Chapter 3

formal logic mathematical preliminaries Chapter 3 Induction and Recursion Transparency No. 3-1

Contents 4.1 Mathematical Inductions 4.2 Strong Induction and Well-ordering 4.3 Recursive definitions & Structural Induction 4.4 Recursive algorithms 4.5 Program correctness

4.1 Mathematical Induction (MI) • Principle of MI : To show that a property p hold for all nonnegative integer n, it suffices to show that 1. Basis step: P(0) is true 2. Inductive step: P(n)  P(n+1) is true for all nonnegative integer n. • P(n) in 2. is called the inductive hypothesis. Notes: 1. Math. Ind. is exactly the inference rule: • P(0), "n P(n)P(n+1) • -------------------------------- • "n P(n) for any property P 2. If the intended domain is all positive integers, then the basis step should be changed to: • Basis step: P(1) is true.

Examples • Show that for all positive integers n, 1 + 2 + … + n = n (n+1) /2. Pf: Let P(n) denote the proposition:1 + 2 + … + n = n (n+1) /2. The proof is by induction on n. Basis step: P(1) is true since 1 = 1 x (1+1) /2. Ind. step: Assume p(k) holds for arbitrary integer k > 0, i.e., 1 + 2 + … + k = k(k+1)/2. Then 1 + … + k + (k+1) = k(k+1)/2 + (k+1) = k(k+1)/2 + 2(k+1)/2 = (k+1)[(k+1)+1] /2. Hence p(k+1) is also true. This completes the proof of basis step and inductive step of MI, and hence by MI, p(n) holds for all positive integers n.

Examples : 2: Si=1,n 2i-1 = n2 3. n < 2n 4. 3 | n3 - n if n > 0 5. Si=1,n 2i = 2(n+1) -1 6. Sj=1,n arj = arn+1 - a / (r -1) 7. Let Hk = 1 + 1/2 +...+ 1/k => H2n³ 1 + n/2 8. |S| = n => |2S| = 2n. 9. If n > 3 => 2n < n! 10. ~(S1Ç ...ÇSn) = ~S1 U ... U ~Sn.

7. Let Hk = 1 + 1/2 +...+ 1/k. Then H2n³ 1 + n/2 for all non-negative integers n. pf: By induction on n. Let p(n) be the proposition H2n³ 1 + n/2 Basis Step: n = 0. Then H20 = H1 = 1 ³ 1 + 0/2. Hence p(0) is true. Ind. Step: Assume p(n) holds for any n ³ 0, I.e., H2n³ 1 + n/2 holds for any n ³ 0. Then H2n+1 = 1+… + 1/2n + 1/(2n+1) + … 1/(2n+2n) ³ H2n + 2n x 1/(2n+2n) ³ 1 + n/2 + ½ = 1 + (n+1)/2. This establishes the ind. step of MI. As a result p(n), i.e., H2n³ 1 + n/2 , holds for all nonnegative integers n.

More examples: 14. for every k 12, there are m,n  0 s.t. k = 4m + 5n. pf: By induction on k. Basis: If k < 12, then we are done. If k = 12, then = 4 x 3 + 5 x 0. Inductive step: k = t + 1 > 12 ( Hence t 12 ) By Ind. Hyp., t = 4m + 5n. Then k = t + 1 = 4m + 5n + 1. case 1: m > 0 => k = 4(m-1) + 5 (n+1) case 2: m = 0 => t = 5n > 11 => n  3. hence t+1 = 5(n-3) + 15 + 1 = 4 x 4 + 5 (n-3). Q.E.D.

Correctness of MI. • Correctness of MI: Let p(.) be a property about positive integers. If p(1) holds and p(n) implies p(n+1) for all n, then it is true that p(n) holds for all n. Pf: Assume MI is incorrect. i.e. the set NP = {k | p(k) is false} is not empty. Let m be the least number of NP ---existence by well-order theorem Since p(0), 0 Ï NP and m >0. => m-1 exists and p(m-1) is true => P(m) holds [by the inductive step of MI ] => m Ï NP => a contradiction. Q.E.D.

Strong Induction and Well-Orering • [A problem MI is hard to prove: ] If n is a positive number > 1, then n can be written as a product of primes. • To prove this theorem using induction, we needs a stronger form of MI.

Strong Induction • [The 2nd form of MI(Strong Induction; complete Induction)] To prove that p(n) holds for all non-negative integer n, where p(n) is a propositional function of n, It suffices to show that • Basis step: P(0) holds • Inductive step: P(0) /\ P(1) /\ ...,/\p(k-1)  P(k) holds for all k  0. • I.e., Assume p(0),…p(k-1) hold for arbitrary k, and then show that p(k) is true as well. • P(0) /\ P(1) /\ ...,/\p(k-1) (or "t t<k P(k)) is the called the induction hypothesis of the proof.

Example Ex2 : If n is a positive number > 1, then n can be written as a product of primes. Pf: Let p(n) be the proposition : if n> 1 then it can be written as a product of primes. Basis step: p(1) holds since n  1, not > 1. Ind. step: Let k be arbitrary positive number and assume p(t) holds for all t < k. There are two cases to consider: case 1: k is a prime number, then p(k) holds since k = k is the product of itself. case 2: k is a composite number. The by definition, there are two numbers 1< a, b < k such that k = ab. By ind. hyp., p(a) and p(b) hold and since a, b > 1, a and b can be written as a product of primes. let a = a1,…,ai and b = b1,…bj, then k = a1…ai x b1…bj is a product of primes.

Correctness of Strong Induction and well-ordering . • Correctness of SI: Let p(.) be a property about positive integers. If p(1) holds and p(1) /\ p(n) …/\p(n) implies p(n+1) for all n, then it is true that p(n) holds for all n. Pf: Assume SI is incorrect. i.e. the set NP = {k | p(k) is false} is not empty. Let m be the least number of NP ---existence by well-order property of positive integers Since p(1), 1 Ï NP and m >1. => m-1 exists and p(m-1) is true => P(m) holds [by the inductive step of SI ] => m Ï NP => a contradiction. Q.E.D.

Well-ordered Property • [Well-ordered property of natural numbers]Every non-empty subset of non-negative integers has a least element. • The property can be used directly in the proof (in place of MI or SI). Ex: In round-robin tournament, every player plays every other exactly once and each match has a winner and a looser. We say p1,p2,…,pm form a cycle if p1 beats p2, p2 beats p3,…,pm beats p1. Show that if there is a cycle of length m ³ 3, then there must exist a cycle of 3.

Ex 6 pf: Let C be the set { k | there is a cycle of length k } in the tournament. Obviously, m C and C is a subset of non-negative integers. So by well-ordering property, C has a least element, say k. Let p1,p2,…pk be such cycle. since there is no cycle of 1 or 2, k must ³ 3. If k = 3, then we are done. O/w, k > 3 and consider p1 and p3. If p3 beats p1, then p1,p2 , p3 is a cycle of length 3 < k. a contradiction. If p1 beats p3, then p1, p3,…,pk form a cycle of length < k. This violates the fact that k is the least element of C. As a result, k must = 3.

3.3 Recursive definition of functions • Different ways of defining a functions • Explicit listing • Suitable for finite functions only. • Define by giving an explicit expression • Ex: F(n) = 2n • recursive (or inductive ) definition • Define value of objects (sequences, functions, sets, ...) in terms of values of smaller similar ones. • Ex: the sequence 1,2,4,... (an = 2n) can be defined recursively as follows: 1. a0 = 1; 2. an+1 = 2 x an for n > 0.

Recursively defined functions • To define a function over natural numbers: • specify the value of f at 0 (i.e., f(0)) • Given a rule for finding f(n) from f(n-1),..., f(0). • i.e., f(n) = some expression in terms of n, f(n), ..., f(0). • Ex1: • f(n) = 3 if n = 0 • = 2f(n-1) +3 if n >0 • => f(0) = 3, • f(1) = 2f(0) +3 = 9 • f(2) = 2f(1)+3 = 21,... • This guarantees f be defined for all numbers.

More examples functions • Ex2: The factorial function f(n) = n! • f(0) = 1 • f(n) = n f(n-1) for all n > 0. • Recursively defined functions (over N) are well defined Pf: Let P(n) = "there is at least one value assigned to f(n)". Q(n) = "there are at most one value assigned to f(n)". We show P(n) hold for all n by MI.. basis: P(0) holds. Ind. : assume p(k) holds for all k ≤ n => since f(n+1) can be assigned a value by evaluating the expr(n,f(0),..,f(n)), where by ind. hyp. all f(i)s (i<n) have been assigned a value. The fact that Q(n) holds for all n is trivial, since each f(k) appear at the left hand side of the definition exactly once. QED

More examples: Ex5: The Fibonacci number: • f(0) = 0; f(1) = 1; • f(n) = f(n-1) + f(n-2) for n > 1. • ==> 0,1,1,2,3,5,8,...

Ex6: Show that f(n) > an-2 whenever n ≥ 3, where a = (1+ sqrt(5))/2 = 1.618 is the golden ratio • Properties of a: a2 = (1 + a). Pf: (by MI). Let P(n) = "f(n) > an-2 ". Basis: P(3) holds since f(3) = 2 >a3-2 . Ind.step: (for n ≥ 4) If n = 4 =>f(4) = 3 > a4-2 = 1.6182. If n > 4 => by ind. hyp., f(n-1) >an-3, f(n-2) >an-4 Hence f(n) = f(n)+f(n-1) > an-3 + an-4 =(1+ a) an-4 = an-2. QED

Lame's theorem • a,b: positive integer with a  b. => #divisions used by the Euclidean algorithm to find gcd(a,b) £ 5 x #decimal digits in b. Pf: seq of equations used for finding gcd(a,b) where r0 = a, r1 = b. r2 = ro mod r1¹ 0, r3 = r1 mod r2¹ 0 ... … rn = rn-2 mod rn-1¹ 0, rn+1 = rn-1 mod rn = 0 i.e., until rn | rn-1 . Then gcd(a,b) = rn. and #division used = n. Note: rn³ 1 = f2 ; rn-1³ 2rn³ 2f2 = f3; rn-2³ rn+rn-1 = f2 + f3 = f4 ... r2³ r3 + r4³fn-1+fn-2=fn; b = r1³ r2+ r3³ fn+fn-1 = fn+1.> an-1. logb > (n-1) log a ~ 0.208 (n-1) > (n-1)/5 n -1 < 5 log b < 5 #digit(b). => n £ 5#digit(b).

Recursively defined sets • Given a universal set U, a subset V of U and a set of operations OP on U, we often define a subset D of U as follows: • 1. Init: Every element of V is an element of D. • 2. Closure: For each operation f in OP, if f:Un->U and t1,..,tn are objects already known to be in the set D, then f(t1,..,tn) is also an object of D. • Example: The set S = {3n | n >0} N can be defined recursively as follows: • 1. Init: 3 ∈ S (i.e., V = { 3 } ) • 2. closure: S is closed under +. • i.e., If a,b ∈ S then so are a+b . (OP = {+})

Notes about recursively defined sets 1. The definition of D is not complete (in the sense that there are multiple subsets of U satisfying both conditions. Ex: the universe U satisfies (1) and (2), but it is not Our intended D. 2. In fact the intended defined set 3': D is the least of all subsets of U satisfying 1 & 2, or 3'': D is the intersection of all subsets of U satisfying 1 & 2 or 3''': Only objects obtained by a finite number of applications of rule 1 & 2 are elements of D. 3. It can be proven that 3',3'',and 3''' are equivalent. 4. Hence, to be complete, one of 3',3'' or 3''' should be appended to condition 1 & 2, though it can always be omitted(or replaced by the adv. inductively, recursively) with such understanding in mind.

Proof of the equivalence of 3',3'' and 3''' • D1: the set obtained by 1,2,3' • D1 satisfies 1&2 and any S satisfies 1&2 is a superset of D1. • D2: the set obtained by 1,2,3''. • D2 = the intersection of all subsets Sk of U satisfying 1&2. • D3: the set obtained by 1,2,3'''. • For any x ∈ U, x ∈ D3 iff there is a (proof) sequence x1,...,xm = x, such that for each xi (i = 1..m) either • (init: ) xi ∈ V or • (closure:) there are f in OP and t1,...tn in {x1,..,xi-1} s.t. • xi = f(t1,..,tn).

notes for the proof • D2 satisfies 1&2 and is the least of all sets satisfying 1&2 , Hence D1 exists and equals to D2. 2 (2.1) D3 satisfies 1 & 2. (2.2) D3 is contained in all sets satisfying 1 & 2. Hence D3 = D2. pf: 1.1: Let C = { T1,…,Tm,…} be the collection of all sets satisfying 1&2, and D2, by definition, is ∩C. Hence V ∈ Tk for all Tk ∈ C and as a result V ∈ D2.--- (1) Suppose t1,…,tn ∈ D2, then t1,…,tn ∈ Tk for each Tk in C, Hence f(t1,…,tn) ∈ Tk and as a result f(t1,..,tn) ∈ D2. ---(2). 1.2: Since D2 = ∩C, D2 is a subset of all Tk’s which satisfies 1&2, D2 is the least among these sets. Hence D1 exists and equals to D2.

2.1 D3 satisfies 1 & 2.[ by ind.] 2.2 D3 is contained in all sets satisfying 1 & 2 [by ind.] Hence D3 = D2. pf: 2.1: two propositions need to be proved: V ⊆ D3 ---(1) and {t1,..,tn}⊆ D3 => f(t1,…,tn) ∈ D3 ---(2). (1) is easy to show, since for each x in V, the singleton sequence x is a proof. Hence x ∈ D3. As to (2), since {t1,..,tn}⊆ D3, by definition, there exist proof sequences S1,S2,…,Sn for t1,…,tn, respectively. We can thus join them together to form a new sequence S = S1,S2,…,Sn. We can then safely append f(t1,…,tn) to the end of S to form a new sequence for f(t1,…,tn), since all t1,…,tn have appeared in S. As a result f(t1,…,tn) ∈ D3. (2) thus is proved.

2.2 D3 is contained in all sets satisfying 1 & 2 [by ind.] pf: Let D be any set satisfying 1&2. We need to show that for all x, x ∈ D3 =>x ∈ D. The proof is by ind. on the length of the m of the proof sequence : x1,…,xm = x of x. If m = 1 then x=x1 ∈ V, and hence x ∈ D. If m = k+1 > 1, then either xm ∈ V (and xm ∈ D) or ∃ j1,j2,…jn < m and xm = f(xj1,…,xjn) for some f ∈ OP. For the latter case, by ind. hyp., xj1,…xjn ∈ D. Since D satisfies closure rule, f(xj1,…,xjn) = xm ∈ D. Q.E.D

Example: • Ex 7': The set of natural numbers can be defined inductively as follows: • Init: 0 in N. • closure: If x in N, then x' in N. • => 0, 0',0'',0''',... are natural numbers • (unary representation of natural numbers)

Induction principles III (structural induction) • D: a recursively defined set • P; a property about objects of D. • To show that P(t) holds for all t in D, it suffices to show that • 1. basis step: P(t) holds for all t in V. • 2. Ind. step: For each f in OP and t1,..,tn in D, if P(t1),...,P(tn) holds, then P(f(t1,..,tn)) holds, too.

Correctness of SI • Show the correctness of structural induction. Pf: Assume not correct. => NP = {t ∈ D | P(t) does not hold} is not empty. => ∃x∈NP s.t. ∃ a derivation x1,..xn of x and all xi (i<n) ∉ NP. => If n =1, then x1 = x ∈ V (impossible) Else either n > 1 and x ∈ V (impossible, like n=1) or n > 1, and x=f(t1,.,tn) for some {t1,..,tn} in {x1,..xn-1} and P holds for all tk’s => P(x) holds too => x ∉ NP, a contradiction. QED.

MI is a specialization of SI • Rephrase the SI to the domain N, we have: • To show P(t) holds for all t ∈ N, it suffices to show that • Init: P(0) holds • Ind. step: [OP={ ‘ }] • for any x in N, If P(x) holds than P(x') holds. • Notes: • 1. The above is just MI. • 2. MI is only suitable for proving properties of natural numbers; whereas SI is suitable for proving properties of all recursively defined sets. • 3. The common variant of MI starting from a value c ≠ 0 ,1 is also a special case of SI with the domain • D = {c, c+1, c + 2, … }

well-formed arithmetic expressions Ex: (2 +x), (x + (y/3)),... (ok) x2+, xy*/3 ... (no) Let Vr = {x,y,..,} be the set of variables, M = numerals = finite representations of numbers OP = {+,-,x,/,^} U = the set of all finite strings over Vr U M U OP U {(,)}. The set of all well-formed arithmetic expressions (wfe) can be defined inductively as follows: 1. Init: every variable x in Vr and every numeral n in M is a wfe. 2. closure: If A, B are wfe, then so are (x+y), (x-y), (x * y), (x / y) and (x ^ y). Note: "1 + x " is not a wfe. Why ?

More examples: • Ex9: Wff (well-formed propositional formulas) • PV: {p1,p2,.. } a set of propositional symbols. • OP = {/\, \/, ~, -> } • U = the set of all finite strings over PV U OP U {(,)} • Init: every pi in PV is a wff • closure: If A and B are wffs, then so are • (A/\B), (A \/B), (A->B), ~A. • Ex10: [strings] • S: an alphabet • S*: the set of finite strings over S is defined inductively as follows: 1. Init:e is a string. 2. closure: If x is a string and a a symbol in S, then a·x is a string.

Ex11: Recursively define two functions on S*. • len : S* -> N s.t. len(x) = the length of the string x. • basis: len(e) = 0 • Ind. step: for any x in S* and a in S, len(ax) = len(x) + 1. • · : S* x S*  S* s.t. x · y = the concatenation of x and y. • Basis:e· y = y for all string y. • recursive step: (a · z) · y = a · (z · y) for all symbols a and strings z,y.

Prove properties of len(-) on S*: Ex12: show that len(x · y) = len(x) +len(y) for any x,y ∈ S*. • By SI on x. Let P(x) = "len(xy) = len(x) +len(y)". • Basis: x = e. => • x · y = y => len(x · y) = len(y) = len(e) + len(y). • Ind. step: x = az • len(x · y) = len((a · z) · y) = len((a · (z · y)) = 1 + len(zy) • = 1+ len(z) + len(y) =len(x) +len(y).

Where we use Recursion • Define a domain • numbers, lists, trees, formulas, strings,... • Define functionson recursively defined domains • Prove properties of functions or domains by structural induction. • compute recursive functions • --> recursive algorithm • Ex: len(x){ // x : a string if x = e then return(0) else return(1+ l(tl(x))) }

3.4 Recursive algorithm • Definition: an algorithm is recursive if it solve a problem by reducing it to an instance of the same problem with smaller inputs. • Ex1: compute an where a ∈ R and n ∈ N. • Ex2: gcd(a,b) a, b ∈ N, a > b • gcd(a,b) =def if b = 0 then a else gcd(b, a mod b). • Ex: show that gcd(a,b) will always terminate. • Comparison b/t recursion and iteration • Recursion: easy to read, understand and devise. • Iteration:use much less computation time. • Result:programmer --> recursive program --> • compiler --> iterative program --> machine.

3.5 Program correctness • After designing a program to solve a problem, how can we assure that the program always produce correct output? • Types of errors in a program: • syntax error --> easy to detect by the help of compiler • semantic error --> test or verify • Program testing can only increase our confidence about the correctness of a program; it can never guarantee that the program passing test always produce correct output. • A program is said to be correct if it produces the correct output for every possible input. • Correctness proof generally consists of two steps: • Termination proof : • Partial correctness: whenever the program terminates, it will produce the correct output.

Program verification • Problem: • what does it mean that a program produce the correct output (or results)? • By specifying assertions (or descriptions) about the expected outcome of the program. • Input to program verifications: • Pr : the program to be verified. • Q : final assertions (postconditions), giving the properties that the output of the program should have • P : initial assertions(preconditions) , giving the properties that the initial input values are required to have.

Hoare triple: • P,Q; assertions • S: a program or program segment. • P {S} Q is called a Hoare triple, meaning that S is partially correct (p.c.) w.r.t P,Q,i.e., whenever P is true for I/P value of S and terminates, then Q is true for the O/P values of S. Ex1: x=1 {y := 2; z := x+ y} z = 3 is true. Why ? Ex 2: x = 1 { while x > 0 x++ } x = 0 is true. why?

Typical program constructs: 1. assignment: x := expr • x := x+y-3 2. composition: S1;S2 • Execute S1 first, after termination, then execute S2. 3. Conditional: • 3.1 If <cond> then S • 3.2 If <cond> then S1 else S2. 4. Loop: • 4.1 while <cond> do S • 4.2 repeat S until <cond> // 4.3 do S while <cond> … • Other constructs possible, But it can be shown that any program can be converted into an equivalent one using only 1,2,3.1 and 4.1

Assignment rule • P[x/expr] {x := expr } P • P[x/expr] is the result of replacing every x in P by the expression expr. • ex: P = "y < x /\ x + z = 5" => P[x/3] = “y < 3 /\ 3+z = 5". • Why correct? • consider the variable spaces • (...,x,...) == x := expr ==> (..., expr,...) |= P • Hence if P[x/expr] holds before execution, P will hold after execution. • Example: Q {y := x+y} x > 2y + 1 => Q = ? • (xb,yb) ==>{ya := xb+yb} ==>(xb,xb+yb) = (xa,ya) |= P(xa,ya) =def ‘’xa > 2ya +1’’ • => (xb,yb) |= Q = P(xa,ya)[xa/xb;ya/xb+yb] • = P(xb,xb+yb)  “xb > 2(xb+yb) +1”

Composition rules: • Splitting programs into subprograms and then show that each subprogram is correct. • The composition rule: P {S1} Q x = 0 { x:= x+2} ? Q {S2} R ? { x := x-1} x > 0 ------------------- --------------------------------------- P {S1;S2} R x=0 {x:= x+2; x:= x -1} x > 0 • Meaning: • Forward reading: • Backward reading: to prove P{S1;S2}Q, it suffices to find an assertion Q s.t. P{S1}Q and Q {S2}R. • Problem: How to find Q ?

Example: • Show that x =1 {y := 2; z := x +y} z = 3 • x = 1 {y := 2; z := x+y} z = 3 • -------------------------------------------------------- • x=1 {y := 2} ? ? {z := x+y} z = 3

Classical rules Classical rules: P => P1 P {S} Q1 P => P1 P1 {S} Q Q1 => Q P1 {S} Q1 ---------------------- ----------------------- Q1 => Q P {S} Q P{S} Q ------------------------- P {S} Q Examples: x = 1 => x+1>1 x+1>0 {x := x + 1} x > 0 x+1>1 { x := x + 1 } x > 1 x > 0 => x ≠ 0 ----------------------------------- ----------------------------------- x = 1 { x := x + 1} x > 1 x+1 > 0 {x := x+1 } x ≠ 0

Conditional rules P /\ <cond> {S1} Q P /\~ <cond> {S2} Q ------------------------------------------------ P {if <cond> then S1 else S2 } Q T /\ x > y => x ³ x x³ x {y:=x} y ³ x ------------------------------------------------ P /\ <cond> {S} Q T /\ x>y {y := x} y ³ x P /\~<cond> => Q ~ x > y => y ³ x --------------------------- -------------------------------------- P {if <cond> then S} Q T {if x > y then y := x} y ³ x

While-loop rules • Loop invariant: • A statement P is said to be a loop invariant of a while program: While <cond> do S, if it remains true after each iteration of the loop body S. • I.e., P /\ <cond> {S} P is true. • While rule: • P /\ <cond> {S} P • ----------------------------------------------------- • P {while <cond> do S} P /\ ~<cond> • Issues: • How to find loop invariant P? • Most difficulty of program verification lies in the finding of appropriate loop invariants.

While loop example Show that n>0 { i:= 1; f := 1; while i < n do (i := i+1 ; f := f x i ) } f = n! To prove the program terminates with f = n!, a loop invariant is needed. Let p = "i ≤ n /\ f = i!" First show that p is a loop invariant of the while program i.e., i £ n /\ f = i! /\ i < n { i:= i+1; f:= f x i} i£ n /\ f=i!

while loop example(cont'd) n > 0 --- i:= 1; ------ i ≤ n f := 1; ------ p = "i ≤ n /\ f = i! “ while i < n do (i := i+1 ; f := f x i ) ------ p /\ ~ i < n ==> i=n /\ f = i! ==> f = n!

Another example: Ex5:Show that the following program is correct: Procedure prod(m,n: integer) : integer 1. If n < 0 then a := -n else a := n ; ------ a = |n| 2. k := 0 ; x := 0 3. while k < a do --- p = "x = mk /\ k ≤ a" is a loop x := x + m;invariant. k := k+1 enddo --- x = mk /\ k ≤ a /\ ~k<a => k=a /\ x=ma => x = m |n| 4. If n < 0 then prod := -x => prod = - m |n| = mn else prod := x => Prod = m |n| = mn ---- prod = mn. Hence the program is [partially] correct ! Note: to be really correct, we need to show that the program will eventually terminates.

Chapter 3

Chapter 3

Presentation Transcript

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

chapter 3

CHAPTER 3-3

Chapter 3-3

Chapter 3 Chapter 3

CHAPTER 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

Chapter 3

CHAPTER 3

Chapter 3