OpenJDK's Java']Java.utils.Collection.sort() Is Broken: The Good, the Bad and the Worst Case

被引:42
作者
de Gouw, Stijn [1 ,2 ]
Rot, Jurriaan [1 ,3 ]
de Boer, Frank S. [1 ,3 ]
Bubel, Richard [4 ]
Haehnle, Reiner [4 ]
机构
[1] CWI, NL-1009 AB Amsterdam, Netherlands
[2] SDL, Amsterdam, Netherlands
[3] Leiden Univ, Leiden, Netherlands
[4] Tech Univ Darmstadt, Darmstadt, Germany
来源
COMPUTER AIDED VERIFICATION, PT I | 2015年 / 9206卷
关键词
VERIFICATION; PROOF;
D O I
10.1007/978-3-319-21690-4_16
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
We investigate the correctness of TimSort, which is the main sorting algorithm provided by the Java standard library. The goal is functional verification with mechanical proofs. During our verification attempt we discovered a bug which causes the implementation to crash. We characterize the conditions under which the bug occurs, and from this we derive a bug-free version that does not compromise the performance. We formally specify the new version and mechanically verify the absence of this bug with KeY, a state-of-the-art verification tool for Java.
引用
收藏
页码:273 / 289
页数:17
相关论文
共 16 条
[11]  
Leavens G. T., 2013, JML REFEREN IN PRESS
[12]  
MCILROY P, 1993, PROCEEDINGS OF THE FOURTH ANNUAL ACM-SIAM SYMPOSIUM ON DISCRETE ALGORITHMS, P467
[13]  
Mostowski W, 2005, LECT NOTES COMPUT SC, V3442, P357, DOI 10.1007/978-3-540-31984-9_27
[14]  
Mostowski W., 2007, P 4 INT VER WORKSH C, V259
[15]  
Peters T, TIMSORT DESCRIPTION
[16]   Proof Pearl-A Mechanized Proof of GHC's Mergesort [J].
Sternagel, Christian .
JOURNAL OF AUTOMATED REASONING, 2013, 51 (04) :357-370
12