Recursion and Induction
cs7120 (Prasad)
L9-RECUR-IND
1
• Define sets by induction
zero  N
n
 N

succ(n)  N
• Define functions on sets by recursion
n  N:
plus(zero, n)
= n
 m, n  N :
plus(succ(m), n) = succ(plus(m,n))

• Prove properties about the defined functions using
principle of structural induction.
cs7120 (Prasad)
L9-RECUR-IND
2
Example
0 + n = n
n + 0 = n
(obvious)
(not so obvious!)
• Prove that the two rules for “+” are
adequate to rewrite (n+0) to n.
(Induction on the structure of the first argument)
• Show that “+” is commutative, that is,
(x + y) = (y + x).
• Motivation
To ensure that sufficient relevant information has
been encoded for automated reasoning.
cs7120 (Prasad)
L9-RECUR-IND
3
Induction Proof
• Definition of “+”
• Induction Step: Show
s(k) + 0 = s(k)
0 + m = m
s(n) + m = s(n+m)
• Proof that 0 is the
identity w.r.t. +
=
=
0+m = m+0 = m
• Basis: 0 + 0 = 0
• Induction Hypothesis:
 k >= 0:
k + 0 = k
cs7120 (Prasad)
s(k) + 0
s(k + 0) (*rule 2*)
s(k)
(*ind hyp*)
• Conclusion: By principle
of mathematical induction
m N: m + 0 = m
L9-RECUR-IND
4
• Basis:
n : n + 0 = n
n : 0 + n = n
n: n + 0 = n + 0
• Induction Hypothesis:
 k >= 0, n :
k + n = n + k
n
• Induction Step:
s(k)+n = n+s(k)
s(k)+n
= (*rule2*) s(k+n)
= (*ind. hyp.*) s(n+k)
= (*rule2*) s(n)+k
(* STUCK!!!
our goal: n+s(k) *)
So prove the auxiliary result.
m
cs7120 (Prasad)
Proof proceeds
row by row
s(k)+n = k+s(n)
L9-RECUR-IND
5
• Auxiliary result
• Overall result
s(i)+ m = i+s(m)
Basis: s(0) + m
= (*rule2*) s(0 + m)
= (*rule1*) s(m)
= (*rule1*) 0 + s(m)
Induction step:
s(s(j)) + m
=(*rule2*) s(s(j)+m)
=(*ind.hyp.*) s(j+s(m))
=(*rule2*) s(j)+s(m)
cs7120 (Prasad)
s(k) + n
=(*auxiliary result*)
k + s(n)
=(*induction hyp.*)
s(n) + k
=(*auxiliary result*)
n + s(k)
(* End of proof of
commutativity *)
L9-RECUR-IND
6
Motivation for formal proofs
• In mathematics, proving theorems enhances
our understanding of the domain of
discourse and our faith in the formalization.
• In automated theorem proving, these results
demonstrate the adequacy of the formal
description and the symbol manipulation
system.
• These properties also guide the design of
canonical forms for (optimal) representation
of expressions and for proving equivalence.
cs7120 (Prasad)
L9-RECUR-IND
7
Semantic Equivalence vs Syntactic Identity
• Machines can directly test only syntactic identity.
• Several distinct expressions can have the same
meaning (value) in the domain of discourse. To
formally establish their equivalence, the domain
is first axiomatized, by providing axioms
(equations) that characterize (are satisfied by) the
operations.
• In practice, an equational specification is
transformed into a set of rewrite rules, to
normalize expressions (into a canonical form).
(Cf. Arithmetic Expression Evaluation)
cs7120 (Prasad)
L9-RECUR-IND
8
Induction Principle for Lists
• P(xs) holds for any finite list xs if:
– P([]) holds, and
– Whenever P(xs) holds, it implies that
for every x, P(x::xs) also holds.
• Prove:
filter p (map f xs)
=
map f (filter (p o f) xs)
cs7120 (Prasad)
L9-RECUR-IND
9
• Basis:
filter p (map f []) = filter p [] = []
map f(filter (p o f) []) = map f []= []
• Induction Step:
map f (filter (p o f) (x::xs))
= map f
(if ((p o f) x)
then x:: (filter (p o f) xs)
else
filter (p o f) xs
)
case 1:
case 2:
cs7120 (Prasad)
(p o f) x = true
(p o f) x = false
L9-RECUR-IND
10
• case 1:
=
=
=
=
map f ( x:: (filter (p o f) xs) )
f x :: map f (filter (p o f) xs)
f x :: filter p (map f xs)
(* induction hypothesis *)
filter p (f x :: map f xs)
(* p (f x) holds *)
filter p (map f (x::xs))
• case 2:
=
=
=
filter p (map f (x::xs))
filter p (f x :: map f xs)
(* p (f x) does not hold *)
filter p (map f xs)
map f ( filter (p o f) xs )
(* induction hypothesis *)
cs7120 (Prasad)
L9-RECUR-IND
11
Tailoring Induction Principle
fun interval m n =
if m > n then []
else m:: interval (m+1) n
(* Quantity (n-m) reduces at each recursive call. *)
• Basis:
P(m,n) holds for m > n
• Induction step:
P(m,n) holds for m <= n,
given that P(m+1,n) holds.
cs7120 (Prasad)
L9-RECUR-IND
12
Induction Proof with Auxiliaries
fun
[] @ xs
| (y::ys) @ xs
fun
rev
[]
|
rev (x::xs)
= xs
= y:: (ys@xs);
= []
= (rev xs) @ [x];
Prove : rev (rev xs) = xs
• Basis: rev (rev []) = rev [] = []
• Induction step: rev(rev (y::ys))
= rev ( (rev ys) @ [y] )
= (* via auxiliary result *)
y :: ( rev (rev ys) )
= y :: ys (* ind. hyp. *)
cs7120 (Prasad)
L9-RECUR-IND
13
Auxiliary result
rev ( zs @ [z] ) = z:: rev zs
Induction Step:
rev ((u::us) @ [z])
=
rev ( u :: (us @ [z])) (* @ def *)
=
(rev (us @ [z])) @ [u] (* rev def*)
=
(z :: (rev us)) @ [u] (* ind hyp *)
=
z :: ((rev us) @ [u]) (* @ def *)
=
z :: rev (u::us)
(* rev def*)
(*Creativity required in guessing a suitable auxiliary result.*)
cs7120 (Prasad)
L9-RECUR-IND
14
Weak Induction vs Strong Induction
datatype exp =
Var of string |
Op of exp * exp;
• Prove that the number of occurrences of the
constructors in a legal exp are related thus:
#Var(e) = #Op(e) + 1
• To show this result, we need the result on
all smaller exps, not just the exps whose
“node count” or “height” is one less.
– Motivates Strong/Complete Induction
Principle.
cs7120 (Prasad)
L9-RECUR-IND
15
McCarthy’s 91-function
fun f x =
if x > 100 then
else
fun f x =
if x > 100 then
else
cs7120 (Prasad)
L9-RECUR-IND
x - 10
f(f(x+11))
x - 10
91
16
Is f total?
fun f x =
if (x mod 2) = 0
then x div 2
else f(f(3*x+1))
View int x as (2i + 1) 2^k - 1
cs7120 (Prasad)
L9-RECUR-IND
17