Proof of Nuprl Lemma : CLK-prop

Step * 3 of Lemma CLK-prop

1. MsgType : {T:Type| valueall-type(T)} @i'
2. locs : bag(Id)@i
3. reply : Id ─→ MsgType ─→ (MsgType × Id)@i
4. f : CLK_headers_type{i:l}(MsgType)@i'
5. (f ``CLK msg``) = (MsgType × ℤ) ∈ Type
6. f ∈ Name ─→ Type
7. es : EO+(Message(f))@i'
8. e1 : E@i
9. CLK_message-constraint{i:l}(MsgType;locs;reply;f)@i'
10. ∀e:E. (↑e ∈_b CLK_msg'base(MsgType;f))@i
11. e2 : E@i
12. ∀e3:E
      ((e3 < e2)
      ⇒ (∀clock1,clock2:ℤ.
            (e1 ─→ e3 ⇒ clock1 ∈ CLK_Clock(MsgType;f)(e1) ⇒ clock2 ∈ CLK_Clock(MsgType;f)(e3) ⇒ clock1 < clock2)))
13. clock1 : ℤ@i
14. clock2 : ℤ@i
15. e : E@i
16. (e < e2)@i
17. (¬(loc(e) = loc(e2) ∈ Id)) ⇒ e2 caused by e in CLK_main(MsgType;locs;reply;f)@i
18. e1 ─→ e@i
19. clock1 ∈ CLK_Clock(MsgType;f)(e1)@i
20. clock2 ∈ CLK_Clock(MsgType;f)(e2)@i
21. loc(e) = loc(e2) ∈ Id
⊢ clock1 < clock2
BY

{ ((InstHyp [⌈e⌉;⌈clock1⌉;⌈CLK_ClockVal(MsgType;f)@e⌉] (-10)⋅ THENA (Auto THEN RWO "CLK_Clock-classrel" 0 THEN Auto))

THEN Assert ⌈CLK_ClockVal(MsgType;f)@e < clock2⌉⋅
THEN Auto

   THEN InstLemma `CLK_strict_inc2` [⌈MsgType⌉;⌈f⌉;⌈es⌉;⌈e⌉;⌈e2⌉;⌈CLK_ClockVal(MsgType;f)@e⌉;⌈clock2⌉]⋅

   THEN Auto
   THEN Try (Complete ((D 0 THEN Auto)))
   THEN Try (Complete ((RWO "CLK_Clock-classrel" 0 THEN Auto)))
   THEN InstConcl [⌈e2⌉]⋅
   THEN Auto
   THEN D 0
   THEN Auto) }

Latex:

Latex:
1. MsgType : \{T:Type| valueall-type(T)\} @i' 2. locs : bag(Id)@i 3. reply : Id {}\mrightarrow{} MsgType {}\mrightarrow{} (MsgType \mtimes{} Id)@i 4. f : CLK\_headers\_type\{i:l\}(MsgType)@i' 5. (f ``CLK msg``) = (MsgType \mtimes{} \mBbbZ{}) 6. f \mmember{} Name {}\mrightarrow{} Type 7. es : EO+(Message(f))@i' 8. e1 : E@i 9. CLK\_message-constraint\{i:l\}(MsgType;locs;reply;f)@i' 10. \mforall{}e:E. (\muparrow{}e \mmember{}\msubb{} CLK\_msg'base(MsgType;f))@i 11. e2 : E@i 12. \mforall{}e3:E ((e3 < e2) {}\mRightarrow{} (\mforall{}clock1,clock2:\mBbbZ{}. (e1 {}\mrightarrow{} e3 {}\mRightarrow{} clock1 \mmember{} CLK\_Clock(MsgType;f)(e1) {}\mRightarrow{} clock2 \mmember{} CLK\_Clock(MsgType;f)(e3) {}\mRightarrow{} clock1 < clock2))) 13. clock1 : \mBbbZ{}@i 14. clock2 : \mBbbZ{}@i 15. e : E@i 16. (e < e2)@i 17. (\mneg{}(loc(e) = loc(e2))) {}\mRightarrow{} e2 caused by e in CLK\_main(MsgType;locs;reply;f)@i 18. e1 {}\mrightarrow{} e@i 19. clock1 \mmember{} CLK\_Clock(MsgType;f)(e1)@i 20. clock2 \mmember{} CLK\_Clock(MsgType;f)(e2)@i 21. loc(e) = loc(e2) \mvdash{} clock1 < clock2 By Latex: ((InstHyp [\mkleeneopen{}e\mkleeneclose{};\mkleeneopen{}clock1\mkleeneclose{};\mkleeneopen{}CLK\_ClockVal(MsgType;f)@e\mkleeneclose{}] (-10)\mcdot{} THENA (Auto THEN RWO "CLK\_Clock-classrel" 0 THEN Auto) ) THEN Assert \mkleeneopen{}CLK\_ClockVal(MsgType;f)@e < clock2\mkleeneclose{}\mcdot{} THEN Auto THEN InstLemma `CLK\_strict\_inc2` [\mkleeneopen{}MsgType\mkleeneclose{};\mkleeneopen{}f\mkleeneclose{};\mkleeneopen{}es\mkleeneclose{};\mkleeneopen{}e\mkleeneclose{};\mkleeneopen{}e2\mkleeneclose{};\mkleeneopen{}CLK\_ClockVal(MsgType;f)@e\mkleeneclose{};\mkleeneopen{}clock2\mkleeneclose{}] \mcdot{} THEN Auto THEN Try (Complete ((D 0 THEN Auto))) THEN Try (Complete ((RWO "CLK\_Clock-classrel" 0 THEN Auto))) THEN InstConcl [\mkleeneopen{}e2\mkleeneclose{}]\mcdot{} THEN Auto THEN D 0 THEN Auto) Home Index