1/7/2016 Lecture Outline • Proving the Correctness of Algorithms – Preconditions and Postconditions – Loop Invariants CSE373: Data Structures and Algorithms – Induction – Math Review – Using Induction to Prove Algorithms Induction and Its Applications Steve Tanimoto Winter 2016 This lecture material is based on materials provided by Ioana Sora at the Politechnic University of Timisoara. Univ. of Wash. CSE 373 -- Winter 2016 2 What are key parts of an algorithm ? Correct algorithms • An algorithm is described by: • An algorithm is correct if: – Input data – for any correct input data : – Output data – Preconditions : specifies restrictions on input data • it stops and – Postconditions : specifies what is the result • Example: Binary Search • it produces correct output. – Input data: a:array of integer; x:integer; – Output data: found:boolean; – Precondition: a is sorted in ascending order –Correct input data: satisfies precondition – Postcondition: found is true if x is in a , and found is false otherwise –Correct output data: satisfies postcondition Univ. of Wash. CSE 373 -- Winter 2016 3 Univ. of Wash. CSE 373 -- Winter 2016 4 Example – a sequential algorithm Proving correctness Proof: the list of actions applied An algorithm a list of actions • Swap1(x,y): to the input (which satisfies • Proving that an algorithm is totally correct: aux := x the precondition) imply the 1. Proving that it will terminate output satisfies the x := y 2. Proving that the list of actions applied to the input postcondition y := aux (which satisfies the precondition) imply that the output 1. Precondition: satisfies the postcondition x = a and y = b Precondition: 2. aux := x => aux = a – This is easy to prove for simple sequential algorithms x = a and y = b 3. x : = y => x = b – This can be complicated to prove for repetitive algorithms Postcondition: (containing loops or recursion) 4. y := aux => y = a x = b and y = a • use techniques based on loop invariants and induction 5. x = b and y = a is the Postcondition Univ. of Wash. CSE 373 -- Winter 2016 5 Univ. of Wash. CSE 373 -- Winter 2016 6 1
1/7/2016 Example – a repetitive algorithm Loop invariants Algorithm Sum_of_N_numbers Proof: The list of actions • A loop invariant is a logical predicate such applied to the that: if it is satisfied before entering any single Input: integer N , and precondition imply the iteration of the loop then it is also satisfied a , an array of N numbers postcondition after the iteration Output: s , the sum of the N BUT: we cannot enumerate numbers in a all the actions in case of a repetitive algorithm ! s:=0; We use techniques based on k:=0; loop invariants and while (k<N) do induction s:=s+a[k]; k:=k+1; end Univ. of Wash. CSE 373 -- Winter 2016 7 Univ. of Wash. CSE 373 -- Winter 2016 8 Example: Loop invariant for Sum Using loop invariants in proofs of n numbers We must show the following 2 things about a loop Algorithm Sum_of_N_numbers invariant: Algorithm Sum_of_N_numbers 1. Initialization: It is true prior to the first iteration of the loop. Input: integer N , and 2. Maintenance: If it is true before an iteration of the a , an array of N numbers loop, it remains true before the next iteration. Output: s , the sum of the N numbers in a We also must show Termination: that the loop Loop invariant = induction terminates. s:=0; hypothesis: k:=0; When the loop terminates, the invariant gives us a At step k , s holds the sum of while (k<N) do useful property that helps show that the algorithm is s:=s+a[k]; the first k numbers correct. k:=k+1; end Univ. of Wash. CSE 373 -- Winter 2016 9 Univ. of Wash. CSE 373 -- Winter 2016 10 Example: Proving the correctness of Example: Proving the correctness of the Sum algorithm (1) the Sum algorithm (2) • Induction hypothesis: s = sum of the first k numbers 2. Maintenance: If hypothesis is true before step k, • Induction hypothesis: s = sum of the first k numbers then it will be true before step k+1 (immediately 1. Initialization: The hypothesis is true at the after step k is finished) beginning of the loop: We assume that it is true at beginning of step k: “s is the sum of the first k numbers” Before the first iteration: k=0, S=0. The first 0 numbers have sum zero (there are no numbers) We have to prove that after executing step k, at the beginning of step k+1: “s is the sum of the first k+1 => hypothesis true before entering the loop numbers” We calculate the value of s at the end of this step k:=k+1, s:=s+a[k+1] => s is the sum of the first k+1 numbers Univ. of Wash. CSE 373 -- Winter 2016 11 Univ. of Wash. CSE 373 -- Winter 2016 12 2
1/7/2016 Example: Proving the correctness of Loop invariants and induction the Sum algorithm (3) • Proving loop invariants is a form of mathematical induction : • Induction hypothesis: s = sum of the first k numbers – showing that the invariant holds before the first iteration 3. Termination: When the loop terminates, the corresponds to the base case, and hypothesis implies the correctness of the – showing that the invariant holds from iteration to iteration corresponds to the inductive step. algorithm The loop terminates when k=n This implies s = sum of first k=n numbers Thus the postcondition of the algorithm is satisfied. Q.E.D. (Quod Erat Demonstrandum; we are done.) Univ. of Wash. CSE 373 -- Winter 2016 13 Univ. of Wash. CSE 373 -- Winter 2016 14 Mathematical induction - Review Mathematical induction - review Let ( n c)T(n) be a theorem that we want to prove. • • Strong Induction : a variant of induction It includes a constant c and a natural parameter n. where the inductive step builds up on all the • Proving that T holds for all natural values of n smaller values greater than or equal to c is done by proving following two conditions: • Proving that T holds for all natural values of n greater than or equal to c is done by 1. T holds for n=c 2. For every n>c if T holds for n-1, then T holds for n proving following two conditions: 1. T holds for n=c 1 , c 1 +1, …, c m Terminology: 2. If for every k from c 1 up to n-1, it is true that T(k), then T(n) T(c) is the Base Case T(n-1) is the Induction Hypothesis T(n-1) => T(n) is the Induction Step ( n c)T(n) is the Theorem being proved. Univ. of Wash. CSE 373 -- Winter 2016 15 Univ. of Wash. CSE 373 -- Winter 2016 16 Mathematical induction – Mathematical induction – Example1 Example2 • Theorem: Every amount of postage that is at • Theorem: The sum of the first n natural least 12 cents can be made from 4-cent and numbers is n*(n+1)/2 5-cent stamps. n ( n 1)T(n) ( n 1) = n (n+1)/2 k k 1 • Proof: by induction on the amount of postage • Proof: by induction on n • Postage (p) = m * 4 + n * 5 1. Base case: If n=1, s(1)=1=1*(1+1)/2 • Base cases: 2. Inductive step: We assume that s(n)=n*(n+1)/2, – Postage(12) = 3 * 4 + 0 * 5 and prove that this implies s(n+1)=(n+1)*(n+2)/2, for all n 1 – Postage(13) = 2 * 4 + 1 * 5 – Postage(14) = 1 * 4 + 2 * 5 – Postage(15) = 0 * 4 + 3 * 5 s(n+1)= s(n) +(n+1)= n*(n+1)/2 +(n+1)=(n+1)*(n+2)/2 Univ. of Wash. CSE 373 -- Winter 2016 17 Univ. of Wash. CSE 373 -- Winter 2016 18 3
Recommend
More recommend
