Adopt lemma as the default keyword

Convert every theorem to lemma (mathlib's default) except the headline results a
reader of each module seeks out: analyze_correct (Forward/Sign/Constant),
aFix_eq/aFix_le (Fixedpoint), trace (Language), and Stmt.cfg_sufficient
(Language/Properties). lemma and theorem are interchangeable keywords, so no
references change.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

lean/Spa/Analysis/Forward/Adapters.lean

@@ -10,7 +10,7 @@ def updateVariablesFromExpression (k : String) (e : Expr)
     (vs : VariableValues L prog) : VariableValues L prog :=
   FiniteMap.generalizedUpdate id (fun _ vs => E.eval e vs) [k] vs
 
-theorem updateVariablesFromExpression_mono (k : String) (e : Expr) :
+lemma updateVariablesFromExpression_mono (k : String) (e : Expr) :
     Monotone (updateVariablesFromExpression (L := L) (prog := prog) k e) :=
   FiniteMap.generalizedUpdate_monotone monotone_id (fun _ => E.eval_mono e)
 
@@ -20,7 +20,7 @@ def evalBasicStmt (_ : prog.State) (bs : BasicStmt)
   | .assign k e => updateVariablesFromExpression k e vs
   | .noop => vs
 
-theorem evalBasicStmt_mono (s : prog.State) (bs : BasicStmt) :
+lemma evalBasicStmt_mono (s : prog.State) (bs : BasicStmt) :
     Monotone (evalBasicStmt (L := L) (prog := prog) s bs) := by
   cases bs with
   | assign k e => exact updateVariablesFromExpression_mono k e

lean/Spa/Analysis/Forward/Lattices.lean

@@ -18,7 +18,7 @@ def botV [FiniteHeightLattice L] : VariableValues L prog :=
 variable {L prog}
 
 omit [Lattice L] in
-theorem states_memKey (s : prog.State) (sv : StateVariables L prog) :
+lemma states_memKey (s : prog.State) (sv : StateVariables L prog) :
     FiniteMap.MemKey s sv :=
   FiniteMap.MemKey_iff.mpr (prog.states_complete s)
 
@@ -27,11 +27,11 @@ def variablesAt (s : prog.State) (sv : StateVariables L prog) :
   (FiniteMap.locate (states_memKey s sv)).1
 
 omit [Lattice L] in
-theorem variablesAt_mem (s : prog.State) (sv : StateVariables L prog) :
+lemma variablesAt_mem (s : prog.State) (sv : StateVariables L prog) :
     (s, variablesAt s sv) ∈ sv :=
   (FiniteMap.locate (states_memKey s sv)).2
 
-theorem variablesAt_le {sv₁ sv₂ : StateVariables L prog} (hle : sv₁ ≤ sv₂)
+lemma variablesAt_le {sv₁ sv₂ : StateVariables L prog} (hle : sv₁ ≤ sv₂)
     (s : prog.State) : variablesAt s sv₁ ≤ variablesAt s sv₂ :=
   FiniteMap.le_of_mem_mem prog.states_nodup hle
     (variablesAt_mem s sv₁) (variablesAt_mem s sv₂)
@@ -42,7 +42,7 @@ def joinForKey (k : prog.State) (sv : StateVariables L prog) :
     VariableValues L prog :=
   (sv.valuesAt (prog.incoming k)).foldr (· ⊔ ·) (botV L prog)
 
-theorem joinForKey_mono (k : prog.State) :
+lemma joinForKey_mono (k : prog.State) :
     Monotone (joinForKey (L := L) k) := by
   intro sv₁ sv₂ hle
   exact foldr_mono _ (FiniteMap.valuesAt_le hle (prog.incoming k)) (le_refl _)
@@ -52,15 +52,15 @@ theorem joinForKey_mono (k : prog.State) :
 def joinAll (sv : StateVariables L prog) : StateVariables L prog :=
   FiniteMap.generalizedUpdate id joinForKey prog.states sv
 
-theorem joinAll_mono : Monotone (joinAll (L := L) (prog := prog)) :=
+lemma joinAll_mono : Monotone (joinAll (L := L) (prog := prog)) :=
   FiniteMap.generalizedUpdate_monotone monotone_id joinForKey_mono
 
-theorem joinAll_mem_eq {s : prog.State} {vs : VariableValues L prog}
+lemma joinAll_mem_eq {s : prog.State} {vs : VariableValues L prog}
     {sv : StateVariables L prog} (h : (s, vs) ∈ joinAll sv) :
     vs = joinForKey s sv :=
   FiniteMap.generalizedUpdate_mem_eq (prog.states_complete s) h
 
-theorem variablesAt_joinAll (s : prog.State) (sv : StateVariables L prog) :
+lemma variablesAt_joinAll (s : prog.State) (sv : StateVariables L prog) :
     variablesAt s (joinAll sv) = joinForKey s sv :=
   joinAll_mem_eq (variablesAt_mem s (joinAll sv))
 
@@ -74,12 +74,12 @@ instance : Interp (VariableValues L prog) (Env → Prop) where
     ∀ (k : String) (l : L), (k, l) ∈ vs →
       ∀ (v : Value), Env.Mem (k, v) ρ → I.interp l v
 
-theorem interp_botV_nil : ⟦ botV L prog ⟧ [] := by
+lemma interp_botV_nil : ⟦ botV L prog ⟧ [] := by
   intro k l _ v hmem
   cases hmem
 
 omit [FiniteHeightLattice L] in
-theorem interp_sup {vs₁ vs₂ : VariableValues L prog} {ρ : Env}
+lemma interp_sup {vs₁ vs₂ : VariableValues L prog} {ρ : Env}
     (h : ⟦ vs₁⟧ ρ ∨ ⟦ vs₂ ⟧ ρ) : ⟦ vs₁ ⊔ vs₂ ⟧ ρ := by
   intro k l hmem v hv
   obtain ⟨l₁, l₂, rfl, h₁, h₂⟩ := FiniteMap.mem_sup hmem
@@ -87,7 +87,7 @@ theorem interp_sup {vs₁ vs₂ : VariableValues L prog} {ρ : Env}
   · exact I.interp_sup v (Or.inl (h _ _ h₁ _ hv))
   · exact I.interp_sup v (Or.inr (h _ _ h₂ _ hv))
 
-theorem interp_foldr {vs : VariableValues L prog}
+lemma interp_foldr {vs : VariableValues L prog}
     {vss : List (VariableValues L prog)} {ρ : Env}
     (hvs : ⟦ vs ⟧ ρ) (hmem : vs ∈ vss) :
     ⟦ vss.foldr (· ⊔ ·) (botV L prog) ⟧ ρ := by