Proof Pearl: The KeY to Correct and Stable Sorting

Gouw, Stijn de; Boer, Frank S. de; Rot, Jurriaan

doi:10.1007/s10817-013-9300-y

Cited by 15 publications

(18 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Gouw, Boer and Rot [8] used an auxiliary indexing variable while Sternagel [6] utilized a very similar idea of first associating indices with each sequence to be sorted and then introduced a key function to separate the indices from elements. Considering we are concerned with a declarative version of insertion sort, it is more convenient for us to use associated indices.…”

Section: Usual Stabilitymentioning

confidence: 99%

“…We therefore enhance the notion of what it means to be sorted, expressing stability along with the property of being sorted. It can be viewed as an extension of what Gouw, Boer and Rot [8] used, utilizing an index once equality is established. A very important thing to note here is that throughout the study, we will be using the definition under assignment α ← γ, for which the strict comparison operation with < is defined to compare second components; those represent indices.…”

Section: Specificationmentioning

confidence: 99%

“…In 2013, Sternagel [6] used a declarative Haskell implementation of merge sort (one supposedly used by GHC, a major compiler provider for the language in question) as basis for an implementation in Isabelle/HOL [7], which he then not only proved correct with regards to the expected sorting behaviour (to be discussed shortly), but also showed that the implementation he is using happens to be stable. Shortly thereafter, Gouw, Boer and Rot [8] formalized a Java implementation of counting sort and radix sort, utilizing KeY [9] to conduct proofs of correctness and stability. It is worth noting that stability of counting sort when used as a subroutine for radix sort is of paramount importance to achieve correct behaviour of radix sorting.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Lean Formalization of Insertion Sort Stability and Correctness

Silváši¹,

Tomášek²

2018

AEI

View full text Add to dashboard Cite

We present a fully mechanized proof of correctness and stability of the insertion sort algorithm, while handling stability not as an afterthought in its formal specification, but rather as a property removing any unspecified behaviour from the algorithm, by explaining what happens to elements that are considered equivalent. We therefore express the combined notion of being sorted along with stability as a single inductive predicate, allowing us to share uncovered information in proofs, resulting in a more elegant approach to showing correctness and stability of sorting algorithms. Naturally, there are also cases when we can indeed forget about stability. We prove, that under the assumption that the sequence to be sorted contains unique elements only, sorting and stable sorting are equivalent notions. Formalization is conducted in the Lean theorem prover.

show abstract

Section: Usual Stabilitymentioning

confidence: 99%

Section: Specificationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Lean Formalization of Insertion Sort Stability and Correctness

Silváši¹,

Tomášek²

2018

AEI

View full text Add to dashboard Cite

show abstract

“…12 The KeY proof targets the actual implementation in the OpenJDK standard library, rather than an idealized model of it. That implementation uses low-level bit-wise operations, abrupt termination of loops and arithmetic overflows.…”

Section: Proof Statisticsmentioning

confidence: 99%

“…The work presented here was motivated by our recent success to verify executable Java versions of counting sort and radix sort in KeY with manageable effort [12]. As a further challenge, we planned to verify a complicated sorting algorithm taken from the widely used OpenJDK core library.…”

mentioning

confidence: 99%

Verifying OpenJDK’s Sort Method for Generic Collections

Gouw¹,

Boer

Bubel

et al. 2017

J Autom Reasoning

Self Cite

View full text Add to dashboard Cite

TimSort is the main sorting algorithm provided by the Java standard library and many other programming frameworks. Our original goal was functional verification of TimSort with mechanical proofs. However, during our verification attempt we discovered a bug which causes the implementation to crash by an uncaught exception. In this paper, we identify conditions under which the bug occurs, and from this we derive a bug-free version that does not compromise performance. We formally specify the new version and verify termination and the absence of exceptions including the bug. This verification is carried out mechanically with KeY, a state-of-the-art interactive verification tool for Java. We provide a detailed description and analysis of the proofs. The complexity of the proofs required extensions and new capabilities in KeY, including symbolic state merging.

show abstract