求合金4中的一组实用/自然数

时间:2013-09-11 06:47:01

标签: alloy

我发现自己试图总结一组自然。运行简单模型时,我对以下行为感到困惑。

(假设以下代码在util / natural的副本中,因此导入了ord)

//sums the values in a set of naturals
fun setsum[nums : set Natural] : lone Natural {
    {n : Natural | #ord/prevs[n] = (sum x : nums | #ord/prevs[x])}
}

然后,在导入我的util / natural副本的模块中:

private open mynatural as nat

let two = nat/add[nat/One, nat/One]
let three = nat/add[two, nat/One]
let four = nat/add[two, two]
let five  = nat/add[four,nat/One]

pred showExpectSum10 {
    some x : Natural | x in setsum[{n : Natural | nat/lt[n, five]}]
}

//run showExpectSum10 for 15 //result is 10, as expected
//run showExpectSum10 for 1 but 20 Natural //result is 10  as expected
run showExpectSum10 for 1 but 40 Natural //result is 26 somehow.

为什么改变Natural的范围会以这种方式影响结果?

1 个答案:

答案 0 :(得分:0)

似乎你只需要禁用溢出(“选项 - >禁止溢出:是”),然后它应该按预期工作。每次使用整数运算并允许溢出(这是默认设置)时,由于Alloy中算术运算的默认“环绕”语义,可能会得到虚假的反例(即无效实例)。