Abstract
The advent of non-volatile memory (NVM) technologies is expected to transform how software systems are structured fundamentally, making the task of correct programming significantly harder. This is because ensuring that memory stores persist in the correct order is challenging, and requires low-level programming to flush the cache at appropriate points. This has in turn resulted in a noticeable verification gap.
To address this, we study the verification of NVM programs, and present Persistent Owicki-Gries (POG), the first program logic for reasoning about such programs. We prove the soundness of POG over the recent Intel-x86 model, which formalises the out-of-order persistence of memory stores and the semantics of the Intel cache line flush instructions. We then use POG to verify several programs that interact with NVM.
Supplemental Material
- Parosh Aziz Abdulla, Stavros Aronis, Mohamed Faouzi Atig, Bengt Jonsson, Carl Leonardsson, and Konstantinos Sagonas. 2015. Stateless Model Checking for TSO and PSO. In Tools and Algorithms for the Construction and Analysis of Systems, Christel Baier and Cesare Tinelli (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 353-367.Google Scholar
- Arm. 2018. ARM Architecture Reference Manual ARMv8, for ARMv8-A architecture profile (DDI 0487D.a). https: //static.docs.arm.com/ddi0487/da/DDI0487D_a_armv8_arm.pdfGoogle Scholar
- Haogang Chen, Daniel Ziegler, Tej Chajed, Adam Chlipala, M. Frans Kaashoek, and Nickolai Zeldovich. 2015. Using Crash Hoare Logic for Certifying the FSCQ File System. In Proceedings of the 25th Symposium on Operating Systems Principles (Monterey, California) ( SOSP '15). ACM, New York, NY, USA, 18-37. https://doi.org/10.1145/2815400.2815402 Google Scholar
Digital Library
- Edmund Clarke, Daniel Kroening, and Flavio Lerda. 2004. A Tool for Checking ANSI-C Programs. In Tools and Algorithms for the Construction and Analysis of Systems, Kurt Jensen and Andreas Podelski (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 168-176.Google Scholar
- Jeremy Condit, Edmund B. Nightingale, Christopher Frost, Engin Ipek, Benjamin Lee, Doug Burger, and Derrick Coetzee. 2009. Better I/O Through Byte-addressable, Persistent Memory. In Proceedings of the ACM SIGOPS 22Nd Symposium on Operating Systems Principles (Big Sky, Montana, USA) ( SOSP '09). ACM, New York, NY, USA, 133-146. https: //doi.org/10.1145/1629575.1629589 Google Scholar
Digital Library
- John Derrick, Simon Doherty, Brijesh Dongol, Gerhard Schellhorn, and Heike Wehrheim. 2019. Verifying Correctness of Persistent Concurrent Data Structures. In Formal Methods-The Next 30 Years, Maurice H. ter Beek, Annabelle McIver, and José N. Oliveira (Eds.). Springer International Publishing, Cham, 179-195.Google Scholar
- Thomas Dinsdale-Young, Lars Birkedal, Philippa Gardner, Matthew Parkinson, and Hongseok Yang. 2013. Views: Compositional Reasoning for Concurrent Programs. In Proceedings of the 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Rome, Italy) (POPL '13). ACM, New York, NY, USA, 287-300. https: //doi.org/10.1145/2429069.2429104 Google Scholar
Digital Library
- Thomas Dinsdale-Young, Mike Dodds, Philippa Gardner, Matthew J. Parkinson, and Viktor Vafeiadis. 2010. Concurrent Abstract Predicates. In ECOOP 2010-Object-Oriented Programming, Theo D'Hondt (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 504-528.Google Scholar
- Michal Friedman, Maurice Herlihy, Virendra Marathe, and Erez Petrank. 2018. A Persistent Lock-free Queue for Non-volatile Memory. In Proceedings of the 23rd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (Vienna, Austria) ( PPoPP '18). ACM, New York, NY, USA, 28-40. https://doi.org/10.1145/3178487.3178490 Google Scholar
Digital Library
- Vaibhav Gogte, Stephan Diestelhorst, William Wang, Satish Narayanasamy, Peter M. Chen, and Thomas F. Wenisch. 2018. Persistency for Synchronization-free Regions. In Proceedings of the 39th ACM SIGPLAN Conference on Programming Language Design and Implementation (Philadelphia, PA, USA) ( PLDI 2018). ACM, New York, NY, USA, 46-61. https: //doi.org/10.1145/3192366.3192367 Google Scholar
Digital Library
- V. Gogte, W. Wang, S. Diestelhorst, P. M. Chen, S. Narayanasamy, and T. F. Wenisch. 2020. Relaxed Persist Ordering Using Strand Persistency. In 2020 ACM/IEEE 47th Annual International Symposium on Computer Architecture (ISCA). 652-665.Google Scholar
- Shiyou Huang and Jef Huang. 2016. Maximal Causality Reduction for TSO and PSO. In Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications (Amsterdam, Netherlands) ( OOPSLA 2016). ACM, New York, NY, USA, 447-461. https://doi.org/10.1145/2983990.2984025 Google Scholar
Digital Library
- Intel. 2015. Persistent Memory Programming. http://pmem.io/Google Scholar
- Intel. 2019. 3D XPoint. https://www.intel.com/content/www/us/en/architecture-and-technology/intel-optane-technology. htmlGoogle Scholar
- Intel. 2019. Intel 64 and IA-32 Architectures Software Developer's Manual (Combined Volumes). https://software.intel.com/ sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf Order Number: 325462-069US.Google Scholar
- Joseph Izraelevitz, Hammurabi Mendes, and Michael L. Scott. 2016. Linearizability of Persistent Memory Objects Under a Full-System-Crash Failure Model. In Distributed Computing, Cyril Gavoille and David Ilcinkas (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 313-327.Google Scholar
- Joseph Izraelevitz, Jian Yang, Lu Zhang, Juno Kim, Xiao Liu, Amirsaman Memaripour, Yun Joon Soh, Zixuan Wang, Yi Xu, Subramanya R. Dulloor, Jishen Zhao, and Steven Swanson. 2019. Basic Performance Measurements of the Intel Optane DC Persistent Memory Module. arXiv: 1903. 05714 [cs.DC]Google Scholar
- Bart Jacobs and Frank Piessens. 2011. Expressive Modular Fine-Grained Concurrency Specification. SIGPLAN Not. 46, 1 (Jan. 2011 ), 271-282. https://doi.org/10.1145/1925844.1926417 Google Scholar
Digital Library
- C. B. Jones. 1983. Tentative Steps Toward a Development Method for Interfering Programs. ACM Trans. Program. Lang. Syst. 5, 4 (Oct. 1983 ), 596-619. https://doi.org/10.1145/69575.69577 Google Scholar
Digital Library
- Arpit Joshi, Vijay Nagarajan, Marcelo Cintra, and Stratis Viglas. 2015. Eficient Persist Barriers for Multicores. In Proceedings of the 48th International Symposium on Microarchitecture (Waikiki, Hawaii) (MICRO-48). ACM, New York, NY, USA, 660-671. https://doi.org/10.1145/2830772.2830805 Google Scholar
Digital Library
- Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Mumbai, India) (POPL '15). Association for Computing Machinery, New York, NY, USA, 637-650. https://doi.org/10.1145/2676726.2676980 Google Scholar
Digital Library
- J. Kaiser, Hoang-Hai Dang, D. Dreyer, O. Lahav, and Viktor Vafeiadis. 2017. Strong Logic for Weak Memory: Reasoning About Release-Acquire Consistency in Iris. In ECOOP.Google Scholar
- T. Kawahara, K. Ito, R. Takemura, and H. Ohno. 2012. Spin-transfer torque RAM technology: Review and prospect. Microelectronics Reliability 52, 4 ( 2012 ), 613-627. https://doi.org/10.1016/j.microrel. 2011. 09. 028 Advances in non-volatile memory technology. Google Scholar
Cross Ref
- Michalis Kokologiannakis, Azalea Raad, and Viktor Vafeiadis. 2019a. Efective Lock Handling in Stateless Model Checking. Proc. ACM Program. Lang. 3, OOPSLA, Article 173 (Oct. 2019 ), 26 pages. https://doi.org/10.1145/3360599 Google Scholar
Digital Library
- Michalis Kokologiannakis, Azalea Raad, and Viktor Vafeiadis. 2019b. Model Checking for Weakly Consistent Libraries. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation (Phoenix, AZ, USA) ( PLDI 2019). ACM, New York, NY, USA, 96-110. https://doi.org/10.1145/3314221.3314609 Google Scholar
Digital Library
- Aasheesh Kolli, Vaibhav Gogte, Ali Saidi, Stephan Diestelhorst, Peter M. Chen, Satish Narayanasamy, and Thomas F. Wenisch. 2017. Language-level Persistency. In Proceedings of the 44th Annual International Symposium on Computer Architecture (Toronto, ON, Canada) ( ISCA '17). ACM, New York, NY, USA, 481-493. https://doi.org/10.1145/3079856.3080229 Google Scholar
Digital Library
- Aasheesh Kolli, Jef Rosen, Stephan Diestelhorst, Ali Saidi, Steven Pelley, Sihang Liu, Peter M. Chen, and Thomas F. Wenisch. 2016. Delegated Persist Ordering. In The 49th Annual IEEE/ACM International Symposium on Microarchitecture (Taipei, Taiwan) (MICRO-49). IEEE Press, Piscataway, NJ, USA, Article 58, 13 pages. http://dl.acm.org/citation.cfm?id= 3195638. 3195709Google Scholar
- Ori Lahav and Viktor Vafeiadis. 2015. Owicki-Gries Reasoning for Weak Memory Models. In Automata, Languages, and Programming, Magnús M. Halldórsson, Kazuo Iwama, Naoki Kobayashi, and Bettina Speckmann (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 311-323.Google Scholar
- Ori Lahav, Viktor Vafeiadis, Jeehoon Kang, Chung-Kil Hur, and Derek Dreyer. 2017. Repairing Sequential Consistency in C/C++11. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation (Barcelona, Spain) ( PLDI 2017). ACM, New York, NY, USA, 618-632. https://doi.org/10.1145/3062341.3062352 Google Scholar
Digital Library
- Leslie Lamport. 1979. How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs. IEEE Trans. Computers 28, 9 (Sept. 1979 ), 690-691. https://doi.org/10.1109/TC. 1979.1675439 Google Scholar
Digital Library
- Benjamin C. Lee, Engin Ipek, Onur Mutlu, and Doug Burger. 2009. Architecting Phase Change Memory As a Scalable Dram Alternative. In Proceedings of the 36th Annual International Symposium on Computer Architecture (Austin, TX, USA) ( ISCA '09). ACM, New York, NY, USA, 2-13. https://doi.org/10.1145/1555754.1555758 Google Scholar
Digital Library
- Aleksandar Nanevski, Ruy Ley-Wild, Ilya Sergey, and Germán Andrés Delbianco. 2014. Communicating State Transition Systems for Fine-Grained Concurrent Resources. In Programming Languages and Systems, Zhong Shao (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 290-310.Google Scholar
- Faisal Nawab, Joseph Izraelevitz, Terence Kelly, Charles B. Morrey, Dhruva R. Chakrabarti, and Michael James Scott. 2017. Dalí: A Periodically Persistent Hash Map. In DISC.Google Scholar
- Gian Ntzik, Pedro da Rocha Pinto, and Philippa Gardner. 2015. Fault-Tolerant Resource Reasoning. In Programming Languages and Systems, Xinyu Feng and Sungwoo Park (Eds.). Springer International Publishing, Cham, 169-188.Google Scholar
- Susan Owicki and David Gries. 1976. An axiomatic proof technique for parallel programs I. Acta Informatica 6, 4 ( 01 Dec 1976 ), 319-340. https://doi.org/10.1007/BF00268134 Google Scholar
Digital Library
- Steven Pelley, Peter M. Chen, and Thomas F. Wenisch. 2014. Memory Persistency. In Proceeding of the 41st Annual International Symposium on Computer Architecuture (Minneapolis, Minnesota, USA) ( ISCA '14). IEEE Press, Piscataway, NJ, USA, 265-276. http://dl.acm.org/citation.cfm?id= 2665671. 2665712Google Scholar
- Azalea Raad and Viktor Vafeiadis. 2018. Persistence Semantics for Weak Memory: Integrating Epoch Persistency with the TSO Memory Model. Proc. ACM Program. Lang. 2, OOPSLA, Article 137 (Oct. 2018 ), 27 pages. https://doi.org/10.1145/3276507 Google Scholar
Digital Library
- Azalea Raad, Jules Villard, and Philippa Gardner. 2015. CoLoSL: Concurrent Local Subjective Logic. In Proceedings of the 24th European Symposium on Programming (ESOP'15) (Lecture Notes in Computer Science), Jan Vitek (Ed.), Vol. 9032. Springer, 710-735.Google Scholar
Cross Ref
- Azalea Raad, John Wickerson, Gil Neiger, and Viktor Vafeiadis. 2020. Persistency Semantics of the Intel-x86 Architecture. Proc. ACM Program. Lang. 4, POPL, Article 11 ( Jan. 2020 ), 31 pages. https://doi.org/10.1145/3371079 Google Scholar
Digital Library
- Azalea Raad, John Wickerson, and Viktor Vafeiadis. 2019. Weak Persistency Semantics from the Ground Up: Formalising the Persistency Semantics of ARMv8 and Transactional Models. Proc. ACM Program. Lang. 3, OOPSLA, Article 135 (Oct. 2019 ), 27 pages. https://doi.org/10.1145/3360561 Google Scholar
Digital Library
- Peter Sewell, Susmit Sarkar, Scott Owens, Francesco Zappa Nardelli, and Magnus O. Myreen. 2010. X86-TSO: A Rigorous and Usable Programmer's Model for x86 Multiprocessors. Commun. ACM 53, 7 ( July 2010 ), 89-97. https://doi.org/10. 1145/1785414.1785443 Google Scholar
Digital Library
- Filip Sieczkowski, Kasper Svendsen, Lars Birkedal, and Jean Pichon-Pharabod. 2015. A Separation Logic for Fictional Sequential Consistency. In Programming Languages and Systems, Jan Vitek (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 736-761.Google Scholar
- D. B. Strukov, G. S. Snider, D. R. Stewart, and R. S. Williams. 2008. The missing memristor found. Nature 453 ( 2008 ), 80-83.Google Scholar
- Kasper Svendsen, Jean Pichon-Pharabod, Marko Doko, Ori Lahav, and Viktor Vafeiadis. 2018. A Separation Logic for a Promising Semantics. In Programming Languages and Systems, Amal Ahmed (Ed.). Springer International Publishing, Cham, 357-384.Google Scholar
- Aaron Turon, Viktor Vafeiadis, and Derek Dreyer. 2014. GPS: Navigating Weak Memory with Ghosts, Protocols, and Separation. In Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications (Portland, Oregon, USA) ( OOPSLA '14). ACM, New York, NY, USA, 691-707. https://doi.org/10.1145/ 2660193.2660243 Google Scholar
Digital Library
- Viktor Vafeiadis and Chinmay Narayan. 2013. Relaxed Separation Logic: A Program Logic for C11 Concurrency. In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications. 867-884.Google Scholar
Digital Library
- Yoav Zuriel, Michal Friedman, Gali Shefi, Nachshon Cohen, and Erez Petrank. 2019. Eficient Lock-free Durable Sets. Proc. ACM Program. Lang. 3, OOPSLA, Article 128 (Oct. 2019 ), 26 pages. https://doi.org/10.1145/3360554 Google Scholar
Digital Library
Index Terms
Persistent Owicki-Gries reasoning: a program logic for reasoning about persistent programs on Intel-x86
Recommendations
Taming x86-TSO persistency
We study the formal semantics of non-volatile memory in the x86-TSO architecture. We show that while the explicit persist operations in the recent model of Raad et al. from POPL'20 only enforce order between writes to the non-volatile memory, it is ...
NVM duet: unified working memory and persistent store architecture
ASPLOS '14: Proceedings of the 19th international conference on Architectural support for programming languages and operating systemsEmerging non-volatile memory (NVM) technologies have gained a lot of attention recently. The byte-addressability and high density of NVM enable computer architects to build large-scale main memory systems. NVM has also been shown to be a promising ...
View-Based Owicki–Gries Reasoning for Persistent x86-TSO
Programming Languages and SystemsAbstractThe rise of persistent memory is disrupting computing to its core. Our work aims to help programmers navigate this brave new world by providing a program logic for reasoning about x86 code that uses low-level operations such as memory accesses and ...






Comments