This repository contains a Java implementation of red-black trees, verified with KeY (https://github.com/KeYProject/key). It is the result of my bachlor's thesis Verification of Red-Black Trees in KeY – A Case Study in Deductive Java Verification.
It consists of the following files:
- the three classes of the implementation,
Client,RBTreeandTreeare stored in thesrcfolder, complete with their specification and JML Scripts iSet.keyprovides the definition of the custom integer set type that was used for the specificationproject.keyis needed for loading a new method contract into keykey-2.13.0-exe.jarprovides the KeY version with which all proofs can be successfully loaded and replayed.
It was built using the commit4d5d8c5cfrom thepfeifer/jmlScriptsbranch in GitLab: https://git.key-project.org/key/key/-/commit/4d5d8c5cb0b36bcbdc74ead5888a2f6bbedfe5ef- the
prooffolder contains all proofs, grouped by their class
To load and replay the proofs, clone this repository, execute the provided KeY-JAR, and choose the desired .proof file through File > Load.
- All
.prooffiles are named after the method whose contract they prove. Methods having anaccessibleclause have an additional file with an_accessiblesuffix. - Files with the prefix
acc_contain proofs of theaccessibleclauses of model methods. - Files with the suffix
_autodo not contain individual steps of a proof, but a one-line-script that invokes KeY's automatic when loading them. They can be proven without any interaction. - The
Treeclass contains a lot of JML Scripts. As they are a new feature, there are some situations where they are not powerful enough yet to capture the manually performed steps or where some bugs hinder successful execution. These situations are marked by aTODOin the script.