Skip to content

Add quicksort implementations with formal proof and Rust reference#1

Open
honicky wants to merge 2 commits into
claude/formalize-mercers-theorem-7R430from
claude/quicksort-rust-lean-proof-qjJCw
Open

Add quicksort implementations with formal proof and Rust reference#1
honicky wants to merge 2 commits into
claude/formalize-mercers-theorem-7R430from
claude/quicksort-rust-lean-proof-qjJCw

Conversation

@honicky

@honicky honicky commented Mar 14, 2026

Copy link
Copy Markdown
Owner

Summary

This PR adds two quicksort implementations: a formally verified functional version in Lean with a complete proof of correctness, and a reference in-place implementation in Rust.

Key Changes

Lean Implementation (Funwithlean/Quicksort.lean)

  • Functional quicksort: Implements a purely functional quicksort using List.filter to partition elements around a pivot
  • Formal verification: Proves the main theorem qsort_sorted that the output is always sorted (satisfies List.Pairwise (· ≤ ·))
  • Supporting lemmas:
    • mem_qsort: Proves quicksort preserves membership (no elements are introduced)
    • qsort_lo_lt and qsort_hi_le: Establish bounds on partitioned elements
    • pairwise_lo_pivot_hi: Helper theorem for combining sorted partitions with a pivot
  • Termination proof: Includes decreasing argument proof using list length

Rust Implementation (quicksort_rust/)

  • In-place quicksort: Implements the Lomuto partition scheme for efficient sorting
  • Comprehensive tests: Covers edge cases (empty, single element, sorted, reverse, duplicates, equal elements, negatives)
  • Verification: Includes is_sorted helper to validate correctness

Project Integration

  • Updated Funwithlean.lean to import the new Quicksort module
  • Updated .gitignore to exclude Rust build artifacts

Notable Implementation Details

  • The Lean version uses a head-based pivot selection with functional list operations
  • The Rust version uses the last element as pivot with in-place swapping for efficiency
  • Both implementations handle duplicates and negative numbers correctly
  • The Lean proof is constructive and does not rely on external sorting libraries for the correctness argument

https://claude.ai/code/session_01GJ1avTZQuNTqsE2Ed78AqW

Rust: In-place quicksort with Lomuto partition scheme and 7 tests.
Lean: Functional quicksort on List Int with a machine-checked proof
(qsort_sorted) that the output is always Pairwise (· ≤ ·), verified
against Mathlib v4.28.0.

https://claude.ai/code/session_01GJ1avTZQuNTqsE2Ed78AqW

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ac3dab54e2

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread quicksort_rust/src/main.rs Outdated
Comment on lines +4 to +5
let pivot_idx = slice.len() - 1;
let pivot = slice[pivot_idx];

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Avoid deterministic worst-case pivot in quicksort

Using the last element as pivot here, together with <= in partitioning, makes already-sorted or all-equal inputs degenerate to p == len - 1 on every call, so recursion depth becomes linear and runtime becomes quadratic; on large inputs this can make the sorter impractically slow and can eventually exhaust stack space. Consider a non-degenerate pivot strategy (e.g., randomized/median-of-three) or a fallback like introsort.

Useful? React with 👍 / 👎.

Rust: replace last-element pivot with median-of-three (first, middle, last),
add regression tests for large sorted and all-equal inputs.

Lean: rewrite qsort to use matching median3/choosePivot, partition with
≤/> (matching Rust's <= semantics), prove termination and sortedness.

https://claude.ai/code/session_01GJ1avTZQuNTqsE2Ed78AqW
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants