Step
*
of Lemma
new_23_sig-ilf
(∀[z1:ℤ]. ∀[propose,notify:Atom List]. ∀[clients:bag(Id)]. ∀[Cmd:{T:Type| valueall-type(T)} ].
∀[f:new_23_sig_headers_type{i:l}(Cmd;notify;propose)]. ∀[es:EO+(Message(f))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id]. ∀[m:Message(f)].
{<d, i, m> ∈ new_23_sig_Notify(Cmd;clients;notify;propose;f) z1(e)
⇐⇒ (no (new_23_sig_decision(Cmd;clients;notify;propose;f)
z1 o new_23_sig_decided'base(Cmd;notify;propose;f)) prior to e)
∧ <d, i, m> ∈
{(new_23_sig_decision(Cmd;clients;notify;propose;f) z1 o new_23_sig_decided'base(Cmd;notify;propose;f))}(e)})
∧ (∀[z6,z1:ℤ]. ∀[reps:bag(Id)]. ∀[propose,notify:Atom List]. ∀[flrs,coeff:ℤ]. ∀[Cmd:{T:Type| valueall-type(T)} ].
∀[cmdeq:EqDecider(Cmd)]. ∀[f:new_23_sig_headers_type{i:l}(Cmd;notify;propose)]. ∀[es:EO+(Message(f))]. ∀[e:E].
∀[d:ℤ]. ∀[i:Id]. ∀[m:Message(f)].
{<d, i, m> ∈ new_23_sig_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f) <z1, z6>(e)
⇐⇒ ((header(e) = ``new_23_sig vote`` ∈ Name) ∧ has-es-info-type(es;e;f;ℤ × ℤ × Cmd × Id))
∧ (↑(new_23_sig_newvote(Cmd) <z1, z6> msgval(e) new_23_sig_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>;es;e)))
∧ (||fst(new_23_sig_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>;es;e))|| = (coeff * flrs) ∈ ℤ)
∧ (d = 0 ∈ ℤ)
∧ (↓(((fst(poss-maj(cmdeq;[snd(fst(msgval(e))) / (fst(new_23_sig_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>;e\000Cs;e)))];snd(fst(msgval(e)))))) = ((coeff * flrs) + 1) ∈ ℤ)
∧ i ↓∈ reps
∧ (m
= make-Msg(``new_23_sig decided``;<fst(fst(fst(msgval(e))))
, snd(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(new_23_sig_QuorumStateFun(Cmd;...;...;f;<z1
, z6
>;es\000C;e)))];snd(fst(msgval(e)))))
>)
∈ Message(f)))
∨ ((¬((fst(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(new_23_sig_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>;es;e)))];snd(fst(ms\000Cgval(e))))))
= ((coeff * flrs) + 1)
∈ ℤ))
∧ (i = loc(e) ∈ Id)
∧ (m
= make-Msg(``new_23_sig retry``;<<fst(fst(fst(msgval(e)))), (snd(fst(fst(msgval(e))))) + 1>
, snd(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(new_23_sig_QuorumStateFun(Cmd;...;...;f;<z1
, z6
>;es\000C;e)))];snd(fst(msgval(e)))))
>)
∈ Message(f))))})
∧ (∀[z1:ℤ]. ∀[propose,notify:Atom List]. ∀[clients:bag(Id)]. ∀[Cmd:{T:Type| valueall-type(T)} ].
∀[f:new_23_sig_headers_type{i:l}(Cmd;notify;propose)]. ∀[es:EO+(Message(f))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id].
∀[m:Message(f)].
{<d, i, m> ∈
(new_23_sig_decision(Cmd;clients;notify;propose;f) z1 o new_23_sig_decided'base(Cmd;notify;propose;f))(e)
⇐⇒ (header(e) = ``new_23_sig decided`` ∈ Name)
∧ has-es-info-type(es;e;f;ℤ × Cmd)
∧ ((fst(msgval(e))) = z1 ∈ ℤ)
∧ i ↓∈ clients
∧ (d = 0 ∈ ℤ)
∧ (m = make-Msg(notify;msgval(e)) ∈ Message(f))})
∧ (∀[Cmd:{T:Type| valueall-type(T)} ]. ∀[clients:bag(Id)]. ∀[cmdeq:EqDecider(Cmd)]. ∀[coeff,flrs:ℤ].
∀[notify,propose:Atom List]. ∀[reps:bag(Id)]. ∀[slots:set-sig{i:l}(ℤ)].
∀[f:new_23_sig_headers_type{i:l}(Cmd;notify;propose)]. ∀[es:EO+(Message(f))]. ∀[e:E]. ∀[d:ℤ]. ∀[i:Id].
∀[m:Message(f)].
{<d, i, m> ∈ new_23_sig_main()(e)
⇐⇒ loc(e) ↓∈ reps
∧ (↓∃e':{e':E| e' ≤loc e }
∃z1:ℤ
∃z2:Cmd
(((((header(e') = propose ∈ Name)
∧ has-es-info-type(es;e';f;ℤ × Cmd)
∧ (<z1, z2> = msgval(e') ∈ (ℤ × Cmd)))
∨ ((header(e') = ``new_23_sig vote`` ∈ Name)
∧ has-es-info-type(es;e';f;ℤ × ℤ × Cmd × Id)
∧ (z1 = (fst(fst(fst(msgval(e'))))) ∈ ℤ)
∧ (z2 = (snd(fst(msgval(e')))) ∈ Cmd)))
∧ (¬↑(set-sig-member(slots) z1 new_23_sig_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e'))))
∧ (((no new_23_sig_Notify(Cmd;clients;notify;propose;f) z1 between e' and e)
∧ ((((i ↓∈ reps ∧ (d = 0 ∈ ℤ) ∧ (m = make-Msg(``new_23_sig vote``;<<<z1, 0>, z2>, loc(e)>) ∈ Message(f\000C))) ∧ (e = e' ∈ E))
∨ ((no new_23_sig_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f) <z1, 0> between e' and e)
∧ <d, i, m> ∈ {new_23_sig_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f) <z1, 0>}(e)))
∨ (∃e1:{e1:E| e1 ≤loc e }
∃z6:ℤ
∃z7:Cmd
(new_23_sig_NewRoundsStateFun(Cmd;notify;propose;f;z1;es.e';e1) < z6
∧ (((header(e1) = ``new_23_sig retry`` ∈ Name)
∧ has-es-info-type(es;e1;f;ℤ × ℤ × Cmd)
∧ (<<z1, z6>, z7> = msgval(e1) ∈ (ℤ × ℤ × Cmd)))
∨ ((header(e1) = ``new_23_sig vote`` ∈ Name)
∧ has-es-info-type(es;e1;f;ℤ × ℤ × Cmd × Id)
∧ (<<z1, z6>, z7> = (fst(msgval(e1))) ∈ (ℤ × ℤ × Cmd))))
∧ (((... ∧ ...) ∧ ...) ∨ ...)))))
∨ ...)))})
BY
{ ProveILF_lemma new-23-sig.esh }
Latex:
Latex:
(\mforall{}[z1:\mBbbZ{}]. \mforall{}[propose,notify:Atom List]. \mforall{}[clients:bag(Id)]. \mforall{}[Cmd:\{T:Type| valueall-type(T)\} ].
\mforall{}[f:new\_23\_sig\_headers\_type\{i:l\}(Cmd;notify;propose)]. \mforall{}[es:EO+(Message(f))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}].
\mforall{}[i:Id]. \mforall{}[m:Message(f)].
\{<d, i, m> \mmember{} new\_23\_sig\_Notify(Cmd;clients;notify;propose;f) z1(e)
\mLeftarrow{}{}\mRightarrow{} (no (new\_23\_sig\_decision(Cmd;clients;notify;propose;f)
z1 o new\_23\_sig\_decided'base(Cmd;notify;propose;f)) prior to e)
\mwedge{} <d, i, m> \mmember{}
\{(new\_23\_sig\_decision(Cmd;clients;notify;propose;f)
z1 o new\_23\_sig\_decided'base(Cmd;notify;propose;f))\}(e)\})
\mwedge{} (\mforall{}[z6,z1:\mBbbZ{}]. \mforall{}[reps:bag(Id)]. \mforall{}[propose,notify:Atom List]. \mforall{}[flrs,coeff:\mBbbZ{}].
\mforall{}[Cmd:\{T:Type| valueall-type(T)\} ]. \mforall{}[cmdeq:EqDecider(Cmd)].
\mforall{}[f:new\_23\_sig\_headers\_type\{i:l\}(Cmd;notify;propose)]. \mforall{}[es:EO+(Message(f))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}].
\mforall{}[i:Id]. \mforall{}[m:Message(f)].
\{<d, i, m> \mmember{} new\_23\_sig\_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f) <z1, z6>(e)
\mLeftarrow{}{}\mRightarrow{} ((header(e) = ``new\_23\_sig vote``) \mwedge{} has-es-info-type(es;e;f;\mBbbZ{} \mtimes{} \mBbbZ{} \mtimes{} Cmd \mtimes{} Id))
\mwedge{} (\muparrow{}(new\_23\_sig\_newvote(Cmd) <z1, z6> msgval(e) new\_23\_sig\_QuorumStateFun(Cmd;notify;propos\000Ce;f;<z1, z6>es;e)))
\mwedge{} (||fst(new\_23\_sig\_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>es;e))|| = (coeff * flrs))
\mwedge{} (d = 0)
\mwedge{} (\mdownarrow{}(((fst(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(new\_23\_sig\_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>es;\000Ce)))];snd(fst(msgval(e))))))
= ((coeff * flrs) + 1))
\mwedge{} i \mdownarrow{}\mmember{} reps
\mwedge{} (m
= make-Msg(``new\_23\_sig decided``;<fst(fst(fst(msgval(e))))
, snd(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(...))];snd(fst(...))))
>)))
\mvee{} ((\mneg{}((fst(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(new\_23\_sig\_QuorumStateFun(Cmd;notify;propose;f;<z1, z6>\000C;es;e)))];snd(fst(msgval(e))))))
= ((coeff * flrs) + 1)))
\mwedge{} (i = loc(e))
\mwedge{} (m
= make-Msg(``new\_23\_sig retry``;<<fst(fst(fst(msgval(e))))
, (snd(fst(fst(msgval(e))))) + 1
>
, snd(poss-maj(cmdeq;[snd(fst(msgval(e))) /
(fst(...))];snd(fst(...))))
>))))\})
\mwedge{} (\mforall{}[z1:\mBbbZ{}]. \mforall{}[propose,notify:Atom List]. \mforall{}[clients:bag(Id)]. \mforall{}[Cmd:\{T:Type| valueall-type(T)\} ].
\mforall{}[f:new\_23\_sig\_headers\_type\{i:l\}(Cmd;notify;propose)]. \mforall{}[es:EO+(Message(f))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}].
\mforall{}[i:Id]. \mforall{}[m:Message(f)].
\{<d, i, m> \mmember{}
(new\_23\_sig\_decision(Cmd;clients;notify;propose;f)
z1 o new\_23\_sig\_decided'base(Cmd;notify;propose;f))(e)
\mLeftarrow{}{}\mRightarrow{} (header(e) = ``new\_23\_sig decided``)
\mwedge{} has-es-info-type(es;e;f;\mBbbZ{} \mtimes{} Cmd)
\mwedge{} ((fst(msgval(e))) = z1)
\mwedge{} i \mdownarrow{}\mmember{} clients
\mwedge{} (d = 0)
\mwedge{} (m = make-Msg(notify;msgval(e)))\})
\mwedge{} (\mforall{}[Cmd:\{T:Type| valueall-type(T)\} ]. \mforall{}[clients:bag(Id)]. \mforall{}[cmdeq:EqDecider(Cmd)]. \mforall{}[coeff,flrs:\mBbbZ{}].
\mforall{}[notify,propose:Atom List]. \mforall{}[reps:bag(Id)]. \mforall{}[slots:set-sig\{i:l\}(\mBbbZ{})].
\mforall{}[f:new\_23\_sig\_headers\_type\{i:l\}(Cmd;notify;propose)]. \mforall{}[es:EO+(Message(f))]. \mforall{}[e:E]. \mforall{}[d:\mBbbZ{}].
\mforall{}[i:Id]. \mforall{}[m:Message(f)].
\{<d, i, m> \mmember{} new\_23\_sig\_main()(e)
\mLeftarrow{}{}\mRightarrow{} loc(e) \mdownarrow{}\mmember{} reps
\mwedge{} (\mdownarrow{}\mexists{}e':\{e':E| e' \mleq{}loc e \}
\mexists{}z1:\mBbbZ{}
\mexists{}z2:Cmd
(((((header(e') = propose)
\mwedge{} has-es-info-type(es;e';f;\mBbbZ{} \mtimes{} Cmd)
\mwedge{} (<z1, z2> = msgval(e')))
\mvee{} ((header(e') = ``new\_23\_sig vote``)
\mwedge{} has-es-info-type(es;e';f;\mBbbZ{} \mtimes{} \mBbbZ{} \mtimes{} Cmd \mtimes{} Id)
\mwedge{} (z1 = (fst(fst(fst(msgval(e'))))))
\mwedge{} (z2 = (snd(fst(msgval(e')))))))
\mwedge{} (\mneg{}\muparrow{}(set-sig-member(slots) z1
new\_23\_sig\_ReplicaStateFun(Cmd;notify;propose;slots;f;es;e'))))
\mwedge{} (((no new\_23\_sig\_Notify(Cmd;clients;notify;propose;f) z1 between e' and e)
\mwedge{} ((((i \mdownarrow{}\mmember{} reps
\mwedge{} (d = 0)
\mwedge{} (m = make-Msg(``new\_23\_sig vote``;<<<z1, 0>, z2>, loc(e)>)))
\mwedge{} (e = e'))
\mvee{} ((no new\_23\_sig\_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f) <z1, 0> bet\000Cween e' and e)
\mwedge{} <d, i, m> \mmember{} \{new\_23\_sig\_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f)
<z1, 0>\}(e)))
\mvee{} (\mexists{}e1:\{e1:E| e1 \mleq{}loc e \}
\mexists{}z6:\mBbbZ{}
\mexists{}z7:Cmd
(new\_23\_sig\_NewRoundsStateFun(Cmd;notify;propose;f;z1;es.e';e1) < z6
\mwedge{} (((header(e1) = ``new\_23\_sig retry``)
\mwedge{} has-es-info-type(es;e1;f;\mBbbZ{} \mtimes{} \mBbbZ{} \mtimes{} Cmd)
\mwedge{} (<<z1, z6>, z7> = msgval(e1)))
\mvee{} ((header(e1) = ``new\_23\_sig vote``)
\mwedge{} has-es-info-type(es;e1;f;\mBbbZ{} \mtimes{} \mBbbZ{} \mtimes{} Cmd \mtimes{} Id)
\mwedge{} (<<z1, z6>, z7> = (fst(msgval(e1))))))
\mwedge{} (((i \mdownarrow{}\mmember{} reps
\mwedge{} (d = 0)
\mwedge{} (m = make-Msg(``new\_23\_sig vote``;<<<z1, z6>, z7>, loc(e)>)))
\mwedge{} (e = e1))
\mvee{} ((no new\_23\_sig\_Quorum(Cmd;cmdeq;coeff;flrs;notify;propose;reps;f)
<z1, z6> between e1 and e)
\mwedge{} <d, i, m> \mmember{}
\{new\_23\_sig\_Quorum(Cmd;cmdeq;coeff;flrs;...;...;...;...) ...\}(
...)))))))
\mvee{} ...)))\})
By
Latex:
ProveILF\_lemma new-23-sig.esh
Home
Index