Skip to content

Commit

Permalink
"The comment suggests that an invalid read consistency level during v…
Browse files Browse the repository at this point in the history 
…erification should stop immediately, but the definition of CheckReadConsistency returns an empty set instead of halting the verification."
  • Loading branch information
@lemmy
lemmy committed Dec 6, 2023
1 parent 7de9fd0 commit 4b8785a
Showing 1 changed file with 4 additions and 6 deletions.
10 changes: 4 additions & 6 deletions simple-model/CosmosDB.tla
View file
Original file line number Diff line number Diff line change
Expand Up @@ -270,12 +270,10 @@ ReadConsistencyOK(level) ==
[] WriteConsistencyLevel = EventualConsistency ->
level = EventualConsistency

\* This operator is a generalized sanity check.
\* If you try to read at a higher consistency level than the
\* configured write consistency, it is not specified what will
\* happen. Therefore, if this situation is reached during
\* verification, we should stop immediately so you can exclude
\* that situation.
\* Attempting to read at a higher consistency level than the configured write consistency
\* has undefined behavior. In this instance, we've chosen to map an invalid read consistency
\* level to an empty read (we also considered mapping an invalid read consistency level to
\* TLC!Assert(...). However, this specification should remain independent of the TLC module).
CheckReadConsistency(level, read) ==
IF ReadConsistencyOK(level)
THEN read
Expand Down

1 comment on commit 4b8785a

@lemmy
Copy link
Member Author

@lemmy lemmy commented on 4b8785a Dec 6, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/microsoft/tlaplus-examples/issues/3

Please sign in to comment.