-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathOpCorrectness.tla
27 lines (24 loc) · 1.17 KB
/
OpCorrectness.tla
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
--------------------------- MODULE OpCorrectness ---------------------------
EXTENDS Correctness
-----------------------------------------------------------------------------
VARIABLES buset \* buset[r]: the buffer of local updates generated by r \in Replica since the last broadcast
-----------------------------------------------------------------------------
OpCInit ==
/\ CInit
/\ buset = [r \in Replica |-> {}]
OpCDo(r) ==
/\CDo(r)
/\buset' = [buset EXCEPT ![r] = @ \cup {[r |-> r, seq |-> seq[r]]}] \*collect a new update
OpCSend(r) ==
/\ CSend(r)
/\ uincoming' = [x \in Replica |-> \* broadcast buset[r]
IF x = r THEN uincoming[x]
ELSE uincoming[x] \cup {[aid |-> [r |-> r, seq |-> seq[r]], update |-> buset[r]]} ]
/\ buset' = [buset EXCEPT ![r] = {} ] \* clear buset[r]
OpCDeliver(r, aid) ==
/\ CDeliver(r, aid)
/\ UNCHANGED <<buset>>
=============================================================================
\* Modification History
\* Last modified Thu Aug 29 10:46:30 CST 2019 by xhdn
\* Created Wed Aug 28 19:24:11 CST 2019 by xhdn