unique tips: add condition and prove, for merge

[topbloke-formulae.git] / invariants.tex

\section{Invariants}

We maintain these each time we construct a new commit. \\
\[ \eqn{No Replay:}{
  C \has D \implies C \ge D
}\]
\[\eqn{Unique Base:}{
 \bigforall_{C \in \py} \pendsof{C}{\pn} = \{ B \}
}\]
\[\eqn{Tip Contents:}{
  \bigforall_{C \in \py} D \isin C \equiv
    { D \isin \baseof{C} \lor \atop
      (D \in \py \land D \le C) }
}\]
\[\eqn{Base Acyclic:}{
  \bigforall_{C \in \pn} D \isin C \implies D \notin \py
}\]
\[\eqn{Coherence:}{
  \bigforall_{C,\p} C \haspatch \p \lor C \nothaspatch \p
}\]
\[\eqn{Unique Tips:}{
  \bigforall_{C,\p} C \haspatch \p \implies \pendsof{C}{\p} = \{ T \}
}\]
\[\eqn{Foreign Inclusion:}{
  \bigforall_{D \text{ s.t. } \patchof{D} = \bot} D \isin C \equiv D \leq C
}\]
\[\eqn{Foreign Contents:}{
  \bigforall_{C \text{ s.t. } \patchof{C} = \bot}
    D \le C \implies \patchof{D} = \bot
}\]

We also assign each new commit $C$ to zero or one of the sets $\p$, as
stated in the definition of $\patchof{C}$ in the summary for each kind
of commit.

A commit $C$ which satisfies all of the above is said to be
``conformant''.

For each operation we will perform which generates a new commit, we
will assume the conformance of the existing history and prove the
conformance of the new commit.