Logic and Computation Lecture 20 CSU 290 Spring 2009 (Pucella) Thursday, Mar 12, 2009

Similar documents
Induction Schemes. Math Foundations of Computer Science

Notes for Recitation 8

Fall Recursion and induction. Stephen Brookes. Lecture 4

Midterm Exam 2 CS313K Logic, Sets, and Functions Spring, 2009

MoreIntro_annotated.v. MoreIntro_annotated.v. Printed by Zach Tatlock. Oct 04, 16 21:55 Page 1/10

Week 5 Tutorial Structural Induction

CS 3512, Spring Instructor: Doug Dunham. Textbook: James L. Hein, Discrete Structures, Logic, and Computability, 3rd Ed. Jones and Barlett, 2010

Reasoning About Programs Panagiotis Manolios

Programming Languages Fall 2014

Induction in Coq. Nate Foster Spring 2018

Improving Eliminate-Irrelevance for ACL2

15 212: Principles of Programming. Some Notes on Induction

Reasoning About Programs Panagiotis Manolios

Backtracking and Induction in ACL2

Mechanized Operational Semantics

Lecture 10. Finding strongly connected components

Intro. Scheme Basics. scm> 5 5. scm>

These are not polished as solutions, but ought to give a correct idea of solutions that work. Note that most problems have multiple good solutions.

To illustrate what is intended the following are three write ups by students. Diagonalization

(Refer Slide Time 3:31)

Reasoning About Programs Panagiotis Manolios

MoreIntro.v. MoreIntro.v. Printed by Zach Tatlock. Oct 07, 16 18:11 Page 1/10. Oct 07, 16 18:11 Page 2/10. Monday October 10, 2016 lec02/moreintro.

Fall 2013 Midterm Exam 10/22/13. This is a closed-book, closed-notes exam. Problem Points Score. Various definitions are provided in the exam.

1 Variations of the Traveling Salesman Problem

Announcements. CS243: Discrete Structures. Strong Induction and Recursively Defined Structures. Review. Example (review) Example (review), cont.

6.001 Notes: Section 4.1

A Tool for Simplifying ACL2 Definitions

Today. Types of graphs. Complete Graphs. Trees. Hypercubes.

15 212: Principles of Programming. Some Notes on Continuations

3 Pairs and Lists. 3.1 Formal vs. Informal Proofs

CS2 Algorithms and Data Structures Note 10. Depth-First Search and Topological Sorting

P1 Engineering Computation

4 Programming with Types

Recursion & Iteration

Complexity, Induction, and Recurrence Relations. CSE 373 Help Session 4/7/2016

Lecture 4: examples of topological spaces, coarser and finer topologies, bases and closed sets

Interpreters and Tail Calls Fall 2017 Discussion 8: November 1, 2017 Solutions. 1 Calculator. calc> (+ 2 2) 4

Figure 4.1: The evolution of a rooted tree.

AXIOMS FOR THE INTEGERS

Solutions for Algorithm Design Exercises and Tests

Finite Set Theory. based on Fully Ordered Lists. Jared Davis UT Austin. ACL2 Workshop 2004

Theorem 2.9: nearest addition algorithm

Milawa an extensible proof checker

Induction and Semantics in Dafny

CMSC 336: Type Systems for Programming Languages Lecture 5: Simply Typed Lambda Calculus Acar & Ahmed January 24, 2008

Definition For vertices u, v V (G), the distance from u to v, denoted d(u, v), in G is the length of a shortest u, v-path. 1

We will show that the height of a RB tree on n vertices is approximately 2*log n. In class I presented a simple structural proof of this claim:

1 Connected components in undirected graphs

(a) (4 pts) Prove that if a and b are rational, then ab is rational. Since a and b are rational they can be written as the ratio of integers a 1

Outline. Introduction. 2 Proof of Correctness. 3 Final Notes. Precondition P 1 : Inputs include

Lambda Calculus: Implementation Techniques and a Proof. COS 441 Slides 15

(Refer Slide Time: 01.26)

Paul's Online Math Notes Calculus III (Notes) / Applications of Partial Derivatives / Lagrange Multipliers Problems][Assignment Problems]

Theorem Proving Principles, Techniques, Applications Recursion

Lecture 6: Sequential Sorting

An Industrially Useful Prover

Tradeoffs. CSE 505: Programming Languages. Lecture 15 Subtyping. Where shall we add useful completeness? Where shall we add completeness?

6.001 Notes: Section 15.1

Computer Science 21b (Spring Term, 2015) Structure and Interpretation of Computer Programs. Lexical addressing

15 150: Principles of Functional Programming Some Notes on Regular Expression Matching

Algorithms and Data Structures

Lecture Notes on Induction and Recursion

Note that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.

introduction to Programming in C Department of Computer Science and Engineering Lecture No. #40 Recursion Linear Recursion

n 1 x i = xn 1 x 1. i= (2n 1) = n 2.

Solutions to the Second Midterm Exam

2. CONNECTIVITY Connectivity

Introduction to Algorithms / Algorithms I Lecturer: Michael Dinitz Topic: Approximation algorithms Date: 11/18/14

Lisp. Versions of LISP

Ramsey s Theorem on Graphs

Forward recursion. CS 321 Programming Languages. Functions calls and the stack. Functions calls and the stack

Lecture 15. Error-free variable length schemes: Shannon-Fano code

Homework 1. Notes. What To Turn In. Unix Accounts. Reading. Handout 3 CSCI 334: Spring, 2017

1.3. Conditional expressions To express case distinctions like

Lecture 15 : Review DRAFT

Hoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré

Warm-Up Problem. 1. What is the definition of a Hoare triple satisfying partial correctness? 2. Recall the rule for assignment: x (assignment)

Harvard School of Engineering and Applied Sciences CS 152: Programming Languages

Strongly connected: A directed graph is strongly connected if every pair of vertices are reachable from each other.

The Diagonal Lemma: An Informal Exposition

γ(ɛ) (a, b) (a, d) (d, a) (a, b) (c, d) (d, d) (e, e) (e, a) (e, e) (a) Draw a picture of G.

COMP 250 Fall Recursive algorithms 1 Oct. 2, 2017

Problem Set 4 Solutions

Unit #3: Recursion, Induction, and Loop Invariants

Overview. A mathema5cal proof technique Proves statements about natural numbers 0,1,2,... (or more generally, induc+vely defined objects) Merge Sort

Computational Geometry: Lecture 5

AXIOMS OF AN IMPERATIVE LANGUAGE PARTIAL CORRECTNESS WEAK AND STRONG CONDITIONS. THE AXIOM FOR nop

CPS 102: Discrete Mathematics. Quiz 3 Date: Wednesday November 30, Instructor: Bruce Maggs NAME: Prob # Score. Total 60

MAT 145: PROBLEM SET 6

1. Chapter 1, # 1: Prove that for all sets A, B, C, the formula

CS70 - Lecture 6. Graphs: Coloring; Special Graphs. 1. Review of L5 2. Planar Five Color Theorem 3. Special Graphs:

Proving Theorems with Athena

Exact Algorithms Lecture 7: FPT Hardness and the ETH

by the evening of Tuesday, Feb 6

Merge Sort. Yufei Tao. Department of Computer Science and Engineering Chinese University of Hong Kong

MC 302 GRAPH THEORY 10/1/13 Solutions to HW #2 50 points + 6 XC points

/633 Introduction to Algorithms Lecturer: Michael Dinitz Topic: Priority Queues / Heaps Date: 9/27/17

Case-Analysis for Rippling and Inductive Proof


CSCI 3155: Homework Assignment 3

Transcription:

Logic and Computation Lecture 20 CSU 290 Spring 2009 (Pucella) Thursday, Mar 12, 2009 Note that I change the name of the functions slightly in these notes from what I used in class, to be consistent with what I did in Lecture 6 when talking about tail recursion. Generalization Today, we nail down the last few bits we need to prove some of the claims we made a while back, and some of the claims that have been made in 211, about tail-recursive functions. Consider the function sum that sums all the items in a list: (defun sum (L) (if (endp L) 0 (+ (car L) (sum (cdr L))))) Suppose you wanted to write this function tail-recursively, that is, with an accumulator. The resulting function sum-acc, following what you learned in 211 and adapted to our design recipe as we saw earlier in the course: (defun sum-aux (L acc) (if (endp L) acc (sum-aux (cdr L) (+ (car L) acc)))) (defun sum-acc (L) (sum-aux L 0)) We expect that (= (sum x) (sum-acc x)) that s the point, really, that the tail-recursive version is the same as the recursive version. Let s try to prove it then. By substitution, the formula is equivalent to (= (sum x) (sum-aux x 0)). To prove that, because we know nothing about x and because sum (and sum-aux) are recursive and controlled by x, it calls for doing induction on x. Here are the proof obligations: P1: (endp x) = (= (sum x) (sum-aux x 0)) P2: (endp x) (= (sum (cdr x)) (sum-aux (cdr x) 0)) = (= (sum x) (sum-aux x 0)) 1

P1 is trivial to prove, so I won t bother here. (Do it if you are still shaky.) P2 is more interesting. The context has two assumptions in it: A2: (= (sum (cdr x)) (sum-aux (cdr x) 0)) (= (sum x) (sum-aux x 0)) (= (+ (car x) (sum (cdr x))) (sum-aux x 0)) (= (+ (car x) (sum (cdr x))) (sum-aux (cdr x) (+ (car x) 0))) by A2 (= (+ (car x) (sum-aux (cdr x) 0)) (sum-aux (cdr x) (+ (car x) 0))) by arithmetic (= (+ (car x) (sum-aux (cdr x) 0)) (sum-aux (cdr x) (car x))) And now we re stuck. There s really nothing we can use. We could try to prove a lemma to get us out of the jam, but let s try something else instead. Let s try to generalize what we re trying to prove. Part of the problem, why we get stuck during the proof, is that we have no information about sum-aux when the second argument is not 0 the inductive hypothesis A2 is useless, and it came from the theorem we were trying to prove. Can we prove something more general, that can deal with the case where the second argument to sum-aux is not 0? We could (sum-aux x y) be equal to, in terms of (sum x)? It doesn t take long to convince yourself that (= (sum-aux x y) (+ (sum x) y)) is what we want. Let s try to prove that then. Again, we proceed by induction on x, and we get the following proof obligations: P1: (endp x) = (= (sum-aux x y) (+ (sum x) y)) P2: (endp x) (= (sum-aux (cdr x) y) (+ (sum (cdr x)) y)) = (= (sum-aux x y) (+ (sum x) y)) Again, P1 is trivial to prove, so I won t bother here. P2 is more interesting. The context has two assumptions in it: 2

A2: (= (sum-aux (cdr x) y) (+ (sum (cdr x) y)) (= (sum-aux x y) (+ (sum x) y)) (= (sum-aux x y) (+ (+ (car x) (sum (cdr x))) y)) (= (sum-aux (cdr x) (+ (car x) y)) (+ (+ (car x) (sum (cdr x))) y)) by commutativity and associativity of + (= (sum-aux (cdr x) (+ (car x) y)) (+ (sum (cdr x)) (+ (car x) y))) Which is tantalizing clos to being provable, but isn t given what we have. Notice that we cannot apply A2: it talks about (sum-aux (cdr x) y), but what we have is (sum-aux (cdr x) (+ (car x) y)). We cannot perform substitution in an assumption in the context that s not allowed, because it could lead to unsoudness (being able to prove false). This is something we never really talked about, because the issue never really arose, but that s the case nevertheless. So we re stuck, we cannot apply A2. So what can we do? It turns out that there s a way out of the jam by relying on a feature of the induction rule that I did not really point out back then, although I left the door open for it. Recall the induction rule from Lecture 17: Induction Rule (for true lists): If F is a formula, x a variable in F whose intended domain is true lists, and σ is a substitution that, among others, sends variable x to (cdr x), then we can rewrite a formula F into (endp x) = F ( (endp x) F/σ) = F where F/σ is instance of formula F obtained by performing the substitution σ. Note that σ can be any substitution, as long as it sends x, the induction variable, to (cdr x). In particular, we are free to send y to any expression when we create the proof obligations for the induction. In other words, when we apply the induction rule, we get to tailor the inductive hypothesis as we want, as long as we do so by substituting for the non-induction variables. (Clearly, we need to substitute every occurrence of the same variable by the same expression.) In the case of the above proof, clearly, we want to substitute (+ (car x) y) for y, so let s do that. Now we can push the full proof through. Theorem 1. (= (sum-aux x y) (+ (sum x) y)) 3

Proof. By induction on x, and using a substitution that sends y to (+ (car x) y), we get the following proof obligations: P1: (endp x) = (= (sum-aux x y) (+ (sum x) y)) P2: (endp x) (= (sum-aux (cdr x) (+ (car x) y)) (+ (sum (cdr x)) (+ (car x) y))) = (= (sum-aux x y) (+ (sum x) y)) P1 is trivial to prove, so I won t bother here. P2 is more interesting. The context has two assumptions in it: A2: (= (sum-aux (cdr x) (+ (car x) y)) (+ (sum (cdr x) (+ (car x) y)))) (= (sum-aux x y) (+ (sum x) y)) (= (sum-aux x y) (+ (+ (car x) (sum (cdr x))) y)) (= (sum-aux (cdr x) (+ (car x) y)) (+ (+ (car x) (sum (cdr x))) y)) by commutativity and associativity of + (= (sum-aux (cdr x) (+ (car x) y)) (+ (sum (cdr x)) (+ (car x) y))) by A2 (= (+ (sum (cdr x) (+ (car x) y)) (+ (sum (cdr x)) (+ (car x) y))) by reflexivity of = Now that we have Theorem 1, we can easily prove the original formula we wanted to prove: Theorem 2. (= (sum x) (sum-acc x)) Proof. (= (sum x) (sum-acc x)) by def of sum-acc 4

(= (sum x) (sum-aux x 0)) by Theorem 1 (= (sum x) (+ (sum x) 0)) by arithmetic (= (sum x) (sum x)) by reflexivity of = This pattern occurs most times when you try to prove the equivalence of a recursive and a tail-recursive version of a function. For instance, consider rev, and the tail-recursive version rev-acc, using an auxiliary function rev-aux see Lecture 6, but be aware I messed up the name of rev-acc in the notes, calling it simply rev. The theorem we want is that (= (rev x) (rev-acc x)), which is just (= (rev x) (rev-aux x NIL)). As above, if you try to prove it directly, you get stuck. Generalization helps, by letting us prove something about (rev-aux x y) in general. The theorem we want is (= (rev-aux x y) (app (rev x) y)). Exercise: Prove that theorem pay attention to the proof obligations you need to push the proof through. Then, once you have that theorem in hand, you can easily prove (= (rev x) (rev-acc x)). Exercise: do it. 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback