Nuprl Lemma : pv11_p1_A4

Nuprl Lemma : pv11_p1_A4_C1

∀Cmd:ValueAllType. ∀f:pv11_p1_headers_type{i:l}(Cmd). ∀es:EO+(Message(f)). ∀e1,e2:E. ∀accpts,ldrs:bag(Id).

∀ldrs_uid:Id ─→ ℤ. ∀reps:bag(Id). ∀bnum1,bnum2:pv11_p1_Ballot_Num(). ∀accepted1,accepted2:(pv11_p1_Ballot_Num()

                                                                                          × ℤ

                                                                                          × Cmd) List. ∀i1,i2,l:Id.

∀b:pv11_p1_Ballot_Num(). ∀s:ℤ. ∀p1,p2:Cmd.
  (Inj(Id;ℤ;ldrs_uid)
  ⇒ pv11_p1_message-constraint{paxos-v11-part1.esh:o}(Cmd; accpts; ldrs; ldrs_uid; reps; f; es)
  ⇒ ((<bnum1, accepted1> ∈ pv11_p1_AcceptorState(Cmd;ldrs_uid;f)(e1)
     ∧ <bnum2, accepted2> ∈ pv11_p1_AcceptorState(Cmd;ldrs_uid;f)(e2)
     ∧ (<b, s, p1> ∈ accepted1)
     ∧ (<b, s, p2> ∈ accepted2))
     ∨ (pv11_p1_p2a'send(Cmd;f) i1 <l, b, s, p1> ∈ pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;f)(e1)

       ∧ pv11_p1_p2a'send(Cmd;f) i2 <l, b, s, p2> ∈ pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;f)(e2)))

⇒ (p1 = p2 ∈ Cmd))

Proof

Definitions occuring in Statement : pv11_p1_p2a'send: pv11_p1_p2a'send(Cmd;f), pv11_p1_message-constraint: pv11_p1_message-constraint{paxos-v11-part1.esh:o}(Cmd; accpts; ldrs; ldrs_uid; reps; mf; es), pv11_p1_main: pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;mf), pv11_p1_AcceptorState: pv11_p1_AcceptorState(Cmd;ldrs_uid;mf), pv11_p1_headers_type: pv11_p1_headers_type{i:l}(Cmd), pv11_p1_Ballot_Num: pv11_p1_Ballot_Num(), msg-interface: Interface, Message: Message(f), classrel: v ∈ X(e), event-ordering+: EO+(Info), es-E: E, Id: Id, l_member: (x ∈ l), list: T List, inject: Inj(A;B;f), vatype: ValueAllType, all: ∀x:A. B[x], implies: P ⇒ Q, or: P ∨ Q, and: P ∧ Q, apply: f a, function: x:A ─→ B[x], pair: <a, b>, product: x:A × B[x], int: ℤ, equal: s = t ∈ T, bag: bag(T)
Definitions : assert: ↑b, ifthenelse: if b then t else f fi , name_eq: name_eq(x;y), name-deq: NameDeq, list-deq: list-deq(eq), cons: [a / b], band: p ∧_b q, atom-deq: AtomDeq, eq_atom: x =a y, bfalse: ff, false: False, btrue: tt
Lemmas : es-causl-swellfnd, event-ordering+_subtype, Message_wf, nat_properties, less_than_transitivity1, less_than_irreflexivity, ge_wf, less_than_wf, or_wf, classrel_wf, pv11_p1_AcceptorState_wf, l_member_wf, msg-interface_wf, pv11_p1_main_wf, pv11_p1_p2a'send_wf, Id_wf, list_wf, es-E_wf, int_seg_wf, int_seg_subtype-nat, decidable__le, subtract_wf, false_wf, not-ge-2, less-iff-le, condition-implies-le, minus-one-mul, zero-add, minus-add, minus-minus, add-associates, add-swap, add-commutes, add_functionality_wrt_le, add-zero, le-add-cancel, decidable__equal_int, subtype_rel-int_seg, le_weakening, int_seg_properties, le_wf, nat_wf, zero-le-nat, lelt_wf, es-causl_wf, equal_wf, decidable__lt, not-equal-2, le-add-cancel-alt, not-le-2, sq_stable__le, add-mul-special, zero-mul, pv11_p1_acc_p2a, base-noloc-classrel-make-Msg2, cons_wf_listp, cons_wf, nil_wf, listp_wf, hdrmkmsg_lemma, cons_member, name_wf, equal-wf-base, msg-header_wf, pv11_p1_headers_no_inputs_wf, squash_wf, exists_wf, make-msg-interface_wf, es-loc_wf, msg-authentic_wf, es-info_wf, subtype_base_sq, int_subtype_base, bool_wf, bool_subtype_base, pv11_p1-p2a, pv11_p1_bnum_p2a, assert-union-deq, unit_wf2, product-deq_wf, int-deq_wf, id-deq_wf, unit-deq_wf, pv11_p1_mk_bnum_wf, pv11_p1_Ballot_Num_wf, union_subtype_base, product_subtype_base, atom2_subtype_base, unit_subtype_base, btrue_wf, and_wf, isl_wf, bfalse_wf, btrue_neq_bfalse, outl_wf, es-causl_transitivity2, es-causle_weakening_locl, pv11_p1_bnum_p2a_loc, es-locl-trichotomy, es-info-body_wf, true_wf, event-ordering+_wf, pi2_wf, pv11_p1_ldr_fun_mem_propose2, base-classrel-equal, subtype_rel_weakening, ext-eq_weakening, pi1_wf_top, subtype_rel_product, top_wf, subtype_top, pv11_p1_in_domain_wf, assert_elim, pv11_p1_LeaderStateFun_wf, not_assert_elim, assert_wf, null_nil_lemma, reduce_tl_cons_lemma, es-header_wf, tl_wf, null_wf3, subtype_rel_list, null_cons_lemma, pv11_p1_ldr_fun_mem_adopted, iff_weakening_equal, member_wf, bag-member_wf, list-subtype-bag, not_wf, pv11_p1_pmax_wf, pv11_p1_lt_bnum_wf, l_member-bag-member, pv11_p1_ldr_active_fun, pv11_p1_ldr_fun_proposal3, es-info-type_wf, subtype_rel_transitivity, pair-eta, pv11_p1_propose'base_wf, pv11_p1_ldr_fun_ord, pv11_p1_leq_bnum_wf, pv11_p1_leq_bnum_implies_eq_or_lt, pv11_p1_unique_adopted_fun2, eclass_wf, pv11_p1_adopted'base_wf, es-locl_transitivity2, es-le_weakening, pv11_p1_lt_bnum_irrefl2, pv11_p1_lt_bnum_trans2, subtype_rel_dep_function, vatype_wf, pv11_p1_headers_type_wf, pv11_p1_unique_adopted_fun, bag_wf, pv11_p1_pmax_desc_iff, all_wf, base-headers-msg-val-single-val, base-noloc-classrel, list_subtype_base, atom_subtype_base, assert-name_eq, decidable__es-locl, es-le-not-locl, pv11_p1_leq_bnum_implies_eq, has-es-info-type_wf, es-pred-exists-between, event-ordering+_cumulative2, es-first_wf2, es-pred_wf, valueall-type_wf, es-locl_wf, event_ordering_wf, es-pred-locl-implies-le, es-pred-locl, es-le_weakening_eq, eqtt_to_assert, eqff_to_assert, bool_cases_sqequal, assert-bnot, member-eclass_wf, member-base-class_iff, pv11_p1_ldr_state_fun_eq, classfun-res-base-classrel, base-headers-msg-val_wf, pv11_p1_eq_bnums_wf, pv11_p1_eq_bnums-assert, pv11_p1_when_adopted_wf, pv11_p1_adopted_prior, pv11_p1_LeaderState-classrel, pv11_p1_adopted_from_acceptor, es-causle_weakening_eq, es-causle_wf, equal-wf-T-base, decidable__assert, not-pv11_p1_leq_bnum

Latex:
\mforall{}Cmd:ValueAllType. \mforall{}f:pv11\_p1\_headers\_type\{i:l\}(Cmd). \mforall{}es:EO+(Message(f)). \mforall{}e1,e2:E. \mforall{}accpts,ldrs:bag(Id). \mforall{}ldrs$_{uid}$:Id {}\mrightarrow{} \mBbbZ{}. \mforall{}reps:bag(Id). \mforall{}bnum1,bnum2:pv11\_p1\000C\_Ballot\_Num(). \mforall{}accepted1,accepted2:(pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List. \mforall{}i1,i2,l:Id. \mforall{}b:pv11\_p1\_Ballot\_Num(). \mforall{}s:\mBbbZ{}. \mforall{}p1,p2:Cmd. (Inj(Id;\mBbbZ{};ldrs$_{uid}$) {}\mRightarrow{} pv11\_p1\_message-constraint\{paxos-v11-part1.esh:o\}(Cmd; accpts; ldrs; ldrs$_{uid\mbackslash{}ff7\000Cd$; reps; f; es) {}\mRightarrow{} ((<bnum1, accepted1> \mmember{} pv11\_p1\_AcceptorState(Cmd;ldrs$_{uid}$;f)(e1) \mwedge{} <bnum2, accepted2> \mmember{} pv11\_p1\_AcceptorState(Cmd;ldrs$_{uid}$;f)(e2) \mwedge{} (<b, s, p1> \mmember{} accepted1) \mwedge{} (<b, s, p2> \mmember{} accepted2)) \mvee{} (pv11\_p1\_p2a'send(Cmd;f) i1 <l, b, s, p1> \mmember{} pv11\_p1\_main(Cmd;accpts;ldrs;ldrs$_{u\000Cid}$;reps;f)(e1) \mwedge{} pv11\_p1\_p2a'send(Cmd;f) i2 <l, b, s, p2> \mmember{} pv11\_p1\_main(Cmd;accpts;ldrs;ldrs$_{\000Cuid}$;reps;f)(e2))) {}\mRightarrow{} (p1 = p2)) Date html generated: 2015_07_23-PM-04_54_00 Last ObjectModification: 2015_02_04-AM-08_20_36 Home Index