSION_MAJOR 4)
-set(LEAN_VERSION_MINOR 19)
+set(LEAN_VERSION_MINOR 18)
 set(LEAN_VERSION_PATCH 0)
 set(LEAN_VERSION_IS_RELEASE 0)  # This number is 1 in the release revision, and 0 otherwise.
 set(LEAN_SPECIAL_VERSION_DESC "" CACHE STRING "Additional version description like 'nightly-2018-03-11'")

src/Init/Data/Array/Attach.lean

@@ -555,10 +555,6 @@ def unattach {α : Type _} {p : α → Prop} (xs : Array { x // p x }) : Array
     (xs.push a).unattach = xs.unattach.push a.1 := by
   simp only [unattach, Array.map_push]
 
-@[simp] theorem mem_unattach {p : α → Prop} {xs : Array { x // p x }} {a} :
-    a ∈ xs.unattach ↔ ∃ h : p a, ⟨a, h⟩ ∈ xs := by
-  simp only [unattach, mem_map, Subtype.exists, exists_and_right, exists_eq_right]
-
 @[simp] theorem size_unattach {p : α → Prop} {xs : Array { x // p x }} :
     xs.unattach.size = xs.size := by
   unfold unattach
@@ -680,20 +676,6 @@ and simplifies these to the function directly taking the value.
   simp
   rw [List.find?_subtype hf]
 
-@[simp] theorem all_subtype {p : α → Prop} {xs : Array { x // p x }} {f : { x // p x } → Bool} {g : α → Bool}
-    (hf : ∀ x h, f ⟨x, h⟩ = g x) (w : stop = xs.size) :
-    xs.all f 0 stop = xs.unattach.all g := by
-  subst w
-  rcases xs with ⟨xs⟩
-  simp [hf]
-
-@[simp] theorem any_subtype {p : α → Prop} {xs : Array { x // p x }} {f : { x // p x } → Bool} {g : α → Bool}
-    (hf : ∀ x h, f ⟨x, h⟩ = g x) (w : stop = xs.size) :
-    xs.any f 0 stop = xs.unattach.any g := by
-  subst w
-  rcases xs with ⟨xs⟩
-  simp [hf]
-
 /-! ### Simp lemmas pushing `unattach` inwards. -/
 
 @[simp] theorem unattach_filter {p : α → Prop} {xs : Array { x // p x }}

src/Init/Data/Array/Basic.lean

@@ -144,8 +144,6 @@ end List
 
 namespace Array
 
-theorem size_eq_length_toList (xs : Array α) : xs.size = xs.toList.length := rfl
-
 @[deprecated toList_toArray (since := "2024-09-09")] abbrev data_toArray := @List.toList_toArray
 
 @[deprecated Array.toList (since := "2024-09-10")] abbrev Array.data := @Array.toList

src/Init/Data/Array/Count.lean

@@ -23,18 +23,6 @@ section countP
 
 variable (p q : α → Bool)
 
-@[simp] theorem _root_.List.countP_toArray (l : List α) : countP p l.toArray = l.countP p := by
-  simp [countP]
-  induction l with
-  | nil => rfl
-  | cons hd tl ih =>
-    simp only [List.foldr_cons, ih, List.countP_cons]
-    split <;> simp_all
-
-@[simp] theorem countP_toList (xs : Array α) : xs.toList.countP p = countP p xs := by
-  cases xs
-  simp
-
 @[simp] theorem countP_empty : countP p #[] = 0 := rfl
 
 @[simp] theorem countP_push_of_pos (xs) (pa : p a) : countP p (xs.push a) = countP p xs + 1 := by
@@ -162,13 +150,6 @@ section count
 
 variable [BEq α]
 
-@[simp] theorem _root_.List.count_toArray (l : List α) (a : α) : count a l.toArray = l.count a := by
-  simp [count, List.count_eq_countP]
-
-@[simp] theorem count_toList (xs : Array α) (a : α) : xs.toList.count a = xs.count a := by
-  cases xs
-  simp
-
 @[simp] theorem count_empty (a : α) : count a #[] = 0 := rfl
 
 theorem count_push (a b : α) (xs : Array α) :

src/Init/Data/Array/Erase.lean

@@ -282,10 +282,6 @@ end erase
 
 /-! ### eraseIdx -/
 
-theorem eraseIdx_eq_eraseIdxIfInBounds {xs : Array α} {i : Nat} (h : i < xs.size) :
-    xs.eraseIdx i h = xs.eraseIdxIfInBounds i := by
-  simp [eraseIdxIfInBounds, h]
-
 theorem eraseIdx_eq_take_drop_succ (xs : Array α) (i : Nat) (h) : xs.eraseIdx i = xs.take i ++ xs.drop (i + 1) := by
   rcases xs with ⟨xs⟩
   simp only [List.size_toArray] at h

src/Init/Data/Array/MapIdx.lean

@@ -6,7 +6,6 @@ Authors: Mario Carneiro, Kim Morrison
 prelude
 import Init.Data.Array.Lemmas
 import Init.Data.Array.Attach
-import Init.Data.Array.OfFn
 import Init.Data.List.MapIdx
 
 set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.

src/Init/Data/Array/Monadic.lean

@@ -23,9 +23,6 @@ open Nat
 
 /-! ### mapM -/
 
-@[simp] theorem mapM_id {xs : Array α} {f : α → Id β} : xs.mapM f = xs.map f := by
-  induction xs; simp_all
-
 @[simp] theorem mapM_append [Monad m] [LawfulMonad m] (f : α → m β) {xs ys : Array α} :
     (xs ++ ys).mapM f = (return (← xs.mapM f) ++ (← ys.mapM f)) := by
   rcases xs with ⟨xs⟩

src/Init/Data/Array/OfFn.lean

@@ -16,25 +16,6 @@ set_option linter.indexVariables true -- Enforce naming conventions for index va
 
 namespace Array
 
-@[simp] theorem ofFn_zero (f : Fin 0 → α) : ofFn f = #[] := rfl
-
-theorem ofFn_succ (f : Fin (n+1) → α) :
-    ofFn f = (ofFn (fun (i : Fin n) => f i.castSucc)).push (f ⟨n, by omega⟩) := by
-  ext i h₁ h₂
-  · simp
-  · simp [getElem_push]
-    split <;> rename_i h₃
-    · rfl
-    · congr
-      simp at h₁ h₂
-      omega
-
-@[simp] theorem _rooy_.List.toArray_ofFn (f : Fin n → α) : (List.ofFn f).toArray = Array.ofFn f := by
-  ext <;> simp
-
-@[simp] theorem toList_ofFn (f : Fin n → α) : (Array.ofFn f).toList = List.ofFn f := by
-  apply List.ext_getElem <;> simp
-
 @[simp]
 theorem ofFn_eq_empty_iff {f : Fin n → α} : ofFn f = #[] ↔ n = 0 := by
   rw [← Array.toList_inj]

src/Init/Data/BEq.lean

@@ -49,14 +49,6 @@ theorem BEq.symm_false [BEq α] [PartialEquivBEq α] {a b : α} : (a == b) = fal
 theorem BEq.trans [BEq α] [PartialEquivBEq α] {a b c : α} : a == b → b == c → a == c :=
   PartialEquivBEq.trans
 
-theorem BEq.congr_left [BEq α] [PartialEquivBEq α] {a b c : α} (h : a == b) :
-    (a == c) = (b == c) :=
-  Bool.eq_iff_iff.mpr ⟨BEq.trans (BEq.symm h), BEq.trans h⟩
-
-theorem BEq.congr_right [BEq α] [PartialEquivBEq α] {a b c : α} (h : b == c) :
-    (a == b) = (a == c) :=
-  Bool.eq_iff_iff.mpr ⟨fun h' => BEq.trans h' h, fun h' => BEq.trans h' (BEq.symm h)⟩
-
 theorem BEq.neq_of_neq_of_beq [BEq α] [PartialEquivBEq α] {a b c : α} :
     (a == b) = false → b == c → (a == c) = false :=
   fun h₁ h₂ => Bool.eq_false_iff.2 fun h₃ => Bool.eq_false_iff.1 h₁ (BEq.trans h₃ (BEq.symm h₂))

src/Init/Data/BitVec/Bitblast.lean

@@ -544,15 +544,6 @@ theorem slt_eq_not_carry (x y : BitVec w) :
 theorem sle_eq_not_slt (x y : BitVec w) : x.sle y = !y.slt x := by
   simp only [BitVec.sle, BitVec.slt, ← decide_not, decide_eq_decide]; omega
 
-theorem zero_sle_eq_not_msb {w : Nat} {x : BitVec w} : BitVec.sle 0#w x = !x.msb := by
-  rw [sle_eq_not_slt, BitVec.slt_zero_eq_msb]
-
-theorem zero_sle_iff_msb_eq_false {w : Nat} {x : BitVec w} : BitVec.sle 0#w x ↔ x.msb = false := by
-  simp [zero_sle_eq_not_msb]
-
-theorem toNat_toInt_of_sle {w : Nat} (b : BitVec w) (hb : BitVec.sle 0#w b) : b.toInt.toNat = b.toNat :=
-  toNat_toInt_of_msb b (zero_sle_iff_msb_eq_false.1 hb)
-
 theorem sle_eq_carry (x y : BitVec w) :
     x.sle y = !((x.msb == y.msb).xor (carry w y (~~~x) true)) := by
   rw [sle_eq_not_slt, slt_eq_not_carry, beq_comm]

src/Init/Data/BitVec/Lemmas.lean

@@ -13,7 +13,6 @@ import Init.Data.Nat.Div.Lemmas
 import Init.Data.Nat.Mod
 import Init.Data.Nat.Div.Lemmas
 import Init.Data.Int.Bitwise.Lemmas
-import Init.Data.Int.LemmasAux
 import Init.Data.Int.Pow
 
 set_option linter.missingDocs true
@@ -324,9 +323,6 @@ theorem getMsbD_ofNatLt {n x i : Nat} (h : x < 2^n) :
 @[simp, bitvec_to_nat] theorem toNat_ofNat (x w : Nat) : (BitVec.ofNat w x).toNat = x % 2^w := by
   simp [BitVec.toNat, BitVec.ofNat, Fin.ofNat']
 
-theorem ofNatLT_eq_ofNat {w : Nat} {n : Nat} (hn) : BitVec.ofNatLT n hn = BitVec.ofNat w n :=
-  eq_of_toNat_eq (by simp [Nat.mod_eq_of_lt hn])
-
 @[simp] theorem toFin_ofNat (x : Nat) : toFin (BitVec.ofNat w x) = Fin.ofNat' (2^w) x := rfl
 
 -- Remark: we don't use `[simp]` here because simproc` subsumes it for literals.
@@ -532,9 +528,6 @@ theorem toInt_eq_toNat_of_msb {x : BitVec w} (h : x.msb = false) :
     x.toInt = x.toNat := by
   simp [toInt_eq_msb_cond, h]
 
-theorem toNat_toInt_of_msb {w : Nat} (b : BitVec w) (hb : b.msb = false) : b.toInt.toNat = b.toNat := by
-  simp [b.toInt_eq_toNat_of_msb hb]
-
 theorem toInt_eq_toNat_bmod (x : BitVec n) : x.toInt = Int.bmod x.toNat (2^n) := by
   simp only [toInt_eq_toNat_cond]
   split
@@ -576,11 +569,6 @@ theorem toInt_ofNat {n : Nat} (x : Nat) :
   have p : 0 ≤ i % (2^n : Nat) := by omega
   simp [toInt_eq_toNat_bmod, Int.toNat_of_nonneg p]
 
-theorem toInt_ofInt_eq_self {w : Nat} (hw : 0 < w) {n : Int}
-    (h : -2 ^ (w - 1) ≤ n) (h' : n < 2 ^ (w - 1)) : (BitVec.ofInt w n).toInt = n := by
-  have hw : w = (w - 1) + 1 := by omega
-  rw [toInt_ofInt, Int.bmod_eq_self_of_le] <;> (rw [hw]; simp [Int.natCast_pow]; omega)
-
 @[simp] theorem ofInt_natCast (w n : Nat) :
   BitVec.ofInt w (n : Int) = BitVec.ofNat w n := rfl
 
@@ -657,12 +645,6 @@ theorem slt_zero_iff_msb_cond {x : BitVec w} : x.slt 0#w ↔ x.msb = true := by
     simp [BitVec.slt, this]
     omega
 
-theorem slt_zero_eq_msb {w : Nat} {x : BitVec  w} : x.slt 0#w = x.msb := by
-  rw [Bool.eq_iff_iff, BitVec.slt_zero_iff_msb_cond]
-
-theorem sle_iff_toInt_le {w : Nat} {b b' : BitVec w} : b.sle b' ↔ b.toInt ≤ b'.toInt :=
-  decide_eq_true_iff
-
 /-! ### setWidth, zeroExtend and truncate -/
 
 @[simp]
@@ -1485,16 +1467,6 @@ theorem extractLsb_not_of_lt {x : BitVec w} {hi lo : Nat} (hlo : lo ≤ hi) (hhi
   simp [hk, show k ≤ hi - lo by omega]
   omega
 
-@[simp]
-theorem ne_not_self {a : BitVec w} (h : 0 < w) : a ≠ ~~~a := by
-  have : ∃ x, x < w := ⟨w - 1, by omega⟩
-  simp [BitVec.eq_of_getElem_eq_iff, this]
-
-@[simp]
-theorem not_self_ne {a : BitVec w} (h : 0 < w) : ~~~a ≠ a := by
-  rw [ne_comm]
-  simp [h]
-
 /-! ### cast -/
 
 @[simp] theorem not_cast {x : BitVec w} (h : w = w') : ~~~(x.cast h) = (~~~x).cast h := by
@@ -2070,7 +2042,7 @@ theorem signExtend_eq_setWidth_of_lt (x : BitVec w) {v : Nat} (hv : v ≤ w):
   simp [getElem_signExtend, show i < w by omega]
 
 /-- Sign extending to the same bitwidth is a no op. -/
-@[simp] theorem signExtend_eq (x : BitVec w) : x.signExtend w = x := by
+theorem signExtend_eq (x : BitVec w) : x.signExtend w = x := by
   rw [signExtend_eq_setWidth_of_lt _ (Nat.le_refl _), setWidth_eq]
 
 /-- Sign extending to a larger bitwidth depends on the msb.
@@ -2112,63 +2084,43 @@ theorem toNat_signExtend (x : BitVec w) {v : Nat} :
   · have : 2^w ≤ 2^v := Nat.pow_le_pow_right Nat.two_pos (by omega)
     rw [toNat_signExtend_of_le x (by omega), toNat_setWidth, Nat.mod_eq_of_lt (by omega)]
 
-/--
+/-
 If the current width `w` is smaller than the extended width `v`,
 then the value when interpreted as an integer does not change.
 -/
-theorem toInt_signExtend_of_le {x : BitVec w} (h : w ≤ v) :
+theorem toInt_signExtend_of_lt {x : BitVec w} (hv : w < v):
     (x.signExtend v).toInt = x.toInt := by
-  by_cases hlt : w < v
-  · rw [toInt_signExtend_of_lt hlt]
-  · obtain rfl : w = v := by omega
-    simp
-where
-  toInt_signExtend_of_lt {x : BitVec w} (hv : w < v):
-      (x.signExtend v).toInt = x.toInt := by
-    simp only [toInt_eq_msb_cond, toNat_signExtend]
-    have : (x.signExtend v).msb = x.msb := by
-      rw [msb_eq_getLsbD_last, getLsbD_eq_getElem (Nat.sub_one_lt_of_lt hv)]
-      simp [getElem_signExtend, Nat.le_sub_one_of_lt hv]
-      omega
-    have H : 2^w ≤ 2^v := Nat.pow_le_pow_right (by omega) (by omega)
-    simp only [this, toNat_setWidth, Int.natCast_add, Int.ofNat_emod, Int.natCast_mul]
-    by_cases h : x.msb
-    <;> norm_cast
-    <;> simp [h, Nat.mod_eq_of_lt (Nat.lt_of_lt_of_le x.isLt H)]
+  simp only [toInt_eq_msb_cond, toNat_signExtend]
+  have : (x.signExtend v).msb = x.msb := by
+    rw [msb_eq_getLsbD_last, getLsbD_eq_getElem (Nat.sub_one_lt_of_lt hv)]
+    simp [getElem_signExtend, Nat.le_sub_one_of_lt hv]
     omega
+  have H : 2^w ≤ 2^v := Nat.pow_le_pow_right (by omega) (by omega)
+  simp only [this, toNat_setWidth, Int.natCast_add, Int.ofNat_emod, Int.natCast_mul]
+  by_cases h : x.msb
+  <;> norm_cast
+  <;> simp [h, Nat.mod_eq_of_lt (Nat.lt_of_lt_of_le x.isLt H)]
+  omega
 
-/--
+/-
 If the current width `w` is larger than the extended width `v`,
 then the value when interpreted as an integer is truncated,
 and we compute a modulo by `2^v`.
 -/
-theorem toInt_signExtend_eq_toNat_bmod_of_le {x : BitVec w} (hv : v ≤ w) :
+theorem toInt_signExtend_of_le {x : BitVec w} (hv : v ≤ w) :
     (x.signExtend v).toInt = Int.bmod x.toNat (2^v) := by
   simp [signExtend_eq_setWidth_of_lt _ hv]
 
-/--
+/-
 Interpreting the sign extension of `(x : BitVec w)` to width `v`
-computes `x % 2^v` (where `%` is the balanced mod). See `toInt_signExtend` for a version stated
-in terms of `toInt` instead of `toNat`.
+computes `x % 2^v` (where `%` is the balanced mod).
 -/
-theorem toInt_signExtend_eq_toNat_bmod (x : BitVec w) :
-    (x.signExtend v).toInt = Int.bmod x.toNat (2 ^ min v w) := by
-  by_cases hv : v ≤ w
-  · simp [toInt_signExtend_eq_toNat_bmod_of_le hv, Nat.min_eq_left hv]
-  · simp only [Nat.not_le] at hv
-    rw [toInt_signExtend_of_le (Nat.le_of_lt hv),
-      Nat.min_eq_right (by omega), toInt_eq_toNat_bmod]
-
 theorem toInt_signExtend (x : BitVec w) :
-    (x.signExtend v).toInt = x.toInt.bmod (2 ^ min v w) := by
-  rw [toInt_signExtend_eq_toNat_bmod, BitVec.toInt_eq_toNat_bmod, Int.bmod_bmod_of_dvd]
-  exact Nat.pow_dvd_pow _ (Nat.min_le_right v w)
-
-theorem toInt_signExtend_eq_toInt_bmod_of_le (x : BitVec w) (h : v ≤ w) :
-    (x.signExtend v).toInt = x.toInt.bmod (2 ^ v) := by
-  rw [BitVec.toInt_signExtend, Nat.min_eq_left h]
-
-attribute [simp] BitVec.signExtend_eq
+    (x.signExtend v).toInt = Int.bmod x.toNat (2^(min v w)) := by
+  by_cases hv : v ≤ w
+  · simp [toInt_signExtend_of_le hv, Nat.min_eq_left hv]
+  · simp only [Nat.not_le] at hv
+    rw [toInt_signExtend_of_lt hv, Nat.min_eq_right (by omega), toInt_eq_toNat_bmod]
 
 /-! ### append -/
 
@@ -2741,9 +2693,6 @@ theorem toInt_neg {x : BitVec w} :
   rw [← BitVec.zero_sub, toInt_sub]
   simp [BitVec.toInt_ofNat]
 
-theorem ofInt_neg {w : Nat} {n : Int} : BitVec.ofInt w (-n) = -BitVec.ofInt w n :=
-  eq_of_toInt_eq (by simp [toInt_neg])
-
 @[simp] theorem toFin_neg (x : BitVec n) :
     (-x).toFin = Fin.ofNat' (2^n) (2^n - x.toNat) :=
   rfl
@@ -4160,7 +4109,9 @@ theorem sub_le_sub_iff_le {x y z : BitVec w} (hxz : z ≤ x) (hyz : z ≤ y) :
 
 theorem msb_eq_toInt {x : BitVec w}:
     x.msb = decide (x.toInt < 0) := by
-  by_cases h : x.msb <;> simp [h, toInt_eq_msb_cond] <;> omega
+  by_cases h : x.msb <;>
+  · simp [h, toInt_eq_msb_cond]
+    omega
 
 theorem msb_eq_toNat {x : BitVec w}:
     x.msb = decide (x.toNat ≥ 2 ^ (w - 1)) := by

src/Init/Data/Bool.lean

@@ -539,8 +539,8 @@ theorem cond_decide {α} (p : Prop) [Decidable p] (t e : α) :
 @[simp] theorem cond_eq_false_distrib : ∀(c t f : Bool),
     (cond c t f = false) = ite (c = true) (t = false) (f = false) := by decide
 
-protected theorem cond_true  {α : Sort u} {a b : α} : cond true  a b = a := cond_true  a b
-protected theorem cond_false {α : Sort u} {a b : α} : cond false a b = b := cond_false a b
+protected theorem cond_true  {α : Type u} {a b : α} : cond true  a b = a := cond_true  a b
+protected theorem cond_false {α : Type u} {a b : α} : cond false a b = b := cond_false a b
 
 @[simp] theorem cond_true_left   : ∀(c f : Bool), cond c true f  = ( c || f) := by decide
 @[simp] theorem cond_false_left  : ∀(c f : Bool), cond c false f = (!c && f) := by decide

src/Init/Data/Fin/Lemmas.lean

@@ -45,7 +45,6 @@ theorem val_ne_iff {a b : Fin n} : a.1 ≠ b.1 ↔ a ≠ b := not_congr val_inj
 theorem forall_iff {p : Fin n → Prop} : (∀ i, p i) ↔ ∀ i h, p ⟨i, h⟩ :=
   ⟨fun h i hi => h ⟨i, hi⟩, fun h ⟨i, hi⟩ => h i hi⟩
 
-/-- Restatement of `Fin.mk.injEq` as an `iff`. -/
 protected theorem mk.inj_iff {n a b : Nat} {ha : a < n} {hb : b < n} :
     (⟨a, ha⟩ : Fin n) = ⟨b, hb⟩ ↔ a = b := Fin.ext_iff
 
@@ -56,14 +55,6 @@ theorem eq_mk_iff_val_eq {a : Fin n} {k : Nat} {hk : k < n} :
 
 theorem mk_val (i : Fin n) : (⟨i, i.isLt⟩ : Fin n) = i := Fin.eta ..
 
-@[simp] theorem mk_eq_zero {n a : Nat} {ha : a < n} [NeZero n] :
-    (⟨a, ha⟩ : Fin n) = 0 ↔ a = 0 :=
-  mk.inj_iff
-
-@[simp] theorem zero_eq_mk {n a : Nat} {ha : a < n} [NeZero n] :
-    0 = (⟨a, ha⟩ : Fin n) ↔ a = 0 := by
-  simp [eq_comm]
-
 @[simp] theorem val_ofNat' (n : Nat) [NeZero n] (a : Nat) :
   (Fin.ofNat' n a).val = a % n := rfl
 

src/Init/Data/Int/Basic.lean

@@ -17,12 +17,10 @@ open Nat
 This file defines the `Int` type as well as
 
 * coercions, conversions, and compatibility with numeric literals,
-* basic arithmetic operations add/sub/mul/pow,
+* basic arithmetic operations add/sub/mul/div/mod/pow,
 * a few `Nat`-related operations such as `negOfNat` and `subNatNat`,
 * relations `<`/`≤`/`≥`/`>`, the `NonNeg` property and `min`/`max`,
 * decidability of equality, relations and `NonNeg`.
-
-Division and modulus operations are defined in `Init.Data.Int.DivMod.Basic`.
 -/
 
 /--

src/Init/Data/Int/Cooper.lean

@@ -227,4 +227,33 @@ theorem cooper_resolution_dvd_right
     · exact Int.mul_neg _ _ ▸ Int.neg_le_of_neg_le lower
     · exact Int.mul_neg _ _ ▸ Int.neg_mul _ _ ▸ dvd
 
-end Int
+/--
+Left Cooper resolution of an upper and lower bound.
+-/
+theorem cooper_resolution_left
+    {a b p q : Int} (a_pos : 0 < a) (b_pos : 0 < b) :
+    (∃ x, p ≤ a * x ∧ b * x ≤ q) ↔
+    (∃ k : Int, 0 ≤ k ∧ k < a ∧ b * k + b * p ≤ a * q ∧ a ∣ k + p) := by
+  have h := cooper_resolution_dvd_left
+    a_pos b_pos Int.zero_lt_one (c := 1) (s := 0) (p := p) (q := q)
+  simp only [Int.mul_one, Int.one_mul, Int.mul_zero, Int.add_zero, gcd_one, Int.ofNat_one,
+    Int.ediv_one, lcm_self, Int.natAbs_of_nonneg (Int.le_of_lt a_pos), Int.one_dvd, and_true,
+    and_self] at h
+  exact h
+
+/--
+Right Cooper resolution of an upper and lower bound.
+-/
+theorem cooper_resolution_right
+    {a b p q : Int} (a_pos : 0 < a) (b_pos : 0 < b) :
+    (∃ x, p ≤ a * x ∧ b * x ≤ q) ↔
+    (∃ k : Int, 0 ≤ k ∧ k < b ∧ a * k + b * p ≤ a * q ∧ b ∣ k - q) := by
+  have h := cooper_resolution_dvd_right
+    a_pos b_pos Int.zero_lt_one (c := 1) (s := 0) (p := p) (q := q)
+  have : ∀ k : Int, (b ∣ -k + q) ↔ (b ∣ k - q) := by
+    intro k
+    rw [← Int.dvd_neg, Int.neg_add, Int.neg_neg, Int.sub_eq_add_neg]
+  simp only [Int.mul_one, Int.one_mul, Int.mul_zero, Int.add_zero, gcd_one, Int.ofNat_one,
+    Int.ediv_one, lcm_self, Int.natAbs_of_nonneg (Int.le_of_lt b_pos), Int.one_dvd, and_true,
+    and_self, ← Int.neg_eq_neg_one_mul, this] at h
+  exact h

src/Init/Data/Int/DivMod/Basic.lean

@@ -21,25 +21,25 @@ and satisfy `x / 0 = 0` and `x % 0 = x`.
 In early versions of Lean, the typeclasses provided by `/` and `%`
 were defined in terms of `tdiv` and `tmod`, and these were named simply as `div` and `mod`.
 
-However we decided it was better to use `ediv` and `emod` for the default typeclass instances,
+However we decided it was better to use `ediv` and `emod`,
 as they are consistent with the conventions used in SMTLib, and Mathlib,
 and often mathematical reasoning is easier with these conventions.
-At that time, we did not rename `div` and `mod` to `tdiv` and `tmod` (along with all their lemma).
 
+At that time, we did not rename `div` and `mod` to `tdiv` and `tmod` (along with all their lemma).
 In September 2024, we decided to do this rename (with deprecations in place),
 and later we intend to rename `ediv` and `emod` to `div` and `mod`, as nearly all users will only
 ever need to use these functions and their associated lemmas.
 
-In December 2024, we removed `div` and `mod`, but have not yet renamed `ediv` and `emod`.
+In December 2024, we removed `tdiv` and `tmod`, but have not yet renamed `ediv` and `emod`.
 -/
 
 /-! ### E-rounding division
-This pair satisfies `0 ≤ emod x y < natAbs y` for `y ≠ 0`.
+This pair satisfies `0 ≤ mod x y < natAbs y` for `y ≠ 0`.
 -/
 
 /--
-Integer division. This version of integer division uses the E-rounding convention
-(euclidean division), in which `Int.emod x y` satisfies `0 ≤ emod x y < natAbs y` for `y ≠ 0`
+Integer division. This version of `Int.div` uses the E-rounding convention
+(euclidean division), in which `Int.emod x y` satisfies `0 ≤ mod x y < natAbs y` for `y ≠ 0`
 and `Int.ediv` is the unique function satisfying `emod x y + (ediv x y) * y = x`.
 
 This is the function powering the `/` notation on integers.
@@ -71,7 +71,7 @@ def ediv : (@& Int) → (@& Int) → Int
   | -[m+1],  -[n+1]  => ofNat (succ (m / succ n))
 
 /--
-Integer modulus. This version of integer modulus uses the E-rounding convention
+Integer modulus. This version of `Int.mod` uses the E-rounding convention
 (euclidean division), in which `Int.emod x y` satisfies `0 ≤ emod x y < natAbs y` for `y ≠ 0`
 and `Int.ediv` is the unique function satisfying `emod x y + (ediv x y) * y = x`.
 
@@ -229,7 +229,7 @@ def fdiv : Int → Int → Int
   | -[m+1],  -[n+1]  => ofNat (succ m / succ n)
 
 /--
-Integer modulus. This version of integer modulus uses the F-rounding convention
+Integer modulus. This version of `Int.mod` uses the F-rounding convention
 (flooring division), in which `Int.fdiv x y` satisfies `fdiv x y = floor (x / y)`
 and `Int.fmod` is the unique function satisfying `fmod x y + (fdiv x y) * y = x`.
 
@@ -268,14 +268,11 @@ Balanced mod (and balanced div) are a division and modulus pair such
 that `b * (Int.bdiv a b) + Int.bmod a b = a` and
 `-b/2 ≤ Int.bmod a b < b/2` for all `a : Int` and `b > 0`.
 
-Note that unlike `emod`, `fmod`, and `tmod`,
-`bmod` takes a natural number as the second argument, rather than an integer.
-
-This function is used in `omega` as well as signed bitvectors.
+This is used in Omega as well as signed bitvectors.
 -/
 
 /--
-Balanced modulus.  This version of integer modulus uses the
+Balanced modulus.  This version of Integer modulus uses the
 balanced rounding convention, which guarantees that
 `-m/2 ≤ bmod x m < m/2` for `m ≠ 0` and `bmod x m` is congruent
 to `x` modulo `m`.

src/Init/Data/Int/DivMod/Bootstrap.lean

@@ -18,7 +18,7 @@ open Nat (succ)
 
 namespace Int
 
-/-! ### dvd  -/
+-- /-! ### dvd  -/
 
 protected theorem dvd_def (a b : Int) : (a ∣ b) = Exists (fun c => b = a * c) := rfl
 
@@ -67,7 +67,7 @@ protected theorem dvd_neg {a b : Int} : a ∣ -b ↔ a ∣ b := by
 theorem ofNat_dvd_left {n : Nat} {z : Int} : (↑n : Int) ∣ z ↔ n ∣ z.natAbs := by
   rw [← natAbs_dvd_natAbs, natAbs_ofNat]
 
-/-! ### ediv zero  -/
+/-! ### *div zero  -/
 
 @[simp] theorem zero_ediv : ∀ b : Int, 0 / b = 0
   | ofNat _ => show ofNat _ = _ by simp
@@ -77,7 +77,7 @@ theorem ofNat_dvd_left {n : Nat} {z : Int} : (↑n : Int) ∣ z ↔ n ∣ z.natA
   | ofNat _ => show ofNat _ = _ by simp
   | -[_+1] => rfl
 
-/-! ### emod zero -/
+/-! ### mod zero -/
 
 @[simp] theorem zero_emod (b : Int) : 0 % b = 0 := rfl
 
@@ -89,6 +89,7 @@ theorem ofNat_dvd_left {n : Nat} {z : Int} : (↑n : Int) ∣ z ↔ n ∣ z.natA
 
 @[simp, norm_cast] theorem ofNat_emod (m n : Nat) : (↑(m % n) : Int) = m % n := rfl
 
+
 /-! ### mod definitions -/
 
 theorem emod_add_ediv : ∀ a b : Int, a % b + b * (a / b) = a
@@ -105,17 +106,12 @@ where
       ← Int.neg_neg (_-_), Int.neg_sub, Int.sub_sub_self, Int.add_right_comm]
     exact congrArg (fun x => -(ofNat x + 1)) (Nat.mod_add_div ..)
 
-/-- Variant of `emod_add_ediv` with the multiplication written the other way around. -/
 theorem emod_add_ediv' (a b : Int) : a % b + a / b * b = a := by
   rw [Int.mul_comm]; exact emod_add_ediv ..
 
 theorem ediv_add_emod (a b : Int) : b * (a / b) + a % b = a := by
   rw [Int.add_comm]; exact emod_add_ediv ..
 
-/-- Variant of `ediv_add_emod` with the multiplication written the other way around. -/
-theorem ediv_add_emod' (a b : Int) : a / b * b + a % b = a := by
-  rw [Int.mul_comm]; exact ediv_add_emod ..
-
 theorem emod_def (a b : Int) : a % b = a - b * (a / b) := by
   rw [← Int.add_sub_cancel (a % b), emod_add_ediv]
 
@@ -158,10 +154,6 @@ theorem add_mul_ediv_right (a b : Int) {c : Int} (H : c ≠ 0) : (a + b * c) / c
       apply congrArg negSucc
       rw [Nat.mul_comm, Nat.sub_mul_div]; rwa [Nat.mul_comm]
 
-theorem add_mul_ediv_left (a : Int) {b : Int}
-    (c : Int) (H : b ≠ 0) : (a + b * c) / b = a / b + c :=
-  Int.mul_comm .. ▸ Int.add_mul_ediv_right _ _ H
-
 theorem add_ediv_of_dvd_right {a b c : Int} (H : c ∣ b) : (a + b) / c = a / c + b / c :=
   if h : c = 0 then by simp [h] else by
     let ⟨k, hk⟩ := H
@@ -178,7 +170,7 @@ theorem add_ediv_of_dvd_left {a b c : Int} (H : c ∣ a) : (a + b) / c = a / c +
 @[simp] theorem mul_ediv_cancel_left (b : Int) (H : a ≠ 0) : (a * b) / a = b :=
   Int.mul_comm .. ▸ Int.mul_ediv_cancel _ H
 
-theorem ediv_nonneg_iff_of_pos {a b : Int} (h : 0 < b) : 0 ≤ a / b ↔ 0 ≤ a := by
+theorem div_nonneg_iff_of_pos {a b : Int} (h : 0 < b) : a / b ≥ 0 ↔ a ≥ 0 := by
   rw [Int.div_def]
   match b, h with
   | Int.ofNat (b+1), _ =>
@@ -186,9 +178,6 @@ theorem ediv_nonneg_iff_of_pos {a b : Int} (h : 0 < b) : 0 ≤ a / b ↔ 0 ≤ a
     norm_cast
     simp
 
-@[deprecated ediv_nonneg_iff_of_pos (since := "2025-02-28")]
-abbrev div_nonneg_iff_of_pos := @ediv_nonneg_iff_of_pos
-
 /-! ### emod -/
 
 theorem emod_nonneg : ∀ (a : Int) {b : Int}, b ≠ 0 → 0 ≤ a % b
@@ -200,6 +189,16 @@ theorem emod_lt_of_pos (a : Int) {b : Int} (H : 0 < b) : a % b < b :=
   | ofNat _, _, ⟨_, rfl⟩ => ofNat_lt.2 (Nat.mod_lt _ (Nat.succ_pos _))
   | -[_+1], _, ⟨_, rfl⟩ => Int.sub_lt_self _ (ofNat_lt.2 <| Nat.succ_pos _)
 
+theorem mul_ediv_self_le {x k : Int} (h : k ≠ 0) : k * (x / k) ≤ x :=
+  calc k * (x / k)
+    _ ≤ k * (x / k) + x % k := Int.le_add_of_nonneg_right (emod_nonneg x h)
+    _ = x                   := ediv_add_emod _ _
+
+theorem lt_mul_ediv_self_add {x k : Int} (h : 0 < k) : x < k * (x / k) + k :=
+  calc x
+    _ = k * (x / k) + x % k := (ediv_add_emod _ _).symm
+    _ < k * (x / k) + k     := Int.add_lt_add_left (emod_lt_of_pos x h) _
+
 @[simp] theorem add_mul_emod_self {a b c : Int} : (a + b * c) % c = a % c :=
   if cz : c = 0 then by
     rw [cz, Int.mul_zero, Int.add_zero]
@@ -307,18 +306,6 @@ theorem emod_pos_of_not_dvd {a b : Int} (h : ¬ a ∣ b) : a = 0 ∨ 0 < b % a :
   · simp_all
   · exact Or.inr (Int.lt_iff_le_and_ne.mpr ⟨emod_nonneg b w, Ne.symm h⟩)
 
-/-! ### `/` and ordering -/
-
-theorem mul_ediv_self_le {x k : Int} (h : k ≠ 0) : k * (x / k) ≤ x :=
-  calc k * (x / k)
-    _ ≤ k * (x / k) + x % k := Int.le_add_of_nonneg_right (emod_nonneg x h)
-    _ = x                   := ediv_add_emod _ _
-
-theorem lt_mul_ediv_self_add {x k : Int} (h : 0 < k) : x < k * (x / k) + k :=
-  calc x
-    _ = k * (x / k) + x % k := (ediv_add_emod _ _).symm
-    _ < k * (x / k) + k     := Int.add_lt_add_left (emod_lt_of_pos x h) _
-
 /-! ### bmod -/
 
 @[simp] theorem bmod_emod : bmod x m % m = x % m := by

src/Init/Data/Int/DivMod/Lemmas.lean

@@ -40,17 +40,6 @@ protected theorem dvd_add_left {a b c : Int} (H : a ∣ c) : a ∣ b + c ↔ a
 protected theorem dvd_add_right {a b c : Int} (H : a ∣ b) : a ∣ b + c ↔ a ∣ c := by
   rw [Int.add_comm, Int.dvd_add_left H]
 
-@[simp] protected theorem dvd_add_mul_self {a b c : Int} : a ∣ b + c * a ↔ a ∣ b := by
-  rw [Int.dvd_add_left (Int.dvd_mul_left c a)]
-
-@[simp] protected theorem dvd_add_self_mul {a b c : Int} : a ∣ b + a * c ↔ a ∣ b := by
-  rw [Int.mul_comm, Int.dvd_add_mul_self]
-
-@[simp] protected theorem dvd_mul_self_add {a b c : Int} : a ∣ b * a + c ↔ a ∣ c := by
-  rw [Int.add_comm, Int.dvd_add_mul_self]
-
-@[simp] protected theorem dvd_self_mul_add {a b c : Int} : a ∣ a * b + c ↔ a ∣ c := by
-  rw [Int.mul_comm, Int.dvd_mul_self_add]
 protected theorem dvd_iff_dvd_of_dvd_sub {a b c : Int} (H : a ∣ b - c) : a ∣ b ↔ a ∣ c :=
   ⟨fun h => Int.sub_sub_self b c ▸ Int.dvd_sub h H,
    fun h => Int.sub_add_cancel b c ▸ Int.dvd_add H h⟩
@@ -105,14 +94,6 @@ theorem eq_one_of_mul_eq_one_left {a b : Int} (H : 0 ≤ b) (H' : a * b = 1) : b
 instance decidableDvd : DecidableRel (α := Int) (· ∣ ·) := fun _ _ =>
   decidable_of_decidable_of_iff (dvd_iff_emod_eq_zero ..).symm
 
-protected theorem mul_dvd_mul_iff_left {a b c : Int} (h : a ≠ 0) : (a * b) ∣ (a * c) ↔ b ∣ c :=
-  ⟨by rintro ⟨d, h'⟩; exact ⟨d, by rw [Int.mul_assoc] at h'; exact (mul_eq_mul_left_iff h).mp h'⟩,
-    by rintro ⟨d, rfl⟩; exact ⟨d, by simp [Int.mul_assoc]⟩⟩
-
-protected theorem mul_dvd_mul_iff_right {a b c : Int} (h : a ≠ 0) : (b * a) ∣ (c * a) ↔ b ∣ c := by
-  rw [Int.mul_comm b a, Int.mul_comm c a]
-  exact Int.mul_dvd_mul_iff_left h
-
 /-! ### *div zero  -/
 
 @[simp] protected theorem zero_tdiv : ∀ b : Int, tdiv 0 b = 0
@@ -253,13 +234,6 @@ theorem tdiv_eq_fdiv {a b : Int} :
   rw [fdiv_eq_tdiv]
   omega
 
-
-theorem tdiv_eq_ediv_of_dvd {a b : Int} (h : b ∣ a) : a.tdiv b = a / b := by
-  simp [tdiv_eq_ediv, h]
-
-theorem fdiv_eq_ediv_of_dvd {a b : Int} (h : b ∣ a) : a.fdiv b = a / b := by
-  simp [fdiv_eq_ediv, h]
-
 /-! ### mod zero -/
 
 @[simp] theorem zero_tmod (b : Int) : tmod 0 b = 0 := by cases b <;> simp [tmod]
@@ -277,6 +251,9 @@ theorem fdiv_eq_ediv_of_dvd {a b : Int} (h : b ∣ a) : a.fdiv b = a / b := by
 
 /-! ### mod definitions -/
 
+theorem ediv_add_emod' (a b : Int) : a / b * b + a % b = a := by
+  rw [Int.mul_comm]; exact ediv_add_emod ..
+
 theorem tmod_add_tdiv : ∀ a b : Int, tmod a b + b * (a.tdiv b) = a
   | ofNat _, ofNat _ => congrArg ofNat (Nat.mod_add_div ..)
   | ofNat m, -[n+1] => by
@@ -297,11 +274,9 @@ theorem tmod_add_tdiv : ∀ a b : Int, tmod a b + b * (a.tdiv b) = a
 theorem tdiv_add_tmod (a b : Int) : b * a.tdiv b + tmod a b = a := by
   rw [Int.add_comm]; apply tmod_add_tdiv ..
 
-/-- Variant of `tmod_add_tdiv` with the multiplication written the other way around. -/
 theorem tmod_add_tdiv' (m k : Int) : tmod m k + m.tdiv k * k = m := by
   rw [Int.mul_comm]; apply tmod_add_tdiv
 
-/-- Variant of `tdiv_add_tmod` with the multiplication written the other way around. -/
 theorem tdiv_add_tmod' (m k : Int) : m.tdiv k * k + tmod m k = m := by
   rw [Int.mul_comm]; apply tdiv_add_tmod
 
@@ -325,17 +300,9 @@ theorem fmod_add_fdiv : ∀ a b : Int, a.fmod b + b * a.fdiv b = a
     show -(↑(succ m % succ n) : Int) + -↑(succ n * (succ m / succ n)) = -↑(succ m)
     rw [← Int.neg_add]; exact congrArg (-ofNat ·) <| Nat.mod_add_div ..
 
-/-- Variant of `fmod_add_fdiv` with the multiplication written the other way around. -/
-theorem fmod_add_fdiv' (a b : Int) : a.fmod b + (a.fdiv b) * b = a := by
-  rw [Int.mul_comm]; exact fmod_add_fdiv ..
-
 theorem fdiv_add_fmod (a b : Int) : b * a.fdiv b + a.fmod b = a := by
   rw [Int.add_comm]; exact fmod_add_fdiv ..
 
-/-- Variant of `fdiv_add_fmod` with the multiplication written the other way around. -/
-theorem fdiv_add_fmod' (a b : Int) : (a.fdiv b) * b + a.fmod b = a := by
-  rw [Int.mul_comm]; exact fdiv_add_fmod ..
-
 theorem fmod_def (a b : Int) : a.fmod b = a - b * a.fdiv b := by
   rw [← Int.add_sub_cancel (a.fmod b), fmod_add_fdiv]
 
@@ -401,13 +368,10 @@ theorem tmod_eq_fmod {a b : Int} :
 
 /-! ### `/` ediv -/
 
-theorem ediv_neg_of_neg_of_pos {a b : Int} (Ha : a < 0) (Hb : 0 < b) : a / b < 0 :=
+theorem ediv_neg' {a b : Int} (Ha : a < 0) (Hb : 0 < b) : a / b < 0 :=
   match a, b, eq_negSucc_of_lt_zero Ha, eq_succ_of_zero_lt Hb with
   | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => negSucc_lt_zero _
 
-@[deprecated ediv_neg_of_neg_of_pos (since := "2025-03-04")]
-abbrev ediv_neg' := @ediv_neg_of_neg_of_pos
-
 theorem negSucc_ediv (m : Nat) {b : Int} (H : 0 < b) : -[m+1] / b = -(ediv m b + 1) :=
   match b, eq_succ_of_zero_lt H with
   | _, ⟨_, rfl⟩ => rfl
@@ -432,21 +396,17 @@ theorem ediv_nonneg_of_nonpos_of_nonpos {a b : Int} (Ha : a ≤ 0) (Hb : b ≤ 0
     rw [Int.div_def, ediv]
     exact le_add_one (ediv_nonneg (ofNat_zero_le a) (Int.le_trans (ofNat_zero_le b) (le.intro 1 rfl)))
 
-theorem ediv_pos_of_neg_of_neg {a b : Int} (ha : a < 0) (hb : b < 0) : 0 < a / b := by
-  rw [Int.div_def]
-  match a, b, ha, hb with
-  | .negSucc a, .negSucc b, _, _ => apply ofNat_succ_pos
-
-theorem ediv_nonpos_of_nonneg_of_nonpos {a b : Int} (Ha : 0 ≤ a) (Hb : b ≤ 0) : a / b ≤ 0 :=
+theorem ediv_nonpos {a b : Int} (Ha : 0 ≤ a) (Hb : b ≤ 0) : a / b ≤ 0 :=
   Int.nonpos_of_neg_nonneg <| Int.ediv_neg .. ▸ Int.ediv_nonneg Ha (Int.neg_nonneg_of_nonpos Hb)
 
-@[deprecated ediv_nonpos_of_nonneg_of_nonpos (since := "2025-03-04")]
-abbrev ediv_nonpos := @ediv_nonpos_of_nonneg_of_nonpos
-
 theorem ediv_eq_zero_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : a / b = 0 :=
   match a, b, eq_ofNat_of_zero_le H1, eq_succ_of_zero_lt (Int.lt_of_le_of_lt H1 H2) with
   | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => congrArg Nat.cast <| Nat.div_eq_of_lt <| ofNat_lt.1 H2
 
+theorem add_mul_ediv_left (a : Int) {b : Int}
+    (c : Int) (H : b ≠ 0) : (a + b * c) / b = a / b + c :=
+  Int.mul_comm .. ▸ Int.add_mul_ediv_right _ _ H
+
 @[simp] theorem mul_ediv_mul_of_pos {a : Int}
     (b c : Int) (H : 0 < a) : (a * b) / (a * c) = b / c :=
   suffices ∀ (m k : Nat) (b : Int), (m.succ * b) / (m.succ * k) = b / k from
@@ -486,19 +446,6 @@ protected theorem ediv_eq_of_eq_mul_left {a b c : Int}
     (H1 : b ≠ 0) (H2 : a = c * b) : a / b = c :=
   Int.ediv_eq_of_eq_mul_right H1 (by rw [Int.mul_comm, H2])
 
-protected theorem eq_ediv_of_mul_eq_left {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a * b = c) : a = c / b :=
-  (Int.ediv_eq_of_eq_mul_left H1 H2.symm).symm
-
-@[simp] protected theorem ediv_self {a : Int} (H : a ≠ 0) : a / a = 1 := by
-  have := Int.mul_ediv_cancel 1 H; rwa [Int.one_mul] at this
-
-@[simp] protected theorem neg_ediv_self (a : Int) (h : a ≠ 0) : (-a) / a = -1 := by
-  rw [neg_ediv_of_dvd (Int.dvd_refl a), Int.ediv_self h]
-
--- There are no theorems `neg_ediv : ∀ {a b : Int}, (-a) / b = - (a / b)` or
--- `neg_ediv_neg: ∀ {a b : Int},  (-a) / (-b) = a / b` because these are false.
-
 /-! ### emod -/
 
 theorem mod_def' (m n : Int) : m % n = emod m n := rfl
@@ -629,6 +576,12 @@ theorem dvd_emod_sub_self {x : Int} {m : Nat} : (m : Int) ∣ x % m - x := by
 @[simp] theorem emod_one (a : Int) : a % 1 = 0 := by
   simp [emod_def, Int.one_mul, Int.sub_self]
 
+@[simp] protected theorem ediv_self {a : Int} (H : a ≠ 0) : a / a = 1 := by
+  have := Int.mul_ediv_cancel 1 H; rwa [Int.one_mul] at this
+
+@[simp] protected theorem neg_ediv_self (a : Int) (h : a ≠ 0) : (-a) / a = -1 := by
+  rw [neg_ediv_of_dvd (Int.dvd_refl a), Int.ediv_self h]
+
 @[simp]
 theorem emod_sub_cancel (x y : Int): (x - y) % y = x % y := by
   by_cases h : y = 0
@@ -762,7 +715,9 @@ theorem ediv_eq_ediv_of_mul_eq_mul {a b c d : Int}
 
 /-! ### tdiv -/
 
--- `tdiv` analogues of `ediv` lemmas from `Bootstrap.lean`
+@[simp] protected theorem tdiv_one : ∀ a : Int, a.tdiv 1 = a
+  | (n:Nat) => congrArg ofNat (Nat.div_one _)
+  | -[n+1] => by simp [Int.tdiv, neg_ofNat_succ]; rfl
 
 unseal Nat.div in
 @[simp] protected theorem tdiv_neg : ∀ a b : Int, a.tdiv (-b) = -(a.tdiv b)
@@ -770,102 +725,6 @@ unseal Nat.div in
   | ofNat _, -[_+1] | -[_+1], succ _ => (Int.neg_neg _).symm
   | ofNat _, succ _ | -[_+1], 0 | -[_+1], -[_+1] => rfl
 
-/-!
-There are no lemmas
-* `add_mul_tdiv_right : c ≠ 0 → (a + b * c).tdiv c = a.tdiv c + b`
-* `add_mul_tdiv_left : b ≠ 0 → (a + b * c).tdiv b = a.tdiv b + c`
-* `add_tdiv_of_dvd_right : c ∣ b → (a + b).tdiv c = a.tdiv c + b.tdiv c`
-* `add_tdiv_of_dvd_left : c ∣ a → (a + b).tdiv c = a.tdiv c + b.tdiv c`
-because these statements are all incorrect, and require awkward conditional off-by-one corrections.
--/
-
-@[simp] theorem mul_tdiv_cancel (a : Int) {b : Int} (H : b ≠ 0) : (a * b).tdiv b = a := by
-  rw [tdiv_eq_ediv_of_dvd (Int.dvd_mul_left a b), mul_ediv_cancel _ H]
-
-@[simp] theorem mul_tdiv_cancel_left (b : Int) (H : a ≠ 0) : (a * b).tdiv a = b :=
-  Int.mul_comm .. ▸ Int.mul_tdiv_cancel _ H
-
--- `tdiv` analogues of `ediv` lemmas given above
-
--- There are no lemmas `tdiv_nonneg_iff_of_pos`, `tdiv_neg_of_neg_of_pos`, or `negSucc_tdiv`
--- corresponding to `ediv_nonneg_iff_of_pos`, `ediv_neg_of_neg_of_pos`, or `negSucc_ediv` as they require awkward corrections.
-
-protected theorem tdiv_nonneg {a b : Int} (Ha : 0 ≤ a) (Hb : 0 ≤ b) : 0 ≤ a.tdiv b :=
-  match a, b, eq_ofNat_of_zero_le Ha, eq_ofNat_of_zero_le Hb with
-  | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => ofNat_zero_le _
-
-theorem tdiv_nonneg_of_nonpos_of_nonpos {a b : Int} (Ha : a ≤ 0) (Hb : b ≤ 0) : 0 ≤ a.tdiv b := by
-  rw [tdiv_eq_ediv]
-  split <;> rename_i h
-  · simpa using ediv_nonneg_of_nonpos_of_nonpos Ha Hb
-  · simp at h
-    by_cases h' : b = 0
-    · subst h'
-      simp
-    · replace h' : b < 0 := by omega
-      rw [sign_eq_neg_one_of_neg h']
-      have : 0 < a / b := by
-        by_cases h'' : a = 0
-        · subst h''
-          simp at h
-        · replace h'' : a < 0 := by omega
-          exact ediv_pos_of_neg_of_neg h'' h'
-      omega
-
-protected theorem tdiv_nonpos_of_nonneg_of_nonpos {a b : Int} (Ha : 0 ≤ a) (Hb : b ≤ 0) : a.tdiv b ≤ 0 :=
-  Int.nonpos_of_neg_nonneg <| Int.tdiv_neg .. ▸ Int.tdiv_nonneg Ha (Int.neg_nonneg_of_nonpos Hb)
-
-@[deprecated Int.tdiv_nonpos_of_nonneg_of_nonpos (since := "2025-03-04")]
-abbrev tdiv_nonpos := @Int.tdiv_nonpos_of_nonneg_of_nonpos
-
-theorem tdiv_eq_zero_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : a.tdiv b = 0 :=
-  match a, b, eq_ofNat_of_zero_le H1, eq_succ_of_zero_lt (Int.lt_of_le_of_lt H1 H2) with
-  | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => congrArg Nat.cast <| Nat.div_eq_of_lt <| ofNat_lt.1 H2
-
-@[simp] theorem mul_tdiv_mul_of_pos {a : Int}
-    (b c : Int) (H : 0 < a) : (a * b).tdiv (a * c) = b.tdiv c := by
-  rw [tdiv_eq_ediv, mul_ediv_mul_of_pos _ _ H, tdiv_eq_ediv]
-  simp only [sign_mul]
-  by_cases h : 0 ≤ b
-  · rw [if_pos, if_pos (.inl h)]
-    left
-    exact Int.mul_nonneg (Int.le_of_lt H) h
-  · have H' : a ≠ 0 := by omega
-    simp only [Int.mul_dvd_mul_iff_left H']
-    by_cases h' : c ∣ b
-    · simp [h']
-    · rw [if_neg, if_neg]
-      · simp [sign_eq_one_of_pos H]
-      · simp [h']; omega
-      · simp_all only [Int.not_le, ne_eq, or_false]
-        exact Int.mul_neg_of_pos_of_neg H h
-
-@[simp] theorem mul_tdiv_mul_of_pos_left
-    (a : Int) {b : Int} (c : Int) (H : 0 < b) : (a * b).tdiv (c * b) = a.tdiv c := by
-  rw [Int.mul_comm, Int.mul_comm c, mul_tdiv_mul_of_pos _ _ H]
-
-@[simp] protected theorem tdiv_one : ∀ a : Int, a.tdiv 1 = a
-  | (n:Nat) => congrArg ofNat (Nat.div_one _)
-  | -[n+1] => by simp [Int.tdiv, neg_ofNat_succ]; rfl
-
-protected theorem tdiv_eq_of_eq_mul_right {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a = b * c) : a.tdiv b = c := by rw [H2, Int.mul_tdiv_cancel_left _ H1]
-
-protected theorem eq_tdiv_of_mul_eq_right {a b c : Int}
-    (H1 : a ≠ 0) (H2 : a * b = c) : b = c.tdiv a :=
-  (Int.tdiv_eq_of_eq_mul_right H1 H2.symm).symm
-
-protected theorem tdiv_eq_of_eq_mul_left {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a = c * b) : a.tdiv b = c :=
-  Int.tdiv_eq_of_eq_mul_right H1 (by rw [Int.mul_comm, H2])
-
-protected theorem eq_tdiv_of_mul_eq_left {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a * b = c) : a = c.tdiv b :=
-  (Int.tdiv_eq_of_eq_mul_left H1 H2.symm).symm
-
-@[simp] protected theorem tdiv_self {a : Int} (H : a ≠ 0) : a.tdiv a = 1 := by
-  have := Int.mul_tdiv_cancel 1 H; rwa [Int.one_mul] at this
-
 unseal Nat.div in
 @[simp] protected theorem neg_tdiv : ∀ a b : Int, (-a).tdiv b = -(a.tdiv b)
   | 0, n => by simp [Int.neg_zero]
@@ -875,117 +734,35 @@ unseal Nat.div in
 protected theorem neg_tdiv_neg (a b : Int) : (-a).tdiv (-b) = a.tdiv b := by
   simp [Int.tdiv_neg, Int.neg_tdiv, Int.neg_neg]
 
-@[simp] theorem natAbs_tdiv (a b : Int) : natAbs (a.tdiv b) = (natAbs a).div (natAbs b) :=
-  match a, b, eq_nat_or_neg a, eq_nat_or_neg b with
-  | _, _, ⟨_, .inl rfl⟩, ⟨_, .inl rfl⟩ => rfl
-  | _, _, ⟨_, .inl rfl⟩, ⟨_, .inr rfl⟩ => by rw [Int.tdiv_neg, natAbs_neg, natAbs_neg]; rfl
-  | _, _, ⟨_, .inr rfl⟩, ⟨_, .inl rfl⟩ => by rw [Int.neg_tdiv, natAbs_neg, natAbs_neg]; rfl
-  | _, _, ⟨_, .inr rfl⟩, ⟨_, .inr rfl⟩ => by rw [Int.neg_tdiv_neg, natAbs_neg, natAbs_neg]; rfl
+protected theorem tdiv_nonneg {a b : Int} (Ha : 0 ≤ a) (Hb : 0 ≤ b) : 0 ≤ a.tdiv b :=
+  match a, b, eq_ofNat_of_zero_le Ha, eq_ofNat_of_zero_le Hb with
+  | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => ofNat_zero_le _
 
-/-! ### tmod -/
+protected theorem tdiv_nonpos {a b : Int} (Ha : 0 ≤ a) (Hb : b ≤ 0) : a.tdiv b ≤ 0 :=
+  Int.nonpos_of_neg_nonneg <| Int.tdiv_neg .. ▸ Int.tdiv_nonneg Ha (Int.neg_nonneg_of_nonpos Hb)
 
--- `tmod` analogues of `emod` lemmas from `Bootstrap.lean`
+theorem tdiv_eq_zero_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : a.tdiv b = 0 :=
+  match a, b, eq_ofNat_of_zero_le H1, eq_succ_of_zero_lt (Int.lt_of_le_of_lt H1 H2) with
+  | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => congrArg Nat.cast <| Nat.div_eq_of_lt <| ofNat_lt.1 H2
 
-theorem ofNat_tmod (m n : Nat) : (↑(m % n) : Int) = tmod m n := rfl
+@[simp] protected theorem mul_tdiv_cancel (a : Int) {b : Int} (H : b ≠ 0) : (a * b).tdiv b = a :=
+  have : ∀ {a b : Nat}, (b : Int) ≠ 0 → (tdiv (a * b) b : Int) = a := fun H => by
+    rw [← ofNat_mul, ← ofNat_tdiv,
+      Nat.mul_div_cancel _ <| Nat.pos_of_ne_zero <| Int.ofNat_ne_zero.1 H]
+  match a, b, a.eq_nat_or_neg, b.eq_nat_or_neg with
+  | _, _, ⟨a, .inl rfl⟩, ⟨b, .inl rfl⟩ => this H
+  | _, _, ⟨a, .inl rfl⟩, ⟨b, .inr rfl⟩ => by
+    rw [Int.mul_neg, Int.neg_tdiv, Int.tdiv_neg, Int.neg_neg,
+      this (Int.neg_ne_zero.1 H)]
+  | _, _, ⟨a, .inr rfl⟩, ⟨b, .inl rfl⟩ => by rw [Int.neg_mul, Int.neg_tdiv, this H]
+  | _, _, ⟨a, .inr rfl⟩, ⟨b, .inr rfl⟩ => by
+    rw [Int.neg_mul_neg, Int.tdiv_neg, this (Int.neg_ne_zero.1 H)]
 
-@[simp] theorem tmod_one (a : Int) : tmod a 1 = 0 := by
-  simp [tmod_def, Int.tdiv_one, Int.one_mul, Int.sub_self]
+@[simp] protected theorem mul_tdiv_cancel_left (b : Int) (H : a ≠ 0) : (a * b).tdiv a = b :=
+  Int.mul_comm .. ▸ Int.mul_tdiv_cancel _ H
 
-theorem tmod_nonneg : ∀ {a : Int} (b : Int), 0 ≤ a → 0 ≤ tmod a b
-  | ofNat _, -[_+1], _ | ofNat _, ofNat _, _ => ofNat_nonneg _
-
-theorem tmod_lt_of_pos (a : Int) {b : Int} (H : 0 < b) : tmod a b < b :=
-  match a, b, eq_succ_of_zero_lt H with
-  | ofNat _, _, ⟨n, rfl⟩ => ofNat_lt.2 <| Nat.mod_lt _ n.succ_pos
-  | -[_+1], _, ⟨n, rfl⟩ => Int.lt_of_le_of_lt
-    (Int.neg_nonpos_of_nonneg <| Int.ofNat_nonneg _) (ofNat_pos.2 n.succ_pos)
-
-@[simp] theorem tmod_neg (a b : Int) : tmod a (-b) = tmod a b := by
-  rw [tmod_def, tmod_def, Int.tdiv_neg, Int.neg_mul_neg]
-
-@[simp] theorem neg_tmod (a b : Int) : tmod (-a) b = -tmod a b := by
-  rw [tmod_def, Int.neg_tdiv, Int.mul_neg, tmod_def]
-  omega
-
--- The following statements for `tmod` are false:
--- `add_mul_tmod_self {a b c : Int} : (a + b * c).tmod c = a.tmod c`
--- `add_mul_tmod_self_left (a b c : Int) : (a + b * c).tmod b = a.tmod b`
--- `tmod_add_tmod (m n k : Int) : (m.tmod n + k).tmod n = (m + k).tmod n`
--- `add_tmod_tmod (m n k : Int) : (m + n.tmod k).tmod k = (m + n).tmod k`
--- `add_tmod (a b n : Int) : (a + b).tmod n = (a.tmod n + b.tmod n).tmod n`
--- `add_tmod_eq_add_tmod_right {m n k : Int} (i : Int) : (m.tmod n = k.tmod n) → (m + i).tmod n = (k + i).tmod n`
--- `tmod_add_cancel_right {m n k : Int} (i) : (m + i).tmod n = (k + i).tmod n ↔ m.tmod n = k.tmod n`
--- `sub_tmod (a b n : Int) : (a - b).tmod n = (a.tmod n - b.tmod n).tmod n`
-
-@[simp] theorem mul_tmod_left (a b : Int) : (a * b).tmod b = 0 :=
-  if h : b = 0 then by simp [h, Int.mul_zero] else by
-    rw [Int.tmod_def, Int.mul_tdiv_cancel _ h, Int.mul_comm, Int.sub_self]
-
-@[simp] theorem mul_tmod_right (a b : Int) : (a * b).tmod a = 0 := by
-  rw [Int.mul_comm, mul_tmod_left]
-
-/--
-If a predicate on the integers is invariant under negation,
-then it is sufficient to prove it for the nonnegative integers.
--/
-theorem wlog_sign {P : Int → Prop} (inv : ∀ a, P a ↔ P (-a)) (w : ∀ n : Nat, P n) (a : Int) : P a := by
-  cases a with
-  | ofNat n => exact w n
-  | negSucc n =>
-    rw [negSucc_eq, ← inv, ← ofNat_succ]
-    apply w
-
-attribute [local simp] Int.neg_inj
-
-theorem mul_tmod (a b n : Int) : (a * b).tmod n = (a.tmod n * b.tmod n).tmod n := by
-  induction a using wlog_sign
-  case inv => simp
-  induction b using wlog_sign
-  case inv => simp
-  induction n using wlog_sign
-  case inv => simp
-  simp only [← Int.natCast_mul, ← ofNat_tmod]
-  rw [Nat.mul_mod]
-
-@[simp] theorem tmod_self {a : Int} : a.tmod a = 0 := by
-  have := mul_tmod_left 1 a; rwa [Int.one_mul] at this
-
-@[simp] theorem tmod_tmod_of_dvd (n : Int) {m k : Int}
-    (h : m ∣ k) : (n.tmod k).tmod m = n.tmod m := by
-  induction n using wlog_sign
-  case inv => simp
-  induction k using wlog_sign
-  case inv => simp [Int.dvd_neg]
-  induction m using wlog_sign
-  case inv => simp
-  simp only [← Int.natCast_mul, ← ofNat_tmod]
-  norm_cast at h
-  rw [Nat.mod_mod_of_dvd _ h]
-
-@[simp] theorem tmod_tmod (a b : Int) : (a.tmod b).tmod b = a.tmod b :=
-  tmod_tmod_of_dvd a (Int.dvd_refl b)
-
-theorem tmod_eq_zero_of_dvd : ∀ {a b : Int}, a ∣ b → tmod b a = 0
-  | _, _, ⟨_, rfl⟩ => mul_tmod_right ..
-
--- `tmod` analogues of `emod` lemmas from above
-
-theorem tmod_eq_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : tmod a b = a := by
-  rw [tmod_eq_emod_of_nonneg H1, emod_eq_of_lt H1 H2]
-
--- lemmas about `tmod` without `emod` analogues
-
-theorem tdiv_sign : ∀ a b, a.tdiv (sign b) = a * sign b
-  | _, succ _ => by simp [sign, Int.mul_one]
-  | _, 0 => by simp [sign, Int.mul_zero]
-  | _, -[_+1] => by simp [sign, Int.mul_neg, Int.mul_one]
-
-protected theorem sign_eq_tdiv_abs (a : Int) : sign a = a.tdiv (natAbs a) :=
-  if az : a = 0 then by simp [az] else
-    (Int.tdiv_eq_of_eq_mul_left (ofNat_ne_zero.2 <| natAbs_ne_zero.2 az)
-      (sign_mul_natAbs _).symm).symm
-
-/-! properties of `tdiv` and `tmod` -/
+@[simp] protected theorem tdiv_self {a : Int} (H : a ≠ 0) : a.tdiv a = 1 := by
+  have := Int.mul_tdiv_cancel 1 H; rwa [Int.one_mul] at this
 
 theorem mul_tdiv_cancel_of_tmod_eq_zero {a b : Int} (H : a.tmod b = 0) : b * (a.tdiv b) = a := by
   have := tmod_add_tdiv a b; rwa [H, Int.zero_add] at this
@@ -996,6 +773,68 @@ theorem tdiv_mul_cancel_of_tmod_eq_zero {a b : Int} (H : a.tmod b = 0) : a.tdiv
 theorem dvd_of_tmod_eq_zero {a b : Int} (H : tmod b a = 0) : a ∣ b :=
   ⟨b.tdiv a, (mul_tdiv_cancel_of_tmod_eq_zero H).symm⟩
 
+protected theorem mul_tdiv_assoc (a : Int) : ∀ {b c : Int}, c ∣ b → (a * b).tdiv c = a * (b.tdiv c)
+  | _, c, ⟨d, rfl⟩ =>
+    if cz : c = 0 then by simp [cz, Int.mul_zero] else by
+      rw [Int.mul_left_comm, Int.mul_tdiv_cancel_left _ cz, Int.mul_tdiv_cancel_left _ cz]
+
+protected theorem mul_tdiv_assoc' (b : Int) {a c : Int} (h : c ∣ a) :
+    (a * b).tdiv c = a.tdiv c * b := by
+  rw [Int.mul_comm, Int.mul_tdiv_assoc _ h, Int.mul_comm]
+
+theorem tdiv_dvd_tdiv : ∀ {a b c : Int}, a ∣ b → b ∣ c → b.tdiv a ∣ c.tdiv a
+  | a, _, _, ⟨b, rfl⟩, ⟨c, rfl⟩ => by
+    by_cases az : a = 0
+    · simp [az]
+    · rw [Int.mul_tdiv_cancel_left _ az, Int.mul_assoc, Int.mul_tdiv_cancel_left _ az]
+      apply Int.dvd_mul_right
+
+@[simp] theorem natAbs_tdiv (a b : Int) : natAbs (a.tdiv b) = (natAbs a).div (natAbs b) :=
+  match a, b, eq_nat_or_neg a, eq_nat_or_neg b with
+  | _, _, ⟨_, .inl rfl⟩, ⟨_, .inl rfl⟩ => rfl
+  | _, _, ⟨_, .inl rfl⟩, ⟨_, .inr rfl⟩ => by rw [Int.tdiv_neg, natAbs_neg, natAbs_neg]; rfl
+  | _, _, ⟨_, .inr rfl⟩, ⟨_, .inl rfl⟩ => by rw [Int.neg_tdiv, natAbs_neg, natAbs_neg]; rfl
+  | _, _, ⟨_, .inr rfl⟩, ⟨_, .inr rfl⟩ => by rw [Int.neg_tdiv_neg, natAbs_neg, natAbs_neg]; rfl
+
+protected theorem tdiv_eq_of_eq_mul_right {a b c : Int}
+    (H1 : b ≠ 0) (H2 : a = b * c) : a.tdiv b = c := by rw [H2, Int.mul_tdiv_cancel_left _ H1]
+
+protected theorem eq_tdiv_of_mul_eq_right {a b c : Int}
+    (H1 : a ≠ 0) (H2 : a * b = c) : b = c.tdiv a :=
+  (Int.tdiv_eq_of_eq_mul_right H1 H2.symm).symm
+
+/-! ### (t-)mod -/
+
+theorem ofNat_tmod (m n : Nat) : (↑(m % n) : Int) = tmod m n := rfl
+
+@[simp] theorem tmod_one (a : Int) : tmod a 1 = 0 := by
+  simp [tmod_def, Int.tdiv_one, Int.one_mul, Int.sub_self]
+
+theorem tmod_eq_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : tmod a b = a := by
+  rw [tmod_eq_emod_of_nonneg H1, emod_eq_of_lt H1 H2]
+
+theorem tmod_lt_of_pos (a : Int) {b : Int} (H : 0 < b) : tmod a b < b :=
+  match a, b, eq_succ_of_zero_lt H with
+  | ofNat _, _, ⟨n, rfl⟩ => ofNat_lt.2 <| Nat.mod_lt _ n.succ_pos
+  | -[_+1], _, ⟨n, rfl⟩ => Int.lt_of_le_of_lt
+    (Int.neg_nonpos_of_nonneg <| Int.ofNat_nonneg _) (ofNat_pos.2 n.succ_pos)
+
+theorem tmod_nonneg : ∀ {a : Int} (b : Int), 0 ≤ a → 0 ≤ tmod a b
+  | ofNat _, -[_+1], _ | ofNat _, ofNat _, _ => ofNat_nonneg _
+
+@[simp] theorem tmod_neg (a b : Int) : tmod a (-b) = tmod a b := by
+  rw [tmod_def, tmod_def, Int.tdiv_neg, Int.neg_mul_neg]
+
+@[simp] theorem mul_tmod_left (a b : Int) : (a * b).tmod b = 0 :=
+  if h : b = 0 then by simp [h, Int.mul_zero] else by
+    rw [Int.tmod_def, Int.mul_tdiv_cancel _ h, Int.mul_comm, Int.sub_self]
+
+@[simp] theorem mul_tmod_right (a b : Int) : (a * b).tmod a = 0 := by
+  rw [Int.mul_comm, mul_tmod_left]
+
+theorem tmod_eq_zero_of_dvd : ∀ {a b : Int}, a ∣ b → tmod b a = 0
+  | _, _, ⟨_, rfl⟩ => mul_tmod_right ..
+
 theorem dvd_iff_tmod_eq_zero {a b : Int} : a ∣ b ↔ tmod b a = 0 :=
   ⟨tmod_eq_zero_of_dvd, dvd_of_tmod_eq_zero⟩
 
@@ -1016,6 +855,9 @@ protected theorem mul_tdiv_cancel' {a b : Int} (H : a ∣ b) : a * b.tdiv a = b
 protected theorem eq_mul_of_tdiv_eq_right {a b c : Int}
     (H1 : b ∣ a) (H2 : a.tdiv b = c) : a = b * c := by rw [← H2, Int.mul_tdiv_cancel' H1]
 
+@[simp] theorem tmod_self {a : Int} : a.tmod a = 0 := by
+  have := mul_tmod_left 1 a; rwa [Int.one_mul] at this
+
 @[simp] theorem neg_tmod_self (a : Int) : (-a).tmod a = 0 := by
   rw [← dvd_iff_tmod_eq_zero, Int.dvd_neg]
   exact Int.dvd_refl a
@@ -1036,6 +878,10 @@ protected theorem eq_mul_of_tdiv_eq_left {a b c : Int}
     (H1 : b ∣ a) (H2 : a.tdiv b = c) : a = c * b := by
   rw [Int.mul_comm, Int.eq_mul_of_tdiv_eq_right H1 H2]
 
+protected theorem tdiv_eq_of_eq_mul_left {a b c : Int}
+    (H1 : b ≠ 0) (H2 : a = c * b) : a.tdiv b = c :=
+  Int.tdiv_eq_of_eq_mul_right H1 (by rw [Int.mul_comm, H2])
+
 protected theorem eq_zero_of_tdiv_eq_zero {d n : Int} (h : d ∣ n) (H : n.tdiv d = 0) : n = 0 := by
   rw [← Int.mul_tdiv_cancel' h, H, Int.mul_zero]
 
@@ -1044,50 +890,33 @@ protected theorem eq_zero_of_tdiv_eq_zero {d n : Int} (h : d ∣ n) (H : n.tdiv
   refine ⟨fun h => ?_, congrArg (tdiv · d)⟩
   rw [← Int.mul_tdiv_cancel' hda, ← Int.mul_tdiv_cancel' hdb, h]
 
-protected theorem mul_tdiv_assoc (a : Int) : ∀ {b c : Int}, c ∣ b → (a * b).tdiv c = a * (b.tdiv c)
-  | _, c, ⟨d, rfl⟩ =>
-    if cz : c = 0 then by simp [cz, Int.mul_zero] else by
-      rw [Int.mul_left_comm, Int.mul_tdiv_cancel_left _ cz, Int.mul_tdiv_cancel_left _ cz]
+theorem tdiv_sign : ∀ a b, a.tdiv (sign b) = a * sign b
+  | _, succ _ => by simp [sign, Int.mul_one]
+  | _, 0 => by simp [sign, Int.mul_zero]
+  | _, -[_+1] => by simp [sign, Int.mul_neg, Int.mul_one]
 
-protected theorem mul_tdiv_assoc' (b : Int) {a c : Int} (h : c ∣ a) :
-    (a * b).tdiv c = a.tdiv c * b := by
-  rw [Int.mul_comm, Int.mul_tdiv_assoc _ h, Int.mul_comm]
-
-theorem tdiv_dvd_tdiv : ∀ {a b c : Int}, a ∣ b → b ∣ c → b.tdiv a ∣ c.tdiv a
-  | a, _, _, ⟨b, rfl⟩, ⟨c, rfl⟩ => by
-    by_cases az : a = 0
-    · simp [az]
-    · rw [Int.mul_tdiv_cancel_left _ az, Int.mul_assoc, Int.mul_tdiv_cancel_left _ az]
-      apply Int.dvd_mul_right
-
-/-! ### `tdiv` and ordering -/
-
--- Theorems about `tdiv` and ordering, whose `ediv` analogues are in `Bootstrap.lean`.
-
-theorem mul_tdiv_self_le {x k : Int} (h : 0 ≤ x) : k * (x.tdiv k) ≤ x := by
-  by_cases w : k = 0
-  · simp [w, h]
-  · rw [tdiv_eq_ediv_of_nonneg h]
-    apply mul_ediv_self_le w
-
-theorem lt_mul_tdiv_self_add {x k : Int} (h : 0 < k) : x < k * (x.tdiv k) + k := by
-  rw [tdiv_eq_ediv, sign_eq_one_of_pos h]
-  have := lt_mul_ediv_self_add (x := x) h
-  split <;> simp [Int.mul_add] <;> omega
+protected theorem sign_eq_tdiv_abs (a : Int) : sign a = a.tdiv (natAbs a) :=
+  if az : a = 0 then by simp [az] else
+    (Int.tdiv_eq_of_eq_mul_left (ofNat_ne_zero.2 <| natAbs_ne_zero.2 az)
+      (sign_mul_natAbs _).symm).symm
 
 /-! ### fdiv -/
 
--- There is no theorem `fdiv_neg : ∀ a b : Int, a.fdiv (-b) = -(a.fdiv b)`
--- because this is false, for example at `a = 2`, `b = 3`, as `-1 ≠ 0`.
+theorem fdiv_nonneg {a b : Int} (Ha : 0 ≤ a) (Hb : 0 ≤ b) : 0 ≤ a.fdiv b :=
+  match a, b, eq_ofNat_of_zero_le Ha, eq_ofNat_of_zero_le Hb with
+  | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => ofNat_fdiv .. ▸ ofNat_zero_le _
 
-theorem add_mul_fdiv_right (a b : Int) {c : Int} (H : c ≠ 0) : (a + b * c).fdiv c = a.fdiv c + b := by
-  rw [fdiv_eq_ediv, add_mul_ediv_right _ _ H, fdiv_eq_ediv]
-  simp only [Int.dvd_add_left (Int.dvd_mul_left _ _)]
-  split <;> omega
+unseal Nat.div in
+theorem fdiv_nonpos : ∀ {a b : Int}, 0 ≤ a → b ≤ 0 → a.fdiv b ≤ 0
+  | 0, 0, _, _ | 0, -[_+1], _, _ | succ _, 0, _, _ | succ _, -[_+1], _, _ => ⟨_⟩
 
-theorem add_mul_fdiv_left (a : Int) {b : Int}
-    (c : Int) (H : b ≠ 0) : (a + b * c).fdiv b = a.fdiv b + c := by
-  rw [Int.mul_comm, Int.add_mul_fdiv_right _ _ H]
+theorem fdiv_neg' : ∀ {a b : Int}, a < 0 → 0 < b → a.fdiv b < 0
+  | -[_+1], succ _, _, _ => negSucc_lt_zero _
+
+@[simp] theorem fdiv_one : ∀ a : Int, a.fdiv 1 = a
+  | 0 => rfl
+  | succ _ => congrArg Nat.cast (Nat.div_one _)
+  | -[_+1] => congrArg negSucc (Nat.div_one _)
 
 @[simp] theorem mul_fdiv_cancel (a : Int) {b : Int} (H : b ≠ 0) : fdiv (a * b) b = a :=
   if b0 : 0 ≤ b then by
@@ -1103,174 +932,32 @@ theorem add_mul_fdiv_left (a : Int) {b : Int}
 @[simp] theorem mul_fdiv_cancel_left (b : Int) (H : a ≠ 0) : fdiv (a * b) a = b :=
   Int.mul_comm .. ▸ Int.mul_fdiv_cancel _ H
 
-theorem add_fdiv_of_dvd_right {a b c : Int} (H : c ∣ b) : (a + b).fdiv c = a.fdiv c + b.fdiv c := by
-  by_cases h : c = 0
-  · simp [h]
-  · obtain ⟨d, rfl⟩ := H
-    rw [add_mul_fdiv_left _ _ h]
-    simp [h]
-
-theorem add_fdiv_of_dvd_left {a b c : Int} (H : c ∣ a) : (a + b).fdiv c = a.fdiv c + b.fdiv c := by
-  rw [Int.add_comm, Int.add_fdiv_of_dvd_right H, Int.add_comm]
-
-theorem fdiv_nonneg {a b : Int} (Ha : 0 ≤ a) (Hb : 0 ≤ b) : 0 ≤ a.fdiv b :=
-  match a, b, eq_ofNat_of_zero_le Ha, eq_ofNat_of_zero_le Hb with
-  | _, _, ⟨_, rfl⟩, ⟨_, rfl⟩ => ofNat_fdiv .. ▸ ofNat_zero_le _
-
-theorem fdiv_nonneg_of_nonpos_of_nonpos {a b : Int} (Ha : a ≤ 0) (Hb : b ≤ 0) : 0 ≤ a.fdiv b := by
-  rw [fdiv_eq_ediv]
-  by_cases ha : a = 0
-  · simp [ha]
-  · by_cases hb : b = 0
-    · simp [hb]
-    · have : 0 < a / b := ediv_pos_of_neg_of_neg (by omega) (by omega)
-      split <;> omega
-
-unseal Nat.div in
-theorem fdiv_nonpos_of_nonneg_of_nonpos : ∀ {a b : Int}, 0 ≤ a → b ≤ 0 → a.fdiv b ≤ 0
-  | 0, 0, _, _ | 0, -[_+1], _, _ | succ _, 0, _, _ | succ _, -[_+1], _, _ => ⟨_⟩
-
-@[deprecated fdiv_nonpos_of_nonneg_of_nonpos (since := "2025-03-04")]
-abbrev fdiv_nonpos := @fdiv_nonpos_of_nonneg_of_nonpos
-
-theorem fdiv_neg_of_neg_of_pos : ∀ {a b : Int}, a < 0 → 0 < b → a.fdiv b < 0
-  | -[_+1], succ _, _, _ => negSucc_lt_zero _
-
-@[deprecated fdiv_neg_of_neg_of_pos (since := "2025-03-04")]
-abbrev fdiv_neg := @fdiv_neg_of_neg_of_pos
-
-theorem fdiv_eq_zero_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : a.fdiv b = 0 := by
-  rw [fdiv_eq_ediv, if_pos, Int.sub_zero]
-  · apply ediv_eq_zero_of_lt (by omega) (by omega)
-  · left; omega
-
-@[simp] theorem mul_fdiv_mul_of_pos {a : Int}
-    (b c : Int) (H : 0 < a) : (a * b).fdiv (a * c) = b.fdiv c := by
-  rw [fdiv_eq_ediv, mul_ediv_mul_of_pos _ _ H, fdiv_eq_ediv]
-  congr 2
-  simp [Int.mul_dvd_mul_iff_left (Int.ne_of_gt H)]
-  constructor
-  · rintro (h | h)
-    · exact .inl (Int.nonneg_of_mul_nonneg_right h H)
-    · exact .inr h
-  · rintro (h | h)
-    · exact .inl (Int.mul_nonneg (by omega) h)
-    · exact .inr h
-
-@[simp] theorem mul_fdiv_mul_of_pos_left
-    (a : Int) {b : Int} (c : Int) (H : 0 < b) : (a * b).fdiv (c * b) = a.fdiv c := by
-  rw [Int.mul_comm a b, Int.mul_comm c b, Int.mul_fdiv_mul_of_pos _ _ H]
-
-@[simp] theorem fdiv_one : ∀ a : Int, a.fdiv 1 = a
-  | 0 => rfl
-  | succ _ => congrArg Nat.cast (Nat.div_one _)
-  | -[_+1] => congrArg negSucc (Nat.div_one _)
-
-protected theorem fdiv_eq_of_eq_mul_right {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a = b * c) : a.fdiv b = c := by rw [H2, Int.mul_fdiv_cancel_left _ H1]
-
-protected theorem eq_fdiv_of_mul_eq_right {a b c : Int}
-    (H1 : a ≠ 0) (H2 : a * b = c) : b = c.tdiv a :=
-  (Int.tdiv_eq_of_eq_mul_right H1 H2.symm).symm
-
-protected theorem fdiv_eq_of_eq_mul_left {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a = c * b) : a.fdiv b = c :=
-  Int.fdiv_eq_of_eq_mul_right H1 (by rw [Int.mul_comm, H2])
-
-protected theorem eq_fdiv_of_mul_eq_left {a b c : Int}
-    (H1 : b ≠ 0) (H2 : a * b = c) : a = c.fdiv b :=
-  (Int.fdiv_eq_of_eq_mul_left H1 H2.symm).symm
-
 @[simp] protected theorem fdiv_self {a : Int} (H : a ≠ 0) : a.fdiv a = 1 := by
   have := Int.mul_fdiv_cancel 1 H; rwa [Int.one_mul] at this
 
--- `neg_fdiv : ∀ a b : Int, (-a).fdiv b = -(a.fdiv b)` is untrue.
-
-protected theorem neg_fdiv_neg (a b : Int) : (-a).fdiv (-b) = a.fdiv b := by
-  match a, b with
-  | 0, 0 => rfl
-  | 0, ofNat b => simp
-  | 0, -[b+1] => simp
-  | ofNat (a + 1), 0 => simp
-  | ofNat (a + 1), ofNat (b + 1) =>
-    unfold fdiv
-    simp only [ofNat_eq_coe, natCast_add, Nat.cast_ofNat_Int, Nat.succ_eq_add_one]
-    rw [← negSucc_eq, ← negSucc_eq]
-  | ofNat (a + 1), -[b+1] =>
-    unfold fdiv
-    simp only [ofNat_eq_coe, natCast_add, Nat.cast_ofNat_Int, Nat.succ_eq_add_one]
-    rw [← negSucc_eq, neg_negSucc]
-  | -[a+1], 0 => simp
-  | -[a+1], ofNat (b + 1) =>
-    unfold fdiv
-    simp only [ofNat_eq_coe, natCast_add, Nat.cast_ofNat_Int, Nat.succ_eq_add_one]
-    rw [neg_negSucc, ← negSucc_eq]
-  | -[a+1], -[b+1] =>
-    unfold fdiv
-    simp only [ofNat_eq_coe, ofNat_ediv, Nat.succ_eq_add_one, natCast_add, Nat.cast_ofNat_Int]
-    rw [neg_negSucc, neg_negSucc]
-    simp
-
--- `natAbs_fdiv (a b : Int) : natAbs (a.fdiv b) = (natAbs a).div (natAbs b)` is untrue.
+theorem lt_fdiv_add_one_mul_self (a : Int) {b : Int} (H : 0 < b) : a < (a.fdiv b + 1) * b :=
+  Int.fdiv_eq_ediv_of_nonneg _ (Int.le_of_lt H) ▸ lt_ediv_add_one_mul_self a H
 
 /-! ### fmod -/
 
--- `fmod` analogues of `emod` lemmas from `Bootstrap.lean`
-
 theorem ofNat_fmod (m n : Nat) : ↑(m % n) = fmod m n := by
   cases m <;> simp [fmod, Nat.succ_eq_add_one]
 
 @[simp] theorem fmod_one (a : Int) : a.fmod 1 = 0 := by
   simp [fmod_def, Int.one_mul, Int.sub_self]
 
+theorem fmod_eq_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : a.fmod b = a := by
+  rw [fmod_eq_emod_of_nonneg _ (Int.le_trans H1 (Int.le_of_lt H2)), emod_eq_of_lt H1 H2]
+
 theorem fmod_nonneg {a b : Int} (ha : 0 ≤ a) (hb : 0 ≤ b) : 0 ≤ a.fmod b :=
   fmod_eq_tmod_of_nonneg ha hb ▸ tmod_nonneg _ ha
 
-theorem fmod_nonneg_of_pos (a : Int) {b : Int} (hb : 0 < b) : 0 ≤ a.fmod b :=
+theorem fmod_nonneg' (a : Int) {b : Int} (hb : 0 < b) : 0 ≤ a.fmod b :=
   fmod_eq_emod_of_nonneg _ (Int.le_of_lt hb) ▸ emod_nonneg _ (Int.ne_of_lt hb).symm
 
-@[deprecated fmod_nonneg_of_pos (since := "2025-03-04")]
-abbrev fmod_nonneg' := @fmod_nonneg_of_pos
-
 theorem fmod_lt_of_pos (a : Int) {b : Int} (H : 0 < b) : a.fmod b < b :=
   fmod_eq_emod_of_nonneg _ (Int.le_of_lt H) ▸ emod_lt_of_pos a H
 
--- There is no `fmod_neg : ∀ {a b : Int}, a.fmod (-b) = -a.fmod b` as this is false.
-
-@[simp] theorem add_mul_fmod_self {a b c : Int} : (a + b * c).fmod c = a.fmod c := by
-  rw [fmod_eq_emod, add_mul_emod_self, fmod_eq_emod]
-  simp
-
-@[simp] theorem add_mul_fmod_self_left (a b c : Int) : (a + b * c).fmod b = a.fmod b := by
-  rw [Int.mul_comm, Int.add_mul_fmod_self]
-
-@[simp] theorem fmod_add_fmod (m n k : Int) : (m.fmod n + k).fmod n = (m + k).fmod n := by
-  by_cases h : n = 0
-  · simp [h]
-  rw [fmod_def, fmod_def]
-  conv => rhs; rw [fmod_def]
-  have : m - n * m.fdiv n + k = m + k + n * (- m.fdiv n) := by simp [Int.mul_neg]; omega
-  rw [this, add_fdiv_of_dvd_right (Int.dvd_mul_right ..), Int.mul_add, mul_fdiv_cancel_left _ h]
-  omega
-
-@[simp] theorem add_fmod_fmod (m n k : Int) : (m + n.fmod k).fmod k = (m + n).fmod k := by
-  rw [Int.add_comm, Int.fmod_add_fmod, Int.add_comm]
-
-theorem add_fmod (a b n : Int) : (a + b).fmod n = (a.fmod n + b.fmod n).fmod n := by
-  simp
-
-theorem add_fmod_eq_add_fmod_right {m n k : Int} (i : Int)
-    (H : m.fmod n = k.fmod n) : (m + i).fmod n = (k + i).fmod n := by
-  rw [add_fmod]
-  conv => rhs; rw [add_fmod]
-  rw [H]
-
-theorem fmod_add_cancel_right {m n k : Int} (i) : (m + i).fmod n = (k + i).fmod n ↔ m.fmod n = k.fmod n :=
-  ⟨fun H => by
-    have := add_fmod_eq_add_fmod_right (-i) H
-    rwa [Int.add_neg_cancel_right, Int.add_neg_cancel_right] at this,
-  add_fmod_eq_add_fmod_right _⟩
-
 @[simp] theorem mul_fmod_left (a b : Int) : (a * b).fmod b = 0 :=
   if h : b = 0 then by simp [h, Int.mul_zero] else by
     rw [Int.fmod_def, Int.mul_fdiv_cancel _ h, Int.mul_comm, Int.sub_self]
@@ -1278,55 +965,21 @@ theorem fmod_add_cancel_right {m n k : Int} (i) : (m + i).fmod n = (k + i).fmod
 @[simp] theorem mul_fmod_right (a b : Int) : (a * b).fmod a = 0 := by
   rw [Int.mul_comm, mul_fmod_left]
 
-theorem mul_fmod (a b n : Int) : (a * b).fmod n = (a.fmod n * b.fmod n).fmod n := by
-  conv => lhs; rw [
-    ← fmod_add_fdiv a n, ← fmod_add_fdiv' b n, Int.add_mul, Int.mul_add, Int.mul_add,
-    Int.mul_assoc, Int.mul_assoc, ← Int.mul_add n _ _, add_mul_fmod_self_left,
-    ← Int.mul_assoc, add_mul_fmod_self]
-
 @[simp] theorem fmod_self {a : Int} : a.fmod a = 0 := by
   have := mul_fmod_left 1 a; rwa [Int.one_mul] at this
 
-@[simp] theorem fmod_fmod_of_dvd (n : Int) {m k : Int}
-    (h : m ∣ k) : (n.fmod k).fmod m = n.fmod m := by
-  conv => rhs; rw [← fmod_add_fdiv n k]
-  match k, h with
-  | _, ⟨t, rfl⟩ => rw [Int.mul_assoc, add_mul_fmod_self_left]
+/-! ### Theorems crossing div/mod versions -/
 
-@[simp] theorem fmod_fmod (a b : Int) : (a.fmod b).fmod b = a.fmod b :=
-  fmod_fmod_of_dvd _ (Int.dvd_refl b)
+theorem tdiv_eq_ediv_of_dvd {a b : Int} (h : b ∣ a) : a.tdiv b = a / b := by
+  by_cases b0 : b = 0
+  · simp [b0]
+  · rw [Int.tdiv_eq_iff_eq_mul_left b0 h, ← Int.ediv_eq_iff_eq_mul_left b0 h]
 
-theorem sub_fmod (a b n : Int) : (a - b).fmod n = (a.fmod n - b.fmod n).fmod n := by
-  apply (fmod_add_cancel_right b).mp
-  rw [Int.sub_add_cancel, ← Int.add_fmod_fmod, Int.sub_add_cancel, fmod_fmod]
-
-theorem fmod_eq_zero_of_dvd : ∀ {a b : Int}, a ∣ b → b.fmod a = 0
-  | _, _, ⟨_, rfl⟩ => mul_fmod_right ..
-
--- `fmod` analogues of `emod` lemmas from above
-
-theorem fmod_eq_of_lt {a b : Int} (H1 : 0 ≤ a) (H2 : a < b) : a.fmod b = a := by
-  rw [fmod_eq_emod_of_nonneg _ (Int.le_trans H1 (Int.le_of_lt H2)), emod_eq_of_lt H1 H2]
-
--- lemmas about `fmod` without `emod` analogues
-
-theorem fdiv_sign {a b : Int} : a.fdiv (sign b) = a * sign b := by
-  rw [fdiv_eq_ediv]
-  rcases sign_trichotomy b with h | h | h <;> simp [h]
-
-protected theorem sign_eq_fdiv_abs (a : Int) : sign a = a.fdiv (natAbs a) :=
-  if az : a = 0 then by simp [az] else
-    (Int.fdiv_eq_of_eq_mul_left (ofNat_ne_zero.2 <| natAbs_ne_zero.2 az)
-      (sign_mul_natAbs _).symm).symm
-
-/-! ### properties of `fdiv` and `fmod` -/
-
-/-! ### `fdiv` and ordering -/
-
--- Theorems about `fdiv` and ordering, whose `ediv` analogues are in `Bootstrap.lean`.
-
-theorem lt_fdiv_add_one_mul_self (a : Int) {b : Int} (H : 0 < b) : a < (a.fdiv b + 1) * b :=
-  Int.fdiv_eq_ediv_of_nonneg _ (Int.le_of_lt H) ▸ lt_ediv_add_one_mul_self a H
+theorem fdiv_eq_ediv_of_dvd : ∀ {a b : Int}, b ∣ a → a.fdiv b = a / b
+  | _, b, ⟨c, rfl⟩ => by
+    by_cases bz : b = 0
+    · simp [bz]
+    · rw [mul_fdiv_cancel_left _ bz, mul_ediv_cancel_left _ bz]
 
 /-! ### bmod -/
 
@@ -1382,9 +1035,6 @@ theorem bmod_add_mul_cancel (x : Int) (n : Nat) (k : Int) : Int.bmod (x + n * k)
 theorem bmod_sub_cancel (x : Int) (n : Nat) : Int.bmod (x - n) n = Int.bmod x n := by
   simp [bmod_def]
 
-@[simp] theorem Int.bmod_sub_mul_cancel (x : Int) (n : Nat) (k : Int) : (x - n * k).bmod n = x.bmod n := by
-  rw [Int.sub_eq_add_neg, Int.neg_mul_eq_mul_neg, Int.bmod_add_mul_cancel]
-
 @[simp]
 theorem emod_add_bmod_congr (x : Int) (n : Nat) : Int.bmod (x%n + y) n = Int.bmod (x + y) n := by
   simp [Int.emod_def, Int.sub_eq_add_neg]

src/Init/Data/Int/Lemmas.lean

@@ -78,7 +78,7 @@ theorem negSucc_eq (n : Nat) : -[n+1] = -((n : Int) + 1) := rfl
   | succ _ => rfl
   | -[_+1] => rfl
 
-@[simp] protected theorem neg_inj {a b : Int} : -a = -b ↔ a = b :=
+protected theorem neg_inj {a b : Int} : -a = -b ↔ a = b :=
   ⟨fun h => by rw [← Int.neg_neg a, ← Int.neg_neg b, h], congrArg _⟩
 
 @[simp] protected theorem neg_eq_zero : -a = 0 ↔ a = 0 := Int.neg_inj (b := 0)

src/Init/Data/Int/LemmasAux.lean

@@ -46,35 +46,4 @@ theorem bmod_neg_iff {m : Nat} {x : Int} (h2 : -m ≤ x) (h1 : x < m) :
   · rw [Int.emod_eq_of_lt xpos (by omega)]; omega
   · rw [Int.add_emod_self.symm, Int.emod_eq_of_lt (by omega) (by omega)]; omega
 
-@[simp] theorem natCast_le_zero : {n : Nat} → (n : Int) ≤ 0 ↔ n = 0 := by omega
-
-@[simp] theorem toNat_eq_zero : ∀ {n : Int}, n.toNat = 0 ↔ n ≤ 0 := by omega
-
-theorem eq_zero_of_dvd_of_natAbs_lt_natAbs {d n : Int} (h : d ∣ n) (h₁ : n.natAbs < d.natAbs) :
-    n = 0 := by
-  obtain ⟨a, rfl⟩ := h
-  rw [natAbs_mul] at h₁
-  suffices ¬ 0 < a.natAbs by simp [Int.natAbs_eq_zero.1 (Nat.eq_zero_of_not_pos this)]
-  exact fun h => Nat.lt_irrefl _ (Nat.lt_of_le_of_lt (Nat.le_mul_of_pos_right d.natAbs h) h₁)
-
-theorem bmod_eq_self_of_le {n : Int} {m : Nat} (hn' : -(m / 2) ≤ n) (hn : n < (m + 1) / 2) :
-    n.bmod m = n := by
-  rw [← Int.sub_eq_zero]
-  have := le_bmod (x := n) (m := m) (by omega)
-  have := bmod_lt (x := n) (m := m) (by omega)
-  apply eq_zero_of_dvd_of_natAbs_lt_natAbs Int.dvd_bmod_sub_self
-  omega
-
-protected theorem sub_eq_iff_eq_add {b a c : Int} : a - b = c ↔ a = c + b := by omega
-protected theorem sub_eq_iff_eq_add' {b a c : Int} : a - b = c ↔ a = b + c := by omega
-
-theorem bmod_bmod_of_dvd {a : Int} {n m : Nat} (hnm : n ∣ m) :
-    (a.bmod m).bmod n = a.bmod n := by
-  rw [← Int.sub_eq_iff_eq_add.2 (bmod_add_bdiv a m).symm]
-  obtain ⟨k, rfl⟩ := hnm
-  simp [Int.mul_assoc]
-
-@[simp] theorem toNat_le {m : Int} {n : Nat} : m.toNat ≤ n ↔ m ≤ n := by omega
-@[simp] theorem toNat_lt' {m : Int} {n : Nat} (hn : 0 < n) : m.toNat < n ↔ m < n := by omega
-
 end Int

src/Init/Data/Int/Linear.lean

@@ -9,7 +9,6 @@ import Init.Data.Prod
 import Init.Data.Int.Lemmas
 import Init.Data.Int.LemmasAux
 import Init.Data.Int.DivMod.Bootstrap
-import Init.Data.Int.Cooper
 import Init.Data.Int.Gcd
 import Init.Data.RArray
 import Init.Data.AC
@@ -532,9 +531,8 @@ def Poly.isValidLe (p : Poly) : Bool :=
   | .num k => k ≤ 0
   | _ => false
 
-attribute [-simp] Int.not_le in
 theorem le_eq_false (ctx : Context) (lhs rhs : Expr) : (lhs.sub rhs).norm.isUnsatLe → (lhs.denote ctx ≤ rhs.denote ctx) = False := by
-  simp only [Poly.isUnsatLe] <;> split <;> simp
+  simp [Poly.isUnsatLe] <;> split <;> simp
   next p k h =>
     intro h'
     replace h := congrArg (Poly.denote ctx) h
@@ -822,7 +820,7 @@ def le_neg_cert (p₁ p₂ : Poly) : Bool :=
 theorem le_neg (ctx : Context) (p₁ p₂ : Poly) : le_neg_cert p₁ p₂ → ¬ p₁.denote' ctx ≤ 0 → p₂.denote' ctx ≤ 0 := by
   simp [le_neg_cert]
   intro; subst p₂; simp; intro h
-  replace h : _ + 1 ≤ -0 := Int.neg_lt_neg h
+  replace h : _ + 1 ≤ -0 := Int.neg_lt_neg <| Int.lt_of_not_ge h
   simp at h
   exact h
 
@@ -848,6 +846,9 @@ theorem le_combine (ctx : Context) (p₁ p₂ p₃ : Poly)
 
 theorem le_unsat (ctx : Context) (p : Poly) : p.isUnsatLe → p.denote' ctx ≤ 0 → False := by
   simp [Poly.isUnsatLe]; split <;> simp
+  intro h₁ h₂
+  have := Int.lt_of_le_of_lt h₂ h₁
+  simp at this
 
 theorem eq_norm (ctx : Context) (p₁ p₂ : Poly) (h : p₁.norm == p₂) : p₁.denote' ctx = 0 → p₂.denote' ctx = 0 := by
   simp at h
@@ -1005,623 +1006,6 @@ theorem eq_of_core (ctx : Context) (p₁ : Poly) (p₂ : Poly) (p₃ : Poly)
   intro; subst p₃; simp
   intro h; rw [h, ←Int.sub_eq_add_neg, Int.sub_self]
 
-def Poly.isUnsatDiseq (p : Poly) : Bool :=
-  match p with
-  | .num 0 => true
-  | _ => false
-
-theorem diseq_norm (ctx : Context) (p₁ p₂ : Poly) (h : p₁.norm == p₂) : p₁.denote' ctx ≠ 0 → p₂.denote' ctx ≠ 0 := by
-  simp at h
-  replace h := congrArg (Poly.denote ctx) h
-  simp at h
-  simp [*]
-
-theorem diseq_coeff (ctx : Context) (p p' : Poly) (k : Int) : eq_coeff_cert p p' k → p.denote' ctx ≠ 0 → p'.denote' ctx ≠ 0 := by
-  simp [eq_coeff_cert]
-  intro _ _; simp [mul_eq_zero_iff, *]
-
-theorem diseq_neg (ctx : Context) (p p' : Poly) : p' == p.mul (-1) → p.denote' ctx ≠ 0 → p'.denote' ctx ≠ 0 := by
-  simp; intro _ _; simp [mul_eq_zero_iff, *]
-
-theorem diseq_unsat (ctx : Context) (p : Poly) : p.isUnsatDiseq → p.denote' ctx ≠ 0 → False := by
-  simp [Poly.isUnsatDiseq] <;> split <;> simp
-
-def diseq_eq_subst_cert (x : Var) (p₁ : Poly) (p₂ : Poly) (p₃ : Poly) : Bool :=
-  let a := p₁.coeff x
-  let b := p₂.coeff x
-  a != 0 && p₃ == (p₁.mul b |>.combine (p₂.mul (-a)))
-
-theorem eq_diseq_subst (ctx : Context) (x : Var) (p₁ : Poly) (p₂ : Poly) (p₃ : Poly)
-    : diseq_eq_subst_cert x p₁ p₂ p₃ → p₁.denote' ctx = 0 → p₂.denote' ctx ≠ 0 → p₃.denote' ctx ≠ 0 := by
-  simp [diseq_eq_subst_cert]
-  intros _ _; subst p₃
-  intro h₁ h₂
-  simp [*]
-
-theorem diseq_of_core (ctx : Context) (p₁ : Poly) (p₂ : Poly) (p₃ : Poly)
-    : eq_of_core_cert p₁ p₂ p₃ → p₁.denote' ctx ≠ p₂.denote' ctx → p₃.denote' ctx ≠ 0 := by
-  simp [eq_of_core_cert]
-  intro; subst p₃; simp
-  intro h; rw [← Int.sub_eq_zero] at h
-  rw [←Int.sub_eq_add_neg]; assumption
-
-def eq_of_le_ge_cert (p₁ p₂ : Poly) : Bool :=
-  p₂ == p₁.mul (-1)
-
-theorem eq_of_le_ge (ctx : Context) (p₁ : Poly) (p₂ : Poly)
-    : eq_of_le_ge_cert p₁ p₂ → p₁.denote' ctx ≤ 0 → p₂.denote' ctx ≤ 0 → p₁.denote' ctx = 0 := by
-  simp [eq_of_le_ge_cert]
-  intro; subst p₂; simp
-  intro h₁ h₂
-  replace h₂ := Int.neg_le_of_neg_le h₂; simp at h₂
-  simp [Int.eq_iff_le_and_ge, *]
-
-def le_of_le_diseq_cert (p₁ : Poly) (p₂ : Poly) (p₃ : Poly) : Bool :=
-  -- Remark: we can generate two different certificates in the future, and avoid the `||` in the certificate.
-  (p₂ == p₁ || p₂ == p₁.mul (-1)) &&
-  p₃ == p₁.addConst 1
-
-theorem le_of_le_diseq (ctx : Context) (p₁ : Poly) (p₂ : Poly) (p₃ : Poly)
-    : le_of_le_diseq_cert p₁ p₂ p₃ → p₁.denote' ctx ≤ 0 → p₂.denote' ctx ≠ 0 → p₃.denote' ctx ≤ 0 := by
-  simp [le_of_le_diseq_cert]
-  have (a : Int) : a ≤ 0 → ¬ a = 0 → 1 + a ≤ 0 := by
-    intro h₁ h₂; cases (Int.lt_or_gt_of_ne h₂)
-    next => apply Int.le_of_lt_add_one; rw [Int.add_comm, Int.add_lt_add_iff_right]; assumption
-    next h => have := Int.lt_of_le_of_lt h₁ h; simp at this
-  intro h; cases h <;> intro <;> subst p₂ p₃ <;> simp <;> apply this
-
-def diseq_split_cert (p₁ p₂ p₃ : Poly) : Bool :=
-  p₂ == p₁.addConst 1 &&
-  p₃ == (p₁.mul (-1)).addConst 1
-
-theorem diseq_split (ctx : Context) (p₁ p₂ p₃ : Poly)
-    : diseq_split_cert p₁ p₂ p₃ → p₁.denote' ctx ≠ 0 → p₂.denote' ctx ≤ 0 ∨ p₃.denote' ctx ≤ 0 := by
-  simp [diseq_split_cert]
-  intro _ _; subst p₂ p₃; simp
-  generalize p₁.denote ctx = p
-  intro h; cases Int.lt_or_gt_of_ne h
-  next h => have := Int.add_one_le_of_lt h; rw [Int.add_comm]; simp [*]
-  next h => have := Int.add_one_le_of_lt (Int.neg_lt_neg h); simp at this; simp [*]
-
-theorem diseq_split_resolve (ctx : Context) (p₁ p₂ p₃ : Poly)
-    : diseq_split_cert p₁ p₂ p₃ → p₁.denote' ctx ≠ 0 → ¬p₂.denote' ctx ≤ 0 → p₃.denote' ctx ≤ 0 := by
-  intro h₁ h₂ h₃
-  exact (diseq_split ctx p₁ p₂ p₃ h₁ h₂).resolve_left h₃
-
-def OrOver (n : Nat) (p : Nat → Prop) : Prop :=
-  match n with
-  | 0 => False
-  | n+1 => p n ∨ OrOver n p
-
-theorem orOver_one {p} : OrOver 1 p → p 0 := by simp [OrOver]
-
-theorem orOver_resolve {n p} : OrOver (n+1) p → ¬ p n → OrOver n p := by
-  intro h₁ h₂
-  rw [OrOver] at h₁
-  cases h₁
-  · contradiction
-  · assumption
-
-private theorem orOver_of_p {i n p} (h₁ : i < n) (h₂ : p i) : OrOver n p := by
-  induction n
-  next => simp at h₁
-  next n ih =>
-    simp [OrOver]
-    cases Nat.eq_or_lt_of_le <| Nat.le_of_lt_add_one h₁
-    next h => subst i; exact Or.inl h₂
-    next h => exact Or.inr (ih h)
-
-private theorem orOver_of_exists {n p} : (∃ k, k < n ∧ p k) → OrOver n p := by
-  intro ⟨k, h₁, h₂⟩
-  apply orOver_of_p h₁ h₂
-
-private theorem ofNat_toNat {a : Int} : a ≥ 0 → Int.ofNat a.toNat = a := by cases a <;> simp
-private theorem cast_toNat {a : Int} : a ≥ 0 → a.toNat = a := by cases a <;> simp
-private theorem ofNat_lt {a : Int} {n : Nat} : a ≥ 0 → a < Int.ofNat n → a.toNat < n := by cases a <;> simp
-@[local simp] private theorem lcm_neg_left (a b : Int) : Int.lcm (-a) b = Int.lcm a b := by simp [Int.lcm]
-@[local simp] private theorem lcm_neg_right (a b : Int) : Int.lcm a (-b) = Int.lcm a b := by simp [Int.lcm]
-@[local simp] private theorem gcd_neg_left (a b : Int) : Int.gcd (-a) b = Int.gcd a b := by simp [Int.gcd]
-@[local simp] private theorem gcd_neg_right (a b : Int) : Int.gcd a (-b) = Int.gcd a b := by simp [Int.gcd]
-@[local simp] private theorem gcd_zero (a : Int) : Int.gcd a 0 = a.natAbs := by simp [Int.gcd]
-@[local simp] private theorem lcm_one (a : Int) : Int.lcm a 1 = a.natAbs := by simp [Int.lcm]
-
-private theorem cooper_dvd_left_core
-    {a b c d s p q x : Int} (a_neg : a < 0) (b_pos : 0 < b) (d_pos : 0 < d)
-    (h₁ : a * x + p ≤ 0)
-    (h₂ : b * x + q ≤ 0)
-    (h₃ : d ∣ c * x + s)
-    : OrOver (Int.lcm a (a * d / Int.gcd (a * d) c)) fun k =>
-        b * p + (-a) * q + b * k ≤ 0 ∧
-        a ∣ p + k ∧
-        a * d ∣ c * p + (-a) * s + c * k := by
-  have a_pos' : 0 < -a := by apply Int.neg_pos_of_neg; assumption
-  have h₁'    : p ≤ (-a)*x := by rw [Int.neg_mul, ← Lean.Omega.Int.add_le_zero_iff_le_neg']; assumption
-  have h₂'    : b * x ≤ -q := by rw [← Lean.Omega.Int.add_le_zero_iff_le_neg', Int.add_comm]; assumption
-  have ⟨k, h₁, h₂, h₃, h₄, h₅⟩ := Int.cooper_resolution_dvd_left a_pos' b_pos d_pos |>.mp ⟨x, h₁', h₂', h₃⟩
-  rw [Int.neg_mul] at h₂
-  simp only [Int.neg_mul, neg_gcd, lcm_neg_left, Int.mul_neg, Int.neg_neg, Int.neg_dvd] at *
-  rw [Int.neg_ediv_of_dvd Int.gcd_dvd_left] at h₂
-  simp only [lcm_neg_right] at h₂
-  have : c * k + c * p + -(a * s) = c * p + -(a * s) + c * k := by ac_rfl
-  rw [this] at h₅; clear this
-  rw [← ofNat_toNat h₁] at h₃ h₄ h₅
-  rw [Int.add_comm] at h₄
-  have := ofNat_lt h₁ h₂
-  apply orOver_of_exists
-  replace h₃ := Int.add_le_add_right h₃ (-(a*q)); rw [Int.add_right_neg] at h₃
-  have : b * Int.ofNat k.toNat + b * p + -(a * q) = b * p + -(a * q) + b * Int.ofNat k.toNat := by ac_rfl
-  rw [this] at h₃
-  exists k.toNat
-
-def cooper_dvd_left_cert (p₁ p₂ p₃ : Poly) (d : Int) (n : Nat) : Bool :=
-  p₁.casesOn (fun _ => false) fun a x _ =>
-  p₂.casesOn (fun _ => false) fun b y _ =>
-  p₃.casesOn (fun _ => false) fun c z _ =>
-   .and (x == y) <| .and (x == z) <|
-   .and (a < 0)  <| .and (b > 0)  <|
-   .and (d > 0)  <| n == Int.lcm a (a * d / Int.gcd (a * d) c)
-
-def Poly.tail (p : Poly) : Poly :=
-  match p with
-  | .add _ _ p => p
-  | _ => p
-
-def cooper_dvd_left_split (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) : Prop :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let s  := p₃.tail
-  let a  := p₁.leadCoeff
-  let b  := p₂.leadCoeff
-  let c  := p₃.leadCoeff
-  let p₁ := p.mul b |>.combine (q.mul (-a))
-  let p₂ := p.mul c |>.combine (s.mul (-a))
-  (p₁.addConst (b*k)).denote' ctx ≤ 0
-  ∧ a ∣ (p.addConst k).denote' ctx
-  ∧ a*d ∣ (p₂.addConst (c*k)).denote' ctx
-
-private theorem denote'_mul_combine_mul_addConst_eq (ctx : Context) (p q : Poly) (a b c : Int)
-    : ((p.mul b |>.combine (q.mul a)).addConst c).denote' ctx = b*p.denote ctx + a*q.denote ctx + c := by
-  simp
-
-private theorem denote'_addConst_eq (ctx : Context) (p : Poly) (a : Int)
-    : (p.addConst a).denote' ctx = p.denote ctx + a := by
-  simp
-
-theorem cooper_dvd_left (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (n : Nat)
-    : cooper_dvd_left_cert p₁ p₂ p₃ d n
-      → p₁.denote' ctx ≤ 0
-      → p₂.denote' ctx ≤ 0
-      → d ∣ p₃.denote' ctx
-      → OrOver n (cooper_dvd_left_split ctx p₁ p₂ p₃ d) := by
- unfold cooper_dvd_left_split
- cases p₁ <;> cases p₂ <;> cases p₃ <;> simp [cooper_dvd_left_cert, Poly.tail, -Poly.denote'_eq_denote]
- next a x p b y q c z s =>
- intro _ _; subst y z
- intro ha hb hd
- intro; subst n
- simp only [Poly.denote'_add, Poly.leadCoeff]
- intro h₁ h₂ h₃
- simp only [denote'_mul_combine_mul_addConst_eq]
- simp only [denote'_addConst_eq]
- exact cooper_dvd_left_core ha hb hd h₁ h₂ h₃
-
-def cooper_dvd_left_split_ineq_cert (p₁ p₂ : Poly) (k : Int) (b : Int) (p' : Poly) : Bool :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let a  := p₁.leadCoeff
-  let p₁ := p.mul b |>.combine (q.mul (-a))
-  p₂.leadCoeff == b && p' == p₁.addConst (b*k)
-
-theorem cooper_dvd_left_split_ineq (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) (b : Int) (p' : Poly)
-    : cooper_dvd_left_split ctx p₁ p₂ p₃ d k → cooper_dvd_left_split_ineq_cert p₁ p₂ k b p' → p'.denote' ctx ≤ 0 := by
-  simp [cooper_dvd_left_split_ineq_cert, cooper_dvd_left_split]
-  intros; subst p' b; simp [denote'_mul_combine_mul_addConst_eq]; assumption
-
-def cooper_dvd_left_split_dvd1_cert (p₁ p' : Poly) (a : Int) (k : Int) : Bool :=
-  a == p₁.leadCoeff && p' == p₁.tail.addConst k
-
-theorem cooper_dvd_left_split_dvd1 (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) (a : Int) (p' : Poly)
-    : cooper_dvd_left_split ctx p₁ p₂ p₃ d k → cooper_dvd_left_split_dvd1_cert p₁ p' a k → a ∣ p'.denote' ctx := by
-  simp [cooper_dvd_left_split_dvd1_cert, cooper_dvd_left_split]
-  intros; subst a p'; simp; assumption
-
-def cooper_dvd_left_split_dvd2_cert (p₁ p₃ : Poly) (d : Int) (k : Nat) (d' : Int) (p' : Poly): Bool :=
-  let p  := p₁.tail
-  let s  := p₃.tail
-  let a  := p₁.leadCoeff
-  let c  := p₃.leadCoeff
-  let p₂ := p.mul c |>.combine (s.mul (-a))
-  d' == a*d && p' == p₂.addConst (c*k)
-
-theorem cooper_dvd_left_split_dvd2 (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) (d' : Int) (p' : Poly)
-    : cooper_dvd_left_split ctx p₁ p₂ p₃ d k → cooper_dvd_left_split_dvd2_cert p₁ p₃ d k d' p' → d' ∣ p'.denote' ctx := by
-  simp [cooper_dvd_left_split_dvd2_cert, cooper_dvd_left_split]
-  intros; subst d' p'; simp; assumption
-
-private theorem cooper_left_core
-    {a b p q x : Int} (a_neg : a < 0) (b_pos : 0 < b)
-    (h₁ : a * x + p ≤ 0)
-    (h₂ : b * x + q ≤ 0)
-    : OrOver a.natAbs fun k =>
-        b * p + (-a) * q + b * k ≤ 0 ∧
-        a ∣ p + k := by
-  have d_pos : (0 : Int) < 1 := by decide
-  have h₃ : 1 ∣ 0*x + 0 := Int.one_dvd _
-  have h := cooper_dvd_left_core a_neg b_pos d_pos h₁ h₂ h₃
-  simp only [Int.mul_one, gcd_zero, ofNat_natAbs_of_nonpos (Int.le_of_lt a_neg), Int.ediv_neg,
-    Int.ediv_self (Int.ne_of_lt a_neg), Int.reduceNeg, lcm_neg_right, lcm_one,
-    Int.add_left_comm, Int.zero_mul, Int.mul_zero, Int.add_zero, Int.dvd_zero,
-    and_true] at h
-  assumption
-
-def cooper_left_cert (p₁ p₂ : Poly) (n : Nat) : Bool :=
-  p₁.casesOn (fun _ => false) fun a x _ =>
-  p₂.casesOn (fun _ => false) fun b y _ =>
-   .and (x == y) <| .and (a < 0)  <| .and (b > 0)  <|
-   n == a.natAbs
-
-def cooper_left_split (ctx : Context) (p₁ p₂ : Poly) (k : Nat) : Prop :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let a  := p₁.leadCoeff
-  let b  := p₂.leadCoeff
-  let p₁ := p.mul b |>.combine (q.mul (-a))
-  (p₁.addConst (b*k)).denote' ctx ≤ 0
-  ∧ a ∣ (p.addConst k).denote' ctx
-
-theorem cooper_left (ctx : Context) (p₁ p₂ : Poly) (n : Nat)
-    : cooper_left_cert p₁ p₂ n
-      → p₁.denote' ctx ≤ 0
-      → p₂.denote' ctx ≤ 0
-      → OrOver n (cooper_left_split ctx p₁ p₂) := by
- unfold cooper_left_split
- cases p₁ <;> cases p₂ <;> simp [cooper_left_cert, Poly.tail, -Poly.denote'_eq_denote]
- next a x p b y q =>
- intro; subst y
- intro ha hb
- intro; subst n
- simp only [Poly.denote'_add, Poly.leadCoeff]
- intro h₁ h₂
- have := cooper_left_core ha hb h₁ h₂
- simp only [denote'_mul_combine_mul_addConst_eq]
- simp only [denote'_addConst_eq]
- assumption
-
-def cooper_left_split_ineq_cert (p₁ p₂ : Poly) (k : Int) (b : Int) (p' : Poly) : Bool :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let a  := p₁.leadCoeff
-  let p₁ := p.mul b |>.combine (q.mul (-a))
-  p₂.leadCoeff == b && p' == p₁.addConst (b*k)
-
-theorem cooper_left_split_ineq (ctx : Context) (p₁ p₂ : Poly) (k : Nat) (b : Int) (p' : Poly)
-    : cooper_left_split ctx p₁ p₂ k → cooper_left_split_ineq_cert p₁ p₂ k b p' → p'.denote' ctx ≤ 0 := by
-  simp [cooper_left_split_ineq_cert, cooper_left_split]
-  intros; subst p' b; simp [denote'_mul_combine_mul_addConst_eq]; assumption
-
-def cooper_left_split_dvd_cert (p₁ p' : Poly) (a : Int) (k : Int) : Bool :=
-  a == p₁.leadCoeff && p' == p₁.tail.addConst k
-
-theorem cooper_left_split_dvd (ctx : Context) (p₁ p₂ : Poly) (k : Nat) (a : Int) (p' : Poly)
-    : cooper_left_split ctx p₁ p₂ k → cooper_left_split_dvd_cert p₁ p' a k → a ∣ p'.denote' ctx := by
-  simp [cooper_left_split_dvd_cert, cooper_left_split]
-  intros; subst a p'; simp; assumption
-
-private theorem cooper_dvd_right_core
-    {a b c d s p q x : Int} (a_neg : a < 0) (b_pos : 0 < b) (d_pos : 0 < d)
-    (h₁ : a * x + p ≤ 0)
-    (h₂ : b * x + q ≤ 0)
-    (h₃ : d ∣ c * x + s)
-    : OrOver (Int.lcm b (b * d / Int.gcd (b * d) c)) fun k =>
-      b * p + (-a) * q + (-a) * k ≤ 0 ∧
-      b ∣ q + k ∧
-      b * d ∣ (-c) * q + b * s + (-c) * k := by
-  have a_pos' : 0 < -a := by apply Int.neg_pos_of_neg; assumption
-  have h₁'    : p ≤ (-a)*x := by rw [Int.neg_mul, ← Lean.Omega.Int.add_le_zero_iff_le_neg']; assumption
-  have h₂'    : b * x ≤ -q := by rw [← Lean.Omega.Int.add_le_zero_iff_le_neg', Int.add_comm]; assumption
-  have ⟨k, h₁, h₂, h₃, h₄, h₅⟩ := Int.cooper_resolution_dvd_right a_pos' b_pos d_pos |>.mp ⟨x, h₁', h₂', h₃⟩
-  simp only [Int.neg_mul, neg_gcd, lcm_neg_left, Int.mul_neg, Int.neg_neg, Int.neg_dvd] at *
-  apply orOver_of_exists
-  have hlt := ofNat_lt h₁ h₂
-  replace h₃ := Int.add_le_add_right h₃ (-(a*q)); rw [Int.add_right_neg] at h₃
-  have : -(a * k) + b * p + -(a * q) = b * p + -(a * q) + -(a * k) := by ac_rfl
-  rw [this] at h₃; clear this
-  rw [Int.sub_neg, Int.add_comm] at h₄
-  have : -(c * k) + -(c * q) + b * s = -(c * q) + b * s + -(c * k) := by ac_rfl
-  rw [this] at h₅; clear this
-  exists k.toNat
-  simp only [hlt, true_and, and_true, cast_toNat h₁, h₃, h₄, h₅]
-
-def cooper_dvd_right_cert (p₁ p₂ p₃ : Poly) (d : Int) (n : Nat) : Bool :=
-  p₁.casesOn (fun _ => false) fun a x _ =>
-  p₂.casesOn (fun _ => false) fun b y _ =>
-  p₃.casesOn (fun _ => false) fun c z _ =>
-   .and (x == y) <| .and (x == z) <|
-   .and (a < 0)  <| .and (b > 0)  <|
-   .and (d > 0)  <| n == Int.lcm b (b * d / Int.gcd (b * d) c)
-
-def cooper_dvd_right_split (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) : Prop :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let s  := p₃.tail
-  let a  := p₁.leadCoeff
-  let b  := p₂.leadCoeff
-  let c  := p₃.leadCoeff
-  let p₁ := p.mul b |>.combine (q.mul (-a))
-  let p₂ := q.mul (-c) |>.combine (s.mul b)
-  (p₁.addConst ((-a)*k)).denote' ctx ≤ 0
-  ∧ b ∣ (q.addConst k).denote' ctx
-  ∧ b*d ∣ (p₂.addConst ((-c)*k)).denote' ctx
-
-theorem cooper_dvd_right (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (n : Nat)
-    : cooper_dvd_right_cert p₁ p₂ p₃ d n
-      → p₁.denote' ctx ≤ 0
-      → p₂.denote' ctx ≤ 0
-      → d ∣ p₃.denote' ctx
-      → OrOver n (cooper_dvd_right_split ctx p₁ p₂ p₃ d) := by
- unfold cooper_dvd_right_split
- cases p₁ <;> cases p₂ <;> cases p₃ <;> simp [cooper_dvd_right_cert, Poly.tail, -Poly.denote'_eq_denote]
- next a x p b y q c z s =>
- intro _ _; subst y z
- intro ha hb hd
- intro; subst n
- simp only [Poly.denote'_add, Poly.leadCoeff]
- intro h₁ h₂ h₃
- have := cooper_dvd_right_core ha hb hd h₁ h₂ h₃
- simp only [denote'_mul_combine_mul_addConst_eq]
- simp only [denote'_addConst_eq, ←Int.neg_mul]
- exact cooper_dvd_right_core ha hb hd h₁ h₂ h₃
-
-def cooper_dvd_right_split_ineq_cert (p₁ p₂ : Poly) (k : Int) (a : Int) (p' : Poly) : Bool :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let b  := p₂.leadCoeff
-  let p₂ := p.mul b |>.combine (q.mul (-a))
-  p₁.leadCoeff == a && p' == p₂.addConst ((-a)*k)
-
-theorem cooper_dvd_right_split_ineq (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) (a : Int) (p' : Poly)
-    : cooper_dvd_right_split ctx p₁ p₂ p₃ d k → cooper_dvd_right_split_ineq_cert p₁ p₂ k a p' → p'.denote' ctx ≤ 0 := by
-  simp [cooper_dvd_right_split_ineq_cert, cooper_dvd_right_split]
-  intros; subst a p'; simp [denote'_mul_combine_mul_addConst_eq]; assumption
-
-def cooper_dvd_right_split_dvd1_cert (p₂ p' : Poly) (b : Int) (k : Int) : Bool :=
-  b == p₂.leadCoeff && p' == p₂.tail.addConst k
-
-theorem cooper_dvd_right_split_dvd1 (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) (b : Int) (p' : Poly)
-    : cooper_dvd_right_split ctx p₁ p₂ p₃ d k → cooper_dvd_right_split_dvd1_cert p₂ p' b k → b ∣ p'.denote' ctx := by
-  simp [cooper_dvd_right_split_dvd1_cert, cooper_dvd_right_split]
-  intros; subst b p'; simp; assumption
-
-def cooper_dvd_right_split_dvd2_cert (p₂ p₃ : Poly) (d : Int) (k : Nat) (d' : Int) (p' : Poly): Bool :=
-  let q  := p₂.tail
-  let s  := p₃.tail
-  let b  := p₂.leadCoeff
-  let c  := p₃.leadCoeff
-  let p₂ := q.mul (-c) |>.combine (s.mul b)
-  d' == b*d && p' == p₂.addConst ((-c)*k)
-
-theorem cooper_dvd_right_split_dvd2 (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (k : Nat) (d' : Int) (p' : Poly)
-    : cooper_dvd_right_split ctx p₁ p₂ p₃ d k → cooper_dvd_right_split_dvd2_cert p₂ p₃ d k d' p' → d' ∣ p'.denote' ctx := by
-  simp [cooper_dvd_right_split_dvd2_cert, cooper_dvd_right_split]
-  intros; subst d' p'; simp; assumption
-
-private theorem cooper_right_core
-    {a b p q x : Int} (a_neg : a < 0) (b_pos : 0 < b)
-    (h₁ : a * x + p ≤ 0)
-    (h₂ : b * x + q ≤ 0)
-    : OrOver b.natAbs fun k =>
-      b * p + (-a) * q + (-a) * k ≤ 0 ∧
-      b ∣ q + k := by
-  have d_pos : (0 : Int) < 1 := by decide
-  have h₃ : 1 ∣ 0*x + 0 := Int.one_dvd _
-  have h := cooper_dvd_right_core a_neg b_pos d_pos h₁ h₂ h₃
-  simp only [Int.mul_one, gcd_zero, Int.natAbs_of_nonneg (Int.le_of_lt b_pos), Int.ediv_neg,
-    Int.ediv_self (Int.ne_of_gt b_pos), Int.reduceNeg, lcm_neg_right, lcm_one,
-    Int.add_left_comm, Int.zero_mul, Int.mul_zero, Int.add_zero, Int.dvd_zero,
-    and_true, Int.neg_zero] at h
-  assumption
-
-def cooper_right_cert (p₁ p₂ : Poly) (n : Nat) : Bool :=
-  p₁.casesOn (fun _ => false) fun a x _ =>
-  p₂.casesOn (fun _ => false) fun b y _ =>
-  .and (x == y) <| .and (a < 0)  <| .and (b > 0) <| n == b.natAbs
-
-def cooper_right_split (ctx : Context) (p₁ p₂ : Poly) (k : Nat) : Prop :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let a  := p₁.leadCoeff
-  let b  := p₂.leadCoeff
-  let p₁ := p.mul b |>.combine (q.mul (-a))
-  (p₁.addConst ((-a)*k)).denote' ctx ≤ 0
-  ∧ b ∣ (q.addConst k).denote' ctx
-
-theorem cooper_right (ctx : Context) (p₁ p₂ : Poly) (n : Nat)
-    : cooper_right_cert p₁ p₂ n
-      → p₁.denote' ctx ≤ 0
-      → p₂.denote' ctx ≤ 0
-      → OrOver n (cooper_right_split ctx p₁ p₂) := by
- unfold cooper_right_split
- cases p₁ <;> cases p₂ <;> simp [cooper_right_cert, Poly.tail, -Poly.denote'_eq_denote]
- next a x p b y q =>
- intro; subst y
- intro ha hb
- intro; subst n
- simp only [Poly.denote'_add, Poly.leadCoeff]
- intro h₁ h₂
- have := cooper_right_core ha hb h₁ h₂
- simp only [denote'_mul_combine_mul_addConst_eq]
- simp only [denote'_addConst_eq, ←Int.neg_mul]
- assumption
-
-def cooper_right_split_ineq_cert (p₁ p₂ : Poly) (k : Int) (a : Int) (p' : Poly) : Bool :=
-  let p  := p₁.tail
-  let q  := p₂.tail
-  let b  := p₂.leadCoeff
-  let p₂ := p.mul b |>.combine (q.mul (-a))
-  p₁.leadCoeff == a && p' == p₂.addConst ((-a)*k)
-
-theorem cooper_right_split_ineq (ctx : Context) (p₁ p₂ : Poly) (k : Nat) (a : Int) (p' : Poly)
-    : cooper_right_split ctx p₁ p₂ k → cooper_right_split_ineq_cert p₁ p₂ k a p' → p'.denote' ctx ≤ 0 := by
-  simp [cooper_right_split_ineq_cert, cooper_right_split]
-  intros; subst a p'; simp [denote'_mul_combine_mul_addConst_eq]; assumption
-
-def cooper_right_split_dvd_cert (p₂ p' : Poly) (b : Int) (k : Int) : Bool :=
-  b == p₂.leadCoeff && p' == p₂.tail.addConst k
-
-theorem cooper_right_split_dvd (ctx : Context) (p₁ p₂ : Poly) (k : Nat) (b : Int) (p' : Poly)
-    : cooper_right_split ctx p₁ p₂ k → cooper_right_split_dvd_cert p₂ p' b k → b ∣ p'.denote' ctx := by
-  simp [cooper_right_split_dvd_cert, cooper_right_split]
-  intros; subst b p'; simp; assumption
-
-private theorem one_emod_eq_one {a : Int} (h : a > 1) : 1 % a = 1 := by
-  have aux₁ := Int.ediv_add_emod 1 a
-  have : 1 / a = 0 := Int.ediv_eq_zero_of_lt (by decide) h
-  simp [this] at aux₁
-  assumption
-
-private theorem ex_of_dvd {α β a b d x : Int}
-    (h₀ : d > 1)
-    (h₁ : d ∣ a*x + b)
-    (h₂ : α * a + β * d = 1)
-    : ∃ k, x = k * d + (- α * b) % d := by
-  have ⟨k, h₁⟩ := h₁
-  have aux₁ : (α * a) % d = 1 := by
-    replace h₂ := congrArg (· % d) h₂; simp at h₂
-    rw [one_emod_eq_one h₀] at h₂
-    assumption
-  have : ((α * a) * x) % d = (- α * b) % d := by
-    replace h₁ := congrArg (α * ·) h₁; simp only at h₁
-    rw [Int.mul_add] at h₁
-    replace h₁ := congrArg (· - α * b) h₁; simp only [Int.add_sub_cancel] at h₁
-    rw [← Int.mul_assoc, Int.mul_left_comm, Int.sub_eq_add_neg] at h₁
-    replace h₁ := congrArg (· % d) h₁; simp only at h₁
-    rw [Int.add_emod, Int.mul_emod_right, Int.zero_add, Int.emod_emod, ← Int.neg_mul] at h₁
-    assumption
-  have : x % d = (- α * b) % d := by
-    rw [Int.mul_emod, aux₁, Int.one_mul, Int.emod_emod] at this
-    assumption
-  have : x = (x / d)*d + (- α * b) % d := by
-    conv => lhs; rw [← Int.ediv_add_emod x d]
-    rw [Int.mul_comm, this]
-  exists x / d
-
-private theorem cdiv_le {a d k : Int} : d > 0 → a ≤ k * d → cdiv a d ≤ k := by
-  intro h₁ h₂
-  simp [cdiv]
-  replace h₂ := Int.neg_le_neg h₂
-  rw [← Int.neg_mul] at h₂
-  replace h₂ := Int.le_ediv_of_mul_le h₁ h₂
-  replace h₂ := Int.neg_le_neg h₂
-  simp at h₂
-  assumption
-
-private theorem cooper_unsat'_helper {a b d c k x : Int}
-    (d_pos : d > 0)
-    (h₁ : x = k * d + c)
-    (h₂ : a ≤ x)
-    (h₃ : x ≤ b)
-    : ¬ b < (cdiv (a - c) d) * d + c := by
-  intro h₄
-  have aux₁ : cdiv (a - c) d ≤ k := by
-    rw [h₁] at h₂
-    replace h₂ := Int.sub_right_le_of_le_add h₂
-    exact cdiv_le d_pos h₂
-  have aux₂ : cdiv (a - c) d * d ≤ k * d := Int.mul_le_mul_of_nonneg_right aux₁ (Int.le_of_lt d_pos)
-  have aux₃ : cdiv (a - c) d * d + c ≤ k * d + c := Int.add_le_add_right aux₂ _
-  have aux₄ : cdiv (a - c) d * d + c ≤ x := by rw [←h₁] at aux₃; assumption
-  have aux₅ : cdiv (a - c) d * d + c ≤ b := Int.le_trans aux₄ h₃
-  have := Int.lt_of_le_of_lt aux₅ h₄
-  exact Int.lt_irrefl _ this
-
-private theorem cooper_unsat' {a c b d e α β x : Int}
-    (h₁ : d > 1)
-    (h₂ : d ∣ c*x + e)
-    (h₃ : α * c + β * d = 1)
-    (h₄ : (-1)*x + a ≤ 0)
-    (h₅ : x + b ≤ 0)
-    (h₆ : -b < cdiv (a - -α * e % d) d * d + -α * e % d)
-    : False := by
-  have ⟨k, h⟩ := ex_of_dvd h₁ h₂ h₃
-  have d_pos : d > 0 := Int.lt_trans (by decide) h₁
-  replace h₄ := Int.le_neg_add_of_add_le h₄; simp at h₄
-  replace h₅ := Int.neg_le_neg (Int.le_neg_add_of_add_le h₅); simp at h₅
-  have := cooper_unsat'_helper d_pos h h₄ h₅
-  exact this h₆
-
-abbrev Poly.casesOnAdd (p : Poly) (k : Int → Var → Poly → Bool) : Bool :=
-  p.casesOn (fun _  => false) k
-
-abbrev Poly.casesOnNum (p : Poly) (k : Int → Bool) : Bool :=
-  p.casesOn k (fun _ _ _ => false)
-
-def cooper_unsat_cert (p₁ p₂ p₃ : Poly) (d : Int) (α β : Int) : Bool :=
-  p₁.casesOnAdd fun k₁ x p₁ =>
-  p₂.casesOnAdd fun k₂ y p₂ =>
-  p₃.casesOnAdd fun c z p₃ =>
-  p₁.casesOnNum fun a =>
-  p₂.casesOnNum fun b =>
-  p₃.casesOnNum fun e =>
-  (k₁ == -1) |>.and (k₂ == 1) |>.and
-  (x == y) |>.and (x == z) |>.and
-  (d > 1) |>.and (α * c + β * d == 1) |>.and
-  (-b < cdiv (a - -α * e % d) d * d + -α * e % d)
-
-theorem cooper_unsat (ctx : Context) (p₁ p₂ p₃ : Poly) (d : Int) (α β : Int)
-   : cooper_unsat_cert p₁ p₂ p₃ d α β →
-     p₁.denote' ctx ≤ 0 → p₂.denote' ctx ≤ 0 → d ∣ p₃.denote' ctx → False := by
-  unfold cooper_unsat_cert <;> cases p₁ <;> cases p₂ <;> cases p₃ <;> simp only [Poly.casesOnAdd,
-    Bool.false_eq_true, Poly.denote'_add, mul_def, add_def, false_implies]
-  next k₁ x p₁ k₂ y p₂ c z p₃ =>
-  cases p₁ <;> cases p₂ <;> cases p₃ <;> simp only [Poly.casesOnNum, Int.reduceNeg,
-    Bool.and_eq_true, beq_iff_eq, decide_eq_true_eq, and_imp, Bool.false_eq_true,
-    mul_def, add_def, false_implies, Poly.denote]
-  next a b e =>
-  intro _ _ _ _; subst k₁ k₂ y z
-  intro h₁ h₃ h₆; generalize Var.denote ctx x = x'
-  intro h₄ h₅ h₂
-  rw [Int.one_mul] at h₅
-  exact cooper_unsat' h₁ h₂ h₃ h₄ h₅ h₆
-
-theorem ediv_emod (x y : Int) : -1 * x + y * (x / y) + x % y = 0 := by
-  rw [Int.add_assoc, Int.ediv_add_emod x y, Int.add_comm]
-  simp
-  rw [← Int.sub_eq_add_neg, Int.sub_self]
-
-theorem emod_nonneg (x y : Int) : y != 0 → -1 * (x % y) ≤ 0 := by
-  simp; intro h
-  have := Int.neg_le_neg (Int.emod_nonneg x h)
-  simp at this
-  assumption
-
-def emod_le_cert (y n : Int) : Bool :=
-  y != 0 && n == 1 - y.natAbs
-
-theorem emod_le (x y : Int) (n : Int) : emod_le_cert y n → x % y + n ≤ 0 := by
-  simp [emod_le_cert]
-  intro h₁
-  cases Int.lt_or_gt_of_ne h₁
-  next h =>
-    rw [Int.ofNat_natAbs_of_nonpos (Int.le_of_lt h)]
-    simp only [Int.sub_neg]
-    intro; subst n
-    rw [Int.add_assoc, Int.add_left_comm]
-    apply Int.add_le_of_le_sub_left
-    rw [Int.zero_sub, Int.add_comm]
-    have : 0 < -y := by
-      have := Int.neg_lt_neg h
-      rw [Int.neg_zero] at this
-      assumption
-    have := Int.emod_lt_of_pos x this
-    rw [Int.emod_neg] at this
-    exact this
-  next h =>
-    rw [Int.natAbs_of_nonneg (Int.le_of_lt h)]
-    intro; subst n
-    rw [Int.sub_eq_add_neg, Int.add_assoc, Int.add_left_comm]
-    apply Int.add_le_of_le_sub_left
-    simp only [Int.add_comm, Int.sub_neg, Int.add_zero]
-    exact Int.emod_lt_of_pos x h
-
 end Int.Linear
 
 theorem Int.not_le_eq (a b : Int) : (¬a ≤ b) = (b + 1 ≤ a) := by

src/Init/Data/Int/Order.lean

@@ -133,15 +133,12 @@ protected theorem lt_of_not_ge {a b : Int} (h : ¬a ≤ b) : b < a :=
 protected theorem not_le_of_gt {a b : Int} (h : b < a) : ¬a ≤ b :=
   (Int.lt_iff_le_not_le.mp h).right
 
-@[simp] protected theorem not_le {a b : Int} : ¬a ≤ b ↔ b < a :=
+protected theorem not_le {a b : Int} : ¬a ≤ b ↔ b < a :=
   Iff.intro Int.lt_of_not_ge Int.not_le_of_gt
 
-@[simp] protected theorem not_lt {a b : Int} : ¬a < b ↔ b ≤ a :=
+protected theorem not_lt {a b : Int} : ¬a < b ↔ b ≤ a :=
   by rw [← Int.not_le, Decidable.not_not]
 
-protected theorem le_of_not_gt {a b : Int} (h : ¬ a > b) : a ≤ b :=
-  Int.not_lt.mp h
-
 protected theorem lt_trichotomy (a b : Int) : a < b ∨ a = b ∨ b < a :=
   if eq : a = b then .inr <| .inl eq else
   if le : a ≤ b then .inl <| Int.lt_iff_le_and_ne.2 ⟨le, eq⟩ else
@@ -941,22 +938,6 @@ protected theorem mul_self_le_mul_self {a b : Int} (h1 : 0 ≤ a) (h2 : a ≤ b)
 protected theorem mul_self_lt_mul_self {a b : Int} (h1 : 0 ≤ a) (h2 : a < b) : a * a < b * b :=
   Int.mul_lt_mul' (Int.le_of_lt h2) h2 h1 (Int.lt_of_le_of_lt h1 h2)
 
-protected theorem nonneg_of_mul_nonneg_left {a b : Int}
-    (h : 0 ≤ a * b) (hb : 0 < b) : 0 ≤ a :=
-  Int.le_of_not_gt fun ha => Int.not_le_of_gt (Int.mul_neg_of_neg_of_pos ha hb) h
-
-protected theorem nonneg_of_mul_nonneg_right {a b : Int}
-    (h : 0 ≤ a * b) (ha : 0 < a) : 0 ≤ b :=
-  Int.le_of_not_gt fun hb => Int.not_le_of_gt (Int.mul_neg_of_pos_of_neg ha hb) h
-
-protected theorem nonpos_of_mul_nonpos_left {a b : Int}
-    (h : a * b ≤ 0) (hb : 0 < b) : a ≤ 0 :=
-  Int.le_of_not_gt fun ha : a > 0 => Int.not_le_of_gt (Int.mul_pos ha hb) h
-
-protected theorem nonpos_of_mul_nonpos_right {a b : Int}
-    (h : a * b ≤ 0) (ha : 0 < a) : b ≤ 0 :=
-  Int.le_of_not_gt fun hb : b > 0 => Int.not_le_of_gt (Int.mul_pos ha hb) h
-
 /- ## sign -/
 
 @[simp] theorem sign_zero : sign 0 = 0 := rfl
@@ -1040,12 +1021,6 @@ theorem sign_eq_neg_one_iff_neg {a : Int} : sign a = -1 ↔ a < 0 :=
 @[simp] theorem sign_mul_self : sign i * i = natAbs i := by
   rw [Int.mul_comm, mul_sign_self]
 
-theorem sign_trichotomy (a : Int) : sign a = 1 ∨ sign a = 0 ∨ sign a = -1 := by
-  match a with
-  | 0 => simp
-  | .ofNat (_ + 1) => simp
-  | .negSucc _ => simp
-
 /- ## natAbs -/
 
 theorem natAbs_ne_zero {a : Int} : a.natAbs ≠ 0 ↔ a ≠ 0 := not_congr Int.natAbs_eq_zero

src/Init/Data/List/Attach.lean

@@ -662,10 +662,6 @@ def unattach {α : Type _} {p : α → Prop} (l : List { x // p x }) : List α :
 @[simp] theorem unattach_cons {p : α → Prop} {a : { x // p x }} {l : List { x // p x }} :
   (a :: l).unattach = a.val :: l.unattach := rfl
 
-@[simp] theorem mem_unattach {p : α → Prop} {l : List { x // p x }} {a} :
-    a ∈ l.unattach ↔ ∃ h : p a, ⟨a, h⟩ ∈ l := by
-  simp only [unattach, mem_map, Subtype.exists, exists_and_right, exists_eq_right]
-
 @[simp] theorem length_unattach {p : α → Prop} {l : List { x // p x }} :
     l.unattach.length = l.length := by
   unfold unattach
@@ -770,16 +766,6 @@ and simplifies these to the function directly taking the value.
     simp [hf, find?_cons]
     split <;> simp [ih]
 
-@[simp] theorem all_subtype {p : α → Prop} {l : List { x // p x }} {f : { x // p x } → Bool} {g : α → Bool}
-    (hf : ∀ x h, f ⟨x, h⟩ = g x) :
-    l.all f = l.unattach.all g := by
-  simp [all_eq, hf]
-
-@[simp] theorem any_subtype {p : α → Prop} {l : List { x // p x }} {f : { x // p x } → Bool} {g : α → Bool}
-    (hf : ∀ x h, f ⟨x, h⟩ = g x) :
-    l.any f = l.unattach.any g := by
-  simp [any_eq, hf]
-
 /-! ### Simp lemmas pushing `unattach` inwards. -/
 
 @[simp] theorem unattach_filter {p : α → Prop} {l : List { x // p x }}

src/Init/Data/List/Basic.lean

@@ -1758,10 +1758,10 @@ where
 
 /-! ### removeAll -/
 
-/-- `O(|xs| * |ys|)`. Computes the "set difference" of lists,
+/-- `O(|xs|)`. Computes the "set difference" of lists,
 by filtering out all elements of `xs` which are also in `ys`.
 * `removeAll [1, 1, 5, 1, 2, 4, 5] [1, 2, 2] = [5, 4, 5]`
--/
+ -/
 def removeAll [BEq α] (xs ys : List α) : List α :=
   xs.filter (fun x => !ys.elem x)
 

src/Init/Data/List/BasicAux.lean

@@ -212,7 +212,6 @@ def mapMono (as : List α) (f : α → α) : List α :=
 
 /-! ## Additional lemmas required for bootstrapping `Array`. -/
 
-@[simp]
 theorem getElem_append_left {as bs : List α} (h : i < as.length) {h' : i < (as ++ bs).length} :
     (as ++ bs)[i] = as[i] := by
   induction as generalizing i with
@@ -222,7 +221,6 @@ theorem getElem_append_left {as bs : List α} (h : i < as.length) {h' : i < (as
     | zero => rfl
     | succ i => apply ih
 
-@[simp]
 theorem getElem_append_right {as bs : List α} {i : Nat} (h₁ : as.length ≤ i) {h₂} :
     (as ++ bs)[i]'h₂ =
       bs[i - as.length]'(by rw [length_append] at h₂; exact Nat.sub_lt_left_of_lt_add h₁ h₂) := by

src/Init/Data/OfScientific.lean

@@ -80,9 +80,9 @@ instance : OfScientific Float32 where
 def Float32.ofNat (n : Nat) : Float32 :=
   OfScientific.ofScientific n false 0
 
-def Float32.ofInt : Int → Float32
-  | Int.ofNat n => Float32.ofNat n
-  | Int.negSucc n => Float32.neg (Float32.ofNat (Nat.succ n))
+def Float32.ofInt : Int → Float
+  | Int.ofNat n => Float.ofNat n
+  | Int.negSucc n => Float.neg (Float.ofNat (Nat.succ n))
 
 instance : OfNat Float32 n   := ⟨Float32.ofNat n⟩
 

src/Init/Data/Option/Basic.lean

@@ -101,12 +101,6 @@ This is similar to `<|>`/`orElse`, but it is strict in the second argument. -/
   | some x,   some y => r x y
   | _, _             => False
 
-@[inline] protected def le (r : α → β → Prop) : Option α → Option β → Prop
-  | none,   some _ => True
-  | none,   none   => True
-  | some _, none   => False
-  | some x, some y => r x y
-
 instance (r : α → β → Prop) [s : DecidableRel r] : DecidableRel (Option.lt r)
   | none,   some _ => isTrue  trivial
   | some x, some y => s x y
@@ -223,24 +217,18 @@ instance (α) [BEq α] [LawfulBEq α] : LawfulBEq (Option α) where
 @[simp] theorem any_none : Option.any p none = false := rfl
 @[simp] theorem any_some : Option.any p (some x) = p x := rfl
 
-/--
-The minimum of two optional values.
-
-Note this treats `none` as the least element,
-so `min none x = min x none = none` for all `x : Option α`.
-Prior to nightly-2025-02-27, we instead had `min none (some x) = min (some x) none = some x`.
--/
+/-- The minimum of two optional values. -/
 protected def min [Min α] : Option α → Option α → Option α
   | some x, some y => some (Min.min x y)
-  | some _, none => none
-  | none, some _ => none
+  | some x, none => some x
+  | none, some y => some y
   | none, none => none
 
 instance [Min α] : Min (Option α) where min := Option.min
 
 @[simp] theorem min_some_some [Min α] {a b : α} : min (some a) (some b) = some (min a b) := rfl
-@[simp] theorem min_some_none [Min α] {a : α} : min (some a) none = none := rfl
-@[simp] theorem min_none_some [Min α] {b : α} : min none (some b) = none := rfl
+@[simp] theorem min_some_none [Min α] {a : α} : min (some a) none = some a := rfl
+@[simp] theorem min_none_some [Min α] {b : α} : min none (some b) = some b := rfl
 @[simp] theorem min_none_none [Min α] : min (none : Option α) none = none := rfl
 
 /-- The maximum of two optional values. -/
@@ -263,9 +251,6 @@ end Option
 instance [LT α] : LT (Option α) where
   lt := Option.lt (· < ·)
 
-instance [LE α] : LE (Option α) where
-  le := Option.le (· ≤ ·)
-
 @[always_inline]
 instance : Functor Option where
   map := Option.map

src/Init/Data/Option/Lemmas.lean

@@ -673,80 +673,4 @@ theorem pmap_map (o : Option α) (f : α → β) {p : β → Prop} (g : ∀ b, p
        o.pelim g (fun a h => g' (f a (H a h))) := by
   cases o <;> simp
 
-/-! ### LT and LE -/
-
-@[simp] theorem not_lt_none [LT α] {a : Option α} : ¬ a < none := by cases a <;> simp [LT.lt, Option.lt]
-@[simp] theorem none_lt_some [LT α] {a : α} : none < some a := by simp [LT.lt, Option.lt]
-@[simp] theorem some_lt_some [LT α] {a b : α} : some a < some b ↔ a < b := by simp [LT.lt, Option.lt]
-
-@[simp] theorem none_le [LE α] {a : Option α} : none ≤ a := by cases a <;> simp [LE.le, Option.le]
-@[simp] theorem not_some_le_none [LE α] {a : α} : ¬ some a ≤ none := by simp [LE.le, Option.le]
-@[simp] theorem some_le_some [LE α] {a b : α} : some a ≤ some b ↔ a ≤ b := by simp [LE.le, Option.le]
-
-/-! ### min and max -/
-
-theorem min_eq_left [LE α] [Min α] (min_eq_left : ∀ x y : α, x ≤ y → min x y = x)
-    {a b : Option α} (h : a ≤ b) : min a b = a := by
-  cases a <;> cases b <;> simp_all
-
-theorem min_eq_right [LE α] [Min α] (min_eq_right : ∀ x y : α, y ≤ x → min x y = y)
-    {a b : Option α} (h : b ≤ a) : min a b = b := by
-  cases a <;> cases b <;> simp_all
-
-theorem min_eq_left_of_lt [LT α] [Min α] (min_eq_left : ∀ x y : α, x < y → min x y = x)
-    {a b : Option α} (h : a < b) : min a b = a := by
-  cases a <;> cases b <;> simp_all
-
-theorem min_eq_right_of_lt [LT α] [Min α] (min_eq_right : ∀ x y : α, y < x → min x y = y)
-    {a b : Option α} (h : b < a) : min a b = b := by
-  cases a <;> cases b <;> simp_all
-
-theorem min_eq_or [LE α] [Min α] (min_eq_or : ∀ x y : α, min x y = x ∨ min x y = y)
-    {a b : Option α} : min a b = a ∨ min a b = b := by
-  cases a <;> cases b <;> simp_all
-
-theorem min_le_left [LE α] [Min α] (min_le_left : ∀ x y : α, min x y ≤ x)
-    {a b : Option α} : min a b ≤ a := by
-  cases a <;> cases b <;> simp_all
-
-theorem min_le_right [LE α] [Min α] (min_le_right : ∀ x y : α, min x y ≤ y)
-    {a b : Option α} : min a b ≤ b := by
-  cases a <;> cases b <;> simp_all
-
-theorem le_min [LE α] [Min α] (le_min : ∀ x y z : α, x ≤ min y z ↔ x ≤ y ∧ x ≤ z)
-    {a b c : Option α} : a ≤ min b c ↔ a ≤ b ∧ a ≤ c := by
-  cases a <;> cases b <;> cases c <;> simp_all
-
-theorem max_eq_left [LE α] [Max α] (max_eq_left : ∀ x y : α, x ≤ y → max x y = y)
-    {a b : Option α} (h : a ≤ b) : max a b = b := by
-  cases a <;> cases b <;> simp_all
-
-theorem max_eq_right [LE α] [Max α] (max_eq_right : ∀ x y : α, y ≤ x → max x y = x)
-    {a b : Option α} (h : b ≤ a) : max a b = a := by
-  cases a <;> cases b <;> simp_all
-
-theorem max_eq_left_of_lt [LT α] [Max α] (max_eq_left : ∀ x y : α, x < y → max x y = y)
-    {a b : Option α} (h : a < b) : max a b = b := by
-  cases a <;> cases b <;> simp_all
-
-theorem max_eq_right_of_lt [LT α] [Max α] (max_eq_right : ∀ x y : α, y < x → max x y = x)
-    {a b : Option α} (h : b < a) : max a b = a := by
-  cases a <;> cases b <;> simp_all
-
-theorem max_eq_or [LE α] [Max α] (max_eq_or : ∀ x y : α, max x y = x ∨ max x y = y)
-    {a b : Option α} : max a b = a ∨ max a b = b := by
-  cases a <;> cases b <;> simp_all
-
-theorem left_le_max [LE α] [Max α] (le_refl : ∀ x : α, x ≤ x) (left_le_max : ∀ x y : α, x ≤ max x y)
-    {a b : Option α} : a ≤ max a b := by
-  cases a <;> cases b <;> simp_all
-
-theorem right_le_max [LE α] [Max α] (le_refl : ∀ x : α, x ≤ x) (right_le_max : ∀ x y : α, y ≤ max x y)
-    {a b : Option α} : b ≤ max a b := by
-  cases a <;> cases b <;> simp_all
-
-theorem max_le [LE α] [Max α] (max_le : ∀ x y z : α, max x y ≤ z ↔ x ≤ z ∧ y ≤ z)
-    {a b c : Option α} : max a b ≤ c ↔ a ≤ c ∧ b ≤ c := by
-  cases a <;> cases b <;> cases c <;> simp_all
-
 end Option

src/Init/Data/SInt.lean

@@ -8,7 +8,6 @@ import Init.Data.SInt.Basic
 import Init.Data.SInt.Float
 import Init.Data.SInt.Float32
 import Init.Data.SInt.Lemmas
-import Init.Data.SInt.Bitwise
 
 /-!
 This module contains the definitions and basic theory about signed fixed width integer types.

src/Init/Data/SInt/Basic.lean

@@ -77,9 +77,6 @@ Obtain the `BitVec` that contains the 2's complement representation of the `Int8
 -/
 @[inline] def Int8.toBitVec (x : Int8) : BitVec 8 := x.toUInt8.toBitVec
 
-theorem Int8.toBitVec.inj : {x y : Int8} → x.toBitVec = y.toBitVec → x = y
-  | ⟨⟨_⟩⟩, ⟨⟨_⟩⟩, rfl => rfl
-
 /-- Obtains the `Int8` that is 2's complement equivalent to the `UInt8`. -/
 @[inline] def UInt8.toInt8 (i : UInt8) : Int8 := Int8.ofUInt8 i
 @[inline, deprecated UInt8.toInt8 (since := "2025-02-13"), inherit_doc UInt8.toInt8]
@@ -113,8 +110,8 @@ instance : ReprAtom Int8 := ⟨⟩
 instance : Hashable Int8 where
   hash i := i.toUInt8.toUInt64
 
-instance Int8.instOfNat : OfNat Int8 n := ⟨Int8.ofNat n⟩
-instance Int8.instNeg : Neg Int8 where
+instance : OfNat Int8 n := ⟨Int8.ofNat n⟩
+instance : Neg Int8 where
   neg := Int8.neg
 
 /-- The maximum value an `Int8` may attain, that is, `2^7 - 1 = 127`. -/
@@ -216,9 +213,6 @@ Obtain the `BitVec` that contains the 2's complement representation of the `Int1
 -/
 @[inline] def Int16.toBitVec (x : Int16) : BitVec 16 := x.toUInt16.toBitVec
 
-theorem Int16.toBitVec.inj : {x y : Int16} → x.toBitVec = y.toBitVec → x = y
-  | ⟨⟨_⟩⟩, ⟨⟨_⟩⟩, rfl => rfl
-
 /-- Obtains the `Int16` that is 2's complement equivalent to the `UInt16`. -/
 @[inline] def UInt16.toInt16 (i : UInt16) : Int16 := Int16.ofUInt16 i
 @[inline, deprecated UInt16.toInt16 (since := "2025-02-13"), inherit_doc UInt16.toInt16]
@@ -256,8 +250,8 @@ instance : ReprAtom Int16 := ⟨⟩
 instance : Hashable Int16 where
   hash i := i.toUInt16.toUInt64
 
-instance Int16.instOfNat : OfNat Int16 n := ⟨Int16.ofNat n⟩
-instance Int16.instNeg : Neg Int16 where
+instance : OfNat Int16 n := ⟨Int16.ofNat n⟩
+instance : Neg Int16 where
   neg := Int16.neg
 
 /-- The maximum value an `Int16` may attain, that is, `2^15 - 1 = 32767`. -/
@@ -359,9 +353,6 @@ Obtain the `BitVec` that contains the 2's complement representation of the `Int3
 -/
 @[inline] def Int32.toBitVec (x : Int32) : BitVec 32 := x.toUInt32.toBitVec
 
-theorem Int32.toBitVec.inj : {x y : Int32} → x.toBitVec = y.toBitVec → x = y
-  | ⟨⟨_⟩⟩, ⟨⟨_⟩⟩, rfl => rfl
-
 /-- Obtains the `Int32` that is 2's complement equivalent to the `UInt32`. -/
 @[inline] def UInt32.toInt32 (i : UInt32) : Int32 := Int32.ofUInt32 i
 @[inline, deprecated UInt32.toInt32 (since := "2025-02-13"), inherit_doc UInt32.toInt32]
@@ -403,8 +394,8 @@ instance : ReprAtom Int16 := ⟨⟩
 instance : Hashable Int32 where
   hash i := i.toUInt32.toUInt64
 
-instance Int32.instOfNat : OfNat Int32 n := ⟨Int32.ofNat n⟩
-instance Int32.instNeg : Neg Int32 where
+instance : OfNat Int32 n := ⟨Int32.ofNat n⟩
+instance : Neg Int32 where
   neg := Int32.neg
 
 /-- The maximum value an `Int32` may attain, that is, `2^31 - 1 = 2147483647`. -/
@@ -506,9 +497,6 @@ Obtain the `BitVec` that contains the 2's complement representation of the `Int6
 -/
 @[inline] def Int64.toBitVec (x : Int64) : BitVec 64 := x.toUInt64.toBitVec
 
-theorem Int64.toBitVec.inj : {x y : Int64} → x.toBitVec = y.toBitVec → x = y
-  | ⟨⟨_⟩⟩, ⟨⟨_⟩⟩, rfl => rfl
-
 /-- Obtains the `Int64` that is 2's complement equivalent to the `UInt64`. -/
 @[inline] def UInt64.toInt64 (i : UInt64) : Int64 := Int64.ofUInt64 i
 @[inline, deprecated UInt64.toInt64 (since := "2025-02-13"), inherit_doc UInt64.toInt64]
@@ -554,8 +542,8 @@ instance : ReprAtom Int64 := ⟨⟩
 instance : Hashable Int64 where
   hash i := i.toUInt64
 
-instance Int64.instOfNat : OfNat Int64 n := ⟨Int64.ofNat n⟩
-instance Int64.instNeg : Neg Int64 where
+instance : OfNat Int64 n := ⟨Int64.ofNat n⟩
+instance : Neg Int64 where
   neg := Int64.neg
 
 /-- The maximum value an `Int64` may attain, that is, `2^63 - 1 = 9223372036854775807`. -/
@@ -657,9 +645,6 @@ Obtain the `BitVec` that contains the 2's complement representation of the `ISiz
 -/
 @[inline] def ISize.toBitVec (x : ISize) : BitVec System.Platform.numBits := x.toUSize.toBitVec
 
-theorem ISize.toBitVec.inj : {x y : ISize} → x.toBitVec = y.toBitVec → x = y
-  | ⟨⟨_⟩⟩, ⟨⟨_⟩⟩, rfl => rfl
-
 /-- Obtains the `ISize` that is 2's complement equivalent to the `USize`. -/
 @[inline] def USize.toISize (i : USize) : ISize := ISize.ofUSize i
 @[inline, deprecated USize.toISize (since := "2025-02-13"), inherit_doc USize.toISize]
@@ -715,8 +700,8 @@ instance : ReprAtom ISize := ⟨⟩
 instance : Hashable ISize where
   hash i := i.toUSize.toUInt64
 
-instance ISize.instOfNat : OfNat ISize n := ⟨ISize.ofNat n⟩
-instance ISize.instNeg : Neg ISize where
+instance : OfNat ISize n := ⟨ISize.ofNat n⟩
+instance : Neg ISize where
   neg := ISize.neg
 
 /-- The maximum value an `ISize` may attain, that is, `2^(System.Platform.numBits - 1) - 1`. -/

src/Init/Data/SInt/Bitwise.lean

@@ -1,57 +0,0 @@
-/-
-Copyright (c) 2025 Lean FRO, LLC. All rights reserved.
-Released under Apache 2.0 license as described in the file LICENSE.
-Authors: Markus Himmel
--/
-prelude
-import Init.Data.SInt.Lemmas
-
-set_option hygiene false in
-macro "declare_bitwise_int_theorems" typeName:ident bits:term:arg : command =>
-`(
-namespace $typeName
-
-@[simp, int_toBitVec] protected theorem toBitVec_add {a b : $typeName} : (a + b).toBitVec = a.toBitVec + b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_sub {a b : $typeName} : (a - b).toBitVec = a.toBitVec - b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_mul {a b : $typeName} : (a * b).toBitVec = a.toBitVec * b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_div {a b : $typeName} : (a / b).toBitVec = a.toBitVec.sdiv b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_mod {a b : $typeName} : (a % b).toBitVec = a.toBitVec.srem b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_not {a : $typeName} : (~~~a).toBitVec = ~~~a.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_and (a b : $typeName) : (a &&& b).toBitVec = a.toBitVec &&& b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_or (a b : $typeName) : (a ||| b).toBitVec = a.toBitVec ||| b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_xor (a b : $typeName) : (a ^^^ b).toBitVec = a.toBitVec ^^^ b.toBitVec := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_shiftLeft (a b : $typeName) : (a <<< b).toBitVec = a.toBitVec <<< (b.toBitVec.smod $bits) := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_shiftRight (a b : $typeName) : (a >>> b).toBitVec = a.toBitVec.sshiftRight' (b.toBitVec.smod $bits) := rfl
-@[simp, int_toBitVec] protected theorem toBitVec_abs (a : $typeName) : a.abs.toBitVec = a.toBitVec.abs := rfl
-
-end $typeName
-)
-declare_bitwise_int_theorems Int8 8
-declare_bitwise_int_theorems Int16 16
-declare_bitwise_int_theorems Int32 32
-declare_bitwise_int_theorems Int64 64
-declare_bitwise_int_theorems ISize System.Platform.numBits
-
-@[simp, int_toBitVec]
-theorem Bool.toBitVec_toInt8 {b : Bool} : b.toInt8.toBitVec = (BitVec.ofBool b).setWidth 8 := by
-  cases b <;> simp [toInt8]
-
-@[simp, int_toBitVec]
-theorem Bool.toBitVec_toInt16 {b : Bool} : b.toInt16.toBitVec = (BitVec.ofBool b).setWidth 16 := by
-  cases b <;> simp [toInt16]
-
-@[simp, int_toBitVec]
-theorem Bool.toBitVec_toInt32 {b : Bool} : b.toInt32.toBitVec = (BitVec.ofBool b).setWidth 32 := by
-  cases b <;> simp [toInt32]
-
-@[simp, int_toBitVec]
-theorem Bool.toBitVec_toInt64 {b : Bool} : b.toInt64.toBitVec = (BitVec.ofBool b).setWidth 64 := by
-  cases b <;> simp [toInt64]
-
-@[simp, int_toBitVec]
-theorem Bool.toBitVec_toISize {b : Bool} :
-    b.toISize.toBitVec = (BitVec.ofBool b).setWidth System.Platform.numBits := by
-  cases b
-  · simp [toISize]
-  · apply BitVec.eq_of_toNat_eq
-    simp [toISize]

src/Init/Data/SInt/Lemmas.lean

@@ -5,863 +5,9 @@ Authors: Markus Himmel
 -/
 prelude
 import Init.Data.SInt.Basic
-import Init.Data.BitVec.Bitblast
-import Init.Data.Int.LemmasAux
-import Init.Data.UInt.Lemmas
-
-open Lean in
-set_option hygiene false in
-macro "declare_int_theorems" typeName:ident _bits:term:arg : command => do
-  let mut cmds ← Syntax.getArgs <$> `(
-  namespace $typeName
-
-  @[int_toBitVec] theorem le_def {a b : $typeName} : a ≤ b ↔ a.toBitVec.sle b.toBitVec := Iff.rfl
-  @[int_toBitVec] theorem lt_def {a b : $typeName} : a < b ↔ a.toBitVec.slt b.toBitVec := Iff.rfl
-  theorem toBitVec_inj {a b : $typeName} : a.toBitVec = b.toBitVec ↔ a = b :=
-    ⟨toBitVec.inj, (· ▸ rfl)⟩
-  @[int_toBitVec] theorem eq_iff_toBitVec_eq {a b : $typeName} : a = b ↔ a.toBitVec = b.toBitVec :=
-    toBitVec_inj.symm
-  @[int_toBitVec] theorem ne_iff_toBitVec_ne {a b : $typeName} : a ≠ b ↔ a.toBitVec ≠ b.toBitVec :=
-    Decidable.not_iff_not.2 eq_iff_toBitVec_eq
-  @[simp] theorem toBitVec_ofNat' {n : Nat} : toBitVec (ofNat n) = BitVec.ofNat _ n := rfl
-  @[simp, int_toBitVec] theorem toBitVec_ofNat {n : Nat} : toBitVec (no_index (OfNat.ofNat n)) = OfNat.ofNat n := rfl
-
-  end $typeName
-  )
-  return ⟨mkNullNode cmds⟩
-
-declare_int_theorems Int8 8
-declare_int_theorems Int16 16
-declare_int_theorems Int32 32
-declare_int_theorems Int64 64
-declare_int_theorems ISize System.Platform.numBits
-
-theorem Int8.toInt.inj {x y : Int8} (h : x.toInt = y.toInt) : x = y := Int8.toBitVec.inj (BitVec.eq_of_toInt_eq h)
-theorem Int8.toInt_inj {x y : Int8} : x.toInt = y.toInt ↔ x = y := ⟨Int8.toInt.inj, fun h => h ▸ rfl⟩
-theorem Int16.toInt.inj {x y : Int16} (h : x.toInt = y.toInt) : x = y := Int16.toBitVec.inj (BitVec.eq_of_toInt_eq h)
-theorem Int16.toInt_inj {x y : Int16} : x.toInt = y.toInt ↔ x = y := ⟨Int16.toInt.inj, fun h => h ▸ rfl⟩
-theorem Int32.toInt.inj {x y : Int32} (h : x.toInt = y.toInt) : x = y := Int32.toBitVec.inj (BitVec.eq_of_toInt_eq h)
-theorem Int32.toInt_inj {x y : Int32} : x.toInt = y.toInt ↔ x = y := ⟨Int32.toInt.inj, fun h => h ▸ rfl⟩
-theorem Int64.toInt.inj {x y : Int64} (h : x.toInt = y.toInt) : x = y := Int64.toBitVec.inj (BitVec.eq_of_toInt_eq h)
-theorem Int64.toInt_inj {x y : Int64} : x.toInt = y.toInt ↔ x = y := ⟨Int64.toInt.inj, fun h => h ▸ rfl⟩
-theorem ISize.toInt.inj {x y : ISize} (h : x.toInt = y.toInt) : x = y := ISize.toBitVec.inj (BitVec.eq_of_toInt_eq h)
-theorem ISize.toInt_inj {x y : ISize} : x.toInt = y.toInt ↔ x = y := ⟨ISize.toInt.inj, fun h => h ▸ rfl⟩
-
-@[simp] theorem Int8.toBitVec_neg (x : Int8) : (-x).toBitVec = -x.toBitVec := rfl
-@[simp] theorem Int16.toBitVec_neg (x : Int16) : (-x).toBitVec = -x.toBitVec := rfl
-@[simp] theorem Int32.toBitVec_neg (x : Int32) : (-x).toBitVec = -x.toBitVec := rfl
-@[simp] theorem Int64.toBitVec_neg (x : Int64) : (-x).toBitVec = -x.toBitVec := rfl
-@[simp] theorem ISize.toBitVec_neg (x : ISize) : (-x).toBitVec = -x.toBitVec := rfl
-
-@[simp] theorem ISize.toBitVec_zero : (0 : ISize).toBitVec = 0 := rfl
-
-@[simp] theorem Int8.toBitVec_ofInt (i : Int) : (ofInt i).toBitVec = BitVec.ofInt _ i := rfl
-@[simp] theorem Int16.toBitVec_ofInt (i : Int) : (ofInt i).toBitVec = BitVec.ofInt _ i := rfl
-@[simp] theorem Int32.toBitVec_ofInt (i : Int) : (ofInt i).toBitVec = BitVec.ofInt _ i := rfl
-@[simp] theorem Int64.toBitVec_ofInt (i : Int) : (ofInt i).toBitVec = BitVec.ofInt _ i := rfl
-@[simp] theorem ISize.toBitVec_ofInt (i : Int) : (ofInt i).toBitVec = BitVec.ofInt _ i := rfl
-
-@[simp] theorem Int8.neg_zero : -(0 : Int8) = 0 := rfl
-@[simp] theorem Int16.neg_zero : -(0 : Int16) = 0 := rfl
-@[simp] theorem Int32.neg_zero : -(0 : Int32) = 0 := rfl
-@[simp] theorem Int64.neg_zero : -(0 : Int64) = 0 := rfl
-@[simp] theorem ISize.neg_zero : -(0 : ISize) = 0 := ISize.toBitVec.inj (by simp)
-
-theorem ISize.toNat_toBitVec_ofNat_of_lt {n : Nat} (h : n < 2^32) :
-    (ofNat n).toBitVec.toNat = n :=
-  Nat.mod_eq_of_lt (Nat.lt_of_lt_of_le h (by cases USize.size_eq <;> simp_all +decide))
-
-theorem Int8.toInt_ofInt {n : Int} (hn : -2^7 ≤ n) (hn' : n < 2^7) : toInt (ofInt n) = n := by
-  rw [toInt, toBitVec_ofInt, BitVec.toInt_ofInt_eq_self (by decide) hn hn']
-theorem Int16.toInt_ofInt {n : Int} (hn : -2^15 ≤ n) (hn' : n < 2^15) : toInt (ofInt n) = n := by
-  rw [toInt, toBitVec_ofInt, BitVec.toInt_ofInt_eq_self (by decide) hn hn']
-theorem Int32.toInt_ofInt {n : Int} (hn : -2^31 ≤ n) (hn' : n < 2^31) : toInt (ofInt n) = n := by
-  rw [toInt, toBitVec_ofInt, BitVec.toInt_ofInt_eq_self (by decide) hn hn']
-theorem Int64.toInt_ofInt {n : Int} (hn : -2^63 ≤ n) (hn' : n < 2^63) : toInt (ofInt n) = n := by
-  rw [toInt, toBitVec_ofInt, BitVec.toInt_ofInt_eq_self (by decide) hn hn']
-theorem ISize.toInt_ofInt {n : Int} (hn : -2^31 ≤ n) (hn' : n < 2^31) : toInt (ofInt n) = n := by
-  rw [toInt, toBitVec_ofInt, BitVec.toInt_ofInt_eq_self] <;> cases System.Platform.numBits_eq
-    <;> (simp_all; try omega)
-
-theorem ISize.toInt_ofInt_of_two_pow_numBits_le {n : Int} (hn : -2 ^ (System.Platform.numBits - 1) ≤ n)
-    (hn' : n < 2 ^ (System.Platform.numBits - 1)) : toInt (ofInt n) = n := by
-  rw [toInt, toBitVec_ofInt, BitVec.toInt_ofInt_eq_self _ hn hn']
-  cases System.Platform.numBits_eq <;> simp_all
-
-theorem ISize.toNatClampNeg_ofInt_eq_zero {n : Int} (hn : -2^31 ≤ n) (hn' : n ≤ 0) :
-    toNatClampNeg (ofInt n) = 0 := by
-  rwa [toNatClampNeg, toInt_ofInt hn (by omega), Int.toNat_eq_zero]
-
-theorem Int64.neg_ofInt {n : Int} : -ofInt n = ofInt (-n) :=
-  toBitVec.inj (by simp [BitVec.ofInt_neg])
-theorem ISize.neg_ofInt {n : Int} : -ofInt n = ofInt (-n) :=
-  toBitVec.inj (by simp [BitVec.ofInt_neg])
-
-theorem Int8.ofInt_eq_ofNat {n : Nat} : ofInt n = ofNat n := toBitVec.inj (by simp)
-theorem Int16.ofInt_eq_ofNat {n : Nat} : ofInt n = ofNat n := toBitVec.inj (by simp)
-theorem Int32.ofInt_eq_ofNat {n : Nat} : ofInt n = ofNat n := toBitVec.inj (by simp)
-theorem Int64.ofInt_eq_ofNat {n : Nat} : ofInt n = ofNat n := toBitVec.inj (by simp)
-theorem ISize.ofInt_eq_ofNat {n : Nat} : ofInt n = ofNat n := toBitVec.inj (by simp)
-
-theorem ISize.neg_ofNat {n : Nat} : -ofNat n = ofInt (-n) := by
-  rw [← neg_ofInt, ofInt_eq_ofNat]
-
-theorem Int8.toNatClampNeg_ofNat_of_lt {n : Nat} (h : n < 2 ^ 7) : toNatClampNeg (ofNat n) = n := by
-  rw [toNatClampNeg, ← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega), Int.toNat_ofNat]
-theorem ISize.toNatClampNeg_ofNat_of_lt {n : Nat} (h : n < 2 ^ 31) : toNatClampNeg (ofNat n) = n := by
-  rw [toNatClampNeg, ← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega), Int.toNat_ofNat]
-
-theorem ISize.toNatClampNeg_neg_ofNat_of_le {n : Nat} (h : n ≤ 2 ^ 31) :
-    toNatClampNeg (-ofNat n) = 0 := by
-  rw [neg_ofNat, toNatClampNeg_ofInt_eq_zero (by omega) (by omega)]
-
-theorem Int8.toInt_ofNat_of_lt {n : Nat} (h : n < 2 ^ 7) : toInt (ofNat n) = n := by
-  rw [← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega)]
-theorem Int16.toInt_ofNat_of_lt {n : Nat} (h : n < 2 ^ 15) : toInt (ofNat n) = n := by
-  rw [← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega)]
-theorem Int32.toInt_ofNat_of_lt {n : Nat} (h : n < 2 ^ 31) : toInt (ofNat n) = n := by
-  rw [← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega)]
-theorem Int64.toInt_ofNat_of_lt {n : Nat} (h : n < 2 ^ 63) : toInt (ofNat n) = n := by
-  rw [← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega)]
-theorem ISize.toInt_ofNat_of_lt {n : Nat} (h : n < 2 ^ 31) : toInt (ofNat n) = n := by
-  rw [← ofInt_eq_ofNat, toInt_ofInt (by omega) (by omega)]
-theorem ISize.toInt_ofNat_of_lt_two_pow_numBits {n : Nat}
-    (h : n < 2 ^ (System.Platform.numBits - 1)) : toInt (ofNat n) = n := by
-  rw [← ofInt_eq_ofNat, toInt_ofInt_of_two_pow_numBits_le] <;>
-    cases System.Platform.numBits_eq <;> simp_all <;> omega
-
-theorem Int64.toInt_neg_ofNat_of_le {n : Nat} (h : n ≤ 2^63) : toInt (-ofNat n) = -n := by
-  rw [← ofInt_eq_ofNat, neg_ofInt, toInt_ofInt (by omega) (by omega)]
-theorem ISize.toInt_neg_ofNat_of_le {n : Nat} (h : n ≤ 2 ^ 31) : toInt (-ofNat n) = -n := by
-  rw [← ofInt_eq_ofNat, neg_ofInt, toInt_ofInt (by omega) (by omega)]
-
-theorem Int8.toInt_zero : toInt 0 = 0 := by simp
-theorem Int16.toInt_zero : toInt 0 = 0 := by simp
-theorem Int32.toInt_zero : toInt 0 = 0 := by simp
-theorem Int64.toInt_zero : toInt 0 = 0 := by simp
-theorem ISize.toInt_zero : toInt 0 = 0 := by simp
-
-@[simp] theorem ISize.toInt_minValue : ISize.minValue.toInt = -2^(System.Platform.numBits - 1) := by
-  rw [minValue, toInt_ofInt_of_two_pow_numBits_le] <;> cases System.Platform.numBits_eq
-    <;> simp_all
-@[simp] theorem ISize.toInt_maxValue : ISize.maxValue.toInt = 2^(System.Platform.numBits - 1) - 1:= by
-  rw [maxValue, toInt_ofInt_of_two_pow_numBits_le] <;> cases System.Platform.numBits_eq
-    <;> simp_all
 
 @[simp] theorem UInt8.toBitVec_toInt8 (x : UInt8) : x.toInt8.toBitVec = x.toBitVec := rfl
 @[simp] theorem UInt16.toBitVec_toInt16 (x : UInt16) : x.toInt16.toBitVec = x.toBitVec := rfl
 @[simp] theorem UInt32.toBitVec_toInt32 (x : UInt32) : x.toInt32.toBitVec = x.toBitVec := rfl
 @[simp] theorem UInt64.toBitVec_toInt64 (x : UInt64) : x.toInt64.toBitVec = x.toBitVec := rfl
 @[simp] theorem USize.toBitVec_toISize (x : USize) : x.toISize.toBitVec = x.toBitVec := rfl
-
-@[simp] theorem Int8.ofBitVec_uInt8ToBitVec (x : UInt8) : Int8.ofBitVec x.toBitVec = x.toInt8 := rfl
-@[simp] theorem Int16.ofBitVec_uInt16ToBitVec (x : UInt16) : Int16.ofBitVec x.toBitVec = x.toInt16 := rfl
-@[simp] theorem Int32.ofBitVec_uInt32ToBitVec (x : UInt32) : Int32.ofBitVec x.toBitVec = x.toInt32 := rfl
-@[simp] theorem Int64.ofBitVec_uInt64ToBitVec (x : UInt64) : Int64.ofBitVec x.toBitVec = x.toInt64 := rfl
-@[simp] theorem ISize.ofBitVec_uSize8ToBitVec (x : USize) : ISize.ofBitVec x.toBitVec = x.toISize := rfl
-
-@[simp] theorem UInt8.toUInt8_toInt8 (x : UInt8) : x.toInt8.toUInt8 = x := rfl
-@[simp] theorem UInt16.toUInt16_toInt16 (x : UInt16) : x.toInt16.toUInt16 = x := rfl
-@[simp] theorem UInt32.toUInt32_toInt32 (x : UInt32) : x.toInt32.toUInt32 = x := rfl
-@[simp] theorem UInt64.toUInt64_toInt64 (x : UInt64) : x.toInt64.toUInt64 = x := rfl
-@[simp] theorem USize.toUSize_toISize (x : USize) : x.toISize.toUSize = x := rfl
-
-@[simp] theorem Int8.toNat_toInt (x : Int8) : x.toInt.toNat = x.toNatClampNeg := rfl
-@[simp] theorem Int16.toNat_toInt (x : Int16) : x.toInt.toNat = x.toNatClampNeg := rfl
-@[simp] theorem Int32.toNat_toInt (x : Int32) : x.toInt.toNat = x.toNatClampNeg := rfl
-@[simp] theorem Int64.toNat_toInt (x : Int64) : x.toInt.toNat = x.toNatClampNeg := rfl
-@[simp] theorem ISize.toNat_toInt (x : ISize) : x.toInt.toNat = x.toNatClampNeg := rfl
-
-@[simp] theorem Int8.toInt_toBitVec (x : Int8) : x.toBitVec.toInt = x.toInt := rfl
-@[simp] theorem Int16.toInt_toBitVec (x : Int16) : x.toBitVec.toInt = x.toInt := rfl
-@[simp] theorem Int32.toInt_toBitVec (x : Int32) : x.toBitVec.toInt = x.toInt := rfl
-@[simp] theorem Int64.toInt_toBitVec (x : Int64) : x.toBitVec.toInt = x.toInt := rfl
-@[simp] theorem ISize.toInt_toBitVec (x : ISize) : x.toBitVec.toInt = x.toInt := rfl
-
-@[simp] theorem Int8.toBitVec_toInt16 (x : Int8) : x.toInt16.toBitVec = x.toBitVec.signExtend 16 := rfl
-@[simp] theorem Int8.toBitVec_toInt32 (x : Int8) : x.toInt32.toBitVec = x.toBitVec.signExtend 32 := rfl
-@[simp] theorem Int8.toBitVec_toInt64 (x : Int8) : x.toInt64.toBitVec = x.toBitVec.signExtend 64 := rfl
-@[simp] theorem Int8.toBitVec_toISize (x : Int8) : x.toISize.toBitVec = x.toBitVec.signExtend System.Platform.numBits := rfl
-
-@[simp] theorem Int16.toBitVec_toInt8 (x : Int16) : x.toInt8.toBitVec = x.toBitVec.signExtend 8 := rfl
-@[simp] theorem Int16.toBitVec_toInt32 (x : Int16) : x.toInt32.toBitVec = x.toBitVec.signExtend 32 := rfl
-@[simp] theorem Int16.toBitVec_toInt64 (x : Int16) : x.toInt64.toBitVec = x.toBitVec.signExtend 64 := rfl
-@[simp] theorem Int16.toBitVec_toISize (x : Int16) : x.toISize.toBitVec = x.toBitVec.signExtend System.Platform.numBits := rfl
-
-@[simp] theorem Int32.toBitVec_toInt8 (x : Int32) : x.toInt8.toBitVec = x.toBitVec.signExtend 8 := rfl
-@[simp] theorem Int32.toBitVec_toInt16 (x : Int32) : x.toInt16.toBitVec = x.toBitVec.signExtend 16 := rfl
-@[simp] theorem Int32.toBitVec_toInt64 (x : Int32) : x.toInt64.toBitVec = x.toBitVec.signExtend 64 := rfl
-@[simp] theorem Int32.toBitVec_toISize (x : Int32) : x.toISize.toBitVec = x.toBitVec.signExtend System.Platform.numBits := rfl
-
-@[simp] theorem Int64.toBitVec_toInt8 (x : Int64) : x.toInt8.toBitVec = x.toBitVec.signExtend 8 := rfl
-@[simp] theorem Int64.toBitVec_toInt16 (x : Int64) : x.toInt16.toBitVec = x.toBitVec.signExtend 16 := rfl
-@[simp] theorem Int64.toBitVec_toInt32 (x : Int64) : x.toInt32.toBitVec = x.toBitVec.signExtend 32 := rfl
-@[simp] theorem Int64.toBitVec_toISize (x : Int64) : x.toISize.toBitVec = x.toBitVec.signExtend System.Platform.numBits := rfl
-
-@[simp] theorem ISize.toBitVec_toInt8 (x : ISize) : x.toInt8.toBitVec = x.toBitVec.signExtend 8 := rfl
-@[simp] theorem ISize.toBitVec_toInt16 (x : ISize) : x.toInt16.toBitVec = x.toBitVec.signExtend 16 := rfl
-@[simp] theorem ISize.toBitVec_toInt32 (x : ISize) : x.toInt32.toBitVec = x.toBitVec.signExtend 32 := rfl
-@[simp] theorem ISize.toBitVec_toInt64 (x : ISize) : x.toInt64.toBitVec = x.toBitVec.signExtend 64 := rfl
-
-theorem Int8.toInt_lt (x : Int8) : x.toInt < 2 ^ 7 := Int.lt_of_mul_lt_mul_left BitVec.toInt_lt (by decide)
-theorem Int8.le_toInt (x : Int8) : -2 ^ 7 ≤ x.toInt := Int.le_of_mul_le_mul_left BitVec.le_toInt (by decide)
-theorem Int16.toInt_lt (x : Int16) : x.toInt < 2 ^ 15 := Int.lt_of_mul_lt_mul_left BitVec.toInt_lt (by decide)
-theorem Int16.le_toInt (x : Int16) : -2 ^ 15 ≤ x.toInt := Int.le_of_mul_le_mul_left BitVec.le_toInt (by decide)
-theorem Int32.toInt_lt (x : Int32) : x.toInt < 2 ^ 31 := Int.lt_of_mul_lt_mul_left BitVec.toInt_lt (by decide)
-theorem Int32.le_toInt (x : Int32) : -2 ^ 31 ≤ x.toInt := Int.le_of_mul_le_mul_left BitVec.le_toInt (by decide)
-theorem Int64.toInt_lt (x : Int64) : x.toInt < 2 ^ 63 := Int.lt_of_mul_lt_mul_left BitVec.toInt_lt (by decide)
-theorem Int64.le_toInt (x : Int64) : -2 ^ 63 ≤ x.toInt := Int.le_of_mul_le_mul_left BitVec.le_toInt (by decide)
-theorem ISize.toInt_lt_two_pow_numBits (x : ISize) : x.toInt < 2 ^ (System.Platform.numBits - 1) := by
-  have := x.toBitVec.toInt_lt; cases System.Platform.numBits_eq <;> simp_all <;> omega
-theorem ISize.two_pow_numBits_le_toInt (x : ISize) : -2 ^ (System.Platform.numBits - 1) ≤ x.toInt := by
-  have := x.toBitVec.le_toInt; cases System.Platform.numBits_eq <;> simp_all <;> omega
-theorem ISize.toInt_lt (x : ISize) : x.toInt < 2 ^ 63 := by
-  have := x.toBitVec.toInt_lt; cases System.Platform.numBits_eq <;> simp_all <;> omega
-theorem ISize.le_toInt (x : ISize) : -2 ^ 63 ≤ x.toInt := by
-  have := x.toBitVec.le_toInt; cases System.Platform.numBits_eq <;> simp_all <;> omega
-
-theorem Int8.toInt_le (x : Int8) : x.toInt ≤ Int8.maxValue.toInt := Int.le_of_lt_add_one x.toInt_lt
-theorem Int16.toInt_le (x : Int16) : x.toInt ≤ Int16.maxValue.toInt := Int.le_of_lt_add_one x.toInt_lt
-theorem Int32.toInt_le (x : Int32) : x.toInt ≤ Int32.maxValue.toInt := Int.le_of_lt_add_one x.toInt_lt
-theorem Int64.toInt_le (x : Int64) : x.toInt ≤ Int64.maxValue.toInt := Int.le_of_lt_add_one x.toInt_lt
-theorem ISize.toInt_le (x : ISize) : x.toInt ≤ ISize.maxValue.toInt := by
-  rw [toInt_ofInt_of_two_pow_numBits_le]
-  · exact Int.le_of_lt_add_one (by simpa using x.toInt_lt_two_pow_numBits)
-  · cases System.Platform.numBits_eq <;> simp_all
-  · cases System.Platform.numBits_eq <;> simp_all
-theorem Int8.minValue_le_toInt (x : Int8) : Int8.minValue.toInt ≤ x.toInt := x.le_toInt
-theorem Int16.minValue_le_toInt (x : Int16) : Int16.minValue.toInt ≤ x.toInt := x.le_toInt
-theorem Int32.minValue_le_toInt (x : Int32) : Int32.minValue.toInt ≤ x.toInt := x.le_toInt
-theorem Int64.minValue_le_toInt (x : Int64) : Int64.minValue.toInt ≤ x.toInt := x.le_toInt
-theorem ISize.minValue_le_toInt (x : ISize) : ISize.minValue.toInt ≤ x.toInt := by
-  rw [toInt_ofInt_of_two_pow_numBits_le]
-  · exact x.two_pow_numBits_le_toInt
-  · cases System.Platform.numBits_eq <;> simp_all
-  · cases System.Platform.numBits_eq <;> simp_all
-
-theorem ISize.toInt_minValue_le : ISize.minValue.toInt ≤ -2^31 := by
-  rw [minValue, toInt_ofInt_of_two_pow_numBits_le] <;> cases System.Platform.numBits_eq
-    <;> simp_all
-
-theorem ISize.le_toInt_maxValue : 2 ^ 31 - 1 ≤ ISize.maxValue.toInt := by
-  rw [maxValue, toInt_ofInt_of_two_pow_numBits_le] <;> cases System.Platform.numBits_eq
-    <;> simp_all
-
-theorem Int8.iSizeMinValue_le_toInt (x : Int8) : ISize.minValue.toInt ≤ x.toInt :=
-  Int.le_trans (Int.le_trans ISize.toInt_minValue_le (by decide)) x.le_toInt
-theorem Int8.toInt_le_iSizeMaxValue (x : Int8) : x.toInt ≤ ISize.maxValue.toInt :=
-  Int.le_trans x.toInt_le (Int.le_trans (by decide) ISize.le_toInt_maxValue)
-theorem Int16.iSizeMinValue_le_toInt (x : Int16) : ISize.minValue.toInt ≤ x.toInt :=
-  Int.le_trans (Int.le_trans ISize.toInt_minValue_le (by decide)) x.le_toInt
-theorem Int16.toInt_le_iSizeMaxValue (x : Int16) : x.toInt ≤ ISize.maxValue.toInt :=
-  Int.le_trans x.toInt_le (Int.le_trans (by decide) ISize.le_toInt_maxValue)
-theorem Int32.iSizeMinValue_le_toInt (x : Int32) : ISize.minValue.toInt ≤ x.toInt :=
-  Int.le_trans (Int.le_trans ISize.toInt_minValue_le (by decide)) x.le_toInt
-theorem Int32.toInt_le_iSizeMaxValue (x : Int32) : x.toInt ≤ ISize.maxValue.toInt :=
-  Int.le_trans x.toInt_le (Int.le_trans (by decide) ISize.le_toInt_maxValue)
-
-theorem ISize.int64MinValue_le_toInt (x : ISize) : Int64.minValue.toInt ≤ x.toInt :=
-  Int.le_trans (by decide) x.le_toInt
-theorem ISize.toInt_le_int64MaxValue (x : ISize) : x.toInt ≤ Int64.maxValue.toInt :=
-  Int.le_of_lt_add_one x.toInt_lt
-
-theorem Int8.toNatClampNeg_lt (x : Int8) : x.toNatClampNeg < 2 ^ 7 := (Int.toNat_lt' (by decide)).2 x.toInt_lt
-theorem Int16.toNatClampNeg_lt (x : Int16) : x.toNatClampNeg < 2 ^ 15 := (Int.toNat_lt' (by decide)).2 x.toInt_lt
-theorem Int32.toNatClampNeg_lt (x : Int32) : x.toNatClampNeg < 2 ^ 31 := (Int.toNat_lt' (by decide)).2 x.toInt_lt
-theorem Int64.toNatClampNeg_lt (x : Int64) : x.toNatClampNeg < 2 ^ 63 := (Int.toNat_lt' (by decide)).2 x.toInt_lt
-theorem ISize.toNatClampNeg_lt_two_pow_numBits (x : ISize) : x.toNatClampNeg < 2 ^ (System.Platform.numBits - 1) := by
-  rw [toNatClampNeg, Int.toNat_lt', Int.natCast_pow]
-  · exact x.toInt_lt_two_pow_numBits
-  · cases System.Platform.numBits_eq <;> simp_all
-theorem ISize.toNatClampNeg_lt (x : ISize) : x.toNatClampNeg < 2 ^ 63 := (Int.toNat_lt' (by decide)).2 x.toInt_lt
-
-@[simp] theorem Int8.toInt_toInt16 (x : Int8) : x.toInt16.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by decide)
-@[simp] theorem Int8.toInt_toInt32 (x : Int8) : x.toInt32.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by decide)
-@[simp] theorem Int8.toInt_toInt64 (x : Int8) : x.toInt64.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by decide)
-@[simp] theorem Int8.toInt_toISize (x : Int8) : x.toISize.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-
-@[simp] theorem Int16.toInt_toInt8 (x : Int16) : x.toInt8.toInt = x.toInt.bmod (2 ^ 8) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by decide)
-@[simp] theorem Int16.toInt_toInt32 (x : Int16) : x.toInt32.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by decide)
-@[simp] theorem Int16.toInt_toInt64 (x : Int16) : x.toInt64.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by decide)
-@[simp] theorem Int16.toInt_toISize (x : Int16) : x.toISize.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-
-@[simp] theorem Int32.toInt_toInt8 (x : Int32) : x.toInt8.toInt = x.toInt.bmod (2 ^ 8) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by decide)
-@[simp] theorem Int32.toInt_toInt16 (x : Int32) : x.toInt16.toInt = x.toInt.bmod (2 ^ 16) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by decide)
-@[simp] theorem Int32.toInt_toInt64 (x : Int32) : x.toInt64.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by decide)
-@[simp] theorem Int32.toInt_toISize (x : Int32) : x.toISize.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-
-@[simp] theorem Int64.toInt_toInt8 (x : Int64) : x.toInt8.toInt = x.toInt.bmod (2 ^ 8) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by decide)
-@[simp] theorem Int64.toInt_toInt16 (x : Int64) : x.toInt16.toInt = x.toInt.bmod (2 ^ 16) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by decide)
-@[simp] theorem Int64.toInt_toInt32 (x : Int64) : x.toInt32.toInt = x.toInt.bmod (2 ^ 32) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by decide)
-@[simp] theorem Int64.toInt_toISize (x : Int64) : x.toISize.toInt = x.toInt.bmod (2 ^ System.Platform.numBits) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-
-@[simp] theorem ISize.toInt_toInt8 (x : ISize) : x.toInt8.toInt = x.toInt.bmod (2 ^ 8) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-@[simp] theorem ISize.toInt_toInt16 (x : ISize) : x.toInt16.toInt = x.toInt.bmod (2 ^ 16) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-@[simp] theorem ISize.toInt_toInt32 (x : ISize) : x.toInt32.toInt = x.toInt.bmod (2 ^ 32) :=
-  x.toBitVec.toInt_signExtend_eq_toInt_bmod_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-@[simp] theorem ISize.toInt_toInt64 (x : ISize) : x.toInt64.toInt = x.toInt :=
-  x.toBitVec.toInt_signExtend_of_le (by cases System.Platform.numBits_eq <;> simp_all)
-
-@[simp] theorem Int8.toNatClampNeg_toInt16 (x : Int8) : x.toInt16.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt16
-@[simp] theorem Int8.toNatClampNeg_toInt32 (x : Int8) : x.toInt32.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt32
-@[simp] theorem Int8.toNatClampNeg_toInt64 (x : Int8) : x.toInt64.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt64
-@[simp] theorem Int8.toNatClampNeg_toISize (x : Int8) : x.toISize.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toISize
-
-@[simp] theorem Int16.toNatClampNeg_toInt32 (x : Int16) : x.toInt32.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt32
-@[simp] theorem Int16.toNatClampNeg_toInt64 (x : Int16) : x.toInt64.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt64
-@[simp] theorem Int16.toNatClampNeg_toISize (x : Int16) : x.toISize.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toISize
-
-@[simp] theorem Int32.toNatClampNeg_toInt64 (x : Int32) : x.toInt64.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt64
-@[simp] theorem Int32.toNatClampNeg_toISize (x : Int32) : x.toISize.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toISize
-
-@[simp] theorem ISize.toNatClampNeg_toInt64 (x : ISize) : x.toInt64.toNatClampNeg = x.toNatClampNeg :=
-  congrArg Int.toNat x.toInt_toInt64
-
-@[simp] theorem Int8.toInt8_toUInt8 (x : Int8) : x.toUInt8.toInt8 = x := rfl
-@[simp] theorem Int16.toInt16_toUInt16 (x : Int16) : x.toUInt16.toInt16 = x := rfl
-@[simp] theorem Int32.toInt32_toUInt32 (x : Int32) : x.toUInt32.toInt32 = x := rfl
-@[simp] theorem Int64.toInt64_toUInt64 (x : Int64) : x.toUInt64.toInt64 = x := rfl
-@[simp] theorem ISize.toISize_toUSize (x : ISize) : x.toUSize.toISize = x := rfl
-
-theorem Int8.toNat_toBitVec (x : Int8) : x.toBitVec.toNat = x.toUInt8.toNat := rfl
-theorem Int16.toNat_toBitVec (x : Int16) : x.toBitVec.toNat = x.toUInt16.toNat := rfl
-theorem Int32.toNat_toBitVec (x : Int32) : x.toBitVec.toNat = x.toUInt32.toNat := rfl
-theorem Int64.toNat_toBitVec (x : Int64) : x.toBitVec.toNat = x.toUInt64.toNat := rfl
-theorem ISize.toNat_toBitVec (x : ISize) : x.toBitVec.toNat = x.toUSize.toNat := rfl
-
-theorem Int8.toNat_toBitVec_of_le {x : Int8} (hx : 0 ≤ x) : x.toBitVec.toNat = x.toNatClampNeg :=
-  (x.toBitVec.toNat_toInt_of_sle hx).symm
-theorem Int16.toNat_toBitVec_of_le {x : Int16} (hx : 0 ≤ x) : x.toBitVec.toNat = x.toNatClampNeg :=
-  (x.toBitVec.toNat_toInt_of_sle hx).symm
-theorem Int32.toNat_toBitVec_of_le {x : Int32} (hx : 0 ≤ x) : x.toBitVec.toNat = x.toNatClampNeg :=
-  (x.toBitVec.toNat_toInt_of_sle hx).symm
-theorem Int64.toNat_toBitVec_of_le {x : Int64} (hx : 0 ≤ x) : x.toBitVec.toNat = x.toNatClampNeg :=
-  (x.toBitVec.toNat_toInt_of_sle hx).symm
-theorem ISize.toNat_toBitVec_of_le {x : ISize} (hx : 0 ≤ x) : x.toBitVec.toNat = x.toNatClampNeg :=
-  (x.toBitVec.toNat_toInt_of_sle hx).symm
-
-theorem Int8.toNat_toUInt8_of_le {x : Int8} (hx : 0 ≤ x) : x.toUInt8.toNat = x.toNatClampNeg := by
-  rw [← toNat_toBitVec, toNat_toBitVec_of_le hx]
-theorem Int16.toNat_toUInt16_of_le {x : Int16} (hx : 0 ≤ x) : x.toUInt16.toNat = x.toNatClampNeg := by
-  rw [← toNat_toBitVec, toNat_toBitVec_of_le hx]
-theorem Int32.toNat_toUInt32_of_le {x : Int32} (hx : 0 ≤ x) : x.toUInt32.toNat = x.toNatClampNeg := by
-  rw [← toNat_toBitVec, toNat_toBitVec_of_le hx]
-theorem Int64.toNat_toUInt64_of_le {x : Int64} (hx : 0 ≤ x) : x.toUInt64.toNat = x.toNatClampNeg := by
-  rw [← toNat_toBitVec, toNat_toBitVec_of_le hx]
-theorem ISize.toNat_toUISize_of_le {x : ISize} (hx : 0 ≤ x) : x.toUSize.toNat = x.toNatClampNeg := by
-  rw [← toNat_toBitVec, toNat_toBitVec_of_le hx]
-
-theorem Int8.toFin_toBitVec (x : Int8) : x.toBitVec.toFin = x.toUInt8.toFin := rfl
-theorem Int16.toFin_toBitVec (x : Int16) : x.toBitVec.toFin = x.toUInt16.toFin := rfl
-theorem Int32.toFin_toBitVec (x : Int32) : x.toBitVec.toFin = x.toUInt32.toFin := rfl
-theorem Int64.toFin_toBitVec (x : Int64) : x.toBitVec.toFin = x.toUInt64.toFin := rfl
-theorem ISize.toFin_toBitVec (x : ISize) : x.toBitVec.toFin = x.toUSize.toFin := rfl
-
-@[simp] theorem Int8.toBitVec_toUInt8 (x : Int8) : x.toUInt8.toBitVec = x.toBitVec := rfl
-@[simp] theorem Int16.toBitVec_toUInt16 (x : Int16) : x.toUInt16.toBitVec = x.toBitVec := rfl
-@[simp] theorem Int32.toBitVec_toUInt32 (x : Int32) : x.toUInt32.toBitVec = x.toBitVec := rfl
-@[simp] theorem Int64.toBitVec_toUInt64 (x : Int64) : x.toUInt64.toBitVec = x.toBitVec := rfl
-@[simp] theorem ISize.toBitVec_toUISize (x : ISize) : x.toUSize.toBitVec = x.toBitVec := rfl
-
-@[simp] theorem UInt8.ofBitVec_int8ToBitVec (x : Int8) : UInt8.ofBitVec x.toBitVec = x.toUInt8 := rfl
-@[simp] theorem UInt16.ofBitVec_int16ToBitVec (x : Int16) : UInt16.ofBitVec x.toBitVec = x.toUInt16 := rfl
-@[simp] theorem UInt32.ofBitVec_int32ToBitVec (x : Int32) : UInt32.ofBitVec x.toBitVec = x.toUInt32 := rfl
-@[simp] theorem UInt64.ofBitVec_int64ToBitVec (x : Int64) : UInt64.ofBitVec x.toBitVec = x.toUInt64 := rfl
-@[simp] theorem USize.ofBitVec_iSizeToBitVec (x : ISize) : USize.ofBitVec x.toBitVec = x.toUSize := rfl
-
-@[simp] theorem Int8.ofBitVec_toBitVec (x : Int8) : Int8.ofBitVec x.toBitVec = x := rfl
-@[simp] theorem Int16.ofBitVec_toBitVec (x : Int16) : Int16.ofBitVec x.toBitVec = x := rfl
-@[simp] theorem Int32.ofBitVec_toBitVec (x : Int32) : Int32.ofBitVec x.toBitVec = x := rfl
-@[simp] theorem Int64.ofBitVec_toBitVec (x : Int64) : Int64.ofBitVec x.toBitVec = x := rfl
-@[simp] theorem ISize.ofBitVec_toBitVec (x : ISize) : ISize.ofBitVec x.toBitVec = x := rfl
-
-@[simp] theorem Int8.ofBitVec_int16ToBitVec (x : Int16) : Int8.ofBitVec (x.toBitVec.signExtend 8) = x.toInt8 := rfl
-@[simp] theorem Int8.ofBitVec_int32ToBitVec (x : Int32) : Int8.ofBitVec (x.toBitVec.signExtend 8) = x.toInt8 := rfl
-@[simp] theorem Int8.ofBitVec_int64ToBitVec (x : Int64) : Int8.ofBitVec (x.toBitVec.signExtend 8) = x.toInt8 := rfl
-@[simp] theorem Int8.ofBitVec_iSizeToBitVec (x : ISize) : Int8.ofBitVec (x.toBitVec.signExtend 8) = x.toInt8 := rfl
-
-@[simp] theorem Int16.ofBitVec_int8toBitVec (x : Int8) : Int16.ofBitVec (x.toBitVec.signExtend 16) = x.toInt16 := rfl
-@[simp] theorem Int16.ofBitVec_int32ToBitVec (x : Int32) : Int16.ofBitVec (x.toBitVec.signExtend 16) = x.toInt16 := rfl
-@[simp] theorem Int16.ofBitVec_int64ToBitVec (x : Int64) : Int16.ofBitVec (x.toBitVec.signExtend 16) = x.toInt16 := rfl
-@[simp] theorem Int16.ofBitVec_iSizeToBitVec (x : ISize) : Int16.ofBitVec (x.toBitVec.signExtend 16) = x.toInt16 := rfl
-
-@[simp] theorem Int32.ofBitVec_int8toBitVec (x : Int8) : Int32.ofBitVec (x.toBitVec.signExtend 32) = x.toInt32 := rfl
-@[simp] theorem Int32.ofBitVec_int16ToBitVec (x : Int16) : Int32.ofBitVec (x.toBitVec.signExtend 32) = x.toInt32 := rfl
-@[simp] theorem Int32.ofBitVec_int64ToBitVec (x : Int64) : Int32.ofBitVec (x.toBitVec.signExtend 32) = x.toInt32 := rfl
-@[simp] theorem Int32.ofBitVec_iSizeToBitVec (x : ISize) : Int32.ofBitVec (x.toBitVec.signExtend 32) = x.toInt32 := rfl
-
-@[simp] theorem Int64.ofBitVec_int8toBitVec (x : Int8) : Int64.ofBitVec (x.toBitVec.signExtend 64) = x.toInt64 := rfl
-@[simp] theorem Int64.ofBitVec_int16ToBitVec (x : Int16) : Int64.ofBitVec (x.toBitVec.signExtend 64) = x.toInt64 := rfl
-@[simp] theorem Int64.ofBitVec_int32ToBitVec (x : Int32) : Int64.ofBitVec (x.toBitVec.signExtend 64) = x.toInt64 := rfl
-@[simp] theorem Int64.ofBitVec_iSizeToBitVec (x : ISize) : Int64.ofBitVec (x.toBitVec.signExtend 64) = x.toInt64 := rfl
-
-@[simp] theorem ISize.ofBitVec_int8toBitVec (x : Int8) : ISize.ofBitVec (x.toBitVec.signExtend System.Platform.numBits) = x.toISize := rfl
-@[simp] theorem ISize.ofBitVec_int16ToBitVec (x : Int16) : ISize.ofBitVec (x.toBitVec.signExtend System.Platform.numBits) = x.toISize := rfl
-@[simp] theorem ISize.ofBitVec_int32ToBitVec (x : Int32) : ISize.ofBitVec (x.toBitVec.signExtend System.Platform.numBits) = x.toISize := rfl
-@[simp] theorem ISize.ofBitVec_int64ToBitVec (x : Int64) : ISize.ofBitVec (x.toBitVec.signExtend System.Platform.numBits) = x.toISize := rfl
-
-@[simp] theorem Int8.toBitVec_ofIntLE (x : Int) (h₁ h₂) : (Int8.ofIntLE x h₁ h₂).toBitVec = BitVec.ofInt 8 x := rfl
-@[simp] theorem Int16.toBitVec_ofIntLE (x : Int) (h₁ h₂) : (Int16.ofIntLE x h₁ h₂).toBitVec = BitVec.ofInt 16 x := rfl
-@[simp] theorem Int32.toBitVec_ofIntLE (x : Int) (h₁ h₂) : (Int32.ofIntLE x h₁ h₂).toBitVec = BitVec.ofInt 32 x := rfl
-@[simp] theorem Int64.toBitVec_ofIntLE (x : Int) (h₁ h₂) : (Int64.ofIntLE x h₁ h₂).toBitVec = BitVec.ofInt 64 x := rfl
-@[simp] theorem ISize.toBitVec_ofIntLE (x : Int) (h₁ h₂) : (ISize.ofIntLE x h₁ h₂).toBitVec = BitVec.ofInt System.Platform.numBits x := rfl
-
-@[simp] theorem Int8.toInt_bmod (x : Int8) : x.toInt.bmod 256 = x.toInt := Int.bmod_eq_self_of_le x.le_toInt x.toInt_lt
-@[simp] theorem Int16.toInt_bmod (x : Int16) : x.toInt.bmod 65536 = x.toInt := Int.bmod_eq_self_of_le x.le_toInt x.toInt_lt
-@[simp] theorem Int32.toInt_bmod (x : Int32) : x.toInt.bmod 4294967296 = x.toInt := Int.bmod_eq_self_of_le x.le_toInt x.toInt_lt
-@[simp] theorem Int64.toInt_bmod (x : Int64) : x.toInt.bmod 18446744073709551616 = x.toInt := Int.bmod_eq_self_of_le x.le_toInt x.toInt_lt
-@[simp] theorem ISize.toInt_bmod_two_pow_numBits (x : ISize) : x.toInt.bmod (2 ^ System.Platform.numBits) = x.toInt := by
-  refine Int.bmod_eq_self_of_le ?_ ?_
-  · have := x.two_pow_numBits_le_toInt
-    cases System.Platform.numBits_eq <;> simp_all
-  · have := x.toInt_lt_two_pow_numBits
-    cases System.Platform.numBits_eq <;> simp_all
-
-@[simp] theorem Int8.toInt_bmod_65536 (x : Int8) : x.toInt.bmod 65536 = x.toInt :=
-  Int.bmod_eq_self_of_le (Int.le_trans (by decide) x.le_toInt) (Int.lt_of_lt_of_le x.toInt_lt (by decide))
-@[simp] theorem Int8.toInt_bmod_4294967296 (x : Int8) : x.toInt.bmod 4294967296 = x.toInt :=
-  Int.bmod_eq_self_of_le (Int.le_trans (by decide) x.le_toInt) (Int.lt_of_lt_of_le x.toInt_lt (by decide))
-@[simp] theorem Int16.toInt_bmod_4294967296 (x : Int16) : x.toInt.bmod 4294967296 = x.toInt :=
-  Int.bmod_eq_self_of_le (Int.le_trans (by decide) x.le_toInt) (Int.lt_of_lt_of_le x.toInt_lt (by decide))
-@[simp] theorem Int8.toInt_bmod_18446744073709551616 (x : Int8) : x.toInt.bmod 18446744073709551616 = x.toInt :=
-  Int.bmod_eq_self_of_le (Int.le_trans (by decide) x.le_toInt) (Int.lt_of_lt_of_le x.toInt_lt (by decide))
-@[simp] theorem Int16.toInt_bmod_18446744073709551616 (x : Int16) : x.toInt.bmod 18446744073709551616 = x.toInt :=
-  Int.bmod_eq_self_of_le (Int.le_trans (by decide) x.le_toInt) (Int.lt_of_lt_of_le x.toInt_lt (by decide))
-@[simp] theorem Int32.toInt_bmod_18446744073709551616 (x : Int32) : x.toInt.bmod 18446744073709551616 = x.toInt :=
-  Int.bmod_eq_self_of_le (Int.le_trans (by decide) x.le_toInt) (Int.lt_of_lt_of_le x.toInt_lt (by decide))
-@[simp] theorem ISize.toInt_bmod_18446744073709551616 (x : ISize) : x.toInt.bmod 18446744073709551616 = x.toInt :=
-  Int.bmod_eq_self_of_le x.le_toInt x.toInt_lt
-@[simp] theorem Int8.toInt_bmod_two_pow_numBits (x : Int8) : x.toInt.bmod (2 ^ System.Platform.numBits) = x.toInt := by
-  refine Int.bmod_eq_self_of_le (Int.le_trans ?_ x.iSizeMinValue_le_toInt)
-    (Int.lt_of_le_sub_one (Int.le_trans x.toInt_le_iSizeMaxValue ?_))
-  all_goals cases System.Platform.numBits_eq <;> simp_all
-@[simp] theorem Int16.toInt_bmod_two_pow_numBits (x : Int16) : x.toInt.bmod (2 ^ System.Platform.numBits) = x.toInt := by
-  refine Int.bmod_eq_self_of_le (Int.le_trans ?_ x.iSizeMinValue_le_toInt)
-    (Int.lt_of_le_sub_one (Int.le_trans x.toInt_le_iSizeMaxValue ?_))
-  all_goals cases System.Platform.numBits_eq <;> simp_all
-@[simp] theorem Int32.toInt_bmod_two_pow_numBits (x : Int32) : x.toInt.bmod (2 ^ System.Platform.numBits) = x.toInt := by
-  refine Int.bmod_eq_self_of_le (Int.le_trans ?_ x.iSizeMinValue_le_toInt)
-    (Int.lt_of_le_sub_one (Int.le_trans x.toInt_le_iSizeMaxValue ?_))
-  all_goals cases System.Platform.numBits_eq <;> simp_all
-
-@[simp] theorem BitVec.ofInt_int8ToInt (x : Int8) : BitVec.ofInt 8 x.toInt = x.toBitVec := BitVec.eq_of_toInt_eq (by simp)
-@[simp] theorem BitVec.ofInt_int16ToInt (x : Int16) : BitVec.ofInt 16 x.toInt = x.toBitVec := BitVec.eq_of_toInt_eq (by simp)
-@[simp] theorem BitVec.ofInt_int32ToInt (x : Int32) : BitVec.ofInt 32 x.toInt = x.toBitVec := BitVec.eq_of_toInt_eq (by simp)
-@[simp] theorem BitVec.ofInt_int64ToInt (x : Int64) : BitVec.ofInt 64 x.toInt = x.toBitVec := BitVec.eq_of_toInt_eq (by simp)
-@[simp] theorem BitVec.ofInt_iSizeToInt (x : ISize) : BitVec.ofInt System.Platform.numBits x.toInt = x.toBitVec :=
-  BitVec.eq_of_toInt_eq (by simp)
-
-@[simp] theorem Int8.ofIntLE_toInt (x : Int8) : Int8.ofIntLE x.toInt x.minValue_le_toInt x.toInt_le = x := Int8.toBitVec.inj (by simp)
-@[simp] theorem Int16.ofIntLE_toInt (x : Int16) : Int16.ofIntLE x.toInt x.minValue_le_toInt x.toInt_le = x := Int16.toBitVec.inj (by simp)
-@[simp] theorem Int32.ofIntLE_toInt (x : Int32) : Int32.ofIntLE x.toInt x.minValue_le_toInt x.toInt_le = x := Int32.toBitVec.inj (by simp)
-@[simp] theorem Int64.ofIntLE_toInt (x : Int64) : Int64.ofIntLE x.toInt x.minValue_le_toInt x.toInt_le = x := Int64.toBitVec.inj (by simp)
-@[simp] theorem ISize.ofIntLE_toInt (x : ISize) : ISize.ofIntLE x.toInt x.minValue_le_toInt x.toInt_le = x := ISize.toBitVec.inj (by simp)
-
-theorem Int8.ofIntLE_int16ToInt (x : Int16) {h₁ h₂} : Int8.ofIntLE x.toInt h₁ h₂ = x.toInt8 := rfl
-theorem Int8.ofIntLE_int32ToInt (x : Int32) {h₁ h₂} : Int8.ofIntLE x.toInt h₁ h₂ = x.toInt8 := rfl
-theorem Int8.ofIntLE_int64ToInt (x : Int64) {h₁ h₂} : Int8.ofIntLE x.toInt h₁ h₂ = x.toInt8 := rfl
-theorem Int8.ofIntLE_iSizeToInt (x : ISize) {h₁ h₂} : Int8.ofIntLE x.toInt h₁ h₂ = x.toInt8 := rfl
-
-@[simp] theorem Int16.ofIntLE_int8ToInt (x : Int8) :
-    Int16.ofIntLE x.toInt (Int.le_trans (by decide) x.minValue_le_toInt) (Int.le_trans x.toInt_le (by decide)) = x.toInt16 := rfl
-theorem Int16.ofIntLE_int32ToInt (x : Int32) {h₁ h₂} : Int16.ofIntLE x.toInt h₁ h₂ = x.toInt16 := rfl
-theorem Int16.ofIntLE_int64ToInt (x : Int64) {h₁ h₂} : Int16.ofIntLE x.toInt h₁ h₂ = x.toInt16 := rfl
-theorem Int16.ofIntLE_iSizeToInt (x : ISize) {h₁ h₂} : Int16.ofIntLE x.toInt h₁ h₂ = x.toInt16 := rfl
-
-@[simp] theorem Int32.ofIntLE_int8ToInt (x : Int8) :
-    Int32.ofIntLE x.toInt (Int.le_trans (by decide) x.minValue_le_toInt) (Int.le_trans x.toInt_le (by decide)) = x.toInt32 := rfl
-@[simp] theorem Int32.ofIntLE_int16ToInt (x : Int16) :
-    Int32.ofIntLE x.toInt (Int.le_trans (by decide) x.minValue_le_toInt) (Int.le_trans x.toInt_le (by decide)) = x.toInt32 := rfl
-theorem Int32.ofIntLE_int64ToInt (x : Int64) {h₁ h₂} : Int32.ofIntLE x.toInt h₁ h₂ = x.toInt32 := rfl
-theorem Int32.ofIntLE_iSizeToInt (x : ISize) {h₁ h₂} : Int32.ofIntLE x.toInt h₁ h₂ = x.toInt32 := rfl
-
-@[simp] theorem Int64.ofIntLE_int8ToInt (x : Int8) :
-    Int64.ofIntLE x.toInt (Int.le_trans (by decide) x.minValue_le_toInt) (Int.le_trans x.toInt_le (by decide)) = x.toInt64 := rfl
-@[simp] theorem Int64.ofIntLE_int16ToInt (x : Int16) :
-    Int64.ofIntLE x.toInt (Int.le_trans (by decide) x.minValue_le_toInt) (Int.le_trans x.toInt_le (by decide)) = x.toInt64 := rfl
-@[simp] theorem Int64.ofIntLE_int32ToInt (x : Int32) :
-    Int64.ofIntLE x.toInt (Int.le_trans (by decide) x.minValue_le_toInt) (Int.le_trans x.toInt_le (by decide)) = x.toInt64 := rfl
-@[simp] theorem Int64.ofIntLE_iSizeToInt (x : ISize) :
-    Int64.ofIntLE x.toInt x.int64MinValue_le_toInt x.toInt_le_int64MaxValue = x.toInt64 := rfl
-
-@[simp] theorem ISize.ofIntLE_int8ToInt (x : Int8) :
-    ISize.ofIntLE x.toInt x.iSizeMinValue_le_toInt x.toInt_le_iSizeMaxValue = x.toISize := rfl
-@[simp] theorem ISize.ofIntLE_int16ToInt (x : Int16) :
-    ISize.ofIntLE x.toInt x.iSizeMinValue_le_toInt x.toInt_le_iSizeMaxValue = x.toISize := rfl
-@[simp] theorem ISize.ofIntLE_int32ToInt (x : Int32) :
-    ISize.ofIntLE x.toInt x.iSizeMinValue_le_toInt x.toInt_le_iSizeMaxValue = x.toISize := rfl
-theorem ISize.ofIntLE_int64ToInt (x : Int64) {h₁ h₂} : ISize.ofIntLE x.toInt h₁ h₂ = x.toISize := rfl
-
-@[simp] theorem Int8.ofInt_toInt (x : Int8) : Int8.ofInt x.toInt = x := Int8.toBitVec.inj (by simp)
-@[simp] theorem Int16.ofInt_toInt (x : Int16) : Int16.ofInt x.toInt = x := Int16.toBitVec.inj (by simp)
-@[simp] theorem Int32.ofInt_toInt (x : Int32) : Int32.ofInt x.toInt = x := Int32.toBitVec.inj (by simp)
-@[simp] theorem Int64.ofInt_toInt (x : Int64) : Int64.ofInt x.toInt = x := Int64.toBitVec.inj (by simp)
-@[simp] theorem ISize.ofInt_toInt (x : ISize) : ISize.ofInt x.toInt = x := ISize.toBitVec.inj (by simp)
-
-@[simp] theorem Int8.ofInt_int16ToInt (x : Int16) : Int8.ofInt x.toInt = x.toInt8 := rfl
-@[simp] theorem Int8.ofInt_int32ToInt (x : Int32) : Int8.ofInt x.toInt = x.toInt8 := rfl
-@[simp] theorem Int8.ofInt_int64ToInt (x : Int64) : Int8.ofInt x.toInt = x.toInt8 := rfl
-@[simp] theorem Int8.ofInt_iSizeToInt (x : ISize) : Int8.ofInt x.toInt = x.toInt8 := rfl
-
-@[simp] theorem Int16.ofInt_int8ToInt (x : Int8) : Int16.ofInt x.toInt = x.toInt16 := rfl
-@[simp] theorem Int16.ofInt_int32ToInt (x : Int32) : Int16.ofInt x.toInt = x.toInt16 := rfl
-@[simp] theorem Int16.ofInt_int64ToInt (x : Int64) : Int16.ofInt x.toInt = x.toInt16 := rfl
-@[simp] theorem Int16.ofInt_iSizeToInt (x : ISize) : Int16.ofInt x.toInt = x.toInt16 := rfl
-
-@[simp] theorem Int32.ofInt_int8ToInt (x : Int8) : Int32.ofInt x.toInt = x.toInt32 := rfl
-@[simp] theorem Int32.ofInt_int16ToInt (x : Int16) : Int32.ofInt x.toInt = x.toInt32 := rfl
-@[simp] theorem Int32.ofInt_int64ToInt (x : Int64) : Int32.ofInt x.toInt = x.toInt32 := rfl
-@[simp] theorem Int32.ofInt_iSizeToInt (x : ISize) : Int32.ofInt x.toInt = x.toInt32 := rfl
-
-@[simp] theorem Int64.ofInt_int8ToInt (x : Int8) : Int64.ofInt x.toInt = x.toInt64 := rfl
-@[simp] theorem Int64.ofInt_int16ToInt (x : Int16) : Int64.ofInt x.toInt = x.toInt64 := rfl
-@[simp] theorem Int64.ofInt_int32ToInt (x : Int32) : Int64.ofInt x.toInt = x.toInt64 := rfl
-@[simp] theorem Int64.ofInt_iSizeToInt (x : ISize) : Int64.ofInt x.toInt = x.toInt64 := rfl
-
-@[simp] theorem ISize.ofInt_int8ToInt (x : Int8) : ISize.ofInt x.toInt = x.toISize := rfl
-@[simp] theorem ISize.ofInt_int16ToInt (x : Int16) : ISize.ofInt x.toInt = x.toISize := rfl
-@[simp] theorem ISize.ofInt_int32ToInt (x : Int32) : ISize.ofInt x.toInt = x.toISize := rfl
-@[simp] theorem ISize.ofInt_int64ToInt (x : Int64) : ISize.ofInt x.toInt = x.toISize := rfl
-
-@[simp] theorem Int8.toInt_ofIntLE {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂).toInt = x := by
-  rw [ofIntLE, toInt_ofInt h₁ (Int.lt_of_le_sub_one h₂)]
-@[simp] theorem Int16.toInt_ofIntLE {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂).toInt = x := by
-  rw [ofIntLE, toInt_ofInt h₁ (Int.lt_of_le_sub_one h₂)]
-@[simp] theorem Int32.toInt_ofIntLE {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂).toInt = x := by
-  rw [ofIntLE, toInt_ofInt h₁ (Int.lt_of_le_sub_one h₂)]
-@[simp] theorem Int64.toInt_ofIntLE {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂).toInt = x := by
-  rw [ofIntLE, toInt_ofInt h₁ (Int.lt_of_le_sub_one h₂)]
-@[simp] theorem ISize.toInt_ofIntLE {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂).toInt = x := by
-  rw [ofIntLE, toInt_ofInt_of_two_pow_numBits_le]
-  · simpa using h₁
-  · apply Int.lt_of_le_sub_one
-    simpa using h₂
-
-theorem Int8.ofIntLE_eq_ofIntTruncate {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂) = ofIntTruncate x := by
-  rw [ofIntTruncate, dif_pos h₁, dif_pos h₂]
-theorem Int16.ofIntLE_eq_ofIntTruncate {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂) = ofIntTruncate x := by
-  rw [ofIntTruncate, dif_pos h₁, dif_pos h₂]
-theorem Int32.ofIntLE_eq_ofIntTruncate {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂) = ofIntTruncate x := by
-  rw [ofIntTruncate, dif_pos h₁, dif_pos h₂]
-theorem Int64.ofIntLE_eq_ofIntTruncate {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂) = ofIntTruncate x := by
-  rw [ofIntTruncate, dif_pos h₁, dif_pos h₂]
-theorem ISize.ofIntLE_eq_ofIntTruncate {x : Int} {h₁ h₂} : (ofIntLE x h₁ h₂) = ofIntTruncate x := by
-  rw [ofIntTruncate, dif_pos h₁, dif_pos h₂]
-
-theorem Int8.toInt_ofIntTruncate {x : Int} (h₁ : Int8.minValue.toInt ≤ x)
-    (h₂ : x ≤ Int8.maxValue.toInt) : (Int8.ofIntTruncate x).toInt = x := by
-  rw [← ofIntLE_eq_ofIntTruncate (h₁ := h₁) (h₂ := h₂), toInt_ofIntLE]
-theorem Int16.toInt_ofIntTruncate {x : Int} (h₁ : Int16.minValue.toInt ≤ x)
-    (h₂ : x ≤ Int16.maxValue.toInt) : (Int16.ofIntTruncate x).toInt = x := by
-  rw [← ofIntLE_eq_ofIntTruncate (h₁ := h₁) (h₂ := h₂), toInt_ofIntLE]
-theorem Int32.toInt_ofIntTruncate {x : Int} (h₁ : Int32.minValue.toInt ≤ x)
-    (h₂ : x ≤ Int32.maxValue.toInt) : (Int32.ofIntTruncate x).toInt = x := by
-  rw [← ofIntLE_eq_ofIntTruncate (h₁ := h₁) (h₂ := h₂), toInt_ofIntLE]
-theorem Int64.toInt_ofIntTruncate {x : Int} (h₁ : Int64.minValue.toInt ≤ x)
-    (h₂ : x ≤ Int64.maxValue.toInt) : (Int64.ofIntTruncate x).toInt = x := by
-  rw [← ofIntLE_eq_ofIntTruncate (h₁ := h₁) (h₂ := h₂), toInt_ofIntLE]
-theorem ISize.toInt_ofIntTruncate {x : Int} (h₁ : ISize.minValue.toInt ≤ x)
-    (h₂ : x ≤ ISize.maxValue.toInt) : (ISize.ofIntTruncate x).toInt = x := by
-  rw [← ofIntLE_eq_ofIntTruncate (h₁ := h₁) (h₂ := h₂), toInt_ofIntLE]
-
-@[simp] theorem Int8.ofIntTruncate_toInt (x : Int8) : Int8.ofIntTruncate x.toInt = x :=
-  Int8.toInt.inj (toInt_ofIntTruncate x.minValue_le_toInt x.toInt_le)
-@[simp] theorem Int16.ofIntTruncate_toInt (x : Int16) : Int16.ofIntTruncate x.toInt = x :=
-  Int16.toInt.inj (toInt_ofIntTruncate x.minValue_le_toInt x.toInt_le)
-@[simp] theorem Int32.ofIntTruncate_toInt (x : Int32) : Int32.ofIntTruncate x.toInt = x :=
-  Int32.toInt.inj (toInt_ofIntTruncate x.minValue_le_toInt x.toInt_le)
-@[simp] theorem Int64.ofIntTruncate_toInt (x : Int64) : Int64.ofIntTruncate x.toInt = x :=
-  Int64.toInt.inj (toInt_ofIntTruncate x.minValue_le_toInt x.toInt_le)
-@[simp] theorem ISize.ofIntTruncate_toInt (x : ISize) : ISize.ofIntTruncate x.toInt = x :=
-  ISize.toInt.inj (toInt_ofIntTruncate x.minValue_le_toInt x.toInt_le)
-
-@[simp] theorem Int16.ofIntTruncate_int8ToInt (x : Int8) : Int16.ofIntTruncate x.toInt = x.toInt16 :=
-  Int16.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int8.toInt_toInt16]
-    · exact Int.le_trans (by decide) x.minValue_le_toInt
-    · exact Int.le_trans x.toInt_le (by decide))
-@[simp] theorem Int32.ofIntTruncate_int8ToInt (x : Int8) : Int32.ofIntTruncate x.toInt = x.toInt32 :=
-  Int32.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int8.toInt_toInt32]
-    · exact Int.le_trans (by decide) x.minValue_le_toInt
-    · exact Int.le_trans x.toInt_le (by decide))
-@[simp] theorem Int64.ofIntTruncate_int8ToInt (x : Int8) : Int64.ofIntTruncate x.toInt = x.toInt64 :=
-  Int64.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int8.toInt_toInt64]
-    · exact Int.le_trans (by decide) x.minValue_le_toInt
-    · exact Int.le_trans x.toInt_le (by decide))
-@[simp] theorem ISize.ofIntTruncate_int8ToInt (x : Int8) : ISize.ofIntTruncate x.toInt = x.toISize :=
-  ISize.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int8.toInt_toISize]
-    · exact x.iSizeMinValue_le_toInt
-    · exact x.toInt_le_iSizeMaxValue)
-
-@[simp] theorem Int32.ofIntTruncate_int16ToInt (x : Int16) : Int32.ofIntTruncate x.toInt = x.toInt32 :=
-  Int32.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int16.toInt_toInt32]
-    · exact Int.le_trans (by decide) x.minValue_le_toInt
-    · exact Int.le_trans x.toInt_le (by decide))
-@[simp] theorem Int64.ofIntTruncate_int16ToInt (x : Int16) : Int64.ofIntTruncate x.toInt = x.toInt64 :=
-  Int64.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int16.toInt_toInt64]
-    · exact Int.le_trans (by decide) x.minValue_le_toInt
-    · exact Int.le_trans x.toInt_le (by decide))
-@[simp] theorem ISize.ofIntTruncate_int16ToInt (x : Int16) : ISize.ofIntTruncate x.toInt = x.toISize :=
-  ISize.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int16.toInt_toISize]
-    · exact x.iSizeMinValue_le_toInt
-    · exact x.toInt_le_iSizeMaxValue)
-
-@[simp] theorem Int64.ofIntTruncate_int32ToInt (x : Int32) : Int64.ofIntTruncate x.toInt = x.toInt64 :=
-  Int64.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int32.toInt_toInt64]
-    · exact Int.le_trans (by decide) x.minValue_le_toInt
-    · exact Int.le_trans x.toInt_le (by decide))
-@[simp] theorem ISize.ofIntTruncate_int32ToInt (x : Int32) : ISize.ofIntTruncate x.toInt = x.toISize :=
-  ISize.toInt.inj (by
-    rw [toInt_ofIntTruncate, Int32.toInt_toISize]
-    · exact x.iSizeMinValue_le_toInt
-    · exact x.toInt_le_iSizeMaxValue)
-
-@[simp] theorem Int64.ofIntTruncate_iSizeToInt (x : ISize) : Int64.ofIntTruncate x.toInt = x.toInt64 :=
-  Int64.toInt.inj (by
-    rw [toInt_ofIntTruncate, ISize.toInt_toInt64]
-    · exact x.int64MinValue_le_toInt
-    · exact x.toInt_le_int64MaxValue)
-
-theorem Int8.le_iff_toInt_le {x y : Int8} : x ≤ y ↔ x.toInt ≤ y.toInt := BitVec.sle_iff_toInt_le
-theorem Int16.le_iff_toInt_le {x y : Int16} : x ≤ y ↔ x.toInt ≤ y.toInt := BitVec.sle_iff_toInt_le
-theorem Int32.le_iff_toInt_le {x y : Int32} : x ≤ y ↔ x.toInt ≤ y.toInt := BitVec.sle_iff_toInt_le
-theorem Int64.le_iff_toInt_le {x y : Int64} : x ≤ y ↔ x.toInt ≤ y.toInt := BitVec.sle_iff_toInt_le
-theorem ISize.le_iff_toInt_le {x y : ISize} : x ≤ y ↔ x.toInt ≤ y.toInt := BitVec.sle_iff_toInt_le
-
-theorem Int8.cast_toNatClampNeg (x : Int8) (hx : 0 ≤ x) : x.toNatClampNeg = x.toInt := by
-  rw [toNatClampNeg, toInt, Int.toNat_of_nonneg (by simpa using le_iff_toInt_le.1 hx)]
-theorem Int16.cast_toNatClampNeg (x : Int16) (hx : 0 ≤ x) : x.toNatClampNeg = x.toInt := by
-  rw [toNatClampNeg, toInt, Int.toNat_of_nonneg (by simpa using le_iff_toInt_le.1 hx)]
-theorem Int32.cast_toNatClampNeg (x : Int32) (hx : 0 ≤ x) : x.toNatClampNeg = x.toInt := by
-  rw [toNatClampNeg, toInt, Int.toNat_of_nonneg (by simpa using le_iff_toInt_le.1 hx)]
-theorem Int64.cast_toNatClampNeg (x : Int64) (hx : 0 ≤ x) : x.toNatClampNeg = x.toInt := by
-  rw [toNatClampNeg, toInt, Int.toNat_of_nonneg (by simpa using le_iff_toInt_le.1 hx)]
-theorem ISize.cast_toNatClampNeg (x : ISize) (hx : 0 ≤ x) : x.toNatClampNeg = x.toInt := by
-  rw [toNatClampNeg, toInt, Int.toNat_of_nonneg (by simpa using le_iff_toInt_le.1 hx)]
-
-theorem Int8.ofNat_toNatClampNeg (x : Int8) (hx : 0 ≤ x) : Int8.ofNat x.toNatClampNeg = x :=
-  Int8.toInt.inj (by rw [Int8.toInt_ofNat_of_lt x.toNatClampNeg_lt, cast_toNatClampNeg _ hx])
-theorem Int16.ofNat_toNatClampNeg (x : Int16) (hx : 0 ≤ x) : Int16.ofNat x.toNatClampNeg = x :=
-  Int16.toInt.inj (by rw [Int16.toInt_ofNat_of_lt x.toNatClampNeg_lt, cast_toNatClampNeg _ hx])
-theorem Int32.ofNat_toNatClampNeg (x : Int32) (hx : 0 ≤ x) : Int32.ofNat x.toNatClampNeg = x :=
-  Int32.toInt.inj (by rw [Int32.toInt_ofNat_of_lt x.toNatClampNeg_lt, cast_toNatClampNeg _ hx])
-theorem Int64.ofNat_toNatClampNeg (x : Int64) (hx : 0 ≤ x) : Int64.ofNat x.toNatClampNeg = x :=
-  Int64.toInt.inj (by rw [Int64.toInt_ofNat_of_lt x.toNatClampNeg_lt, cast_toNatClampNeg _ hx])
-theorem ISize.ofNat_toNatClampNeg (x : ISize) (hx : 0 ≤ x) : ISize.ofNat x.toNatClampNeg = x :=
-  ISize.toInt.inj (by rw [ISize.toInt_ofNat_of_lt_two_pow_numBits x.toNatClampNeg_lt_two_pow_numBits,
-    cast_toNatClampNeg _ hx])
-
-theorem Int16.ofNat_int8ToNatClampNeg (x : Int8) (hx : 0 ≤ x) : Int16.ofNat x.toNatClampNeg = x.toInt16 :=
-  Int16.toInt.inj (by rw [Int16.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int8.cast_toNatClampNeg _ hx, Int8.toInt_toInt16])
-theorem Int32.ofNat_int8ToNatClampNeg (x : Int8) (hx : 0 ≤ x) : Int32.ofNat x.toNatClampNeg = x.toInt32 :=
-  Int32.toInt.inj (by rw [Int32.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int8.cast_toNatClampNeg _ hx, Int8.toInt_toInt32])
-theorem Int64.ofNat_int8ToNatClampNeg (x : Int8) (hx : 0 ≤ x) : Int64.ofNat x.toNatClampNeg = x.toInt64 :=
-  Int64.toInt.inj (by rw [Int64.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int8.cast_toNatClampNeg _ hx, Int8.toInt_toInt64])
-theorem ISize.ofNat_int8ToNatClampNeg (x : Int8) (hx : 0 ≤ x) : ISize.ofNat x.toNatClampNeg = x.toISize :=
-  ISize.toInt.inj (by rw [ISize.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int8.cast_toNatClampNeg _ hx, Int8.toInt_toISize])
-
-theorem Int32.ofNat_int16ToNatClampNeg (x : Int16) (hx : 0 ≤ x) : Int32.ofNat x.toNatClampNeg = x.toInt32 :=
-  Int32.toInt.inj (by rw [Int32.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int16.cast_toNatClampNeg _ hx, Int16.toInt_toInt32])
-theorem Int64.ofNat_int16ToNatClampNeg (x : Int16) (hx : 0 ≤ x) : Int64.ofNat x.toNatClampNeg = x.toInt64 :=
-  Int64.toInt.inj (by rw [Int64.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int16.cast_toNatClampNeg _ hx, Int16.toInt_toInt64])
-theorem ISize.ofNat_int16ToNatClampNeg (x : Int16) (hx : 0 ≤ x) : ISize.ofNat x.toNatClampNeg = x.toISize :=
-  ISize.toInt.inj (by rw [ISize.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int16.cast_toNatClampNeg _ hx, Int16.toInt_toISize])
-
-theorem Int64.ofNat_int32ToNatClampNeg (x : Int32) (hx : 0 ≤ x) : Int64.ofNat x.toNatClampNeg = x.toInt64 :=
-  Int64.toInt.inj (by rw [Int64.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int32.cast_toNatClampNeg _ hx, Int32.toInt_toInt64])
-theorem ISize.ofNat_int32ToNatClampNeg (x : Int32) (hx : 0 ≤ x) : ISize.ofNat x.toNatClampNeg = x.toISize :=
-  ISize.toInt.inj (by rw [ISize.toInt_ofNat_of_lt (Nat.lt_of_lt_of_le x.toNatClampNeg_lt (by decide)),
-    Int32.cast_toNatClampNeg _ hx, Int32.toInt_toISize])
-
-@[simp] theorem Int8.toInt8_toInt16 (n : Int8) : n.toInt16.toInt8 = n :=
-  Int8.toInt.inj (by simp)
-@[simp] theorem Int8.toInt8_toInt32 (n : Int8) : n.toInt32.toInt8 = n :=
-  Int8.toInt.inj (by simp)
-@[simp] theorem Int8.toInt8_toInt64 (n : Int8) : n.toInt64.toInt8 = n :=
-  Int8.toInt.inj (by simp)
-@[simp] theorem Int8.toInt8_toISize (n : Int8) : n.toISize.toInt8 = n :=
-  Int8.toInt.inj (by simp)
-
-@[simp] theorem Int8.toInt16_toInt32 (n : Int8) : n.toInt32.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simp)
-@[simp] theorem Int8.toInt16_toInt64 (n : Int8) : n.toInt64.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simp)
-@[simp] theorem Int8.toInt16_toISize (n : Int8) : n.toISize.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simp)
-
-@[simp] theorem Int8.toInt32_toInt16 (n : Int8) : n.toInt16.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simp)
-@[simp] theorem Int8.toInt32_toInt64 (n : Int8) : n.toInt64.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simp)
-@[simp] theorem Int8.toInt32_toISize (n : Int8) : n.toISize.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simp)
-
-@[simp] theorem Int8.toInt64_toInt16 (n : Int8) : n.toInt16.toInt64 = n.toInt64 :=
-  Int64.toInt.inj (by simp)
-@[simp] theorem Int8.toInt64_toInt32 (n : Int8) : n.toInt32.toInt64 = n.toInt64 :=
-  Int64.toInt.inj (by simp)
-@[simp] theorem Int8.toInt64_toISize (n : Int8) : n.toISize.toInt64 = n.toInt64 :=
-  Int64.toInt.inj (by simp)
-
-@[simp] theorem Int8.toISize_toInt16 (n : Int8) : n.toInt16.toISize = n.toISize :=
-  ISize.toInt.inj (by simp)
-@[simp] theorem Int8.toISize_toInt32 (n : Int8) : n.toInt32.toISize = n.toISize :=
-  ISize.toInt.inj (by simp)
-@[simp] theorem Int8.toISize_toInt64 (n : Int8) : n.toInt64.toISize = n.toISize :=
-  ISize.toInt.inj (by simp)
-
-@[simp] theorem Int16.toInt8_toInt32 (n : Int16) : n.toInt32.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simp)
-@[simp] theorem Int16.toInt8_toInt64 (n : Int16) : n.toInt64.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simp)
-@[simp] theorem Int16.toInt8_toISize (n : Int16) : n.toISize.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simp)
-
-@[simp] theorem Int16.toInt16_toInt32 (n : Int16) : n.toInt32.toInt16 = n :=
-  Int16.toInt.inj (by simp)
-@[simp] theorem Int16.toInt16_toInt64 (n : Int16) : n.toInt64.toInt16 = n :=
-  Int16.toInt.inj (by simp)
-@[simp] theorem Int16.toInt16_toISize (n : Int16) : n.toISize.toInt16 = n :=
-  Int16.toInt.inj (by simp)
-
-@[simp] theorem Int16.toInt32_toInt64 (n : Int16) : n.toInt64.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simp)
-@[simp] theorem Int16.toInt32_toISize (n : Int16) : n.toISize.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simp)
-
-@[simp] theorem Int16.toInt64_toInt32 (n : Int16) : n.toInt32.toInt64 = n.toInt64 :=
-  Int64.toInt.inj (by simp)
-@[simp] theorem Int16.toInt64_toISize (n : Int16) : n.toISize.toInt64 = n.toInt64 :=
-  Int64.toInt.inj (by simp)
-
-@[simp] theorem Int16.toISize_toInt32 (n : Int16) : n.toInt32.toISize = n.toISize :=
-  ISize.toInt.inj (by simp)
-@[simp] theorem Int16.toISize_toInt64 (n : Int16) : n.toInt64.toISize = n.toISize :=
-  ISize.toInt.inj (by simp)
-
-@[simp] theorem Int32.toInt8_toInt16 (n : Int32) : n.toInt16.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem Int32.toInt8_toInt64 (n : Int32) : n.toInt64.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simp)
-@[simp] theorem Int32.toInt8_toISize (n : Int32) : n.toISize.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simp)
-
-@[simp] theorem Int32.toInt16_toInt64 (n : Int32) : n.toInt64.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simp)
-@[simp] theorem Int32.toInt16_toISize (n : Int32) : n.toISize.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simp)
-
-@[simp] theorem Int32.toInt32_toInt64 (n : Int32) : n.toInt64.toInt32 = n :=
-  Int32.toInt.inj (by simp)
-@[simp] theorem Int32.toInt32_toISize (n : Int32) : n.toISize.toInt32 = n :=
-  Int32.toInt.inj (by simp)
-
-@[simp] theorem Int32.toInt64_toISize (n : Int32) : n.toISize.toInt64 = n.toInt64 :=
-  Int64.toInt.inj (by simp)
-
-@[simp] theorem Int32.toISize_toInt64 (n : Int32) : n.toInt64.toISize = n.toISize :=
-  ISize.toInt.inj (by simp)
-
-@[simp] theorem Int64.toInt8_toInt16 (n : Int64) : n.toInt16.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem Int64.toInt8_toInt32 (n : Int64) : n.toInt32.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem Int64.toInt8_toISize (n : Int64) : n.toISize.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by cases System.Platform.numBits_eq <;> simp_all))
-
-@[simp] theorem Int64.toInt16_toInt32 (n : Int64) : n.toInt32.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem Int64.toInt16_toISize (n : Int64) : n.toISize.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by cases System.Platform.numBits_eq <;> simp_all))
-
-@[simp] theorem Int64.toInt32_toISize (n : Int64) : n.toISize.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by cases System.Platform.numBits_eq <;> simp_all))
-
-@[simp] theorem ISize.toInt8_toInt16 (n : ISize) : n.toInt16.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem ISize.toInt8_toInt32 (n : ISize) : n.toInt32.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem ISize.toInt8_toInt64 (n : ISize) : n.toInt64.toInt8 = n.toInt8 :=
-  Int8.toInt.inj (by simp)
-
-@[simp] theorem ISize.toInt16_toInt32 (n : ISize) : n.toInt32.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simpa using Int.bmod_bmod_of_dvd (by decide))
-@[simp] theorem ISize.toInt16_toInt64 (n : ISize) : n.toInt64.toInt16 = n.toInt16 :=
-  Int16.toInt.inj (by simp)
-
-@[simp] theorem ISize.toInt32_toInt64 (n : ISize) : n.toInt64.toInt32 = n.toInt32 :=
-  Int32.toInt.inj (by simp)
-
-@[simp] theorem ISize.toISize_toInt64 (n : ISize) : n.toInt64.toISize = n :=
-  ISize.toInt.inj (by simp)
-
-theorem UInt8.toInt8_ofNatLT {n : Nat} (hn) : (UInt8.ofNatLT n hn).toInt8 = Int8.ofNat n :=
-  Int8.toBitVec.inj (by simp [BitVec.ofNatLT_eq_ofNat])
-theorem UInt16.toInt16_ofNatLT {n : Nat} (hn) : (UInt16.ofNatLT n hn).toInt16 = Int16.ofNat n :=
-  Int16.toBitVec.inj (by simp [BitVec.ofNatLT_eq_ofNat])
-theorem UInt32.toInt32_ofNatLT {n : Nat} (hn) : (UInt32.ofNatLT n hn).toInt32 = Int32.ofNat n :=
-  Int32.toBitVec.inj (by simp [BitVec.ofNatLT_eq_ofNat])
-theorem UInt64.toInt64_ofNatLT {n : Nat} (hn) : (UInt64.ofNatLT n hn).toInt64 = Int64.ofNat n :=
-  Int64.toBitVec.inj (by simp [BitVec.ofNatLT_eq_ofNat])
-theorem USize.toISize_ofNatLT {n : Nat} (hn) : (USize.ofNatLT n hn).toISize = ISize.ofNat n :=
-  ISize.toBitVec.inj (by simp [BitVec.ofNatLT_eq_ofNat])
-
-@[simp] theorem UInt8.toInt8_ofNat' {n : Nat} : (UInt8.ofNat n).toInt8 = Int8.ofNat n := rfl
-@[simp] theorem UInt16.toInt16_ofNat' {n : Nat} : (UInt16.ofNat n).toInt16 = Int16.ofNat n := rfl
-@[simp] theorem UInt32.toInt32_ofNat' {n : Nat} : (UInt32.ofNat n).toInt32 = Int32.ofNat n := rfl
-@[simp] theorem UInt64.toInt64_ofNat' {n : Nat} : (UInt64.ofNat n).toInt64 = Int64.ofNat n := rfl
-@[simp] theorem USize.toISize_ofNat' {n : Nat} : (USize.ofNat n).toISize = ISize.ofNat n := rfl
-
-@[simp] theorem UInt8.toInt8_ofNat {n : Nat} : toInt8 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := rfl
-@[simp] theorem UInt16.toInt16_ofNat {n : Nat} : toInt16 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := rfl
-@[simp] theorem UInt32.toInt32_ofNat {n : Nat} : toInt32 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := rfl
-@[simp] theorem UInt64.toInt64_ofNat {n : Nat} : toInt64 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := rfl
-@[simp] theorem USize.toISize_ofNat {n : Nat} : toISize (no_index (OfNat.ofNat n)) = OfNat.ofNat n := rfl
-
-@[simp] theorem UInt8.toInt8_ofBitVec (b) : (UInt8.ofBitVec b).toInt8 = Int8.ofBitVec b := rfl
-@[simp] theorem UInt16.toInt16_ofBitVec (b) : (UInt16.ofBitVec b).toInt16 = Int16.ofBitVec b := rfl
-@[simp] theorem UInt32.toInt32_ofBitVec (b) : (UInt32.ofBitVec b).toInt32 = Int32.ofBitVec b := rfl
-@[simp] theorem UInt64.toInt64_ofBitVec (b) : (UInt64.ofBitVec b).toInt64 = Int64.ofBitVec b := rfl
-@[simp] theorem USize.toInt8_ofBitVec (b) : (USize.ofBitVec b).toISize = ISize.ofBitVec b := rfl

src/Init/Data/UInt/Lemmas.lean

@@ -1,7 +1,7 @@
 /-
 Copyright (c) 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 Released under Apache 2.0 license as described in the file LICENSE.
-Authors: Leonardo de Moura, François G. Dorais, Mario Carneiro, Mac Malone, Markus Himmel
+Authors: Leonardo de Moura, François G. Dorais, Mario Carneiro, Mac Malone
 -/
 prelude
 import Init.Data.UInt.Basic
@@ -27,10 +27,7 @@ macro "declare_uint_theorems" typeName:ident bits:term:arg : command => do
   @[deprecated toNat_ofBitVec (since := "2025-02-12")]
   theorem toNat_mk : (ofBitVec a).toNat = a.toNat := rfl
 
-  @[simp] theorem toNat_ofNat' {n : Nat} : (ofNat n).toNat = n % 2 ^ $bits := BitVec.toNat_ofNat ..
-
-  -- Not `simp` because we have simprocs which will avoid the modulo.
-  theorem toNat_ofNat {n : Nat} : toNat (no_index (OfNat.ofNat n)) = n % 2 ^ $bits := toNat_ofNat'
+  @[simp] theorem toNat_ofNat {n : Nat} : (ofNat n).toNat = n % 2 ^ $bits := BitVec.toNat_ofNat ..
 
   @[simp] theorem toNat_ofNatLT {n : Nat} {h : n < size} : (ofNatLT n h).toNat = n := BitVec.toNat_ofNatLT ..
 
@@ -58,16 +55,11 @@ macro "declare_uint_theorems" typeName:ident bits:term:arg : command => do
   theorem mk_toBitVec_eq : ∀ (a : $typeName), ofBitVec a.toBitVec = a
     | ⟨_, _⟩ => rfl
 
-  @[deprecated "Use `toNat_toBitVec` and `toNat_ofNat_of_lt`." (since := "2025-03-05")]
   theorem toBitVec_eq_of_lt {a : Nat} : a < size → (ofNat a).toBitVec.toNat = a :=
     Nat.mod_eq_of_lt
 
-  theorem toBitVec_ofNat' (n : Nat) : (ofNat n).toBitVec = BitVec.ofNat _ n := rfl
-
-  theorem toNat_ofNat_of_lt' {n : Nat} (h : n < size) : (ofNat n).toNat = n := by
-    rw [toNat, toBitVec_ofNat', BitVec.toNat_ofNat, Nat.mod_eq_of_lt h]
-  theorem toNat_ofNat_of_lt {n : Nat} (h : n < size) : toNat (OfNat.ofNat n) = n :=
-    toNat_ofNat_of_lt' h
+  theorem toNat_ofNat_of_lt {n : Nat} (h : n < size) : (ofNat n).toNat = n := by
+    rw [toNat, toBitVec_eq_of_lt h]
 
   @[int_toBitVec] theorem le_def {a b : $typeName} : a ≤ b ↔ a.toBitVec ≤ b.toBitVec := .rfl
 
@@ -159,10 +151,10 @@ macro "declare_uint_theorems" typeName:ident bits:term:arg : command => do
   protected theorem toNat_lt_size (a : $typeName) : a.toNat < size := a.toBitVec.isLt
 
   open $typeName (toNat_mod toNat_lt_size) in
-  protected theorem toNat_mod_lt {m : Nat} : ∀ (u : $typeName), 0 < m → toNat (u % ofNat m) < m := by
+  protected theorem toNat_mod_lt {m : Nat} : ∀ (u : $typeName), m > 0 → toNat (u % ofNat m) < m := by
     intro u h1
     by_cases h2 : m < size
-    · rw [toNat_mod, toNat_ofNat_of_lt' h2]
+    · rw [toNat_mod, toNat_ofNat_of_lt h2]
       apply Nat.mod_lt _ h1
     · apply Nat.lt_of_lt_of_le
       · apply toNat_lt_size
@@ -266,20 +258,16 @@ theorem USize.toNat_ofNat_of_lt_32 {n : Nat} (h : n < 4294967296) : toNat (ofNat
   toNat_ofNat_of_lt (Nat.lt_of_lt_of_le h USize.le_size)
 
 theorem UInt32.toNat_lt_of_lt {n : UInt32} {m : Nat} (h : m < size) : n < ofNat m → n.toNat < m := by
-  rw [lt_def, BitVec.lt_def, toNat_toBitVec, toNat_toBitVec, toNat_ofNat_of_lt' h]
-  exact id
+  simp [-toNat_toBitVec, lt_def, BitVec.lt_def, UInt32.toNat, toBitVec_eq_of_lt h]
 
 theorem UInt32.lt_toNat_of_lt {n : UInt32} {m : Nat} (h : m < size) : ofNat m < n → m < n.toNat := by
-  rw [lt_def, BitVec.lt_def, toNat_toBitVec, toNat_toBitVec, toNat_ofNat_of_lt' h]
-  exact id
+  simp [-toNat_toBitVec, lt_def, BitVec.lt_def, UInt32.toNat, toBitVec_eq_of_lt h]
 
 theorem UInt32.toNat_le_of_le {n : UInt32} {m : Nat} (h : m < size) : n ≤ ofNat m → n.toNat ≤ m := by
-  rw [le_def, BitVec.le_def, toNat_toBitVec, toNat_toBitVec, toNat_ofNat_of_lt' h]
-  exact id
+  simp [-toNat_toBitVec, le_def, BitVec.le_def, UInt32.toNat, toBitVec_eq_of_lt h]
 
 theorem UInt32.le_toNat_of_le {n : UInt32} {m : Nat} (h : m < size) : ofNat m ≤ n → m ≤ n.toNat := by
-  rw [le_def, BitVec.le_def, toNat_toBitVec, toNat_toBitVec, toNat_ofNat_of_lt' h]
-  exact id
+  simp [-toNat_toBitVec, le_def, BitVec.le_def, UInt32.toNat, toBitVec_eq_of_lt h]
 
 @[simp] theorem UInt8.toNat_lt (n : UInt8) : n.toNat < 2 ^ 8 := n.toFin.isLt
 @[simp] theorem UInt16.toNat_lt (n : UInt16) : n.toNat < 2 ^ 16 := n.toFin.isLt
@@ -299,8 +287,6 @@ theorem UInt32.size_le_usizeSize : UInt32.size ≤ USize.size := by
 theorem USize.size_eq_two_pow : USize.size = 2 ^ System.Platform.numBits := rfl
 theorem USize.toNat_lt_two_pow_numBits (n : USize) : n.toNat < 2 ^ System.Platform.numBits := n.toFin.isLt
 @[simp] theorem USize.toNat_lt (n : USize) : n.toNat < 2 ^ 64 := Nat.lt_of_lt_of_le n.toFin.isLt size_le
-theorem USize.size_le_uint64Size : USize.size ≤ UInt64.size := by
-  cases USize.size_eq <;> simp_all +decide
 
 theorem UInt8.toNat_lt_usizeSize (n : UInt8) : n.toNat < USize.size :=
   Nat.lt_of_lt_of_le n.toNat_lt (by cases USize.size_eq <;> simp_all)
@@ -309,60 +295,6 @@ theorem UInt16.toNat_lt_usizeSize (n : UInt16) : n.toNat < USize.size :=
 theorem UInt32.toNat_lt_usizeSize (n : UInt32) : n.toNat < USize.size :=
   Nat.lt_of_lt_of_le n.toNat_lt (by cases USize.size_eq <;> simp_all)
 
-theorem UInt8.size_dvd_usizeSize : UInt8.size ∣ USize.size := by cases USize.size_eq <;> simp_all +decide
-theorem UInt16.size_dvd_usizeSize : UInt16.size ∣ USize.size := by cases USize.size_eq <;> simp_all +decide
-theorem UInt32.size_dvd_usizeSize : UInt32.size ∣ USize.size := by cases USize.size_eq <;> simp_all +decide
-theorem USize.size_dvd_uInt64Size : USize.size ∣ UInt64.size := by cases USize.size_eq <;> simp_all +decide
-
-@[simp] theorem mod_usizeSize_uInt8Size (n : Nat) : n % USize.size % UInt8.size = n % UInt8.size :=
-  Nat.mod_mod_of_dvd _ UInt8.size_dvd_usizeSize
-@[simp] theorem mod_usizeSize_uInt16Size (n : Nat) : n % USize.size % UInt16.size = n % UInt16.size :=
-  Nat.mod_mod_of_dvd _ UInt16.size_dvd_usizeSize
-@[simp] theorem mod_usizeSize_uInt32Size (n : Nat) : n % USize.size % UInt32.size = n % UInt32.size :=
-  Nat.mod_mod_of_dvd _ UInt32.size_dvd_usizeSize
-@[simp] theorem mod_uInt64Size_uSizeSize (n : Nat) : n % UInt64.size % USize.size = n % USize.size :=
-  Nat.mod_mod_of_dvd _ USize.size_dvd_uInt64Size
-
-@[simp] theorem USize.size_sub_one_mod_uint8Size : (USize.size - 1) % UInt8.size = UInt8.size - 1 := by
-  cases USize.size_eq <;> simp_all +decide
-@[simp] theorem USize.size_sub_one_mod_uint16Size : (USize.size - 1) % UInt16.size = UInt16.size - 1 := by
-  cases USize.size_eq <;> simp_all +decide
-@[simp] theorem USize.size_sub_one_mod_uint32Size : (USize.size - 1) % UInt32.size = UInt32.size - 1 := by
-  cases USize.size_eq <;> simp_all +decide
-@[simp] theorem UInt64.size_sub_one_mod_uSizeSize : 18446744073709551615 % USize.size = USize.size - 1 := by
-  cases USize.size_eq <;> simp_all +decide
-
-@[simp] theorem UInt8.toNat_mod_size (n : UInt8) : n.toNat % UInt8.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt
-@[simp] theorem UInt8.toNat_mod_uInt16Size (n : UInt8) : n.toNat % UInt16.size = n.toNat := Nat.mod_eq_of_lt (Nat.lt_trans n.toNat_lt (by decide))
-@[simp] theorem UInt8.toNat_mod_uInt32Size (n : UInt8) : n.toNat % UInt32.size = n.toNat := Nat.mod_eq_of_lt (Nat.lt_trans n.toNat_lt (by decide))
-@[simp] theorem UInt8.toNat_mod_uInt64Size (n : UInt8) : n.toNat % UInt64.size = n.toNat := Nat.mod_eq_of_lt (Nat.lt_trans n.toNat_lt (by decide))
-@[simp] theorem UInt8.toNat_mod_uSizeSize (n : UInt8) : n.toNat % USize.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt_usizeSize
-
-@[simp] theorem UInt16.toNat_mod_size (n : UInt16) : n.toNat % UInt16.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt
-@[simp] theorem UInt16.toNat_mod_uInt32Size (n : UInt16) : n.toNat % UInt32.size = n.toNat := Nat.mod_eq_of_lt (Nat.lt_trans n.toNat_lt (by decide))
-@[simp] theorem UInt16.toNat_mod_uInt64Size (n : UInt16) : n.toNat % UInt64.size = n.toNat := Nat.mod_eq_of_lt (Nat.lt_trans n.toNat_lt (by decide))
-@[simp] theorem UInt16.toNat_mod_uSizeSize (n : UInt16) : n.toNat % USize.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt_usizeSize
-
-@[simp] theorem UInt32.toNat_mod_size (n : UInt32) : n.toNat % UInt32.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt
-@[simp] theorem UInt32.toNat_mod_uInt64Size (n : UInt32) : n.toNat % UInt64.size = n.toNat := Nat.mod_eq_of_lt (Nat.lt_trans n.toNat_lt (by decide))
-@[simp] theorem UInt32.toNat_mod_uSizeSize (n : UInt32) : n.toNat % USize.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt_usizeSize
-
-@[simp] theorem UInt64.toNat_mod_size (n : UInt64) : n.toNat % UInt64.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt
-
-@[simp] theorem USize.toNat_mod_size (n : USize) : n.toNat % USize.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt_size
-@[simp] theorem USize.toNat_mod_uInt64Size (n : USize) : n.toNat % UInt64.size = n.toNat := Nat.mod_eq_of_lt n.toNat_lt
-
-@[simp] theorem UInt8.toUInt16_mod_256 (n : UInt8) : n.toUInt16 % 256 = n.toUInt16 := UInt16.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt32_mod_256 (n : UInt8) : n.toUInt32 % 256 = n.toUInt32 := UInt32.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt64_mod_256 (n : UInt8) : n.toUInt64 % 256 = n.toUInt64 := UInt64.toNat.inj (by simp)
-@[simp] theorem UInt8.toUSize_mod_256 (n : UInt8) : n.toUSize % 256 = n.toUSize := USize.toNat.inj (by simp)
-
-@[simp] theorem UInt16.toUInt32_mod_65536 (n : UInt16) : n.toUInt32 % 65536 = n.toUInt32 := UInt32.toNat.inj (by simp)
-@[simp] theorem UInt16.toUInt64_mod_65536 (n : UInt16) : n.toUInt64 % 65536 = n.toUInt64 := UInt64.toNat.inj (by simp)
-@[simp] theorem UInt16.toUSize_mod_65536 (n : UInt16) : n.toUSize % 65536 = n.toUSize := USize.toNat.inj (by simp)
-
-@[simp] theorem UInt32.toUInt64_mod_4294967296 (n : UInt32) : n.toUInt64 % 4294967296 = n.toUInt64 := UInt64.toNat.inj (by simp)
-
 @[simp] theorem Fin.mk_uInt8ToNat (n : UInt8) : Fin.mk n.toNat n.toFin.isLt = n.toFin := rfl
 @[simp] theorem Fin.mk_uInt16ToNat (n : UInt16) : Fin.mk n.toNat n.toFin.isLt = n.toFin := rfl
 @[simp] theorem Fin.mk_uInt32ToNat (n : UInt32) : Fin.mk n.toNat n.toFin.isLt = n.toFin := rfl
@@ -396,7 +328,7 @@ theorem USize.size_dvd_uInt64Size : USize.size ∣ UInt64.size := by cases USize
 @[simp] theorem UInt32.toFin_toUSize (n : UInt32) :
   n.toUSize.toFin = n.toFin.castLE size_le_usizeSize := rfl
 
-@[simp] theorem USize.toFin_toUInt64 (n : USize) : n.toUInt64.toFin = n.toFin.castLE size_le_uint64Size := rfl
+@[simp] theorem USize.toFin_toUInt64 (n : USize) : n.toUInt64.toFin = n.toFin.castLE size_le_usizeSize := rfl
 
 @[simp] theorem UInt16.toBitVec_toUInt8 (n : UInt16) : n.toUInt8.toBitVec = n.toBitVec.setWidth 8 := rfl
 @[simp] theorem UInt32.toBitVec_toUInt8 (n : UInt32) : n.toUInt8.toBitVec = n.toBitVec.setWidth 8 := rfl
@@ -417,14 +349,14 @@ theorem USize.size_dvd_uInt64Size : USize.size ∣ UInt64.size := by cases USize
 @[simp] theorem UInt16.toBitVec_toUInt64 (n : UInt16) : n.toUInt64.toBitVec = n.toBitVec.setWidth 64 := rfl
 @[simp] theorem UInt32.toBitVec_toUInt64 (n : UInt32) : n.toUInt64.toBitVec = n.toBitVec.setWidth 64 := rfl
 @[simp] theorem USize.toBitVec_toUInt64 (n : USize) : n.toUInt64.toBitVec = n.toBitVec.setWidth 64 :=
-  BitVec.eq_of_toNat_eq (by simp)
+  BitVec.eq_of_toNat_eq (by simp [Nat.mod_eq_of_lt (USize.toNat_lt _)])
 
 @[simp] theorem UInt8.toBitVec_toUSize (n : UInt8) : n.toUSize.toBitVec = n.toBitVec.setWidth System.Platform.numBits :=
-  BitVec.eq_of_toNat_eq (by simp)
+  BitVec.eq_of_toNat_eq (by simp [Nat.mod_eq_of_lt n.toNat_lt_usizeSize])
 @[simp] theorem UInt16.toBitVec_toUSize (n : UInt16) : n.toUSize.toBitVec = n.toBitVec.setWidth System.Platform.numBits :=
-  BitVec.eq_of_toNat_eq (by simp)
+  BitVec.eq_of_toNat_eq (by simp [Nat.mod_eq_of_lt n.toNat_lt_usizeSize])
 @[simp] theorem UInt32.toBitVec_toUSize (n : UInt32) : n.toUSize.toBitVec = n.toBitVec.setWidth System.Platform.numBits :=
-  BitVec.eq_of_toNat_eq (by simp)
+  BitVec.eq_of_toNat_eq (by simp [Nat.mod_eq_of_lt n.toNat_lt_usizeSize])
 @[simp] theorem UInt64.toBitVec_toUSize (n : UInt64) : n.toUSize.toBitVec = n.toBitVec.setWidth System.Platform.numBits :=
   BitVec.eq_of_toNat_eq (by simp)
 
@@ -488,720 +420,3 @@ theorem USize.ofNatLT_uInt64ToNat (n : UInt64) (h) : USize.ofNatLT n.toNat h = n
 @[simp] theorem USize.ofFin_uint8ToFin (n : UInt8) : USize.ofFin (n.toFin.castLE UInt8.size_le_usizeSize) = n.toUSize := rfl
 @[simp] theorem USize.ofFin_uint16ToFin (n : UInt16) : USize.ofFin (n.toFin.castLE UInt16.size_le_usizeSize) = n.toUSize := rfl
 @[simp] theorem USize.ofFin_uint32ToFin (n : UInt32) : USize.ofFin (n.toFin.castLE UInt32.size_le_usizeSize) = n.toUSize := rfl
-
-@[simp] theorem Nat.toUInt8_eq {n : Nat} : n.toUInt8 = UInt8.ofNat n := rfl
-@[simp] theorem Nat.toUInt16_eq {n : Nat} : n.toUInt16 = UInt16.ofNat n := rfl
-@[simp] theorem Nat.toUInt32_eq {n : Nat} : n.toUInt32 = UInt32.ofNat n := rfl
-@[simp] theorem Nat.toUInt64_eq {n : Nat} : n.toUInt64 = UInt64.ofNat n := rfl
-@[simp] theorem Nat.toUSize_eq {n : Nat} : n.toUSize = USize.ofNat n := rfl
-
-@[simp] theorem UInt8.ofBitVec_uInt16ToBitVec (n : UInt16) :
-    UInt8.ofBitVec (n.toBitVec.setWidth 8) = n.toUInt8 := rfl
-@[simp] theorem UInt8.ofBitVec_uInt32ToBitVec (n : UInt32) :
-    UInt8.ofBitVec (n.toBitVec.setWidth 8) = n.toUInt8 := rfl
-@[simp] theorem UInt8.ofBitVec_uInt64ToBitVec (n : UInt64) :
-    UInt8.ofBitVec (n.toBitVec.setWidth 8) = n.toUInt8 := rfl
-@[simp] theorem UInt8.ofBitVec_uSizeToBitVec (n : USize) :
-    UInt8.ofBitVec (n.toBitVec.setWidth 8) = n.toUInt8 := UInt8.toNat.inj (by simp)
-
-@[simp] theorem UInt16.ofBitVec_uInt8ToBitVec (n : UInt8) :
-    UInt16.ofBitVec (n.toBitVec.setWidth 16) = n.toUInt16 := rfl
-@[simp] theorem UInt16.ofBitVec_uInt32ToBitVec (n : UInt32) :
-    UInt16.ofBitVec (n.toBitVec.setWidth 16) = n.toUInt16 := rfl
-@[simp] theorem UInt16.ofBitVec_uInt64ToBitVec (n : UInt64) :
-    UInt16.ofBitVec (n.toBitVec.setWidth 16) = n.toUInt16 := rfl
-@[simp] theorem UInt16.ofBitVec_uSizeToBitVec (n : USize) :
-    UInt16.ofBitVec (n.toBitVec.setWidth 16) = n.toUInt16 := UInt16.toNat.inj (by simp)
-
-@[simp] theorem UInt32.ofBitVec_uInt8ToBitVec (n : UInt8) :
-    UInt32.ofBitVec (n.toBitVec.setWidth 32) = n.toUInt32 := rfl
-@[simp] theorem UInt32.ofBitVec_uInt16ToBitVec (n : UInt16) :
-    UInt32.ofBitVec (n.toBitVec.setWidth 32) = n.toUInt32 := rfl
-@[simp] theorem UInt32.ofBitVec_uInt64ToBitVec (n : UInt64) :
-    UInt32.ofBitVec (n.toBitVec.setWidth 32) = n.toUInt32 := rfl
-@[simp] theorem UInt32.ofBitVec_uSizeToBitVec (n : USize) :
-    UInt32.ofBitVec (n.toBitVec.setWidth 32) = n.toUInt32 := UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt64.ofBitVec_uInt8ToBitVec (n : UInt8) :
-    UInt64.ofBitVec (n.toBitVec.setWidth 64) = n.toUInt64 := rfl
-@[simp] theorem UInt64.ofBitVec_uInt16ToBitVec (n : UInt16) :
-    UInt64.ofBitVec (n.toBitVec.setWidth 64) = n.toUInt64 := rfl
-@[simp] theorem UInt64.ofBitVec_uInt32ToBitVec (n : UInt32) :
-    UInt64.ofBitVec (n.toBitVec.setWidth 64) = n.toUInt64 := rfl
-@[simp] theorem UInt64.ofBitVec_uSizeToBitVec (n : USize) :
-    UInt64.ofBitVec (n.toBitVec.setWidth 64) = n.toUInt64 :=
-  UInt64.toNat.inj (by simp)
-
-@[simp] theorem USize.ofBitVec_uInt8ToBitVec (n : UInt8) :
-    USize.ofBitVec (n.toBitVec.setWidth System.Platform.numBits) = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.ofBitVec_uInt16ToBitVec (n : UInt16) :
-    USize.ofBitVec (n.toBitVec.setWidth System.Platform.numBits) = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.ofBitVec_uInt32ToBitVec (n : UInt32) :
-    USize.ofBitVec (n.toBitVec.setWidth System.Platform.numBits) = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.ofBitVec_uInt64ToBitVec (n : UInt64) :
-    USize.ofBitVec (n.toBitVec.setWidth System.Platform.numBits) = n.toUSize :=
-  USize.toNat.inj (by simp)
-
-@[simp] theorem UInt8.ofNat_uInt16ToNat (n : UInt16) : UInt8.ofNat n.toNat = n.toUInt8 := rfl
-@[simp] theorem UInt8.ofNat_uInt32ToNat (n : UInt32) : UInt8.ofNat n.toNat = n.toUInt8 := rfl
-@[simp] theorem UInt8.ofNat_uInt64ToNat (n : UInt64) : UInt8.ofNat n.toNat = n.toUInt8 := rfl
-@[simp] theorem UInt8.ofNat_uSizeToNat (n : USize) : UInt8.ofNat n.toNat = n.toUInt8 := rfl
-
-@[simp] theorem UInt16.ofNat_uInt8ToNat (n : UInt8) : UInt16.ofNat n.toNat = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt16.ofNat_uInt32ToNat (n : UInt32) : UInt16.ofNat n.toNat = n.toUInt16 := rfl
-@[simp] theorem UInt16.ofNat_uInt64ToNat (n : UInt64) : UInt16.ofNat n.toNat = n.toUInt16 := rfl
-@[simp] theorem UInt16.ofNat_uSizeToNat (n : USize) : UInt16.ofNat n.toNat = n.toUInt16 := rfl
-
-@[simp] theorem UInt32.ofNat_uInt8ToNat (n : UInt8) : UInt32.ofNat n.toNat = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt32.ofNat_uInt16ToNat (n : UInt16) : UInt32.ofNat n.toNat = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt32.ofNat_uInt64ToNat (n : UInt64) : UInt32.ofNat n.toNat = n.toUInt32 := rfl
-@[simp] theorem UInt32.ofNat_uSizeToNat (n : USize) : UInt32.ofNat n.toNat = n.toUInt32 := rfl
-
-@[simp] theorem UInt64.ofNat_uInt8ToNat (n : UInt8) : UInt64.ofNat n.toNat = n.toUInt64 :=
-  UInt64.toNat.inj (by simp)
-@[simp] theorem UInt64.ofNat_uInt16ToNat (n : UInt16) : UInt64.ofNat n.toNat = n.toUInt64 :=
-  UInt64.toNat.inj (by simp)
-@[simp] theorem UInt64.ofNat_uInt32ToNat (n : UInt32) : UInt64.ofNat n.toNat = n.toUInt64 :=
-  UInt64.toNat.inj (by simp)
-@[simp] theorem UInt64.ofNat_uSizeToNat (n : USize) : UInt64.ofNat n.toNat = n.toUInt64 :=
-  UInt64.toNat.inj (by simp)
-
-@[simp] theorem USize.ofNat_uInt8ToNat (n : UInt8) : USize.ofNat n.toNat = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.ofNat_uInt16ToNat (n : UInt16) : USize.ofNat n.toNat = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.ofNat_uInt32ToNat (n : UInt32) : USize.ofNat n.toNat = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.ofNat_uInt64ToNat (n : UInt64) : USize.ofNat n.toNat = n.toUSize :=
-  USize.toNat.inj (by simp)
-
-theorem UInt8.ofNatLT_eq_ofNat (n : Nat) {h} : UInt8.ofNatLT n h = UInt8.ofNat n :=
-  UInt8.toNat.inj (by simp [Nat.mod_eq_of_lt h])
-theorem UInt16.ofNatLT_eq_ofNat (n : Nat) {h} : UInt16.ofNatLT n h = UInt16.ofNat n :=
-  UInt16.toNat.inj (by simp [Nat.mod_eq_of_lt h])
-theorem UInt32.ofNatLT_eq_ofNat (n : Nat) {h} : UInt32.ofNatLT n h = UInt32.ofNat n :=
-  UInt32.toNat.inj (by simp [Nat.mod_eq_of_lt h])
-theorem UInt64.ofNatLT_eq_ofNat (n : Nat) {h} : UInt64.ofNatLT n h = UInt64.ofNat n :=
-  UInt64.toNat.inj (by simp [Nat.mod_eq_of_lt h])
-theorem USize.ofNatLT_eq_ofNat (n : Nat) {h} : USize.ofNatLT n h = USize.ofNat n :=
-  USize.toNat.inj (by simp [Nat.mod_eq_of_lt h])
-
-theorem UInt8.ofNatTruncate_eq_ofNat (n : Nat) (hn : n < UInt8.size) :
-    UInt8.ofNatTruncate n = UInt8.ofNat n := by
-  simp [ofNatTruncate, hn, UInt8.ofNatLT_eq_ofNat]
-theorem UInt16.ofNatTruncate_eq_ofNat (n : Nat) (hn : n < UInt16.size) :
-    UInt16.ofNatTruncate n = UInt16.ofNat n := by
-  simp [ofNatTruncate, hn, UInt16.ofNatLT_eq_ofNat]
-theorem UInt32.ofNatTruncate_eq_ofNat (n : Nat) (hn : n < UInt32.size) :
-    UInt32.ofNatTruncate n = UInt32.ofNat n := by
-  simp [ofNatTruncate, hn, UInt32.ofNatLT_eq_ofNat]
-theorem UInt64.ofNatTruncate_eq_ofNat (n : Nat) (hn : n < UInt64.size) :
-    UInt64.ofNatTruncate n = UInt64.ofNat n := by
-  simp [ofNatTruncate, hn, UInt64.ofNatLT_eq_ofNat]
-theorem USize.ofNatTruncate_eq_ofNat (n : Nat) (hn : n < USize.size) :
-    USize.ofNatTruncate n = USize.ofNat n := by
-  simp [ofNatTruncate, hn, USize.ofNatLT_eq_ofNat]
-
-@[simp] theorem UInt8.ofNatTruncate_toNat (n : UInt8) : UInt8.ofNatTruncate n.toNat = n := by
-  rw [UInt8.ofNatTruncate_eq_ofNat] <;> simp [n.toNat_lt]
-
-@[simp] theorem UInt16.ofNatTruncate_uInt8ToNat (n : UInt8) : UInt16.ofNatTruncate n.toNat = n.toUInt16 := by
-  rw [UInt16.ofNatTruncate_eq_ofNat, ofNat_uInt8ToNat]
-  exact Nat.lt_trans (n.toNat_lt) (by decide)
-@[simp] theorem UInt16.ofNatTruncate_toNat (n : UInt16) : UInt16.ofNatTruncate n.toNat = n := by
-  rw [UInt16.ofNatTruncate_eq_ofNat] <;> simp [n.toNat_lt]
-
-@[simp] theorem UInt32.ofNatTruncate_uInt8ToNat (n : UInt8) : UInt32.ofNatTruncate n.toNat = n.toUInt32 := by
-  rw [UInt32.ofNatTruncate_eq_ofNat, ofNat_uInt8ToNat]
-  exact Nat.lt_trans (n.toNat_lt) (by decide)
-@[simp] theorem UInt32.ofNatTruncate_uInt16ToNat (n : UInt16) : UInt32.ofNatTruncate n.toNat = n.toUInt32 := by
-  rw [UInt32.ofNatTruncate_eq_ofNat, ofNat_uInt16ToNat]
-  exact Nat.lt_trans (n.toNat_lt) (by decide)
-@[simp] theorem UInt32.ofNatTruncate_toNat (n : UInt32) : UInt32.ofNatTruncate n.toNat = n := by
-  rw [UInt32.ofNatTruncate_eq_ofNat] <;> simp [n.toNat_lt]
-
-@[simp] theorem UInt64.ofNatTruncate_uInt8ToNat (n : UInt8) : UInt64.ofNatTruncate n.toNat = n.toUInt64 := by
-  rw [UInt64.ofNatTruncate_eq_ofNat, ofNat_uInt8ToNat]
-  exact Nat.lt_trans (n.toNat_lt) (by decide)
-@[simp] theorem UInt64.ofNatTruncate_uInt16ToNat (n : UInt16) : UInt64.ofNatTruncate n.toNat = n.toUInt64 := by
-  rw [UInt64.ofNatTruncate_eq_ofNat, ofNat_uInt16ToNat]
-  exact Nat.lt_trans (n.toNat_lt) (by decide)
-@[simp] theorem UInt64.ofNatTruncate_uInt32ToNat (n : UInt32) : UInt64.ofNatTruncate n.toNat = n.toUInt64 := by
-  rw [UInt64.ofNatTruncate_eq_ofNat, ofNat_uInt32ToNat]
-  exact Nat.lt_trans (n.toNat_lt) (by decide)
-@[simp] theorem UInt64.ofNatTruncate_toNat (n : UInt64) : UInt64.ofNatTruncate n.toNat = n := by
-  rw [UInt64.ofNatTruncate_eq_ofNat] <;> simp [n.toNat_lt]
-@[simp] theorem UInt64.ofNatTruncate_uSizeToNat (n : USize) : UInt64.ofNatTruncate n.toNat = n.toUInt64 := by
-  rw [UInt64.ofNatTruncate_eq_ofNat, ofNat_uSizeToNat]
-  exact n.toNat_lt
-
-@[simp] theorem USize.ofNatTruncate_uInt8ToNat (n : UInt8) : USize.ofNatTruncate n.toNat = n.toUSize := by
-  rw [USize.ofNatTruncate_eq_ofNat, ofNat_uInt8ToNat]
-  exact n.toNat_lt_usizeSize
-@[simp] theorem USize.ofNatTruncate_uInt16ToNat (n : UInt16) : USize.ofNatTruncate n.toNat = n.toUSize := by
-  rw [USize.ofNatTruncate_eq_ofNat, ofNat_uInt16ToNat]
-  exact n.toNat_lt_usizeSize
-@[simp] theorem USize.ofNatTruncate_uInt32ToNat (n : UInt32) : USize.ofNatTruncate n.toNat = n.toUSize := by
-  rw [USize.ofNatTruncate_eq_ofNat, ofNat_uInt32ToNat]
-  exact n.toNat_lt_usizeSize
-@[simp] theorem USize.ofNatTruncate_toNat (n : USize) : USize.ofNatTruncate n.toNat = n := by
-  rw [USize.ofNatTruncate_eq_ofNat] <;> simp [n.toNat_lt_size]
-
-@[simp] theorem UInt8.toUInt8_toUInt16 (n : UInt8) : n.toUInt16.toUInt8 = n :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt8_toUInt32 (n : UInt8) : n.toUInt32.toUInt8 = n :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt8_toUInt64 (n : UInt8) : n.toUInt64.toUInt8 = n :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt8_toUSize (n : UInt8) : n.toUSize.toUInt8 = n :=
-  UInt8.toNat.inj (by simp)
-
-@[simp] theorem UInt8.toUInt16_toUInt32 (n : UInt8) : n.toUInt32.toUInt16 = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt16_toUInt64 (n : UInt8) : n.toUInt64.toUInt16 = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt16_toUSize (n : UInt8) : n.toUSize.toUInt16 = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-
-@[simp] theorem UInt8.toUInt32_toUInt16 (n : UInt8) : n.toUInt16.toUInt32 = n.toUInt32 := rfl
-@[simp] theorem UInt8.toUInt32_toUInt64 (n : UInt8) : n.toUInt64.toUInt32 = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt8.toUInt32_toUSize (n : UInt8) : n.toUSize.toUInt32 = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt8.toUInt64_toUInt16 (n : UInt8) : n.toUInt16.toUInt64 = n.toUInt64 := rfl
-@[simp] theorem UInt8.toUInt64_toUInt32 (n : UInt8) : n.toUInt32.toUInt64 = n.toUInt64 := rfl
-@[simp] theorem UInt8.toUInt64_toUSize (n : UInt8) : n.toUSize.toUInt64 = n.toUInt64 := rfl
-
-@[simp] theorem UInt8.toUSize_toUInt16 (n : UInt8) : n.toUInt16.toUSize = n.toUSize := rfl
-@[simp] theorem UInt8.toUSize_toUInt32 (n : UInt8) : n.toUInt32.toUSize = n.toUSize := rfl
-@[simp] theorem UInt8.toUSize_toUInt64 (n : UInt8) : n.toUInt64.toUSize = n.toUSize :=
-  USize.toNat.inj (by simp)
-
-@[simp] theorem UInt16.toUInt8_toUInt32 (n : UInt16) : n.toUInt32.toUInt8 = n.toUInt8 := rfl
-@[simp] theorem UInt16.toUInt8_toUInt64 (n : UInt16) : n.toUInt64.toUInt8 = n.toUInt8 := rfl
-@[simp] theorem UInt16.toUInt8_toUSize (n : UInt16) : n.toUSize.toUInt8 = n.toUInt8 := rfl
-
-@[simp] theorem UInt16.toUInt16_toUInt8 (n : UInt16) : n.toUInt8.toUInt16 = n % 256 := rfl
-@[simp] theorem UInt16.toUInt16_toUInt32 (n : UInt16) : n.toUInt32.toUInt16 = n :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt16.toUInt16_toUInt64 (n : UInt16) : n.toUInt64.toUInt16 = n :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt16.toUInt16_toUSize (n : UInt16) : n.toUSize.toUInt16 = n :=
-  UInt16.toNat.inj (by simp)
-
-@[simp] theorem UInt16.toUInt32_toUInt8 (n : UInt16) : n.toUInt8.toUInt32 = n.toUInt32 % 256 := rfl
-@[simp] theorem UInt16.toUInt32_toUInt64 (n : UInt16) : n.toUInt64.toUInt32 = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt16.toUInt32_toUSize (n : UInt16) : n.toUSize.toUInt32 = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt16.toUInt64_toUInt8 (n : UInt16) : n.toUInt8.toUInt64 = n.toUInt64 % 256 := rfl
-@[simp] theorem UInt16.toUInt64_toUInt32 (n : UInt16) : n.toUInt32.toUInt64 = n.toUInt64 := rfl
-@[simp] theorem UInt16.toUInt64_toUSize (n : UInt16) : n.toUSize.toUInt64 = n.toUInt64 := rfl
-
-@[simp] theorem UInt16.toUSize_toUInt8 (n : UInt16) : n.toUInt8.toUSize = n.toUSize % 256 :=
-  USize.toNat.inj (by simp)
-@[simp] theorem UInt16.toUSize_toUInt32 (n : UInt16) : n.toUInt32.toUSize = n.toUSize :=
-  USize.toNat.inj (by simp)
-@[simp] theorem UInt16.toUSize_toUInt64 (n : UInt16) : n.toUInt64.toUSize = n.toUSize :=
-  USize.toNat.inj (by simp)
-
-@[simp] theorem UInt32.toUInt8_toUInt16 (n : UInt32) : n.toUInt16.toUInt8 = n.toUInt8 :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem UInt32.toUInt8_toUInt64 (n : UInt32) : n.toUInt64.toUInt8 = n.toUInt8 := rfl
-@[simp] theorem UInt32.toUInt8_toUSize (n : UInt32) : n.toUSize.toUInt8 = n.toUInt8 := rfl
-
-@[simp] theorem UInt32.toUInt16_toUInt8 (n : UInt32) : n.toUInt8.toUInt16 = n.toUInt16 % 256 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt32.toUInt16_toUInt64 (n : UInt32) : n.toUInt64.toUInt16 = n.toUInt16 := rfl
-@[simp] theorem UInt32.toUInt16_toUSize (n : UInt32) : n.toUSize.toUInt16 = n.toUInt16 := rfl
-
-@[simp] theorem UInt32.toUInt32_toUInt8 (n : UInt32) : n.toUInt8.toUInt32 = n % 256 := rfl
-@[simp] theorem UInt32.toUInt32_toUInt16 (n : UInt32) : n.toUInt16.toUInt32 = n % 65536 := rfl
-@[simp] theorem UInt32.toUInt32_toUInt64 (n : UInt32) : n.toUInt64.toUInt32 = n :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt32.toUInt32_toUSize (n : UInt32) : n.toUSize.toUInt32 = n :=
-  UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt32.toUInt64_toUInt8 (n : UInt32) : n.toUInt8.toUInt64 = n.toUInt64 % 256 := rfl
-@[simp] theorem UInt32.toUInt64_toUInt16 (n : UInt32) : n.toUInt16.toUInt64 = n.toUInt64 % 65536 := rfl
-@[simp] theorem UInt32.toUInt64_toUSize (n : UInt32) : n.toUSize.toUInt64 = n.toUInt64 := rfl
-
-@[simp] theorem UInt32.toUSize_toUInt8 (n : UInt32) : n.toUInt8.toUSize = n.toUSize % 256 :=
-  USize.toNat.inj (by simp)
-@[simp] theorem UInt32.toUSize_toUInt16 (n : UInt32) : n.toUInt16.toUSize = n.toUSize % 65536 :=
-  USize.toNat.inj (by simp)
-@[simp] theorem UInt32.toUSize_toUInt64 (n : UInt32) : n.toUInt64.toUSize = n.toUSize :=
-  USize.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUInt8_toUInt16 (n : UInt64) : n.toUInt16.toUInt8 = n.toUInt8 :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt8_toUInt32 (n : UInt64) : n.toUInt32.toUInt8 = n.toUInt8 :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt8_toUSize (n : UInt64) : n.toUSize.toUInt8 = n.toUInt8 :=
-  UInt8.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUInt16_toUInt8 (n : UInt64) : n.toUInt8.toUInt16 = n.toUInt16 % 256 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt16_toUInt32 (n : UInt64) : n.toUInt32.toUInt16 = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt16_toUSize (n : UInt64) : n.toUSize.toUInt16 = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUInt32_toUInt8 (n : UInt64) : n.toUInt8.toUInt32 = n.toUInt32 % 256 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt32_toUInt16 (n : UInt64) : n.toUInt16.toUInt32 = n.toUInt32 % 65536 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt32_toUSize (n : UInt64) : n.toUSize.toUInt32 = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUInt64_toUInt8 (n : UInt64) : n.toUInt8.toUInt64 = n % 256 := rfl
-@[simp] theorem UInt64.toUInt64_toUInt16 (n : UInt64) : n.toUInt16.toUInt64 = n % 65536 := rfl
-@[simp] theorem UInt64.toUInt64_toUInt32 (n : UInt64) : n.toUInt32.toUInt64 = n % 4294967296 := rfl
-
-@[simp] theorem UInt64.toUSize_toUInt8 (n : UInt64) : n.toUInt8.toUSize = n.toUSize % 256 :=
-  USize.toNat.inj (by simp)
-@[simp] theorem UInt64.toUSize_toUInt16 (n : UInt64) : n.toUInt16.toUSize = n.toUSize % 65536 :=
-  USize.toNat.inj (by simp)
-
-@[simp] theorem USize.toUInt8_toUInt16 (n : USize) : n.toUInt16.toUInt8 = n.toUInt8 :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem USize.toUInt8_toUInt32 (n : USize) : n.toUInt32.toUInt8 = n.toUInt8 :=
-  UInt8.toNat.inj (by simp)
-@[simp] theorem USize.toUInt8_toUInt64 (n : USize) : n.toUInt64.toUInt8 = n.toUInt8 := rfl
-
-@[simp] theorem USize.toUInt16_toUInt8 (n : USize) : n.toUInt8.toUInt16 = n.toUInt16 % 256 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem USize.toUInt16_toUInt32 (n : USize) : n.toUInt32.toUInt16 = n.toUInt16 :=
-  UInt16.toNat.inj (by simp)
-@[simp] theorem USize.toUInt16_toUInt64 (n : USize) : n.toUInt64.toUInt16 = n.toUInt16 := rfl
-
-@[simp] theorem USize.toUInt64_toUInt8 (n : USize) : n.toUInt8.toUInt64 = n.toUInt64 % 256 := rfl
-@[simp] theorem USize.toUInt64_toUInt16 (n : USize) : n.toUInt16.toUInt64 = n.toUInt64 % 65536 := rfl
-
-@[simp] theorem USize.toUInt32_toUInt8 (n : USize) : n.toUInt8.toUInt32 = n.toUInt32 % 256 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem USize.toUInt32_toUInt16 (n : USize) : n.toUInt16.toUInt32 = n.toUInt32 % 65536 :=
-  UInt32.toNat.inj (by simp)
-@[simp] theorem USize.toUInt32_toUInt64 (n : USize) : n.toUInt64.toUInt32 = n.toUInt32 :=
-  UInt32.toNat.inj (by simp)
-
-@[simp] theorem USize.toUSize_toUInt8 (n : USize) : n.toUInt8.toUSize = n % 256 :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.toUSize_toUInt16 (n : USize) : n.toUInt16.toUSize = n % 65536 :=
-  USize.toNat.inj (by simp)
-@[simp] theorem USize.toUSize_toUInt64 (n : USize) : n.toUInt64.toUSize = n :=
-  USize.toNat.inj (by simp)
-
--- Note: we are currently missing the following four results for which there does not seem to
--- be a good candidate for the RHS:
--- @[simp] theorem UInt64.toUInt64_toUSize (n : UInt64) : n.toUSize.toUInt64 = ? :=
--- @[simp] theorem UInt64.toUSize_toUInt32 (n : UInt64) : n.toUInt32.toUSize = ? :=
--- @[simp] theorem USize.toUInt64_toUInt32 (n : USize) : n.toUInt32.toUInt64 = ? :=
--- @[simp] theorem USize.toUSize_toUInt32 (n : USize) : n.toInt32.toUSize = ? :=
-
-@[simp] theorem UInt8.toNat_ofFin (x : Fin UInt8.size) : (UInt8.ofFin x).toNat = x.val := rfl
-@[simp] theorem UInt16.toNat_ofFin (x : Fin UInt16.size) : (UInt16.ofFin x).toNat = x.val := rfl
-@[simp] theorem UInt32.toNat_ofFin (x : Fin UInt32.size) : (UInt32.ofFin x).toNat = x.val := rfl
-@[simp] theorem UInt64.toNat_ofFin (x : Fin UInt64.size) : (UInt64.ofFin x).toNat = x.val := rfl
-@[simp] theorem USize.toNat_ofFin (x : Fin USize.size) : (USize.ofFin x).toNat = x.val := rfl
-
-theorem UInt8.toNat_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toNat = n := by rw [UInt8.ofNatTruncate, dif_pos hn, toNat_ofNatLT]
-theorem UInt16.toNat_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toNat = n := by rw [UInt16.ofNatTruncate, dif_pos hn, toNat_ofNatLT]
-theorem UInt32.toNat_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toNat = n := by rw [UInt32.ofNatTruncate, dif_pos hn, toNat_ofNatLT]
-theorem UInt64.toNat_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toNat = n := by rw [UInt64.ofNatTruncate, dif_pos hn, toNat_ofNatLT]
-theorem USize.toNat_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toNat = n := by rw [USize.ofNatTruncate, dif_pos hn, toNat_ofNatLT]
-
-theorem UInt8.toNat_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toNat = UInt8.size - 1 := by rw [ofNatTruncate, dif_neg (by omega), toNat_ofNatLT]
-theorem UInt16.toNat_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toNat = UInt16.size - 1 := by rw [ofNatTruncate, dif_neg (by omega), toNat_ofNatLT]
-theorem UInt32.toNat_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toNat = UInt32.size - 1 := by rw [ofNatTruncate, dif_neg (by omega), toNat_ofNatLT]
-theorem UInt64.toNat_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toNat = UInt64.size - 1 := by rw [ofNatTruncate, dif_neg (by omega), toNat_ofNatLT]
-theorem USize.toNat_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toNat = USize.size - 1 := by rw [ofNatTruncate, dif_neg (by omega), toNat_ofNatLT]
-
-@[simp] theorem UInt8.toFin_ofNatLT {n : Nat} (hn) : (UInt8.ofNatLT n hn).toFin = ⟨n, hn⟩ := rfl
-@[simp] theorem UInt16.toFin_ofNatLT {n : Nat} (hn) : (UInt16.ofNatLT n hn).toFin = ⟨n, hn⟩ := rfl
-@[simp] theorem UInt32.toFin_ofNatLT {n : Nat} (hn) : (UInt32.ofNatLT n hn).toFin = ⟨n, hn⟩ := rfl
-@[simp] theorem UInt64.toFin_ofNatLT {n : Nat} (hn) : (UInt64.ofNatLT n hn).toFin = ⟨n, hn⟩ := rfl
-@[simp] theorem USize.toFin_ofNatLT {n : Nat} (hn) : (USize.ofNatLT n hn).toFin = ⟨n, hn⟩ := rfl
-
-@[simp] theorem UInt8.toFin_ofNat' {n : Nat} : (UInt8.ofNat n).toFin = Fin.ofNat' _ n := rfl
-@[simp] theorem UInt16.toFin_ofNat' {n : Nat} : (UInt16.ofNat n).toFin = Fin.ofNat' _ n := rfl
-@[simp] theorem UInt32.toFin_ofNat' {n : Nat} : (UInt32.ofNat n).toFin = Fin.ofNat' _ n := rfl
-@[simp] theorem UInt64.toFin_ofNat' {n : Nat} : (UInt64.ofNat n).toFin = Fin.ofNat' _ n := rfl
-@[simp] theorem USize.toFin_ofNat' {n : Nat} : (USize.ofNat n).toFin = Fin.ofNat' _ n := rfl
-
-@[simp] theorem UInt8.toFin_ofBitVec {b} : (UInt8.ofBitVec b).toFin = b.toFin := rfl
-@[simp] theorem UInt16.toFin_ofBitVec {b} : (UInt16.ofBitVec b).toFin = b.toFin := rfl
-@[simp] theorem UInt32.toFin_ofBitVec {b} : (UInt32.ofBitVec b).toFin = b.toFin := rfl
-@[simp] theorem UInt64.toFin_ofBitVec {b} : (UInt64.ofBitVec b).toFin = b.toFin := rfl
-@[simp] theorem USize.toFin_ofBitVec {b} : (USize.ofBitVec b).toFin = b.toFin := rfl
-
-theorem UInt8.toFin_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toFin = ⟨n, hn⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt16.toFin_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toFin = ⟨n, hn⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt32.toFin_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toFin = ⟨n, hn⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt64.toFin_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toFin = ⟨n, hn⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem USize.toFin_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toFin = ⟨n, hn⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_lt hn])
-
-theorem UInt8.toFin_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toFin = ⟨UInt8.size - 1, by decide⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt16.toFin_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toFin = ⟨UInt16.size - 1, by decide⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt32.toFin_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toFin = ⟨UInt32.size - 1, by decide⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt64.toFin_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toFin = ⟨UInt64.size - 1, by decide⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_le hn])
-theorem USize.toFin_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toFin = ⟨USize.size - 1, by cases USize.size_eq <;> simp_all⟩ :=
-  Fin.val_inj.1 (by simp [toNat_ofNatTruncate_of_le hn])
-
-@[simp] theorem UInt8.toBitVec_ofNatLT {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatLT n hn).toBitVec = BitVec.ofNatLT n hn := rfl
-@[simp] theorem UInt16.toBitVec_ofNatLT {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatLT n hn).toBitVec = BitVec.ofNatLT n hn := rfl
-@[simp] theorem UInt32.toBitVec_ofNatLT {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatLT n hn).toBitVec = BitVec.ofNatLT n hn := rfl
-@[simp] theorem UInt64.toBitVec_ofNatLT {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatLT n hn).toBitVec = BitVec.ofNatLT n hn := rfl
-@[simp] theorem USize.toBitVec_ofNatLT {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatLT n hn).toBitVec = BitVec.ofNatLT n hn := rfl
-
-@[simp] theorem UInt8.toBitVec_ofFin (n : Fin UInt8.size) : (UInt8.ofFin n).toBitVec = BitVec.ofFin n := rfl
-@[simp] theorem UInt16.toBitVec_ofFin (n : Fin UInt16.size) : (UInt16.ofFin n).toBitVec = BitVec.ofFin n := rfl
-@[simp] theorem UInt32.toBitVec_ofFin (n : Fin UInt32.size) : (UInt32.ofFin n).toBitVec = BitVec.ofFin n := rfl
-@[simp] theorem UInt64.toBitVec_ofFin (n : Fin UInt64.size) : (UInt64.ofFin n).toBitVec = BitVec.ofFin n := rfl
-@[simp] theorem USize.toBitVec_ofFin (n : Fin USize.size) : (USize.ofFin n).toBitVec = BitVec.ofFin n := rfl
-
-@[simp] theorem UInt8.toBitVec_ofBitVec (n) : (UInt8.ofBitVec n).toBitVec = n := rfl
-@[simp] theorem UInt16.toBitVec_ofBitVec (n) : (UInt16.ofBitVec n).toBitVec = n := rfl
-@[simp] theorem UInt32.toBitVec_ofBitVec (n) : (UInt32.ofBitVec n).toBitVec = n := rfl
-@[simp] theorem UInt64.toBitVec_ofBitVec (n) : (UInt64.ofBitVec n).toBitVec = n := rfl
-@[simp] theorem USize.toBitVec_ofBitVec (n) : (USize.ofBitVec n).toBitVec = n := rfl
-
-theorem UInt8.toBitVec_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toBitVec = BitVec.ofNatLT n hn :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt16.toBitVec_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toBitVec = BitVec.ofNatLT n hn :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt32.toBitVec_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toBitVec = BitVec.ofNatLT n hn :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt64.toBitVec_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toBitVec = BitVec.ofNatLT n hn :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem USize.toBitVec_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toBitVec = BitVec.ofNatLT n hn :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_lt hn])
-
-theorem UInt8.toBitVec_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toBitVec = BitVec.ofNatLT (UInt8.size - 1) (by decide) :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt16.toBitVec_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toBitVec = BitVec.ofNatLT (UInt16.size - 1) (by decide) :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt32.toBitVec_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toBitVec = BitVec.ofNatLT (UInt32.size - 1) (by decide) :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt64.toBitVec_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toBitVec = BitVec.ofNatLT (UInt64.size - 1) (by decide) :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_le hn])
-theorem USize.toBitVec_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toBitVec = BitVec.ofNatLT (USize.size - 1) (by cases USize.size_eq <;> simp_all) :=
-  BitVec.eq_of_toNat_eq (by simp [toNat_ofNatTruncate_of_le hn])
-
-@[simp] theorem UInt16.toUInt8_ofNatLT {n : Nat} (hn) : (UInt16.ofNatLT n hn).toUInt8 = UInt8.ofNat n := rfl
-@[simp] theorem UInt32.toUInt8_ofNatLT {n : Nat} (hn) : (UInt32.ofNatLT n hn).toUInt8 = UInt8.ofNat n := rfl
-@[simp] theorem UInt64.toUInt8_ofNatLT {n : Nat} (hn) : (UInt64.ofNatLT n hn).toUInt8 = UInt8.ofNat n := rfl
-@[simp] theorem USize.toUInt8_ofNatLT {n : Nat} (hn) : (USize.ofNatLT n hn).toUInt8 = UInt8.ofNat n := rfl
-
-@[simp] theorem UInt16.toUInt8_ofFin (n) : (UInt16.ofFin n).toUInt8 = UInt8.ofNat n.val := rfl
-@[simp] theorem UInt32.toUInt8_ofFin (n) : (UInt32.ofFin n).toUInt8 = UInt8.ofNat n.val := rfl
-@[simp] theorem UInt64.toUInt8_ofFin (n) : (UInt64.ofFin n).toUInt8 = UInt8.ofNat n.val := rfl
-@[simp] theorem USize.toUInt8_ofFin (n) : (USize.ofFin n).toUInt8 = UInt8.ofNat n.val := rfl
-
-@[simp] theorem UInt16.toUInt8_ofBitVec (b) : (UInt16.ofBitVec b).toUInt8 = UInt8.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt32.toUInt8_ofBitVec (b) : (UInt32.ofBitVec b).toUInt8 = UInt8.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt64.toUInt8_ofBitVec (b) : (UInt64.ofBitVec b).toUInt8 = UInt8.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem USize.toUInt8_ofBitVec (b) : (USize.ofBitVec b).toUInt8 = UInt8.ofBitVec (b.setWidth _) :=
-  UInt8.toNat.inj (by simp)
-
-@[simp] theorem UInt16.toUInt8_ofNat' (n : Nat) : (UInt16.ofNat n).toUInt8 = UInt8.ofNat n := UInt8.toNat.inj (by simp)
-@[simp] theorem UInt32.toUInt8_ofNat' (n : Nat) : (UInt32.ofNat n).toUInt8 = UInt8.ofNat n := UInt8.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt8_ofNat' (n : Nat) : (UInt64.ofNat n).toUInt8 = UInt8.ofNat n := UInt8.toNat.inj (by simp)
-@[simp] theorem USize.toUInt8_ofNat' (n : Nat) : (USize.ofNat n).toUInt8 = UInt8.ofNat n := UInt8.toNat.inj (by simp)
-
-@[simp] theorem UInt16.toUInt8_ofNat {n : Nat} : toUInt8 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := toUInt8_ofNat' _
-@[simp] theorem UInt32.toUInt8_ofNat {n : Nat} : toUInt8 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := toUInt8_ofNat' _
-@[simp] theorem UInt64.toUInt8_ofNat {n : Nat} : toUInt8 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := toUInt8_ofNat' _
-@[simp] theorem USize.toUInt8_ofNat {n : Nat} : toUInt8 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := toUInt8_ofNat' _
-
-theorem UInt16.toUInt8_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toUInt8 = UInt8.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt8_ofNatLT]
-theorem UInt32.toUInt8_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toUInt8 = UInt8.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt8_ofNatLT]
-theorem UInt64.toUInt8_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toUInt8 = UInt8.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt8_ofNatLT]
-theorem USize.toUInt8_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toUInt8 = UInt8.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt8_ofNatLT]
-
-theorem UInt16.toUInt8_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toUInt8 = UInt8.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt8.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt32.toUInt8_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toUInt8 = UInt8.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt8.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt64.toUInt8_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toUInt8 = UInt8.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt8.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem USize.toUInt8_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toUInt8 = UInt8.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt8.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-@[simp] theorem UInt32.toUInt16_ofNatLT {n : Nat} (hn) : (UInt32.ofNatLT n hn).toUInt16 = UInt16.ofNat n := rfl
-@[simp] theorem UInt64.toUInt16_ofNatLT {n : Nat} (hn) : (UInt64.ofNatLT n hn).toUInt16 = UInt16.ofNat n := rfl
-@[simp] theorem USize.toUInt16_ofNatLT {n : Nat} (hn) : (USize.ofNatLT n hn).toUInt16 = UInt16.ofNat n := rfl
-
-@[simp] theorem UInt32.toUInt16_ofFin (n) : (UInt32.ofFin n).toUInt16 = UInt16.ofNat n.val := rfl
-@[simp] theorem UInt64.toUInt16_ofFin (n) : (UInt64.ofFin n).toUInt16 = UInt16.ofNat n.val := rfl
-@[simp] theorem USize.toUInt16_ofFin (n) : (USize.ofFin n).toUInt16 = UInt16.ofNat n.val := rfl
-
-@[simp] theorem UInt32.toUInt16_ofBitVec (b) : (UInt32.ofBitVec b).toUInt16 = UInt16.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt64.toUInt16_ofBitVec (b) : (UInt64.ofBitVec b).toUInt16 = UInt16.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem USize.toUInt16_ofBitVec (b) : (USize.ofBitVec b).toUInt16 = UInt16.ofBitVec (b.setWidth _) :=
-  UInt16.toNat.inj (by simp)
-
-@[simp] theorem UInt32.toUInt16_ofNat' (n : Nat) : (UInt32.ofNat n).toUInt16 = UInt16.ofNat n := UInt16.toNat.inj (by simp)
-@[simp] theorem UInt64.toUInt16_ofNat' (n : Nat) : (UInt64.ofNat n).toUInt16 = UInt16.ofNat n := UInt16.toNat.inj (by simp)
-@[simp] theorem USize.toUInt16_ofNat' (n : Nat) : (USize.ofNat n).toUInt16 = UInt16.ofNat n := UInt16.toNat.inj (by simp)
-
-@[simp] theorem UInt32.toUInt16_ofNat {n : Nat} : toUInt16 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := UInt32.toUInt16_ofNat' _
-@[simp] theorem UInt64.toUInt16_ofNat {n : Nat} : toUInt16 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := UInt64.toUInt16_ofNat' _
-@[simp] theorem USize.toUInt16_ofNat {n : Nat} : toUInt16 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := USize.toUInt16_ofNat' _
-
-theorem UInt32.toUInt16_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toUInt16 = UInt16.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt16_ofNatLT]
-theorem UInt64.toUInt16_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toUInt16 = UInt16.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt16_ofNatLT]
-theorem USize.toUInt16_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toUInt16 = UInt16.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt16_ofNatLT]
-
-theorem UInt32.toUInt16_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toUInt16 = UInt16.ofNatLT (UInt16.size - 1) (by decide) :=
-  UInt16.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt64.toUInt16_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toUInt16 = UInt16.ofNatLT (UInt16.size - 1) (by decide) :=
-  UInt16.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem USize.toUInt16_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toUInt16 = UInt16.ofNatLT (UInt16.size - 1) (by decide) :=
-  UInt16.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-@[simp] theorem UInt64.toUInt32_ofNatLT {n : Nat} (hn) : (UInt64.ofNatLT n hn).toUInt32 = UInt32.ofNat n := rfl
-@[simp] theorem USize.toUInt32_ofNatLT {n : Nat} (hn) : (USize.ofNatLT n hn).toUInt32 = UInt32.ofNat n := rfl
-
-@[simp] theorem UInt64.toUInt32_ofFin (n) : (UInt64.ofFin n).toUInt32 = UInt32.ofNat n.val := rfl
-@[simp] theorem USize.toUInt32_ofFin (n) : (USize.ofFin n).toUInt32 = UInt32.ofNat n.val := rfl
-
-@[simp] theorem UInt64.toUInt32_ofBitVec (b) : (UInt64.ofBitVec b).toUInt32 = UInt32.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem USize.toUInt32_ofBitVec (b) : (USize.ofBitVec b).toUInt32 = UInt32.ofBitVec (b.setWidth _) :=
-  UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUInt32_ofNat' (n : Nat) : (UInt64.ofNat n).toUInt32 = UInt32.ofNat n := UInt32.toNat.inj (by simp)
-@[simp] theorem USize.toUInt32_ofNat' (n : Nat) : (USize.ofNat n).toUInt32 = UInt32.ofNat n := UInt32.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUInt32_ofNat {n : Nat} : toUInt32 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := UInt64.toUInt32_ofNat' _
-@[simp] theorem USize.toUInt32_ofNat {n : Nat} : toUInt32 (no_index (OfNat.ofNat n)) = OfNat.ofNat n := USize.toUInt32_ofNat' _
-
-theorem UInt64.toUInt32_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toUInt32 = UInt32.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt32_ofNatLT]
-theorem USize.toUInt32_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toUInt32 = UInt32.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUInt32_ofNatLT]
-
-theorem UInt64.toUInt32_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toUInt32 = UInt32.ofNatLT (UInt32.size - 1) (by decide) :=
-  UInt32.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem USize.toUInt32_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toUInt32 = UInt32.ofNatLT (UInt32.size - 1) (by decide) :=
-  UInt32.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-@[simp] theorem UInt64.toUSize_ofNatLT {n : Nat} (hn) : (UInt64.ofNatLT n hn).toUSize = USize.ofNat n := rfl
-
-@[simp] theorem UInt64.toUSize_ofFin (n) : (UInt64.ofFin n).toUSize = USize.ofNat n.val := rfl
-
-@[simp] theorem UInt64.toUSize_ofBitVec (b) : (UInt64.ofBitVec b).toUSize = USize.ofBitVec (b.setWidth _) :=
-  USize.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUSize_ofNat' (n : Nat) : (UInt64.ofNat n).toUSize = USize.ofNat n := USize.toNat.inj (by simp)
-
-@[simp] theorem UInt64.toUSize_ofNat {n : Nat} : toUSize (no_index (OfNat.ofNat n)) = OfNat.ofNat n := UInt64.toUSize_ofNat' _
-
-theorem UInt64.toUSize_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt64.size) :
-    (UInt64.ofNatTruncate n).toUSize = USize.ofNat n := by rw [ofNatTruncate, dif_pos hn, toUSize_ofNatLT]
-
-theorem UInt64.toUSize_ofNatTruncate_of_le {n : Nat} (hn : UInt64.size ≤ n) :
-    (UInt64.ofNatTruncate n).toUSize = USize.ofNatLT (USize.size - 1) (by cases USize.size_eq <;> simp_all) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-theorem UInt8.toUInt16_ofNatLT {n : Nat} (h) :
-    (UInt8.ofNatLT n h).toUInt16 = UInt16.ofNatLT n (Nat.lt_of_lt_of_le h (by decide)) := rfl
-theorem UInt8.toUInt32_ofNatLT {n : Nat} (h) :
-    (UInt8.ofNatLT n h).toUInt32 = UInt32.ofNatLT n (Nat.lt_of_lt_of_le h (by decide)) := rfl
-theorem UInt8.toUInt64_ofNatLT {n : Nat} (h) :
-    (UInt8.ofNatLT n h).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le h (by decide)) := rfl
-theorem UInt8.toUSize_ofNatLT {n : Nat} (h) :
-    (UInt8.ofNatLT n h).toUSize = USize.ofNatLT n (Nat.lt_of_lt_of_le h size_le_usizeSize) := rfl
-
-theorem UInt8.toUInt16_ofFin {n} :
-  (UInt8.ofFin n).toUInt16 = UInt16.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt (by decide)) := rfl
-theorem UInt8.toUInt32_ofFin {n} :
-  (UInt8.ofFin n).toUInt32 = UInt32.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt (by decide)) := rfl
-theorem UInt8.toUInt64_ofFin {n} :
-  (UInt8.ofFin n).toUInt64 = UInt64.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt (by decide)) := rfl
-theorem UInt8.toUSize_ofFin {n} :
-  (UInt8.ofFin n).toUSize = USize.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt size_le_usizeSize) := rfl
-
-@[simp] theorem UInt8.toUInt16_ofBitVec {b} : (UInt8.ofBitVec b).toUInt16 = UInt16.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt8.toUInt32_ofBitVec {b} : (UInt8.ofBitVec b).toUInt32 = UInt32.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt8.toUInt64_ofBitVec {b} : (UInt8.ofBitVec b).toUInt64 = UInt64.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt8.toUSize_ofBitVec {b} : (UInt8.ofBitVec b).toUSize = USize.ofBitVec (b.setWidth _) :=
-  USize.toBitVec_inj.1 (by simp)
-
-theorem UInt8.toUInt16_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toUInt16 = UInt16.ofNatLT n (Nat.lt_of_lt_of_le hn (by decide)) :=
-  UInt16.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt8.toUInt32_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toUInt32 = UInt32.ofNatLT n (Nat.lt_of_lt_of_le hn (by decide)) :=
-  UInt32.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt8.toUInt64_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le hn (by decide)) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt8.toUSize_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt8.size) :
-    (UInt8.ofNatTruncate n).toUSize = USize.ofNatLT n (Nat.lt_of_lt_of_le hn size_le_usizeSize) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-
-theorem UInt8.toUInt16_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toUInt16 = UInt16.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt16.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt8.toUInt32_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toUInt32 = UInt32.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt32.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt8.toUInt64_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toUInt64 = UInt64.ofNatLT (UInt8.size - 1) (by decide) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt8.toUSize_ofNatTruncate_of_le {n : Nat} (hn : UInt8.size ≤ n) :
-    (UInt8.ofNatTruncate n).toUSize = USize.ofNatLT (UInt8.size - 1) (Nat.lt_of_lt_of_le (by decide) size_le_usizeSize) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-theorem UInt16.toUInt32_ofNatLT {n : Nat} (h) :
-    (UInt16.ofNatLT n h).toUInt32 = UInt32.ofNatLT n (Nat.lt_of_lt_of_le h (by decide)) := rfl
-theorem UInt16.toUInt64_ofNatLT {n : Nat} (h) :
-    (UInt16.ofNatLT n h).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le h (by decide)) := rfl
-theorem UInt16.toUSize_ofNatLT {n : Nat} (h) :
-    (UInt16.ofNatLT n h).toUSize = USize.ofNatLT n (Nat.lt_of_lt_of_le h size_le_usizeSize) := rfl
-
-theorem UInt16.toUInt32_ofFin {n} :
-  (UInt16.ofFin n).toUInt32 = UInt32.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt (by decide)) := rfl
-theorem UInt16.toUInt64_ofFin {n} :
-  (UInt16.ofFin n).toUInt64 = UInt64.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt (by decide)) := rfl
-theorem UInt16.toUSize_ofFin {n} :
-  (UInt16.ofFin n).toUSize = USize.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt size_le_usizeSize) := rfl
-
-@[simp] theorem UInt16.toUInt32_ofBitVec {b} : (UInt16.ofBitVec b).toUInt32 = UInt32.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt16.toUInt64_ofBitVec {b} : (UInt16.ofBitVec b).toUInt64 = UInt64.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt16.toUSize_ofBitVec {b} : (UInt16.ofBitVec b).toUSize = USize.ofBitVec (b.setWidth _) :=
-  USize.toBitVec_inj.1 (by simp)
-
-theorem UInt16.toUInt32_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toUInt32 = UInt32.ofNatLT n (Nat.lt_of_lt_of_le hn (by decide)) :=
-  UInt32.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt16.toUInt64_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le hn (by decide)) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt16.toUSize_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt16.size) :
-    (UInt16.ofNatTruncate n).toUSize = USize.ofNatLT n (Nat.lt_of_lt_of_le hn size_le_usizeSize) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-
-theorem UInt16.toUInt32_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toUInt32 = UInt32.ofNatLT (UInt16.size - 1) (by decide) :=
-  UInt32.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt16.toUInt64_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toUInt64 = UInt64.ofNatLT (UInt16.size - 1) (by decide) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt16.toUSize_ofNatTruncate_of_le {n : Nat} (hn : UInt16.size ≤ n) :
-    (UInt16.ofNatTruncate n).toUSize = USize.ofNatLT (UInt16.size - 1) (Nat.lt_of_lt_of_le (by decide) size_le_usizeSize) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-theorem UInt32.toUInt64_ofNatLT {n : Nat} (h) :
-    (UInt32.ofNatLT n h).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le h (by decide)) := rfl
-theorem UInt32.toUSize_ofNatLT {n : Nat} (h) :
-    (UInt32.ofNatLT n h).toUSize = USize.ofNatLT n (Nat.lt_of_lt_of_le h size_le_usizeSize) := rfl
-
-theorem UInt32.toUInt64_ofFin {n} :
-  (UInt32.ofFin n).toUInt64 = UInt64.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt (by decide)) := rfl
-theorem UInt32.toUSize_ofFin {n} :
-  (UInt32.ofFin n).toUSize = USize.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt size_le_usizeSize) := rfl
-
-@[simp] theorem UInt32.toUInt64_ofBitVec {b} : (UInt32.ofBitVec b).toUInt64 = UInt64.ofBitVec (b.setWidth _) := rfl
-@[simp] theorem UInt32.toUSize_ofBitVec {b} : (UInt32.ofBitVec b).toUSize = USize.ofBitVec (b.setWidth _) :=
-  USize.toBitVec_inj.1 (by simp)
-
-theorem UInt32.toUInt64_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le hn (by decide)) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-theorem UInt32.toUSize_ofNatTruncate_of_lt {n : Nat} (hn : n < UInt32.size) :
-    (UInt32.ofNatTruncate n).toUSize = USize.ofNatLT n (Nat.lt_of_lt_of_le hn size_le_usizeSize) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-
-theorem UInt32.toUInt64_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toUInt64 = UInt64.ofNatLT (UInt32.size - 1) (by decide) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-theorem UInt32.toUSize_ofNatTruncate_of_le {n : Nat} (hn : UInt32.size ≤ n) :
-    (UInt32.ofNatTruncate n).toUSize = USize.ofNatLT (UInt32.size - 1) (Nat.lt_of_lt_of_le (by decide) size_le_usizeSize) :=
-  USize.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])
-
-theorem USize.toUInt64_ofNatLT {n : Nat} (h) :
-    (USize.ofNatLT n h).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le h size_le_uint64Size) := rfl
-
-theorem USize.toUInt64_ofFin {n} :
-  (USize.ofFin n).toUInt64 = UInt64.ofNatLT n.val (Nat.lt_of_lt_of_le n.isLt size_le_uint64Size) := rfl
-
-@[simp] theorem USize.toUInt64_ofBitVec {b} : (USize.ofBitVec b).toUInt64 = UInt64.ofBitVec (b.setWidth _) :=
-  UInt64.toBitVec_inj.1 (by simp)
-
-theorem USize.toUInt64_ofNatTruncate_of_lt {n : Nat} (hn : n < USize.size) :
-    (USize.ofNatTruncate n).toUInt64 = UInt64.ofNatLT n (Nat.lt_of_lt_of_le hn size_le_uint64Size) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_lt hn])
-
-theorem USize.toUInt64_ofNatTruncate_of_le {n : Nat} (hn : USize.size ≤ n) :
-    (USize.ofNatTruncate n).toUInt64 = UInt64.ofNatLT (USize.size - 1) (by cases USize.size_eq <;> simp_all +decide) :=
-  UInt64.toNat.inj (by simp [toNat_ofNatTruncate_of_le hn])

src/Init/Data/Vector/Attach.lean

@@ -7,8 +7,8 @@ prelude
 import Init.Data.Vector.Lemmas
 import Init.Data.Array.Attach
 
-set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
-set_option linter.indexVariables true -- Enforce naming conventions for index variables.
+-- set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
+-- set_option linter.indexVariables true -- Enforce naming conventions for index variables.
 
 namespace Vector
 
@@ -473,10 +473,6 @@ def unattach {α : Type _} {p : α → Prop} (xs : Vector { x // p x } n) : Vect
     (xs.push a).unattach = xs.unattach.push a.1 := by
   simp only [unattach, Vector.map_push]
 
-@[simp] theorem mem_unattach {p : α → Prop} {xs : Vector { x // p x } n} {a} :
-    a ∈ xs.unattach ↔ ∃ h : p a, ⟨a, h⟩ ∈ xs := by
-  simp only [unattach, mem_map, Subtype.exists, exists_and_right, exists_eq_right]
-
 @[simp] theorem unattach_mk {p : α → Prop} {xs : Array { x // p x }} {h : xs.size = n} :
     (mk xs h).unattach = mk xs.unattach (by simpa using h) := by
   simp [unattach]
@@ -556,18 +552,6 @@ and simplifies these to the function directly taking the value.
   simp
   rw [Array.find?_subtype hf]
 
-@[simp] theorem all_subtype {p : α → Prop} {xs : Vector { x // p x } n} {f : { x // p x } → Bool} {g : α → Bool}
-    (hf : ∀ x h, f ⟨x, h⟩ = g x) :
-    xs.all f = xs.unattach.all g := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [hf]
-
-@[simp] theorem any_subtype {p : α → Prop} {xs : Vector { x // p x } n} {f : { x // p x } → Bool} {g : α → Bool}
-    (hf : ∀ x h, f ⟨x, h⟩ = g x) :
-    xs.any f = xs.unattach.any g := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [hf]
-
 /-! ### Simp lemmas pushing `unattach` inwards. -/
 
 @[simp] theorem unattach_reverse {p : α → Prop} {xs : Vector { x // p x } n} :

src/Init/Data/Vector/Basic.lean

@@ -8,7 +8,6 @@ prelude
 import Init.Data.Array.Lemmas
 import Init.Data.Array.MapIdx
 import Init.Data.Array.InsertIdx
-import Init.Data.Array.Range
 import Init.Data.Range
 import Init.Data.Stream
 
@@ -18,8 +17,8 @@ import Init.Data.Stream
 `Vector α n` is a thin wrapper around `Array α` for arrays of fixed size `n`.
 -/
 
-set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
-set_option linter.indexVariables true -- Enforce naming conventions for index variables.
+-- set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
+-- set_option linter.indexVariables true -- Enforce naming conventions for index variables.
 
 /-- `Vector α n` is an `Array α` with size `n`. -/
 structure Vector (α : Type u) (n : Nat) extends Array α where

src/Init/Data/Vector/Find.lean

@@ -15,8 +15,8 @@ import Init.Data.Array.Find
 We are still missing results about `idxOf?`, `findIdx`, and `findIdx?`.
 -/
 
-set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
-set_option linter.indexVariables true -- Enforce naming conventions for index variables.
+-- set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
+-- set_option linter.indexVariables true -- Enforce naming conventions for index variables.
 
 namespace Vector
 

src/Init/Data/Vector/Lemmas.lean

@@ -13,8 +13,8 @@ import Init.Data.Array.Find
 Lemmas about `Vector α n`
 -/
 
-set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
-set_option linter.indexVariables true -- Enforce naming conventions for index variables.
+-- set_option linter.listVariables true -- Enforce naming conventions for `List`/`Array`/`Vector` variables.
+-- set_option linter.indexVariables true -- Enforce naming conventions for index variables.
 
 namespace Array
 
@@ -1592,11 +1592,9 @@ theorem getElem_append (xs : Vector α n) (ys : Vector α m) (i : Nat) (hi : i <
   rcases ys with ⟨ys, rfl⟩
   simp [Array.getElem_append, hi]
 
-@[simp]
 theorem getElem_append_left {xs : Vector α n} {ys : Vector α m} {i : Nat} (hi : i < n) :
     (xs ++ ys)[i] = xs[i] := by simp [getElem_append, hi]
 
-@[simp]
 theorem getElem_append_right {xs : Vector α n} {ys : Vector α m} {i : Nat} (h : i < n + m) (hi : n ≤ i) :
     (xs ++ ys)[i] = ys[i - n] := by
   rw [getElem_append, dif_neg (by omega)]
@@ -2070,12 +2068,6 @@ theorem flatMap_mkArray {β} (f : α → Vector β m) : (mkVector n a).flatMap f
   rcases xs with ⟨xs, rfl⟩
   simp
 
-theorem getElem_eq_getElem_reverse {xs : Vector α n} {i} (h : i < n) :
-    xs[i] = xs.reverse[n - 1 - i] := by
-  rw [getElem_reverse]
-  congr
-  omega
-
 /-- Variant of `getElem?_reverse` with a hypothesis giving the linear relation between the indices. -/
 theorem getElem?_reverse' {xs : Vector α n} (i j) (h : i + j + 1 = n) : xs.reverse[i]? = xs[j]? := by
   rcases xs with ⟨xs, rfl⟩
@@ -2482,14 +2474,6 @@ theorem contains_iff_mem [BEq α] [LawfulBEq α] {xs : Vector α n} {a : α} :
   rcases xs with ⟨xs, rfl⟩
   simp
 
-/--
-Variant of `getElem_pop` that will sometimes fire when `getElem_pop` gets stuck because of
-defeq issues in the implicit size argument.
--/
-@[simp] theorem getElem_pop' (xs : Vector α (n + 1)) (i : Nat) (h : i < n + 1 - 1) :
-    @getElem (Vector α n) Nat α (fun _ i => i < n) instGetElemNatLt xs.pop i h = xs[i] :=
-  getElem_pop h
-
 theorem getElem?_pop (xs : Vector α n) (i : Nat) :
     xs.pop[i]? = if i < n - 1 then xs[i]? else none := by
   rcases xs with ⟨xs, rfl⟩
@@ -2601,161 +2585,6 @@ theorem replace_extract {xs : Vector α n} {i : Nat} :
 
 end replace
 
-/-! ## Logic -/
-
-/-! ### any / all -/
-
-theorem not_any_eq_all_not (xs : Vector α n) (p : α → Bool) : (!xs.any p) = xs.all fun a => !p a := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [Array.not_any_eq_all_not]
-
-theorem not_all_eq_any_not (xs : Vector α n) (p : α → Bool) : (!xs.all p) = xs.any fun a => !p a := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [Array.not_all_eq_any_not]
-
-theorem and_any_distrib_left (xs : Vector α n) (p : α → Bool) (q : Bool) :
-    (q && xs.any p) = xs.any fun a => q && p a := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [Array.and_any_distrib_left]
-
-theorem and_any_distrib_right (xs : Vector α n) (p : α → Bool) (q : Bool) :
-    (xs.any p && q) = xs.any fun a => p a && q := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [Array.and_any_distrib_right]
-
-theorem or_all_distrib_left (xs : Vector α n) (p : α → Bool) (q : Bool) :
-    (q || xs.all p) = xs.all fun a => q || p a := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [Array.or_all_distrib_left]
-
-theorem or_all_distrib_right (xs : Vector α n) (p : α → Bool) (q : Bool) :
-    (xs.all p || q) = xs.all fun a => p a || q := by
-  rcases xs with ⟨xs, rfl⟩
-  simp [Array.or_all_distrib_right]
-
-theorem any_eq_not_all_not (xs : Vector α n) (p : α → Bool) : xs.any p = !xs.all (!p .) := by
-  simp only [not_all_eq_any_not, Bool.not_not]
-
-@[simp] theorem any_map {xs : Vector α n} {p : β → Bool} : (xs.map f).any p = xs.any (p ∘ f) := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem all_map {xs : Vector α n} {p : β → Bool} : (xs.map f).all p = xs.all (p ∘ f) := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem any_filter {xs : Vector α n} {p q : α → Bool} :
-    (xs.filter p).any q = xs.any fun a => p a && q a := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem all_filter {xs : Vector α n} {p q : α → Bool} :
-    (xs.filter p).all q = xs.all fun a => p a → q a := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem any_filterMap {xs : Vector α n} {f : α → Option β} {p : β → Bool} :
-    (xs.filterMap f).any p = xs.any fun a => match f a with | some b => p b | none => false := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-  rfl
-
-@[simp] theorem all_filterMap {xs : Vector α n} {f : α → Option β} {p : β → Bool} :
-    (xs.filterMap f).all p = xs.all fun a => match f a with | some b => p b | none => true := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-  rfl
-
-@[simp] theorem any_append {xs : Vector α n} {ys : Vector α m} :
-    (xs ++ ys).any f = (xs.any f || ys.any f) := by
-  rcases xs with ⟨xs, rfl⟩
-  rcases ys with ⟨ys, rfl⟩
-  simp
-
-@[simp] theorem all_append {xs : Vector α n} {ys : Vector α m} :
-    (xs ++ ys).all f = (xs.all f && ys.all f) := by
-  rcases xs with ⟨xs, rfl⟩
-  rcases ys with ⟨ys, rfl⟩
-  simp
-
-@[congr] theorem anyM_congr [Monad m]
-    {xs ys : Vector α n} (w : xs = ys) {p q : α → m Bool} (h : ∀ a, p a = q a) :
-    xs.anyM p = ys.anyM q := by
-  have : p = q := by funext a; apply h
-  subst this
-  subst w
-  rfl
-
-@[congr] theorem any_congr
-    {xs ys : Vector α n} (w : xs = ys) {p q : α → Bool} (h : ∀ a, p a = q a) :
-    xs.any p = ys.any q := by
-  unfold any
-  apply anyM_congr w h
-
-@[congr] theorem allM_congr [Monad m]
-    {xs ys : Vector α n} (w : xs = ys) {p q : α → m Bool} (h : ∀ a, p a = q a) :
-    xs.allM p = ys.allM q := by
-  have : p = q := by funext a; apply h
-  subst this
-  subst w
-  rfl
-
-@[congr] theorem all_congr
-    {xs ys : Vector α n} (w : xs = ys) {p q : α → Bool} (h : ∀ a, p a = q a) :
-    xs.all p = ys.all q := by
-  unfold all
-  apply allM_congr w h
-
-@[simp] theorem any_flatten {xss : Vector (Vector α n) m} : xss.flatten.any f = xss.any (any · f) := by
-  cases xss using vector₂_induction
-  simp
-
-@[simp] theorem all_flatten {xss : Vector (Vector α n) m} : xss.flatten.all f = xss.all (all · f) := by
-  cases xss using vector₂_induction
-  simp
-
-@[simp] theorem any_flatMap {xs : Vector α n} {f : α → Vector β m} {p : β → Bool} :
-    (xs.flatMap f).any p = xs.any fun a => (f a).any p := by
-  rcases xs with ⟨xs⟩
-  simp only [flatMap_mk, any_mk, Array.size_flatMap, size_toArray, Array.any_flatMap']
-  congr
-  funext
-  congr
-  simp [Vector.size_toArray]
-
-@[simp] theorem all_flatMap {xs : Vector α n} {f : α → Vector β m} {p : β → Bool} :
-    (xs.flatMap f).all p = xs.all fun a => (f a).all p := by
-  rcases xs with ⟨xs⟩
-  simp only [flatMap_mk, all_mk, Array.size_flatMap, size_toArray, Array.all_flatMap']
-  congr
-  funext
-  congr
-  simp [Vector.size_toArray]
-
-@[simp] theorem any_reverse {xs : Vector α n} : xs.reverse.any f  = xs.any f := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem all_reverse {xs : Vector α n} : xs.reverse.all f = xs.all f := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem any_cast {xs : Vector α n} : (xs.cast h).any f = xs.any f := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem all_cast {xs : Vector α n} : (xs.cast h).all f = xs.all f := by
-  rcases xs with ⟨xs, rfl⟩
-  simp
-
-@[simp] theorem any_mkVector {n : Nat} {a : α} :
-    (mkVector n a).any f = if n = 0 then false else f a := by
-  induction n <;> simp_all [mkVector_succ']
-
-@[simp] theorem all_mkVector {n : Nat} {a : α} :
-    (mkVector n a).all f = if n = 0 then true else f a := by
-  induction n <;> simp_all +contextual [mkVector_succ']
-
 /-! Content below this point has not yet been aligned with `List` and `Array`. -/
 
 set_option linter.indexVariables false in
@@ -2763,6 +2592,14 @@ set_option linter.indexVariables false in
   rcases xs with ⟨xs, rfl⟩
   simp
 
+/--
+Variant of `getElem_pop` that will sometimes fire when `getElem_pop` gets stuck because of
+defeq issues in the implicit size argument.
+-/
+@[simp] theorem getElem_pop' (xs : Vector α (n + 1)) (i : Nat) (h : i < n + 1 - 1) :
+    @getElem (Vector α n) Nat α (fun _ i => i < n) instGetElemNatLt xs.pop i h = xs[i] :=
+  getElem_pop h
+
 @[simp] theorem push_pop_back (xs : Vector α (n + 1)) : xs.pop.push xs.back = xs := by
   ext i
   by_cases h : i < n
@@ -2826,6 +2663,11 @@ theorem swap_comm (xs : Vector α n) {i j : Nat} {hi hj} :
   simp only [swap_mk, mk.injEq]
   rw [Array.swap_comm]
 
+/-! ### range -/
+
+@[simp] theorem getElem_range (i : Nat) (hi : i < n) : (Vector.range n)[i] = i := by
+  simp [Vector.range]
+
 /-! ### take -/
 
 @[simp] theorem getElem_take (xs : Vector α n) (j : Nat) (hi : i < min n j) :

src/Init/Data/Vector/Range.lean

@@ -115,9 +115,6 @@ theorem range'_eq_append_iff : range' s (n + m) = xs ++ ys ↔ xs = range' s n
 
 /-! ### range -/
 
-@[simp] theorem getElem_range (i : Nat) (hi : i < n) : (Vector.range n)[i] = i := by
-  simp [Vector.range]
-
 theorem range_eq_range' (n : Nat) : range n = range' 0 n := by
   simp [range, range', Array.range_eq_range']
 

src/Init/Grind/Lemmas.lean

@@ -69,11 +69,6 @@ theorem eq_eq_of_eq_true_right {a b : Prop} (h : b = True) : (a = b) = a := by s
 theorem eq_congr  {α : Sort u} {a₁ b₁ a₂ b₂ : α} (h₁ : a₁ = a₂) (h₂ : b₁ = b₂) : (a₁ = b₁) = (a₂ = b₂) := by simp [*]
 theorem eq_congr' {α : Sort u} {a₁ b₁ a₂ b₂ : α} (h₁ : a₁ = b₂) (h₂ : b₁ = a₂) : (a₁ = b₁) = (a₂ = b₂) := by rw [h₁, h₂, Eq.comm (a := a₂)]
 
-/-! Ne -/
-
-theorem ne_of_ne_of_eq_left {α : Sort u} {a b c : α} (h₁ : a = b) (h₂ : b ≠ c) : a ≠ c := by simp [*]
-theorem ne_of_ne_of_eq_right {α : Sort u} {a b c : α} (h₁ : a = c) (h₂ : b ≠ c) : b ≠ a := by simp [*]
-
 /-! Bool.and -/
 
 theorem Bool.and_eq_of_eq_true_left {a b : Bool} (h : a = true) : (a && b) = b := by simp [h]

src/Init/Grind/Norm.lean

@@ -123,7 +123,6 @@ init_grind_norm
   Nat.add_eq Nat.sub_eq Nat.mul_eq Nat.zero_eq Nat.le_eq
   -- Int
   Int.lt_eq
-  Int.emod_neg Int.ediv_zero Int.emod_zero
   -- GT GE
   ge_eq gt_eq
   -- Int op folding

src/Init/Grind/Tactics.lean

@@ -69,10 +69,6 @@ structure Config where
   verbose : Bool := true
   /-- If `clean` is `true`, `grind` uses `expose_names` and only generates accessible names. -/
   clean : Bool := true
-  /--
-  If `qlia` is `true`, `grind` may generate counterexamples for integer constraints using rational numbers.
-  This approach is cheaper but incomplete. -/
-  qlia : Bool := false
   deriving Inhabited, BEq
 
 end Lean.Grind

src/Init/Omega/Constraint.lean

@@ -111,7 +111,9 @@ def isExact : Constraint → Bool
 
 theorem not_sat_of_isImpossible (h : isImpossible c) {t} : ¬ c.sat t := by
   rcases c with ⟨_ | l, _ | u⟩ <;> simp [isImpossible, sat] at h ⊢
-  exact Int.lt_of_lt_of_le h
+  intro w
+  rw [Int.not_le]
+  exact Int.lt_of_lt_of_le h w
 
 /--
 Scale a constraint by multiplying by an integer.
@@ -137,14 +139,17 @@ theorem scale_sat {c : Constraint} (k) (w : c.sat t) : (scale k c).sat (k * t) :
   · rcases c with ⟨_ | l, _ | u⟩ <;> split <;> rename_i h <;> simp_all [sat, flip, map]
     · replace h := Int.le_of_lt h
       exact Int.mul_le_mul_of_nonneg_left w h
-    · exact Int.mul_le_mul_of_nonpos_left h w
+    · rw [Int.not_lt] at h
+      exact Int.mul_le_mul_of_nonpos_left h w
     · replace h := Int.le_of_lt h
       exact Int.mul_le_mul_of_nonneg_left w h
-    · exact Int.mul_le_mul_of_nonpos_left h w
+    · rw [Int.not_lt] at h
+      exact Int.mul_le_mul_of_nonpos_left h w
     · constructor
       · exact Int.mul_le_mul_of_nonneg_left w.1 (Int.le_of_lt h)
       · exact Int.mul_le_mul_of_nonneg_left w.2 (Int.le_of_lt h)
-    · constructor
+    · replace h := Int.not_lt.mp h
+      constructor
       · exact Int.mul_le_mul_of_nonpos_left h w.2
       · exact Int.mul_le_mul_of_nonpos_left h w.1
 
@@ -176,13 +181,13 @@ theorem combo_sat (a) (w₁ : c₁.sat x₁) (b) (w₂ : c₂.sat x₂) :
 
 /-- The conjunction of two constraints. -/
 def combine (x y : Constraint) : Constraint where
-  lowerBound := Option.merge max x.lowerBound y.lowerBound
-  upperBound := Option.merge min x.upperBound y.upperBound
+  lowerBound := max x.lowerBound y.lowerBound
+  upperBound := min x.upperBound y.upperBound
 
 theorem combine_sat : (c : Constraint) → (c' : Constraint) → (t : Int) →
     (c.combine c').sat t = (c.sat t ∧ c'.sat t) := by
   rintro ⟨_ | l₁, _ | u₁⟩ <;> rintro ⟨_ | l₂, _ | u₂⟩ t
-    <;> simp [sat, LowerBound.sat, UpperBound.sat, combine, Int.le_min, Int.max_le, Option.merge] at *
+    <;> simp [sat, LowerBound.sat, UpperBound.sat, combine, Int.le_min, Int.max_le] at *
   · rw [And.comm]
   · rw [← and_assoc, And.comm (a := l₂ ≤ t), and_assoc]
   · rw [and_assoc]
@@ -205,19 +210,21 @@ theorem div_sat (c : Constraint) (t : Int) (k : Nat) (n : k ≠ 0) (h : (k : Int
   · simp_all [sat, div]
   · simp [sat, div] at w ⊢
     apply Int.le_of_sub_nonneg
-    rw [← Int.sub_ediv_of_dvd _ h, Int.ediv_nonneg_iff_of_pos n]
+    rw [← Int.sub_ediv_of_dvd _ h, ← ge_iff_le, Int.div_nonneg_iff_of_pos n]
     exact Int.sub_nonneg_of_le w
   · simp [sat, div] at w ⊢
     apply Int.le_of_sub_nonneg
-    rw [Int.sub_neg, ← Int.add_ediv_of_dvd_left h, Int.ediv_nonneg_iff_of_pos n]
+    rw [Int.sub_neg, ← Int.add_ediv_of_dvd_left h, ← ge_iff_le,
+      Int.div_nonneg_iff_of_pos n]
     exact Int.sub_nonneg_of_le w
   · simp [sat, div] at w ⊢
     constructor
     · apply Int.le_of_sub_nonneg
-      rw [Int.sub_neg, ← Int.add_ediv_of_dvd_left h, Int.ediv_nonneg_iff_of_pos n]
+      rw [Int.sub_neg, ← Int.add_ediv_of_dvd_left h, ← ge_iff_le,
+        Int.div_nonneg_iff_of_pos n]
       exact Int.sub_nonneg_of_le w.1
     · apply Int.le_of_sub_nonneg
-      rw [← Int.sub_ediv_of_dvd _ h, Int.ediv_nonneg_iff_of_pos n]
+      rw [← Int.sub_ediv_of_dvd _ h, ← ge_iff_le, Int.div_nonneg_iff_of_pos n]
       exact Int.sub_nonneg_of_le w.2
 
 /--

src/Init/Prelude.lean

@@ -1007,7 +1007,7 @@ boolean condition. It can also be written as `bif b then x else y`.
 This is `@[macro_inline]` because `x` and `y` should not
 be eagerly evaluated (see `ite`).
 -/
-@[macro_inline] def cond {α : Sort u} (c : Bool) (x y : α) : α :=
+@[macro_inline] def cond {α : Type u} (c : Bool) (x y : α) : α :=
   match c with
   | true  => x
   | false => y

src/Init/System/IO.lean

@@ -57,11 +57,6 @@ def EIO.catchExceptions (act : EIO ε α) (h : ε → BaseIO α) : BaseIO α :=
   | EStateM.Result.ok a s     => EStateM.Result.ok a s
   | EStateM.Result.error ex s => h ex s
 
-def EIO.ofExcept (e : Except ε α) : EIO ε α :=
-  match e with
-  | Except.ok a    => pure a
-  | Except.error e => throw e
-
 open IO (Error) in
 abbrev IO : Type → Type := EIO Error
 

src/Init/System/IOError.lean

@@ -48,9 +48,7 @@ inductive IO.Error where
 
   | unexpectedEof
   | userError (msg : String)
-
-instance : Inhabited IO.Error where
-  default := .userError "(`Inhabited.default` for `IO.Error`)"
+  deriving Inhabited
 
 @[export lean_mk_io_user_error]
 def IO.userError (s : String) : IO.Error :=

src/Init/System/Promise.lean

@@ -73,12 +73,5 @@ def Promise.result := @Promise.result!
 /--
 Like `Promise.result`, but resolves to `dflt` if the promise is dropped without ever being resolved.
 -/
-@[macro_inline] def Promise.resultD (promise : Promise α) (dflt : α) : Task α :=
+def Promise.resultD (promise : Promise α) (dflt : α): Task α :=
   promise.result?.map (sync := true) (·.getD dflt)
-
-/--
-Checks whether the promise has already been resolved, i.e. whether access to `result*` will return
-immediately.
--/
-def Promise.isResolved (promise : Promise α) : BaseIO Bool :=
-  IO.hasFinished promise.result?

src/Lean/AddDecl.lean

@@ -8,6 +8,12 @@ import Lean.CoreM
 
 namespace Lean
 
+register_builtin_option debug.skipKernelTC : Bool := {
+  defValue := false
+  group    := "debug"
+  descr    := "skip kernel type checker. WARNING: setting this option to true may compromise soundness because your proofs will not be checked by the Lean kernel"
+}
+
 /-- Adds given declaration to the environment, respecting `debug.skipKernelTC`. -/
 def Kernel.Environment.addDecl (env : Environment) (opts : Options) (decl : Declaration)
     (cancelTk? : Option IO.CancelToken := none) : Except Exception Environment :=
@@ -46,9 +52,9 @@ where go env
 def addDecl (decl : Declaration) : CoreM Unit := do
   -- register namespaces for newly added constants; this used to be done by the kernel itself
   -- but that is incompatible with moving it to a separate task
-  -- NOTE: we do not use `getTopLevelNames` here so that inductive types are registered as
-  -- namespaces
   modifyEnv (decl.getNames.foldl registerNamePrefixes)
+  if let .inductDecl _ _ types _ := decl then
+    modifyEnv (types.foldl (registerNamePrefixes · <| ·.name ++ `rec))
 
   if !Elab.async.get (← getOptions) then
     return (← doAdd)
@@ -79,7 +85,7 @@ def addDecl (decl : Declaration) : CoreM Unit := do
   Core.logSnapshotTask { stx? := none, reportingRange? := endRange?, task := t, cancelTk? := cancelTk }
 where doAdd := do
   profileitM Exception "type checking" (← getOptions) do
-    withTraceNode `Kernel (fun _ => return m!"typechecking declarations {decl.getTopLevelNames}") do
+    withTraceNode `Kernel (fun _ => return m!"typechecking declarations {decl.getNames}") do
       if !(← MonadLog.hasErrors) && decl.hasSorry then
         logWarning m!"declaration uses 'sorry'"
       let env ← (← getEnv).addDeclAux (← getOptions) decl (← read).cancelTk?

src/Lean/Attributes.lean

@@ -252,13 +252,6 @@ def registerEnumAttributes (attrDescrs : List (Name × String × α))
       let r : Array (Name × α) := m.fold (fun a n p => a.push (n, p)) #[]
       r.qsort (fun a b => Name.quickLt a.1 b.1)
     statsFn         := fun s => "enumeration attribute extension" ++ Format.line ++ "number of local entries: " ++ format s.size
-    -- We assume (and check below) that, if used asynchronously, enum attributes are set only in the
-    -- same context in which the tagged declaration was created
-    asyncMode       := .async
-    replay?         := some fun _ newState consts st => consts.foldl (init := st) fun st c =>
-      match newState.find? c with
-      | some v => st.insert c v
-      | _      => st
   }
   let attrs := attrDescrs.map fun (name, descr, val) => {
     ref             := ref
@@ -286,16 +279,15 @@ def getValue [Inhabited α] (attr : EnumAttributes α) (env : Environment) (decl
     match (attr.ext.getModuleEntries env modIdx).binSearch (decl, default) (fun a b => Name.quickLt a.1 b.1) with
     | some (_, val) => some val
     | none          => none
-  | none        => (attr.ext.findStateAsync env decl).find? decl
+  | none        => (attr.ext.getState env).find? decl
 
-def setValue (attrs : EnumAttributes α) (env : Environment) (decl : Name) (val : α) : Except String Environment := do
+def setValue (attrs : EnumAttributes α) (env : Environment) (decl : Name) (val : α) : Except String Environment :=
   if (env.getModuleIdxFor? decl).isSome then
-    throw s!"invalid '{attrs.ext.name}'.setValue, declaration is in an imported module"
-  if !env.asyncMayContain decl then
-    throw s!"invalid '{attrs.ext.name}'.setValue, declaration is not from this async context"
-  if ((attrs.ext.findStateAsync env decl).find? decl).isSome then
-    throw s!"invalid '{attrs.ext.name}'.setValue, attribute has already been set"
-  return attrs.ext.addEntry env (decl, val)
+    Except.error ("invalid '" ++ toString attrs.ext.name ++ "'.setValue, declaration is in an imported module")
+  else if ((attrs.ext.getState env).find? decl).isSome then
+    Except.error ("invalid '" ++ toString attrs.ext.name ++ "'.setValue, attribute has already been set")
+  else
+    Except.ok (attrs.ext.addEntry env (decl, val))
 
 end EnumAttributes
 

src/Lean/Compiler/ClosedTermCache.lean

@@ -11,17 +11,10 @@ namespace Lean
 structure ClosedTermCache where
   map        : PHashMap Expr Name := {}
   constNames : NameSet := {}
-  -- used for `replay?` only
-  revExprs   : List Expr := []
   deriving Inhabited
 
 builtin_initialize closedTermCacheExt : EnvExtension ClosedTermCache ←
   registerEnvExtension (pure {}) (asyncMode := .sync)  -- compilation is non-parallel anyway
-    (replay? := some fun oldState newState _ s =>
-      let newExprs := newState.revExprs.take (newState.revExprs.length - oldState.revExprs.length)
-      newExprs.foldl (init := s) fun s e =>
-        let c := newState.map.find! e
-        { s with map := s.map.insert e c, constNames := s.constNames.insert c, revExprs := e :: s.revExprs })
 
 @[export lean_cache_closed_term_name]
 def cacheClosedTermName (env : Environment) (e : Expr) (n : Name) : Environment :=

src/Lean/Compiler/IR/CompilerM.lean

@@ -94,7 +94,6 @@ builtin_initialize declMapExt : SimplePersistentEnvExtension Decl DeclMap ←
     -- share a name prefix with the top-level Lean declaration being compiled, e.g. from
     -- specialization.
     asyncMode     := .sync
-    replay?       := some <| SimplePersistentEnvExtension.replayOfFilter (!·.contains ·.name) (fun s d => s.insert d.name d)
   }
 
 @[export lean_ir_find_env_decl]

src/Lean/Compiler/IR/ElimDeadBranches.lean

@@ -143,7 +143,6 @@ builtin_initialize functionSummariesExt : SimplePersistentEnvExtension (FunId ×
     addEntryFn := fun s ⟨e, n⟩ => s.insert e n
     toArrayFn := fun s => sortEntries s.toArray
     asyncMode := .sync  -- compilation is non-parallel anyway
-    replay? := some <| SimplePersistentEnvExtension.replayOfFilter (!·.contains ·.1) (fun s ⟨e, n⟩ => s.insert e n)
   }
 
 def addFunctionSummary (env : Environment) (fid : FunId) (v : Value) : Environment :=

src/Lean/Compiler/IR/EmitC.lean

@@ -155,7 +155,6 @@ def emitMainFn : M Unit := do
   int main(int argc, char ** argv) {
   #if defined(WIN32) || defined(_WIN32)
   SetErrorMode(SEM_FAILCRITICALERRORS);
-  SetConsoleOutputCP(CP_UTF8);
   #endif
   lean_object* in; lean_object* res;";
     if usesLeanAPI then

src/Lean/Compiler/LCNF/ElimDeadBranches.lean

@@ -514,9 +514,7 @@ def inferStep : InterpM Bool := do
     let currentVal ← getFunVal idx
     withReader (fun ctx => { ctx with currFnIdx := idx }) do
       decl.params.forM fun p => updateVarAssignment p.fvarId .top
-      match decl.value with
-      | .code code .. => interpCode code
-      | .extern .. => updateCurrFnSummary .top
+      decl.value.forCodeM interpCode
     let newVal ← getFunVal idx
     if currentVal != newVal then
       return true

src/Lean/Compiler/LCNF/ReduceArity.lean

@@ -149,10 +149,8 @@ def Decl.reduceArity (decl : Decl) : CompilerM (Array Decl) := do
   match decl.value with
   | .code code =>
     let used ← collectUsedParams decl
-    if used.size == decl.params.size || used.size == 0 then
-      -- Do nothing if all params were used, or if no params were used. In the latter case,
-      -- this would promote the decl to a constant, which could execute unreachable code.
-      return #[decl]
+    if used.size == decl.params.size then
+      return #[decl] -- Declarations uses all parameters
     else
       trace[Compiler.reduceArity] "{decl.name}, used params: {used.toList.map mkFVar}"
       let mask   := decl.params.map fun param => used.contains param.fvarId

src/Lean/Compiler/Specialize.lean

@@ -111,9 +111,6 @@ builtin_initialize specExtension : SimplePersistentEnvExtension SpecEntry SpecSt
     addEntryFn    := SpecState.addEntry,
     addImportedFn := fun es => (mkStateFromImportedEntries SpecState.addEntry {} es).switch
     asyncMode     := .sync  -- compilation is non-parallel anyway
-    replay?       := some <| SimplePersistentEnvExtension.replayOfFilter (fun
-      | s, .info n _ => !s.specInfo.contains n
-      | s, .cache key _ => !s.cache.contains key) SpecState.addEntry
   }
 
 @[export lean_add_specialization_info]

src/Lean/CoreM.lean

@@ -194,7 +194,7 @@ protected def withFreshMacroScope (x : CoreM α) : CoreM α := do
 
 instance : MonadQuotation CoreM where
   getCurrMacroScope   := return (← read).currMacroScope
-  getMainModule       := return (← getEnv).mainModule
+  getMainModule       := return (← get).env.mainModule
   withFreshMacroScope := Core.withFreshMacroScope
 
 instance : Elab.MonadInfoTree CoreM where
@@ -365,16 +365,6 @@ for incremental reporting during elaboration of a single command.
 def getAndEmptyMessageLog : CoreM MessageLog :=
   modifyGet fun s => (s.messages, { s with messages := s.messages.markAllReported })
 
-/--
-Returns the current set of tasks added by `logSnapshotTask` and then resets it. When
-saving/restoring state of an action that may have logged such tasks during incremental reuse, this
-function must be used to store them in the corresponding snapshot tree; otherwise, they will leak
-outside and may be cancelled by a later step, potentially leading to inconsistent state being
-reused.
--/
-def getAndEmptySnapshotTasks : CoreM (Array (Language.SnapshotTask Language.SnapshotTree)) :=
-  modifyGet fun s => (s.snapshotTasks, { s with snapshotTasks := #[] })
-
 instance : MonadLog CoreM where
   getRef      := getRef
   getFileMap  := return (← read).fileMap
@@ -423,26 +413,6 @@ register_builtin_option stderrAsMessages : Bool := {
   descr    := "(server) capture output to the Lean stderr channel (such as from `dbg_trace`) during elaboration of a command as a diagnostic message"
 }
 
-/--
-Creates snapshot reporting given `withIsolatedStreams` output and diagnostics and traces from the
-given state.
--/
-def mkSnapshot (output : String) (ctx : Context) (st : State)
-    (desc : String := by exact decl_name%.toString) : BaseIO Language.SnapshotTree := do
-  let mut msgs := st.messages
-  if !output.isEmpty then
-    msgs := msgs.add {
-      fileName := ctx.fileName
-      severity := MessageSeverity.information
-      pos      := ctx.fileMap.toPosition <| ctx.ref.getPos?.getD 0
-      data     := output
-    }
-  return .mk {
-    desc
-    diagnostics := (← Language.Snapshot.Diagnostics.ofMessageLog msgs)
-    traces := st.traceState
-  } st.snapshotTasks
-
 open Language in
 /--
 Wraps the given action for use in `BaseIO.asTask` etc., discarding its final state except for
@@ -473,7 +443,20 @@ def wrapAsyncAsSnapshot (act : Unit → CoreM Unit) (cancelTk? : Option IO.Cance
   let ctx ← readThe Core.Context
   return do
     match (← t.toBaseIO) with
-    | .ok (output, st) => mkSnapshot output ctx st desc
+    | .ok (output, st) =>
+      let mut msgs := st.messages
+      if !output.isEmpty then
+        msgs := msgs.add {
+          fileName := ctx.fileName
+          severity := MessageSeverity.information
+          pos      := ctx.fileMap.toPosition <| ctx.ref.getPos?.getD 0
+          data     := output
+        }
+      return .mk {
+        desc
+        diagnostics := (← Language.Snapshot.Diagnostics.ofMessageLog msgs)
+        traces := st.traceState
+      } st.snapshotTasks
     -- interrupt or abort exception as `try catch` above should have caught any others
     | .error _ => default
 
@@ -545,9 +528,7 @@ opaque compileDeclsOld (env : Environment) (opt : @& Options) (decls : @& List N
 -- `ref?` is used for error reporting if available
 partial def compileDecls (decls : List Name) (ref? : Option Declaration := none)
     (logErrors := true) : CoreM Unit := do
-  -- When inside `realizeConst`, do compilation synchronously so that `_cstage*` constants are found
-  -- by the replay code
-  if !Elab.async.get (← getOptions) || (← getEnv).isRealizing then
+  if !Elab.async.get (← getOptions) then
     doCompile
     return
   let env ← getEnv
@@ -665,11 +646,6 @@ def logMessageKind (kind : Name) : CoreM Bool := do
     modify fun s => { s with messages.loggedKinds := s.messages.loggedKinds.insert kind }
     return true
 
-@[inherit_doc Environment.enableRealizationsForConst]
-def enableRealizationsForConst (n : Name) : CoreM Unit := do
-  let env ← (← getEnv).enableRealizationsForConst (← getOptions) n
-  setEnv env
-
 builtin_initialize
   registerTraceClass `Elab.async
   registerTraceClass `Elab.block

src/Lean/Declaration.lean

@@ -194,22 +194,8 @@ def Declaration.definitionVal! : Declaration → DefinitionVal
   | _ => panic! "Expected a `Declaration.defnDecl`."
 
 /--
-Returns all top-level names to be defined by adding this declaration to the environment, i.e.
-excluding nested helper declarations generated automatically.
--/
-def Declaration.getTopLevelNames : Declaration → List Name
-  | .axiomDecl val          => [val.name]
-  | .defnDecl val           => [val.name]
-  | .thmDecl val            => [val.name]
-  | .opaqueDecl val         => [val.name]
-  | .quotDecl               => [``Quot]
-  | .mutualDefnDecl defns   => defns.map (·.name)
-  | .inductDecl _ _ types _ => types.map (·.name)
-
-/--
-Returns all names to be defined by adding this declaration to the environment. This does not include
-auxiliary definitions such as projections added by the elaborator, nor auxiliary recursors computed
-by the kernel for nested inductive types.
+Returns all top-level names to be defined by adding this declaration to the environment. This does
+not include auxiliary definitions such as projections.
 -/
 def Declaration.getNames : Declaration → List Name
   | .axiomDecl val          => [val.name]
@@ -218,7 +204,7 @@ def Declaration.getNames : Declaration → List Name
   | .opaqueDecl val         => [val.name]
   | .quotDecl               => [``Quot, ``Quot.mk, ``Quot.lift, ``Quot.ind]
   | .mutualDefnDecl defns   => defns.map (·.name)
-  | .inductDecl _ _ types _ => types.flatMap fun t => t.name :: (t.name.appendCore `rec) :: t.ctors.map (·.name)
+  | .inductDecl _ _ types _ => types.map (·.name)
 
 @[specialize] def Declaration.foldExprM {α} {m : Type → Type} [Monad m] (d : Declaration) (f : α → Expr → m α) (a : α) : m α :=
   match d with

src/Lean/Elab/App.lean

@@ -1215,7 +1215,7 @@ private def resolveLValAux (e : Expr) (eType : Expr) (lval : LVal) : TermElabM L
     let fullName := Name.mkStr structName fieldName
     for localDecl in (← getLCtx) do
       if localDecl.isAuxDecl then
-        if let some localDeclFullName := (← getLCtx).auxDeclToFullName.find? localDecl.fvarId then
+        if let some localDeclFullName := (← read).auxDeclToFullName.find? localDecl.fvarId then
           if fullName == (privateToUserName? localDeclFullName).getD localDeclFullName then
             /- LVal notation is being used to make a "local" recursive call. -/
             return LValResolution.localRec structName fullName localDecl.toExpr

src/Lean/Elab/BuiltinNotation.lean

@@ -201,27 +201,12 @@ private def elabTParserMacroAux (prec lhsPrec e : Term) : TermElabM Syntax := do
 
 @[builtin_macro Lean.Parser.Term.assert]  def expandAssert : Macro
   | `(assert! $cond; $body) =>
+    -- TODO: support for disabling runtime assertions
     match cond.raw.reprint with
     | some code => `(if $cond then $body else panic! ("assertion violation: " ++ $(quote code)))
     | none => `(if $cond then $body else panic! ("assertion violation"))
   | _ => Macro.throwUnsupported
 
-register_builtin_option debugAssertions : Bool := {
-  defValue := false
-  descr := "enable `debug_assert!` statements\
-    \n\
-    \nDefaults to `false` unless the Lake `buildType` is `debug`."
-}
-
-@[builtin_term_elab Lean.Parser.Term.debugAssert]  def elabDebugAssert : TermElab :=
-  adaptExpander fun
-    | `(Parser.Term.debugAssert| debug_assert! $cond; $body) => do
-      if debugAssertions.get (← getOptions) then
-        `(assert! $cond; $body)
-      else
-        return body
-    | _ => throwUnsupportedSyntax
-
 @[builtin_macro Lean.Parser.Term.dbgTrace]  def expandDbgTrace : Macro
   | `(dbg_trace $arg:interpolatedStr; $body) => `(dbgTrace (s! $arg) fun _ => $body)
   | `(dbg_trace $arg:term; $body)            => `(dbgTrace (toString $arg) fun _ => $body)

src/Lean/Elab/Command.lean

@@ -491,8 +491,6 @@ partial def elabCommand (stx : Syntax) : CommandElabM Unit := do
                   -- check absence of traces; see Note [Incremental Macros]
                   guard <| !oldSnap.hasTraces && !hasTraces
                   return oldSnap
-                if snap.old?.isSome && oldSnap?.isNone then
-                  snap.old?.forM (·.val.cancelRec)
                 let oldCmds? := oldSnap?.map fun old =>
                   if old.newStx.isOfKind nullKind then old.newStx.getArgs else #[old.newStx]
                 let cmdPromises ← cmds.mapM fun _ => IO.Promise.new
@@ -521,8 +519,6 @@ partial def elabCommand (stx : Syntax) : CommandElabM Unit := do
                       let old ← oldSnap?
                       return { stx := (← oldCmd?), val := (← old.next[i]?) }
                   } }) do
-                    if oldSnap?.isSome && (← read).snap?.isNone then
-                      oldSnap?.bind (·.next[i]?) |>.forM (·.cancelRec)
                     elabCommand cmd
                     -- Resolve promise for commands not supporting incrementality; waiting for
                     -- `withAlwaysResolvedPromises` to do this could block reporting by later

src/Lean/Elab/DefView.lean

@@ -49,11 +49,9 @@ structure BodyProcessedSnapshot extends Language.Snapshot where
   state : Term.SavedState
   /-- Elaboration result. -/
   value : Expr
-  /-- Untyped snapshots from `logSnapshotTask`, saved at this level for cancellation. -/
-  moreSnaps : Array (SnapshotTask SnapshotTree)
 deriving Nonempty
 instance : Language.ToSnapshotTree BodyProcessedSnapshot where
-  toSnapshotTree s := ⟨s.toSnapshot, s.moreSnaps⟩
+  toSnapshotTree s := ⟨s.toSnapshot, #[]⟩
 
 /-- Snapshot after elaboration of a definition header. -/
 structure HeaderProcessedSnapshot extends Language.Snapshot where
@@ -69,15 +67,13 @@ structure HeaderProcessedSnapshot extends Language.Snapshot where
   bodyStx : Syntax
   /-- Result of body elaboration. -/
   bodySnap : SnapshotTask (Option BodyProcessedSnapshot)
-  /-- Untyped snapshots from `logSnapshotTask`, saved at this level for cancellation. -/
-  moreSnaps : Array (SnapshotTask SnapshotTree)
 deriving Nonempty
 instance : Language.ToSnapshotTree HeaderProcessedSnapshot where
   toSnapshotTree s := ⟨s.toSnapshot,
     (match s.tacSnap? with
       | some tac => #[tac.map (sync := true) toSnapshotTree]
       | none     => #[]) ++
-    #[s.bodySnap.map (sync := true) toSnapshotTree] ++ s.moreSnaps⟩
+    #[s.bodySnap.map (sync := true) toSnapshotTree]⟩
 
 /-- State before elaboration of a mutual definition. -/
 structure DefParsed where

src/Lean/Elab/Deriving/DecEq.lean

@@ -134,7 +134,7 @@ partial def mkEnumOfNat (declName : Name) : MetaM Unit := do
   let enumType := mkConst declName
   let ctors := indVal.ctors.toArray
   withLocalDeclD `n (mkConst ``Nat) fun n => do
-    let cond := mkConst ``cond [1]
+    let cond := mkConst ``cond [levelZero]
     let rec mkDecTree (low high : Nat) : Expr :=
       if low + 1 == high then
         mkConst ctors[low]!

src/Lean/Elab/Do.lean

@@ -1036,9 +1036,6 @@ def seqToTerm (action : Syntax) (k : Syntax) : M Syntax := withRef action <| wit
   else if action.getKind == ``Parser.Term.doAssert then
     let cond := action[1]
     `(assert! $cond; $k)
-  else if action.getKind == ``Parser.Term.doDebugAssert then
-    let cond := action[1]
-    `(debugAssert| debug_assert! $cond; $k)
   else
     let action ← withRef action ``(($action : $((←read).m) PUnit))
     ``(Bind.bind $action (fun (_ : PUnit) => $k))
@@ -1768,8 +1765,6 @@ mutual
             return mkSeq doElem (← doSeqToCode doElems)
           else if k == ``Parser.Term.doAssert then
             return mkSeq doElem (← doSeqToCode doElems)
-          else if k == ``Parser.Term.doDebugAssert then
-            return mkSeq doElem (← doSeqToCode doElems)
           else if k == ``Parser.Term.doNested then
             let nestedDoSeq := doElem[1]
             doSeqToCode (getDoSeqElems nestedDoSeq ++ doElems)

src/Lean/Elab/MutualDef.lean

@@ -166,8 +166,6 @@ private def elabHeaders (views : Array DefView)
             view.value.eqWithInfoAndTraceReuse (← getOptions) old.bodyStx
           -- no syntax guard to store, we already did the necessary checks
           oldBodySnap? := guard reuseBody *> pure ⟨.missing, old.bodySnap⟩
-          if oldBodySnap?.isNone then
-            old.bodySnap.cancelRec
           oldTacSnap? := do
               guard reuseTac
               some ⟨(← old.tacStx?), (← old.tacSnap?)⟩
@@ -231,7 +229,6 @@ private def elabHeaders (views : Array DefView)
         snap.new.resolve <| some {
           diagnostics :=
             (← Language.Snapshot.Diagnostics.ofMessageLog (← Core.getAndEmptyMessageLog))
-          moreSnaps := (← Core.getAndEmptySnapshotTasks)
           view := newHeader.toDefViewElabHeaderData
           state := newState
           tacStx?
@@ -431,10 +428,6 @@ private def elabFunValues (headers : Array DefViewElabHeader) (vars : Array Expr
         if let some old := old.val.get then
           snap.new.resolve <| some old
           reusableResult? := some (old.value, old.state)
-        else
-          -- NOTE: this will eagerly cancel async tasks not associated with an inner snapshot, most
-          -- importantly kernel checking and compilation of the top-level declaration
-          old.val.cancelRec
 
     let (val, state) ← withRestoreOrSaveFull reusableResult? header.tacSnap? do
       withReuseContext header.value do
@@ -486,7 +479,6 @@ private def elabFunValues (headers : Array DefViewElabHeader) (vars : Array Expr
       snap.new.resolve <| some {
         diagnostics :=
           (← Language.Snapshot.Diagnostics.ofMessageLog (← Core.getAndEmptyMessageLog))
-        moreSnaps := (← Core.getAndEmptySnapshotTasks)
         state
         value := val
       }
@@ -1102,8 +1094,6 @@ def elabMutualDef (ds : Array Syntax) : CommandElabM Unit := do
           return ⟨.missing, oldParsed.headerProcessedSnap⟩
         new := headerPromise
       } }
-      if snap.old?.isSome && (view.headerSnap?.bind (·.old?)).isNone then
-        snap.old?.forM (·.val.cancelRec)
       defs := defs.push {
         fullHeaderRef
         headerProcessedSnap := { stx? := d, task := headerPromise.resultD default }

src/Lean/Elab/MutualInductive.lean

@@ -336,7 +336,7 @@ private def withInductiveLocalDecls (rs : Array PreElabHeaderResult) (x : Array
     let rec loop (i : Nat) (indFVars : Array Expr) := do
       if h : i < namesAndTypes.size then
         let (declName, shortDeclName, type) := namesAndTypes[i]
-        withAuxDecl shortDeclName type declName fun indFVar => loop (i+1) (indFVars.push indFVar)
+        Term.withAuxDecl shortDeclName type declName fun indFVar => loop (i+1) (indFVars.push indFVar)
       else
         x params indFVars
     loop 0 #[]
@@ -910,24 +910,6 @@ private def mkInductiveDecl (vars : Array Expr) (elabs : Array InductiveElabStep
           let decl := Declaration.inductDecl levelParams numParams indTypes isUnsafe
           Term.ensureNoUnassignedMVars decl
           addDecl decl
-
-          -- For nested inductive types, the kernel adds a variable number of auxiliary recursors.
-          -- Let the elaborator know about them as well. (Other auxiliaries have already been
-          -- registered by `addDecl` via `Declaration.getNames`.)
-          -- NOTE: If we want to make inductive elaboration parallel, this should switch to using
-          -- reserved names.
-          for indType in indTypes do
-            let mut i := 1
-            while true do
-              let auxRecName := indType.name ++ `rec |>.appendIndexAfter i
-              let env ← getEnv
-              let some const := env.toKernelEnv.find? auxRecName | break
-              let res ← env.addConstAsync auxRecName .recursor
-              res.commitConst res.asyncEnv (info? := const)
-              res.commitCheckEnv res.asyncEnv
-              setEnv res.mainEnv
-              i := i + 1
-
           let replaceIndFVars (e : Expr) : MetaM Expr := do
             let indFVar2Const := mkIndFVar2Const views indFVars levelParams
             return (← instantiateMVars e).replace fun e' =>
@@ -949,7 +931,6 @@ private def mkInductiveDecl (vars : Array Expr) (elabs : Array InductiveElabStep
         for ctor in view.ctors do
           if (ctor.declId.getPos? (canonicalOnly := true)).isSome then
             Term.addTermInfo' ctor.declId (← mkConstWithLevelParams ctor.declName) (isBinder := true)
-            enableRealizationsForConst ctor.declName
     return res
 
 private def mkAuxConstructions (declNames : Array Name) : TermElabM Unit := do
@@ -979,8 +960,6 @@ private def elabInductiveViews (vars : Array Expr) (elabs : Array InductiveElabS
       IndPredBelow.mkBelow view0.declName
       for e in elabs do
         mkInjectiveTheorems e.view.declName
-    for e in elabs do
-      enableRealizationsForConst e.view.declName
     return res
 
 /-- Ensures that there are no conflicts among or between the type and constructor names defined in `elabs`. -/

src/Lean/Elab/PreDefinition/Basic.lean

@@ -161,7 +161,6 @@ private def addNonRecAux (preDef : PreDefinition) (compile : Bool) (all : List N
     if compile && shouldGenCodeFor preDef then
       compileDecl decl
     if applyAttrAfterCompilation then
-      enableRealizationsForConst preDef.declName
       generateEagerEqns preDef.declName
       applyAttributesOf #[preDef] AttributeApplicationTime.afterCompilation
 

src/Lean/Elab/PreDefinition/EqUnfold.lean

@@ -22,36 +22,32 @@ Returns the "const unfold" theorem (`f.eq_unfold`) for the given declaration.
 This is not extensible, and always builds on the unfold theorem (`f.eq_def`).
 -/
 def getConstUnfoldEqnFor? (declName : Name) : MetaM (Option Name) := do
-  if (← getUnfoldEqnFor? (nonRec := true) declName).isNone then
-    return none
+  let some unfoldEqnName ← getUnfoldEqnFor? (nonRec := true) declName | return none
+  let info ← getConstInfo unfoldEqnName
+  let type ← forallTelescope info.type fun xs eq => do
+    let some (_, lhs, rhs) := eq.eq? | throwError "Unexpected unfold theorem type {info.type}"
+    unless lhs.getAppFn.isConstOf declName do
+     throwError "Unexpected unfold theorem type {info.type}"
+    unless lhs.getAppArgs == xs do
+     throwError "Unexpected unfold theorem type {info.type}"
+    let type ← mkEq lhs.getAppFn (← mkLambdaFVars xs rhs)
+    return type
+  let value ← withNewMCtxDepth do
+    let main ← mkFreshExprSyntheticOpaqueMVar type
+    if (← tryURefl main.mvarId!) then -- try to make a rfl lemma if possible
+      instantiateMVars main
+    else forallTelescope info.type fun xs _eq => do
+      let mut proof ← mkConstWithLevelParams unfoldEqnName
+      proof := mkAppN proof xs
+      for x in xs.reverse do
+        proof ← mkLambdaFVars #[x] proof
+        proof ← mkAppM ``funext #[proof]
+      return proof
   let name := .str declName eqUnfoldThmSuffix
-  realizeConst declName name do
-    -- we have to call `getUnfoldEqnFor?` again to make `unfoldEqnName` available in this context
-    let some unfoldEqnName ← getUnfoldEqnFor? (nonRec := true) declName | unreachable!
-    let info ← getConstInfo unfoldEqnName
-    let type ← forallTelescope info.type fun xs eq => do
-      let some (_, lhs, rhs) := eq.eq? | throwError "Unexpected unfold theorem type {info.type}"
-      unless lhs.getAppFn.isConstOf declName do
-        throwError "Unexpected unfold theorem type {info.type}"
-      unless lhs.getAppArgs == xs do
-        throwError "Unexpected unfold theorem type {info.type}"
-      let type ← mkEq lhs.getAppFn (← mkLambdaFVars xs rhs)
-      return type
-    let value ← withNewMCtxDepth do
-      let main ← mkFreshExprSyntheticOpaqueMVar type
-      if (← tryURefl main.mvarId!) then -- try to make a rfl lemma if possible
-        instantiateMVars main
-      else forallTelescope info.type fun xs _eq => do
-        let mut proof ← mkConstWithLevelParams unfoldEqnName
-        proof := mkAppN proof xs
-        for x in xs.reverse do
-          proof ← mkLambdaFVars #[x] proof
-          proof ← mkAppM ``funext #[proof]
-        return proof
-    addDecl <| Declaration.thmDecl {
-      name, type, value
-      levelParams := info.levelParams
-    }
+  addDecl <| Declaration.thmDecl {
+    name, type, value
+    levelParams := info.levelParams
+  }
   return some name
 
 

src/Lean/Elab/PreDefinition/Eqns.lean

@@ -416,18 +416,13 @@ def mkEqns (declName : Name) (declNames : Array Name) (tryRefl := true): MetaM (
     trace[Elab.definition.eqns] "eqnType[{i}]: {eqnTypes[i]}"
     let name := (Name.str declName eqnThmSuffixBase).appendIndexAfter (i+1)
     thmNames := thmNames.push name
-    -- determinism: `type` should be independent of the environment changes since `baseName` was
-    -- added
-    realizeConst declName name (doRealize name info type)
-  return thmNames
-where
-  doRealize name info type := withOptions (tactic.hygienic.set · false) do
     let value ← mkEqnProof declName type tryRefl
     let (type, value) ← removeUnusedEqnHypotheses type value
     addDecl <| Declaration.thmDecl {
       name, type, value
       levelParams := info.levelParams
     }
+  return thmNames
 
 /--
   Auxiliary method for `mkUnfoldEq`. The structure is based on `mkEqnTypes`.
@@ -470,12 +465,9 @@ partial def mkUnfoldProof (declName : Name) (mvarId : MVarId) : MetaM Unit := do
   go mvarId
 
 /-- Generate the "unfold" lemma for `declName`. -/
-def mkUnfoldEq (declName : Name) (info : EqnInfoCore) : MetaM Name := do
-  let name := Name.str declName unfoldThmSuffix
-  realizeConst declName name (doRealize name)
-  return name
-where
-  doRealize name := withOptions (tactic.hygienic.set · false) do
+def mkUnfoldEq (declName : Name) (info : EqnInfoCore) : MetaM Name := withLCtx {} {} do
+  withOptions (tactic.hygienic.set · false) do
+    let baseName := declName
     lambdaTelescope info.value fun xs body => do
       let us := info.levelParams.map mkLevelParam
       let type ← mkEq (mkAppN (Lean.mkConst declName us) xs) body
@@ -483,10 +475,12 @@ where
       mkUnfoldProof declName goal.mvarId!
       let type ← mkForallFVars xs type
       let value ← mkLambdaFVars xs (← instantiateMVars goal)
+      let name := Name.str baseName unfoldThmSuffix
       addDecl <| Declaration.thmDecl {
         name, type, value
         levelParams := info.levelParams
       }
+      return name
 
 def getUnfoldFor? (declName : Name) (getInfo? : Unit → Option EqnInfoCore) : MetaM (Option Name) := do
   if let some info := getInfo? () then

src/Lean/Elab/PreDefinition/FixedParams.lean

@@ -1,496 +0,0 @@
-/-
-Copyright (c) 2025 Lean FRO, LLC. All rights reserved.
-Released under Apache 2.0 license as described in the file LICENSE.
-Authors: Joachim Breitner
--/
-
-prelude
-import Lean.Elab.PreDefinition.Basic
-
-/-!
-This module contains the logic for figuring out, given mutually recursive predefinitions,
-which parameters are “fixed”. This used to be a simple task when we only considered a fixed prefix,
-but becomes a quite involved task if we allow fixed parameters also later in the parameter list,
-and possibly in a different order in different modules.
-
-The main components of this module are
-
- * The pure `Info` data type for the bookkeeping during analysis
- * The `FixedParamPerm` type, with the analysis result for one function
-   (effectively a mask and a permutation)
- * The `FixedParamPerms` data type, with the data for a whole recursive group.
- * The `getFixedParamPerms` function that calculates the fixed parameters
- * Various `MetaM` functions for bringing into scope fixed and varying paramters, assembling
-   argument lists etc.
-
--/
-
-namespace Lean.Elab.FixedParams
-
-
-/--
-To determine which parameters in mutually recursive predefinitions are fixed, and how they
-correspond to each other, we run an analysis that aggregates information in the `Info` data type.
-
-Abstractly, this represents
-* a set `varying` of `(funIdx × paramIdx)` pairs known to be varying, initially empty
-* a directed graph whose nodes are `(funIdx × paramIdx)` pairs, initially empty
-
-We find the largest set and graph that satisfies these rules:
-* Every parameter has to be related to itself: `(funIdx, paramIdx) → (funIdx, paramIdx)`.
-* whenever the function with index `caller` calls `callee` and the `argIdx`'s argument is reducibly
-  defeq to `paramIdx`, then we have an edge `(caller, paramIdx) → (callee, argIdx)`.
-* whenever the function with index `caller` calls `callee` and the `argIdx`'s argument is not reducibly
-  defeq to any of the `caller`'s parameters, then `(callee, argIdx) ∈ varying`.
-* If we have `(caller, paramIdx₁) → (callee, argIdx)` and `(caller, paramIdx₂) → (callee, argIdx)`
-  with `paramIdx₁ ≠ paramIdx₂`, then `(callee, argIdx) ∈ varying`.
-* The graph is transitive
-* If we have `(caller, paramIdx) → (callee, argIdx)` and `(caller, paramIdx) ∈ varying`, then
-  `(callee, argIdx) ∈ varying`
-* If the type of `funIdx`’s parameter `paramIdx₂ depends on the `paramIdx₁` and
-  `(funIdx, paramIdx₁) ∈ varying`, then `(funIdx, paramIdx₁) ∈ varying`
-* For structural recursion: The target and all its indices are `varying`.
-  (This is taking into account post-hoc, using `FixedParamPerms.erase`)
-
-Under the assumption that the predefintions indeed are mutually recursive, then the resulting graph,
-restricted to the non-`varying` nodes, should partition into cliques that have one member from each
-function. Every such clique becomes a fixed parameter.
-
--/
-structure Info where
-  /-
-  The concrete data structure for set and graph exploits some of the invariants:
-  * Once we know a parameter is varying, it's incoming edges are irrelevant.
-  * There can be at most one incoming edge
-
-  So we have
-
-  * `graph[callee][argIdx] = none`: `(callee, argIdx) ∈ varying`
-  * `graph[callee][argIdx] = some a`:
-    * `(callee, argIdx) ∉ varying` (yet) and
-    * `a[callerIdx] = none`: we have no edge to `(callee, argIdx)`
-    * `a[callerIdx] = some paramIdx`: we have edge `(callerIdx, paramIdx) → (callee, argIdx)`
-  -/
-  graph : Array (Array (Option (Array (Option Nat))))
-  /--
-  The dependency structure of the function parameter.
-  If `paramIdx₂ ∈ revDeps[funIdx][paraIdx₁]`, then the type of `paramIdx₂` depends on `parmaIdx₁`
-  -/
-  revDeps : Array (Array (Array Nat))
-
-
-def Info.init (revDeps : Array (Array (Array Nat))) : Info where
-  graph := revDeps.map fun deps =>
-    mkArray deps.size (some (mkArray revDeps.size none))
-  revDeps
-
-def Info.addSelfCalls (info : Info) : Info :=
-  { info with graph := info.graph.mapIdx fun funIdx paramInfos =>
-    paramInfos.mapIdx fun paramIdx paramInfo? =>
-      paramInfo?.map fun callers =>
-        callers.set! funIdx (some paramIdx) }
-
-/--
-Is this parameter still plausibly a fixed parameter?
--/
-def Info.mayBeFixed (callerIdx paramIdx : Nat) (info : Info) : Bool :=
-  info.graph[callerIdx]![paramIdx]!.isSome
-
-/--
-This parameter is varying. Set and propagate that information.
--/
-partial def Info.setVarying (funIdx paramIdx : Nat) (info : Info) : Info := Id.run do
-  let mut info : Info := info
-  if info.mayBeFixed funIdx paramIdx then
-    -- Set this as varying
-    info := { info with graph := info.graph.modify funIdx (·.set! paramIdx none) }
-    -- Propagate along edges for already observed calls
-    for otherFunIdx in [:info.graph.size] do
-      for otherParamIdx in [:info.graph[otherFunIdx]!.size] do
-        if let some otherParamInfo := info.graph[otherFunIdx]![otherParamIdx]! then
-          if otherParamInfo[funIdx]! = some paramIdx then
-            info := Info.setVarying otherFunIdx otherParamIdx info
-    -- Propagate along type dependencies edges
-    for dependingParam in info.revDeps[funIdx]![paramIdx]! do
-      info := Info.setVarying funIdx dependingParam info
-  info
-
-def Info.getCallerParam? (calleeIdx argIdx callerIdx : Nat) (info : Info) : Option Nat :=
-  info.graph[calleeIdx]![argIdx]!.bind (·[callerIdx]!)
-
-/--
-We observe a possibly valid edge.
--/
-partial def Info.setCallerParam (calleeIdx argIdx callerIdx paramIdx : Nat) (info : Info) : Info :=
-  if info.mayBeFixed calleeIdx argIdx then
-    if info.mayBeFixed callerIdx paramIdx then
-      if let some paramIdx' := info.getCallerParam? calleeIdx argIdx callerIdx then
-      -- We already have an etry
-      if paramIdx = paramIdx' then
-        -- all good
-        info
-      else
-        -- Inconsistent information
-        info.setVarying calleeIdx argIdx
-    else
-      -- Set the new entry
-      let info := { info with graph := info.graph.modify calleeIdx (·.modify argIdx (·.map (·.set! callerIdx (some paramIdx)))) }
-      Id.run do
-        -- Propagate information about the caller
-        let mut info : Info := info
-        if let some callerParamInfo := info.graph[callerIdx]![paramIdx]! then
-          for h : otherFunIdx in [:callerParamInfo.size] do
-            if let some otherParamIdx := callerParamInfo[otherFunIdx] then
-              info := info.setCallerParam calleeIdx argIdx otherFunIdx otherParamIdx
-        -- Propagate information about the callee
-        for otherFunIdx in [:info.graph.size] do
-          for otherArgIdx in [:info.graph[otherFunIdx]!.size] do
-            if let some otherArgsInfo := info.graph[otherFunIdx]![otherArgIdx]! then
-              if let some paramIdx' := otherArgsInfo[calleeIdx]! then
-                if paramIdx' = argIdx then
-                  info := info.setCallerParam otherFunIdx otherArgIdx callerIdx paramIdx
-
-        return info
-    else
-      -- Param not fixed, so argument isn't either
-      info.setVarying calleeIdx argIdx
-  else
-    info
-
-def Info.format (info : Info) : Format := Format.line.joinSep <|
-  info.graph.toList.map fun paramInfos =>
-    (f!"• " ++ ·) <| f!" ".joinSep <| paramInfos.toList.map fun
-      | .none => f!"❌"
-      | .some callerInfos => .sbracket <| f!" ".joinSep <| callerInfos.toList.map fun
-        | Option.none => f!"?"
-        | .some idx => f!"#{idx+1}"
-
-
-instance : ToFormat Info := ⟨Info.format⟩
-
-end FixedParams
-
-open Lean Meta FixedParams
-
-def getParamRevDeps (preDefs : Array PreDefinition) : MetaM (Array (Array (Array Nat))) := do
-  preDefs.mapM fun preDef =>
-    lambdaTelescope preDef.value (cleanupAnnotations := true) fun xs _ => do
-      let mut revDeps := #[]
-      for h : i in [:xs.size] do
-        let mut deps := #[]
-        for h : j in [i+1:xs.size] do
-          if (← dependsOn (← inferType xs[j]) xs[i].fvarId!) then
-            deps := deps.push j
-        revDeps := revDeps.push deps
-      pure revDeps
-
-def getFixedParamsInfo (preDefs : Array PreDefinition) : MetaM FixedParams.Info := do
-  let revDeps ← getParamRevDeps preDefs
-  let arities := revDeps.map (·.size)
-  let ref ← IO.mkRef (Info.init revDeps)
-
-  ref.modify .addSelfCalls
-
-  for h : callerIdx in [:preDefs.size] do
-    let preDef := preDefs[callerIdx]
-    lambdaTelescope preDef.value fun params body => do
-      assert! params.size = arities[callerIdx]!
-
-      -- TODO: transform is overkill, a simple visit-all-subexpression that takes applications
-      -- as whole suffices
-      discard <| Meta.transform (skipConstInApp := true) body fun e => e.withApp fun f args => do
-        unless f.isConst do
-          return .continue
-        let n := f.constName!
-        let some calleeIdx := preDefs.findIdx? (·.declName = n) | return .continue
-        for argIdx in [:arities[calleeIdx]!] do
-          if (← ref.get).mayBeFixed calleeIdx argIdx then
-            if h : argIdx < args.size then
-              let arg := args[argIdx]
-              -- We have seen this before (or it is a self-call), so only check that one param
-              if let some paramIdx := (← ref.get).getCallerParam? calleeIdx argIdx callerIdx then
-                let param := params[paramIdx]!
-                unless (← withoutProofIrrelevance <| withReducible <| isDefEq param arg) do
-                  trace[Elab.definition.fixedParams] "getFixedParams: notFixed {calleeIdx} {argIdx}:\nIn {e}\n{param} =/= {arg}"
-                  ref.modify (Info.setVarying calleeIdx argIdx)
-              else
-              -- Try all parameters
-              let mut any := false
-              for h : paramIdx in [:params.size] do
-                if (← ref.get).mayBeFixed callerIdx paramIdx then
-                  let param := params[paramIdx]
-                  if (← withoutProofIrrelevance <| withReducible <| isDefEq param arg) then
-                    ref.modify (Info.setCallerParam calleeIdx argIdx callerIdx paramIdx)
-                    any := true
-              unless any do
-                trace[Elab.definition.fixedParams] "getFixedParams: notFixed {calleeIdx} {argIdx}:\nIn {e}\n{arg} not matched"
-                -- Argument is none of the plausible parameters, so it cannot be a fixed argument
-                ref.modify (Info.setVarying calleeIdx argIdx)
-            else
-              -- Underapplication
-              trace[Elab.definition.fixedParams] "getFixedParams: notFixed {calleeIdx} {argIdx}:\nIn {e}\ntoo few arguments for {argIdx}"
-              ref.modify (Info.setVarying calleeIdx argIdx)
-        return .continue
-
-  let info ← ref.get
-  trace[Elab.definition.fixedParams] "getFixedParams:{info.format.indentD}"
-  return info
-
-/--
-For a given function, a mapping from its parameters to the (indices of the) fixed parameters of the
-recursive group.
-The length of the array is the arity of the function, as determined from its body, consistent
-with the arity used by well-founded recursion.
-For the first function, they appear in order; for other functions they may be reordered.
--/
-abbrev FixedParamPerm := Array (Option Nat)
-
-/--
-This data structure stores the result of the fixed parameter analysis. See `FixedParams.Info` for
-details on the analysis.
--/
-structure FixedParamPerms where
-  /-- Number of fixed parameters -/
-  numFixed : Nat
-  /--
-  For each function in the clique, a mapping from its parameters to the fixed parameters.
-  For the first function, they appear in order; for other functions they may be reordered.
-   -/
-  perms : Array FixedParamPerm
-  /--
-  The dependencies among the parameters. See `FixedParams.Info.revDeps`.
-  We need this for the `FixedParamsPerm.erase` operation.
-  -/
-  revDeps : Array (Array (Array Nat))
-deriving Inhabited, Repr
-
-def getFixedParamPerms (preDefs : Array PreDefinition) : MetaM FixedParamPerms := do
-  let info ← getFixedParamsInfo preDefs
-  lambdaTelescope preDefs[0]!.value fun xs _ => do
-    let paramInfos := info.graph[0]!
-    assert! xs.size = paramInfos.size
-
-    let mut firstPerm := #[]
-    let mut numFixed := 0
-    for paramIdx in [:xs.size], x in xs, paramInfo? in paramInfos do
-      if let some paramInfo := paramInfo? then
-        assert! paramInfo[0]! = some paramIdx
-        firstPerm := firstPerm.push (some numFixed)
-        numFixed := numFixed + 1
-      else
-        firstPerm := firstPerm.push none
-
-    let mut perms := #[firstPerm]
-    for h : funIdx in [1:info.graph.size] do
-      let paramInfos := info.graph[funIdx]
-      let mut perm := #[]
-      for paramInfo? in paramInfos do
-        if let some paramInfo := paramInfo? then
-          if let some firstParamIdx := paramInfo[0]! then
-            assert! firstPerm[firstParamIdx]!.isSome
-            perm := perm.push firstPerm[firstParamIdx]!
-          else
-            panic! "Incomplete paramInfo"
-        else
-          perm := perm.push none
-      perms := perms.push perm
-
-    return { numFixed, perms, revDeps := info.revDeps }
-
-def FixedParamPerm.numFixed (perm : FixedParamPerm) : Nat :=
-  perm.countP Option.isSome
-
-def FixedParamPerm.isFixed (perm : FixedParamPerm) (i : Nat) : Bool :=
-  perm[i]?.join.isSome
-
-/--
-Brings the fixed parameters from `type`, which should the the type of the `funIdx`'s function, into
-scope.
--/
-private partial def FixedParamPerm.forallTelescopeImpl (perm : FixedParamPerm)
-    (type : Expr) (k : Array Expr → MetaM α) : MetaM α := do
-  go 0 type (mkArray perm.numFixed (mkSort 0))
-where
-  go i type xs := do
-    match perm[i]? with
-    | .some (Option.some fixedParamIdx) =>
-      forallBoundedTelescope type (some 1) (cleanupAnnotations := true) fun xs' type => do
-        assert! xs'.size = 1
-        let x := xs'[0]!
-        assert! !(← inferType x).hasLooseBVars
-        assert! fixedParamIdx < xs.size
-        go (i + 1) type (xs.set! fixedParamIdx x)
-    | .some .none =>
-      let type ← whnf type
-      assert! type.isForall
-      go (i + 1) type.bindingBody! xs
-    | .none =>
-      k xs
-
-def FixedParamPerm.forallTelescope [MonadControlT MetaM n] [Monad n]
-    (perm : FixedParamPerm) (type : Expr) (k : Array Expr → n α) : n α := do
-  map1MetaM (fun k => perm.forallTelescopeImpl type k) k
-
-
-/--
-If `type` is the type of the `funIdx`'s function, instantiate the fixed paramters.
--/
-def FixedParamPerm.instantiateForall (perm: FixedParamPerm) (type₀ : Expr) (xs : Array Expr) : MetaM Expr := do
-  assert! xs.size = perm.numFixed
-  let mask := perm.toList
-  go mask type₀
-where
-  go | [], type => pure type
-     | (.some fixedParamIdx)::mask, type => do
-        assert! fixedParamIdx < xs.size
-        go mask (← Meta.instantiateForall type #[xs[fixedParamIdx]!])
-     | .none::mask, type =>
-        forallBoundedTelescope type (some 1) fun ys type => do
-          assert! ys.size = 1
-          mkForallFVars ys (← go mask type)
-
-/--
-If `value` is the body of the `funIdx`'s function, instantiate the fixed paramters.
-Expects enough manifest lambdas to instantiate all fixed parameters, but can handle
-eta-contracted definitions beyond that.
--/
-def FixedParamPerm.instantiateLambda (perm : FixedParamPerm) (value₀ : Expr) (xs : Array Expr) : MetaM Expr := do
-  assert! xs.size = perm.numFixed
-  let mask := perm.toList
-  go mask value₀
-where
-  go | [], value => pure value
-     | (.some fixedParamIdx)::mask, value => do
-        assert! fixedParamIdx < xs.size
-        go mask (← Meta.instantiateLambda value #[xs[fixedParamIdx]!])
-     | .none::mask, value =>
-        if mask.all Option.isNone then
-          -- Nothing left to do. Also helpful if we may encounter an eta-contracted value
-          return value
-        else
-          lambdaBoundedTelescope value 1 fun ys value => do
-            assert! ys.size = 1
-            mkLambdaFVars ys (← go mask value)
-
-/--
-If `xs` are arguments to the `funIdx`'s function, pick only the fixed ones, and reorder appropriately.
-Expects `xs` to match the arity of the function.
--/
-def FixedParamPerm.pickFixed (perm : FixedParamPerm) (xs : Array α) : Array α := Id.run do
-  assert! xs.size = perm.size
-  if h : xs.size = 0 then
-    pure #[]
-  else
-    let dummy := xs[0]
-    let ys := mkArray perm.numFixed dummy
-    go (perm.zip xs).toList ys
-where
-  go | [], ys => return ys
-     | (.some fixedParamIdx, x)::xs, ys => do
-        assert! fixedParamIdx < ys.size
-        go xs (ys.set! fixedParamIdx x)
-     | (.none, _) :: perm, ys =>
-        go perm ys
-
-/--
-If `xs` are arguments to the `funIdx`'s function, pick only the varying ones.
-Unlike `pickFixed`, this function can handle over- or under-application.
--/
-def FixedParamPerm.pickVarying (perm : FixedParamPerm) (xs : Array α) : Array α := Id.run do
-  let mut ys := #[]
-  for h : i in [:xs.size] do
-    if perm[i]?.join.isNone then ys := ys.push xs[i]
-  pure ys
-
-/--
-Intersperses the fixed and varying parameters to be in the original parameter order.
-Can handle over- or und-application (extra or missing varying args), as long
-as there are all varying parameters that go before fixed parameters.
-(We expect to always find all fixed parameters, else they woudn't be fixed parameters.)
--/
-partial def FixedParamPerm.buildArgs (perm : FixedParamPerm) (fixedArgs varyingArgs : Array α) : Array α :=
-  assert! fixedArgs.size = perm.numFixed
-  go 0 0 #[]
-where
-  go i j (xs : Array α) :=
-    if _ : i < perm.size then
-      if let some fixedParamIdx := perm[i] then
-        if _ : fixedParamIdx < fixedArgs.size then
-          go (i + 1) j (xs.push fixedArgs[fixedParamIdx])
-        else
-          panic! "FixedParams.buildArgs: too few fixed args"
-      else
-        if _ : j < varyingArgs.size then
-          go (i + 1) (j + 1) (xs.push varyingArgs[j])
-        else
-          if perm[i:].all Option.isNone then
-            xs -- Under-application
-          else
-            panic! "FixedParams.buildArgs: too few varying args"
-    else
-      xs ++ varyingArgs[j:] -- (Possibly) over-application
-
-/--
-Are all fixed parameters a non-reordered prefix?
--/
-def FixedParamPerms.fixedArePrefix (fixedParamPerms : FixedParamPerms) : Bool :=
-  fixedParamPerms.perms.all fun paramInfos =>
-    paramInfos ==
-      (Array.range fixedParamPerms.numFixed).map Option.some ++
-      mkArray (paramInfos.size - fixedParamPerms.numFixed) .none
-
-/--
-If `xs` are the fixed parameters that are in scope, and `toErase` are, for each function, the
-positions of arguments that must no longer be fixed parameters, then this function splits partitions
-`xs` into those to keep and those to erase, and updates `FixedParams` accordingly.
-
-This is used in structural recursion, where we may discover that some fixed parameters are actually
-indices and need to be treated as varying, including all parameters that depend on them.
--/
-def FixedParamPerms.erase  (fixedParamPerms : FixedParamPerms) (xs : Array Expr)
-    (toErase : Array (Array Nat)) : (FixedParamPerms × Array Expr × Array FVarId) := Id.run do
-  assert! xs.all (·.isFVar)
-  assert! fixedParamPerms.numFixed  = xs.size
-  assert! toErase.size = fixedParamPerms.perms.size
-  -- Calculate a mask on the fixed parameters of variables to erase
-  let mut mask := mkArray fixedParamPerms.numFixed false
-  for funIdx in [:toErase.size], paramIdxs in toErase, mapping in fixedParamPerms.perms do
-    for paramIdx in paramIdxs do
-      assert! paramIdx < mapping.size
-      if let some fixedParamIdx := mapping[paramIdx]! then
-        mask := mask.set! fixedParamIdx true
-  -- Take the transitive closure under under `fixedParamPerms.revDeps`.
-  let mut changed := true
-  while changed do
-    changed := false
-    for h : funIdx in [:fixedParamPerms.perms.size] do
-      for h : paramIdx₁ in [:fixedParamPerms.perms[funIdx].size] do
-        if let some fixedParamIdx₁ := fixedParamPerms.perms[funIdx][paramIdx₁] then
-          if mask[fixedParamIdx₁]! then
-            for paramIdx₂ in fixedParamPerms.revDeps[funIdx]![paramIdx₁]! do
-              if let some fixedParamIdx₂ := fixedParamPerms.perms[funIdx][paramIdx₂]! then
-                if !mask[fixedParamIdx₂]! then
-                  mask := mask.set! fixedParamIdx₂ true
-                  changed := true
-  -- Calculate reindexing map, variables to keep, variables to erase
-  let mut reindex := #[]
-  let mut fvarsToErase :=#[]
-  let mut toKeep :=#[]
-  for i in [:mask.size], erase in mask, x in xs do
-    if erase then
-      reindex := reindex.push none
-      fvarsToErase := fvarsToErase.push x.fvarId!
-    else
-      reindex := reindex.push (Option.some toKeep.size)
-      toKeep := toKeep.push x
-  let fixedParamPerms' : FixedParamPerms := {
-    numFixed := toKeep.size
-    perms := fixedParamPerms.perms.map (·.map (·.bind (reindex[·]!)))
-    revDeps := fixedParamPerms.revDeps
-  }
-  return (fixedParamPerms', toKeep, fvarsToErase)
-
-end Lean.Elab
-
-builtin_initialize
-  Lean.registerTraceClass `Elab.definition.fixedParams

src/Lean/Elab/PreDefinition/Mutual.lean

@@ -26,6 +26,24 @@ where
       withLocalDecl vals[0]!.bindingName! vals[0]!.binderInfo vals[0]!.bindingDomain! fun x =>
         go (fvars.push x) (vals.map fun val => val.bindingBody!.instantiate1 x)
 
+def getFixedPrefix (preDefs : Array PreDefinition) : MetaM Nat :=
+  withCommonTelescope preDefs fun xs vals => do
+    let resultRef ← IO.mkRef xs.size
+    for val in vals do
+      if (← resultRef.get) == 0 then return 0
+      forEachExpr' val fun e => do
+        if preDefs.any fun preDef => e.isAppOf preDef.declName then
+          let args := e.getAppArgs
+          resultRef.modify (min args.size ·)
+          for arg in args, x in xs do
+            if !(← withoutProofIrrelevance <| withReducible <| isDefEq arg x) then
+              -- We continue searching if e's arguments are not a prefix of `xs`
+              return true
+          return false
+        else
+          return true
+    resultRef.get
+
 def addPreDefsFromUnary (preDefs : Array PreDefinition) (preDefsNonrec : Array PreDefinition)
     (unaryPreDefNonRec : PreDefinition) : TermElabM Unit := do
   /-
@@ -64,7 +82,6 @@ Assign final attributes to the definitions. Assumes the EqnInfos to be already p
 def addPreDefAttributes (preDefs : Array PreDefinition) : TermElabM Unit := do
   for preDef in preDefs do
     markAsRecursive preDef.declName
-    enableRealizationsForConst preDef.declName
     generateEagerEqns preDef.declName
     applyAttributesOf #[preDef] AttributeApplicationTime.afterCompilation
     -- Unless the user asks for something else, mark the definition as irreducible

src/Lean/Elab/PreDefinition/Nonrec/Eqns.lean

@@ -20,23 +20,18 @@ Simple, coarse-grained equation theorem for nonrecursive definitions.
 -/
 private def mkSimpleEqThm (declName : Name) (suffix := Name.mkSimple unfoldThmSuffix) : MetaM (Option Name) := do
   if let some (.defnInfo info) := (← getEnv).find? declName then
-    let name := declName ++ suffix
-    -- determinism: `name` and `info` are dependent only on `declName`, not any later env
-    -- modifications
-    realizeConst declName name (doRealize name info)
-    return some name
-  else
-    return none
-where
-  doRealize name info :=
     lambdaTelescope (cleanupAnnotations := true) info.value fun xs body => do
       let lhs := mkAppN (mkConst info.name <| info.levelParams.map mkLevelParam) xs
       let type  ← mkForallFVars xs (← mkEq lhs body)
       let value ← mkLambdaFVars xs (← mkEqRefl lhs)
-      addDecl <| .thmDecl {
+      let name := declName ++ suffix
+      addDecl <| Declaration.thmDecl {
         name, type, value
         levelParams := info.levelParams
       }
+      return some name
+  else
+    return none
 
 def getEqnsFor? (declName : Name) : MetaM (Option (Array Name)) := do
   if (← isRecursiveDefinition declName) then

src/Lean/Elab/PreDefinition/PartialFixpoint/Eqns.lean

@@ -9,7 +9,6 @@ import Lean.Meta.Tactic.Rewrite
 import Lean.Meta.Tactic.Split
 import Lean.Elab.PreDefinition.Basic
 import Lean.Elab.PreDefinition.Eqns
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Meta.ArgsPacker.Basic
 import Init.Data.Array.Basic
 import Init.Internal.Order.Basic
@@ -21,13 +20,12 @@ open Eqns
 structure EqnInfo extends EqnInfoCore where
   declNames       : Array Name
   declNameNonRec  : Name
-  fixedParamPerms : FixedParamPerms
+  fixedPrefixSize : Nat
   deriving Inhabited
 
 builtin_initialize eqnInfoExt : MapDeclarationExtension EqnInfo ← mkMapDeclarationExtension
 
-def registerEqnsInfo (preDefs : Array PreDefinition) (declNameNonRec : Name)
-    (fixedParamPerms : FixedParamPerms) : MetaM Unit := do
+def registerEqnsInfo (preDefs : Array PreDefinition) (declNameNonRec : Name) (fixedPrefixSize : Nat) : MetaM Unit := do
   preDefs.forM fun preDef => ensureEqnReservedNamesAvailable preDef.declName
   unless preDefs.all fun p => p.kind.isTheorem do
     unless (← preDefs.allM fun p => isProp p.type) do
@@ -35,7 +33,7 @@ def registerEqnsInfo (preDefs : Array PreDefinition) (declNameNonRec : Name)
       modifyEnv fun env =>
         preDefs.foldl (init := env) fun env preDef =>
           eqnInfoExt.insert env preDef.declName { preDef with
-            declNames, declNameNonRec, fixedParamPerms }
+            declNames, declNameNonRec, fixedPrefixSize }
 
 private def deltaLHSUntilFix (declName declNameNonRec : Name) (mvarId : MVarId) : MetaM MVarId := mvarId.withContext do
   let target ← mvarId.getType'
@@ -68,12 +66,9 @@ private def rwFixEq (mvarId : MVarId) : MetaM MVarId := mvarId.withContext do
   return mvarNew.mvarId!
 
 /-- Generate the "unfold" lemma for `declName`. -/
-def mkUnfoldEq (declName : Name) (info : EqnInfo) : MetaM Name := do
-  let name := Name.str declName unfoldThmSuffix
-  realizeConst declName name (doRealize name)
-  return name
-where
-  doRealize name := withOptions (tactic.hygienic.set · false) do
+def mkUnfoldEq (declName : Name) (info : EqnInfo) : MetaM Name := withLCtx {} {} do
+  withOptions (tactic.hygienic.set · false) do
+    let baseName := declName
     lambdaTelescope info.value fun xs body => do
       let us := info.levelParams.map mkLevelParam
       let type ← mkEq (mkAppN (Lean.mkConst declName us) xs) body
@@ -95,10 +90,12 @@ where
           throwError "failed to generate unfold theorem for '{declName}':\n{e.toMessageData}"
       let type ← mkForallFVars xs type
       let value ← mkLambdaFVars xs goal
+      let name := Name.str baseName unfoldThmSuffix
       addDecl <| Declaration.thmDecl {
         name, type, value
         levelParams := info.levelParams
       }
+      return name
 
 def getUnfoldFor? (declName : Name) : MetaM (Option Name) := do
   let name := Name.str declName unfoldThmSuffix

src/Lean/Elab/PreDefinition/PartialFixpoint/Induction.lean

@@ -70,21 +70,21 @@ def deriveInduction (name : Name) : MetaM Unit := do
 
     let infos ← eqnInfo.declNames.mapM getConstInfoDefn
     -- First open up the fixed parameters everywhere
-    let e' ← eqnInfo.fixedParamPerms.perms[0]!.forallTelescope infos[0]!.type fun xs => do
+    let e' ← lambdaBoundedTelescope infos[0]!.value eqnInfo.fixedPrefixSize fun xs _ => do
       -- Now look at the body of an arbitrary of the functions (they are essentially the same
       -- up to the final projections)
-      let body ← eqnInfo.fixedParamPerms.perms[0]!.instantiateLambda infos[0]!.value xs
+      let body ← instantiateLambda infos[0]!.value xs
 
       -- The body should now be of the form of the form (fix … ).2.2.1
       -- We strip the projections (if present)
-      let body' := PProdN.stripProjs body.eta -- TODO: Eta more carefully?
+      let body' := PProdN.stripProjs body
       let some fixApp ← whnfUntil body' ``fix
-        | throwError "Unexpected function body {body}, could not whnfUntil fix"
+        | throwError "Unexpected function body {body}"
       let_expr fix α instCCPOα F hmono := fixApp
-        | throwError "Unexpected function body {body'}, not an application of fix"
+        | throwError "Unexpected function body {body'}"
 
       let instCCPOs := CCPOProdProjs infos.size instCCPOα
-      let types ← infos.mapIdxM (eqnInfo.fixedParamPerms.perms[·]!.instantiateForall ·.type xs)
+      let types ← infos.mapM (instantiateForall ·.type xs)
       let packedType ← PProdN.pack 0 types
       let motiveTypes ← types.mapM (mkArrow · (.sort 0))
       let motiveNames := numberNames motiveTypes.size "motive"
@@ -135,11 +135,7 @@ def deriveInduction (name : Name) : MetaM Unit := do
             let packedConclusion ← PProdN.pack 0 <| ←
               motives.mapIdxM fun i motive => do
                 let f ← mkConstWithLevelParams infos[i]!.name
-                let fEtaExpanded ← lambdaTelescope infos[i]!.value fun ys _ =>
-                  mkLambdaFVars ys (mkAppN f ys)
-                let fInst ← eqnInfo.fixedParamPerms.perms[i]!.instantiateLambda fEtaExpanded xs
-                let fInst := fInst.eta
-                return mkApp motive fInst
+                return mkApp motive (mkAppN f xs)
             let e' ← mkExpectedTypeHint e' packedConclusion
             let e' ← mkLambdaFVars hs e'
             let e' ← mkLambdaFVars adms e'
@@ -232,10 +228,9 @@ def derivePartialCorrectness (name : Name) : MetaM Unit := do
       throwError "{name} is not defined by partial_fixpoint"
 
     let infos ← eqnInfo.declNames.mapM getConstInfoDefn
-    let fixedParamPerm0 := eqnInfo.fixedParamPerms.perms[0]!
     -- First open up the fixed parameters everywhere
-    let e' ← fixedParamPerm0.forallTelescope infos[0]!.type fun xs => do
-      let types ← infos.mapIdxM (eqnInfo.fixedParamPerms.perms[·]!.instantiateForall ·.type xs)
+    let e' ← lambdaBoundedTelescope infos[0]!.value eqnInfo.fixedPrefixSize fun xs _ => do
+      let types ← infos.mapM (instantiateForall ·.type xs)
 
       -- for `f : α → β → Option γ`, we expect a `motive : α → β → γ → Prop`
       let motiveTypes ← types.mapM fun type =>

src/Lean/Elab/PreDefinition/PartialFixpoint/Main.lean

@@ -18,44 +18,33 @@ open Monotonicity
 
 open Lean.Order
 
-private def replaceRecApps (recFnNames : Array Name) (fixedParamPerms : FixedParamPerms) (f : Expr) (e : Expr) : MetaM Expr := do
-  assert! recFnNames.size = fixedParamPerms.perms.size
+private def replaceRecApps (recFnNames : Array Name) (fixedPrefixSize : Nat) (f : Expr) (e : Expr) : MetaM Expr := do
   let t ← inferType f
-  return e.replace fun e => do
-    let fn := e.getAppFn
-    guard fn.isConst
-    let idx ← recFnNames.idxOf? fn.constName!
-    let args := e.getAppArgs
-    let varying := fixedParamPerms.perms[idx]!.pickVarying args
-    return mkAppN (PProdN.proj recFnNames.size idx t f) varying
+  return e.replace fun e =>
+    if let some idx := recFnNames.findIdx? (e.isAppOfArity · fixedPrefixSize) then
+      some <| PProdN.proj recFnNames.size idx t f
+    else
+      none
 
 /--
 For pretty error messages:
 Takes `F : (fun f => e)`, where `f` is the packed function, and replaces `f` in `e` with the user-visible
 constants, which are added to the environment temporarily.
 -/
-private def unReplaceRecApps {α} (preDefs : Array PreDefinition) (fixedParamPerms : FixedParamPerms) (fixedArgs : Array Expr)
+private def unReplaceRecApps {α} (preDefs : Array PreDefinition) (fixedArgs : Array Expr)
     (F : Expr) (k : Expr → MetaM α) : MetaM α := do
   unless F.isLambda do throwError "Expected lambda:{indentExpr F}"
   withoutModifyingEnv do
     preDefs.forM addAsAxiom
-    let fns ← preDefs.mapIdxM fun funIdx preDef => do
-      let value ← fixedParamPerms.perms[funIdx]!.instantiateLambda preDef.value fixedArgs
-      lambdaTelescope value fun xs _ =>
-        let args := fixedParamPerms.perms[funIdx]!.buildArgs fixedArgs xs
-        let call := mkAppN (.const preDef.declName (preDef.levelParams.map mkLevelParam)) args
-        mkLambdaFVars (etaReduce := true) xs call
+    let fns := preDefs.map fun d =>
+      mkAppN (.const d.declName (d.levelParams.map mkLevelParam)) fixedArgs
     let packedFn ← PProdN.mk 0 fns
     let e ← lambdaBoundedTelescope F 1 fun f e => do
       let f := f[0]!
       -- Replace f with calls to the constants
-      let e := e.replace fun e => do
-        if e == f then return packedFn else none
-      -- And reduce projection and beta redexes
-      -- (This is a bit blunt; we could try harder to only replace the projection and beta-redexes
-      -- introduced above)
+      let e := e.replace fun e => do if e == f then return packedFn else none
+      -- And reduce projection redexes
       let e ← PProdN.reduceProjs e
-      let e ← Core.betaReduce e
       pure e
     k e
 
@@ -92,12 +81,15 @@ def partialFixpoint (preDefs : Array PreDefinition) : TermElabM Unit := do
           mkAppOptM ``FlatOrder.instCCPO #[none, classicalWitness]
       mkLambdaFVars xs inst
 
+  let fixedPrefixSize ← Mutual.getFixedPrefix preDefs
+  trace[Elab.definition.partialFixpoint] "fixed prefix size: {fixedPrefixSize}"
+
   let declNames := preDefs.map (·.declName)
-  let fixedParamPerms ← getFixedParamPerms preDefs
-  fixedParamPerms.perms[0]!.forallTelescope preDefs[0]!.type fun fixedArgs => do
+
+  forallBoundedTelescope preDefs[0]!.type fixedPrefixSize fun fixedArgs _ => do
     -- ∀ x y, CCPO (rᵢ x y)
-    let ccpoInsts ← ccpoInsts.mapIdxM (fixedParamPerms.perms[·]!.instantiateLambda · fixedArgs)
-    let types ← preDefs.mapIdxM (fixedParamPerms.perms[·]!.instantiateForall ·.type fixedArgs)
+    let ccpoInsts := ccpoInsts.map (·.beta fixedArgs)
+    let types ← preDefs.mapM (instantiateForall ·.type fixedArgs)
 
     -- (∀ x y, r₁ x y) ×' (∀ x y, r₂ x y)
     let packedType ← PProdN.pack 0 types
@@ -116,7 +108,7 @@ def partialFixpoint (preDefs : Array PreDefinition) : TermElabM Unit := do
 
     -- Error reporting hook, presenting monotonicity errors in terms of recursive functions
     let failK {α} f (monoThms : Array Name) : MetaM α := do
-      unReplaceRecApps preDefs fixedParamPerms fixedArgs f fun t => do
+      unReplaceRecApps preDefs fixedArgs f fun t => do
         let extraMsg := if monoThms.isEmpty then m!"" else
           m!"Tried to apply {.andList (monoThms.toList.map (m!"'{.ofConstName ·}'"))}, but failed.\n\
              Possible cause: A missing `{.ofConstName ``MonoBind}` instance.\n\
@@ -130,13 +122,13 @@ def partialFixpoint (preDefs : Array PreDefinition) : TermElabM Unit := do
 
     -- Adjust the body of each function to take the other functions as a
     -- (packed) parameter
-    let Fs ← preDefs.mapIdxM fun funIdx preDef => do
-      let body ← fixedParamPerms.perms[funIdx]!.instantiateLambda preDef.value fixedArgs
+    let Fs ← preDefs.mapM fun preDef => do
+      let body ← instantiateLambda preDef.value fixedArgs
       withLocalDeclD (← mkFreshUserName `f) packedType fun f => do
         let body' ← withoutModifyingEnv do
           -- replaceRecApps needs the constants in the env to typecheck things
           preDefs.forM (addAsAxiom ·)
-          replaceRecApps declNames fixedParamPerms f body
+          replaceRecApps declNames fixedPrefixSize f body
         mkLambdaFVars #[f] body'
 
     -- Construct and solve monotonicity goals for each function separately
@@ -168,7 +160,7 @@ def partialFixpoint (preDefs : Array PreDefinition) : TermElabM Unit := do
     trace[Elab.definition.partialFixpoint] "packedValue: {packedValue}"
 
     let declName :=
-      if preDefs.size = 1 && fixedParamPerms.fixedArePrefix then
+      if preDefs.size = 1 then
         preDefs[0]!.declName
       else
         preDefs[0]!.declName ++ `mutual
@@ -178,22 +170,17 @@ def partialFixpoint (preDefs : Array PreDefinition) : TermElabM Unit := do
       declName := declName
       type := packedType'
       value := packedValue'}
-
     let preDefsNonrec ← preDefs.mapIdxM fun fidx preDef => do
-      forallBoundedTelescope preDef.type fixedParamPerms.perms[fidx]!.size fun params _ => do
-        let fixed := fixedParamPerms.perms[fidx]!.pickFixed params
-        let varying := fixedParamPerms.perms[fidx]!.pickVarying params
-        let us := preDefNonRec.levelParams.map mkLevelParam
-        let value := mkConst preDefNonRec.declName us
-        let value := mkAppN value fixed
-        let value := PProdN.proj preDefs.size fidx packedType value
-        let value := mkAppN value varying
-        let value ← mkLambdaFVars (etaReduce := true) params value
-        pure { preDef with value }
+      let us := preDefNonRec.levelParams.map mkLevelParam
+      let value := mkConst preDefNonRec.declName us
+      let value := mkAppN value fixedArgs
+      let value := PProdN.proj preDefs.size fidx packedType value
+      let value ← mkLambdaFVars fixedArgs value
+      pure { preDef with value }
 
     Mutual.addPreDefsFromUnary preDefs preDefsNonrec preDefNonRec
     let preDefs ← Mutual.cleanPreDefs preDefs
-    PartialFixpoint.registerEqnsInfo preDefs preDefNonRec.declName fixedParamPerms
+    PartialFixpoint.registerEqnsInfo preDefs preDefNonRec.declName fixedPrefixSize
     Mutual.addPreDefAttributes preDefs
 
 end Lean.Elab

src/Lean/Elab/PreDefinition/Structural/BRecOn.lean

@@ -155,8 +155,7 @@ private partial def replaceRecApps (recArgInfos : Array RecArgInfo) (positions :
               try toBelow below recArgInfo.indGroupInst.params.size positions fnIdx recArg
               catch _ => throwError "failed to eliminate recursive application{indentExpr e}"
             -- We don't pass the fixed parameters, the indices and the major arg to `f`, only the rest
-            let ys := recArgInfo.fixedParamPerm.pickVarying args
-            let (_, fArgs) := recArgInfo.pickIndicesMajor ys
+            let (_, fArgs) := recArgInfo.pickIndicesMajor args[recArgInfo.numFixed:]
             let fArgs ← fArgs.mapM (replaceRecApps recArgInfos positions below ·)
             return mkAppN f fArgs
           else

src/Lean/Elab/PreDefinition/Structural/Eqns.lean

@@ -10,7 +10,6 @@ import Lean.Meta.Tactic.Simp.Main
 import Lean.Meta.Tactic.Apply
 import Lean.Elab.PreDefinition.Basic
 import Lean.Elab.PreDefinition.Eqns
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Elab.PreDefinition.Structural.Basic
 
 namespace Lean.Elab
@@ -22,7 +21,7 @@ namespace Structural
 structure EqnInfo extends EqnInfoCore where
   recArgPos : Nat
   declNames : Array Name
-  fixedParamPerms : FixedParamPerms
+  numFixed  : Nat
   deriving Inhabited
 
 private partial def mkProof (declName : Name) (type : Expr) : MetaM Expr := do
@@ -75,26 +74,21 @@ def mkEqns (info : EqnInfo) : MetaM (Array Name) :=
     trace[Elab.definition.structural.eqns] "eqnType {i}: {type}"
     let name := (Name.str baseName eqnThmSuffixBase).appendIndexAfter (i+1)
     thmNames := thmNames.push name
-    -- determinism: `type` should be independent of the environment changes since `baseName` was
-    -- added
-    realizeConst baseName name (doRealize name type)
-  return thmNames
-where
-  doRealize name type := withOptions (tactic.hygienic.set · false) do
     let value ← mkProof info.declName type
     let (type, value) ← removeUnusedEqnHypotheses type value
     addDecl <| Declaration.thmDecl {
       name, type, value
       levelParams := info.levelParams
     }
+  return thmNames
 
 builtin_initialize eqnInfoExt : MapDeclarationExtension EqnInfo ← mkMapDeclarationExtension
 
 def registerEqnsInfo (preDef : PreDefinition) (declNames : Array Name) (recArgPos : Nat)
-    (fixedParamPerms : FixedParamPerms) : CoreM Unit := do
+    (numFixed : Nat) : CoreM Unit := do
   ensureEqnReservedNamesAvailable preDef.declName
   modifyEnv fun env => eqnInfoExt.insert env preDef.declName
-    { preDef with recArgPos, declNames, fixedParamPerms }
+    { preDef with recArgPos, declNames, numFixed }
 
 def getEqnsFor? (declName : Name) : MetaM (Option (Array Name)) := do
   if let some info := eqnInfoExt.find? (← getEnv) declName then

src/Lean/Elab/PreDefinition/Structural/FindRecArg.lean

@@ -5,7 +5,6 @@ Authors: Leonardo de Moura, Joachim Breitner
 -/
 prelude
 import Lean.Elab.PreDefinition.TerminationMeasure
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Elab.PreDefinition.Structural.Basic
 import Lean.Elab.PreDefinition.Structural.RecArgInfo
 
@@ -59,10 +58,9 @@ private def hasBadParamDep? (ys : Array Expr) (indParams : Array Expr) : MetaM (
 Assemble the `RecArgInfo` for the `i`th parameter in the parameter list `xs`. This performs
 various sanity checks on the parameter (is it even of inductive type etc).
 -/
-def getRecArgInfo (fnName : Name) (fixedParamPerm : FixedParamPerm) (xs : Array Expr) (i : Nat) : MetaM RecArgInfo := do
-  assert! fixedParamPerm.size = xs.size
+def getRecArgInfo (fnName : Name) (numFixed : Nat) (xs : Array Expr) (i : Nat) : MetaM RecArgInfo := do
   if h : i < xs.size then
-    if fixedParamPerm.isFixed i then
+    if i < numFixed then
       throwError "it is unchanged in the recursive calls"
     let x := xs[i]
     let localDecl ← getFVarLocalDecl x
@@ -81,14 +79,16 @@ def getRecArgInfo (fnName : Name) (fixedParamPerm : FixedParamPerm) (xs : Array
       else if !indIndices.allDiff then
         throwError "its type {indInfo.name} is an inductive family and indices are not pairwise distinct{indentExpr xType}"
       else
-        let ys := fixedParamPerm.pickVarying xs
+        let indexMinPos := getIndexMinPos xs indIndices
+        let numFixed    := if indexMinPos < numFixed then indexMinPos else numFixed
+        let ys          := xs[numFixed:]
         match (← hasBadIndexDep? ys indIndices) with
         | some (index, y) =>
           throwError "its type {indInfo.name} is an inductive family{indentExpr xType}\nand index{indentExpr index}\ndepends on the non index{indentExpr y}"
         | none =>
           match (← hasBadParamDep? ys indParams) with
           | some (indParam, y) =>
-            throwError "its type is an inductive datatype{indentExpr xType}\nand the datatype parameter{indentExpr indParam}\ndepends on the function parameter{indentExpr y}\nwhich is not fixed."
+            throwError "its type is an inductive datatype{indentExpr xType}\nand the datatype parameter{indentExpr indParam}\ndepends on the function parameter{indentExpr y}\nwhich does not come before the varying parameters and before the indices of the recursion parameter."
           | none =>
             let indAll := indInfo.all.toArray
             let .some indIdx := indAll.idxOf? indInfo.name | panic! "{indInfo.name} not in {indInfo.all}"
@@ -98,7 +98,7 @@ def getRecArgInfo (fnName : Name) (fixedParamPerm : FixedParamPerm) (xs : Array
               levels := us
               params := indParams }
             return { fnName       := fnName
-                     fixedParamPerm := fixedParamPerm
+                     numFixed     := numFixed
                      recArgPos    := i
                      indicesPos   := indicesPos
                      indGroupInst := indGroupInst
@@ -115,27 +115,25 @@ The `xs` are the fixed parameters, `value` the body with the fixed prefix instan
 Takes the optional user annotation into account (`termMeasure?`). If this is given and the measure
 is unsuitable, throw an error.
 -/
-def getRecArgInfos (fnName : Name) (fixedParamPerm : FixedParamPerm) (xs : Array Expr)
-    (value : Expr) (termMeasure? : Option TerminationMeasure) : MetaM (Array RecArgInfo × MessageData) := do
+def getRecArgInfos (fnName : Name) (xs : Array Expr) (value : Expr)
+    (termMeasure? : Option TerminationMeasure) : MetaM (Array RecArgInfo × MessageData) := do
   lambdaTelescope value fun ys _ => do
     if let .some termMeasure := termMeasure? then
       -- User explicitly asked to use a certain measure, so throw errors eagerly
       let recArgInfo ← withRef termMeasure.ref do
         mapError (f := (m!"cannot use specified measure for structural recursion:{indentD ·}")) do
-          let args := fixedParamPerm.buildArgs xs ys
-          getRecArgInfo fnName fixedParamPerm args (← termMeasure.structuralArg)
+          getRecArgInfo fnName xs.size (xs ++ ys) (← termMeasure.structuralArg)
       return (#[recArgInfo], m!"")
     else
-      let args := fixedParamPerm.buildArgs xs ys
       let mut recArgInfos := #[]
       let mut report : MessageData := m!""
       -- No `termination_by`, so try all, and remember the errors
-      for idx in [:args.size] do
+      for idx in [:xs.size + ys.size] do
         try
-          let recArgInfo ← getRecArgInfo fnName fixedParamPerm args idx
+          let recArgInfo ← getRecArgInfo fnName xs.size (xs ++ ys) idx
           recArgInfos := recArgInfos.push recArgInfo
         catch e =>
-          report := report ++ (m!"Not considering parameter {← prettyParam args idx} of {fnName}:" ++
+          report := report ++ (m!"Not considering parameter {← prettyParam (xs ++ ys) idx} of {fnName}:" ++
             indentD e.toMessageData) ++ "\n"
       trace[Elab.definition.structural] "getRecArgInfos report: {report}"
       return (recArgInfos, report)
@@ -213,7 +211,7 @@ def argsInGroup (group : IndGroupInst) (xs : Array Expr) (value : Expr)
           let indicesPos := indIndices.map fun index => match (xs++ys).idxOf? index with | some i => i | none => unreachable!
           return .some
             { fnName       := recArgInfo.fnName
-              fixedParamPerm  := recArgInfo.fixedParamPerm
+              numFixed     := recArgInfo.numFixed
               recArgPos    := recArgInfo.recArgPos
               indicesPos   := indicesPos
               indGroupInst := group
@@ -234,13 +232,13 @@ def allCombinations (xss : Array (Array α)) : Option (Array (Array α)) :=
     some (go 0 #[])
 
 
-def tryAllArgs (fnNames : Array Name) (fixedParamPerms : FixedParamPerms) (xs : Array Expr)
-   (values : Array Expr) (termMeasure?s : Array (Option TerminationMeasure)) (k : Array RecArgInfo → M α) : M α := do
+def tryAllArgs (fnNames : Array Name) (xs : Array Expr) (values : Array Expr)
+   (termMeasure?s : Array (Option TerminationMeasure)) (k : Array RecArgInfo → M α) : M α := do
   let mut report := m!""
   -- Gather information on all possible recursive arguments
   let mut recArgInfoss := #[]
-  for fnName in fnNames, value in values, termMeasure? in termMeasure?s, fixedParamPerm in fixedParamPerms.perms do
-    let (recArgInfos, thisReport) ← getRecArgInfos fnName fixedParamPerm xs value termMeasure?
+  for fnName in fnNames, value in values, termMeasure? in termMeasure?s do
+    let (recArgInfos, thisReport) ← getRecArgInfos fnName xs value termMeasure?
     report := report ++ thisReport
     recArgInfoss := recArgInfoss.push recArgInfos
   -- Put non-indices first
@@ -268,6 +266,8 @@ def tryAllArgs (fnNames : Array Name) (fixedParamPerms : FixedParamPerms) (xs :
           -- are ok in a nested group. This logic can maybe simplified)
           unless (← hasConst (group.brecOnName false 0)) do
             throwError "the type {group} does not have a `.brecOn` recursor"
+          -- TODO: Here we used to save and restore the state. But should the `try`-`catch`
+          -- not suffice?
           let r ← k comb
           trace[Elab.definition.structural] "tryAllArgs report:\n{report}"
           return r

src/Lean/Elab/PreDefinition/Structural/IndPred.lean

@@ -12,24 +12,23 @@ import Lean.Elab.PreDefinition.Structural.RecArgInfo
 namespace Lean.Elab.Structural
 open Meta
 
-private def replaceIndPredRecApp (fixedParamPerm : FixedParamPerm) (funType : Expr) (e : Expr) : M Expr := do
+private def replaceIndPredRecApp (numFixed : Nat) (funType : Expr) (e : Expr) : M Expr := do
   withoutProofIrrelevance do
   withTraceNode `Elab.definition.structural (fun _ => pure m!"eliminating recursive call {e}") do
     -- We want to replace `e` with an expression of the same type
     let main ← mkFreshExprSyntheticOpaqueMVar (← inferType e)
-    let args : Array Expr := e.getAppArgs
-    let ys := fixedParamPerm.pickVarying args
+    let args : Array Expr := e.getAppArgs[numFixed:]
     let lctx ← getLCtx
     let r ← lctx.anyM fun localDecl => do
       if localDecl.isAuxDecl then return false
       let (mvars, _, t) ← forallMetaTelescope localDecl.type -- NB: do not reduce, we want to see the `funType`
       unless t.getAppFn == funType do return false
       withTraceNodeBefore `Elab.definition.structural (do pure m!"trying {mkFVar localDecl.fvarId} : {localDecl.type}") do
-        if ys.size < t.getAppNumArgs then
-          trace[Elab.definition.structural] "too few arguments, expected {t.getAppNumArgs}, found {ys.size}. Underapplied recursive call?"
+        if args.size < t.getAppNumArgs then
+          trace[Elab.definition.structural] "too few arguments. Underapplied recursive call?"
           return false
-        if (← (t.getAppArgs.zip ys).allM (fun (t,s) => isDefEq t s)) then
-          main.mvarId!.assign (mkAppN (mkAppN localDecl.toExpr mvars) ys[t.getAppNumArgs:])
+        if (← (t.getAppArgs.zip args).allM (fun (t,s) => isDefEq t s)) then
+          main.mvarId!.assign (mkAppN (mkAppN localDecl.toExpr mvars) args[t.getAppNumArgs:])
           return ← mvars.allM fun v => do
             unless (← v.mvarId!.isAssigned) do
               trace[Elab.definition.structural] "Cannot use {mkFVar localDecl.fvarId}: parameter {v} remains unassigned"
@@ -63,7 +62,7 @@ private partial def replaceIndPredRecApps (recArgInfo : RecArgInfo) (funType : E
       let processApp (e : Expr) : M Expr := do
         e.withApp fun f args => do
           if f.isConstOf recArgInfo.fnName then
-            replaceIndPredRecApp recArgInfo.fixedParamPerm funType e
+            replaceIndPredRecApp recArgInfo.numFixed funType e
           else
             return mkAppN (← loop f) (← args.mapM loop)
       match (← matchMatcherApp? e) with
@@ -101,7 +100,7 @@ def mkIndPredBRecOn (recArgInfo : RecArgInfo) (value : Expr) : M Expr := do
   lambdaTelescope value fun ys value => do
     let type  := (← inferType value).headBeta
     let (indexMajorArgs, otherArgs) := recArgInfo.pickIndicesMajor ys
-    trace[Elab.definition.structural] "indexMajorArgs: {indexMajorArgs}, otherArgs: {otherArgs}"
+    trace[Elab.definition.structural] "numFixed: {recArgInfo.numFixed}, indexMajorArgs: {indexMajorArgs}, otherArgs: {otherArgs}"
     let funType ← mkLambdaFVars ys type
     withLetDecl `funType (← inferType funType) funType fun funType => do
       let motive ← mkForallFVars otherArgs (mkAppN funType ys)

src/Lean/Elab/PreDefinition/Structural/Main.lean

@@ -5,7 +5,6 @@ Authors: Leonardo de Moura, Joachim Breitner
 -/
 prelude
 import Lean.Elab.PreDefinition.TerminationMeasure
-import Lean.Elab.PreDefinition.Mutual
 import Lean.Elab.PreDefinition.Structural.Basic
 import Lean.Elab.PreDefinition.Structural.FindRecArg
 import Lean.Elab.PreDefinition.Structural.Preprocess
@@ -72,9 +71,27 @@ where
       withLocalDecl vals[0]!.bindingName! vals[0]!.binderInfo vals[0]!.bindingDomain! fun x =>
         go (fvars.push x) (vals.map fun val => val.bindingBody!.instantiate1 x)
 
-private def elimMutualRecursion (preDefs : Array PreDefinition) (fixedParamPerms : FixedParamPerms)
-    (xs : Array Expr) (recArgInfos : Array RecArgInfo) : M (Array PreDefinition) := do
-  let values ← preDefs.mapIdxM (fixedParamPerms.perms[·]!.instantiateLambda ·.value xs)
+def getMutualFixedPrefix (preDefs : Array PreDefinition) : M Nat :=
+  withCommonTelescope preDefs fun xs vals => do
+    let resultRef ← IO.mkRef xs.size
+    for val in vals do
+      if (← resultRef.get) == 0 then return 0
+      forEachExpr' val fun e => do
+        if preDefs.any fun preDef => e.isAppOf preDef.declName then
+          let args := e.getAppArgs
+          resultRef.modify (min args.size ·)
+          for arg in args, x in xs do
+            if !(← withoutProofIrrelevance <| withReducible <| isDefEq arg x) then
+              -- We continue searching if e's arguments are not a prefix of `xs`
+              return true
+          return false
+        else
+          return true
+    resultRef.get
+
+private def elimMutualRecursion (preDefs : Array PreDefinition) (xs : Array Expr)
+    (recArgInfos : Array RecArgInfo) : M (Array PreDefinition) := do
+  let values ← preDefs.mapM (instantiateLambda ·.value xs)
   let indInfo ← getConstInfoInduct recArgInfos[0]!.indGroupInst.all[0]!
   if ← isInductivePredicate indInfo.name then
     -- Here we branch off to the IndPred construction, but only for non-mutual functions
@@ -85,8 +102,7 @@ private def elimMutualRecursion (preDefs : Array PreDefinition) (fixedParamPerms
     let recArgInfo := recArgInfos[0]!
     let value := values[0]!
     let valueNew ← mkIndPredBRecOn recArgInfo value
-    let valueNew ← lambdaTelescope value fun ys _ => do
-      mkLambdaFVars (etaReduce := true) (fixedParamPerms.perms[0]!.buildArgs xs ys) (mkAppN valueNew ys)
+    let valueNew ← mkLambdaFVars xs valueNew
     trace[Elab.definition.structural] "Nonrecursive value:{indentExpr valueNew}"
     check valueNew
     return #[{ preDef with value := valueNew }]
@@ -107,16 +123,12 @@ private def elimMutualRecursion (preDefs : Array PreDefinition) (fixedParamPerms
   -- Assemble the individual `.brecOn` applications
   let valuesNew ← (Array.zip recArgInfos values).mapIdxM fun i (r, v) =>
     mkBrecOnApp positions i brecOnConst FArgs r v
-  -- Abstract over the fixed prefixed, preserving the original parameter order
-  let valuesNew ← (values.zip valuesNew).mapIdxM fun i ⟨value, valueNew⟩ =>
-    lambdaTelescope value fun ys _ => do
-      -- NB: Do not eta-contract here, other code (e.g. FunInd) expects this to have the
-      -- same number of head lambdas as the original definition
-      mkLambdaFVars (fixedParamPerms.perms[i]!.buildArgs xs ys) (valueNew.beta ys)
+  -- Abstract over the fixed prefixed
+  let valuesNew ← valuesNew.mapM (mkLambdaFVars xs ·)
   return (Array.zip preDefs valuesNew).map fun ⟨preDef, valueNew⟩ => { preDef with value := valueNew }
 
 private def inferRecArgPos (preDefs : Array PreDefinition) (termMeasure?s : Array (Option TerminationMeasure)) :
-    M (Array Nat × (Array PreDefinition) × FixedParamPerms) := do
+    M (Array Nat × (Array PreDefinition) × Nat) := do
   withoutModifyingEnv do
     preDefs.forM (addAsAxiom ·)
     let fnNames := preDefs.map (·.declName)
@@ -124,39 +136,25 @@ private def inferRecArgPos (preDefs : Array PreDefinition) (termMeasure?s : Arra
       return { preDef with value := (← preprocess preDef.value fnNames) }
 
     -- The syntactically fixed arguments
-    let fixedParamPerms ← getFixedParamPerms preDefs
+    let maxNumFixed ← getMutualFixedPrefix preDefs
 
-    fixedParamPerms.perms[0]!.forallTelescope preDefs[0]!.type fun xs => do
-      let values ← preDefs.mapIdxM (fixedParamPerms.perms[·]!.instantiateLambda ·.value xs)
+    lambdaBoundedTelescope preDefs[0]!.value maxNumFixed fun xs _ => do
+      assert! xs.size = maxNumFixed
+      let values ← preDefs.mapM (instantiateLambda ·.value xs)
 
-      tryAllArgs fnNames fixedParamPerms xs values termMeasure?s fun recArgInfos => do
+      tryAllArgs fnNames xs values termMeasure?s fun recArgInfos => do
         let recArgPoss := recArgInfos.map (·.recArgPos)
         trace[Elab.definition.structural] "Trying argument set {recArgPoss}"
-        let (fixedParamPerms', xs', toErase) := fixedParamPerms.erase xs (recArgInfos.map (·.indicesAndRecArgPos))
-        -- We may have to turn some fixed parameters into varying parameters
-        let recArgInfos := recArgInfos.mapIdx fun i recArgInfo =>
-          {recArgInfo with fixedParamPerm := fixedParamPerms'.perms[i]!}
-        if xs'.size != xs.size then
-          trace[Elab.definition.structural] "Reduced fixed params from {xs} to {xs'}, erasing {toErase.map mkFVar}"
-          trace[Elab.definition.structural] "New recArgInfos {repr recArgInfos}"
-        -- Check that the parameters of the IndGroupInsts are still fine
-          for recArgInfo in recArgInfos do
-            for indParam in recArgInfo.indGroupInst.params do
-              for y in toErase do
-                if (← dependsOn indParam y) then
-                  if indParam.isFVarOf y then
-                    throwError "its type is an inductive datatype and the datatype parameter\
-                      {indentExpr indParam}\n\
-                      which cannot be fixed as it is an index or depends on an index, and indices \
-                      cannot be fixed parameters when using structural recursion."
-                  else
-                    throwError "its type is an inductive datatype and the datatype parameter\
-                      {indentExpr indParam}\ndepends on the function parameter{indentExpr (mkFVar y)}\n\
-                      which cannot be fixed as it is an index or depends on an index, and indices \
-                      cannot be fixed parameters when using structural recursion."
-        withErasedFVars toErase do
-          let preDefs' ← elimMutualRecursion preDefs fixedParamPerms' xs' recArgInfos
-          return (recArgPoss, preDefs', fixedParamPerms')
+        let numFixed := recArgInfos.foldl (·.min ·.numFixed) maxNumFixed
+        if numFixed < maxNumFixed then
+          trace[Elab.definition.structural] "Reduced numFixed from {maxNumFixed} to {numFixed}"
+        -- We may have decreased the number of arguments we consider fixed, so update
+        -- the recArgInfos, remove the extra arguments from local environment, and recalculate value
+        let recArgInfos := recArgInfos.map ({· with numFixed := numFixed })
+        withErasedFVars (xs.extract numFixed xs.size |>.map (·.fvarId!)) do
+          let xs := xs[:numFixed]
+          let preDefs' ← elimMutualRecursion preDefs xs recArgInfos
+          return (recArgPoss, preDefs', numFixed)
 
 def reporttermMeasure (preDef : PreDefinition) (recArgPos : Nat) : MetaM Unit := do
   if let some ref := preDef.termination.terminationBy?? then
@@ -169,7 +167,7 @@ def reporttermMeasure (preDef : PreDefinition) (recArgPos : Nat) : MetaM Unit :=
 
 def structuralRecursion (preDefs : Array PreDefinition) (termMeasure?s : Array (Option TerminationMeasure)) : TermElabM Unit := do
   let names := preDefs.map (·.declName)
-  let ((recArgPoss, preDefsNonRec, fixedParamPerms), state) ← run <| inferRecArgPos preDefs termMeasure?s
+  let ((recArgPoss, preDefsNonRec, numFixed), state) ← run <| inferRecArgPos preDefs termMeasure?s
   for recArgPos in recArgPoss, preDef in preDefs do
     reporttermMeasure preDef recArgPos
   state.addMatchers.forM liftM
@@ -192,13 +190,9 @@ def structuralRecursion (preDefs : Array PreDefinition) (termMeasure?s : Array (
         for theorems and definitions that are propositions.
         See issue #2327
         -/
-        registerEqnsInfo preDef (preDefs.map (·.declName)) recArgPos fixedParamPerms
+        registerEqnsInfo preDef (preDefs.map (·.declName)) recArgPos numFixed
     addSmartUnfoldingDef preDef recArgPos
     markAsRecursive preDef.declName
-  for preDef in preDefs do
-    -- must happen in separate loop so realizations can see eqnInfos of all other preDefs
-    enableRealizationsForConst preDef.declName
-    -- must happen after `enableRealizationsForConst`
     generateEagerEqns preDef.declName
   applyAttributesOf preDefsNonRec AttributeApplicationTime.afterCompilation
 

src/Lean/Elab/PreDefinition/Structural/RecArgInfo.lean

@@ -6,7 +6,6 @@ Authors: Leonardo de Moura, Joachim Breitner
 prelude
 import Lean.Meta.Basic
 import Lean.Meta.ForEachExpr
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Elab.PreDefinition.Structural.IndGroupInfo
 
 namespace Lean.Elab.Structural
@@ -15,18 +14,18 @@ namespace Lean.Elab.Structural
 /--
 Information about the argument of interest of a structurally recursive function.
 
-The `Expr`s in this data structure expect the fixed parameters to be in scope, but not the other
+The `Expr`s in this data structure expect the `fixedParams` to be in scope, but not the other
 parameters of the function. This ensures that this data structure makes sense in the other functions
 of a mutually recursive group.
 -/
 structure RecArgInfo where
   /-- the name of the recursive function -/
   fnName       : Name
-  /-- Information which arguments are fixed -/
-  fixedParamPerm : FixedParamPerm
-  /-- position of the argument we are recursing on, among all parameters -/
+  /-- the fixed prefix of arguments of the function we are trying to justify termination using structural recursion. -/
+  numFixed     : Nat
+  /-- position (counted including fixed prefix) of the argument we are recursing on -/
   recArgPos    : Nat
-  /-- position of the indices of the inductive datatype we are recursing on, among all parameters -/
+  /-- position (counted including fixed prefix) of the indices of the inductive datatype we are recursing on -/
   indicesPos   : Array Nat
   /-- The inductive group (with parameters) of the argument's type -/
   indGroupInst : IndGroupInst
@@ -37,29 +36,23 @@ structure RecArgInfo where
   indIdx       : Nat
 deriving Inhabited, Repr
 
-  /-- position of the argument and its indices we are recursing on, among all parameters -/
-def RecArgInfo.indicesAndRecArgPos (info : RecArgInfo) : Array Nat :=
-  info.indicesPos.push info.recArgPos
-
 /--
-If `xs` are the varing parameters of the functions, partitions them into indices and major
-arguments, and other parameters.
+If `xs` are the parameters of the functions (excluding fixed prefix), partitions them
+into indices and major arguments, and other parameters.
 -/
 def RecArgInfo.pickIndicesMajor (info : RecArgInfo) (xs : Array Expr) : (Array Expr × Array Expr) := Id.run do
-  -- To simplify the index calculation, pad xs with dummy values where fixed parameters are
-  let xs := info.fixedParamPerm.buildArgs (mkArray info.fixedParamPerm.numFixed (mkSort 0)) xs
   -- First indices and major arg, using the order they appear in `info.indicesPos`
   let mut indexMajorArgs := #[]
   let indexMajorPos := info.indicesPos.push info.recArgPos
   for j in indexMajorPos do
-    indexMajorArgs := indexMajorArgs.push xs[j]!
+    assert! info.numFixed ≤ j && j - info.numFixed < xs.size
+    indexMajorArgs := indexMajorArgs.push xs[j - info.numFixed]!
   -- Then the other arguments, in the order they appear in `xs`
-  let mut otherVaryingArgs := #[]
+  let mut otherArgs := #[]
   for h : i in [:xs.size] do
-    unless indexMajorPos.contains i do
-      unless info.fixedParamPerm.isFixed i do
-        otherVaryingArgs := otherVaryingArgs.push xs[i]
-  return (indexMajorArgs, otherVaryingArgs)
+    unless indexMajorPos.contains (i + info.numFixed) do
+      otherArgs := otherArgs.push xs[i]
+  return (indexMajorArgs, otherArgs)
 
 /--
 Name of the recursive data type. Assumes that it is not one of the auxiliary ones.

src/Lean/Elab/PreDefinition/TerminationMeasure.lean

@@ -52,6 +52,7 @@ Elaborates a `TerminationBy` to an `TerminationMeasure`.
 def TerminationMeasure.elab (funName : Name) (type : Expr) (arity extraParams : Nat)
     (hint : TerminationBy) : TermElabM TerminationMeasure := withDeclName funName do
   assert! extraParams ≤ arity
+
   if h : hint.vars.size > extraParams then
     let mut msg := m!"{parameters hint.vars.size} bound in `termination_by`, but the body of " ++
       m!"{funName} only binds {parameters extraParams}."
@@ -63,7 +64,7 @@ def TerminationMeasure.elab (funName : Name) (type : Expr) (arity extraParams :
 
   -- Bring parameters before the colon into scope
   let r ← withoutErrToSorry <|
-    forallBoundedTelescope (cleanupAnnotations := true) type (arity - extraParams) fun ys type' => do
+    forallBoundedTelescope type (arity - extraParams) fun ys type' => do
       -- Bring the variables bound by `termination_by` into scope.
       elabFunBinders hint.vars (some type') fun xs type' => do
         -- Elaborate the body in this local environment

src/Lean/Elab/PreDefinition/WF/Eqns.lean

@@ -10,7 +10,6 @@ import Lean.Elab.PreDefinition.Basic
 import Lean.Elab.PreDefinition.Eqns
 import Lean.Meta.ArgsPacker.Basic
 import Lean.Elab.PreDefinition.WF.Unfold
-import Lean.Elab.PreDefinition.FixedParams
 import Init.Data.Array.Basic
 
 namespace Lean.Elab.WF
@@ -22,15 +21,13 @@ structure EqnInfo extends EqnInfoCore where
   declNameNonRec  : Name
   fixedPrefixSize : Nat
   argsPacker      : ArgsPacker
-  fixedParamPerms : FixedParamPerms
   deriving Inhabited
 
 
 builtin_initialize eqnInfoExt : MapDeclarationExtension EqnInfo ← mkMapDeclarationExtension
 
-def registerEqnsInfo (preDefs : Array PreDefinition) (declNameNonRec : Name) (fixedParamPerms : FixedParamPerms)
+def registerEqnsInfo (preDefs : Array PreDefinition) (declNameNonRec : Name) (fixedPrefixSize : Nat)
     (argsPacker : ArgsPacker) : MetaM Unit := do
-  let fixedPrefixSize := fixedParamPerms.numFixed
   preDefs.forM fun preDef => ensureEqnReservedNamesAvailable preDef.declName
   /-
   See issue #2327.
@@ -43,7 +40,7 @@ def registerEqnsInfo (preDefs : Array PreDefinition) (declNameNonRec : Name) (fi
       modifyEnv fun env =>
         preDefs.foldl (init := env) fun env preDef =>
           eqnInfoExt.insert env preDef.declName { preDef with
-            declNames, declNameNonRec, fixedPrefixSize, argsPacker, fixedParamPerms }
+            declNames, declNameNonRec, fixedPrefixSize, argsPacker }
 
 def getEqnsFor? (declName : Name) : MetaM (Option (Array Name)) := do
   if let some info := eqnInfoExt.find? (← getEnv) declName then

src/Lean/Elab/PreDefinition/WF/Fix.lean

@@ -17,11 +17,6 @@ import Lean.Util.HasConstCache
 namespace Lean.Elab.WF
 open Meta
 
-register_builtin_option debug.definition.wf.replaceRecApps : Bool := {
-    defValue := false
-    descr    := "Type check every step of the well-founded definition translation"
-  }
-
 /-
 Creates a subgoal for a recursive call, as an unsolved `MVar`. The goal is cleaned up, and
 the current syntax reference is stored in the `MVar`’s type as a `RecApp` marker, for
@@ -37,13 +32,11 @@ private def mkDecreasingProof (decreasingProp : Expr) : TermElabM Expr := do
 
 private partial def replaceRecApps (recFnName : Name) (fixedPrefixSize : Nat) (F : Expr) (e : Expr) : TermElabM Expr := do
   trace[Elab.definition.wf] "replaceRecApps:{indentExpr e}"
-  trace[Elab.definition.wf] "type of functorial {F} is{indentExpr (← inferType F)}"
-  let e ← loop F e |>.run' {}
-  return e
+  trace[Elab.definition.wf] "{F} : {← inferType F}"
+  loop F e |>.run' {}
 where
   processRec (F : Expr) (e : Expr) : StateRefT (HasConstCache #[recFnName]) TermElabM Expr := do
     if e.getAppNumArgs < fixedPrefixSize + 1 then
-      trace[Elab.definition.wf] "replaceRecApp: eta-expanding{indentExpr e}"
       loop F (← etaExpand e)
     else
       let args := e.getAppArgs
@@ -62,19 +55,6 @@ where
     modifyGet (·.contains e)
 
   loop (F : Expr) (e : Expr) : StateRefT (HasConstCache #[recFnName]) TermElabM Expr := do
-    let e' ← loopGo F e
-    if (debug.definition.wf.replaceRecApps.get (← getOptions)) then
-      withTransparency .all do withNewMCtxDepth do
-        unless (← isTypeCorrect e') do
-          throwError "Type error introduced when transforming{indentExpr e}\nto{indentExpr e'}"
-        let t1 ← inferType e
-        let t2 ← inferType e'
-        unless (← isDefEq t1 t2) do
-          let (t1, t2) ← addPPExplicitToExposeDiff t1 t2
-          throwError "Type not preserved transforming{indentExpr e}\nto{indentExpr e'}\nType was{indentExpr t1}\nand now is{indentExpr t2}"
-    return e'
-
-  loopGo (F : Expr) (e : Expr) : StateRefT (HasConstCache #[recFnName]) TermElabM Expr := do
     if !(← containsRecFn e) then
       return e
     match e with
@@ -103,8 +83,7 @@ where
               unless xs.size = numParams do
                 throwError "unexpected matcher application alternative{indentExpr alt}\nat application{indentExpr e}"
               let FAlt := xs[numParams - 1]!
-              let altBody' ← loop FAlt altBody
-              mkLambdaFVars xs altBody'
+              mkLambdaFVars xs (← loop FAlt altBody)
           return { matcherApp with alts := altsNew, discrs := (← matcherApp.discrs.mapM (loop F)) }.toExpr
         else
           processApp F e
@@ -204,35 +183,34 @@ def groupGoalsByFunction (argsPacker : ArgsPacker) (numFuncs : Nat) (goals : Arr
     r := r.modify funidx (·.push goal)
   return r
 
-def solveDecreasingGoals (funNames : Array Name) (argsPacker : ArgsPacker) (decrTactics : Array (Option DecreasingBy)) (value : Expr) : MetaM Expr := do
+def solveDecreasingGoals (argsPacker : ArgsPacker) (decrTactics : Array (Option DecreasingBy)) (value : Expr) : MetaM Expr := do
   let goals ← getMVarsNoDelayed value
   let goals ← assignSubsumed goals
   let goalss ← groupGoalsByFunction argsPacker decrTactics.size goals
-  for funName in funNames, goals in goalss, decrTactic? in decrTactics do
+  for goals in goalss, decrTactic? in decrTactics do
     Lean.Elab.Term.TermElabM.run' do
-    Term.withDeclName funName do
-      match decrTactic? with
-      | none => do
-        for goal in goals do
-          let type ← goal.getType
-          let some ref := getRecAppSyntax? (← goal.getType)
-            | throwError "MVar not annotated as a recursive call:{indentExpr type}"
-          withRef ref <| applyDefaultDecrTactic goal
-      | some decrTactic => withRef decrTactic.ref do
-        unless goals.isEmpty do -- unlikely to be empty
-          -- make info from `runTactic` available
-          goals.forM fun goal => pushInfoTree (.hole goal)
-          let remainingGoals ← Tactic.run goals[0]! do
-            Tactic.setGoals goals.toList
-            applyCleanWfTactic
-            Tactic.withTacticInfoContext decrTactic.ref do
-              Tactic.evalTactic decrTactic.tactic
-          unless remainingGoals.isEmpty do
-            Term.reportUnsolvedGoals remainingGoals
+    match decrTactic? with
+    | none => do
+      for goal in goals do
+        let type ← goal.getType
+        let some ref := getRecAppSyntax? (← goal.getType)
+          | throwError "MVar not annotated as a recursive call:{indentExpr type}"
+        withRef ref <| applyDefaultDecrTactic goal
+    | some decrTactic => withRef decrTactic.ref do
+      unless goals.isEmpty do -- unlikely to be empty
+        -- make info from `runTactic` available
+        goals.forM fun goal => pushInfoTree (.hole goal)
+        let remainingGoals ← Tactic.run goals[0]! do
+          Tactic.setGoals goals.toList
+          applyCleanWfTactic
+          Tactic.withTacticInfoContext decrTactic.ref do
+            Tactic.evalTactic decrTactic.tactic
+        unless remainingGoals.isEmpty do
+          Term.reportUnsolvedGoals remainingGoals
   instantiateMVars value
 
 def mkFix (preDef : PreDefinition) (prefixArgs : Array Expr) (argsPacker : ArgsPacker)
-    (wfRel : Expr) (funNames : Array Name) (decrTactics : Array (Option DecreasingBy)) : TermElabM Expr := do
+    (wfRel : Expr) (decrTactics : Array (Option DecreasingBy)) : TermElabM Expr := do
   let type ← instantiateForall preDef.type prefixArgs
   let (wfFix, varName) ← forallBoundedTelescope type (some 1) fun x type => do
     let x := x[0]!
@@ -255,7 +233,7 @@ def mkFix (preDef : PreDefinition) (prefixArgs : Array Expr) (argsPacker : ArgsP
       let val := preDef.value.beta (prefixArgs.push x)
       let val ← processSumCasesOn x F val fun x F val => do
         processPSigmaCasesOn x F val (replaceRecApps preDef.declName prefixArgs.size)
-      let val ← solveDecreasingGoals funNames argsPacker decrTactics val
+      let val ← solveDecreasingGoals argsPacker decrTactics val
       mkLambdaFVars prefixArgs (mkApp wfFix (← mkLambdaFVars #[x, F] val))
 
 end Lean.Elab.WF

src/Lean/Elab/PreDefinition/WF/GuessLex.lean

@@ -13,10 +13,8 @@ import Lean.Meta.ArgsPacker
 import Lean.Elab.Quotation
 import Lean.Elab.RecAppSyntax
 import Lean.Elab.PreDefinition.Basic
-import Lean.Elab.PreDefinition.Mutual
 import Lean.Elab.PreDefinition.Structural.Basic
 import Lean.Elab.PreDefinition.TerminationMeasure
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Elab.PreDefinition.WF.Basic
 import Lean.Data.Array
 
@@ -171,25 +169,24 @@ def withUserNames {α} (xs : Array Expr) (ns : Array Name) (k : MetaM α) : Meta
   withLCtx' lctx k
 
 /-- Create one measure for each (eligible) parameter of the given predefintion.  -/
-def simpleMeasures (preDefs : Array PreDefinition) (fixedParamPerms : FixedParamPerms)
+def simpleMeasures (preDefs : Array PreDefinition) (fixedPrefixSize : Nat)
     (userVarNamess : Array (Array Name)) : MetaM (Array (Array BasicMeasure)) := do
   let is_mutual : Bool := preDefs.size > 1
   preDefs.mapIdxM fun funIdx preDef => do
-    lambdaTelescope preDef.value fun params _ => do
-      let xs := fixedParamPerms.perms[funIdx]!.pickVarying params
-      withUserNames xs userVarNamess[funIdx]! do
+    lambdaTelescope preDef.value fun xs _ => do
+      withUserNames xs[fixedPrefixSize:] userVarNamess[funIdx]! do
         let mut ret : Array BasicMeasure := #[]
-        for x in xs do
+        for x in xs[fixedPrefixSize:] do
           -- If the `SizeOf` instance produces a constant (e.g. because it's type is a `Prop` or
           -- `Type`), then ignore this parameter
           let sizeOf ← whnfD (← mkAppM ``sizeOf #[x])
           if sizeOf.isLit then continue
 
-          let natFn ← mkLambdaFVars params (← mkAppM ``sizeOf #[x])
+          let natFn ← mkLambdaFVars xs (← mkAppM ``sizeOf #[x])
           -- Determine if we need to exclude `sizeOf` in the measure we show/pass on.
           let fn ←
-            if  ← mayOmitSizeOf is_mutual xs x
-            then mkLambdaFVars params x
+            if  ← mayOmitSizeOf is_mutual xs[fixedPrefixSize:] x
+            then mkLambdaFVars xs x
             else pure natFn
           ret := ret.push { ref := .missing, structural := false, fn, natFn }
         return ret
@@ -342,26 +339,24 @@ def filterSubsumed (rcs : Array RecCallWithContext ) : Array RecCallWithContext
 Traverse a unary `PreDefinition`, and returns a `WithRecCall` closure for each recursive
 call site.
 -/
-def collectRecCalls (unaryPreDef : PreDefinition) (fixedParamPerms : FixedParamPerms)
+def collectRecCalls (unaryPreDef : PreDefinition) (fixedPrefixSize : Nat)
     (argsPacker : ArgsPacker) : MetaM (Array RecCallWithContext) := withoutModifyingState do
   addAsAxiom unaryPreDef
-  lambdaBoundedTelescope unaryPreDef.value (fixedParamPerms.numFixed + 1) fun xs body => do
-    unless xs.size == fixedParamPerms.numFixed + 1 do
+  lambdaBoundedTelescope unaryPreDef.value (fixedPrefixSize + 1) fun xs body => do
+    unless xs.size == fixedPrefixSize + 1 do
       throwError "Unexpected number of lambdas in unary pre-definition"
-    let ys := xs[:fixedParamPerms.numFixed]
-    let param := xs[fixedParamPerms.numFixed]!
-    withRecApps unaryPreDef.declName fixedParamPerms.numFixed param body fun param args => do
-      unless args.size ≥ fixedParamPerms.numFixed + 1 do
+    let ys := xs[:fixedPrefixSize]
+    let param := xs[fixedPrefixSize]!
+    withRecApps unaryPreDef.declName fixedPrefixSize param body fun param args => do
+      unless args.size ≥ fixedPrefixSize + 1 do
         throwError "Insufficient arguments in recursive call"
-      let arg := args[fixedParamPerms.numFixed]!
+      let arg := args[fixedPrefixSize]!
       trace[Elab.definition.wf] "collectRecCalls: {unaryPreDef.declName} ({param}) → {unaryPreDef.declName} ({arg})"
       let some (caller, params) := argsPacker.unpack param
         | throwError "Cannot unpack param, unexpected expression:{indentExpr param}"
       let some (callee, args) := argsPacker.unpack arg
         | throwError "Cannot unpack arg, unexpected expression:{indentExpr arg}"
-      let callerParams := fixedParamPerms.perms[caller]!.buildArgs ys params
-      let calleeArgs := fixedParamPerms.perms[callee]!.buildArgs ys args
-      RecCallWithContext.create (← getRef) caller callerParams callee calleeArgs
+      RecCallWithContext.create (← getRef) caller (ys ++ params) callee (ys ++ args)
 
 /-- Is the expression a `<`-like comparison of `Nat` expressions -/
 def isNatCmp (e : Expr) : Option (Expr × Expr) :=
@@ -372,7 +367,7 @@ def isNatCmp (e : Expr) : Option (Expr × Expr) :=
   | GE.ge α _ e₁ e₂ => if α.isConstOf ``Nat then some (e₂, e₁) else none
   | _ => none
 
-def complexMeasures (preDefs : Array PreDefinition) (fixedParamPerms : FixedParamPerms)
+def complexMeasures (preDefs : Array PreDefinition) (fixedPrefixSize : Nat)
     (userVarNamess : Array (Array Name)) (recCalls : Array RecCallWithContext) :
     MetaM (Array (Array BasicMeasure)) := do
   preDefs.mapIdxM fun funIdx _preDef => do
@@ -382,21 +377,20 @@ def complexMeasures (preDefs : Array PreDefinition) (fixedParamPerms : FixedPara
       unless rc.caller = funIdx do continue
       -- Only look at calls where the parameters have not been refined
       unless rc.params.all (·.isFVar) do continue
-      let varyingParams := fixedParamPerms.perms[funIdx]!.pickVarying rc.params
-      let varyingFVars := varyingParams.map (·.fvarId!)
-      let params := rc.params.map (·.fvarId!)
+      let xs := rc.params.map (·.fvarId!)
+      let varyingParams : Array FVarId := xs[fixedPrefixSize:]
       measures ← rc.ctxt.run do
-        withUserNames varyingParams userVarNamess[funIdx]! do
+        withUserNames rc.params[fixedPrefixSize:] userVarNamess[funIdx]! do
         trace[Elab.definition.wf] "rc: {rc.caller} ({rc.params}) → {rc.callee} ({rc.args})"
         let mut measures := measures
         for ldecl in ← getLCtx do
           if let some (e₁, e₂) := isNatCmp ldecl.type then
             -- We only want to consider these expressions if they depend only on the function's
             -- immediate arguments, so check that
-            if e₁.hasAnyFVar (! params.contains ·) then continue
-            if e₂.hasAnyFVar (! params.contains ·) then continue
+            if e₁.hasAnyFVar (! xs.contains ·) then continue
+            if e₂.hasAnyFVar (! xs.contains ·) then continue
             -- If e₁ does not depend on any varying parameters, simply ignore it
-            let e₁_is_const := ! e₁.hasAnyFVar (varyingFVars.contains ·)
+            let e₁_is_const := ! e₁.hasAnyFVar (varyingParams.contains ·)
             let body := if e₁_is_const then e₂ else mkNatSub e₂ e₁
             -- Avoid adding simple measures
             unless body.isFVar do
@@ -432,7 +426,7 @@ def GuessLexRel.toNatRel : GuessLexRel → Expr
 For a given recursive call, and a choice of parameter and argument index,
 try to prove equality, < or ≤.
 -/
-def evalRecCall (callerName: Name) (decrTactic? : Option DecreasingBy) (callerMeasures calleeMeasures : Array BasicMeasure)
+def evalRecCall (decrTactic? : Option DecreasingBy) (callerMeasures calleeMeasures : Array BasicMeasure)
   (rcc : RecCallWithContext) (callerMeasureIdx calleeMeasureIdx : Nat) : MetaM GuessLexRel := do
   rcc.ctxt.run do
     let callerMeasure := callerMeasures[callerMeasureIdx]!
@@ -452,28 +446,26 @@ def evalRecCall (callerName: Name) (decrTactic? : Option DecreasingBy) (callerMe
         if rel = .eq then
           MVarId.refl mvarId
         else do
-          Lean.Elab.Term.TermElabM.run' do Term.withDeclName callerName do
-            Term.withoutErrToSorry do
-              let remainingGoals ← Tactic.run mvarId do Tactic.withoutRecover do
-                applyCleanWfTactic
-                let tacticStx : Syntax ←
-                  match decrTactic? with
-                  | none => pure (← `(tactic| decreasing_tactic)).raw
-                  | some decrTactic =>
-                    trace[Elab.definition.wf] "Using tactic {decrTactic.tactic.raw}"
-                    pure decrTactic.tactic.raw
-                Tactic.evalTactic tacticStx
-              remainingGoals.forM fun _ => throwError "goal not solved"
+          Lean.Elab.Term.TermElabM.run' do Term.withoutErrToSorry do
+            let remainingGoals ← Tactic.run mvarId do Tactic.withoutRecover do
+              applyCleanWfTactic
+              let tacticStx : Syntax ←
+                match decrTactic? with
+                | none => pure (← `(tactic| decreasing_tactic)).raw
+                | some decrTactic =>
+                  trace[Elab.definition.wf] "Using tactic {decrTactic.tactic.raw}"
+                  pure decrTactic.tactic.raw
+              Tactic.evalTactic tacticStx
+            remainingGoals.forM fun _ => throwError "goal not solved"
         trace[Elab.definition.wf] "inspectRecCall: success!"
         return rel
-      catch e =>
-        trace[Elab.definition.wf] "Did not find {rel} proof. Goal:{goalsToMessageData [mvarId]}\nError:{indentD e.toMessageData}"
+      catch _e =>
+        trace[Elab.definition.wf] "Did not find {rel} proof: {goalsToMessageData [mvarId]}"
         continue
     return .no_idea
 
 /- A cache for `evalRecCall` -/
 structure RecCallCache where mk'' ::
-  callerName : Name
   decrTactic? : Option DecreasingBy
   callerMeasures : Array BasicMeasure
   calleeMeasures : Array BasicMeasure
@@ -481,15 +473,14 @@ structure RecCallCache where mk'' ::
   cache : IO.Ref (Array (Array (Option GuessLexRel)))
 
 /-- Create a cache to memoize calls to `evalRecCall descTactic? rcc` -/
-def RecCallCache.mk (funNames : Array Name) (decrTactics : Array (Option DecreasingBy)) (measuress : Array (Array BasicMeasure))
+def RecCallCache.mk (decrTactics : Array (Option DecreasingBy)) (measuress : Array (Array BasicMeasure))
     (rcc : RecCallWithContext) :
     BaseIO RecCallCache := do
-  let callerName := funNames[rcc.caller]!
   let decrTactic? := decrTactics[rcc.caller]!
   let callerMeasures := measuress[rcc.caller]!
   let calleeMeasures := measuress[rcc.callee]!
   let cache ← IO.mkRef <| Array.mkArray callerMeasures.size (Array.mkArray calleeMeasures.size Option.none)
-  return { callerName, decrTactic?, callerMeasures, calleeMeasures, rcc, cache }
+  return { decrTactic?, callerMeasures, calleeMeasures, rcc, cache }
 
 /-- Run `evalRecCall` and cache there result -/
 def RecCallCache.eval (rc: RecCallCache) (callerMeasureIdx calleeMeasureIdx : Nat) : MetaM GuessLexRel := do
@@ -497,7 +488,7 @@ def RecCallCache.eval (rc: RecCallCache) (callerMeasureIdx calleeMeasureIdx : Na
   if let Option.some res := (← rc.cache.get)[callerMeasureIdx]![calleeMeasureIdx]! then
     return res
   else
-    let res ← evalRecCall  rc.callerName rc.decrTactic? rc.callerMeasures rc.calleeMeasures rc.rcc callerMeasureIdx calleeMeasureIdx
+    let res ← evalRecCall rc.decrTactic? rc.callerMeasures rc.calleeMeasures rc.rcc callerMeasureIdx calleeMeasureIdx
     rc.cache.modify (·.modify callerMeasureIdx (·.set! calleeMeasureIdx res))
     return res
 
@@ -748,18 +739,17 @@ def mkProdElem (xs : Array Expr) : MetaM Expr := do
     let n := xs.size
     xs[0:n-1].foldrM (init:=xs[n-1]!) fun x p => mkAppM ``Prod.mk #[x,p]
 
-def toTerminationMeasures (preDefs : Array PreDefinition) (fixedParamPerms : FixedParamPerms)
+def toTerminationMeasures (preDefs : Array PreDefinition) (fixedPrefixSize : Nat)
     (userVarNamess : Array (Array Name)) (measuress : Array (Array BasicMeasure))
     (solution : Array MutualMeasure) : MetaM TerminationMeasures := do
   preDefs.mapIdxM fun funIdx preDef => do
     let measures := measuress[funIdx]!
-    lambdaTelescope preDef.value fun params _ => do
-      let xs := fixedParamPerms.perms[funIdx]!.pickVarying params
-      withUserNames xs userVarNamess[funIdx]! do
+    lambdaTelescope preDef.value fun xs _ => do
+      withUserNames xs[fixedPrefixSize:] userVarNamess[funIdx]! do
         let args := solution.map fun
-          | .args tmIdxs => measures[tmIdxs[funIdx]!]!.fn.beta params
+          | .args tmIdxs => measures[tmIdxs[funIdx]!]!.fn.beta xs
           | .func funIdx' => mkNatLit <| if funIdx' == funIdx then 1 else 0
-        let fn ← mkLambdaFVars params (← mkProdElem args)
+        let fn ← mkLambdaFVars xs (← mkProdElem args)
         return { ref := .missing, structural := false, fn}
 
 /--
@@ -787,19 +777,19 @@ terminates. See the module doc string for a high-level overview.
 The `preDefs` are used to determine arity and types of parameters; the bodies are ignored.
 -/
 def guessLex (preDefs : Array PreDefinition) (unaryPreDef : PreDefinition)
-    (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) :
+    (fixedPrefixSize : Nat) (argsPacker : ArgsPacker) :
     MetaM TerminationMeasures := do
   let userVarNamess ← argsPacker.varNamess.mapM (naryVarNames ·)
   trace[Elab.definition.wf] "varNames is: {userVarNamess}"
 
   -- Collect all recursive calls and extract their context
-  let recCalls ← collectRecCalls unaryPreDef fixedParamPerms argsPacker
+  let recCalls ← collectRecCalls unaryPreDef fixedPrefixSize argsPacker
   let recCalls := filterSubsumed recCalls
 
   -- For every function, the measures we want to use
   -- (One for each non-forbiddend arg)
-  let basicMeassures₁ ← simpleMeasures preDefs fixedParamPerms userVarNamess
-  let basicMeassures₂ ← complexMeasures preDefs fixedParamPerms userVarNamess recCalls
+  let basicMeassures₁ ← simpleMeasures preDefs fixedPrefixSize userVarNamess
+  let basicMeassures₂ ← complexMeasures preDefs fixedPrefixSize userVarNamess recCalls
   let basicMeasures := Array.zipWith (· ++ ·) basicMeassures₁ basicMeassures₂
 
   -- The list of measures, including the measures that order functions.
@@ -808,16 +798,16 @@ def guessLex (preDefs : Array PreDefinition) (unaryPreDef : PreDefinition)
 
   -- If there is only one plausible measure, use that
   if let #[solution] := mutualMeasures then
-    let termMeasures ← toTerminationMeasures preDefs fixedParamPerms userVarNamess basicMeasures #[solution]
+    let termMeasures ← toTerminationMeasures preDefs fixedPrefixSize userVarNamess basicMeasures #[solution]
     reportTerminationMeasures preDefs termMeasures
     return termMeasures
 
-  let rcs ← recCalls.mapM (RecCallCache.mk (preDefs.map (·.declName)) (preDefs.map (·.termination.decreasingBy?)) basicMeasures ·)
+  let rcs ← recCalls.mapM (RecCallCache.mk (preDefs.map (·.termination.decreasingBy?)) basicMeasures ·)
   let callMatrix := rcs.map (inspectCall ·)
 
   match ← liftMetaM <| solve mutualMeasures callMatrix with
   | .some solution => do
-    let termMeasures ← toTerminationMeasures preDefs fixedParamPerms userVarNamess basicMeasures solution
+    let termMeasures ← toTerminationMeasures preDefs fixedPrefixSize userVarNamess basicMeasures solution
     reportTerminationMeasures preDefs termMeasures
     return termMeasures
   | .none =>

src/Lean/Elab/PreDefinition/WF/Main.lean

@@ -23,11 +23,12 @@ def wfRecursion (preDefs : Array PreDefinition) (termMeasure?s : Array (Option T
   let termMeasures? := termMeasure?s.mapM id -- Either all or none, checked by `elabTerminationByHints`
   let preDefs ← preDefs.mapM fun preDef =>
     return { preDef with value := (← floatRecApp preDef.value) }
-  let (fixedParamPerms, argsPacker, unaryPreDef, wfPreprocessProofs) ← withoutModifyingEnv do
+  let (fixedPrefixSize, argsPacker, unaryPreDef, wfPreprocessProofs) ← withoutModifyingEnv do
     for preDef in preDefs do
       addAsAxiom preDef
-    let fixedParamPerms ← getFixedParamPerms preDefs
-    let varNamess ← preDefs.mapIdxM fun i preDef => varyingVarNames fixedParamPerms i preDef
+    let fixedPrefixSize ← Mutual.getFixedPrefix preDefs
+    trace[Elab.definition.wf] "fixed prefix: {fixedPrefixSize}"
+    let varNamess ← preDefs.mapM (varyingVarNames fixedPrefixSize ·)
     for varNames in varNamess, preDef in preDefs do
       if varNames.isEmpty then
         throwError "well-founded recursion cannot be used, '{preDef.declName}' does not take any (non-fixed) arguments"
@@ -35,41 +36,38 @@ def wfRecursion (preDefs : Array PreDefinition) (termMeasure?s : Array (Option T
     let (preDefsAttached, wfPreprocessProofs) ← Array.unzip <$> preDefs.mapM fun preDef => do
       let result ← preprocess preDef.value
       return ({preDef with value := result.expr}, result)
-    let unaryPreDef ← packMutual fixedParamPerms argsPacker preDefsAttached
-    return (fixedParamPerms, argsPacker, unaryPreDef, wfPreprocessProofs)
-  trace[Elab.definition.wf] "unaryPreDef:{indentD unaryPreDef.value}"
+    return (fixedPrefixSize, argsPacker, ← packMutual fixedPrefixSize argsPacker preDefsAttached, wfPreprocessProofs)
 
   let wf : TerminationMeasures ← do
     if let some tms := termMeasures? then pure tms else
     -- No termination_by here, so use GuessLex to infer one
-    guessLex preDefs unaryPreDef fixedParamPerms argsPacker
+    guessLex preDefs unaryPreDef fixedPrefixSize argsPacker
 
-  let preDefNonRec ← forallBoundedTelescope unaryPreDef.type fixedParamPerms.numFixed fun fixedArgs type => do
+  let preDefNonRec ← forallBoundedTelescope unaryPreDef.type fixedPrefixSize fun prefixArgs type => do
     let type ← whnfForall type
     unless type.isForall do
       throwError "wfRecursion: expected unary function type: {type}"
     let packedArgType := type.bindingDomain!
-    elabWFRel (preDefs.map (·.declName)) unaryPreDef.declName fixedParamPerms fixedArgs argsPacker packedArgType wf fun wfRel => do
+    elabWFRel (preDefs.map (·.declName)) unaryPreDef.declName prefixArgs argsPacker packedArgType wf fun wfRel => do
       trace[Elab.definition.wf] "wfRel: {wfRel}"
       let (value, envNew) ← withoutModifyingEnv' do
         addAsAxiom unaryPreDef
-        let value ← mkFix unaryPreDef fixedArgs argsPacker wfRel (preDefs.map (·.declName)) (preDefs.map (·.termination.decreasingBy?))
+        let value ← mkFix unaryPreDef prefixArgs argsPacker wfRel (preDefs.map (·.termination.decreasingBy?))
         eraseRecAppSyntaxExpr value
       /- `mkFix` invokes `decreasing_tactic` which may add auxiliary theorems to the environment. -/
       let value ← unfoldDeclsFrom envNew value
       return { unaryPreDef with value }
 
   trace[Elab.definition.wf] ">> {preDefNonRec.declName} :=\n{preDefNonRec.value}"
-  let preDefsNonrec ← preDefsFromUnaryNonRec fixedParamPerms argsPacker preDefs preDefNonRec
+  let preDefsNonrec ← preDefsFromUnaryNonRec fixedPrefixSize argsPacker preDefs preDefNonRec
   Mutual.addPreDefsFromUnary preDefs preDefsNonrec preDefNonRec
   let preDefs ← Mutual.cleanPreDefs preDefs
-  registerEqnsInfo preDefs preDefNonRec.declName fixedParamPerms argsPacker
+  registerEqnsInfo preDefs preDefNonRec.declName fixedPrefixSize argsPacker
   for preDef in preDefs, wfPreprocessProof in wfPreprocessProofs do
     unless preDef.kind.isTheorem do
       unless (← isProp preDef.type) do
         WF.mkUnfoldEq preDef preDefNonRec.declName wfPreprocessProof
   Mutual.addPreDefAttributes preDefs
-  enableRealizationsForConst preDefNonRec.declName
 
 builtin_initialize registerTraceClass `Elab.definition.wf
 

src/Lean/Elab/PreDefinition/WF/PackMutual.lean

@@ -6,7 +6,6 @@ Authors: Leonardo de Moura, Joachim Breitner
 prelude
 import Lean.Meta.ArgsPacker
 import Lean.Elab.PreDefinition.Basic
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Elab.PreDefinition.WF.Eqns
 
 /-!
@@ -39,7 +38,7 @@ def withAppN (n : Nat) (e : Expr) (k : Array Expr → MetaM Expr) : MetaM Expr :
 /--
 Processes the expression and replaces calls to  the `preDefs` with calls to `f`.
 -/
-def packCalls (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) (funNames : Array Name) (newF : Expr)
+def packCalls (fixedPrefix : Nat) (argsPacker : ArgsPacker) (funNames : Array Name) (newF : Expr)
   (e : Expr) : MetaM Expr := do
   let fType ← inferType newF
   unless fType.isForall do
@@ -50,19 +49,16 @@ def packCalls (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) (fun
     if !f.isConst then
       return TransformStep.done e
     if let some fidx := funNames.idxOf? f.constName! then
-      assert! fidx < fixedParamPerms.perms.size
-      let mask := fixedParamPerms.perms[fidx]!.map Option.isSome
-      let arity := mask.size
+      let arity := fixedPrefix + argsPacker.varNamess[fidx]!.size
       let e' ← withAppN arity e fun args => do
-        let varying := fixedParamPerms.perms[fidx]!.pickVarying args
-        let packedArg ← argsPacker.pack domain fidx varying
+        let packedArg ← argsPacker.pack domain fidx args[fixedPrefix:]
         return mkApp newF packedArg
       return TransformStep.done e'
     return TransformStep.done e
     )
 
-def mutualName (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) (preDefs : Array PreDefinition) : Name :=
-  if fixedParamPerms.fixedArePrefix && argsPacker.onlyOneUnary then
+def mutualName (argsPacker : ArgsPacker) (preDefs : Array PreDefinition) : Name :=
+  if argsPacker.onlyOneUnary then
     preDefs[0]!.declName
   else
     if argsPacker.numFuncs > 1 then
@@ -74,16 +70,13 @@ def mutualName (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) (pr
 Creates a single unary function from the given `preDefs`, using the machinery in the `ArgPacker`
 module.
 -/
-def packMutual (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) (preDefs : Array PreDefinition) : MetaM PreDefinition := do
-  let newFn := mutualName fixedParamPerms argsPacker preDefs
-  if newFn = preDefs[0]!.declName then
-    return preDefs[0]!
+def packMutual (fixedPrefix : Nat) (argsPacker : ArgsPacker) (preDefs : Array PreDefinition) : MetaM PreDefinition := do
+  if argsPacker.onlyOneUnary then return preDefs[0]!
+  let newFn := mutualName argsPacker preDefs
   -- Bring the fixed prefix into scope
-  fixedParamPerms.perms[0]!.forallTelescope preDefs[0]!.type fun ys => do
-    let types ← preDefs.mapIdxM fun i preDef =>
-      fixedParamPerms.perms[i]!.instantiateForall preDef.type ys
-    let vals ← preDefs.mapIdxM fun i preDef =>
-      fixedParamPerms.perms[i]!.instantiateLambda preDef.value ys
+  forallBoundedTelescope preDefs[0]!.type (some fixedPrefix) fun ys _ => do
+    let types ← preDefs.mapM (instantiateForall ·.type ys)
+    let vals ← preDefs.mapM (instantiateLambda ·.value ys)
 
     let type ← argsPacker.uncurryType types
 
@@ -97,12 +90,12 @@ def packMutual (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker) (pr
     let f := mkAppN (mkConst newFn us) ys
 
     let value ← argsPacker.uncurry vals
-    let value ← packCalls fixedParamPerms argsPacker (preDefs.map (·.declName)) f value
+    let value ← packCalls fixedPrefix argsPacker (preDefs.map (·.declName)) f value
     let value ← mkLambdaFVars ys value
     return { preDefNew with value }
 
 /--
-Collect the names of the varying variables (excluding the fixed parameters); this also determines the
+Collect the names of the varying variables (after the fixed prefix); this also determines the
 arity for the well-founded translations, and is turned into an `ArgsPacker`.
 We use the term to determine the arity, but take the name from the type, for better names in the
 ```
@@ -110,33 +103,26 @@ fun : (n : Nat) → Nat | 0 => 0 | n+1 => fun n
 ```
 idiom.
 -/
-def varyingVarNames (fixedParamPerms : FixedParamPerms) (preDefIdx : Nat) (preDef : PreDefinition) : MetaM (Array Name) := do
+def varyingVarNames (fixedPrefixSize : Nat) (preDef : PreDefinition) : MetaM (Array Name) := do
   -- We take the arity from the term, but the names from the types
   let arity ← lambdaTelescope preDef.value fun xs _ => return xs.size
+  assert! fixedPrefixSize ≤ arity
   forallBoundedTelescope preDef.type arity fun xs _ => do
     assert! xs.size = arity
-    assert! fixedParamPerms.perms[preDefIdx]!.size = arity
-    let mut ns := #[]
-    for x in xs, paramInfo in fixedParamPerms.perms[preDefIdx]! do
-      if paramInfo.isSome then continue -- skip fixed parameters
-      ns := ns.push (← x.fvarId!.getUserName)
-    return ns
+    let xs : Array Expr := xs[fixedPrefixSize:]
+    xs.mapM (·.fvarId!.getUserName)
 
-def preDefsFromUnaryNonRec (fixedParamPerms : FixedParamPerms) (argsPacker : ArgsPacker)
+
+def preDefsFromUnaryNonRec (fixedPrefixSize : Nat) (argsPacker : ArgsPacker)
     (preDefs : Array PreDefinition) (unaryPreDefNonRec : PreDefinition) : MetaM (Array PreDefinition) := do
   withoutModifyingEnv do
     let us := unaryPreDefNonRec.levelParams.map mkLevelParam
     addAsAxiom unaryPreDefNonRec
     preDefs.mapIdxM fun fidx preDef => do
-      let arity := fixedParamPerms.perms[fidx]!.size
-      let value ← forallBoundedTelescope preDef.type (some arity) fun params _ => do
-        assert! arity = params.size
-        let xs := fixedParamPerms.perms[fidx]!.pickFixed params
-        let ys := fixedParamPerms.perms[fidx]!.pickVarying params
+      let value ← forallBoundedTelescope preDef.type (some fixedPrefixSize) fun xs _ => do
         let value := mkAppN (mkConst unaryPreDefNonRec.declName us) xs
         let value ← argsPacker.curryProj value fidx
-        let value := value.beta ys
-        mkLambdaFVars params value
+        mkLambdaFVars xs value
       trace[Elab.definition.wf] "{preDef.declName} := {value}"
       pure { preDef with value }
 

src/Lean/Elab/PreDefinition/WF/Rel.lean

@@ -10,7 +10,6 @@ import Lean.Meta.Tactic.Rename
 import Lean.Elab.SyntheticMVars
 import Lean.Elab.PreDefinition.Basic
 import Lean.Elab.PreDefinition.TerminationMeasure
-import Lean.Elab.PreDefinition.FixedParams
 import Lean.Meta.ArgsPacker
 
 namespace Lean.Elab.WF
@@ -23,18 +22,16 @@ a mutual clique, they must be the same for all functions.
 
 This ensures the preconditions for `ArgsPacker.uncurryND`.
 -/
-def checkCodomains (names : Array Name) (fixedParamPerms : FixedParamPerms) (fixedArgs : Array Expr) (arities : Array Nat)
+def checkCodomains (names : Array Name) (prefixArgs : Array Expr) (arities : Array Nat)
     (termMeasures : TerminationMeasures) : TermElabM Expr := do
   let mut codomains := #[]
-  for name in names, funIdx in [:names.size], arity in arities, termMeasure in termMeasures do
-    let measureType ← inferType termMeasure.fn
-    let measureType ← fixedParamPerms.perms[funIdx]!.instantiateForall measureType fixedArgs
-    let codomain ← forallBoundedTelescope measureType arity fun xs codomain => do
-      assert! xs.size = arity
+  for name in names, arity in arities, termMeasure in termMeasures do
+    let type ← inferType (termMeasure.fn.beta prefixArgs)
+    let codomain ← forallBoundedTelescope type arity fun xs codomain => do
       let fvars := xs.map (·.fvarId!)
       if codomain.hasAnyFVar (fvars.contains ·) then
         throwErrorAt termMeasure.ref  m!"The termination measure's type must not depend on the " ++
-          m!"function's varying parameters, but {name}'s termination measure does:{indentExpr measureType}\n" ++
+          m!"function's varying parameters, but {name}'s termination measure does:{indentExpr type}\n" ++
           "Try using `sizeOf` explicitly"
       pure codomain
     codomains := codomains.push codomain
@@ -54,16 +51,14 @@ If the `termMeasures` map the packed argument `argType` to `β`, then this funct
 continuation a value of type `WellFoundedRelation argType` that is derived from the instance
 for `WellFoundedRelation β` using `invImage`.
 -/
-def elabWFRel (declNames : Array Name) (unaryPreDefName : Name) (fixedParamPerms : FixedParamPerms)
-    (fixedArgs : Array Expr) (argsPacker : ArgsPacker) (argType : Expr) (termMeasures : TerminationMeasures)
+def elabWFRel (declNames : Array Name) (unaryPreDefName : Name) (prefixArgs : Array Expr)
+    (argsPacker : ArgsPacker) (argType : Expr) (termMeasures : TerminationMeasures)
     (k : Expr → TermElabM α) : TermElabM α := withDeclName unaryPreDefName do
   let α := argType
   let u ← getLevel α
-  let β ← checkCodomains declNames fixedParamPerms fixedArgs argsPacker.arities termMeasures
+  let β ← checkCodomains declNames prefixArgs argsPacker.arities termMeasures
   let v ← getLevel β
-  let fns ← termMeasures.mapIdxM fun i measure =>
-    fixedParamPerms.perms[i]!.instantiateLambda measure.fn fixedArgs
-  let packedF ← argsPacker.uncurryND fns
+  let packedF ← argsPacker.uncurryND (termMeasures.map (·.fn.beta prefixArgs))
   let inst ← synthInstance (.app (.const ``WellFoundedRelation [v]) β)
   let rel ← instantiateMVars (mkApp4 (.const ``invImage [u,v]) α β packedF inst)
   k rel

src/Lean/Elab/PreDefinition/WF/Unfold.lean

@@ -75,9 +75,8 @@ private partial def mkUnfoldProof (declName : Name) (mvarId : MVarId) : MetaM Un
         throwError "failed to generate equational theorem for '{declName}'\n{MessageData.ofGoal mvarId}"
 
 def mkUnfoldEq (preDef : PreDefinition) (unaryPreDefName : Name) (wfPreprocessProof : Simp.Result) : MetaM Unit := do
-  let baseName := preDef.declName
-  let name := Name.str baseName unfoldThmSuffix
   withOptions (tactic.hygienic.set · false) do
+    let baseName := preDef.declName
     lambdaTelescope preDef.value fun xs body => do
       let us := preDef.levelParams.map mkLevelParam
       let lhs := mkAppN (Lean.mkConst preDef.declName us) xs
@@ -94,13 +93,11 @@ def mkUnfoldEq (preDef : PreDefinition) (unaryPreDefName : Name) (wfPreprocessPr
       let value ← instantiateMVars main
       let type ← mkForallFVars xs type
       let value ← mkLambdaFVars xs value
+      let name := Name.str baseName unfoldThmSuffix
       addDecl <| Declaration.thmDecl {
         name, type, value
         levelParams := preDef.levelParams
       }
       trace[Elab.definition.wf] "mkUnfoldEq defined {.ofConstName name}"
 
-builtin_initialize
-  registerTraceClass `Elab.definition.wf.eqns
-
 end Lean.Elab.WF

src/Lean/Elab/Structure.lean

@@ -607,9 +607,7 @@ where
       let parentView := view.parents[i]
       withRef parentView.ref do
       -- The only use case for autobound implicits for parents might be outParams, but outParam is not propagated.
-      let parentType ← Term.withoutAutoBoundImplicit <| Term.elabType parentView.type
-      Term.synthesizeSyntheticMVarsNoPostponing
-      let parentType ← whnf parentType
+      let parentType ← whnf <| ← Term.withoutAutoBoundImplicit <| Term.elabType parentView.type
       if parentType.getAppFn == indFVar then
         logWarning "structure extends itself, skipping"
         return ← go (i + 1) infos parents
@@ -827,18 +825,20 @@ private partial def checkResultingUniversesForFields (fieldInfos : Array StructF
         which is not less than or equal to the structure's resulting universe level{indentD u}"
       throwErrorAt info.ref msg
 
+@[extern "lean_mk_projections"]
+private opaque mkProjections (env : Environment) (structName : Name) (projs : List Name) (isClass : Bool) : Except Kernel.Exception Environment
+
 private def addProjections (r : ElabHeaderResult) (fieldInfos : Array StructFieldInfo) : TermElabM Unit := do
-  let projDecls : Array StructProjDecl :=
-    fieldInfos
-    |>.filter (!·.isFromSubobject)
-    |>.map (fun info => { ref := info.ref, projName := info.declName })
-  mkProjections r.view.declName projDecls r.view.isClass
+  if r.type.isProp then
+    if let some fieldInfo ← fieldInfos.findM? (not <$> Meta.isProof ·.fvar) then
+      throwErrorAt fieldInfo.ref m!"failed to generate projections for 'Prop' structure, field '{format fieldInfo.name}' is not a proof"
+  let projNames := fieldInfos |>.filter (!·.isFromSubobject) |>.map (·.declName)
+  let env ← getEnv
+  let env ← ofExceptKernelException (mkProjections env r.view.declName projNames.toList r.view.isClass)
+  setEnv env
   for fieldInfo in fieldInfos do
     if fieldInfo.isSubobject then
       addDeclarationRangesFromSyntax fieldInfo.declName r.view.ref fieldInfo.ref
-  for decl in projDecls do
-    -- projections may generate equation theorems
-    enableRealizationsForConst decl.projName
 
 private def registerStructure (structName : Name) (infos : Array StructFieldInfo) : TermElabM Unit := do
   let fields ← infos.filterMapM fun info => do

src/Lean/Elab/Tactic/BVDecide/Frontend/BVDecide.lean

@@ -190,26 +190,6 @@ where
           return (x, toExpr <| UInt64.ofBitVec (h ▸ value.bv))
         else
           throwError m!"Value for UInt64 was not 64 bit but {value.w} bit"
-      | Int8.toBitVec x =>
-        if h : value.w = 8 then
-          return (x, toExpr <| Int8.ofBitVec (h ▸ value.bv))
-        else
-          throwError m!"Value for Int8 was not 8 bit but {value.w} bit"
-      | Int16.toBitVec x =>
-        if h : value.w = 16 then
-          return (x, toExpr <| Int16.ofBitVec (h ▸ value.bv))
-        else
-          throwError m!"Value for Int16 was not 16 bit but {value.w} bit"
-      | Int32.toBitVec x =>
-        if h : value.w = 32 then
-          return (x, toExpr <| Int32.ofBitVec (h ▸ value.bv))
-        else
-          throwError m!"Value for Int32 was not 32 bit but {value.w} bit"
-      | Int64.toBitVec x =>
-        if h : value.w = 64 then
-          return (x, toExpr <| Int64.ofBitVec (h ▸ value.bv))
-        else
-          throwError m!"Value for Int64 was not 64 bit but {value.w} bit"
       | _ =>
         match var with
         | .app (.const (.str p s) []) arg =>

src/Lean/Elab/Tactic/BVDecide/Frontend/LRAT.lean

@@ -33,7 +33,13 @@ structure TacticContext where
   config : BVDecideConfig
 
 def TacticContext.new (lratPath : System.FilePath) (config : BVDecideConfig) :
-    TermElabM TacticContext := do
+    Lean.Elab.TermElabM TacticContext := do
+  -- Account for: https://github.com/arminbiere/cadical/issues/112
+  let config :=
+    if System.Platform.isWindows then
+      { config with binaryProofs := false }
+    else
+      config
   let exprDef ← Lean.Elab.Term.mkAuxName `_expr_def
   let certDef ← Lean.Elab.Term.mkAuxName `_cert_def
   let reflectionDef ← Lean.Elab.Term.mkAuxName `_reflection_def

src/Lean/Elab/Tactic/BVDecide/Frontend/Normalize/Enums.lean

@@ -37,9 +37,11 @@ Assuming that `declName` is an enum inductive construct a function of type `decl
 that maps `declName` constructors to their numeric indices as `BitVec`.
 -/
 def getEnumToBitVecFor (declName : Name) : MetaM Name := do
+  let env ← getEnv
   let enumToBitVecName := Name.str declName enumToBitVecSuffix
-  realizeConst declName enumToBitVecName do
-    let env ← getEnv
+  if env.contains enumToBitVecName then
+    return enumToBitVecName
+  else
     let .inductInfo inductiveInfo ← getConstInfo declName | throwError m!"{declName} is not an inductive."
     if !(← isEnumType declName) then
       throwError m!"{declName} is not an enum inductive."
@@ -65,15 +67,18 @@ def getEnumToBitVecFor (declName : Name) : MetaM Name := do
       hints := .regular (getMaxHeight env translator + 1)
       safety := .safe
     }
-  return enumToBitVecName
+    return enumToBitVecName
 
 /--
 Assuming that `declName` is an enum inductive, construct a proof of
 `∀ (x y : declName) : x = y ↔ x.enumToBitVec = y.enumToBitVec`.
 -/
 def getEqIffEnumToBitVecEqFor (declName : Name) : MetaM Name := do
+  let env ← getEnv
   let eqIffEnumToBitVecEqName := Name.str declName eqIffEnumToBitVecEqSuffix
-  realizeConst declName eqIffEnumToBitVecEqName do
+  if env.contains eqIffEnumToBitVecEqName then
+    return eqIffEnumToBitVecEqName
+  else
     /-
     We prove the lemma by constructing an inverse to `enumToBitVec` and use the fact that all
     invertible functions respect equality.
@@ -140,7 +145,7 @@ def getEqIffEnumToBitVecEqFor (declName : Name) : MetaM Name := do
       type := type
       value := value
     }
-  return eqIffEnumToBitVecEqName
+    return eqIffEnumToBitVecEqName
 where
   mkInverse {w : Nat} (input : Expr) (retType : Expr) (instBEq : Expr) (ctors : List Name)
       (counter : BitVec w) (acc : Expr) :
@@ -155,7 +160,7 @@ where
           instBEq
           input
           (toExpr counter)
-      let acc := mkApp4 (mkConst ``cond [1]) retType eq (mkConst ctor) acc
+      let acc := mkApp4 (mkConst ``cond [0]) retType eq (mkConst ctor) acc
       mkInverse input retType instBEq ctors (counter + 1) acc
 
 /--
@@ -164,8 +169,11 @@ Assuming that `declName` is an enum inductive, construct a proof of
 constructors of `declName`.
 -/
 def getEnumToBitVecLeFor (declName : Name) : MetaM Name := do
+  let env ← getEnv
   let enumToBitVecLeName := Name.str declName enumToBitVecLeSuffix
-  realizeConst declName enumToBitVecLeName do
+  if env.contains enumToBitVecLeName then
+    return enumToBitVecLeName
+  else
     let enumToBitVec := mkConst (← getEnumToBitVecFor declName)
     let .inductInfo inductiveInfo ← getConstInfo declName | unreachable!
     let ctors := inductiveInfo.ctors
@@ -199,7 +207,7 @@ def getEnumToBitVecLeFor (declName : Name) : MetaM Name := do
       type := type
       value := value
     }
-  return enumToBitVecLeName
+    return enumToBitVecLeName
 
 
 builtin_initialize
@@ -266,11 +274,11 @@ partial def enumsPass : Pass where
 
       let simprocs ← Simp.SimprocsArray.add #[] ``enumsPassPost true
       let ⟨result?, _⟩ ←
-        simpGoal
-          goal
-          (ctx := simpCtx)
-          (simprocs := simprocs)
-          (fvarIdsToSimp := ← getPropHyps)
+          simpGoal
+            goal
+            (ctx := simpCtx)
+            (simprocs := simprocs)
+            (fvarIdsToSimp := ← getPropHyps)
       let some (_, newGoal) := result? | return none
       postprocess newGoal |>.run' {}
 where