Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactored TimeoutQC to contain just one CommitQC #144

Merged
merged 4 commits into from
Jul 8, 2024
Merged

Refactored TimeoutQC to contain just one CommitQC #144

merged 4 commits into from
Jul 8, 2024

Conversation

brunoffranca
Copy link
Member

@brunoffranca brunoffranca commented Jul 2, 2024
edited
Loading

What ❔

Refactored (in the informal spec) TimeoutQC, SignedTimeoutVote and TimeoutVote so that TimeoutQC contains only one CommitQC (the high QC).

Why ❔

It reduces the state space which should help with model checking.

@brunoffranca brunoffranca self-assigned this Jul 2, 2024
konnov added a commit that referenced this pull request Jul 4, 2024
@konnov
update the protocol according to #144
1414976
@konnov konnov mentioned this pull request Jul 5, 2024
Merged
konnov
konnov reviewed Jul 5, 2024
View reviewed changes
Copy link
Collaborator

@konnov konnov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding a few comments after implementing the updates in the Quint specification #146

spec/informal-spec/replica.rs Show resolved Hide resolved
@brunoffranca brunoffranca merged commit 92fe49c into main Jul 8, 2024
6 checks passed
@brunoffranca brunoffranca deleted the bf-timeout-qc-refactor branch July 8, 2024 15:29
dnkolegov pushed a commit that referenced this pull request Aug 8, 2024
@konnov @brunoffranca
Refactor the Quint specification after #144 (#146)
354968a 
## What ❔

Following the pseudo-code updates in #144, this PR introduces updates in
the Quint specification, namely, moving `CommitQC` into `TimeoutQC` and
storing only `high_commit_qc_view` in `TimeoutVote` instead of storing
`high_commit_qc`.

## Why ❔

This update speeds-up model checking times dramatically, as `CommitQC`
fields in `TimeoutVote` were a major bottleneck.

~This change has broken multiple invariants. Hence, we have to further
fix the specification and the invariants before merging.~

Preliminary experiments show that the model checking times have improved
dramatically. For instance, we were able to find the expected violation
of agreement for `N=6`, `F=1`, and `B=2`.

---------

Co-authored-by: Bruno França <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@konnov konnov konnov left review comments

@dnkolegov dnkolegov Awaiting requested review from dnkolegov

Assignees

@brunoffranca brunoffranca

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@brunoffranca @konnov