The problem involves proving, using mathematical induction, the correctness of the recursive function presenza_strg (comments are in italian sorry for that)
/*Controlla in maniera ricorsiva se s1 è presente all'inizio di s2*/
/*Pre: s2 > s1 */
int presenza_strg(const char *s1, /*input - la stringa da ricercare*/
const char *s2) /*input - la stringa più grande*/
{
/*dichiarazione delle variabili locali alla funzione */
int risultato; /*output - risultato della verifica*/
if (*s1 == '\0')
risultato = 1; /*la stringa s1 è presente in s2*/
else if (*s1 != *s2)
risultato = 0; /*la stringa s1 NON è presente in s2*/
else
/*confronta i caratteri successivi delle due stringhe
(caso s1 == s2)*/
risultato = presenza_strg(s1 + 1,
s2 + 1);
return risultato;
}
The function checks whether s1 is a prefix of s2, returning 1 if the condition is true, or 0 if it is false
I have already attempted a proof as follows, but it might be too confusing and convoluted:
Property to Verify:
If we denote the result of the function presenza_strg(s1, s2) as val(presenza) and the values contained in s1 and s2 as val(s1) and val(s2) respectively, then:
val(s1) represents the value contained in s1, excluding the final \0 character.
val(s2) represents the value contained in s2 up to position n, where n is the length of s1.
We want to prove that:
If val(presenza) = 1, then val(s1) == val(s2).
Alternatively, if val(presenza) = 0, then val(s1) != val(s2).
Proof:
We proceed by induction on the length n of val(s1), starting with the base case n = 0. If n = 0, then s1 is an empty string, and val(s1) = ε (the empty string). In this case, the condition if (*s1 == '\0') is satisfied, and the result is val(presenza) = 1. Here, val(s2) must also be ε since we are extracting a string of zero length from s2.
Now assume that the condition holds true up to a certain length n. We want to show that it remains true for n + 1.
At step n + 1, we have three possible cases:
s1[n+1] (identifying the character at position n+1 of s1) is \0. The condition if (*s1 == '\0') is satisfied, so the result is val(presenza) = 1. Since s1 has reached the end (\0), the lengths of val(s1) and val(s2) remain equal to n. Given our assumption that up to length n, val(s1) == val(s2), this equality remains valid for n + 1.
s1[n+1] != s2[n+1]. The condition *s1 != *s2 is satisfied, and the result is val(presenza) = 0. In this case, val(s1) and val(s2) are different because the last character taken from s1 differs from the last character taken from s2. Thus, the condition val(s1) != val(s2) is correctly satisfied.
s1[n+1] == s2[n+1]. In this case, val(s1) = val(s2), and recursion continues to step n + 2.
In conclusion, we have demonstrated that assuming the condition val(presenza) = 1 if val(s1) == val(s2) or val(presenza) = 0 if val(s1) != val(s2) is true up to n, this condition also holds true for n + 1.
The professor wrote to me saying that the postcondition I verified is incorrect (literally, "that's not the postcondition to verify"). At this point, I'm stuck and unable to figure out why it's wrong or what I should actually be verifying. (Honestly, I already consider it a miracle I got this far.). Could someone kindly help me? Thank you in advance.
