Verifying a garbage collection algorithm
We present a case study in using the PVS interactive theorem prover to formally model and verify properties of a tricolour garbage collection algorithm. We model the algorithm using state transition systems and verify safety and liveness properties in linear temporal logic. We set up two systems, each of which models the algorithm itself, object allocation, and the behaviour of user programs. The models differ in how concretely they model the heap. We verify the properties of the more abstract system, and then, once a refinement relation is exhibited between the systems, we show the more concrete system to have corresponding properties.
We discuss the linear temporal logic framework we set up, commenting in particular on how we handle fairness and how we use a ‘leads-to-via’ predicate to reason about the propagation of properties that are stable in specified regions of system state spaces. We also describe strategies (tactics) we wrote to improve the quality of interaction and increase the degree of automation.
KeywordsLinear Temporal Logic Garbage Collection Liveness Property State Formula Free Node
Unable to display preview. Download preview PDF.
- 1.Rajeev Alur and Thomas A. Henzinger, editors. Computer Aided Verification: 8th International Conference, volume 1102 of Lecture Notes in Computer Science. Springer, July 1996.Google Scholar
- 3.Glenn Bruns. Distributed Systems Analysis with CCS. Prentice Hall Europe, 1997.Google Scholar
- 4.K. Mani Chandy and Jayadev Misra. Parallel Program Design: A Foundation. Addison Wesley, 1988.Google Scholar
- 5.Ching-Tsun Chou. Predicates, temporal logic, and simulations. In Jeffrey J. Joyce and Carl-Johan H. Seger, editors, Higher Order Logic Theorem Proving and Its Applications: 6th International Workshop, HUG '93., volume 780 of Lecture Notes in Computer Science, pages 310–323. Springer-Verlag, August 1993.Google Scholar
- 7.Dov M. Gabbay. Labelled deductive systems, volume 1 of Oxford Logic Guides. Oxford University Press (Imprint: Clarendon Press), 1996.Google Scholar
- 8.Georges Gonthier. Verifying the safety of a practical concurrent garbage collector. In Alur and Henzinger .Google Scholar
- 9.Klaus Havelund. Mechanical verification of a garbage collector. Available from http://www.cs.auc.dk/~havelund/, May 1996.Google Scholar
- 10.Klaus Havelund and Natarajan Shankar. A mechanized refinement proof for a garbage collector. Available from http://www.cs.auc.dk/~havelund/, December 1996.Google Scholar
- 11.Richard Jones and Rafael Lins. Garbage Collection: Algorithms for Automatic Dynamic memory Management. John Wiley & Sons, 1996.Google Scholar
- 14.Zohar Manna and Amir Pnueli. Temporal Logic of Reactive and Concurrent Systems: Specification. Springer, 1991.Google Scholar
- 15.Stephan Merz. Yet another encoding of TLA in Isabelle. Available from http://www4.informatik.tu-muenchen.de/~merz/isabelle/. The encoding described by this note accompanies the Isabelle98 release.Google Scholar
- 17.S. Owre, J.M. Rushby, and N. Shankar. PVS: A prototype verification system. In D. Kapur, editor, 11th Conference on Automated Deduction, volume 607 of Lecture Notes in Artificial Intelligence, pages 748–752. Springer-Verlag, 1992. See http://www.csl.sri.com/pvs.html for up-to-date information on PVS.Google Scholar