210 likes | 402 Views
Lecture #9, Oct 25, 2004. Guest lecture by Tom Harke Todays Topics Review of Proofs by calculation Structure of Proofs by induction over lists Proofs by induction with case analysis Proofs by structural Induction Proofs by induction over Trees Read Chapter 11 - Proofs by induction
E N D
Lecture #9, Oct 25, 2004 • Guest lecture by Tom Harke • Todays Topics • Review of Proofs by calculation • Structure of Proofs by induction over lists • Proofs by induction with case analysis • Proofs by structural Induction • Proofs by induction over Trees • Read Chapter 11 - Proofs by induction • Home work assignment #5 • See Webpage (this assignment is given on Monday, but you have 10 days) • Due Wednesday, Nov. 3 (Day of midterm exam) • Mid-Term Exam • We need to discuss a midterm exam • One possibility • Exam distributed one day • Due in class on next meeting • Honor System – Use only two hours of time. • Notes and use of computer allowed.
Sun Mon Tue Wed Thu Fri Sat Oct 24 26 27 28 29 Makeup Class Tim Sheard Regions 30 25 Guest Lect. Tom Harke Proofs about Haskell programs No Class 31 Nov 1 2 3 Midterm exam 4 5 6 Guest Lect. Tom Harke The Haskell Class System Remember, No Class Wednesday
Recall the calculation proof method • Substitution of equals for equals. if name: f x = e is a definition or a theorem, then we can replace (f n) with e[n/x]where ever (f n) occurs. • name: is the name of the definition or theorem for reference in the proof. • e[n/x] means e with all free occurrences of x replaced by n • For example consider: comp: (f . g) x = f (g x) • Now prove that ((f . g) . h) x = (f . (g . h)) x
Proof by calculation • Pick one side of the equation and transform using rule comp: above ((f . g) . h) x = by comp: (left to right) (f . g) (h x) = by comp: (left to right) f (g (h x)) = by comp: (right to left) f ((g . h) x) by comp: (right to left) (f . (g . h)) x
Proofs by induction over lists • Format over lists Let P{x} be some proposition (I.e. P{x} :: Bool) i.e. P is an expression with some free variable x :: [a] • x has type :: [a] • x may occur more than once in P{x} e.g. length x = length (reverse x) forall p x => p (head x) sum (x ++ y) = sum x + sum y map f (x ++ y) = map f x ++ map f y (map f . map g) x = map (f . g) x • Then 1) Prove P { [] } 2) Assume P{ xs } and then Prove P{ x:xs }
Example • Definitions and Laws: (These are things we get to assume are true) 1 sum [] = 0 2 sum (x:xs) = x + (sum xs) 3 [] ++ y = y 4 (x:xs) ++ y = x:(xs ++ y) • Proposition: (This is what we are trying to prove) P{x} = sum (x ++ y) = sum x + sum y • Proof Structure: • 1) Prove P{[]}: sum ([] ++ y) = sum [] + sum y • 2) Assume P{xs}:(as well as the definitions and laws) sum (xs ++ y) = sum xs + sum y Then Prove P{x:xs}: sum ((x:xs) ++ y) = sum (x:xs) + sum y
Proof 1) Prove: sum ([] ++ y) = sum [] + sum y sum ([] ++ y) = (by 3: [] ++ y = y ) sum y = (arithmetic: 0 + y = y ) 0 + sum y = (by 1: sum [] = 0 ) sum [] + sum y 2) Assume: sum (xs ++ y) = sum xs + sum y Prove: sum ((x:xs) ++ y) = sum (x:xs) + sum y sum ((x:xs) ++ y) = (by 4: (x:xs) ++ y = x:(xs ++ y) ) sum (x:(xs++y)) = (by 2: sum (x:xs) = x + (sum xs) ) x + sum(xs++y) = (by IH) x + (sum xs + sum y) = (associativity of +: (x + y) + z = x + (y + z) ) (x + sum xs) + sum y = (by 2: sum (x:xs) = x + (sum xs) ) sum (x:xs) + sum y
Proof by inductionusing Case Analysis • Prove by induction: P(x) == (takeWhile p x) ++ (dropWhile p x) = x • Where: 1 [] ++ ys = ys 2 (x:xs) ++ ys = x : (xs ++ ys) 3 dropWhile p [] = [] 4 dropWhile p (x:xs) = if p x then (dropWhile p xs) else x::xs 5 takeWhile p [] = [] 6 takeWhile p (x:xs) = if p x then x:(takeWhile p xs) else []
Base and Ind cases • Base case: P([]) (takeWhile p []) ++ (dropWhile p []) = [] = [] ++ [] (by 3,5) = [] (by 1) • Induction Step: P(ys) => P(y:ys) Assume: (takeWhile p ys) ++ (dropWhile p ys) = ys Prove: (takeWhile p (y:ys)) ++ (dropWhile p (y:ys)) = (y : ys)
Split Proof (takeWhile p (y:ys)) ++ (dropWhile p (y:ys)) (if p y then y : (takeWhile p ys) else []) ++ ++ (if p y then (dropWhile p ys) else y:ys) (by 4,6) • Now, either (p y) = True or (p y) = False • So split problem by doing a case analysis
Case 1: Assume: p y = True (y : (takeWhile p ys)) ++ (dropWhile p ys) y : ((takeWhile p ys) ++ (dropWhile p ys)) (by 2) y : ys (by I.H.)
Case 2: Assume: p y = False (if p y then y : (takeWhile p ys)else []) ++ (if p y then (dropWhile p ys) else y:ys) • (by 4,6) [] ++ y:ys • (by 1) y:ys
Structural Induction • Let data T = C1 t1,1 t1,2 ... t1,n | ... | Cm tm,1 ... tm,k • Then to prove P(x::T) • for each Ci:: ti,1 -> ti,2 -> ... -> ti,n -> T • assume P ( xi,j ) if xi,j :: T that is if ti,j = T • and Prove P(Ci xi,1 ... xi,n)
Structural induction for Twolist • Example data Twolist a b = Twonil | Acons a (Twolist a b) | Bcons b (Twolist a b) • Prove: P(Twonil) • Assume: P(xs) Prove: P(Acons x xs) • Assume: P(ys) Prove: P(Bcons y ys)
Example Proof • Prove that append2 over Two lists are associative: P(x) = append2 x (append2 y z) = append2 (append2 x y) z 1 append2 Twonil ys = ys 2 append2 (Acons a xs) ys = Acons a (append2 xs ys) 3 append2 (Bcons b xs) ys = Bcons b (append2 xs ys); Proof by induction on x • case 1: x = Twonil append2 Twonil (append2 y z) = append2 (append2 Twonil y) z append2 Twonil (append2 y z) = (append2 y z) by 1 = (append2 (append2 Twonil y) z) by 1 (backwards)
Case 2 • case 2: x = Acons a xs • Assume : append2 xs (append2 y z)=append2 (append2 xs y) z • Prove: append2 (Acons a xs) (append2 y z) = append2 (append2 (Acons a xs) y) z append2 (Acons a xs) (append2 y z) by 2 = Acons a (append2 xs (append2 y z)) by hypothesis = Acons a (append2 (append2 xs y) z) by 2 backwards = append2 (Acons a (append2 xs y)) z by 2 backwards = append2(append2(Acons a xs) y) z
Case 3 • case 3: x = Bcons b xs • Assume : append2 xs (append2 y z)=append2 (append2 xs y) z • Prove: append2 (Bcons b xs) (append2 y z) = append2 (append2 (Bcons b xs) y) z append2(Bcons b xs)(append2 y z) by 3 = Bcons b (append2 xs(append2 y z)) by hypothesis = Bcons b (append2 (append2 xs y) z) by 3 backwards = append2 (Bcons b (append2 xs y)) z by 3 backwards = append2(append2(Bcons b xs) y) z
Binary Trees data Bintree a = Lf a | (Bintree a) :/\: (Bintree a) • Note all infix constructors start with a colon (:) 1 left (a :/\: b) = a 2 right (a :/\: b) = b 3 isleaf (Lf _) = True 4 isleaf (_ :/\: _) = False 5 leftmostleaf (a :/\: b) = leftmostleaf a 6 leftmostleaf (Lf x) = Lf x 7 sumtree (Lf x) = x 8 sumtree (a :/\: b) = (sumtree a) + (sumtree b)
Sample Tree Functions flatten :: Bintree a -> [a] 9 flatten (Lf x) = [x] 10 flatten (a :/\: b) = (flatten a) ++ (flatten b) ? flatten (Lf 3 :/\: Lf 5) [3, 5] • Some useful Facts 11 sum [] =0 12 sum (x:xs) = x + (sum xs) 13 Lemma: sum(x ++ y) = (sum x) + (sum y)
Proof about Trees Prove: P(t) == sum(flatten t)=sumtree t case 1: t = Lf x sum(flatten (Lf x)) = sumtree (Lf x) sum(flatten (Lf x)) = sum [x] by def of flatten 9 = sum (x:[]) by [a] = a:[] = x + (sum []) by def of sum 12 = x + 0 by def of sum 11 = x by property of + = sumtree (Lf x) by def sumtree 7
Case 2 case 2: t = a :/\: b Assume: 1) sum(flatten a) = sumtree a 2) sum(flatten b) = sumtree b Prove: sum(flatten (a :/\: b))=sumtree (a :/\: b) sum(flatten (a :/\: b)) by def flatten = sum ((flatten a) ++ (flatten b)) by lemma: 13 = sum(flatten a) + sum(flatten b) by hypothesis = (sumtree a) + (sumtree b) by def of sumtree = sumtree (a :/\: b)