Modularising Verification Of Durable Opacity

TL;DR

This paper extends the concept of durable opacity for non-volatile memory in concurrent programming, develops a durably opaque version of an existing STM algorithm, and modularizes the verification process to separate durability from opacity proofs.

Contribution

It introduces a durably opaque version of NOrec and modularizes the verification approach to improve reusability and clarity of proofs.

Findings

Successfully developed a durably opaque NOrec algorithm.

Separated durability proof from opacity proof in verification.

Enhanced verification modularity for durable memory correctness.

Abstract

Non-volatile memory (NVM), also known as persistent memory, is an emerging paradigm for memory that preserves its contents even after power loss. NVM is widely expected to become ubiquitous, and hardware architectures are already providing support for NVM programming. This has stimulated interest in the design of novel concepts ensuring correctness of concurrent programming abstractions in the face of persistency and in the development of associated verification approaches. Software transactional memory (STM) is a key programming abstraction that supports concurrent access to shared state. In a fashion similar to linearizability as the correctness condition for concurrent data structures, there is an established notion of correctness for STMs known as opacity. We have recently proposed durable opacity as the natural extension of opacity to a setting with non-volatile memory. Together with this novel correctness condition, we designed a verification technique based on refinement. In this paper, we extend this work in two directions. First, we develop a durably opaque version of NOrec (no ownership records), an existing STM algorithm proven to be opaque. Second, we modularise our existing verification approach by separating the proof of durability of memory accesses from the proof of opacity. For NOrec, this allows us to re-use an existing opacity proof and complement it with a proof of the durability of accesses to shared state.