tla+

问题 I have the following spec: ------------------------------ MODULE Group ------------------------------ CONSTANTS People VARIABLES members Init == members \subseteq People Next == members' = members Group == Init /\ [][Next]_members ============================================================================= (I simplified this spec to the point where it's not doing anything useful.) When I try to run it through TLC, I get the following error: In evaluation, the identifier members is either

问题 I have some difficulty in proving a refinement mapping involving records. Below are the simplified illustrating TLA specs@github (Note that this post is also in tlaplus-googlegroup, without replies yet.): SimpleVoting.tla: It maintains for each participant a maxBal which is a natural number. In IncreaseMaxBal(p, b) , maxBal[p] is increased to a larger value b . ---------------------------- MODULE SimpleVoting ---------------------------- EXTENDS Naturals --------------------------------------

问题 Does TLA+ have an xor operator defined as part of the language itself, or do I have to define my own? 回答1: Under the assumption that A \in BOOLEAN /\ B \in BOOLEAN , what is known in propositional logic as "XOR" is inequality: A # B which under the same assumption is equivalent to ~ (A <=> B) . When A, B take non-Boolean values, these two formulas are not necessarily equivalent. The operator <=> means the following /\ A \in BOOLEAN /\ B \in BOOLEAN /\ A = B So (~ (A <=> B)) <=> \/ ~ A \in