TPTP Problem File: SWV448+1.p
View Solutions
- Solve Problem
%------------------------------------------------------------------------------
% File : SWV448+1 : TPTP v9.0.0. Released v4.0.0.
% Domain : Software Verification
% Problem : Establishing that there cannot be two leaders, part i1_p86
% Version : [Sve07] axioms : Especial.
% English :
% Refs : [Sto97] Stoller (1997), Leader Election in Distributed Systems
% : [Sve07] Svensson (2007), Email to Koen Claessen
% : [Sve08] Svensson (2008), A Semi-Automatic Correctness Proof Pr
% Source : [Sve07]
% Names : stoller_i1_p86 [Sve07]
% Status : Theorem
% Rating : 0.52 v9.0.0, 0.53 v8.2.0, 0.58 v8.1.0, 0.61 v7.5.0, 0.59 v7.4.0, 0.43 v7.3.0, 0.59 v7.2.0, 0.55 v7.1.0, 0.61 v7.0.0, 0.60 v6.4.0, 0.73 v6.3.0, 0.71 v6.2.0, 0.76 v6.1.0, 0.80 v6.0.0, 0.70 v5.5.0, 0.78 v5.4.0, 0.75 v5.3.0, 0.85 v5.2.0, 0.75 v5.1.0, 0.76 v5.0.0, 0.79 v4.1.0, 0.87 v4.0.0
% Syntax : Number of formulae : 67 ( 40 unt; 0 def)
% Number of atoms : 176 ( 97 equ)
% Maximal formula atoms : 65 ( 2 avg)
% Number of connectives : 167 ( 58 ~; 12 |; 54 &)
% ( 13 <=>; 30 =>; 0 <=; 0 <~>)
% Maximal formula depth : 22 ( 4 avg)
% Maximal term depth : 4 ( 1 avg)
% Number of predicates : 6 ( 5 usr; 0 prp; 1-2 aty)
% Number of functors : 33 ( 33 usr; 16 con; 0-2 aty)
% Number of variables : 144 ( 143 !; 1 ?)
% SPC : FOF_THM_RFO_SEQ
% Comments :
%------------------------------------------------------------------------------
%----Include axioms for verification of Stoller's leader election algorithm
include('Axioms/SWV011+0.ax').
%------------------------------------------------------------------------------
fof(conj,conjecture,
! [V,W,X,Y] :
( ( ! [Z,Pid0] :
( elem(m_Ldr(Pid0),queue(host(Z)))
=> ~ leq(host(Z),host(Pid0)) )
& ! [Z,Pid0] :
( ( Pid0 != Z
& host(Pid0) = host(Z) )
=> ( ~ setIn(Z,alive)
| ~ setIn(Pid0,alive) ) )
& ! [Z] :
( ( ( index(status,host(Z)) = elec_1
| index(status,host(Z)) = elec_2 )
& setIn(Z,alive) )
=> index(elid,host(Z)) = Z )
& ! [Z,Pid0] :
( ( setIn(Z,alive)
& setIn(Pid0,alive)
& index(ldr,host(Z)) = host(Z)
& index(status,host(Z)) = norm
& index(status,host(Pid0)) = norm
& index(ldr,host(Pid0)) = host(Pid0) )
=> Pid0 = Z )
& ! [Z,Pid20,Pid0] :
( ( setIn(Pid0,alive)
& elem(m_Down(Pid20),queue(host(Pid0)))
& leq(nbr_proc,index(pendack,host(Pid0)))
& index(status,host(Pid0)) = elec_2
& host(Pid20) = index(pendack,host(Pid0)) )
=> ~ ( setIn(Z,alive)
& index(ldr,host(Z)) = host(Z)
& index(status,host(Z)) = norm ) )
& ! [Z,Pid20,Pid0] :
( ( setIn(Pid0,alive)
& elem(m_Ack(Pid0,Pid20),queue(host(Pid0)))
& leq(nbr_proc,index(pendack,host(Pid0)))
& index(status,host(Pid0)) = elec_2
& host(Pid20) = index(pendack,host(Pid0)) )
=> ~ ( setIn(Z,alive)
& index(ldr,host(Z)) = host(Z)
& index(status,host(Z)) = norm ) )
& ! [Z,Pid20,Pid0] :
( ( ! [V0] :
( ( ~ leq(host(Pid0),V0)
& leq(s(zero),V0) )
=> ( setIn(V0,index(down,host(Pid0)))
| V0 = host(Pid20) ) )
& ~ leq(host(Pid0),host(Z))
& elem(m_Down(Pid20),queue(host(Pid0)))
& index(status,host(Pid0)) = elec_1 )
=> ~ ( setIn(Z,alive)
& index(ldr,host(Z)) = host(Z)
& index(status,host(Z)) = norm ) )
& queue(host(X)) = cons(m_Down(Y),V) )
=> ( setIn(X,alive)
=> ( ~ leq(host(X),host(Y))
=> ( ~ ( ( index(ldr,host(X)) = host(Y)
& index(status,host(X)) = norm )
| ( index(status,host(X)) = wait
& host(Y) = host(index(elid,host(X))) ) )
=> ( ( ! [Z] :
( ( ~ leq(host(X),Z)
& leq(s(zero),Z) )
=> ( setIn(Z,index(down,host(X)))
| Z = host(Y) ) )
& index(status,host(X)) = elec_1 )
=> ( leq(nbr_proc,host(X))
=> ! [Z] :
( ~ setIn(host(Z),setEmpty)
=> ! [V0] :
( host(X) = host(V0)
=> ! [W0] :
( host(X) != host(W0)
=> ( ( setIn(V0,alive)
& setIn(W0,alive)
& host(X) = host(V0)
& index(ldr,host(W0)) = host(W0)
& index(status,host(W0)) = norm )
=> W0 = V0 ) ) ) ) ) ) ) ) ) ) ).
%------------------------------------------------------------------------------