610 likes | 745 Views
Arrays and quantifiers. Programming Fundamentals 19 Feliks Klu ź niak. a : integer array of N elements Sorted : a[ 0 ] =< a[ 1 ] and a [ 1 ] =< a[ 2 ] and ... and a [ N – 2 ] =< a[ N – 1 ]. a : integer array of N elements
E N D
Arrays and quantifiers Programming Fundamentals 19 Feliks Kluźniak
a : integer array of N elements Sorted : a[ 0 ] =< a[ 1 ] and a[ 1 ] =< a[ 2 ] and ... and a[ N – 2 ] =< a[ N – 1 ] Arrays and predicates
a : integer array of N elements Sorted : a[ 0 ] =< a[ 1 ] and a[ 1 ] =< a[ 2 ] and ... and a[ N – 2 ] =< a[ N – 1 ] Unsorted : a[ 0 ] > a[ 1 ] or a[ 1 ] > a[ 2 ] or ... or a[ N – 2 ] > a[ N – 1 ] NOTE: Recall de Morgan’s laws, and not (x =< y) = (x > y) . Arrays and predicates
a : integer array of N elements Sorted : a[ 0 ] =< a[ 1 ] and a[ 1 ] =< a[ 2 ] and ... and a[ N – 2 ] =< a[ N – 1 ] Unsorted : a[ 0 ] > a[ 1 ] or a[ 1 ] > a[ 2 ] or ... or a[ N – 2 ] > a[ N – 1 ] NOTE: Recall de Morgan’s laws, and not (x =< y) = (x > y) . This is unwieldy, and does not work very well for large N ! Arrays and predicates
The (bounded) universal quantifier : Sorted : (A i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1 ]) This is generalized conjunction: for every i such thati is positive and smaller than N – 1, a[ i ] is not greater than a[ i + 1 ] . i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1] Arrays and predicates
The (bounded) universal quantifier : Sorted : (A i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1 ]) This is generalized conjunction: for every i we most often say ”for all”, but mean ”for every”/”for each” such thati is positive and smaller than N – 1, a[ i ] is not greater than a[ i + 1 ] . i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1] Arrays and predicates
The (bounded) universal quantifier : Sorted : (Ai : 0 =< i < N – 1 : a[ i ] =< a[ i + 1 ]) quantifier i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1] Arrays and predicates
The (bounded) universal quantifier : Sorted : (Ai: 0 =< i< N – 1 : a[ i] =< a[ i+ 1 ]) quantifier, dummy variable i: 0 =< i < N – 1 : a[ i ] =< a[ i + 1] Arrays and predicates
The (bounded) universal quantifier : Sorted : (Ai: 0 =< i< N – 1 : a[ i ] =< a[ i+ 1 ]) quantifier, dummy variable Note: The dummy variable is bound by the quantifier: we cannot substitute anything for it, and the value of the entire formula does not depend on it. Arrays and predicates
The (bounded) universal quantifier : Sorted : (Ai: 0 =< i< N – 1 : a[ i] =< a[ i+ 1 ]) quantifier, dummy variable Note: The dummy variable is boundby the quantifier: we cannot substitute anything for it, and the value of the entire formula does not depend on it. The variables on which the value of the formula depends are the free variables . In this case they are N and the various elements of the array a. Arrays and predicates
The (bounded) universal quantifier : Sorted : (A i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1 ]) quantifier, dummy variable, range i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1] Arrays and predicates
The (bounded) universal quantifier : Sorted : (A i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1 ]) quantifier, dummy variable, range, quantified formula i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1] Arrays and predicates
The (bounded) universal quantifier : Sorted : (A i : 0 =< i < N – 1 : a[ i ] =< a[ i + 1 ]) This is simply shorthand for true and a[ 0 ] =< a[ 1 ] and a[ 1 ] =< a[ 2 ] and ... .... and a[ N – 2 ] =< a[ N – 1 ] Notice that when N =< 1, this expression reduces to true ! Arrays and predicates
The (bounded) existential quantifier : Unsorted : (E i : 0 =< i < N – 1 : a[ i ] > a[ i + 1 ]) This is generalized disjunction: there exists ani such thati is positive and smaller than N – 1, and a[ i ] is not greater than a[ i + 1 ] . i : 0 =< i < N – 1 : a[ i ] > a[ i + 1] Arrays and predicates
The (bounded) existential quantifier : Unsorted : (E i : 0 =< i < N – 1 : a[ i ] > a[ i + 1 ]) This is simply shorthand for false or a[ 0 ] =< a[ 1 ] or a[ 1 ] =< a[ 2 ] or ... .... or a[ N – 2 ] =< a[ N – 1 ] Notice that when N =< 1, this expression reduces to false ! Arrays and predicates
The dummy variable is bound (i.e., not free). One must be careful to avoid a clash of names. P( y ) : (A x : 0 < x < N : x > y) Q : 9 < x and x < 99 and P( x ) P( x ) is not equivalent to (A x : 0 < x < N : x > x) but to (A z : 0 < z < N : z > x) (where z is some unused variable). Arrays and predicates
For bounded quantifiers, it follows directly from de Morgan’s laws that: (not (A v : r : P)) = (E v : r : not P) (not (E v : r : P)) = (A v : r : not P) Arrays and predicates
(A v : r : P) is equivalent to ( A v :: r implies P ) Hence the pleasant and very important property that a universally quantified formula with an empty range is true! Arrays and predicates
(A v : r : P) is equivalent to ( A v :: r implies P ) Hence the pleasant and very important property that a universally quantified formula with an empty range is true! NOTE: ”Empty range” does not mean that there is no range expression, as in ( A x :: P( x ) ). It means that the range expression is false, as in ( A i : 0 < i < 1 : P( x ) ) . Arrays and predicates
From our generalised de Morgan’s laws it follows that an existentially quantified formula with an empty range is false. (not (A v : r : P)) = (E v : r : not P) Arrays and predicates
Sorted( n ) : (A i : 0 =< i < n – 1 : a[ i ] =< a[ i + 1 ]) Unsorted( n ) : (E i : 0 =< i < n – 1 : a[ i ] > a[ i + 1 ]) For an array with only one element the range is empty. So the array is sorted, and is not unsorted. Arrays and predicates
Other useful quantifiers: sum (S i : 0 =< i < N : a[ i ]) The sum of the elements of ain the range [ 0, N ), i.e., a[ 0 ] + a[ 1 ] + a[ 2 ] + .... + a[ N – 1 ] . NOTE: This is not a predicate: its value is numerical. Arrays and predicates
Other useful quantifiers: sum, product (S i : 0 =< i < N : a[ i ]) (P i : 0 =< i < N : a[ i ]) The product of the elements of ain the range [ 0, N ) , i.e., a[ 0 ] * a[ 1 ] * a[ 2 ] * .... * a[ N – 1 ]. NOTE: These are not predicates: their values are numerical. Arrays and predicates
Other useful quantifiers: sum, product, count. (S i : 0 =< i < N : a[ i ]) (P i : 0 =< i < N : a[ i ]) (N i : 0 =< i < N : a[ i ] = 0) The number of elements of ain the range [ 0, N ) whose value is 0. (Here, a[ i ] = 0 is just an example of a predicate and a[ i ] is just an example of an expression). NOTE: These are not predicates: their values are numerical. Arrays and predicates
Other useful quantifiers: sum, product, count. (S i : 0 =< i < N : a[ i ]) (P i : 0 =< i < N : a[ i ]) (N i : 0 =< i < N : a[ i ] = 0) The counting quantifier has no classical counterpart, the first two do: N - 1 N - 1 a i a i i = 0 i = 0 Arrays and predicates
Let j < k, and let P be some predicate. Arrays and predicates
Let j < k, and let P be some predicate. Which of the following two predicates is stronger? (A i : 0 =< i < j : P( i ))(A i : 0 =< i < k : P( i )) Arrays and predicates
Let j < k, and let P be some predicate. Which of the following two predicates is stronger? (A i : 0 =< i < j : P( i )) is implied by (A i : 0 =< i < k : P( i )) Arrays and predicates
Let j < k, and let P be some predicate. Which of the following two predicates is stronger? (A i : 0 =< i < j : P( i )) is implied by (A i : 0 =< i < k : P( i )) Because P( 0 ) and P( 1 ) and .... and P( j ) is implied by P( 0 ) and P( 1 ) and .... and P( j ) and ... and P( k ) Arrays and predicates
Let j < k, and let P be some predicate. Which of the following two predicates is stronger? (E i : 0 =< i < j : P( i )) (E i : 0 =< i < k : P( i )) Arrays and predicates
Let j < k, and let P be some predicate. Which of the following two predicates is stronger? (E i : 0 =< i < j : P( i )) implies (E i : 0 =< i < k : P( i )) Arrays and predicates
Let j < k, and let P be some predicate. Which of the following two predicates is stronger? (E i : 0 =< i < j : P( i )) implies (E i : 0 =< i < k : P( i )) Because P( 0 ) or P( 1 ) or ... or P( j ) implies P( 0 ) or P( 1 ) or ... or P( j )or ... or P( k ) Arrays and predicates
So it will normally be more natural to use a universally quantified formula for expressing an invariant when we do something with an array. Recall that our method is to find an invariant that is weaker than the desired outcome, and then to strengthen it as the program progresses: P P and not B desired
There is a whole class of programs that traverse an array sequentially. They share the following properties: • The invariant is of the form • ( A j : 0 =< j < k : P( j ) ) and k =< N • The loop condition is of the form • k != N and .... (sometimes simply k != N ) • The termination argument is • the invariant implies N – k >= 0, and N – k strictly decreases with each iteration (becausekincreases). Arrays and predicates
Let a be an array with N elements. Let us write a program that finds whether a contains the integer m . Arrays and predicates
Let a be an array with N elements. Let us write a program that finds whether a contains the integer m . Specifically, we want variable k to be the lowest value such that a[ k ] = m . If a does not contain m, we want k = N . Arrays and predicates
Let a be an array with N elements. Let us write a program that finds whether a contains the integer m . Specifically, we want variable k to be the lowest value such that a[ k ] = m . If a does not contain m, we want k = N . This can be expressed as follows: R: (A i : 0 =< i < k : a[ i ] != m) and (a[ k ] = m or k = N) k all elements are different from m m k all elements are different from m Arrays and predicates
R: (A i : 0 =< i < k : a[ i ] != m) and (k = N or a[ k ] = m) Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. Notice that P( k ) is a straightforward weakening of R . k all elements are different from m Arrays and predicates
R: (A i : 0 =< i < k : a[ i ] != m) and (k = N or a[ k ] = m) Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. Clearly, P(k) and a[ k ] = m means that we found the answer. k all elements are different from m m Arrays and predicates
R: (A i : 0 =< i < k : a[ i ] != m) and (k = N or a[ k ] = m) Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. Clearly, P(k) and a[ k ] = m means that we found the answer, and so does P(k) and k = N . k all elements are different from m m k all elements are different from m Arrays and predicates
R: (A i : 0 =< i < k : a[ i ] != m) and (k = N or a[ k ] = m) Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. Clearly, P(k) and a[ k ] = m means that we found the answer, and so does P(k) and k = N . P(k) is trivial to establish. How? Arrays and predicates
R: (A i : 0 =< i < k : a[ i ] != m) and (k = N or a[ k ] = m) Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. Clearly, P(k) and a[ k ] = m means that we found the answer, and so does P(k) and k = N . P(k) is trivial to establish: k := 0 (empty range!). Arrays and predicates
R: (A i : 0 =< i < k : a[ i ] != m) and (k = N or a[ k ] = m) Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. Clearly, P(k) and a[ k ] = m means that we found the answer, and so does P(k) and k = N . P(k) is trivial to establish: k := 0 (empty range!). So the program writes itself: k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) Why? od Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) Why? od P(k) will hold after the assignment k := k + 1 if P( k + 1 ) holds before the assignment. Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) Why? od P(k) will hold after the assignment k := k + 1 if P( k + 1 ) holds before the assignment. So our task is to show that (P( k ) and k != N and a[ k ] != m) implies P( k + 1 ) . Why is this so? Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) Why? od P(k) will hold after the assignment k := k + 1 if P( k + 1 ) holds before the assignment. So our task is to show that (P( k ) and k != N and a[ k ] != m) implies P( k + 1 ) . Why is this so? P( k + 1 ) = (P( k ) and (a[ k ] != m) and (k + 1 =< N)) Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) od Let m = 4 and let the array be: 5 1 4 0 Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) od Let m = 4 and let the array be: 5 1 4 0 k = 0 Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) od Let m = 4 and let the array be: 5 1 4 0 k = 1 Arrays and predicates
Our invariant will be P(k): ( A j : 0 =< j < k : a[ j ] != m ) and k =< N. k := 0; % P(k) while k != N and a[ k ] != m do % P(k) and k != N and a[ k ] != m k := k + 1 % P(k) od Let m = 4 and let the array be: 5 1 4 0 k = 2 BINGO! Arrays and predicates