Model-checking the Raft spec
36 views
Skip to first unread message
A. Jesse Jiryu Davis
May 16, 2024, 9:58:39 AMMay 16
to tla...@googlegroups.com
Hello! I was curious about the Raft TLA+ spec. I'd like to model-check it, enhance it with leader leases, and model-check it again. First step: model check Diego Ongaro's original spec.
In the repository README, Ongaro encourages us to use a version in an open pull request instead of the main-branch version:
... but neither version has any invariants or temporal properties, and there's no config file. I suppose Ongaro just used this spec for description and perhaps proof, not model-checking.
So, has anyone model-checked a version of this Raft spec? Any tips or public code?
A. Jesse Jiryu Davis
May 16, 2024, 10:01:23 AMMay 16
to tla...@googlegroups.com
There are obvious model-checking tricks like a SYMMETRY declaration, and additional state constraints, that I hope someone has already done for me. It looks like the current spec's state space is infinite.
Markus Kuppe
May 16, 2024, 7:59:45 PMMay 16
to tla...@googlegroups.com
Hi Jesse,
you should be able to reuse much from https://github.com/microsoft/CCF/blob/main/tla/consensus/ccfraft.tla
M.
you should be able to reuse much from https://github.com/microsoft/CCF/blob/main/tla/consensus/ccfraft.tla
M.
Reply all
Reply to author
Forward
0 new messages