# Verification of OpenJDK's LinkedList using KeY

The version of KeY that is used, is key-2.6.3 (buildnumber 7d3deab0763c88edee4f7a08e604661e0dbdd450).
The version of Java under consideration is 8 (OpenJDK8-b132, see https://hg.openjdk.java.net/jdk8/jdk8/jdk/).

## Source file

The adapted LinkedList is stored in `./src/java/util/BoundedLinkedList.java`. Moreover, in the `./jre/` folder, stub contracts for methods of other classes are present.

## Instructions to replay proof files

To verify the integrity of the bundled proof files, follow these instructions. The hardware requirements are modest, and this part can be run on any recent desktop or laptop machine (e.g. 4 GiB RAM, OpenJDK8 run-time).

1. Extract the `key-2.6.3_7d3deab0763c88edee4f7a08e604661e0dbdd450.zip` file.
2. Open a terminal and change directory into the extraction result.
3. To ensure KeY starts in a fresh state (in particular when multiple KeY versions are present on the system), remove the .key directory from the user's home directory,
   and clean out any existing preferences from the .java/.userPrefs directory by deleting the de/uka/ilkd/key hierarchy containing prefs.xml
4. Run `java -jar KeY.jar`.
5. KeY now starts up and opens a `Load Example` window. Close that window.
6. Select `File` and `Open` from the menu. Navigate to the project folder.
7. Load a proof in the `./proofs/` folder. For example, load:
   `java.util.BoundedLinkedList(java.util.BoundedLinkedList__add(int,java.lang.Object)).JML exceptional_behavior operation contract.0.proof`
8. KeY loads the proof file, and shows the proof tree.
9. Check the proof statistics by selecting `Proof` and `Show Proof Statistics` from the menu. For example, for the main contract of the add method in proof file
   (java.util.BoundedLinkedList(java.util.BoundedLinkedList__add(int,java.lang.Object)).JML normal_behavior operation contract.0, KeY shows:
	Nodes			5,577
	Branches		41
	Interactive steps	423
	etc.

One may open all proof files in this manner to see their proof trees and statistics.

### Troubleshooting

In case a different KeY version was used by the same user on the same machine, certain configuration files may cause the bundled KeY version not to load the proof files, possibly showing a `NullPointerException`. In that case, remove the `.key` directory from the users home directory.

## Instructions to reproduce overflow bug

To reproduce the overflow bug as described in the paper, the following system requirements should be satisfied:

- OpenJDK8 or Oracle JDK8 run-time. We used Oracle's JDK8 (build 1.8.0 201-b09).
- For test cases 1, 2 and 3 we need 65 gigabytes of JRE memory. We used a VM with 67 gigabytes of memory.
- For test cases 4 and 5 we need 167 gigabytes of JRE memory. We used a VM with 172 gigabytes of memory.

The test cases are stored in the `./testcases` directory, each in a separate shell script.

Note that running the test cases overwrites files in its directory; ensure to keep a copy of the original files to compare its output with our output. When the test case is run on a machine that does not satisfy the system requirements, the output may look similar to:

```OpenJDK 64-Bit Server VM warning: INFO: os::commit_memory(0x0000000fc0000000, 69793218560, 0) failed; error='Cannot allocate memory' (errno=12)
#
# There is insufficient memory for the Java Runtime Environment to continue.
# Native memory allocation (mmap) failed to map 69793218560 bytes for committing reserved memory.
# An error report file with more information is saved as:
# ...```


