induction and program correctness
play

Induction and Program Correctness Peter J. Haas INFO 150 Fall - PowerPoint PPT Presentation

Sep 03, 2022 •23 likes •143 views

Induction and Program Correctness Peter J. Haas INFO 150 Fall Semester 2019 Lecture 10 1/ 8 Overview Goal I Apply inductive reasoning to Java programs I In context of loops and recursion Lecture 10 2/ 8 Program Correctness Informally: A

  1. Induction and Program Correctness Peter J. Haas INFO 150 Fall Semester 2019 Lecture 10 1/ 8

  2. Overview Goal I Apply inductive reasoning to Java programs I In context of loops and recursion Lecture 10 2/ 8

  3. Program Correctness Informally: A program is correct if it performs according to its specification. I If certain inputs are given, then certain outputs will be obtained I If other inputs are given, then program is not incorrect, even if it throws an exception or enters an infinite loop Lecture 10 3/ 8

  4. Program Correctness Informally: A program is correct if it performs according to its specification. I If certain inputs are given, then certain outputs will be obtained I If other inputs are given, then program is not incorrect, even if it throws an exception or enters an infinite loop Definition Pre-conditions and post-conditions are sets of propositions that describe inputs, outputs, object states, aspects of environment. Lecture 10 3/ 8

  5. Program Correctness Informally: A program is correct if it performs according to its specification. I If certain inputs are given, then certain outputs will be obtained I If other inputs are given, then program is not incorrect, even if it throws an exception or enters an infinite loop Definition Pre-conditions and post-conditions are sets of propositions that describe inputs, outputs, object states, aspects of environment. Definition A program is partially correct if, when the pre-conditions hold prior to a program run and the program terminates, then the post-conditions will hold. Lecture 10 3/ 8

  6. Program Correctness Informally: A program is correct if it performs according to its specification. I If certain inputs are given, then certain outputs will be obtained I If other inputs are given, then program is not incorrect, even if it throws an exception or enters an infinite loop Definition Pre-conditions and post-conditions are sets of propositions that describe inputs, outputs, object states, aspects of environment. Definition A program is partially correct if, when the pre-conditions hold prior to a program run =D and the program terminates, then the post-conditions will hold. Note: A program that never terminates is always partially correct I We usually make separate proofs for termination and correctness Lecture 10 3/ 8

  7. Example: Calculating Remainders Algorithm: Compute the remainder when n is divided by b (i.e., n mod b ) int remainder (int n, int b) { int x = n; while (x >= b) x -= b; return x;} Pre-conditions: n ≥ 0 and b > 0 Post-conditions: 0 ≤ output < b and ∃ k : n = kb + output If preconditions not true, we might get an output that violates the post-conditions I Ex: n = − 1 and b = 2: returns − 1 (should be 1 since n = 2 · − 1 + 1) I Ex: n = 3 and b = − 2: infinite loop Will show both termination and correctness using induction Lecture 10 4/ 8

  8. Example: Calculating Remainders int remainder (int n, int b) { int x = n; while (x >= b) x -= b; return x;} Pre-conditions: n ≥ 1 and b > 0 Post-conditions: 0 ≤ output < b and ∃ k : n = kb + output P ( n ): for fixed b > 0 and input n ≥ 1, Inductive proof of P ( n ) for fixed b > 0 the algorithm terminates and satisfies post-conditions 1. n = 1: 1.1 Case 1: if b = 1, returns 0 after going through while loop once X 1.2 Case 2: if b > 1, returns 1 without going through while loop X 2. Assume that program is correct for n = 1 , 2 , . . . , m − 1, so need to prove P ( m ) 2.1 Case 1: if m < b , returns m without going through while loop X 2.2 Case 2: if m ≥ b , enters while loop and changes x to m − b . 2.2.1 Now as if we started algorithm with inputs of m − b and b 2.2.2 By induction, returns output satisfying post-conditions for m − b , b 2.2.3 0 ≤ output < b X 2.2.4 ∃ k : m − b = kb + output 2.2.5 For this k , we have m = ( k + 1) b + output X b) tb Cm on = - Lecture 10 5/ 8

  9. Example: Calculating Remainders Recursively Algorithm: Recursively compute the remainder when n is divided by b int remainder (int n, int b) { if (n < b) return n; return remainder(n - b, b);} Pre-conditions: n ≥ 1 and b > 0 Post-conditions: 0 ≤ output < b and ∃ k : n = kb + output P ( n ): for fixed b > 0 and input n ≥ 1, Inductive proof of P ( n ) for fixed b > 0 the algorithm terminates and satisfies post-conditions 1. n = 1: 1.1 Case 1: if b = 1, does recursive call with 0 and b , which returns 0 X 1.2 Case 2: if b > 1, returns 1 without recursive call X 2. Assume that program is correct for n = 1 , 2 , . . . , m − 1, so need to prove P ( m ) 2.1 Case 1: if m < b , returns m without recursive call X 2.2 Case 2: if m ≥ b , does recursive call with m − b and b . 2.2.1 By induction, returns output that satisfying post-conditions 2.2.2 0 ≤ output < b X 2.2.3 ∃ k : m − b = kb + output 2.2.4 For this k , we have m = ( k + 1) b + output X Lecture 10 6/ 8

  10. Example: Recursively Computing Factorials Algorithm: Recursively compute n ! int factorial (int n); if (n <= 1) return 1; return n * factorial(n - 1);} $1 - terminates when input h at g Pln ) Easy to show inductively that algorithm terminates : ) return Chinese , algorithm terminates and If net put I . . that hold Let PCD , PH and Plm i ) me assume 2 a . . . . . , then - D input line factorial If executes C Pcm ) - m 3 m " - s . , . which terminates pom - is is true since To prove correctness is also easy I Define n ! recursively by 1! = 1 and n ! = n · ( n − 1)! for n > 1 I Proof follows immediately In general, recursive algorithms lead naturally to inductive proofs Lecture 10 7/ 8

  11. Example: Recursively Printing Prime Factorization Algorithm: Print a List of Prime Factors void factor (int n) { if (n == 1) return; nmodd int d = 2; Had while (n % d != 0) d++; = System.out.println(d); factor (n/d);} Example of operation: call factor(60) 1. print a 2, call factor(30) 2. print a 2, call factor(15) 3. print a 3, call factor(5) 4. print a 5, and call factor(1) which terminates without doing anything. Lecture 10 8/ 8

  12. Example: Recursively Printing Prime Factorization Algorithm: Print a List of Prime Factors void factor (int n) { if (n == 1) return; int d = 2; while (n % d != 0) d++; System.out.println(d); factor (n/d);} Example of operation: call factor(60) 1. print a 2, call factor(30) 2. print a 2, call factor(15) 3. print a 3, call factor(5) 4. print a 5, and call factor(1) which terminates without doing anything. Inductive proof of correctness 1. Define P ( n ) as “on input n , factor terminates and prints a sequence of prime numbers that multiply to give n ” 2. P (1) is true because factor(1) terminates and prints nothing, empty sequence multiplies to give 1 (by definition) 3. { Complete the rest of the proof as homework } Lecture 10 8/ 8

Recommend

Induction and Its Applications Example for Regular Induction: Correctness of a Decimal-

Induction and Its Applications Example for Regular Induction: Correctness of a Decimal-

10/3/2016 Lecture Outline Review of Induction and Strong Induction Example: A theorem about the first n natural numbers. CSE373: Data Structures and Algorithms Example for Strong Induction: Making Postage Induction and Its

498 views • 4 slides
Encoding Induction in Correctness Proofs of Program Transformations as a Termination Problem

Encoding Induction in Correctness Proofs of Program Transformations as a Termination Problem

Encoding Induction in Correctness Proofs of Program Transformations as a Termination Problem Conrad Rau, David Sabel and Manfred Schmidt-Schau Goethe-University, Frankfurt am Main, Germany WST 2012, Obergurgl, Austria 1 Introduction

307 views • 26 slides
Induction and Its Applications Part 1: Algorithm Correctness, Loop Invariants, and Induction

Induction and Its Applications Part 1: Algorithm Correctness, Loop Invariants, and Induction

10/3/2016 CSE373: Data Structures and Algorithms Induction and Its Applications Part 1: Algorithm Correctness, Loop Invariants, and Induction Steve Tanimoto Autumn 2016 The cover from Francesco Maurolico's Arithmeticorum Libri Duo (1575),

154 views • 3 slides
Customised Induction Rules for Proving Correctness of Imperative Programs Angela Wallenburg

Customised Induction Rules for Proving Correctness of Imperative Programs Angela Wallenburg

Customised Induction Rules for Proving Correctness of Imperative Programs Angela Wallenburg angelaw@cs.chalmers.se 4th International Symposium June 9, 2005, L okeberg Outline 1. Problem: Induction and Loops 2. First approach: Use idea

821 views • 34 slides
Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about cri4cal parts of a program and reason effec4vely A program is intended to carry out a

1.01k views • 57 slides
Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

3/10/10 Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness: partial correctness + termination Partial correctness: Program implements its specification 1 3/10/10 Proving Partial Correctness

420 views • 13 slides
Induction and Its Applications Steve Tanimoto Winter 2016 This lecture material is based on

Induction and Its Applications Steve Tanimoto Winter 2016 This lecture material is based on

1/7/2016 Lecture Outline Proving the Correctness of Algorithms Preconditions and Postconditions Loop Invariants CSE373: Data Structures and Algorithms Induction Math Review Using Induction to Prove Algorithms

220 views • 6 slides
CS70: Lecture 8. Outline. Extended GCD Algorithm. Correctness. Proof: Strong Induction. 1 Base:

CS70: Lecture 8. Outline. Extended GCD Algorithm. Correctness. Proof: Strong Induction. 1 Base:

CS70: Lecture 8. Outline. Extended GCD Algorithm. Correctness. Proof: Strong Induction. 1 Base: ext-gcd ( x , 0 ) returns ( d = x , 1 , 0 ) with x = ( 1 ) x +( 0 ) y . 1. Finish Up Extended Euclid. Induction Step: Returns ( d , A , B ) with d =

259 views • 5 slides
Mathematical Induction n The inductive proof will sometimes point out an algorithmic solution to a

Mathematical Induction n The inductive proof will sometimes point out an algorithmic solution to a

2/28/16 Why induction? n Prove algorithm correctness Mathematical Induction n The inductive proof will sometimes point out an algorithmic solution to a problem n Strongly connected to recursion Rosen Chapter 5 Motivation Motivation n A group

524 views • 8 slides
Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of

Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of

Recalling Our Intro to the Course 1 The Program Correctness Problem ? Conventional models of using computers not easy to determine correctness! Has become a very important issue, not just in safety-critical apps. Components with

534 views • 36 slides
Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and

Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and

Correctness of Program Transformations as a Termination Problem Conrad Rau, David Sabel and Manfred Schmidt-Schau Goethe-University, Frankfurt am Main, Germany IJCAR 2012, Manchester, UK 1 Introduction &amp; Motivation Automate correctness

345 views • 34 slides
Induction Stepwise induction (for T PA , T cons ) Complete induction (for T PA , T cons )

Induction Stepwise induction (for T PA , T cons ) Complete induction (for T PA , T cons )

Induction Stepwise induction (for T PA , T cons ) Complete induction (for T PA , T cons ) 4. Induction Theoretically equivalent in power to stepwise induction, but sometimes produces more concise proof Well-founded induction

382 views • 7 slides
Program correctness and verification Programs should be: clear; efficient; robust; reliable;

Program correctness and verification Programs should be: clear; efficient; robust; reliable;

Program correctness and verification Programs should be: clear; efficient; robust; reliable; user friendly; well documented; . . . but first of all, CORRECT dont forget though: also, executable. . . Correctness

202 views • 19 slides
Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp;

Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp;

Program Verification (Rosen, Sections 5.5) TOPICS Program Correctness Preconditions &amp; Postconditions Program Verification Assignments Composition Conditionals Loops Proofs about Programs Why

537 views • 36 slides
Proof of Correctness By induction. Base: n 1 = y [ 0 : 0 ] 1 y [ 0 ] 1 x

Proof of Correctness By induction. Base: n 1 = y [ 0 : 0 ] 1 y [ 0 ] 1 x

Encoders, Decoders &amp; Shifters Encoder F Specification: input : x , weight ( x ) 1 =

380 views • 9 slides
Beyond Inductive Definitions Induction-Recursion, Induction-Induction, Coalgebras Anton

Beyond Inductive Definitions Induction-Recursion, Induction-Induction, Coalgebras Anton

Beyond Inductive Definitions Induction-Recursion, Induction-Induction, Coalgebras Anton Setzer Swansea University, Swansea UK 1 March 2012 1/ 26 A Proof Theoretic Programme Sets in Martin-L of Type Theory Induction-Recursion,

295 views • 26 slides
The Calculus of Computation: Decision Procedures with 5. Program Correctness: Mechanics

The Calculus of Computation: Decision Procedures with 5. Program Correctness: Mechanics

The Calculus of Computation: Decision Procedures with 5. Program Correctness: Mechanics Applications to Verification by Aaron Bradley Zohar Manna Springer 2007 5- 1 5- 2 Program A: LinearSearch with function specification Function

777 views • 12 slides
The Rhode Island Beginning Teacher Induction Program November 27, 2012 RTTT Steering Committee

The Rhode Island Beginning Teacher Induction Program November 27, 2012 RTTT Steering Committee

The Rhode Island Beginning Teacher Induction Program November 27, 2012 RTTT Steering Committee Teachers are not finished products when they complete a teacher preparation program. Strong residency and mentored induction experiences

211 views • 18 slides
Automated Program Verification Winter 2011 Guaranteeing Program Correctness Programs should

Automated Program Verification Winter 2011 Guaranteeing Program Correctness Programs should

Automated Program Verification Winter 2011 Guaranteeing Program Correctness Programs should behave how we want them to Example: not crashing with an unexpected exception To guarantee this: 1. Specify what a programs behavior should

389 views • 21 slides
MA THEMA TICAL INDUCTION Induction and Deduction Mathematical Induction (its

MA THEMA TICAL INDUCTION Induction and Deduction Mathematical Induction (its

MA THEMA TICAL INDUCTION Induction and Deduction Mathematical Induction (its strength) Examples { Sum of rst n naturual numb ers Prove b y induction that the sum of the rst n natural numb ers is

756 views • 34 slides
Recursion and Induction: Program Development; Variable Ordering Greg Plaxton Theory in

Recursion and Induction: Program Development; Variable Ordering Greg Plaxton Theory in

Recursion and Induction: Program Development; Variable Ordering Greg Plaxton Theory in Programming Practice, Fall 2005 Department of Computer Science University of Texas at Austin Program Development Today we will develop a Haskell program

402 views • 21 slides
Lexical analysis Lexical analysis Lexical analysis checks the correctness of program words and

Lexical analysis Lexical analysis Lexical analysis checks the correctness of program words and

Lexical analysis Lexical analysis Lexical analysis checks the correctness of program words and transforms a program to the stream of tokens: removes empty symbols and commentaries; identifies keywords, indentifiers and literal

401 views • 37 slides
Mathematical Induction Lecture 10-11 Menu Mathematical Induction Strong Induction

Mathematical Induction Lecture 10-11 Menu Mathematical Induction Strong Induction

Mathematical Induction Lecture 10-11 Menu Mathematical Induction Strong Induction Recursive Definitions Structural Induction Climbing an Infinite Ladder Suppose we have an infinite ladder: 1. We can reach the first rung of the

448 views • 31 slides
Program Correctness Literatuur Verification of Sequential and Concurrent Programs. Krzysztof R.

Program Correctness Literatuur Verification of Sequential and Concurrent Programs. Krzysztof R.

Program Correctness Literatuur Verification of Sequential and Concurrent Programs. Krzysztof R. Apt, Frank S. de Boer, Ernst-R udiger Olderog. Series: Texts in Computer Science. Springer. 3rd ed. 2nd Printing. ISBN: 978-1-84882-744-8. Te

1.23k views • 112 slides

More recommend