vault backup: 2023-11-20 13:06:22
This commit is contained in:
parent
36338fff98
commit
205f1eabdd
1 changed files with 98 additions and 0 deletions
|
|
@ -86,3 +86,101 @@ end
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
```c
|
||||||
|
|
||||||
|
(*
|
||||||
|
The selection sort algorithm sorts an array
|
||||||
|
by successively placing in each position the
|
||||||
|
“next minimum” element, as follows:
|
||||||
|
|
||||||
|
[40, 20, 10, 30, 60, 0, 80]
|
||||||
|
[0, 20, 10, 30, 60, 40, 80]
|
||||||
|
[0, 10, 20, 30, 60, 40, 80]
|
||||||
|
[0, 10, 20, 30, 60, 40, 80]
|
||||||
|
[0, 10, 20, 30, 60, 40, 80]
|
||||||
|
[0, 10, 20, 30, 40, 60, 80]
|
||||||
|
[0, 10, 20, 30, 40, 60, 80]
|
||||||
|
[0, 10, 20, 30, 40, 60, 80]
|
||||||
|
|
||||||
|
1. Complete the contract of function swap, writing
|
||||||
|
adequate pre- and post-conditions.
|
||||||
|
Recall that "length a" gives you the allocated length
|
||||||
|
of array a.
|
||||||
|
2. Write a contract for function select.
|
||||||
|
Write also one or more loop invariants that allow
|
||||||
|
you to prove the correctness of the function.
|
||||||
|
Note that a loop variant is not required, since
|
||||||
|
"for" loops are bounded.
|
||||||
|
3. Write one or more loop invariants that allow you to prove
|
||||||
|
the correctness of selection_sort_1.
|
||||||
|
You may need to modify the contract of select in order
|
||||||
|
for the loop invariant of selection_sort_1 to be proved.
|
||||||
|
4. Finally, write the algorithm selection_sort_2, which does
|
||||||
|
not use the function select. It will have a nested loop;
|
||||||
|
write invariants for both loops and prove the correctness
|
||||||
|
of the algorithm.
|
||||||
|
*)
|
||||||
|
|
||||||
|
|
||||||
|
module SelectionSort
|
||||||
|
|
||||||
|
use int.Int
|
||||||
|
use ref.Ref
|
||||||
|
use array.Array
|
||||||
|
use array.IntArraySorted
|
||||||
|
use array.ArrayPermut
|
||||||
|
use array.ArrayEq
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
let swap (a: array int) (i: int) (j: int)
|
||||||
|
requires { 0 <= i< length a && 0 <= j< length a }
|
||||||
|
ensures { (old a)[i] = a[j] && (old a)[j] = a[i] }
|
||||||
|
ensures { forall k:int. 0<=k<length a -> k<>i -> k<>j -> (old a)[i] = a[j]}
|
||||||
|
ensures { permut_all (old a) a }
|
||||||
|
= let v = a[i] in
|
||||||
|
a[i] <- a[j];
|
||||||
|
a[j] <- v
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
(* returns the index of a minimum of
|
||||||
|
the segment of a between indexes i and length a -1.
|
||||||
|
*)
|
||||||
|
let select (a: array int) (i: int) : int
|
||||||
|
requires { 0 <= i < length a}
|
||||||
|
ensures { i <= result < length a }
|
||||||
|
ensures { forall k:int. 0<=k<length a -> a[result] <= a[k]}
|
||||||
|
= let ref min = i in
|
||||||
|
for j = i + 1 to length a - 1 do
|
||||||
|
invariant { i <= min < j }
|
||||||
|
invariant { forall k:int. i <= k < j -> a[min] <= a[k] }
|
||||||
|
if a[j] < a[min] then min <- j
|
||||||
|
done;
|
||||||
|
min
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
let selection_sort_1 (a: array int)
|
||||||
|
ensures { sorted a }
|
||||||
|
ensures { permut_all (old a) a }
|
||||||
|
= for i = 0 to length a - 1 do
|
||||||
|
invariant { ... }
|
||||||
|
let min = select a i
|
||||||
|
in if min <> i then swap a min i
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
let selection_sort_2 (a: array int) =
|
||||||
|
ensures { sorted a }
|
||||||
|
ensures { permut_all (old a) a }
|
||||||
|
...
|
||||||
|
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
|
||||||
|
```
|
||||||
Loading…
Reference in a new issue