forked from tlaplus/azure-cosmos-tla
-
Notifications
You must be signed in to change notification settings - Fork 0
/
BoundedStalenessRefinesSessionConsistency.tla
52 lines (40 loc) · 1.56 KB
/
BoundedStalenessRefinesSessionConsistency.tla
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
------------------------ MODULE BoundedStalenessRefinesSessionConsistency ------------------------
EXTENDS Naturals, Sequences, FiniteSetsExt
CONSTANTS Keys, Values, NoValue
CONSTANTS StrongConsistency, BoundedStaleness,
SessionConsistency, ConsistentPrefix,
EventualConsistency
CONSTANTS VersionBound, StalenessBound
VARIABLES read, readKey
VARIABLES ReadConsistencyImpl, ReadConsistencyHL
VARIABLES log, commitIndex, readIndex, epoch, WriteConsistencyLevel, writeHistory
vars == <<read, readKey, ReadConsistencyImpl, ReadConsistencyHL, log, commitIndex, readIndex, epoch, WriteConsistencyLevel, writeHistory>>
LogIndicesImpl == 1..4
CheckpointsImpl == LogIndicesImpl \cup {0}
EpochsImpl == 1..3
SpecificStateSpace ==
\* allow LogIndices to be 1 longer than max
\* Len(log), so that NextSessionToken doesn't
\* technically return invalid results at max
\* log length
/\ Len(log) < Max(LogIndicesImpl) - 1
/\ epoch < Max(EpochsImpl)
StalenessBoundImpl == 2
VersionBoundImpl == 4
Impl == INSTANCE CosmosDBWithReads WITH
ReadConsistency <- ReadConsistencyImpl
ImplSpec ==
/\ ReadConsistencyImpl = BoundedStaleness
/\ ReadConsistencyHL = SessionConsistency
/\ Impl!RInit
/\ [][Impl!RNext /\ UNCHANGED ReadConsistencyHL]_vars
HL == INSTANCE CosmosDBWithReads WITH
ReadConsistency <- ReadConsistencyHL
HLSpec ==
/\ ReadConsistencyImpl = BoundedStaleness
/\ ReadConsistencyHL = SessionConsistency
/\ HL!RInit
/\ [][HL!RNext /\ UNCHANGED ReadConsistencyImpl]_vars
THEOREM ImplSpec => HLSpec
Aliases == <<>>
====