Nuprl Lemma : pv11_p1_A5_C2
∀Cmd:ValueAllType. ∀f:pv11_p1_headers_type{i:l}(Cmd). ∀es:EO+(Message(f)). ∀e:E. ∀accpts,ldrs:bag(Id).
∀ldrs_uid:Id ─→ ℤ. ∀reps:bag(Id). ∀i,l:Id. ∀b,b':pv11_p1_Ballot_Num(). ∀s:ℤ. ∀p,p':Cmd. ∀as,cs:bag(Id).
(pv11_p1_message-constraint{paxos-v11-part1.esh:o}(Cmd; accpts; ldrs; ldrs_uid; reps; f; es)
⇒ Inj(Id;ℤ;ldrs_uid)
⇒ (accpts = (as + cs) ∈ bag(Id))
⇒ #(as) < pv11_p1_threshold(accpts)
⇒ (∀a:Id
(a ↓∈ cs ⇒ (↓∃e':E. ((a = loc(e') ∈ Id) ∧ (<b, s, p> ∈ snd(pv11_p1_AcceptorStateFun(Cmd;ldrs_uid;f;es;e')))))))
⇒ ((<b', s, p'> ∈ snd(pv11_p1_AcceptorStateFun(Cmd;ldrs_uid;f;es;e)))
∨ pv11_p1_p2a'send(Cmd;f) i <l, b', s, p'> ∈ pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;f)(e))
⇒ (↑(b < b'))
⇒ (p = p' ∈ Cmd))
Proof
Definitions occuring in Statement :
pv11_p1_p2a'send: pv11_p1_p2a'send(Cmd;f),
pv11_p1_message-constraint: pv11_p1_message-constraint{paxos-v11-part1.esh:o}(Cmd; accpts; ldrs; ldrs_uid; reps; mf; es),
pv11_p1_main: pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;mf),
pv11_p1_AcceptorStateFun: pv11_p1_AcceptorStateFun(Cmd;ldrs_uid;mf;es;e),
pv11_p1_threshold: pv11_p1_threshold(accpts),
pv11_p1_headers_type: pv11_p1_headers_type{i:l}(Cmd),
pv11_p1_lt_bnum: pv11_p1_lt_bnum(ldrs_uid),
pv11_p1_Ballot_Num: pv11_p1_Ballot_Num(),
msg-interface: Interface,
Message: Message(f),
classrel: v ∈ X(e),
event-ordering+: EO+(Info),
es-loc: loc(e),
es-E: E,
Id: Id,
l_member: (x ∈ l),
inject: Inj(A;B;f),
vatype: ValueAllType,
assert: ↑b,
less_than: a < b,
pi2: snd(t),
all: ∀x:A. B[x],
exists: ∃x:A. B[x],
squash: ↓T,
implies: P ⇒ Q,
or: P ∨ Q,
and: P ∧ Q,
apply: f a,
function: x:A ─→ B[x],
pair: <a, b>,
product: x:A × B[x],
int: ℤ,
equal: s = t ∈ T,
bag-member: x ↓∈ bs,
bag-size: #(bs),
bag-append: as + bs,
bag: bag(T)
Lemmas :
es-causl-swellfnd,
event-ordering+_subtype,
Message_wf,
nat_properties,
less_than_transitivity1,
less_than_irreflexivity,
ge_wf,
less_than_wf,
or_wf,
l_member_wf,
pv11_p1_AcceptorStateFun_wf,
classrel_wf,
msg-interface_wf,
pv11_p1_main_wf,
pv11_p1_p2a'send_wf,
Id_wf,
assert_wf,
pv11_p1_lt_bnum_wf,
es-E_wf,
int_seg_wf,
int_seg_subtype-nat,
decidable__le,
subtract_wf,
false_wf,
not-ge-2,
less-iff-le,
condition-implies-le,
minus-one-mul,
zero-add,
minus-add,
minus-minus,
add-associates,
add-swap,
add-commutes,
add_functionality_wrt_le,
add-zero,
le-add-cancel,
decidable__equal_int,
subtype_rel-int_seg,
le_weakening,
int_seg_properties,
le_wf,
nat_wf,
zero-le-nat,
lelt_wf,
es-causl_wf,
equal_wf,
decidable__lt,
not-equal-2,
le-add-cancel-alt,
not-le-2,
sq_stable__le,
add-mul-special,
zero-mul,
pv11_p1_acc_p2a,
pv11_p1_AcceptorState-classrel,
pair_eta_rw,
list_wf,
iff_weakening_equal,
base-noloc-classrel-make-Msg2,
cons_wf_listp,
cons_wf,
nil_wf,
listp_wf,
hdrmkmsg_lemma,
cons_member,
name_wf,
equal-wf-base,
msg-header_wf,
pv11_p1_headers_no_inputs_wf,
squash_wf,
exists_wf,
make-msg-interface_wf,
es-loc_wf,
es-causl_transitivity2,
es-causle_weakening_locl,
make-Msg-as-mk-msg,
msg-authentic_wf,
es-info_wf,
subtype_base_sq,
int_subtype_base,
bool_wf,
bool_subtype_base,
pv11_p1-p2a,
bfalse_wf,
pv11_p1_ldr_active_fun,
pv11_p1_adopted_from_maj_acceptors,
pv11_p1_overlapping_accs,
map_wf,
list-subtype-bag,
bag-member-map,
bag-member-list,
decidable__equal-es-E,
es-locl-trichotomy,
es-le_weakening,
es-locl_wf,
es-le-self,
and_wf,
es-le_wf,
pv11_p1_inc_acc_pvals_fun,
pv11_p1_acc_state_from_p2a_fun,
es-le-loc,
pv11_p1_inc_acc_bnum_fun,
pv11_p1_Ballot_Num_wf,
union_subtype_base,
unit_wf2,
product_subtype_base,
atom2_subtype_base,
unit_subtype_base,
pv11_p1_lt_bnum_irrefl2,
pv11_p1_lt_bnum_trans1,
member-concat,
member_map,
bag-member-sq-list-member,
sq_stable__l_member,
decidable__es-E-equal,
pv11_p1_ldr_fun_mem_adopted,
true_wf,
event-ordering+_wf,
eclass_wf,
pv11_p1_adopted'base_wf,
pv11_p1_LeaderStateFun_wf,
pi1_wf_top,
subtype_rel_product,
top_wf,
subtype_top,
pv11_p1_in_domain_wf,
pi2_wf,
assert_elim,
base-classrel-equal,
es-info-body_wf,
subtype_rel_weakening,
ext-eq_weakening,
pair-eta,
pv11_p1_pmax_desc_implies,
decidable__assert,
pv11_p1_leq_bnum_wf,
not-pv11_p1_leq_bnum,
l_member-bag-member,
pv11_p1_leq_bnum_implies_eq_or_lt,
pv11_p1_A4_C1_funA
Latex:
\mforall{}Cmd:ValueAllType. \mforall{}f:pv11\_p1\_headers\_type\{i:l\}(Cmd). \mforall{}es:EO+(Message(f)). \mforall{}e:E.
\mforall{}accpts,ldrs:bag(Id). \mforall{}ldrs$_{uid}$:Id {}\mrightarrow{} \mBbbZ{}. \mforall{}reps:bag(Id). \mforall{}i,l:Id. \mforall{}b,b':pv11\_\000Cp1\_Ballot\_Num(). \mforall{}s:\mBbbZ{}.
\mforall{}p,p':Cmd. \mforall{}as,cs:bag(Id).
(pv11\_p1\_message-constraint\{paxos-v11-part1.esh:o\}(Cmd; accpts; ldrs; ldrs$_{uid}\mbackslash{}\000Cff24; reps; f; es)
{}\mRightarrow{} Inj(Id;\mBbbZ{};ldrs$_{uid}$)
{}\mRightarrow{} (accpts = (as + cs))
{}\mRightarrow{} \#(as) < pv11\_p1\_threshold(accpts)
{}\mRightarrow{} (\mforall{}a:Id
(a \mdownarrow{}\mmember{} cs
{}\mRightarrow{} (\mdownarrow{}\mexists{}e':E
((a = loc(e')) \mwedge{} (<b, s, p> \mmember{} snd(pv11\_p1\_AcceptorStateFun(Cmd;ldrs$_{uid\mbackslash{}\000Cff7d$;f;es;e')))))))
{}\mRightarrow{} ((<b', s, p'> \mmember{} snd(pv11\_p1\_AcceptorStateFun(Cmd;ldrs$_{uid}$;f;es;e)))
\mvee{} pv11\_p1\_p2a'send(Cmd;f) i <l, b', s, p'> \mmember{} pv11\_p1\_main(Cmd;accpts;ldrs;ldrs$_{ui\000Cd}$;reps;f)(e))
{}\mRightarrow{} (\muparrow{}(b < b'))
{}\mRightarrow{} (p = p'))
Date html generated:
2015_07_23-PM-05_03_08
Last ObjectModification:
2015_02_04-AM-07_54_26
Home
Index