CSE20: Discrete Mathematics

Transcription

1 Spring 2018

2 Summary Today: Induction, Program Correctness Reading: Chap. 5

3 Division Theorem Theorem: For every integer a and positive integer d 1, there exist integers q, r such that a = qd + r and 0 r < d Which of the following statements express the division theorem? 1 a. d 1. q. r.[(a = qd + r) (0 r < d)] 2 d 1. a. r. q.[(a = qd + r) (0 r < d)] 3 a. q. d 1. r[(a = qd + r) (0 r < d)] 4 d 1. a. q.[(a qd) {0,..., d 1}] (A) 1; (B) 1,2; (C) 1,2,3; (D) 1,2,3,4; (E) 1,2,4

4 Proof of the Division Theorem Theorem: d 1. a. q.(a qd) {0,..., d 1} Proof: Let d 1 be any positive integer, and D = {0,..., d 1}. WTP: a. q.(a qd) D We first prove it for a 0, by (strong) induction on a. Base case (a < d): Let q = 0. So, a qd = a D. Inductive Step (a d): Inductive Hypothesis: Assume a {0,..., a 1}. q.(a q d) D WTP: q.(a qd) D. Let a = a d. Notice: a 0 and a < a. By I.H. q.(a q d) D So, q = q + 1 such that a qd = (a + d) (q + 1)d = a q d D.

5 Proof of the Division Theorem (cont.) What we proved so far: Lemma: a 0. q.(a qd) D WTP: a < 0. q.(a qd) D Proof: Let a = (a + 1) 0. By Division Lemma, q.(a q d) D Let q = (q + 1). Then, a qd = a 1 + (q + 1)d = (d 1) (a q d) D. Homework: give alternative proof for a < 0 by induction on a.

6 Division Algorithm (python) def divlemma(a,d): # a,d: integers, a>=0, d>0 if (a < d): return 0 else: return (1 + divlemma(a-d,d))

7 Division Algorithm (python) def divlemma(a,d): # a,d: integers, a>=0, d>0 if (a < d): return 0 else: return (1 + divlemma(a-d,d)) def divthm(a,d): # a,d: integers, d>0 if (a>=0): return (divlemma(a,d)) else: return (-(1+divLemma(-(a+1),d)))

8 Division Algorithm (haskell) divlemma :: (Integer,Integer) -> Integer divlemma (a,d) = if (a < d) then 0 else 1 + divlemma(a-d,d) divthm :: (Integer,Integer) -> Integer divthm (a,d) = if (a >= 0) then divlemma(a,d) else -(1 + divlemma(-(a+1),d))

9 Correctness of (Recursive) Programs divlemma :: (Integer,Integer) -> Integer divlemma (a,d) = if (a < d) then 0 else 1 + divlemma(a-d,d) Claim: For all d and a 0, divlemma(a,d) returns an integer q such that a qd {0,..., d 1}. Proof: By induction on a Base case (a < d): Inductive Step (a d):

10 Correctness of divthm divthm :: (Integer,Integer) -> Integer divthm (a,d) = if (a >= 0) then divlemma(a,d) else -(1 + divlemma(-(a+1),d)) Assume divlemma is correct. Claim: For all d and a, divthm(a,d) returns an integer q such that a qd {0,..., d 1}.

11 Correctness of divthm divthm :: (Integer,Integer) -> Integer divthm (a,d) = if (a >= 0) then divlemma(a,d) else -(1 + divlemma(-(a+1),d)) Assume divlemma is correct. Claim: For all d and a, divthm(a,d) returns an integer q such that a qd {0,..., d 1}. Question: What proof method would you use? (A) Proof by induction (B) Proof by contraposition (C) Proof by cases (D) Test the program on some random inputs

12 Another program f :: Integer -> Integer f n = if (n > 0) then 1+f(n-2) else 0 What function does the program compute? (A) f (n) = 1 + (n 2) (B) f (n) = n/2 (C) f (n) = n/2 (D) f (n) = max( n/2, 0) (E) f (n) = max( n/2, 0)

13 Let s prove it f :: Integer -> Integer f n = if (n > 0) then 1+f(n-2) else 0 Claim: f (n) = max( n/2, 0)

14 Let s prove it f :: Integer -> Integer f n = if (n > 0) then 1+f(n-2) else 0 Claim: f (n) = max( n/2, 0) Proof: By (strong) induction on n Base case: If n 0 then f(n) = 0 and max( 0/2, 0) = max(0, 0) = 0 Inductive Step (n 1): Assume f (k) = max( k/2, 0) for all k n f (n + 1) =...

15 Imperative programs def f(n,m): # n,m: integers, n,m >=0, k=0; while (n > 0): n := n-1 k := k + m return k What function does f(n,m) compute? (A) f (n, m) = n + m (B) f (n, m) = n 1 (C) f (n, m) = n m (D) None of the above

16 Program correctness Prog: some program or code fragment with variables x, y, z,... p, q: predicates on variables x, y, z,... p{prog}q: Prog is (partially) correct with respect to initial assertion p and final assertion q if p is true before executing Prog, and Prog terminates, then q is true after executing Prog

17 Program correctness: examples Prog: x :=1 ; z := y + x p : y = 1 q : z = 3 p{prog}q? (A) True; (B) False; (C) Don t know

18 Program correctness: examples Prog: x :=1 ; z := y + x p : y = 1 q : z = 3 p{prog}q? (A) True; (B) False; (C) Don t know p : T (true) q : z > y p{prog}q? (A) True; (B) False; (C) Don t know

19 Program correctness: conditionals Prog = if condition then Prog1 else Prog2 (p condition){prog1}q, (p condition){prog2}q p{prog}q

20 Program correctness: loops Prog = while condition do Prog1 (p condition){prog1}p p{prog}(p condition)

21 How to analyze imperative programs def f(n,m): # n,m: integers, n,m >=0, k=0; c=n; while (c > 0): c := c-1 k := k + m return k Loop Invariant: L(n, m, k, c) L(n, m, k, c) is satisfied before entering the loop If (c > 0) and L(n, m, k, c) are satisfied before entering the loop, then L(n, m, k, c ) is satisfied after executing the loop body once. Claim: L(n, m, k, c) is satisfied at each iteration of the loop Proof: By induction on the number of iterations.

22 Loop Invariants # { L(x,y,z) } while T(x,y,z): Step1(x,y,z) Step2(x,y,z) Step3(x,y,z) # { L(x,y,z) and not(t(x,y,z)) } Assume L(x, y, z) is a loop invariant, and it is satisfied before entering the loop. Then upon exiting the loop we have L(x, y, z) (T (x, y, z)). If the loop terminates, then upon termination we have L(x, y, z) (T (x, y, z)).

23 Loop Invariant Example def f(n,m): # n,m: integers n>=0 k=0; c=n; while (c > 0): c := c-1 k := k + m return k L : (k + c m = n m) (c 0) L is a loop invariant Upon termination we have: (k + c m = n m) (c 0) (c 0) c = 0 and the program outputs k = k + c m = n m.