{ 
es:event_system{i:l}. T:Type. leaders,failset:Id List. tg1a:Id.
X,Y:Temporary AbsInterface(es;T).
(Paxos-spec10(es;T;leaders;failset;tg1a;X;Y)
Paxos-spec9(es;T;leaders;failset;tg1a;X;Y)) }
{ Proof }
Definitions occuring in Statement :
Paxos-spec10: Paxos-spec10(es;T;leaders;failset;tg1a;Decide;Input),
Paxos-spec9: Paxos-spec9(es;T;leaders;failset;tg1a;Decide;Input),
es-interface: Temporary AbsInterface(es;A),
Id: Id,
all: x:A. B[x],
implies: P Q,
list: type List,
universe: Type
Definitions :
member: t 
T,
Id: Id,
list: type List,
less_than: a < b,
no_repeats: no_repeats(T;l),
le: A 
B,
function: x:A 
B[x],
all: x:A. B[x],
not: 
A,
es-filtered-propagate-iff1: Error :es-filtered-propagate-iff1,
l_all: (xL.P[x]),
set: {x:A| B[x]} ,
nat_plus: 
,
event_ordering: EO,
universe: Type,
multiply: n * m,
length: ||as||,
IdLnk: IdLnk,
es-collect-filter: Collect(size v's from X with maximum num[v] such that P[v]),
pair: <a, b>,
lt_int: i <z j,
es-interface-pair-prior: X;Y,
eq_int: (i =
j),
mapfilter-class: (f[v] where v from X such that P[v]),
isrcv: isrcv(k),
assert: 
b,
Knd: Knd,
prop: 
,
l_member: (x l),
subtype_rel: A 
r B,
implies: P Q,
and: P 
Q,
atom: Atom$n,
false: False,
void: Void,
exists: 
x:A. B[x],
surject: Surj(A;B;f),
es-filtered-propagation: Error :es-filtered-propagation,
es-propagate-iff1: X 
Y:T,
id-deq: IdDeq,
deq-member: deq-member(eq;x;L),
filter: filter(P;l),
es-valtype: Error :es-valtype,
es-kind: Error :es-kind,
es-E: E,
es-tag: Error :es-tag,
or: P 
Q,
es-isrcv: Error :es-isrcv,
es-loc: loc(e),
es-E-interface: E(X),
lnk: lnk(k),
lsrc: source(l),
ldst: destination(l),
eq_id: a = b,
band: p 
q,
minus: -n,
imax: imax(a;b),
es-interface-accum: es-interface-accum(f;x;X),
es-prior-class-when: (X'?d) when Y,
spread: spread def,
map-class: (f[v] where v from X),
es-tagged-true-class: Tagged_tt(X),
accum-class: accum-class(a,x.f[a; x]; x.base[x]; X),
nil: [],
cons: [car / cdr],
es-interface-at: X@i,
strong-subtype: strong-subtype(A;B),
decide: case b of inl(x) => s[x] | inr(y) => t[y],
fpf: a:A fp-> B[a],
subtype: S T,
guard: {T},
sum-map: 
f[x] for x L,
sum: (f[x] | x < k),
ge: i 
j ,
b-union: A 
B,
fset: fset(T),
fpf-cap: f(x)?z,
fpf-sub: f g,
es-vartype: Error :es-vartype,
es-state: Error :es-state,
deq: EqDecider(T),
decl-state: Error :decl-state,
ma-state: State(ds),
append: as @ bs,
rev_implies: P Q,
iff: P Q,
so_lambda: 
x.t[x],
map: map(f;as),
hd: hd(l),
last: last(L),
remove-repeats: remove-repeats(eq;L),
select: l[i],
class-program: ClassProgram(T),
apply: f a,
so_apply: x[s],
locl: locl(a),
tl: tl(l),
top: Top,
btrue: tt,
true: True,
sq_type: SQType(T),
isl: isl(x),
list-index: list-index(d;L;x),
int_seg: {i..j
},
es-parameter-class: Parameter(p;X),
es-interface-union: X+Y,
paxos-new-ballot: paxos-new-ballot(n; np_or_2b_or_firstballot; d; prevb),
es-rec-combined-interface1-1: (f)(X,(Y)',self'),
intensional-universe: IType,
isect: 
x:A. B[x],
real: 
,
rationals: 
,
lelt: i j < k,
es-le: e loc e' ,
alle-lt: e<e'.P[e],
es-locl: (e <loc e'),
so_lambda: so_lambda(x,y,z.t[x; y; z]),
round-robin: round-robin(L),
let: let,
Paxos-spec9-body: Paxos-spec9-body(es;T;f;acceptors;leaders;Input;Decide;...;...;...;...;...;...),
Paxos-spec10-body: Paxos-spec10-body(es;T;f;acceptors;leaders;Input;Decide;...;...;...;...;...;...),
Paxos-spec9: Paxos-spec9(es;T;leaders;failset;tg1a;Decide;Input),
Paxos-spec10: Paxos-spec10(es;T;leaders;failset;tg1a;Decide;Input),
MaAuto: Error :MaAuto,
D: Error :D,
CollapseTHENA: Error :CollapseTHENA,
it: 
,
inr: inr x ,
inl: inl x ,
le_int: i z j,
ifthenelse: if b then t else f fi ,
spreadn: spread3,
lambda: x.A[x],
es-filter-image: f[X],
nat: ,
es-interface: Temporary AbsInterface(es;A),
equal: s = t,
CollapseTHEN: Error :CollapseTHEN,
pi2: snd(t),
pi1: fst(t),
natural_number: $n,
add: n + m,
es-collect-opt-max: es-collect-opt-max,
int: 
,
product: x:A 
B[x],
links-from-to: links(tg) from srclocs to dstlocs,
rcvs-on: Rcvs(tg) on links,
es-in-ports: Error :es-in-ports,
bool: 
,
unit: Unit,
union: left + right,
Try: Error :Try,
ExRepD: Error :ExRepD,
RepUR: Error :RepUR,
Auto: Error :Auto,
Unfold: Error :Unfold,
tactic: Error :tactic,
es-fwd-propagation-via: f:X Y:T,
bfalse: ff,
es-interface-val: val(X,e),
cand: A c B,
es-is-interface: (e in X),
cless: Error :cless,
es-causl: (e < e'),
rel_plus: R^+,
limited-type: LimitedType,
sqequal: s ~ t,
tagof: tag(k),
es-first-at: e is first@ i s.t. e.P[e],
can-apply: can-apply(f;x),
outl: outl(x),
es-prior-val: (X)',
bnot: b,
do-apply: do-apply(f;x),
eq_bool: p =b q,
eq_atom: x =a y,
null: null(as),
set_blt: Error :set_blt,
infix_ap: x f y,
grp_blt: Error :grp_blt,
b-exists: (i<n.P[i])_b,
bl-exists: (xL.P[x])_b,
bl-all: (xL.P[x])_b,
dcdr-to-bool: [d],
eq_type: eq_type(T;T'),
eq_atom: eq_atom$n(x;y),
q_le: q_le(r;s),
q_less: q_less(a;b),
qeq: qeq(r;s),
deq-all-disjoint: deq-all-disjoint(eq;ass;bs),
deq-disjoint: deq-disjoint(eq;as;bs),
eq_lnk: a = b,
eq_pcl_term: Error :eq_pcl_term,
eq_pcl_basic: Error :eq_pcl_basic,
pcl-key-contains: Error :pcl-key-contains,
eq_pcl_key: Error :eq_pcl_key,
es-eq-E: e = e',
bimplies: p q,
bor: p q,
squash: 
T,
eq_knd: a = b,
fpf-dom: x dom(f),
grp_car: Error :grp_car,
token: "$token",
atom: Atom,
es-prior-interface: prior(X),
p-conditional: [f?g],
p-outcome: Outcome,
eqof: eqof(d),
es-first: first(e),
lnk-inv: lnk-inv(l),
es-init: es-init(es;e),
es-first-from: Error :es-first-from,
es-lc: Error :es-lc,
last-change: Error :last-change,
list_ind: rec-case(a) of [] => s | x::y => z.t[x; y; z],
so_lambda: x y.t[x; y],
es-interface-part: (X|g=i),
es-empty-interface: Empty,
imax-class: (maximum f[v] lb with v from X),
decidable: Dec(P),
divides: b | a,
assoced: a ~ b,
set_leq: Error :set_leq,
set_lt: Error :set_lt,
grp_lt: Error :grp_lt,
l_exists: (xL. P[x]),
l_contains: A B,
inject: Inj(A;B;f),
reducible: reducible(a),
prime: prime(a),
l_disjoint: l_disjoint(T;l1;l2),
fun-connected: y is f*(x),
qle: r s,
qless: r < s,
q-rel: q-rel(r;x),
fset-member: a s,
f-subset: xs ys,
fset-closed: (s closed under fs),
cs-not-completed: in state s, a has not completed inning i,
cs-archived: by state s, a archived v in inning i,
cs-passed: by state s, a passed inning i without archiving a value,
cs-inning-committed: in state s, inning i has committed v,
cs-inning-committable: in state s, inning i could commit v ,
cs-archive-blocked: in state s, ws' blocks ws from archiving v in inning i,
cs-precondition: state s may consider v in inning i,
es-causle: e c e',
existse-before: e<e'.P[e],
existse-le: ee'.P[e],
alle-le: ee'.P[e],
alle-between1: e[e1,e2).P[e],
existse-between1: e[e1,e2).P[e],
alle-between2: e[e1,e2].P[e],
existse-between2: e[e1,e2].P[e],
existse-between3: e(e1,e2].P[e],
collect-event: collect-event(es;X;n;v.num[v];L.P[L];e),
es-fset-loc: i locs(s),
cut-order: a (X;f) b,
path-goes-thru: x-f*-y thru i,
ses-action: Action(e),
ses-legal-sequence: Legal(pas) given prvt,
es-r-immediate-pred: es-r-immediate-pred(es;R;e';e),
same-thread: same-thread(es;p;e;e'),
snd-it: Error :snd-it,
rcv-it: Error :rcv-it,
f2f+-pred: Error :f2f+-pred,
sq_stable: SqStable(P),
uni_sat: a = !x:T. Q[x],
inv_funs: InvFuns(A;B;f;g),
eqfun_p: IsEqFun(T;eq),
refl: Refl(T;x,y.E[x; y]),
sym: Sym(T;x,y.E[x; y]),
trans: Trans(T;x,y.E[x; y]),
anti_sym: AntiSym(T;x,y.R[x; y]),
connex: Connex(T;x,y.R[x; y]),
coprime: CoPrime(a,b),
ident: Error :ident,
assoc: Error :assoc,
comm: Error :comm,
inverse: Error :inverse,
bilinear: Error :bilinear,
bilinear_p: Error :bilinear_p,
action_p: Error :action_p,
dist_1op_2op_lr: Error :dist_1op_2op_lr,
fun_thru_1op: Error :fun_thru_1op,
fun_thru_2op: Error :fun_thru_2op,
cancel: Error :cancel,
monot: Error :monot,
monoid_p: Error :monoid_p,
group_p: Error :group_p,
monoid_hom_p: Error :monoid_hom_p,
grp_leq: Error :grp_leq,
integ_dom_p: Error :integ_dom_p,
prime_ideal_p: Error :prime_ideal_p,
is_list_splitting: is_list_splitting(T;L;LL;L2;f),
is_accum_splitting: is_accum_splitting(T;A;L;LL;L2;f;g;x),
req: x = y,
rnonneg: rnonneg(r),
rleq: x y,
i-member: r I,
partitions: partitions(I;p),
subtract: n - m,
strongwellfounded: SWellFounded(R[x; y]),
es-local-pred: last(P),
alle-between3: e(e1,e2].P[e],
es-change-to: Error :es-change-to,
es-pred: pred(e),
THENM: Error :THENM,
Complete: Error :Complete
Lemmas :
prior-val-val,
pair_eta_rw,
prior-val-unique,
es-prior-interface-locl,
decidable__es-locl,
is-prior-interface,
prior-val-induction3,
es-prior-interface_wf0,
btrue_neq_bfalse,
not_assert_elim,
es-causl_weakening,
es-locl_transitivity1,
es-le_weakening,
es-causl-swellfnd,
ge_wf,
es-causl_wf,
is-prior-val,
sq_stable_from_decidable,
decidable__assert,
es-E-interface-property,
member-interface-at,
round-robin-equal,
round-robin-list-index,
prior-val-induction2,
assert-eq-id,
Error :es-isrcv-loc,
Id_sq,
es-loc-pred,
nat_sq,
btrue_wf,
decide_wf,
int_sq,
es-prior-interface_wf,
it_wf,
rec-combined-interface1-1-val,
isl-list-index,
squash_wf,
parameter-class-val,
is-parameter-class,
not_functionality_wrt_iff,
assert_of_eq_int,
eq_int_wf,
eqtt_to_assert,
iff_transitivity,
eqff_to_assert,
assert_of_bnot,
bnot_wf,
outl_wf,
true_wf,
is-rec-combined-interface1-1,
isl_wf,
es-prior-val_wf,
es-is-filter-image,
is-collect-opt-max,
guard_wf,
Error :is-in-ports,
member-rcvs-on,
false_wf,
round-robin_wf,
es-interface-subtype_rel,
es-interface-val_wf,
es-interface-val_wf2,
bfalse_wf,
es-is-interface_wf,
es-loc_wf,
es-fwd-propagation-via_wf,
surject_wf,
Knd_sq,
Paxos-spec9_wf,
Paxos-spec10_wf,
event_ordering_wf,
Paxos-spec9-body_wf,
nat_plus_inc,
no_repeats_wf,
Error :es-filtered-propagate-iff1_wf,
es-collect-opt-max_wf,
pi1_wf,
pi2_wf,
unit_wf,
nat_plus_properties,
es-filter-image_wf,
ifthenelse_wf,
le_int_wf,
nat_properties,
es-locl_wf,
not_wf,
alle-lt_wf,
es-le_wf,
es-E-interface_wf,
l_all_wf,
l_all_wf2,
es-interface_wf,
es-interface-top,
intensional-universe_wf,
es-propagate-iff1_wf,
es-interface-at_wf,
es-rec-combined-interface1-1_wf,
paxos-new-ballot_wf,
es-interface-union_wf,
bool_wf,
es-parameter-class_wf,
int_seg_wf,
length_wf1,
list-index_wf,
id-deq_wf,
Id_wf,
lsrc_wf,
lnk_wf,
bool_sq,
assert_elim,
top_wf,
Error :es-in-ports_wf,
member_singleton,
iff_wf,
rev_implies_wf,
assert-eq-knd,
l_member-settype,
l_member_subtype,
length_wf_nat,
nat_wf,
le_wf,
member_wf,
Error :es-valtype_wf,
subtype_rel_wf,
Error :es-kind_wf,
es-E_wf,
l_member_wf,
Knd_wf,
assert_wf,
isrcv_wf,
rcvs-on_wf,
links-from-to_wf
\mforall{}es:event\_system\{i:l\}. \mforall{}T:Type. \mforall{}leaders,failset:Id List. \mforall{}tg1a:Id.
\mforall{}X,Y:Temporary AbsInterface(es;T).
(Paxos-spec10(es;T;leaders;failset;tg1a;X;Y) {}\mRightarrow{} Paxos-spec9(es;T;leaders;failset;tg1a;X;Y))
Date html generated:
2010_08_28-PM-01_59_47
Last ObjectModification:
2010_07_15-PM-02_28_38
Home
Index