CSCI 2041

ADVANCED PROGRAMMING PRINCIPLES

Reasoning about programs:

Induction (Review)

Correctness

How can we convince ourselves (and others) that a program is correct?

let sum_to n =
  let rec tr_sum i acc =
     if i=0 then acc
     else tr_sum i-1 acc+i in
  tr_sum n 0

let fib n =
  let rec tr_fib i f0 f1 =
    if i=0 then f0
    else tr_fib (i-1) f1 (f1+f0) in
  tr_fib n 0 1

How can we convince ourselves that sum_to and fib are correct?

We can test any specific input, but for many programs, there are infinitely many possible inputs…

Principle of Natural Induction: Let P(n) be a property of natural numbers. (i.e. for each natural number n, either P(n) is true or P(n) is false.) If the following hold:

P(0) and ∀𝓃, P(𝓃) ⇒ P(𝓃+1)

Then it must be true that for all n, P(n).

induction

Review: when proving a theorem by induction on ℕ, we have:

A Property P(n): e.g. P(n) ≡ ∑_i≤n i = n(n+1)/2, and
a Theorem: That for every n, P(n) is true: ∀n.P(n).
A Base Case: Prove that P(0) is true. (e.g. ∑_i≤0 i = 0 = 0(0+1)/2, ✓)
An Inductive Case: Prove that if P(k) is true, then so is P(k+1): ∀k. [P(k) ⇒ P(k+1)]. In this step:
- P(k) is the inductive hypothesis: let ∑_i≤k i = k(k+1)/2; it is used to prove
- P(k+1), the inductive conclusion: that ∑_i≤k+1 i = (k+1)(k+2)/2:
  - ∑_i≤k+1i = ∑_i≤ki + (k+1) [algebra]
  - = k(k+1)/2 + (k+1) [I.H.]
  - = (k² + k + 2k + 2)/2 = (k² + 3k +2)/2 = (k+1)(k+2)/2 ✓

Theorem. For every n, 5ⁿ-1 is a multiple of 4. Here, we have:

P(n) : ∃m . 5ⁿ-1 = 4m
Base Case: 5⁰-1 = 0 = 4×0. ✓
Inductive Case: Assume IH: ∃m. 5^k-1 = 4m. Need to show IC: ∃a.5^k+1-1 = 4a.

5^k+1-1 = 5×5^k - 1        [defn of 5ⁿ]
         = (4+1)×5^k - 1 [5=4+1]
         = (4×5^k + 5^k)-1   [distributivity]
         = 4×5^k + (5^k-1)   [associativity ]
         = 4×5^k + 4m        [I.H.]
         = 4(5^k+m)           [distributivity, ✓]

mistakes

(don’t do any of the things on the next 3 slides)

Wrong induction variable

Theorem: ∀a∀k. ∑_i≤kaⁱ = (a^k+1-1)/(a-1).

Base Case: a=0 : ∀k. ∑_i≤k0ⁱ = 0⁰ + 0 = 1, and (0^k+1-1)/(0-1) = (-1)/(-1) = 1. ✓

Inductive Case: (Can’t step from 0 to 1)

a is the wrong variable to use for induction. (Use k instead)

This makes proofs hard, but doesn’t usually allow you to “prove” false statements

Circular inductive case

Theorem: ∀n.n is even. P(n) = ∀n.n is even.

Base Case: 0 = 2×0, so 0 is even. ✓

Inductive Case: Assume ∀k, k is even. In this case, P(k) is true for all k, so P(k+1) must also be true.

You can “prove” obviously false statements with this mistake. so don’t do it!

Incorrect step case

Theorem: ∀n.∀i≤n.∀ƒ.ƒ(i)=ƒ(n).

Base Case: ∀i≤0.∀ƒ.ƒ(i)=ƒ(0). [✓, only 0 ≤ 0].

Inductive Case: Assume IH: ∀i≤k.∀ƒ.ƒ(i)=ƒ(k).

Suppose that for some g, and some i≤k, g(k+1) ≠ g(i).
Then there exists some function ƒ(x) = g(x+1) such that
ƒ(k) = g(k+1) ≠ g(i) = ƒ(i-1), contrary to the IH.

Thus ∀i≤k+1,∀ƒ.ƒ(i)=ƒ(k+1), ✓

(For k = 0, g(0-1) is not covered by the IH)