Timings for LeaderLogsLogMatchingProof.v
- /home/gitlab-runner/builds/gGKko-aj/0/coq/coq/_bench/opam.OLD/ocaml-OLD/.opam-switch/build/coq-verdi-raft.dev//./theories/RaftProofs/LeaderLogsLogMatchingProof.v.timing
- /home/gitlab-runner/builds/gGKko-aj/0/coq/coq/_bench/opam.NEW/ocaml-NEW/.opam-switch/build/coq-verdi-raft.dev//./theories/RaftProofs/LeaderLogsLogMatchingProof.v.timing
From Verdi Require Import GhostSimulations.
From VerdiRaft Require Import Raft RaftRefinementInterface.
From VerdiRaft Require Import CommonTheorems SpecLemmas.
From VerdiRaft Require Import RefinementSpecLemmas.
From VerdiRaft Require Import LogMatchingInterface.
From VerdiRaft Require Import LeaderLogsTermSanityInterface.
From VerdiRaft Require Import LeaderLogsSortedInterface.
From VerdiRaft Require Import SortedInterface LeaderLogsSublogInterface.
From VerdiRaft Require Import LeaderLogsContiguousInterface.
From VerdiRaft Require Import TermsAndIndicesFromOneInterface.
From VerdiRaft Require Import LeaderLogsLogMatchingInterface.
#[local] Arguments update {_} {_} _ _ _ _ _ : simpl never.
Section LeaderLogsLogMatching.
Context {orig_base_params : BaseParams}.
Context {one_node_params : OneNodeParams orig_base_params}.
Context {raft_params : RaftParams orig_base_params}.
Context {rri : raft_refinement_interface}.
Context {lmi : log_matching_interface}.
Context {lltsi : leaderLogs_term_sanity_interface}.
Context {llsi : leaderLogs_sorted_interface}.
Context {si : sorted_interface}.
Context {llsli : leaderLogs_sublog_interface}.
Context {llci : leaderLogs_contiguous_interface}.
Context {taifoi : terms_and_indices_from_one_interface}.
Definition leaderLogs_entries_match_nw (net : network) : Prop :=
forall h llt ll p t src pli plt es ci,
In (llt, ll) (leaderLogs (fst (nwState net h))) ->
In p (nwPackets net) ->
pBody p = AppendEntries t src pli plt es ci ->
(forall e1 e2,
eIndex e1 = eIndex e2 ->
eTerm e1 = eTerm e2 ->
In e1 es ->
In e2 ll ->
(forall e3,
eIndex e3 <= eIndex e1 ->
In e3 es ->
In e3 ll) /\
(pli <> 0 ->
exists e4,
eIndex e4 = pli /\
eTerm e4 = plt /\
In e4 ll)).
Definition leaderLogs_entries_match (net : network) : Prop :=
leaderLogs_entries_match_host net /\
leaderLogs_entries_match_nw net.
Lemma leaderLogs_entries_match_init :
refined_raft_net_invariant_init leaderLogs_entries_match.
unfold refined_raft_net_invariant_init, leaderLogs_entries_match,
leaderLogs_entries_match_host, leaderLogs_entries_match_nw.
Lemma entries_match_cons_gt_maxTerm :
forall x xs ys,
sorted xs ->
sorted ys ->
eIndex x > maxIndex xs ->
eTerm x > maxTerm ys ->
entries_match xs ys ->
entries_match (x :: xs) ys.
intuition; simpl in *; intuition; subst; subst;
try match goal with
| [ H : In _ _ |- _ ] => apply maxTerm_is_max in H; [| solve[auto]]; lia
| [ H : In _ _ |- _ ] => apply maxIndex_is_max in H; [| solve[auto]]; lia
end.
match goal with
| [ H : _ |- _ ] => solve [eapply H; eauto]
end.
match goal with
| [ H : _ |- _ ] => solve [eapply H; eauto]
end.
Lemma entries_match_cons_sublog :
forall x xs ys,
sorted xs ->
sorted ys ->
eIndex x > maxIndex xs ->
entries_match xs ys ->
(forall y, In y ys -> eTerm x = eTerm y -> In y xs) ->
entries_match (x :: xs) ys.
intuition; simpl in *; intuition; subst; subst;
try solve [
exfalso; try find_apply_hyp_hyp;
match goal with
| [ H : In _ _ |- _ ] => apply maxIndex_is_max in H; [| solve[auto]]; lia
end].
match goal with
| [ H : _ |- _ ] => solve [eapply H; eauto]
end.
match goal with
| [ H : _ |- _ ] => solve [eapply H; eauto]
end.
Lemma entries_match_nil :
forall l,
entries_match l [].
Lemma lifted_logs_sorted_nw :
forall net p t n plt plti es ci,
refined_raft_intermediate_reachable net ->
In p (nwPackets net) ->
pBody p = AppendEntries t n plt plti es ci ->
sorted es.
pose proof (lift_prop _ logs_sorted_invariant).
unfold logs_sorted_nw in *.
Lemma lifted_logs_sorted_host :
forall net h ,
refined_raft_intermediate_reachable net ->
sorted (log (snd (nwState net h))).
pose proof (lift_prop _ logs_sorted_invariant).
unfold logs_sorted_host in *.
find_rewrite_lem deghost_spec.
Lemma leaderLogs_entries_match_nw_packet_set :
forall net net',
leaderLogs_entries_match_nw net ->
(forall p, In p (nwPackets net') ->
is_append_entries (pBody p) ->
In p (nwPackets net)) ->
(forall h, leaderLogs (fst (nwState net' h)) = leaderLogs (fst (nwState net h))) ->
leaderLogs_entries_match_nw net'.
unfold leaderLogs_entries_match_nw.
eapply_prop_hyp In nwPackets; [|eauto 10].
match goal with
| [ H : _ |- _ ] =>
solve [eapply H; eauto;
repeat find_higher_order_rewrite;
eauto]
end.
Lemma leaderLogs_entries_match_host_state_same :
forall net net',
leaderLogs_entries_match_host net ->
(forall h, leaderLogs (fst (nwState net' h)) = leaderLogs (fst (nwState net h))) ->
(forall h, log (snd (nwState net' h)) = log (snd (nwState net h))) ->
leaderLogs_entries_match_host net'.
unfold leaderLogs_entries_match_host.
repeat find_higher_order_rewrite.
Lemma handleClientRequest_no_send :
forall h st client id c out st' ms,
handleClientRequest h st client id c = (out, st', ms) ->
ms = [].
unfold handleClientRequest.
repeat break_match; repeat find_inversion; auto.
Lemma leaderLogs_entries_match_client_request :
refined_raft_net_invariant_client_request leaderLogs_entries_match.
Proof using llsli si llsi lltsi rri.
unfold refined_raft_net_invariant_client_request, leaderLogs_entries_match.
unfold leaderLogs_entries_match_host.
repeat find_higher_order_rewrite.
repeat update_destruct_simplify.
find_rewrite_lem update_elections_data_client_request_leaderLogs.
destruct (log d) using (handleClientRequest_log_ind ltac:(eauto)).
apply entries_match_cons_gt_maxTerm; eauto.
eauto using lifted_logs_sorted_host.
eapply leaderLogs_sorted_invariant; eauto.
find_copy_apply_lem_hyp leaderLogs_currentTerm_invariant; auto.
find_copy_apply_lem_hyp leaderLogs_term_sanity_invariant.
unfold leaderLogs_term_sanity in *.
eapply_prop_hyp In In; simpl; eauto.
destruct (log d) using (handleClientRequest_log_ind ltac:(eauto)).
apply entries_match_cons_sublog; eauto.
eauto using lifted_logs_sorted_host.
eapply leaderLogs_sorted_invariant; eauto.
eapply leaderLogs_sublog_invariant; eauto.
find_rewrite_lem update_elections_data_client_request_leaderLogs.
eapply leaderLogs_entries_match_nw_packet_set with (net:=net); intuition.
erewrite handleClientRequest_no_send with (ms := l) in * by eauto.
find_higher_order_rewrite.
rewrite update_elections_data_client_request_leaderLogs.
now rewrite update_nop_ext' by auto.
Lemma leaderLogs_entries_match_timeout :
refined_raft_net_invariant_timeout leaderLogs_entries_match.
unfold refined_raft_net_invariant_timeout, leaderLogs_entries_match.
eapply leaderLogs_entries_match_host_state_same; eauto;
simpl; intros; subst; find_higher_order_rewrite;
repeat update_destruct_simplify; rewrite_update; auto;
try rewrite update_elections_data_timeout_leaderLogs;
try erewrite handleTimeout_log_same by eauto; eauto.
eapply leaderLogs_entries_match_nw_packet_set with (net:=net); intuition.
eapply handleTimeout_not_is_append_entries; eauto 10.
repeat find_higher_order_rewrite.
rewrite update_elections_data_timeout_leaderLogs.
rewrite update_nop_ext'; auto.
Lemma lifted_log_matching :
forall net,
refined_raft_intermediate_reachable net ->
log_matching (deghost net).
pose proof (lift_prop _ log_matching_invariant).
Lemma lifted_log_matching_host :
forall net,
refined_raft_intermediate_reachable net ->
(forall h h',
entries_match (log (snd (nwState net h))) (log (snd (nwState net h')))) /\
(forall h i,
1 <= i <= maxIndex (log (snd (nwState net h))) ->
exists e, eIndex e = i /\ In e (log (snd (nwState net h)))) /\
(forall h e,
In e (log (snd (nwState net h))) -> eIndex e > 0).
find_apply_lem_hyp lifted_log_matching.
unfold log_matching, log_matching_hosts in *.
intuition; repeat rewrite <- deghost_spec with (net := net0).
match goal with
| [ H : _ |- _ ] => solve [apply H; rewrite deghost_spec; auto]
end.
match goal with
| [ H : _ |- _ ] => solve [eapply H; rewrite deghost_spec; eauto]
end.
Lemma lifted_log_matching_nw :
forall net,
refined_raft_intermediate_reachable net ->
forall p t leaderId prevLogIndex prevLogTerm entries leaderCommit,
In p (nwPackets net) ->
pBody p = AppendEntries t leaderId prevLogIndex prevLogTerm entries leaderCommit ->
(forall h e1 e2,
In e1 entries ->
In e2 (log (snd (nwState net h))) ->
eIndex e1 = eIndex e2 ->
eTerm e1 = eTerm e2 ->
(forall e3,
eIndex e3 <= eIndex e1 ->
In e3 entries ->
In e3 (log (snd (nwState net h)))) /\
(prevLogIndex <> 0 ->
exists e4,
eIndex e4 = prevLogIndex /\
eTerm e4 = prevLogTerm /\
In e4 (log (snd (nwState net h))))) /\
(forall i,
prevLogIndex < i <= maxIndex entries ->
exists e,
eIndex e = i /\
In e entries) /\
(forall e,
In e entries ->
prevLogIndex < eIndex e).
find_apply_lem_hyp lifted_log_matching.
unfold log_matching, log_matching_nw in *.
match goal with
| [ H : forall _ : packet , _ |- _ ] =>
do 7 insterU H;
conclude H (unfold deghost; simpl; eapply in_map_iff; eexists; eauto);
conclude H (simpl; eauto)
end.
rewrite <- deghost_spec with (net := net0).
eapply H3 with (e1:=e1)(e2:=e2); eauto.
rewrite <- deghost_spec with (net := net0).
eapply H3 with (e1:=e1)(e2:=e2); eauto.
Ltac use_log_matching_nw :=
pose proof (lifted_log_matching_nw _ ltac:(eauto));
match goal with
| [ H : _ |- _ ] =>
eapply H; [|eauto];
repeat find_rewrite; intuition (auto with datatypes)
end.
Lemma handleAppendEntries_doesn't_send_AE :
forall n st t i l t' l' l'' st' m,
handleAppendEntries n st t i l t' l' l'' = (st', m) ->
~ is_append_entries m.
unfold handleAppendEntries.
repeat break_match; find_inversion; intro; break_exists; discriminate.
Lemma leaderLogs_entries_match_append_entries :
refined_raft_net_invariant_append_entries leaderLogs_entries_match.
Proof using taifoi si llsi lmi rri.
unfold refined_raft_net_invariant_append_entries, leaderLogs_entries_match.
unfold leaderLogs_entries_match_host in *.
repeat find_higher_order_rewrite.
find_rewrite_lem update_fun_comm.
find_rewrite_lem update_fun_comm.
find_rewrite_lem update_elections_data_appendEntries_leaderLogs.
find_erewrite_lem update_nop_ext'.
update_destruct_simplify; rewrite_update;
try rewrite update_elections_data_appendEntries_leaderLogs in *; eauto.
destruct (log d) using (handleAppendEntries_log_ind ltac:(eauto)); eauto.
eapply @entries_match_scratch with (plt := plt).
eauto using lifted_logs_sorted_nw.
apply sorted_uniqueIndices.
eapply leaderLogs_sorted_invariant; eauto.
eapply_prop leaderLogs_entries_match_nw; eauto.
match goal with
| [ H : In _ (leaderLogs _) |- _ ] =>
eapply terms_and_indices_from_one_invariant in H; [|solve[auto]]
end.
unfold terms_and_indices_from_one in *.
eapply entries_match_append; eauto.
eauto using lifted_logs_sorted_host.
eapply leaderLogs_sorted_invariant; eauto.
eauto using lifted_logs_sorted_nw.
eapply findAtIndex_intro; eauto using lifted_logs_sorted_host, sorted_uniqueIndices.
unfold leaderLogs_entries_match_nw in *.
repeat find_higher_order_rewrite.
find_rewrite_lem update_fun_comm.
find_rewrite_lem update_fun_comm.
find_rewrite_lem update_elections_data_appendEntries_leaderLogs.
find_erewrite_lem update_nop_ext'.
intuition; match goal with
| [ H : _ |- _ ] => solve [eapply (H _ _ _ p0); eauto with *]
end.
find_copy_apply_lem_hyp handleAppendEntries_doesn't_send_AE.
Lemma leaderLogs_entries_match_append_entries_reply :
refined_raft_net_invariant_append_entries_reply leaderLogs_entries_match.
unfold refined_raft_net_invariant_append_entries_reply, leaderLogs_entries_match.
eapply leaderLogs_entries_match_host_state_same; eauto; simpl; intros;
repeat find_higher_order_rewrite; update_destruct_simplify; rewrite_update; auto.
erewrite handleAppendEntriesReply_same_log by eauto.
eapply leaderLogs_entries_match_nw_packet_set; eauto; simpl.
intuition; [eauto with *|].
find_apply_lem_hyp handleAppendEntriesReply_packets.
repeat find_higher_order_rewrite; update_destruct_simplify; rewrite_update;
auto; find_rewrite; auto.
Lemma handleRequestVote_packets :
forall h st t candidate lli llt st' m,
handleRequestVote h st t candidate lli llt = (st', m) ->
~ is_append_entries m.
unfold handleRequestVote, advanceCurrentTerm in *.
repeat break_match; find_inversion;
subst; intuition auto; break_exists; congruence.
Lemma leaderLogs_entries_match_request_vote :
refined_raft_net_invariant_request_vote leaderLogs_entries_match.
unfold refined_raft_net_invariant_request_vote, leaderLogs_entries_match.
eapply leaderLogs_entries_match_host_state_same; eauto; simpl; intros;
repeat find_higher_order_rewrite; update_destruct_simplify; rewrite_update; auto.
now rewrite leaderLogs_update_elections_data_requestVote.
erewrite handleRequestVote_log; eauto.
eapply leaderLogs_entries_match_nw_packet_set; eauto; simpl.
intuition; [eauto with *|].
find_apply_lem_hyp handleRequestVote_packets.
repeat find_higher_order_rewrite; update_destruct_simplify; rewrite_update; auto.
now rewrite leaderLogs_update_elections_data_requestVote.
Lemma leaderLogs_entries_match_request_vote_reply :
refined_raft_net_invariant_request_vote_reply leaderLogs_entries_match.
unfold refined_raft_net_invariant_request_vote_reply, leaderLogs_entries_match.
unfold leaderLogs_entries_match_host in *.
repeat find_higher_order_rewrite.
rewrite update_nop_ext' by now rewrite handleRequestVoteReply_same_log.
find_rewrite_lem update_fun_comm.
update_destruct_simplify; rewrite_update; eauto.
find_eapply_lem_hyp leaderLogs_update_elections_data_RVR; eauto.
rewrite handleRequestVoteReply_same_log.
apply lifted_log_matching_host.
unfold leaderLogs_entries_match_nw in *.
repeat find_higher_order_rewrite.
find_rewrite_lem update_fun_comm.
find_rewrite_lem update_fun_comm.
update_destruct_simplify; rewrite_update.
find_eapply_lem_hyp leaderLogs_update_elections_data_RVR; eauto.
repeat find_reverse_rewrite.
rewrite handleRequestVoteReply_same_log.
find_rewrite_lem handleRequestVoteReply_same_log.
pose proof (lifted_log_matching_nw _ ltac:(eauto)).
repeat find_reverse_rewrite.
match goal with
| [ H : _, pkt : packet |- _ ] =>
solve [eapply H with (p := pkt); eauto]
end.
repeat find_reverse_rewrite.
Lemma doLeader_messages :
forall st h os st' ms,
doLeader st h = (os, st', ms) ->
ms = [] \/
ms = map (replicaMessage st' h)
(filter (fun h' : name => if name_eq_dec h h' then false else true)
nodes).
repeat break_match; repeat find_inversion; auto.
Lemma leaderLogs_entries_match_do_leader :
refined_raft_net_invariant_do_leader leaderLogs_entries_match.
Proof using llci si llsi rri.
unfold refined_raft_net_invariant_do_leader, leaderLogs_entries_match.
eapply leaderLogs_entries_match_host_state_same; eauto; simpl; intros;
find_higher_order_rewrite; update_destruct_simplify; rewrite_update; auto.
erewrite doLeader_same_log by eauto.
unfold leaderLogs_entries_match_nw in *.
repeat find_higher_order_rewrite.
find_rewrite_lem update_fun_comm.
match goal with
| [ H : _ |- _ ] =>
rewrite update_nop_ext' in H by (find_rewrite; auto)
end.
find_copy_apply_lem_hyp doLeader_messages.
find_apply_lem_hyp filter_In.
break_if; try discriminate.
unfold replicaMessage in *.
repeat find_erewrite_lem doLeader_same_log.
eapply_prop leaderLogs_entries_match_host; eauto.
match goal with
| [ H : _ |- _ ] => rewrite H
end.
eauto using findGtIndex_in.
eauto using findGtIndex_in.
find_copy_apply_lem_hyp leaderLogs_contiguous_invariant; auto.
unfold contiguous_range_exact_lo in *.
match goal with
| [ H : forall _, _ < _ <= _ -> _ |- context [eIndex _ = ?x]] =>
remember (x) as index;
specialize (H index); forward H
end.
intuition (try lia); auto using Nat.neq_0_lt_0.
find_apply_lem_hyp findGtIndex_necessary.
eapply maxIndex_is_max; auto.
eapply leaderLogs_sorted_invariant; eauto.
match goal with
| [ H : context [leaderLogs_entries_match_host],
H' : context [leaderLogs] |- _ ] =>
eapply H with (h := src)(e := e1)(e' := e2)(e'' := x) in H'; auto
end.
pose proof lifted_logs_sorted_host net src ltac:(auto).
repeat find_erewrite_lem doLeader_same_log.
erewrite doLeader_same_log by eauto.
erewrite findAtIndex_intro; eauto using sorted_uniqueIndices.
find_apply_lem_hyp findGtIndex_necessary.
repeat find_erewrite_lem doLeader_same_log.
find_apply_lem_hyp findGtIndex_necessary.
Lemma doGenericServer_packets :
forall h st os st' ps,
doGenericServer h st = (os, st', ps) ->
ps = [].
unfold doGenericServer in *.
repeat break_match; find_inversion; subst; auto.
Lemma leaderLogs_entries_match_do_generic_server :
refined_raft_net_invariant_do_generic_server leaderLogs_entries_match.
unfold refined_raft_net_invariant_do_generic_server, leaderLogs_entries_match.
eapply leaderLogs_entries_match_host_state_same; eauto; simpl; intros;
find_higher_order_rewrite; update_destruct_simplify; rewrite_update; auto.
erewrite doGenericServer_log by eauto.
eapply leaderLogs_entries_match_nw_packet_set; eauto; simpl.
find_apply_lem_hyp doGenericServer_packets.
find_higher_order_rewrite; update_destruct_simplify; rewrite_update; auto; find_rewrite; auto.
Lemma leaderLogs_entries_match_state_same_packet_subset :
refined_raft_net_invariant_state_same_packet_subset leaderLogs_entries_match.
unfold refined_raft_net_invariant_state_same_packet_subset, leaderLogs_entries_match.
eapply leaderLogs_entries_match_host_state_same; eauto; intros; find_higher_order_rewrite; auto.
eapply leaderLogs_entries_match_nw_packet_set; eauto; intros; find_higher_order_rewrite; auto.
Lemma leaderLogs_entries_match_reboot :
refined_raft_net_invariant_reboot leaderLogs_entries_match.
unfold refined_raft_net_invariant_reboot, leaderLogs_entries_match, reboot.
eapply leaderLogs_entries_match_host_state_same; eauto; intros; find_higher_order_rewrite;
update_destruct_simplify; rewrite_update; auto; find_rewrite; auto.
eapply leaderLogs_entries_match_nw_packet_set; eauto; try find_rewrite; intuition.
find_higher_order_rewrite; update_destruct_simplify; rewrite_update; try find_rewrite; auto.
Lemma leaderLogs_entries_match_invariant :
forall net,
refined_raft_intermediate_reachable net ->
leaderLogs_entries_match net.
Proof using taifoi llci llsli si llsi lltsi lmi rri.
apply refined_raft_net_invariant; auto.
apply leaderLogs_entries_match_init.
apply leaderLogs_entries_match_client_request.
apply leaderLogs_entries_match_timeout.
apply leaderLogs_entries_match_append_entries.
apply leaderLogs_entries_match_append_entries_reply.
apply leaderLogs_entries_match_request_vote.
apply leaderLogs_entries_match_request_vote_reply.
apply leaderLogs_entries_match_do_leader.
apply leaderLogs_entries_match_do_generic_server.
apply leaderLogs_entries_match_state_same_packet_subset.
apply leaderLogs_entries_match_reboot.
Instance lllmi : leaderLogs_entries_match_interface : Prop.
apply leaderLogs_entries_match_invariant.
End LeaderLogsLogMatching.