Conversation
Add formal Lean 4 specification and proofs for PX4's math::lerp function from src/lib/mathlib/math/Functions.hpp. ## New files - formal-verification/specs/lerp_informal.md — informal specification - formal-verification/lean/FVSquad/Lerp.lean — Lean spec + proofs ## Theorems proved (9/10, 1 sorry) - lerp_zero : lerp(a,b,0) = a - lerp_one : lerp(a,b,1) = b - lerp_const : lerp(a,a,s) = a (for any s) - lerp_alt_form : lerp(a,b,s) = a + s*(b-a) - lerp_lower : s∈[0,1], a≤b ⊢ a ≤ lerp(a,b,s) - lerp_upper : s∈[0,1], a≤b ⊢ lerp(a,b,s) ≤ b - lerp_in_range : combined range containment (lower ∧ upper) - lerp_comm : lerp(a,b,s) = lerp(b,a,1-s) - lerp_mono_s : a≤b, s1≤s2 ⊢ lerp(a,b,s1) ≤ lerp(a,b,s2) - lerp_half : sorry — needs Rat.inv arithmetic for 1/2 literal lake build passes. All proofs use Lean 4 stdlib only (no Mathlib). ## Task 9 CI audit CI workflow (.github/workflows/lean-ci.yml) verified healthy: correct toolchain pinning, cache key on lake-manifest.json, lake build step. No changes needed. 🔬 Lean Squad automated formal verification (run13). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-actions Bot
added a commit
that referenced
this pull request
Apr 15, 2026
…, 0 sorry Add formal verification of math::interpolateN (uniform-grid piecewise-linear interpolation) for N=2 and N=3. ## New file: formal-verification/lean/FVSquad/InterpolateN.lean 14 public theorems, 0 sorry: ### N=2 (degenerate case — reduces to single interpolate call): - interpN2_at_zero, interpN2_at_one: exact values at endpoints - interpN2_le_high, interpN2_ge_low: range containment when y0 ≤ y1 ### N=3 (two-segment model with breakpoint at 1/2): - interpN3_at_zero, interpN3_at_half, interpN3_at_one: exact at all 3 nodes - interpN3_continuity: both branch formulas agree at value=1/2 - interpN3_le_high, interpN3_ge_low, interpN3_in_range: output in [y0, y2] - interpN3_mono_seg0, interpN3_mono_seg1: segment-wise monotonicity - interpN3_const: constant output when all y equal Also includes 15 concrete #eval examples verifying flat/linear/convex curves. ## New file: formal-verification/specs/interpolaten_informal.md Informal specification: preconditions, postconditions, edge cases, examples. ## Updated: formal-verification/TARGETS.md Added target #18 for interpolateN. > ✅ Proofs verified: lake build passed with Lean 4.29.0. 0 sorry. 🔬 Lean Squad automated formal verification — run 40 (https://github.com/dsyme/PX4-Autopilot/actions/runs/24468137822) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds a formal Lean 4 specification and proofs for PX4's
math::lerpfunction fromsrc/lib/mathlib/math/Functions.hpp.🔬 Lean Squad automated formal verification (run13).
New files
formal-verification/specs/lerp_informal.md— informal specification covering purpose, preconditions, postconditions, edge cases, and open questionsformal-verification/lean/FVSquad/Lerp.lean— Lean 4 spec and proofsformal-verification/TARGETS.md— updated to advancemath::lerpto phase 5C++ source
Used throughout PX4 for flight-task setpoint blending, RC stick processing, and gain scheduling.
Theorems proved (9 proved, 1 sorry)
lerp_zerolerp(a, b, 0) = alerp_onelerp(a, b, 1) = blerp_constlerp(a, a, s) = alerp_alt_formlerp(a,b,s) = a + s*(b-a)lerp_lowers∈[0,1], a≤b ⊢ a ≤ lerp(a,b,s)lerp_uppers∈[0,1], a≤b ⊢ lerp(a,b,s) ≤ blerp_in_rangelerp_commlerp(a,b,s) = lerp(b,a,1-s)lerp_mono_slerp_halflerp(a,b,½) = (a+b)/21/2literal needsRat.invarithmeticThe no-overshoot safety property (
lerp_in_range) is key for control systems: whens ∈ [0, 1]anda ≤ b,lerpstays strictly within[a, b], ruling out runaway setpoints.Model
Over
Rat(rational numbers); IEEE 754 NaN/infinity and integer truncation are excluded. No Mathlib dependency.Verification status
Lean version: leanprover/lean4:v4.29.0
lake build: ✅ passedSorries: 1 (
lerp_half— midpoint theorem, requiresRat.invarithmetic for1/2literal)Task 9 — CI audit
Reviewed
.github/workflows/lean-ci.yml:lean-toolchain✅lake-manifest.jsonhash ✅lake buildwith exit code propagation ✅No changes needed. CI is healthy.