This work addresses the challenge of formally verifying correctness and stability across diverse merge sort variants—including top-down, bottom-up, tail-recursive, non-tail-recursive, and smooth/non-smooth implementations. We introduce relational parametricity as a novel foundation for characterizing stable sorting, establishing the first unified semantic framework for this purpose. Within this framework, we mechanize full correctness and stability proofs for all variants in Coq, enabling systematic proof reuse. Our analysis uncovers inherent performance trade-offs between tail-recursive and non-tail-recursive implementations under different evaluation strategies. Furthermore, we derive the optimal comparison bound $O(n + k log k)$ for incremental sorting. The core contribution is the first unified, reusable, and extensible formal verification of stable merge sort—grounded rigorously in relational parametricity—thereby advancing the theoretical foundations and practical mechanization of stable sorting algorithms.

We present a novel characterization of stable mergesort functions using relational parametricity, and show that it implies the correctness of mergesort. As a result, one can prove the correctness of several variations of mergesort (e.g., top-down, bottom-up, tail-recursive, non-tail-recursive, smooth, and non-smooth mergesorts) by proving the characterization property for each variation. To further motivate this work, we show a performance trade-off between tail-recursive and non-tail-recursive mergesorts that (1) the former in call-by-value evaluation avoids using up stack space and is efficient and (2) the latter in call-by-need evaluation is an optimal incremental sort, meaning that it performs only $mathcal{O}(n + k log k)$ comparisons to compute the least (or greatest) $k$ items of a list of length $n$. Thanks to our characterization and the parametricity translation, we deduced the correctness results, including stability, of various implementations of mergesort for lists, including highly optimized ones, in the Coq proof assistant.