STEPN: ---------------- step0 H; s -0-> H; s H; s -N-> H'; s' H'; s' --> H''; s'' ------------------------------------------ stepS H; s -N+1-> H''; s'' Divergence: Theorem: while 1 skip always deverges, i.e., Restated: For all H and n, there exists H' and s' such that H; while 1 skip -->n H'; s' TRY #1 Proof: By induction on n, the number of steps Base case: 0 steps After 0 steps, H'=H and s' = while 1 skip. Done. Inductive case n > 0 By induction, there exists an H'' and s'' such that H; while 1 skip -->n-1 H'';s'' So it suffices to show: for all H'';s'' there exists and H' and s' such that H'';s'' --> H';s' OOPS almost works except if s'' is skip (But it's kind of ridiculous because needed that every program can always take some step.) TRY #2 Stronger theorem: For all H and n, there exists H' and s' such that H; while 1 skip -->n H'; s' and s' is not skip Base case: 0 steps Like before, let H'=H and s'=while 1 skip and notice while 1 skip is not skip Inductive case: n > 0 By induction, there exists an H'' and s'' such that H; while 1 skip -->n-1 H'';s'' and s'' is not skip So it suffices to show: for all H'';s'' where s'' is not skip, there exists and H' and s' such that H'';s'' --> H';s' cases for all kinds of s and I'm done, right? OOPS NO, also have to show s' is not skip! skip;skip x:=e if 7 skip s once again, this induction hypothesis is too weak! TRY #3 Stronger theorem: For all H and n, H;while 1 skip -->n H; while 1 skip Base case: 0 steps Yes, after 0 steps we have H and while 1 skip Induction: n > 0 By induction H;while 1 skip -->n-1 H; while 1 skip So we just need that H;while 1 skip --> H; while 1 skip OOPS That's not true: it steps to H; if 1 (skip; while 1 skip) skip In fact, the theorem is not true. Lesson: If you strengthen too much you try to prove something false and that better not work. TRY #4 (correct) Stronger theorem: For all H and n, H;while 1 skip -->n H; s where s is one of: while 1 skip (call this s1) if 1 (skip; while 1 skip) skip (call this s2) skip ; while 1 skip (call this s3) By induction on n: Base case n=0: Let s be s1 Induction case n > 0: By induction H;while 1 skip -->n-1 H;s where s is s1, s2, or s3. Proceed by cases: case: If s is s1, then H;s1 --> H;s2. case: If s is s2, then H;s2 --> H;s3. case: If s is s3, then H;s3 --> H;s1.