dual pivot quicksort verification and proof using key
play

Dual Pivot Quicksort: Verification and Proof using KeY Jonas - PowerPoint PPT Presentation

Oct 31, 2023 •147 likes •1.02k views

Dual Pivot Quicksort: Verification and Proof using KeY Jonas Schiffl Karlsruher Institut f ur Technologie July 27th, 2016 Introduction Introduction Why verify Dual Pivot Quicksort? Introduction Why verify Dual Pivot Quicksort?

  1. Dual Pivot Quicksort: Verification and Proof using KeY Jonas Schiffl Karlsruher Institut f¨ ur Technologie July 27th, 2016

  2. Introduction

  3. Introduction Why verify Dual Pivot Quicksort?

  4. Introduction Why verify Dual Pivot Quicksort? ◮ Inspired by discovery of Timsort Bug

  5. Introduction Why verify Dual Pivot Quicksort? ◮ Inspired by discovery of Timsort Bug ◮ Widely used standard library algorithm

  6. Introduction Why verify Dual Pivot Quicksort? ◮ Inspired by discovery of Timsort Bug ◮ Widely used standard library algorithm ◮ Complex enough

  7. Introduction Why verify Dual Pivot Quicksort? ◮ Inspired by discovery of Timsort Bug ◮ Widely used standard library algorithm ◮ Complex enough ◮ Simple enough

  8. Section 1 Algorithm Description

  9. Quicksort value of element at index array index

  10. Quicksort value of element at index array index

  11. Quicksort value of element at index array index

  12. Quicksort value of element at index array index

  13. Quicksort value of element at index array index

  14. Quicksort value of element at index array index

  15. Quicksort value of element at index array index

  16. Quicksort value of element at index array index

  17. Quicksort value of element at index array index

  18. Dual Pivot Quicksort value of element at index array index

  19. Dual Pivot Quicksort value of element at index array index

  20. Dual Pivot Quicksort value of element at index array index

  21. Dual Pivot Quicksort Why use Dual Pivot Quicksort?

  22. Dual Pivot Quicksort Why use Dual Pivot Quicksort? ◮ Theory: Average number of swaps reduced by 20% (Yaroslavskiy 2009)

  23. Dual Pivot Quicksort Why use Dual Pivot Quicksort? ◮ Theory: Average number of swaps reduced by 20% (Yaroslavskiy 2009) ◮ Practice: Multi-pivot Quicksorts are more cache-efficient (Kushagra 2014)

  24. Dual Pivot Quicksort Why use Dual Pivot Quicksort? ◮ Theory: Average number of swaps reduced by 20% (Yaroslavskiy 2009) ◮ Practice: Multi-pivot Quicksorts are more cache-efficient (Kushagra 2014) ◮ Benchmarking shows it is faster

  25. Java Implementation – Choosing a Sorting Algorithm

  26. Java Implementation – Choosing a Sorting Algorithm data type? int, long, float, double byte > 285 short, char length? length? highly structured? < =29 < 47 else no length? yes > 29 > 3200 else < 47 Counting Sort Insertion Sort Quicksort Merge Sort

  27. Java Implementation – Quicksort Quicksort

  28. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements

  29. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements Sort elements in their positions

  30. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements All 5 Sort elements in their positions elements distinct?

  31. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements All 5 Sort elements in their positions elements distinct? no Single Pivot Partition

  32. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements All 5 Sort elements in their positions elements distinct? yes no Dual Pivot Partition Single Pivot Partition

  33. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements All 5 Sort elements in their positions elements distinct? yes no Dual Pivot Partition Single Pivot Partition Central part large?

  34. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements All 5 Sort elements in their positions elements distinct? yes no Dual Pivot Partition Single Pivot Partition Central yes part Pivot Values Partition large?

  35. Java Implementation – Quicksort Quicksort Select 5 evenly spaced array elements All 5 Sort elements in their positions elements distinct? yes no Dual Pivot Partition Single Pivot Partition Central yes part Pivot Values Partition large? no Recursion

  36. Java Implementation – Single Pivot Partition value of element at index array index

  37. Java Implementation – Single Pivot Partition value of element at index array index

  38. Java Implementation – Dual Pivot Partition value of element at index array index

  39. Java Implementation – Dual Pivot Partition value of element at index array index

  40. Java Implementation – Swap Pivot Values Partition value of element at index array index

  41. Java Implementation – Swap Pivot Values Partition value of element at index array index

  42. Java Implementation – Partitioning great less k

  43. Java Implementation – Partitioning great less k

  44. Java Implementation – Partitioning great less k

  45. Java Implementation – Partitioning great less k

  46. Java Implementation – Partitioning great less k

  47. Java Implementation – Partitioning great less k

  48. Java Implementation – Partitioning great less k

  49. Java Implementation – Partitioning great less k

  50. Java Implementation – Partitioning great less k

  51. Java Implementation – Partitioning great less k

  52. Java Implementation – Partitioning great less k

  53. Java Implementation – Partitioning k great less

  54. Section 2 Specification and Proof

  55. Work Flow

  56. Work Flow ◮ Encapsulating source code in its own Java class

  57. Work Flow ◮ Encapsulating source code in its own Java class ◮ Subdivision into three classes: One per partitioning style

  58. Work Flow ◮ Encapsulating source code in its own Java class ◮ Subdivision into three classes: One per partitioning style ◮ Writing specification Running KeY Adapting specification or source code

  59. General KeY Strategy

  60. General KeY Strategy ◮ Autopilot Strategy Macro

  61. General KeY Strategy ◮ Autopilot Strategy Macro ◮ If proof fails: ◮ Confirm by generating counterexample ◮ Find violated specification condition ◮ Adapt specification (or source code)

  62. General KeY Strategy ◮ Autopilot Strategy Macro ◮ If proof fails: ◮ Confirm by generating counterexample ◮ Find violated specification condition ◮ Adapt specification (or source code) ◮ If no proof is found: ◮ Increase number of steps (?) ◮ Interactive Rule Apps (Quantifier Instantiation, if-then-else-split) ◮ Heap Simplification + SMT Solver

  63. Feasibility – Problems with KeY

  64. Feasibility – Problems with KeY ◮ Computation time

  65. Feasibility – Problems with KeY ◮ Computation time ◮ Method extraction ◮ Exact Localization ◮ SMT Solver ◮ Block Contracts

  66. Feasibility – Problems with KeY ◮ Computation time ◮ Method extraction ◮ Exact Localization ◮ SMT Solver ◮ Block Contracts ◮ Error in specification or lack of resources?

  67. Feasibility – Problems with KeY ◮ Computation time ◮ Method extraction ◮ Exact Localization ◮ SMT Solver ◮ Block Contracts ◮ Error in specification or lack of resources? ◮ Localizability

  68. Feasibility – Problems with KeY ◮ Computation time ◮ Method extraction ◮ Exact Localization ◮ SMT Solver ◮ Block Contracts ◮ Error in specification or lack of resources? ◮ Localizability ◮ Stability

  69. Feasibility – Problems with KeY ◮ Computation time ◮ Method extraction ◮ Exact Localization ◮ SMT Solver ◮ Block Contracts ◮ Error in specification or lack of resources? ◮ Localizability ◮ Stability ◮ Responsiveness

  70. Violation of Single Pivot Partition Invariant

  71. Violation of Single Pivot Partition Invariant great less k

  72. Violation of Single Pivot Partition Invariant while (a[great] > pivot2) { if (great -- == k) { break outer; } } while (a[great] == pivot2) { if (great -- == k) { break outer; } } while (a[great] > pivot) { --great; } ...

  73. Violation of Single Pivot Partition Invariant less great k ... ... ... < = > = >

  74. Section 3 Conclusive Remarks

  75. Conclusive Remarks

  76. Conclusive Remarks ◮ Verifying a large, complex, real-world Java program with KeY is feasable, but not without challenges

  77. Conclusive Remarks ◮ Verifying a large, complex, real-world Java program with KeY is feasable, but not without challenges ◮ Correct sorting, but invariant is violated

  78. Conclusive Remarks ◮ Verifying a large, complex, real-world Java program with KeY is feasable, but not without challenges ◮ Correct sorting, but invariant is violated

  79. Further Work

  80. Further Work ◮ Prove permutation property

  81. Further Work ◮ Prove permutation property ◮ Prove method as-is

  82. Further Work ◮ Prove permutation property ◮ Prove method as-is ◮ Prove entire sort(int[]) method

  83. Further Work ◮ Prove permutation property ◮ Prove method as-is ◮ Prove entire sort(int[]) method ◮ Prove entire sort method

  84. Further Work ◮ Prove permutation property ◮ Prove method as-is ◮ Prove entire sort(int[]) method ◮ Prove entire sort method

Recommend

Why is Dual-Pivot Quicksort Fast? Sebastian Wild wild@cs.uni-kl.de 29 September 2015

Why is Dual-Pivot Quicksort Fast? Sebastian Wild wild@cs.uni-kl.de 29 September 2015

Why is Dual-Pivot Quicksort Fast? Sebastian Wild wild@cs.uni-kl.de 29 September 2015 Theorietage 2015 Speyer Sebastian Wild Dual-Pivot Quicksort 2015-03-24 1 / 11 Sorting History Invention of Quicksort Dual-Pivot Quicksort in Java Age of

1.02k views • 82 slides
Average-Case and Distributional Analysis of Java 7s Dual Pivot Quicksort Markus E. Nebel based

Average-Case and Distributional Analysis of Java 7s Dual Pivot Quicksort Markus E. Nebel based

Average-Case and Distributional Analysis of Java 7s Dual Pivot Quicksort Markus E. Nebel based on joint work with Ralph Neininger and Sebastian Wild AofA 2013 Menorca, Spain Markus E. Nebel Java 7s Dual Pivot Quicksort 2013/18/5 1 / 22

723 views • 34 slides
23 Advanced Topics 5: Multi-lingual Models Up until now, we have assumed that in the case of

23 Advanced Topics 5: Multi-lingual Models Up until now, we have assumed that in the case of

(c) Model Pivoting (a) Result Pivoting (b) Data Pivoting src pivot pivot trg src pivot pivot trg src pivot pivot trg train train train train train train train train train train train train src src-pivot pivot-trg

179 views • 5 slides
Chapter 7: Quicksort Quicksort is a divide-and-conquer sorting algorithm in which division is

Chapter 7: Quicksort Quicksort is a divide-and-conquer sorting algorithm in which division is

Chapter 7: Quicksort Quicksort is a divide-and-conquer sorting algorithm in which division is dynamically carried out (as opposed to static division in Mergesort). The three steps of Quicksort are as follows: Divide: Rearrange the elements and

354 views • 18 slides
Traveling The PIVOT FOOT is what matters!!! If the pivot foot is lifted the ball MUST be passed

Traveling The PIVOT FOOT is what matters!!! If the pivot foot is lifted the ball MUST be passed

Traveling The PIVOT FOOT is what matters!!! If the pivot foot is lifted the ball MUST be passed or shot before it returns to the floor. 4-44 How to establish a pivot foot Traveling is moving a foot or feet in any direction in excess of

551 views • 6 slides
TOURNAMENT PAPER WORK REVIEW TOURNAMENT PLAYER VERIFICATION FORM Proof of Age Proof of

TOURNAMENT PAPER WORK REVIEW TOURNAMENT PLAYER VERIFICATION FORM Proof of Age Proof of

TOURNAMENT PAPER WORK REVIEW TOURNAMENT PLAYER VERIFICATION FORM Proof of Age Proof of Residency School Enrollment Player Information Proof of Age (BC) Proof of Residency OR School Enrollment Waivers Signatures Proof of Residency:

480 views • 32 slides
+ proof obligations Automatic Verification of TLA with SMT solvers Stephan Merz and Hern an

+ proof obligations Automatic Verification of TLA with SMT solvers Stephan Merz and Hern an

+ proof obligations Automatic Verification of TLA with SMT solvers Stephan Merz and Hern an Vanzetto LPAR-18, M erida, Venezuela March 12th, 2012 1 + language The TLA Specification and verification language for (concurrent and

735 views • 27 slides
Roadmap for next few lectures: Heapsort Priority queues using heaps Quicksort Some

Roadmap for next few lectures: Heapsort Priority queues using heaps Quicksort Some

Roadmap for next few lectures: Heapsort Priority queues using heaps Quicksort Some probability theory Randomised Quicksort Analysing Quicksort 1 Heapsort The data structure heap is a linear array that stores a binary tree .

298 views • 25 slides
PIVOT TABLES AND CHARTS Leena Razzaq lrazzaq@ccs.neu.edu CS1100 Pivot tables and charts 1

PIVOT TABLES AND CHARTS Leena Razzaq lrazzaq@ccs.neu.edu CS1100 Pivot tables and charts 1

CS1100 Computer Science and its Applications PIVOT TABLES AND CHARTS Leena Razzaq lrazzaq@ccs.neu.edu CS1100 Pivot tables and charts 1 Its difficult to see the bottom line in a flat list like this, turning the list into a Pivot Table

288 views • 27 slides
PIVOT TABLES AND CHARTS Leena Razzaq lrazzaq@ccs.neu.edu CS1100 Pivot tables and charts 1

PIVOT TABLES AND CHARTS Leena Razzaq lrazzaq@ccs.neu.edu CS1100 Pivot tables and charts 1

CS1100 Computer Science and its Applications PIVOT TABLES AND CHARTS Leena Razzaq lrazzaq@ccs.neu.edu CS1100 Pivot tables and charts 1 Its difficult to see the bottom line in a flat list like this, turning the list into a Pivot Table will

337 views • 30 slides
Designing proof systems from programming features: states and exceptions considered as dual

Designing proof systems from programming features: states and exceptions considered as dual

Designing proof systems from programming features: states and exceptions considered as dual effects Dominique Duval LJK, University of Grenoble July 5., 2011 PPS Groupe de Travail S emantique Outline Introduction 1. Duality, at

530 views • 48 slides
Mechanical Verification of a Constructive Proof for FLP according to Hagen V olzer Bisping

Mechanical Verification of a Constructive Proof for FLP according to Hagen V olzer Bisping

Mechanical Verification of a Constructive Proof for FLP according to Hagen V olzer Bisping Brodmann Jungnickel Rickmann St uber Wilhelm-Weidner Seidler Peters Nestmann 24 August 2016 Models and Theory of Distributed Systems

947 views • 47 slides
KeYmaera Improving the Proof Experience Corwin de Boor Cyber-Physical Systems

KeYmaera Improving the Proof Experience Corwin de Boor Cyber-Physical Systems

KeYmaera Improving the Proof Experience Corwin de Boor Cyber-Physical Systems Safety-critical Verification Proof assistance Proof assistants Proof experience 2/10 Proof Experience Issues High iteration cost

339 views • 10 slides
iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University

iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University

iCoq : Regression Proof Selection for Large-Scale Verification Projects iCoq : Regression Proof Selection for Large-Scale Verification Projects Karl Palmskog University of Illinois at Urbana-Champaign Joint work with Ahmet Celik and Milos

837 views • 45 slides
Pivot Table Demonstration Tools for LBOHs May 27, 2020 cott Troppy, Surveillance Epidemiologist

Pivot Table Demonstration Tools for LBOHs May 27, 2020 cott Troppy, Surveillance Epidemiologist

Pivot Table Demonstration Tools for LBOHs May 27, 2020 cott Troppy, Surveillance Epidemiologist Bureau of Infectious Disease and Laboratory Sciences MA Department of Public Health 1 Pivot Table Learning Objectives Use pivot tables to turn

330 views • 32 slides
A Backward dual representation for the quantile hedging of Bermudan options G eraldine

A Backward dual representation for the quantile hedging of Bermudan options G eraldine

Problem definition Dynamic programming and dual backward algorithm Proof of the dual backward algorithm References A Backward dual representation for the quantile hedging of Bermudan options G eraldine Bouveret Imperial College London

389 views • 22 slides
Logosphere A Digital Library of Formal Proof Carsten Schrmann Processor Verification

Logosphere A Digital Library of Formal Proof Carsten Schrmann Processor Verification

Logosphere A Digital Library of Formal Proof Carsten Schrmann Processor Verification INTEL (HOL/HOL light). [John Harrison] $500mio Pentium bug. AMD (ACL2, Nqthm). [Matt Kaufmann] Siemens, Microsoft (ASM). [Yuri

502 views • 32 slides
IMPROVING ATM CAPACITY WITH &quot;DUAL AIRSPACE&quot;: A PROOF OF CONCEPT STUDY FOR ASSESSING

IMPROVING ATM CAPACITY WITH &quot;DUAL AIRSPACE&quot;: A PROOF OF CONCEPT STUDY FOR ASSESSING

IMPROVING ATM CAPACITY WITH &quot;DUAL AIRSPACE&quot;: A PROOF OF CONCEPT STUDY FOR ASSESSING CONTROLLERS' ACCEPTABILITY Jean-Yves GRAU - SynRjy Didier DOHY - NeoSys Laurent GUICHARD EUROCONTROL Sandrine GUIBERT - EUROCONTROL EUROCONTROL

532 views • 17 slides
Data Structures and Algorithms Chapter 7: Sorting (Quicksort) Text: Read Weiss, 7.7 Izmir

Data Structures and Algorithms Chapter 7: Sorting (Quicksort) Text: Read Weiss, 7.7 Izmir

CE 221 Data Structures and Algorithms Chapter 7: Sorting (Quicksort) Text: Read Weiss, 7.7 Izmir University of Economics 1 Quicksort As the name implies quicksort is the fastest known sorting algorithm in practice. Average running

514 views • 18 slides
1 The first problem we're going to tackle is quicksort. Just as all of the complexity of

1 The first problem we're going to tackle is quicksort. Just as all of the complexity of

1 The first problem we're going to tackle is quicksort. Just as all of the complexity of mergesort is in the merge step, not in the recursion, all of the complexity of quicksort is found in the partition step, so let's go over how to perform an

528 views • 31 slides
Pivot Charts By Toma Vajngerl www.collaboraoffjce.co C o l l a b o r a P r o d u

Pivot Charts By Toma Vajngerl www.collaboraoffjce.co C o l l a b o r a P r o d u

C o l l a b o r a P r o d u c t i v i t y Pivot Charts By Toma Vajngerl www.collaboraoffjce.co C o l l a b o r a P r o d u c t i v i t y m Pivot Charts Work sponsored by Nantes New feature added in

293 views • 13 slides
Formal verification of an optimizing compiler or: a software-proof codesign approach to the

Formal verification of an optimizing compiler or: a software-proof codesign approach to the

Formal verification of an optimizing compiler or: a software-proof codesign approach to the development of trusted compilers Xavier Leroy INRIA Rocquencourt MEMOCODE 2007 X. Leroy (INRIA) Formal compiler verification MEMOCODE 2007 1 / 61

969 views • 62 slides
A Proof Repository for Formal Verification of Software Michael Franssen WASDeTT- 3 September 20

A Proof Repository for Formal Verification of Software Michael Franssen WASDeTT- 3 September 20

A Proof Repository for Formal Verification of Software Michael Franssen WASDeTT- 3 September 20 th 2010 Cocktail Derive programs from their specifications Does not scale and nobody programs like this Create proofs interactively with an

342 views • 7 slides
Local proof transformations for flexible interpolation and proof reduction N. Sharygina Formal

Local proof transformations for flexible interpolation and proof reduction N. Sharygina Formal

Local proof transformations for flexible interpolation and proof reduction N. Sharygina Formal Verification and Security Group University of Lugano June 21, 2011 Natasha Sharygina (USI) Flexible Proof Transformation June 21, 2011 1 / 72

2.21k views • 186 slides

More recommend