SlideShare a Scribd company logo

Correct sorting with Frama-C

Ulisses Costa
Ulisses Costa

A view over bubble sort algorithm and his correctness proof in Frama-C.

TechnologyEducation
1 of 34
Download to read offline
Correct sorting with Frama-C Pedro Pereira Ulisses Costa Formal Methods in Software Engineering July 2, 2009 Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Algorithm implementation Implementation void bubbleSort ( int * vector , int tam ) { int j , i ; j = i = 0; for ( i =0; i < tam ; i ++) { for ( j =0; j < tam -i -1; j ++) { if ( vector [ j ] > vector [ j +1]) { swap (& vector [ j ] ,& vector [ j +1]) ; } } } } Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Contract pre-conditions tam > 0 valid range(vector , 0, tam − 1) post-conditions sorted(vector , 0, tam − 1) ∀a : 0 ≤ a < tam : (∃b : 0 ≤ b < tam : old(vector (b)) ≡ vector (a)) Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Annotations requires tam > 0; requires valid_range ( vector ,0 , tam -1) ; ensures ( forall integer a ; 0 <= a < tam == > ( exists integer b ; 0 <= b < tam == > at ( vector [ b ] , Old ) == at ( vector [ a ] , Here ) ) ) ; ensures Sorted { Here }( vector , 0 , tam -1) ; Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop (cont.) Loop invariants 0 ≤ j < tam − i 0 < j < tam − i ⇒ (∀a : 0 ≤ a ≤ j : vector (a) ≤ vector (j + 1)) Loop variants tam − i − j − 1 Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Inner-loop invariants & variant loop invariant 0 <= j < tam - i ; loop invariant 0 < j < tam - i == > forall int a ; 0 <= a <= j == > vector [ a ] <= vector [ j +1]; loop variant tam -i -j -1; Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop (cont.) Loop invariants 0 ≤ i < tam sorted(vector , tam − i − 1, tam − 1) 0 < i < tam ⇒ (∀{a,b} : 0 ≤ b ≤ tam − i − 1 ≤ a < tam : vector (a) ≥ vector (b)) Loop variants tam − i Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Outer-loop invariants & variant loop invariant 0 <= i < tam ; loop invariant Sorted { Here }( vector , tam -i -1 , tam -1) ; loop invariant 0 < i < tam == > forall int a , b ; 0 <= b <= tam -i -1 <= a < tam == > vector [ a ] >= vector [ b ]; loop variant tam - i ; Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Conclusions Fast and powerful Possible to prove bubble-sort’s correctness with just 16 annotations Constantly updated Although extensive, the documentation lacks detail x Complex programs may require advanced knowledge in Logic x Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Questions ? Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Resources - rest of the code /* @ predicate Sorted { L }( int a [] , integer l , integer h ) = @ forall integer i ; l <= i < h @ == > at ( a [ i ] , L ) <= at ( a [ i +1] , L ) ; @ */ /* @ requires valid ( i ) && valid ( j ) ; @ // BUG 0000080: Assertion failed in jc_int erp_misc . ml @ // assigns *i , * j ; @ ensures at (* i , Old ) @ == at (* j , Here ) && at (* j , Old ) @ == at (* i , Here ) ; @ */ void swap ( int *i , int * j ) { int tmp = * i ; *i = *j; * j = tmp ; } Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Resources - images Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
Resources - images (cont.) Pedro Pereira, Ulisses Costa Correct sorting with Frama-C

Recommended

MongoDB.local Sydney 2019: Data Modeling for MongoDB
MongoDB.local Sydney 2019: Data Modeling for MongoDBMongoDB.local Sydney 2019: Data Modeling for MongoDB
MongoDB.local Sydney 2019: Data Modeling for MongoDBMongoDB
 
MySQL Cluster Basics
MySQL Cluster BasicsMySQL Cluster Basics
MySQL Cluster BasicsWagner Bianchi
 
Optimizing Cypher Queries in Neo4j
Optimizing Cypher Queries in Neo4jOptimizing Cypher Queries in Neo4j
Optimizing Cypher Queries in Neo4jNeo4j
 
PostgreSQL Performance Tuning
PostgreSQL Performance TuningPostgreSQL Performance Tuning
PostgreSQL Performance Tuningelliando dias
 
How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0Norvald Ryeng
 
Implementing Authorization
Implementing AuthorizationImplementing Authorization
Implementing AuthorizationTorin Sandall
 
Vector Search for Data Scientists.pdf
Vector Search for Data Scientists.pdfVector Search for Data Scientists.pdf
Vector Search for Data Scientists.pdfConnorShorten2
 
IBM Watson Assistant - Build Chatbot and Deploy to Slack
IBM Watson Assistant - Build Chatbot and Deploy to SlackIBM Watson Assistant - Build Chatbot and Deploy to Slack
IBM Watson Assistant - Build Chatbot and Deploy to SlackUpkar Lidder
 

Recommended

MongoDB.local Sydney 2019: Data Modeling for MongoDB
MongoDB.local Sydney 2019: Data Modeling for MongoDBMongoDB.local Sydney 2019: Data Modeling for MongoDB
MongoDB.local Sydney 2019: Data Modeling for MongoDBMongoDB
 
MySQL Cluster Basics
MySQL Cluster BasicsMySQL Cluster Basics
MySQL Cluster BasicsWagner Bianchi
 
Optimizing Cypher Queries in Neo4j
Optimizing Cypher Queries in Neo4jOptimizing Cypher Queries in Neo4j
Optimizing Cypher Queries in Neo4jNeo4j
 
PostgreSQL Performance Tuning
PostgreSQL Performance TuningPostgreSQL Performance Tuning
PostgreSQL Performance Tuningelliando dias
 
How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0How to Take Advantage of Optimizer Improvements in MySQL 8.0
How to Take Advantage of Optimizer Improvements in MySQL 8.0Norvald Ryeng
 
Implementing Authorization
Implementing AuthorizationImplementing Authorization
Implementing AuthorizationTorin Sandall
 
Vector Search for Data Scientists.pdf
Vector Search for Data Scientists.pdfVector Search for Data Scientists.pdf
Vector Search for Data Scientists.pdfConnorShorten2
 
IBM Watson Assistant - Build Chatbot and Deploy to Slack
IBM Watson Assistant - Build Chatbot and Deploy to SlackIBM Watson Assistant - Build Chatbot and Deploy to Slack
IBM Watson Assistant - Build Chatbot and Deploy to SlackUpkar Lidder
 
Data Encryption at Rest
Data Encryption at RestData Encryption at Rest
Data Encryption at RestAll Things Open
 
Virtual machine and javascript engine
Virtual machine and javascript engineVirtual machine and javascript engine
Virtual machine and javascript engineDuoyi Wu
 
Data Analysis With Pandas
Data Analysis With PandasData Analysis With Pandas
Data Analysis With PandasStephan Solomonidis
 
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스PgDay.Seoul
 
Decoding BCH-Code.pdf
Decoding BCH-Code.pdfDecoding BCH-Code.pdf
Decoding BCH-Code.pdfKundanSasi
 
Backup para MySQL
Backup para MySQLBackup para MySQL
Backup para MySQLMarcelo Altmann
 
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015PostgreSQL-Consulting
 
Primitive-Roots.pptx
Primitive-Roots.pptxPrimitive-Roots.pptx
Primitive-Roots.pptxSkMdMizanurRahman
 
RivieraJUG - MySQL Indexes and Histograms
RivieraJUG - MySQL Indexes and HistogramsRivieraJUG - MySQL Indexes and Histograms
RivieraJUG - MySQL Indexes and HistogramsFrederic Descamps
 
Minio Cloud Storage
Minio Cloud StorageMinio Cloud Storage
Minio Cloud StorageMinio
 
[Pgday.Seoul 2020] SQL Tuning
[Pgday.Seoul 2020] SQL Tuning[Pgday.Seoul 2020] SQL Tuning
[Pgday.Seoul 2020] SQL TuningPgDay.Seoul
 
Introduction of MariaDB 2017 09
Introduction of MariaDB 2017 09Introduction of MariaDB 2017 09
Introduction of MariaDB 2017 09GOTO Satoru
 
MariaDB ColumnStore
MariaDB ColumnStoreMariaDB ColumnStore
MariaDB ColumnStoreMariaDB plc
 
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4sakaik
 
Wu Mamber (String Algorithms 2007)
Wu Mamber (String Algorithms 2007)Wu Mamber (String Algorithms 2007)
Wu Mamber (String Algorithms 2007)mailund
 
GeoMesa: Scalable Geospatial Analytics
GeoMesa: Scalable Geospatial AnalyticsGeoMesa: Scalable Geospatial Analytics
GeoMesa: Scalable Geospatial AnalyticsVisionGEOMATIQUE2014
 
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016Tomas Vondra
 
Neo4j Fundamentals
Neo4j FundamentalsNeo4j Fundamentals
Neo4j FundamentalsMax De Marzi
 
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자PgDay.Seoul
 
Patroni: PostgreSQL HA in the cloud
Patroni: PostgreSQL HA in the cloudPatroni: PostgreSQL HA in the cloud
Patroni: PostgreSQL HA in the cloudLucio Grenzi
 
Lec38
Lec38Lec38
Lec38Nikhil Chilwant
 
SRS presentation - Stanley Depth
SRS presentation - Stanley DepthSRS presentation - Stanley Depth
SRS presentation - Stanley DepthAJ Joshi
 

More Related Content

What's hot

Virtual machine and javascript engine
Virtual machine and javascript engineVirtual machine and javascript engine
Virtual machine and javascript engineDuoyi Wu
 
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스PgDay.Seoul
 
Decoding BCH-Code.pdf
Decoding BCH-Code.pdfDecoding BCH-Code.pdf
Decoding BCH-Code.pdfKundanSasi
 
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015PostgreSQL-Consulting
 
RivieraJUG - MySQL Indexes and Histograms
RivieraJUG - MySQL Indexes and HistogramsRivieraJUG - MySQL Indexes and Histograms
RivieraJUG - MySQL Indexes and HistogramsFrederic Descamps
 
Minio Cloud Storage
Minio Cloud StorageMinio Cloud Storage
Minio Cloud StorageMinio
 
[Pgday.Seoul 2020] SQL Tuning
[Pgday.Seoul 2020] SQL Tuning[Pgday.Seoul 2020] SQL Tuning
[Pgday.Seoul 2020] SQL TuningPgDay.Seoul
 
Introduction of MariaDB 2017 09
Introduction of MariaDB 2017 09Introduction of MariaDB 2017 09
Introduction of MariaDB 2017 09GOTO Satoru
 
MariaDB ColumnStore
MariaDB ColumnStoreMariaDB ColumnStore
MariaDB ColumnStoreMariaDB plc
 
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4sakaik
 
Wu Mamber (String Algorithms 2007)
Wu Mamber (String Algorithms 2007)Wu Mamber (String Algorithms 2007)
Wu Mamber (String Algorithms 2007)mailund
 
GeoMesa: Scalable Geospatial Analytics
GeoMesa: Scalable Geospatial AnalyticsGeoMesa: Scalable Geospatial Analytics
GeoMesa: Scalable Geospatial AnalyticsVisionGEOMATIQUE2014
 
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016Tomas Vondra
 
Neo4j Fundamentals
Neo4j FundamentalsNeo4j Fundamentals
Neo4j FundamentalsMax De Marzi
 
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자PgDay.Seoul
 
Patroni: PostgreSQL HA in the cloud
Patroni: PostgreSQL HA in the cloudPatroni: PostgreSQL HA in the cloud
Patroni: PostgreSQL HA in the cloudLucio Grenzi
 

What's hot (20)

Data Encryption at Rest
Data Encryption at RestData Encryption at Rest
Data Encryption at Rest
 
Virtual machine and javascript engine
Virtual machine and javascript engineVirtual machine and javascript engine
Virtual machine and javascript engine
 
Data Analysis With Pandas
Data Analysis With PandasData Analysis With Pandas
Data Analysis With Pandas
 
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
[Pgday.Seoul 2019] Citus를 이용한 분산 데이터베이스
 
Decoding BCH-Code.pdf
Decoding BCH-Code.pdfDecoding BCH-Code.pdf
Decoding BCH-Code.pdf
 
Backup para MySQL
Backup para MySQLBackup para MySQL
Backup para MySQL
 
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
How does PostgreSQL work with disks: a DBA's checklist in detail. PGConf.US 2015
 
Primitive-Roots.pptx
Primitive-Roots.pptxPrimitive-Roots.pptx
Primitive-Roots.pptx
 
RivieraJUG - MySQL Indexes and Histograms
RivieraJUG - MySQL Indexes and HistogramsRivieraJUG - MySQL Indexes and Histograms
RivieraJUG - MySQL Indexes and Histograms
 
Minio Cloud Storage
Minio Cloud StorageMinio Cloud Storage
Minio Cloud Storage
 
[Pgday.Seoul 2020] SQL Tuning
[Pgday.Seoul 2020] SQL Tuning[Pgday.Seoul 2020] SQL Tuning
[Pgday.Seoul 2020] SQL Tuning
 
Introduction of MariaDB 2017 09
Introduction of MariaDB 2017 09Introduction of MariaDB 2017 09
Introduction of MariaDB 2017 09
 
MariaDB ColumnStore
MariaDB ColumnStoreMariaDB ColumnStore
MariaDB ColumnStore
 
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
周辺知識から理解するMySQL の GIS機能 ~ClubMySQL #4
 
Wu Mamber (String Algorithms 2007)
Wu Mamber (String Algorithms 2007)Wu Mamber (String Algorithms 2007)
Wu Mamber (String Algorithms 2007)
 
GeoMesa: Scalable Geospatial Analytics
GeoMesa: Scalable Geospatial AnalyticsGeoMesa: Scalable Geospatial Analytics
GeoMesa: Scalable Geospatial Analytics
 
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
PostgreSQL na EXT4, XFS, BTRFS a ZFS / FOSDEM PgDay 2016
 
Neo4j Fundamentals
Neo4j FundamentalsNeo4j Fundamentals
Neo4j Fundamentals
 
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
[Pgday.Seoul 2017] 7. PostgreSQL DB Tuning 기업사례 - 송춘자
 
Patroni: PostgreSQL HA in the cloud
Patroni: PostgreSQL HA in the cloudPatroni: PostgreSQL HA in the cloud
Patroni: PostgreSQL HA in the cloud
 

Similar to Correct sorting with Frama-C

SRS presentation - Stanley Depth
SRS presentation - Stanley DepthSRS presentation - Stanley Depth
SRS presentation - Stanley DepthAJ Joshi
 
Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2
Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2
Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2Kanahaiya Gupta
 
Knapsack problem dynamicprogramming
Knapsack problem dynamicprogrammingKnapsack problem dynamicprogramming
Knapsack problem dynamicprogrammingrowntu
 
Numeros reales, inecuaciones y desigualdades
Numeros reales, inecuaciones y desigualdadesNumeros reales, inecuaciones y desigualdades
Numeros reales, inecuaciones y desigualdadesDanielaAngulo25
 
Part 1 sequence and arithmetic progression
Part 1 sequence and arithmetic progressionPart 1 sequence and arithmetic progression
Part 1 sequence and arithmetic progressionSatish Pandit
 
Take & Drop (MOTM 2010.04)
Take & Drop (MOTM 2010.04)Take & Drop (MOTM 2010.04)
Take & Drop (MOTM 2010.04)Kevin Munc
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
Definite Integral 1.pptx
Definite Integral 1.pptxDefinite Integral 1.pptx
Definite Integral 1.pptxRajiveGamer
 
Intoduction to numpy
Intoduction to numpyIntoduction to numpy
Intoduction to numpyFaraz Ahmed
 
Useful javascript
Useful javascriptUseful javascript
Useful javascriptLei Kang
 
Application of subQuan to Algebra: 3rd-8th grade and beyond...
Application of subQuan to Algebra: 3rd-8th grade and beyond...Application of subQuan to Algebra: 3rd-8th grade and beyond...
Application of subQuan to Algebra: 3rd-8th grade and beyond...Dream Realizations
 

Similar to Correct sorting with Frama-C (20)

Lec38
Lec38Lec38
Lec38
 
SRS presentation - Stanley Depth
SRS presentation - Stanley DepthSRS presentation - Stanley Depth
SRS presentation - Stanley Depth
 
Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2
Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2
Prefix Sum Algorithm | Prefix Sum Array Implementation | EP2
 
Data types
Data typesData types
Data types
 
Data Types
Data TypesData Types
Data Types
 
Estructura Discreta I
Estructura Discreta IEstructura Discreta I
Estructura Discreta I
 
presentation about set theorem
presentation about set theorempresentation about set theorem
presentation about set theorem
 
Multiplication The Complement Method
Multiplication The Complement MethodMultiplication The Complement Method
Multiplication The Complement Method
 
Knapsack problem dynamicprogramming
Knapsack problem dynamicprogrammingKnapsack problem dynamicprogramming
Knapsack problem dynamicprogramming
 
Numeros reales, inecuaciones y desigualdades
Numeros reales, inecuaciones y desigualdadesNumeros reales, inecuaciones y desigualdades
Numeros reales, inecuaciones y desigualdades
 
Dmxchart
DmxchartDmxchart
Dmxchart
 
Part 1 sequence and arithmetic progression
Part 1 sequence and arithmetic progressionPart 1 sequence and arithmetic progression
Part 1 sequence and arithmetic progression
 
Take & Drop (MOTM 2010.04)
Take & Drop (MOTM 2010.04)Take & Drop (MOTM 2010.04)
Take & Drop (MOTM 2010.04)
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
Definite Integral 1.pptx
Definite Integral 1.pptxDefinite Integral 1.pptx
Definite Integral 1.pptx
 
Intoduction to numpy
Intoduction to numpyIntoduction to numpy
Intoduction to numpy
 
Useful javascript
Useful javascriptUseful javascript
Useful javascript
 
Application of subQuan to Algebra: 3rd-8th grade and beyond...
Application of subQuan to Algebra: 3rd-8th grade and beyond...Application of subQuan to Algebra: 3rd-8th grade and beyond...
Application of subQuan to Algebra: 3rd-8th grade and beyond...
 
เซต
เซตเซต
เซต
 

More from Ulisses Costa

Automatic Test Generation for Space
Automatic Test Generation for SpaceAutomatic Test Generation for Space
Automatic Test Generation for SpaceUlisses Costa
 
Automatic Test Generation for Space
Automatic Test Generation for SpaceAutomatic Test Generation for Space
Automatic Test Generation for SpaceUlisses Costa
 
Static Code Analyzer - Part IV
Static Code Analyzer - Part IVStatic Code Analyzer - Part IV
Static Code Analyzer - Part IVUlisses Costa
 
Specifying and Implementing SNOW3G with Cryptol
Specifying and Implementing SNOW3G with CryptolSpecifying and Implementing SNOW3G with Cryptol
Specifying and Implementing SNOW3G with CryptolUlisses Costa
 
Static Code Analyzer - Part III
Static Code Analyzer - Part IIIStatic Code Analyzer - Part III
Static Code Analyzer - Part IIIUlisses Costa
 
Static Code Analyzer - Part II
Static Code Analyzer - Part IIStatic Code Analyzer - Part II
Static Code Analyzer - Part IIUlisses Costa
 
Static Code Analyzer - Part I
Static Code Analyzer - Part IStatic Code Analyzer - Part I
Static Code Analyzer - Part IUlisses Costa
 
GD::Graph - Graph Plotting Module
GD::Graph - Graph Plotting ModuleGD::Graph - Graph Plotting Module
GD::Graph - Graph Plotting ModuleUlisses Costa
 
Captura de Informação em Rede
Captura de Informação em RedeCaptura de Informação em Rede
Captura de Informação em RedeUlisses Costa
 
The Cryptol Epilogue: Swift and Bulletproof VHDL
The Cryptol Epilogue: Swift and Bulletproof VHDLThe Cryptol Epilogue: Swift and Bulletproof VHDL
The Cryptol Epilogue: Swift and Bulletproof VHDLUlisses Costa
 
Splint the C code static checker
Splint the C code static checkerSplint the C code static checker
Splint the C code static checkerUlisses Costa
 
Exploring the Cryptol Toolset
Exploring the Cryptol ToolsetExploring the Cryptol Toolset
Exploring the Cryptol ToolsetUlisses Costa
 
Specification of SNOW 3G in Cryptol
Specification of SNOW 3G in CryptolSpecification of SNOW 3G in Cryptol
Specification of SNOW 3G in CryptolUlisses Costa
 
Snort - capturar e dissecar o tráfego da rede
Snort - capturar e dissecar o tráfego da redeSnort - capturar e dissecar o tráfego da rede
Snort - capturar e dissecar o tráfego da redeUlisses Costa
 
Uso de Honeypots com Honeyd
Uso de Honeypots com HoneydUso de Honeypots com Honeyd
Uso de Honeypots com HoneydUlisses Costa
 

More from Ulisses Costa (20)

Automatic Test Generation for Space
Automatic Test Generation for SpaceAutomatic Test Generation for Space
Automatic Test Generation for Space
 
Automatic Test Generation for Space
Automatic Test Generation for SpaceAutomatic Test Generation for Space
Automatic Test Generation for Space
 
Static Code Analyzer - Part IV
Static Code Analyzer - Part IVStatic Code Analyzer - Part IV
Static Code Analyzer - Part IV
 
Specifying and Implementing SNOW3G with Cryptol
Specifying and Implementing SNOW3G with CryptolSpecifying and Implementing SNOW3G with Cryptol
Specifying and Implementing SNOW3G with Cryptol
 
Static Code Analyzer - Part III
Static Code Analyzer - Part IIIStatic Code Analyzer - Part III
Static Code Analyzer - Part III
 
Static Code Analyzer - Part II
Static Code Analyzer - Part IIStatic Code Analyzer - Part II
Static Code Analyzer - Part II
 
Static Code Analyzer - Part I
Static Code Analyzer - Part IStatic Code Analyzer - Part I
Static Code Analyzer - Part I
 
logCesium01
logCesium01logCesium01
logCesium01
 
Cesium Log ed2
Cesium Log ed2Cesium Log ed2
Cesium Log ed2
 
GD::Graph - Graph Plotting Module
GD::Graph - Graph Plotting ModuleGD::Graph - Graph Plotting Module
GD::Graph - Graph Plotting Module
 
Captura de Informação em Rede
Captura de Informação em RedeCaptura de Informação em Rede
Captura de Informação em Rede
 
Cryptol experience
Cryptol experienceCryptol experience
Cryptol experience
 
The Cryptol Epilogue: Swift and Bulletproof VHDL
The Cryptol Epilogue: Swift and Bulletproof VHDLThe Cryptol Epilogue: Swift and Bulletproof VHDL
The Cryptol Epilogue: Swift and Bulletproof VHDL
 
Splint the C code static checker
Splint the C code static checkerSplint the C code static checker
Splint the C code static checker
 
Exploring the Cryptol Toolset
Exploring the Cryptol ToolsetExploring the Cryptol Toolset
Exploring the Cryptol Toolset
 
Specification of SNOW 3G in Cryptol
Specification of SNOW 3G in CryptolSpecification of SNOW 3G in Cryptol
Specification of SNOW 3G in Cryptol
 
Snort - capturar e dissecar o tráfego da rede
Snort - capturar e dissecar o tráfego da redeSnort - capturar e dissecar o tráfego da rede
Snort - capturar e dissecar o tráfego da rede
 
LDAP em VDM++
LDAP em VDM++LDAP em VDM++
LDAP em VDM++
 
Uso de Honeypots com Honeyd
Uso de Honeypots com HoneydUso de Honeypots com Honeyd
Uso de Honeypots com Honeyd
 
Apresentacao JML
Apresentacao JMLApresentacao JML
Apresentacao JML
 

Recently uploaded

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

Recently uploaded (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Correct sorting with Frama-C

  • 1. Correct sorting with Frama-C Pedro Pereira Ulisses Costa Formal Methods in Software Engineering July 2, 2009 Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 2. Algorithm implementation Implementation void bubbleSort ( int * vector , int tam ) { int j , i ; j = i = 0; for ( i =0; i < tam ; i ++) { for ( j =0; j < tam -i -1; j ++) { if ( vector [ j ] > vector [ j +1]) { swap (& vector [ j ] ,& vector [ j +1]) ; } } } } Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 3. Contract pre-conditions tam > 0 valid range(vector , 0, tam − 1) post-conditions sorted(vector , 0, tam − 1) ∀a : 0 ≤ a < tam : (∃b : 0 ≤ b < tam : old(vector (b)) ≡ vector (a)) Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 4. Annotations requires tam > 0; requires valid_range ( vector ,0 , tam -1) ; ensures ( forall integer a ; 0 <= a < tam == > ( exists integer b ; 0 <= b < tam == > at ( vector [ b ] , Old ) == at ( vector [ a ] , Here ) ) ) ; ensures Sorted { Here }( vector , 0 , tam -1) ; Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 5. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 6. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 7. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 8. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 9. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 10. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 11. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 12. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 13. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 14. Inner-loop Example i = 0, [8, 5, 2, 6, 9, 3, 0, 4, 1] j = 0, [5, 8, 2, 6, 9, 3, 0, 4, 1] j = 1, [5, 2, 8, 6, 9, 3, 0, 4, 1] j = 2, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 3, [5, 2, 6, 8, 9, 3, 0, 4, 1] j = 4, [5, 2, 6, 8, 3, 9, 0, 4, 1] j = 5, [5, 2, 6, 8, 3, 0, 9, 4, 1] j = 6, [5, 2, 6, 8, 3, 0, 4, 9, 1] j = 7, [5, 2, 6, 8, 3, 0, 4, 1, 9] The j th + 1 element of sequence is greater or equal to the first j + 1 elements of sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 15. Inner-loop (cont.) Loop invariants 0 ≤ j < tam − i 0 < j < tam − i ⇒ (∀a : 0 ≤ a ≤ j : vector (a) ≤ vector (j + 1)) Loop variants tam − i − j − 1 Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 16. Inner-loop invariants & variant loop invariant 0 <= j < tam - i ; loop invariant 0 < j < tam - i == > forall int a ; 0 <= a <= j == > vector [ a ] <= vector [ j +1]; loop variant tam -i -j -1; Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 17. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 18. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 19. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 20. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 21. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 22. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 23. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 24. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 25. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 26. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 27. Outer-loop Example antes, [8, 5, 2, 6, 9, 3, 0, 4, 1] i = 0, [5, 2, 6, 8, 3, 0, 4, 1, 9] i = 1, [2, 5, 6, 3, 0, 4, 1, 8, 9] i = 2, [2, 5, 3, 0, 4, 1, 6, 8, 9] i = 3, [2, 3, 0, 4, 1, 5, 6, 8, 9] i = 4, [2, 0, 3, 1, 4, 5, 6, 8, 9] i = 5, [0, 2, 1, 3, 4, 5, 6, 8, 9] i = 6, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 7, [0, 1, 2, 3, 4, 5, 6, 8, 9] i = 8, [0, 1, 2, 3, 4, 5, 6, 8, 9] Last i + 1 elements of sequence are sorted Last i + 1 are all greater or equal to the other elements of the sequence. Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 28. Outer-loop (cont.) Loop invariants 0 ≤ i < tam sorted(vector , tam − i − 1, tam − 1) 0 < i < tam ⇒ (∀{a,b} : 0 ≤ b ≤ tam − i − 1 ≤ a < tam : vector (a) ≥ vector (b)) Loop variants tam − i Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 29. Outer-loop invariants & variant loop invariant 0 <= i < tam ; loop invariant Sorted { Here }( vector , tam -i -1 , tam -1) ; loop invariant 0 < i < tam == > forall int a , b ; 0 <= b <= tam -i -1 <= a < tam == > vector [ a ] >= vector [ b ]; loop variant tam - i ; Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 30. Conclusions Fast and powerful Possible to prove bubble-sort’s correctness with just 16 annotations Constantly updated Although extensive, the documentation lacks detail x Complex programs may require advanced knowledge in Logic x Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 31. Questions ? Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 32. Resources - rest of the code /* @ predicate Sorted { L }( int a [] , integer l , integer h ) = @ forall integer i ; l <= i < h @ == > at ( a [ i ] , L ) <= at ( a [ i +1] , L ) ; @ */ /* @ requires valid ( i ) && valid ( j ) ; @ // BUG 0000080: Assertion failed in jc_int erp_misc . ml @ // assigns *i , * j ; @ ensures at (* i , Old ) @ == at (* j , Here ) && at (* j , Old ) @ == at (* i , Here ) ; @ */ void swap ( int *i , int * j ) { int tmp = * i ; *i = *j; * j = tmp ; } Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 33. Resources - images Pedro Pereira, Ulisses Costa Correct sorting with Frama-C
  • 34. Resources - images (cont.) Pedro Pereira, Ulisses Costa Correct sorting with Frama-C