Step
*
1
1
2
6
of Lemma
new_23_sig_progress-step8-v2
1. Cmd : {T:Type| valueall-type(T)}
2. eq : EqDecider(Cmd)
3. reps : bag(Id)
4. clients : bag(Id)
5. coeff : {2...}
6. flrs : ℕ
7. propose : Atom List
8. notify : Atom List
9. slots : set-sig{i:l}(ℤ)
10. f : new_23_sig_headers_type{i:l}(Cmd;notify;propose)
11. (f propose) = (ℤ × Cmd) ∈ Type
12. (f notify) = (ℤ × Cmd) ∈ Type
13. (f ``new_23_sig decided``) = (ℤ × Cmd) ∈ Type
14. (f ``new_23_sig retry``) = (ℤ × ℤ × Cmd) ∈ Type
15. (f ``new_23_sig vote``) = (ℤ × ℤ × Cmd × Id) ∈ Type
16. f ∈ Name ⟶ Type
17. es : EO+(Message(f))
18. e : E
19. n : ℤ
20. c : Cmd
21. faulty : bag(Id)
22. msgs-interface-delivered-with-omissions(f;es;new_23_sig_main();faulty;flrs;reps)@i
23. bag-no-repeats(Id;reps)@i
24. #(reps) = ((coeff * flrs) + flrs + 1) ∈ ℤ@i
25. loc(e) ↓∈ reps@i
26. ¬loc(e) ↓∈ faulty@i
27. <n, c> ∈ new_23_sig_Proposal(Cmd;notify;propose;f)(e)@i
28. ¬↑(set-sig-member(slots) n new_23_sig_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e))@i
29. bs : (Id × E × Cmd) List
30. bag-map(λi.(fst(i));bs) = [x∈reps|¬bbag-deq-member(IdDeq;x;faulty)] ∈ bag(Id)
31. (∀x∈bs.(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
32. l-ordered(Id × E × Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));bs)
33. (∀x∈bs.e ≤loc fst(snd(x)) )
34. ((coeff * flrs) + 1) ≤ ||bs||
35. ¬↑null(bs)
36. ((coeff * flrs) + 1) ≤ ||mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])||
37. (∀x∈mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]).(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ e ≤loc fst(snd(x))
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
38. l-ordered(Id
× E
× Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))
39. (∀e'∈[e, fst(snd(last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))].
(↑new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e';n;0))
⇒ (e' ∈ map(λx.(fst(snd(x)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))
40. b_all(Id;[x∈reps|
¬bbag-deq-member(IdDeq;x;faulty)];i.(i
∈ map(λi.(fst(i));
mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe....;
[e, fst(snd(last(bs)))]))))
⊢ mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])
= mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))])
∈ ((Id × E × Cmd) List)
BY
{ (InstLemma `last-mapfilter3` [⌜E⌝;⌜Id × E × Cmd⌝;⌜[e, fst(snd(last(bs)))]⌝;
⌜λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0)⌝;⌜λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>⌝]⋅
THENA (AllReduce
THEN Auto
THEN Try ((FLemma `new_23_sig_vote_with_ballot-assert-type` [-1] THEN Auto))
THEN (Assert ⌜(last(bs) ∈ bs)⌝⋅ THENA (BLemma `last_member` THEN Auto))
THEN (FLemma `l_all_fwd` [-11;-1] THENA Auto)
THEN (FLemma `l_all_fwd` [-10;-2] THENA Auto)
THEN RepD
THEN (Assert ⌜(fst(snd(last(bs))) ∈ [e, fst(snd(last(bs)))])⌝⋅ THENA (RW ListC 0 THEN Auto)))
) }
1
1. Cmd : {T:Type| valueall-type(T)}
2. eq : EqDecider(Cmd)
3. reps : bag(Id)
4. clients : bag(Id)
5. coeff : {2...}
6. flrs : ℕ
7. propose : Atom List
8. notify : Atom List
9. slots : set-sig{i:l}(ℤ)
10. f : new_23_sig_headers_type{i:l}(Cmd;notify;propose)
11. (f propose) = (ℤ × Cmd) ∈ Type
12. (f notify) = (ℤ × Cmd) ∈ Type
13. (f ``new_23_sig decided``) = (ℤ × Cmd) ∈ Type
14. (f ``new_23_sig retry``) = (ℤ × ℤ × Cmd) ∈ Type
15. (f ``new_23_sig vote``) = (ℤ × ℤ × Cmd × Id) ∈ Type
16. f ∈ Name ⟶ Type
17. es : EO+(Message(f))
18. e : E
19. n : ℤ
20. c : Cmd
21. faulty : bag(Id)
22. msgs-interface-delivered-with-omissions(f;es;new_23_sig_main();faulty;flrs;reps)@i
23. bag-no-repeats(Id;reps)@i
24. #(reps) = ((coeff * flrs) + flrs + 1) ∈ ℤ@i
25. loc(e) ↓∈ reps@i
26. ¬loc(e) ↓∈ faulty@i
27. <n, c> ∈ new_23_sig_Proposal(Cmd;notify;propose;f)(e)@i
28. ¬↑(set-sig-member(slots) n new_23_sig_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e))@i
29. bs : (Id × E × Cmd) List
30. bag-map(λi.(fst(i));bs) = [x∈reps|¬bbag-deq-member(IdDeq;x;faulty)] ∈ bag(Id)
31. (∀x∈bs.(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
32. l-ordered(Id × E × Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));bs)
33. (∀x∈bs.e ≤loc fst(snd(x)) )
34. ((coeff * flrs) + 1) ≤ ||bs||
35. ¬↑null(bs)
36. ((coeff * flrs) + 1) ≤ ||mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])||
37. (∀x∈mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]).(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ e ≤loc fst(snd(x))
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
38. l-ordered(Id
× E
× Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))
39. (∀e'∈[e, fst(snd(last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))].
(↑new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e';n;0))
⇒ (e' ∈ map(λx.(fst(snd(x)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))
40. b_all(Id;[x∈reps|
¬bbag-deq-member(IdDeq;x;faulty)];i.(i
∈ map(λi.(fst(i));
mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe....;
[e, fst(snd(last(bs)))]))))
41. (last(bs) ∈ bs)
42. loc(fst(snd(last(bs)))) = loc(e) ∈ Id
43. <<<n, 0>, snd(snd(last(bs)))>, fst(last(bs))> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(last(bs))))
44. e ≤loc fst(snd(last(bs)))
45. (fst(snd(last(bs))) ∈ [e, fst(snd(last(bs)))])
⊢ ¬↑null(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))
2
1. Cmd : {T:Type| valueall-type(T)}
2. eq : EqDecider(Cmd)
3. reps : bag(Id)
4. clients : bag(Id)
5. coeff : {2...}
6. flrs : ℕ
7. propose : Atom List
8. notify : Atom List
9. slots : set-sig{i:l}(ℤ)
10. f : new_23_sig_headers_type{i:l}(Cmd;notify;propose)
11. (f propose) = (ℤ × Cmd) ∈ Type
12. (f notify) = (ℤ × Cmd) ∈ Type
13. (f ``new_23_sig decided``) = (ℤ × Cmd) ∈ Type
14. (f ``new_23_sig retry``) = (ℤ × ℤ × Cmd) ∈ Type
15. (f ``new_23_sig vote``) = (ℤ × ℤ × Cmd × Id) ∈ Type
16. f ∈ Name ⟶ Type
17. es : EO+(Message(f))
18. e : E
19. n : ℤ
20. c : Cmd
21. faulty : bag(Id)
22. msgs-interface-delivered-with-omissions(f;es;new_23_sig_main();faulty;flrs;reps)@i
23. bag-no-repeats(Id;reps)@i
24. #(reps) = ((coeff * flrs) + flrs + 1) ∈ ℤ@i
25. loc(e) ↓∈ reps@i
26. ¬loc(e) ↓∈ faulty@i
27. <n, c> ∈ new_23_sig_Proposal(Cmd;notify;propose;f)(e)@i
28. ¬↑(set-sig-member(slots) n new_23_sig_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e))@i
29. bs : (Id × E × Cmd) List
30. bag-map(λi.(fst(i));bs) = [x∈reps|¬bbag-deq-member(IdDeq;x;faulty)] ∈ bag(Id)
31. (∀x∈bs.(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
32. l-ordered(Id × E × Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));bs)
33. (∀x∈bs.e ≤loc fst(snd(x)) )
34. ((coeff * flrs) + 1) ≤ ||bs||
35. ¬↑null(bs)
36. ((coeff * flrs) + 1) ≤ ||mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])||
37. (∀x∈mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]).(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ e ≤loc fst(snd(x))
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
38. l-ordered(Id
× E
× Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))
39. (∀e'∈[e, fst(snd(last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))].
(↑new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e';n;0))
⇒ (e' ∈ map(λx.(fst(snd(x)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))
40. b_all(Id;[x∈reps|
¬bbag-deq-member(IdDeq;x;faulty)];i.(i
∈ map(λi.(fst(i));
mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe....;
[e, fst(snd(last(bs)))]))))
41. (last(bs) ∈ bs)
42. loc(fst(snd(last(bs)))) = loc(e) ∈ Id
43. <<<n, 0>, snd(snd(last(bs)))>, fst(last(bs))> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(last(bs))))
44. e ≤loc fst(snd(last(bs)))
45. (fst(snd(last(bs))) ∈ [e, fst(snd(last(bs)))])
⊢ ↑new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;last([e, fst(snd(last(bs)))]);n;0)
3
1. Cmd : {T:Type| valueall-type(T)}
2. eq : EqDecider(Cmd)
3. reps : bag(Id)
4. clients : bag(Id)
5. coeff : {2...}
6. flrs : ℕ
7. propose : Atom List
8. notify : Atom List
9. slots : set-sig{i:l}(ℤ)
10. f : new_23_sig_headers_type{i:l}(Cmd;notify;propose)
11. (f propose) = (ℤ × Cmd) ∈ Type
12. (f notify) = (ℤ × Cmd) ∈ Type
13. (f ``new_23_sig decided``) = (ℤ × Cmd) ∈ Type
14. (f ``new_23_sig retry``) = (ℤ × ℤ × Cmd) ∈ Type
15. (f ``new_23_sig vote``) = (ℤ × ℤ × Cmd × Id) ∈ Type
16. f ∈ Name ⟶ Type
17. es : EO+(Message(f))
18. e : E
19. n : ℤ
20. c : Cmd
21. faulty : bag(Id)
22. msgs-interface-delivered-with-omissions(f;es;new_23_sig_main();faulty;flrs;reps)@i
23. bag-no-repeats(Id;reps)@i
24. #(reps) = ((coeff * flrs) + flrs + 1) ∈ ℤ@i
25. loc(e) ↓∈ reps@i
26. ¬loc(e) ↓∈ faulty@i
27. <n, c> ∈ new_23_sig_Proposal(Cmd;notify;propose;f)(e)@i
28. ¬↑(set-sig-member(slots) n new_23_sig_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e))@i
29. bs : (Id × E × Cmd) List
30. bag-map(λi.(fst(i));bs) = [x∈reps|¬bbag-deq-member(IdDeq;x;faulty)] ∈ bag(Id)
31. (∀x∈bs.(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
32. l-ordered(Id × E × Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));bs)
33. (∀x∈bs.e ≤loc fst(snd(x)) )
34. ((coeff * flrs) + 1) ≤ ||bs||
35. ¬↑null(bs)
36. ((coeff * flrs) + 1) ≤ ||mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])||
37. (∀x∈mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]).(loc(fst(snd(x))) = loc(e) ∈ Id)
∧ e ≤loc fst(snd(x))
∧ <<<n, 0>, snd(snd(x))>, fst(x)> ∈ new_23_sig_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
38. l-ordered(Id
× E
× Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))
39. (∀e'∈[e, fst(snd(last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))].
(↑new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e';n;0))
⇒ (e' ∈ map(λx.(fst(snd(x)));mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))
40. b_all(Id;[x∈reps|
¬bbag-deq-member(IdDeq;x;faulty)];i.(i
∈ map(λi.(fst(i));
mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe....;
[e, fst(snd(last(bs)))]))))
41. last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))
= ((λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>) last([e, fst(snd(last(bs)))]))
∈ (Id × E × Cmd)
⊢ mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])
= mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(mapfilter(λe.<snd(msgval(e)), e, snd(fst(msgval(e)))>;
λe.new_23_sig_vote_with_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))])
∈ ((Id × E × Cmd) List)
Latex:
Latex:
1. Cmd : \{T:Type| valueall-type(T)\}
2. eq : EqDecider(Cmd)
3. reps : bag(Id)
4. clients : bag(Id)
5. coeff : \{2...\}
6. flrs : \mBbbN{}
7. propose : Atom List
8. notify : Atom List
9. slots : set-sig\{i:l\}(\mBbbZ{})
10. f : new\_23\_sig\_headers\_type\{i:l\}(Cmd;notify;propose)
11. (f propose) = (\mBbbZ{} \mtimes{} Cmd)
12. (f notify) = (\mBbbZ{} \mtimes{} Cmd)
13. (f ``new\_23\_sig decided``) = (\mBbbZ{} \mtimes{} Cmd)
14. (f ``new\_23\_sig retry``) = (\mBbbZ{} \mtimes{} \mBbbZ{} \mtimes{} Cmd)
15. (f ``new\_23\_sig vote``) = (\mBbbZ{} \mtimes{} \mBbbZ{} \mtimes{} Cmd \mtimes{} Id)
16. f \mmember{} Name {}\mrightarrow{} Type
17. es : EO+(Message(f))
18. e : E
19. n : \mBbbZ{}
20. c : Cmd
21. faulty : bag(Id)
22. msgs-interface-delivered-with-omissions(f;es;new\_23\_sig\_main();faulty;flrs;reps)@i
23. bag-no-repeats(Id;reps)@i
24. \#(reps) = ((coeff * flrs) + flrs + 1)@i
25. loc(e) \mdownarrow{}\mmember{} reps@i
26. \mneg{}loc(e) \mdownarrow{}\mmember{} faulty@i
27. <n, c> \mmember{} new\_23\_sig\_Proposal(Cmd;notify;propose;f)(e)@i
28. \mneg{}\muparrow{}(set-sig-member(slots) n new\_23\_sig\_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e))@i
29. bs : (Id \mtimes{} E \mtimes{} Cmd) List
30. bag-map(\mlambda{}i.(fst(i));bs) = [x\mmember{}reps|\mneg{}\msubb{}bag-deq-member(IdDeq;x;faulty)]
31. (\mforall{}x\mmember{}bs.(loc(fst(snd(x))) = loc(e))
\mwedge{} <<<n, 0>, snd(snd(x))>, fst(x)> \mmember{} new\_23\_sig\_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
32. l-ordered(Id \mtimes{} E \mtimes{} Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));bs)
33. (\mforall{}x\mmember{}bs.e \mleq{}loc fst(snd(x)) )
34. ((coeff * flrs) + 1) \mleq{} ||bs||
35. \mneg{}\muparrow{}null(bs)
36. ((coeff * flrs) + 1)
\mleq{} ||mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])||
37. (\mforall{}x\mmember{}mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]).(loc(fst(snd(x))) = loc(e))
\mwedge{} e \mleq{}loc fst(snd(x))
\mwedge{} <<<n, 0>, snd(snd(x))>, fst(x)> \mmember{} new\_23\_sig\_vote'base(Cmd;notify;propose;f)(fst(snd(x))))
38. l-ordered(Id
\mtimes{} E
\mtimes{} Cmd;x,y.(fst(snd(x)) <loc fst(snd(y)));mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e....;
[e, fst(snd(last(bs)))]))
39. (\mforall{}e'\mmember{}[e, fst(snd(last(mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))].
(\muparrow{}new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e';n;0))
{}\mRightarrow{} (e' \mmember{} map(\mlambda{}x.(fst(snd(x)));
mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))]))))
40. b\_all(Id;[x\mmember{}reps|
\mneg{}\msubb{}bag-deq-member(IdDeq;x;faulty)];i.(i
\mmember{} map(\mlambda{}i.(fst(i));
mapfilter(\mlambda{}e.<snd(msgval(e))
, e
, snd(fst(msgval(e)))>
\mlambda{}e....;
[e, fst(snd(last(bs)))]))))
\mvdash{} mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(bs)))])
= mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0);
[e, fst(snd(last(mapfilter(\mlambda{}e.<snd(msgval(e)), e, snd(fst(msgval(e)))>
...;
[e, fst(snd(last(bs)))]))))])
By
Latex:
(InstLemma `last-mapfilter3` [\mkleeneopen{}E\mkleeneclose{};\mkleeneopen{}Id \mtimes{} E \mtimes{} Cmd\mkleeneclose{};\mkleeneopen{}[e, fst(snd(last(bs)))]\mkleeneclose{};
\mkleeneopen{}\mlambda{}e.new\_23\_sig\_vote\_with\_ballot(Cmd;notify;propose;f;es;e;n;0)\mkleeneclose{};\mkleeneopen{}\mlambda{}e.<snd(msgval(e))
, e
, snd(fst(msgval(e)))>\mkleeneclose{}]\mcdot{}
THENA (AllReduce
THEN Auto
THEN Try ((FLemma `new\_23\_sig\_vote\_with\_ballot-assert-type` [-1] THEN Auto))
THEN (Assert \mkleeneopen{}(last(bs) \mmember{} bs)\mkleeneclose{}\mcdot{} THENA (BLemma `last\_member` THEN Auto))
THEN (FLemma `l\_all\_fwd` [-11;-1] THENA Auto)
THEN (FLemma `l\_all\_fwd` [-10;-2] THENA Auto)
THEN RepD
THEN (Assert \mkleeneopen{}(fst(snd(last(bs))) \mmember{} [e, fst(snd(last(bs)))])\mkleeneclose{}\mcdot{}
THENA (RW ListC 0 THEN Auto)
))
)
Home
Index