cs7120 (Prasad)L9-RECUR-IND1 Recursion and Induction

cs7120 (Prasad)L9-RECUR-IND2 inductionDefine sets by induction zero  N n  N  succ( n )  N recursionDefine functions on sets by recursion  n  N : plus(zero, n ) = n  m, n  N : plus(succ( m ), n ) = succ(plus( m, n )) principle of structural inductionProve properties about the defined functions using principle of structural induction.

cs7120 (Prasad)L9-RECUR-IND3 Example 0 + n = n (obvious) n + 0 = n (not so obvious!) Prove that the two rules for “+” are adequate to rewrite (n+0) to n. (Induction on the structure of the first argument) Show that “+” is commutative, that is, (x + y) = (y + x). Motivation To ensure that sufficient relevant information has been encoded for automated reasoning.

cs7120 (Prasad)L9-RECUR-IND4 Induction Proof Definition of “+” 0 + m = m s(n) + m = s(n+m) Proof that 0 is the identity w.r.t. + 0+m = m+0 = m Basis: = 0 Induction Hypothesis:  k >= 0: k + 0 = k Induction Step: Show s(k) + 0 = s(k) s(k) + 0 = s(k + 0) (*rule 2*) = s(k) (*ind hyp*) Conclusion: By principle of mathematical induction  m  N: m + 0 = m

cs7120 (Prasad)L9-RECUR-IND5 Basis:  n : n + 0 = n  n : 0 + n = n  n: n + 0 = n + 0 Induction Hypothesis:  k >= 0,  n : k + n = n + k Induction Step: s(k)+n = n+s(k) s(k)+n = (*rule2*) s(k+n) = (*ind. hyp.*) s(n+k) = (*rule2*) s(n)+k (* STUCK!!! our goal: n+s(k) *) So prove the auxiliary result. s(k)+n = k+s(n) n m Proof proceeds row by row

cs7120 (Prasad)L9-RECUR-IND6 Auxiliary result s(i)+ m = i+s(m) Basis: s(0) + m = (*rule2*) s(0 + m) = (*rule1*) s(m) = (*rule1*) 0 + s(m) Induction step: s(s(j)) + m = (*rule2*) s(s(j)+m) = (*ind.hyp.*) s(j+s(m)) = (*rule2*) s(j)+s(m) Overall result s(k) + n = (*auxiliary result*) k + s(n) = (*induction hyp.*) s(n) + k = (*auxiliary result*) n + s(k) (* End of proof of commutativity *)

cs7120 (Prasad)L9-RECUR-IND7 Motivation for formal proofs In mathematics, proving theorems enhances our understanding of the domain of discourse and our faith in the formalization. In automated theorem proving, these results demonstrate the adequacy of the formal description and the symbol manipulation system. These properties also guide the design of canonical forms for (optimal) representation of expressions and for proving equivalence.

cs7120 (Prasad)L9-RECUR-IND8 Semantic Equivalence vs Syntactic Identity Machines can directly test only syntactic identity. Several distinct expressions can have the same meaning (value) in the domain of discourse. To formally establish their equivalence, the domain is first axiomatized, by providing axioms (equations) that characterize (are satisfied by) the operations. In practice, an equational specification is transformed into a set of rewrite rules, to normalize expressions (into a canonical form). (Cf. Arithmetic Expression Evaluation)

cs7120 (Prasad)L9-RECUR-IND9 Induction Principle for Lists P(xs) holds for any finite list xs if: – P([]) holds, and – Whenever P(xs) holds, it implies that for every x, P(x::xs) also holds. Prove: filter p (map f xs) = map f (filter (p o f) xs)

cs7120 (Prasad)L9-RECUR-IND10 Basis: filter p (map f []) = filter p [] = [] map f(filter (p o f) []) = map f []= [] Induction Step: map f (filter (p o f) (x::xs)) = map f (if ((p o f) x) then x:: (filter (p o f) xs) else filter (p o f) xs ) case 1: (p o f) x = true case 2: (p o f) x = false

cs7120 (Prasad)L9-RECUR-IND11 case 1: map f ( x:: (filter (p o f) xs) ) = f x :: map f (filter (p o f) xs) = f x :: filter p (map f xs) (* induction hypothesis *) = filter p (f x :: map f xs) (* p (f x) holds *) = filter p (map f (x::xs)) case 2: filter p (map f (x::xs)) = filter p (f x :: map f xs) (* p (f x) does not hold *) = filter p (map f xs) = map f ( filter (p o f) xs ) (* induction hypothesis *)

cs7120 (Prasad)L9-RECUR-IND12 Tailoring Induction Principle fun interval m n = if m > n then [] else m:: interval (m+1) n (* Quantity (n-m) reduces at each recursive call. *) Basis: P(m,n) holds for m > n Induction step: P(m,n) holds for m <= n, given that P(m+1,n) holds.

cs7120 (Prasad)L9-RECUR-IND13 Induction Proof with Auxiliaries fun xs = xs | xs = y:: fun rev [] = [] | rev (x::xs) = (rev [x]; Prove : rev (rev xs) = xs Basis : rev (rev []) = rev [] = [] Induction step: rev(rev (y::ys)) = rev ( (rev [y] ) = (* via auxiliary result *) y :: ( rev (rev ys) ) = y :: ys (* ind. hyp. *)

cs7120 (Prasad)L9-RECUR-IND14 Auxiliary result rev ( [z] ) = z:: rev zs Induction Step: rev [z]) = rev ( u :: [z])) def *) = (rev [u] (* rev def*) = (z :: (rev [u] (* ind hyp *) = z :: ((rev [u]) def *) = z :: rev (u::us) (* rev def*) (*Creativity required in guessing a suitable auxiliary result.*)

cs7120 (Prasad)L9-RECUR-IND15 Weak Induction vs Strong Induction datatype exp = VarOp Var of string | Op of exp * exp; VarOpProve that the number of occurrences of the constructors in a legal exp are related thus: #Var(e) = #Op(e) + 1 To show this result, we need the result on all smaller exp s, not just the exp s whose “node count” or “height” is one less. –Motivates Strong/Complete Induction Principle.

cs7120 (Prasad)L9-RECUR-IND16 McCarthy’s 91-function fun f x = if x > 100 then x - 10 else f(f(x+11)) fun f x = if x > 100 then x - 10 else 91

cs7120 (Prasad)L9-RECUR-IND17 Is f total? fun f x = if (x mod 2) = 0 then x div 2 else f(f(3*x+1)) View int x as (2i + 1) 2^k - 1