Proof of Nuprl Lemma : pv11_p1_decision_from_maj

Step * 1 1 1 of Lemma pv11_p1_decision_from_maj_acceptors

.....assertion.....
1. Cmd : Type@i'
2. valueall-type(Cmd)@i'
3. f : pv11_p1_headers_type{i:l}(Cmd)@i'
4. (f [decision]) = (ℤ × Cmd) ∈ Type
5. (f [propose]) = (ℤ × Cmd) ∈ Type

6. (f ``pv11_p1 adopted``) = (pv11_p1_Ballot_Num() × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List)) ∈ Type

7. (f ``pv11_p1 preempted``) = pv11_p1_Ballot_Num() ∈ Type
8. (f ``pv11_p1 p2b``) = (Id × pv11_p1_Ballot_Num() × ℤ × pv11_p1_Ballot_Num()) ∈ Type
9. (f ``pv11_p1 p2a``) = (Id × pv11_p1_Ballot_Num() × ℤ × Cmd) ∈ Type
10. (f ``pv11_p1 p1b``)
= (Id × pv11_p1_Ballot_Num() × pv11_p1_Ballot_Num() × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List))
∈ Type
11. (f ``pv11_p1 p1a``) = (Id × pv11_p1_Ballot_Num()) ∈ Type
12. f ∈ Name ─→ Type
13. es : EO+(Message(f))@i'
14. e : E@i
15. accpts : bag(Id)@i
16. ldrs : bag(Id)@i
17. ldrs_uid : Id ─→ ℤ@i
18. reps : bag(Id)@i
19. b : pv11_p1_Ballot_Num()@i
20. s : ℤ@i
21. c : Cmd@i
22. i : Id@i
23. Inj(Id;ℤ;ldrs_uid)@i
24. pv11_p1_message-constraint{paxos-v11-part1.esh:o}(Cmd; accpts; ldrs; ldrs_uid; reps; f; es)@i
25. b1 : Id
26. b1 ↓∈ accpts
27. has-es-info-type(es;e;f;Id × pv11_p1_Ballot_Num() × ℤ × pv11_p1_Ballot_Num())@i
28. b = (snd(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num()@i
29. loc(e) ↓∈ ldrs
30. e' : E
31. e' ≤loc e
32. header(e) = ``pv11_p1 p2b`` ∈ Name
33. has-es-info-type(es;e;f;Id × pv11_p1_Ballot_Num() × ℤ × pv11_p1_Ballot_Num())
34. 0 = 0 ∈ ℤ
35. (fst(snd(msgval(e)))) = (snd(snd(snd(msgval(e))))) ∈ pv11_p1_Ballot_Num()
36. #(pv11_p1_CommanderStateFun(Cmd;accpts;f;fst(snd(msgval(e)));fst(snd(snd(msgval(e))));es.e';e)) < ...
37. i ↓∈ reps
38. ff = pv11_p1_init_active()
39. s = (fst(snd(snd(msgval(e))))) ∈ ℤ
40. (((header(e') = [propose] ∈ Name) ∧ has-es-info-type(es;e';f;ℤ × Cmd))
∧ ((↑(fst(snd(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;f;es;e')))))
  ∧ (¬↑(pv11_p1_in_domain(Cmd) (fst(msgval(e'))) (snd(snd(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;f;es;e')))))))
∧ ((fst(snd(msgval(e)))) = (fst(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;f;es;e'))) ∈ pv11_p1_Ballot_Num())
∧ (<fst(snd(snd(msgval(e)))), c> = msgval(e') ∈ (ℤ × Cmd)))
∨ (((header(e') = ``pv11_p1 adopted`` ∈ Name)
   ∧ has-es-info-type(es;e';f;pv11_p1_Ballot_Num() × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List)))
  ∧ ((fst(msgval(e'))) = (fst(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;f;es;e'))) ∈ pv11_p1_Ballot_Num())
  ∧ ((<fst(snd(snd(msgval(e)))), c> ↓∈ snd(snd(pv11_p1_LeaderStateFun(Cmd;ldrs_uid;f;es;e')))
    ∧ (¬(∃p2:Cmd. (<fst(snd(snd(msgval(e)))), p2> ∈ pv11_p1_pmax(Cmd;ldrs_uid) (snd(msgval(e')))))))
    ∨ (∃v2:pv11_p1_Ballot_Num()
        (<v2, fst(snd(snd(msgval(e)))), c> ↓∈ snd(msgval(e'))
        ∧ (¬(∃z5:pv11_p1_Ballot_Num()

              ∃z8:Cmd. ((↑(v2  < z5)) ∧ (<z5, fst(snd(snd(msgval(e)))), z8> ∈ snd(msgval(e')))))))))

∧ ((fst(snd(msgval(e)))) = (fst(msgval(e'))) ∈ pv11_p1_Ballot_Num()))

41. (no ((pv11_p1_commander_output(Cmd;accpts;reps;f) <fst(snd(msgval(e))), fst(snd(snd(msgval(e)))), c> o pv11_p1_p2b'b\000Case(Cmd;f)) o

        pv11_p1_CommanderState(Cmd;accpts;f) (fst(snd(msgval(e)))) (fst(snd(snd(msgval(e)))))) between e' and e)

⊢ ∃e0:E. ∃l:Id. pv11_p1_p2a'send(Cmd;f) b1 <l, b, s, c> ∈ pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;f)(e0)

BY
{ (InstConcl [⌈e'⌉;⌈loc(e')⌉]⋅ THENA Auto) }

1
1. Cmd : Type@i'
2. valueall-type(Cmd)@i'
3. f : pv11_p1_headers_type{i:l}(Cmd)@i'
4. (f [decision]) = (ℤ × Cmd) ∈ Type
5. (f [propose]) = (ℤ × Cmd) ∈ Type

6. (f ``pv11_p1 adopted``) = (pv11_p1_Ballot_Num() × ((pv11_p1_Ballot_Num() × ℤ × Cmd) List)) ∈ Type

              ∃z8:Cmd. ((↑(v2  < z5)) ∧ (<z5, fst(snd(snd(msgval(e)))), z8> ∈ snd(msgval(e')))))))))

∧ ((fst(snd(msgval(e)))) = (fst(msgval(e'))) ∈ pv11_p1_Ballot_Num()))

41. (no ((pv11_p1_commander_output(Cmd;accpts;reps;f) <fst(snd(msgval(e))), fst(snd(snd(msgval(e)))), c> o pv11_p1_p2b'b\000Case(Cmd;f)) o

        pv11_p1_CommanderState(Cmd;accpts;f) (fst(snd(msgval(e)))) (fst(snd(snd(msgval(e)))))) between e' and e)

⊢ pv11_p1_p2a'send(Cmd;f) b1 <loc(e'), b, s, c> ∈ pv11_p1_main(Cmd;accpts;ldrs;ldrs_uid;reps;f)(e')

Latex:

Latex:
.....assertion..... 1. Cmd : Type@i' 2. valueall-type(Cmd)@i' 3. f : pv11\_p1\_headers\_type\{i:l\}(Cmd)@i' 4. (f [decision]) = (\mBbbZ{} \mtimes{} Cmd) 5. (f [propose]) = (\mBbbZ{} \mtimes{} Cmd) 6. (f ``pv11\_p1 adopted``) = (pv11\_p1\_Ballot\_Num() \mtimes{} ((pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List)) 7. (f ``pv11\_p1 preempted``) = pv11\_p1\_Ballot\_Num() 8. (f ``pv11\_p1 p2b``) = (Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} pv11\_p1\_Ballot\_Num()) 9. (f ``pv11\_p1 p2a``) = (Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) 10. (f ``pv11\_p1 p1b``) = (Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} ((pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List)) 11. (f ``pv11\_p1 p1a``) = (Id \mtimes{} pv11\_p1\_Ballot\_Num()) 12. f \mmember{} Name {}\mrightarrow{} Type 13. es : EO+(Message(f))@i' 14. e : E@i 15. accpts : bag(Id)@i 16. ldrs : bag(Id)@i 17. ldrs$_{uid}$ : Id {}\mrightarrow{} \mBbbZ{}@i 18. reps : bag(Id)@i 19. b : pv11\_p1\_Ballot\_Num()@i 20. s : \mBbbZ{}@i 21. c : Cmd@i 22. i : Id@i 23. Inj(Id;\mBbbZ{};ldrs$_{uid}$)@i 24. pv11\_p1\_message-constraint\{paxos-v11-part1.esh:o\}(Cmd; accpts; ldrs; ldrs$_{uid}\000C$; reps; f; es)@i 25. b1 : Id 26. b1 \mdownarrow{}\mmember{} accpts 27. has-es-info-type(es;e;f;Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} pv11\_p1\_Ballot\_Num())@i 28. b = (snd(snd(snd(msgval(e)))))@i 29. loc(e) \mdownarrow{}\mmember{} ldrs 30. e' : E 31. e' \mleq{}loc e 32. header(e) = ``pv11\_p1 p2b`` 33. has-es-info-type(es;e;f;Id \mtimes{} pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} pv11\_p1\_Ballot\_Num()) 34. 0 = 0 35. (fst(snd(msgval(e)))) = (snd(snd(snd(msgval(e))))) 36. \#(pv11\_p1\_CommanderStateFun(Cmd;accpts;f;fst(snd(msgval(e)));fst(snd(snd(...)));es.e';e)) < ... 37. i \mdownarrow{}\mmember{} reps 38. ff = pv11\_p1\_init\_active() 39. s = (fst(snd(snd(msgval(e))))) 40. (((header(e') = [propose]) \mwedge{} has-es-info-type(es;e';f;\mBbbZ{} \mtimes{} Cmd)) \mwedge{} ((\muparrow{}(fst(snd(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;f;es;e'))))) \mwedge{} (\mneg{}\muparrow{}(pv11\_p1\_in\_domain(Cmd) (fst(msgval(e'))) (snd(snd(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;f;es;e'))))))) \mwedge{} ((fst(snd(msgval(e)))) = (fst(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;f;es;e')\000C))) \mwedge{} (<fst(snd(snd(msgval(e)))), c> = msgval(e'))) \mvee{} (((header(e') = ``pv11\_p1 adopted``) \mwedge{} has-es-info-type(es;e';f;pv11\_p1\_Ballot\_Num() \mtimes{} ((pv11\_p1\_Ballot\_Num() \mtimes{} \mBbbZ{} \mtimes{} Cmd) List))) \mwedge{} ((fst(msgval(e'))) = (fst(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid}$;f;es;e')))\000C) \mwedge{} ((<fst(snd(snd(msgval(e)))), c> \mdownarrow{}\mmember{} snd(snd(pv11\_p1\_LeaderStateFun(Cmd;ldrs$_{uid\mbackslash{}ff7\000Cd$;f;es;e'))) \mwedge{} (\mneg{}(\mexists{}p2:Cmd. (<fst(snd(snd(msgval(e)))), p2> \mmember{} pv11\_p1\_pmax(Cmd;ldrs$_{uid}\mbackslash{}ff2\000C4) (snd(msgval(e'))))))) \mvee{} (\mexists{}v2:pv11\_p1\_Ballot\_Num() (<v2, fst(snd(snd(msgval(e)))), c> \mdownarrow{}\mmember{} snd(msgval(e')) \mwedge{} (\mneg{}(\mexists{}z5:pv11\_p1\_Ballot\_Num() \mexists{}z8:Cmd. ((\muparrow{}(v2 < z5)) \mwedge{} (<z5, fst(snd(snd(msgval(e)))), z8> \mmember{} snd(msgval(e'))))))))) \mwedge{} ((fst(snd(msgval(e)))) = (fst(msgval(e'))))) 41. (no ((pv11\_p1\_commander\_output(Cmd;accpts;reps;f) <fst(snd(msgval(e))), fst(snd(snd(msgval(e)))), c> o pv11\_p1\_p2b'base(Cmd;f)) o pv11\_p1\_CommanderState(Cmd;accpts;f) (fst(snd(msgval(e)))) (fst(snd(snd(msgval(e)))))) between e' and e) \mvdash{} \mexists{}e0:E. \mexists{}l:Id. pv11\_p1\_p2a'send(Cmd;f) b1 <l, b, s, c> \mmember{} pv11\_p1\_main(Cmd;accpts;ldrs;ldrs$\mbackslash{}ff5\000Cf{uid}$;reps;f)(e0) By Latex: (InstConcl [\mkleeneopen{}e'\mkleeneclose{};\mkleeneopen{}loc(e')\mkleeneclose{}]\mcdot{} THENA Auto) Home Index