3

我已经编写了关于河内塔问题的 TLA+ 规范:

TEX

在此处输入图像描述

ASCII

------------------------------- MODULE Hanoi -------------------------------

EXTENDS Sequences, Integers
VARIABLE A, B, C


CanMove(x,y) == /\ Len(x) > 0 
                /\ IF Len(y) > 0 THEN Head(y) > Head(x) ELSE TRUE

Move(x,y,z) == /\ CanMove(x,y)
               /\ x' = Tail(x)
               /\ y' = <<Head(x)>> \o y
               /\ z' = z

Invariant == C /= <<1,2,3>>   \* When we win!                           

Init == /\ A = <<1,2,3>>
        /\ B = <<>>
        /\ C = <<>>

Next == \/ Move(A,B,C) \* Move A to B
        \/ Move(A,C,B) \* Move A to C
        \/ Move(B,A,C) \* Move B to A
        \/ Move(B,C,A) \* Move B to C
        \/ Move(C,A,B) \* Move C to A
        \/ Move(C,B,A) \* Move C to B
=============================================================================

Invariant当我将公式指定为不变量时,TLA 模型检查器将为我解决难题。

我想让它变得不那么冗长,理想情况下我不想将未更改的变量传递给Move(),但我不知道如何。我想做的是写

Move(x,y) == /\ CanMove(x,y)
             /\ x' = Tail(x)
             /\ y' = <<Head(x)>> \o y
             /\ UNCHANGED (Difference of and {A,B,C} and {y,x})

我如何用 TLA 语言表达它?

4

1 回答 1

4

您应该有一个序列,而不是变量 A、B、C,towers其中塔是索引。这也将具有在塔的数量上通用的优点。你的Next公式也会更短:

CanMove(i,j) == /\ Len(towers[i]) > 0 
                /\ Len(towers[j]) = 0 \/ Head(towers[j]) > Head(towers[i])

Move(i, j) == /\ CanMove(i, j)
              /\ towers' = [towers EXCEPT ![i] = Tail(@),
                                          ![j] = <<Head(towers[i])>> \o @]

Init == towers = << <<1,2,3>>, <<>>, <<>> >> \* Or something more generic

Next == \E i, j \in DOMAIN towers: i /= j /\ Move(i, j)

或者,如果您想继续使用字母,您可以使用记录而不是序列 for towers,您需要在我建议的规范中进行更改:

Init == towers = [a |-> <<1, 2, 3>>, b |-> <<>>, c |-> <<>>]
于 2016-06-14T06:39:37.703 回答